95 \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% |
95 \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% |
96 @{text "t ::= x | t t | \<lambda>x.t"}\hfill\numbered{lambda} |
96 @{text "t ::= x | t t | \<lambda>x.t"}\hfill\numbered{lambda} |
97 \end{isabelle} |
97 \end{isabelle} |
98 |
98 |
99 \noindent |
99 \noindent |
100 The problem with this definition arises when one attempts to |
100 The problem with this definition arises, for instance, when one attempts to |
101 prove formally, for example, the substitution lemma \cite{Barendregt81} by induction |
101 prove formally the substitution lemma \cite{Barendregt81} by induction |
102 over the structure of terms. This can be fiendishly complicated (see |
102 over the structure of terms. This can be fiendishly complicated (see |
103 \cite[Pages 94--104]{CurryFeys58} for some ``rough'' sketches of a proof |
103 \cite[Pages 94--104]{CurryFeys58} for some ``rough'' sketches of a proof |
104 about raw lambda-terms). In contrast, if we reason about |
104 about raw lambda-terms). In contrast, if we reason about |
105 $\alpha$-equated lambda-terms, that means terms quotient according to |
105 $\alpha$-equated lambda-terms, that means terms quotient according to |
106 $\alpha$-equivalence, then the reasoning infrastructure provided, |
106 $\alpha$-equivalence, then the reasoning infrastructure provided, |
157 \emph{abstraction} and a \emph{representation} function, written @{text Abs} |
157 \emph{abstraction} and a \emph{representation} function, written @{text Abs} |
158 and @{text Rep}.\footnote{Actually slightly more basic functions are given; |
158 and @{text Rep}.\footnote{Actually slightly more basic functions are given; |
159 the functions @{text Abs} and @{text Rep} need to be derived from them. We |
159 the functions @{text Abs} and @{text Rep} need to be derived from them. We |
160 will show the details later. } These functions relate elements in the |
160 will show the details later. } These functions relate elements in the |
161 existing type to elements in the new type and vice versa; they can be uniquely |
161 existing type to elements in the new type and vice versa; they can be uniquely |
162 identified by their type. For example for the integer quotient construction |
162 identified by their quotient type. For example for the integer quotient construction |
163 the types of @{text Abs} and @{text Rep} are |
163 the types of @{text Abs} and @{text Rep} are |
164 |
164 |
165 |
165 |
166 \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% |
166 \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% |
167 @{text "Abs :: nat \<times> nat \<Rightarrow> int"}\hspace{10mm}@{text "Rep :: int \<Rightarrow> nat \<times> nat"} |
167 @{text "Abs :: nat \<times> nat \<Rightarrow> int"}\hspace{10mm}@{text "Rep :: int \<Rightarrow> nat \<times> nat"} |
204 builds finite unions of finite sets: |
204 builds finite unions of finite sets: |
205 |
205 |
206 @{thm [display, indent=10] fconcat_empty[no_vars] fconcat_insert[no_vars]} |
206 @{thm [display, indent=10] fconcat_empty[no_vars] fconcat_insert[no_vars]} |
207 |
207 |
208 \noindent |
208 \noindent |
209 The quotient package should provide us with a definition for @{text "\<Union>"} in |
209 The quotient package should automatically provide us with a definition for @{text "\<Union>"} in |
210 terms of @{text flat}, @{text Rep_fset} and @{text Abs_fset}. The problem is |
210 terms of @{text flat}, @{text Rep_fset} and @{text Abs_fset}. The problem is |
211 that the method used in the existing quotient |
211 that the method used in the existing quotient |
212 packages of just taking the representation of the arguments and then taking |
212 packages of just taking the representation of the arguments and then taking |
213 the abstraction of the result is \emph{not} enough. The reason is that case in case |
213 the abstraction of the result is \emph{not} enough. The reason is that case in case |
214 of @{text "\<Union>"} we obtain the incorrect definition |
214 of @{text "\<Union>"} we obtain the incorrect definition |
240 at the beginning of this section about having to collect theorems that are |
240 at the beginning of this section about having to collect theorems that are |
241 lifted from the raw level to the quotient level into one giant list. Our |
241 lifted from the raw level to the quotient level into one giant list. Our |
242 quotient package is the first one that is modular so that it allows to lift |
242 quotient package is the first one that is modular so that it allows to lift |
243 single theorems separately. This has the advantage for the user of being able to develop a |
243 single theorems separately. This has the advantage for the user of being able to develop a |
244 formal theory interactively as a natural progression. A pleasing side-result of |
244 formal theory interactively as a natural progression. A pleasing side-result of |
245 the modularity is that we are able to clearly specify what needs to be |
245 the modularity is that we are able to clearly specify what is involved |
246 done in the lifting process (this was only hinted at in \cite{Homeier05} and |
246 in the lifting process (this was only hinted at in \cite{Homeier05} and |
247 implemented as a ``rough recipe'' in ML-code). |
247 implemented as a ``rough recipe'' in ML-code). |
248 |
248 |
249 |
249 |
250 The paper is organised as follows: Section \ref{sec:prelims} presents briefly |
250 The paper is organised as follows: Section \ref{sec:prelims} presents briefly |
251 some necessary preliminaries; Section \ref{sec:type} describes the definitions |
251 some necessary preliminaries; Section \ref{sec:type} describes the definitions |
252 of quotient types and shows how definitions of constants can be made over |
252 of quotient types and shows how definitions of constants can be made over |
253 quotient types. Section \ref{sec:resp} introduces the notions of respectfullness |
253 quotient types. Section \ref{sec:resp} introduces the notions of respectfullness |
254 and preservation.\ldots |
254 and preservation; Section \ref{sec:lift} describes the lifting of theorems, |
|
255 and Section \ref{sec:conc} concludes and compares our results to existing |
|
256 work. |
255 *} |
257 *} |
256 |
258 |
257 |
259 |
258 section {* Preliminaries and General Quotient\label{sec:prelims} *} |
260 section {* Preliminaries and General Quotient\label{sec:prelims} *} |
259 |
261 |
260 text {* |
262 text {* |
261 In this section we present the definitions of a quotient that follow |
263 We describe here briefly some of the most basic concepts of HOL |
262 closely those given by Homeier. |
264 we rely on and some of the important definitions given by Homeier |
|
265 \cite{Homeier05}. |
|
266 |
|
267 HOL is based on a simply-typed term-language, where types are |
|
268 annotated in Church-style (that is we can obtain immediately |
|
269 infer the type of term and its subterms). |
|
270 |
|
271 \begin{isabelle}\ \ \ \ \ \ \ \ \ \ %%% |
|
272 \begin{tabular}{@ {}rl@ {\hspace{3mm}}l@ {}} |
|
273 @{text "\<sigma>, \<tau> ::="} & @{text "\<alpha> | (\<sigma>,\<dots>, \<sigma>) \<kappa>"} & (type variables and type constructors)\\ |
|
274 @{text "t, s ::="} & @{text "x\<^isup>\<sigma> | c\<^isup>\<sigma> | t t | \<lambda>x\<^isup>\<sigma>. t"} & |
|
275 (variables, constants, applications and abstractions)\\ |
|
276 \end{tabular} |
|
277 \end{isabelle} |
|
278 |
|
279 \noindent |
|
280 We often write just @{text \<kappa>} for @{text "() \<kappa>"}, and use @{text "\<alpha>s"} and |
|
281 @{text "\<sigma>s"} to stand for list of type variables and types, respectively. |
|
282 The type of a term is often made explicit by writing @{text "t :: \<sigma>"} HOL |
|
283 contains a type @{typ bool} for booleans and the function type, written |
|
284 @{text "\<sigma> \<Rightarrow> \<tau>"}. |
|
285 |
|
286 |
263 |
287 |
264 \begin{definition}[Quotient] |
288 \begin{definition}[Quotient] |
265 A relation $R$ with an abstraction function $Abs$ |
289 A relation $R$ with an abstraction function $Abs$ |
266 and a representation function $Rep$ is a \emph{quotient} |
290 and a representation function $Rep$ is a \emph{quotient} |
267 if and only if: |
291 if and only if: |
286 \end{lemma} |
310 \end{lemma} |
287 |
311 |
288 Higher Order Logic |
312 Higher Order Logic |
289 |
313 |
290 |
314 |
291 Types: |
315 |
292 \begin{eqnarray}\nonumber |
|
293 @{text "\<sigma> ::="} & @{text "\<alpha>"} & \textrm{(type variable)} \\ \nonumber |
|
294 @{text "|"} & @{text "(\<sigma>,\<dots>,\<sigma>)\<kappa>"} & \textrm{(type construction)} |
|
295 \end{eqnarray} |
|
296 |
|
297 Terms: |
|
298 \begin{eqnarray}\nonumber |
|
299 @{text "t ::="} & @{text "x\<^isup>\<sigma>"} & \textrm{(variable)} \\ \nonumber |
|
300 @{text "|"} & @{text "c\<^isup>\<sigma>"} & \textrm{(constant)} \\ \nonumber |
|
301 @{text "|"} & @{text "t t"} & \textrm{(application)} \\ \nonumber |
|
302 @{text "|"} & @{text "\<lambda>x\<^isup>\<sigma>. t"} & \textrm{(abstraction)} \\ \nonumber |
|
303 \end{eqnarray} |
|
304 |
|
305 {\it Say more about containers / maping functions } |
316 {\it Say more about containers / maping functions } |
306 |
317 |
307 Such maps for most common types (list, pair, sum, |
318 Such maps for most common types (list, pair, sum, |
308 option, \ldots) are described in Homeier, and we assume that @{text "map"} |
319 option, \ldots) are described in Homeier, and we assume that @{text "map"} |
309 is the function that returns a map for a given type. |
320 is the function that returns a map for a given type. |