28447
|
1 |
%
|
|
2 |
\begin{isabellebody}%
|
|
3 |
\def\isabellecontext{Program}%
|
|
4 |
%
|
|
5 |
\isadelimtheory
|
|
6 |
%
|
|
7 |
\endisadelimtheory
|
|
8 |
%
|
|
9 |
\isatagtheory
|
|
10 |
\isacommand{theory}\isamarkupfalse%
|
|
11 |
\ Program\isanewline
|
|
12 |
\isakeyword{imports}\ Introduction\isanewline
|
|
13 |
\isakeyword{begin}%
|
|
14 |
\endisatagtheory
|
|
15 |
{\isafoldtheory}%
|
|
16 |
%
|
|
17 |
\isadelimtheory
|
|
18 |
%
|
|
19 |
\endisadelimtheory
|
|
20 |
%
|
|
21 |
\isamarkupsection{Turning Theories into Programs \label{sec:program}%
|
|
22 |
}
|
|
23 |
\isamarkuptrue%
|
|
24 |
%
|
|
25 |
\isamarkupsubsection{The \isa{Isabelle{\isacharslash}HOL} default setup%
|
|
26 |
}
|
|
27 |
\isamarkuptrue%
|
|
28 |
%
|
|
29 |
\begin{isamarkuptext}%
|
|
30 |
We have already seen how by default equations stemming from
|
|
31 |
\hyperlink{command.definition}{\mbox{\isa{\isacommand{definition}}}}/\hyperlink{command.primrec}{\mbox{\isa{\isacommand{primrec}}}}/\hyperlink{command.fun}{\mbox{\isa{\isacommand{fun}}}}
|
|
32 |
statements are used for code generation. This default behaviour
|
|
33 |
can be changed, e.g. by providing different defining equations.
|
28593
|
34 |
All kinds of customisation shown in this section is \emph{safe}
|
28447
|
35 |
in the sense that the user does not have to worry about
|
|
36 |
correctness -- all programs generatable that way are partially
|
|
37 |
correct.%
|
|
38 |
\end{isamarkuptext}%
|
|
39 |
\isamarkuptrue%
|
|
40 |
%
|
|
41 |
\isamarkupsubsection{Selecting code equations%
|
|
42 |
}
|
|
43 |
\isamarkuptrue%
|
|
44 |
%
|
|
45 |
\begin{isamarkuptext}%
|
|
46 |
Coming back to our introductory example, we
|
|
47 |
could provide an alternative defining equations for \isa{dequeue}
|
|
48 |
explicitly:%
|
|
49 |
\end{isamarkuptext}%
|
|
50 |
\isamarkuptrue%
|
|
51 |
%
|
28564
|
52 |
\isadelimquote
|
28447
|
53 |
%
|
28564
|
54 |
\endisadelimquote
|
28447
|
55 |
%
|
28564
|
56 |
\isatagquote
|
28447
|
57 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
58 |
\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
59 |
\ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}Queue\ xs\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\isanewline
|
28456
|
60 |
\ \ \ \ \ {\isacharparenleft}if\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ then\ {\isacharparenleft}None{\isacharcomma}\ Queue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\isanewline
|
|
61 |
\ \ \ \ \ \ \ else\ dequeue\ {\isacharparenleft}Queue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
28447
|
62 |
\ \ {\isachardoublequoteopen}dequeue\ {\isacharparenleft}Queue\ xs\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
|
|
63 |
\ \ \ \ \ {\isacharparenleft}Some\ y{\isacharcomma}\ Queue\ xs\ ys{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
64 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
65 |
\ {\isacharparenleft}cases\ xs{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\ {\isacharparenleft}cases\ {\isachardoublequoteopen}rev\ xs{\isachardoublequoteclose}{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}%
|
28564
|
66 |
\endisatagquote
|
|
67 |
{\isafoldquote}%
|
28447
|
68 |
%
|
28564
|
69 |
\isadelimquote
|
28447
|
70 |
%
|
28564
|
71 |
\endisadelimquote
|
28447
|
72 |
%
|
|
73 |
\begin{isamarkuptext}%
|
28562
|
74 |
\noindent The annotation \isa{{\isacharbrackleft}code{\isacharbrackright}} is an \isa{Isar}
|
28447
|
75 |
\isa{attribute} which states that the given theorems should be
|
|
76 |
considered as defining equations for a \isa{fun} statement --
|
|
77 |
the corresponding constant is determined syntactically. The resulting code:%
|
|
78 |
\end{isamarkuptext}%
|
|
79 |
\isamarkuptrue%
|
|
80 |
%
|
28564
|
81 |
\isadelimquote
|
28447
|
82 |
%
|
28564
|
83 |
\endisadelimquote
|
28447
|
84 |
%
|
28564
|
85 |
\isatagquote
|
28447
|
86 |
%
|
|
87 |
\begin{isamarkuptext}%
|
|
88 |
\isaverbatim%
|
|
89 |
\noindent%
|
28714
|
90 |
\hspace*{0pt}dequeue ::~forall a. Queue a -> (Maybe a, Queue a);\\
|
|
91 |
\hspace*{0pt}dequeue (Queue xs (y :~ys)) = (Just y, Queue xs ys);\\
|
|
92 |
\hspace*{0pt}dequeue (Queue xs []) =\\
|
|
93 |
\hspace*{0pt} ~(if nulla xs then (Nothing, Queue [] [])\\
|
|
94 |
\hspace*{0pt} ~~~else dequeue (Queue [] (rev xs)));%
|
28447
|
95 |
\end{isamarkuptext}%
|
|
96 |
\isamarkuptrue%
|
|
97 |
%
|
28564
|
98 |
\endisatagquote
|
|
99 |
{\isafoldquote}%
|
28447
|
100 |
%
|
28564
|
101 |
\isadelimquote
|
28447
|
102 |
%
|
28564
|
103 |
\endisadelimquote
|
28447
|
104 |
%
|
|
105 |
\begin{isamarkuptext}%
|
|
106 |
\noindent You may note that the equality test \isa{xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}} has been
|
|
107 |
replaced by the predicate \isa{null\ xs}. This is due to the default
|
|
108 |
setup in the \qn{preprocessor} to be discussed further below (\secref{sec:preproc}).
|
|
109 |
|
|
110 |
Changing the default constructor set of datatypes is also
|
|
111 |
possible but rarely desired in practice. See \secref{sec:datatypes} for an example.
|
|
112 |
|
|
113 |
As told in \secref{sec:concept}, code generation is based
|
|
114 |
on a structured collection of code theorems.
|
|
115 |
For explorative purpose, this collection
|
|
116 |
may be inspected using the \hyperlink{command.code-thms}{\mbox{\isa{\isacommand{code{\isacharunderscore}thms}}}} command:%
|
|
117 |
\end{isamarkuptext}%
|
|
118 |
\isamarkuptrue%
|
|
119 |
%
|
28564
|
120 |
\isadelimquote
|
28447
|
121 |
%
|
28564
|
122 |
\endisadelimquote
|
28447
|
123 |
%
|
28564
|
124 |
\isatagquote
|
28447
|
125 |
\isacommand{code{\isacharunderscore}thms}\isamarkupfalse%
|
|
126 |
\ dequeue%
|
28564
|
127 |
\endisatagquote
|
|
128 |
{\isafoldquote}%
|
28447
|
129 |
%
|
28564
|
130 |
\isadelimquote
|
28447
|
131 |
%
|
28564
|
132 |
\endisadelimquote
|
28447
|
133 |
%
|
|
134 |
\begin{isamarkuptext}%
|
|
135 |
\noindent prints a table with \emph{all} defining equations
|
|
136 |
for \isa{dequeue}, including
|
|
137 |
\emph{all} defining equations those equations depend
|
|
138 |
on recursively.
|
|
139 |
|
|
140 |
Similarly, the \hyperlink{command.code-deps}{\mbox{\isa{\isacommand{code{\isacharunderscore}deps}}}} command shows a graph
|
|
141 |
visualising dependencies between defining equations.%
|
|
142 |
\end{isamarkuptext}%
|
|
143 |
\isamarkuptrue%
|
|
144 |
%
|
|
145 |
\isamarkupsubsection{\isa{class} and \isa{instantiation}%
|
|
146 |
}
|
|
147 |
\isamarkuptrue%
|
|
148 |
%
|
|
149 |
\begin{isamarkuptext}%
|
|
150 |
Concerning type classes and code generation, let us examine an example
|
|
151 |
from abstract algebra:%
|
|
152 |
\end{isamarkuptext}%
|
|
153 |
\isamarkuptrue%
|
|
154 |
%
|
28564
|
155 |
\isadelimquote
|
28447
|
156 |
%
|
28564
|
157 |
\endisadelimquote
|
28447
|
158 |
%
|
28564
|
159 |
\isatagquote
|
28447
|
160 |
\isacommand{class}\isamarkupfalse%
|
|
161 |
\ semigroup\ {\isacharequal}\ type\ {\isacharplus}\isanewline
|
|
162 |
\ \ \isakeyword{fixes}\ mult\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ {\isacharparenleft}\isakeyword{infixl}\ {\isachardoublequoteopen}{\isasymotimes}{\isachardoublequoteclose}\ {\isadigit{7}}{\isadigit{0}}{\isacharparenright}\isanewline
|
|
163 |
\ \ \isakeyword{assumes}\ assoc{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x\ {\isasymotimes}\ y{\isacharparenright}\ {\isasymotimes}\ z\ {\isacharequal}\ x\ {\isasymotimes}\ {\isacharparenleft}y\ {\isasymotimes}\ z{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
164 |
\isanewline
|
|
165 |
\isacommand{class}\isamarkupfalse%
|
|
166 |
\ monoid\ {\isacharequal}\ semigroup\ {\isacharplus}\isanewline
|
|
167 |
\ \ \isakeyword{fixes}\ neutral\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\ {\isacharparenleft}{\isachardoublequoteopen}{\isasymone}{\isachardoublequoteclose}{\isacharparenright}\isanewline
|
|
168 |
\ \ \isakeyword{assumes}\ neutl{\isacharcolon}\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ x\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
|
|
169 |
\ \ \ \ \isakeyword{and}\ neutr{\isacharcolon}\ {\isachardoublequoteopen}x\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ x{\isachardoublequoteclose}\isanewline
|
|
170 |
\isanewline
|
|
171 |
\isacommand{instantiation}\isamarkupfalse%
|
|
172 |
\ nat\ {\isacharcolon}{\isacharcolon}\ monoid\isanewline
|
|
173 |
\isakeyword{begin}\isanewline
|
|
174 |
\isanewline
|
|
175 |
\isacommand{primrec}\isamarkupfalse%
|
|
176 |
\ mult{\isacharunderscore}nat\ \isakeyword{where}\isanewline
|
|
177 |
\ \ \ \ {\isachardoublequoteopen}{\isadigit{0}}\ {\isasymotimes}\ n\ {\isacharequal}\ {\isacharparenleft}{\isadigit{0}}{\isasymColon}nat{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
178 |
\ \ {\isacharbar}\ {\isachardoublequoteopen}Suc\ m\ {\isasymotimes}\ n\ {\isacharequal}\ n\ {\isacharplus}\ m\ {\isasymotimes}\ n{\isachardoublequoteclose}\isanewline
|
|
179 |
\isanewline
|
|
180 |
\isacommand{definition}\isamarkupfalse%
|
|
181 |
\ neutral{\isacharunderscore}nat\ \isakeyword{where}\isanewline
|
|
182 |
\ \ {\isachardoublequoteopen}{\isasymone}\ {\isacharequal}\ Suc\ {\isadigit{0}}{\isachardoublequoteclose}\isanewline
|
|
183 |
\isanewline
|
|
184 |
\isacommand{lemma}\isamarkupfalse%
|
|
185 |
\ add{\isacharunderscore}mult{\isacharunderscore}distrib{\isacharcolon}\isanewline
|
|
186 |
\ \ \isakeyword{fixes}\ n\ m\ q\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
|
|
187 |
\ \ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}n\ {\isacharplus}\ m{\isacharparenright}\ {\isasymotimes}\ q\ {\isacharequal}\ n\ {\isasymotimes}\ q\ {\isacharplus}\ m\ {\isasymotimes}\ q{\isachardoublequoteclose}\isanewline
|
|
188 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
189 |
\ {\isacharparenleft}induct\ n{\isacharparenright}\ simp{\isacharunderscore}all\isanewline
|
|
190 |
\isanewline
|
|
191 |
\isacommand{instance}\isamarkupfalse%
|
|
192 |
\ \isacommand{proof}\isamarkupfalse%
|
|
193 |
\isanewline
|
|
194 |
\ \ \isacommand{fix}\isamarkupfalse%
|
|
195 |
\ m\ n\ q\ {\isacharcolon}{\isacharcolon}\ nat\isanewline
|
|
196 |
\ \ \isacommand{show}\isamarkupfalse%
|
|
197 |
\ {\isachardoublequoteopen}m\ {\isasymotimes}\ n\ {\isasymotimes}\ q\ {\isacharequal}\ m\ {\isasymotimes}\ {\isacharparenleft}n\ {\isasymotimes}\ q{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
198 |
\ \ \ \ \isacommand{by}\isamarkupfalse%
|
|
199 |
\ {\isacharparenleft}induct\ m{\isacharparenright}\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ add{\isacharunderscore}mult{\isacharunderscore}distrib{\isacharparenright}\isanewline
|
|
200 |
\ \ \isacommand{show}\isamarkupfalse%
|
|
201 |
\ {\isachardoublequoteopen}{\isasymone}\ {\isasymotimes}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
|
|
202 |
\ \ \ \ \isacommand{by}\isamarkupfalse%
|
|
203 |
\ {\isacharparenleft}simp\ add{\isacharcolon}\ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharparenright}\isanewline
|
|
204 |
\ \ \isacommand{show}\isamarkupfalse%
|
|
205 |
\ {\isachardoublequoteopen}m\ {\isasymotimes}\ {\isasymone}\ {\isacharequal}\ m{\isachardoublequoteclose}\isanewline
|
|
206 |
\ \ \ \ \isacommand{by}\isamarkupfalse%
|
|
207 |
\ {\isacharparenleft}induct\ m{\isacharparenright}\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ neutral{\isacharunderscore}nat{\isacharunderscore}def{\isacharparenright}\isanewline
|
|
208 |
\isacommand{qed}\isamarkupfalse%
|
|
209 |
\isanewline
|
|
210 |
\isanewline
|
|
211 |
\isacommand{end}\isamarkupfalse%
|
|
212 |
%
|
28564
|
213 |
\endisatagquote
|
|
214 |
{\isafoldquote}%
|
28447
|
215 |
%
|
28564
|
216 |
\isadelimquote
|
28447
|
217 |
%
|
28564
|
218 |
\endisadelimquote
|
28447
|
219 |
%
|
|
220 |
\begin{isamarkuptext}%
|
|
221 |
\noindent We define the natural operation of the natural numbers
|
|
222 |
on monoids:%
|
|
223 |
\end{isamarkuptext}%
|
|
224 |
\isamarkuptrue%
|
|
225 |
%
|
28564
|
226 |
\isadelimquote
|
28447
|
227 |
%
|
28564
|
228 |
\endisadelimquote
|
28447
|
229 |
%
|
28564
|
230 |
\isatagquote
|
28447
|
231 |
\isacommand{primrec}\isamarkupfalse%
|
|
232 |
\ {\isacharparenleft}\isakeyword{in}\ monoid{\isacharparenright}\ pow\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
233 |
\ \ \ \ {\isachardoublequoteopen}pow\ {\isadigit{0}}\ a\ {\isacharequal}\ {\isasymone}{\isachardoublequoteclose}\isanewline
|
|
234 |
\ \ {\isacharbar}\ {\isachardoublequoteopen}pow\ {\isacharparenleft}Suc\ n{\isacharparenright}\ a\ {\isacharequal}\ a\ {\isasymotimes}\ pow\ n\ a{\isachardoublequoteclose}%
|
28564
|
235 |
\endisatagquote
|
|
236 |
{\isafoldquote}%
|
28447
|
237 |
%
|
28564
|
238 |
\isadelimquote
|
28447
|
239 |
%
|
28564
|
240 |
\endisadelimquote
|
28447
|
241 |
%
|
|
242 |
\begin{isamarkuptext}%
|
|
243 |
\noindent This we use to define the discrete exponentiation function:%
|
|
244 |
\end{isamarkuptext}%
|
|
245 |
\isamarkuptrue%
|
|
246 |
%
|
28564
|
247 |
\isadelimquote
|
28447
|
248 |
%
|
28564
|
249 |
\endisadelimquote
|
28447
|
250 |
%
|
28564
|
251 |
\isatagquote
|
28447
|
252 |
\isacommand{definition}\isamarkupfalse%
|
|
253 |
\ bexp\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
254 |
\ \ {\isachardoublequoteopen}bexp\ n\ {\isacharequal}\ pow\ n\ {\isacharparenleft}Suc\ {\isacharparenleft}Suc\ {\isadigit{0}}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
|
28564
|
255 |
\endisatagquote
|
|
256 |
{\isafoldquote}%
|
28447
|
257 |
%
|
28564
|
258 |
\isadelimquote
|
28447
|
259 |
%
|
28564
|
260 |
\endisadelimquote
|
28447
|
261 |
%
|
|
262 |
\begin{isamarkuptext}%
|
|
263 |
\noindent The corresponding code:%
|
|
264 |
\end{isamarkuptext}%
|
|
265 |
\isamarkuptrue%
|
|
266 |
%
|
28564
|
267 |
\isadelimquote
|
28447
|
268 |
%
|
28564
|
269 |
\endisadelimquote
|
28447
|
270 |
%
|
28564
|
271 |
\isatagquote
|
28447
|
272 |
%
|
|
273 |
\begin{isamarkuptext}%
|
|
274 |
\isaverbatim%
|
|
275 |
\noindent%
|
28714
|
276 |
\hspace*{0pt}module Example where {\char123}\\
|
|
277 |
\hspace*{0pt}\\
|
|
278 |
\hspace*{0pt}\\
|
|
279 |
\hspace*{0pt}data Nat = Suc Nat | Zero{\char95}nat;\\
|
|
280 |
\hspace*{0pt}\\
|
|
281 |
\hspace*{0pt}class Semigroup a where {\char123}\\
|
|
282 |
\hspace*{0pt} ~mult ::~a -> a -> a;\\
|
|
283 |
\hspace*{0pt}{\char125};\\
|
|
284 |
\hspace*{0pt}\\
|
|
285 |
\hspace*{0pt}class (Semigroup a) => Monoid a where {\char123}\\
|
|
286 |
\hspace*{0pt} ~neutral ::~a;\\
|
|
287 |
\hspace*{0pt}{\char125};\\
|
|
288 |
\hspace*{0pt}\\
|
|
289 |
\hspace*{0pt}pow ::~forall a. (Monoid a) => Nat -> a -> a;\\
|
|
290 |
\hspace*{0pt}pow Zero{\char95}nat a = neutral;\\
|
|
291 |
\hspace*{0pt}pow (Suc n) a = mult a (pow n a);\\
|
|
292 |
\hspace*{0pt}\\
|
|
293 |
\hspace*{0pt}plus{\char95}nat ::~Nat -> Nat -> Nat;\\
|
|
294 |
\hspace*{0pt}plus{\char95}nat (Suc m) n = plus{\char95}nat m (Suc n);\\
|
|
295 |
\hspace*{0pt}plus{\char95}nat Zero{\char95}nat n = n;\\
|
|
296 |
\hspace*{0pt}\\
|
|
297 |
\hspace*{0pt}neutral{\char95}nat ::~Nat;\\
|
|
298 |
\hspace*{0pt}neutral{\char95}nat = Suc Zero{\char95}nat;\\
|
|
299 |
\hspace*{0pt}\\
|
|
300 |
\hspace*{0pt}mult{\char95}nat ::~Nat -> Nat -> Nat;\\
|
|
301 |
\hspace*{0pt}mult{\char95}nat Zero{\char95}nat n = Zero{\char95}nat;\\
|
|
302 |
\hspace*{0pt}mult{\char95}nat (Suc m) n = plus{\char95}nat n (mult{\char95}nat m n);\\
|
|
303 |
\hspace*{0pt}\\
|
|
304 |
\hspace*{0pt}instance Semigroup Nat where {\char123}\\
|
|
305 |
\hspace*{0pt} ~mult = mult{\char95}nat;\\
|
|
306 |
\hspace*{0pt}{\char125};\\
|
|
307 |
\hspace*{0pt}\\
|
|
308 |
\hspace*{0pt}instance Monoid Nat where {\char123}\\
|
|
309 |
\hspace*{0pt} ~neutral = neutral{\char95}nat;\\
|
|
310 |
\hspace*{0pt}{\char125};\\
|
|
311 |
\hspace*{0pt}\\
|
|
312 |
\hspace*{0pt}bexp ::~Nat -> Nat;\\
|
|
313 |
\hspace*{0pt}bexp n = pow n (Suc (Suc Zero{\char95}nat));\\
|
|
314 |
\hspace*{0pt}\\
|
|
315 |
\hspace*{0pt}{\char125}%
|
28447
|
316 |
\end{isamarkuptext}%
|
|
317 |
\isamarkuptrue%
|
|
318 |
%
|
28564
|
319 |
\endisatagquote
|
|
320 |
{\isafoldquote}%
|
28447
|
321 |
%
|
28564
|
322 |
\isadelimquote
|
28447
|
323 |
%
|
28564
|
324 |
\endisadelimquote
|
28447
|
325 |
%
|
|
326 |
\begin{isamarkuptext}%
|
|
327 |
\noindent This is a convenient place to show how explicit dictionary construction
|
|
328 |
manifests in generated code (here, the same example in \isa{SML}):%
|
|
329 |
\end{isamarkuptext}%
|
|
330 |
\isamarkuptrue%
|
|
331 |
%
|
28564
|
332 |
\isadelimquote
|
28447
|
333 |
%
|
28564
|
334 |
\endisadelimquote
|
28447
|
335 |
%
|
28564
|
336 |
\isatagquote
|
28447
|
337 |
%
|
|
338 |
\begin{isamarkuptext}%
|
|
339 |
\isaverbatim%
|
|
340 |
\noindent%
|
28714
|
341 |
\hspace*{0pt}structure Example = \\
|
|
342 |
\hspace*{0pt}struct\\
|
|
343 |
\hspace*{0pt}\\
|
|
344 |
\hspace*{0pt}datatype nat = Suc of nat | Zero{\char95}nat;\\
|
|
345 |
\hspace*{0pt}\\
|
|
346 |
\hspace*{0pt}type 'a semigroup = {\char123}mult :~'a -> 'a -> 'a{\char125};\\
|
|
347 |
\hspace*{0pt}fun mult (A{\char95}:'a semigroup) = {\char35}mult A{\char95};\\
|
|
348 |
\hspace*{0pt}\\
|
|
349 |
\hspace*{0pt}type 'a monoid = {\char123}Program{\char95}{\char95}semigroup{\char95}monoid :~'a semigroup, neutral :~'a{\char125};\\
|
|
350 |
\hspace*{0pt}fun semigroup{\char95}monoid (A{\char95}:'a monoid) = {\char35}Program{\char95}{\char95}semigroup{\char95}monoid A{\char95};\\
|
|
351 |
\hspace*{0pt}fun neutral (A{\char95}:'a monoid) = {\char35}neutral A{\char95};\\
|
|
352 |
\hspace*{0pt}\\
|
|
353 |
\hspace*{0pt}fun pow A{\char95}~Zero{\char95}nat a = neutral A{\char95}\\
|
|
354 |
\hspace*{0pt} ~| pow A{\char95}~(Suc n) a = mult (semigroup{\char95}monoid A{\char95}) a (pow A{\char95}~n a);\\
|
|
355 |
\hspace*{0pt}\\
|
|
356 |
\hspace*{0pt}fun plus{\char95}nat (Suc m) n = plus{\char95}nat m (Suc n)\\
|
|
357 |
\hspace*{0pt} ~| plus{\char95}nat Zero{\char95}nat n = n;\\
|
|
358 |
\hspace*{0pt}\\
|
|
359 |
\hspace*{0pt}val neutral{\char95}nat :~nat = Suc Zero{\char95}nat;\\
|
|
360 |
\hspace*{0pt}\\
|
|
361 |
\hspace*{0pt}fun mult{\char95}nat Zero{\char95}nat n = Zero{\char95}nat\\
|
|
362 |
\hspace*{0pt} ~| mult{\char95}nat (Suc m) n = plus{\char95}nat n (mult{\char95}nat m n);\\
|
|
363 |
\hspace*{0pt}\\
|
|
364 |
\hspace*{0pt}val semigroup{\char95}nat = {\char123}mult = mult{\char95}nat{\char125}~:~nat semigroup;\\
|
|
365 |
\hspace*{0pt}\\
|
|
366 |
\hspace*{0pt}val monoid{\char95}nat =\\
|
|
367 |
\hspace*{0pt} ~{\char123}Program{\char95}{\char95}semigroup{\char95}monoid = semigroup{\char95}nat, neutral = neutral{\char95}nat{\char125}~:\\
|
|
368 |
\hspace*{0pt} ~nat monoid;\\
|
|
369 |
\hspace*{0pt}\\
|
|
370 |
\hspace*{0pt}fun bexp n = pow monoid{\char95}nat n (Suc (Suc Zero{\char95}nat));\\
|
|
371 |
\hspace*{0pt}\\
|
|
372 |
\hspace*{0pt}end; (*struct Example*)%
|
28447
|
373 |
\end{isamarkuptext}%
|
|
374 |
\isamarkuptrue%
|
|
375 |
%
|
28564
|
376 |
\endisatagquote
|
|
377 |
{\isafoldquote}%
|
28447
|
378 |
%
|
28564
|
379 |
\isadelimquote
|
28447
|
380 |
%
|
28564
|
381 |
\endisadelimquote
|
28447
|
382 |
%
|
|
383 |
\begin{isamarkuptext}%
|
|
384 |
\noindent Note the parameters with trailing underscore (\verb|A_|)
|
|
385 |
which are the dictionary parameters.%
|
|
386 |
\end{isamarkuptext}%
|
|
387 |
\isamarkuptrue%
|
|
388 |
%
|
|
389 |
\isamarkupsubsection{The preprocessor \label{sec:preproc}%
|
|
390 |
}
|
|
391 |
\isamarkuptrue%
|
|
392 |
%
|
|
393 |
\begin{isamarkuptext}%
|
|
394 |
Before selected function theorems are turned into abstract
|
|
395 |
code, a chain of definitional transformation steps is carried
|
|
396 |
out: \emph{preprocessing}. In essence, the preprocessor
|
|
397 |
consists of two components: a \emph{simpset} and \emph{function transformers}.
|
|
398 |
|
|
399 |
The \emph{simpset} allows to employ the full generality of the Isabelle
|
|
400 |
simplifier. Due to the interpretation of theorems
|
|
401 |
as defining equations, rewrites are applied to the right
|
|
402 |
hand side and the arguments of the left hand side of an
|
|
403 |
equation, but never to the constant heading the left hand side.
|
|
404 |
An important special case are \emph{inline theorems} which may be
|
|
405 |
declared and undeclared using the
|
|
406 |
\emph{code inline} or \emph{code inline del} attribute respectively.
|
|
407 |
|
|
408 |
Some common applications:%
|
|
409 |
\end{isamarkuptext}%
|
|
410 |
\isamarkuptrue%
|
|
411 |
%
|
|
412 |
\begin{itemize}
|
|
413 |
%
|
|
414 |
\begin{isamarkuptext}%
|
|
415 |
\item replacing non-executable constructs by executable ones:%
|
|
416 |
\end{isamarkuptext}%
|
|
417 |
\isamarkuptrue%
|
|
418 |
%
|
28564
|
419 |
\isadelimquote
|
28447
|
420 |
%
|
28564
|
421 |
\endisadelimquote
|
28447
|
422 |
%
|
28564
|
423 |
\isatagquote
|
28447
|
424 |
\isacommand{lemma}\isamarkupfalse%
|
|
425 |
\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
|
|
426 |
\ \ {\isachardoublequoteopen}x\ {\isasymin}\ set\ xs\ {\isasymlongleftrightarrow}\ x\ mem\ xs{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
|
|
427 |
\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
|
28564
|
428 |
\endisatagquote
|
|
429 |
{\isafoldquote}%
|
28447
|
430 |
%
|
28564
|
431 |
\isadelimquote
|
28447
|
432 |
%
|
28564
|
433 |
\endisadelimquote
|
28447
|
434 |
%
|
|
435 |
\begin{isamarkuptext}%
|
|
436 |
\item eliminating superfluous constants:%
|
|
437 |
\end{isamarkuptext}%
|
|
438 |
\isamarkuptrue%
|
|
439 |
%
|
28564
|
440 |
\isadelimquote
|
28447
|
441 |
%
|
28564
|
442 |
\endisadelimquote
|
28447
|
443 |
%
|
28564
|
444 |
\isatagquote
|
28447
|
445 |
\isacommand{lemma}\isamarkupfalse%
|
|
446 |
\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
|
|
447 |
\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharequal}\ Suc\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
|
|
448 |
\ simp%
|
28564
|
449 |
\endisatagquote
|
|
450 |
{\isafoldquote}%
|
28447
|
451 |
%
|
28564
|
452 |
\isadelimquote
|
28447
|
453 |
%
|
28564
|
454 |
\endisadelimquote
|
28447
|
455 |
%
|
|
456 |
\begin{isamarkuptext}%
|
|
457 |
\item replacing executable but inconvenient constructs:%
|
|
458 |
\end{isamarkuptext}%
|
|
459 |
\isamarkuptrue%
|
|
460 |
%
|
28564
|
461 |
\isadelimquote
|
28447
|
462 |
%
|
28564
|
463 |
\endisadelimquote
|
28447
|
464 |
%
|
28564
|
465 |
\isatagquote
|
28447
|
466 |
\isacommand{lemma}\isamarkupfalse%
|
|
467 |
\ {\isacharbrackleft}code\ inline{\isacharbrackright}{\isacharcolon}\isanewline
|
|
468 |
\ \ {\isachardoublequoteopen}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongleftrightarrow}\ List{\isachardot}null\ xs{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
|
|
469 |
\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
|
28564
|
470 |
\endisatagquote
|
|
471 |
{\isafoldquote}%
|
28447
|
472 |
%
|
28564
|
473 |
\isadelimquote
|
28447
|
474 |
%
|
28564
|
475 |
\endisadelimquote
|
28447
|
476 |
%
|
|
477 |
\end{itemize}
|
|
478 |
%
|
|
479 |
\begin{isamarkuptext}%
|
|
480 |
\noindent \emph{Function transformers} provide a very general interface,
|
|
481 |
transforming a list of function theorems to another
|
|
482 |
list of function theorems, provided that neither the heading
|
|
483 |
constant nor its type change. The \isa{{\isadigit{0}}} / \isa{Suc}
|
|
484 |
pattern elimination implemented in
|
|
485 |
theory \isa{Efficient{\isacharunderscore}Nat} (see \secref{eff_nat}) uses this
|
|
486 |
interface.
|
|
487 |
|
|
488 |
\noindent The current setup of the preprocessor may be inspected using
|
|
489 |
the \hyperlink{command.print-codesetup}{\mbox{\isa{\isacommand{print{\isacharunderscore}codesetup}}}} command.
|
|
490 |
\hyperlink{command.code-thms}{\mbox{\isa{\isacommand{code{\isacharunderscore}thms}}}} provides a convenient
|
|
491 |
mechanism to inspect the impact of a preprocessor setup
|
|
492 |
on defining equations.
|
|
493 |
|
|
494 |
\begin{warn}
|
|
495 |
The attribute \emph{code unfold}
|
|
496 |
associated with the \isa{SML\ code\ generator} also applies to
|
|
497 |
the \isa{generic\ code\ generator}:
|
|
498 |
\emph{code unfold} implies \emph{code inline}.
|
|
499 |
\end{warn}%
|
|
500 |
\end{isamarkuptext}%
|
|
501 |
\isamarkuptrue%
|
|
502 |
%
|
|
503 |
\isamarkupsubsection{Datatypes \label{sec:datatypes}%
|
|
504 |
}
|
|
505 |
\isamarkuptrue%
|
|
506 |
%
|
|
507 |
\begin{isamarkuptext}%
|
|
508 |
Conceptually, any datatype is spanned by a set of
|
|
509 |
\emph{constructors} of type \isa{{\isasymtau}\ {\isacharequal}\ {\isasymdots}\ {\isasymRightarrow}\ {\isasymkappa}\ {\isasymalpha}\isactrlisub {\isadigit{1}}\ {\isasymdots}\ {\isasymalpha}\isactrlisub n}
|
28593
|
510 |
where \isa{{\isacharbraceleft}{\isasymalpha}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlisub n{\isacharbraceright}} is exactly the set of \emph{all}
|
28447
|
511 |
type variables in \isa{{\isasymtau}}. The HOL datatype package
|
|
512 |
by default registers any new datatype in the table
|
|
513 |
of datatypes, which may be inspected using
|
|
514 |
the \hyperlink{command.print-codesetup}{\mbox{\isa{\isacommand{print{\isacharunderscore}codesetup}}}} command.
|
|
515 |
|
|
516 |
In some cases, it may be convenient to alter or
|
|
517 |
extend this table; as an example, we will develop an alternative
|
|
518 |
representation of natural numbers as binary digits, whose
|
|
519 |
size does increase logarithmically with its value, not linear
|
|
520 |
\footnote{Indeed, the \hyperlink{theory.Efficient-Nat}{\mbox{\isa{Efficient{\isacharunderscore}Nat}}} theory (see \ref{eff_nat})
|
|
521 |
does something similar}. First, the digit representation:%
|
|
522 |
\end{isamarkuptext}%
|
|
523 |
\isamarkuptrue%
|
|
524 |
%
|
28564
|
525 |
\isadelimquote
|
28447
|
526 |
%
|
28564
|
527 |
\endisadelimquote
|
28447
|
528 |
%
|
28564
|
529 |
\isatagquote
|
28447
|
530 |
\isacommand{definition}\isamarkupfalse%
|
|
531 |
\ Dig{\isadigit{0}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
532 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ n\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ n{\isachardoublequoteclose}\isanewline
|
|
533 |
\isanewline
|
|
534 |
\isacommand{definition}\isamarkupfalse%
|
|
535 |
\ \ Dig{\isadigit{1}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}nat\ {\isasymRightarrow}\ nat{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
536 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ n\ {\isacharequal}\ Suc\ {\isacharparenleft}{\isadigit{2}}\ {\isacharasterisk}\ n{\isacharparenright}{\isachardoublequoteclose}%
|
28564
|
537 |
\endisatagquote
|
|
538 |
{\isafoldquote}%
|
28447
|
539 |
%
|
28564
|
540 |
\isadelimquote
|
28447
|
541 |
%
|
28564
|
542 |
\endisadelimquote
|
28447
|
543 |
%
|
|
544 |
\begin{isamarkuptext}%
|
|
545 |
\noindent We will use these two \qt{digits} to represent natural numbers
|
|
546 |
in binary digits, e.g.:%
|
|
547 |
\end{isamarkuptext}%
|
|
548 |
\isamarkuptrue%
|
|
549 |
%
|
28564
|
550 |
\isadelimquote
|
28447
|
551 |
%
|
28564
|
552 |
\endisadelimquote
|
28447
|
553 |
%
|
28564
|
554 |
\isatagquote
|
28447
|
555 |
\isacommand{lemma}\isamarkupfalse%
|
|
556 |
\ {\isadigit{4}}{\isadigit{2}}{\isacharcolon}\ {\isachardoublequoteopen}{\isadigit{4}}{\isadigit{2}}\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}Dig{\isadigit{1}}\ {\isacharparenleft}Dig{\isadigit{0}}\ {\isacharparenleft}Dig{\isadigit{1}}\ {\isacharparenleft}Dig{\isadigit{0}}\ {\isadigit{1}}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
557 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
558 |
\ {\isacharparenleft}simp\ add{\isacharcolon}\ Dig{\isadigit{0}}{\isacharunderscore}def\ Dig{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}%
|
28564
|
559 |
\endisatagquote
|
|
560 |
{\isafoldquote}%
|
28447
|
561 |
%
|
28564
|
562 |
\isadelimquote
|
28447
|
563 |
%
|
28564
|
564 |
\endisadelimquote
|
28447
|
565 |
%
|
|
566 |
\begin{isamarkuptext}%
|
|
567 |
\noindent Of course we also have to provide proper code equations for
|
|
568 |
the operations, e.g. \isa{op\ {\isacharplus}}:%
|
|
569 |
\end{isamarkuptext}%
|
|
570 |
\isamarkuptrue%
|
|
571 |
%
|
28564
|
572 |
\isadelimquote
|
28447
|
573 |
%
|
28564
|
574 |
\endisadelimquote
|
28447
|
575 |
%
|
28564
|
576 |
\isatagquote
|
28447
|
577 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
578 |
\ plus{\isacharunderscore}Dig\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
579 |
\ \ {\isachardoublequoteopen}{\isadigit{0}}\ {\isacharplus}\ n\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
|
|
580 |
\ \ {\isachardoublequoteopen}m\ {\isacharplus}\ {\isadigit{0}}\ {\isacharequal}\ m{\isachardoublequoteclose}\isanewline
|
|
581 |
\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ n{\isachardoublequoteclose}\isanewline
|
|
582 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ {\isadigit{1}}\ {\isacharequal}\ Dig{\isadigit{1}}\ m{\isachardoublequoteclose}\isanewline
|
|
583 |
\ \ {\isachardoublequoteopen}{\isadigit{1}}\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}n\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
584 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ {\isadigit{1}}\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
585 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
586 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{0}}\ m\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
587 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ Dig{\isadigit{0}}\ n\ {\isacharequal}\ Dig{\isadigit{1}}\ {\isacharparenleft}m\ {\isacharplus}\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
588 |
\ \ {\isachardoublequoteopen}Dig{\isadigit{1}}\ m\ {\isacharplus}\ Dig{\isadigit{1}}\ n\ {\isacharequal}\ Dig{\isadigit{0}}\ {\isacharparenleft}m\ {\isacharplus}\ n\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
589 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
590 |
\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ Dig{\isadigit{0}}{\isacharunderscore}def\ Dig{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}%
|
28564
|
591 |
\endisatagquote
|
|
592 |
{\isafoldquote}%
|
28447
|
593 |
%
|
28564
|
594 |
\isadelimquote
|
28447
|
595 |
%
|
28564
|
596 |
\endisadelimquote
|
28447
|
597 |
%
|
|
598 |
\begin{isamarkuptext}%
|
|
599 |
\noindent We then instruct the code generator to view \isa{{\isadigit{0}}},
|
|
600 |
\isa{{\isadigit{1}}}, \isa{Dig{\isadigit{0}}} and \isa{Dig{\isadigit{1}}} as
|
|
601 |
datatype constructors:%
|
|
602 |
\end{isamarkuptext}%
|
|
603 |
\isamarkuptrue%
|
|
604 |
%
|
28564
|
605 |
\isadelimquote
|
28447
|
606 |
%
|
28564
|
607 |
\endisadelimquote
|
28447
|
608 |
%
|
28564
|
609 |
\isatagquote
|
28447
|
610 |
\isacommand{code{\isacharunderscore}datatype}\isamarkupfalse%
|
|
611 |
\ {\isachardoublequoteopen}{\isadigit{0}}{\isasymColon}nat{\isachardoublequoteclose}\ {\isachardoublequoteopen}{\isadigit{1}}{\isasymColon}nat{\isachardoublequoteclose}\ Dig{\isadigit{0}}\ Dig{\isadigit{1}}%
|
28564
|
612 |
\endisatagquote
|
|
613 |
{\isafoldquote}%
|
28447
|
614 |
%
|
28564
|
615 |
\isadelimquote
|
28447
|
616 |
%
|
28564
|
617 |
\endisadelimquote
|
28447
|
618 |
%
|
|
619 |
\begin{isamarkuptext}%
|
|
620 |
\noindent For the former constructor \isa{Suc}, we provide a code
|
|
621 |
equation and remove some parts of the default code generator setup
|
|
622 |
which are an obstacle here:%
|
|
623 |
\end{isamarkuptext}%
|
|
624 |
\isamarkuptrue%
|
|
625 |
%
|
28564
|
626 |
\isadelimquote
|
28447
|
627 |
%
|
28564
|
628 |
\endisadelimquote
|
28447
|
629 |
%
|
28564
|
630 |
\isatagquote
|
28447
|
631 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
632 |
\ Suc{\isacharunderscore}Dig\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
633 |
\ \ {\isachardoublequoteopen}Suc\ n\ {\isacharequal}\ n\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
|
|
634 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
635 |
\ simp\isanewline
|
|
636 |
\isanewline
|
|
637 |
\isacommand{declare}\isamarkupfalse%
|
|
638 |
\ One{\isacharunderscore}nat{\isacharunderscore}def\ {\isacharbrackleft}code\ inline\ del{\isacharbrackright}\isanewline
|
|
639 |
\isacommand{declare}\isamarkupfalse%
|
28562
|
640 |
\ add{\isacharunderscore}Suc{\isacharunderscore}shift\ {\isacharbrackleft}code\ del{\isacharbrackright}%
|
28564
|
641 |
\endisatagquote
|
|
642 |
{\isafoldquote}%
|
28447
|
643 |
%
|
28564
|
644 |
\isadelimquote
|
28447
|
645 |
%
|
28564
|
646 |
\endisadelimquote
|
28447
|
647 |
%
|
|
648 |
\begin{isamarkuptext}%
|
|
649 |
\noindent This yields the following code:%
|
|
650 |
\end{isamarkuptext}%
|
|
651 |
\isamarkuptrue%
|
|
652 |
%
|
28564
|
653 |
\isadelimquote
|
28447
|
654 |
%
|
28564
|
655 |
\endisadelimquote
|
28447
|
656 |
%
|
28564
|
657 |
\isatagquote
|
28447
|
658 |
%
|
|
659 |
\begin{isamarkuptext}%
|
|
660 |
\isaverbatim%
|
|
661 |
\noindent%
|
28714
|
662 |
\hspace*{0pt}structure Example = \\
|
|
663 |
\hspace*{0pt}struct\\
|
|
664 |
\hspace*{0pt}\\
|
|
665 |
\hspace*{0pt}datatype nat = Dig1 of nat | Dig0 of nat | One{\char95}nat | Zero{\char95}nat;\\
|
|
666 |
\hspace*{0pt}\\
|
|
667 |
\hspace*{0pt}fun plus{\char95}nat (Dig1 m) (Dig1 n) = Dig0 (plus{\char95}nat (plus{\char95}nat m n) One{\char95}nat)\\
|
|
668 |
\hspace*{0pt} ~| plus{\char95}nat (Dig1 m) (Dig0 n) = Dig1 (plus{\char95}nat m n)\\
|
|
669 |
\hspace*{0pt} ~| plus{\char95}nat (Dig0 m) (Dig1 n) = Dig1 (plus{\char95}nat m n)\\
|
|
670 |
\hspace*{0pt} ~| plus{\char95}nat (Dig0 m) (Dig0 n) = Dig0 (plus{\char95}nat m n)\\
|
|
671 |
\hspace*{0pt} ~| plus{\char95}nat (Dig1 m) One{\char95}nat = Dig0 (plus{\char95}nat m One{\char95}nat)\\
|
|
672 |
\hspace*{0pt} ~| plus{\char95}nat One{\char95}nat (Dig1 n) = Dig0 (plus{\char95}nat n One{\char95}nat)\\
|
|
673 |
\hspace*{0pt} ~| plus{\char95}nat (Dig0 m) One{\char95}nat = Dig1 m\\
|
|
674 |
\hspace*{0pt} ~| plus{\char95}nat One{\char95}nat (Dig0 n) = Dig1 n\\
|
|
675 |
\hspace*{0pt} ~| plus{\char95}nat m Zero{\char95}nat = m\\
|
|
676 |
\hspace*{0pt} ~| plus{\char95}nat Zero{\char95}nat n = n;\\
|
|
677 |
\hspace*{0pt}\\
|
|
678 |
\hspace*{0pt}end; (*struct Example*)%
|
28447
|
679 |
\end{isamarkuptext}%
|
|
680 |
\isamarkuptrue%
|
|
681 |
%
|
28564
|
682 |
\endisatagquote
|
|
683 |
{\isafoldquote}%
|
28447
|
684 |
%
|
28564
|
685 |
\isadelimquote
|
28447
|
686 |
%
|
28564
|
687 |
\endisadelimquote
|
28447
|
688 |
%
|
|
689 |
\begin{isamarkuptext}%
|
|
690 |
\noindent From this example, it can be easily glimpsed that using own constructor sets
|
|
691 |
is a little delicate since it changes the set of valid patterns for values
|
|
692 |
of that type. Without going into much detail, here some practical hints:
|
|
693 |
|
|
694 |
\begin{itemize}
|
|
695 |
\item When changing the constructor set for datatypes, take care to
|
|
696 |
provide an alternative for the \isa{case} combinator (e.g.~by replacing
|
|
697 |
it using the preprocessor).
|
|
698 |
\item Values in the target language need not to be normalised -- different
|
|
699 |
values in the target language may represent the same value in the
|
|
700 |
logic (e.g. \isa{Dig{\isadigit{1}}\ {\isadigit{0}}\ {\isacharequal}\ {\isadigit{1}}}).
|
|
701 |
\item Usually, a good methodology to deal with the subtleties of pattern
|
|
702 |
matching is to see the type as an abstract type: provide a set
|
|
703 |
of operations which operate on the concrete representation of the type,
|
|
704 |
and derive further operations by combinations of these primitive ones,
|
|
705 |
without relying on a particular representation.
|
|
706 |
\end{itemize}%
|
|
707 |
\end{isamarkuptext}%
|
|
708 |
\isamarkuptrue%
|
|
709 |
%
|
|
710 |
\isadeliminvisible
|
|
711 |
%
|
|
712 |
\endisadeliminvisible
|
|
713 |
%
|
|
714 |
\isataginvisible
|
|
715 |
\isacommand{code{\isacharunderscore}datatype}\isamarkupfalse%
|
|
716 |
\ {\isachardoublequoteopen}{\isadigit{0}}{\isacharcolon}{\isacharcolon}nat{\isachardoublequoteclose}\ Suc\isanewline
|
|
717 |
\isacommand{declare}\isamarkupfalse%
|
28562
|
718 |
\ plus{\isacharunderscore}Dig\ {\isacharbrackleft}code\ del{\isacharbrackright}\isanewline
|
28447
|
719 |
\isacommand{declare}\isamarkupfalse%
|
|
720 |
\ One{\isacharunderscore}nat{\isacharunderscore}def\ {\isacharbrackleft}code\ inline{\isacharbrackright}\isanewline
|
|
721 |
\isacommand{declare}\isamarkupfalse%
|
28562
|
722 |
\ add{\isacharunderscore}Suc{\isacharunderscore}shift\ {\isacharbrackleft}code{\isacharbrackright}\ \isanewline
|
28447
|
723 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
724 |
\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\ {\isachardoublequoteopen}{\isadigit{0}}\ {\isacharplus}\ n\ {\isacharequal}\ {\isacharparenleft}n\ {\isasymColon}\ nat{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
|
28447
|
725 |
\ simp%
|
|
726 |
\endisataginvisible
|
|
727 |
{\isafoldinvisible}%
|
|
728 |
%
|
|
729 |
\isadeliminvisible
|
|
730 |
%
|
|
731 |
\endisadeliminvisible
|
|
732 |
%
|
|
733 |
\isamarkupsubsection{Equality and wellsortedness%
|
|
734 |
}
|
|
735 |
\isamarkuptrue%
|
|
736 |
%
|
|
737 |
\begin{isamarkuptext}%
|
|
738 |
Surely you have already noticed how equality is treated
|
|
739 |
by the code generator:%
|
|
740 |
\end{isamarkuptext}%
|
|
741 |
\isamarkuptrue%
|
|
742 |
%
|
28564
|
743 |
\isadelimquote
|
28447
|
744 |
%
|
28564
|
745 |
\endisadelimquote
|
28447
|
746 |
%
|
28564
|
747 |
\isatagquote
|
28447
|
748 |
\isacommand{primrec}\isamarkupfalse%
|
|
749 |
\ collect{\isacharunderscore}duplicates\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
750 |
\ \ {\isachardoublequoteopen}collect{\isacharunderscore}duplicates\ xs\ ys\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequoteclose}\isanewline
|
|
751 |
\ \ {\isacharbar}\ {\isachardoublequoteopen}collect{\isacharunderscore}duplicates\ xs\ ys\ {\isacharparenleft}z{\isacharhash}zs{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}if\ z\ {\isasymin}\ set\ xs\isanewline
|
|
752 |
\ \ \ \ \ \ then\ if\ z\ {\isasymin}\ set\ ys\isanewline
|
|
753 |
\ \ \ \ \ \ \ \ then\ collect{\isacharunderscore}duplicates\ xs\ ys\ zs\isanewline
|
|
754 |
\ \ \ \ \ \ \ \ else\ collect{\isacharunderscore}duplicates\ xs\ {\isacharparenleft}z{\isacharhash}ys{\isacharparenright}\ zs\isanewline
|
|
755 |
\ \ \ \ \ \ else\ collect{\isacharunderscore}duplicates\ {\isacharparenleft}z{\isacharhash}xs{\isacharparenright}\ {\isacharparenleft}z{\isacharhash}ys{\isacharparenright}\ zs{\isacharparenright}{\isachardoublequoteclose}%
|
28564
|
756 |
\endisatagquote
|
|
757 |
{\isafoldquote}%
|
28447
|
758 |
%
|
28564
|
759 |
\isadelimquote
|
28447
|
760 |
%
|
28564
|
761 |
\endisadelimquote
|
28447
|
762 |
%
|
|
763 |
\begin{isamarkuptext}%
|
|
764 |
\noindent The membership test during preprocessing is rewritten,
|
|
765 |
resulting in \isa{op\ mem}, which itself
|
|
766 |
performs an explicit equality check.%
|
|
767 |
\end{isamarkuptext}%
|
|
768 |
\isamarkuptrue%
|
|
769 |
%
|
28564
|
770 |
\isadelimquote
|
28447
|
771 |
%
|
28564
|
772 |
\endisadelimquote
|
28447
|
773 |
%
|
28564
|
774 |
\isatagquote
|
28447
|
775 |
%
|
|
776 |
\begin{isamarkuptext}%
|
|
777 |
\isaverbatim%
|
|
778 |
\noindent%
|
28714
|
779 |
\hspace*{0pt}structure Example = \\
|
|
780 |
\hspace*{0pt}struct\\
|
|
781 |
\hspace*{0pt}\\
|
|
782 |
\hspace*{0pt}type 'a eq = {\char123}eq :~'a -> 'a -> bool{\char125};\\
|
|
783 |
\hspace*{0pt}fun eq (A{\char95}:'a eq) = {\char35}eq A{\char95};\\
|
|
784 |
\hspace*{0pt}\\
|
|
785 |
\hspace*{0pt}fun eqop A{\char95}~a b = eq A{\char95}~a b;\\
|
|
786 |
\hspace*{0pt}\\
|
|
787 |
\hspace*{0pt}fun member A{\char95}~x [] = false\\
|
|
788 |
\hspace*{0pt} ~| member A{\char95}~x (y ::~ys) = eqop A{\char95}~x y orelse member A{\char95}~x ys;\\
|
|
789 |
\hspace*{0pt}\\
|
|
790 |
\hspace*{0pt}fun collect{\char95}duplicates A{\char95}~xs ys [] = xs\\
|
|
791 |
\hspace*{0pt} ~| collect{\char95}duplicates A{\char95}~xs ys (z ::~zs) =\\
|
|
792 |
\hspace*{0pt} ~~~(if member A{\char95}~z xs\\
|
|
793 |
\hspace*{0pt} ~~~~~then (if member A{\char95}~z ys then collect{\char95}duplicates A{\char95}~xs ys zs\\
|
|
794 |
\hspace*{0pt} ~~~~~~~~~~~~else collect{\char95}duplicates A{\char95}~xs (z ::~ys) zs)\\
|
|
795 |
\hspace*{0pt} ~~~~~else collect{\char95}duplicates A{\char95}~(z ::~xs) (z ::~ys) zs);\\
|
|
796 |
\hspace*{0pt}\\
|
|
797 |
\hspace*{0pt}end; (*struct Example*)%
|
28447
|
798 |
\end{isamarkuptext}%
|
|
799 |
\isamarkuptrue%
|
|
800 |
%
|
28564
|
801 |
\endisatagquote
|
|
802 |
{\isafoldquote}%
|
28447
|
803 |
%
|
28564
|
804 |
\isadelimquote
|
28447
|
805 |
%
|
28564
|
806 |
\endisadelimquote
|
28447
|
807 |
%
|
|
808 |
\begin{isamarkuptext}%
|
|
809 |
\noindent Obviously, polymorphic equality is implemented the Haskell
|
|
810 |
way using a type class. How is this achieved? HOL introduces
|
|
811 |
an explicit class \isa{eq} with a corresponding operation
|
|
812 |
\isa{eq{\isacharunderscore}class{\isachardot}eq} such that \isa{eq{\isacharunderscore}class{\isachardot}eq\ {\isacharequal}\ op\ {\isacharequal}}.
|
|
813 |
The preprocessing framework does the rest by propagating the
|
|
814 |
\isa{eq} constraints through all dependent defining equations.
|
|
815 |
For datatypes, instances of \isa{eq} are implicitly derived
|
|
816 |
when possible. For other types, you may instantiate \isa{eq}
|
|
817 |
manually like any other type class.
|
|
818 |
|
|
819 |
Though this \isa{eq} class is designed to get rarely in
|
|
820 |
the way, a subtlety
|
|
821 |
enters the stage when definitions of overloaded constants
|
|
822 |
are dependent on operational equality. For example, let
|
|
823 |
us define a lexicographic ordering on tuples
|
|
824 |
(also see theory \hyperlink{theory.Product-ord}{\mbox{\isa{Product{\isacharunderscore}ord}}}):%
|
|
825 |
\end{isamarkuptext}%
|
|
826 |
\isamarkuptrue%
|
|
827 |
%
|
28564
|
828 |
\isadelimquote
|
28447
|
829 |
%
|
28564
|
830 |
\endisadelimquote
|
28447
|
831 |
%
|
28564
|
832 |
\isatagquote
|
28447
|
833 |
\isacommand{instantiation}\isamarkupfalse%
|
|
834 |
\ {\isachardoublequoteopen}{\isacharasterisk}{\isachardoublequoteclose}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}order{\isacharcomma}\ order{\isacharparenright}\ order\isanewline
|
|
835 |
\isakeyword{begin}\isanewline
|
|
836 |
\isanewline
|
|
837 |
\isacommand{definition}\isamarkupfalse%
|
28562
|
838 |
\ {\isacharbrackleft}code\ del{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
839 |
\ \ {\isachardoublequoteopen}x\ {\isasymle}\ y\ {\isasymlongleftrightarrow}\ fst\ x\ {\isacharless}\ fst\ y\ {\isasymor}\ fst\ x\ {\isacharequal}\ fst\ y\ {\isasymand}\ snd\ x\ {\isasymle}\ snd\ y{\isachardoublequoteclose}\isanewline
|
|
840 |
\isanewline
|
|
841 |
\isacommand{definition}\isamarkupfalse%
|
28562
|
842 |
\ {\isacharbrackleft}code\ del{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
843 |
\ \ {\isachardoublequoteopen}x\ {\isacharless}\ y\ {\isasymlongleftrightarrow}\ fst\ x\ {\isacharless}\ fst\ y\ {\isasymor}\ fst\ x\ {\isacharequal}\ fst\ y\ {\isasymand}\ snd\ x\ {\isacharless}\ snd\ y{\isachardoublequoteclose}\isanewline
|
|
844 |
\isanewline
|
|
845 |
\isacommand{instance}\isamarkupfalse%
|
|
846 |
\ \isacommand{proof}\isamarkupfalse%
|
|
847 |
\isanewline
|
|
848 |
\isacommand{qed}\isamarkupfalse%
|
|
849 |
\ {\isacharparenleft}auto\ simp{\isacharcolon}\ less{\isacharunderscore}eq{\isacharunderscore}prod{\isacharunderscore}def\ less{\isacharunderscore}prod{\isacharunderscore}def\ intro{\isacharcolon}\ order{\isacharunderscore}less{\isacharunderscore}trans{\isacharparenright}\isanewline
|
|
850 |
\isanewline
|
|
851 |
\isacommand{end}\isamarkupfalse%
|
|
852 |
\isanewline
|
|
853 |
\isanewline
|
|
854 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
855 |
\ order{\isacharunderscore}prod\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
856 |
\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}order{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}order{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
|
|
857 |
\ \ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isacharless}\ y{\isadigit{2}}{\isachardoublequoteclose}\isanewline
|
|
858 |
\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}order{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}order{\isacharparenright}\ {\isasymle}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
|
|
859 |
\ \ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isasymle}\ y{\isadigit{2}}{\isachardoublequoteclose}\isanewline
|
|
860 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
861 |
\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ less{\isacharunderscore}prod{\isacharunderscore}def\ less{\isacharunderscore}eq{\isacharunderscore}prod{\isacharunderscore}def{\isacharparenright}%
|
28564
|
862 |
\endisatagquote
|
|
863 |
{\isafoldquote}%
|
28447
|
864 |
%
|
28564
|
865 |
\isadelimquote
|
28447
|
866 |
%
|
28564
|
867 |
\endisadelimquote
|
28447
|
868 |
%
|
|
869 |
\begin{isamarkuptext}%
|
|
870 |
\noindent Then code generation will fail. Why? The definition
|
|
871 |
of \isa{op\ {\isasymle}} depends on equality on both arguments,
|
|
872 |
which are polymorphic and impose an additional \isa{eq}
|
|
873 |
class constraint, which the preprocessor does not propagate
|
|
874 |
(for technical reasons).
|
|
875 |
|
|
876 |
The solution is to add \isa{eq} explicitly to the first sort arguments in the
|
|
877 |
code theorems:%
|
|
878 |
\end{isamarkuptext}%
|
|
879 |
\isamarkuptrue%
|
|
880 |
%
|
28564
|
881 |
\isadelimquote
|
28447
|
882 |
%
|
28564
|
883 |
\endisadelimquote
|
28447
|
884 |
%
|
28564
|
885 |
\isatagquote
|
28447
|
886 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
887 |
\ order{\isacharunderscore}prod{\isacharunderscore}code\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
888 |
\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}{\isacharbraceleft}order{\isacharcomma}\ eq{\isacharbraceright}{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}order{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
|
|
889 |
\ \ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isacharless}\ y{\isadigit{2}}{\isachardoublequoteclose}\isanewline
|
|
890 |
\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}a{\isasymColon}{\isacharbraceleft}order{\isacharcomma}\ eq{\isacharbraceright}{\isacharcomma}\ y{\isadigit{1}}\ {\isasymColon}\ {\isacharprime}b{\isasymColon}order{\isacharparenright}\ {\isasymle}\ {\isacharparenleft}x{\isadigit{2}}{\isacharcomma}\ y{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
|
|
891 |
\ \ \ \ \ x{\isadigit{1}}\ {\isacharless}\ x{\isadigit{2}}\ {\isasymor}\ x{\isadigit{1}}\ {\isacharequal}\ x{\isadigit{2}}\ {\isasymand}\ y{\isadigit{1}}\ {\isasymle}\ y{\isadigit{2}}{\isachardoublequoteclose}\isanewline
|
|
892 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
893 |
\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ less{\isacharunderscore}prod{\isacharunderscore}def\ less{\isacharunderscore}eq{\isacharunderscore}prod{\isacharunderscore}def{\isacharparenright}%
|
28564
|
894 |
\endisatagquote
|
|
895 |
{\isafoldquote}%
|
28447
|
896 |
%
|
28564
|
897 |
\isadelimquote
|
28447
|
898 |
%
|
28564
|
899 |
\endisadelimquote
|
28447
|
900 |
%
|
|
901 |
\begin{isamarkuptext}%
|
|
902 |
\noindent Then code generation succeeds:%
|
|
903 |
\end{isamarkuptext}%
|
|
904 |
\isamarkuptrue%
|
|
905 |
%
|
28564
|
906 |
\isadelimquote
|
28447
|
907 |
%
|
28564
|
908 |
\endisadelimquote
|
28447
|
909 |
%
|
28564
|
910 |
\isatagquote
|
28447
|
911 |
%
|
|
912 |
\begin{isamarkuptext}%
|
|
913 |
\isaverbatim%
|
|
914 |
\noindent%
|
28714
|
915 |
\hspace*{0pt}structure Example = \\
|
|
916 |
\hspace*{0pt}struct\\
|
|
917 |
\hspace*{0pt}\\
|
|
918 |
\hspace*{0pt}type 'a eq = {\char123}eq :~'a -> 'a -> bool{\char125};\\
|
|
919 |
\hspace*{0pt}fun eq (A{\char95}:'a eq) = {\char35}eq A{\char95};\\
|
|
920 |
\hspace*{0pt}\\
|
|
921 |
\hspace*{0pt}type 'a ord = {\char123}less{\char95}eq :~'a -> 'a -> bool, less :~'a -> 'a -> bool{\char125};\\
|
|
922 |
\hspace*{0pt}fun less{\char95}eq (A{\char95}:'a ord) = {\char35}less{\char95}eq A{\char95};\\
|
|
923 |
\hspace*{0pt}fun less (A{\char95}:'a ord) = {\char35}less A{\char95};\\
|
|
924 |
\hspace*{0pt}\\
|
|
925 |
\hspace*{0pt}fun eqop A{\char95}~a b = eq A{\char95}~a b;\\
|
|
926 |
\hspace*{0pt}\\
|
|
927 |
\hspace*{0pt}type 'a preorder = {\char123}Orderings{\char95}{\char95}ord{\char95}preorder :~'a ord{\char125};\\
|
|
928 |
\hspace*{0pt}fun ord{\char95}preorder (A{\char95}:'a preorder) = {\char35}Orderings{\char95}{\char95}ord{\char95}preorder A{\char95};\\
|
|
929 |
\hspace*{0pt}\\
|
|
930 |
\hspace*{0pt}type 'a order = {\char123}Orderings{\char95}{\char95}preorder{\char95}order :~'a preorder{\char125};\\
|
|
931 |
\hspace*{0pt}fun preorder{\char95}order (A{\char95}:'a order) = {\char35}Orderings{\char95}{\char95}preorder{\char95}order A{\char95};\\
|
|
932 |
\hspace*{0pt}\\
|
|
933 |
\hspace*{0pt}fun less{\char95}eqa (A1{\char95}, A2{\char95}) B{\char95}~(x1, y1) (x2, y2) =\\
|
|
934 |
\hspace*{0pt} ~less ((ord{\char95}preorder o preorder{\char95}order) A2{\char95}) x1 x2 orelse\\
|
|
935 |
\hspace*{0pt} ~~~eqop A1{\char95}~x1 x2 andalso\\
|
|
936 |
\hspace*{0pt} ~~~~~less{\char95}eq ((ord{\char95}preorder o preorder{\char95}order) B{\char95}) y1 y2\\
|
|
937 |
\hspace*{0pt} ~| less{\char95}eqa (A1{\char95}, A2{\char95}) B{\char95}~(x1, y1) (x2, y2) =\\
|
|
938 |
\hspace*{0pt} ~~~less ((ord{\char95}preorder o preorder{\char95}order) A2{\char95}) x1 x2 orelse\\
|
|
939 |
\hspace*{0pt} ~~~~~eqop A1{\char95}~x1 x2 andalso\\
|
|
940 |
\hspace*{0pt} ~~~~~~~less{\char95}eq ((ord{\char95}preorder o preorder{\char95}order) B{\char95}) y1 y2;\\
|
|
941 |
\hspace*{0pt}\\
|
|
942 |
\hspace*{0pt}end; (*struct Example*)%
|
28447
|
943 |
\end{isamarkuptext}%
|
|
944 |
\isamarkuptrue%
|
|
945 |
%
|
28564
|
946 |
\endisatagquote
|
|
947 |
{\isafoldquote}%
|
28447
|
948 |
%
|
28564
|
949 |
\isadelimquote
|
28447
|
950 |
%
|
28564
|
951 |
\endisadelimquote
|
28447
|
952 |
%
|
|
953 |
\begin{isamarkuptext}%
|
|
954 |
In some cases, the automatically derived defining equations
|
|
955 |
for equality on a particular type may not be appropriate.
|
|
956 |
As example, watch the following datatype representing
|
|
957 |
monomorphic parametric types (where type constructors
|
|
958 |
are referred to by natural numbers):%
|
|
959 |
\end{isamarkuptext}%
|
|
960 |
\isamarkuptrue%
|
|
961 |
%
|
28564
|
962 |
\isadelimquote
|
28447
|
963 |
%
|
28564
|
964 |
\endisadelimquote
|
28447
|
965 |
%
|
28564
|
966 |
\isatagquote
|
28447
|
967 |
\isacommand{datatype}\isamarkupfalse%
|
|
968 |
\ monotype\ {\isacharequal}\ Mono\ nat\ {\isachardoublequoteopen}monotype\ list{\isachardoublequoteclose}%
|
28564
|
969 |
\endisatagquote
|
|
970 |
{\isafoldquote}%
|
28447
|
971 |
%
|
28564
|
972 |
\isadelimquote
|
28447
|
973 |
%
|
28564
|
974 |
\endisadelimquote
|
28447
|
975 |
%
|
|
976 |
\isadelimproof
|
|
977 |
%
|
|
978 |
\endisadelimproof
|
|
979 |
%
|
|
980 |
\isatagproof
|
|
981 |
%
|
|
982 |
\endisatagproof
|
|
983 |
{\isafoldproof}%
|
|
984 |
%
|
|
985 |
\isadelimproof
|
|
986 |
%
|
|
987 |
\endisadelimproof
|
|
988 |
%
|
|
989 |
\begin{isamarkuptext}%
|
28462
|
990 |
\noindent Then code generation for SML would fail with a message
|
28447
|
991 |
that the generated code contains illegal mutual dependencies:
|
28462
|
992 |
the theorem \isa{eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}{\isacharparenright}\ {\isacharparenleft}Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}{\isacharparenright}\ {\isasymequiv}\ eq{\isacharunderscore}class{\isachardot}eq\ tyco{\isadigit{1}}\ tyco{\isadigit{2}}\ {\isasymand}\ eq{\isacharunderscore}class{\isachardot}eq\ typargs{\isadigit{1}}\ typargs{\isadigit{2}}} already requires the
|
28447
|
993 |
instance \isa{monotype\ {\isasymColon}\ eq}, which itself requires
|
28462
|
994 |
\isa{eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}{\isacharparenright}\ {\isacharparenleft}Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}{\isacharparenright}\ {\isasymequiv}\ eq{\isacharunderscore}class{\isachardot}eq\ tyco{\isadigit{1}}\ tyco{\isadigit{2}}\ {\isasymand}\ eq{\isacharunderscore}class{\isachardot}eq\ typargs{\isadigit{1}}\ typargs{\isadigit{2}}}; Haskell has no problem with mutually
|
|
995 |
recursive \isa{instance} and \isa{function} definitions,
|
28593
|
996 |
but the SML serialiser does not support this.
|
28447
|
997 |
|
|
998 |
In such cases, you have to provide your own equality equations
|
|
999 |
involving auxiliary constants. In our case,
|
|
1000 |
\isa{list{\isacharunderscore}all{\isadigit{2}}} can do the job:%
|
|
1001 |
\end{isamarkuptext}%
|
|
1002 |
\isamarkuptrue%
|
|
1003 |
%
|
28564
|
1004 |
\isadelimquote
|
28447
|
1005 |
%
|
28564
|
1006 |
\endisadelimquote
|
28447
|
1007 |
%
|
28564
|
1008 |
\isatagquote
|
28447
|
1009 |
\isacommand{lemma}\isamarkupfalse%
|
28562
|
1010 |
\ monotype{\isacharunderscore}eq{\isacharunderscore}list{\isacharunderscore}all{\isadigit{2}}\ {\isacharbrackleft}code{\isacharbrackright}{\isacharcolon}\isanewline
|
28447
|
1011 |
\ \ {\isachardoublequoteopen}eq{\isacharunderscore}class{\isachardot}eq\ {\isacharparenleft}Mono\ tyco{\isadigit{1}}\ typargs{\isadigit{1}}{\isacharparenright}\ {\isacharparenleft}Mono\ tyco{\isadigit{2}}\ typargs{\isadigit{2}}{\isacharparenright}\ {\isasymlongleftrightarrow}\isanewline
|
28462
|
1012 |
\ \ \ \ \ eq{\isacharunderscore}class{\isachardot}eq\ tyco{\isadigit{1}}\ tyco{\isadigit{2}}\ {\isasymand}\ list{\isacharunderscore}all{\isadigit{2}}\ eq{\isacharunderscore}class{\isachardot}eq\ typargs{\isadigit{1}}\ typargs{\isadigit{2}}{\isachardoublequoteclose}\isanewline
|
28447
|
1013 |
\ \ \isacommand{by}\isamarkupfalse%
|
|
1014 |
\ {\isacharparenleft}simp\ add{\isacharcolon}\ eq\ list{\isacharunderscore}all{\isadigit{2}}{\isacharunderscore}eq\ {\isacharbrackleft}symmetric{\isacharbrackright}{\isacharparenright}%
|
28564
|
1015 |
\endisatagquote
|
|
1016 |
{\isafoldquote}%
|
28447
|
1017 |
%
|
28564
|
1018 |
\isadelimquote
|
28447
|
1019 |
%
|
28564
|
1020 |
\endisadelimquote
|
28447
|
1021 |
%
|
|
1022 |
\begin{isamarkuptext}%
|
|
1023 |
\noindent does not depend on instance \isa{monotype\ {\isasymColon}\ eq}:%
|
|
1024 |
\end{isamarkuptext}%
|
|
1025 |
\isamarkuptrue%
|
|
1026 |
%
|
28564
|
1027 |
\isadelimquote
|
28447
|
1028 |
%
|
28564
|
1029 |
\endisadelimquote
|
28447
|
1030 |
%
|
28564
|
1031 |
\isatagquote
|
28447
|
1032 |
%
|
|
1033 |
\begin{isamarkuptext}%
|
|
1034 |
\isaverbatim%
|
|
1035 |
\noindent%
|
28714
|
1036 |
\hspace*{0pt}structure Example = \\
|
|
1037 |
\hspace*{0pt}struct\\
|
|
1038 |
\hspace*{0pt}\\
|
|
1039 |
\hspace*{0pt}datatype nat = Suc of nat | Zero{\char95}nat;\\
|
|
1040 |
\hspace*{0pt}\\
|
|
1041 |
\hspace*{0pt}fun null [] = true\\
|
|
1042 |
\hspace*{0pt} ~| null (x ::~xs) = false;\\
|
|
1043 |
\hspace*{0pt}\\
|
|
1044 |
\hspace*{0pt}fun eq{\char95}nat (Suc a) Zero{\char95}nat = false\\
|
|
1045 |
\hspace*{0pt} ~| eq{\char95}nat Zero{\char95}nat (Suc a) = false\\
|
|
1046 |
\hspace*{0pt} ~| eq{\char95}nat (Suc nat) (Suc nat') = eq{\char95}nat nat nat'\\
|
|
1047 |
\hspace*{0pt} ~| eq{\char95}nat Zero{\char95}nat Zero{\char95}nat = true;\\
|
|
1048 |
\hspace*{0pt}\\
|
|
1049 |
\hspace*{0pt}datatype monotype = Mono of nat * monotype list;\\
|
|
1050 |
\hspace*{0pt}\\
|
|
1051 |
\hspace*{0pt}fun list{\char95}all2 p (x ::~xs) (y ::~ys) = p x y andalso list{\char95}all2 p xs ys\\
|
|
1052 |
\hspace*{0pt} ~| list{\char95}all2 p xs [] = null xs\\
|
|
1053 |
\hspace*{0pt} ~| list{\char95}all2 p [] ys = null ys;\\
|
|
1054 |
\hspace*{0pt}\\
|
|
1055 |
\hspace*{0pt}fun eq{\char95}monotype (Mono (tyco1, typargs1)) (Mono (tyco2, typargs2)) =\\
|
|
1056 |
\hspace*{0pt} ~eq{\char95}nat tyco1 tyco2 andalso list{\char95}all2 eq{\char95}monotype typargs1 typargs2;\\
|
|
1057 |
\hspace*{0pt}\\
|
|
1058 |
\hspace*{0pt}end; (*struct Example*)%
|
28447
|
1059 |
\end{isamarkuptext}%
|
|
1060 |
\isamarkuptrue%
|
|
1061 |
%
|
28564
|
1062 |
\endisatagquote
|
|
1063 |
{\isafoldquote}%
|
28447
|
1064 |
%
|
28564
|
1065 |
\isadelimquote
|
28447
|
1066 |
%
|
28564
|
1067 |
\endisadelimquote
|
28447
|
1068 |
%
|
28462
|
1069 |
\isamarkupsubsection{Explicit partiality%
|
28447
|
1070 |
}
|
|
1071 |
\isamarkuptrue%
|
|
1072 |
%
|
|
1073 |
\begin{isamarkuptext}%
|
28462
|
1074 |
Partiality usually enters the game by partial patterns, as
|
|
1075 |
in the following example, again for amortised queues:%
|
|
1076 |
\end{isamarkuptext}%
|
|
1077 |
\isamarkuptrue%
|
|
1078 |
%
|
28564
|
1079 |
\isadelimquote
|
28462
|
1080 |
%
|
28564
|
1081 |
\endisadelimquote
|
28462
|
1082 |
%
|
28564
|
1083 |
\isatagquote
|
28462
|
1084 |
\isacommand{fun}\isamarkupfalse%
|
|
1085 |
\ strict{\isacharunderscore}dequeue\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
1086 |
\ \ {\isachardoublequoteopen}strict{\isacharunderscore}dequeue\ {\isacharparenleft}Queue\ xs\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}y{\isacharcomma}\ Queue\ xs\ ys{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
1087 |
\ \ {\isacharbar}\ {\isachardoublequoteopen}strict{\isacharunderscore}dequeue\ {\isacharparenleft}Queue\ xs\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\isanewline
|
|
1088 |
\ \ \ \ \ \ {\isacharparenleft}case\ rev\ xs\ of\ y\ {\isacharhash}\ ys\ {\isasymRightarrow}\ {\isacharparenleft}y{\isacharcomma}\ Queue\ {\isacharbrackleft}{\isacharbrackright}\ ys{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}%
|
28564
|
1089 |
\endisatagquote
|
|
1090 |
{\isafoldquote}%
|
28462
|
1091 |
%
|
28564
|
1092 |
\isadelimquote
|
28462
|
1093 |
%
|
28564
|
1094 |
\endisadelimquote
|
28462
|
1095 |
%
|
|
1096 |
\begin{isamarkuptext}%
|
|
1097 |
\noindent In the corresponding code, there is no equation
|
|
1098 |
for the pattern \isa{Queue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbrackleft}{\isacharbrackright}}:%
|
|
1099 |
\end{isamarkuptext}%
|
|
1100 |
\isamarkuptrue%
|
|
1101 |
%
|
28564
|
1102 |
\isadelimquote
|
28462
|
1103 |
%
|
28564
|
1104 |
\endisadelimquote
|
28462
|
1105 |
%
|
28564
|
1106 |
\isatagquote
|
28462
|
1107 |
%
|
|
1108 |
\begin{isamarkuptext}%
|
|
1109 |
\isaverbatim%
|
|
1110 |
\noindent%
|
28714
|
1111 |
\hspace*{0pt}strict{\char95}dequeue ::~forall a. Queue a -> (a, Queue a);\\
|
|
1112 |
\hspace*{0pt}strict{\char95}dequeue (Queue xs (y :~ys)) = (y, Queue xs ys);\\
|
|
1113 |
\hspace*{0pt}strict{\char95}dequeue (Queue xs []) =\\
|
|
1114 |
\hspace*{0pt} ~let {\char123}\\
|
|
1115 |
\hspace*{0pt} ~~~(y :~ys) = rev xs;\\
|
|
1116 |
\hspace*{0pt} ~{\char125}~in (y, Queue [] ys);%
|
28462
|
1117 |
\end{isamarkuptext}%
|
|
1118 |
\isamarkuptrue%
|
|
1119 |
%
|
28564
|
1120 |
\endisatagquote
|
|
1121 |
{\isafoldquote}%
|
28462
|
1122 |
%
|
28564
|
1123 |
\isadelimquote
|
28462
|
1124 |
%
|
28564
|
1125 |
\endisadelimquote
|
28462
|
1126 |
%
|
|
1127 |
\begin{isamarkuptext}%
|
|
1128 |
\noindent In some cases it is desirable to have this
|
|
1129 |
pseudo-\qt{partiality} more explicitly, e.g.~as follows:%
|
|
1130 |
\end{isamarkuptext}%
|
|
1131 |
\isamarkuptrue%
|
|
1132 |
%
|
28564
|
1133 |
\isadelimquote
|
28462
|
1134 |
%
|
28564
|
1135 |
\endisadelimquote
|
28462
|
1136 |
%
|
28564
|
1137 |
\isatagquote
|
28462
|
1138 |
\isacommand{axiomatization}\isamarkupfalse%
|
|
1139 |
\ empty{\isacharunderscore}queue\ {\isacharcolon}{\isacharcolon}\ {\isacharprime}a\isanewline
|
|
1140 |
\isanewline
|
|
1141 |
\isacommand{function}\isamarkupfalse%
|
|
1142 |
\ strict{\isacharunderscore}dequeue{\isacharprime}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ queue\ {\isasymRightarrow}\ {\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a\ queue{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
|
|
1143 |
\ \ {\isachardoublequoteopen}strict{\isacharunderscore}dequeue{\isacharprime}\ {\isacharparenleft}Queue\ xs\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}if\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ then\ empty{\isacharunderscore}queue\isanewline
|
|
1144 |
\ \ \ \ \ else\ strict{\isacharunderscore}dequeue{\isacharprime}\ {\isacharparenleft}Queue\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isacharparenright}{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
1145 |
\ \ {\isacharbar}\ {\isachardoublequoteopen}strict{\isacharunderscore}dequeue{\isacharprime}\ {\isacharparenleft}Queue\ xs\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
|
|
1146 |
\ \ \ \ \ \ \ {\isacharparenleft}y{\isacharcomma}\ Queue\ xs\ ys{\isacharparenright}{\isachardoublequoteclose}\isanewline
|
|
1147 |
\isacommand{by}\isamarkupfalse%
|
|
1148 |
\ pat{\isacharunderscore}completeness\ auto\isanewline
|
|
1149 |
\isanewline
|
|
1150 |
\isacommand{termination}\isamarkupfalse%
|
|
1151 |
\ strict{\isacharunderscore}dequeue{\isacharprime}\isanewline
|
|
1152 |
\isacommand{by}\isamarkupfalse%
|
|
1153 |
\ {\isacharparenleft}relation\ {\isachardoublequoteopen}measure\ {\isacharparenleft}{\isasymlambda}q{\isacharcolon}{\isacharcolon}{\isacharprime}a\ queue{\isachardot}\ case\ q\ of\ Queue\ xs\ ys\ {\isasymRightarrow}\ length\ xs{\isacharparenright}{\isachardoublequoteclose}{\isacharparenright}\ simp{\isacharunderscore}all%
|
28564
|
1154 |
\endisatagquote
|
|
1155 |
{\isafoldquote}%
|
28462
|
1156 |
%
|
28564
|
1157 |
\isadelimquote
|
28462
|
1158 |
%
|
28564
|
1159 |
\endisadelimquote
|
28462
|
1160 |
%
|
|
1161 |
\begin{isamarkuptext}%
|
|
1162 |
\noindent For technical reasons the definition of
|
|
1163 |
\isa{strict{\isacharunderscore}dequeue{\isacharprime}} is more involved since it requires
|
|
1164 |
a manual termination proof. Apart from that observe that
|
|
1165 |
on the right hand side of its first equation the constant
|
|
1166 |
\isa{empty{\isacharunderscore}queue} occurs which is unspecified.
|
|
1167 |
|
|
1168 |
Normally, if constants without any defining equations occur in
|
|
1169 |
a program, the code generator complains (since in most cases
|
|
1170 |
this is not what the user expects). But such constants can also
|
|
1171 |
be thought of as function definitions with no equations which
|
|
1172 |
always fail, since there is never a successful pattern match
|
28593
|
1173 |
on the left hand side. In order to categorise a constant into
|
28462
|
1174 |
that category explicitly, use \hyperlink{command.code-abort}{\mbox{\isa{\isacommand{code{\isacharunderscore}abort}}}}:%
|
|
1175 |
\end{isamarkuptext}%
|
|
1176 |
\isamarkuptrue%
|
|
1177 |
%
|
28564
|
1178 |
\isadelimquote
|
28462
|
1179 |
%
|
28564
|
1180 |
\endisadelimquote
|
28462
|
1181 |
%
|
28564
|
1182 |
\isatagquote
|
28462
|
1183 |
\isacommand{code{\isacharunderscore}abort}\isamarkupfalse%
|
|
1184 |
\ empty{\isacharunderscore}queue%
|
28564
|
1185 |
\endisatagquote
|
|
1186 |
{\isafoldquote}%
|
28462
|
1187 |
%
|
28564
|
1188 |
\isadelimquote
|
28462
|
1189 |
%
|
28564
|
1190 |
\endisadelimquote
|
28462
|
1191 |
%
|
|
1192 |
\begin{isamarkuptext}%
|
|
1193 |
\noindent Then the code generator will just insert an error or
|
|
1194 |
exception at the appropriate position:%
|
|
1195 |
\end{isamarkuptext}%
|
|
1196 |
\isamarkuptrue%
|
|
1197 |
%
|
28564
|
1198 |
\isadelimquote
|
28462
|
1199 |
%
|
28564
|
1200 |
\endisadelimquote
|
28462
|
1201 |
%
|
28564
|
1202 |
\isatagquote
|
28462
|
1203 |
%
|
|
1204 |
\begin{isamarkuptext}%
|
|
1205 |
\isaverbatim%
|
|
1206 |
\noindent%
|
28714
|
1207 |
\hspace*{0pt}empty{\char95}queue ::~forall a. a;\\
|
|
1208 |
\hspace*{0pt}empty{\char95}queue = error {\char34}empty{\char95}queue{\char34};\\
|
|
1209 |
\hspace*{0pt}\\
|
|
1210 |
\hspace*{0pt}strict{\char95}dequeue' ::~forall a. Queue a -> (a, Queue a);\\
|
|
1211 |
\hspace*{0pt}strict{\char95}dequeue' (Queue xs []) =\\
|
|
1212 |
\hspace*{0pt} ~(if nulla xs then empty{\char95}queue else strict{\char95}dequeue' (Queue [] (rev xs)));\\
|
|
1213 |
\hspace*{0pt}strict{\char95}dequeue' (Queue xs (y :~ys)) = (y, Queue xs ys);%
|
28462
|
1214 |
\end{isamarkuptext}%
|
|
1215 |
\isamarkuptrue%
|
|
1216 |
%
|
28564
|
1217 |
\endisatagquote
|
|
1218 |
{\isafoldquote}%
|
28462
|
1219 |
%
|
28564
|
1220 |
\isadelimquote
|
28462
|
1221 |
%
|
28564
|
1222 |
\endisadelimquote
|
28462
|
1223 |
%
|
|
1224 |
\begin{isamarkuptext}%
|
|
1225 |
\noindent This feature however is rarely needed in practice.
|
|
1226 |
Note also that the \isa{HOL} default setup already declares
|
|
1227 |
\isa{undefined} as \hyperlink{command.code-abort}{\mbox{\isa{\isacommand{code{\isacharunderscore}abort}}}}, which is most
|
|
1228 |
likely to be used in such situations.%
|
28447
|
1229 |
\end{isamarkuptext}%
|
|
1230 |
\isamarkuptrue%
|
|
1231 |
%
|
|
1232 |
\isadelimtheory
|
|
1233 |
%
|
|
1234 |
\endisadelimtheory
|
|
1235 |
%
|
|
1236 |
\isatagtheory
|
|
1237 |
\isacommand{end}\isamarkupfalse%
|
|
1238 |
%
|
|
1239 |
\endisatagtheory
|
|
1240 |
{\isafoldtheory}%
|
|
1241 |
%
|
|
1242 |
\isadelimtheory
|
|
1243 |
%
|
|
1244 |
\endisadelimtheory
|
|
1245 |
\isanewline
|
28462
|
1246 |
\ \end{isabellebody}%
|
28447
|
1247 |
%%% Local Variables:
|
|
1248 |
%%% mode: latex
|
|
1249 |
%%% TeX-master: "root"
|
|
1250 |
%%% End:
|