Merge.
authorblanchet
Wed Mar 04 11:05:29 2009 +0100 (2009-03-04)
changeset 30242aea5d7fa7ef5
parent 30241 3a1aef73b2b2
parent 30236 e70dae49dc57
child 30244 48543b307e99
child 30251 7aec011818e0
child 30257 06b2d7f9f64b
Merge.
doc-src/AxClass/Group/Group.thy
doc-src/AxClass/Group/Product.thy
doc-src/AxClass/Group/ROOT.ML
doc-src/AxClass/Group/Semigroups.thy
doc-src/AxClass/Group/document/Group.tex
doc-src/AxClass/Group/document/Product.tex
doc-src/AxClass/Group/document/Semigroups.tex
doc-src/AxClass/IsaMakefile
doc-src/AxClass/Makefile
doc-src/AxClass/Nat/NatClass.thy
doc-src/AxClass/Nat/ROOT.ML
doc-src/AxClass/Nat/document/NatClass.tex
doc-src/AxClass/axclass.tex
doc-src/AxClass/body.tex
doc-src/IsarAdvanced/Classes/IsaMakefile
doc-src/IsarAdvanced/Classes/Makefile
doc-src/IsarAdvanced/Classes/Thy/Classes.thy
doc-src/IsarAdvanced/Classes/Thy/ROOT.ML
doc-src/IsarAdvanced/Classes/Thy/Setup.thy
doc-src/IsarAdvanced/Classes/Thy/document/Classes.tex
doc-src/IsarAdvanced/Classes/classes.tex
doc-src/IsarAdvanced/Classes/style.sty
doc-src/IsarAdvanced/Codegen/IsaMakefile
doc-src/IsarAdvanced/Codegen/Makefile
doc-src/IsarAdvanced/Codegen/Thy/Adaption.thy
doc-src/IsarAdvanced/Codegen/Thy/Codegen.thy
doc-src/IsarAdvanced/Codegen/Thy/Further.thy
doc-src/IsarAdvanced/Codegen/Thy/Introduction.thy
doc-src/IsarAdvanced/Codegen/Thy/ML.thy
doc-src/IsarAdvanced/Codegen/Thy/Program.thy
doc-src/IsarAdvanced/Codegen/Thy/ROOT.ML
doc-src/IsarAdvanced/Codegen/Thy/Setup.thy
doc-src/IsarAdvanced/Codegen/Thy/document/Adaption.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Codegen.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Further.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Introduction.tex
doc-src/IsarAdvanced/Codegen/Thy/document/ML.tex
doc-src/IsarAdvanced/Codegen/Thy/document/Program.tex
doc-src/IsarAdvanced/Codegen/Thy/examples/Codegen.hs
doc-src/IsarAdvanced/Codegen/Thy/examples/Example.hs
doc-src/IsarAdvanced/Codegen/Thy/examples/arbitrary.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_infix.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_literal.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/bool_mlbool.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/class.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/class.ocaml
doc-src/IsarAdvanced/Codegen/Thy/examples/collect_duplicates.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/dirty_set.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/example.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/fac.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/integers.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/lexicographic.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/lookup.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/monotype.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/nat_binary.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/pick1.ML
doc-src/IsarAdvanced/Codegen/Thy/examples/tree.ML
doc-src/IsarAdvanced/Codegen/codegen.tex
doc-src/IsarAdvanced/Codegen/codegen_process.pdf
doc-src/IsarAdvanced/Codegen/codegen_process.ps
doc-src/IsarAdvanced/Codegen/style.sty
doc-src/IsarAdvanced/Functions/IsaMakefile
doc-src/IsarAdvanced/Functions/Makefile
doc-src/IsarAdvanced/Functions/Thy/Functions.thy
doc-src/IsarAdvanced/Functions/Thy/ROOT.ML
doc-src/IsarAdvanced/Functions/Thy/document/Functions.tex
doc-src/IsarAdvanced/Functions/Thy/document/session.tex
doc-src/IsarAdvanced/Functions/conclusion.tex
doc-src/IsarAdvanced/Functions/functions.tex
doc-src/IsarAdvanced/Functions/intro.tex
doc-src/IsarAdvanced/Functions/isabelle_isar.eps
doc-src/IsarAdvanced/Functions/isabelle_isar.pdf
doc-src/IsarAdvanced/Functions/mathpartir.sty
doc-src/IsarAdvanced/Functions/style.sty
doc-src/IsarAdvanced/Makefile.in
doc-src/IsarImplementation/Thy/ROOT.ML
doc-src/IsarImplementation/Thy/base.thy
doc-src/IsarImplementation/Thy/document/ML.tex
doc-src/IsarImplementation/Thy/document/base.tex
doc-src/IsarImplementation/Thy/document/integration.tex
doc-src/IsarImplementation/Thy/document/isar.tex
doc-src/IsarImplementation/Thy/document/locale.tex
doc-src/IsarImplementation/Thy/document/logic.tex
doc-src/IsarImplementation/Thy/document/prelim.tex
doc-src/IsarImplementation/Thy/document/proof.tex
doc-src/IsarImplementation/Thy/document/session.tex
doc-src/IsarImplementation/Thy/document/tactic.tex
doc-src/IsarImplementation/Thy/integration.thy
doc-src/IsarImplementation/Thy/isar.thy
doc-src/IsarImplementation/Thy/locale.thy
doc-src/IsarImplementation/Thy/logic.thy
doc-src/IsarImplementation/Thy/prelim.thy
doc-src/IsarImplementation/Thy/proof.thy
doc-src/IsarImplementation/Thy/tactic.thy
doc-src/IsarImplementation/Thy/unused.thy
doc-src/IsarImplementation/checkglossary
doc-src/IsarImplementation/implementation.tex
doc-src/IsarImplementation/intro.tex
doc-src/IsarImplementation/makeglossary
doc-src/IsarImplementation/style.sty
doc-src/IsarOverview/Isar/document/.cvsignore
doc-src/IsarRef/IsaMakefile
doc-src/IsarRef/Thy/HOL_Specific.thy
doc-src/IsarRef/Thy/Introduction.thy
doc-src/IsarRef/Thy/Outer_Syntax.thy
doc-src/IsarRef/Thy/Proof.thy
doc-src/IsarRef/Thy/Quick_Reference.thy
doc-src/IsarRef/Thy/ROOT.ML
doc-src/IsarRef/Thy/Spec.thy
doc-src/IsarRef/Thy/Symbols.thy
doc-src/IsarRef/Thy/document/Inner_Syntax.tex
doc-src/IsarRef/Thy/document/Introduction.tex
doc-src/IsarRef/Thy/document/Outer_Syntax.tex
doc-src/IsarRef/Thy/document/Proof.tex
doc-src/IsarRef/Thy/document/Quick_Reference.tex
doc-src/IsarRef/Thy/document/Spec.tex
doc-src/IsarRef/Thy/document/Symbols.tex
doc-src/IsarRef/isar-ref.tex
doc-src/IsarRef/style.sty
doc-src/Locales/.cvsignore
doc-src/Ref/goals.tex
doc-src/Ref/ref.tex
doc-src/Ref/theory-syntax.tex
doc-src/TutorialI/Types/Numbers.thy
doc-src/TutorialI/Types/document/Numbers.tex
doc-src/TutorialI/Types/numerics.tex
doc-src/antiquote_setup.ML
doc-src/manual.bib
doc/Contents
etc/settings
lib/Tools/codegen
lib/browser/.cvsignore
lib/browser/GraphBrowser/.cvsignore
lib/browser/awtUtilities/.cvsignore
src/FOL/IFOL.thy
src/FOL/IsaMakefile
src/FOL/ex/IffOracle.thy
src/FOL/ex/NatClass.thy
src/HOL/Algebra/Exponent.thy
src/HOL/AxClasses/Group.thy
src/HOL/AxClasses/Lattice/OrdInsts.thy
src/HOL/AxClasses/Product.thy
src/HOL/AxClasses/README.html
src/HOL/AxClasses/ROOT.ML
src/HOL/AxClasses/Semigroups.thy
src/HOL/Decision_Procs/MIR.thy
src/HOL/Decision_Procs/cooper_tac.ML
src/HOL/Decision_Procs/ferrack_tac.ML
src/HOL/Decision_Procs/mir_tac.ML
src/HOL/Deriv.thy
src/HOL/Divides.thy
src/HOL/Fact.thy
src/HOL/FrechetDeriv.thy
src/HOL/GCD.thy
src/HOL/Groebner_Basis.thy
src/HOL/HOL.thy
src/HOL/Int.thy
src/HOL/IntDiv.thy
src/HOL/IsaMakefile
src/HOL/Library/Euclidean_Space.thy
src/HOL/Library/Float.thy
src/HOL/Library/Fundamental_Theorem_Algebra.thy
src/HOL/Library/Library.thy
src/HOL/Library/Numeral_Type.thy
src/HOL/Library/Permutations.thy
src/HOL/Library/Pocklington.thy
src/HOL/Library/Primes.thy
src/HOL/List.thy
src/HOL/Nat.thy
src/HOL/NatBin.thy
src/HOL/Nominal/Nominal.thy
src/HOL/Nominal/nominal_inductive.ML
src/HOL/Nominal/nominal_inductive2.ML
src/HOL/NumberTheory/Chinese.thy
src/HOL/NumberTheory/IntPrimes.thy
src/HOL/Polynomial.thy
src/HOL/Power.thy
src/HOL/Presburger.thy
src/HOL/RComplete.thy
src/HOL/Rational.thy
src/HOL/RealDef.thy
src/HOL/RealVector.thy
src/HOL/Ring_and_Field.thy
src/HOL/SEQ.thy
src/HOL/SetInterval.thy
src/HOL/Tools/Qelim/presburger.ML
src/HOL/Tools/atp_wrapper.ML
src/HOL/Tools/datatype_codegen.ML
src/HOL/Tools/datatype_package.ML
src/HOL/Tools/inductive_package.ML
src/HOL/Tools/inductive_set_package.ML
src/HOL/Tools/int_factor_simprocs.ML
src/HOL/Tools/refute.ML
src/HOL/Tools/res_atp.ML
src/HOL/Tools/res_clause.ML
src/HOL/Tools/res_hol_clause.ML
src/HOL/Tools/specification_package.ML
src/HOL/Transitive_Closure.thy
src/HOL/Word/Num_Lemmas.thy
src/HOLCF/Tools/domain/domain_axioms.ML
src/HOLCF/Tools/fixrec_package.ML
src/Provers/blast.ML
src/Provers/coherent.ML
src/Provers/eqsubst.ML
src/Provers/project_rule.ML
src/Pure/General/binding.ML
src/Pure/General/name_space.ML
src/Pure/IsaMakefile
src/Pure/Isar/ROOT.ML
src/Pure/Isar/attrib.ML
src/Pure/Isar/class.ML
src/Pure/Isar/code.ML
src/Pure/Isar/constdefs.ML
src/Pure/Isar/element.ML
src/Pure/Isar/expression.ML
src/Pure/Isar/find_consts.ML
src/Pure/Isar/find_theorems.ML
src/Pure/Isar/isar.ML
src/Pure/Isar/isar_cmd.ML
src/Pure/Isar/isar_syn.ML
src/Pure/Isar/local_defs.ML
src/Pure/Isar/method.ML
src/Pure/Isar/obtain.ML
src/Pure/Isar/proof_context.ML
src/Pure/Isar/session.ML
src/Pure/Isar/theory_target.ML
src/Pure/ML-Systems/alice.ML
src/Pure/Proof/reconstruct.ML
src/Pure/Tools/ROOT.ML
src/Pure/Tools/isabelle_process.ML
src/Pure/Tools/isabelle_process.scala
src/Pure/Tools/isabelle_system.scala
src/Pure/pure_thy.ML
src/Pure/sign.ML
src/Pure/sorts.ML
src/Pure/term.ML
src/Tools/auto_solve.ML
src/Tools/code/code_funcgr.ML
src/Tools/code/code_funcgr_new.ML
src/Tools/code/code_target.ML
src/Tools/code/code_thingol.ML
src/ZF/Tools/inductive_package.ML
     1.1 --- a/Admin/CHECKLIST	Wed Mar 04 11:05:02 2009 +0100
     1.2 +++ b/Admin/CHECKLIST	Wed Mar 04 11:05:29 2009 +0100
     1.3 @@ -1,7 +1,7 @@
     1.4  Checklist for official releases
     1.5  ===============================
     1.6  
     1.7 -- test alice, mosml, polyml-5.0, polyml-4.1.3, polyml-4.1.4, polyml-4.2.0, x86-solaris, x86-cygwin;
     1.8 +- test mosml, polyml-5.0, polyml-4.1.3, polyml-4.1.4, polyml-4.2.0, x86-solaris, x86-cygwin;
     1.9  
    1.10  - test ProofGeneral;
    1.11  
     2.1 --- a/Admin/isatest/isatest-stats	Wed Mar 04 11:05:02 2009 +0100
     2.2 +++ b/Admin/isatest/isatest-stats	Wed Mar 04 11:05:29 2009 +0100
     2.3 @@ -16,6 +16,7 @@
     2.4    HOL-Algebra \
     2.5    HOL-Auth \
     2.6    HOL-Bali \
     2.7 +  HOL-Decision_Procs \
     2.8    HOL-Extraction \
     2.9    HOL-Hoare \
    2.10    HOL-HoareParallel \
     3.1 --- a/Admin/isatest/settings/sun-poly	Wed Mar 04 11:05:02 2009 +0100
     3.2 +++ b/Admin/isatest/settings/sun-poly	Wed Mar 04 11:05:29 2009 +0100
     3.3 @@ -4,7 +4,7 @@
     3.4    ML_SYSTEM="polyml-5.1"
     3.5    ML_PLATFORM="sparc-solaris"
     3.6    ML_HOME="$POLYML_HOME/$ML_PLATFORM"
     3.7 -  ML_OPTIONS="-H 1500"
     3.8 +  ML_OPTIONS="-H 800"
     3.9  
    3.10  ISABELLE_HOME_USER=/tmp/isabelle-sun-poly
    3.11  
     4.1 --- a/Admin/makedist	Wed Mar 04 11:05:02 2009 +0100
     4.2 +++ b/Admin/makedist	Wed Mar 04 11:05:29 2009 +0100
     4.3 @@ -4,7 +4,7 @@
     4.4  
     4.5  ## global settings
     4.6  
     4.7 -REPOS="https://isabelle.in.tum.de/repos/isabelle"
     4.8 +REPOS="http://isabelle.in.tum.de/repos/isabelle"
     4.9  
    4.10  DISTPREFIX=${DISTPREFIX:-~/tmp/isadist}
    4.11  
    4.12 @@ -156,7 +156,7 @@
    4.13  rm doc/codegen_process.pdf
    4.14  rm -rf doc-src
    4.15  
    4.16 -mkdir contrib
    4.17 +mkdir -p contrib
    4.18  
    4.19  cp doc/isabelle*.eps lib/logo
    4.20  
     5.1 --- a/CONTRIBUTORS	Wed Mar 04 11:05:02 2009 +0100
     5.2 +++ b/CONTRIBUTORS	Wed Mar 04 11:05:29 2009 +0100
     5.3 @@ -7,10 +7,16 @@
     5.4  Contributions to this Isabelle version
     5.5  --------------------------------------
     5.6  
     5.7 -* February 2008: Timothy Bourke, NICTA
     5.8 +* February 2009: Filip Maric, Univ. of Belgrade
     5.9 +  A Serbian theory.
    5.10 +
    5.11 +* February 2009: Jasmin Christian Blanchette, TUM
    5.12 +  Misc cleanup of HOL/refute.
    5.13 +
    5.14 +* February 2009: Timothy Bourke, NICTA
    5.15    New find_consts command.
    5.16  
    5.17 -* February 2008: Timothy Bourke, NICTA
    5.18 +* February 2009: Timothy Bourke, NICTA
    5.19    "solves" criterion for find_theorems and auto_solve option
    5.20  
    5.21  * December 2008: Clemens Ballarin, TUM
    5.22 @@ -31,6 +37,9 @@
    5.23    processes.  Additional ATP wrappers, including remote SystemOnTPTP
    5.24    services.
    5.25  
    5.26 +* September 2008: Stefan Berghofer, TUM and Marc Bezem, Univ. Bergen
    5.27 +  Prover for coherent logic.
    5.28 +
    5.29  * August 2008: Fabian Immler, TUM
    5.30    Vampire wrapper script for remote SystemOnTPTP service.
    5.31  
    5.32 @@ -46,7 +55,7 @@
    5.33    HOLCF library improvements.
    5.34  
    5.35  * 2007/2008: Stefan Berghofer, TUM
    5.36 -  HOL-Nominal package improvements.  
    5.37 +  HOL-Nominal package improvements.
    5.38  
    5.39  * March 2008: Markus Reiter, TUM
    5.40    HOL/Library/RBT: red-black trees.
     6.1 --- a/NEWS	Wed Mar 04 11:05:02 2009 +0100
     6.2 +++ b/NEWS	Wed Mar 04 11:05:29 2009 +0100
     6.3 @@ -6,6 +6,10 @@
     6.4  
     6.5  *** General ***
     6.6  
     6.7 +* The main reference manuals (isar-ref, implementation, system) have
     6.8 +been updated and extended.  Formally checked references as hyperlinks
     6.9 +are now available in uniform manner.
    6.10 +
    6.11  * Simplified main Isabelle executables, with less surprises on
    6.12  case-insensitive file-systems (such as Mac OS).
    6.13  
    6.14 @@ -47,9 +51,6 @@
    6.15  regular 4-core machine, if the initial heap space is made reasonably
    6.16  large (cf. Poly/ML option -H).  [Poly/ML 5.2.1 or later]
    6.17  
    6.18 -* The Isabelle System Manual (system) has been updated, with formally
    6.19 -checked references as hyperlinks.
    6.20 -
    6.21  * Generalized Isar history, with support for linear undo, direct state
    6.22  addressing etc.
    6.23  
    6.24 @@ -63,6 +64,8 @@
    6.25  * There is a new syntactic category "float_const" for signed decimal
    6.26  fractions (e.g. 123.45 or -123.45).
    6.27  
    6.28 +* New prover for coherent logic (see src/Tools/coherent.ML).
    6.29 +
    6.30  
    6.31  *** Pure ***
    6.32  
    6.33 @@ -111,30 +114,32 @@
    6.34    unify_trace_bound = 50 (formerly 25)
    6.35    unify_search_bound = 60 (formerly 30)
    6.36  
    6.37 -* Different bookkeeping for code equations:
    6.38 -  a) On theory merge, the last set of code equations for a particular constant
    6.39 -     is taken (in accordance with the policy applied by other parts of the
    6.40 -     code generator framework).
    6.41 -  b) Code equations stemming from explicit declarations (e.g. code attribute)
    6.42 -     gain priority over default code equations stemming from definition, primrec,
    6.43 -     fun etc.
    6.44 -  INCOMPATIBILITY.
    6.45 -
    6.46 -* Global versions of theorems stemming from classes do not carry
    6.47 -a parameter prefix any longer.  INCOMPATIBILITY.
    6.48 +* Different bookkeeping for code equations (INCOMPATIBILITY):
    6.49 +
    6.50 +  a) On theory merge, the last set of code equations for a particular
    6.51 +     constant is taken (in accordance with the policy applied by other
    6.52 +     parts of the code generator framework).
    6.53 +
    6.54 +  b) Code equations stemming from explicit declarations (e.g. code
    6.55 +     attribute) gain priority over default code equations stemming
    6.56 +     from definition, primrec, fun etc.
    6.57 +
    6.58 +* Global versions of theorems stemming from classes do not carry a
    6.59 +parameter prefix any longer.  INCOMPATIBILITY.
    6.60  
    6.61  * Dropped locale element "includes".  This is a major INCOMPATIBILITY.
    6.62  In existing theorem specifications replace the includes element by the
    6.63 -respective context elements of the included locale, omitting those that
    6.64 -are already present in the theorem specification.  Multiple assume
    6.65 -elements of a locale should be replaced by a single one involving the
    6.66 -locale predicate.  In the proof body, declarations (most notably
    6.67 -theorems) may be regained by interpreting the respective locales in the
    6.68 -proof context as required (command "interpret").
    6.69 +respective context elements of the included locale, omitting those
    6.70 +that are already present in the theorem specification.  Multiple
    6.71 +assume elements of a locale should be replaced by a single one
    6.72 +involving the locale predicate.  In the proof body, declarations (most
    6.73 +notably theorems) may be regained by interpreting the respective
    6.74 +locales in the proof context as required (command "interpret").
    6.75 +
    6.76  If using "includes" in replacement of a target solely because the
    6.77  parameter types in the theorem are not as general as in the target,
    6.78 -consider declaring a new locale with additional type constraints on the
    6.79 -parameters (context element "constrains").
    6.80 +consider declaring a new locale with additional type constraints on
    6.81 +the parameters (context element "constrains").
    6.82  
    6.83  * Dropped "locale (open)".  INCOMPATIBILITY.
    6.84  
    6.85 @@ -145,9 +150,9 @@
    6.86  * Interpretation commands no longer accept interpretation attributes.
    6.87  INCOMPATBILITY.
    6.88  
    6.89 -* Complete re-implementation of locales.  INCOMPATIBILITY.
    6.90 -The most important changes are listed below.  See documentation
    6.91 -(forthcoming) and tutorial (also forthcoming) for details.
    6.92 +* Complete re-implementation of locales.  INCOMPATIBILITY.  The most
    6.93 +important changes are listed below.  See documentation (forthcoming)
    6.94 +and tutorial (also forthcoming) for details.
    6.95  
    6.96  - In locale expressions, instantiation replaces renaming.  Parameters
    6.97  must be declared in a for clause.  To aid compatibility with previous
    6.98 @@ -161,15 +166,15 @@
    6.99  
   6.100  - More flexible mechanisms to qualify names generated by locale
   6.101  expressions.  Qualifiers (prefixes) may be specified in locale
   6.102 -expressions.  Available are normal qualifiers (syntax "name:") and strict
   6.103 -qualifiers (syntax "name!:").  The latter must occur in name references
   6.104 -and are useful to avoid accidental hiding of names, the former are
   6.105 -optional.  Qualifiers derived from the parameter names of a locale are no
   6.106 -longer generated.
   6.107 -
   6.108 -- "sublocale l < e" replaces "interpretation l < e".  The instantiation
   6.109 -clause in "interpretation" and "interpret" (square brackets) is no
   6.110 -longer available.  Use locale expressions.
   6.111 +expressions.  Available are normal qualifiers (syntax "name:") and
   6.112 +strict qualifiers (syntax "name!:").  The latter must occur in name
   6.113 +references and are useful to avoid accidental hiding of names, the
   6.114 +former are optional.  Qualifiers derived from the parameter names of a
   6.115 +locale are no longer generated.
   6.116 +
   6.117 +- "sublocale l < e" replaces "interpretation l < e".  The
   6.118 +instantiation clause in "interpretation" and "interpret" (square
   6.119 +brackets) is no longer available.  Use locale expressions.
   6.120  
   6.121  - When converting proof scripts, be sure to replace qualifiers in
   6.122  "interpretation" and "interpret" by strict qualifiers.  Qualifiers in
   6.123 @@ -183,8 +188,8 @@
   6.124  * The 'axiomatization' command now only works within a global theory
   6.125  context.  INCOMPATIBILITY.
   6.126  
   6.127 -* New find_theorems criterion "solves" matching theorems that
   6.128 -directly solve the current goal. Try "find_theorems solves".
   6.129 +* New find_theorems criterion "solves" matching theorems that directly
   6.130 +solve the current goal. Try "find_theorems solves".
   6.131  
   6.132  * Added an auto solve option, which can be enabled through the
   6.133  ProofGeneral Isabelle settings menu (disabled by default).
   6.134 @@ -193,14 +198,15 @@
   6.135  stated. Any theorems that could solve the lemma directly are listed
   6.136  underneath the goal.
   6.137  
   6.138 -* New command find_consts searches for constants based on type and name 
   6.139 -patterns, e.g.
   6.140 +* New command find_consts searches for constants based on type and
   6.141 +name patterns, e.g.
   6.142  
   6.143      find_consts "_ => bool"
   6.144  
   6.145 -By default, matching is against subtypes, but it may be restricted to the
   6.146 -whole type. Searching by name is possible. Multiple queries are conjunctive
   6.147 -and queries may be negated by prefixing them with a hyphen:
   6.148 +By default, matching is against subtypes, but it may be restricted to
   6.149 +the whole type. Searching by name is possible. Multiple queries are
   6.150 +conjunctive and queries may be negated by prefixing them with a
   6.151 +hyphen:
   6.152  
   6.153      find_consts strict: "_ => bool" name: "Int" -"int => int"
   6.154  
   6.155 @@ -240,7 +246,7 @@
   6.156      src/HOL/Library/Order_Relation.thy ~> src/HOL/
   6.157      src/HOL/Library/Parity.thy ~> src/HOL/
   6.158      src/HOL/Library/Univ_Poly.thy ~> src/HOL/
   6.159 -    src/HOL/Real/ContNotDenum.thy ~> src/HOL/
   6.160 +    src/HOL/Real/ContNotDenum.thy ~> src/HOL/Library/
   6.161      src/HOL/Real/Lubs.thy ~> src/HOL/
   6.162      src/HOL/Real/PReal.thy ~> src/HOL/
   6.163      src/HOL/Real/Rational.thy ~> src/HOL/
   6.164 @@ -250,8 +256,8 @@
   6.165      src/HOL/Real/Real.thy ~> src/HOL/
   6.166      src/HOL/Complex/Complex_Main.thy ~> src/HOL/
   6.167      src/HOL/Complex/Complex.thy ~> src/HOL/
   6.168 -    src/HOL/Complex/FrechetDeriv.thy ~> src/HOL/
   6.169 -    src/HOL/Complex/Fundamental_Theorem_Algebra.thy ~> src/HOL/
   6.170 +    src/HOL/Complex/FrechetDeriv.thy ~> src/HOL/Library/
   6.171 +    src/HOL/Complex/Fundamental_Theorem_Algebra.thy ~> src/HOL/Library/
   6.172      src/HOL/Hyperreal/Deriv.thy ~> src/HOL/
   6.173      src/HOL/Hyperreal/Fact.thy ~> src/HOL/
   6.174      src/HOL/Hyperreal/Integration.thy ~> src/HOL/
   6.175 @@ -312,7 +318,7 @@
   6.176  process.  New thread-based implementation also works on non-Unix
   6.177  platforms (Cygwin).  Provers are no longer hardwired, but defined
   6.178  within the theory via plain ML wrapper functions.  Basic Sledgehammer
   6.179 -commands are covered in the isar-ref manual
   6.180 +commands are covered in the isar-ref manual.
   6.181  
   6.182  * Wrapper scripts for remote SystemOnTPTP service allows to use
   6.183  sledgehammer without local ATP installation (Vampire etc.).  See also
   6.184 @@ -342,6 +348,9 @@
   6.185  etc. slightly changed.  Some theorems named order_class.* now named
   6.186  preorder_class.*.
   6.187  
   6.188 +* HOL/Relation:
   6.189 +Renamed "refl" to "refl_on", "reflexive" to "refl, "diag" to "Id_on".
   6.190 +
   6.191  * HOL/Finite_Set: added a new fold combinator of type
   6.192    ('a => 'b => 'b) => 'b => 'a set => 'b
   6.193  Occasionally this is more convenient than the old fold combinator which is
   6.194 @@ -367,10 +376,60 @@
   6.195      mult_div ~>             div_mult_self2_is_id
   6.196      mult_mod ~>             mod_mult_self2_is_0
   6.197  
   6.198 +* HOL/IntDiv: removed many lemmas that are instances of class-based
   6.199 +generalizations (from Divides and Ring_and_Field).
   6.200 +INCOMPATIBILITY. Rename old lemmas as follows:
   6.201 +
   6.202 +dvd_diff               -> nat_dvd_diff
   6.203 +dvd_zminus_iff         -> dvd_minus_iff
   6.204 +mod_add1_eq            -> mod_add_eq
   6.205 +mod_mult1_eq           -> mod_mult_right_eq
   6.206 +mod_mult1_eq'          -> mod_mult_left_eq
   6.207 +mod_mult_distrib_mod   -> mod_mult_eq
   6.208 +nat_mod_add_left_eq    -> mod_add_left_eq
   6.209 +nat_mod_add_right_eq   -> mod_add_right_eq
   6.210 +nat_mod_div_trivial    -> mod_div_trivial
   6.211 +nat_mod_mod_trivial    -> mod_mod_trivial
   6.212 +zdiv_zadd_self1        -> div_add_self1
   6.213 +zdiv_zadd_self2        -> div_add_self2
   6.214 +zdiv_zmult_self1       -> div_mult_self2_is_id
   6.215 +zdiv_zmult_self2       -> div_mult_self1_is_id
   6.216 +zdvd_triv_left         -> dvd_triv_left
   6.217 +zdvd_triv_right        -> dvd_triv_right
   6.218 +zdvd_zmult_cancel_disj -> dvd_mult_cancel_left
   6.219 +zmod_eq0_zdvd_iff      -> dvd_eq_mod_eq_0[symmetric]
   6.220 +zmod_zadd_left_eq      -> mod_add_left_eq
   6.221 +zmod_zadd_right_eq     -> mod_add_right_eq
   6.222 +zmod_zadd_self1        -> mod_add_self1
   6.223 +zmod_zadd_self2        -> mod_add_self2
   6.224 +zmod_zadd1_eq          -> mod_add_eq
   6.225 +zmod_zdiff1_eq         -> mod_diff_eq
   6.226 +zmod_zdvd_zmod         -> mod_mod_cancel
   6.227 +zmod_zmod_cancel       -> mod_mod_cancel
   6.228 +zmod_zmult_self1       -> mod_mult_self2_is_0
   6.229 +zmod_zmult_self2       -> mod_mult_self1_is_0
   6.230 +zmod_1                 -> mod_by_1
   6.231 +zdiv_1                 -> div_by_1
   6.232 +zdvd_abs1              -> abs_dvd_iff
   6.233 +zdvd_abs2              -> dvd_abs_iff
   6.234 +zdvd_refl              -> dvd_refl
   6.235 +zdvd_trans             -> dvd_trans
   6.236 +zdvd_zadd              -> dvd_add
   6.237 +zdvd_zdiff             -> dvd_diff
   6.238 +zdvd_zminus_iff        -> dvd_minus_iff
   6.239 +zdvd_zminus2_iff       -> minus_dvd_iff
   6.240 +zdvd_zmultD            -> dvd_mult_right
   6.241 +zdvd_zmultD2           -> dvd_mult_left
   6.242 +zdvd_zmult_mono        -> mult_dvd_mono
   6.243 +zdvd_0_right           -> dvd_0_right
   6.244 +zdvd_0_left            -> dvd_0_left_iff
   6.245 +zdvd_1_left            -> one_dvd
   6.246 +zminus_dvd_iff         -> minus_dvd_iff
   6.247 +
   6.248  * HOL/Library/GCD: Curried operations gcd, lcm (for nat) and zgcd,
   6.249  zlcm (for int); carried together from various gcd/lcm developements in
   6.250  the HOL Distribution.  zgcd and zlcm replace former igcd and ilcm;
   6.251 -corresponding theorems renamed accordingly.  INCOMPATIBILY.  To
   6.252 +corresponding theorems renamed accordingly.  INCOMPATIBILITY.  To
   6.253  recover tupled syntax, use syntax declarations like:
   6.254  
   6.255      hide (open) const gcd
   6.256 @@ -384,7 +443,7 @@
   6.257  * HOL/Real/Rational: 'Fract k 0' now equals '0'.  INCOMPATIBILITY.
   6.258  
   6.259  * The real numbers offer decimal input syntax: 12.34 is translated into
   6.260 -  1234/10^4. This translation is not reversed upon output.
   6.261 +  1234/10^2. This translation is not reversed upon output.
   6.262  
   6.263  * New ML antiquotation @{code}: takes constant as argument, generates
   6.264  corresponding code in background and inserts name of the corresponding
   6.265 @@ -441,6 +500,9 @@
   6.266      Suc_Suc_eq                  ~> nat.inject
   6.267      Suc_not_Zero Zero_not_Suc   ~> nat.distinct
   6.268  
   6.269 +* The option datatype has been moved to a new theory HOL/Option.thy.
   6.270 +Renamed option_map to Option.map.
   6.271 +
   6.272  * Library/Nat_Infinity: added addition, numeral syntax and more
   6.273  instantiations for algebraic structures.  Removed some duplicate
   6.274  theorems.  Changes in simp rules.  INCOMPATIBILITY.
   6.275 @@ -452,9 +514,8 @@
   6.276  *** HOL-Algebra ***
   6.277  
   6.278  * New locales for orders and lattices where the equivalence relation
   6.279 -  is not restricted to equality.  INCOMPATIBILITY: all order and
   6.280 -  lattice locales use a record structure with field eq for the
   6.281 -  equivalence.
   6.282 +is not restricted to equality.  INCOMPATIBILITY: all order and lattice
   6.283 +locales use a record structure with field eq for the equivalence.
   6.284  
   6.285  * New theory of factorial domains.
   6.286  
   6.287 @@ -485,6 +546,23 @@
   6.288  * Proof of Zorn's Lemma for partial orders.
   6.289  
   6.290  
   6.291 +*** HOLCF ***
   6.292 +
   6.293 +* Reimplemented the simplification procedure for proving continuity
   6.294 +subgoals.  The new simproc is extensible; users can declare additional
   6.295 +continuity introduction rules with the attribute [cont2cont].
   6.296 +
   6.297 +* The continuity simproc now uses a different introduction rule for
   6.298 +solving continuity subgoals on terms with lambda abstractions.  In
   6.299 +some rare cases the new simproc may fail to solve subgoals that the
   6.300 +old one could solve, and "simp add: cont2cont_LAM" may be necessary.
   6.301 +Potential INCOMPATIBILITY.
   6.302 +
   6.303 +* The syntax of the fixrec package has changed.  The specification
   6.304 +syntax now conforms in style to definition, primrec, function, etc.
   6.305 +See HOLCF/ex/Fixrec_ex.thy for examples.  INCOMPATIBILITY.
   6.306 +
   6.307 +
   6.308  *** ML ***
   6.309  
   6.310  * High-level support for concurrent ML programming, see
     7.1 --- a/README_REPOSITORY	Wed Mar 04 11:05:02 2009 +0100
     7.2 +++ b/README_REPOSITORY	Wed Mar 04 11:05:29 2009 +0100
     7.3 @@ -32,9 +32,9 @@
     7.4  Initial configuration
     7.5  ---------------------
     7.6  
     7.7 -Always use Mercurial version 1.0 or later, such as 1.0.1 or 1.0.2.
     7.8 +Always use Mercurial versions from the 1.0 or 1.1 branch, or later.
     7.9  The old 0.9.x versions do not work in a multi-user environment with
    7.10 -shared file spaces.
    7.11 +shared file spaces!
    7.12  
    7.13  
    7.14  The official Isabelle repository can be cloned like this:
    7.15 @@ -62,7 +62,8 @@
    7.16  
    7.17  In principle, user names can be chosen freely, but for longterm
    7.18  committers of the Isabelle repository the obvious choice is to keep
    7.19 -with the old CVS naming scheme.
    7.20 +with the old CVS naming scheme.  Others should use their regular "full
    7.21 +name"; including an email address is optional.
    7.22  
    7.23  
    7.24  There are other useful configuration to go into $HOME/.hgrc,
    7.25 @@ -135,6 +136,29 @@
    7.26    hg clone ssh://wenzelm@atbroy100//home/isabelle-repository/repos/isabelle
    7.27  
    7.28  
    7.29 +Simplified merges
    7.30 +-----------------
    7.31 +
    7.32 +The main idea of Mercurial is to let individual users produce
    7.33 +independent branches of development first, but merge with others
    7.34 +frequently.  The basic hg merge operation is more general than
    7.35 +required for the mode of operation with a shared pull/push area.  The
    7.36 +hg fetch extension accommodates this case nicely, automating trivial
    7.37 +merges and requiring manual intervention for actual conflicts only.
    7.38 +
    7.39 +The fetch extension can be configured via the user's ~/.hgrc like
    7.40 +this:
    7.41 +
    7.42 +  [extensions]
    7.43 +  hgext.fetch =
    7.44 +
    7.45 +  [defaults]
    7.46 +  fetch = -m "merged"
    7.47 +
    7.48 +Note that the potential for merge conflicts can be greatly reduced by
    7.49 +doing "hg fetch" before any starting local changes!
    7.50 +
    7.51 +
    7.52  Content discipline
    7.53  ------------------
    7.54  
    7.55 @@ -172,7 +196,9 @@
    7.56      Mercurial provides nice web presentation of incoming changes with
    7.57      a digest of log entries; this also includes RSS/Atom news feeds.
    7.58      Users should be aware that others will actually read what is
    7.59 -    written into log messages.
    7.60 +    written into log messages.  There are also add-on browsers,
    7.61 +    notably hgtk that is part of the TortoiseHg distribution and works
    7.62 +    for generic Python/GTk platforms.
    7.63  
    7.64      The usual changelog presentation style for the Isabelle repository
    7.65      admits log entries that consist of several lines, but without the
    7.66 @@ -194,6 +220,3 @@
    7.67  
    7.68  Needless to say, the results from the build process must not be added
    7.69  to the repository!
    7.70 -
    7.71 -
    7.72 -Makarius 30-Nov-2008
     8.1 --- a/doc-src/AxClass/Group/Group.thy	Wed Mar 04 11:05:02 2009 +0100
     8.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.3 @@ -1,322 +0,0 @@
     8.4 -
     8.5 -header {* Basic group theory *}
     8.6 -
     8.7 -theory Group imports Main begin
     8.8 -
     8.9 -text {*
    8.10 -  \medskip\noindent The meta-level type system of Isabelle supports
    8.11 -  \emph{intersections} and \emph{inclusions} of type classes. These
    8.12 -  directly correspond to intersections and inclusions of type
    8.13 -  predicates in a purely set theoretic sense. This is sufficient as a
    8.14 -  means to describe simple hierarchies of structures.  As an
    8.15 -  illustration, we use the well-known example of semigroups, monoids,
    8.16 -  general groups and Abelian groups.
    8.17 -*}
    8.18 -
    8.19 -subsection {* Monoids and Groups *}
    8.20 -
    8.21 -text {*
    8.22 -  First we declare some polymorphic constants required later for the
    8.23 -  signature parts of our structures.
    8.24 -*}
    8.25 -
    8.26 -consts
    8.27 -  times :: "'a \<Rightarrow> 'a \<Rightarrow> 'a"    (infixl "\<odot>" 70)
    8.28 -  invers :: "'a \<Rightarrow> 'a"    ("(_\<inv>)" [1000] 999)
    8.29 -  one :: 'a    ("\<one>")
    8.30 -
    8.31 -text {*
    8.32 -  \noindent Next we define class @{text monoid} of monoids with
    8.33 -  operations @{text \<odot>} and @{text \<one>}.  Note that multiple class
    8.34 -  axioms are allowed for user convenience --- they simply represent
    8.35 -  the conjunction of their respective universal closures.
    8.36 -*}
    8.37 -
    8.38 -axclass monoid \<subseteq> type
    8.39 -  assoc: "(x \<odot> y) \<odot> z = x \<odot> (y \<odot> z)"
    8.40 -  left_unit: "\<one> \<odot> x = x"
    8.41 -  right_unit: "x \<odot> \<one> = x"
    8.42 -
    8.43 -text {*
    8.44 -  \noindent So class @{text monoid} contains exactly those types
    8.45 -  @{text \<tau>} where @{text "\<odot> \<Colon> \<tau> \<Rightarrow> \<tau> \<Rightarrow> \<tau>"} and @{text "\<one> \<Colon> \<tau>"}
    8.46 -  are specified appropriately, such that @{text \<odot>} is associative and
    8.47 -  @{text \<one>} is a left and right unit element for the @{text \<odot>}
    8.48 -  operation.
    8.49 -*}
    8.50 -
    8.51 -text {*
    8.52 -  \medskip Independently of @{text monoid}, we now define a linear
    8.53 -  hierarchy of semigroups, general groups and Abelian groups.  Note
    8.54 -  that the names of class axioms are automatically qualified with each
    8.55 -  class name, so we may re-use common names such as @{text assoc}.
    8.56 -*}
    8.57 -
    8.58 -axclass semigroup \<subseteq> type
    8.59 -  assoc: "(x \<odot> y) \<odot> z = x \<odot> (y \<odot> z)"
    8.60 -
    8.61 -axclass group \<subseteq> semigroup
    8.62 -  left_unit: "\<one> \<odot> x = x"
    8.63 -  left_inverse: "x\<inv> \<odot> x = \<one>"
    8.64 -
    8.65 -axclass agroup \<subseteq> group
    8.66 -  commute: "x \<odot> y = y \<odot> x"
    8.67 -
    8.68 -text {*
    8.69 -  \noindent Class @{text group} inherits associativity of @{text \<odot>}
    8.70 -  from @{text semigroup} and adds two further group axioms. Similarly,
    8.71 -  @{text agroup} is defined as the subset of @{text group} such that
    8.72 -  for all of its elements @{text \<tau>}, the operation @{text "\<odot> \<Colon> \<tau> \<Rightarrow> \<tau> \<Rightarrow>
    8.73 -  \<tau>"} is even commutative.
    8.74 -*}
    8.75 -
    8.76 -
    8.77 -subsection {* Abstract reasoning *}
    8.78 -
    8.79 -text {*
    8.80 -  In a sense, axiomatic type classes may be viewed as \emph{abstract
    8.81 -  theories}.  Above class definitions gives rise to abstract axioms
    8.82 -  @{text assoc}, @{text left_unit}, @{text left_inverse}, @{text
    8.83 -  commute}, where any of these contain a type variable @{text "'a \<Colon>
    8.84 -  c"} that is restricted to types of the corresponding class @{text
    8.85 -  c}.  \emph{Sort constraints} like this express a logical
    8.86 -  precondition for the whole formula.  For example, @{text assoc}
    8.87 -  states that for all @{text \<tau>}, provided that @{text "\<tau> \<Colon>
    8.88 -  semigroup"}, the operation @{text "\<odot> \<Colon> \<tau> \<Rightarrow> \<tau> \<Rightarrow> \<tau>"} is associative.
    8.89 -
    8.90 -  \medskip From a technical point of view, abstract axioms are just
    8.91 -  ordinary Isabelle theorems, which may be used in proofs without
    8.92 -  special treatment.  Such ``abstract proofs'' usually yield new
    8.93 -  ``abstract theorems''.  For example, we may now derive the following
    8.94 -  well-known laws of general groups.
    8.95 -*}
    8.96 -
    8.97 -theorem group_right_inverse: "x \<odot> x\<inv> = (\<one>\<Colon>'a\<Colon>group)"
    8.98 -proof -
    8.99 -  have "x \<odot> x\<inv> = \<one> \<odot> (x \<odot> x\<inv>)"
   8.100 -    by (simp only: group_class.left_unit)
   8.101 -  also have "... = \<one> \<odot> x \<odot> x\<inv>"
   8.102 -    by (simp only: semigroup_class.assoc)
   8.103 -  also have "... = (x\<inv>)\<inv> \<odot> x\<inv> \<odot> x \<odot> x\<inv>"
   8.104 -    by (simp only: group_class.left_inverse)
   8.105 -  also have "... = (x\<inv>)\<inv> \<odot> (x\<inv> \<odot> x) \<odot> x\<inv>"
   8.106 -    by (simp only: semigroup_class.assoc)
   8.107 -  also have "... = (x\<inv>)\<inv> \<odot> \<one> \<odot> x\<inv>"
   8.108 -    by (simp only: group_class.left_inverse)
   8.109 -  also have "... = (x\<inv>)\<inv> \<odot> (\<one> \<odot> x\<inv>)"
   8.110 -    by (simp only: semigroup_class.assoc)
   8.111 -  also have "... = (x\<inv>)\<inv> \<odot> x\<inv>"
   8.112 -    by (simp only: group_class.left_unit)
   8.113 -  also have "... = \<one>"
   8.114 -    by (simp only: group_class.left_inverse)
   8.115 -  finally show ?thesis .
   8.116 -qed
   8.117 -
   8.118 -text {*
   8.119 -  \noindent With @{text group_right_inverse} already available, @{text
   8.120 -  group_right_unit}\label{thm:group-right-unit} is now established
   8.121 -  much easier.
   8.122 -*}
   8.123 -
   8.124 -theorem group_right_unit: "x \<odot> \<one> = (x\<Colon>'a\<Colon>group)"
   8.125 -proof -
   8.126 -  have "x \<odot> \<one> = x \<odot> (x\<inv> \<odot> x)"
   8.127 -    by (simp only: group_class.left_inverse)
   8.128 -  also have "... = x \<odot> x\<inv> \<odot> x"
   8.129 -    by (simp only: semigroup_class.assoc)
   8.130 -  also have "... = \<one> \<odot> x"
   8.131 -    by (simp only: group_right_inverse)
   8.132 -  also have "... = x"
   8.133 -    by (simp only: group_class.left_unit)
   8.134 -  finally show ?thesis .
   8.135 -qed
   8.136 -
   8.137 -text {*
   8.138 -  \medskip Abstract theorems may be instantiated to only those types
   8.139 -  @{text \<tau>} where the appropriate class membership @{text "\<tau> \<Colon> c"} is
   8.140 -  known at Isabelle's type signature level.  Since we have @{text
   8.141 -  "agroup \<subseteq> group \<subseteq> semigroup"} by definition, all theorems of @{text
   8.142 -  semigroup} and @{text group} are automatically inherited by @{text
   8.143 -  group} and @{text agroup}.
   8.144 -*}
   8.145 -
   8.146 -
   8.147 -subsection {* Abstract instantiation *}
   8.148 -
   8.149 -text {*
   8.150 -  From the definition, the @{text monoid} and @{text group} classes
   8.151 -  have been independent.  Note that for monoids, @{text right_unit}
   8.152 -  had to be included as an axiom, but for groups both @{text
   8.153 -  right_unit} and @{text right_inverse} are derivable from the other
   8.154 -  axioms.  With @{text group_right_unit} derived as a theorem of group
   8.155 -  theory (see page~\pageref{thm:group-right-unit}), we may now
   8.156 -  instantiate @{text "monoid \<subseteq> semigroup"} and @{text "group \<subseteq>
   8.157 -  monoid"} properly as follows (cf.\ \figref{fig:monoid-group}).
   8.158 -
   8.159 - \begin{figure}[htbp]
   8.160 -   \begin{center}
   8.161 -     \small
   8.162 -     \unitlength 0.6mm
   8.163 -     \begin{picture}(65,90)(0,-10)
   8.164 -       \put(15,10){\line(0,1){10}} \put(15,30){\line(0,1){10}}
   8.165 -       \put(15,50){\line(1,1){10}} \put(35,60){\line(1,-1){10}}
   8.166 -       \put(15,5){\makebox(0,0){@{text agroup}}}
   8.167 -       \put(15,25){\makebox(0,0){@{text group}}}
   8.168 -       \put(15,45){\makebox(0,0){@{text semigroup}}}
   8.169 -       \put(30,65){\makebox(0,0){@{text type}}} \put(50,45){\makebox(0,0){@{text monoid}}}
   8.170 -     \end{picture}
   8.171 -     \hspace{4em}
   8.172 -     \begin{picture}(30,90)(0,0)
   8.173 -       \put(15,10){\line(0,1){10}} \put(15,30){\line(0,1){10}}
   8.174 -       \put(15,50){\line(0,1){10}} \put(15,70){\line(0,1){10}}
   8.175 -       \put(15,5){\makebox(0,0){@{text agroup}}}
   8.176 -       \put(15,25){\makebox(0,0){@{text group}}}
   8.177 -       \put(15,45){\makebox(0,0){@{text monoid}}}
   8.178 -       \put(15,65){\makebox(0,0){@{text semigroup}}}
   8.179 -       \put(15,85){\makebox(0,0){@{text type}}}
   8.180 -     \end{picture}
   8.181 -     \caption{Monoids and groups: according to definition, and by proof}
   8.182 -     \label{fig:monoid-group}
   8.183 -   \end{center}
   8.184 - \end{figure}
   8.185 -*}
   8.186 -
   8.187 -instance monoid \<subseteq> semigroup
   8.188 -proof
   8.189 -  fix x y z :: "'a\<Colon>monoid"
   8.190 -  show "x \<odot> y \<odot> z = x \<odot> (y \<odot> z)"
   8.191 -    by (rule monoid_class.assoc)
   8.192 -qed
   8.193 -
   8.194 -instance group \<subseteq> monoid
   8.195 -proof
   8.196 -  fix x y z :: "'a\<Colon>group"
   8.197 -  show "x \<odot> y \<odot> z = x \<odot> (y \<odot> z)"
   8.198 -    by (rule semigroup_class.assoc)
   8.199 -  show "\<one> \<odot> x = x"
   8.200 -    by (rule group_class.left_unit)
   8.201 -  show "x \<odot> \<one> = x"
   8.202 -    by (rule group_right_unit)
   8.203 -qed
   8.204 -
   8.205 -text {*
   8.206 -  \medskip The \isakeyword{instance} command sets up an appropriate
   8.207 -  goal that represents the class inclusion (or type arity, see
   8.208 -  \secref{sec:inst-arity}) to be proven (see also
   8.209 -  \cite{isabelle-isar-ref}).  The initial proof step causes
   8.210 -  back-chaining of class membership statements wrt.\ the hierarchy of
   8.211 -  any classes defined in the current theory; the effect is to reduce
   8.212 -  to the initial statement to a number of goals that directly
   8.213 -  correspond to any class axioms encountered on the path upwards
   8.214 -  through the class hierarchy.
   8.215 -*}
   8.216 -
   8.217 -
   8.218 -subsection {* Concrete instantiation \label{sec:inst-arity} *}
   8.219 -
   8.220 -text {*
   8.221 -  So far we have covered the case of the form
   8.222 -  \isakeyword{instance}~@{text "c\<^sub>1 \<subseteq> c\<^sub>2"}, namely
   8.223 -  \emph{abstract instantiation} --- $c@1$ is more special than @{text
   8.224 -  "c\<^sub>1"} and thus an instance of @{text "c\<^sub>2"}.  Even more
   8.225 -  interesting for practical applications are \emph{concrete
   8.226 -  instantiations} of axiomatic type classes.  That is, certain simple
   8.227 -  schemes @{text "(\<alpha>\<^sub>1, \<dots>, \<alpha>\<^sub>n) t \<Colon> c"} of class
   8.228 -  membership may be established at the logical level and then
   8.229 -  transferred to Isabelle's type signature level.
   8.230 -
   8.231 -  \medskip As a typical example, we show that type @{typ bool} with
   8.232 -  exclusive-or as @{text \<odot>} operation, identity as @{text \<inv>}, and
   8.233 -  @{term False} as @{text \<one>} forms an Abelian group.
   8.234 -*}
   8.235 -
   8.236 -defs (overloaded)
   8.237 -  times_bool_def: "x \<odot> y \<equiv> x \<noteq> (y\<Colon>bool)"
   8.238 -  inverse_bool_def: "x\<inv> \<equiv> x\<Colon>bool"
   8.239 -  unit_bool_def: "\<one> \<equiv> False"
   8.240 -
   8.241 -text {*
   8.242 -  \medskip It is important to note that above \isakeyword{defs} are
   8.243 -  just overloaded meta-level constant definitions, where type classes
   8.244 -  are not yet involved at all.  This form of constant definition with
   8.245 -  overloading (and optional recursion over the syntactic structure of
   8.246 -  simple types) are admissible as definitional extensions of plain HOL
   8.247 -  \cite{Wenzel:1997:TPHOL}.  The Haskell-style type system is not
   8.248 -  required for overloading.  Nevertheless, overloaded definitions are
   8.249 -  best applied in the context of type classes.
   8.250 -
   8.251 -  \medskip Since we have chosen above \isakeyword{defs} of the generic
   8.252 -  group operations on type @{typ bool} appropriately, the class
   8.253 -  membership @{text "bool \<Colon> agroup"} may be now derived as follows.
   8.254 -*}
   8.255 -
   8.256 -instance bool :: agroup
   8.257 -proof (intro_classes,
   8.258 -    unfold times_bool_def inverse_bool_def unit_bool_def)
   8.259 -  fix x y z
   8.260 -  show "((x \<noteq> y) \<noteq> z) = (x \<noteq> (y \<noteq> z))" by blast
   8.261 -  show "(False \<noteq> x) = x" by blast
   8.262 -  show "(x \<noteq> x) = False" by blast
   8.263 -  show "(x \<noteq> y) = (y \<noteq> x)" by blast
   8.264 -qed
   8.265 -
   8.266 -text {*
   8.267 -  The result of an \isakeyword{instance} statement is both expressed
   8.268 -  as a theorem of Isabelle's meta-logic, and as a type arity of the
   8.269 -  type signature.  The latter enables type-inference system to take
   8.270 -  care of this new instance automatically.
   8.271 -
   8.272 -  \medskip We could now also instantiate our group theory classes to
   8.273 -  many other concrete types.  For example, @{text "int \<Colon> agroup"}
   8.274 -  (e.g.\ by defining @{text \<odot>} as addition, @{text \<inv>} as negation
   8.275 -  and @{text \<one>} as zero) or @{text "list \<Colon> (type) semigroup"}
   8.276 -  (e.g.\ if @{text \<odot>} is defined as list append).  Thus, the
   8.277 -  characteristic constants @{text \<odot>}, @{text \<inv>}, @{text \<one>}
   8.278 -  really become overloaded, i.e.\ have different meanings on different
   8.279 -  types.
   8.280 -*}
   8.281 -
   8.282 -
   8.283 -subsection {* Lifting and Functors *}
   8.284 -
   8.285 -text {*
   8.286 -  As already mentioned above, overloading in the simply-typed HOL
   8.287 -  systems may include recursion over the syntactic structure of types.
   8.288 -  That is, definitional equations @{text "c\<^sup>\<tau> \<equiv> t"} may also
   8.289 -  contain constants of name @{text c} on the right-hand side --- if
   8.290 -  these have types that are structurally simpler than @{text \<tau>}.
   8.291 -
   8.292 -  This feature enables us to \emph{lift operations}, say to Cartesian
   8.293 -  products, direct sums or function spaces.  Subsequently we lift
   8.294 -  @{text \<odot>} component-wise to binary products @{typ "'a \<times> 'b"}.
   8.295 -*}
   8.296 -
   8.297 -defs (overloaded)
   8.298 -  times_prod_def: "p \<odot> q \<equiv> (fst p \<odot> fst q, snd p \<odot> snd q)"
   8.299 -
   8.300 -text {*
   8.301 -  It is very easy to see that associativity of @{text \<odot>} on @{typ 'a}
   8.302 -  and @{text \<odot>} on @{typ 'b} transfers to @{text \<odot>} on @{typ "'a \<times>
   8.303 -  'b"}.  Hence the binary type constructor @{text \<odot>} maps semigroups
   8.304 -  to semigroups.  This may be established formally as follows.
   8.305 -*}
   8.306 -
   8.307 -instance * :: (semigroup, semigroup) semigroup
   8.308 -proof (intro_classes, unfold times_prod_def)
   8.309 -  fix p q r :: "'a\<Colon>semigroup \<times> 'b\<Colon>semigroup"
   8.310 -  show
   8.311 -    "(fst (fst p \<odot> fst q, snd p \<odot> snd q) \<odot> fst r,
   8.312 -      snd (fst p \<odot> fst q, snd p \<odot> snd q) \<odot> snd r) =
   8.313 -       (fst p \<odot> fst (fst q \<odot> fst r, snd q \<odot> snd r),
   8.314 -        snd p \<odot> snd (fst q \<odot> fst r, snd q \<odot> snd r))"
   8.315 -    by (simp add: semigroup_class.assoc)
   8.316 -qed
   8.317 -
   8.318 -text {*
   8.319 -  Thus, if we view class instances as ``structures'', then overloaded
   8.320 -  constant definitions with recursion over types indirectly provide
   8.321 -  some kind of ``functors'' --- i.e.\ mappings between abstract
   8.322 -  theories.
   8.323 -*}
   8.324 -
   8.325 -end
     9.1 --- a/doc-src/AxClass/Group/Product.thy	Wed Mar 04 11:05:02 2009 +0100
     9.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.3 @@ -1,85 +0,0 @@
     9.4 -
     9.5 -header {* Syntactic classes *}
     9.6 -
     9.7 -theory Product imports Main begin
     9.8 -
     9.9 -text {*
    9.10 -  \medskip\noindent There is still a feature of Isabelle's type system
    9.11 -  left that we have not yet discussed.  When declaring polymorphic
    9.12 -  constants @{text "c \<Colon> \<sigma>"}, the type variables occurring in @{text \<sigma>}
    9.13 -  may be constrained by type classes (or even general sorts) in an
    9.14 -  arbitrary way.  Note that by default, in Isabelle/HOL the
    9.15 -  declaration @{text "\<odot> \<Colon> 'a \<Rightarrow> 'a \<Rightarrow> 'a"} is actually an abbreviation
    9.16 -  for @{text "\<odot> \<Colon> 'a\<Colon>type \<Rightarrow> 'a \<Rightarrow> 'a"} Since class @{text type} is the
    9.17 -  universal class of HOL, this is not really a constraint at all.
    9.18 -
    9.19 - The @{text product} class below provides a less degenerate example of
    9.20 - syntactic type classes.
    9.21 -*}
    9.22 -
    9.23 -axclass
    9.24 -  product \<subseteq> type
    9.25 -consts
    9.26 -  product :: "'a\<Colon>product \<Rightarrow> 'a \<Rightarrow> 'a"    (infixl "\<odot>" 70)
    9.27 -
    9.28 -text {*
    9.29 -  Here class @{text product} is defined as subclass of @{text type}
    9.30 -  without any additional axioms.  This effects in logical equivalence
    9.31 -  of @{text product} and @{text type}, as is reflected by the trivial
    9.32 -  introduction rule generated for this definition.
    9.33 -
    9.34 -  \medskip So what is the difference of declaring @{text "\<odot> \<Colon>
    9.35 -  'a\<Colon>product \<Rightarrow> 'a \<Rightarrow> 'a"} vs.\ declaring @{text "\<odot> \<Colon> 'a\<Colon>type \<Rightarrow> 'a \<Rightarrow>
    9.36 -  'a"} anyway?  In this particular case where @{text "product \<equiv>
    9.37 -  type"}, it should be obvious that both declarations are the same
    9.38 -  from the logic's point of view.  It even makes the most sense to
    9.39 -  remove sort constraints from constant declarations, as far as the
    9.40 -  purely logical meaning is concerned \cite{Wenzel:1997:TPHOL}.
    9.41 -
    9.42 -  On the other hand there are syntactic differences, of course.
    9.43 - Constants @{text \<odot>} on some type @{text \<tau>} are rejected by the
    9.44 - type-checker, unless the arity @{text "\<tau> \<Colon> product"} is part of the
    9.45 - type signature.  In our example, this arity may be always added when
    9.46 - required by means of an \isakeyword{instance} with the default proof
    9.47 - (double-dot).
    9.48 -
    9.49 -  \medskip Thus, we may observe the following discipline of using
    9.50 -  syntactic classes.  Overloaded polymorphic constants have their type
    9.51 -  arguments restricted to an associated (logically trivial) class
    9.52 -  @{text c}.  Only immediately before \emph{specifying} these
    9.53 -  constants on a certain type @{text \<tau>} do we instantiate @{text "\<tau> \<Colon>
    9.54 -  c"}.
    9.55 -
    9.56 -  This is done for class @{text product} and type @{typ bool} as
    9.57 -  follows.
    9.58 -*}
    9.59 -
    9.60 -instance bool :: product ..
    9.61 -defs (overloaded)
    9.62 -  product_bool_def: "x \<odot> y \<equiv> x \<and> y"
    9.63 -
    9.64 -text {*
    9.65 - The definition @{text prod_bool_def} becomes syntactically
    9.66 - well-formed only after the arity @{text "bool \<Colon> product"} is made
    9.67 - known to the type checker.
    9.68 -
    9.69 - \medskip It is very important to see that above \isakeyword{defs} are
    9.70 - not directly connected with \isakeyword{instance} at all!  We were
    9.71 - just following our convention to specify @{text \<odot>} on @{typ bool}
    9.72 - after having instantiated @{text "bool \<Colon> product"}.  Isabelle does
    9.73 - not require these definitions, which is in contrast to programming
    9.74 - languages like Haskell \cite{haskell-report}.
    9.75 -
    9.76 - \medskip While Isabelle type classes and those of Haskell are almost
    9.77 - the same as far as type-checking and type inference are concerned,
    9.78 - there are important semantic differences.  Haskell classes require
    9.79 - their instances to \emph{provide operations} of certain \emph{names}.
    9.80 - Therefore, its \texttt{instance} has a \texttt{where} part that tells
    9.81 - the system what these ``member functions'' should be.
    9.82 -
    9.83 - This style of \texttt{instance} would not make much sense in
    9.84 - Isabelle's meta-logic, because there is no internal notion of
    9.85 - ``providing operations'' or even ``names of functions''.
    9.86 -*}
    9.87 -
    9.88 -end
    10.1 --- a/doc-src/AxClass/Group/ROOT.ML	Wed Mar 04 11:05:02 2009 +0100
    10.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.3 @@ -1,4 +0,0 @@
    10.4 -
    10.5 -use_thy "Semigroups";
    10.6 -use_thy "Group";
    10.7 -use_thy "Product";
    11.1 --- a/doc-src/AxClass/Group/Semigroups.thy	Wed Mar 04 11:05:02 2009 +0100
    11.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.3 @@ -1,54 +0,0 @@
    11.4 -
    11.5 -header {* Semigroups *}
    11.6 -
    11.7 -theory Semigroups imports Main begin
    11.8 -
    11.9 -text {*
   11.10 -  \medskip\noindent An axiomatic type class is simply a class of types
   11.11 -  that all meet certain properties, which are also called \emph{class
   11.12 -  axioms}. Thus, type classes may be also understood as type
   11.13 -  predicates --- i.e.\ abstractions over a single type argument @{typ
   11.14 -  'a}.  Class axioms typically contain polymorphic constants that
   11.15 -  depend on this type @{typ 'a}.  These \emph{characteristic
   11.16 -  constants} behave like operations associated with the ``carrier''
   11.17 -  type @{typ 'a}.
   11.18 -
   11.19 -  We illustrate these basic concepts by the following formulation of
   11.20 -  semigroups.
   11.21 -*}
   11.22 -
   11.23 -consts
   11.24 -  times :: "'a \<Rightarrow> 'a \<Rightarrow> 'a"    (infixl "\<odot>" 70)
   11.25 -axclass semigroup \<subseteq> type
   11.26 -  assoc: "(x \<odot> y) \<odot> z = x \<odot> (y \<odot> z)"
   11.27 -
   11.28 -text {*
   11.29 -  \noindent Above we have first declared a polymorphic constant @{text
   11.30 -  "\<odot> \<Colon> 'a \<Rightarrow> 'a \<Rightarrow> 'a"} and then defined the class @{text semigroup} of
   11.31 -  all types @{text \<tau>} such that @{text "\<odot> \<Colon> \<tau> \<Rightarrow> \<tau> \<Rightarrow> \<tau>"} is indeed an
   11.32 -  associative operator.  The @{text assoc} axiom contains exactly one
   11.33 -  type variable, which is invisible in the above presentation, though.
   11.34 -  Also note that free term variables (like @{term x}, @{term y},
   11.35 -  @{term z}) are allowed for user convenience --- conceptually all of
   11.36 -  these are bound by outermost universal quantifiers.
   11.37 -
   11.38 -  \medskip In general, type classes may be used to describe
   11.39 -  \emph{structures} with exactly one carrier @{typ 'a} and a fixed
   11.40 -  \emph{signature}.  Different signatures require different classes.
   11.41 -  Below, class @{text plus_semigroup} represents semigroups @{text
   11.42 -  "(\<tau>, \<oplus>\<^sup>\<tau>)"}, while the original @{text semigroup} would
   11.43 -  correspond to semigroups of the form @{text "(\<tau>, \<odot>\<^sup>\<tau>)"}.
   11.44 -*}
   11.45 -
   11.46 -consts
   11.47 -  plus :: "'a \<Rightarrow> 'a \<Rightarrow> 'a"    (infixl "\<oplus>" 70)
   11.48 -axclass plus_semigroup \<subseteq> type
   11.49 -  assoc: "(x \<oplus> y) \<oplus> z = x \<oplus> (y \<oplus> z)"
   11.50 -
   11.51 -text {*
   11.52 -  \noindent Even if classes @{text plus_semigroup} and @{text
   11.53 -  semigroup} both represent semigroups in a sense, they are certainly
   11.54 -  not quite the same.
   11.55 -*}
   11.56 -
   11.57 -end
    12.1 --- a/doc-src/AxClass/Group/document/Group.tex	Wed Mar 04 11:05:02 2009 +0100
    12.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    12.3 @@ -1,512 +0,0 @@
    12.4 -%
    12.5 -\begin{isabellebody}%
    12.6 -\def\isabellecontext{Group}%
    12.7 -%
    12.8 -\isamarkupheader{Basic group theory%
    12.9 -}
   12.10 -\isamarkuptrue%
   12.11 -%
   12.12 -\isadelimtheory
   12.13 -%
   12.14 -\endisadelimtheory
   12.15 -%
   12.16 -\isatagtheory
   12.17 -\isacommand{theory}\isamarkupfalse%
   12.18 -\ Group\ \isakeyword{imports}\ Main\ \isakeyword{begin}%
   12.19 -\endisatagtheory
   12.20 -{\isafoldtheory}%
   12.21 -%
   12.22 -\isadelimtheory
   12.23 -%
   12.24 -\endisadelimtheory
   12.25 -%
   12.26 -\begin{isamarkuptext}%
   12.27 -\medskip\noindent The meta-level type system of Isabelle supports
   12.28 -  \emph{intersections} and \emph{inclusions} of type classes. These
   12.29 -  directly correspond to intersections and inclusions of type
   12.30 -  predicates in a purely set theoretic sense. This is sufficient as a
   12.31 -  means to describe simple hierarchies of structures.  As an
   12.32 -  illustration, we use the well-known example of semigroups, monoids,
   12.33 -  general groups and Abelian groups.%
   12.34 -\end{isamarkuptext}%
   12.35 -\isamarkuptrue%
   12.36 -%
   12.37 -\isamarkupsubsection{Monoids and Groups%
   12.38 -}
   12.39 -\isamarkuptrue%
   12.40 -%
   12.41 -\begin{isamarkuptext}%
   12.42 -First we declare some polymorphic constants required later for the
   12.43 -  signature parts of our structures.%
   12.44 -\end{isamarkuptext}%
   12.45 -\isamarkuptrue%
   12.46 -\isacommand{consts}\isamarkupfalse%
   12.47 -\isanewline
   12.48 -\ \ times\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymodot}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
   12.49 -\ \ invers\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharparenleft}{\isacharunderscore}{\isasyminv}{\isacharparenright}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
   12.50 -\ \ one\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\ \ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isasymone}{\isachardoublequoteclose}{\isacharparenright}%
   12.51 -\begin{isamarkuptext}%
   12.52 -\noindent Next we define class \isa{monoid} of monoids with
   12.53 -  operations \isa{{\isasymodot}} and \isa{{\isasymone}}.  Note that multiple class
   12.54 -  axioms are allowed for user convenience --- they simply represent
   12.55 -  the conjunction of their respective universal closures.%
   12.56 -\end{isamarkuptext}%
   12.57 -\isamarkuptrue%
   12.58 -\isacommand{axclass}\isamarkupfalse%
   12.59 -\ monoid\ {\isasymsubseteq}\ type\isanewline
   12.60 -\ \ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymodot}\ y{\isacharparenright}\ {\isasymodot}\ z\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}y\ {\isasymodot}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
   12.61 -\ \ left{\isacharunderscore}unit{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymodot}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
   12.62 -\ \ right{\isacharunderscore}unit{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}%
   12.63 -\begin{isamarkuptext}%
   12.64 -\noindent So class \isa{monoid} contains exactly those types
   12.65 -  \isa{{\isasymtau}} where \isa{{\isasymodot}\ {\isasymColon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}} and \isa{{\isasymone}\ {\isasymColon}\ {\isasymtau}}
   12.66 -  are specified appropriately, such that \isa{{\isasymodot}} is associative and
   12.67 -  \isa{{\isasymone}} is a left and right unit element for the \isa{{\isasymodot}}
   12.68 -  operation.%
   12.69 -\end{isamarkuptext}%
   12.70 -\isamarkuptrue%
   12.71 -%
   12.72 -\begin{isamarkuptext}%
   12.73 -\medskip Independently of \isa{monoid}, we now define a linear
   12.74 -  hierarchy of semigroups, general groups and Abelian groups.  Note
   12.75 -  that the names of class axioms are automatically qualified with each
   12.76 -  class name, so we may re-use common names such as \isa{assoc}.%
   12.77 -\end{isamarkuptext}%
   12.78 -\isamarkuptrue%
   12.79 -\isacommand{axclass}\isamarkupfalse%
   12.80 -\ semigroup\ {\isasymsubseteq}\ type\isanewline
   12.81 -\ \ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymodot}\ y{\isacharparenright}\ {\isasymodot}\ z\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}y\ {\isasymodot}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
   12.82 -\isanewline
   12.83 -\isacommand{axclass}\isamarkupfalse%
   12.84 -\ group\ {\isasymsubseteq}\ semigroup\isanewline
   12.85 -\ \ left{\isacharunderscore}unit{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymodot}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
   12.86 -\ \ left{\isacharunderscore}inverse{\isacharcolon}\ {\isachardoublequoteopen}x{\isasyminv}\ {\isasymodot}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
   12.87 -\isanewline
   12.88 -\isacommand{axclass}\isamarkupfalse%
   12.89 -\ agroup\ {\isasymsubseteq}\ group\isanewline
   12.90 -\ \ commute{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ y\ {\isacharequal}\ y\ {\isasymodot}\ x{\isachardoublequoteclose}%
   12.91 -\begin{isamarkuptext}%
   12.92 -\noindent Class \isa{group} inherits associativity of \isa{{\isasymodot}}
   12.93 -  from \isa{semigroup} and adds two further group axioms. Similarly,
   12.94 -  \isa{agroup} is defined as the subset of \isa{group} such that
   12.95 -  for all of its elements \isa{{\isasymtau}}, the operation \isa{{\isasymodot}\ {\isasymColon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}} is even commutative.%
   12.96 -\end{isamarkuptext}%
   12.97 -\isamarkuptrue%
   12.98 -%
   12.99 -\isamarkupsubsection{Abstract reasoning%
  12.100 -}
  12.101 -\isamarkuptrue%
  12.102 -%
  12.103 -\begin{isamarkuptext}%
  12.104 -In a sense, axiomatic type classes may be viewed as \emph{abstract
  12.105 -  theories}.  Above class definitions gives rise to abstract axioms
  12.106 -  \isa{assoc}, \isa{left{\isacharunderscore}unit}, \isa{left{\isacharunderscore}inverse}, \isa{commute}, where any of these contain a type variable \isa{{\isacharprime}a\ {\isasymColon}\ c} that is restricted to types of the corresponding class \isa{c}.  \emph{Sort constraints} like this express a logical
  12.107 -  precondition for the whole formula.  For example, \isa{assoc}
  12.108 -  states that for all \isa{{\isasymtau}}, provided that \isa{{\isasymtau}\ {\isasymColon}\ semigroup}, the operation \isa{{\isasymodot}\ {\isasymColon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}} is associative.
  12.109 -
  12.110 -  \medskip From a technical point of view, abstract axioms are just
  12.111 -  ordinary Isabelle theorems, which may be used in proofs without
  12.112 -  special treatment.  Such ``abstract proofs'' usually yield new
  12.113 -  ``abstract theorems''.  For example, we may now derive the following
  12.114 -  well-known laws of general groups.%
  12.115 -\end{isamarkuptext}%
  12.116 -\isamarkuptrue%
  12.117 -\isacommand{theorem}\isamarkupfalse%
  12.118 -\ group{\isacharunderscore}right{\isacharunderscore}inverse{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ x{\isasyminv}\ {\isacharequal}\ {\isacharparenleft}{\isasymone}{\isasymColon}{\isacharprime}a{\isasymColon}group{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.119 -%
  12.120 -\isadelimproof
  12.121 -%
  12.122 -\endisadelimproof
  12.123 -%
  12.124 -\isatagproof
  12.125 -\isacommand{proof}\isamarkupfalse%
  12.126 -\ {\isacharminus}\isanewline
  12.127 -\ \ \isacommand{have}\isamarkupfalse%
  12.128 -\ {\isachardoublequoteopen}x\ {\isasymodot}\ x{\isasyminv}\ {\isacharequal}\ {\isasymone}\ {\isasymodot}\ {\isacharparenleft}x\ {\isasymodot}\ x{\isasyminv}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.129 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.130 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}unit{\isacharparenright}\isanewline
  12.131 -\ \ \isacommand{also}\isamarkupfalse%
  12.132 -\ \isacommand{have}\isamarkupfalse%
  12.133 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isasymone}\ {\isasymodot}\ x\ {\isasymodot}\ x{\isasyminv}{\isachardoublequoteclose}\isanewline
  12.134 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.135 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.136 -\ \ \isacommand{also}\isamarkupfalse%
  12.137 -\ \isacommand{have}\isamarkupfalse%
  12.138 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isacharparenleft}x{\isasyminv}{\isacharparenright}{\isasyminv}\ {\isasymodot}\ x{\isasyminv}\ {\isasymodot}\ x\ {\isasymodot}\ x{\isasyminv}{\isachardoublequoteclose}\isanewline
  12.139 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.140 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}inverse{\isacharparenright}\isanewline
  12.141 -\ \ \isacommand{also}\isamarkupfalse%
  12.142 -\ \isacommand{have}\isamarkupfalse%
  12.143 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isacharparenleft}x{\isasyminv}{\isacharparenright}{\isasyminv}\ {\isasymodot}\ {\isacharparenleft}x{\isasyminv}\ {\isasymodot}\ x{\isacharparenright}\ {\isasymodot}\ x{\isasyminv}{\isachardoublequoteclose}\isanewline
  12.144 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.145 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.146 -\ \ \isacommand{also}\isamarkupfalse%
  12.147 -\ \isacommand{have}\isamarkupfalse%
  12.148 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isacharparenleft}x{\isasyminv}{\isacharparenright}{\isasyminv}\ {\isasymodot}\ {\isasymone}\ {\isasymodot}\ x{\isasyminv}{\isachardoublequoteclose}\isanewline
  12.149 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.150 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}inverse{\isacharparenright}\isanewline
  12.151 -\ \ \isacommand{also}\isamarkupfalse%
  12.152 -\ \isacommand{have}\isamarkupfalse%
  12.153 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isacharparenleft}x{\isasyminv}{\isacharparenright}{\isasyminv}\ {\isasymodot}\ {\isacharparenleft}{\isasymone}\ {\isasymodot}\ x{\isasyminv}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.154 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.155 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.156 -\ \ \isacommand{also}\isamarkupfalse%
  12.157 -\ \isacommand{have}\isamarkupfalse%
  12.158 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isacharparenleft}x{\isasyminv}{\isacharparenright}{\isasyminv}\ {\isasymodot}\ x{\isasyminv}{\isachardoublequoteclose}\isanewline
  12.159 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.160 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}unit{\isacharparenright}\isanewline
  12.161 -\ \ \isacommand{also}\isamarkupfalse%
  12.162 -\ \isacommand{have}\isamarkupfalse%
  12.163 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
  12.164 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.165 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}inverse{\isacharparenright}\isanewline
  12.166 -\ \ \isacommand{finally}\isamarkupfalse%
  12.167 -\ \isacommand{show}\isamarkupfalse%
  12.168 -\ {\isacharquery}thesis\ \isacommand{{\isachardot}}\isamarkupfalse%
  12.169 -\isanewline
  12.170 -\isacommand{qed}\isamarkupfalse%
  12.171 -%
  12.172 -\endisatagproof
  12.173 -{\isafoldproof}%
  12.174 -%
  12.175 -\isadelimproof
  12.176 -%
  12.177 -\endisadelimproof
  12.178 -%
  12.179 -\begin{isamarkuptext}%
  12.180 -\noindent With \isa{group{\isacharunderscore}right{\isacharunderscore}inverse} already available, \isa{group{\isacharunderscore}right{\isacharunderscore}unit}\label{thm:group-right-unit} is now established
  12.181 -  much easier.%
  12.182 -\end{isamarkuptext}%
  12.183 -\isamarkuptrue%
  12.184 -\isacommand{theorem}\isamarkupfalse%
  12.185 -\ group{\isacharunderscore}right{\isacharunderscore}unit{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ {\isasymone}\ {\isacharequal}\ {\isacharparenleft}x{\isasymColon}{\isacharprime}a{\isasymColon}group{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.186 -%
  12.187 -\isadelimproof
  12.188 -%
  12.189 -\endisadelimproof
  12.190 -%
  12.191 -\isatagproof
  12.192 -\isacommand{proof}\isamarkupfalse%
  12.193 -\ {\isacharminus}\isanewline
  12.194 -\ \ \isacommand{have}\isamarkupfalse%
  12.195 -\ {\isachardoublequoteopen}x\ {\isasymodot}\ {\isasymone}\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}x{\isasyminv}\ {\isasymodot}\ x{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.196 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.197 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}inverse{\isacharparenright}\isanewline
  12.198 -\ \ \isacommand{also}\isamarkupfalse%
  12.199 -\ \isacommand{have}\isamarkupfalse%
  12.200 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ x\ {\isasymodot}\ x{\isasyminv}\ {\isasymodot}\ x{\isachardoublequoteclose}\isanewline
  12.201 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.202 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.203 -\ \ \isacommand{also}\isamarkupfalse%
  12.204 -\ \isacommand{have}\isamarkupfalse%
  12.205 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ {\isasymone}\ {\isasymodot}\ x{\isachardoublequoteclose}\isanewline
  12.206 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.207 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}right{\isacharunderscore}inverse{\isacharparenright}\isanewline
  12.208 -\ \ \isacommand{also}\isamarkupfalse%
  12.209 -\ \isacommand{have}\isamarkupfalse%
  12.210 -\ {\isachardoublequoteopen}{\isachardot}{\isachardot}{\isachardot}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  12.211 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.212 -\ {\isacharparenleft}simp\ only{\isacharcolon}\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}unit{\isacharparenright}\isanewline
  12.213 -\ \ \isacommand{finally}\isamarkupfalse%
  12.214 -\ \isacommand{show}\isamarkupfalse%
  12.215 -\ {\isacharquery}thesis\ \isacommand{{\isachardot}}\isamarkupfalse%
  12.216 -\isanewline
  12.217 -\isacommand{qed}\isamarkupfalse%
  12.218 -%
  12.219 -\endisatagproof
  12.220 -{\isafoldproof}%
  12.221 -%
  12.222 -\isadelimproof
  12.223 -%
  12.224 -\endisadelimproof
  12.225 -%
  12.226 -\begin{isamarkuptext}%
  12.227 -\medskip Abstract theorems may be instantiated to only those types
  12.228 -  \isa{{\isasymtau}} where the appropriate class membership \isa{{\isasymtau}\ {\isasymColon}\ c} is
  12.229 -  known at Isabelle's type signature level.  Since we have \isa{agroup\ {\isasymsubseteq}\ group\ {\isasymsubseteq}\ semigroup} by definition, all theorems of \isa{semigroup} and \isa{group} are automatically inherited by \isa{group} and \isa{agroup}.%
  12.230 -\end{isamarkuptext}%
  12.231 -\isamarkuptrue%
  12.232 -%
  12.233 -\isamarkupsubsection{Abstract instantiation%
  12.234 -}
  12.235 -\isamarkuptrue%
  12.236 -%
  12.237 -\begin{isamarkuptext}%
  12.238 -From the definition, the \isa{monoid} and \isa{group} classes
  12.239 -  have been independent.  Note that for monoids, \isa{right{\isacharunderscore}unit}
  12.240 -  had to be included as an axiom, but for groups both \isa{right{\isacharunderscore}unit} and \isa{right{\isacharunderscore}inverse} are derivable from the other
  12.241 -  axioms.  With \isa{group{\isacharunderscore}right{\isacharunderscore}unit} derived as a theorem of group
  12.242 -  theory (see page~\pageref{thm:group-right-unit}), we may now
  12.243 -  instantiate \isa{monoid\ {\isasymsubseteq}\ semigroup} and \isa{group\ {\isasymsubseteq}\ monoid} properly as follows (cf.\ \figref{fig:monoid-group}).
  12.244 -
  12.245 - \begin{figure}[htbp]
  12.246 -   \begin{center}
  12.247 -     \small
  12.248 -     \unitlength 0.6mm
  12.249 -     \begin{picture}(65,90)(0,-10)
  12.250 -       \put(15,10){\line(0,1){10}} \put(15,30){\line(0,1){10}}
  12.251 -       \put(15,50){\line(1,1){10}} \put(35,60){\line(1,-1){10}}
  12.252 -       \put(15,5){\makebox(0,0){\isa{agroup}}}
  12.253 -       \put(15,25){\makebox(0,0){\isa{group}}}
  12.254 -       \put(15,45){\makebox(0,0){\isa{semigroup}}}
  12.255 -       \put(30,65){\makebox(0,0){\isa{type}}} \put(50,45){\makebox(0,0){\isa{monoid}}}
  12.256 -     \end{picture}
  12.257 -     \hspace{4em}
  12.258 -     \begin{picture}(30,90)(0,0)
  12.259 -       \put(15,10){\line(0,1){10}} \put(15,30){\line(0,1){10}}
  12.260 -       \put(15,50){\line(0,1){10}} \put(15,70){\line(0,1){10}}
  12.261 -       \put(15,5){\makebox(0,0){\isa{agroup}}}
  12.262 -       \put(15,25){\makebox(0,0){\isa{group}}}
  12.263 -       \put(15,45){\makebox(0,0){\isa{monoid}}}
  12.264 -       \put(15,65){\makebox(0,0){\isa{semigroup}}}
  12.265 -       \put(15,85){\makebox(0,0){\isa{type}}}
  12.266 -     \end{picture}
  12.267 -     \caption{Monoids and groups: according to definition, and by proof}
  12.268 -     \label{fig:monoid-group}
  12.269 -   \end{center}
  12.270 - \end{figure}%
  12.271 -\end{isamarkuptext}%
  12.272 -\isamarkuptrue%
  12.273 -\isacommand{instance}\isamarkupfalse%
  12.274 -\ monoid\ {\isasymsubseteq}\ semigroup\isanewline
  12.275 -%
  12.276 -\isadelimproof
  12.277 -%
  12.278 -\endisadelimproof
  12.279 -%
  12.280 -\isatagproof
  12.281 -\isacommand{proof}\isamarkupfalse%
  12.282 -\isanewline
  12.283 -\ \ \isacommand{fix}\isamarkupfalse%
  12.284 -\ x\ y\ z\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}monoid{\isachardoublequoteclose}\isanewline
  12.285 -\ \ \isacommand{show}\isamarkupfalse%
  12.286 -\ {\isachardoublequoteopen}x\ {\isasymodot}\ y\ {\isasymodot}\ z\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}y\ {\isasymodot}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.287 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.288 -\ {\isacharparenleft}rule\ monoid{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.289 -\isacommand{qed}\isamarkupfalse%
  12.290 -%
  12.291 -\endisatagproof
  12.292 -{\isafoldproof}%
  12.293 -%
  12.294 -\isadelimproof
  12.295 -\isanewline
  12.296 -%
  12.297 -\endisadelimproof
  12.298 -\isanewline
  12.299 -\isacommand{instance}\isamarkupfalse%
  12.300 -\ group\ {\isasymsubseteq}\ monoid\isanewline
  12.301 -%
  12.302 -\isadelimproof
  12.303 -%
  12.304 -\endisadelimproof
  12.305 -%
  12.306 -\isatagproof
  12.307 -\isacommand{proof}\isamarkupfalse%
  12.308 -\isanewline
  12.309 -\ \ \isacommand{fix}\isamarkupfalse%
  12.310 -\ x\ y\ z\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}group{\isachardoublequoteclose}\isanewline
  12.311 -\ \ \isacommand{show}\isamarkupfalse%
  12.312 -\ {\isachardoublequoteopen}x\ {\isasymodot}\ y\ {\isasymodot}\ z\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}y\ {\isasymodot}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.313 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.314 -\ {\isacharparenleft}rule\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.315 -\ \ \isacommand{show}\isamarkupfalse%
  12.316 -\ {\isachardoublequoteopen}{\isasymone}\ {\isasymodot}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  12.317 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.318 -\ {\isacharparenleft}rule\ group{\isacharunderscore}class{\isachardot}left{\isacharunderscore}unit{\isacharparenright}\isanewline
  12.319 -\ \ \isacommand{show}\isamarkupfalse%
  12.320 -\ {\isachardoublequoteopen}x\ {\isasymodot}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  12.321 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.322 -\ {\isacharparenleft}rule\ group{\isacharunderscore}right{\isacharunderscore}unit{\isacharparenright}\isanewline
  12.323 -\isacommand{qed}\isamarkupfalse%
  12.324 -%
  12.325 -\endisatagproof
  12.326 -{\isafoldproof}%
  12.327 -%
  12.328 -\isadelimproof
  12.329 -%
  12.330 -\endisadelimproof
  12.331 -%
  12.332 -\begin{isamarkuptext}%
  12.333 -\medskip The \isakeyword{instance} command sets up an appropriate
  12.334 -  goal that represents the class inclusion (or type arity, see
  12.335 -  \secref{sec:inst-arity}) to be proven (see also
  12.336 -  \cite{isabelle-isar-ref}).  The initial proof step causes
  12.337 -  back-chaining of class membership statements wrt.\ the hierarchy of
  12.338 -  any classes defined in the current theory; the effect is to reduce
  12.339 -  to the initial statement to a number of goals that directly
  12.340 -  correspond to any class axioms encountered on the path upwards
  12.341 -  through the class hierarchy.%
  12.342 -\end{isamarkuptext}%
  12.343 -\isamarkuptrue%
  12.344 -%
  12.345 -\isamarkupsubsection{Concrete instantiation \label{sec:inst-arity}%
  12.346 -}
  12.347 -\isamarkuptrue%
  12.348 -%
  12.349 -\begin{isamarkuptext}%
  12.350 -So far we have covered the case of the form
  12.351 -  \isakeyword{instance}~\isa{c\isactrlsub {\isadigit{1}}\ {\isasymsubseteq}\ c\isactrlsub {\isadigit{2}}}, namely
  12.352 -  \emph{abstract instantiation} --- $c@1$ is more special than \isa{c\isactrlsub {\isadigit{1}}} and thus an instance of \isa{c\isactrlsub {\isadigit{2}}}.  Even more
  12.353 -  interesting for practical applications are \emph{concrete
  12.354 -  instantiations} of axiomatic type classes.  That is, certain simple
  12.355 -  schemes \isa{{\isacharparenleft}{\isasymalpha}\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlsub n{\isacharparenright}\ t\ {\isasymColon}\ c} of class
  12.356 -  membership may be established at the logical level and then
  12.357 -  transferred to Isabelle's type signature level.
  12.358 -
  12.359 -  \medskip As a typical example, we show that type \isa{bool} with
  12.360 -  exclusive-or as \isa{{\isasymodot}} operation, identity as \isa{{\isasyminv}}, and
  12.361 -  \isa{False} as \isa{{\isasymone}} forms an Abelian group.%
  12.362 -\end{isamarkuptext}%
  12.363 -\isamarkuptrue%
  12.364 -\isacommand{defs}\isamarkupfalse%
  12.365 -\ {\isacharparenleft}\isakeyword{overloaded}{\isacharparenright}\isanewline
  12.366 -\ \ times{\isacharunderscore}bool{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ y\ {\isasymequiv}\ x\ {\isasymnoteq}\ {\isacharparenleft}y{\isasymColon}bool{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.367 -\ \ inverse{\isacharunderscore}bool{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}x{\isasyminv}\ {\isasymequiv}\ x{\isasymColon}bool{\isachardoublequoteclose}\isanewline
  12.368 -\ \ unit{\isacharunderscore}bool{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymequiv}\ False{\isachardoublequoteclose}%
  12.369 -\begin{isamarkuptext}%
  12.370 -\medskip It is important to note that above \isakeyword{defs} are
  12.371 -  just overloaded meta-level constant definitions, where type classes
  12.372 -  are not yet involved at all.  This form of constant definition with
  12.373 -  overloading (and optional recursion over the syntactic structure of
  12.374 -  simple types) are admissible as definitional extensions of plain HOL
  12.375 -  \cite{Wenzel:1997:TPHOL}.  The Haskell-style type system is not
  12.376 -  required for overloading.  Nevertheless, overloaded definitions are
  12.377 -  best applied in the context of type classes.
  12.378 -
  12.379 -  \medskip Since we have chosen above \isakeyword{defs} of the generic
  12.380 -  group operations on type \isa{bool} appropriately, the class
  12.381 -  membership \isa{bool\ {\isasymColon}\ agroup} may be now derived as follows.%
  12.382 -\end{isamarkuptext}%
  12.383 -\isamarkuptrue%
  12.384 -\isacommand{instance}\isamarkupfalse%
  12.385 -\ bool\ {\isacharcolon}{\isacharcolon}\ agroup\isanewline
  12.386 -%
  12.387 -\isadelimproof
  12.388 -%
  12.389 -\endisadelimproof
  12.390 -%
  12.391 -\isatagproof
  12.392 -\isacommand{proof}\isamarkupfalse%
  12.393 -\ {\isacharparenleft}intro{\isacharunderscore}classes{\isacharcomma}\isanewline
  12.394 -\ \ \ \ unfold\ times{\isacharunderscore}bool{\isacharunderscore}def\ inverse{\isacharunderscore}bool{\isacharunderscore}def\ unit{\isacharunderscore}bool{\isacharunderscore}def{\isacharparenright}\isanewline
  12.395 -\ \ \isacommand{fix}\isamarkupfalse%
  12.396 -\ x\ y\ z\isanewline
  12.397 -\ \ \isacommand{show}\isamarkupfalse%
  12.398 -\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharparenleft}x\ {\isasymnoteq}\ y{\isacharparenright}\ {\isasymnoteq}\ z{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}x\ {\isasymnoteq}\ {\isacharparenleft}y\ {\isasymnoteq}\ z{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  12.399 -\ blast\isanewline
  12.400 -\ \ \isacommand{show}\isamarkupfalse%
  12.401 -\ {\isachardoublequoteopen}{\isacharparenleft}False\ {\isasymnoteq}\ x{\isacharparenright}\ {\isacharequal}\ x{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  12.402 -\ blast\isanewline
  12.403 -\ \ \isacommand{show}\isamarkupfalse%
  12.404 -\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymnoteq}\ x{\isacharparenright}\ {\isacharequal}\ False{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  12.405 -\ blast\isanewline
  12.406 -\ \ \isacommand{show}\isamarkupfalse%
  12.407 -\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymnoteq}\ y{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}y\ {\isasymnoteq}\ x{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  12.408 -\ blast\isanewline
  12.409 -\isacommand{qed}\isamarkupfalse%
  12.410 -%
  12.411 -\endisatagproof
  12.412 -{\isafoldproof}%
  12.413 -%
  12.414 -\isadelimproof
  12.415 -%
  12.416 -\endisadelimproof
  12.417 -%
  12.418 -\begin{isamarkuptext}%
  12.419 -The result of an \isakeyword{instance} statement is both expressed
  12.420 -  as a theorem of Isabelle's meta-logic, and as a type arity of the
  12.421 -  type signature.  The latter enables type-inference system to take
  12.422 -  care of this new instance automatically.
  12.423 -
  12.424 -  \medskip We could now also instantiate our group theory classes to
  12.425 -  many other concrete types.  For example, \isa{int\ {\isasymColon}\ agroup}
  12.426 -  (e.g.\ by defining \isa{{\isasymodot}} as addition, \isa{{\isasyminv}} as negation
  12.427 -  and \isa{{\isasymone}} as zero) or \isa{list\ {\isasymColon}\ {\isacharparenleft}type{\isacharparenright}\ semigroup}
  12.428 -  (e.g.\ if \isa{{\isasymodot}} is defined as list append).  Thus, the
  12.429 -  characteristic constants \isa{{\isasymodot}}, \isa{{\isasyminv}}, \isa{{\isasymone}}
  12.430 -  really become overloaded, i.e.\ have different meanings on different
  12.431 -  types.%
  12.432 -\end{isamarkuptext}%
  12.433 -\isamarkuptrue%
  12.434 -%
  12.435 -\isamarkupsubsection{Lifting and Functors%
  12.436 -}
  12.437 -\isamarkuptrue%
  12.438 -%
  12.439 -\begin{isamarkuptext}%
  12.440 -As already mentioned above, overloading in the simply-typed HOL
  12.441 -  systems may include recursion over the syntactic structure of types.
  12.442 -  That is, definitional equations \isa{c\isactrlsup {\isasymtau}\ {\isasymequiv}\ t} may also
  12.443 -  contain constants of name \isa{c} on the right-hand side --- if
  12.444 -  these have types that are structurally simpler than \isa{{\isasymtau}}.
  12.445 -
  12.446 -  This feature enables us to \emph{lift operations}, say to Cartesian
  12.447 -  products, direct sums or function spaces.  Subsequently we lift
  12.448 -  \isa{{\isasymodot}} component-wise to binary products \isa{{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b}.%
  12.449 -\end{isamarkuptext}%
  12.450 -\isamarkuptrue%
  12.451 -\isacommand{defs}\isamarkupfalse%
  12.452 -\ {\isacharparenleft}\isakeyword{overloaded}{\isacharparenright}\isanewline
  12.453 -\ \ times{\isacharunderscore}prod{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}p\ {\isasymodot}\ q\ {\isasymequiv}\ {\isacharparenleft}fst\ p\ {\isasymodot}\ fst\ q{\isacharcomma}\ snd\ p\ {\isasymodot}\ snd\ q{\isacharparenright}{\isachardoublequoteclose}%
  12.454 -\begin{isamarkuptext}%
  12.455 -It is very easy to see that associativity of \isa{{\isasymodot}} on \isa{{\isacharprime}a}
  12.456 -  and \isa{{\isasymodot}} on \isa{{\isacharprime}b} transfers to \isa{{\isasymodot}} on \isa{{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b}.  Hence the binary type constructor \isa{{\isasymodot}} maps semigroups
  12.457 -  to semigroups.  This may be established formally as follows.%
  12.458 -\end{isamarkuptext}%
  12.459 -\isamarkuptrue%
  12.460 -\isacommand{instance}\isamarkupfalse%
  12.461 -\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}semigroup{\isacharcomma}\ semigroup{\isacharparenright}\ semigroup\isanewline
  12.462 -%
  12.463 -\isadelimproof
  12.464 -%
  12.465 -\endisadelimproof
  12.466 -%
  12.467 -\isatagproof
  12.468 -\isacommand{proof}\isamarkupfalse%
  12.469 -\ {\isacharparenleft}intro{\isacharunderscore}classes{\isacharcomma}\ unfold\ times{\isacharunderscore}prod{\isacharunderscore}def{\isacharparenright}\isanewline
  12.470 -\ \ \isacommand{fix}\isamarkupfalse%
  12.471 -\ p\ q\ r\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}semigroup\ {\isasymtimes}\ {\isacharprime}b{\isasymColon}semigroup{\isachardoublequoteclose}\isanewline
  12.472 -\ \ \isacommand{show}\isamarkupfalse%
  12.473 -\isanewline
  12.474 -\ \ \ \ {\isachardoublequoteopen}{\isacharparenleft}fst\ {\isacharparenleft}fst\ p\ {\isasymodot}\ fst\ q{\isacharcomma}\ snd\ p\ {\isasymodot}\ snd\ q{\isacharparenright}\ {\isasymodot}\ fst\ r{\isacharcomma}\isanewline
  12.475 -\ \ \ \ \ \ snd\ {\isacharparenleft}fst\ p\ {\isasymodot}\ fst\ q{\isacharcomma}\ snd\ p\ {\isasymodot}\ snd\ q{\isacharparenright}\ {\isasymodot}\ snd\ r{\isacharparenright}\ {\isacharequal}\isanewline
  12.476 -\ \ \ \ \ \ \ {\isacharparenleft}fst\ p\ {\isasymodot}\ fst\ {\isacharparenleft}fst\ q\ {\isasymodot}\ fst\ r{\isacharcomma}\ snd\ q\ {\isasymodot}\ snd\ r{\isacharparenright}{\isacharcomma}\isanewline
  12.477 -\ \ \ \ \ \ \ \ snd\ p\ {\isasymodot}\ snd\ {\isacharparenleft}fst\ q\ {\isasymodot}\ fst\ r{\isacharcomma}\ snd\ q\ {\isasymodot}\ snd\ r{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  12.478 -\ \ \ \ \isacommand{by}\isamarkupfalse%
  12.479 -\ {\isacharparenleft}simp\ add{\isacharcolon}\ semigroup{\isacharunderscore}class{\isachardot}assoc{\isacharparenright}\isanewline
  12.480 -\isacommand{qed}\isamarkupfalse%
  12.481 -%
  12.482 -\endisatagproof
  12.483 -{\isafoldproof}%
  12.484 -%
  12.485 -\isadelimproof
  12.486 -%
  12.487 -\endisadelimproof
  12.488 -%
  12.489 -\begin{isamarkuptext}%
  12.490 -Thus, if we view class instances as ``structures'', then overloaded
  12.491 -  constant definitions with recursion over types indirectly provide
  12.492 -  some kind of ``functors'' --- i.e.\ mappings between abstract
  12.493 -  theories.%
  12.494 -\end{isamarkuptext}%
  12.495 -\isamarkuptrue%
  12.496 -%
  12.497 -\isadelimtheory
  12.498 -%
  12.499 -\endisadelimtheory
  12.500 -%
  12.501 -\isatagtheory
  12.502 -\isacommand{end}\isamarkupfalse%
  12.503 -%
  12.504 -\endisatagtheory
  12.505 -{\isafoldtheory}%
  12.506 -%
  12.507 -\isadelimtheory
  12.508 -%
  12.509 -\endisadelimtheory
  12.510 -\isanewline
  12.511 -\end{isabellebody}%
  12.512 -%%% Local Variables:
  12.513 -%%% mode: latex
  12.514 -%%% TeX-master: "root"
  12.515 -%%% End:
    13.1 --- a/doc-src/AxClass/Group/document/Product.tex	Wed Mar 04 11:05:02 2009 +0100
    13.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.3 @@ -1,133 +0,0 @@
    13.4 -%
    13.5 -\begin{isabellebody}%
    13.6 -\def\isabellecontext{Product}%
    13.7 -%
    13.8 -\isamarkupheader{Syntactic classes%
    13.9 -}
   13.10 -\isamarkuptrue%
   13.11 -%
   13.12 -\isadelimtheory
   13.13 -%
   13.14 -\endisadelimtheory
   13.15 -%
   13.16 -\isatagtheory
   13.17 -\isacommand{theory}\isamarkupfalse%
   13.18 -\ Product\ \isakeyword{imports}\ Main\ \isakeyword{begin}%
   13.19 -\endisatagtheory
   13.20 -{\isafoldtheory}%
   13.21 -%
   13.22 -\isadelimtheory
   13.23 -%
   13.24 -\endisadelimtheory
   13.25 -%
   13.26 -\begin{isamarkuptext}%
   13.27 -\medskip\noindent There is still a feature of Isabelle's type system
   13.28 -  left that we have not yet discussed.  When declaring polymorphic
   13.29 -  constants \isa{c\ {\isasymColon}\ {\isasymsigma}}, the type variables occurring in \isa{{\isasymsigma}}
   13.30 -  may be constrained by type classes (or even general sorts) in an
   13.31 -  arbitrary way.  Note that by default, in Isabelle/HOL the
   13.32 -  declaration \isa{{\isasymodot}\ {\isasymColon}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a} is actually an abbreviation
   13.33 -  for \isa{{\isasymodot}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}type\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a} Since class \isa{type} is the
   13.34 -  universal class of HOL, this is not really a constraint at all.
   13.35 -
   13.36 - The \isa{product} class below provides a less degenerate example of
   13.37 - syntactic type classes.%
   13.38 -\end{isamarkuptext}%
   13.39 -\isamarkuptrue%
   13.40 -\isacommand{axclass}\isamarkupfalse%
   13.41 -\isanewline
   13.42 -\ \ product\ {\isasymsubseteq}\ type\isanewline
   13.43 -\isacommand{consts}\isamarkupfalse%
   13.44 -\isanewline
   13.45 -\ \ product\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}product\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymodot}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}%
   13.46 -\begin{isamarkuptext}%
   13.47 -Here class \isa{product} is defined as subclass of \isa{type}
   13.48 -  without any additional axioms.  This effects in logical equivalence
   13.49 -  of \isa{product} and \isa{type}, as is reflected by the trivial
   13.50 -  introduction rule generated for this definition.
   13.51 -
   13.52 -  \medskip So what is the difference of declaring \isa{{\isasymodot}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}product\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a} vs.\ declaring \isa{{\isasymodot}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}type\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a} anyway?  In this particular case where \isa{product\ {\isasymequiv}\ type}, it should be obvious that both declarations are the same
   13.53 -  from the logic's point of view.  It even makes the most sense to
   13.54 -  remove sort constraints from constant declarations, as far as the
   13.55 -  purely logical meaning is concerned \cite{Wenzel:1997:TPHOL}.
   13.56 -
   13.57 -  On the other hand there are syntactic differences, of course.
   13.58 - Constants \isa{{\isasymodot}} on some type \isa{{\isasymtau}} are rejected by the
   13.59 - type-checker, unless the arity \isa{{\isasymtau}\ {\isasymColon}\ product} is part of the
   13.60 - type signature.  In our example, this arity may be always added when
   13.61 - required by means of an \isakeyword{instance} with the default proof
   13.62 - (double-dot).
   13.63 -
   13.64 -  \medskip Thus, we may observe the following discipline of using
   13.65 -  syntactic classes.  Overloaded polymorphic constants have their type
   13.66 -  arguments restricted to an associated (logically trivial) class
   13.67 -  \isa{c}.  Only immediately before \emph{specifying} these
   13.68 -  constants on a certain type \isa{{\isasymtau}} do we instantiate \isa{{\isasymtau}\ {\isasymColon}\ c}.
   13.69 -
   13.70 -  This is done for class \isa{product} and type \isa{bool} as
   13.71 -  follows.%
   13.72 -\end{isamarkuptext}%
   13.73 -\isamarkuptrue%
   13.74 -\isacommand{instance}\isamarkupfalse%
   13.75 -\ bool\ {\isacharcolon}{\isacharcolon}\ product%
   13.76 -\isadelimproof
   13.77 -\ %
   13.78 -\endisadelimproof
   13.79 -%
   13.80 -\isatagproof
   13.81 -\isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
   13.82 -%
   13.83 -\endisatagproof
   13.84 -{\isafoldproof}%
   13.85 -%
   13.86 -\isadelimproof
   13.87 -%
   13.88 -\endisadelimproof
   13.89 -\isanewline
   13.90 -\isacommand{defs}\isamarkupfalse%
   13.91 -\ {\isacharparenleft}\isakeyword{overloaded}{\isacharparenright}\isanewline
   13.92 -\ \ product{\isacharunderscore}bool{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymodot}\ y\ {\isasymequiv}\ x\ {\isasymand}\ y{\isachardoublequoteclose}%
   13.93 -\begin{isamarkuptext}%
   13.94 -The definition \isa{prod{\isacharunderscore}bool{\isacharunderscore}def} becomes syntactically
   13.95 - well-formed only after the arity \isa{bool\ {\isasymColon}\ product} is made
   13.96 - known to the type checker.
   13.97 -
   13.98 - \medskip It is very important to see that above \isakeyword{defs} are
   13.99 - not directly connected with \isakeyword{instance} at all!  We were
  13.100 - just following our convention to specify \isa{{\isasymodot}} on \isa{bool}
  13.101 - after having instantiated \isa{bool\ {\isasymColon}\ product}.  Isabelle does
  13.102 - not require these definitions, which is in contrast to programming
  13.103 - languages like Haskell \cite{haskell-report}.
  13.104 -
  13.105 - \medskip While Isabelle type classes and those of Haskell are almost
  13.106 - the same as far as type-checking and type inference are concerned,
  13.107 - there are important semantic differences.  Haskell classes require
  13.108 - their instances to \emph{provide operations} of certain \emph{names}.
  13.109 - Therefore, its \texttt{instance} has a \texttt{where} part that tells
  13.110 - the system what these ``member functions'' should be.
  13.111 -
  13.112 - This style of \texttt{instance} would not make much sense in
  13.113 - Isabelle's meta-logic, because there is no internal notion of
  13.114 - ``providing operations'' or even ``names of functions''.%
  13.115 -\end{isamarkuptext}%
  13.116 -\isamarkuptrue%
  13.117 -%
  13.118 -\isadelimtheory
  13.119 -%
  13.120 -\endisadelimtheory
  13.121 -%
  13.122 -\isatagtheory
  13.123 -\isacommand{end}\isamarkupfalse%
  13.124 -%
  13.125 -\endisatagtheory
  13.126 -{\isafoldtheory}%
  13.127 -%
  13.128 -\isadelimtheory
  13.129 -%
  13.130 -\endisadelimtheory
  13.131 -\isanewline
  13.132 -\end{isabellebody}%
  13.133 -%%% Local Variables:
  13.134 -%%% mode: latex
  13.135 -%%% TeX-master: "root"
  13.136 -%%% End:
    14.1 --- a/doc-src/AxClass/Group/document/Semigroups.tex	Wed Mar 04 11:05:02 2009 +0100
    14.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.3 @@ -1,88 +0,0 @@
    14.4 -%
    14.5 -\begin{isabellebody}%
    14.6 -\def\isabellecontext{Semigroups}%
    14.7 -%
    14.8 -\isamarkupheader{Semigroups%
    14.9 -}
   14.10 -\isamarkuptrue%
   14.11 -%
   14.12 -\isadelimtheory
   14.13 -%
   14.14 -\endisadelimtheory
   14.15 -%
   14.16 -\isatagtheory
   14.17 -\isacommand{theory}\isamarkupfalse%
   14.18 -\ Semigroups\ \isakeyword{imports}\ Main\ \isakeyword{begin}%
   14.19 -\endisatagtheory
   14.20 -{\isafoldtheory}%
   14.21 -%
   14.22 -\isadelimtheory
   14.23 -%
   14.24 -\endisadelimtheory
   14.25 -%
   14.26 -\begin{isamarkuptext}%
   14.27 -\medskip\noindent An axiomatic type class is simply a class of types
   14.28 -  that all meet certain properties, which are also called \emph{class
   14.29 -  axioms}. Thus, type classes may be also understood as type
   14.30 -  predicates --- i.e.\ abstractions over a single type argument \isa{{\isacharprime}a}.  Class axioms typically contain polymorphic constants that
   14.31 -  depend on this type \isa{{\isacharprime}a}.  These \emph{characteristic
   14.32 -  constants} behave like operations associated with the ``carrier''
   14.33 -  type \isa{{\isacharprime}a}.
   14.34 -
   14.35 -  We illustrate these basic concepts by the following formulation of
   14.36 -  semigroups.%
   14.37 -\end{isamarkuptext}%
   14.38 -\isamarkuptrue%
   14.39 -\isacommand{consts}\isamarkupfalse%
   14.40 -\isanewline
   14.41 -\ \ times\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymodot}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
   14.42 -\isacommand{axclass}\isamarkupfalse%
   14.43 -\ semigroup\ {\isasymsubseteq}\ type\isanewline
   14.44 -\ \ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymodot}\ y{\isacharparenright}\ {\isasymodot}\ z\ {\isacharequal}\ x\ {\isasymodot}\ {\isacharparenleft}y\ {\isasymodot}\ z{\isacharparenright}{\isachardoublequoteclose}%
   14.45 -\begin{isamarkuptext}%
   14.46 -\noindent Above we have first declared a polymorphic constant \isa{{\isasymodot}\ {\isasymColon}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a} and then defined the class \isa{semigroup} of
   14.47 -  all types \isa{{\isasymtau}} such that \isa{{\isasymodot}\ {\isasymColon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymtau}} is indeed an
   14.48 -  associative operator.  The \isa{assoc} axiom contains exactly one
   14.49 -  type variable, which is invisible in the above presentation, though.
   14.50 -  Also note that free term variables (like \isa{x}, \isa{y},
   14.51 -  \isa{z}) are allowed for user convenience --- conceptually all of
   14.52 -  these are bound by outermost universal quantifiers.
   14.53 -
   14.54 -  \medskip In general, type classes may be used to describe
   14.55 -  \emph{structures} with exactly one carrier \isa{{\isacharprime}a} and a fixed
   14.56 -  \emph{signature}.  Different signatures require different classes.
   14.57 -  Below, class \isa{plus{\isacharunderscore}semigroup} represents semigroups \isa{{\isacharparenleft}{\isasymtau}{\isacharcomma}\ {\isasymoplus}\isactrlsup {\isasymtau}{\isacharparenright}}, while the original \isa{semigroup} would
   14.58 -  correspond to semigroups of the form \isa{{\isacharparenleft}{\isasymtau}{\isacharcomma}\ {\isasymodot}\isactrlsup {\isasymtau}{\isacharparenright}}.%
   14.59 -\end{isamarkuptext}%
   14.60 -\isamarkuptrue%
   14.61 -\isacommand{consts}\isamarkupfalse%
   14.62 -\isanewline
   14.63 -\ \ plus\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymoplus}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
   14.64 -\isacommand{axclass}\isamarkupfalse%
   14.65 -\ plus{\isacharunderscore}semigroup\ {\isasymsubseteq}\ type\isanewline
   14.66 -\ \ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymoplus}\ y{\isacharparenright}\ {\isasymoplus}\ z\ {\isacharequal}\ x\ {\isasymoplus}\ {\isacharparenleft}y\ {\isasymoplus}\ z{\isacharparenright}{\isachardoublequoteclose}%
   14.67 -\begin{isamarkuptext}%
   14.68 -\noindent Even if classes \isa{plus{\isacharunderscore}semigroup} and \isa{semigroup} both represent semigroups in a sense, they are certainly
   14.69 -  not quite the same.%
   14.70 -\end{isamarkuptext}%
   14.71 -\isamarkuptrue%
   14.72 -%
   14.73 -\isadelimtheory
   14.74 -%
   14.75 -\endisadelimtheory
   14.76 -%
   14.77 -\isatagtheory
   14.78 -\isacommand{end}\isamarkupfalse%
   14.79 -%
   14.80 -\endisatagtheory
   14.81 -{\isafoldtheory}%
   14.82 -%
   14.83 -\isadelimtheory
   14.84 -%
   14.85 -\endisadelimtheory
   14.86 -\isanewline
   14.87 -\end{isabellebody}%
   14.88 -%%% Local Variables:
   14.89 -%%% mode: latex
   14.90 -%%% TeX-master: "root"
   14.91 -%%% End:
    15.1 --- a/doc-src/AxClass/IsaMakefile	Wed Mar 04 11:05:02 2009 +0100
    15.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.3 @@ -1,47 +0,0 @@
    15.4 -
    15.5 -## targets
    15.6 -
    15.7 -default: Group Nat
    15.8 -images: 
    15.9 -test: Group Nat
   15.10 -
   15.11 -all: images test
   15.12 -
   15.13 -
   15.14 -## global settings
   15.15 -
   15.16 -SRC = $(ISABELLE_HOME)/src
   15.17 -OUT = $(ISABELLE_OUTPUT)
   15.18 -LOG = $(OUT)/log
   15.19 -USEDIR = $(ISABELLE_TOOL) usedir -d false -D document
   15.20 -
   15.21 -
   15.22 -## Group
   15.23 -
   15.24 -Group: HOL $(LOG)/HOL-Group.gz
   15.25 -
   15.26 -HOL:
   15.27 -	@cd $(SRC)/HOL; $(ISABELLE_TOOL) make HOL
   15.28 -
   15.29 -$(LOG)/HOL-Group.gz: $(OUT)/HOL Group/ROOT.ML Group/Group.thy \
   15.30 -  Group/Product.thy Group/Semigroups.thy
   15.31 -	@$(USEDIR) $(OUT)/HOL Group
   15.32 -	@rm -f Group/document/pdfsetup.sty Group/document/session.tex
   15.33 -
   15.34 -
   15.35 -## Nat
   15.36 -
   15.37 -Nat: FOL $(LOG)/FOL-Nat.gz
   15.38 -
   15.39 -FOL:
   15.40 -	@cd $(SRC)/FOL; $(ISABELLE_TOOL) make FOL
   15.41 -
   15.42 -$(LOG)/FOL-Nat.gz: $(OUT)/FOL Nat/ROOT.ML Nat/NatClass.thy
   15.43 -	@$(USEDIR) $(OUT)/FOL Nat
   15.44 -	@rm -f Nat/document/*.sty Nat/document/session.tex
   15.45 -
   15.46 -
   15.47 -## clean
   15.48 -
   15.49 -clean:
   15.50 -	@rm -f $(LOG)/HOL-Group.gz $(LOG)/FOL-Nat.gz
    16.1 --- a/doc-src/AxClass/Makefile	Wed Mar 04 11:05:02 2009 +0100
    16.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.3 @@ -1,36 +0,0 @@
    16.4 -#
    16.5 -# $Id$
    16.6 -#
    16.7 -
    16.8 -## targets
    16.9 -
   16.10 -default: dvi
   16.11 -
   16.12 -
   16.13 -## dependencies
   16.14 -
   16.15 -include ../Makefile.in
   16.16 -
   16.17 -NAME = axclass
   16.18 -
   16.19 -FILES = axclass.tex body.tex ../iman.sty ../extra.sty ../isar.sty	\
   16.20 -  ../isabelle.sty ../isabellesym.sty ../pdfsetup.sty			\
   16.21 -  Group/document/Group.tex Nat/document/NatClass.tex			\
   16.22 -  Group/document/Product.tex Group/document/Semigroups.tex
   16.23 -
   16.24 -dvi: $(NAME).dvi
   16.25 -
   16.26 -$(NAME).dvi: $(FILES) isabelle_isar.eps
   16.27 -	$(LATEX) $(NAME)
   16.28 -	$(BIBTEX) $(NAME)
   16.29 -	$(LATEX) $(NAME)
   16.30 -	$(LATEX) $(NAME)
   16.31 -
   16.32 -pdf: $(NAME).pdf
   16.33 -
   16.34 -$(NAME).pdf: $(FILES) isabelle_isar.pdf
   16.35 -	$(PDFLATEX) $(NAME)
   16.36 -	$(FIXBOOKMARKS) $(NAME).out
   16.37 -	$(BIBTEX) $(NAME)
   16.38 -	$(PDFLATEX) $(NAME)
   16.39 -	$(PDFLATEX) $(NAME)
    17.1 --- a/doc-src/AxClass/Nat/NatClass.thy	Wed Mar 04 11:05:02 2009 +0100
    17.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.3 @@ -1,117 +0,0 @@
    17.4 -
    17.5 -header {* Defining natural numbers in FOL \label{sec:ex-natclass} *}
    17.6 -
    17.7 -theory NatClass imports FOL begin
    17.8 -
    17.9 -text {*
   17.10 - \medskip\noindent Axiomatic type classes abstract over exactly one
   17.11 - type argument. Thus, any \emph{axiomatic} theory extension where each
   17.12 - axiom refers to at most one type variable, may be trivially turned
   17.13 - into a \emph{definitional} one.
   17.14 -
   17.15 - We illustrate this with the natural numbers in
   17.16 - Isabelle/FOL.\footnote{See also
   17.17 - \url{http://isabelle.in.tum.de/library/FOL/ex/NatClass.html}}
   17.18 -*}
   17.19 -
   17.20 -consts
   17.21 -  zero :: 'a    ("\<zero>")
   17.22 -  Suc :: "'a \<Rightarrow> 'a"
   17.23 -  rec :: "'a \<Rightarrow> 'a \<Rightarrow> ('a \<Rightarrow> 'a \<Rightarrow> 'a) \<Rightarrow> 'a"
   17.24 -
   17.25 -axclass nat \<subseteq> "term"
   17.26 -  induct: "P(\<zero>) \<Longrightarrow> (\<And>x. P(x) \<Longrightarrow> P(Suc(x))) \<Longrightarrow> P(n)"
   17.27 -  Suc_inject: "Suc(m) = Suc(n) \<Longrightarrow> m = n"
   17.28 -  Suc_neq_0: "Suc(m) = \<zero> \<Longrightarrow> R"
   17.29 -  rec_0: "rec(\<zero>, a, f) = a"
   17.30 -  rec_Suc: "rec(Suc(m), a, f) = f(m, rec(m, a, f))"
   17.31 -
   17.32 -constdefs
   17.33 -  add :: "'a::nat \<Rightarrow> 'a \<Rightarrow> 'a"    (infixl "+" 60)
   17.34 -  "m + n \<equiv> rec(m, n, \<lambda>x y. Suc(y))"
   17.35 -
   17.36 -text {*
   17.37 - This is an abstract version of the plain @{text Nat} theory in
   17.38 - FOL.\footnote{See
   17.39 - \url{http://isabelle.in.tum.de/library/FOL/ex/Nat.html}} Basically,
   17.40 - we have just replaced all occurrences of type @{text nat} by @{typ
   17.41 - 'a} and used the natural number axioms to define class @{text nat}.
   17.42 - There is only a minor snag, that the original recursion operator
   17.43 - @{term rec} had to be made monomorphic.
   17.44 -
   17.45 - Thus class @{text nat} contains exactly those types @{text \<tau>} that
   17.46 - are isomorphic to ``the'' natural numbers (with signature @{term
   17.47 - \<zero>}, @{term Suc}, @{term rec}).
   17.48 -
   17.49 - \medskip What we have done here can be also viewed as \emph{type
   17.50 - specification}.  Of course, it still remains open if there is some
   17.51 - type at all that meets the class axioms.  Now a very nice property of
   17.52 - axiomatic type classes is that abstract reasoning is always possible
   17.53 - --- independent of satisfiability.  The meta-logic won't break, even
   17.54 - if some classes (or general sorts) turns out to be empty later ---
   17.55 - ``inconsistent'' class definitions may be useless, but do not cause
   17.56 - any harm.
   17.57 -
   17.58 - Theorems of the abstract natural numbers may be derived in the same
   17.59 - way as for the concrete version.  The original proof scripts may be
   17.60 - re-used with some trivial changes only (mostly adding some type
   17.61 - constraints).
   17.62 -*}
   17.63 -
   17.64 -(*<*)
   17.65 -lemma Suc_n_not_n: "Suc(k) ~= (k::'a::nat)"
   17.66 -apply (rule_tac n = k in induct)
   17.67 -apply (rule notI)
   17.68 -apply (erule Suc_neq_0)
   17.69 -apply (rule notI)
   17.70 -apply (erule notE)
   17.71 -apply (erule Suc_inject)
   17.72 -done
   17.73 -
   17.74 -lemma "(k+m)+n = k+(m+n)"
   17.75 -apply (rule induct)
   17.76 -back
   17.77 -back
   17.78 -back
   17.79 -back
   17.80 -back
   17.81 -back
   17.82 -oops
   17.83 -
   17.84 -lemma add_0 [simp]: "\<zero>+n = n"
   17.85 -apply (unfold add_def)
   17.86 -apply (rule rec_0)
   17.87 -done
   17.88 -
   17.89 -lemma add_Suc [simp]: "Suc(m)+n = Suc(m+n)"
   17.90 -apply (unfold add_def)
   17.91 -apply (rule rec_Suc)
   17.92 -done
   17.93 -
   17.94 -lemma add_assoc: "(k+m)+n = k+(m+n)"
   17.95 -apply (rule_tac n = k in induct)
   17.96 -apply simp
   17.97 -apply simp
   17.98 -done
   17.99 -
  17.100 -lemma add_0_right: "m+\<zero> = m"
  17.101 -apply (rule_tac n = m in induct)
  17.102 -apply simp
  17.103 -apply simp
  17.104 -done
  17.105 -
  17.106 -lemma add_Suc_right: "m+Suc(n) = Suc(m+n)"
  17.107 -apply (rule_tac n = m in induct)
  17.108 -apply simp_all
  17.109 -done
  17.110 -
  17.111 -lemma
  17.112 -  assumes prem: "!!n. f(Suc(n)) = Suc(f(n))"
  17.113 -  shows "f(i+j) = i+f(j)"
  17.114 -apply (rule_tac n = i in induct)
  17.115 -apply simp
  17.116 -apply (simp add: prem)
  17.117 -done
  17.118 -(*>*)
  17.119 -
  17.120 -end
  17.121 \ No newline at end of file
    18.1 --- a/doc-src/AxClass/Nat/ROOT.ML	Wed Mar 04 11:05:02 2009 +0100
    18.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.3 @@ -1,2 +0,0 @@
    18.4 -
    18.5 -use_thy "NatClass";
    19.1 --- a/doc-src/AxClass/Nat/document/NatClass.tex	Wed Mar 04 11:05:02 2009 +0100
    19.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    19.3 @@ -1,201 +0,0 @@
    19.4 -%
    19.5 -\begin{isabellebody}%
    19.6 -\def\isabellecontext{NatClass}%
    19.7 -%
    19.8 -\isamarkupheader{Defining natural numbers in FOL \label{sec:ex-natclass}%
    19.9 -}
   19.10 -\isamarkuptrue%
   19.11 -%
   19.12 -\isadelimtheory
   19.13 -%
   19.14 -\endisadelimtheory
   19.15 -%
   19.16 -\isatagtheory
   19.17 -\isacommand{theory}\isamarkupfalse%
   19.18 -\ NatClass\ \isakeyword{imports}\ FOL\ \isakeyword{begin}%
   19.19 -\endisatagtheory
   19.20 -{\isafoldtheory}%
   19.21 -%
   19.22 -\isadelimtheory
   19.23 -%
   19.24 -\endisadelimtheory
   19.25 -%
   19.26 -\begin{isamarkuptext}%
   19.27 -\medskip\noindent Axiomatic type classes abstract over exactly one
   19.28 - type argument. Thus, any \emph{axiomatic} theory extension where each
   19.29 - axiom refers to at most one type variable, may be trivially turned
   19.30 - into a \emph{definitional} one.
   19.31 -
   19.32 - We illustrate this with the natural numbers in
   19.33 - Isabelle/FOL.\footnote{See also
   19.34 - \url{http://isabelle.in.tum.de/library/FOL/ex/NatClass.html}}%
   19.35 -\end{isamarkuptext}%
   19.36 -\isamarkuptrue%
   19.37 -\isacommand{consts}\isamarkupfalse%
   19.38 -\isanewline
   19.39 -\ \ zero\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\ \ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isasymzero}{\isachardoublequoteclose}{\isacharparenright}\isanewline
   19.40 -\ \ Suc\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\isanewline
   19.41 -\ \ rec\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isacharparenright}\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\isanewline
   19.42 -\isanewline
   19.43 -\isacommand{axclass}\isamarkupfalse%
   19.44 -\ nat\ {\isasymsubseteq}\ {\isachardoublequoteopen}term{\isachardoublequoteclose}\isanewline
   19.45 -\ \ induct{\isacharcolon}\ {\isachardoublequoteopen}P{\isacharparenleft}{\isasymzero}{\isacharparenright}\ {\isasymLongrightarrow}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ P{\isacharparenleft}x{\isacharparenright}\ {\isasymLongrightarrow}\ P{\isacharparenleft}Suc{\isacharparenleft}x{\isacharparenright}{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\ P{\isacharparenleft}n{\isacharparenright}{\isachardoublequoteclose}\isanewline
   19.46 -\ \ Suc{\isacharunderscore}inject{\isacharcolon}\ {\isachardoublequoteopen}Suc{\isacharparenleft}m{\isacharparenright}\ {\isacharequal}\ Suc{\isacharparenleft}n{\isacharparenright}\ {\isasymLongrightarrow}\ m\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
   19.47 -\ \ Suc{\isacharunderscore}neq{\isacharunderscore}{\isadigit{0}}{\isacharcolon}\ {\isachardoublequoteopen}Suc{\isacharparenleft}m{\isacharparenright}\ {\isacharequal}\ {\isasymzero}\ {\isasymLongrightarrow}\ R{\isachardoublequoteclose}\isanewline
   19.48 -\ \ rec{\isacharunderscore}{\isadigit{0}}{\isacharcolon}\ {\isachardoublequoteopen}rec{\isacharparenleft}{\isasymzero}{\isacharcomma}\ a{\isacharcomma}\ f{\isacharparenright}\ {\isacharequal}\ a{\isachardoublequoteclose}\isanewline
   19.49 -\ \ rec{\isacharunderscore}Suc{\isacharcolon}\ {\isachardoublequoteopen}rec{\isacharparenleft}Suc{\isacharparenleft}m{\isacharparenright}{\isacharcomma}\ a{\isacharcomma}\ f{\isacharparenright}\ {\isacharequal}\ f{\isacharparenleft}m{\isacharcomma}\ rec{\isacharparenleft}m{\isacharcomma}\ a{\isacharcomma}\ f{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
   19.50 -\isanewline
   19.51 -\isacommand{constdefs}\isamarkupfalse%
   19.52 -\isanewline
   19.53 -\ \ add\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a{\isacharcolon}{\isacharcolon}nat\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isacharplus}{\isachardoublequoteclose}\ {\isadigit{6}}{\isadigit{0}}{\isacharparenright}\isanewline
   19.54 -\ \ {\isachardoublequoteopen}m\ {\isacharplus}\ n\ {\isasymequiv}\ rec{\isacharparenleft}m{\isacharcomma}\ n{\isacharcomma}\ {\isasymlambda}x\ y{\isachardot}\ Suc{\isacharparenleft}y{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
   19.55 -\begin{isamarkuptext}%
   19.56 -This is an abstract version of the plain \isa{Nat} theory in
   19.57 - FOL.\footnote{See
   19.58 - \url{http://isabelle.in.tum.de/library/FOL/ex/Nat.html}} Basically,
   19.59 - we have just replaced all occurrences of type \isa{nat} by \isa{{\isacharprime}a} and used the natural number axioms to define class \isa{nat}.
   19.60 - There is only a minor snag, that the original recursion operator
   19.61 - \isa{rec} had to be made monomorphic.
   19.62 -
   19.63 - Thus class \isa{nat} contains exactly those types \isa{{\isasymtau}} that
   19.64 - are isomorphic to ``the'' natural numbers (with signature \isa{{\isasymzero}}, \isa{Suc}, \isa{rec}).
   19.65 -
   19.66 - \medskip What we have done here can be also viewed as \emph{type
   19.67 - specification}.  Of course, it still remains open if there is some
   19.68 - type at all that meets the class axioms.  Now a very nice property of
   19.69 - axiomatic type classes is that abstract reasoning is always possible
   19.70 - --- independent of satisfiability.  The meta-logic won't break, even
   19.71 - if some classes (or general sorts) turns out to be empty later ---
   19.72 - ``inconsistent'' class definitions may be useless, but do not cause
   19.73 - any harm.
   19.74 -
   19.75 - Theorems of the abstract natural numbers may be derived in the same
   19.76 - way as for the concrete version.  The original proof scripts may be
   19.77 - re-used with some trivial changes only (mostly adding some type
   19.78 - constraints).%
   19.79 -\end{isamarkuptext}%
   19.80 -\isamarkuptrue%
   19.81 -%
   19.82 -\isadelimproof
   19.83 -%
   19.84 -\endisadelimproof
   19.85 -%
   19.86 -\isatagproof
   19.87 -%
   19.88 -\endisatagproof
   19.89 -{\isafoldproof}%
   19.90 -%
   19.91 -\isadelimproof
   19.92 -%
   19.93 -\endisadelimproof
   19.94 -%
   19.95 -\isadelimproof
   19.96 -%
   19.97 -\endisadelimproof
   19.98 -%
   19.99 -\isatagproof
  19.100 -%
  19.101 -\endisatagproof
  19.102 -{\isafoldproof}%
  19.103 -%
  19.104 -\isadelimproof
  19.105 -%
  19.106 -\endisadelimproof
  19.107 -%
  19.108 -\isadelimproof
  19.109 -%
  19.110 -\endisadelimproof
  19.111 -%
  19.112 -\isatagproof
  19.113 -%
  19.114 -\endisatagproof
  19.115 -{\isafoldproof}%
  19.116 -%
  19.117 -\isadelimproof
  19.118 -%
  19.119 -\endisadelimproof
  19.120 -%
  19.121 -\isadelimproof
  19.122 -%
  19.123 -\endisadelimproof
  19.124 -%
  19.125 -\isatagproof
  19.126 -%
  19.127 -\endisatagproof
  19.128 -{\isafoldproof}%
  19.129 -%
  19.130 -\isadelimproof
  19.131 -%
  19.132 -\endisadelimproof
  19.133 -%
  19.134 -\isadelimproof
  19.135 -%
  19.136 -\endisadelimproof
  19.137 -%
  19.138 -\isatagproof
  19.139 -%
  19.140 -\endisatagproof
  19.141 -{\isafoldproof}%
  19.142 -%
  19.143 -\isadelimproof
  19.144 -%
  19.145 -\endisadelimproof
  19.146 -%
  19.147 -\isadelimproof
  19.148 -%
  19.149 -\endisadelimproof
  19.150 -%
  19.151 -\isatagproof
  19.152 -%
  19.153 -\endisatagproof
  19.154 -{\isafoldproof}%
  19.155 -%
  19.156 -\isadelimproof
  19.157 -%
  19.158 -\endisadelimproof
  19.159 -%
  19.160 -\isadelimproof
  19.161 -%
  19.162 -\endisadelimproof
  19.163 -%
  19.164 -\isatagproof
  19.165 -%
  19.166 -\endisatagproof
  19.167 -{\isafoldproof}%
  19.168 -%
  19.169 -\isadelimproof
  19.170 -%
  19.171 -\endisadelimproof
  19.172 -%
  19.173 -\isadelimproof
  19.174 -%
  19.175 -\endisadelimproof
  19.176 -%
  19.177 -\isatagproof
  19.178 -%
  19.179 -\endisatagproof
  19.180 -{\isafoldproof}%
  19.181 -%
  19.182 -\isadelimproof
  19.183 -\isanewline
  19.184 -%
  19.185 -\endisadelimproof
  19.186 -%
  19.187 -\isadelimtheory
  19.188 -%
  19.189 -\endisadelimtheory
  19.190 -%
  19.191 -\isatagtheory
  19.192 -\isacommand{end}\isamarkupfalse%
  19.193 -%
  19.194 -\endisatagtheory
  19.195 -{\isafoldtheory}%
  19.196 -%
  19.197 -\isadelimtheory
  19.198 -%
  19.199 -\endisadelimtheory
  19.200 -\end{isabellebody}%
  19.201 -%%% Local Variables:
  19.202 -%%% mode: latex
  19.203 -%%% TeX-master: "root"
  19.204 -%%% End:
    20.1 --- a/doc-src/AxClass/axclass.tex	Wed Mar 04 11:05:02 2009 +0100
    20.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.3 @@ -1,80 +0,0 @@
    20.4 -
    20.5 -\documentclass[12pt,a4paper,fleqn]{report}
    20.6 -\usepackage{graphicx,../iman,../extra,../isar}
    20.7 -\usepackage{../isabelle,../isabellesym}
    20.8 -\usepackage{../pdfsetup}  % last one!
    20.9 -
   20.10 -\isabellestyle{it}
   20.11 -\newcommand{\isasyminv}{\isamath{{}^{-1}}}
   20.12 -\renewcommand{\isasymzero}{\isamath{0}}
   20.13 -\renewcommand{\isasymone}{\isamath{1}}
   20.14 -
   20.15 -\newcommand{\secref}[1]{\S\ref{#1}}
   20.16 -\newcommand{\figref}[1]{figure~\ref{#1}}
   20.17 -
   20.18 -\hyphenation{Isabelle}
   20.19 -\hyphenation{Isar}
   20.20 -\hyphenation{Haskell}
   20.21 -
   20.22 -\title{\includegraphics[scale=0.5]{isabelle_isar}
   20.23 -  \\[4ex] Using Axiomatic Type Classes in Isabelle}
   20.24 -\author{\emph{Markus Wenzel} \\ TU M\"unchen}
   20.25 -
   20.26 -
   20.27 -\setcounter{secnumdepth}{2} \setcounter{tocdepth}{2}
   20.28 -
   20.29 -\pagestyle{headings}
   20.30 -\sloppy
   20.31 -\binperiod     %%%treat . like a binary operator
   20.32 -
   20.33 -
   20.34 -\begin{document}
   20.35 -
   20.36 -\underscoreoff
   20.37 -
   20.38 -\maketitle 
   20.39 -
   20.40 -\begin{abstract}
   20.41 -  Isabelle offers order-sorted type classes on top of the simple types of
   20.42 -  plain Higher-Order Logic.  The resulting type system is similar to that of
   20.43 -  the programming language Haskell.  Its interpretation within the logic
   20.44 -  enables further application, though, apart from restricting polymorphism
   20.45 -  syntactically.  In particular, the concept of \emph{Axiomatic Type Classes}
   20.46 -  provides a useful light-weight mechanism for hierarchically-structured
   20.47 -  abstract theories. Subsequently, we demonstrate typical uses of Isabelle's
   20.48 -  axiomatic type classes to model basic algebraic structures.
   20.49 -  
   20.50 -  This document describes axiomatic type classes using Isabelle/Isar theories,
   20.51 -  with proofs expressed via Isar proof language elements.  The new theory
   20.52 -  format greatly simplifies the arrangement of the overall development, since
   20.53 -  definitions and proofs may be freely intermixed.  Users who prefer tactic
   20.54 -  scripts over structured proofs do not need to fall back on separate ML
   20.55 -  scripts, though, but may refer to Isar's tactic emulation commands.
   20.56 -\end{abstract}
   20.57 -
   20.58 -
   20.59 -\pagenumbering{roman} \tableofcontents \clearfirst
   20.60 -
   20.61 -\include{body}
   20.62 -
   20.63 -%FIXME
   20.64 -\nocite{nipkow-types93}
   20.65 -\nocite{nipkow-sorts93}
   20.66 -\nocite{Wenzel:1997:TPHOL}
   20.67 -\nocite{paulson-isa-book}
   20.68 -\nocite{isabelle-isar-ref}
   20.69 -\nocite{Wenzel:1999:TPHOL}
   20.70 -
   20.71 -\begingroup
   20.72 -  \bibliographystyle{plain} \small\raggedright\frenchspacing
   20.73 -  \bibliography{../manual}
   20.74 -\endgroup
   20.75 -
   20.76 -\end{document}
   20.77 -
   20.78 -
   20.79 -%%% Local Variables: 
   20.80 -%%% mode: latex
   20.81 -%%% TeX-master: t
   20.82 -%%% End: 
   20.83 -% LocalWords:  Isabelle FIXME
    21.1 --- a/doc-src/AxClass/body.tex	Wed Mar 04 11:05:02 2009 +0100
    21.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.3 @@ -1,166 +0,0 @@
    21.4 -
    21.5 -\chapter{Introduction}
    21.6 -
    21.7 -A Haskell-style type-system \cite{haskell-report} with ordered type-classes
    21.8 -has been present in Isabelle since 1991 already \cite{nipkow-sorts93}.
    21.9 -Initially, classes have mainly served as a \emph{purely syntactic} tool to
   21.10 -formulate polymorphic object-logics in a clean way, such as the standard
   21.11 -Isabelle formulation of many-sorted FOL \cite{paulson-isa-book}.
   21.12 -
   21.13 -Applying classes at the \emph{logical level} to provide a simple notion of
   21.14 -abstract theories and instantiations to concrete ones, has been long proposed
   21.15 -as well \cite{nipkow-types93,nipkow-sorts93}.  At that time, Isabelle still
   21.16 -lacked built-in support for these \emph{axiomatic type classes}. More
   21.17 -importantly, their semantics was not yet fully fleshed out (and unnecessarily
   21.18 -complicated, too).
   21.19 -
   21.20 -Since Isabelle94, actual axiomatic type classes have been an integral part of
   21.21 -Isabelle's meta-logic.  This very simple implementation is based on a
   21.22 -straight-forward extension of traditional simply-typed Higher-Order Logic, by
   21.23 -including types qualified by logical predicates and overloaded constant
   21.24 -definitions (see \cite{Wenzel:1997:TPHOL} for further details).
   21.25 -
   21.26 -Yet even until Isabelle99, there used to be still a fundamental methodological
   21.27 -problem in using axiomatic type classes conveniently, due to the traditional
   21.28 -distinction of Isabelle theory files vs.\ ML proof scripts.  This has been
   21.29 -finally overcome with the advent of Isabelle/Isar theories
   21.30 -\cite{isabelle-isar-ref}: now definitions and proofs may be freely intermixed.
   21.31 -This nicely accommodates the usual procedure of defining axiomatic type
   21.32 -classes, proving abstract properties, defining operations on concrete types,
   21.33 -proving concrete properties for instantiation of classes etc.
   21.34 -
   21.35 -\medskip
   21.36 -
   21.37 -So to cut a long story short, the present version of axiomatic type classes
   21.38 -now provides an even more useful and convenient mechanism for light-weight
   21.39 -abstract theories, without any special technical provisions to be observed by
   21.40 -the user.
   21.41 -
   21.42 -
   21.43 -\chapter{Examples}\label{sec:ex}
   21.44 -
   21.45 -Axiomatic type classes are a concept of Isabelle's meta-logic
   21.46 -\cite{paulson-isa-book,Wenzel:1997:TPHOL}.  They may be applied to any
   21.47 -object-logic that directly uses the meta type system, such as Isabelle/HOL
   21.48 -\cite{isabelle-HOL}.  Subsequently, we present various examples that are all
   21.49 -formulated within HOL, except the one of \secref{sec:ex-natclass} which is in
   21.50 -FOL.  See also \url{http://isabelle.in.tum.de/library/HOL/AxClasses/} and
   21.51 -\url{http://isabelle.in.tum.de/library/FOL/ex/NatClass.html}.
   21.52 -
   21.53 -\input{Group/document/Semigroups}
   21.54 -
   21.55 -\input{Group/document/Group}
   21.56 -
   21.57 -\input{Group/document/Product}
   21.58 -
   21.59 -\input{Nat/document/NatClass}
   21.60 -
   21.61 -
   21.62 -%% FIXME move some parts to ref or isar-ref manual (!?);
   21.63 -
   21.64 -% \chapter{The user interface of Isabelle's axclass package}
   21.65 -
   21.66 -% The actual axiomatic type class package of Isabelle/Pure mainly consists
   21.67 -% of two new theory sections: \texttt{axclass} and \texttt{instance}.  Some
   21.68 -% typical applications of these have already been demonstrated in
   21.69 -% \secref{sec:ex}, below their syntax and semantics are presented more
   21.70 -% completely.
   21.71 -
   21.72 -
   21.73 -% \section{The axclass section}
   21.74 -
   21.75 -% Within theory files, \texttt{axclass} introduces an axiomatic type class
   21.76 -% definition. Its concrete syntax is:
   21.77 -
   21.78 -% \begin{matharray}{l}
   21.79 -%   \texttt{axclass} \\
   21.80 -%   \ \ c \texttt{ < } c@1\texttt, \ldots\texttt, c@n \\
   21.81 -%   \ \ id@1\ axm@1 \\
   21.82 -%   \ \ \vdots \\
   21.83 -%   \ \ id@m\ axm@m
   21.84 -% \emphnd{matharray}
   21.85 -
   21.86 -% Where $c, c@1, \ldots, c@n$ are classes (category $id$ or
   21.87 -% $string$) and $axm@1, \ldots, axm@m$ (with $m \geq
   21.88 -% 0$) are formulas (category $string$).
   21.89 -
   21.90 -% Class $c$ has to be new, and sort $\{c@1, \ldots, c@n\}$ a subsort of
   21.91 -% \texttt{logic}. Each class axiom $axm@j$ may contain any term
   21.92 -% variables, but at most one type variable (which need not be the same
   21.93 -% for all axioms). The sort of this type variable has to be a supersort
   21.94 -% of $\{c@1, \ldots, c@n\}$.
   21.95 -
   21.96 -% \medskip
   21.97 -
   21.98 -% The \texttt{axclass} section declares $c$ as subclass of $c@1, \ldots,
   21.99 -% c@n$ to the type signature.
  21.100 -
  21.101 -% Furthermore, $axm@1, \ldots, axm@m$ are turned into the
  21.102 -% ``abstract axioms'' of $c$ with names $id@1, \ldots,
  21.103 -% id@m$.  This is done by replacing all occurring type variables
  21.104 -% by $\alpha :: c$. Original axioms that do not contain any type
  21.105 -% variable will be prefixed by the logical precondition
  21.106 -% $\texttt{OFCLASS}(\alpha :: \texttt{logic}, c\texttt{_class})$.
  21.107 -
  21.108 -% Another axiom of name $c\texttt{I}$ --- the ``class $c$ introduction
  21.109 -% rule'' --- is built from the respective universal closures of
  21.110 -% $axm@1, \ldots, axm@m$ appropriately.
  21.111 -
  21.112 -
  21.113 -% \section{The instance section}
  21.114 -
  21.115 -% Section \texttt{instance} proves class inclusions or type arities at the
  21.116 -% logical level and then transfers these into the type signature.
  21.117 -
  21.118 -% Its concrete syntax is:
  21.119 -
  21.120 -% \begin{matharray}{l}
  21.121 -%   \texttt{instance} \\
  21.122 -%   \ \ [\ c@1 \texttt{ < } c@2 \ |\
  21.123 -%       t \texttt{ ::\ (}sort@1\texttt, \ldots \texttt, sort@n\texttt) sort\ ] \\
  21.124 -%   \ \ [\ \texttt(name@1 \texttt, \ldots\texttt, name@m\texttt)\ ] \\
  21.125 -%   \ \ [\ \texttt{\{|} text \texttt{|\}}\ ]
  21.126 -% \emphnd{matharray}
  21.127 -
  21.128 -% Where $c@1, c@2$ are classes and $t$ is an $n$-place type constructor
  21.129 -% (all of category $id$ or $string)$. Furthermore,
  21.130 -% $sort@i$ are sorts in the usual Isabelle-syntax.
  21.131 -
  21.132 -% \medskip
  21.133 -
  21.134 -% Internally, \texttt{instance} first sets up an appropriate goal that
  21.135 -% expresses the class inclusion or type arity as a meta-proposition.
  21.136 -% Then tactic \texttt{AxClass.axclass_tac} is applied with all preceding
  21.137 -% meta-definitions of the current theory file and the user-supplied
  21.138 -% witnesses. The latter are $name@1, \ldots, name@m$, where
  21.139 -% $id$ refers to an \ML-name of a theorem, and $string$ to an
  21.140 -% axiom of the current theory node\footnote{Thus, the user may reference
  21.141 -%   axioms from above this \texttt{instance} in the theory file. Note
  21.142 -%   that new axioms appear at the \ML-toplevel only after the file is
  21.143 -%   processed completely.}.
  21.144 -
  21.145 -% Tactic \texttt{AxClass.axclass_tac} first unfolds the class definition by
  21.146 -% resolving with rule $c\texttt\texttt{I}$, and then applies the witnesses
  21.147 -% according to their form: Meta-definitions are unfolded, all other
  21.148 -% formulas are repeatedly resolved\footnote{This is done in a way that
  21.149 -%   enables proper object-\emph{rules} to be used as witnesses for
  21.150 -%   corresponding class axioms.} with.
  21.151 -
  21.152 -% The final optional argument $text$ is \ML-code of an arbitrary
  21.153 -% user tactic which is applied last to any remaining goals.
  21.154 -
  21.155 -% \medskip
  21.156 -
  21.157 -% Because of the complexity of \texttt{instance}'s witnessing mechanisms,
  21.158 -% new users of the axclass package are advised to only use the simple
  21.159 -% form $\texttt{instance}\ \ldots\ (id@1, \ldots, id@!m)$, where
  21.160 -% the identifiers refer to theorems that are appropriate type instances
  21.161 -% of the class axioms. This typically requires an auxiliary theory,
  21.162 -% though, which defines some constants and then proves these witnesses.
  21.163 -
  21.164 -
  21.165 -%%% Local Variables: 
  21.166 -%%% mode: latex
  21.167 -%%% TeX-master: "axclass"
  21.168 -%%% End: 
  21.169 -% LocalWords:  Isabelle FOL
    22.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    22.2 +++ b/doc-src/Classes/IsaMakefile	Wed Mar 04 11:05:29 2009 +0100
    22.3 @@ -0,0 +1,33 @@
    22.4 +
    22.5 +## targets
    22.6 +
    22.7 +default: Thy
    22.8 +images: 
    22.9 +test: Thy
   22.10 +
   22.11 +all: images test
   22.12 +
   22.13 +
   22.14 +## global settings
   22.15 +
   22.16 +SRC = $(ISABELLE_HOME)/src
   22.17 +OUT = $(ISABELLE_OUTPUT)
   22.18 +LOG = $(OUT)/log
   22.19 +
   22.20 +USEDIR = $(ISABELLE_TOOL) usedir -v true -i false -d false -C false -D document
   22.21 +
   22.22 +
   22.23 +## Thy
   22.24 +
   22.25 +THY = $(LOG)/HOL-Thy.gz
   22.26 +
   22.27 +Thy: $(THY)
   22.28 +
   22.29 +$(THY): Thy/ROOT.ML Thy/Setup.thy Thy/Classes.thy ../antiquote_setup.ML ../more_antiquote.ML
   22.30 +	@$(USEDIR) HOL Thy
   22.31 +
   22.32 +
   22.33 +## clean
   22.34 +
   22.35 +clean:
   22.36 +	@rm -f $(THY)
    23.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    23.2 +++ b/doc-src/Classes/Makefile	Wed Mar 04 11:05:29 2009 +0100
    23.3 @@ -0,0 +1,35 @@
    23.4 +
    23.5 +## targets
    23.6 +
    23.7 +default: dvi
    23.8 +
    23.9 +
   23.10 +## dependencies
   23.11 +
   23.12 +include ../Makefile.in
   23.13 +
   23.14 +NAME = classes
   23.15 +
   23.16 +FILES = $(NAME).tex classes.tex Thy/document/Classes.tex \
   23.17 +  style.sty ../iman.sty ../extra.sty ../isar.sty \
   23.18 +  ../isabelle.sty ../isabellesym.sty ../pdfsetup.sty \
   23.19 +  ../manual.bib ../proof.sty
   23.20 +
   23.21 +dvi: $(NAME).dvi
   23.22 +
   23.23 +$(NAME).dvi: $(FILES) isabelle_isar.eps
   23.24 +	$(LATEX) $(NAME)
   23.25 +	$(BIBTEX) $(NAME)
   23.26 +	$(LATEX) $(NAME)
   23.27 +	$(LATEX) $(NAME)
   23.28 +
   23.29 +pdf: $(NAME).pdf
   23.30 +
   23.31 +$(NAME).pdf: $(FILES) isabelle_isar.pdf
   23.32 +	$(PDFLATEX) $(NAME)
   23.33 +	$(BIBTEX) $(NAME)
   23.34 +	$(PDFLATEX) $(NAME)
   23.35 +	$(PDFLATEX) $(NAME)
   23.36 +	$(FIXBOOKMARKS) $(NAME).out
   23.37 +	$(PDFLATEX) $(NAME)
   23.38 +	$(PDFLATEX) $(NAME)
    24.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    24.2 +++ b/doc-src/Classes/Thy/Classes.thy	Wed Mar 04 11:05:29 2009 +0100
    24.3 @@ -0,0 +1,634 @@
    24.4 +theory Classes
    24.5 +imports Main Setup
    24.6 +begin
    24.7 +
    24.8 +section {* Introduction *}
    24.9 +
   24.10 +text {*
   24.11 +  Type classes were introduces by Wadler and Blott \cite{wadler89how}
   24.12 +  into the Haskell language, to allow for a reasonable implementation
   24.13 +  of overloading\footnote{throughout this tutorial, we are referring
   24.14 +  to classical Haskell 1.0 type classes, not considering
   24.15 +  later additions in expressiveness}.
   24.16 +  As a canonical example, a polymorphic equality function
   24.17 +  @{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} which is overloaded on different
   24.18 +  types for @{text "\<alpha>"}, which is achieved by splitting introduction
   24.19 +  of the @{text eq} function from its overloaded definitions by means
   24.20 +  of @{text class} and @{text instance} declarations:
   24.21 +  \footnote{syntax here is a kind of isabellized Haskell}
   24.22 +
   24.23 +  \begin{quote}
   24.24 +
   24.25 +  \noindent@{text "class eq where"} \\
   24.26 +  \hspace*{2ex}@{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"}
   24.27 +
   24.28 +  \medskip\noindent@{text "instance nat \<Colon> eq where"} \\
   24.29 +  \hspace*{2ex}@{text "eq 0 0 = True"} \\
   24.30 +  \hspace*{2ex}@{text "eq 0 _ = False"} \\
   24.31 +  \hspace*{2ex}@{text "eq _ 0 = False"} \\
   24.32 +  \hspace*{2ex}@{text "eq (Suc n) (Suc m) = eq n m"}
   24.33 +
   24.34 +  \medskip\noindent@{text "instance (\<alpha>\<Colon>eq, \<beta>\<Colon>eq) pair \<Colon> eq where"} \\
   24.35 +  \hspace*{2ex}@{text "eq (x1, y1) (x2, y2) = eq x1 x2 \<and> eq y1 y2"}
   24.36 +
   24.37 +  \medskip\noindent@{text "class ord extends eq where"} \\
   24.38 +  \hspace*{2ex}@{text "less_eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} \\
   24.39 +  \hspace*{2ex}@{text "less \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"}
   24.40 +
   24.41 +  \end{quote}
   24.42 +
   24.43 +  \noindent Type variables are annotated with (finitely many) classes;
   24.44 +  these annotations are assertions that a particular polymorphic type
   24.45 +  provides definitions for overloaded functions.
   24.46 +
   24.47 +  Indeed, type classes not only allow for simple overloading
   24.48 +  but form a generic calculus, an instance of order-sorted
   24.49 +  algebra \cite{Nipkow-Prehofer:1993,nipkow-sorts93,Wenzel:1997:TPHOL}.
   24.50 +
   24.51 +  From a software engeneering point of view, type classes
   24.52 +  roughly correspond to interfaces in object-oriented languages like Java;
   24.53 +  so, it is naturally desirable that type classes do not only
   24.54 +  provide functions (class parameters) but also state specifications
   24.55 +  implementations must obey.  For example, the @{text "class eq"}
   24.56 +  above could be given the following specification, demanding that
   24.57 +  @{text "class eq"} is an equivalence relation obeying reflexivity,
   24.58 +  symmetry and transitivity:
   24.59 +
   24.60 +  \begin{quote}
   24.61 +
   24.62 +  \noindent@{text "class eq where"} \\
   24.63 +  \hspace*{2ex}@{text "eq \<Colon> \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool"} \\
   24.64 +  @{text "satisfying"} \\
   24.65 +  \hspace*{2ex}@{text "refl: eq x x"} \\
   24.66 +  \hspace*{2ex}@{text "sym: eq x y \<longleftrightarrow> eq x y"} \\
   24.67 +  \hspace*{2ex}@{text "trans: eq x y \<and> eq y z \<longrightarrow> eq x z"}
   24.68 +
   24.69 +  \end{quote}
   24.70 +
   24.71 +  \noindent From a theoretic point of view, type classes are lightweight
   24.72 +  modules; Haskell type classes may be emulated by
   24.73 +  SML functors \cite{classes_modules}. 
   24.74 +  Isabelle/Isar offers a discipline of type classes which brings
   24.75 +  all those aspects together:
   24.76 +
   24.77 +  \begin{enumerate}
   24.78 +    \item specifying abstract parameters together with
   24.79 +       corresponding specifications,
   24.80 +    \item instantiating those abstract parameters by a particular
   24.81 +       type
   24.82 +    \item in connection with a ``less ad-hoc'' approach to overloading,
   24.83 +    \item with a direct link to the Isabelle module system
   24.84 +      (aka locales \cite{kammueller-locales}).
   24.85 +  \end{enumerate}
   24.86 +
   24.87 +  \noindent Isar type classes also directly support code generation
   24.88 +  in a Haskell like fashion.
   24.89 +
   24.90 +  This tutorial demonstrates common elements of structured specifications
   24.91 +  and abstract reasoning with type classes by the algebraic hierarchy of
   24.92 +  semigroups, monoids and groups.  Our background theory is that of
   24.93 +  Isabelle/HOL \cite{isa-tutorial}, for which some
   24.94 +  familiarity is assumed.
   24.95 +
   24.96 +  Here we merely present the look-and-feel for end users.
   24.97 +  Internally, those are mapped to more primitive Isabelle concepts.
   24.98 +  See \cite{Haftmann-Wenzel:2006:classes} for more detail.
   24.99 +*}
  24.100 +
  24.101 +section {* A simple algebra example \label{sec:example} *}
  24.102 +
  24.103 +subsection {* Class definition *}
  24.104 +
  24.105 +text {*
  24.106 +  Depending on an arbitrary type @{text "\<alpha>"}, class @{text
  24.107 +  "semigroup"} introduces a binary operator @{text "(\<otimes>)"} that is
  24.108 +  assumed to be associative:
  24.109 +*}
  24.110 +
  24.111 +class %quote semigroup =
  24.112 +  fixes mult :: "\<alpha> \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>"    (infixl "\<otimes>" 70)
  24.113 +  assumes assoc: "(x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"
  24.114 +
  24.115 +text {*
  24.116 +  \noindent This @{command class} specification consists of two
  24.117 +  parts: the \qn{operational} part names the class parameter
  24.118 +  (@{element "fixes"}), the \qn{logical} part specifies properties on them
  24.119 +  (@{element "assumes"}).  The local @{element "fixes"} and
  24.120 +  @{element "assumes"} are lifted to the theory toplevel,
  24.121 +  yielding the global
  24.122 +  parameter @{term [source] "mult \<Colon> \<alpha>\<Colon>semigroup \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>"} and the
  24.123 +  global theorem @{fact "semigroup.assoc:"}~@{prop [source] "\<And>x y
  24.124 +  z \<Colon> \<alpha>\<Colon>semigroup. (x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"}.
  24.125 +*}
  24.126 +
  24.127 +
  24.128 +subsection {* Class instantiation \label{sec:class_inst} *}
  24.129 +
  24.130 +text {*
  24.131 +  The concrete type @{typ int} is made a @{class semigroup}
  24.132 +  instance by providing a suitable definition for the class parameter
  24.133 +  @{text "(\<otimes>)"} and a proof for the specification of @{fact assoc}.
  24.134 +  This is accomplished by the @{command instantiation} target:
  24.135 +*}
  24.136 +
  24.137 +instantiation %quote int :: semigroup
  24.138 +begin
  24.139 +
  24.140 +definition %quote
  24.141 +  mult_int_def: "i \<otimes> j = i + (j\<Colon>int)"
  24.142 +
  24.143 +instance %quote proof
  24.144 +  fix i j k :: int have "(i + j) + k = i + (j + k)" by simp
  24.145 +  then show "(i \<otimes> j) \<otimes> k = i \<otimes> (j \<otimes> k)"
  24.146 +    unfolding mult_int_def .
  24.147 +qed
  24.148 +
  24.149 +end %quote
  24.150 +
  24.151 +text {*
  24.152 +  \noindent @{command instantiation} allows to define class parameters
  24.153 +  at a particular instance using common specification tools (here,
  24.154 +  @{command definition}).  The concluding @{command instance}
  24.155 +  opens a proof that the given parameters actually conform
  24.156 +  to the class specification.  Note that the first proof step
  24.157 +  is the @{method default} method,
  24.158 +  which for such instance proofs maps to the @{method intro_classes} method.
  24.159 +  This boils down an instance judgement to the relevant primitive
  24.160 +  proof goals and should conveniently always be the first method applied
  24.161 +  in an instantiation proof.
  24.162 +
  24.163 +  From now on, the type-checker will consider @{typ int}
  24.164 +  as a @{class semigroup} automatically, i.e.\ any general results
  24.165 +  are immediately available on concrete instances.
  24.166 +
  24.167 +  \medskip Another instance of @{class semigroup} are the natural numbers:
  24.168 +*}
  24.169 +
  24.170 +instantiation %quote nat :: semigroup
  24.171 +begin
  24.172 +
  24.173 +primrec %quote mult_nat where
  24.174 +  "(0\<Colon>nat) \<otimes> n = n"
  24.175 +  | "Suc m \<otimes> n = Suc (m \<otimes> n)"
  24.176 +
  24.177 +instance %quote proof
  24.178 +  fix m n q :: nat 
  24.179 +  show "m \<otimes> n \<otimes> q = m \<otimes> (n \<otimes> q)"
  24.180 +    by (induct m) auto
  24.181 +qed
  24.182 +
  24.183 +end %quote
  24.184 +
  24.185 +text {*
  24.186 +  \noindent Note the occurence of the name @{text mult_nat}
  24.187 +  in the primrec declaration;  by default, the local name of
  24.188 +  a class operation @{text f} to instantiate on type constructor
  24.189 +  @{text \<kappa>} are mangled as @{text f_\<kappa>}.  In case of uncertainty,
  24.190 +  these names may be inspected using the @{command "print_context"} command
  24.191 +  or the corresponding ProofGeneral button.
  24.192 +*}
  24.193 +
  24.194 +subsection {* Lifting and parametric types *}
  24.195 +
  24.196 +text {*
  24.197 +  Overloaded definitions giving on class instantiation
  24.198 +  may include recursion over the syntactic structure of types.
  24.199 +  As a canonical example, we model product semigroups
  24.200 +  using our simple algebra:
  24.201 +*}
  24.202 +
  24.203 +instantiation %quote * :: (semigroup, semigroup) semigroup
  24.204 +begin
  24.205 +
  24.206 +definition %quote
  24.207 +  mult_prod_def: "p\<^isub>1 \<otimes> p\<^isub>2 = (fst p\<^isub>1 \<otimes> fst p\<^isub>2, snd p\<^isub>1 \<otimes> snd p\<^isub>2)"
  24.208 +
  24.209 +instance %quote proof
  24.210 +  fix p\<^isub>1 p\<^isub>2 p\<^isub>3 :: "\<alpha>\<Colon>semigroup \<times> \<beta>\<Colon>semigroup"
  24.211 +  show "p\<^isub>1 \<otimes> p\<^isub>2 \<otimes> p\<^isub>3 = p\<^isub>1 \<otimes> (p\<^isub>2 \<otimes> p\<^isub>3)"
  24.212 +    unfolding mult_prod_def by (simp add: assoc)
  24.213 +qed      
  24.214 +
  24.215 +end %quote
  24.216 +
  24.217 +text {*
  24.218 +  \noindent Associativity from product semigroups is
  24.219 +  established using
  24.220 +  the definition of @{text "(\<otimes>)"} on products and the hypothetical
  24.221 +  associativity of the type components;  these hypotheses
  24.222 +  are facts due to the @{class semigroup} constraints imposed
  24.223 +  on the type components by the @{command instance} proposition.
  24.224 +  Indeed, this pattern often occurs with parametric types
  24.225 +  and type classes.
  24.226 +*}
  24.227 +
  24.228 +
  24.229 +subsection {* Subclassing *}
  24.230 +
  24.231 +text {*
  24.232 +  We define a subclass @{text monoidl} (a semigroup with a left-hand neutral)
  24.233 +  by extending @{class semigroup}
  24.234 +  with one additional parameter @{text neutral} together
  24.235 +  with its property:
  24.236 +*}
  24.237 +
  24.238 +class %quote monoidl = semigroup +
  24.239 +  fixes neutral :: "\<alpha>" ("\<one>")
  24.240 +  assumes neutl: "\<one> \<otimes> x = x"
  24.241 +
  24.242 +text {*
  24.243 +  \noindent Again, we prove some instances, by
  24.244 +  providing suitable parameter definitions and proofs for the
  24.245 +  additional specifications.  Observe that instantiations
  24.246 +  for types with the same arity may be simultaneous:
  24.247 +*}
  24.248 +
  24.249 +instantiation %quote nat and int :: monoidl
  24.250 +begin
  24.251 +
  24.252 +definition %quote
  24.253 +  neutral_nat_def: "\<one> = (0\<Colon>nat)"
  24.254 +
  24.255 +definition %quote
  24.256 +  neutral_int_def: "\<one> = (0\<Colon>int)"
  24.257 +
  24.258 +instance %quote proof
  24.259 +  fix n :: nat
  24.260 +  show "\<one> \<otimes> n = n"
  24.261 +    unfolding neutral_nat_def by simp
  24.262 +next
  24.263 +  fix k :: int
  24.264 +  show "\<one> \<otimes> k = k"
  24.265 +    unfolding neutral_int_def mult_int_def by simp
  24.266 +qed
  24.267 +
  24.268 +end %quote
  24.269 +
  24.270 +instantiation %quote * :: (monoidl, monoidl) monoidl
  24.271 +begin
  24.272 +
  24.273 +definition %quote
  24.274 +  neutral_prod_def: "\<one> = (\<one>, \<one>)"
  24.275 +
  24.276 +instance %quote proof
  24.277 +  fix p :: "\<alpha>\<Colon>monoidl \<times> \<beta>\<Colon>monoidl"
  24.278 +  show "\<one> \<otimes> p = p"
  24.279 +    unfolding neutral_prod_def mult_prod_def by (simp add: neutl)
  24.280 +qed
  24.281 +
  24.282 +end %quote
  24.283 +
  24.284 +text {*
  24.285 +  \noindent Fully-fledged monoids are modelled by another subclass
  24.286 +  which does not add new parameters but tightens the specification:
  24.287 +*}
  24.288 +
  24.289 +class %quote monoid = monoidl +
  24.290 +  assumes neutr: "x \<otimes> \<one> = x"
  24.291 +
  24.292 +instantiation %quote nat and int :: monoid 
  24.293 +begin
  24.294 +
  24.295 +instance %quote proof
  24.296 +  fix n :: nat
  24.297 +  show "n \<otimes> \<one> = n"
  24.298 +    unfolding neutral_nat_def by (induct n) simp_all
  24.299 +next
  24.300 +  fix k :: int
  24.301 +  show "k \<otimes> \<one> = k"
  24.302 +    unfolding neutral_int_def mult_int_def by simp
  24.303 +qed
  24.304 +
  24.305 +end %quote
  24.306 +
  24.307 +instantiation %quote * :: (monoid, monoid) monoid
  24.308 +begin
  24.309 +
  24.310 +instance %quote proof 
  24.311 +  fix p :: "\<alpha>\<Colon>monoid \<times> \<beta>\<Colon>monoid"
  24.312 +  show "p \<otimes> \<one> = p"
  24.313 +    unfolding neutral_prod_def mult_prod_def by (simp add: neutr)
  24.314 +qed
  24.315 +
  24.316 +end %quote
  24.317 +
  24.318 +text {*
  24.319 +  \noindent To finish our small algebra example, we add a @{text group} class
  24.320 +  with a corresponding instance:
  24.321 +*}
  24.322 +
  24.323 +class %quote group = monoidl +
  24.324 +  fixes inverse :: "\<alpha> \<Rightarrow> \<alpha>"    ("(_\<div>)" [1000] 999)
  24.325 +  assumes invl: "x\<div> \<otimes> x = \<one>"
  24.326 +
  24.327 +instantiation %quote int :: group
  24.328 +begin
  24.329 +
  24.330 +definition %quote
  24.331 +  inverse_int_def: "i\<div> = - (i\<Colon>int)"
  24.332 +
  24.333 +instance %quote proof
  24.334 +  fix i :: int
  24.335 +  have "-i + i = 0" by simp
  24.336 +  then show "i\<div> \<otimes> i = \<one>"
  24.337 +    unfolding mult_int_def neutral_int_def inverse_int_def .
  24.338 +qed
  24.339 +
  24.340 +end %quote
  24.341 +
  24.342 +
  24.343 +section {* Type classes as locales *}
  24.344 +
  24.345 +subsection {* A look behind the scene *}
  24.346 +
  24.347 +text {*
  24.348 +  The example above gives an impression how Isar type classes work
  24.349 +  in practice.  As stated in the introduction, classes also provide
  24.350 +  a link to Isar's locale system.  Indeed, the logical core of a class
  24.351 +  is nothing else than a locale:
  24.352 +*}
  24.353 +
  24.354 +class %quote idem =
  24.355 +  fixes f :: "\<alpha> \<Rightarrow> \<alpha>"
  24.356 +  assumes idem: "f (f x) = f x"
  24.357 +
  24.358 +text {*
  24.359 +  \noindent essentially introduces the locale
  24.360 +*} (*<*)setup %invisible {* Sign.add_path "foo" *}
  24.361 +(*>*)
  24.362 +locale %quote idem =
  24.363 +  fixes f :: "\<alpha> \<Rightarrow> \<alpha>"
  24.364 +  assumes idem: "f (f x) = f x"
  24.365 +
  24.366 +text {* \noindent together with corresponding constant(s): *}
  24.367 +
  24.368 +consts %quote f :: "\<alpha> \<Rightarrow> \<alpha>"
  24.369 +
  24.370 +text {*
  24.371 +  \noindent The connection to the type system is done by means
  24.372 +  of a primitive axclass
  24.373 +*} (*<*)setup %invisible {* Sign.add_path "foo" *}
  24.374 +(*>*)
  24.375 +axclass %quote idem < type
  24.376 +  idem: "f (f x) = f x" (*<*)setup %invisible {* Sign.parent_path *}(*>*)
  24.377 +
  24.378 +text {* \noindent together with a corresponding interpretation: *}
  24.379 +
  24.380 +interpretation %quote idem_class:
  24.381 +  idem "f \<Colon> (\<alpha>\<Colon>idem) \<Rightarrow> \<alpha>"
  24.382 +proof qed (rule idem)
  24.383 +
  24.384 +text {*
  24.385 +  \noindent This gives you at hand the full power of the Isabelle module system;
  24.386 +  conclusions in locale @{text idem} are implicitly propagated
  24.387 +  to class @{text idem}.
  24.388 +*} (*<*)setup %invisible {* Sign.parent_path *}
  24.389 +(*>*)
  24.390 +subsection {* Abstract reasoning *}
  24.391 +
  24.392 +text {*
  24.393 +  Isabelle locales enable reasoning at a general level, while results
  24.394 +  are implicitly transferred to all instances.  For example, we can
  24.395 +  now establish the @{text "left_cancel"} lemma for groups, which
  24.396 +  states that the function @{text "(x \<otimes>)"} is injective:
  24.397 +*}
  24.398 +
  24.399 +lemma %quote (in group) left_cancel: "x \<otimes> y = x \<otimes> z \<longleftrightarrow> y = z"
  24.400 +proof
  24.401 +  assume "x \<otimes> y = x \<otimes> z"
  24.402 +  then have "x\<div> \<otimes> (x \<otimes> y) = x\<div> \<otimes> (x \<otimes> z)" by simp
  24.403 +  then have "(x\<div> \<otimes> x) \<otimes> y = (x\<div> \<otimes> x) \<otimes> z" using assoc by simp
  24.404 +  then show "y = z" using neutl and invl by simp
  24.405 +next
  24.406 +  assume "y = z"
  24.407 +  then show "x \<otimes> y = x \<otimes> z" by simp
  24.408 +qed
  24.409 +
  24.410 +text {*
  24.411 +  \noindent Here the \qt{@{keyword "in"} @{class group}} target specification
  24.412 +  indicates that the result is recorded within that context for later
  24.413 +  use.  This local theorem is also lifted to the global one @{fact
  24.414 +  "group.left_cancel:"} @{prop [source] "\<And>x y z \<Colon> \<alpha>\<Colon>group. x \<otimes> y = x \<otimes>
  24.415 +  z \<longleftrightarrow> y = z"}.  Since type @{text "int"} has been made an instance of
  24.416 +  @{text "group"} before, we may refer to that fact as well: @{prop
  24.417 +  [source] "\<And>x y z \<Colon> int. x \<otimes> y = x \<otimes> z \<longleftrightarrow> y = z"}.
  24.418 +*}
  24.419 +
  24.420 +
  24.421 +subsection {* Derived definitions *}
  24.422 +
  24.423 +text {*
  24.424 +  Isabelle locales support a concept of local definitions
  24.425 +  in locales:
  24.426 +*}
  24.427 +
  24.428 +primrec %quote (in monoid) pow_nat :: "nat \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>" where
  24.429 +  "pow_nat 0 x = \<one>"
  24.430 +  | "pow_nat (Suc n) x = x \<otimes> pow_nat n x"
  24.431 +
  24.432 +text {*
  24.433 +  \noindent If the locale @{text group} is also a class, this local
  24.434 +  definition is propagated onto a global definition of
  24.435 +  @{term [source] "pow_nat \<Colon> nat \<Rightarrow> \<alpha>\<Colon>monoid \<Rightarrow> \<alpha>\<Colon>monoid"}
  24.436 +  with corresponding theorems
  24.437 +
  24.438 +  @{thm pow_nat.simps [no_vars]}.
  24.439 +
  24.440 +  \noindent As you can see from this example, for local
  24.441 +  definitions you may use any specification tool
  24.442 +  which works together with locales (e.g. \cite{krauss2006}).
  24.443 +*}
  24.444 +
  24.445 +
  24.446 +subsection {* A functor analogy *}
  24.447 +
  24.448 +text {*
  24.449 +  We introduced Isar classes by analogy to type classes
  24.450 +  functional programming;  if we reconsider this in the
  24.451 +  context of what has been said about type classes and locales,
  24.452 +  we can drive this analogy further by stating that type
  24.453 +  classes essentially correspond to functors which have
  24.454 +  a canonical interpretation as type classes.
  24.455 +  Anyway, there is also the possibility of other interpretations.
  24.456 +  For example, also @{text list}s form a monoid with
  24.457 +  @{text append} and @{term "[]"} as operations, but it
  24.458 +  seems inappropriate to apply to lists
  24.459 +  the same operations as for genuinely algebraic types.
  24.460 +  In such a case, we simply can do a particular interpretation
  24.461 +  of monoids for lists:
  24.462 +*}
  24.463 +
  24.464 +interpretation %quote list_monoid!: monoid append "[]"
  24.465 +  proof qed auto
  24.466 +
  24.467 +text {*
  24.468 +  \noindent This enables us to apply facts on monoids
  24.469 +  to lists, e.g. @{thm list_monoid.neutl [no_vars]}.
  24.470 +
  24.471 +  When using this interpretation pattern, it may also
  24.472 +  be appropriate to map derived definitions accordingly:
  24.473 +*}
  24.474 +
  24.475 +primrec %quote replicate :: "nat \<Rightarrow> \<alpha> list \<Rightarrow> \<alpha> list" where
  24.476 +  "replicate 0 _ = []"
  24.477 +  | "replicate (Suc n) xs = xs @ replicate n xs"
  24.478 +
  24.479 +interpretation %quote list_monoid!: monoid append "[]" where
  24.480 +  "monoid.pow_nat append [] = replicate"
  24.481 +proof -
  24.482 +  interpret monoid append "[]" ..
  24.483 +  show "monoid.pow_nat append [] = replicate"
  24.484 +  proof
  24.485 +    fix n
  24.486 +    show "monoid.pow_nat append [] n = replicate n"
  24.487 +      by (induct n) auto
  24.488 +  qed
  24.489 +qed intro_locales
  24.490 +
  24.491 +
  24.492 +subsection {* Additional subclass relations *}
  24.493 +
  24.494 +text {*
  24.495 +  Any @{text "group"} is also a @{text "monoid"};  this
  24.496 +  can be made explicit by claiming an additional
  24.497 +  subclass relation,
  24.498 +  together with a proof of the logical difference:
  24.499 +*}
  24.500 +
  24.501 +subclass %quote (in group) monoid
  24.502 +proof
  24.503 +  fix x
  24.504 +  from invl have "x\<div> \<otimes> x = \<one>" by simp
  24.505 +  with assoc [symmetric] neutl invl have "x\<div> \<otimes> (x \<otimes> \<one>) = x\<div> \<otimes> x" by simp
  24.506 +  with left_cancel show "x \<otimes> \<one> = x" by simp
  24.507 +qed
  24.508 +
  24.509 +text {*
  24.510 +  The logical proof is carried out on the locale level.
  24.511 +  Afterwards it is propagated
  24.512 +  to the type system, making @{text group} an instance of
  24.513 +  @{text monoid} by adding an additional edge
  24.514 +  to the graph of subclass relations
  24.515 +  (cf.\ \figref{fig:subclass}).
  24.516 +
  24.517 +  \begin{figure}[htbp]
  24.518 +   \begin{center}
  24.519 +     \small
  24.520 +     \unitlength 0.6mm
  24.521 +     \begin{picture}(40,60)(0,0)
  24.522 +       \put(20,60){\makebox(0,0){@{text semigroup}}}
  24.523 +       \put(20,40){\makebox(0,0){@{text monoidl}}}
  24.524 +       \put(00,20){\makebox(0,0){@{text monoid}}}
  24.525 +       \put(40,00){\makebox(0,0){@{text group}}}
  24.526 +       \put(20,55){\vector(0,-1){10}}
  24.527 +       \put(15,35){\vector(-1,-1){10}}
  24.528 +       \put(25,35){\vector(1,-3){10}}
  24.529 +     \end{picture}
  24.530 +     \hspace{8em}
  24.531 +     \begin{picture}(40,60)(0,0)
  24.532 +       \put(20,60){\makebox(0,0){@{text semigroup}}}
  24.533 +       \put(20,40){\makebox(0,0){@{text monoidl}}}
  24.534 +       \put(00,20){\makebox(0,0){@{text monoid}}}
  24.535 +       \put(40,00){\makebox(0,0){@{text group}}}
  24.536 +       \put(20,55){\vector(0,-1){10}}
  24.537 +       \put(15,35){\vector(-1,-1){10}}
  24.538 +       \put(05,15){\vector(3,-1){30}}
  24.539 +     \end{picture}
  24.540 +     \caption{Subclass relationship of monoids and groups:
  24.541 +        before and after establishing the relationship
  24.542 +        @{text "group \<subseteq> monoid"};  transitive edges are left out.}
  24.543 +     \label{fig:subclass}
  24.544 +   \end{center}
  24.545 +  \end{figure}
  24.546 +
  24.547 +  For illustration, a derived definition
  24.548 +  in @{text group} which uses @{text pow_nat}:
  24.549 +*}
  24.550 +
  24.551 +definition %quote (in group) pow_int :: "int \<Rightarrow> \<alpha> \<Rightarrow> \<alpha>" where
  24.552 +  "pow_int k x = (if k >= 0
  24.553 +    then pow_nat (nat k) x
  24.554 +    else (pow_nat (nat (- k)) x)\<div>)"
  24.555 +
  24.556 +text {*
  24.557 +  \noindent yields the global definition of
  24.558 +  @{term [source] "pow_int \<Colon> int \<Rightarrow> \<alpha>\<Colon>group \<Rightarrow> \<alpha>\<Colon>group"}
  24.559 +  with the corresponding theorem @{thm pow_int_def [no_vars]}.
  24.560 +*}
  24.561 +
  24.562 +subsection {* A note on syntax *}
  24.563 +
  24.564 +text {*
  24.565 +  As a commodity, class context syntax allows to refer
  24.566 +  to local class operations and their global counterparts
  24.567 +  uniformly;  type inference resolves ambiguities.  For example:
  24.568 +*}
  24.569 +
  24.570 +context %quote semigroup
  24.571 +begin
  24.572 +
  24.573 +term %quote "x \<otimes> y" -- {* example 1 *}
  24.574 +term %quote "(x\<Colon>nat) \<otimes> y" -- {* example 2 *}
  24.575 +
  24.576 +end  %quote
  24.577 +
  24.578 +term %quote "x \<otimes> y" -- {* example 3 *}
  24.579 +
  24.580 +text {*
  24.581 +  \noindent Here in example 1, the term refers to the local class operation
  24.582 +  @{text "mult [\<alpha>]"}, whereas in example 2 the type constraint
  24.583 +  enforces the global class operation @{text "mult [nat]"}.
  24.584 +  In the global context in example 3, the reference is
  24.585 +  to the polymorphic global class operation @{text "mult [?\<alpha> \<Colon> semigroup]"}.
  24.586 +*}
  24.587 +
  24.588 +section {* Further issues *}
  24.589 +
  24.590 +subsection {* Type classes and code generation *}
  24.591 +
  24.592 +text {*
  24.593 +  Turning back to the first motivation for type classes,
  24.594 +  namely overloading, it is obvious that overloading
  24.595 +  stemming from @{command class} statements and
  24.596 +  @{command instantiation}
  24.597 +  targets naturally maps to Haskell type classes.
  24.598 +  The code generator framework \cite{isabelle-codegen} 
  24.599 +  takes this into account.  Concerning target languages
  24.600 +  lacking type classes (e.g.~SML), type classes
  24.601 +  are implemented by explicit dictionary construction.
  24.602 +  As example, let's go back to the power function:
  24.603 +*}
  24.604 +
  24.605 +definition %quote example :: int where
  24.606 +  "example = pow_int 10 (-2)"
  24.607 +
  24.608 +text {*
  24.609 +  \noindent This maps to Haskell as:
  24.610 +*}
  24.611 +
  24.612 +text %quote {*@{code_stmts example (Haskell)}*}
  24.613 +
  24.614 +text {*
  24.615 +  \noindent The whole code in SML with explicit dictionary passing:
  24.616 +*}
  24.617 +
  24.618 +text %quote {*@{code_stmts example (SML)}*}
  24.619 +
  24.620 +subsection {* Inspecting the type class universe *}
  24.621 +
  24.622 +text {*
  24.623 +  To facilitate orientation in complex subclass structures,
  24.624 +  two diagnostics commands are provided:
  24.625 +
  24.626 +  \begin{description}
  24.627 +
  24.628 +    \item[@{command "print_classes"}] print a list of all classes
  24.629 +      together with associated operations etc.
  24.630 +
  24.631 +    \item[@{command "class_deps"}] visualizes the subclass relation
  24.632 +      between all classes as a Hasse diagram.
  24.633 +
  24.634 +  \end{description}
  24.635 +*}
  24.636 +
  24.637 +end
    25.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    25.2 +++ b/doc-src/Classes/Thy/ROOT.ML	Wed Mar 04 11:05:29 2009 +0100
    25.3 @@ -0,0 +1,6 @@
    25.4 +
    25.5 +(* $Id$ *)
    25.6 +
    25.7 +no_document use_thy "Setup";
    25.8 +
    25.9 +use_thy "Classes";
    26.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    26.2 +++ b/doc-src/Classes/Thy/Setup.thy	Wed Mar 04 11:05:29 2009 +0100
    26.3 @@ -0,0 +1,34 @@
    26.4 +theory Setup
    26.5 +imports Main Code_Integer
    26.6 +uses
    26.7 +  "../../antiquote_setup"
    26.8 +  "../../more_antiquote"
    26.9 +begin
   26.10 +
   26.11 +ML {* Code_Target.code_width := 74 *}
   26.12 +
   26.13 +syntax
   26.14 +  "_alpha" :: "type"  ("\<alpha>")
   26.15 +  "_alpha_ofsort" :: "sort \<Rightarrow> type"  ("\<alpha>()\<Colon>_" [0] 1000)
   26.16 +  "_beta" :: "type"  ("\<beta>")
   26.17 +  "_beta_ofsort" :: "sort \<Rightarrow> type"  ("\<beta>()\<Colon>_" [0] 1000)
   26.18 +
   26.19 +parse_ast_translation {*
   26.20 +  let
   26.21 +    fun alpha_ast_tr [] = Syntax.Variable "'a"
   26.22 +      | alpha_ast_tr asts = raise Syntax.AST ("alpha_ast_tr", asts);
   26.23 +    fun alpha_ofsort_ast_tr [ast] =
   26.24 +      Syntax.Appl [Syntax.Constant "_ofsort", Syntax.Variable "'a", ast]
   26.25 +      | alpha_ofsort_ast_tr asts = raise Syntax.AST ("alpha_ast_tr", asts);
   26.26 +    fun beta_ast_tr [] = Syntax.Variable "'b"
   26.27 +      | beta_ast_tr asts = raise Syntax.AST ("beta_ast_tr", asts);
   26.28 +    fun beta_ofsort_ast_tr [ast] =
   26.29 +      Syntax.Appl [Syntax.Constant "_ofsort", Syntax.Variable "'b", ast]
   26.30 +      | beta_ofsort_ast_tr asts = raise Syntax.AST ("beta_ast_tr", asts);
   26.31 +  in [
   26.32 +    ("_alpha", alpha_ast_tr), ("_alpha_ofsort", alpha_ofsort_ast_tr),
   26.33 +    ("_beta", beta_ast_tr), ("_beta_ofsort", beta_ofsort_ast_tr)
   26.34 +  ] end
   26.35 +*}
   26.36 +
   26.37 +end
   26.38 \ No newline at end of file
    27.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    27.2 +++ b/doc-src/Classes/Thy/document/Classes.tex	Wed Mar 04 11:05:29 2009 +0100
    27.3 @@ -0,0 +1,1335 @@
    27.4 +%
    27.5 +\begin{isabellebody}%
    27.6 +\def\isabellecontext{Classes}%
    27.7 +%
    27.8 +\isadelimtheory
    27.9 +%
   27.10 +\endisadelimtheory
   27.11 +%
   27.12 +\isatagtheory
   27.13 +\isacommand{theory}\isamarkupfalse%
   27.14 +\ Classes\isanewline
   27.15 +\isakeyword{imports}\ Main\ Setup\isanewline
   27.16 +\isakeyword{begin}%
   27.17 +\endisatagtheory
   27.18 +{\isafoldtheory}%
   27.19 +%
   27.20 +\isadelimtheory
   27.21 +%
   27.22 +\endisadelimtheory
   27.23 +%
   27.24 +\isamarkupsection{Introduction%
   27.25 +}
   27.26 +\isamarkuptrue%
   27.27 +%
   27.28 +\begin{isamarkuptext}%
   27.29 +Type classes were introduces by Wadler and Blott \cite{wadler89how}
   27.30 +  into the Haskell language, to allow for a reasonable implementation
   27.31 +  of overloading\footnote{throughout this tutorial, we are referring
   27.32 +  to classical Haskell 1.0 type classes, not considering
   27.33 +  later additions in expressiveness}.
   27.34 +  As a canonical example, a polymorphic equality function
   27.35 +  \isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} which is overloaded on different
   27.36 +  types for \isa{{\isasymalpha}}, which is achieved by splitting introduction
   27.37 +  of the \isa{eq} function from its overloaded definitions by means
   27.38 +  of \isa{class} and \isa{instance} declarations:
   27.39 +  \footnote{syntax here is a kind of isabellized Haskell}
   27.40 +
   27.41 +  \begin{quote}
   27.42 +
   27.43 +  \noindent\isa{class\ eq\ where} \\
   27.44 +  \hspace*{2ex}\isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool}
   27.45 +
   27.46 +  \medskip\noindent\isa{instance\ nat\ {\isasymColon}\ eq\ where} \\
   27.47 +  \hspace*{2ex}\isa{eq\ {\isadigit{0}}\ {\isadigit{0}}\ {\isacharequal}\ True} \\
   27.48 +  \hspace*{2ex}\isa{eq\ {\isadigit{0}}\ {\isacharunderscore}\ {\isacharequal}\ False} \\
   27.49 +  \hspace*{2ex}\isa{eq\ {\isacharunderscore}\ {\isadigit{0}}\ {\isacharequal}\ False} \\
   27.50 +  \hspace*{2ex}\isa{eq\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharparenleft}Suc\ m{\isacharparenright}\ {\isacharequal}\ eq\ n\ m}
   27.51 +
   27.52 +  \medskip\noindent\isa{instance\ {\isacharparenleft}{\isasymalpha}{\isasymColon}eq{\isacharcomma}\ {\isasymbeta}{\isasymColon}eq{\isacharparenright}\ pair\ {\isasymColon}\ eq\ where} \\
   27.53 +  \hspace*{2ex}\isa{eq\ {\isacharparenleft}x{\isadigit{1}}{\isacharcomma}\ y{\isadigit{1}}{\isacharparenright}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ eq\ x{\isadigit{1}}\ x{\isadigit{2}}\ {\isasymand}\ eq\ y{\isadigit{1}}\ y{\isadigit{2}}}
   27.54 +
   27.55 +  \medskip\noindent\isa{class\ ord\ extends\ eq\ where} \\
   27.56 +  \hspace*{2ex}\isa{less{\isacharunderscore}eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} \\
   27.57 +  \hspace*{2ex}\isa{less\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool}
   27.58 +
   27.59 +  \end{quote}
   27.60 +
   27.61 +  \noindent Type variables are annotated with (finitely many) classes;
   27.62 +  these annotations are assertions that a particular polymorphic type
   27.63 +  provides definitions for overloaded functions.
   27.64 +
   27.65 +  Indeed, type classes not only allow for simple overloading
   27.66 +  but form a generic calculus, an instance of order-sorted
   27.67 +  algebra \cite{Nipkow-Prehofer:1993,nipkow-sorts93,Wenzel:1997:TPHOL}.
   27.68 +
   27.69 +  From a software engeneering point of view, type classes
   27.70 +  roughly correspond to interfaces in object-oriented languages like Java;
   27.71 +  so, it is naturally desirable that type classes do not only
   27.72 +  provide functions (class parameters) but also state specifications
   27.73 +  implementations must obey.  For example, the \isa{class\ eq}
   27.74 +  above could be given the following specification, demanding that
   27.75 +  \isa{class\ eq} is an equivalence relation obeying reflexivity,
   27.76 +  symmetry and transitivity:
   27.77 +
   27.78 +  \begin{quote}
   27.79 +
   27.80 +  \noindent\isa{class\ eq\ where} \\
   27.81 +  \hspace*{2ex}\isa{eq\ {\isasymColon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ bool} \\
   27.82 +  \isa{satisfying} \\
   27.83 +  \hspace*{2ex}\isa{refl{\isacharcolon}\ eq\ x\ x} \\
   27.84 +  \hspace*{2ex}\isa{sym{\isacharcolon}\ eq\ x\ y\ {\isasymlongleftrightarrow}\ eq\ x\ y} \\
   27.85 +  \hspace*{2ex}\isa{trans{\isacharcolon}\ eq\ x\ y\ {\isasymand}\ eq\ y\ z\ {\isasymlongrightarrow}\ eq\ x\ z}
   27.86 +
   27.87 +  \end{quote}
   27.88 +
   27.89 +  \noindent From a theoretic point of view, type classes are lightweight
   27.90 +  modules; Haskell type classes may be emulated by
   27.91 +  SML functors \cite{classes_modules}. 
   27.92 +  Isabelle/Isar offers a discipline of type classes which brings
   27.93 +  all those aspects together:
   27.94 +
   27.95 +  \begin{enumerate}
   27.96 +    \item specifying abstract parameters together with
   27.97 +       corresponding specifications,
   27.98 +    \item instantiating those abstract parameters by a particular
   27.99 +       type
  27.100 +    \item in connection with a ``less ad-hoc'' approach to overloading,
  27.101 +    \item with a direct link to the Isabelle module system
  27.102 +      (aka locales \cite{kammueller-locales}).
  27.103 +  \end{enumerate}
  27.104 +
  27.105 +  \noindent Isar type classes also directly support code generation
  27.106 +  in a Haskell like fashion.
  27.107 +
  27.108 +  This tutorial demonstrates common elements of structured specifications
  27.109 +  and abstract reasoning with type classes by the algebraic hierarchy of
  27.110 +  semigroups, monoids and groups.  Our background theory is that of
  27.111 +  Isabelle/HOL \cite{isa-tutorial}, for which some
  27.112 +  familiarity is assumed.
  27.113 +
  27.114 +  Here we merely present the look-and-feel for end users.
  27.115 +  Internally, those are mapped to more primitive Isabelle concepts.
  27.116 +  See \cite{Haftmann-Wenzel:2006:classes} for more detail.%
  27.117 +\end{isamarkuptext}%
  27.118 +\isamarkuptrue%
  27.119 +%
  27.120 +\isamarkupsection{A simple algebra example \label{sec:example}%
  27.121 +}
  27.122 +\isamarkuptrue%
  27.123 +%
  27.124 +\isamarkupsubsection{Class definition%
  27.125 +}
  27.126 +\isamarkuptrue%
  27.127 +%
  27.128 +\begin{isamarkuptext}%
  27.129 +Depending on an arbitrary type \isa{{\isasymalpha}}, class \isa{semigroup} introduces a binary operator \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} that is
  27.130 +  assumed to be associative:%
  27.131 +\end{isamarkuptext}%
  27.132 +\isamarkuptrue%
  27.133 +%
  27.134 +\isadelimquote
  27.135 +%
  27.136 +\endisadelimquote
  27.137 +%
  27.138 +\isatagquote
  27.139 +\isacommand{class}\isamarkupfalse%
  27.140 +\ semigroup\ {\isacharequal}\isanewline
  27.141 +\ \ \isakeyword{fixes}\ mult\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymotimes}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
  27.142 +\ \ \isakeyword{assumes}\ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}%
  27.143 +\endisatagquote
  27.144 +{\isafoldquote}%
  27.145 +%
  27.146 +\isadelimquote
  27.147 +%
  27.148 +\endisadelimquote
  27.149 +%
  27.150 +\begin{isamarkuptext}%
  27.151 +\noindent This \hyperlink{command.class}{\mbox{\isa{\isacommand{class}}}} specification consists of two
  27.152 +  parts: the \qn{operational} part names the class parameter
  27.153 +  (\hyperlink{element.fixes}{\mbox{\isa{\isakeyword{fixes}}}}), the \qn{logical} part specifies properties on them
  27.154 +  (\hyperlink{element.assumes}{\mbox{\isa{\isakeyword{assumes}}}}).  The local \hyperlink{element.fixes}{\mbox{\isa{\isakeyword{fixes}}}} and
  27.155 +  \hyperlink{element.assumes}{\mbox{\isa{\isakeyword{assumes}}}} are lifted to the theory toplevel,
  27.156 +  yielding the global
  27.157 +  parameter \isa{{\isachardoublequote}mult\ {\isasymColon}\ {\isasymalpha}{\isasymColon}semigroup\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequote}} and the
  27.158 +  global theorem \hyperlink{fact.semigroup.assoc:}{\mbox{\isa{semigroup{\isachardot}assoc{\isacharcolon}}}}~\isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ {\isasymalpha}{\isasymColon}semigroup{\isachardot}\ {\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequote}}.%
  27.159 +\end{isamarkuptext}%
  27.160 +\isamarkuptrue%
  27.161 +%
  27.162 +\isamarkupsubsection{Class instantiation \label{sec:class_inst}%
  27.163 +}
  27.164 +\isamarkuptrue%
  27.165 +%
  27.166 +\begin{isamarkuptext}%
  27.167 +The concrete type \isa{int} is made a \isa{semigroup}
  27.168 +  instance by providing a suitable definition for the class parameter
  27.169 +  \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} and a proof for the specification of \hyperlink{fact.assoc}{\mbox{\isa{assoc}}}.
  27.170 +  This is accomplished by the \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}} target:%
  27.171 +\end{isamarkuptext}%
  27.172 +\isamarkuptrue%
  27.173 +%
  27.174 +\isadelimquote
  27.175 +%
  27.176 +\endisadelimquote
  27.177 +%
  27.178 +\isatagquote
  27.179 +\isacommand{instantiation}\isamarkupfalse%
  27.180 +\ int\ {\isacharcolon}{\isacharcolon}\ semigroup\isanewline
  27.181 +\isakeyword{begin}\isanewline
  27.182 +\isanewline
  27.183 +\isacommand{definition}\isamarkupfalse%
  27.184 +\isanewline
  27.185 +\ \ mult{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}i\ {\isasymotimes}\ j\ {\isacharequal}\ i\ {\isacharplus}\ {\isacharparenleft}j{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.186 +\isanewline
  27.187 +\isacommand{instance}\isamarkupfalse%
  27.188 +\ \isacommand{proof}\isamarkupfalse%
  27.189 +\isanewline
  27.190 +\ \ \isacommand{fix}\isamarkupfalse%
  27.191 +\ i\ j\ k\ {\isacharcolon}{\isacharcolon}\ int\ \isacommand{have}\isamarkupfalse%
  27.192 +\ {\isachardoublequoteopen}{\isacharparenleft}i\ {\isacharplus}\ j{\isacharparenright}\ {\isacharplus}\ k\ {\isacharequal}\ i\ {\isacharplus}\ {\isacharparenleft}j\ {\isacharplus}\ k{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.193 +\ simp\isanewline
  27.194 +\ \ \isacommand{then}\isamarkupfalse%
  27.195 +\ \isacommand{show}\isamarkupfalse%
  27.196 +\ {\isachardoublequoteopen}{\isacharparenleft}i\ {\isasymotimes}\ j{\isacharparenright}\ {\isasymotimes}\ k\ {\isacharequal}\ i\ {\isasymotimes}\ {\isacharparenleft}j\ {\isasymotimes}\ k{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.197 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.198 +\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{{\isachardot}}\isamarkupfalse%
  27.199 +\isanewline
  27.200 +\isacommand{qed}\isamarkupfalse%
  27.201 +\isanewline
  27.202 +\isanewline
  27.203 +\isacommand{end}\isamarkupfalse%
  27.204 +%
  27.205 +\endisatagquote
  27.206 +{\isafoldquote}%
  27.207 +%
  27.208 +\isadelimquote
  27.209 +%
  27.210 +\endisadelimquote
  27.211 +%
  27.212 +\begin{isamarkuptext}%
  27.213 +\noindent \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}} allows to define class parameters
  27.214 +  at a particular instance using common specification tools (here,
  27.215 +  \hyperlink{command.definition}{\mbox{\isa{\isacommand{definition}}}}).  The concluding \hyperlink{command.instance}{\mbox{\isa{\isacommand{instance}}}}
  27.216 +  opens a proof that the given parameters actually conform
  27.217 +  to the class specification.  Note that the first proof step
  27.218 +  is the \hyperlink{method.default}{\mbox{\isa{default}}} method,
  27.219 +  which for such instance proofs maps to the \hyperlink{method.intro-classes}{\mbox{\isa{intro{\isacharunderscore}classes}}} method.
  27.220 +  This boils down an instance judgement to the relevant primitive
  27.221 +  proof goals and should conveniently always be the first method applied
  27.222 +  in an instantiation proof.
  27.223 +
  27.224 +  From now on, the type-checker will consider \isa{int}
  27.225 +  as a \isa{semigroup} automatically, i.e.\ any general results
  27.226 +  are immediately available on concrete instances.
  27.227 +
  27.228 +  \medskip Another instance of \isa{semigroup} are the natural numbers:%
  27.229 +\end{isamarkuptext}%
  27.230 +\isamarkuptrue%
  27.231 +%
  27.232 +\isadelimquote
  27.233 +%
  27.234 +\endisadelimquote
  27.235 +%
  27.236 +\isatagquote
  27.237 +\isacommand{instantiation}\isamarkupfalse%
  27.238 +\ nat\ {\isacharcolon}{\isacharcolon}\ semigroup\isanewline
  27.239 +\isakeyword{begin}\isanewline
  27.240 +\isanewline
  27.241 +\isacommand{primrec}\isamarkupfalse%
  27.242 +\ mult{\isacharunderscore}nat\ \isakeyword{where}\isanewline
  27.243 +\ \ {\isachardoublequoteopen}{\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
  27.244 +\ \ {\isacharbar}\ {\isachardoublequoteopen}Suc\ m\ {\isasymotimes}\ n\ {\isacharequal}\ Suc\ {\isacharparenleft}m\ {\isasymotimes}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.245 +\isanewline
  27.246 +\isacommand{instance}\isamarkupfalse%
  27.247 +\ \isacommand{proof}\isamarkupfalse%
  27.248 +\isanewline
  27.249 +\ \ \isacommand{fix}\isamarkupfalse%
  27.250 +\ m\ n\ q\ {\isacharcolon}{\isacharcolon}\ nat\ \isanewline
  27.251 +\ \ \isacommand{show}\isamarkupfalse%
  27.252 +\ {\isachardoublequoteopen}m\ {\isasymotimes}\ n\ {\isasymotimes}\ q\ {\isacharequal}\ m\ {\isasymotimes}\ {\isacharparenleft}n\ {\isasymotimes}\ q{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.253 +\ \ \ \ \isacommand{by}\isamarkupfalse%
  27.254 +\ {\isacharparenleft}induct\ m{\isacharparenright}\ auto\isanewline
  27.255 +\isacommand{qed}\isamarkupfalse%
  27.256 +\isanewline
  27.257 +\isanewline
  27.258 +\isacommand{end}\isamarkupfalse%
  27.259 +%
  27.260 +\endisatagquote
  27.261 +{\isafoldquote}%
  27.262 +%
  27.263 +\isadelimquote
  27.264 +%
  27.265 +\endisadelimquote
  27.266 +%
  27.267 +\begin{isamarkuptext}%
  27.268 +\noindent Note the occurence of the name \isa{mult{\isacharunderscore}nat}
  27.269 +  in the primrec declaration;  by default, the local name of
  27.270 +  a class operation \isa{f} to instantiate on type constructor
  27.271 +  \isa{{\isasymkappa}} are mangled as \isa{f{\isacharunderscore}{\isasymkappa}}.  In case of uncertainty,
  27.272 +  these names may be inspected using the \hyperlink{command.print-context}{\mbox{\isa{\isacommand{print{\isacharunderscore}context}}}} command
  27.273 +  or the corresponding ProofGeneral button.%
  27.274 +\end{isamarkuptext}%
  27.275 +\isamarkuptrue%
  27.276 +%
  27.277 +\isamarkupsubsection{Lifting and parametric types%
  27.278 +}
  27.279 +\isamarkuptrue%
  27.280 +%
  27.281 +\begin{isamarkuptext}%
  27.282 +Overloaded definitions giving on class instantiation
  27.283 +  may include recursion over the syntactic structure of types.
  27.284 +  As a canonical example, we model product semigroups
  27.285 +  using our simple algebra:%
  27.286 +\end{isamarkuptext}%
  27.287 +\isamarkuptrue%
  27.288 +%
  27.289 +\isadelimquote
  27.290 +%
  27.291 +\endisadelimquote
  27.292 +%
  27.293 +\isatagquote
  27.294 +\isacommand{instantiation}\isamarkupfalse%
  27.295 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}semigroup{\isacharcomma}\ semigroup{\isacharparenright}\ semigroup\isanewline
  27.296 +\isakeyword{begin}\isanewline
  27.297 +\isanewline
  27.298 +\isacommand{definition}\isamarkupfalse%
  27.299 +\isanewline
  27.300 +\ \ mult{\isacharunderscore}prod{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{2}}\ {\isacharequal}\ {\isacharparenleft}fst\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ fst\ p\isactrlisub {\isadigit{2}}{\isacharcomma}\ snd\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ snd\ p\isactrlisub {\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.301 +\isanewline
  27.302 +\isacommand{instance}\isamarkupfalse%
  27.303 +\ \isacommand{proof}\isamarkupfalse%
  27.304 +\isanewline
  27.305 +\ \ \isacommand{fix}\isamarkupfalse%
  27.306 +\ p\isactrlisub {\isadigit{1}}\ p\isactrlisub {\isadigit{2}}\ p\isactrlisub {\isadigit{3}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}semigroup\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}semigroup{\isachardoublequoteclose}\isanewline
  27.307 +\ \ \isacommand{show}\isamarkupfalse%
  27.308 +\ {\isachardoublequoteopen}p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{2}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{3}}\ {\isacharequal}\ p\isactrlisub {\isadigit{1}}\ {\isasymotimes}\ {\isacharparenleft}p\isactrlisub {\isadigit{2}}\ {\isasymotimes}\ p\isactrlisub {\isadigit{3}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.309 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.310 +\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.311 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ assoc{\isacharparenright}\isanewline
  27.312 +\isacommand{qed}\isamarkupfalse%
  27.313 +\ \ \ \ \ \ \isanewline
  27.314 +\isanewline
  27.315 +\isacommand{end}\isamarkupfalse%
  27.316 +%
  27.317 +\endisatagquote
  27.318 +{\isafoldquote}%
  27.319 +%
  27.320 +\isadelimquote
  27.321 +%
  27.322 +\endisadelimquote
  27.323 +%
  27.324 +\begin{isamarkuptext}%
  27.325 +\noindent Associativity from product semigroups is
  27.326 +  established using
  27.327 +  the definition of \isa{{\isacharparenleft}{\isasymotimes}{\isacharparenright}} on products and the hypothetical
  27.328 +  associativity of the type components;  these hypotheses
  27.329 +  are facts due to the \isa{semigroup} constraints imposed
  27.330 +  on the type components by the \hyperlink{command.instance}{\mbox{\isa{\isacommand{instance}}}} proposition.
  27.331 +  Indeed, this pattern often occurs with parametric types
  27.332 +  and type classes.%
  27.333 +\end{isamarkuptext}%
  27.334 +\isamarkuptrue%
  27.335 +%
  27.336 +\isamarkupsubsection{Subclassing%
  27.337 +}
  27.338 +\isamarkuptrue%
  27.339 +%
  27.340 +\begin{isamarkuptext}%
  27.341 +We define a subclass \isa{monoidl} (a semigroup with a left-hand neutral)
  27.342 +  by extending \isa{semigroup}
  27.343 +  with one additional parameter \isa{neutral} together
  27.344 +  with its property:%
  27.345 +\end{isamarkuptext}%
  27.346 +\isamarkuptrue%
  27.347 +%
  27.348 +\isadelimquote
  27.349 +%
  27.350 +\endisadelimquote
  27.351 +%
  27.352 +\isatagquote
  27.353 +\isacommand{class}\isamarkupfalse%
  27.354 +\ monoidl\ {\isacharequal}\ semigroup\ {\isacharplus}\isanewline
  27.355 +\ \ \isakeyword{fixes}\ neutral\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isachardoublequoteclose}\ {\isacharparenleft}{\isachardoublequoteopen}{\isasymone}{\isachardoublequoteclose}{\isacharparenright}\isanewline
  27.356 +\ \ \isakeyword{assumes}\ neutl{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}%
  27.357 +\endisatagquote
  27.358 +{\isafoldquote}%
  27.359 +%
  27.360 +\isadelimquote
  27.361 +%
  27.362 +\endisadelimquote
  27.363 +%
  27.364 +\begin{isamarkuptext}%
  27.365 +\noindent Again, we prove some instances, by
  27.366 +  providing suitable parameter definitions and proofs for the
  27.367 +  additional specifications.  Observe that instantiations
  27.368 +  for types with the same arity may be simultaneous:%
  27.369 +\end{isamarkuptext}%
  27.370 +\isamarkuptrue%
  27.371 +%
  27.372 +\isadelimquote
  27.373 +%
  27.374 +\endisadelimquote
  27.375 +%
  27.376 +\isatagquote
  27.377 +\isacommand{instantiation}\isamarkupfalse%
  27.378 +\ nat\ \isakeyword{and}\ int\ {\isacharcolon}{\isacharcolon}\ monoidl\isanewline
  27.379 +\isakeyword{begin}\isanewline
  27.380 +\isanewline
  27.381 +\isacommand{definition}\isamarkupfalse%
  27.382 +\isanewline
  27.383 +\ \ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.384 +\isanewline
  27.385 +\isacommand{definition}\isamarkupfalse%
  27.386 +\isanewline
  27.387 +\ \ neutral{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.388 +\isanewline
  27.389 +\isacommand{instance}\isamarkupfalse%
  27.390 +\ \isacommand{proof}\isamarkupfalse%
  27.391 +\isanewline
  27.392 +\ \ \isacommand{fix}\isamarkupfalse%
  27.393 +\ n\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
  27.394 +\ \ \isacommand{show}\isamarkupfalse%
  27.395 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
  27.396 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.397 +\ neutral{\isacharunderscore}nat{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.398 +\ simp\isanewline
  27.399 +\isacommand{next}\isamarkupfalse%
  27.400 +\isanewline
  27.401 +\ \ \isacommand{fix}\isamarkupfalse%
  27.402 +\ k\ {\isacharcolon}{\isacharcolon}\ int\isanewline
  27.403 +\ \ \isacommand{show}\isamarkupfalse%
  27.404 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ k\ {\isacharequal}\ k{\isachardoublequoteclose}\isanewline
  27.405 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.406 +\ neutral{\isacharunderscore}int{\isacharunderscore}def\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.407 +\ simp\isanewline
  27.408 +\isacommand{qed}\isamarkupfalse%
  27.409 +\isanewline
  27.410 +\isanewline
  27.411 +\isacommand{end}\isamarkupfalse%
  27.412 +\isanewline
  27.413 +\isanewline
  27.414 +\isacommand{instantiation}\isamarkupfalse%
  27.415 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}monoidl{\isacharcomma}\ monoidl{\isacharparenright}\ monoidl\isanewline
  27.416 +\isakeyword{begin}\isanewline
  27.417 +\isanewline
  27.418 +\isacommand{definition}\isamarkupfalse%
  27.419 +\isanewline
  27.420 +\ \ neutral{\isacharunderscore}prod{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ {\isacharparenleft}{\isasymone}{\isacharcomma}\ {\isasymone}{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.421 +\isanewline
  27.422 +\isacommand{instance}\isamarkupfalse%
  27.423 +\ \isacommand{proof}\isamarkupfalse%
  27.424 +\isanewline
  27.425 +\ \ \isacommand{fix}\isamarkupfalse%
  27.426 +\ p\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}monoidl\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}monoidl{\isachardoublequoteclose}\isanewline
  27.427 +\ \ \isacommand{show}\isamarkupfalse%
  27.428 +\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ p\ {\isacharequal}\ p{\isachardoublequoteclose}\isanewline
  27.429 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.430 +\ neutral{\isacharunderscore}prod{\isacharunderscore}def\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.431 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutl{\isacharparenright}\isanewline
  27.432 +\isacommand{qed}\isamarkupfalse%
  27.433 +\isanewline
  27.434 +\isanewline
  27.435 +\isacommand{end}\isamarkupfalse%
  27.436 +%
  27.437 +\endisatagquote
  27.438 +{\isafoldquote}%
  27.439 +%
  27.440 +\isadelimquote
  27.441 +%
  27.442 +\endisadelimquote
  27.443 +%
  27.444 +\begin{isamarkuptext}%
  27.445 +\noindent Fully-fledged monoids are modelled by another subclass
  27.446 +  which does not add new parameters but tightens the specification:%
  27.447 +\end{isamarkuptext}%
  27.448 +\isamarkuptrue%
  27.449 +%
  27.450 +\isadelimquote
  27.451 +%
  27.452 +\endisadelimquote
  27.453 +%
  27.454 +\isatagquote
  27.455 +\isacommand{class}\isamarkupfalse%
  27.456 +\ monoid\ {\isacharequal}\ monoidl\ {\isacharplus}\isanewline
  27.457 +\ \ \isakeyword{assumes}\ neutr{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
  27.458 +\isanewline
  27.459 +\isacommand{instantiation}\isamarkupfalse%
  27.460 +\ nat\ \isakeyword{and}\ int\ {\isacharcolon}{\isacharcolon}\ monoid\ \isanewline
  27.461 +\isakeyword{begin}\isanewline
  27.462 +\isanewline
  27.463 +\isacommand{instance}\isamarkupfalse%
  27.464 +\ \isacommand{proof}\isamarkupfalse%
  27.465 +\isanewline
  27.466 +\ \ \isacommand{fix}\isamarkupfalse%
  27.467 +\ n\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
  27.468 +\ \ \isacommand{show}\isamarkupfalse%
  27.469 +\ {\isachardoublequoteopen}n\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
  27.470 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.471 +\ neutral{\isacharunderscore}nat{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.472 +\ {\isacharparenleft}induct\ n{\isacharparenright}\ simp{\isacharunderscore}all\isanewline
  27.473 +\isacommand{next}\isamarkupfalse%
  27.474 +\isanewline
  27.475 +\ \ \isacommand{fix}\isamarkupfalse%
  27.476 +\ k\ {\isacharcolon}{\isacharcolon}\ int\isanewline
  27.477 +\ \ \isacommand{show}\isamarkupfalse%
  27.478 +\ {\isachardoublequoteopen}k\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ k{\isachardoublequoteclose}\isanewline
  27.479 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.480 +\ neutral{\isacharunderscore}int{\isacharunderscore}def\ mult{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.481 +\ simp\isanewline
  27.482 +\isacommand{qed}\isamarkupfalse%
  27.483 +\isanewline
  27.484 +\isanewline
  27.485 +\isacommand{end}\isamarkupfalse%
  27.486 +\isanewline
  27.487 +\isanewline
  27.488 +\isacommand{instantiation}\isamarkupfalse%
  27.489 +\ {\isacharasterisk}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}monoid{\isacharcomma}\ monoid{\isacharparenright}\ monoid\isanewline
  27.490 +\isakeyword{begin}\isanewline
  27.491 +\isanewline
  27.492 +\isacommand{instance}\isamarkupfalse%
  27.493 +\ \isacommand{proof}\isamarkupfalse%
  27.494 +\ \isanewline
  27.495 +\ \ \isacommand{fix}\isamarkupfalse%
  27.496 +\ p\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}{\isasymColon}monoid\ {\isasymtimes}\ {\isasymbeta}{\isasymColon}monoid{\isachardoublequoteclose}\isanewline
  27.497 +\ \ \isacommand{show}\isamarkupfalse%
  27.498 +\ {\isachardoublequoteopen}p\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ p{\isachardoublequoteclose}\isanewline
  27.499 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.500 +\ neutral{\isacharunderscore}prod{\isacharunderscore}def\ mult{\isacharunderscore}prod{\isacharunderscore}def\ \isacommand{by}\isamarkupfalse%
  27.501 +\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutr{\isacharparenright}\isanewline
  27.502 +\isacommand{qed}\isamarkupfalse%
  27.503 +\isanewline
  27.504 +\isanewline
  27.505 +\isacommand{end}\isamarkupfalse%
  27.506 +%
  27.507 +\endisatagquote
  27.508 +{\isafoldquote}%
  27.509 +%
  27.510 +\isadelimquote
  27.511 +%
  27.512 +\endisadelimquote
  27.513 +%
  27.514 +\begin{isamarkuptext}%
  27.515 +\noindent To finish our small algebra example, we add a \isa{group} class
  27.516 +  with a corresponding instance:%
  27.517 +\end{isamarkuptext}%
  27.518 +\isamarkuptrue%
  27.519 +%
  27.520 +\isadelimquote
  27.521 +%
  27.522 +\endisadelimquote
  27.523 +%
  27.524 +\isatagquote
  27.525 +\isacommand{class}\isamarkupfalse%
  27.526 +\ group\ {\isacharequal}\ monoidl\ {\isacharplus}\isanewline
  27.527 +\ \ \isakeyword{fixes}\ inverse\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharparenleft}{\isacharunderscore}{\isasymdiv}{\isacharparenright}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
  27.528 +\ \ \isakeyword{assumes}\ invl{\isacharcolon}\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
  27.529 +\isanewline
  27.530 +\isacommand{instantiation}\isamarkupfalse%
  27.531 +\ int\ {\isacharcolon}{\isacharcolon}\ group\isanewline
  27.532 +\isakeyword{begin}\isanewline
  27.533 +\isanewline
  27.534 +\isacommand{definition}\isamarkupfalse%
  27.535 +\isanewline
  27.536 +\ \ inverse{\isacharunderscore}int{\isacharunderscore}def{\isacharcolon}\ {\isachardoublequoteopen}i{\isasymdiv}\ {\isacharequal}\ {\isacharminus}\ {\isacharparenleft}i{\isasymColon}int{\isacharparenright}{\isachardoublequoteclose}\isanewline
  27.537 +\isanewline
  27.538 +\isacommand{instance}\isamarkupfalse%
  27.539 +\ \isacommand{proof}\isamarkupfalse%
  27.540 +\isanewline
  27.541 +\ \ \isacommand{fix}\isamarkupfalse%
  27.542 +\ i\ {\isacharcolon}{\isacharcolon}\ int\isanewline
  27.543 +\ \ \isacommand{have}\isamarkupfalse%
  27.544 +\ {\isachardoublequoteopen}{\isacharminus}i\ {\isacharplus}\ i\ {\isacharequal}\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.545 +\ simp\isanewline
  27.546 +\ \ \isacommand{then}\isamarkupfalse%
  27.547 +\ \isacommand{show}\isamarkupfalse%
  27.548 +\ {\isachardoublequoteopen}i{\isasymdiv}\ {\isasymotimes}\ i\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
  27.549 +\ \ \ \ \isacommand{unfolding}\isamarkupfalse%
  27.550 +\ mult{\isacharunderscore}int{\isacharunderscore}def\ neutral{\isacharunderscore}int{\isacharunderscore}def\ inverse{\isacharunderscore}int{\isacharunderscore}def\ \isacommand{{\isachardot}}\isamarkupfalse%
  27.551 +\isanewline
  27.552 +\isacommand{qed}\isamarkupfalse%
  27.553 +\isanewline
  27.554 +\isanewline
  27.555 +\isacommand{end}\isamarkupfalse%
  27.556 +%
  27.557 +\endisatagquote
  27.558 +{\isafoldquote}%
  27.559 +%
  27.560 +\isadelimquote
  27.561 +%
  27.562 +\endisadelimquote
  27.563 +%
  27.564 +\isamarkupsection{Type classes as locales%
  27.565 +}
  27.566 +\isamarkuptrue%
  27.567 +%
  27.568 +\isamarkupsubsection{A look behind the scene%
  27.569 +}
  27.570 +\isamarkuptrue%
  27.571 +%
  27.572 +\begin{isamarkuptext}%
  27.573 +The example above gives an impression how Isar type classes work
  27.574 +  in practice.  As stated in the introduction, classes also provide
  27.575 +  a link to Isar's locale system.  Indeed, the logical core of a class
  27.576 +  is nothing else than a locale:%
  27.577 +\end{isamarkuptext}%
  27.578 +\isamarkuptrue%
  27.579 +%
  27.580 +\isadelimquote
  27.581 +%
  27.582 +\endisadelimquote
  27.583 +%
  27.584 +\isatagquote
  27.585 +\isacommand{class}\isamarkupfalse%
  27.586 +\ idem\ {\isacharequal}\isanewline
  27.587 +\ \ \isakeyword{fixes}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
  27.588 +\ \ \isakeyword{assumes}\ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}%
  27.589 +\endisatagquote
  27.590 +{\isafoldquote}%
  27.591 +%
  27.592 +\isadelimquote
  27.593 +%
  27.594 +\endisadelimquote
  27.595 +%
  27.596 +\begin{isamarkuptext}%
  27.597 +\noindent essentially introduces the locale%
  27.598 +\end{isamarkuptext}%
  27.599 +\isamarkuptrue%
  27.600 +\ %
  27.601 +\isadeliminvisible
  27.602 +%
  27.603 +\endisadeliminvisible
  27.604 +%
  27.605 +\isataginvisible
  27.606 +%
  27.607 +\endisataginvisible
  27.608 +{\isafoldinvisible}%
  27.609 +%
  27.610 +\isadeliminvisible
  27.611 +%
  27.612 +\endisadeliminvisible
  27.613 +%
  27.614 +\isadelimquote
  27.615 +%
  27.616 +\endisadelimquote
  27.617 +%
  27.618 +\isatagquote
  27.619 +\isacommand{locale}\isamarkupfalse%
  27.620 +\ idem\ {\isacharequal}\isanewline
  27.621 +\ \ \isakeyword{fixes}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
  27.622 +\ \ \isakeyword{assumes}\ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}%
  27.623 +\endisatagquote
  27.624 +{\isafoldquote}%
  27.625 +%
  27.626 +\isadelimquote
  27.627 +%
  27.628 +\endisadelimquote
  27.629 +%
  27.630 +\begin{isamarkuptext}%
  27.631 +\noindent together with corresponding constant(s):%
  27.632 +\end{isamarkuptext}%
  27.633 +\isamarkuptrue%
  27.634 +%
  27.635 +\isadelimquote
  27.636 +%
  27.637 +\endisadelimquote
  27.638 +%
  27.639 +\isatagquote
  27.640 +\isacommand{consts}\isamarkupfalse%
  27.641 +\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}%
  27.642 +\endisatagquote
  27.643 +{\isafoldquote}%
  27.644 +%
  27.645 +\isadelimquote
  27.646 +%
  27.647 +\endisadelimquote
  27.648 +%
  27.649 +\begin{isamarkuptext}%
  27.650 +\noindent The connection to the type system is done by means
  27.651 +  of a primitive axclass%
  27.652 +\end{isamarkuptext}%
  27.653 +\isamarkuptrue%
  27.654 +\ %
  27.655 +\isadeliminvisible
  27.656 +%
  27.657 +\endisadeliminvisible
  27.658 +%
  27.659 +\isataginvisible
  27.660 +%
  27.661 +\endisataginvisible
  27.662 +{\isafoldinvisible}%
  27.663 +%
  27.664 +\isadeliminvisible
  27.665 +%
  27.666 +\endisadeliminvisible
  27.667 +%
  27.668 +\isadelimquote
  27.669 +%
  27.670 +\endisadelimquote
  27.671 +%
  27.672 +\isatagquote
  27.673 +\isacommand{axclass}\isamarkupfalse%
  27.674 +\ idem\ {\isacharless}\ type\isanewline
  27.675 +\ \ idem{\isacharcolon}\ {\isachardoublequoteopen}f\ {\isacharparenleft}f\ x{\isacharparenright}\ {\isacharequal}\ f\ x{\isachardoublequoteclose}\ %
  27.676 +\endisatagquote
  27.677 +{\isafoldquote}%
  27.678 +%
  27.679 +\isadelimquote
  27.680 +%
  27.681 +\endisadelimquote
  27.682 +%
  27.683 +\isadeliminvisible
  27.684 +%
  27.685 +\endisadeliminvisible
  27.686 +%
  27.687 +\isataginvisible
  27.688 +%
  27.689 +\endisataginvisible
  27.690 +{\isafoldinvisible}%
  27.691 +%
  27.692 +\isadeliminvisible
  27.693 +%
  27.694 +\endisadeliminvisible
  27.695 +%
  27.696 +\begin{isamarkuptext}%
  27.697 +\noindent together with a corresponding interpretation:%
  27.698 +\end{isamarkuptext}%
  27.699 +\isamarkuptrue%
  27.700 +%
  27.701 +\isadelimquote
  27.702 +%
  27.703 +\endisadelimquote
  27.704 +%
  27.705 +\isatagquote
  27.706 +\isacommand{interpretation}\isamarkupfalse%
  27.707 +\ idem{\isacharunderscore}class{\isacharcolon}\isanewline
  27.708 +\ \ idem\ {\isachardoublequoteopen}f\ {\isasymColon}\ {\isacharparenleft}{\isasymalpha}{\isasymColon}idem{\isacharparenright}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\isanewline
  27.709 +\isacommand{proof}\isamarkupfalse%
  27.710 +\ \isacommand{qed}\isamarkupfalse%
  27.711 +\ {\isacharparenleft}rule\ idem{\isacharparenright}%
  27.712 +\endisatagquote
  27.713 +{\isafoldquote}%
  27.714 +%
  27.715 +\isadelimquote
  27.716 +%
  27.717 +\endisadelimquote
  27.718 +%
  27.719 +\begin{isamarkuptext}%
  27.720 +\noindent This gives you at hand the full power of the Isabelle module system;
  27.721 +  conclusions in locale \isa{idem} are implicitly propagated
  27.722 +  to class \isa{idem}.%
  27.723 +\end{isamarkuptext}%
  27.724 +\isamarkuptrue%
  27.725 +\ %
  27.726 +\isadeliminvisible
  27.727 +%
  27.728 +\endisadeliminvisible
  27.729 +%
  27.730 +\isataginvisible
  27.731 +%
  27.732 +\endisataginvisible
  27.733 +{\isafoldinvisible}%
  27.734 +%
  27.735 +\isadeliminvisible
  27.736 +%
  27.737 +\endisadeliminvisible
  27.738 +%
  27.739 +\isamarkupsubsection{Abstract reasoning%
  27.740 +}
  27.741 +\isamarkuptrue%
  27.742 +%
  27.743 +\begin{isamarkuptext}%
  27.744 +Isabelle locales enable reasoning at a general level, while results
  27.745 +  are implicitly transferred to all instances.  For example, we can
  27.746 +  now establish the \isa{left{\isacharunderscore}cancel} lemma for groups, which
  27.747 +  states that the function \isa{{\isacharparenleft}x\ {\isasymotimes}{\isacharparenright}} is injective:%
  27.748 +\end{isamarkuptext}%
  27.749 +\isamarkuptrue%
  27.750 +%
  27.751 +\isadelimquote
  27.752 +%
  27.753 +\endisadelimquote
  27.754 +%
  27.755 +\isatagquote
  27.756 +\isacommand{lemma}\isamarkupfalse%
  27.757 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ left{\isacharunderscore}cancel{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequoteclose}\isanewline
  27.758 +\isacommand{proof}\isamarkupfalse%
  27.759 +\isanewline
  27.760 +\ \ \isacommand{assume}\isamarkupfalse%
  27.761 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z{\isachardoublequoteclose}\isanewline
  27.762 +\ \ \isacommand{then}\isamarkupfalse%
  27.763 +\ \isacommand{have}\isamarkupfalse%
  27.764 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isacharequal}\ x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.765 +\ simp\isanewline
  27.766 +\ \ \isacommand{then}\isamarkupfalse%
  27.767 +\ \isacommand{have}\isamarkupfalse%
  27.768 +\ {\isachardoublequoteopen}{\isacharparenleft}x{\isasymdiv}\ {\isasymotimes}\ x{\isacharparenright}\ {\isasymotimes}\ y\ {\isacharequal}\ {\isacharparenleft}x{\isasymdiv}\ {\isasymotimes}\ x{\isacharparenright}\ {\isasymotimes}\ z{\isachardoublequoteclose}\ \isacommand{using}\isamarkupfalse%
  27.769 +\ assoc\ \isacommand{by}\isamarkupfalse%
  27.770 +\ simp\isanewline
  27.771 +\ \ \isacommand{then}\isamarkupfalse%
  27.772 +\ \isacommand{show}\isamarkupfalse%
  27.773 +\ {\isachardoublequoteopen}y\ {\isacharequal}\ z{\isachardoublequoteclose}\ \isacommand{using}\isamarkupfalse%
  27.774 +\ neutl\ \isakeyword{and}\ invl\ \isacommand{by}\isamarkupfalse%
  27.775 +\ simp\isanewline
  27.776 +\isacommand{next}\isamarkupfalse%
  27.777 +\isanewline
  27.778 +\ \ \isacommand{assume}\isamarkupfalse%
  27.779 +\ {\isachardoublequoteopen}y\ {\isacharequal}\ z{\isachardoublequoteclose}\isanewline
  27.780 +\ \ \isacommand{then}\isamarkupfalse%
  27.781 +\ \isacommand{show}\isamarkupfalse%
  27.782 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.783 +\ simp\isanewline
  27.784 +\isacommand{qed}\isamarkupfalse%
  27.785 +%
  27.786 +\endisatagquote
  27.787 +{\isafoldquote}%
  27.788 +%
  27.789 +\isadelimquote
  27.790 +%
  27.791 +\endisadelimquote
  27.792 +%
  27.793 +\begin{isamarkuptext}%
  27.794 +\noindent Here the \qt{\hyperlink{keyword.in}{\mbox{\isa{\isakeyword{in}}}} \isa{group}} target specification
  27.795 +  indicates that the result is recorded within that context for later
  27.796 +  use.  This local theorem is also lifted to the global one \hyperlink{fact.group.left-cancel:}{\mbox{\isa{group{\isachardot}left{\isacharunderscore}cancel{\isacharcolon}}}} \isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ {\isasymalpha}{\isasymColon}group{\isachardot}\ x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequote}}.  Since type \isa{int} has been made an instance of
  27.797 +  \isa{group} before, we may refer to that fact as well: \isa{{\isachardoublequote}{\isasymAnd}x\ y\ z\ {\isasymColon}\ int{\isachardot}\ x\ {\isasymotimes}\ y\ {\isacharequal}\ x\ {\isasymotimes}\ z\ {\isasymlongleftrightarrow}\ y\ {\isacharequal}\ z{\isachardoublequote}}.%
  27.798 +\end{isamarkuptext}%
  27.799 +\isamarkuptrue%
  27.800 +%
  27.801 +\isamarkupsubsection{Derived definitions%
  27.802 +}
  27.803 +\isamarkuptrue%
  27.804 +%
  27.805 +\begin{isamarkuptext}%
  27.806 +Isabelle locales support a concept of local definitions
  27.807 +  in locales:%
  27.808 +\end{isamarkuptext}%
  27.809 +\isamarkuptrue%
  27.810 +%
  27.811 +\isadelimquote
  27.812 +%
  27.813 +\endisadelimquote
  27.814 +%
  27.815 +\isatagquote
  27.816 +\isacommand{primrec}\isamarkupfalse%
  27.817 +\ {\isacharparenleft}\isakeyword{in}\ monoid{\isacharparenright}\ pow{\isacharunderscore}nat\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  27.818 +\ \ {\isachardoublequoteopen}pow{\isacharunderscore}nat\ {\isadigit{0}}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
  27.819 +\ \ {\isacharbar}\ {\isachardoublequoteopen}pow{\isacharunderscore}nat\ {\isacharparenleft}Suc\ n{\isacharparenright}\ x\ {\isacharequal}\ x\ {\isasymotimes}\ pow{\isacharunderscore}nat\ n\ x{\isachardoublequoteclose}%
  27.820 +\endisatagquote
  27.821 +{\isafoldquote}%
  27.822 +%
  27.823 +\isadelimquote
  27.824 +%
  27.825 +\endisadelimquote
  27.826 +%
  27.827 +\begin{isamarkuptext}%
  27.828 +\noindent If the locale \isa{group} is also a class, this local
  27.829 +  definition is propagated onto a global definition of
  27.830 +  \isa{{\isachardoublequote}pow{\isacharunderscore}nat\ {\isasymColon}\ nat\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}monoid\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}monoid{\isachardoublequote}}
  27.831 +  with corresponding theorems
  27.832 +
  27.833 +  \isa{pow{\isacharunderscore}nat\ {\isadigit{0}}\ x\ {\isacharequal}\ {\isasymone}\isasep\isanewline%
  27.834 +pow{\isacharunderscore}nat\ {\isacharparenleft}Suc\ n{\isacharparenright}\ x\ {\isacharequal}\ x\ {\isasymotimes}\ pow{\isacharunderscore}nat\ n\ x}.
  27.835 +
  27.836 +  \noindent As you can see from this example, for local
  27.837 +  definitions you may use any specification tool
  27.838 +  which works together with locales (e.g. \cite{krauss2006}).%
  27.839 +\end{isamarkuptext}%
  27.840 +\isamarkuptrue%
  27.841 +%
  27.842 +\isamarkupsubsection{A functor analogy%
  27.843 +}
  27.844 +\isamarkuptrue%
  27.845 +%
  27.846 +\begin{isamarkuptext}%
  27.847 +We introduced Isar classes by analogy to type classes
  27.848 +  functional programming;  if we reconsider this in the
  27.849 +  context of what has been said about type classes and locales,
  27.850 +  we can drive this analogy further by stating that type
  27.851 +  classes essentially correspond to functors which have
  27.852 +  a canonical interpretation as type classes.
  27.853 +  Anyway, there is also the possibility of other interpretations.
  27.854 +  For example, also \isa{list}s form a monoid with
  27.855 +  \isa{append} and \isa{{\isacharbrackleft}{\isacharbrackright}} as operations, but it
  27.856 +  seems inappropriate to apply to lists
  27.857 +  the same operations as for genuinely algebraic types.
  27.858 +  In such a case, we simply can do a particular interpretation
  27.859 +  of monoids for lists:%
  27.860 +\end{isamarkuptext}%
  27.861 +\isamarkuptrue%
  27.862 +%
  27.863 +\isadelimquote
  27.864 +%
  27.865 +\endisadelimquote
  27.866 +%
  27.867 +\isatagquote
  27.868 +\isacommand{interpretation}\isamarkupfalse%
  27.869 +\ list{\isacharunderscore}monoid{\isacharbang}{\isacharcolon}\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
  27.870 +\ \ \isacommand{proof}\isamarkupfalse%
  27.871 +\ \isacommand{qed}\isamarkupfalse%
  27.872 +\ auto%
  27.873 +\endisatagquote
  27.874 +{\isafoldquote}%
  27.875 +%
  27.876 +\isadelimquote
  27.877 +%
  27.878 +\endisadelimquote
  27.879 +%
  27.880 +\begin{isamarkuptext}%
  27.881 +\noindent This enables us to apply facts on monoids
  27.882 +  to lists, e.g. \isa{{\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ x\ {\isacharequal}\ x}.
  27.883 +
  27.884 +  When using this interpretation pattern, it may also
  27.885 +  be appropriate to map derived definitions accordingly:%
  27.886 +\end{isamarkuptext}%
  27.887 +\isamarkuptrue%
  27.888 +%
  27.889 +\isadelimquote
  27.890 +%
  27.891 +\endisadelimquote
  27.892 +%
  27.893 +\isatagquote
  27.894 +\isacommand{primrec}\isamarkupfalse%
  27.895 +\ replicate\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isasymalpha}\ list\ {\isasymRightarrow}\ {\isasymalpha}\ list{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  27.896 +\ \ {\isachardoublequoteopen}replicate\ {\isadigit{0}}\ {\isacharunderscore}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
  27.897 +\ \ {\isacharbar}\ {\isachardoublequoteopen}replicate\ {\isacharparenleft}Suc\ n{\isacharparenright}\ xs\ {\isacharequal}\ xs\ {\isacharat}\ replicate\ n\ xs{\isachardoublequoteclose}\isanewline
  27.898 +\isanewline
  27.899 +\isacommand{interpretation}\isamarkupfalse%
  27.900 +\ list{\isacharunderscore}monoid{\isacharbang}{\isacharcolon}\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  27.901 +\ \ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ replicate{\isachardoublequoteclose}\isanewline
  27.902 +\isacommand{proof}\isamarkupfalse%
  27.903 +\ {\isacharminus}\isanewline
  27.904 +\ \ \isacommand{interpret}\isamarkupfalse%
  27.905 +\ monoid\ append\ {\isachardoublequoteopen}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
  27.906 +\isanewline
  27.907 +\ \ \isacommand{show}\isamarkupfalse%
  27.908 +\ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ replicate{\isachardoublequoteclose}\isanewline
  27.909 +\ \ \isacommand{proof}\isamarkupfalse%
  27.910 +\isanewline
  27.911 +\ \ \ \ \isacommand{fix}\isamarkupfalse%
  27.912 +\ n\isanewline
  27.913 +\ \ \ \ \isacommand{show}\isamarkupfalse%
  27.914 +\ {\isachardoublequoteopen}monoid{\isachardot}pow{\isacharunderscore}nat\ append\ {\isacharbrackleft}{\isacharbrackright}\ n\ {\isacharequal}\ replicate\ n{\isachardoublequoteclose}\isanewline
  27.915 +\ \ \ \ \ \ \isacommand{by}\isamarkupfalse%
  27.916 +\ {\isacharparenleft}induct\ n{\isacharparenright}\ auto\isanewline
  27.917 +\ \ \isacommand{qed}\isamarkupfalse%
  27.918 +\isanewline
  27.919 +\isacommand{qed}\isamarkupfalse%
  27.920 +\ intro{\isacharunderscore}locales%
  27.921 +\endisatagquote
  27.922 +{\isafoldquote}%
  27.923 +%
  27.924 +\isadelimquote
  27.925 +%
  27.926 +\endisadelimquote
  27.927 +%
  27.928 +\isamarkupsubsection{Additional subclass relations%
  27.929 +}
  27.930 +\isamarkuptrue%
  27.931 +%
  27.932 +\begin{isamarkuptext}%
  27.933 +Any \isa{group} is also a \isa{monoid};  this
  27.934 +  can be made explicit by claiming an additional
  27.935 +  subclass relation,
  27.936 +  together with a proof of the logical difference:%
  27.937 +\end{isamarkuptext}%
  27.938 +\isamarkuptrue%
  27.939 +%
  27.940 +\isadelimquote
  27.941 +%
  27.942 +\endisadelimquote
  27.943 +%
  27.944 +\isatagquote
  27.945 +\isacommand{subclass}\isamarkupfalse%
  27.946 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ monoid\isanewline
  27.947 +\isacommand{proof}\isamarkupfalse%
  27.948 +\isanewline
  27.949 +\ \ \isacommand{fix}\isamarkupfalse%
  27.950 +\ x\isanewline
  27.951 +\ \ \isacommand{from}\isamarkupfalse%
  27.952 +\ invl\ \isacommand{have}\isamarkupfalse%
  27.953 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ x\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.954 +\ simp\isanewline
  27.955 +\ \ \isacommand{with}\isamarkupfalse%
  27.956 +\ assoc\ {\isacharbrackleft}symmetric{\isacharbrackright}\ neutl\ invl\ \isacommand{have}\isamarkupfalse%
  27.957 +\ {\isachardoublequoteopen}x{\isasymdiv}\ {\isasymotimes}\ {\isacharparenleft}x\ {\isasymotimes}\ {\isasymone}{\isacharparenright}\ {\isacharequal}\ x{\isasymdiv}\ {\isasymotimes}\ x{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.958 +\ simp\isanewline
  27.959 +\ \ \isacommand{with}\isamarkupfalse%
  27.960 +\ left{\isacharunderscore}cancel\ \isacommand{show}\isamarkupfalse%
  27.961 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
  27.962 +\ simp\isanewline
  27.963 +\isacommand{qed}\isamarkupfalse%
  27.964 +%
  27.965 +\endisatagquote
  27.966 +{\isafoldquote}%
  27.967 +%
  27.968 +\isadelimquote
  27.969 +%
  27.970 +\endisadelimquote
  27.971 +%
  27.972 +\begin{isamarkuptext}%
  27.973 +The logical proof is carried out on the locale level.
  27.974 +  Afterwards it is propagated
  27.975 +  to the type system, making \isa{group} an instance of
  27.976 +  \isa{monoid} by adding an additional edge
  27.977 +  to the graph of subclass relations
  27.978 +  (cf.\ \figref{fig:subclass}).
  27.979 +
  27.980 +  \begin{figure}[htbp]
  27.981 +   \begin{center}
  27.982 +     \small
  27.983 +     \unitlength 0.6mm
  27.984 +     \begin{picture}(40,60)(0,0)
  27.985 +       \put(20,60){\makebox(0,0){\isa{semigroup}}}
  27.986 +       \put(20,40){\makebox(0,0){\isa{monoidl}}}
  27.987 +       \put(00,20){\makebox(0,0){\isa{monoid}}}
  27.988 +       \put(40,00){\makebox(0,0){\isa{group}}}
  27.989 +       \put(20,55){\vector(0,-1){10}}
  27.990 +       \put(15,35){\vector(-1,-1){10}}
  27.991 +       \put(25,35){\vector(1,-3){10}}
  27.992 +     \end{picture}
  27.993 +     \hspace{8em}
  27.994 +     \begin{picture}(40,60)(0,0)
  27.995 +       \put(20,60){\makebox(0,0){\isa{semigroup}}}
  27.996 +       \put(20,40){\makebox(0,0){\isa{monoidl}}}
  27.997 +       \put(00,20){\makebox(0,0){\isa{monoid}}}
  27.998 +       \put(40,00){\makebox(0,0){\isa{group}}}
  27.999 +       \put(20,55){\vector(0,-1){10}}
 27.1000 +       \put(15,35){\vector(-1,-1){10}}
 27.1001 +       \put(05,15){\vector(3,-1){30}}
 27.1002 +     \end{picture}
 27.1003 +     \caption{Subclass relationship of monoids and groups:
 27.1004 +        before and after establishing the relationship
 27.1005 +        \isa{group\ {\isasymsubseteq}\ monoid};  transitive edges are left out.}
 27.1006 +     \label{fig:subclass}
 27.1007 +   \end{center}
 27.1008 +  \end{figure}
 27.1009 +
 27.1010 +  For illustration, a derived definition
 27.1011 +  in \isa{group} which uses \isa{pow{\isacharunderscore}nat}:%
 27.1012 +\end{isamarkuptext}%
 27.1013 +\isamarkuptrue%
 27.1014 +%
 27.1015 +\isadelimquote
 27.1016 +%
 27.1017 +\endisadelimquote
 27.1018 +%
 27.1019 +\isatagquote
 27.1020 +\isacommand{definition}\isamarkupfalse%
 27.1021 +\ {\isacharparenleft}\isakeyword{in}\ group{\isacharparenright}\ pow{\isacharunderscore}int\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}int\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
 27.1022 +\ \ {\isachardoublequoteopen}pow{\isacharunderscore}int\ k\ x\ {\isacharequal}\ {\isacharparenleft}if\ k\ {\isachargreater}{\isacharequal}\ {\isadigit{0}}\isanewline
 27.1023 +\ \ \ \ then\ pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ k{\isacharparenright}\ x\isanewline
 27.1024 +\ \ \ \ else\ {\isacharparenleft}pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ {\isacharparenleft}{\isacharminus}\ k{\isacharparenright}{\isacharparenright}\ x{\isacharparenright}{\isasymdiv}{\isacharparenright}{\isachardoublequoteclose}%
 27.1025 +\endisatagquote
 27.1026 +{\isafoldquote}%
 27.1027 +%
 27.1028 +\isadelimquote
 27.1029 +%
 27.1030 +\endisadelimquote
 27.1031 +%
 27.1032 +\begin{isamarkuptext}%
 27.1033 +\noindent yields the global definition of
 27.1034 +  \isa{{\isachardoublequote}pow{\isacharunderscore}int\ {\isasymColon}\ int\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}group\ {\isasymRightarrow}\ {\isasymalpha}{\isasymColon}group{\isachardoublequote}}
 27.1035 +  with the corresponding theorem \isa{pow{\isacharunderscore}int\ k\ x\ {\isacharequal}\ {\isacharparenleft}if\ {\isadigit{0}}\ {\isasymle}\ k\ then\ pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ k{\isacharparenright}\ x\ else\ {\isacharparenleft}pow{\isacharunderscore}nat\ {\isacharparenleft}nat\ {\isacharparenleft}{\isacharminus}\ k{\isacharparenright}{\isacharparenright}\ x{\isacharparenright}{\isasymdiv}{\isacharparenright}}.%
 27.1036 +\end{isamarkuptext}%
 27.1037 +\isamarkuptrue%
 27.1038 +%
 27.1039 +\isamarkupsubsection{A note on syntax%
 27.1040 +}
 27.1041 +\isamarkuptrue%
 27.1042 +%
 27.1043 +\begin{isamarkuptext}%
 27.1044 +As a commodity, class context syntax allows to refer
 27.1045 +  to local class operations and their global counterparts
 27.1046 +  uniformly;  type inference resolves ambiguities.  For example:%
 27.1047 +\end{isamarkuptext}%
 27.1048 +\isamarkuptrue%
 27.1049 +%
 27.1050 +\isadelimquote
 27.1051 +%
 27.1052 +\endisadelimquote
 27.1053 +%
 27.1054 +\isatagquote
 27.1055 +\isacommand{context}\isamarkupfalse%
 27.1056 +\ semigroup\isanewline
 27.1057 +\isakeyword{begin}\isanewline
 27.1058 +\isanewline
 27.1059 +\isacommand{term}\isamarkupfalse%
 27.1060 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
 27.1061 +\isamarkupcmt{example 1%
 27.1062 +}
 27.1063 +\isanewline
 27.1064 +\isacommand{term}\isamarkupfalse%
 27.1065 +\ {\isachardoublequoteopen}{\isacharparenleft}x{\isasymColon}nat{\isacharparenright}\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
 27.1066 +\isamarkupcmt{example 2%
 27.1067 +}
 27.1068 +\isanewline
 27.1069 +\isanewline
 27.1070 +\isacommand{end}\isamarkupfalse%
 27.1071 +\isanewline
 27.1072 +\isanewline
 27.1073 +\isacommand{term}\isamarkupfalse%
 27.1074 +\ {\isachardoublequoteopen}x\ {\isasymotimes}\ y{\isachardoublequoteclose}\ %
 27.1075 +\isamarkupcmt{example 3%
 27.1076 +}
 27.1077 +%
 27.1078 +\endisatagquote
 27.1079 +{\isafoldquote}%
 27.1080 +%
 27.1081 +\isadelimquote
 27.1082 +%
 27.1083 +\endisadelimquote
 27.1084 +%
 27.1085 +\begin{isamarkuptext}%
 27.1086 +\noindent Here in example 1, the term refers to the local class operation
 27.1087 +  \isa{mult\ {\isacharbrackleft}{\isasymalpha}{\isacharbrackright}}, whereas in example 2 the type constraint
 27.1088 +  enforces the global class operation \isa{mult\ {\isacharbrackleft}nat{\isacharbrackright}}.
 27.1089 +  In the global context in example 3, the reference is
 27.1090 +  to the polymorphic global class operation \isa{mult\ {\isacharbrackleft}{\isacharquery}{\isasymalpha}\ {\isasymColon}\ semigroup{\isacharbrackright}}.%
 27.1091 +\end{isamarkuptext}%
 27.1092 +\isamarkuptrue%
 27.1093 +%
 27.1094 +\isamarkupsection{Further issues%
 27.1095 +}
 27.1096 +\isamarkuptrue%
 27.1097 +%
 27.1098 +\isamarkupsubsection{Type classes and code generation%
 27.1099 +}
 27.1100 +\isamarkuptrue%
 27.1101 +%
 27.1102 +\begin{isamarkuptext}%
 27.1103 +Turning back to the first motivation for type classes,
 27.1104 +  namely overloading, it is obvious that overloading
 27.1105 +  stemming from \hyperlink{command.class}{\mbox{\isa{\isacommand{class}}}} statements and
 27.1106 +  \hyperlink{command.instantiation}{\mbox{\isa{\isacommand{instantiation}}}}
 27.1107 +  targets naturally maps to Haskell type classes.
 27.1108 +  The code generator framework \cite{isabelle-codegen} 
 27.1109 +  takes this into account.  Concerning target languages
 27.1110 +  lacking type classes (e.g.~SML), type classes
 27.1111 +  are implemented by explicit dictionary construction.
 27.1112 +  As example, let's go back to the power function:%
 27.1113 +\end{isamarkuptext}%
 27.1114 +\isamarkuptrue%
 27.1115 +%
 27.1116 +\isadelimquote
 27.1117 +%
 27.1118 +\endisadelimquote
 27.1119 +%
 27.1120 +\isatagquote
 27.1121 +\isacommand{definition}\isamarkupfalse%
 27.1122 +\ example\ {\isacharcolon}{\isacharcolon}\ int\ \isakeyword{where}\isanewline
 27.1123 +\ \ {\isachardoublequoteopen}example\ {\isacharequal}\ pow{\isacharunderscore}int\ {\isadigit{1}}{\isadigit{0}}\ {\isacharparenleft}{\isacharminus}{\isadigit{2}}{\isacharparenright}{\isachardoublequoteclose}%
 27.1124 +\endisatagquote
 27.1125 +{\isafoldquote}%
 27.1126 +%
 27.1127 +\isadelimquote
 27.1128 +%
 27.1129 +\endisadelimquote
 27.1130 +%
 27.1131 +\begin{isamarkuptext}%
 27.1132 +\noindent This maps to Haskell as:%
 27.1133 +\end{isamarkuptext}%
 27.1134 +\isamarkuptrue%
 27.1135 +%
 27.1136 +\isadelimquote
 27.1137 +%
 27.1138 +\endisadelimquote
 27.1139 +%
 27.1140 +\isatagquote
 27.1141 +%
 27.1142 +\begin{isamarkuptext}%
 27.1143 +\isatypewriter%
 27.1144 +\noindent%
 27.1145 +\hspace*{0pt}module Example where {\char123}\\
 27.1146 +\hspace*{0pt}\\
 27.1147 +\hspace*{0pt}\\
 27.1148 +\hspace*{0pt}data Nat = Zero{\char95}nat | Suc Nat;\\
 27.1149 +\hspace*{0pt}\\
 27.1150 +\hspace*{0pt}nat{\char95}aux ::~Integer -> Nat -> Nat;\\
 27.1151 +\hspace*{0pt}nat{\char95}aux i n = (if i <= 0 then n else nat{\char95}aux (i - 1) (Suc n));\\
 27.1152 +\hspace*{0pt}\\
 27.1153 +\hspace*{0pt}nat ::~Integer -> Nat;\\
 27.1154 +\hspace*{0pt}nat i = nat{\char95}aux i Zero{\char95}nat;\\
 27.1155 +\hspace*{0pt}\\
 27.1156 +\hspace*{0pt}class Semigroup a where {\char123}\\
 27.1157 +\hspace*{0pt} ~mult ::~a -> a -> a;\\
 27.1158 +\hspace*{0pt}{\char125};\\
 27.1159 +\hspace*{0pt}\\
 27.1160 +\hspace*{0pt}class (Semigroup a) => Monoidl a where {\char123}\\
 27.1161 +\hspace*{0pt} ~neutral ::~a;\\
 27.1162 +\hspace*{0pt}{\char125};\\
 27.1163 +\hspace*{0pt}\\
 27.1164 +\hspace*{0pt}class (Monoidl a) => Monoid a where {\char123}\\
 27.1165 +\hspace*{0pt}{\char125};\\
 27.1166 +\hspace*{0pt}\\
 27.1167 +\hspace*{0pt}class (Monoid a) => Group a where {\char123}\\
 27.1168 +\hspace*{0pt} ~inverse ::~a -> a;\\
 27.1169 +\hspace*{0pt}{\char125};\\
 27.1170 +\hspace*{0pt}\\
 27.1171 +\hspace*{0pt}inverse{\char95}int ::~Integer -> Integer;\\
 27.1172 +\hspace*{0pt}inverse{\char95}int i = negate i;\\
 27.1173 +\hspace*{0pt}\\
 27.1174 +\hspace*{0pt}neutral{\char95}int ::~Integer;\\
 27.1175 +\hspace*{0pt}neutral{\char95}int = 0;\\
 27.1176 +\hspace*{0pt}\\
 27.1177 +\hspace*{0pt}mult{\char95}int ::~Integer -> Integer -> Integer;\\
 27.1178 +\hspace*{0pt}mult{\char95}int i j = i + j;\\
 27.1179 +\hspace*{0pt}\\
 27.1180 +\hspace*{0pt}instance Semigroup Integer where {\char123}\\
 27.1181 +\hspace*{0pt} ~mult = mult{\char95}int;\\
 27.1182 +\hspace*{0pt}{\char125};\\
 27.1183 +\hspace*{0pt}\\
 27.1184 +\hspace*{0pt}instance Monoidl Integer where {\char123}\\
 27.1185 +\hspace*{0pt} ~neutral = neutral{\char95}int;\\
 27.1186 +\hspace*{0pt}{\char125};\\
 27.1187 +\hspace*{0pt}\\
 27.1188 +\hspace*{0pt}instance Monoid Integer where {\char123}\\
 27.1189 +\hspace*{0pt}{\char125};\\
 27.1190 +\hspace*{0pt}\\
 27.1191 +\hspace*{0pt}instance Group Integer where {\char123}\\
 27.1192 +\hspace*{0pt} ~inverse = inverse{\char95}int;\\
 27.1193 +\hspace*{0pt}{\char125};\\
 27.1194 +\hspace*{0pt}\\
 27.1195 +\hspace*{0pt}pow{\char95}nat ::~forall a.~(Monoid a) => Nat -> a -> a;\\
 27.1196 +\hspace*{0pt}pow{\char95}nat Zero{\char95}nat x = neutral;\\
 27.1197 +\hspace*{0pt}pow{\char95}nat (Suc n) x = mult x (pow{\char95}nat n x);\\
 27.1198 +\hspace*{0pt}\\
 27.1199 +\hspace*{0pt}pow{\char95}int ::~forall a.~(Group a) => Integer -> a -> a;\\
 27.1200 +\hspace*{0pt}pow{\char95}int k x =\\
 27.1201 +\hspace*{0pt} ~(if 0 <= k then pow{\char95}nat (nat k) x\\
 27.1202 +\hspace*{0pt} ~~~else inverse (pow{\char95}nat (nat (negate k)) x));\\
 27.1203 +\hspace*{0pt}\\
 27.1204 +\hspace*{0pt}example ::~Integer;\\
 27.1205 +\hspace*{0pt}example = pow{\char95}int 10 (-2);\\
 27.1206 +\hspace*{0pt}\\
 27.1207 +\hspace*{0pt}{\char125}%
 27.1208 +\end{isamarkuptext}%
 27.1209 +\isamarkuptrue%
 27.1210 +%
 27.1211 +\endisatagquote
 27.1212 +{\isafoldquote}%
 27.1213 +%
 27.1214 +\isadelimquote
 27.1215 +%
 27.1216 +\endisadelimquote
 27.1217 +%
 27.1218 +\begin{isamarkuptext}%
 27.1219 +\noindent The whole code in SML with explicit dictionary passing:%
 27.1220 +\end{isamarkuptext}%
 27.1221 +\isamarkuptrue%
 27.1222 +%
 27.1223 +\isadelimquote
 27.1224 +%
 27.1225 +\endisadelimquote
 27.1226 +%
 27.1227 +\isatagquote
 27.1228 +%
 27.1229 +\begin{isamarkuptext}%
 27.1230 +\isatypewriter%
 27.1231 +\noindent%
 27.1232 +\hspace*{0pt}structure Example = \\
 27.1233 +\hspace*{0pt}struct\\
 27.1234 +\hspace*{0pt}\\
 27.1235 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
 27.1236 +\hspace*{0pt}\\
 27.1237 +\hspace*{0pt}fun nat{\char95}aux i n =\\
 27.1238 +\hspace*{0pt} ~(if IntInf.<= (i,~(0 :~IntInf.int)) then n\\
 27.1239 +\hspace*{0pt} ~~~else nat{\char95}aux (IntInf.- (i,~(1 :~IntInf.int))) (Suc n));\\
 27.1240 +\hspace*{0pt}\\
 27.1241 +\hspace*{0pt}fun nat i = nat{\char95}aux i Zero{\char95}nat;\\
 27.1242 +\hspace*{0pt}\\
 27.1243 +\hspace*{0pt}type 'a semigroup = {\char123}mult :~'a -> 'a -> 'a{\char125};\\
 27.1244 +\hspace*{0pt}fun mult (A{\char95}:'a semigroup) = {\char35}mult A{\char95};\\
 27.1245 +\hspace*{0pt}\\
 27.1246 +\hspace*{0pt}type 'a monoidl =\\
 27.1247 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}semigroup{\char95}monoidl :~'a semigroup,~neutral :~'a{\char125};\\
 27.1248 +\hspace*{0pt}fun semigroup{\char95}monoidl (A{\char95}:'a monoidl) = {\char35}Classes{\char95}{\char95}semigroup{\char95}monoidl A{\char95};\\
 27.1249 +\hspace*{0pt}fun neutral (A{\char95}:'a monoidl) = {\char35}neutral A{\char95};\\
 27.1250 +\hspace*{0pt}\\
 27.1251 +\hspace*{0pt}type 'a monoid = {\char123}Classes{\char95}{\char95}monoidl{\char95}monoid :~'a monoidl{\char125};\\
 27.1252 +\hspace*{0pt}fun monoidl{\char95}monoid (A{\char95}:'a monoid) = {\char35}Classes{\char95}{\char95}monoidl{\char95}monoid A{\char95};\\
 27.1253 +\hspace*{0pt}\\
 27.1254 +\hspace*{0pt}type 'a group = {\char123}Classes{\char95}{\char95}monoid{\char95}group :~'a monoid,~inverse :~'a -> 'a{\char125};\\
 27.1255 +\hspace*{0pt}fun monoid{\char95}group (A{\char95}:'a group) = {\char35}Classes{\char95}{\char95}monoid{\char95}group A{\char95};\\
 27.1256 +\hspace*{0pt}fun inverse (A{\char95}:'a group) = {\char35}inverse A{\char95};\\
 27.1257 +\hspace*{0pt}\\
 27.1258 +\hspace*{0pt}fun inverse{\char95}int i = IntInf.{\char126}~i;\\
 27.1259 +\hspace*{0pt}\\
 27.1260 +\hspace*{0pt}val neutral{\char95}int :~IntInf.int = (0 :~IntInf.int)\\
 27.1261 +\hspace*{0pt}\\
 27.1262 +\hspace*{0pt}fun mult{\char95}int i j = IntInf.+ (i,~j);\\
 27.1263 +\hspace*{0pt}\\
 27.1264 +\hspace*{0pt}val semigroup{\char95}int = {\char123}mult = mult{\char95}int{\char125}~:~IntInf.int semigroup;\\
 27.1265 +\hspace*{0pt}\\
 27.1266 +\hspace*{0pt}val monoidl{\char95}int =\\
 27.1267 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}semigroup{\char95}monoidl = semigroup{\char95}int,~neutral = neutral{\char95}int{\char125}~:\\
 27.1268 +\hspace*{0pt} ~IntInf.int monoidl;\\
 27.1269 +\hspace*{0pt}\\
 27.1270 +\hspace*{0pt}val monoid{\char95}int = {\char123}Classes{\char95}{\char95}monoidl{\char95}monoid = monoidl{\char95}int{\char125}~:\\
 27.1271 +\hspace*{0pt} ~IntInf.int monoid;\\
 27.1272 +\hspace*{0pt}\\
 27.1273 +\hspace*{0pt}val group{\char95}int =\\
 27.1274 +\hspace*{0pt} ~{\char123}Classes{\char95}{\char95}monoid{\char95}group = monoid{\char95}int,~inverse = inverse{\char95}int{\char125}~:\\
 27.1275 +\hspace*{0pt} ~IntInf.int group;\\
 27.1276 +\hspace*{0pt}\\
 27.1277 +\hspace*{0pt}fun pow{\char95}nat A{\char95}~Zero{\char95}nat x = neutral (monoidl{\char95}monoid A{\char95})\\
 27.1278 +\hspace*{0pt} ~| pow{\char95}nat A{\char95}~(Suc n) x =\\
 27.1279 +\hspace*{0pt} ~~~mult ((semigroup{\char95}monoidl o monoidl{\char95}monoid) A{\char95}) x (pow{\char95}nat A{\char95}~n x);\\
 27.1280 +\hspace*{0pt}\\
 27.1281 +\hspace*{0pt}fun pow{\char95}int A{\char95}~k x =\\
 27.1282 +\hspace*{0pt} ~(if IntInf.<= ((0 :~IntInf.int),~k)\\
 27.1283 +\hspace*{0pt} ~~~then pow{\char95}nat (monoid{\char95}group A{\char95}) (nat k) x\\
 27.1284 +\hspace*{0pt} ~~~else inverse A{\char95}~(pow{\char95}nat (monoid{\char95}group A{\char95}) (nat (IntInf.{\char126}~k)) x));\\
 27.1285 +\hspace*{0pt}\\
 27.1286 +\hspace*{0pt}val example :~IntInf.int =\\
 27.1287 +\hspace*{0pt} ~pow{\char95}int group{\char95}int (10 :~IntInf.int) ({\char126}2 :~IntInf.int)\\
 27.1288 +\hspace*{0pt}\\
 27.1289 +\hspace*{0pt}end;~(*struct Example*)%
 27.1290 +\end{isamarkuptext}%
 27.1291 +\isamarkuptrue%
 27.1292 +%
 27.1293 +\endisatagquote
 27.1294 +{\isafoldquote}%
 27.1295 +%
 27.1296 +\isadelimquote
 27.1297 +%
 27.1298 +\endisadelimquote
 27.1299 +%
 27.1300 +\isamarkupsubsection{Inspecting the type class universe%
 27.1301 +}
 27.1302 +\isamarkuptrue%
 27.1303 +%
 27.1304 +\begin{isamarkuptext}%
 27.1305 +To facilitate orientation in complex subclass structures,
 27.1306 +  two diagnostics commands are provided:
 27.1307 +
 27.1308 +  \begin{description}
 27.1309 +
 27.1310 +    \item[\hyperlink{command.print-classes}{\mbox{\isa{\isacommand{print{\isacharunderscore}classes}}}}] print a list of all classes
 27.1311 +      together with associated operations etc.
 27.1312 +
 27.1313 +    \item[\hyperlink{command.class-deps}{\mbox{\isa{\isacommand{class{\isacharunderscore}deps}}}}] visualizes the subclass relation
 27.1314 +      between all classes as a Hasse diagram.
 27.1315 +
 27.1316 +  \end{description}%
 27.1317 +\end{isamarkuptext}%
 27.1318 +\isamarkuptrue%
 27.1319 +%
 27.1320 +\isadelimtheory
 27.1321 +%
 27.1322 +\endisadelimtheory
 27.1323 +%
 27.1324 +\isatagtheory
 27.1325 +\isacommand{end}\isamarkupfalse%
 27.1326 +%
 27.1327 +\endisatagtheory
 27.1328 +{\isafoldtheory}%
 27.1329 +%
 27.1330 +\isadelimtheory
 27.1331 +%
 27.1332 +\endisadelimtheory
 27.1333 +\isanewline
 27.1334 +\end{isabellebody}%
 27.1335 +%%% Local Variables:
 27.1336 +%%% mode: latex
 27.1337 +%%% TeX-master: "root"
 27.1338 +%%% End:
    28.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    28.2 +++ b/doc-src/Classes/classes.tex	Wed Mar 04 11:05:29 2009 +0100
    28.3 @@ -0,0 +1,50 @@
    28.4 +
    28.5 +\documentclass[12pt,a4paper,fleqn]{article}
    28.6 +\usepackage{latexsym,graphicx}
    28.7 +\usepackage[refpage]{nomencl}
    28.8 +\usepackage{../iman,../extra,../isar,../proof}
    28.9 +\usepackage{../isabelle,../isabellesym}
   28.10 +\usepackage{style}
   28.11 +\usepackage{../pdfsetup}
   28.12 +
   28.13 +
   28.14 +\hyphenation{Isabelle}
   28.15 +\hyphenation{Isar}
   28.16 +\isadroptag{theory}
   28.17 +
   28.18 +\title{\includegraphics[scale=0.5]{isabelle_isar}
   28.19 +  \\[4ex] Haskell-style type classes with Isabelle/Isar}
   28.20 +\author{\emph{Florian Haftmann}}
   28.21 +
   28.22 +\begin{document}
   28.23 +
   28.24 +\maketitle
   28.25 +
   28.26 +\begin{abstract}
   28.27 +  \noindent This tutorial introduces the look-and-feel of Isar type classes
   28.28 +  to the end-user; Isar type classes are a convenient mechanism
   28.29 +  for organizing specifications, overcoming some drawbacks
   28.30 +  of raw axiomatic type classes. Essentially, they combine
   28.31 +  an operational aspect (in the manner of Haskell) with
   28.32 +  a logical aspect, both managed uniformly.
   28.33 +\end{abstract}
   28.34 +
   28.35 +\thispagestyle{empty}\clearpage
   28.36 +
   28.37 +\pagenumbering{roman}
   28.38 +\clearfirst
   28.39 +
   28.40 +\input{Thy/document/Classes.tex}
   28.41 +
   28.42 +\begingroup
   28.43 +\bibliographystyle{plain} \small\raggedright\frenchspacing
   28.44 +\bibliography{../manual}
   28.45 +\endgroup
   28.46 +
   28.47 +\end{document}
   28.48 +
   28.49 +
   28.50 +%%% Local Variables: 
   28.51 +%%% mode: latex
   28.52 +%%% TeX-master: t
   28.53 +%%% End: 
    29.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    29.2 +++ b/doc-src/Classes/style.sty	Wed Mar 04 11:05:29 2009 +0100
    29.3 @@ -0,0 +1,48 @@
    29.4 +
    29.5 +%% toc
    29.6 +\newcommand{\tocentry}[1]{\cleardoublepage\phantomsection\addcontentsline{toc}{chapter}{#1}
    29.7 +\@mkboth{\MakeUppercase{#1}}{\MakeUppercase{#1}}}
    29.8 +
    29.9 +%% paragraphs
   29.10 +\setlength{\parindent}{1em}
   29.11 +
   29.12 +%% references
   29.13 +\newcommand{\secref}[1]{\S\ref{#1}}
   29.14 +\newcommand{\figref}[1]{figure~\ref{#1}}
   29.15 +
   29.16 +%% logical markup
   29.17 +\newcommand{\strong}[1]{{\bfseries {#1}}}
   29.18 +\newcommand{\qn}[1]{\emph{#1}}
   29.19 +
   29.20 +%% typographic conventions
   29.21 +\newcommand{\qt}[1]{``{#1}''}
   29.22 +
   29.23 +%% verbatim text
   29.24 +\newcommand{\isatypewriter}{\fontsize{9pt}{0pt}\tt\renewcommand{\baselinestretch}{1}\setlength{\baselineskip}{9pt}}
   29.25 +
   29.26 +%% quote environment
   29.27 +\isakeeptag{quote}
   29.28 +\renewenvironment{quote}
   29.29 +  {\list{}{\leftmargin2em\rightmargin0pt}\parindent0pt\parskip0pt\item\relax}
   29.30 +  {\endlist}
   29.31 +\renewcommand{\isatagquote}{\begin{quote}}
   29.32 +\renewcommand{\endisatagquote}{\end{quote}}
   29.33 +\newcommand{\quotebreak}{\\[1.2ex]}
   29.34 +
   29.35 +%% presentation
   29.36 +\setcounter{secnumdepth}{2} \setcounter{tocdepth}{2}
   29.37 +
   29.38 +%% character detail
   29.39 +\renewcommand{\isadigit}[1]{\isamath{#1}}
   29.40 +\binperiod
   29.41 +\underscoreoff
   29.42 +
   29.43 +%% format
   29.44 +\pagestyle{headings}
   29.45 +\isabellestyle{it}
   29.46 +
   29.47 +
   29.48 +%%% Local Variables: 
   29.49 +%%% mode: latex
   29.50 +%%% TeX-master: "implementation"
   29.51 +%%% End: 
    30.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    30.2 +++ b/doc-src/Codegen/IsaMakefile	Wed Mar 04 11:05:29 2009 +0100
    30.3 @@ -0,0 +1,33 @@
    30.4 +
    30.5 +## targets
    30.6 +
    30.7 +default: Thy
    30.8 +images: 
    30.9 +test: Thy
   30.10 +
   30.11 +all: images test
   30.12 +
   30.13 +
   30.14 +## global settings
   30.15 +
   30.16 +SRC = $(ISABELLE_HOME)/src
   30.17 +OUT = $(ISABELLE_OUTPUT)
   30.18 +LOG = $(OUT)/log
   30.19 +
   30.20 +USEDIR = $(ISABELLE_TOOL) usedir -v true -i false -d false -C false -D document
   30.21 +
   30.22 +
   30.23 +## Thy
   30.24 +
   30.25 +THY = $(LOG)/HOL-Thy.gz
   30.26 +
   30.27 +Thy: $(THY)
   30.28 +
   30.29 +$(THY): Thy/ROOT.ML Thy/*.thy ../antiquote_setup.ML ../more_antiquote.ML
   30.30 +	@$(USEDIR) HOL Thy
   30.31 +
   30.32 +
   30.33 +## clean
   30.34 +
   30.35 +clean:
   30.36 +	@rm -f $(THY)
    31.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    31.2 +++ b/doc-src/Codegen/Makefile	Wed Mar 04 11:05:29 2009 +0100
    31.3 @@ -0,0 +1,35 @@
    31.4 +
    31.5 +## targets
    31.6 +
    31.7 +default: dvi
    31.8 +
    31.9 +
   31.10 +## dependencies
   31.11 +
   31.12 +include ../Makefile.in
   31.13 +
   31.14 +NAME = codegen
   31.15 +
   31.16 +FILES = $(NAME).tex Thy/document/*.tex \
   31.17 +  style.sty ../iman.sty ../extra.sty ../isar.sty \
   31.18 +  ../isabelle.sty ../isabellesym.sty ../pdfsetup.sty \
   31.19 +  ../manual.bib ../proof.sty
   31.20 +
   31.21 +dvi: $(NAME).dvi
   31.22 +
   31.23 +$(NAME).dvi: $(FILES) isabelle_isar.eps codegen_process.ps
   31.24 +	$(LATEX) $(NAME)
   31.25 +	$(BIBTEX) $(NAME)
   31.26 +	$(LATEX) $(NAME)
   31.27 +	$(LATEX) $(NAME)
   31.28 +
   31.29 +pdf: $(NAME).pdf
   31.30 +
   31.31 +$(NAME).pdf: $(FILES) isabelle_isar.pdf codegen_process.pdf
   31.32 +	$(PDFLATEX) $(NAME)
   31.33 +	$(BIBTEX) $(NAME)
   31.34 +	$(PDFLATEX) $(NAME)
   31.35 +	$(PDFLATEX) $(NAME)
   31.36 +	$(FIXBOOKMARKS) $(NAME).out
   31.37 +	$(PDFLATEX) $(NAME)
   31.38 +	$(PDFLATEX) $(NAME)
    32.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    32.2 +++ b/doc-src/Codegen/Thy/Adaption.thy	Wed Mar 04 11:05:29 2009 +0100
    32.3 @@ -0,0 +1,360 @@
    32.4 +theory Adaption
    32.5 +imports Setup
    32.6 +begin
    32.7 +
    32.8 +setup %invisible {* Code_Target.extend_target ("\<SML>", ("SML", K I)) *}
    32.9 +
   32.10 +section {* Adaption to target languages \label{sec:adaption} *}
   32.11 +
   32.12 +subsection {* Adapting code generation *}
   32.13 +
   32.14 +text {*
   32.15 +  The aspects of code generation introduced so far have two aspects
   32.16 +  in common:
   32.17 +
   32.18 +  \begin{itemize}
   32.19 +    \item They act uniformly, without reference to a specific
   32.20 +       target language.
   32.21 +    \item They are \emph{safe} in the sense that as long as you trust
   32.22 +       the code generator meta theory and implementation, you cannot
   32.23 +       produce programs that yield results which are not derivable
   32.24 +       in the logic.
   32.25 +  \end{itemize}
   32.26 +
   32.27 +  \noindent In this section we will introduce means to \emph{adapt} the serialiser
   32.28 +  to a specific target language, i.e.~to print program fragments
   32.29 +  in a way which accommodates \qt{already existing} ingredients of
   32.30 +  a target language environment, for three reasons:
   32.31 +
   32.32 +  \begin{itemize}
   32.33 +    \item improving readability and aesthetics of generated code
   32.34 +    \item gaining efficiency
   32.35 +    \item interface with language parts which have no direct counterpart
   32.36 +      in @{text "HOL"} (say, imperative data structures)
   32.37 +  \end{itemize}
   32.38 +
   32.39 +  \noindent Generally, you should avoid using those features yourself
   32.40 +  \emph{at any cost}:
   32.41 +
   32.42 +  \begin{itemize}
   32.43 +    \item The safe configuration methods act uniformly on every target language,
   32.44 +      whereas for adaption you have to treat each target language separate.
   32.45 +    \item Application is extremely tedious since there is no abstraction
   32.46 +      which would allow for a static check, making it easy to produce garbage.
   32.47 +    \item More or less subtle errors can be introduced unconsciously.
   32.48 +  \end{itemize}
   32.49 +
   32.50 +  \noindent However, even if you ought refrain from setting up adaption
   32.51 +  yourself, already the @{text "HOL"} comes with some reasonable default
   32.52 +  adaptions (say, using target language list syntax).  There also some
   32.53 +  common adaption cases which you can setup by importing particular
   32.54 +  library theories.  In order to understand these, we provide some clues here;
   32.55 +  these however are not supposed to replace a careful study of the sources.
   32.56 +*}
   32.57 +
   32.58 +subsection {* The adaption principle *}
   32.59 +
   32.60 +text {*
   32.61 +  The following figure illustrates what \qt{adaption} is conceptually
   32.62 +  supposed to be:
   32.63 +
   32.64 +  \begin{figure}[here]
   32.65 +    \begin{tikzpicture}[scale = 0.5]
   32.66 +      \tikzstyle water=[color = blue, thick]
   32.67 +      \tikzstyle ice=[color = black, very thick, cap = round, join = round, fill = white]
   32.68 +      \tikzstyle process=[color = green, semithick, ->]
   32.69 +      \tikzstyle adaption=[color = red, semithick, ->]
   32.70 +      \tikzstyle target=[color = black]
   32.71 +      \foreach \x in {0, ..., 24}
   32.72 +        \draw[style=water] (\x, 0.25) sin + (0.25, 0.25) cos + (0.25, -0.25) sin
   32.73 +          + (0.25, -0.25) cos + (0.25, 0.25);
   32.74 +      \draw[style=ice] (1, 0) --
   32.75 +        (3, 6) node[above, fill=white] {logic} -- (5, 0) -- cycle;
   32.76 +      \draw[style=ice] (9, 0) --
   32.77 +        (11, 6) node[above, fill=white] {intermediate language} -- (13, 0) -- cycle;
   32.78 +      \draw[style=ice] (15, -6) --
   32.79 +        (19, 6) node[above, fill=white] {target language} -- (23, -6) -- cycle;
   32.80 +      \draw[style=process]
   32.81 +        (3.5, 3) .. controls (7, 5) .. node[fill=white] {translation} (10.5, 3);
   32.82 +      \draw[style=process]
   32.83 +        (11.5, 3) .. controls (15, 5) .. node[fill=white] (serialisation) {serialisation} (18.5, 3);
   32.84 +      \node (adaption) at (11, -2) [style=adaption] {adaption};
   32.85 +      \node at (19, 3) [rotate=90] {generated};
   32.86 +      \node at (19.5, -5) {language};
   32.87 +      \node at (19.5, -3) {library};
   32.88 +      \node (includes) at (19.5, -1) {includes};
   32.89 +      \node (reserved) at (16.5, -3) [rotate=72] {reserved}; % proper 71.57
   32.90 +      \draw[style=process]
   32.91 +        (includes) -- (serialisation);
   32.92 +      \draw[style=process]
   32.93 +        (reserved) -- (serialisation);
   32.94 +      \draw[style=adaption]
   32.95 +        (adaption) -- (serialisation);
   32.96 +      \draw[style=adaption]
   32.97 +        (adaption) -- (includes);
   32.98 +      \draw[style=adaption]
   32.99 +        (adaption) -- (reserved);
  32.100 +    \end{tikzpicture}
  32.101 +    \caption{The adaption principle}
  32.102 +    \label{fig:adaption}
  32.103 +  \end{figure}
  32.104 +
  32.105 +  \noindent In the tame view, code generation acts as broker between
  32.106 +  @{text logic}, @{text "intermediate language"} and
  32.107 +  @{text "target language"} by means of @{text translation} and
  32.108 +  @{text serialisation};  for the latter, the serialiser has to observe
  32.109 +  the structure of the @{text language} itself plus some @{text reserved}
  32.110 +  keywords which have to be avoided for generated code.
  32.111 +  However, if you consider @{text adaption} mechanisms, the code generated
  32.112 +  by the serializer is just the tip of the iceberg:
  32.113 +
  32.114 +  \begin{itemize}
  32.115 +    \item @{text serialisation} can be \emph{parametrised} such that
  32.116 +      logical entities are mapped to target-specific ones
  32.117 +      (e.g. target-specific list syntax,
  32.118 +        see also \secref{sec:adaption_mechanisms})
  32.119 +    \item Such parametrisations can involve references to a
  32.120 +      target-specific standard @{text library} (e.g. using
  32.121 +      the @{text Haskell} @{verbatim Maybe} type instead
  32.122 +      of the @{text HOL} @{type "option"} type);
  32.123 +      if such are used, the corresponding identifiers
  32.124 +      (in our example, @{verbatim Maybe}, @{verbatim Nothing}
  32.125 +      and @{verbatim Just}) also have to be considered @{text reserved}.
  32.126 +    \item Even more, the user can enrich the library of the
  32.127 +      target-language by providing code snippets
  32.128 +      (\qt{@{text "includes"}}) which are prepended to
  32.129 +      any generated code (see \secref{sec:include});  this typically
  32.130 +      also involves further @{text reserved} identifiers.
  32.131 +  \end{itemize}
  32.132 +
  32.133 +  \noindent As figure \ref{fig:adaption} illustrates, all these adaption mechanisms
  32.134 +  have to act consistently;  it is at the discretion of the user
  32.135 +  to take care for this.
  32.136 +*}
  32.137 +
  32.138 +subsection {* Common adaption patterns *}
  32.139 +
  32.140 +text {*
  32.141 +  The @{theory HOL} @{theory Main} theory already provides a code
  32.142 +  generator setup
  32.143 +  which should be suitable for most applications.  Common extensions
  32.144 +  and modifications are available by certain theories of the @{text HOL}
  32.145 +  library; beside being useful in applications, they may serve
  32.146 +  as a tutorial for customising the code generator setup (see below
  32.147 +  \secref{sec:adaption_mechanisms}).
  32.148 +
  32.149 +  \begin{description}
  32.150 +
  32.151 +    \item[@{theory "Code_Integer"}] represents @{text HOL} integers by big
  32.152 +       integer literals in target languages.
  32.153 +    \item[@{theory "Code_Char"}] represents @{text HOL} characters by 
  32.154 +       character literals in target languages.
  32.155 +    \item[@{theory "Code_Char_chr"}] like @{text "Code_Char"},
  32.156 +       but also offers treatment of character codes; includes
  32.157 +       @{theory "Code_Char"}.
  32.158 +    \item[@{theory "Efficient_Nat"}] \label{eff_nat} implements natural numbers by integers,
  32.159 +       which in general will result in higher efficiency; pattern
  32.160 +       matching with @{term "0\<Colon>nat"} / @{const "Suc"}
  32.161 +       is eliminated;  includes @{theory "Code_Integer"}
  32.162 +       and @{theory "Code_Index"}.
  32.163 +    \item[@{theory "Code_Index"}] provides an additional datatype
  32.164 +       @{typ index} which is mapped to target-language built-in integers.
  32.165 +       Useful for code setups which involve e.g. indexing of
  32.166 +       target-language arrays.
  32.167 +    \item[@{theory "Code_Message"}] provides an additional datatype
  32.168 +       @{typ message_string} which is isomorphic to strings;
  32.169 +       @{typ message_string}s are mapped to target-language strings.
  32.170 +       Useful for code setups which involve e.g. printing (error) messages.
  32.171 +
  32.172 +  \end{description}
  32.173 +
  32.174 +  \begin{warn}
  32.175 +    When importing any of these theories, they should form the last
  32.176 +    items in an import list.  Since these theories adapt the
  32.177 +    code generator setup in a non-conservative fashion,
  32.178 +    strange effects may occur otherwise.
  32.179 +  \end{warn}
  32.180 +*}
  32.181 +
  32.182 +
  32.183 +subsection {* Parametrising serialisation \label{sec:adaption_mechanisms} *}
  32.184 +
  32.185 +text {*
  32.186 +  Consider the following function and its corresponding
  32.187 +  SML code:
  32.188 +*}
  32.189 +
  32.190 +primrec %quote in_interval :: "nat \<times> nat \<Rightarrow> nat \<Rightarrow> bool" where
  32.191 +  "in_interval (k, l) n \<longleftrightarrow> k \<le> n \<and> n \<le> l"
  32.192 +(*<*)
  32.193 +code_type %invisible bool
  32.194 +  (SML)
  32.195 +code_const %invisible True and False and "op \<and>" and Not
  32.196 +  (SML and and and)
  32.197 +(*>*)
  32.198 +text %quote {*@{code_stmts in_interval (SML)}*}
  32.199 +
  32.200 +text {*
  32.201 +  \noindent Though this is correct code, it is a little bit unsatisfactory:
  32.202 +  boolean values and operators are materialised as distinguished
  32.203 +  entities with have nothing to do with the SML-built-in notion
  32.204 +  of \qt{bool}.  This results in less readable code;
  32.205 +  additionally, eager evaluation may cause programs to
  32.206 +  loop or break which would perfectly terminate when
  32.207 +  the existing SML @{verbatim "bool"} would be used.  To map
  32.208 +  the HOL @{typ bool} on SML @{verbatim "bool"}, we may use
  32.209 +  \qn{custom serialisations}:
  32.210 +*}
  32.211 +
  32.212 +code_type %quotett bool
  32.213 +  (SML "bool")
  32.214 +code_const %quotett True and False and "op \<and>"
  32.215 +  (SML "true" and "false" and "_ andalso _")
  32.216 +
  32.217 +text {*
  32.218 +  \noindent The @{command code_type} command takes a type constructor
  32.219 +  as arguments together with a list of custom serialisations.
  32.220 +  Each custom serialisation starts with a target language
  32.221 +  identifier followed by an expression, which during
  32.222 +  code serialisation is inserted whenever the type constructor
  32.223 +  would occur.  For constants, @{command code_const} implements
  32.224 +  the corresponding mechanism.  Each ``@{verbatim "_"}'' in
  32.225 +  a serialisation expression is treated as a placeholder
  32.226 +  for the type constructor's (the constant's) arguments.
  32.227 +*}
  32.228 +
  32.229 +text %quote {*@{code_stmts in_interval (SML)}*}
  32.230 +
  32.231 +text {*
  32.232 +  \noindent This still is not perfect: the parentheses
  32.233 +  around the \qt{andalso} expression are superfluous.
  32.234 +  Though the serialiser
  32.235 +  by no means attempts to imitate the rich Isabelle syntax
  32.236 +  framework, it provides some common idioms, notably
  32.237 +  associative infixes with precedences which may be used here:
  32.238 +*}
  32.239 +
  32.240 +code_const %quotett "op \<and>"
  32.241 +  (SML infixl 1 "andalso")
  32.242 +
  32.243 +text %quote {*@{code_stmts in_interval (SML)}*}
  32.244 +
  32.245 +text {*
  32.246 +  \noindent The attentive reader may ask how we assert that no generated
  32.247 +  code will accidentally overwrite.  For this reason the serialiser has
  32.248 +  an internal table of identifiers which have to be avoided to be used
  32.249 +  for new declarations.  Initially, this table typically contains the
  32.250 +  keywords of the target language.  It can be extended manually, thus avoiding
  32.251 +  accidental overwrites, using the @{command "code_reserved"} command:
  32.252 +*}
  32.253 +
  32.254 +code_reserved %quote "\<SML>" bool true false andalso
  32.255 +
  32.256 +text {*
  32.257 +  \noindent Next, we try to map HOL pairs to SML pairs, using the
  32.258 +  infix ``@{verbatim "*"}'' type constructor and parentheses:
  32.259 +*}
  32.260 +(*<*)
  32.261 +code_type %invisible *
  32.262 +  (SML)
  32.263 +code_const %invisible Pair
  32.264 +  (SML)
  32.265 +(*>*)
  32.266 +code_type %quotett *
  32.267 +  (SML infix 2 "*")
  32.268 +code_const %quotett Pair
  32.269 +  (SML "!((_),/ (_))")
  32.270 +
  32.271 +text {*
  32.272 +  \noindent The initial bang ``@{verbatim "!"}'' tells the serialiser
  32.273 +  never to put
  32.274 +  parentheses around the whole expression (they are already present),
  32.275 +  while the parentheses around argument place holders
  32.276 +  tell not to put parentheses around the arguments.
  32.277 +  The slash ``@{verbatim "/"}'' (followed by arbitrary white space)
  32.278 +  inserts a space which may be used as a break if necessary
  32.279 +  during pretty printing.
  32.280 +
  32.281 +  These examples give a glimpse what mechanisms
  32.282 +  custom serialisations provide; however their usage
  32.283 +  requires careful thinking in order not to introduce
  32.284 +  inconsistencies -- or, in other words:
  32.285 +  custom serialisations are completely axiomatic.
  32.286 +
  32.287 +  A further noteworthy details is that any special
  32.288 +  character in a custom serialisation may be quoted
  32.289 +  using ``@{verbatim "'"}''; thus, in
  32.290 +  ``@{verbatim "fn '_ => _"}'' the first
  32.291 +  ``@{verbatim "_"}'' is a proper underscore while the
  32.292 +  second ``@{verbatim "_"}'' is a placeholder.
  32.293 +*}
  32.294 +
  32.295 +
  32.296 +subsection {* @{text Haskell} serialisation *}
  32.297 +
  32.298 +text {*
  32.299 +  For convenience, the default
  32.300 +  @{text HOL} setup for @{text Haskell} maps the @{class eq} class to
  32.301 +  its counterpart in @{text Haskell}, giving custom serialisations
  32.302 +  for the class @{class eq} (by command @{command code_class}) and its operation
  32.303 +  @{const HOL.eq}
  32.304 +*}
  32.305 +
  32.306 +code_class %quotett eq
  32.307 +  (Haskell "Eq")
  32.308 +
  32.309 +code_const %quotett "op ="
  32.310 +  (Haskell infixl 4 "==")
  32.311 +
  32.312 +text {*
  32.313 +  \noindent A problem now occurs whenever a type which
  32.314 +  is an instance of @{class eq} in @{text HOL} is mapped
  32.315 +  on a @{text Haskell}-built-in type which is also an instance
  32.316 +  of @{text Haskell} @{text Eq}:
  32.317 +*}
  32.318 +
  32.319 +typedecl %quote bar
  32.320 +
  32.321 +instantiation %quote bar :: eq
  32.322 +begin
  32.323 +
  32.324 +definition %quote "eq_class.eq (x\<Colon>bar) y \<longleftrightarrow> x = y"
  32.325 +
  32.326 +instance %quote by default (simp add: eq_bar_def)
  32.327 +
  32.328 +end %quote
  32.329 +code_type %quotett bar
  32.330 +  (Haskell "Integer")
  32.331 +
  32.332 +text {*
  32.333 +  \noindent The code generator would produce
  32.334 +  an additional instance, which of course is rejected by the @{text Haskell}
  32.335 +  compiler.
  32.336 +  To suppress this additional instance, use
  32.337 +  @{text "code_instance"}:
  32.338 +*}
  32.339 +
  32.340 +code_instance %quotett bar :: eq
  32.341 +  (Haskell -)
  32.342 +
  32.343 +
  32.344 +subsection {* Enhancing the target language context \label{sec:include} *}
  32.345 +
  32.346 +text {*
  32.347 +  In rare cases it is necessary to \emph{enrich} the context of a
  32.348 +  target language;  this is accomplished using the @{command "code_include"}
  32.349 +  command:
  32.350 +*}
  32.351 +
  32.352 +code_include %quotett Haskell "Errno"
  32.353 +{*errno i = error ("Error number: " ++ show i)*}
  32.354 +
  32.355 +code_reserved %quotett Haskell Errno
  32.356 +
  32.357 +text {*
  32.358 +  \noindent Such named @{text include}s are then prepended to every generated code.
  32.359 +  Inspect such code in order to find out how @{command "code_include"} behaves
  32.360 +  with respect to a particular target language.
  32.361 +*}
  32.362 +
  32.363 +end
    33.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    33.2 +++ b/doc-src/Codegen/Thy/Further.thy	Wed Mar 04 11:05:29 2009 +0100
    33.3 @@ -0,0 +1,112 @@
    33.4 +theory Further
    33.5 +imports Setup
    33.6 +begin
    33.7 +
    33.8 +section {* Further issues \label{sec:further} *}
    33.9 +
   33.10 +subsection {* Further reading *}
   33.11 +
   33.12 +text {*
   33.13 +  Do dive deeper into the issue of code generation, you should visit
   33.14 +  the Isabelle/Isar Reference Manual \cite{isabelle-isar-ref} which
   33.15 +  contains exhaustive syntax diagrams.
   33.16 +*}
   33.17 +
   33.18 +subsection {* Modules *}
   33.19 +
   33.20 +text {*
   33.21 +  When invoking the @{command export_code} command it is possible to leave
   33.22 +  out the @{keyword "module_name"} part;  then code is distributed over
   33.23 +  different modules, where the module name space roughly is induced
   33.24 +  by the @{text Isabelle} theory name space.
   33.25 +
   33.26 +  Then sometimes the awkward situation occurs that dependencies between
   33.27 +  definitions introduce cyclic dependencies between modules, which in the
   33.28 +  @{text Haskell} world leaves you to the mercy of the @{text Haskell} implementation
   33.29 +  you are using,  while for @{text SML}/@{text OCaml} code generation is not possible.
   33.30 +
   33.31 +  A solution is to declare module names explicitly.
   33.32 +  Let use assume the three cyclically dependent
   33.33 +  modules are named \emph{A}, \emph{B} and \emph{C}.
   33.34 +  Then, by stating
   33.35 +*}
   33.36 +
   33.37 +code_modulename %quote SML
   33.38 +  A ABC
   33.39 +  B ABC
   33.40 +  C ABC
   33.41 +
   33.42 +text {*
   33.43 +  we explicitly map all those modules on \emph{ABC},
   33.44 +  resulting in an ad-hoc merge of this three modules
   33.45 +  at serialisation time.
   33.46 +*}
   33.47 +
   33.48 +subsection {* Evaluation oracle *}
   33.49 +
   33.50 +text {*
   33.51 +  Code generation may also be used to \emph{evaluate} expressions
   33.52 +  (using @{text SML} as target language of course).
   33.53 +  For instance, the @{command value} allows to reduce an expression to a
   33.54 +  normal form with respect to the underlying code equations:
   33.55 +*}
   33.56 +
   33.57 +value %quote "42 / (12 :: rat)"
   33.58 +
   33.59 +text {*
   33.60 +  \noindent will display @{term "7 / (2 :: rat)"}.
   33.61 +
   33.62 +  The @{method eval} method tries to reduce a goal by code generation to @{term True}
   33.63 +  and solves it in that case, but fails otherwise:
   33.64 +*}
   33.65 +
   33.66 +lemma %quote "42 / (12 :: rat) = 7 / 2"
   33.67 +  by %quote eval
   33.68 +
   33.69 +text {*
   33.70 +  \noindent The soundness of the @{method eval} method depends crucially 
   33.71 +  on the correctness of the code generator;  this is one of the reasons
   33.72 +  why you should not use adaption (see \secref{sec:adaption}) frivolously.
   33.73 +*}
   33.74 +
   33.75 +subsection {* Code antiquotation *}
   33.76 +
   33.77 +text {*
   33.78 +  In scenarios involving techniques like reflection it is quite common
   33.79 +  that code generated from a theory forms the basis for implementing
   33.80 +  a proof procedure in @{text SML}.  To facilitate interfacing of generated code
   33.81 +  with system code, the code generator provides a @{text code} antiquotation:
   33.82 +*}
   33.83 +
   33.84 +datatype %quote form = T | F | And form form | Or form form
   33.85 +ML %quotett {*
   33.86 +  fun eval_form @{code T} = true
   33.87 +    | eval_form @{code F} = false
   33.88 +    | eval_form (@{code And} (p, q)) =
   33.89 +        eval_form p andalso eval_form q
   33.90 +    | eval_form (@{code Or} (p, q)) =
   33.91 +        eval_form p orelse eval_form q;
   33.92 +*}
   33.93 +
   33.94 +text {*
   33.95 +  \noindent @{text code} takes as argument the name of a constant;  after the
   33.96 +  whole @{text SML} is read, the necessary code is generated transparently
   33.97 +  and the corresponding constant names are inserted.  This technique also
   33.98 +  allows to use pattern matching on constructors stemming from compiled
   33.99 +  @{text datatypes}.
  33.100 +
  33.101 +  For a less simplistic example, theory @{theory Ferrack} is
  33.102 +  a good reference.
  33.103 +*}
  33.104 +
  33.105 +subsection {* Imperative data structures *}
  33.106 +
  33.107 +text {*
  33.108 +  If you consider imperative data structures as inevitable for a specific
  33.109 +  application, you should consider
  33.110 +  \emph{Imperative Functional Programming with Isabelle/HOL}
  33.111 +  (\cite{bulwahn-et-al:2008:imperative});
  33.112 +  the framework described there is available in theory @{theory Imperative_HOL}.
  33.113 +*}
  33.114 +
  33.115 +end
    34.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    34.2 +++ b/doc-src/Codegen/Thy/Introduction.thy	Wed Mar 04 11:05:29 2009 +0100
    34.3 @@ -0,0 +1,204 @@
    34.4 +theory Introduction
    34.5 +imports Setup
    34.6 +begin
    34.7 +
    34.8 +section {* Introduction and Overview *}
    34.9 +
   34.10 +text {*
   34.11 +  This tutorial introduces a generic code generator for the
   34.12 +  @{text Isabelle} system.
   34.13 +  Generic in the sense that the
   34.14 +  \qn{target language} for which code shall ultimately be
   34.15 +  generated is not fixed but may be an arbitrary state-of-the-art
   34.16 +  functional programming language (currently, the implementation
   34.17 +  supports @{text SML} \cite{SML}, @{text OCaml} \cite{OCaml} and @{text Haskell}
   34.18 +  \cite{haskell-revised-report}).
   34.19 +
   34.20 +  Conceptually the code generator framework is part
   34.21 +  of Isabelle's @{theory Pure} meta logic framework; the logic
   34.22 +  @{theory HOL} which is an extension of @{theory Pure}
   34.23 +  already comes with a reasonable framework setup and thus provides
   34.24 +  a good working horse for raising code-generation-driven
   34.25 +  applications.  So, we assume some familiarity and experience
   34.26 +  with the ingredients of the @{theory HOL} distribution theories.
   34.27 +  (see also \cite{isa-tutorial}).
   34.28 +
   34.29 +  The code generator aims to be usable with no further ado
   34.30 +  in most cases while allowing for detailed customisation.
   34.31 +  This manifests in the structure of this tutorial: after a short
   34.32 +  conceptual introduction with an example (\secref{sec:intro}),
   34.33 +  we discuss the generic customisation facilities (\secref{sec:program}).
   34.34 +  A further section (\secref{sec:adaption}) is dedicated to the matter of
   34.35 +  \qn{adaption} to specific target language environments.  After some
   34.36 +  further issues (\secref{sec:further}) we conclude with an overview
   34.37 +  of some ML programming interfaces (\secref{sec:ml}).
   34.38 +
   34.39 +  \begin{warn}
   34.40 +    Ultimately, the code generator which this tutorial deals with
   34.41 +    is supposed to replace the existing code generator
   34.42 +    by Stefan Berghofer \cite{Berghofer-Nipkow:2002}.
   34.43 +    So, for the moment, there are two distinct code generators
   34.44 +    in Isabelle.  In case of ambiguity, we will refer to the framework
   34.45 +    described here as @{text "generic code generator"}, to the
   34.46 +    other as @{text "SML code generator"}.
   34.47 +    Also note that while the framework itself is
   34.48 +    object-logic independent, only @{theory HOL} provides a reasonable
   34.49 +    framework setup.    
   34.50 +  \end{warn}
   34.51 +
   34.52 +*}
   34.53 +
   34.54 +subsection {* Code generation via shallow embedding \label{sec:intro} *}
   34.55 +
   34.56 +text {*
   34.57 +  The key concept for understanding @{text Isabelle}'s code generation is
   34.58 +  \emph{shallow embedding}, i.e.~logical entities like constants, types and
   34.59 +  classes are identified with corresponding concepts in the target language.
   34.60 +
   34.61 +  Inside @{theory HOL}, the @{command datatype} and
   34.62 +  @{command definition}/@{command primrec}/@{command fun} declarations form
   34.63 +  the core of a functional programming language.  The default code generator setup
   34.64 +  allows to turn those into functional programs immediately.
   34.65 +  This means that \qt{naive} code generation can proceed without further ado.
   34.66 +  For example, here a simple \qt{implementation} of amortised queues:
   34.67 +*}
   34.68 +
   34.69 +datatype %quote 'a queue = AQueue "'a list" "'a list"
   34.70 +
   34.71 +definition %quote empty :: "'a queue" where
   34.72 +  "empty = AQueue [] []"
   34.73 +
   34.74 +primrec %quote enqueue :: "'a \<Rightarrow> 'a queue \<Rightarrow> 'a queue" where
   34.75 +  "enqueue x (AQueue xs ys) = AQueue (x # xs) ys"
   34.76 +
   34.77 +fun %quote dequeue :: "'a queue \<Rightarrow> 'a option \<times> 'a queue" where
   34.78 +    "dequeue (AQueue [] []) = (None, AQueue [] [])"
   34.79 +  | "dequeue (AQueue xs (y # ys)) = (Some y, AQueue xs ys)"
   34.80 +  | "dequeue (AQueue xs []) =
   34.81 +      (case rev xs of y # ys \<Rightarrow> (Some y, AQueue [] ys))"
   34.82 +
   34.83 +text {* \noindent Then we can generate code e.g.~for @{text SML} as follows: *}
   34.84 +
   34.85 +export_code %quote empty dequeue enqueue in SML
   34.86 +  module_name Example file "examples/example.ML"
   34.87 +
   34.88 +text {* \noindent resulting in the following code: *}
   34.89 +
   34.90 +text %quote {*@{code_stmts empty enqueue dequeue (SML)}*}
   34.91 +
   34.92 +text {*
   34.93 +  \noindent The @{command export_code} command takes a space-separated list of
   34.94 +  constants for which code shall be generated;  anything else needed for those
   34.95 +  is added implicitly.  Then follows a target language identifier
   34.96 +  (@{text SML}, @{text OCaml} or @{text Haskell}) and a freely chosen module name.
   34.97 +  A file name denotes the destination to store the generated code.  Note that
   34.98 +  the semantics of the destination depends on the target language:  for
   34.99 +  @{text SML} and @{text OCaml} it denotes a \emph{file}, for @{text Haskell}
  34.100 +  it denotes a \emph{directory} where a file named as the module name
  34.101 +  (with extension @{text ".hs"}) is written:
  34.102 +*}
  34.103 +
  34.104 +export_code %quote empty dequeue enqueue in Haskell
  34.105 +  module_name Example file "examples/"
  34.106 +
  34.107 +text {*
  34.108 +  \noindent This is how the corresponding code in @{text Haskell} looks like:
  34.109 +*}
  34.110 +
  34.111 +text %quote {*@{code_stmts empty enqueue dequeue (Haskell)}*}
  34.112 +
  34.113 +text {*
  34.114 +  \noindent This demonstrates the basic usage of the @{command export_code} command;
  34.115 +  for more details see \secref{sec:further}.
  34.116 +*}
  34.117 +
  34.118 +subsection {* Code generator architecture \label{sec:concept} *}
  34.119 +
  34.120 +text {*
  34.121 +  What you have seen so far should be already enough in a lot of cases.  If you
  34.122 +  are content with this, you can quit reading here.  Anyway, in order to customise
  34.123 +  and adapt the code generator, it is inevitable to gain some understanding
  34.124 +  how it works.
  34.125 +
  34.126 +  \begin{figure}[h]
  34.127 +    \begin{tikzpicture}[x = 4.2cm, y = 1cm]
  34.128 +      \tikzstyle entity=[rounded corners, draw, thick, color = black, fill = white];
  34.129 +      \tikzstyle process=[ellipse, draw, thick, color = green, fill = white];
  34.130 +      \tikzstyle process_arrow=[->, semithick, color = green];
  34.131 +      \node (HOL) at (0, 4) [style=entity] {@{text "Isabelle/HOL"} theory};
  34.132 +      \node (eqn) at (2, 2) [style=entity] {code equations};
  34.133 +      \node (iml) at (2, 0) [style=entity] {intermediate language};
  34.134 +      \node (seri) at (1, 0) [style=process] {serialisation};
  34.135 +      \node (SML) at (0, 3) [style=entity] {@{text SML}};
  34.136 +      \node (OCaml) at (0, 2) [style=entity] {@{text OCaml}};
  34.137 +      \node (further) at (0, 1) [style=entity] {@{text "\<dots>"}};
  34.138 +      \node (Haskell) at (0, 0) [style=entity] {@{text Haskell}};
  34.139 +      \draw [style=process_arrow] (HOL) .. controls (2, 4) ..
  34.140 +        node [style=process, near start] {selection}
  34.141 +        node [style=process, near end] {preprocessing}
  34.142 +        (eqn);
  34.143 +      \draw [style=process_arrow] (eqn) -- node (transl) [style=process] {translation} (iml);
  34.144 +      \draw [style=process_arrow] (iml) -- (seri);
  34.145 +      \draw [style=process_arrow] (seri) -- (SML);
  34.146 +      \draw [style=process_arrow] (seri) -- (OCaml);
  34.147 +      \draw [style=process_arrow, dashed] (seri) -- (further);
  34.148 +      \draw [style=process_arrow] (seri) -- (Haskell);
  34.149 +    \end{tikzpicture}
  34.150 +    \caption{Code generator architecture}
  34.151 +    \label{fig:arch}
  34.152 +  \end{figure}
  34.153 +
  34.154 +  The code generator employs a notion of executability
  34.155 +  for three foundational executable ingredients known
  34.156 +  from functional programming:
  34.157 +  \emph{code equations}, \emph{datatypes}, and
  34.158 +  \emph{type classes}.  A code equation as a first approximation
  34.159 +  is a theorem of the form @{text "f t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n \<equiv> t"}
  34.160 +  (an equation headed by a constant @{text f} with arguments
  34.161 +  @{text "t\<^isub>1 t\<^isub>2 \<dots> t\<^isub>n"} and right hand side @{text t}).
  34.162 +  Code generation aims to turn code equations
  34.163 +  into a functional program.  This is achieved by three major
  34.164 +  components which operate sequentially, i.e. the result of one is
  34.165 +  the input
  34.166 +  of the next in the chain,  see diagram \ref{fig:arch}:
  34.167 +
  34.168 +  \begin{itemize}
  34.169 +
  34.170 +    \item Out of the vast collection of theorems proven in a
  34.171 +      \qn{theory}, a reasonable subset modelling
  34.172 +      code equations is \qn{selected}.
  34.173 +
  34.174 +    \item On those selected theorems, certain
  34.175 +      transformations are carried out
  34.176 +      (\qn{preprocessing}).  Their purpose is to turn theorems
  34.177 +      representing non- or badly executable
  34.178 +      specifications into equivalent but executable counterparts.
  34.179 +      The result is a structured collection of \qn{code theorems}.
  34.180 +
  34.181 +    \item Before the selected code equations are continued with,
  34.182 +      they can be \qn{preprocessed}, i.e. subjected to theorem
  34.183 +      transformations.  This \qn{preprocessor} is an interface which
  34.184 +      allows to apply
  34.185 +      the full expressiveness of ML-based theorem transformations
  34.186 +      to code generation;  motivating examples are shown below, see
  34.187 +      \secref{sec:preproc}.
  34.188 +      The result of the preprocessing step is a structured collection
  34.189 +      of code equations.
  34.190 +
  34.191 +    \item These code equations are \qn{translated} to a program
  34.192 +      in an abstract intermediate language.  Think of it as a kind
  34.193 +      of \qt{Mini-Haskell} with four \qn{statements}: @{text data}
  34.194 +      (for datatypes), @{text fun} (stemming from code equations),
  34.195 +      also @{text class} and @{text inst} (for type classes).
  34.196 +
  34.197 +    \item Finally, the abstract program is \qn{serialised} into concrete
  34.198 +      source code of a target language.
  34.199 +
  34.200 +  \end{itemize}
  34.201 +
  34.202 +  \noindent From these steps, only the two last are carried out outside the logic;  by
  34.203 +  keeping this layer as thin as possible, the amount of code to trust is
  34.204 +  kept to a minimum.
  34.205 +*}
  34.206 +
  34.207 +end
    35.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    35.2 +++ b/doc-src/Codegen/Thy/ML.thy	Wed Mar 04 11:05:29 2009 +0100
    35.3 @@ -0,0 +1,177 @@
    35.4 +theory "ML"
    35.5 +imports Setup
    35.6 +begin
    35.7 +
    35.8 +section {* ML system interfaces \label{sec:ml} *}
    35.9 +
   35.10 +text {*
   35.11 +  Since the code generator framework not only aims to provide
   35.12 +  a nice Isar interface but also to form a base for
   35.13 +  code-generation-based applications, here a short
   35.14 +  description of the most important ML interfaces.
   35.15 +*}
   35.16 +
   35.17 +subsection {* Executable theory content: @{text Code} *}
   35.18 +
   35.19 +text {*
   35.20 +  This Pure module implements the core notions of
   35.21 +  executable content of a theory.
   35.22 +*}
   35.23 +
   35.24 +subsubsection {* Managing executable content *}
   35.25 +
   35.26 +text %mlref {*
   35.27 +  \begin{mldecls}
   35.28 +  @{index_ML Code.add_eqn: "thm -> theory -> theory"} \\
   35.29 +  @{index_ML Code.del_eqn: "thm -> theory -> theory"} \\
   35.30 +  @{index_ML Code.add_eqnl: "string * (thm * bool) list lazy -> theory -> theory"} \\
   35.31 +  @{index_ML Code.map_pre: "(simpset -> simpset) -> theory -> theory"} \\
   35.32 +  @{index_ML Code.map_post: "(simpset -> simpset) -> theory -> theory"} \\
   35.33 +  @{index_ML Code.add_functrans: "string * (theory -> (thm * bool) list -> (thm * bool) list option)
   35.34 +    -> theory -> theory"} \\
   35.35 +  @{index_ML Code.del_functrans: "string -> theory -> theory"} \\
   35.36 +  @{index_ML Code.add_datatype: "(string * typ) list -> theory -> theory"} \\
   35.37 +  @{index_ML Code.get_datatype: "theory -> string
   35.38 +    -> (string * sort) list * (string * typ list) list"} \\
   35.39 +  @{index_ML Code.get_datatype_of_constr: "theory -> string -> string option"}
   35.40 +  \end{mldecls}
   35.41 +
   35.42 +  \begin{description}
   35.43 +
   35.44 +  \item @{ML Code.add_eqn}~@{text "thm"}~@{text "thy"} adds function
   35.45 +     theorem @{text "thm"} to executable content.
   35.46 +
   35.47 +  \item @{ML Code.del_eqn}~@{text "thm"}~@{text "thy"} removes function
   35.48 +     theorem @{text "thm"} from executable content, if present.
   35.49 +
   35.50 +  \item @{ML Code.add_eqnl}~@{text "(const, lthms)"}~@{text "thy"} adds
   35.51 +     suspended code equations @{text lthms} for constant
   35.52 +     @{text const} to executable content.
   35.53 +
   35.54 +  \item @{ML Code.map_pre}~@{text "f"}~@{text "thy"} changes
   35.55 +     the preprocessor simpset.
   35.56 +
   35.57 +  \item @{ML Code.add_functrans}~@{text "(name, f)"}~@{text "thy"} adds
   35.58 +     function transformer @{text f} (named @{text name}) to executable content;
   35.59 +     @{text f} is a transformer of the code equations belonging
   35.60 +     to a certain function definition, depending on the
   35.61 +     current theory context.  Returning @{text NONE} indicates that no
   35.62 +     transformation took place;  otherwise, the whole process will be iterated
   35.63 +     with the new code equations.
   35.64 +
   35.65 +  \item @{ML Code.del_functrans}~@{text "name"}~@{text "thy"} removes
   35.66 +     function transformer named @{text name} from executable content.
   35.67 +
   35.68 +  \item @{ML Code.add_datatype}~@{text cs}~@{text thy} adds
   35.69 +     a datatype to executable content, with generation
   35.70 +     set @{text cs}.
   35.71 +
   35.72 +  \item @{ML Code.get_datatype_of_constr}~@{text "thy"}~@{text "const"}
   35.73 +     returns type constructor corresponding to
   35.74 +     constructor @{text const}; returns @{text NONE}
   35.75 +     if @{text const} is no constructor.
   35.76 +
   35.77 +  \end{description}
   35.78 +*}
   35.79 +
   35.80 +subsection {* Auxiliary *}
   35.81 +
   35.82 +text %mlref {*
   35.83 +  \begin{mldecls}
   35.84 +  @{index_ML Code_Unit.read_const: "theory -> string -> string"} \\
   35.85 +  @{index_ML Code_Unit.head_eqn: "theory -> thm -> string * ((string * sort) list * typ)"} \\
   35.86 +  @{index_ML Code_Unit.rewrite_eqn: "simpset -> thm -> thm"} \\
   35.87 +  \end{mldecls}
   35.88 +
   35.89 +  \begin{description}
   35.90 +
   35.91 +  \item @{ML Code_Unit.read_const}~@{text thy}~@{text s}
   35.92 +     reads a constant as a concrete term expression @{text s}.
   35.93 +
   35.94 +  \item @{ML Code_Unit.head_eqn}~@{text thy}~@{text thm}
   35.95 +     extracts the constant and its type from a code equation @{text thm}.
   35.96 +
   35.97 +  \item @{ML Code_Unit.rewrite_eqn}~@{text ss}~@{text thm}
   35.98 +     rewrites a code equation @{text thm} with a simpset @{text ss};
   35.99 +     only arguments and right hand side are rewritten,
  35.100 +     not the head of the code equation.
  35.101 +
  35.102 +  \end{description}
  35.103 +
  35.104 +*}
  35.105 +
  35.106 +subsection {* Implementing code generator applications *}
  35.107 +
  35.108 +text {*
  35.109 +  Implementing code generator applications on top
  35.110 +  of the framework set out so far usually not only
  35.111 +  involves using those primitive interfaces
  35.112 +  but also storing code-dependent data and various
  35.113 +  other things.
  35.114 +*}
  35.115 +
  35.116 +subsubsection {* Data depending on the theory's executable content *}
  35.117 +
  35.118 +text {*
  35.119 +  Due to incrementality of code generation, changes in the
  35.120 +  theory's executable content have to be propagated in a
  35.121 +  certain fashion.  Additionally, such changes may occur
  35.122 +  not only during theory extension but also during theory
  35.123 +  merge, which is a little bit nasty from an implementation
  35.124 +  point of view.  The framework provides a solution
  35.125 +  to this technical challenge by providing a functorial
  35.126 +  data slot @{ML_functor CodeDataFun}; on instantiation
  35.127 +  of this functor, the following types and operations
  35.128 +  are required:
  35.129 +
  35.130 +  \medskip
  35.131 +  \begin{tabular}{l}
  35.132 +  @{text "type T"} \\
  35.133 +  @{text "val empty: T"} \\
  35.134 +  @{text "val purge: theory \<rightarrow> string list option \<rightarrow> T \<rightarrow> T"}
  35.135 +  \end{tabular}
  35.136 +
  35.137 +  \begin{description}
  35.138 +
  35.139 +  \item @{text T} the type of data to store.
  35.140 +
  35.141 +  \item @{text empty} initial (empty) data.
  35.142 +
  35.143 +  \item @{text purge}~@{text thy}~@{text consts} propagates changes in executable content;
  35.144 +    @{text consts} indicates the kind
  35.145 +    of change: @{ML NONE} stands for a fundamental change
  35.146 +    which invalidates any existing code, @{text "SOME consts"}
  35.147 +    hints that executable content for constants @{text consts}
  35.148 +    has changed.
  35.149 +
  35.150 +  \end{description}
  35.151 +
  35.152 +  \noindent An instance of @{ML_functor CodeDataFun} provides the following
  35.153 +  interface:
  35.154 +
  35.155 +  \medskip
  35.156 +  \begin{tabular}{l}
  35.157 +  @{text "get: theory \<rightarrow> T"} \\
  35.158 +  @{text "change: theory \<rightarrow> (T \<rightarrow> T) \<rightarrow> T"} \\
  35.159 +  @{text "change_yield: theory \<rightarrow> (T \<rightarrow> 'a * T) \<rightarrow> 'a * T"}
  35.160 +  \end{tabular}
  35.161 +
  35.162 +  \begin{description}
  35.163 +
  35.164 +  \item @{text get} retrieval of the current data.
  35.165 +
  35.166 +  \item @{text change} update of current data (cached!)
  35.167 +    by giving a continuation.
  35.168 +
  35.169 +  \item @{text change_yield} update with side result.
  35.170 +
  35.171 +  \end{description}
  35.172 +*}
  35.173 +
  35.174 +text {*
  35.175 +  \bigskip
  35.176 +
  35.177 +  \emph{Happy proving, happy hacking!}
  35.178 +*}
  35.179 +
  35.180 +end
    36.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    36.2 +++ b/doc-src/Codegen/Thy/Program.thy	Wed Mar 04 11:05:29 2009 +0100
    36.3 @@ -0,0 +1,526 @@
    36.4 +theory Program
    36.5 +imports Introduction
    36.6 +begin
    36.7 +
    36.8 +section {* Turning Theories into Programs \label{sec:program} *}
    36.9 +
   36.10 +subsection {* The @{text "Isabelle/HOL"} default setup *}
   36.11 +
   36.12 +text {*
   36.13 +  We have already seen how by default equations stemming from
   36.14 +  @{command definition}/@{command primrec}/@{command fun}
   36.15 +  statements are used for code generation.  This default behaviour
   36.16 +  can be changed, e.g. by providing different code equations.
   36.17 +  All kinds of customisation shown in this section is \emph{safe}
   36.18 +  in the sense that the user does not have to worry about
   36.19 +  correctness -- all programs generatable that way are partially
   36.20 +  correct.
   36.21 +*}
   36.22 +
   36.23 +subsection {* Selecting code equations *}
   36.24 +
   36.25 +text {*
   36.26 +  Coming back to our introductory example, we
   36.27 +  could provide an alternative code equations for @{const dequeue}
   36.28 +  explicitly:
   36.29 +*}
   36.30 +
   36.31 +lemma %quote [code]:
   36.32 +  "dequeue (AQueue xs []) =
   36.33 +     (if xs = [] then (None, AQueue [] [])
   36.34 +       else dequeue (AQueue [] (rev xs)))"
   36.35 +  "dequeue (AQueue xs (y # ys)) =
   36.36 +     (Some y, AQueue xs ys)"
   36.37 +  by (cases xs, simp_all) (cases "rev xs", simp_all)
   36.38 +
   36.39 +text {*
   36.40 +  \noindent The annotation @{text "[code]"} is an @{text Isar}
   36.41 +  @{text attribute} which states that the given theorems should be
   36.42 +  considered as code equations for a @{text fun} statement --
   36.43 +  the corresponding constant is determined syntactically.  The resulting code:
   36.44 +*}
   36.45 +
   36.46 +text %quote {*@{code_stmts dequeue (consts) dequeue (Haskell)}*}
   36.47 +
   36.48 +text {*
   36.49 +  \noindent You may note that the equality test @{term "xs = []"} has been
   36.50 +  replaced by the predicate @{term "null xs"}.  This is due to the default
   36.51 +  setup in the \qn{preprocessor} to be discussed further below (\secref{sec:preproc}).
   36.52 +
   36.53 +  Changing the default constructor set of datatypes is also
   36.54 +  possible.  See \secref{sec:datatypes} for an example.
   36.55 +
   36.56 +  As told in \secref{sec:concept}, code generation is based
   36.57 +  on a structured collection of code theorems.
   36.58 +  For explorative purpose, this collection
   36.59 +  may be inspected using the @{command code_thms} command:
   36.60 +*}
   36.61 +
   36.62 +code_thms %quote dequeue
   36.63 +
   36.64 +text {*
   36.65 +  \noindent prints a table with \emph{all} code equations
   36.66 +  for @{const dequeue}, including
   36.67 +  \emph{all} code equations those equations depend
   36.68 +  on recursively.
   36.69 +  
   36.70 +  Similarly, the @{command code_deps} command shows a graph
   36.71 +  visualising dependencies between code equations.
   36.72 +*}
   36.73 +
   36.74 +subsection {* @{text class} and @{text instantiation} *}
   36.75 +
   36.76 +text {*
   36.77 +  Concerning type classes and code generation, let us examine an example
   36.78 +  from abstract algebra:
   36.79 +*}
   36.80 +
   36.81 +class %quote semigroup =
   36.82 +  fixes mult :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<otimes>" 70)
   36.83 +  assumes assoc: "(x \<otimes> y) \<otimes> z = x \<otimes> (y \<otimes> z)"
   36.84 +
   36.85 +class %quote monoid = semigroup +
   36.86 +  fixes neutral :: 'a ("\<one>")
   36.87 +  assumes neutl: "\<one> \<otimes> x = x"
   36.88 +    and neutr: "x \<otimes> \<one> = x"
   36.89 +
   36.90 +instantiation %quote nat :: monoid
   36.91 +begin
   36.92 +
   36.93 +primrec %quote mult_nat where
   36.94 +    "0 \<otimes> n = (0\<Colon>nat)"
   36.95 +  | "Suc m \<otimes> n = n + m \<otimes> n"
   36.96 +
   36.97 +definition %quote neutral_nat where
   36.98 +  "\<one> = Suc 0"
   36.99 +
  36.100 +lemma %quote add_mult_distrib:
  36.101 +  fixes n m q :: nat
  36.102 +  shows "(n + m) \<otimes> q = n \<otimes> q + m \<otimes> q"
  36.103 +  by (induct n) simp_all
  36.104 +
  36.105 +instance %quote proof
  36.106 +  fix m n q :: nat
  36.107 +  show "m \<otimes> n \<otimes> q = m \<otimes> (n \<otimes> q)"
  36.108 +    by (induct m) (simp_all add: add_mult_distrib)
  36.109 +  show "\<one> \<otimes> n = n"
  36.110 +    by (simp add: neutral_nat_def)
  36.111 +  show "m \<otimes> \<one> = m"
  36.112 +    by (induct m) (simp_all add: neutral_nat_def)
  36.113 +qed
  36.114 +
  36.115 +end %quote
  36.116 +
  36.117 +text {*
  36.118 +  \noindent We define the natural operation of the natural numbers
  36.119 +  on monoids:
  36.120 +*}
  36.121 +
  36.122 +primrec %quote (in monoid) pow :: "nat \<Rightarrow> 'a \<Rightarrow> 'a" where
  36.123 +    "pow 0 a = \<one>"
  36.124 +  | "pow (Suc n) a = a \<otimes> pow n a"
  36.125 +
  36.126 +text {*
  36.127 +  \noindent This we use to define the discrete exponentiation function:
  36.128 +*}
  36.129 +
  36.130 +definition %quote bexp :: "nat \<Rightarrow> nat" where
  36.131 +  "bexp n = pow n (Suc (Suc 0))"
  36.132 +
  36.133 +text {*
  36.134 +  \noindent The corresponding code:
  36.135 +*}
  36.136 +
  36.137 +text %quote {*@{code_stmts bexp (Haskell)}*}
  36.138 +
  36.139 +text {*
  36.140 +  \noindent This is a convenient place to show how explicit dictionary construction
  36.141 +  manifests in generated code (here, the same example in @{text SML}):
  36.142 +*}
  36.143 +
  36.144 +text %quote {*@{code_stmts bexp (SML)}*}
  36.145 +
  36.146 +text {*
  36.147 +  \noindent Note the parameters with trailing underscore (@{verbatim "A_"})
  36.148 +    which are the dictionary parameters.
  36.149 +*}
  36.150 +
  36.151 +subsection {* The preprocessor \label{sec:preproc} *}
  36.152 +
  36.153 +text {*
  36.154 +  Before selected function theorems are turned into abstract
  36.155 +  code, a chain of definitional transformation steps is carried
  36.156 +  out: \emph{preprocessing}.  In essence, the preprocessor
  36.157 +  consists of two components: a \emph{simpset} and \emph{function transformers}.
  36.158 +
  36.159 +  The \emph{simpset} allows to employ the full generality of the Isabelle
  36.160 +  simplifier.  Due to the interpretation of theorems
  36.161 +  as code equations, rewrites are applied to the right
  36.162 +  hand side and the arguments of the left hand side of an
  36.163 +  equation, but never to the constant heading the left hand side.
  36.164 +  An important special case are \emph{inline theorems} which may be
  36.165 +  declared and undeclared using the
  36.166 +  \emph{code inline} or \emph{code inline del} attribute respectively.
  36.167 +
  36.168 +  Some common applications:
  36.169 +*}
  36.170 +
  36.171 +text_raw {*
  36.172 +  \begin{itemize}
  36.173 +*}
  36.174 +
  36.175 +text {*
  36.176 +     \item replacing non-executable constructs by executable ones:
  36.177 +*}     
  36.178 +
  36.179 +lemma %quote [code inline]:
  36.180 +  "x \<in> set xs \<longleftrightarrow> x mem xs" by (induct xs) simp_all
  36.181 +
  36.182 +text {*
  36.183 +     \item eliminating superfluous constants:
  36.184 +*}
  36.185 +
  36.186 +lemma %quote [code inline]:
  36.187 +  "1 = Suc 0" by simp
  36.188 +
  36.189 +text {*
  36.190 +     \item replacing executable but inconvenient constructs:
  36.191 +*}
  36.192 +
  36.193 +lemma %quote [code inline]:
  36.194 +  "xs = [] \<longleftrightarrow> List.null xs" by (induct xs) simp_all
  36.195 +
  36.196 +text_raw {*
  36.197 +  \end{itemize}
  36.198 +*}
  36.199 +
  36.200 +text {*
  36.201 +  \noindent \emph{Function transformers} provide a very general interface,
  36.202 +  transforming a list of function theorems to another
  36.203 +  list of function theorems, provided that neither the heading
  36.204 +  constant nor its type change.  The @{term "0\<Colon>nat"} / @{const Suc}
  36.205 +  pattern elimination implemented in
  36.206 +  theory @{text Efficient_Nat} (see \secref{eff_nat}) uses this
  36.207 +  interface.
  36.208 +
  36.209 +  \noindent The current setup of the preprocessor may be inspected using
  36.210 +  the @{command print_codesetup} command.
  36.211 +  @{command code_thms} provides a convenient
  36.212 +  mechanism to inspect the impact of a preprocessor setup
  36.213 +  on code equations.
  36.214 +
  36.215 +  \begin{warn}
  36.216 +    The attribute \emph{code unfold}
  36.217 +    associated with the @{text "SML code generator"} also applies to
  36.218 +    the @{text "generic code generator"}:
  36.219 +    \emph{code unfold} implies \emph{code inline}.
  36.220 +  \end{warn}
  36.221 +*}
  36.222 +
  36.223 +subsection {* Datatypes \label{sec:datatypes} *}
  36.224 +
  36.225 +text {*
  36.226 +  Conceptually, any datatype is spanned by a set of
  36.227 +  \emph{constructors} of type @{text "\<tau> = \<dots> \<Rightarrow> \<kappa> \<alpha>\<^isub>1 \<dots> \<alpha>\<^isub>n"} where @{text
  36.228 +  "{\<alpha>\<^isub>1, \<dots>, \<alpha>\<^isub>n}"} is exactly the set of \emph{all} type variables in
  36.229 +  @{text "\<tau>"}.  The HOL datatype package by default registers any new
  36.230 +  datatype in the table of datatypes, which may be inspected using the
  36.231 +  @{command print_codesetup} command.
  36.232 +
  36.233 +  In some cases, it is appropriate to alter or extend this table.  As
  36.234 +  an example, we will develop an alternative representation of the
  36.235 +  queue example given in \secref{sec:intro}.  The amortised
  36.236 +  representation is convenient for generating code but exposes its
  36.237 +  \qt{implementation} details, which may be cumbersome when proving
  36.238 +  theorems about it.  Therefore, here a simple, straightforward
  36.239 +  representation of queues:
  36.240 +*}
  36.241 +
  36.242 +datatype %quote 'a queue = Queue "'a list"
  36.243 +
  36.244 +definition %quote empty :: "'a queue" where
  36.245 +  "empty = Queue []"
  36.246 +
  36.247 +primrec %quote enqueue :: "'a \<Rightarrow> 'a queue \<Rightarrow> 'a queue" where
  36.248 +  "enqueue x (Queue xs) = Queue (xs @ [x])"
  36.249 +
  36.250 +fun %quote dequeue :: "'a queue \<Rightarrow> 'a option \<times> 'a queue" where
  36.251 +    "dequeue (Queue []) = (None, Queue [])"
  36.252 +  | "dequeue (Queue (x # xs)) = (Some x, Queue xs)"
  36.253 +
  36.254 +text {*
  36.255 +  \noindent This we can use directly for proving;  for executing,
  36.256 +  we provide an alternative characterisation:
  36.257 +*}
  36.258 +
  36.259 +definition %quote AQueue :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a queue" where
  36.260 +  "AQueue xs ys = Queue (ys @ rev xs)"
  36.261 +
  36.262 +code_datatype %quote AQueue
  36.263 +
  36.264 +text {*
  36.265 +  \noindent Here we define a \qt{constructor} @{const "AQueue"} which
  36.266 +  is defined in terms of @{text "Queue"} and interprets its arguments
  36.267 +  according to what the \emph{content} of an amortised queue is supposed
  36.268 +  to be.  Equipped with this, we are able to prove the following equations
  36.269 +  for our primitive queue operations which \qt{implement} the simple
  36.270 +  queues in an amortised fashion:
  36.271 +*}
  36.272 +
  36.273 +lemma %quote empty_AQueue [code]:
  36.274 +  "empty = AQueue [] []"
  36.275 +  unfolding AQueue_def empty_def by simp
  36.276 +
  36.277 +lemma %quote enqueue_AQueue [code]:
  36.278 +  "enqueue x (AQueue xs ys) = AQueue (x # xs) ys"
  36.279 +  unfolding AQueue_def by simp
  36.280 +
  36.281 +lemma %quote dequeue_AQueue [code]:
  36.282 +  "dequeue (AQueue xs []) =
  36.283 +    (if xs = [] then (None, AQueue [] [])
  36.284 +    else dequeue (AQueue [] (rev xs)))"
  36.285 +  "dequeue (AQueue xs (y # ys)) = (Some y, AQueue xs ys)"
  36.286 +  unfolding AQueue_def by simp_all
  36.287 +
  36.288 +text {*
  36.289 +  \noindent For completeness, we provide a substitute for the
  36.290 +  @{text case} combinator on queues:
  36.291 +*}
  36.292 +
  36.293 +lemma %quote queue_case_AQueue [code]:
  36.294 +  "queue_case f (AQueue xs ys) = f (ys @ rev xs)"
  36.295 +  unfolding AQueue_def by simp
  36.296 +
  36.297 +text {*
  36.298 +  \noindent The resulting code looks as expected:
  36.299 +*}
  36.300 +
  36.301 +text %quote {*@{code_stmts empty enqueue dequeue (SML)}*}
  36.302 +
  36.303 +text {*
  36.304 +  \noindent From this example, it can be glimpsed that using own
  36.305 +  constructor sets is a little delicate since it changes the set of
  36.306 +  valid patterns for values of that type.  Without going into much
  36.307 +  detail, here some practical hints:
  36.308 +
  36.309 +  \begin{itemize}
  36.310 +
  36.311 +    \item When changing the constructor set for datatypes, take care
  36.312 +      to provide alternative equations for the @{text case} combinator.
  36.313 +
  36.314 +    \item Values in the target language need not to be normalised --
  36.315 +      different values in the target language may represent the same
  36.316 +      value in the logic.
  36.317 +
  36.318 +    \item Usually, a good methodology to deal with the subtleties of
  36.319 +      pattern matching is to see the type as an abstract type: provide
  36.320 +      a set of operations which operate on the concrete representation
  36.321 +      of the type, and derive further operations by combinations of
  36.322 +      these primitive ones, without relying on a particular
  36.323 +      representation.
  36.324 +
  36.325 +  \end{itemize}
  36.326 +*}
  36.327 +
  36.328 +
  36.329 +subsection {* Equality and wellsortedness *}
  36.330 +
  36.331 +text {*
  36.332 +  Surely you have already noticed how equality is treated
  36.333 +  by the code generator:
  36.334 +*}
  36.335 +
  36.336 +primrec %quote collect_duplicates :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" where
  36.337 +  "collect_duplicates xs ys [] = xs"
  36.338 +  | "collect_duplicates xs ys (z#zs) = (if z \<in> set xs
  36.339 +      then if z \<in> set ys
  36.340 +        then collect_duplicates xs ys zs
  36.341 +        else collect_duplicates xs (z#ys) zs
  36.342 +      else collect_duplicates (z#xs) (z#ys) zs)"
  36.343 +
  36.344 +text {*
  36.345 +  \noindent The membership test during preprocessing is rewritten,
  36.346 +  resulting in @{const List.member}, which itself
  36.347 +  performs an explicit equality check.
  36.348 +*}
  36.349 +
  36.350 +text %quote {*@{code_stmts collect_duplicates (SML)}*}
  36.351 +
  36.352 +text {*
  36.353 +  \noindent Obviously, polymorphic equality is implemented the Haskell
  36.354 +  way using a type class.  How is this achieved?  HOL introduces
  36.355 +  an explicit class @{class eq} with a corresponding operation
  36.356 +  @{const eq_class.eq} such that @{thm eq [no_vars]}.
  36.357 +  The preprocessing framework does the rest by propagating the
  36.358 +  @{class eq} constraints through all dependent code equations.
  36.359 +  For datatypes, instances of @{class eq} are implicitly derived
  36.360 +  when possible.  For other types, you may instantiate @{text eq}
  36.361 +  manually like any other type class.
  36.362 +
  36.363 +  Though this @{text eq} class is designed to get rarely in
  36.364 +  the way, a subtlety
  36.365 +  enters the stage when definitions of overloaded constants
  36.366 +  are dependent on operational equality.  For example, let
  36.367 +  us define a lexicographic ordering on tuples
  36.368 +  (also see theory @{theory Product_ord}):
  36.369 +*}
  36.370 +
  36.371 +instantiation %quote "*" :: (order, order) order
  36.372 +begin
  36.373 +
  36.374 +definition %quote [code del]:
  36.375 +  "x \<le> y \<longleftrightarrow> fst x < fst y \<or> fst x = fst y \<and> snd x \<le> snd y"
  36.376 +
  36.377 +definition %quote [code del]:
  36.378 +  "x < y \<longleftrightarrow> fst x < fst y \<or> fst x = fst y \<and> snd x < snd y"
  36.379 +
  36.380 +instance %quote proof
  36.381 +qed (auto simp: less_eq_prod_def less_prod_def intro: order_less_trans)
  36.382 +
  36.383 +end %quote
  36.384 +
  36.385 +lemma %quote order_prod [code]:
  36.386 +  "(x1 \<Colon> 'a\<Colon>order, y1 \<Colon> 'b\<Colon>order) < (x2, y2) \<longleftrightarrow>
  36.387 +     x1 < x2 \<or> x1 = x2 \<and> y1 < y2"
  36.388 +  "(x1 \<Colon> 'a\<Colon>order, y1 \<Colon> 'b\<Colon>order) \<le> (x2, y2) \<longleftrightarrow>
  36.389 +     x1 < x2 \<or> x1 = x2 \<and> y1 \<le> y2"
  36.390 +  by (simp_all add: less_prod_def less_eq_prod_def)
  36.391 +
  36.392 +text {*
  36.393 +  \noindent Then code generation will fail.  Why?  The definition
  36.394 +  of @{term "op \<le>"} depends on equality on both arguments,
  36.395 +  which are polymorphic and impose an additional @{class eq}
  36.396 +  class constraint, which the preprocessor does not propagate
  36.397 +  (for technical reasons).
  36.398 +
  36.399 +  The solution is to add @{class eq} explicitly to the first sort arguments in the
  36.400 +  code theorems:
  36.401 +*}
  36.402 +
  36.403 +lemma %quote order_prod_code [code]:
  36.404 +  "(x1 \<Colon> 'a\<Colon>{order, eq}, y1 \<Colon> 'b\<Colon>order) < (x2, y2) \<longleftrightarrow>
  36.405 +     x1 < x2 \<or> x1 = x2 \<and> y1 < y2"
  36.406 +  "(x1 \<Colon> 'a\<Colon>{order, eq}, y1 \<Colon> 'b\<Colon>order) \<le> (x2, y2) \<longleftrightarrow>
  36.407 +     x1 < x2 \<or> x1 = x2 \<and> y1 \<le> y2"
  36.408 +  by (simp_all add: less_prod_def less_eq_prod_def)
  36.409 +
  36.410 +text {*
  36.411 +  \noindent Then code generation succeeds:
  36.412 +*}
  36.413 +
  36.414 +text %quote {*@{code_stmts "op \<le> \<Colon> _ \<times> _ \<Rightarrow> _ \<times> _ \<Rightarrow> bool" (SML)}*}
  36.415 +
  36.416 +text {*
  36.417 +  In some cases, the automatically derived code equations
  36.418 +  for equality on a particular type may not be appropriate.
  36.419 +  As example, watch the following datatype representing
  36.420 +  monomorphic parametric types (where type constructors
  36.421 +  are referred to by natural numbers):
  36.422 +*}
  36.423 +
  36.424 +datatype %quote monotype = Mono nat "monotype list"
  36.425 +(*<*)
  36.426 +lemma monotype_eq:
  36.427 +  "eq_class.eq (Mono tyco1 typargs1) (Mono tyco2 typargs2) \<equiv> 
  36.428 +     eq_class.eq tyco1 tyco2 \<and> eq_class.eq typargs1 typargs2" by (simp add: eq)
  36.429 +(*>*)
  36.430 +
  36.431 +text {*
  36.432 +  \noindent Then code generation for SML would fail with a message
  36.433 +  that the generated code contains illegal mutual dependencies:
  36.434 +  the theorem @{thm monotype_eq [no_vars]} already requires the
  36.435 +  instance @{text "monotype \<Colon> eq"}, which itself requires
  36.436 +  @{thm monotype_eq [no_vars]};  Haskell has no problem with mutually
  36.437 +  recursive @{text instance} and @{text function} definitions,
  36.438 +  but the SML serialiser does not support this.
  36.439 +
  36.440 +  In such cases, you have to provide your own equality equations
  36.441 +  involving auxiliary constants.  In our case,
  36.442 +  @{const [show_types] list_all2} can do the job:
  36.443 +*}
  36.444 +
  36.445 +lemma %quote monotype_eq_list_all2 [code]:
  36.446 +  "eq_class.eq (Mono tyco1 typargs1) (Mono tyco2 typargs2) \<longleftrightarrow>
  36.447 +     eq_class.eq tyco1 tyco2 \<and> list_all2 eq_class.eq typargs1 typargs2"
  36.448 +  by (simp add: eq list_all2_eq [symmetric])
  36.449 +
  36.450 +text {*
  36.451 +  \noindent does not depend on instance @{text "monotype \<Colon> eq"}:
  36.452 +*}
  36.453 +
  36.454 +text %quote {*@{code_stmts "eq_class.eq :: monotype \<Rightarrow> monotype \<Rightarrow> bool" (SML)}*}
  36.455 +
  36.456 +
  36.457 +subsection {* Explicit partiality *}
  36.458 +
  36.459 +text {*
  36.460 +  Partiality usually enters the game by partial patterns, as
  36.461 +  in the following example, again for amortised queues:
  36.462 +*}
  36.463 +
  36.464 +definition %quote strict_dequeue :: "'a queue \<Rightarrow> 'a \<times> 'a queue" where
  36.465 +  "strict_dequeue q = (case dequeue q
  36.466 +    of (Some x, q') \<Rightarrow> (x, q'))"
  36.467 +
  36.468 +lemma %quote strict_dequeue_AQueue [code]:
  36.469 +  "strict_dequeue (AQueue xs (y # ys)) = (y, AQueue xs ys)"
  36.470 +  "strict_dequeue (AQueue xs []) =
  36.471 +    (case rev xs of y # ys \<Rightarrow> (y, AQueue [] ys))"
  36.472 +  by (simp_all add: strict_dequeue_def dequeue_AQueue split: list.splits)
  36.473 +
  36.474 +text {*
  36.475 +  \noindent In the corresponding code, there is no equation
  36.476 +  for the pattern @{term "AQueue [] []"}:
  36.477 +*}
  36.478 +
  36.479 +text %quote {*@{code_stmts strict_dequeue (consts) strict_dequeue (Haskell)}*}
  36.480 +
  36.481 +text {*
  36.482 +  \noindent In some cases it is desirable to have this
  36.483 +  pseudo-\qt{partiality} more explicitly, e.g.~as follows:
  36.484 +*}
  36.485 +
  36.486 +axiomatization %quote empty_queue :: 'a
  36.487 +
  36.488 +definition %quote strict_dequeue' :: "'a queue \<Rightarrow> 'a \<times> 'a queue" where
  36.489 +  "strict_dequeue' q = (case dequeue q of (Some x, q') \<Rightarrow> (x, q') | _ \<Rightarrow> empty_queue)"
  36.490 +
  36.491 +lemma %quote strict_dequeue'_AQueue [code]:
  36.492 +  "strict_dequeue' (AQueue xs []) = (if xs = [] then empty_queue
  36.493 +     else strict_dequeue' (AQueue [] (rev xs)))"
  36.494 +  "strict_dequeue' (AQueue xs (y # ys)) =
  36.495 +     (y, AQueue xs ys)"
  36.496 +  by (simp_all add: strict_dequeue'_def dequeue_AQueue split: list.splits)
  36.497 +
  36.498 +text {*
  36.499 +  Observe that on the right hand side of the definition of @{const
  36.500 +  "strict_dequeue'"} the constant @{const empty_queue} occurs
  36.501 +  which is unspecified.
  36.502 +
  36.503 +  Normally, if constants without any code equations occur in a
  36.504 +  program, the code generator complains (since in most cases this is
  36.505 +  not what the user expects).  But such constants can also be thought
  36.506 +  of as function definitions with no equations which always fail,
  36.507 +  since there is never a successful pattern match on the left hand
  36.508 +  side.  In order to categorise a constant into that category
  36.509 +  explicitly, use @{command "code_abort"}:
  36.510 +*}
  36.511 +
  36.512 +code_abort %quote empty_queue
  36.513 +
  36.514 +text {*
  36.515 +  \noindent Then the code generator will just insert an error or
  36.516 +  exception at the appropriate position:
  36.517 +*}
  36.518 +
  36.519 +text %quote {*@{code_stmts strict_dequeue' (consts) empty_queue strict_dequeue' (Haskell)}*}
  36.520 +
  36.521 +text {*
  36.522 +  \noindent This feature however is rarely needed in practice.
  36.523 +  Note also that the @{text HOL} default setup already declares
  36.524 +  @{const undefined} as @{command "code_abort"}, which is most
  36.525 +  likely to be used in such situations.
  36.526 +*}
  36.527 +
  36.528 +end
  36.529 + 
  36.530 \ No newline at end of file
    37.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    37.2 +++ b/doc-src/Codegen/Thy/ROOT.ML	Wed Mar 04 11:05:29 2009 +0100
    37.3 @@ -0,0 +1,11 @@
    37.4 +
    37.5 +(* $Id$ *)
    37.6 +
    37.7 +no_document use_thy "Setup";
    37.8 +no_document use_thys ["Efficient_Nat"];
    37.9 +
   37.10 +use_thy "Introduction";
   37.11 +use_thy "Program";
   37.12 +use_thy "Adaption";
   37.13 +use_thy "Further";
   37.14 +use_thy "ML";
    38.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    38.2 +++ b/doc-src/Codegen/Thy/Setup.thy	Wed Mar 04 11:05:29 2009 +0100
    38.3 @@ -0,0 +1,15 @@
    38.4 +theory Setup
    38.5 +imports Complex_Main
    38.6 +uses
    38.7 +  "../../antiquote_setup.ML"
    38.8 +  "../../more_antiquote.ML"
    38.9 +begin
   38.10 +
   38.11 +ML {* no_document use_thys
   38.12 +  ["Efficient_Nat", "Code_Char_chr", "Product_ord", "~~/src/HOL/Imperative_HOL/Imperative_HOL",
   38.13 +   "~~/src/HOL/Decision_Procs/Ferrack"] *}
   38.14 +
   38.15 +ML_command {* Code_Target.code_width := 74 *}
   38.16 +ML_command {* reset unique_names *}
   38.17 +
   38.18 +end
    39.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    39.2 +++ b/doc-src/Codegen/Thy/document/Adaption.tex	Wed Mar 04 11:05:29 2009 +0100
    39.3 @@ -0,0 +1,678 @@
    39.4 +%
    39.5 +\begin{isabellebody}%
    39.6 +\def\isabellecontext{Adaption}%
    39.7 +%
    39.8 +\isadelimtheory
    39.9 +%
   39.10 +\endisadelimtheory
   39.11 +%
   39.12 +\isatagtheory
   39.13 +\isacommand{theory}\isamarkupfalse%
   39.14 +\ Adaption\isanewline
   39.15 +\isakeyword{imports}\ Setup\isanewline
   39.16 +\isakeyword{begin}%
   39.17 +\endisatagtheory
   39.18 +{\isafoldtheory}%
   39.19 +%
   39.20 +\isadelimtheory
   39.21 +\isanewline
   39.22 +%
   39.23 +\endisadelimtheory
   39.24 +%
   39.25 +\isadeliminvisible
   39.26 +\isanewline
   39.27 +%
   39.28 +\endisadeliminvisible
   39.29 +%
   39.30 +\isataginvisible
   39.31 +\isacommand{setup}\isamarkupfalse%
   39.32 +\ {\isacharverbatimopen}\ Code{\isacharunderscore}Target{\isachardot}extend{\isacharunderscore}target\ {\isacharparenleft}{\isachardoublequote}{\isasymSML}{\isachardoublequote}{\isacharcomma}\ {\isacharparenleft}{\isachardoublequote}SML{\isachardoublequote}{\isacharcomma}\ K\ I{\isacharparenright}{\isacharparenright}\ {\isacharverbatimclose}%
   39.33 +\endisataginvisible
   39.34 +{\isafoldinvisible}%
   39.35 +%
   39.36 +\isadeliminvisible
   39.37 +%
   39.38 +\endisadeliminvisible
   39.39 +%
   39.40 +\isamarkupsection{Adaption to target languages \label{sec:adaption}%
   39.41 +}
   39.42 +\isamarkuptrue%
   39.43 +%
   39.44 +\isamarkupsubsection{Adapting code generation%
   39.45 +}
   39.46 +\isamarkuptrue%
   39.47 +%
   39.48 +\begin{isamarkuptext}%
   39.49 +The aspects of code generation introduced so far have two aspects
   39.50 +  in common:
   39.51 +
   39.52 +  \begin{itemize}
   39.53 +    \item They act uniformly, without reference to a specific
   39.54 +       target language.
   39.55 +    \item They are \emph{safe} in the sense that as long as you trust
   39.56 +       the code generator meta theory and implementation, you cannot
   39.57 +       produce programs that yield results which are not derivable
   39.58 +       in the logic.
   39.59 +  \end{itemize}
   39.60 +
   39.61 +  \noindent In this section we will introduce means to \emph{adapt} the serialiser
   39.62 +  to a specific target language, i.e.~to print program fragments
   39.63 +  in a way which accommodates \qt{already existing} ingredients of
   39.64 +  a target language environment, for three reasons:
   39.65 +
   39.66 +  \begin{itemize}
   39.67 +    \item improving readability and aesthetics of generated code
   39.68 +    \item gaining efficiency
   39.69 +    \item interface with language parts which have no direct counterpart
   39.70 +      in \isa{HOL} (say, imperative data structures)
   39.71 +  \end{itemize}
   39.72 +
   39.73 +  \noindent Generally, you should avoid using those features yourself
   39.74 +  \emph{at any cost}:
   39.75 +
   39.76 +  \begin{itemize}
   39.77 +    \item The safe configuration methods act uniformly on every target language,
   39.78 +      whereas for adaption you have to treat each target language separate.
   39.79 +    \item Application is extremely tedious since there is no abstraction
   39.80 +      which would allow for a static check, making it easy to produce garbage.
   39.81 +    \item More or less subtle errors can be introduced unconsciously.
   39.82 +  \end{itemize}
   39.83 +
   39.84 +  \noindent However, even if you ought refrain from setting up adaption
   39.85 +  yourself, already the \isa{HOL} comes with some reasonable default
   39.86 +  adaptions (say, using target language list syntax).  There also some
   39.87 +  common adaption cases which you can setup by importing particular
   39.88 +  library theories.  In order to understand these, we provide some clues here;
   39.89 +  these however are not supposed to replace a careful study of the sources.%
   39.90 +\end{isamarkuptext}%
   39.91 +\isamarkuptrue%
   39.92 +%
   39.93 +\isamarkupsubsection{The adaption principle%
   39.94 +}
   39.95 +\isamarkuptrue%
   39.96 +%
   39.97 +\begin{isamarkuptext}%
   39.98 +The following figure illustrates what \qt{adaption} is conceptually
   39.99 +  supposed to be:
  39.100 +
  39.101 +  \begin{figure}[here]
  39.102 +    \begin{tikzpicture}[scale = 0.5]
  39.103 +      \tikzstyle water=[color = blue, thick]
  39.104 +      \tikzstyle ice=[color = black, very thick, cap = round, join = round, fill = white]
  39.105 +      \tikzstyle process=[color = green, semithick, ->]
  39.106 +      \tikzstyle adaption=[color = red, semithick, ->]
  39.107 +      \tikzstyle target=[color = black]
  39.108 +      \foreach \x in {0, ..., 24}
  39.109 +        \draw[style=water] (\x, 0.25) sin + (0.25, 0.25) cos + (0.25, -0.25) sin
  39.110 +          + (0.25, -0.25) cos + (0.25, 0.25);
  39.111 +      \draw[style=ice] (1, 0) --
  39.112 +        (3, 6) node[above, fill=white] {logic} -- (5, 0) -- cycle;
  39.113 +      \draw[style=ice] (9, 0) --
  39.114 +        (11, 6) node[above, fill=white] {intermediate language} -- (13, 0) -- cycle;
  39.115 +      \draw[style=ice] (15, -6) --
  39.116 +        (19, 6) node[above, fill=white] {target language} -- (23, -6) -- cycle;
  39.117 +      \draw[style=process]
  39.118 +        (3.5, 3) .. controls (7, 5) .. node[fill=white] {translation} (10.5, 3);
  39.119 +      \draw[style=process]
  39.120 +        (11.5, 3) .. controls (15, 5) .. node[fill=white] (serialisation) {serialisation} (18.5, 3);
  39.121 +      \node (adaption) at (11, -2) [style=adaption] {adaption};
  39.122 +      \node at (19, 3) [rotate=90] {generated};
  39.123 +      \node at (19.5, -5) {language};
  39.124 +      \node at (19.5, -3) {library};
  39.125 +      \node (includes) at (19.5, -1) {includes};
  39.126 +      \node (reserved) at (16.5, -3) [rotate=72] {reserved}; % proper 71.57
  39.127 +      \draw[style=process]
  39.128 +        (includes) -- (serialisation);
  39.129 +      \draw[style=process]
  39.130 +        (reserved) -- (serialisation);
  39.131 +      \draw[style=adaption]
  39.132 +        (adaption) -- (serialisation);
  39.133 +      \draw[style=adaption]
  39.134 +        (adaption) -- (includes);
  39.135 +      \draw[style=adaption]
  39.136 +        (adaption) -- (reserved);
  39.137 +    \end{tikzpicture}
  39.138 +    \caption{The adaption principle}
  39.139 +    \label{fig:adaption}
  39.140 +  \end{figure}
  39.141 +
  39.142 +  \noindent In the tame view, code generation acts as broker between
  39.143 +  \isa{logic}, \isa{intermediate\ language} and
  39.144 +  \isa{target\ language} by means of \isa{translation} and
  39.145 +  \isa{serialisation};  for the latter, the serialiser has to observe
  39.146 +  the structure of the \isa{language} itself plus some \isa{reserved}
  39.147 +  keywords which have to be avoided for generated code.
  39.148 +  However, if you consider \isa{adaption} mechanisms, the code generated
  39.149 +  by the serializer is just the tip of the iceberg:
  39.150 +
  39.151 +  \begin{itemize}
  39.152 +    \item \isa{serialisation} can be \emph{parametrised} such that
  39.153 +      logical entities are mapped to target-specific ones
  39.154 +      (e.g. target-specific list syntax,
  39.155 +        see also \secref{sec:adaption_mechanisms})
  39.156 +    \item Such parametrisations can involve references to a
  39.157 +      target-specific standard \isa{library} (e.g. using
  39.158 +      the \isa{Haskell} \verb|Maybe| type instead
  39.159 +      of the \isa{HOL} \isa{option} type);
  39.160 +      if such are used, the corresponding identifiers
  39.161 +      (in our example, \verb|Maybe|, \verb|Nothing|
  39.162 +      and \verb|Just|) also have to be considered \isa{reserved}.
  39.163 +    \item Even more, the user can enrich the library of the
  39.164 +      target-language by providing code snippets
  39.165 +      (\qt{\isa{includes}}) which are prepended to
  39.166 +      any generated code (see \secref{sec:include});  this typically
  39.167 +      also involves further \isa{reserved} identifiers.
  39.168 +  \end{itemize}
  39.169 +
  39.170 +  \noindent As figure \ref{fig:adaption} illustrates, all these adaption mechanisms
  39.171 +  have to act consistently;  it is at the discretion of the user
  39.172 +  to take care for this.%
  39.173 +\end{isamarkuptext}%
  39.174 +\isamarkuptrue%
  39.175 +%
  39.176 +\isamarkupsubsection{Common adaption patterns%
  39.177 +}
  39.178 +\isamarkuptrue%
  39.179 +%
  39.180 +\begin{isamarkuptext}%
  39.181 +The \hyperlink{theory.HOL}{\mbox{\isa{HOL}}} \hyperlink{theory.Main}{\mbox{\isa{Main}}} theory already provides a code
  39.182 +  generator setup
  39.183 +  which should be suitable for most applications.  Common extensions
  39.184 +  and modifications are available by certain theories of the \isa{HOL}
  39.185 +  library; beside being useful in applications, they may serve
  39.186 +  as a tutorial for customising the code generator setup (see below
  39.187 +  \secref{sec:adaption_mechanisms}).
  39.188 +
  39.189 +  \begin{description}
  39.190 +
  39.191 +    \item[\hyperlink{theory.Code-Integer}{\mbox{\isa{Code{\isacharunderscore}Integer}}}] represents \isa{HOL} integers by big
  39.192 +       integer literals in target languages.
  39.193 +    \item[\hyperlink{theory.Code-Char}{\mbox{\isa{Code{\isacharunderscore}Char}}}] represents \isa{HOL} characters by 
  39.194 +       character literals in target languages.
  39.195 +    \item[\hyperlink{theory.Code-Char-chr}{\mbox{\isa{Code{\isacharunderscore}Char{\isacharunderscore}chr}}}] like \isa{Code{\isacharunderscore}Char},
  39.196 +       but also offers treatment of character codes; includes
  39.197 +       \hyperlink{theory.Code-Char}{\mbox{\isa{Code{\isacharunderscore}Char}}}.
  39.198 +    \item[\hyperlink{theory.Efficient-Nat}{\mbox{\isa{Efficient{\isacharunderscore}Nat}}}] \label{eff_nat} implements natural numbers by integers,
  39.199 +       which in general will result in higher efficiency; pattern
  39.200 +       matching with \isa{{\isadigit{0}}} / \isa{Suc}
  39.201 +       is eliminated;  includes \hyperlink{theory.Code-Integer}{\mbox{\isa{Code{\isacharunderscore}Integer}}}
  39.202 +       and \hyperlink{theory.Code-Index}{\mbox{\isa{Code{\isacharunderscore}Index}}}.
  39.203 +    \item[\hyperlink{theory.Code-Index}{\mbox{\isa{Code{\isacharunderscore}Index}}}] provides an additional datatype
  39.204 +       \isa{index} which is mapped to target-language built-in integers.
  39.205 +       Useful for code setups which involve e.g. indexing of
  39.206 +       target-language arrays.
  39.207 +    \item[\hyperlink{theory.Code-Message}{\mbox{\isa{Code{\isacharunderscore}Message}}}] provides an additional datatype
  39.208 +       \isa{message{\isacharunderscore}string} which is isomorphic to strings;
  39.209 +       \isa{message{\isacharunderscore}string}s are mapped to target-language strings.
  39.210 +       Useful for code setups which involve e.g. printing (error) messages.
  39.211 +
  39.212 +  \end{description}
  39.213 +
  39.214 +  \begin{warn}
  39.215 +    When importing any of these theories, they should form the last
  39.216 +    items in an import list.  Since these theories adapt the
  39.217 +    code generator setup in a non-conservative fashion,
  39.218 +    strange effects may occur otherwise.
  39.219 +  \end{warn}%
  39.220 +\end{isamarkuptext}%
  39.221 +\isamarkuptrue%
  39.222 +%
  39.223 +\isamarkupsubsection{Parametrising serialisation \label{sec:adaption_mechanisms}%
  39.224 +}
  39.225 +\isamarkuptrue%
  39.226 +%
  39.227 +\begin{isamarkuptext}%
  39.228 +Consider the following function and its corresponding
  39.229 +  SML code:%
  39.230 +\end{isamarkuptext}%
  39.231 +\isamarkuptrue%
  39.232 +%
  39.233 +\isadelimquote
  39.234 +%
  39.235 +\endisadelimquote
  39.236 +%
  39.237 +\isatagquote
  39.238 +\isacommand{primrec}\isamarkupfalse%
  39.239 +\ in{\isacharunderscore}interval\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymtimes}\ nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ bool{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  39.240 +\ \ {\isachardoublequoteopen}in{\isacharunderscore}interval\ {\isacharparenleft}k{\isacharcomma}\ l{\isacharparenright}\ n\ {\isasymlongleftrightarrow}\ k\ {\isasymle}\ n\ {\isasymand}\ n\ {\isasymle}\ l{\isachardoublequoteclose}%
  39.241 +\endisatagquote
  39.242 +{\isafoldquote}%
  39.243 +%
  39.244 +\isadelimquote
  39.245 +%
  39.246 +\endisadelimquote
  39.247 +%
  39.248 +\isadeliminvisible
  39.249 +%
  39.250 +\endisadeliminvisible
  39.251 +%
  39.252 +\isataginvisible
  39.253 +%
  39.254 +\endisataginvisible
  39.255 +{\isafoldinvisible}%
  39.256 +%
  39.257 +\isadeliminvisible
  39.258 +%
  39.259 +\endisadeliminvisible
  39.260 +%
  39.261 +\isadelimquote
  39.262 +%
  39.263 +\endisadelimquote
  39.264 +%
  39.265 +\isatagquote
  39.266 +%
  39.267 +\begin{isamarkuptext}%
  39.268 +\isatypewriter%
  39.269 +\noindent%
  39.270 +\hspace*{0pt}structure Example = \\
  39.271 +\hspace*{0pt}struct\\
  39.272 +\hspace*{0pt}\\
  39.273 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  39.274 +\hspace*{0pt}\\
  39.275 +\hspace*{0pt}datatype boola = True | False;\\
  39.276 +\hspace*{0pt}\\
  39.277 +\hspace*{0pt}fun anda x True = x\\
  39.278 +\hspace*{0pt} ~| anda x False = False\\
  39.279 +\hspace*{0pt} ~| anda True x = x\\
  39.280 +\hspace*{0pt} ~| anda False x = False;\\
  39.281 +\hspace*{0pt}\\
  39.282 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  39.283 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = False\\
  39.284 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  39.285 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = True;\\
  39.286 +\hspace*{0pt}\\
  39.287 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = anda (less{\char95}eq{\char95}nat k n) (less{\char95}eq{\char95}nat n l);\\
  39.288 +\hspace*{0pt}\\
  39.289 +\hspace*{0pt}end;~(*struct Example*)%
  39.290 +\end{isamarkuptext}%
  39.291 +\isamarkuptrue%
  39.292 +%
  39.293 +\endisatagquote
  39.294 +{\isafoldquote}%
  39.295 +%
  39.296 +\isadelimquote
  39.297 +%
  39.298 +\endisadelimquote
  39.299 +%
  39.300 +\begin{isamarkuptext}%
  39.301 +\noindent Though this is correct code, it is a little bit unsatisfactory:
  39.302 +  boolean values and operators are materialised as distinguished
  39.303 +  entities with have nothing to do with the SML-built-in notion
  39.304 +  of \qt{bool}.  This results in less readable code;
  39.305 +  additionally, eager evaluation may cause programs to
  39.306 +  loop or break which would perfectly terminate when
  39.307 +  the existing SML \verb|bool| would be used.  To map
  39.308 +  the HOL \isa{bool} on SML \verb|bool|, we may use
  39.309 +  \qn{custom serialisations}:%
  39.310 +\end{isamarkuptext}%
  39.311 +\isamarkuptrue%
  39.312 +%
  39.313 +\isadelimquotett
  39.314 +%
  39.315 +\endisadelimquotett
  39.316 +%
  39.317 +\isatagquotett
  39.318 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  39.319 +\ bool\isanewline
  39.320 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}bool{\isachardoublequoteclose}{\isacharparenright}\isanewline
  39.321 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  39.322 +\ True\ \isakeyword{and}\ False\ \isakeyword{and}\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
  39.323 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}true{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}false{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}{\isacharunderscore}\ andalso\ {\isacharunderscore}{\isachardoublequoteclose}{\isacharparenright}%
  39.324 +\endisatagquotett
  39.325 +{\isafoldquotett}%
  39.326 +%
  39.327 +\isadelimquotett
  39.328 +%
  39.329 +\endisadelimquotett
  39.330 +%
  39.331 +\begin{isamarkuptext}%
  39.332 +\noindent The \hyperlink{command.code-type}{\mbox{\isa{\isacommand{code{\isacharunderscore}type}}}} command takes a type constructor
  39.333 +  as arguments together with a list of custom serialisations.
  39.334 +  Each custom serialisation starts with a target language
  39.335 +  identifier followed by an expression, which during
  39.336 +  code serialisation is inserted whenever the type constructor
  39.337 +  would occur.  For constants, \hyperlink{command.code-const}{\mbox{\isa{\isacommand{code{\isacharunderscore}const}}}} implements
  39.338 +  the corresponding mechanism.  Each ``\verb|_|'' in
  39.339 +  a serialisation expression is treated as a placeholder
  39.340 +  for the type constructor's (the constant's) arguments.%
  39.341 +\end{isamarkuptext}%
  39.342 +\isamarkuptrue%
  39.343 +%
  39.344 +\isadelimquote
  39.345 +%
  39.346 +\endisadelimquote
  39.347 +%
  39.348 +\isatagquote
  39.349 +%
  39.350 +\begin{isamarkuptext}%
  39.351 +\isatypewriter%
  39.352 +\noindent%
  39.353 +\hspace*{0pt}structure Example = \\
  39.354 +\hspace*{0pt}struct\\
  39.355 +\hspace*{0pt}\\
  39.356 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  39.357 +\hspace*{0pt}\\
  39.358 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  39.359 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = false\\
  39.360 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  39.361 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = true;\\
  39.362 +\hspace*{0pt}\\
  39.363 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = (less{\char95}eq{\char95}nat k n) andalso (less{\char95}eq{\char95}nat n l);\\
  39.364 +\hspace*{0pt}\\
  39.365 +\hspace*{0pt}end;~(*struct Example*)%
  39.366 +\end{isamarkuptext}%
  39.367 +\isamarkuptrue%
  39.368 +%
  39.369 +\endisatagquote
  39.370 +{\isafoldquote}%
  39.371 +%
  39.372 +\isadelimquote
  39.373 +%
  39.374 +\endisadelimquote
  39.375 +%
  39.376 +\begin{isamarkuptext}%
  39.377 +\noindent This still is not perfect: the parentheses
  39.378 +  around the \qt{andalso} expression are superfluous.
  39.379 +  Though the serialiser
  39.380 +  by no means attempts to imitate the rich Isabelle syntax
  39.381 +  framework, it provides some common idioms, notably
  39.382 +  associative infixes with precedences which may be used here:%
  39.383 +\end{isamarkuptext}%
  39.384 +\isamarkuptrue%
  39.385 +%
  39.386 +\isadelimquotett
  39.387 +%
  39.388 +\endisadelimquotett
  39.389 +%
  39.390 +\isatagquotett
  39.391 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  39.392 +\ {\isachardoublequoteopen}op\ {\isasymand}{\isachardoublequoteclose}\isanewline
  39.393 +\ \ {\isacharparenleft}SML\ \isakeyword{infixl}\ {\isadigit{1}}\ {\isachardoublequoteopen}andalso{\isachardoublequoteclose}{\isacharparenright}%
  39.394 +\endisatagquotett
  39.395 +{\isafoldquotett}%
  39.396 +%
  39.397 +\isadelimquotett
  39.398 +%
  39.399 +\endisadelimquotett
  39.400 +%
  39.401 +\isadelimquote
  39.402 +%
  39.403 +\endisadelimquote
  39.404 +%
  39.405 +\isatagquote
  39.406 +%
  39.407 +\begin{isamarkuptext}%
  39.408 +\isatypewriter%
  39.409 +\noindent%
  39.410 +\hspace*{0pt}structure Example = \\
  39.411 +\hspace*{0pt}struct\\
  39.412 +\hspace*{0pt}\\
  39.413 +\hspace*{0pt}datatype nat = Zero{\char95}nat | Suc of nat;\\
  39.414 +\hspace*{0pt}\\
  39.415 +\hspace*{0pt}fun less{\char95}nat m (Suc n) = less{\char95}eq{\char95}nat m n\\
  39.416 +\hspace*{0pt} ~| less{\char95}nat n Zero{\char95}nat = false\\
  39.417 +\hspace*{0pt}and less{\char95}eq{\char95}nat (Suc m) n = less{\char95}nat m n\\
  39.418 +\hspace*{0pt} ~| less{\char95}eq{\char95}nat Zero{\char95}nat n = true;\\
  39.419 +\hspace*{0pt}\\
  39.420 +\hspace*{0pt}fun in{\char95}interval (k,~l) n = less{\char95}eq{\char95}nat k n andalso less{\char95}eq{\char95}nat n l;\\
  39.421 +\hspace*{0pt}\\
  39.422 +\hspace*{0pt}end;~(*struct Example*)%
  39.423 +\end{isamarkuptext}%
  39.424 +\isamarkuptrue%
  39.425 +%
  39.426 +\endisatagquote
  39.427 +{\isafoldquote}%
  39.428 +%
  39.429 +\isadelimquote
  39.430 +%
  39.431 +\endisadelimquote
  39.432 +%
  39.433 +\begin{isamarkuptext}%
  39.434 +\noindent The attentive reader may ask how we assert that no generated
  39.435 +  code will accidentally overwrite.  For this reason the serialiser has
  39.436 +  an internal table of identifiers which have to be avoided to be used
  39.437 +  for new declarations.  Initially, this table typically contains the
  39.438 +  keywords of the target language.  It can be extended manually, thus avoiding
  39.439 +  accidental overwrites, using the \hyperlink{command.code-reserved}{\mbox{\isa{\isacommand{code{\isacharunderscore}reserved}}}} command:%
  39.440 +\end{isamarkuptext}%
  39.441 +\isamarkuptrue%
  39.442 +%
  39.443 +\isadelimquote
  39.444 +%
  39.445 +\endisadelimquote
  39.446 +%
  39.447 +\isatagquote
  39.448 +\isacommand{code{\isacharunderscore}reserved}\isamarkupfalse%
  39.449 +\ {\isachardoublequoteopen}{\isasymSML}{\isachardoublequoteclose}\ bool\ true\ false\ andalso%
  39.450 +\endisatagquote
  39.451 +{\isafoldquote}%
  39.452 +%
  39.453 +\isadelimquote
  39.454 +%
  39.455 +\endisadelimquote
  39.456 +%
  39.457 +\begin{isamarkuptext}%
  39.458 +\noindent Next, we try to map HOL pairs to SML pairs, using the
  39.459 +  infix ``\verb|*|'' type constructor and parentheses:%
  39.460 +\end{isamarkuptext}%
  39.461 +\isamarkuptrue%
  39.462 +%
  39.463 +\isadeliminvisible
  39.464 +%
  39.465 +\endisadeliminvisible
  39.466 +%
  39.467 +\isataginvisible
  39.468 +%
  39.469 +\endisataginvisible
  39.470 +{\isafoldinvisible}%
  39.471 +%
  39.472 +\isadeliminvisible
  39.473 +%
  39.474 +\endisadeliminvisible
  39.475 +%
  39.476 +\isadelimquotett
  39.477 +%
  39.478 +\endisadelimquotett
  39.479 +%
  39.480 +\isatagquotett
  39.481 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  39.482 +\ {\isacharasterisk}\isanewline
  39.483 +\ \ {\isacharparenleft}SML\ \isakeyword{infix}\ {\isadigit{2}}\ {\isachardoublequoteopen}{\isacharasterisk}{\isachardoublequoteclose}{\isacharparenright}\isanewline
  39.484 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  39.485 +\ Pair\isanewline
  39.486 +\ \ {\isacharparenleft}SML\ {\isachardoublequoteopen}{\isacharbang}{\isacharparenleft}{\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharcomma}{\isacharslash}\ {\isacharparenleft}{\isacharunderscore}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}{\isacharparenright}%
  39.487 +\endisatagquotett
  39.488 +{\isafoldquotett}%
  39.489 +%
  39.490 +\isadelimquotett
  39.491 +%
  39.492 +\endisadelimquotett
  39.493 +%
  39.494 +\begin{isamarkuptext}%
  39.495 +\noindent The initial bang ``\verb|!|'' tells the serialiser
  39.496 +  never to put
  39.497 +  parentheses around the whole expression (they are already present),
  39.498 +  while the parentheses around argument place holders
  39.499 +  tell not to put parentheses around the arguments.
  39.500 +  The slash ``\verb|/|'' (followed by arbitrary white space)
  39.501 +  inserts a space which may be used as a break if necessary
  39.502 +  during pretty printing.
  39.503 +
  39.504 +  These examples give a glimpse what mechanisms
  39.505 +  custom serialisations provide; however their usage
  39.506 +  requires careful thinking in order not to introduce
  39.507 +  inconsistencies -- or, in other words:
  39.508 +  custom serialisations are completely axiomatic.
  39.509 +
  39.510 +  A further noteworthy details is that any special
  39.511 +  character in a custom serialisation may be quoted
  39.512 +  using ``\verb|'|''; thus, in
  39.513 +  ``\verb|fn '_ => _|'' the first
  39.514 +  ``\verb|_|'' is a proper underscore while the
  39.515 +  second ``\verb|_|'' is a placeholder.%
  39.516 +\end{isamarkuptext}%
  39.517 +\isamarkuptrue%
  39.518 +%
  39.519 +\isamarkupsubsection{\isa{Haskell} serialisation%
  39.520 +}
  39.521 +\isamarkuptrue%
  39.522 +%
  39.523 +\begin{isamarkuptext}%
  39.524 +For convenience, the default
  39.525 +  \isa{HOL} setup for \isa{Haskell} maps the \isa{eq} class to
  39.526 +  its counterpart in \isa{Haskell}, giving custom serialisations
  39.527 +  for the class \isa{eq} (by command \hyperlink{command.code-class}{\mbox{\isa{\isacommand{code{\isacharunderscore}class}}}}) and its operation
  39.528 +  \isa{eq{\isacharunderscore}class{\isachardot}eq}%
  39.529 +\end{isamarkuptext}%
  39.530 +\isamarkuptrue%
  39.531 +%
  39.532 +\isadelimquotett
  39.533 +%
  39.534 +\endisadelimquotett
  39.535 +%
  39.536 +\isatagquotett
  39.537 +\isacommand{code{\isacharunderscore}class}\isamarkupfalse%
  39.538 +\ eq\isanewline
  39.539 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Eq{\isachardoublequoteclose}{\isacharparenright}\isanewline
  39.540 +\isanewline
  39.541 +\isacommand{code{\isacharunderscore}const}\isamarkupfalse%
  39.542 +\ {\isachardoublequoteopen}op\ {\isacharequal}{\isachardoublequoteclose}\isanewline
  39.543 +\ \ {\isacharparenleft}Haskell\ \isakeyword{infixl}\ {\isadigit{4}}\ {\isachardoublequoteopen}{\isacharequal}{\isacharequal}{\isachardoublequoteclose}{\isacharparenright}%
  39.544 +\endisatagquotett
  39.545 +{\isafoldquotett}%
  39.546 +%
  39.547 +\isadelimquotett
  39.548 +%
  39.549 +\endisadelimquotett
  39.550 +%
  39.551 +\begin{isamarkuptext}%
  39.552 +\noindent A problem now occurs whenever a type which
  39.553 +  is an instance of \isa{eq} in \isa{HOL} is mapped
  39.554 +  on a \isa{Haskell}-built-in type which is also an instance
  39.555 +  of \isa{Haskell} \isa{Eq}:%
  39.556 +\end{isamarkuptext}%
  39.557 +\isamarkuptrue%
  39.558 +%
  39.559 +\isadelimquote
  39.560 +%
  39.561 +\endisadelimquote
  39.562 +%
  39.563 +\isatagquote
  39.564 +\isacommand{typedecl}\isamarkupfalse%
  39.565 +\ bar\isanewline
  39.566 +\isanewline
  39.567 +\isacommand{instantiation}\isamarkupfalse%
  39.568 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
  39.569 +\isakeyword{begin}\isanewline
  39.570 +\isanewline
  39.571 +\isacommand{definition}\isamarkupfalse%
  39.572 +\ {\isachardoublequoteopen}eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}x{\isasymColon}bar{\isacharparenright}\ y\ {\isasymlongleftrightarrow}\ x\ {\isacharequal}\ y{\isachardoublequoteclose}\isanewline
  39.573 +\isanewline
  39.574 +\isacommand{instance}\isamarkupfalse%
  39.575 +\ \isacommand{by}\isamarkupfalse%
  39.576 +\ default\ {\isacharparenleft}simp\ add{\isacharcolon}\ eq{\isacharunderscore}bar{\isacharunderscore}def{\isacharparenright}\isanewline
  39.577 +\isanewline
  39.578 +\isacommand{end}\isamarkupfalse%
  39.579 +%
  39.580 +\endisatagquote
  39.581 +{\isafoldquote}%
  39.582 +%
  39.583 +\isadelimquote
  39.584 +%
  39.585 +\endisadelimquote
  39.586 +\isanewline
  39.587 +%
  39.588 +\isadelimquotett
  39.589 +%
  39.590 +\endisadelimquotett
  39.591 +%
  39.592 +\isatagquotett
  39.593 +\isacommand{code{\isacharunderscore}type}\isamarkupfalse%
  39.594 +\ bar\isanewline
  39.595 +\ \ {\isacharparenleft}Haskell\ {\isachardoublequoteopen}Integer{\isachardoublequoteclose}{\isacharparenright}%
  39.596 +\endisatagquotett
  39.597 +{\isafoldquotett}%
  39.598 +%
  39.599 +\isadelimquotett
  39.600 +%
  39.601 +\endisadelimquotett
  39.602 +%
  39.603 +\begin{isamarkuptext}%
  39.604 +\noindent The code generator would produce
  39.605 +  an additional instance, which of course is rejected by the \isa{Haskell}
  39.606 +  compiler.
  39.607 +  To suppress this additional instance, use
  39.608 +  \isa{code{\isacharunderscore}instance}:%
  39.609 +\end{isamarkuptext}%
  39.610 +\isamarkuptrue%
  39.611 +%
  39.612 +\isadelimquotett
  39.613 +%
  39.614 +\endisadelimquotett
  39.615 +%
  39.616 +\isatagquotett
  39.617 +\isacommand{code{\isacharunderscore}instance}\isamarkupfalse%
  39.618 +\ bar\ {\isacharcolon}{\isacharcolon}\ eq\isanewline
  39.619 +\ \ {\isacharparenleft}Haskell\ {\isacharminus}{\isacharparenright}%
  39.620 +\endisatagquotett
  39.621 +{\isafoldquotett}%
  39.622 +%
  39.623 +\isadelimquotett
  39.624 +%
  39.625 +\endisadelimquotett
  39.626 +%
  39.627 +\isamarkupsubsection{Enhancing the target language context \label{sec:include}%
  39.628 +}
  39.629 +\isamarkuptrue%
  39.630 +%
  39.631 +\begin{isamarkuptext}%
  39.632 +In rare cases it is necessary to \emph{enrich} the context of a
  39.633 +  target language;  this is accomplished using the \hyperlink{command.code-include}{\mbox{\isa{\isacommand{code{\isacharunderscore}include}}}}
  39.634 +  command:%
  39.635 +\end{isamarkuptext}%
  39.636 +\isamarkuptrue%
  39.637 +%
  39.638 +\isadelimquotett
  39.639 +%
  39.640 +\endisadelimquotett
  39.641 +%
  39.642 +\isatagquotett
  39.643 +\isacommand{code{\isacharunderscore}include}\isamarkupfalse%
  39.644 +\ Haskell\ {\isachardoublequoteopen}Errno{\isachardoublequoteclose}\isanewline
  39.645 +{\isacharverbatimopen}errno\ i\ {\isacharequal}\ error\ {\isacharparenleft}{\isachardoublequote}Error\ number{\isacharcolon}\ {\isachardoublequote}\ {\isacharplus}{\isacharplus}\ show\ i{\isacharparenright}{\isacharverbatimclose}\isanewline
  39.646 +\isanewline
  39.647 +\isacommand{code{\isacharunderscore}reserved}\isamarkupfalse%
  39.648 +\ Haskell\ Errno%
  39.649 +\endisatagquotett
  39.650 +{\isafoldquotett}%
  39.651 +%
  39.652 +\isadelimquotett
  39.653 +%
  39.654 +\endisadelimquotett
  39.655 +%
  39.656 +\begin{isamarkuptext}%
  39.657 +\noindent Such named \isa{include}s are then prepended to every generated code.
  39.658 +  Inspect such code in order to find out how \hyperlink{command.code-include}{\mbox{\isa{\isacommand{code{\isacharunderscore}include}}}} behaves
  39.659 +  with respect to a particular target language.%
  39.660 +\end{isamarkuptext}%
  39.661 +\isamarkuptrue%
  39.662 +%
  39.663 +\isadelimtheory
  39.664 +%
  39.665 +\endisadelimtheory
  39.666 +%
  39.667 +\isatagtheory
  39.668 +\isacommand{end}\isamarkupfalse%
  39.669 +%
  39.670 +\endisatagtheory
  39.671 +{\isafoldtheory}%
  39.672 +%
  39.673 +\isadelimtheory
  39.674 +%
  39.675 +\endisadelimtheory
  39.676 +\isanewline
  39.677 +\end{isabellebody}%
  39.678 +%%% Local Variables:
  39.679 +%%% mode: latex
  39.680 +%%% TeX-master: "root"
  39.681 +%%% End:
    40.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    40.2 +++ b/doc-src/Codegen/Thy/document/Codegen.tex	Wed Mar 04 11:05:29 2009 +0100
    40.3 @@ -0,0 +1,1690 @@
    40.4 +%
    40.5 +\begin{isabellebody}%
    40.6 +\def\isabellecontext{Codegen}%
    40.7 +%
    40.8 +\isadelimtheory
    40.9 +\isanewline
   40.10 +\isanewline
   40.11 +%
   40.12 +\endisadelimtheory
   40.13 +%
   40.14 +\isatagtheory
   40.15 +%
   40.16 +\endisatagtheory
   40.17 +{\isafoldtheory}%
   40.18 +%
   40.19 +\isadelimtheory
   40.20 +%
   40.21 +\endisadelimtheory
   40.22 +%
   40.23 +\isadelimML
   40.24 +%
   40.25 +\endisadelimML
   40.26 +%
   40.27 +\isatagML
   40.28 +%
   40.29 +\endisatagML
   40.30 +{\isafoldML}%
   40.31 +%
   40.32 +\isadelimML
   40.33 +%
   40.34 +\endisadelimML
   40.35 +%
   40.36 +\isamarkupchapter{Code generation from Isabelle theories%
   40.37 +}
   40.38 +\isamarkuptrue%
   40.39 +%
   40.40 +\isamarkupsection{Introduction%
   40.41 +}
   40.42 +\isamarkuptrue%
   40.43 +%
   40.44 +\isamarkupsubsection{Motivation%
   40.45 +}
   40.46 +\isamarkuptrue%
   40.47 +%
   40.48 +\begin{isamarkuptext}%
   40.49 +Executing formal specifications as programs is a well-established
   40.50 +  topic in the theorem proving community.  With increasing
   40.51 +  application of theorem proving systems in the area of
   40.52 +  software development and verification, its relevance manifests
   40.53 +  for running test cases and rapid prototyping.  In logical
   40.54 +  calculi like constructive type theory,
   40.55 +  a notion of executability is implicit due to the nature
   40.56 +  of the calculus.  In contrast, specifications in Isabelle
   40.57 +  can be highly non-executable.  In order to bridge
   40.58 +  the gap between logic and executable specifications,
   40.59 +  an explicit non-trivial transformation has to be applied:
   40.60 +  code generation.
   40.61 +
   40.62 +  This tutorial introduces a generic code generator for the
   40.63 +  Isabelle system \cite{isa-tutorial}.
   40.64 +  Generic in the sense that the
   40.65 +  \qn{target language} for which code shall ultimately be
   40.66 +  generated is not fixed but may be an arbitrary state-of-the-art
   40.67 +  functional programming language (currently, the implementation
   40.68 +  supports SML \cite{SML}, OCaml \cite{OCaml} and Haskell
   40.69 +  \cite{haskell-revised-report}).
   40.70 +  We aim to provide a
   40.71 +  versatile environment
   40.72 +  suitable for software development and verification,
   40.73 +  structuring the process
   40.74 +  of code generation into a small set of orthogonal principles
   40.75 +  while achieving a big coverage of application areas
   40.76 +  with maximum flexibility.
   40.77 +
   40.78 +  Conceptually the code generator framework is part
   40.79 +  of Isabelle's \isa{Pure} meta logic; the object logic
   40.80 +  \isa{HOL} which is an extension of \isa{Pure}
   40.81 +  already comes with a reasonable framework setup and thus provides
   40.82 +  a good working horse for raising code-generation-driven
   40.83 +  applications.  So, we assume some familiarity and experience
   40.84 +  with the ingredients of the \isa{HOL} \emph{Main} theory
   40.85 +  (see also \cite{isa-tutorial}).%
   40.86 +\end{isamarkuptext}%
   40.87 +\isamarkuptrue%
   40.88 +%
   40.89 +\isamarkupsubsection{Overview%
   40.90 +}
   40.91 +\isamarkuptrue%
   40.92 +%
   40.93 +\begin{isamarkuptext}%
   40.94 +The code generator aims to be usable with no further ado
   40.95 +  in most cases while allowing for detailed customization.
   40.96 +  This manifests in the structure of this tutorial:
   40.97 +  we start with a generic example \secref{sec:example}
   40.98 +  and introduce code generation concepts \secref{sec:concept}.
   40.99 +  Section
  40.100 +  \secref{sec:basics} explains how to use the framework naively,
  40.101 +  presuming a reasonable default setup.  Then, section
  40.102 +  \secref{sec:advanced} deals with advanced topics,
  40.103 +  introducing further aspects of the code generator framework
  40.104 +  in a motivation-driven manner.  Last, section \secref{sec:ml}
  40.105 +  introduces the framework's internal programming interfaces.
  40.106 +
  40.107 +  \begin{warn}
  40.108 +    Ultimately, the code generator which this tutorial deals with
  40.109 +    is supposed to replace the already established code generator
  40.110 +    by Stefan Berghofer \cite{Berghofer-Nipkow:2002}.
  40.111 +    So, for the moment, there are two distinct code generators
  40.112 +    in Isabelle.
  40.113 +    Also note that while the framework itself is
  40.114 +    object-logic independent, only \isa{HOL} provides a reasonable
  40.115 +    framework setup.    
  40.116 +  \end{warn}%
  40.117 +\end{isamarkuptext}%
  40.118 +\isamarkuptrue%
  40.119 +%
  40.120 +\isamarkupsection{An example: a simple theory of search trees \label{sec:example}%
  40.121 +}
  40.122 +\isamarkuptrue%
  40.123 +%
  40.124 +\begin{isamarkuptext}%
  40.125 +When writing executable specifications using \isa{HOL},
  40.126 +  it is convenient to use
  40.127 +  three existing packages: the datatype package for defining
  40.128 +  datatypes, the function package for (recursive) functions,
  40.129 +  and the class package for overloaded definitions.
  40.130 +
  40.131 +  We develope a small theory of search trees; trees are represented
  40.132 +  as a datatype with key type \isa{{\isacharprime}a} and value type \isa{{\isacharprime}b}:%
  40.133 +\end{isamarkuptext}%
  40.134 +\isamarkuptrue%
  40.135 +\isacommand{datatype}\isamarkupfalse%
  40.136 +\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree\ {\isacharequal}\ Leaf\ {\isachardoublequoteopen}{\isacharprime}a{\isasymColon}linorder{\isachardoublequoteclose}\ {\isacharprime}b\isanewline
  40.137 +\ \ {\isacharbar}\ Branch\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isacharprime}a{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree{\isachardoublequoteclose}%
  40.138 +\begin{isamarkuptext}%
  40.139 +\noindent Note that we have constrained the type of keys
  40.140 +  to the class of total orders, \isa{linorder}.
  40.141 +
  40.142 +  We define \isa{find} and \isa{update} functions:%
  40.143 +\end{isamarkuptext}%
  40.144 +\isamarkuptrue%
  40.145 +\isacommand{primrec}\isamarkupfalse%
  40.146 +\isanewline
  40.147 +\ \ find\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a{\isasymColon}linorder{\isacharcomma}\ {\isacharprime}b{\isacharparenright}\ searchtree\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}b\ option{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
  40.148 +\ \ {\isachardoublequoteopen}find\ {\isacharparenleft}Leaf\ key\ val{\isacharparenright}\ it\ {\isacharequal}\ {\isacharparenleft}if\ it\ {\isacharequal}\ key\ then\ Some\ val\ else\ None{\isacharparenright}{\isachardoublequoteclose}\isanewline
  40.149 +\ \ {\isacharbar}\ {\isachardoublequoteopen}find\ {\isacharparenleft}Branch\ t{\isadigit{1}}\ key\ t{\isadigit{2}}{\isacharparenright}\ it\ {\isacharequal}\ {\isacharparenleft}if\ it\ {\isasymle}\ key\ then\ find\ t{\isadigit{1}}\ it\ else\ find\ t{\isadigit{2}}\ it{\isacharparenright}{\isachardoublequoteclose}\isanewline