(* Title: HOL/ex/Higher_Order_Logic.thy
Author: Makarius
*)
section \<open>Foundations of HOL\<close>
theory Higher_Order_Logic
imports Pure
begin
text \<open>
The following theory development demonstrates Higher-Order Logic itself,
represented directly within the Pure framework of Isabelle. The ``HOL''
logic given here is essentially that of Gordon @{cite "Gordon:1985:HOL"},
although we prefer to present basic concepts in a slightly more conventional
manner oriented towards plain Natural Deduction.
\<close>
subsection \<open>Pure Logic\<close>
class type
default_sort type
typedecl o
instance o :: type ..
instance "fun" :: (type, type) type ..
subsubsection \<open>Basic logical connectives\<close>
judgment Trueprop :: "o \<Rightarrow> prop" ("_" 5)
axiomatization imp :: "o \<Rightarrow> o \<Rightarrow> o" (infixr "\<longrightarrow>" 25)
where impI [intro]: "(A \<Longrightarrow> B) \<Longrightarrow> A \<longrightarrow> B"
and impE [dest, trans]: "A \<longrightarrow> B \<Longrightarrow> A \<Longrightarrow> B"
axiomatization All :: "('a \<Rightarrow> o) \<Rightarrow> o" (binder "\<forall>" 10)
where allI [intro]: "(\<And>x. P x) \<Longrightarrow> \<forall>x. P x"
and allE [dest]: "\<forall>x. P x \<Longrightarrow> P a"
subsubsection \<open>Extensional equality\<close>
axiomatization equal :: "'a \<Rightarrow> 'a \<Rightarrow> o" (infixl "=" 50)
where refl [intro]: "x = x"
and subst: "x = y \<Longrightarrow> P x \<Longrightarrow> P y"
axiomatization
where ext [intro]: "(\<And>x. f x = g x) \<Longrightarrow> f = g"
and iff [intro]: "(A \<Longrightarrow> B) \<Longrightarrow> (B \<Longrightarrow> A) \<Longrightarrow> A = B"
theorem sym [sym]:
assumes "x = y"
shows "y = x"
using assms by (rule subst) (rule refl)
lemma [trans]: "x = y \<Longrightarrow> P y \<Longrightarrow> P x"
by (rule subst) (rule sym)
lemma [trans]: "P x \<Longrightarrow> x = y \<Longrightarrow> P y"
by (rule subst)
theorem trans [trans]: "x = y \<Longrightarrow> y = z \<Longrightarrow> x = z"
by (rule subst)
theorem iff1 [elim]: "A = B \<Longrightarrow> A \<Longrightarrow> B"
by (rule subst)
theorem iff2 [elim]: "A = B \<Longrightarrow> B \<Longrightarrow> A"
by (rule subst) (rule sym)
subsubsection \<open>Derived connectives\<close>
definition false :: o ("\<bottom>") where "\<bottom> \<equiv> \<forall>A. A"
theorem falseE [elim]:
assumes "\<bottom>"
shows A
proof -
from \<open>\<bottom>\<close> have "\<forall>A. A" unfolding false_def .
then show A ..
qed
definition true :: o ("\<top>") where "\<top> \<equiv> \<bottom> \<longrightarrow> \<bottom>"
theorem trueI [intro]: \<top>
unfolding true_def ..
definition not :: "o \<Rightarrow> o" ("\<not> _" [40] 40)
where "not \<equiv> \<lambda>A. A \<longrightarrow> \<bottom>"
abbreviation not_equal :: "'a \<Rightarrow> 'a \<Rightarrow> o" (infixl "\<noteq>" 50)
where "x \<noteq> y \<equiv> \<not> (x = y)"
theorem notI [intro]:
assumes "A \<Longrightarrow> \<bottom>"
shows "\<not> A"
using assms unfolding not_def ..
theorem notE [elim]:
assumes "\<not> A" and A
shows B
proof -
from \<open>\<not> A\<close> have "A \<longrightarrow> \<bottom>" unfolding not_def .
from this and \<open>A\<close> have "\<bottom>" ..
then show B ..
qed
lemma notE': "A \<Longrightarrow> \<not> A \<Longrightarrow> B"
by (rule notE)
lemmas contradiction = notE notE' \<comment> \<open>proof by contradiction in any order\<close>
definition conj :: "o \<Rightarrow> o \<Rightarrow> o" (infixr "\<and>" 35)
where "conj \<equiv> \<lambda>A B. \<forall>C. (A \<longrightarrow> B \<longrightarrow> C) \<longrightarrow> C"
theorem conjI [intro]:
assumes A and B
shows "A \<and> B"
unfolding conj_def
proof
fix C
show "(A \<longrightarrow> B \<longrightarrow> C) \<longrightarrow> C"
proof
assume "A \<longrightarrow> B \<longrightarrow> C"
also note \<open>A\<close>
also note \<open>B\<close>
finally show C .
qed
qed
theorem conjE [elim]:
assumes "A \<and> B"
obtains A and B
proof
from \<open>A \<and> B\<close> have *: "(A \<longrightarrow> B \<longrightarrow> C) \<longrightarrow> C" for C
unfolding conj_def ..
show A
proof -
note * [of A]
also have "A \<longrightarrow> B \<longrightarrow> A"
proof
assume A
then show "B \<longrightarrow> A" ..
qed
finally show ?thesis .
qed
show B
proof -
note * [of B]
also have "A \<longrightarrow> B \<longrightarrow> B"
proof
show "B \<longrightarrow> B" ..
qed
finally show ?thesis .
qed
qed
definition disj :: "o \<Rightarrow> o \<Rightarrow> o" (infixr "\<or>" 30)
where "disj \<equiv> \<lambda>A B. \<forall>C. (A \<longrightarrow> C) \<longrightarrow> (B \<longrightarrow> C) \<longrightarrow> C"
theorem disjI1 [intro]:
assumes A
shows "A \<or> B"
unfolding disj_def
proof
fix C
show "(A \<longrightarrow> C) \<longrightarrow> (B \<longrightarrow> C) \<longrightarrow> C"
proof
assume "A \<longrightarrow> C"
from this and \<open>A\<close> have C ..
then show "(B \<longrightarrow> C) \<longrightarrow> C" ..
qed
qed
theorem disjI2 [intro]:
assumes B
shows "A \<or> B"
unfolding disj_def
proof
fix C
show "(A \<longrightarrow> C) \<longrightarrow> (B \<longrightarrow> C) \<longrightarrow> C"
proof
show "(B \<longrightarrow> C) \<longrightarrow> C"
proof
assume "B \<longrightarrow> C"
from this and \<open>B\<close> show C ..
qed
qed
qed
theorem disjE [elim]:
assumes "A \<or> B"
obtains (a) A | (b) B
proof -
from \<open>A \<or> B\<close> have "(A \<longrightarrow> thesis) \<longrightarrow> (B \<longrightarrow> thesis) \<longrightarrow> thesis"
unfolding disj_def ..
also have "A \<longrightarrow> thesis"
proof
assume A
then show thesis by (rule a)
qed
also have "B \<longrightarrow> thesis"
proof
assume B
then show thesis by (rule b)
qed
finally show thesis .
qed
definition Ex :: "('a \<Rightarrow> o) \<Rightarrow> o" (binder "\<exists>" 10)
where "\<exists>x. P x \<equiv> \<forall>C. (\<forall>x. P x \<longrightarrow> C) \<longrightarrow> C"
theorem exI [intro]: "P a \<Longrightarrow> \<exists>x. P x"
unfolding Ex_def
proof
fix C
assume "P a"
show "(\<forall>x. P x \<longrightarrow> C) \<longrightarrow> C"
proof
assume "\<forall>x. P x \<longrightarrow> C"
then have "P a \<longrightarrow> C" ..
from this and \<open>P a\<close> show C ..
qed
qed
theorem exE [elim]:
assumes "\<exists>x. P x"
obtains (that) x where "P x"
proof -
from \<open>\<exists>x. P x\<close> have "(\<forall>x. P x \<longrightarrow> thesis) \<longrightarrow> thesis"
unfolding Ex_def ..
also have "\<forall>x. P x \<longrightarrow> thesis"
proof
fix x
show "P x \<longrightarrow> thesis"
proof
assume "P x"
then show thesis by (rule that)
qed
qed
finally show thesis .
qed
subsection \<open>Classical logic\<close>
text \<open>
The subsequent rules of classical reasoning are all equivalent.
\<close>
locale classical =
assumes classical: "(\<not> A \<Longrightarrow> A) \<Longrightarrow> A"
theorem (in classical) Peirce's_Law: "((A \<longrightarrow> B) \<longrightarrow> A) \<longrightarrow> A"
proof
assume a: "(A \<longrightarrow> B) \<longrightarrow> A"
show A
proof (rule classical)
assume "\<not> A"
have "A \<longrightarrow> B"
proof
assume A
with \<open>\<not> A\<close> show B by (rule contradiction)
qed
with a show A ..
qed
qed
theorem (in classical) double_negation:
assumes "\<not> \<not> A"
shows A
proof (rule classical)
assume "\<not> A"
with \<open>\<not> \<not> A\<close> show ?thesis by (rule contradiction)
qed
theorem (in classical) tertium_non_datur: "A \<or> \<not> A"
proof (rule double_negation)
show "\<not> \<not> (A \<or> \<not> A)"
proof
assume "\<not> (A \<or> \<not> A)"
have "\<not> A"
proof
assume A then have "A \<or> \<not> A" ..
with \<open>\<not> (A \<or> \<not> A)\<close> show \<bottom> by (rule contradiction)
qed
then have "A \<or> \<not> A" ..
with \<open>\<not> (A \<or> \<not> A)\<close> show \<bottom> by (rule contradiction)
qed
qed
theorem (in classical) classical_cases:
obtains A | "\<not> A"
using tertium_non_datur
proof
assume A
then show thesis ..
next
assume "\<not> A"
then show thesis ..
qed
lemma
assumes classical_cases: "\<And>A C. (A \<Longrightarrow> C) \<Longrightarrow> (\<not> A \<Longrightarrow> C) \<Longrightarrow> C"
shows "PROP classical"
proof
fix A
assume *: "\<not> A \<Longrightarrow> A"
show A
proof (rule classical_cases)
assume A
then show A .
next
assume "\<not> A"
then show A by (rule *)
qed
qed
end