nominal2: comparison Quotient-Paper-jv/Paper.thy

equal deleted inserted replaced

-:92b9b8d2888d
+:d003938cc952
 section {* Introduction *}
 text {*
 \noindent
-One might think quotients have been studied to death, but in the context of
+One might think quotients have been studied to death, but in the
-theorem provers many questions concerning them are far from settled. In
+context of theorem provers a number questions concerning them are
-this paper we address the question of how to establish a convenient reasoning
+far from settled. In this paper we address the question of how to
-infrastructure
+establish a convenient reasoning infrastructure for quotient
-for quotient constructions in the Isabelle/HOL
+constructions in the Isabelle/HOL theorem prover. Higher-Order Logic
-theorem prover. Higher-Order Logic (HOL) consists
+(HOL) consists of a small number of axioms and inference rules over
-of a small number of axioms and inference rules over a simply-typed
+a simply-typed term-language. Safe reasoning in HOL is ensured by
-term-language. Safe reasoning in HOL is ensured by two very restricted
+two very restricted mechanisms for extending the logic: one is the
-mechanisms for extending the logic: one is the definition of new constants
+definition of new constants in terms of existing ones; the other is
-in terms of existing ones; the other is the introduction of new types by
+the introduction of new types by identifying non-empty subsets in
-identifying non-empty subsets in existing types. Previous work has shown how
+existing types. Previous work has shown how to use both mechanisms
-to use both mechanisms for dealing with quotient constructions in HOL (see
+for dealing with quotient constructions in HOL (see
-\cite{Homeier05,Paulson06}).  For example the integers in Isabelle/HOL are
+\cite{Homeier05,Paulson06}).  For example the integers in
-constructed by a quotient construction over the type @{typ "nat \<times> nat"} and
+Isabelle/HOL are constructed by a quotient construction over the
-the equivalence relation
+type @{typ "nat \<times> nat"} and the equivalence relation
 \begin{isabelle}\ \ \ \ \ %%%
 @{text "(n\<^isub>1, n\<^isub>2) \<approx> (m\<^isub>1, m\<^isub>2) \<equiv> n\<^isub>1 + m\<^isub>2 = m\<^isub>1 + n\<^isub>2"}\hfill\numbered{natpairequiv}
 \end{isabelle}
 \begin{isabelle}\ \ \ \ \ %%%
 @{text "add_pair (n\<^isub>1, m\<^isub>1) (n\<^isub>2, m\<^isub>2) \<equiv> (n\<^isub>1 + n\<^isub>2, m\<^isub>1 + m\<^isub>2)"}
 \end{isabelle}
 \noindent
-Similarly one can construct the type of
+Similarly one can construct the type of finite sets, written @{term
-finite sets, written @{term "\<alpha> fset"},
+"\<alpha> fset"}, by quotienting the type @{text "\<alpha> list"} according to the
-by quotienting the type @{text "\<alpha> list"} according to the equivalence relation
+equivalence relation
 \begin{isabelle}\ \ \ \ \ %%%
 @{text "xs \<approx> ys \<equiv> (\<forall>x. memb x xs \<longleftrightarrow> memb x ys)"}\hfill\numbered{listequiv}
 \end{isabelle}
 \noindent
-which states that two lists are equivalent if every element in one list is
+which states that two lists are equivalent if every element in one
-also member in the other. The empty finite set, written @{term "{||}"}, can
+list is also member in the other, and vice versa. The empty finite
-then be defined as the empty list and the union of two finite sets, written
+set, written @{term "{||}"}, can then be defined as the empty list
-@{text "\<union>"}, as list append.
+and the union of two finite sets, written @{text "\<union>"}, as list
+append.
 Quotients are important in a variety of areas, but they are really ubiquitous in
 the area of reasoning about programming language calculi. A simple example
-is the lambda-calculus, whose raw terms are defined as
+is the lambda-calculus, whose raw, or un-quotient, terms are defined as
 \begin{isabelle}\ \ \ \ \ %%%
 @{text "t ::= x | t t | \<lambda>x.t"}%\hfill\numbered{lambda}
 \end{isabelle}
 \noindent
-The problem with this definition arises, for instance, when one attempts to
+The problem with this definition arises from the need to reason
-prove formally the substitution lemma \cite{Barendregt81} by induction
+modulo $\alpha$-equivalence, for instance, when one attempts to
-over the structure of terms. This can be fiendishly complicated (see
+prove formally the substitution lemma \cite{Barendregt81} by
-\cite[Pages 94--104]{CurryFeys58} for some ``rough'' sketches of a proof
+induction over the structure of terms. This can be fiendishly
-about raw lambda-terms). In contrast, if we reason about
+complicated (see \cite[Pages 94--104]{CurryFeys58} for some
-$\alpha$-equated lambda-terms, that means terms quotient according to
+``rough'' sketches of a proof about raw lambda-terms). In contrast,
-$\alpha$-equivalence, then the reasoning infrastructure provided,
+if we reason about $\alpha$-equated lambda-terms, that means terms
-for example, by Nominal Isabelle %%\cite{UrbanKaliszyk11}
+quotient according to $\alpha$-equivalence, then the reasoning
-makes the formal
+infrastructure provided, for example, by Nominal Isabelle
-proof of the substitution lemma almost trivial.
+\cite{UrbanKaliszyk11} makes the formal proof of the substitution
+lemma almost trivial. The fundamental reason is that in case of
+$\alpha$-equated terms, equality coincides with $\alpha$-equivalence and
+we can use for reasoning HOL's built-in notion of ``replacing equals by equals''.
 {\bf MAYBE AN EAMPLE FOR PARTIAL QUOTIENTS?}
 The difficulty is that in order to be able to reason about integers, finite

changeset 3136	d003938cc952
parent 3125	860df8e1262f
child 3137	de3a89363143