212 |
212 |
213 \noindent |
213 \noindent |
214 where we take the representation of the arguments @{text n} and @{text m}, |
214 where we take the representation of the arguments @{text n} and @{text m}, |
215 add them according to the function @{text "add_pair"} and then take the |
215 add them according to the function @{text "add_pair"} and then take the |
216 abstraction of the result. This is all straightforward and the existing |
216 abstraction of the result. This is all straightforward and the existing |
217 quotient packages can deal with such definitions. But what is surprising |
217 quotient packages can deal with such definitions. But what is surprising is |
218 that none of them can deal with slightly more complicated definitions involving |
218 that none of them can deal with slightly more complicated definitions involving |
219 \emph{compositions} of quotients. Such compositions are needed for example |
219 \emph{compositions} of quotients. Such compositions are needed for example |
220 in case of quotienting lists to yield finite sets and the operator that |
220 in case of quotienting lists to yield finite sets and the operator that |
221 flattens lists of lists, defined as follows |
221 flattens lists of lists, defined as follows |
222 |
222 |
727 @{text [display, indent=10] "(\<approx>\<^isub>\<alpha> \<doublearr> =) bn bn"} |
727 @{text [display, indent=10] "(\<approx>\<^isub>\<alpha> \<doublearr> =) bn bn"} |
728 |
728 |
729 \noindent |
729 \noindent |
730 and the point is that the user cannot discharge it: because it is not true. To see this, |
730 and the point is that the user cannot discharge it: because it is not true. To see this, |
731 we can just unfold the definition of @{text "\<doublearr>"} \eqref{relfun} |
731 we can just unfold the definition of @{text "\<doublearr>"} \eqref{relfun} |
732 using extensionally to obtain the false statement |
732 using extensionality to obtain the false statement |
733 |
733 |
734 @{text [display, indent=10] "\<forall>t\<^isub>1 t\<^isub>2. if t\<^isub>1 \<approx>\<^isub>\<alpha> t\<^isub>2 implies bn(t\<^isub>1) = bn(t\<^isub>2)"} |
734 @{text [display, indent=10] "\<forall>t\<^isub>1 t\<^isub>2. if t\<^isub>1 \<approx>\<^isub>\<alpha> t\<^isub>2 then bn(t\<^isub>1) = bn(t\<^isub>2)"} |
735 |
735 |
736 \noindent |
736 \noindent |
737 In contrast, if we lift a theorem about @{text "append"} to a theorem describing |
737 In contrast, if we lift a theorem about @{text "append"} to a theorem describing |
738 the union of finite sets, then we need to discharge the proof obligation |
738 the union of finite sets, then we need to discharge the proof obligation |
739 |
739 |
814 types to theorems over quotient types. We will perform this lifting in |
814 types to theorems over quotient types. We will perform this lifting in |
815 three phases, called \emph{regularization}, |
815 three phases, called \emph{regularization}, |
816 \emph{injection} and \emph{cleaning} according to procedures in Homeier's ML-code. |
816 \emph{injection} and \emph{cleaning} according to procedures in Homeier's ML-code. |
817 |
817 |
818 The purpose of regularization is to change the quantifiers and abstractions |
818 The purpose of regularization is to change the quantifiers and abstractions |
819 in a ``raw'' theorem to quantifiers over variables that respect the relation |
819 in a ``raw'' theorem to quantifiers over variables that respect their respective relations |
820 (Definition \ref{def:respects} states what respects means). The purpose of injection is to add @{term Rep} |
820 (Definition \ref{def:respects} states what respects means). The purpose of injection is to add @{term Rep} |
821 and @{term Abs} of appropriate types in front of constants and variables |
821 and @{term Abs} of appropriate types in front of constants and variables |
822 of the raw type so that they can be replaced by the corresponding constants from the |
822 of the raw type so that they can be replaced by the corresponding constants from the |
823 quotient type. The purpose of cleaning is to bring the theorem derived in the |
823 quotient type. The purpose of cleaning is to bring the theorem derived in the |
824 first two phases into the form the user has specified. Abstractly, our |
824 first two phases into the form the user has specified. Abstractly, our |
951 relation. If @{text R} is an equivalence relation we can prove that |
951 relation. If @{text R} is an equivalence relation we can prove that |
952 |
952 |
953 @{text [display, indent=10] "\<forall>x \<in> Respects R. P x = \<forall>x. P x"} |
953 @{text [display, indent=10] "\<forall>x \<in> Respects R. P x = \<forall>x. P x"} |
954 |
954 |
955 \noindent |
955 \noindent |
956 If @{term R\<^isub>2} is an equivalence relation, we can prove |
956 If @{term R\<^isub>2} is an equivalence relation, we can prove that for any predicate @{term P} |
957 |
957 |
958 @{thm [display, indent=10] (concl) ball_reg_eqv_range[of R\<^isub>1 R\<^isub>2, no_vars]} |
958 @{thm [display, indent=10] (concl) ball_reg_eqv_range[of R\<^isub>1 R\<^isub>2, no_vars]} |
959 |
959 |
960 \noindent |
960 \noindent |
961 The last theorem is new in comparison with Homeier's package. There the |
961 The last theorem is new in comparison with Homeier's package. There the |
962 injection procedure would be used to prove such goals and |
962 injection procedure would be used to prove such goals and |
963 the assumption about the equivalence relation would be used. We use the above theorem directly, |
963 the assumption about the equivalence relation would be used. We use the above theorem directly, |
964 because this allows us to completely separate the first and the second |
964 because this allows us to completely separate the first and the second |
965 proof step into two independent ``units''. |
965 proof step into two independent ``units''. |
966 |
966 |
967 The second proof step, establishing @{text "reg_thm \<longleftrightarrow> inj_thm"}, starts with an equality. |
967 The second proof step, establishing @{text "reg_thm \<longleftrightarrow> inj_thm"}, starts with an equality |
|
968 between the terms of the regularized theorem and the injected theorem. |
968 The proof again follows the structure of the |
969 The proof again follows the structure of the |
969 two underlying terms and is defined for a goal being a relation between these two terms. |
970 two underlying terms and is defined for a goal being a relation between these two terms. |
970 |
971 |
971 \begin{itemize} |
972 \begin{itemize} |
972 \item For two constants an appropriate respectfulness theorem is applied. |
973 \item For two constants an appropriate respectfulness theorem is applied. |
985 \end{itemize} |
986 \end{itemize} |
986 |
987 |
987 We defined the theorem @{text "inj_thm"} in such a way that |
988 We defined the theorem @{text "inj_thm"} in such a way that |
988 establishing the equivalence @{text "inj_thm \<longleftrightarrow> quot_thm"} can be |
989 establishing the equivalence @{text "inj_thm \<longleftrightarrow> quot_thm"} can be |
989 achieved by rewriting @{text "inj_thm"} with the preservation theorems and quotient |
990 achieved by rewriting @{text "inj_thm"} with the preservation theorems and quotient |
990 definitions. Then for all lifted constants, their definitions |
991 definitions. Next the definitions of all lifted constants |
991 are used to fold the @{term Rep} with the raw constant. Next for |
992 are used to fold the @{term Rep} with the raw constants. Next for |
992 all abstractions and quantifiers the lambda and |
993 all abstractions and quantifiers the lambda and |
993 quantifier preservation theorems are used to replace the |
994 quantifier preservation theorems are used to replace the |
994 variables that include raw types with respects by quantifiers |
995 variables that include raw types with respects by quantifiers |
995 over variables that include quotient types. We show here only |
996 over variables that include quotient types. We show here only |
996 the lambda preservation theorem. Given |
997 the lambda preservation theorem. Given |
997 @{term "Quotient R\<^isub>1 Abs\<^isub>1 Rep\<^isub>1"} and @{term "Quotient R\<^isub>2 Abs\<^isub>2 Rep\<^isub>2"}, we have: |
998 @{term "Quotient R\<^isub>1 Abs\<^isub>1 Rep\<^isub>1"} and @{term "Quotient R\<^isub>2 Abs\<^isub>2 Rep\<^isub>2"}, we have: |
998 |
999 |
999 @{thm [display, indent=10] (concl) lambda_prs[of _ "Abs\<^isub>1" "Rep\<^isub>1" _ "Abs\<^isub>2" "Rep\<^isub>2", no_vars]} |
1000 @{thm [display, indent=10] (concl) lambda_prs[of _ "Abs\<^isub>1" "Rep\<^isub>1" _ "Abs\<^isub>2" "Rep\<^isub>2", no_vars]} |
1000 |
1001 |
1001 \noindent |
1002 \noindent |
1002 Next, relations over lifted types are folded to equalities. |
1003 Next, relations over lifted types can be rewritten to equalities |
1003 For this the following theorem has been shown by Homeier~\cite{Homeier05}: |
1004 over lifted type. Rewriting is performed with the following theorem, |
|
1005 which has been shown by Homeier~\cite{Homeier05}: |
1004 |
1006 |
1005 @{thm [display, indent=10] (concl) Quotient_rel_rep[no_vars]} |
1007 @{thm [display, indent=10] (concl) Quotient_rel_rep[no_vars]} |
1006 |
1008 |
1007 \noindent |
1009 \noindent |
1008 Finally, we rewrite with the preservation theorems. This will result |
1010 Finally, we rewrite with the preservation theorems. This will result |