52 mechanisms for binding single variables have not fared extremely well with the |
52 mechanisms for binding single variables have not fared extremely well with the |
53 more advanced tasks in the POPLmark challenge \cite{challenge05}, because |
53 more advanced tasks in the POPLmark challenge \cite{challenge05}, because |
54 also there one would like to bind multiple variables at once. |
54 also there one would like to bind multiple variables at once. |
55 |
55 |
56 Binding multiple variables has interesting properties that are not captured |
56 Binding multiple variables has interesting properties that are not captured |
57 by iterating single binders. First, in the case of type-schemes, we do not |
57 by iterating single binders. For example in the case of type-schemes we do not |
58 like to make a distinction about the order of the bound variables. Therefore |
58 like to make a distinction about the order of the bound variables. Therefore |
59 we would like to regard the following two type-schemes as alpha-equivalent |
59 we would like to regard the following two type-schemes as alpha-equivalent |
60 |
60 |
61 \begin{center} |
61 \begin{center} |
62 $\forall \{x, y\}. x \rightarrow y \;\approx_\alpha\; \forall \{y, x\}. y \rightarrow x$ |
62 $\forall \{x, y\}. x \rightarrow y \;\approx_\alpha\; \forall \{y, x\}. y \rightarrow x$ |
150 where the notation $[\_\!\_].\_\!\_$ indicates that the $x_i$ become |
150 where the notation $[\_\!\_].\_\!\_$ indicates that the $x_i$ become |
151 bound in $s$. In this representation the term \mbox{$\LET [x].s\;\;[t_1,t_2]$} |
151 bound in $s$. In this representation the term \mbox{$\LET [x].s\;\;[t_1,t_2]$} |
152 would be perfectly legal instance, and so one needs additional predicates about terms |
152 would be perfectly legal instance, and so one needs additional predicates about terms |
153 to ensure that the two lists are of equal length. This can result into very |
153 to ensure that the two lists are of equal length. This can result into very |
154 messy reasoning (see for example~\cite{BengtsonParow09}). |
154 messy reasoning (see for example~\cite{BengtsonParow09}). |
155 To avoid this, we will allow for example to specify $\mathtt{let}$s |
155 To avoid this, we will allowto specify for example $\mathtt{let}$s |
156 as follows |
156 as follows |
157 |
157 |
158 \begin{center} |
158 \begin{center} |
159 \begin{tabular}{r@ {\hspace{2mm}}r@ {\hspace{2mm}}l} |
159 \begin{tabular}{r@ {\hspace{2mm}}r@ {\hspace{2mm}}l} |
160 $trm$ & $::=$ & \ldots\\ |
160 $trm$ & $=$ & \ldots\\ |
161 & $\mid$ & $\mathtt{let}\;a\!::\!assn\;\;s\!::\!trm\quad\mathtt{bind}\;bn\,(a) \IN s$\\[1mm] |
161 & $\mid$ & $\mathtt{let}\;a\!::\!assn\;\;s\!::\!trm\quad\mathtt{bind}\;bn\,(a) \IN s$\\[1mm] |
162 $assn$ & $::=$ & $\mathtt{anil}$\\ |
162 $assn$ & $=$ & $\mathtt{anil}$\\ |
163 & $\mid$ & $\mathtt{acons}\;\;name\;\;trm\;\;assn$ |
163 & $\mid$ & $\mathtt{acons}\;\;name\;\;trm\;\;assn$ |
164 \end{tabular} |
164 \end{tabular} |
165 \end{center} |
165 \end{center} |
166 |
166 |
167 \noindent |
167 \noindent |
168 where $assn$ is an auxiliary type representing a list of assignments |
168 where $assn$ is an auxiliary type representing a list of assignments |
169 and $bn$ an auxiliary function identifying the variables to be bound by |
169 and $bn$ an auxiliary function identifying the variables to be bound by |
170 the $\mathtt{let}$. This function can be defined as |
170 the $\mathtt{let}$. This function can be defined by recursion over $assn$ as |
171 |
171 |
172 \begin{center} |
172 \begin{center} |
173 $bn\,(\mathtt{anil}) = \varnothing \qquad bn\,(\mathtt{acons}\;x\;t\;as) = \{x\} \cup bn\,(as)$ |
173 $bn\,(\mathtt{anil}) = \varnothing \qquad bn\,(\mathtt{acons}\;x\;t\;as) = \{x\} \cup bn\,(as)$ |
174 \end{center} |
174 \end{center} |
175 |
175 |
176 \noindent |
176 \noindent |
177 The scope of the binding is indicated by labels given to the types, for |
177 The scope of the binding is indicated by labels given to the types, for |
178 example \mbox{$s\!::\!trm$}, and a binding clause, in this case |
178 example \mbox{$s\!::\!trm$}, and a binding clause, in this case |
179 $\mathtt{bind}\;bn\,(a) \IN s$, that states bind all the names the function |
179 $\mathtt{bind}\;bn\,(a) \IN s$, that states to bind all the names the function |
180 $bn$ returns in $s$. This style of specifying terms and bindings is heavily |
180 $bn$ returns in $s$. This style of specifying terms and bindings is heavily |
181 inspired by the syntax of the Ott-tool \cite{ott-jfp}. |
181 inspired by the syntax of the Ott-tool \cite{ott-jfp}. |
182 |
182 |
183 However, we will not be able to deal with all specifications that are |
183 However, we will not be able to deal with all specifications that are |
184 allowed by Ott. One reason is that we establish the reasoning infrastructure |
184 allowed by Ott. One reason is that we establish the reasoning infrastructure |
185 for alpha-\emph{equated} terms. In contrast, Ott produces for a subset of |
185 for alpha-\emph{equated} terms. In contrast, Ott produces for a subset of |
186 its specifications a reasoning infrastructure in Isabelle/HOL for |
186 its specifications a reasoning infrastructure in Isabelle/HOL for |
187 \emph{non}-alpha-equated, or ``raw'', terms. While our alpha-equated terms |
187 \emph{non}-alpha-equated, or ``raw'', terms. While our alpha-equated terms |
188 and the raw terms produced by Ott use names for the bound variables, |
188 and the raw terms produced by Ott use names for bound variables, |
189 there is a key difference: working with alpha-equated terms means that the |
189 there is a key difference: working with alpha-equated terms means that the |
190 two type-schemes with $x$, $y$ and $z$ being distinct |
190 two type-schemes with $x$, $y$ and $z$ being distinct |
191 |
191 |
192 \begin{center} |
192 \begin{center} |
193 $\forall \{x\}. x \rightarrow y \;=\; \forall \{x, z\}. x \rightarrow y$ |
193 $\forall \{x\}. x \rightarrow y \;=\; \forall \{x, z\}. x \rightarrow y$ |
195 |
195 |
196 \noindent |
196 \noindent |
197 are not just alpha-equal, but actually equal. As a |
197 are not just alpha-equal, but actually equal. As a |
198 result, we can only support specifications that make sense on the level of |
198 result, we can only support specifications that make sense on the level of |
199 alpha-equated terms (offending specifications, which for example bind a variable |
199 alpha-equated terms (offending specifications, which for example bind a variable |
200 according to a variable bound somewhere else, are not excluded by Ott). Our |
200 according to a variable bound somewhere else, are not excluded by Ott, but we |
|
201 have to). Our |
201 insistence on reasoning with alpha-equated terms comes from the wealth of |
202 insistence on reasoning with alpha-equated terms comes from the wealth of |
202 experience we gained with the older version of Nominal Isabelle: for |
203 experience we gained with the older version of Nominal Isabelle: for |
203 non-trivial properties, reasoning about alpha-equated terms is much easier |
204 non-trivial properties, reasoning about alpha-equated terms is much easier |
204 than reasoning with raw terms. The fundamental reason is that the |
205 than reasoning with raw terms. The fundamental reason for this is that the |
205 HOL-logic underlying Nominal Isabelle allows us to replace |
206 HOL-logic underlying Nominal Isabelle allows us to replace |
206 ``equals-by-equals''. In contrast replacing ``alpha-equals-by-alpha-equals'' |
207 ``equals-by-equals''. In contrast replacing ``alpha-equals-by-alpha-equals'' |
207 in a representation based on raw terms requires a lot of extra reasoning work. |
208 in a representation based on raw terms requires a lot of extra reasoning work. |
208 |
209 |
209 Although in informal settings a reasoning infrastructure for alpha-equated |
210 Although in informal settings a reasoning infrastructure for alpha-equated |
210 terms (that have names for bound variables) is nearly always taken for granted, establishing |
211 terms (that have names for bound variables) is nearly always taken for granted, establishing |
211 it automatically in the Isabelle/HOL theorem prover is a rather non-trivial task. |
212 it automatically in the Isabelle/HOL theorem prover is a rather non-trivial task. |
212 For every specification we will need to construct a type containing as |
213 For every specification we will need to construct a type containing as |
213 elements the alpha-equated terms. To do so we use |
214 elements the alpha-equated terms. To do so, we use |
214 the standard HOL-technique of defining a new type by |
215 the standard HOL-technique of defining a new type by |
215 identifying a non-empty subset of an existing type. In our |
216 identifying a non-empty subset of an existing type. The construction we |
216 case we take as the starting point the type of sets of raw |
217 perform in HOL is illustrated by the following picture: |
217 terms (the latter being defined as a datatype); identify the |
|
218 alpha-equivalence classes according to our alpha-equivalence relation and |
|
219 then define the new type as these alpha-equivalence classes. The construction we |
|
220 can perform in HOL is illustrated by the following picture: |
|
221 |
218 |
222 \begin{center} |
219 \begin{center} |
223 \begin{tikzpicture} |
220 \begin{tikzpicture} |
224 %\draw[step=2mm] (-4,-1) grid (4,1); |
221 %\draw[step=2mm] (-4,-1) grid (4,1); |
225 |
222 |
238 \draw (-3.25, 0.55) node {\begin{tabular}{@ {}l@ {}}new\\[-1mm]type\end{tabular}}; |
235 \draw (-3.25, 0.55) node {\begin{tabular}{@ {}l@ {}}new\\[-1mm]type\end{tabular}}; |
239 |
236 |
240 \draw[<->, very thick] (-1.8, 0.3) -- (-0.1,0.3); |
237 \draw[<->, very thick] (-1.8, 0.3) -- (-0.1,0.3); |
241 \draw (-0.95, 0.3) node[above=0mm] {isomorphism}; |
238 \draw (-0.95, 0.3) node[above=0mm] {isomorphism}; |
242 |
239 |
243 %\rput(3.7,1.75){isomorphism} |
|
244 \end{tikzpicture} |
240 \end{tikzpicture} |
245 |
241 \end{center} |
246 %%\begin{pspicture}(0.5,0.0)(8,2.5) |
242 |
247 %%\showgrid |
243 \noindent |
248 %\psframe[linewidth=0.4mm,framearc=0.2](5,0.0)(7.7,2.5) |
244 We take as the starting point a definition of raw terms (being defined as a |
249 %\pscircle[linewidth=0.3mm,dimen=middle](6,1.5){0.6} |
245 datatype in Isabelle/HOL); identify then the |
250 %\psframe[linewidth=0.4mm,framearc=0.2,dimen=middle](1.1,2.1)(2.3,0.9) |
246 alpha-equivalence classes in the type of sets of raw terms, according to our |
251 |
247 alpha-equivalence relation and finally define the new type as these |
252 %\pcline[linewidth=0.4mm]{->}(2.6,1.5)(4.8,1.5) |
248 alpha-equivalence classes (non-emptiness is satisfied whenever the raw terms are |
253 |
249 definable as datatype in Isabelle/HOL and the fact that our relation for alpha is an |
254 %\pcline[linewidth=0.2mm](2.2,2.1)(6,2.1) |
250 equivalence relation).\marginpar{\footnotesize Does Ott allow definitions of ``strange'' types?} |
255 %\pcline[linewidth=0.2mm](2.2,0.9)(6,0.9) |
251 |
256 |
252 The fact that we obtain an isomorphism between between the new type and the non-empty |
257 %\rput(7.3,2.2){$\mathtt{phi}$} |
253 subset shows that the new type is a faithful representation of alpha-equated terms. |
258 %\rput(6,1.5){$\lama$} |
254 That is different for example in the representation of terms using the locally |
259 %\rput[l](7.6,2.05){\begin{tabular}{l}existing\\[-1.6mm]type\end{tabular}} |
255 nameless representation of binders: there are non-well-formed terms that need to |
260 %\rput[r](1.2,1.5){\begin{tabular}{l}new\\[-1.6mm]type\end{tabular}} |
256 be excluded by reasoning about a well-formedness predicate. |
261 %\rput(6.1,0.5){\begin{tabular}{l}non-empty\\[-1.6mm]subset\end{tabular}} |
257 |
262 %\rput[c](1.7,1.5){$\lama$} |
258 The problem with introducing a new type is that in order to be useful |
263 %\rput(3.7,1.75){isomorphism} |
259 a resoning infrastructure needs to be ``lifted'' from the underlying type |
264 %\end{pspicture} |
260 and subset to the new type. This is usually a tricky task. To ease this task |
265 \end{center} |
261 we reimplemented in Isabelle/HOL the quotient package described by Homeier |
266 |
262 \cite{Homeier05}. Gieven that alpha is an equivalence relation, this package |
267 \noindent |
263 allows us to automatically lift definitions and theorems involving raw terms |
268 To ``lift'' the reasoning from the underlying type to the new type |
264 to definitions and theorems involving alpha-equated terms. This of course |
269 is usually a tricky task. To ease this task we reimplemented in Isabelle/HOL |
265 only works if the definitions and theorems are respectful w.r.t.~alpha-equivalence. |
270 the quotient package described by Homeier \cite{Homeier05}. This |
266 Hence we will be able to lift, for instance, the function for free |
271 re-implementation will automate the proofs we require for our |
267 variables of raw terms to alpha-equated terms (since this function respects |
272 reasoning infrastructure over alpha-equated terms.\medskip |
268 alpha-equivalence), but we will not be able to do this with a bound-variable |
|
269 function (since it does not respect alpha-equivalence). As a result, each |
|
270 lifting needs some respectulness proofs which we automated.\medskip |
273 |
271 |
274 \noindent |
272 \noindent |
275 {\bf Contributions:} We provide new definitions for when terms |
273 {\bf Contributions:} We provide new definitions for when terms |
276 involving multiple binders are alpha-equivalent. These definitions are |
274 involving multiple binders are alpha-equivalent. These definitions are |
277 inspired by earlier work of Pitts \cite{}. By means of automatic |
275 inspired by earlier work of Pitts \cite{}. By means of automatic |
283 *} |
281 *} |
284 |
282 |
285 section {* A Short Review of the Nominal Logic Work *} |
283 section {* A Short Review of the Nominal Logic Work *} |
286 |
284 |
287 text {* |
285 text {* |
288 At its core, Nominal Isabelle is based on the nominal logic work by Pitts |
286 At its core, Nominal Isabelle is an adaption of the nominal logic work by |
289 \cite{Pitts03}. The implementation of this work are described in |
287 Pitts \cite{Pitts03}. This adaptation for Isabelle/HOL is described in |
290 \cite{HuffmanUrban10}, which we review here briefly to aid the description |
288 \cite{HuffmanUrban10}, which we review here briefly to aid the description |
291 of what follows in the next sections. Two central notions in the nominal |
289 of what follows. Two central notions in the nominal logic work are sorted |
292 logic work are sorted atoms and permutations of atoms. The sorted atoms |
290 atoms and permutations of atoms. The sorted atoms represent different kinds |
293 represent different kinds of variables, such as term- and type-variables in |
291 of variables, such as term- and type-variables in Core-Haskell, and it is |
294 Core-Haskell, and it is assumed that there is an infinite supply of atoms |
292 assumed that there is an infinite supply of atoms for each sort. However, in |
295 for each sort. However, in order to simplify the description, we |
293 order to simplify the description, we shall assume in what follows that |
296 shall assume in what follows that there is only a single sort of atoms. |
294 there is only a single sort of atoms. |
|
295 |
297 |
296 |
298 Permutations are bijective functions from atoms to atoms that are |
297 Permutations are bijective functions from atoms to atoms that are |
299 the identity everywhere except on a finite number of atoms. There is a |
298 the identity everywhere except on a finite number of atoms. There is a |
300 two-place permutation operation written |
299 two-place permutation operation written |
301 |
300 |
346 \end{property} |
345 \end{property} |
347 |
346 |
348 *} |
347 *} |
349 |
348 |
350 |
349 |
351 section {* Abstractions *} |
350 section {* General Binders *} |
352 |
351 |
353 text {* |
352 text {* |
|
353 In order to keep our work managable we like to state general definitions |
|
354 and perform proofs inside Isabelle as much as possible, as opposed to write |
|
355 custom ML-code that generates appropriate definitions and proofs for each |
|
356 instance of a term-calculus. For this, we like to consider pairs |
|
357 |
|
358 \begin{equation}\label{three} |
|
359 \mbox{@{text "(as, x) :: atom set \<times> \<beta>"}} |
|
360 \end{equation} |
|
361 |
|
362 \noindent |
|
363 consisting of a set of atoms and an object of generic type. The pairs |
|
364 are intended to be used for representing binding such as found in |
|
365 type-schemes |
|
366 |
|
367 \begin{center} |
|
368 $\forall \{x_1,\ldots,x_n\}. T$ |
|
369 \end{center} |
|
370 |
|
371 \noindent |
|
372 where the atoms $x_1,\ldots,x_n$ is intended to be in \eqref{three} the |
|
373 set @{text as} of atoms we want to bind, and $T$, an object-level type, is |
|
374 one instance for the generic $x$. |
|
375 |
|
376 The first question we have to answer is when we should consider the pairs |
|
377 in \eqref{three} as alpha-equivelent? (At the moment we are interested in |
|
378 the notion of alpha-equivalence that is \emph{not} preserved by adding |
|
379 vacuous binders.) Assuming we are given a free-variable function, say |
|
380 \mbox{@{text "fv :: \<beta> \<Rightarrow> atom set"}}, then we expect for two alpha-equivelent |
|
381 pairs that their sets of free variables aggree. That is |
|
382 % |
|
383 \begin{equation}\label{four} |
|
384 \mbox{@{text "(as, x) \<approx> (bs, y)"} \hspace{2mm}implies\hspace{2mm} @{text "fv(x) - as = fv(y) - bs"}} |
|
385 \end{equation} |
|
386 |
|
387 \noindent |
|
388 Next we expect that there is a permutation, say $p$, that leaves the |
|
389 free variables unchanged, but ``moves'' the bound names in $x$ so that |
|
390 we obtain $y$ modulo a relation, say @{text "_ R _"}, that characterises when two |
|
391 elments of type $\beta$ are equivalent. We also expect that $p$ |
|
392 makes the binders equal. We can formulate these requirements as: there |
|
393 exists a $p$ such that $i)$ @{term "(fv(x) - as) \<sharp>* p"}, $ii)$ @{text "(p \<bullet> x) R y"} and |
|
394 $iii)$ @{text "(p \<bullet> as) = bs"}. |
|
395 |
|
396 We take now \eqref{four} and the three |
|
397 |
|
398 |
354 General notion of alpha-equivalence (depends on a free-variable |
399 General notion of alpha-equivalence (depends on a free-variable |
355 function and a relation). |
400 function and a relation). |
356 *} |
401 *} |
357 |
402 |
358 section {* Alpha-Equivalence and Free Variables *} |
403 section {* Alpha-Equivalence and Free Variables *} |