src/CCL/CCL.thy

added a fresh_left lemma that contains all instantiation
for the various atom-types.

(*  Title:      CCL/CCL.thy
    ID:         $Id$
    Author:     Martin Coen
    Copyright   1993  University of Cambridge
*)

header {* Classical Computational Logic for Untyped Lambda Calculus
  with reduction to weak head-normal form *}

theory CCL
imports Gfp
begin

text {*
  Based on FOL extended with set collection, a primitive higher-order
  logic.  HOL is too strong - descriptions prevent a type of programs
  being defined which contains only executable terms.
*}

classes prog < "term"
defaultsort prog

arities fun :: (prog, prog) prog

typedecl i
arities i :: prog


consts
  (*** Evaluation Judgement ***)
  "--->"      ::       "[i,i]=>prop"          (infixl 20)

  (*** Bisimulations for pre-order and equality ***)
  "[="        ::       "['a,'a]=>o"           (infixl 50)
  SIM         ::       "[i,i,i set]=>o"
  POgen       ::       "i set => i set"
  EQgen       ::       "i set => i set"
  PO          ::       "i set"
  EQ          ::       "i set"

  (*** Term Formers ***)
  true        ::       "i"
  false       ::       "i"
  pair        ::       "[i,i]=>i"             ("(1<_,/_>)")
  lambda      ::       "(i=>i)=>i"            (binder "lam " 55)
  "case"      ::       "[i,i,i,[i,i]=>i,(i=>i)=>i]=>i"
  "`"         ::       "[i,i]=>i"             (infixl 56)
  bot         ::       "i"
  "fix"       ::       "(i=>i)=>i"

  (*** Defined Predicates ***)
  Trm         ::       "i => o"
  Dvg         ::       "i => o"

axioms

  (******* EVALUATION SEMANTICS *******)

  (**  This is the evaluation semantics from which the axioms below were derived.  **)
  (**  It is included here just as an evaluator for FUN and has no influence on    **)
  (**  inference in the theory CCL.                                                **)

  trueV:       "true ---> true"
  falseV:      "false ---> false"
  pairV:       "<a,b> ---> <a,b>"
  lamV:        "lam x. b(x) ---> lam x. b(x)"
  caseVtrue:   "[| t ---> true;  d ---> c |] ==> case(t,d,e,f,g) ---> c"
  caseVfalse:  "[| t ---> false;  e ---> c |] ==> case(t,d,e,f,g) ---> c"
  caseVpair:   "[| t ---> <a,b>;  f(a,b) ---> c |] ==> case(t,d,e,f,g) ---> c"
  caseVlam:    "[| t ---> lam x. b(x);  g(b) ---> c |] ==> case(t,d,e,f,g) ---> c"

  (*** Properties of evaluation: note that "t ---> c" impies that c is canonical ***)

  canonical:  "[| t ---> c; c==true ==> u--->v;
                          c==false ==> u--->v;
                    !!a b. c==<a,b> ==> u--->v;
                      !!f. c==lam x. f(x) ==> u--->v |] ==>
             u--->v"

  (* Should be derivable - but probably a bitch! *)
  substitute: "[| a==a'; t(a)--->c(a) |] ==> t(a')--->c(a')"

  (************** LOGIC ***************)

  (*** Definitions used in the following rules ***)

  apply_def:     "f ` t == case(f,bot,bot,%x y. bot,%u. u(t))"
  bot_def:         "bot == (lam x. x`x)`(lam x. x`x)"
  fix_def:      "fix(f) == (lam x. f(x`x))`(lam x. f(x`x))"

  (*  The pre-order ([=) is defined as a simulation, and behavioural equivalence (=) *)
  (*  as a bisimulation.  They can both be expressed as (bi)simulations up to        *)
  (*  behavioural equivalence (ie the relations PO and EQ defined below).            *)

  SIM_def:
  "SIM(t,t',R) ==  (t=true & t'=true) | (t=false & t'=false) |
                  (EX a a' b b'. t=<a,b> & t'=<a',b'> & <a,a'> : R & <b,b'> : R) |
                  (EX f f'. t=lam x. f(x) & t'=lam x. f'(x) & (ALL x.<f(x),f'(x)> : R))"

  POgen_def:  "POgen(R) == {p. EX t t'. p=<t,t'> & (t = bot | SIM(t,t',R))}"
  EQgen_def:  "EQgen(R) == {p. EX t t'. p=<t,t'> & (t = bot & t' = bot | SIM(t,t',R))}"

  PO_def:    "PO == gfp(POgen)"
  EQ_def:    "EQ == gfp(EQgen)"

  (*** Rules ***)

  (** Partial Order **)

  po_refl:        "a [= a"
  po_trans:       "[| a [= b;  b [= c |] ==> a [= c"
  po_cong:        "a [= b ==> f(a) [= f(b)"

  (* Extend definition of [= to program fragments of higher type *)
  po_abstractn:   "(!!x. f(x) [= g(x)) ==> (%x. f(x)) [= (%x. g(x))"

  (** Equality - equivalence axioms inherited from FOL.thy   **)
  (**          - congruence of "=" is axiomatised implicitly **)

  eq_iff:         "t = t' <-> t [= t' & t' [= t"

  (** Properties of canonical values given by greatest fixed point definitions **)

  PO_iff:         "t [= t' <-> <t,t'> : PO"
  EQ_iff:         "t =  t' <-> <t,t'> : EQ"

  (** Behaviour of non-canonical terms (ie case) given by the following beta-rules **)

  caseBtrue:            "case(true,d,e,f,g) = d"
  caseBfalse:          "case(false,d,e,f,g) = e"
  caseBpair:           "case(<a,b>,d,e,f,g) = f(a,b)"
  caseBlam:       "case(lam x. b(x),d,e,f,g) = g(b)"
  caseBbot:              "case(bot,d,e,f,g) = bot"            (* strictness *)

  (** The theory is non-trivial **)
  distinctness:   "~ lam x. b(x) = bot"

  (*** Definitions of Termination and Divergence ***)

  Dvg_def:  "Dvg(t) == t = bot"
  Trm_def:  "Trm(t) == ~ Dvg(t)"

text {*
Would be interesting to build a similar theory for a typed programming language:
    ie.     true :: bool,      fix :: ('a=>'a)=>'a  etc......

This is starting to look like LCF.
What are the advantages of this approach?
        - less axiomatic
        - wfd induction / coinduction and fixed point induction available
*}

ML {* use_legacy_bindings (the_context ()) *}

end