1 (* Title: HOL/ex/PropLog.thy |
1 (* Title: HOL/Induct/PropLog.thy |
2 ID: $Id$ |
2 ID: $Id$ |
3 Author: Tobias Nipkow |
3 Author: Tobias Nipkow |
4 Copyright 1994 TU Muenchen |
4 Copyright 1994 TU Muenchen & University of Cambridge |
5 |
|
6 Inductive definition of propositional logic. |
|
7 *) |
5 *) |
8 |
6 |
9 PropLog = Main + |
7 header {* Meta-theory of propositional logic *} |
|
8 |
|
9 theory PropLog = Main: |
|
10 |
|
11 text {* |
|
12 Datatype definition of propositional logic formulae and inductive |
|
13 definition of the propositional tautologies. |
|
14 |
|
15 Inductive definition of propositional logic. Soundness and |
|
16 completeness w.r.t.\ truth-tables. |
|
17 |
|
18 Prove: If @{text "H |= p"} then @{text "G |= p"} where @{text "G \<in> |
|
19 Fin(H)"} |
|
20 *} |
|
21 |
|
22 subsection {* The datatype of propositions *} |
10 |
23 |
11 datatype |
24 datatype |
12 'a pl = false | var 'a ("#_" [1000]) | "->" ('a pl) ('a pl) (infixr 90) |
25 'a pl = false | var 'a ("#_" [1000]) | "->" "'a pl" "'a pl" (infixr 90) |
|
26 |
|
27 subsection {* The proof system *} |
|
28 |
13 consts |
29 consts |
14 thms :: 'a pl set => 'a pl set |
30 thms :: "'a pl set => 'a pl set" |
15 "|-" :: ['a pl set, 'a pl] => bool (infixl 50) |
31 "|-" :: "['a pl set, 'a pl] => bool" (infixl 50) |
16 "|=" :: ['a pl set, 'a pl] => bool (infixl 50) |
|
17 eval :: ['a set, 'a pl] => bool ("_[[_]]" [100,0] 100) |
|
18 hyps :: ['a pl, 'a set] => 'a pl set |
|
19 |
32 |
20 translations |
33 translations |
21 "H |- p" == "p : thms(H)" |
34 "H |- p" == "p \<in> thms(H)" |
22 |
35 |
23 inductive "thms(H)" |
36 inductive "thms(H)" |
24 intrs |
37 intros |
25 H "p:H ==> H |- p" |
38 H [intro]: "p\<in>H ==> H |- p" |
26 K "H |- p->q->p" |
39 K: "H |- p->q->p" |
27 S "H |- (p->q->r) -> (p->q) -> p->r" |
40 S: "H |- (p->q->r) -> (p->q) -> p->r" |
28 DN "H |- ((p->false) -> false) -> p" |
41 DN: "H |- ((p->false) -> false) -> p" |
29 MP "[| H |- p->q; H |- p |] ==> H |- q" |
42 MP: "[| H |- p->q; H |- p |] ==> H |- q" |
30 |
43 |
31 defs |
44 subsection {* The semantics *} |
32 sat_def "H |= p == (!tt. (!q:H. tt[[q]]) --> tt[[p]])" |
45 |
33 |
46 subsubsection {* Semantics of propositional logic. *} |
34 primrec |
47 |
35 "tt[[false]] = False" |
48 consts |
36 "tt[[#v]] = (v:tt)" |
49 eval :: "['a set, 'a pl] => bool" ("_[[_]]" [100,0] 100) |
37 eval_imp "tt[[p->q]] = (tt[[p]] --> tt[[q]])" |
50 |
|
51 primrec "tt[[false]] = False" |
|
52 "tt[[#v]] = (v \<in> tt)" |
|
53 eval_imp: "tt[[p->q]] = (tt[[p]] --> tt[[q]])" |
|
54 |
|
55 text {* |
|
56 A finite set of hypotheses from @{text t} and the @{text Var}s in |
|
57 @{text p}. |
|
58 *} |
|
59 |
|
60 consts |
|
61 hyps :: "['a pl, 'a set] => 'a pl set" |
38 |
62 |
39 primrec |
63 primrec |
40 "hyps false tt = {}" |
64 "hyps false tt = {}" |
41 "hyps (#v) tt = {if v:tt then #v else #v->false}" |
65 "hyps (#v) tt = {if v \<in> tt then #v else #v->false}" |
42 "hyps (p->q) tt = hyps p tt Un hyps q tt" |
66 "hyps (p->q) tt = hyps p tt Un hyps q tt" |
43 |
67 |
|
68 subsubsection {* Logical consequence *} |
|
69 |
|
70 text {* |
|
71 For every valuation, if all elements of @{text H} are true then so |
|
72 is @{text p}. |
|
73 *} |
|
74 |
|
75 constdefs |
|
76 sat :: "['a pl set, 'a pl] => bool" (infixl "|=" 50) |
|
77 "H |= p == (\<forall>tt. (\<forall>q\<in>H. tt[[q]]) --> tt[[p]])" |
|
78 |
|
79 |
|
80 subsection {* Proof theory of propositional logic *} |
|
81 |
|
82 lemma thms_mono: "G<=H ==> thms(G) <= thms(H)" |
|
83 apply (unfold thms.defs ) |
|
84 apply (rule lfp_mono) |
|
85 apply (assumption | rule basic_monos)+ |
|
86 done |
|
87 |
|
88 lemma thms_I: "H |- p->p" |
|
89 -- {*Called @{text I} for Identity Combinator, not for Introduction. *} |
|
90 by (best intro: thms.K thms.S thms.MP) |
|
91 |
|
92 |
|
93 subsubsection {* Weakening, left and right *} |
|
94 |
|
95 lemma weaken_left: "[| G \<subseteq> H; G|-p |] ==> H|-p" |
|
96 -- {* Order of premises is convenient with @{text THEN} *} |
|
97 by (erule thms_mono [THEN subsetD]) |
|
98 |
|
99 lemmas weaken_left_insert = subset_insertI [THEN weaken_left] |
|
100 |
|
101 lemmas weaken_left_Un1 = Un_upper1 [THEN weaken_left] |
|
102 lemmas weaken_left_Un2 = Un_upper2 [THEN weaken_left] |
|
103 |
|
104 lemma weaken_right: "H |- q ==> H |- p->q" |
|
105 by (fast intro: thms.K thms.MP) |
|
106 |
|
107 |
|
108 subsubsection {* The deduction theorem *} |
|
109 |
|
110 theorem deduction: "insert p H |- q ==> H |- p->q" |
|
111 apply (erule thms.induct) |
|
112 apply (fast intro: thms_I thms.H thms.K thms.S thms.DN |
|
113 thms.S [THEN thms.MP, THEN thms.MP] weaken_right)+ |
|
114 done |
|
115 |
|
116 |
|
117 subsubsection {* The cut rule *} |
|
118 |
|
119 lemmas cut = deduction [THEN thms.MP] |
|
120 |
|
121 lemmas thms_falseE = weaken_right [THEN thms.DN [THEN thms.MP]] |
|
122 |
|
123 lemmas thms_notE = thms.MP [THEN thms_falseE, standard] |
|
124 |
|
125 |
|
126 subsubsection {* Soundness of the rules wrt truth-table semantics *} |
|
127 |
|
128 theorem soundness: "H |- p ==> H |= p" |
|
129 apply (unfold sat_def) |
|
130 apply (erule thms.induct, auto) |
|
131 done |
|
132 |
|
133 subsection {* Completeness *} |
|
134 |
|
135 subsubsection {* Towards the completeness proof *} |
|
136 |
|
137 lemma false_imp: "H |- p->false ==> H |- p->q" |
|
138 apply (rule deduction) |
|
139 apply (erule weaken_left_insert [THEN thms_notE]) |
|
140 apply blast |
|
141 done |
|
142 |
|
143 lemma imp_false: |
|
144 "[| H |- p; H |- q->false |] ==> H |- (p->q)->false" |
|
145 apply (rule deduction) |
|
146 apply (blast intro: weaken_left_insert thms.MP thms.H) |
|
147 done |
|
148 |
|
149 lemma hyps_thms_if: "hyps p tt |- (if tt[[p]] then p else p->false)" |
|
150 -- {* Typical example of strengthening the induction statement. *} |
|
151 apply simp |
|
152 apply (induct_tac "p") |
|
153 apply (simp_all add: thms_I thms.H) |
|
154 apply (blast intro: weaken_left_Un1 weaken_left_Un2 weaken_right |
|
155 imp_false false_imp) |
|
156 done |
|
157 |
|
158 lemma sat_thms_p: "{} |= p ==> hyps p tt |- p" |
|
159 -- {* Key lemma for completeness; yields a set of assumptions |
|
160 satisfying @{text p} *} |
|
161 apply (unfold sat_def) |
|
162 apply (drule spec, erule mp [THEN if_P, THEN subst], |
|
163 rule_tac [2] hyps_thms_if, simp) |
|
164 done |
|
165 |
|
166 text {* |
|
167 For proving certain theorems in our new propositional logic. |
|
168 *} |
|
169 |
|
170 declare deduction [intro!] |
|
171 declare thms.H [THEN thms.MP, intro] |
|
172 |
|
173 text {* |
|
174 The excluded middle in the form of an elimination rule. |
|
175 *} |
|
176 |
|
177 lemma thms_excluded_middle: "H |- (p->q) -> ((p->false)->q) -> q" |
|
178 apply (rule deduction [THEN deduction]) |
|
179 apply (rule thms.DN [THEN thms.MP], best) |
|
180 done |
|
181 |
|
182 lemma thms_excluded_middle_rule: |
|
183 "[| insert p H |- q; insert (p->false) H |- q |] ==> H |- q" |
|
184 -- {* Hard to prove directly because it requires cuts *} |
|
185 by (rule thms_excluded_middle [THEN thms.MP, THEN thms.MP], auto) |
|
186 |
|
187 |
|
188 subsection{* Completeness -- lemmas for reducing the set of assumptions*} |
|
189 |
|
190 text {* |
|
191 For the case @{prop "hyps p t - insert #v Y |- p"} we also have @{prop |
|
192 "hyps p t - {#v} \<subseteq> hyps p (t-{v})"}. |
|
193 *} |
|
194 |
|
195 lemma hyps_Diff: "hyps p (t-{v}) <= insert (#v->false) ((hyps p t)-{#v})" |
|
196 by (induct_tac "p", auto) |
|
197 |
|
198 text {* |
|
199 For the case @{prop "hyps p t - insert (#v -> Fls) Y |- p"} we also have |
|
200 @{prop "hyps p t-{#v->Fls} \<subseteq> hyps p (insert v t)"}. |
|
201 *} |
|
202 |
|
203 lemma hyps_insert: "hyps p (insert v t) <= insert (#v) (hyps p t-{#v->false})" |
|
204 by (induct_tac "p", auto) |
|
205 |
|
206 text {* Two lemmas for use with @{text weaken_left} *} |
|
207 |
|
208 lemma insert_Diff_same: "B-C <= insert a (B-insert a C)" |
|
209 by fast |
|
210 |
|
211 lemma insert_Diff_subset2: "insert a (B-{c}) - D <= insert a (B-insert c D)" |
|
212 by fast |
|
213 |
|
214 text {* |
|
215 The set @{term "hyps p t"} is finite, and elements have the form |
|
216 @{term "#v"} or @{term "#v->Fls"}. |
|
217 *} |
|
218 |
|
219 lemma hyps_finite: "finite(hyps p t)" |
|
220 by (induct_tac "p", auto) |
|
221 |
|
222 lemma hyps_subset: "hyps p t <= (UN v. {#v, #v->false})" |
|
223 by (induct_tac "p", auto) |
|
224 |
|
225 lemmas Diff_weaken_left = Diff_mono [OF _ subset_refl, THEN weaken_left] |
|
226 |
|
227 subsubsection {* Completeness theorem *} |
|
228 |
|
229 text {* |
|
230 Induction on the finite set of assumptions @{term "hyps p t0"}. We |
|
231 may repeatedly subtract assumptions until none are left! |
|
232 *} |
|
233 |
|
234 lemma completeness_0_lemma: |
|
235 "{} |= p ==> \<forall>t. hyps p t - hyps p t0 |- p" |
|
236 apply (rule hyps_subset [THEN hyps_finite [THEN finite_subset_induct]]) |
|
237 apply (simp add: sat_thms_p, safe) |
|
238 (*Case hyps p t-insert(#v,Y) |- p *) |
|
239 apply (rule thms_excluded_middle_rule) |
|
240 apply (rule insert_Diff_same [THEN weaken_left]) |
|
241 apply (erule spec) |
|
242 apply (rule insert_Diff_subset2 [THEN weaken_left]) |
|
243 apply (rule hyps_Diff [THEN Diff_weaken_left]) |
|
244 apply (erule spec) |
|
245 (*Case hyps p t-insert(#v -> false,Y) |- p *) |
|
246 apply (rule thms_excluded_middle_rule) |
|
247 apply (rule_tac [2] insert_Diff_same [THEN weaken_left]) |
|
248 apply (erule_tac [2] spec) |
|
249 apply (rule insert_Diff_subset2 [THEN weaken_left]) |
|
250 apply (rule hyps_insert [THEN Diff_weaken_left]) |
|
251 apply (erule spec) |
|
252 done |
|
253 |
|
254 text{*The base case for completeness*} |
|
255 lemma completeness_0: "{} |= p ==> {} |- p" |
|
256 apply (rule Diff_cancel [THEN subst]) |
|
257 apply (erule completeness_0_lemma [THEN spec]) |
|
258 done |
|
259 |
|
260 text{*A semantic analogue of the Deduction Theorem*} |
|
261 lemma sat_imp: "insert p H |= q ==> H |= p->q" |
|
262 by (unfold sat_def, auto) |
|
263 |
|
264 theorem completeness [rule_format]: "finite H ==> \<forall>p. H |= p --> H |- p" |
|
265 apply (erule finite_induct) |
|
266 apply (safe intro!: completeness_0) |
|
267 apply (drule sat_imp) |
|
268 apply (drule spec) |
|
269 apply (blast intro: weaken_left_insert [THEN thms.MP]) |
|
270 done |
|
271 |
|
272 theorem syntax_iff_semantics: "finite H ==> (H |- p) = (H |= p)" |
|
273 by (fast elim!: soundness completeness) |
|
274 |
44 end |
275 end |
45 |
276 |