70 $list$ is a type constructor and $\alpha$ is a type variable; for example, |
70 $list$ is a type constructor and $\alpha$ is a type variable; for example, |
71 $(bool)list$ is the type of lists of booleans. Function types have the |
71 $(bool)list$ is the type of lists of booleans. Function types have the |
72 form $(\sigma,\tau)fun$ or $\sigma\To\tau$, where $\sigma$ and $\tau$ are |
72 form $(\sigma,\tau)fun$ or $\sigma\To\tau$, where $\sigma$ and $\tau$ are |
73 types. Curried function types may be abbreviated: |
73 types. Curried function types may be abbreviated: |
74 \[ \sigma@1\To (\cdots \sigma@n\To \tau\cdots) \quad \hbox{as} \quad |
74 \[ \sigma@1\To (\cdots \sigma@n\To \tau\cdots) \quad \hbox{as} \quad |
75 [\sigma@1, \ldots, \sigma@n] \To \tau \] |
75 [\sigma@1, \ldots, \sigma@n] \To \tau \] |
76 |
76 |
77 \index{terms!syntax of} |
77 \index{terms!syntax of} The syntax for terms is summarised below. |
78 The syntax for terms is summarised below. Note that function application is |
78 Note that there are two versions of function application syntax |
79 written $t(u)$ rather than the usual $t\,u$. |
79 available in Isabelle: either $t\,u$, which is the usual form for |
|
80 higher-order languages, or $t(u)$, trying to look more like |
|
81 first-order. The latter syntax is used throughout the manual. |
80 \[ |
82 \[ |
81 \index{lambda abs@$\lambda$-abstractions}\index{function applications} |
83 \index{lambda abs@$\lambda$-abstractions}\index{function applications} |
82 \begin{array}{ll} |
84 \begin{array}{ll} |
83 t :: \tau & \hbox{type constraint, on a term or bound variable} \\ |
85 t :: \tau & \hbox{type constraint, on a term or bound variable} \\ |
84 \lambda x.t & \hbox{abstraction} \\ |
86 \lambda x.t & \hbox{abstraction} \\ |
320 Fig.\ts\ref{fol-fig}. Each object-level rule is expressed as a meta-level |
322 Fig.\ts\ref{fol-fig}. Each object-level rule is expressed as a meta-level |
321 axiom. |
323 axiom. |
322 |
324 |
323 One of the simplest rules is $(\conj E1)$. Making |
325 One of the simplest rules is $(\conj E1)$. Making |
324 everything explicit, its formalization in the meta-logic is |
326 everything explicit, its formalization in the meta-logic is |
325 $$ \Forall P\;Q. Trueprop(P\conj Q) \Imp Trueprop(P). \eqno(\conj E1) $$ |
327 $$ |
|
328 \Forall P\;Q. Trueprop(P\conj Q) \Imp Trueprop(P). \eqno(\conj E1) |
|
329 $$ |
326 This may look formidable, but it has an obvious reading: for all object-level |
330 This may look formidable, but it has an obvious reading: for all object-level |
327 truth values $P$ and~$Q$, if $P\conj Q$ is true then so is~$P$. The |
331 truth values $P$ and~$Q$, if $P\conj Q$ is true then so is~$P$. The |
328 reading is correct because the meta-logic has simple models, where |
332 reading is correct because the meta-logic has simple models, where |
329 types denote sets and $\Forall$ really means `for all.' |
333 types denote sets and $\Forall$ really means `for all.' |
330 |
334 |
398 \[ \left(\Forall x. Trueprop(P(x))\right) \Imp Trueprop(\forall x.P(x)). \] |
402 \[ \left(\Forall x. Trueprop(P(x))\right) \Imp Trueprop(\forall x.P(x)). \] |
399 This means, `if $P(x)$ is true for all~$x$, then $\forall x.P(x)$ is true.' |
403 This means, `if $P(x)$ is true for all~$x$, then $\forall x.P(x)$ is true.' |
400 The $\forall E$ rule exploits $\beta$-conversion. Hiding $Trueprop$, the |
404 The $\forall E$ rule exploits $\beta$-conversion. Hiding $Trueprop$, the |
401 $\forall$ axioms are |
405 $\forall$ axioms are |
402 $$ \left(\Forall x. P(x)\right) \Imp \forall x.P(x) \eqno(\forall I) $$ |
406 $$ \left(\Forall x. P(x)\right) \Imp \forall x.P(x) \eqno(\forall I) $$ |
403 $$ (\forall x.P(x)) \Imp P(t). \eqno(\forall E)$$ |
407 $$ (\forall x.P(x)) \Imp P(t). \eqno(\forall E) $$ |
404 |
408 |
405 \noindent |
409 \noindent |
406 We have defined the object-level universal quantifier~($\forall$) |
410 We have defined the object-level universal quantifier~($\forall$) |
407 using~$\Forall$. But we do not require meta-level counterparts of all the |
411 using~$\Forall$. But we do not require meta-level counterparts of all the |
408 connectives of the object-logic! Consider the existential quantifier: |
412 connectives of the object-logic! Consider the existential quantifier: |
409 $$ P(t) \Imp \exists x.P(x) \eqno(\exists I)$$ |
413 $$ P(t) \Imp \exists x.P(x) \eqno(\exists I) $$ |
410 $$ \List{\exists x.P(x);\; \Forall x. P(x)\Imp Q} \Imp Q \eqno(\exists E) $$ |
414 $$ \List{\exists x.P(x);\; \Forall x. P(x)\Imp Q} \Imp Q \eqno(\exists E) $$ |
411 Let us verify $(\exists E)$ semantically. Suppose that the premises |
415 Let us verify $(\exists E)$ semantically. Suppose that the premises |
412 hold; since $\exists x.P(x)$ is true, we may choose an~$a$ such that $P(a)$ is |
416 hold; since $\exists x.P(x)$ is true, we may choose an~$a$ such that $P(a)$ is |
413 true. Instantiating $\Forall x. P(x)\Imp Q$ with $a$ yields $P(a)\Imp Q$, and |
417 true. Instantiating $\Forall x. P(x)\Imp Q$ with $a$ yields $P(a)\Imp Q$, and |
414 we obtain the desired conclusion, $Q$. |
418 we obtain the desired conclusion, $Q$. |
418 would be hard to formalize in Isabelle. It calls for replacing~$t$ by $u$ |
422 would be hard to formalize in Isabelle. It calls for replacing~$t$ by $u$ |
419 throughout~$P$, which cannot be expressed using $\beta$-conversion. Our |
423 throughout~$P$, which cannot be expressed using $\beta$-conversion. Our |
420 rule~$(subst)$ uses~$P$ as a template for substitution, inferring $P[u/x]$ |
424 rule~$(subst)$ uses~$P$ as a template for substitution, inferring $P[u/x]$ |
421 from~$P[t/x]$. When we formalize this as an axiom, the template becomes a |
425 from~$P[t/x]$. When we formalize this as an axiom, the template becomes a |
422 function variable: |
426 function variable: |
423 $$ \List{t=u; P(t)} \Imp P(u). \eqno(subst)$$ |
427 $$ \List{t=u; P(t)} \Imp P(u). \eqno(subst) $$ |
424 |
428 |
425 |
429 |
426 \subsection{Signatures and theories} |
430 \subsection{Signatures and theories} |
427 \index{signatures|bold} |
431 \index{signatures|bold} |
428 |
432 |
429 A {\bf signature} contains the information necessary for type checking, |
433 A {\bf signature} contains the information necessary for type checking, |
430 parsing and pretty printing a term. It specifies classes and their |
434 parsing and pretty printing a term. It specifies type classes and their |
431 relationships, types and their arities, constants and their types, etc. It |
435 relationships, types and their arities, constants and their types, etc. It |
432 also contains syntax rules, specified using mixfix declarations. |
436 also contains grammar rules, specified using mixfix declarations. |
433 |
437 |
434 Two signatures can be merged provided their specifications are compatible --- |
438 Two signatures can be merged provided their specifications are compatible --- |
435 they must not, for example, assign different types to the same constant. |
439 they must not, for example, assign different types to the same constant. |
436 Under similar conditions, a signature can be extended. Signatures are |
440 Under similar conditions, a signature can be extended. Signatures are |
437 managed internally by Isabelle; users seldom encounter them. |
441 managed internally by Isabelle; users seldom encounter them. |
438 |
442 |
439 \index{theories|bold} |
443 \index{theories|bold} A {\bf theory} consists of a signature plus a |
440 A {\bf theory} consists of a signature plus a collection of axioms. The |
444 collection of axioms. The {\Pure} theory contains only the |
441 {\bf pure} theory contains only the meta-logic. Theories can be combined |
445 meta-logic. Theories can be combined provided their signatures are |
442 provided their signatures are compatible. A theory definition extends an |
446 compatible. A theory definition extends an existing theory with |
443 existing theory with further signature specifications --- classes, types, |
447 further signature specifications --- classes, types, constants and |
444 constants and mixfix declarations --- plus a list of axioms, expressed as |
448 mixfix declarations --- plus lists of axioms and definitions etc., |
445 strings to be parsed. A theory can formalize a small piece of mathematics, |
449 expressed as strings to be parsed. A theory can formalize a small |
446 such as lists and their operations, or an entire logic. A mathematical |
450 piece of mathematics, such as lists and their operations, or an entire |
447 development typically involves many theories in a hierarchy. For example, |
451 logic. A mathematical development typically involves many theories in |
448 the pure theory could be extended to form a theory for |
452 a hierarchy. For example, the {\Pure} theory could be extended to |
449 Fig.\ts\ref{fol-fig}; this could be extended in two separate ways to form a |
453 form a theory for Fig.\ts\ref{fol-fig}; this could be extended in two |
450 theory for natural numbers and a theory for lists; the union of these two |
454 separate ways to form a theory for natural numbers and a theory for |
451 could be extended into a theory defining the length of a list: |
455 lists; the union of these two could be extended into a theory defining |
|
456 the length of a list: |
452 \begin{tt} |
457 \begin{tt} |
453 \[ |
458 \[ |
454 \begin{array}{c@{}c@{}c@{}c@{}c} |
459 \begin{array}{c@{}c@{}c@{}c@{}c} |
455 {} & {} & \hbox{Length} & {} & {} \\ |
460 {} & {} &\hbox{Pure}& {} & {} \\ |
456 {} & {} & \uparrow & {} & {} \\ |
461 {} & {} & \downarrow & {} & {} \\ |
|
462 {} & {} &\hbox{FOL} & {} & {} \\ |
|
463 {} & \swarrow & {} & \searrow & {} \\ |
|
464 \hbox{Nat} & {} & {} & {} & \hbox{List} \\ |
|
465 {} & \searrow & {} & \swarrow & {} \\ |
457 {} & {} &\hbox{Nat}+\hbox{List}& {} & {} \\ |
466 {} & {} &\hbox{Nat}+\hbox{List}& {} & {} \\ |
458 {} & \nearrow & {} & \nwarrow & {} \\ |
467 {} & {} & \downarrow & {} & {} \\ |
459 \hbox{Nat} & {} & {} & {} & \hbox{List} \\ |
468 {} & {} & \hbox{Length} & {} & {} |
460 {} & \nwarrow & {} & \nearrow & {} \\ |
|
461 {} & {} &\hbox{FOL} & {} & {} \\ |
|
462 {} & {} & \uparrow & {} & {} \\ |
|
463 {} & {} &\hbox{Pure}& {} & {} |
|
464 \end{array} |
469 \end{array} |
465 \] |
470 \] |
466 \end{tt}% |
471 \end{tt}% |
467 Each Isabelle proof typically works within a single theory, which is |
472 Each Isabelle proof typically works within a single theory, which is |
468 associated with the proof state. However, many different theories may |
473 associated with the proof state. However, many different theories may |
564 result of suitable type, it guesses |
569 result of suitable type, it guesses |
565 \[ \Var{f} \equiv \lambda x. x(\Var{h@1}(x),\ldots,\Var{h@m}(x)), \] |
570 \[ \Var{f} \equiv \lambda x. x(\Var{h@1}(x),\ldots,\Var{h@m}(x)), \] |
566 where $\Var{h@1}$, \ldots, $\Var{h@m}$ are new unknowns. Assuming there are no |
571 where $\Var{h@1}$, \ldots, $\Var{h@m}$ are new unknowns. Assuming there are no |
567 other occurrences of~$\Var{f}$, equation~(\ref{hou-eqn}) simplifies to the |
572 other occurrences of~$\Var{f}$, equation~(\ref{hou-eqn}) simplifies to the |
568 equation |
573 equation |
569 \[ t(\Var{h@1}(t),\ldots,\Var{h@m}(t)) \qeq g(u@1,\ldots,u@k). $$ |
574 \[ t(\Var{h@1}(t),\ldots,\Var{h@m}(t)) \qeq g(u@1,\ldots,u@k). \] |
570 |
575 |
571 \begin{warn}\index{unification!incompleteness of}% |
576 \begin{warn}\index{unification!incompleteness of}% |
572 Huet's unification procedure is complete. Isabelle's polymorphic version, |
577 Huet's unification procedure is complete. Isabelle's polymorphic version, |
573 which solves for type unknowns as well as for term unknowns, is incomplete. |
578 which solves for type unknowns as well as for term unknowns, is incomplete. |
574 The problem is that projection requires type information. In |
579 The problem is that projection requires type information. In |
632 the properties of $\Imp$ and~$\Forall$. It takes the number~$i$ (for |
637 the properties of $\Imp$ and~$\Forall$. It takes the number~$i$ (for |
633 $1\leq i\leq n$) as a parameter and may yield infinitely many conclusions, |
638 $1\leq i\leq n$) as a parameter and may yield infinitely many conclusions, |
634 one for each unifier of $\psi$ with $\phi@i$. Isabelle returns these |
639 one for each unifier of $\psi$ with $\phi@i$. Isabelle returns these |
635 conclusions as a sequence (lazy list). |
640 conclusions as a sequence (lazy list). |
636 |
641 |
637 Resolution expects the rules to have no outer quantifiers~($\Forall$). It |
642 Resolution expects the rules to have no outer quantifiers~($\Forall$). |
638 may rename or instantiate any schematic variables, but leaves free |
643 It may rename or instantiate any schematic variables, but leaves free |
639 variables unchanged. When constructing a theory, Isabelle puts the rules |
644 variables unchanged. When constructing a theory, Isabelle puts the |
640 into a standard form containing no free variables; for instance, $({\imp}E)$ |
645 rules into a standard form containing only schematic variables; |
641 becomes |
646 for instance, $({\imp}E)$ becomes |
642 \[ \List{\Var{P}\imp \Var{Q}; \Var{P}} \Imp \Var{Q}. |
647 \[ \List{\Var{P}\imp \Var{Q}; \Var{P}} \Imp \Var{Q}. |
643 \] |
648 \] |
644 When resolving two rules, the unknowns in the first rule are renamed, by |
649 When resolving two rules, the unknowns in the first rule are renamed, by |
645 subscripting, to make them distinct from the unknowns in the second rule. To |
650 subscripting, to make them distinct from the unknowns in the second rule. To |
646 resolve $({\imp}E)$ with itself, the first copy of the rule becomes |
651 resolve $({\imp}E)$ with itself, the first copy of the rule becomes |
1072 \[ \List{P \Imp P;\; P \Imp P} \Imp (P\disj P\imp P). |
1077 \[ \List{P \Imp P;\; P \Imp P} \Imp (P\disj P\imp P). |
1073 \] |
1078 \] |
1074 Elim-resolution's simultaneous unification gives better control |
1079 Elim-resolution's simultaneous unification gives better control |
1075 than ordinary resolution. Recall the substitution rule: |
1080 than ordinary resolution. Recall the substitution rule: |
1076 $$ \List{\Var{t}=\Var{u}; \Var{P}(\Var{t})} \Imp \Var{P}(\Var{u}) |
1081 $$ \List{\Var{t}=\Var{u}; \Var{P}(\Var{t})} \Imp \Var{P}(\Var{u}) |
1077 \eqno(subst) $$ |
1082 \eqno(subst) $$ |
1078 Unsuitable for ordinary resolution because $\Var{P}(\Var{u})$ admits many |
1083 Unsuitable for ordinary resolution because $\Var{P}(\Var{u})$ admits many |
1079 unifiers, $(subst)$ works well with elim-resolution. It deletes some |
1084 unifiers, $(subst)$ works well with elim-resolution. It deletes some |
1080 assumption of the form $x=y$ and replaces every~$y$ by~$x$ in the subgoal |
1085 assumption of the form $x=y$ and replaces every~$y$ by~$x$ in the subgoal |
1081 formula. The simultaneous unification instantiates $\Var{u}$ to~$y$; if |
1086 formula. The simultaneous unification instantiates $\Var{u}$ to~$y$; if |
1082 $y$ is not an unknown, then $\Var{P}(y)$ can easily be unified with another |
1087 $y$ is not an unknown, then $\Var{P}(y)$ can easily be unified with another |
1144 The meta-rule for $\Imp$ introduction discharges an assumption. |
1149 The meta-rule for $\Imp$ introduction discharges an assumption. |
1145 Discharging them in the order $\theta@k,\ldots,\theta@1$ yields the |
1150 Discharging them in the order $\theta@k,\ldots,\theta@1$ yields the |
1146 meta-theorem $\List{\theta@1; \ldots; \theta@k} \Imp \phi$, with no |
1151 meta-theorem $\List{\theta@1; \ldots; \theta@k} \Imp \phi$, with no |
1147 assumptions. This represents the desired rule. |
1152 assumptions. This represents the desired rule. |
1148 Let us derive the general $\conj$ elimination rule: |
1153 Let us derive the general $\conj$ elimination rule: |
1149 $$ \infer{R}{P\conj Q & \infer*{R}{[P,Q]}} \eqno(\conj E)$$ |
1154 $$ \infer{R}{P\conj Q & \infer*{R}{[P,Q]}} \eqno(\conj E) $$ |
1150 We assume $P\conj Q$ and $\List{P;Q}\Imp R$, and commence backward proof in |
1155 We assume $P\conj Q$ and $\List{P;Q}\Imp R$, and commence backward proof in |
1151 the state $R\Imp R$. Resolving this with the second assumption yields the |
1156 the state $R\Imp R$. Resolving this with the second assumption yields the |
1152 state |
1157 state |
1153 \[ \phantom{\List{P\conj Q;\; P\conj Q}} |
1158 \[ \phantom{\List{P\conj Q;\; P\conj Q}} |
1154 \llap{$\List{P;Q}$}\Imp R \quad [\,\List{P;Q}\Imp R\,]. \] |
1159 \llap{$\List{P;Q}$}\Imp R \quad [\,\List{P;Q}\Imp R\,]. \] |