1 % |
|
2 \begin{isabellebody}% |
|
3 \def\isabellecontext{logic}% |
|
4 % |
|
5 \isadelimtheory |
|
6 % |
|
7 \endisadelimtheory |
|
8 % |
|
9 \isatagtheory |
|
10 \isacommand{theory}\isamarkupfalse% |
|
11 \ logic\ \isakeyword{imports}\ base\ \isakeyword{begin}% |
|
12 \endisatagtheory |
|
13 {\isafoldtheory}% |
|
14 % |
|
15 \isadelimtheory |
|
16 % |
|
17 \endisadelimtheory |
|
18 % |
|
19 \isamarkupchapter{Primitive logic \label{ch:logic}% |
|
20 } |
|
21 \isamarkuptrue% |
|
22 % |
|
23 \begin{isamarkuptext}% |
|
24 The logical foundations of Isabelle/Isar are that of the Pure logic, |
|
25 which has been introduced as a natural-deduction framework in |
|
26 \cite{paulson700}. This is essentially the same logic as ``\isa{{\isasymlambda}HOL}'' in the more abstract setting of Pure Type Systems (PTS) |
|
27 \cite{Barendregt-Geuvers:2001}, although there are some key |
|
28 differences in the specific treatment of simple types in |
|
29 Isabelle/Pure. |
|
30 |
|
31 Following type-theoretic parlance, the Pure logic consists of three |
|
32 levels of \isa{{\isasymlambda}}-calculus with corresponding arrows, \isa{{\isasymRightarrow}} for syntactic function space (terms depending on terms), \isa{{\isasymAnd}} for universal quantification (proofs depending on terms), and |
|
33 \isa{{\isasymLongrightarrow}} for implication (proofs depending on proofs). |
|
34 |
|
35 Derivations are relative to a logical theory, which declares type |
|
36 constructors, constants, and axioms. Theory declarations support |
|
37 schematic polymorphism, which is strictly speaking outside the |
|
38 logic.\footnote{This is the deeper logical reason, why the theory |
|
39 context \isa{{\isasymTheta}} is separate from the proof context \isa{{\isasymGamma}} |
|
40 of the core calculus.}% |
|
41 \end{isamarkuptext}% |
|
42 \isamarkuptrue% |
|
43 % |
|
44 \isamarkupsection{Types \label{sec:types}% |
|
45 } |
|
46 \isamarkuptrue% |
|
47 % |
|
48 \begin{isamarkuptext}% |
|
49 The language of types is an uninterpreted order-sorted first-order |
|
50 algebra; types are qualified by ordered type classes. |
|
51 |
|
52 \medskip A \emph{type class} is an abstract syntactic entity |
|
53 declared in the theory context. The \emph{subclass relation} \isa{c\isactrlisub {\isadigit{1}}\ {\isasymsubseteq}\ c\isactrlisub {\isadigit{2}}} is specified by stating an acyclic |
|
54 generating relation; the transitive closure is maintained |
|
55 internally. The resulting relation is an ordering: reflexive, |
|
56 transitive, and antisymmetric. |
|
57 |
|
58 A \emph{sort} is a list of type classes written as \isa{s\ {\isacharequal}\ {\isacharbraceleft}c\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ c\isactrlisub m{\isacharbraceright}}, which represents symbolic |
|
59 intersection. Notationally, the curly braces are omitted for |
|
60 singleton intersections, i.e.\ any class \isa{c} may be read as |
|
61 a sort \isa{{\isacharbraceleft}c{\isacharbraceright}}. The ordering on type classes is extended to |
|
62 sorts according to the meaning of intersections: \isa{{\isacharbraceleft}c\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}\ c\isactrlisub m{\isacharbraceright}\ {\isasymsubseteq}\ {\isacharbraceleft}d\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ d\isactrlisub n{\isacharbraceright}} iff |
|
63 \isa{{\isasymforall}j{\isachardot}\ {\isasymexists}i{\isachardot}\ c\isactrlisub i\ {\isasymsubseteq}\ d\isactrlisub j}. The empty intersection |
|
64 \isa{{\isacharbraceleft}{\isacharbraceright}} refers to the universal sort, which is the largest |
|
65 element wrt.\ the sort order. The intersections of all (finitely |
|
66 many) classes declared in the current theory are the minimal |
|
67 elements wrt.\ the sort order. |
|
68 |
|
69 \medskip A \emph{fixed type variable} is a pair of a basic name |
|
70 (starting with a \isa{{\isacharprime}} character) and a sort constraint, e.g.\ |
|
71 \isa{{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ s{\isacharparenright}} which is usually printed as \isa{{\isasymalpha}\isactrlisub s}. |
|
72 A \emph{schematic type variable} is a pair of an indexname and a |
|
73 sort constraint, e.g.\ \isa{{\isacharparenleft}{\isacharparenleft}{\isacharprime}a{\isacharcomma}\ {\isadigit{0}}{\isacharparenright}{\isacharcomma}\ s{\isacharparenright}} which is usually |
|
74 printed as \isa{{\isacharquery}{\isasymalpha}\isactrlisub s}. |
|
75 |
|
76 Note that \emph{all} syntactic components contribute to the identity |
|
77 of type variables, including the sort constraint. The core logic |
|
78 handles type variables with the same name but different sorts as |
|
79 different, although some outer layers of the system make it hard to |
|
80 produce anything like this. |
|
81 |
|
82 A \emph{type constructor} \isa{{\isasymkappa}} is a \isa{k}-ary operator |
|
83 on types declared in the theory. Type constructor application is |
|
84 written postfix as \isa{{\isacharparenleft}{\isasymalpha}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlisub k{\isacharparenright}{\isasymkappa}}. For |
|
85 \isa{k\ {\isacharequal}\ {\isadigit{0}}} the argument tuple is omitted, e.g.\ \isa{prop} |
|
86 instead of \isa{{\isacharparenleft}{\isacharparenright}prop}. For \isa{k\ {\isacharequal}\ {\isadigit{1}}} the parentheses |
|
87 are omitted, e.g.\ \isa{{\isasymalpha}\ list} instead of \isa{{\isacharparenleft}{\isasymalpha}{\isacharparenright}list}. |
|
88 Further notation is provided for specific constructors, notably the |
|
89 right-associative infix \isa{{\isasymalpha}\ {\isasymRightarrow}\ {\isasymbeta}} instead of \isa{{\isacharparenleft}{\isasymalpha}{\isacharcomma}\ {\isasymbeta}{\isacharparenright}fun}. |
|
90 |
|
91 A \emph{type} is defined inductively over type variables and type |
|
92 constructors as follows: \isa{{\isasymtau}\ {\isacharequal}\ {\isasymalpha}\isactrlisub s\ {\isacharbar}\ {\isacharquery}{\isasymalpha}\isactrlisub s\ {\isacharbar}\ {\isacharparenleft}{\isasymtau}\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymtau}\isactrlsub k{\isacharparenright}{\isasymkappa}}. |
|
93 |
|
94 A \emph{type abbreviation} is a syntactic definition \isa{{\isacharparenleft}\isactrlvec {\isasymalpha}{\isacharparenright}{\isasymkappa}\ {\isacharequal}\ {\isasymtau}} of an arbitrary type expression \isa{{\isasymtau}} over |
|
95 variables \isa{\isactrlvec {\isasymalpha}}. Type abbreviations appear as type |
|
96 constructors in the syntax, but are expanded before entering the |
|
97 logical core. |
|
98 |
|
99 A \emph{type arity} declares the image behavior of a type |
|
100 constructor wrt.\ the algebra of sorts: \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}s\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ s\isactrlisub k{\isacharparenright}s} means that \isa{{\isacharparenleft}{\isasymtau}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymtau}\isactrlisub k{\isacharparenright}{\isasymkappa}} is |
|
101 of sort \isa{s} if every argument type \isa{{\isasymtau}\isactrlisub i} is |
|
102 of sort \isa{s\isactrlisub i}. Arity declarations are implicitly |
|
103 completed, i.e.\ \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s{\isacharparenright}c} entails \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s{\isacharparenright}c{\isacharprime}} for any \isa{c{\isacharprime}\ {\isasymsupseteq}\ c}. |
|
104 |
|
105 \medskip The sort algebra is always maintained as \emph{coregular}, |
|
106 which means that type arities are consistent with the subclass |
|
107 relation: for any type constructor \isa{{\isasymkappa}}, and classes \isa{c\isactrlisub {\isadigit{1}}\ {\isasymsubseteq}\ c\isactrlisub {\isadigit{2}}}, and arities \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s\isactrlisub {\isadigit{1}}{\isacharparenright}c\isactrlisub {\isadigit{1}}} and \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s\isactrlisub {\isadigit{2}}{\isacharparenright}c\isactrlisub {\isadigit{2}}} holds \isa{\isactrlvec s\isactrlisub {\isadigit{1}}\ {\isasymsubseteq}\ \isactrlvec s\isactrlisub {\isadigit{2}}} component-wise. |
|
108 |
|
109 The key property of a coregular order-sorted algebra is that sort |
|
110 constraints can be solved in a most general fashion: for each type |
|
111 constructor \isa{{\isasymkappa}} and sort \isa{s} there is a most general |
|
112 vector of argument sorts \isa{{\isacharparenleft}s\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ s\isactrlisub k{\isacharparenright}} such |
|
113 that a type scheme \isa{{\isacharparenleft}{\isasymalpha}\isactrlbsub s\isactrlisub {\isadigit{1}}\isactrlesub {\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymalpha}\isactrlbsub s\isactrlisub k\isactrlesub {\isacharparenright}{\isasymkappa}} is of sort \isa{s}. |
|
114 Consequently, type unification has most general solutions (modulo |
|
115 equivalence of sorts), so type-inference produces primary types as |
|
116 expected \cite{nipkow-prehofer}.% |
|
117 \end{isamarkuptext}% |
|
118 \isamarkuptrue% |
|
119 % |
|
120 \isadelimmlref |
|
121 % |
|
122 \endisadelimmlref |
|
123 % |
|
124 \isatagmlref |
|
125 % |
|
126 \begin{isamarkuptext}% |
|
127 \begin{mldecls} |
|
128 \indexmltype{class}\verb|type class| \\ |
|
129 \indexmltype{sort}\verb|type sort| \\ |
|
130 \indexmltype{arity}\verb|type arity| \\ |
|
131 \indexmltype{typ}\verb|type typ| \\ |
|
132 \indexml{map\_atyps}\verb|map_atyps: (typ -> typ) -> typ -> typ| \\ |
|
133 \indexml{fold\_atyps}\verb|fold_atyps: (typ -> 'a -> 'a) -> typ -> 'a -> 'a| \\ |
|
134 \end{mldecls} |
|
135 \begin{mldecls} |
|
136 \indexml{Sign.subsort}\verb|Sign.subsort: theory -> sort * sort -> bool| \\ |
|
137 \indexml{Sign.of\_sort}\verb|Sign.of_sort: theory -> typ * sort -> bool| \\ |
|
138 \indexml{Sign.add\_types}\verb|Sign.add_types: (string * int * mixfix) list -> theory -> theory| \\ |
|
139 \indexml{Sign.add\_tyabbrs\_i}\verb|Sign.add_tyabbrs_i: |\isasep\isanewline% |
|
140 \verb| (string * string list * typ * mixfix) list -> theory -> theory| \\ |
|
141 \indexml{Sign.primitive\_class}\verb|Sign.primitive_class: string * class list -> theory -> theory| \\ |
|
142 \indexml{Sign.primitive\_classrel}\verb|Sign.primitive_classrel: class * class -> theory -> theory| \\ |
|
143 \indexml{Sign.primitive\_arity}\verb|Sign.primitive_arity: arity -> theory -> theory| \\ |
|
144 \end{mldecls} |
|
145 |
|
146 \begin{description} |
|
147 |
|
148 \item \verb|class| represents type classes; this is an alias for |
|
149 \verb|string|. |
|
150 |
|
151 \item \verb|sort| represents sorts; this is an alias for |
|
152 \verb|class list|. |
|
153 |
|
154 \item \verb|arity| represents type arities; this is an alias for |
|
155 triples of the form \isa{{\isacharparenleft}{\isasymkappa}{\isacharcomma}\ \isactrlvec s{\isacharcomma}\ s{\isacharparenright}} for \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s{\isacharparenright}s} described above. |
|
156 |
|
157 \item \verb|typ| represents types; this is a datatype with |
|
158 constructors \verb|TFree|, \verb|TVar|, \verb|Type|. |
|
159 |
|
160 \item \verb|map_atyps|~\isa{f\ {\isasymtau}} applies the mapping \isa{f} |
|
161 to all atomic types (\verb|TFree|, \verb|TVar|) occurring in \isa{{\isasymtau}}. |
|
162 |
|
163 \item \verb|fold_atyps|~\isa{f\ {\isasymtau}} iterates the operation \isa{f} over all occurrences of atomic types (\verb|TFree|, \verb|TVar|) |
|
164 in \isa{{\isasymtau}}; the type structure is traversed from left to right. |
|
165 |
|
166 \item \verb|Sign.subsort|~\isa{thy\ {\isacharparenleft}s\isactrlisub {\isadigit{1}}{\isacharcomma}\ s\isactrlisub {\isadigit{2}}{\isacharparenright}} |
|
167 tests the subsort relation \isa{s\isactrlisub {\isadigit{1}}\ {\isasymsubseteq}\ s\isactrlisub {\isadigit{2}}}. |
|
168 |
|
169 \item \verb|Sign.of_sort|~\isa{thy\ {\isacharparenleft}{\isasymtau}{\isacharcomma}\ s{\isacharparenright}} tests whether type |
|
170 \isa{{\isasymtau}} is of sort \isa{s}. |
|
171 |
|
172 \item \verb|Sign.add_types|~\isa{{\isacharbrackleft}{\isacharparenleft}{\isasymkappa}{\isacharcomma}\ k{\isacharcomma}\ mx{\isacharparenright}{\isacharcomma}\ {\isasymdots}{\isacharbrackright}} declares a new |
|
173 type constructors \isa{{\isasymkappa}} with \isa{k} arguments and |
|
174 optional mixfix syntax. |
|
175 |
|
176 \item \verb|Sign.add_tyabbrs_i|~\isa{{\isacharbrackleft}{\isacharparenleft}{\isasymkappa}{\isacharcomma}\ \isactrlvec {\isasymalpha}{\isacharcomma}\ {\isasymtau}{\isacharcomma}\ mx{\isacharparenright}{\isacharcomma}\ {\isasymdots}{\isacharbrackright}} |
|
177 defines a new type abbreviation \isa{{\isacharparenleft}\isactrlvec {\isasymalpha}{\isacharparenright}{\isasymkappa}\ {\isacharequal}\ {\isasymtau}} with |
|
178 optional mixfix syntax. |
|
179 |
|
180 \item \verb|Sign.primitive_class|~\isa{{\isacharparenleft}c{\isacharcomma}\ {\isacharbrackleft}c\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ c\isactrlisub n{\isacharbrackright}{\isacharparenright}} declares a new class \isa{c}, together with class |
|
181 relations \isa{c\ {\isasymsubseteq}\ c\isactrlisub i}, for \isa{i\ {\isacharequal}\ {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ n}. |
|
182 |
|
183 \item \verb|Sign.primitive_classrel|~\isa{{\isacharparenleft}c\isactrlisub {\isadigit{1}}{\isacharcomma}\ c\isactrlisub {\isadigit{2}}{\isacharparenright}} declares the class relation \isa{c\isactrlisub {\isadigit{1}}\ {\isasymsubseteq}\ c\isactrlisub {\isadigit{2}}}. |
|
184 |
|
185 \item \verb|Sign.primitive_arity|~\isa{{\isacharparenleft}{\isasymkappa}{\isacharcomma}\ \isactrlvec s{\isacharcomma}\ s{\isacharparenright}} declares |
|
186 the arity \isa{{\isasymkappa}\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}\isactrlvec s{\isacharparenright}s}. |
|
187 |
|
188 \end{description}% |
|
189 \end{isamarkuptext}% |
|
190 \isamarkuptrue% |
|
191 % |
|
192 \endisatagmlref |
|
193 {\isafoldmlref}% |
|
194 % |
|
195 \isadelimmlref |
|
196 % |
|
197 \endisadelimmlref |
|
198 % |
|
199 \isamarkupsection{Terms \label{sec:terms}% |
|
200 } |
|
201 \isamarkuptrue% |
|
202 % |
|
203 \begin{isamarkuptext}% |
|
204 \glossary{Term}{FIXME} |
|
205 |
|
206 The language of terms is that of simply-typed \isa{{\isasymlambda}}-calculus |
|
207 with de-Bruijn indices for bound variables (cf.\ \cite{debruijn72} |
|
208 or \cite{paulson-ml2}), with the types being determined determined |
|
209 by the corresponding binders. In contrast, free variables and |
|
210 constants are have an explicit name and type in each occurrence. |
|
211 |
|
212 \medskip A \emph{bound variable} is a natural number \isa{b}, |
|
213 which accounts for the number of intermediate binders between the |
|
214 variable occurrence in the body and its binding position. For |
|
215 example, the de-Bruijn term \isa{{\isasymlambda}\isactrlbsub nat\isactrlesub {\isachardot}\ {\isasymlambda}\isactrlbsub nat\isactrlesub {\isachardot}\ {\isadigit{1}}\ {\isacharplus}\ {\isadigit{0}}} would |
|
216 correspond to \isa{{\isasymlambda}x\isactrlbsub nat\isactrlesub {\isachardot}\ {\isasymlambda}y\isactrlbsub nat\isactrlesub {\isachardot}\ x\ {\isacharplus}\ y} in a named |
|
217 representation. Note that a bound variable may be represented by |
|
218 different de-Bruijn indices at different occurrences, depending on |
|
219 the nesting of abstractions. |
|
220 |
|
221 A \emph{loose variable} is a bound variable that is outside the |
|
222 scope of local binders. The types (and names) for loose variables |
|
223 can be managed as a separate context, that is maintained as a stack |
|
224 of hypothetical binders. The core logic operates on closed terms, |
|
225 without any loose variables. |
|
226 |
|
227 A \emph{fixed variable} is a pair of a basic name and a type, e.g.\ |
|
228 \isa{{\isacharparenleft}x{\isacharcomma}\ {\isasymtau}{\isacharparenright}} which is usually printed \isa{x\isactrlisub {\isasymtau}}. A |
|
229 \emph{schematic variable} is a pair of an indexname and a type, |
|
230 e.g.\ \isa{{\isacharparenleft}{\isacharparenleft}x{\isacharcomma}\ {\isadigit{0}}{\isacharparenright}{\isacharcomma}\ {\isasymtau}{\isacharparenright}} which is usually printed as \isa{{\isacharquery}x\isactrlisub {\isasymtau}}. |
|
231 |
|
232 \medskip A \emph{constant} is a pair of a basic name and a type, |
|
233 e.g.\ \isa{{\isacharparenleft}c{\isacharcomma}\ {\isasymtau}{\isacharparenright}} which is usually printed as \isa{c\isactrlisub {\isasymtau}}. Constants are declared in the context as polymorphic |
|
234 families \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}}, meaning that all substitution instances |
|
235 \isa{c\isactrlisub {\isasymtau}} for \isa{{\isasymtau}\ {\isacharequal}\ {\isasymsigma}{\isasymvartheta}} are valid. |
|
236 |
|
237 The vector of \emph{type arguments} of constant \isa{c\isactrlisub {\isasymtau}} |
|
238 wrt.\ the declaration \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} is defined as the codomain of |
|
239 the matcher \isa{{\isasymvartheta}\ {\isacharequal}\ {\isacharbraceleft}{\isacharquery}{\isasymalpha}\isactrlisub {\isadigit{1}}\ {\isasymmapsto}\ {\isasymtau}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isacharquery}{\isasymalpha}\isactrlisub n\ {\isasymmapsto}\ {\isasymtau}\isactrlisub n{\isacharbraceright}} presented in canonical order \isa{{\isacharparenleft}{\isasymtau}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymtau}\isactrlisub n{\isacharparenright}}. Within a given theory context, |
|
240 there is a one-to-one correspondence between any constant \isa{c\isactrlisub {\isasymtau}} and the application \isa{c{\isacharparenleft}{\isasymtau}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymtau}\isactrlisub n{\isacharparenright}} of its type arguments. For example, with \isa{plus\ {\isacharcolon}{\isacharcolon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}}, the instance \isa{plus\isactrlbsub nat\ {\isasymRightarrow}\ nat\ {\isasymRightarrow}\ nat\isactrlesub } corresponds to \isa{plus{\isacharparenleft}nat{\isacharparenright}}. |
|
241 |
|
242 Constant declarations \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} may contain sort constraints |
|
243 for type variables in \isa{{\isasymsigma}}. These are observed by |
|
244 type-inference as expected, but \emph{ignored} by the core logic. |
|
245 This means the primitive logic is able to reason with instances of |
|
246 polymorphic constants that the user-level type-checker would reject |
|
247 due to violation of type class restrictions. |
|
248 |
|
249 \medskip An \emph{atomic} term is either a variable or constant. A |
|
250 \emph{term} is defined inductively over atomic terms, with |
|
251 abstraction and application as follows: \isa{t\ {\isacharequal}\ b\ {\isacharbar}\ x\isactrlisub {\isasymtau}\ {\isacharbar}\ {\isacharquery}x\isactrlisub {\isasymtau}\ {\isacharbar}\ c\isactrlisub {\isasymtau}\ {\isacharbar}\ {\isasymlambda}\isactrlisub {\isasymtau}{\isachardot}\ t\ {\isacharbar}\ t\isactrlisub {\isadigit{1}}\ t\isactrlisub {\isadigit{2}}}. |
|
252 Parsing and printing takes care of converting between an external |
|
253 representation with named bound variables. Subsequently, we shall |
|
254 use the latter notation instead of internal de-Bruijn |
|
255 representation. |
|
256 |
|
257 The inductive relation \isa{t\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}} assigns a (unique) type to a |
|
258 term according to the structure of atomic terms, abstractions, and |
|
259 applicatins: |
|
260 \[ |
|
261 \infer{\isa{a\isactrlisub {\isasymtau}\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}}}{} |
|
262 \qquad |
|
263 \infer{\isa{{\isacharparenleft}{\isasymlambda}x\isactrlsub {\isasymtau}{\isachardot}\ t{\isacharparenright}\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymsigma}}}{\isa{t\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}}} |
|
264 \qquad |
|
265 \infer{\isa{t\ u\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}}}{\isa{t\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}\ {\isasymRightarrow}\ {\isasymsigma}} & \isa{u\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}}} |
|
266 \] |
|
267 A \emph{well-typed term} is a term that can be typed according to these rules. |
|
268 |
|
269 Typing information can be omitted: type-inference is able to |
|
270 reconstruct the most general type of a raw term, while assigning |
|
271 most general types to all of its variables and constants. |
|
272 Type-inference depends on a context of type constraints for fixed |
|
273 variables, and declarations for polymorphic constants. |
|
274 |
|
275 The identity of atomic terms consists both of the name and the type |
|
276 component. This means that different variables \isa{x\isactrlbsub {\isasymtau}\isactrlisub {\isadigit{1}}\isactrlesub } and \isa{x\isactrlbsub {\isasymtau}\isactrlisub {\isadigit{2}}\isactrlesub } may become the same after type |
|
277 instantiation. Some outer layers of the system make it hard to |
|
278 produce variables of the same name, but different types. In |
|
279 contrast, mixed instances of polymorphic constants occur frequently. |
|
280 |
|
281 \medskip The \emph{hidden polymorphism} of a term \isa{t\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} |
|
282 is the set of type variables occurring in \isa{t}, but not in |
|
283 \isa{{\isasymsigma}}. This means that the term implicitly depends on type |
|
284 arguments that are not accounted in the result type, i.e.\ there are |
|
285 different type instances \isa{t{\isasymvartheta}\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} and \isa{t{\isasymvartheta}{\isacharprime}\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} with the same type. This slightly |
|
286 pathological situation notoriously demands additional care. |
|
287 |
|
288 \medskip A \emph{term abbreviation} is a syntactic definition \isa{c\isactrlisub {\isasymsigma}\ {\isasymequiv}\ t} of a closed term \isa{t} of type \isa{{\isasymsigma}}, |
|
289 without any hidden polymorphism. A term abbreviation looks like a |
|
290 constant in the syntax, but is expanded before entering the logical |
|
291 core. Abbreviations are usually reverted when printing terms, using |
|
292 \isa{t\ {\isasymrightarrow}\ c\isactrlisub {\isasymsigma}} as rules for higher-order rewriting. |
|
293 |
|
294 \medskip Canonical operations on \isa{{\isasymlambda}}-terms include \isa{{\isasymalpha}{\isasymbeta}{\isasymeta}}-conversion: \isa{{\isasymalpha}}-conversion refers to capture-free |
|
295 renaming of bound variables; \isa{{\isasymbeta}}-conversion contracts an |
|
296 abstraction applied to an argument term, substituting the argument |
|
297 in the body: \isa{{\isacharparenleft}{\isasymlambda}x{\isachardot}\ b{\isacharparenright}a} becomes \isa{b{\isacharbrackleft}a{\isacharslash}x{\isacharbrackright}}; \isa{{\isasymeta}}-conversion contracts vacuous application-abstraction: \isa{{\isasymlambda}x{\isachardot}\ f\ x} becomes \isa{f}, provided that the bound variable |
|
298 does not occur in \isa{f}. |
|
299 |
|
300 Terms are normally treated modulo \isa{{\isasymalpha}}-conversion, which is |
|
301 implicit in the de-Bruijn representation. Names for bound variables |
|
302 in abstractions are maintained separately as (meaningless) comments, |
|
303 mostly for parsing and printing. Full \isa{{\isasymalpha}{\isasymbeta}{\isasymeta}}-conversion is |
|
304 commonplace in various standard operations (\secref{sec:obj-rules}) |
|
305 that are based on higher-order unification and matching.% |
|
306 \end{isamarkuptext}% |
|
307 \isamarkuptrue% |
|
308 % |
|
309 \isadelimmlref |
|
310 % |
|
311 \endisadelimmlref |
|
312 % |
|
313 \isatagmlref |
|
314 % |
|
315 \begin{isamarkuptext}% |
|
316 \begin{mldecls} |
|
317 \indexmltype{term}\verb|type term| \\ |
|
318 \indexml{op aconv}\verb|op aconv: term * term -> bool| \\ |
|
319 \indexml{map\_types}\verb|map_types: (typ -> typ) -> term -> term| \\ |
|
320 \indexml{fold\_types}\verb|fold_types: (typ -> 'a -> 'a) -> term -> 'a -> 'a| \\ |
|
321 \indexml{map\_aterms}\verb|map_aterms: (term -> term) -> term -> term| \\ |
|
322 \indexml{fold\_aterms}\verb|fold_aterms: (term -> 'a -> 'a) -> term -> 'a -> 'a| \\ |
|
323 \end{mldecls} |
|
324 \begin{mldecls} |
|
325 \indexml{fastype\_of}\verb|fastype_of: term -> typ| \\ |
|
326 \indexml{lambda}\verb|lambda: term -> term -> term| \\ |
|
327 \indexml{betapply}\verb|betapply: term * term -> term| \\ |
|
328 \indexml{Sign.declare\_const}\verb|Sign.declare_const: Properties.T -> (binding * typ) * mixfix ->|\isasep\isanewline% |
|
329 \verb| theory -> term * theory| \\ |
|
330 \indexml{Sign.add\_abbrev}\verb|Sign.add_abbrev: string -> Properties.T -> binding * term ->|\isasep\isanewline% |
|
331 \verb| theory -> (term * term) * theory| \\ |
|
332 \indexml{Sign.const\_typargs}\verb|Sign.const_typargs: theory -> string * typ -> typ list| \\ |
|
333 \indexml{Sign.const\_instance}\verb|Sign.const_instance: theory -> string * typ list -> typ| \\ |
|
334 \end{mldecls} |
|
335 |
|
336 \begin{description} |
|
337 |
|
338 \item \verb|term| represents de-Bruijn terms, with comments in |
|
339 abstractions, and explicitly named free variables and constants; |
|
340 this is a datatype with constructors \verb|Bound|, \verb|Free|, \verb|Var|, \verb|Const|, \verb|Abs|, \verb|op $|. |
|
341 |
|
342 \item \isa{t}~\verb|aconv|~\isa{u} checks \isa{{\isasymalpha}}-equivalence of two terms. This is the basic equality relation |
|
343 on type \verb|term|; raw datatype equality should only be used |
|
344 for operations related to parsing or printing! |
|
345 |
|
346 \item \verb|map_types|~\isa{f\ t} applies the mapping \isa{f} to all types occurring in \isa{t}. |
|
347 |
|
348 \item \verb|fold_types|~\isa{f\ t} iterates the operation \isa{f} over all occurrences of types in \isa{t}; the term |
|
349 structure is traversed from left to right. |
|
350 |
|
351 \item \verb|map_aterms|~\isa{f\ t} applies the mapping \isa{f} |
|
352 to all atomic terms (\verb|Bound|, \verb|Free|, \verb|Var|, \verb|Const|) occurring in \isa{t}. |
|
353 |
|
354 \item \verb|fold_aterms|~\isa{f\ t} iterates the operation \isa{f} over all occurrences of atomic terms (\verb|Bound|, \verb|Free|, |
|
355 \verb|Var|, \verb|Const|) in \isa{t}; the term structure is |
|
356 traversed from left to right. |
|
357 |
|
358 \item \verb|fastype_of|~\isa{t} determines the type of a |
|
359 well-typed term. This operation is relatively slow, despite the |
|
360 omission of any sanity checks. |
|
361 |
|
362 \item \verb|lambda|~\isa{a\ b} produces an abstraction \isa{{\isasymlambda}a{\isachardot}\ b}, where occurrences of the atomic term \isa{a} in the |
|
363 body \isa{b} are replaced by bound variables. |
|
364 |
|
365 \item \verb|betapply|~\isa{{\isacharparenleft}t{\isacharcomma}\ u{\isacharparenright}} produces an application \isa{t\ u}, with topmost \isa{{\isasymbeta}}-conversion if \isa{t} is an |
|
366 abstraction. |
|
367 |
|
368 \item \verb|Sign.declare_const|~\isa{properties\ {\isacharparenleft}{\isacharparenleft}c{\isacharcomma}\ {\isasymsigma}{\isacharparenright}{\isacharcomma}\ mx{\isacharparenright}} |
|
369 declares a new constant \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} with optional mixfix |
|
370 syntax. |
|
371 |
|
372 \item \verb|Sign.add_abbrev|~\isa{print{\isacharunderscore}mode\ properties\ {\isacharparenleft}c{\isacharcomma}\ t{\isacharparenright}} |
|
373 introduces a new term abbreviation \isa{c\ {\isasymequiv}\ t}. |
|
374 |
|
375 \item \verb|Sign.const_typargs|~\isa{thy\ {\isacharparenleft}c{\isacharcomma}\ {\isasymtau}{\isacharparenright}} and \verb|Sign.const_instance|~\isa{thy\ {\isacharparenleft}c{\isacharcomma}\ {\isacharbrackleft}{\isasymtau}\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ {\isasymtau}\isactrlisub n{\isacharbrackright}{\isacharparenright}} |
|
376 convert between two representations of polymorphic constants: full |
|
377 type instance vs.\ compact type arguments form. |
|
378 |
|
379 \end{description}% |
|
380 \end{isamarkuptext}% |
|
381 \isamarkuptrue% |
|
382 % |
|
383 \endisatagmlref |
|
384 {\isafoldmlref}% |
|
385 % |
|
386 \isadelimmlref |
|
387 % |
|
388 \endisadelimmlref |
|
389 % |
|
390 \isamarkupsection{Theorems \label{sec:thms}% |
|
391 } |
|
392 \isamarkuptrue% |
|
393 % |
|
394 \begin{isamarkuptext}% |
|
395 \glossary{Proposition}{FIXME A \seeglossary{term} of |
|
396 \seeglossary{type} \isa{prop}. Internally, there is nothing |
|
397 special about propositions apart from their type, but the concrete |
|
398 syntax enforces a clear distinction. Propositions are structured |
|
399 via implication \isa{A\ {\isasymLongrightarrow}\ B} or universal quantification \isa{{\isasymAnd}x{\isachardot}\ B\ x} --- anything else is considered atomic. The canonical |
|
400 form for propositions is that of a \seeglossary{Hereditary Harrop |
|
401 Formula}. FIXME} |
|
402 |
|
403 \glossary{Theorem}{A proven proposition within a certain theory and |
|
404 proof context, formally \isa{{\isasymGamma}\ {\isasymturnstile}\isactrlsub {\isasymTheta}\ {\isasymphi}}; both contexts are |
|
405 rarely spelled out explicitly. Theorems are usually normalized |
|
406 according to the \seeglossary{HHF} format. FIXME} |
|
407 |
|
408 \glossary{Fact}{Sometimes used interchangeably for |
|
409 \seeglossary{theorem}. Strictly speaking, a list of theorems, |
|
410 essentially an extra-logical conjunction. Facts emerge either as |
|
411 local assumptions, or as results of local goal statements --- both |
|
412 may be simultaneous, hence the list representation. FIXME} |
|
413 |
|
414 \glossary{Schematic variable}{FIXME} |
|
415 |
|
416 \glossary{Fixed variable}{A variable that is bound within a certain |
|
417 proof context; an arbitrary-but-fixed entity within a portion of |
|
418 proof text. FIXME} |
|
419 |
|
420 \glossary{Free variable}{Synonymous for \seeglossary{fixed |
|
421 variable}. FIXME} |
|
422 |
|
423 \glossary{Bound variable}{FIXME} |
|
424 |
|
425 \glossary{Variable}{See \seeglossary{schematic variable}, |
|
426 \seeglossary{fixed variable}, \seeglossary{bound variable}, or |
|
427 \seeglossary{type variable}. The distinguishing feature of |
|
428 different variables is their binding scope. FIXME} |
|
429 |
|
430 A \emph{proposition} is a well-typed term of type \isa{prop}, a |
|
431 \emph{theorem} is a proven proposition (depending on a context of |
|
432 hypotheses and the background theory). Primitive inferences include |
|
433 plain natural deduction rules for the primary connectives \isa{{\isasymAnd}} and \isa{{\isasymLongrightarrow}} of the framework. There is also a builtin |
|
434 notion of equality/equivalence \isa{{\isasymequiv}}.% |
|
435 \end{isamarkuptext}% |
|
436 \isamarkuptrue% |
|
437 % |
|
438 \isamarkupsubsection{Primitive connectives and rules \label{sec:prim-rules}% |
|
439 } |
|
440 \isamarkuptrue% |
|
441 % |
|
442 \begin{isamarkuptext}% |
|
443 The theory \isa{Pure} contains constant declarations for the |
|
444 primitive connectives \isa{{\isasymAnd}}, \isa{{\isasymLongrightarrow}}, and \isa{{\isasymequiv}} of |
|
445 the logical framework, see \figref{fig:pure-connectives}. The |
|
446 derivability judgment \isa{A\isactrlisub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ A\isactrlisub n\ {\isasymturnstile}\ B} is |
|
447 defined inductively by the primitive inferences given in |
|
448 \figref{fig:prim-rules}, with the global restriction that the |
|
449 hypotheses must \emph{not} contain any schematic variables. The |
|
450 builtin equality is conceptually axiomatized as shown in |
|
451 \figref{fig:pure-equality}, although the implementation works |
|
452 directly with derived inferences. |
|
453 |
|
454 \begin{figure}[htb] |
|
455 \begin{center} |
|
456 \begin{tabular}{ll} |
|
457 \isa{all\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}{\isasymalpha}\ {\isasymRightarrow}\ prop{\isacharparenright}\ {\isasymRightarrow}\ prop} & universal quantification (binder \isa{{\isasymAnd}}) \\ |
|
458 \isa{{\isasymLongrightarrow}\ {\isacharcolon}{\isacharcolon}\ prop\ {\isasymRightarrow}\ prop\ {\isasymRightarrow}\ prop} & implication (right associative infix) \\ |
|
459 \isa{{\isasymequiv}\ {\isacharcolon}{\isacharcolon}\ {\isasymalpha}\ {\isasymRightarrow}\ {\isasymalpha}\ {\isasymRightarrow}\ prop} & equality relation (infix) \\ |
|
460 \end{tabular} |
|
461 \caption{Primitive connectives of Pure}\label{fig:pure-connectives} |
|
462 \end{center} |
|
463 \end{figure} |
|
464 |
|
465 \begin{figure}[htb] |
|
466 \begin{center} |
|
467 \[ |
|
468 \infer[\isa{{\isacharparenleft}axiom{\isacharparenright}}]{\isa{{\isasymturnstile}\ A}}{\isa{A\ {\isasymin}\ {\isasymTheta}}} |
|
469 \qquad |
|
470 \infer[\isa{{\isacharparenleft}assume{\isacharparenright}}]{\isa{A\ {\isasymturnstile}\ A}}{} |
|
471 \] |
|
472 \[ |
|
473 \infer[\isa{{\isacharparenleft}{\isasymAnd}{\isacharunderscore}intro{\isacharparenright}}]{\isa{{\isasymGamma}\ {\isasymturnstile}\ {\isasymAnd}x{\isachardot}\ b{\isacharbrackleft}x{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ b{\isacharbrackleft}x{\isacharbrackright}} & \isa{x\ {\isasymnotin}\ {\isasymGamma}}} |
|
474 \qquad |
|
475 \infer[\isa{{\isacharparenleft}{\isasymAnd}{\isacharunderscore}elim{\isacharparenright}}]{\isa{{\isasymGamma}\ {\isasymturnstile}\ b{\isacharbrackleft}a{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ {\isasymAnd}x{\isachardot}\ b{\isacharbrackleft}x{\isacharbrackright}}} |
|
476 \] |
|
477 \[ |
|
478 \infer[\isa{{\isacharparenleft}{\isasymLongrightarrow}{\isacharunderscore}intro{\isacharparenright}}]{\isa{{\isasymGamma}\ {\isacharminus}\ A\ {\isasymturnstile}\ A\ {\isasymLongrightarrow}\ B}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ B}} |
|
479 \qquad |
|
480 \infer[\isa{{\isacharparenleft}{\isasymLongrightarrow}{\isacharunderscore}elim{\isacharparenright}}]{\isa{{\isasymGamma}\isactrlsub {\isadigit{1}}\ {\isasymunion}\ {\isasymGamma}\isactrlsub {\isadigit{2}}\ {\isasymturnstile}\ B}}{\isa{{\isasymGamma}\isactrlsub {\isadigit{1}}\ {\isasymturnstile}\ A\ {\isasymLongrightarrow}\ B} & \isa{{\isasymGamma}\isactrlsub {\isadigit{2}}\ {\isasymturnstile}\ A}} |
|
481 \] |
|
482 \caption{Primitive inferences of Pure}\label{fig:prim-rules} |
|
483 \end{center} |
|
484 \end{figure} |
|
485 |
|
486 \begin{figure}[htb] |
|
487 \begin{center} |
|
488 \begin{tabular}{ll} |
|
489 \isa{{\isasymturnstile}\ {\isacharparenleft}{\isasymlambda}x{\isachardot}\ b{\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}\ a\ {\isasymequiv}\ b{\isacharbrackleft}a{\isacharbrackright}} & \isa{{\isasymbeta}}-conversion \\ |
|
490 \isa{{\isasymturnstile}\ x\ {\isasymequiv}\ x} & reflexivity \\ |
|
491 \isa{{\isasymturnstile}\ x\ {\isasymequiv}\ y\ {\isasymLongrightarrow}\ P\ x\ {\isasymLongrightarrow}\ P\ y} & substitution \\ |
|
492 \isa{{\isasymturnstile}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ f\ x\ {\isasymequiv}\ g\ x{\isacharparenright}\ {\isasymLongrightarrow}\ f\ {\isasymequiv}\ g} & extensionality \\ |
|
493 \isa{{\isasymturnstile}\ {\isacharparenleft}A\ {\isasymLongrightarrow}\ B{\isacharparenright}\ {\isasymLongrightarrow}\ {\isacharparenleft}B\ {\isasymLongrightarrow}\ A{\isacharparenright}\ {\isasymLongrightarrow}\ A\ {\isasymequiv}\ B} & logical equivalence \\ |
|
494 \end{tabular} |
|
495 \caption{Conceptual axiomatization of Pure equality}\label{fig:pure-equality} |
|
496 \end{center} |
|
497 \end{figure} |
|
498 |
|
499 The introduction and elimination rules for \isa{{\isasymAnd}} and \isa{{\isasymLongrightarrow}} are analogous to formation of dependently typed \isa{{\isasymlambda}}-terms representing the underlying proof objects. Proof terms |
|
500 are irrelevant in the Pure logic, though; they cannot occur within |
|
501 propositions. The system provides a runtime option to record |
|
502 explicit proof terms for primitive inferences. Thus all three |
|
503 levels of \isa{{\isasymlambda}}-calculus become explicit: \isa{{\isasymRightarrow}} for |
|
504 terms, and \isa{{\isasymAnd}{\isacharslash}{\isasymLongrightarrow}} for proofs (cf.\ |
|
505 \cite{Berghofer-Nipkow:2000:TPHOL}). |
|
506 |
|
507 Observe that locally fixed parameters (as in \isa{{\isasymAnd}{\isacharunderscore}intro}) need |
|
508 not be recorded in the hypotheses, because the simple syntactic |
|
509 types of Pure are always inhabitable. ``Assumptions'' \isa{x\ {\isacharcolon}{\isacharcolon}\ {\isasymtau}} for type-membership are only present as long as some \isa{x\isactrlisub {\isasymtau}} occurs in the statement body.\footnote{This is the key |
|
510 difference to ``\isa{{\isasymlambda}HOL}'' in the PTS framework |
|
511 \cite{Barendregt-Geuvers:2001}, where hypotheses \isa{x\ {\isacharcolon}\ A} are |
|
512 treated uniformly for propositions and types.} |
|
513 |
|
514 \medskip The axiomatization of a theory is implicitly closed by |
|
515 forming all instances of type and term variables: \isa{{\isasymturnstile}\ A{\isasymvartheta}} holds for any substitution instance of an axiom |
|
516 \isa{{\isasymturnstile}\ A}. By pushing substitutions through derivations |
|
517 inductively, we also get admissible \isa{generalize} and \isa{instance} rules as shown in \figref{fig:subst-rules}. |
|
518 |
|
519 \begin{figure}[htb] |
|
520 \begin{center} |
|
521 \[ |
|
522 \infer{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isacharquery}{\isasymalpha}{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isasymalpha}{\isacharbrackright}} & \isa{{\isasymalpha}\ {\isasymnotin}\ {\isasymGamma}}} |
|
523 \quad |
|
524 \infer[\quad\isa{{\isacharparenleft}generalize{\isacharparenright}}]{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isacharquery}x{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}x{\isacharbrackright}} & \isa{x\ {\isasymnotin}\ {\isasymGamma}}} |
|
525 \] |
|
526 \[ |
|
527 \infer{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isasymtau}{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isacharquery}{\isasymalpha}{\isacharbrackright}}} |
|
528 \quad |
|
529 \infer[\quad\isa{{\isacharparenleft}instantiate{\isacharparenright}}]{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}t{\isacharbrackright}}}{\isa{{\isasymGamma}\ {\isasymturnstile}\ B{\isacharbrackleft}{\isacharquery}x{\isacharbrackright}}} |
|
530 \] |
|
531 \caption{Admissible substitution rules}\label{fig:subst-rules} |
|
532 \end{center} |
|
533 \end{figure} |
|
534 |
|
535 Note that \isa{instantiate} does not require an explicit |
|
536 side-condition, because \isa{{\isasymGamma}} may never contain schematic |
|
537 variables. |
|
538 |
|
539 In principle, variables could be substituted in hypotheses as well, |
|
540 but this would disrupt the monotonicity of reasoning: deriving |
|
541 \isa{{\isasymGamma}{\isasymvartheta}\ {\isasymturnstile}\ B{\isasymvartheta}} from \isa{{\isasymGamma}\ {\isasymturnstile}\ B} is |
|
542 correct, but \isa{{\isasymGamma}{\isasymvartheta}\ {\isasymsupseteq}\ {\isasymGamma}} does not necessarily hold: |
|
543 the result belongs to a different proof context. |
|
544 |
|
545 \medskip An \emph{oracle} is a function that produces axioms on the |
|
546 fly. Logically, this is an instance of the \isa{axiom} rule |
|
547 (\figref{fig:prim-rules}), but there is an operational difference. |
|
548 The system always records oracle invocations within derivations of |
|
549 theorems. Tracing plain axioms (and named theorems) is optional. |
|
550 |
|
551 Axiomatizations should be limited to the bare minimum, typically as |
|
552 part of the initial logical basis of an object-logic formalization. |
|
553 Later on, theories are usually developed in a strictly definitional |
|
554 fashion, by stating only certain equalities over new constants. |
|
555 |
|
556 A \emph{simple definition} consists of a constant declaration \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} together with an axiom \isa{{\isasymturnstile}\ c\ {\isasymequiv}\ t}, where \isa{t\ {\isacharcolon}{\isacharcolon}\ {\isasymsigma}} is a closed term without any hidden polymorphism. The RHS |
|
557 may depend on further defined constants, but not \isa{c} itself. |
|
558 Definitions of functions may be presented as \isa{c\ \isactrlvec x\ {\isasymequiv}\ t} instead of the puristic \isa{c\ {\isasymequiv}\ {\isasymlambda}\isactrlvec x{\isachardot}\ t}. |
|
559 |
|
560 An \emph{overloaded definition} consists of a collection of axioms |
|
561 for the same constant, with zero or one equations \isa{c{\isacharparenleft}{\isacharparenleft}\isactrlvec {\isasymalpha}{\isacharparenright}{\isasymkappa}{\isacharparenright}\ {\isasymequiv}\ t} for each type constructor \isa{{\isasymkappa}} (for |
|
562 distinct variables \isa{\isactrlvec {\isasymalpha}}). The RHS may mention |
|
563 previously defined constants as above, or arbitrary constants \isa{d{\isacharparenleft}{\isasymalpha}\isactrlisub i{\isacharparenright}} for some \isa{{\isasymalpha}\isactrlisub i} projected from \isa{\isactrlvec {\isasymalpha}}. Thus overloaded definitions essentially work by |
|
564 primitive recursion over the syntactic structure of a single type |
|
565 argument.% |
|
566 \end{isamarkuptext}% |
|
567 \isamarkuptrue% |
|
568 % |
|
569 \isadelimmlref |
|
570 % |
|
571 \endisadelimmlref |
|
572 % |
|
573 \isatagmlref |
|
574 % |
|
575 \begin{isamarkuptext}% |
|
576 \begin{mldecls} |
|
577 \indexmltype{ctyp}\verb|type ctyp| \\ |
|
578 \indexmltype{cterm}\verb|type cterm| \\ |
|
579 \indexml{Thm.ctyp\_of}\verb|Thm.ctyp_of: theory -> typ -> ctyp| \\ |
|
580 \indexml{Thm.cterm\_of}\verb|Thm.cterm_of: theory -> term -> cterm| \\ |
|
581 \end{mldecls} |
|
582 \begin{mldecls} |
|
583 \indexmltype{thm}\verb|type thm| \\ |
|
584 \indexml{proofs}\verb|proofs: int ref| \\ |
|
585 \indexml{Thm.assume}\verb|Thm.assume: cterm -> thm| \\ |
|
586 \indexml{Thm.forall\_intr}\verb|Thm.forall_intr: cterm -> thm -> thm| \\ |
|
587 \indexml{Thm.forall\_elim}\verb|Thm.forall_elim: cterm -> thm -> thm| \\ |
|
588 \indexml{Thm.implies\_intr}\verb|Thm.implies_intr: cterm -> thm -> thm| \\ |
|
589 \indexml{Thm.implies\_elim}\verb|Thm.implies_elim: thm -> thm -> thm| \\ |
|
590 \indexml{Thm.generalize}\verb|Thm.generalize: string list * string list -> int -> thm -> thm| \\ |
|
591 \indexml{Thm.instantiate}\verb|Thm.instantiate: (ctyp * ctyp) list * (cterm * cterm) list -> thm -> thm| \\ |
|
592 \indexml{Thm.axiom}\verb|Thm.axiom: theory -> string -> thm| \\ |
|
593 \indexml{Thm.add\_oracle}\verb|Thm.add_oracle: bstring * ('a -> cterm) -> theory|\isasep\isanewline% |
|
594 \verb| -> (string * ('a -> thm)) * theory| \\ |
|
595 \end{mldecls} |
|
596 \begin{mldecls} |
|
597 \indexml{Theory.add\_axioms\_i}\verb|Theory.add_axioms_i: (binding * term) list -> theory -> theory| \\ |
|
598 \indexml{Theory.add\_deps}\verb|Theory.add_deps: string -> string * typ -> (string * typ) list -> theory -> theory| \\ |
|
599 \indexml{Theory.add\_defs\_i}\verb|Theory.add_defs_i: bool -> bool -> (binding * term) list -> theory -> theory| \\ |
|
600 \end{mldecls} |
|
601 |
|
602 \begin{description} |
|
603 |
|
604 \item \verb|ctyp| and \verb|cterm| represent certified types |
|
605 and terms, respectively. These are abstract datatypes that |
|
606 guarantee that its values have passed the full well-formedness (and |
|
607 well-typedness) checks, relative to the declarations of type |
|
608 constructors, constants etc. in the theory. |
|
609 |
|
610 \item \verb|ctyp_of|~\isa{thy\ {\isasymtau}} and \verb|cterm_of|~\isa{thy\ t} explicitly checks types and terms, respectively. This also |
|
611 involves some basic normalizations, such expansion of type and term |
|
612 abbreviations from the theory context. |
|
613 |
|
614 Re-certification is relatively slow and should be avoided in tight |
|
615 reasoning loops. There are separate operations to decompose |
|
616 certified entities (including actual theorems). |
|
617 |
|
618 \item \verb|thm| represents proven propositions. This is an |
|
619 abstract datatype that guarantees that its values have been |
|
620 constructed by basic principles of the \verb|Thm| module. |
|
621 Every \verb|thm| value contains a sliding back-reference to the |
|
622 enclosing theory, cf.\ \secref{sec:context-theory}. |
|
623 |
|
624 \item \verb|proofs| determines the detail of proof recording within |
|
625 \verb|thm| values: \verb|0| records only oracles, \verb|1| records |
|
626 oracles, axioms and named theorems, \verb|2| records full proof |
|
627 terms. |
|
628 |
|
629 \item \verb|Thm.assume|, \verb|Thm.forall_intr|, \verb|Thm.forall_elim|, \verb|Thm.implies_intr|, and \verb|Thm.implies_elim| |
|
630 correspond to the primitive inferences of \figref{fig:prim-rules}. |
|
631 |
|
632 \item \verb|Thm.generalize|~\isa{{\isacharparenleft}\isactrlvec {\isasymalpha}{\isacharcomma}\ \isactrlvec x{\isacharparenright}} |
|
633 corresponds to the \isa{generalize} rules of |
|
634 \figref{fig:subst-rules}. Here collections of type and term |
|
635 variables are generalized simultaneously, specified by the given |
|
636 basic names. |
|
637 |
|
638 \item \verb|Thm.instantiate|~\isa{{\isacharparenleft}\isactrlvec {\isasymalpha}\isactrlisub s{\isacharcomma}\ \isactrlvec x\isactrlisub {\isasymtau}{\isacharparenright}} corresponds to the \isa{instantiate} rules |
|
639 of \figref{fig:subst-rules}. Type variables are substituted before |
|
640 term variables. Note that the types in \isa{\isactrlvec x\isactrlisub {\isasymtau}} |
|
641 refer to the instantiated versions. |
|
642 |
|
643 \item \verb|Thm.axiom|~\isa{thy\ name} retrieves a named |
|
644 axiom, cf.\ \isa{axiom} in \figref{fig:prim-rules}. |
|
645 |
|
646 \item \verb|Thm.add_oracle|~\isa{{\isacharparenleft}name{\isacharcomma}\ oracle{\isacharparenright}} produces a named |
|
647 oracle rule, essentially generating arbitrary axioms on the fly, |
|
648 cf.\ \isa{axiom} in \figref{fig:prim-rules}. |
|
649 |
|
650 \item \verb|Theory.add_axioms_i|~\isa{{\isacharbrackleft}{\isacharparenleft}name{\isacharcomma}\ A{\isacharparenright}{\isacharcomma}\ {\isasymdots}{\isacharbrackright}} declares |
|
651 arbitrary propositions as axioms. |
|
652 |
|
653 \item \verb|Theory.add_deps|~\isa{name\ c\isactrlisub {\isasymtau}\ \isactrlvec d\isactrlisub {\isasymsigma}} declares dependencies of a named specification |
|
654 for constant \isa{c\isactrlisub {\isasymtau}}, relative to existing |
|
655 specifications for constants \isa{\isactrlvec d\isactrlisub {\isasymsigma}}. |
|
656 |
|
657 \item \verb|Theory.add_defs_i|~\isa{unchecked\ overloaded\ {\isacharbrackleft}{\isacharparenleft}name{\isacharcomma}\ c\ \isactrlvec x\ {\isasymequiv}\ t{\isacharparenright}{\isacharcomma}\ {\isasymdots}{\isacharbrackright}} states a definitional axiom for an existing |
|
658 constant \isa{c}. Dependencies are recorded (cf.\ \verb|Theory.add_deps|), unless the \isa{unchecked} option is set. |
|
659 |
|
660 \end{description}% |
|
661 \end{isamarkuptext}% |
|
662 \isamarkuptrue% |
|
663 % |
|
664 \endisatagmlref |
|
665 {\isafoldmlref}% |
|
666 % |
|
667 \isadelimmlref |
|
668 % |
|
669 \endisadelimmlref |
|
670 % |
|
671 \isamarkupsubsection{Auxiliary definitions% |
|
672 } |
|
673 \isamarkuptrue% |
|
674 % |
|
675 \begin{isamarkuptext}% |
|
676 Theory \isa{Pure} provides a few auxiliary definitions, see |
|
677 \figref{fig:pure-aux}. These special constants are normally not |
|
678 exposed to the user, but appear in internal encodings. |
|
679 |
|
680 \begin{figure}[htb] |
|
681 \begin{center} |
|
682 \begin{tabular}{ll} |
|
683 \isa{conjunction\ {\isacharcolon}{\isacharcolon}\ prop\ {\isasymRightarrow}\ prop\ {\isasymRightarrow}\ prop} & (infix \isa{{\isacharampersand}}) \\ |
|
684 \isa{{\isasymturnstile}\ A\ {\isacharampersand}\ B\ {\isasymequiv}\ {\isacharparenleft}{\isasymAnd}C{\isachardot}\ {\isacharparenleft}A\ {\isasymLongrightarrow}\ B\ {\isasymLongrightarrow}\ C{\isacharparenright}\ {\isasymLongrightarrow}\ C{\isacharparenright}} \\[1ex] |
|
685 \isa{prop\ {\isacharcolon}{\isacharcolon}\ prop\ {\isasymRightarrow}\ prop} & (prefix \isa{{\isacharhash}}, suppressed) \\ |
|
686 \isa{{\isacharhash}A\ {\isasymequiv}\ A} \\[1ex] |
|
687 \isa{term\ {\isacharcolon}{\isacharcolon}\ {\isasymalpha}\ {\isasymRightarrow}\ prop} & (prefix \isa{TERM}) \\ |
|
688 \isa{term\ x\ {\isasymequiv}\ {\isacharparenleft}{\isasymAnd}A{\isachardot}\ A\ {\isasymLongrightarrow}\ A{\isacharparenright}} \\[1ex] |
|
689 \isa{TYPE\ {\isacharcolon}{\isacharcolon}\ {\isasymalpha}\ itself} & (prefix \isa{TYPE}) \\ |
|
690 \isa{{\isacharparenleft}unspecified{\isacharparenright}} \\ |
|
691 \end{tabular} |
|
692 \caption{Definitions of auxiliary connectives}\label{fig:pure-aux} |
|
693 \end{center} |
|
694 \end{figure} |
|
695 |
|
696 Derived conjunction rules include introduction \isa{A\ {\isasymLongrightarrow}\ B\ {\isasymLongrightarrow}\ A\ {\isacharampersand}\ B}, and destructions \isa{A\ {\isacharampersand}\ B\ {\isasymLongrightarrow}\ A} and \isa{A\ {\isacharampersand}\ B\ {\isasymLongrightarrow}\ B}. |
|
697 Conjunction allows to treat simultaneous assumptions and conclusions |
|
698 uniformly. For example, multiple claims are intermediately |
|
699 represented as explicit conjunction, but this is refined into |
|
700 separate sub-goals before the user continues the proof; the final |
|
701 result is projected into a list of theorems (cf.\ |
|
702 \secref{sec:tactical-goals}). |
|
703 |
|
704 The \isa{prop} marker (\isa{{\isacharhash}}) makes arbitrarily complex |
|
705 propositions appear as atomic, without changing the meaning: \isa{{\isasymGamma}\ {\isasymturnstile}\ A} and \isa{{\isasymGamma}\ {\isasymturnstile}\ {\isacharhash}A} are interchangeable. See |
|
706 \secref{sec:tactical-goals} for specific operations. |
|
707 |
|
708 The \isa{term} marker turns any well-typed term into a derivable |
|
709 proposition: \isa{{\isasymturnstile}\ TERM\ t} holds unconditionally. Although |
|
710 this is logically vacuous, it allows to treat terms and proofs |
|
711 uniformly, similar to a type-theoretic framework. |
|
712 |
|
713 The \isa{TYPE} constructor is the canonical representative of |
|
714 the unspecified type \isa{{\isasymalpha}\ itself}; it essentially injects the |
|
715 language of types into that of terms. There is specific notation |
|
716 \isa{TYPE{\isacharparenleft}{\isasymtau}{\isacharparenright}} for \isa{TYPE\isactrlbsub {\isasymtau}\ itself\isactrlesub }. |
|
717 Although being devoid of any particular meaning, the \isa{TYPE{\isacharparenleft}{\isasymtau}{\isacharparenright}} accounts for the type \isa{{\isasymtau}} within the term |
|
718 language. In particular, \isa{TYPE{\isacharparenleft}{\isasymalpha}{\isacharparenright}} may be used as formal |
|
719 argument in primitive definitions, in order to circumvent hidden |
|
720 polymorphism (cf.\ \secref{sec:terms}). For example, \isa{c\ TYPE{\isacharparenleft}{\isasymalpha}{\isacharparenright}\ {\isasymequiv}\ A{\isacharbrackleft}{\isasymalpha}{\isacharbrackright}} defines \isa{c\ {\isacharcolon}{\isacharcolon}\ {\isasymalpha}\ itself\ {\isasymRightarrow}\ prop} in terms of |
|
721 a proposition \isa{A} that depends on an additional type |
|
722 argument, which is essentially a predicate on types.% |
|
723 \end{isamarkuptext}% |
|
724 \isamarkuptrue% |
|
725 % |
|
726 \isadelimmlref |
|
727 % |
|
728 \endisadelimmlref |
|
729 % |
|
730 \isatagmlref |
|
731 % |
|
732 \begin{isamarkuptext}% |
|
733 \begin{mldecls} |
|
734 \indexml{Conjunction.intr}\verb|Conjunction.intr: thm -> thm -> thm| \\ |
|
735 \indexml{Conjunction.elim}\verb|Conjunction.elim: thm -> thm * thm| \\ |
|
736 \indexml{Drule.mk\_term}\verb|Drule.mk_term: cterm -> thm| \\ |
|
737 \indexml{Drule.dest\_term}\verb|Drule.dest_term: thm -> cterm| \\ |
|
738 \indexml{Logic.mk\_type}\verb|Logic.mk_type: typ -> term| \\ |
|
739 \indexml{Logic.dest\_type}\verb|Logic.dest_type: term -> typ| \\ |
|
740 \end{mldecls} |
|
741 |
|
742 \begin{description} |
|
743 |
|
744 \item \verb|Conjunction.intr| derives \isa{A\ {\isacharampersand}\ B} from \isa{A} and \isa{B}. |
|
745 |
|
746 \item \verb|Conjunction.elim| derives \isa{A} and \isa{B} |
|
747 from \isa{A\ {\isacharampersand}\ B}. |
|
748 |
|
749 \item \verb|Drule.mk_term| derives \isa{TERM\ t}. |
|
750 |
|
751 \item \verb|Drule.dest_term| recovers term \isa{t} from \isa{TERM\ t}. |
|
752 |
|
753 \item \verb|Logic.mk_type|~\isa{{\isasymtau}} produces the term \isa{TYPE{\isacharparenleft}{\isasymtau}{\isacharparenright}}. |
|
754 |
|
755 \item \verb|Logic.dest_type|~\isa{TYPE{\isacharparenleft}{\isasymtau}{\isacharparenright}} recovers the type |
|
756 \isa{{\isasymtau}}. |
|
757 |
|
758 \end{description}% |
|
759 \end{isamarkuptext}% |
|
760 \isamarkuptrue% |
|
761 % |
|
762 \endisatagmlref |
|
763 {\isafoldmlref}% |
|
764 % |
|
765 \isadelimmlref |
|
766 % |
|
767 \endisadelimmlref |
|
768 % |
|
769 \isamarkupsection{Object-level rules \label{sec:obj-rules}% |
|
770 } |
|
771 \isamarkuptrue% |
|
772 % |
|
773 \isadelimFIXME |
|
774 % |
|
775 \endisadelimFIXME |
|
776 % |
|
777 \isatagFIXME |
|
778 % |
|
779 \begin{isamarkuptext}% |
|
780 FIXME |
|
781 |
|
782 A \emph{rule} is any Pure theorem in HHF normal form; there is a |
|
783 separate calculus for rule composition, which is modeled after |
|
784 Gentzen's Natural Deduction \cite{Gentzen:1935}, but allows |
|
785 rules to be nested arbitrarily, similar to \cite{extensions91}. |
|
786 |
|
787 Normally, all theorems accessible to the user are proper rules. |
|
788 Low-level inferences are occasional required internally, but the |
|
789 result should be always presented in canonical form. The higher |
|
790 interfaces of Isabelle/Isar will always produce proper rules. It is |
|
791 important to maintain this invariant in add-on applications! |
|
792 |
|
793 There are two main principles of rule composition: \isa{resolution} (i.e.\ backchaining of rules) and \isa{by{\isacharminus}assumption} (i.e.\ closing a branch); both principles are |
|
794 combined in the variants of \isa{elim{\isacharminus}resolution} and \isa{dest{\isacharminus}resolution}. Raw \isa{composition} is occasionally |
|
795 useful as well, also it is strictly speaking outside of the proper |
|
796 rule calculus. |
|
797 |
|
798 Rules are treated modulo general higher-order unification, which is |
|
799 unification modulo the equational theory of \isa{{\isasymalpha}{\isasymbeta}{\isasymeta}}-conversion |
|
800 on \isa{{\isasymlambda}}-terms. Moreover, propositions are understood modulo |
|
801 the (derived) equivalence \isa{{\isacharparenleft}A\ {\isasymLongrightarrow}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ B\ x{\isacharparenright}{\isacharparenright}\ {\isasymequiv}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ A\ {\isasymLongrightarrow}\ B\ x{\isacharparenright}}. |
|
802 |
|
803 This means that any operations within the rule calculus may be |
|
804 subject to spontaneous \isa{{\isasymalpha}{\isasymbeta}{\isasymeta}}-HHF conversions. It is common |
|
805 practice not to contract or expand unnecessarily. Some mechanisms |
|
806 prefer an one form, others the opposite, so there is a potential |
|
807 danger to produce some oscillation! |
|
808 |
|
809 Only few operations really work \emph{modulo} HHF conversion, but |
|
810 expect a normal form: quantifiers \isa{{\isasymAnd}} before implications |
|
811 \isa{{\isasymLongrightarrow}} at each level of nesting. |
|
812 |
|
813 \glossary{Hereditary Harrop Formula}{The set of propositions in HHF |
|
814 format is defined inductively as \isa{H\ {\isacharequal}\ {\isacharparenleft}{\isasymAnd}x\isactrlsup {\isacharasterisk}{\isachardot}\ H\isactrlsup {\isacharasterisk}\ {\isasymLongrightarrow}\ A{\isacharparenright}}, for variables \isa{x} and atomic propositions \isa{A}. |
|
815 Any proposition may be put into HHF form by normalizing with the rule |
|
816 \isa{{\isacharparenleft}A\ {\isasymLongrightarrow}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ B\ x{\isacharparenright}{\isacharparenright}\ {\isasymequiv}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ A\ {\isasymLongrightarrow}\ B\ x{\isacharparenright}}. In Isabelle, the outermost |
|
817 quantifier prefix is represented via \seeglossary{schematic |
|
818 variables}, such that the top-level structure is merely that of a |
|
819 \seeglossary{Horn Clause}}. |
|
820 |
|
821 \glossary{HHF}{See \seeglossary{Hereditary Harrop Formula}.} |
|
822 |
|
823 |
|
824 \[ |
|
825 \infer[\isa{{\isacharparenleft}assumption{\isacharparenright}}]{\isa{C{\isasymvartheta}}} |
|
826 {\isa{{\isacharparenleft}{\isasymAnd}\isactrlvec x{\isachardot}\ \isactrlvec H\ \isactrlvec x\ {\isasymLongrightarrow}\ A\ \isactrlvec x{\isacharparenright}\ {\isasymLongrightarrow}\ C} & \isa{A{\isasymvartheta}\ {\isacharequal}\ H\isactrlsub i{\isasymvartheta}}~~\text{(for some~\isa{i})}} |
|
827 \] |
|
828 |
|
829 |
|
830 \[ |
|
831 \infer[\isa{{\isacharparenleft}compose{\isacharparenright}}]{\isa{\isactrlvec A{\isasymvartheta}\ {\isasymLongrightarrow}\ C{\isasymvartheta}}} |
|
832 {\isa{\isactrlvec A\ {\isasymLongrightarrow}\ B} & \isa{B{\isacharprime}\ {\isasymLongrightarrow}\ C} & \isa{B{\isasymvartheta}\ {\isacharequal}\ B{\isacharprime}{\isasymvartheta}}} |
|
833 \] |
|
834 |
|
835 |
|
836 \[ |
|
837 \infer[\isa{{\isacharparenleft}{\isasymAnd}{\isacharunderscore}lift{\isacharparenright}}]{\isa{{\isacharparenleft}{\isasymAnd}\isactrlvec x{\isachardot}\ \isactrlvec A\ {\isacharparenleft}{\isacharquery}\isactrlvec a\ \isactrlvec x{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\ {\isacharparenleft}{\isasymAnd}\isactrlvec x{\isachardot}\ B\ {\isacharparenleft}{\isacharquery}\isactrlvec a\ \isactrlvec x{\isacharparenright}{\isacharparenright}}}{\isa{\isactrlvec A\ {\isacharquery}\isactrlvec a\ {\isasymLongrightarrow}\ B\ {\isacharquery}\isactrlvec a}} |
|
838 \] |
|
839 \[ |
|
840 \infer[\isa{{\isacharparenleft}{\isasymLongrightarrow}{\isacharunderscore}lift{\isacharparenright}}]{\isa{{\isacharparenleft}\isactrlvec H\ {\isasymLongrightarrow}\ \isactrlvec A{\isacharparenright}\ {\isasymLongrightarrow}\ {\isacharparenleft}\isactrlvec H\ {\isasymLongrightarrow}\ B{\isacharparenright}}}{\isa{\isactrlvec A\ {\isasymLongrightarrow}\ B}} |
|
841 \] |
|
842 |
|
843 The \isa{resolve} scheme is now acquired from \isa{{\isasymAnd}{\isacharunderscore}lift}, |
|
844 \isa{{\isasymLongrightarrow}{\isacharunderscore}lift}, and \isa{compose}. |
|
845 |
|
846 \[ |
|
847 \infer[\isa{{\isacharparenleft}resolution{\isacharparenright}}] |
|
848 {\isa{{\isacharparenleft}{\isasymAnd}\isactrlvec x{\isachardot}\ \isactrlvec H\ \isactrlvec x\ {\isasymLongrightarrow}\ \isactrlvec A\ {\isacharparenleft}{\isacharquery}\isactrlvec a\ \isactrlvec x{\isacharparenright}{\isacharparenright}{\isasymvartheta}\ {\isasymLongrightarrow}\ C{\isasymvartheta}}} |
|
849 {\begin{tabular}{l} |
|
850 \isa{\isactrlvec A\ {\isacharquery}\isactrlvec a\ {\isasymLongrightarrow}\ B\ {\isacharquery}\isactrlvec a} \\ |
|
851 \isa{{\isacharparenleft}{\isasymAnd}\isactrlvec x{\isachardot}\ \isactrlvec H\ \isactrlvec x\ {\isasymLongrightarrow}\ B{\isacharprime}\ \isactrlvec x{\isacharparenright}\ {\isasymLongrightarrow}\ C} \\ |
|
852 \isa{{\isacharparenleft}{\isasymlambda}\isactrlvec x{\isachardot}\ B\ {\isacharparenleft}{\isacharquery}\isactrlvec a\ \isactrlvec x{\isacharparenright}{\isacharparenright}{\isasymvartheta}\ {\isacharequal}\ B{\isacharprime}{\isasymvartheta}} \\ |
|
853 \end{tabular}} |
|
854 \] |
|
855 |
|
856 |
|
857 FIXME \isa{elim{\isacharunderscore}resolution}, \isa{dest{\isacharunderscore}resolution}% |
|
858 \end{isamarkuptext}% |
|
859 \isamarkuptrue% |
|
860 % |
|
861 \endisatagFIXME |
|
862 {\isafoldFIXME}% |
|
863 % |
|
864 \isadelimFIXME |
|
865 % |
|
866 \endisadelimFIXME |
|
867 % |
|
868 \isadelimtheory |
|
869 % |
|
870 \endisadelimtheory |
|
871 % |
|
872 \isatagtheory |
|
873 \isacommand{end}\isamarkupfalse% |
|
874 % |
|
875 \endisatagtheory |
|
876 {\isafoldtheory}% |
|
877 % |
|
878 \isadelimtheory |
|
879 % |
|
880 \endisadelimtheory |
|
881 \isanewline |
|
882 \end{isabellebody}% |
|
883 %%% Local Variables: |
|
884 %%% mode: latex |
|
885 %%% TeX-master: "root" |
|
886 %%% End: |
|