nominal2: comparison Paper/Paper.thy

equal deleted inserted replaced

-:c9d3dda79fe3
+:d7dc35222afc
 (*<*)
 theory Paper
 imports "../Nominal/Test" "LaTeXsugar"
 begin
+consts
+fv :: "'a \<Rightarrow> 'b"
+abs_set :: "'a \<Rightarrow> 'b \<Rightarrow> 'c"
+Abs_lst :: "'a \<Rightarrow> 'b \<Rightarrow> 'c"
+Abs_res :: "'a \<Rightarrow> 'b \<Rightarrow> 'c"
+definition
+"equal \<equiv> (op =)"
 notation (latex output)
 swap ("'(_ _')" [1000, 1000] 1000) and
 fresh ("_ # _" [51, 51] 50) and
 fresh_star ("_ #* _" [51, 51] 50) and
 supp ("supp _" [78] 73) and
 uminus ("-_" [78] 73) and
-If  ("if _ then _ else _" 10)
+If  ("if _ then _ else _" 10) and
+alpha_gen ("_ \<approx>\<^raw:\makebox[0mm][l]{$\,_{\textit{set}}$}>\<^bsup>_,_,_\<^esup> _") and
+alpha_lst ("_ \<approx>\<^raw:\makebox[0mm][l]{$\,_{\textit{list}}$}>\<^bsup>_,_,_\<^esup> _") and
+alpha_res ("_ \<approx>\<^raw:\makebox[0mm][l]{$\,_{\textit{res}}$}>\<^bsup>_,_,_\<^esup> _") and
+abs_set ("_ \<approx>\<^raw:{$\,_{\textit{abs\_set}}$}> _") and
+fv ("fv'(_')" [100] 100) and
+equal ("=") and
+alpha_abs ("_ \<approx>\<^raw:{$\,_{\textit{abs\_set}}$}> _") and
+Abs ("[_]\<^raw:$\!$>\<^bsub>set\<^esub>._") and
+Abs_lst ("[_]\<^raw:$\!$>\<^bsub>list\<^esub>._") and
+Abs_res ("[_]\<^raw:$\!$>\<^bsub>res\<^esub>._")
 (*>*)
 section {* Introduction *}
 text {*
 So far, Nominal Isabelle provides a mechanism for constructing
 alpha-equated terms, for example
 \begin{center}
-$t ::= x \mid t\;t \mid \lambda x. t$
+@{text "t ::= x | t t | \<lambda>x. t"}
 \end{center}
 \noindent
 where free and bound variables have names.  For such terms Nominal Isabelle
-derives automatically a reasoning infrastructure that  has been used
+derives automatically a reasoning infrastructure that has been used
 successfully in formalisations of an equivalence checking algorithm for LF
 \cite{UrbanCheneyBerghofer08}, Typed
 Scheme~\cite{TobinHochstadtFelleisen08}, several calculi for concurrency
 \cite{BengtsonParrow07,BengtsonParow09} and a strong normalisation result
 for cut-elimination in classical logic \cite{UrbanZhu08}. It has also been
 the algorithm W \cite{UrbanNipkow09}, where types and type-schemes
 are of the form
 %
 \begin{equation}\label{tysch}
 \begin{array}{l}
-T ::= x \mid T \rightarrow T \hspace{5mm} S ::= \forall \{x_1,\ldots, x_n\}. T
+@{text "T ::= x | T \<rightarrow> T"}\hspace{5mm}
+@{text "S ::= \<forall>{x\<^isub>1,\<dots>, x\<^isub>n}. T"}
 \end{array}
 \end{equation}
 \noindent
 and the quantification $\forall$ binds a finite (possibly empty) set of
 easily by iterating single binders. For example in case of type-schemes we do not
 want to make a distinction about the order of the bound variables. Therefore
 we would like to regard the following two type-schemes as alpha-equivalent
 %
 \begin{equation}\label{ex1}
-\forall \{x, y\}. x \rightarrow y  \;\approx_\alpha\; \forall \{y, x\}. y \rightarrow x
+@{text "\<forall>{x,y}. x \<rightarrow> y  \<approx>\<^isub>\<alpha>  \<forall>{y,x}. y \<rightarrow> x"}
 \end{equation}
 \noindent
-but assuming that $x$, $y$ and $z$ are distinct variables,
+but assuming that @{text x}, @{text y} and @{text z} are distinct variables,
 the following two should \emph{not} be alpha-equivalent
 %
 \begin{equation}\label{ex2}
-\forall \{x, y\}. x \rightarrow y  \;\not\approx_\alpha\; \forall \{z\}. z \rightarrow z
+@{text "\<forall>{x,y}. x \<rightarrow> y  \<notapprox>\<^isub>\<alpha>  \<forall>{z}. z \<rightarrow> z"}
 \end{equation}
 \noindent
-Moreover, we like to regard type-schemes as
+Moreover, we like to regard type-schemes as alpha-equivalent, if they differ
-alpha-equivalent, if they differ only on \emph{vacuous} binders, such as
+only on \emph{vacuous} binders, such as
 %
 \begin{equation}\label{ex3}
-\forall \{x\}. x \rightarrow y  \;\approx_\alpha\; \forall \{x, z\}. x \rightarrow y
+@{text "\<forall>{x}. x \<rightarrow> y  \<approx>\<^isub>\<alpha>  \<forall>{x,z}. x \<rightarrow> y"}
 \end{equation}
 \noindent
-where $z$ does not occur freely in the type.
+where @{text z} does not occur freely in the type.  In this paper we will
-In this paper we will give a general binding mechanism and associated
+give a general binding mechanism and associated notion of alpha-equivalence
-notion of alpha-equivalence that can be used to faithfully represent
+that can be used to faithfully represent this kind of binding in Nominal
-this kind of binding in Nominal Isabelle.  The difficulty of finding the right notion
+Isabelle.  The difficulty of finding the right notion for alpha-equivalence
-for alpha-equivalence can be appreciated in this case by considering that the
+can be appreciated in this case by considering that the definition given by
-definition given by Leroy in \cite{Leroy92} is incorrect (it omits a side-condition).
+Leroy in \cite{Leroy92} is incorrect (it omits a side-condition).
-However, the notion of alpha-equivalence that is preserved by vacuous binders is not
+However, the notion of alpha-equivalence that is preserved by vacuous
-always wanted. For example in terms like
+binders is not always wanted. For example in terms like
 %
 \begin{equation}\label{one}
-\LET x = 3 \AND y = 2 \IN x\,-\,y \END
+@{text "\<LET> x = 3 \<AND> y = 2 \<IN> x - y \<END>"}
 \end{equation}
 \noindent
 we might not care in which order the assignments $x = 3$ and $y = 2$ are
 given, but it would be unusual to regard \eqref{one} as alpha-equivalent
 with
 %
 \begin{center}
-$\LET x = 3 \AND y = 2 \AND z = loop \IN x\,-\,y \END$
+@{text "\<LET> x = 3 \<AND> y = 2 \<AND> z = loop \<IN> x - y \<END>"}
 \end{center}
 \noindent
 Therefore we will also provide a separate binding mechanism for cases in
 which the order of binders does not matter, but the ``cardinality'' of the
 binders has to agree.
 However, we found that this is still not sufficient for dealing with
 language constructs frequently occurring in programming language
-research. For example in $\mathtt{let}$s containing patterns
+research. For example in @{text "\<LET>"}s containing patterns
 %
 \begin{equation}\label{two}
-\LET (x, y) = (3, 2) \IN x\,-\,y \END
+@{text "\<LET> (x, y) = (3, 2) \<IN> x - y \<END>"}
 \end{equation}
 \noindent
 we want to bind all variables from the pattern inside the body of the
 $\mathtt{let}$, but we also care about the order of these variables, since
 we do not want to regard \eqref{two} as alpha-equivalent with
 %
 \begin{center}
-$\LET (y, x) = (3, 2) \IN x\,- y\,\END$
+@{text "\<LET> (y, x) = (3, 2) \<IN> x - y \<END>"}
 \end{center}
 \noindent
-As a result, we provide three general binding mechanisms each of which binds multiple
+As a result, we provide three general binding mechanisms each of which binds
-variables at once, and let the user chose which one is intended when formalising a
+multiple variables at once, and let the user chose which one is intended
-programming language calculus.
+when formalising a programming language calculus.
-By providing these general binding mechanisms, however, we have to work around
+By providing these general binding mechanisms, however, we have to work
-a problem that has been pointed out by Pottier \cite{Pottier06} and Cheney
+around a problem that has been pointed out by Pottier \cite{Pottier06} and
-\cite{Cheney05}: in $\mathtt{let}$-constructs of the form
+Cheney \cite{Cheney05}: in @{text "\<LET>"}-constructs of the form
 %
 \begin{center}
-$\LET x_1 = t_1 \AND \ldots \AND x_n = t_n \IN s \END$
+@{text "\<LET> x\<^isub>1 = t\<^isub>1 \<AND> \<dots> \<AND> x\<^isub>n = t\<^isub>n \<IN> s \<END>"}
 \end{center}
 \noindent
-which bind all the $x_i$ in $s$, we might not care about the order in
+which bind all the @{text "x\<^isub>i"} in @{text s}, we might not care
-which the $x_i = t_i$ are given, but we do care about the information that there are
+about the order in which the @{text "x\<^isub>i = t\<^isub>i"} are given,
-as many $x_i$ as there are $t_i$. We lose this information if we represent the
+but we do care about the information that there are as many @{text
-$\mathtt{let}$-constructor by something like
+"x\<^isub>i"} as there are @{text "t\<^isub>i"}. We lose this information if
-%
+we represent the @{text "\<LET>"}-constructor by something like
-\begin{center}
+%
-$\LET [x_1,\ldots,x_n].s\;\; [t_1,\ldots,t_n]$
+\begin{center}
-\end{center}
+@{text "\<LET> [x\<^isub>1,\<dots>,x\<^isub>n].s [t\<^isub>1,\<dots>,t\<^isub>n]"}
+\end{center}
-\noindent
-where the notation $[\_\!\_].\_\!\_$ indicates that the $x_i$ become bound
+\noindent
-in $s$. In this representation the term \mbox{$\LET [x].s\;\;[t_1,t_2]$}
+where the notation @{text "[_]._"} indicates that the @{text "x\<^isub>i"}
-would be a perfectly legal instance. To exclude such terms, additional
+become bound in @{text s}. In this representation the term
-predicates about well-formed terms are needed in order to ensure that the two
+\mbox{@{text "\<LET> [x].s [t\<^isub>1,t\<^isub>2]"}} would be a perfectly legal
-lists are of equal length. This can result into very messy reasoning (see
+instance. To exclude such terms, additional predicates about well-formed
-for example~\cite{BengtsonParow09}). To avoid this, we will allow type specifications
+terms are needed in order to ensure that the two lists are of equal
-for $\mathtt{let}$s as follows
+length. This can result into very messy reasoning (see for
+example~\cite{BengtsonParow09}). To avoid this, we will allow type
+specifications for $\mathtt{let}$s as follows
 %
 \begin{center}
 \begin{tabular}{r@ {\hspace{2mm}}r@ {\hspace{2mm}}l}
-$trm$ & $::=$  & \ldots\\
+@{text trm} & @{text "::="}  & @{text "\<dots>"}\\
-& $\mid$ & $\mathtt{let}\;a\!::\!assn\;\;s\!::\!trm\quad\mathtt{bind}\;bn\,(a) \IN s$\\[1mm]
+& @{text "|"}    & @{text "\<LET> a::assn s::trm"}\hspace{4mm}
-$assn$ & $::=$  & $\mathtt{anil}$\\
+\isacommand{bind} @{text "bn(a)"} \isacommand{in} @{text "s"}\\[1mm]
-& $\mid$ & $\mathtt{acons}\;\;name\;\;trm\;\;assn$
+@{text assn} & @{text "::="} & @{text "\<ANIL>"}\\
-\end{tabular}
+& @{text "|"}   & @{text "\<ACONS> name trm assn"}
-\end{center}
+\end{tabular}
+\end{center}
-\noindent
-where $assn$ is an auxiliary type representing a list of assignments
+\noindent
-and $bn$ an auxiliary function identifying the variables to be bound by
+where @{text assn} is an auxiliary type representing a list of assignments
-the $\mathtt{let}$. This function is defined by recursion over $assn$ as follows
+and @{text bn} an auxiliary function identifying the variables to be bound
+by the @{text "\<LET>"}. This function is defined by recursion over @{text
-\begin{center}
+assn} as follows
-$bn\,(\mathtt{anil}) = \varnothing \qquad bn\,(\mathtt{acons}\;x\;t\;as) = \{x\} \cup bn\,(as)$
+\begin{center}
+@{text "bn(\<ANIL>) ="} @{term "{}"} \hspace{5mm}
+@{text "bn(\<ACONS> x t as) = {x} \<union> bn(as)"}
 \end{center}
 \noindent
 The scope of the binding is indicated by labels given to the types, for
-example \mbox{$s\!::\!trm$}, and a binding clause, in this case
+example @{text "s::trm"}, and a binding clause, in this case
-$\mathtt{bind}\;bn\,(a) \IN s$, that states to bind in $s$ all the names the
+\isacommand{bind} @{text "bn(a)"} \isacommand{in} @{text "s"}, that states
-function call $bn\,(a)$ returns.  This style of specifying terms and bindings is
+to bind in @{text s} all the names the function call @{text "bn(a)"} returns.
-heavily inspired by the syntax of the Ott-tool \cite{ott-jfp}.
+This style of specifying terms and bindings is heavily inspired by the
+syntax of the Ott-tool \cite{ott-jfp}.
 However, we will not be able to deal with all specifications that are
 allowed by Ott. One reason is that Ott lets the user to specify ``empty''
 types like
 \begin{center}
-$t ::= t\;t \mid \lambda x. t$
+@{text "t ::= t t | \<lambda>x. t"}
 \end{center}
 \noindent
 where no clause for variables is given. Arguably, such specifications make
 some sense in the context of Coq's type theory (which Ott supports), but not
 and the raw terms produced by Ott use names for bound variables,
 there is a key difference: working with alpha-equated terms means that the
 two type-schemes (with $x$, $y$ and $z$ being distinct)
 \begin{center}
-$\forall \{x\}. x \rightarrow y  \;=\; \forall \{x, z\}. x \rightarrow y$
+@{text "\<forall>{x}. x \<rightarrow> y  = \<forall>{x,z}. x \<rightarrow> y"}
 \end{center}
 \noindent
-are not just alpha-equal, but actually \emph{equal}. As a
+are not just alpha-equal, but actually \emph{equal}. As a result, we can
-result, we can only support specifications that make sense on the level of
+only support specifications that make sense on the level of alpha-equated
-alpha-equated terms (offending specifications, which for example bind a variable
+terms (offending specifications, which for example bind a variable according
-according to a variable bound somewhere else, are not excluded by Ott, but we
+to a variable bound somewhere else, are not excluded by Ott, but we have
-have to).  Our
+to).  Our insistence on reasoning with alpha-equated terms comes from the
-insistence on reasoning with alpha-equated terms comes from the wealth of
+wealth of experience we gained with the older version of Nominal Isabelle:
-experience we gained with the older version of Nominal Isabelle: for
+for non-trivial properties, reasoning about alpha-equated terms is much
-non-trivial properties, reasoning about alpha-equated terms is much easier
+easier than reasoning with raw terms. The fundamental reason for this is
-than reasoning with raw terms. The fundamental reason for this is that the
+that the HOL-logic underlying Nominal Isabelle allows us to replace
-HOL-logic underlying Nominal Isabelle allows us to replace
+``equals-by-equals''. In contrast, replacing
-``equals-by-equals''. In contrast, replacing ``alpha-equals-by-alpha-equals''
+``alpha-equals-by-alpha-equals'' in a representation based on raw terms
-in a representation based on raw terms requires a lot of extra reasoning work.
+requires a lot of extra reasoning work.
 Although in informal settings a reasoning infrastructure for alpha-equated
-terms is nearly always taken for granted, establishing
+terms is nearly always taken for granted, establishing it automatically in
-it automatically in the Isabelle/HOL theorem prover is a rather non-trivial task.
+the Isabelle/HOL theorem prover is a rather non-trivial task. For every
-For every specification we will need to construct a type containing as
+specification we will need to construct a type containing as elements the
-elements the alpha-equated terms. To do so, we use
+alpha-equated terms. To do so, we use the standard HOL-technique of defining
-the standard HOL-technique of defining a new type by
+a new type by identifying a non-empty subset of an existing type.  The
-identifying a non-empty subset of an existing type.   The construction we
+construction we perform in HOL can be illustrated by the following picture:
-perform in HOL can be illustrated by the following picture:
 \begin{center}
 \begin{tikzpicture}
 %\draw[step=2mm] (-4,-1) grid (4,1);
 \draw[very thick] (0.7,0.4) circle (4.25mm);
 \end{tikzpicture}
 \end{center}
 \noindent
 We take as the starting point a definition of raw terms (defined as a
-datatype in Isabelle/HOL); identify then the
+datatype in Isabelle/HOL); identify then the alpha-equivalence classes in
-alpha-equivalence classes in the type of sets of raw terms according to our
+the type of sets of raw terms according to our alpha-equivalence relation
-alpha-equivalence relation and finally define the new type as these
+and finally define the new type as these alpha-equivalence classes
-alpha-equivalence classes (non-emptiness is satisfied whenever the raw terms are
+(non-emptiness is satisfied whenever the raw terms are definable as datatype
-definable as datatype in Isabelle/HOL and the fact that our relation for
+in Isabelle/HOL and the fact that our relation for alpha-equivalence is
-alpha-equivalence is indeed an equivalence relation).
+indeed an equivalence relation).
-The fact that we obtain an isomorphism between the new type and the non-empty
+The fact that we obtain an isomorphism between the new type and the
-subset shows that the new type is a faithful representation of alpha-equated terms.
+non-empty subset shows that the new type is a faithful representation of
-That is not the case for example for terms using the locally
+alpha-equated terms. That is not the case for example for terms using the
-nameless representation of binders \cite{McKinnaPollack99}: in this representation
+locally nameless representation of binders \cite{McKinnaPollack99}: in this
-there are ``junk'' terms that need to
+representation there are ``junk'' terms that need to be excluded by
-be excluded by reasoning about a well-formedness predicate.
+reasoning about a well-formedness predicate.
-The problem with introducing a new type in Isabelle/HOL is that in order to be useful,
+The problem with introducing a new type in Isabelle/HOL is that in order to
-a reasoning infrastructure needs to be ``lifted'' from the underlying subset to
+be useful, a reasoning infrastructure needs to be ``lifted'' from the
-the new type. This is usually a tricky and arduous task. To ease it,
+underlying subset to the new type. This is usually a tricky and arduous
-we re-implemented in Isabelle/HOL the quotient package described by Homeier
+task. To ease it, we re-implemented in Isabelle/HOL the quotient package
-\cite{Homeier05} for the HOL4 system. This package
+described by Homeier \cite{Homeier05} for the HOL4 system. This package
-allows us to  lift definitions and theorems involving raw terms
+allows us to lift definitions and theorems involving raw terms to
-to definitions and theorems involving alpha-equated terms. For example
+definitions and theorems involving alpha-equated terms. For example if we
-if we define the free-variable function over raw lambda-terms
+define the free-variable function over raw lambda-terms
 \begin{center}
-$\fv(x) = \{x\}$\hspace{10mm}
+@{text "fv(x) = {x}"}\hspace{10mm}
-$\fv(t_1\;t_2) = \fv(t_1) \cup \fv(t_2)$\\[1mm]
+@{text "fv(t\<^isub>1 t\<^isub>2) = fv(t\<^isub>1) \<union> fv(t\<^isub>2)"}\\[1mm]
-$\fv(\lambda x.t) = \fv(t) - \{x\}$
+@{text "fv(\<lambda>x.t) = fv(t) - {x}"}
 \end{center}
 \noindent
-then with not too great effort we obtain a function $\fv^\alpha$
+then with not too great effort we obtain a function @{text "fv\<^sup>\<alpha>"}
 operating on quotients, or alpha-equivalence classes of lambda-terms. This
 lifted function is characterised by the equations
 \begin{center}
-$\fv^\alpha(x) = \{x\}$\hspace{10mm}
+@{text "fv\<^sup>\<alpha>(x) = {x}"}\hspace{10mm}
-$\fv^\alpha(t_1\;t_2) = \fv^\alpha(t_1) \cup \fv^\alpha(t_2)$\\[1mm]
+@{text "fv\<^sup>\<alpha>(t\<^isub>1 t\<^isub>2) = fv\<^sup>\<alpha>(t\<^isub>1) \<union> fv\<^sup>\<alpha>(t\<^isub>2)"}\\[1mm]
-$\fv^\alpha(\lambda x.t) = \fv^\alpha(t) - \{x\}$
+@{text "fv\<^sup>\<alpha>(\<lambda>x.t) = fv\<^sup>\<alpha>(t) - {x}"}
 \end{center}
 \noindent
 (Note that this means also the term-constructors for variables, applications
 and lambda are lifted to the quotient level.)  This construction, of course,
 In Nominal Isabelle, the user is expected to write down a specification of a
 term-calculus and then a reasoning infrastructure is automatically derived
 from this specification (remember that Nominal Isabelle is a definitional
 extension of Isabelle/HOL, which does not introduce any new axioms).
+In order to keep our work with deriving the reasoning infrastructure
-In order to keep our work manageable, we will wherever possible state
+manageable, we will wherever possible state definitions and perform proofs
-definitions and perform proofs inside Isabelle, as opposed to write custom
+on the user-level of Isabelle/HOL, as opposed to write custom ML-code that
-ML-code that generates them anew for each specification. To that
+generates them anew for each specification. To that end, we will consider
-end, we will consider pairs @{text "(as, x)"} of type @{text "(atom set) \<times> \<beta>"}.
+first pairs @{text "(as, x)"} of type @{text "(atom set) \<times> \<beta>"}.  These pairs
-These pairs are intended to represent the abstraction, or binding, of the set @{text "as"}
+are intended to represent the abstraction, or binding, of the set @{text
-in the body @{text "x"}.
+"as"} in the body @{text "x"}.
-The first question we have to answer is when the pairs $(as, x)$ and $(bs, y)$ are
+The first question we have to answer is when the pairs @{text "(as, x)"} and
-alpha-equivalent? (At the moment we are interested in
+@{text "(bs, y)"} are alpha-equivalent? (At the moment we are interested in
 the notion of alpha-equivalence that is \emph{not} preserved by adding
-vacuous binders.) To answer this, we identify four conditions: {\it i)} given
+vacuous binders.) To answer this, we identify four conditions: {\it i)}
-a free-variable function $\fv$ of type \mbox{@{text "\<beta> \<Rightarrow> atom set"}}, then @{text x} and @{text y}
+given a free-variable function @{text "fv"} of type \mbox{@{text "\<beta> \<Rightarrow> atom
-need to have the same set of free variables; moreover there must be a permutation
+set"}}, then @{text x} and @{text y} need to have the same set of free
-@{text p}  such that {\it ii)} it leaves the free variables of @{text x} and @{text y} unchanged,
+variables; moreover there must be a permutation @{text p} such that {\it
-but {\it iii)} ``moves'' their bound names so that we obtain modulo a relation,
+ii)} it leaves the free variables of @{text x} and @{text y} unchanged, but
-say \mbox{@{text "_ R _"}}, two equal terms. We also require {\it iv)} that @{text p} makes
+{\it iii)} ``moves'' their bound names so that we obtain modulo a relation,
-the abstracted sets @{text as} and @{text bs} equal. The requirements {\it i)} to {\it iv)} can
+say \mbox{@{text "_ R _"}}, two equal terms. We also require {\it iv)} that
-be stated formally as follows:
+@{text p} makes the abstracted sets @{text as} and @{text bs} equal. The
+requirements {\it i)} to {\it iv)} can be stated formally as follows:
 %
 \begin{equation}\label{alphaset}
 \begin{array}{@ {\hspace{10mm}}r@ {\hspace{2mm}}l}
-\multicolumn{2}{l}{(as, x) \approx\hspace{0.05mm}_{set}^{\fv, R, p} (bs, y) \;\dn\hspace{30mm}\;}\\[1mm]
+\multicolumn{2}{l}{@{term "(as, x) \<approx>gen R fv p (bs, y)"} @{text "\<equiv>"}\hspace{30mm}}\\
-& @{text "fv(x) - as = fv(y) - bs"}\\
+& @{term "fv(x) - as = fv(y) - bs"}\\
-\wedge     & @{text "(fv(x) - as) #* p"}\\
+@{text "\<and>"} & @{term "(fv(x) - as) \<sharp>* p"}\\
-\wedge     & @{text "(p \<bullet> x) R y"}\\
+@{text "\<and>"} & @{text "(p \<bullet> x) R y"}\\
-\wedge     & @{text "(p \<bullet> as) = bs"}\\
+@{text "\<and>"} & @{term "(p \<bullet> as) = bs"}\\
 \end{array}
 \end{equation}
 \noindent
-Note that this relation is dependent on $p$. Alpha-equivalence is then the relation where
+Note that this relation is dependent on the permutation @{text
-we existentially quantify over this $p$.
+"p"}. Alpha-equivalence between two pairs is then the relation where we
-Also note that the relation is dependent on a free-variable function $\fv$ and a relation
+existentially quantify over this @{text "p"}. Also note that the relation is
-$R$. The reason for this extra generality is that we will use $\approx_{set}$ for both
+dependent on a free-variable function @{text "fv"} and a relation @{text
-``raw'' terms and alpha-equated terms. In the latter case, $R$ will be replaced by
+"R"}. The reason for this extra generality is that we will use
-equality $(op =)$ and we are going to prove that $\fv$ will be equal to the support
+$\approx_{\textit{set}}$ for both ``raw'' terms and alpha-equated terms. In
-of $x$ and $y$.
+the latter case, $R$ will be replaced by equality @{text "="} and for raw terms we
+will prove that @{text "fv"} is equal to the support of @{text
+x} and @{text y}.
 The definition in \eqref{alphaset} does not make any distinction between the
 order of abstracted variables. If we want this, then we can define alpha-equivalence
 for pairs of the form \mbox{@{text "(as, x)"}} with type @{text "(atom list) \<times> \<beta>"}
 as follows
 %
 \begin{equation}\label{alphalist}
 \begin{array}{@ {\hspace{10mm}}r@ {\hspace{2mm}}l}
-\multicolumn{2}{l}{(as, x) \approx\hspace{0.05mm}_{list}^{\fv, R, p} (bs, y) \;\dn\hspace{30mm}\;}\\[1mm]
+\multicolumn{2}{l}{@{term "(as, x) \<approx>lst R fv p (bs, y)"} @{text "\<equiv>"}\hspace{30mm}}\\[1mm]
-& @{text "fv(x) - (set as) = fv(y) - (set bs)"}\\
+& @{term "fv(x) - (set as) = fv(y) - (set bs)"}\\
-\wedge     & @{text "(fv(x) - set as) #* p"}\\
+\wedge     & @{term "(fv(x) - set as) \<sharp>* p"}\\
 \wedge     & @{text "(p \<bullet> x) R y"}\\
-\wedge     & @{text "(p \<bullet> as) = bs"}\\
+\wedge     & @{term "(p \<bullet> as) = bs"}\\
 \end{array}
 \end{equation}
 \noindent
-where $set$ is the function that coerces a list of atoms into a set of atoms.
+where @{term set} is a function that coerces a list of atoms into a set of atoms.
+Now the last clause ensures that the order of the binders matters.
-If we do not want to make any difference between the order of binders and
+If we do not want to make any difference between the order of binders \emph{and}
 also allow vacuous binders, then we keep sets of binders, but drop the fourth
 condition in \eqref{alphaset}:
 %
 \begin{equation}\label{alphares}
 \begin{array}{@ {\hspace{10mm}}r@ {\hspace{2mm}}l}
-\multicolumn{2}{l}{(as, x) \approx\hspace{0.05mm}_{res}^{\fv, R, p} (bs, y) \;\dn\hspace{30mm}\;}\\[1mm]
+\multicolumn{2}{l}{@{term "(as, x) \<approx>res R fv p (bs, y)"} @{text "\<equiv>"}\hspace{30mm}}\\[1mm]
-& @{text "fv(x) - as = fv(y) - bs"}\\
+& @{term "fv(x) - as = fv(y) - bs"}\\
-\wedge     & @{text "(fv(x) - as) #* p"}\\
+\wedge     & @{term "(fv(x) - as) \<sharp>* p"}\\
 \wedge     & @{text "(p \<bullet> x) R y"}\\
 \end{array}
 \end{equation}
 \begin{exmple}\rm
 It might be useful to consider some examples for how these definitions pan out in practise.
 For this consider the case of abstracting a set of variables over types (as in type-schemes).
-We set $R$ to be the equality and for $\fv(T)$ we define
+We set @{text R} to be the equality and for @{text "fv(T)"} we define
 \begin{center}
-$\fv(x) = \{x\}  \qquad \fv(T_1 \rightarrow T_2) = \fv(T_1) \cup \fv(T_2)$
+@{text "fv(x) = {x}"}  \hspace{5mm} @{text "fv(T\<^isub>1 \<rightarrow> T\<^isub>2) = fv(T\<^isub>1) \<union> fv(T\<^isub>2)"}
 \end{center}
 \noindent
-Now recall the examples shown in \eqref{ex1}, \eqref{ex2} and \eqref{ex3}. It can be easily
+Now recall the examples shown in \eqref{ex1}, \eqref{ex2} and
-checked that @{text "({x, y}, x \<rightarrow> y)"} and
+\eqref{ex3}. It can be easily checked that @{text "({x,y}, x \<rightarrow> y)"} and
-@{text "({y, x}, y \<rightarrow> x)"} are equal according to $\approx_{set}$ and $\approx_{res}$ by taking $p$ to
+@{text "({y,x}, y \<rightarrow> x)"} are equal according to $\approx_{\textit{set}}$ and
-be the swapping @{term "(x \<rightleftharpoons> y)"}. In case of @{text "x \<noteq> y"}, then
+$\approx_{\textit{res}}$ by taking @{text p} to be the swapping @{term "(x \<rightleftharpoons>
-$([x, y], x \rightarrow y) \not\approx_{list} ([y,x], x \rightarrow y)$ since there is no permutation that
+y)"}. In case of @{text "x \<noteq> y"}, then @{text "([x, y], x \<rightarrow> y)"}
-makes the lists @{text "[x, y]"} and @{text "[y, x]"} equal, and also leaves the
+$\not\approx_{\textit{list}}$ @{text "([y,x], x \<rightarrow> y)"} since there is no permutation
-type \mbox{@{text "x \<rightarrow> y"}} unchanged. Another examples is
+that makes the lists @{text "[x, y]"} and @{text "[y, x]"} equal, and also
-$(\{x\}, x) \approx_{res} (\{x,y\}, x)$ which holds by taking $p$ to be the identity permutation.
+leaves the type \mbox{@{text "x \<rightarrow> y"}} unchanged. Another example is
-However, if @{text "x \<noteq> y"}, then
+@{text "({x}, x)"} $\approx_{\textit{res}}$ @{text "({x,y}, x)"} which holds by
-$(\{x\}, x) \not\approx_{set} (\{x,y\}, x)$ since there is no permutation that makes
+taking @{text p} to be the
-the sets $\{x\}$ and $\{x,y\}$ equal (similarly for $\approx_{list}$).
+identity permutation.  However, if @{text "x \<noteq> y"}, then @{text "({x}, x)"}
+$\not\approx_{\textit{set}}$ @{text "({x,y}, x)"} since there is no permutation
+that makes the
+sets @{text "{x}"} and @{text "{x,y}"} equal (similarly for $\approx_{\textit{list}}$).
 \end{exmple}
-\noindent
+% looks too ugly
-Let $\star$ range over $\{set, res, list\}$. We prove next under which
+%\noindent
-conditions the $\approx\hspace{0.05mm}_\star^{\fv, R, p}$ are equivalence
+%Let $\star$ range over $\{set, res, list\}$. We prove next under which
-relations and equivariant:
+%conditions the $\approx\hspace{0.05mm}_\star^{\fv, R, p}$ are equivalence
+%relations and equivariant:
+%
+%\begin{lemma}
+%{\it i)} Given the fact that $x\;R\;x$ holds, then
+%$(as, x) \approx\hspace{0.05mm}^{\fv, R, 0}_\star (as, x)$. {\it ii)} Given
+%that @{text "(p \<bullet> x) R y"} implies @{text "(-p \<bullet> y) R x"}, then
+%$(as, x) \approx\hspace{0.05mm}^{\fv, R, p}_\star (bs, y)$ implies
+%$(bs, y) \approx\hspace{0.05mm}^{\fv, R, - p}_\star (as, x)$. {\it iii)} Given
+%that @{text "(p \<bullet> x) R y"} and @{text "(q \<bullet> y) R z"} implies
+%@{text "((q + p) \<bullet> x) R z"}, then $(as, x) \approx\hspace{0.05mm}^{\fv, R, p}_\star (bs, y)$
+%and $(bs, y) \approx\hspace{0.05mm}^{\fv, R, q}_\star (cs, z)$ implies
+%$(as, x) \approx\hspace{0.05mm}^{\fv, R, q + p}_\star (cs, z)$. Given
+%@{text "(q \<bullet> x) R y"} implies @{text "(p \<bullet> (q \<bullet> x)) R (p \<bullet> y)"} and
+%@{text "p \<bullet> (fv x) = fv (p \<bullet> x)"} then @{text "p \<bullet> (fv y) = fv (p \<bullet> y)"}, then
+%$(as, x) \approx\hspace{0.05mm}^{\fv, R, q}_\star (bs, y)$ implies
+%$(p \;\isasymbullet\; as, p \;\isasymbullet\; x) \approx\hspace{0.05mm}^{\fv, R, q}_\star
+%(p \;\isasymbullet\; bs, p \;\isasymbullet\; y)$.
+%\end{lemma}
+%\begin{proof}
+%All properties are by unfolding the definitions and simple calculations.
+%\end{proof}
+In the rest of this section we are going to introduce a type- and term-constructor
+for abstractions. For this we define
+%
+\begin{equation}
+@{term "abs_set (as, x) (bs, x) \<equiv> \<exists>p. alpha_gen (as, x) equal supp p (bs, x)"}
+\end{equation}
+\noindent
+Similarly for @{text "abs_list"} and @{text "abs_res"}. We can show that these
+relations are equivalence relations and equivariant
+(we only show the $\approx_{\textit{abs\_set}}$-case).
 \begin{lemma}
-{\it i)} Given the fact that $x\;R\;x$ holds, then
+$\approx_{\textit{abs\_set}}$ is an equivalence
-$(as, x) \approx\hspace{0.05mm}^{\fv, R, 0}_\star (as, x)$. {\it ii)} Given
+relations, and if @{term "abs_set (as, x) (bs, x)"} then also
-that @{text "(p \<bullet> x) R y"} implies @{text "(-p \<bullet> y) R x"}, then
+@{term "abs_set (p \<bullet> as, p \<bullet> x) (p \<bullet> bs, p \<bullet> x)"}.
-$(as, x) \approx\hspace{0.05mm}^{\fv, R, p}_\star (bs, y)$ implies
-$(bs, y) \approx\hspace{0.05mm}^{\fv, R, - p}_\star (as, x)$. {\it iii)} Given
-that @{text "(p \<bullet> x) R y"} and @{text "(q \<bullet> y) R z"} implies
-@{text "((q + p) \<bullet> x) R z"}, then $(as, x) \approx\hspace{0.05mm}^{\fv, R, p}_\star (bs, y)$
-and $(bs, y) \approx\hspace{0.05mm}^{\fv, R, q}_\star (cs, z)$ implies
-$(as, x) \approx\hspace{0.05mm}^{\fv, R, q + p}_\star (cs, z)$. Given
-@{text "(q \<bullet> x) R y"} implies @{text "(p \<bullet> (q \<bullet> x)) R (p \<bullet> y)"} and
-@{text "p \<bullet> (fv x) = fv (p \<bullet> x)"} then @{text "p \<bullet> (fv y) = fv (p \<bullet> y)"}, then
-$(as, x) \approx\hspace{0.05mm}^{\fv, R, q}_\star (bs, y)$ implies
-$(p \;\isasymbullet\; as, p \;\isasymbullet\; x) \approx\hspace{0.05mm}^{\fv, R, q}_\star
-(p \;\isasymbullet\; bs, p \;\isasymbullet\; y)$.
 \end{lemma}
 \begin{proof}
-All properties are by unfolding the definitions and simple calculations.
+Reflexivity is by taking @{text "p"} to be @{text "0"}. For symmetry we have
+a permutation @{text p} and for the proof obligation take @{term "-p"}. In case
+of transitivity we have two permutations @{text p} and @{text q}, and for the
+proof obligation use @{text "q + p"}. All the conditions are then by simple
+calculations.
 \end{proof}
+\noindent
+The following lemma (and similar ones for $\approx_{\textit{abs\_list}}$ and
+$\approx_{\textit{abs\_res}}$) will be crucial below:
+\begin{lemma}
+@{thm[mode=IfThen] alpha_abs_swap[no_vars]}
+\end{lemma}
+\begin{proof}
+This lemma is straightforward by observing that the assumptions give us
+@{term "(a \<rightleftharpoons> b) \<bullet> (supp x - bs) = (supp x - bs)"} and that @{text supp}
+is equivariant.
+\end{proof}
+\noindent
+We are also define the following
+@{text "aux (as, x) \<equiv> supp x - as"}
+\noindent
+This allows us to use our quotient package and introduce new types
+@{text "\<beta> abs_set"}, @{text "\<beta> abs_res"} and @{text "\<beta> abs_list"}
+representing the alpha-equivalence classes. Elements in these types
+we will, respectively, write as:
+\begin{center}
+@{term "Abs as x"} \hspace{5mm}
+@{term "Abs_lst as x"} \hspace{5mm}
+@{term "Abs_res as x"}
+\end{center}
 \begin{lemma}
 $supp ([as]set. x) = supp x - as$
 \end{lemma}
 \begin{center}
 \begin{tabular}{cp{7cm}}
 $\bullet$ & @{text "{atom x\<^isub>i} - bnds"} provided @{term "x\<^isub>i"} is an atom\\
 $\bullet$ & @{text "(atoms x\<^isub>i) - bnds"} provided @{term "x\<^isub>i"} is a set of atoms\\
-$\bullet$ & @{text "(atoml x\<^isub>i) - bnds"} provided @{term "x\<^isub>i"} is a list of atoms\\
+$\bullet$ & @{text "(atoms (set x\<^isub>i)) - bnds"} provided @{term "x\<^isub>i"} is a list of atoms\\
 $\bullet$ & @{text "(fv_ty\<^isub>i x\<^isub>i) - bnds"} provided @{term "ty\<^isub>i"} is a nominal datatype\\
 $\bullet$ & @{term "{}"} otherwise
 \end{tabular}
 \end{center}

changeset 1657	d7dc35222afc
parent 1637	a5501c9fad9b
child 1662	e78cd33a246f