diff --git a/thys/FOL_Seq_Calc3/Completeness.thy b/thys/FOL_Seq_Calc3/Completeness.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Completeness.thy @@ -0,0 +1,281 @@ +section \Completeness\ + +theory Completeness imports Prover Semantics begin + +subsection \Hintikka Counter Model\ + +locale Hintikka = + fixes A B :: \fm set\ + assumes + Basic: \\<^bold>\n ts \ A \ \<^bold>\n ts \ B \ False\ and + FlsA: \\<^bold>\ \ A\ and + ImpA: \p \<^bold>\ q \ A \ p \ B \ q \ A\ and + ImpB: \p \<^bold>\ q \ B \ p \ A \ q \ B\ and + UniA: \\<^bold>\p \ A \ \t. p\t/0\ \ A\ and + UniB: \\<^bold>\p \ B \ \t. p\t/0\ \ B\ + +abbreviation \M A \ \\<^bold>#, \<^bold>\, \n ts. \<^bold>\n ts \ A\\ + +lemma id_tm [simp]: \\\<^bold>#, \<^bold>\\ t = t\ + by (induct t) (auto cong: map_cong) + +lemma size_sub [simp]: \size (p\t/i\) = size p\ + by (induct p arbitrary: i t) auto + +theorem Hintikka_counter_model: + assumes \Hintikka A B\ + shows \(p \ A \ M A p) \ (p \ B \ \ M A p)\ +proof (induct p rule: wf_induct [where r=\measure size\]) + case 1 + then show ?case .. +next + case (2 x) + then show ?case + proof (cases x; safe del: notI) + case Falsity + show \\<^bold>\ \ A \ M A \<^bold>\\ \\<^bold>\ \ B \ \ M A \<^bold>\\ + using Hintikka.FlsA assms by simp_all + next + case (Pre n ts) + show \\<^bold>\n ts \ A \ M A (\<^bold>\n ts)\ \\<^bold>\n ts \ B \ \ M A (\<^bold>\n ts)\ + using Hintikka.Basic assms by (auto cong: map_cong) + next + case (Imp p q) + show \p \<^bold>\ q \ A \ M A (p \<^bold>\ q)\ \p \<^bold>\ q \ B \ \ M A (p \<^bold>\ q)\ + using assms Hintikka.ImpA[of A B p q] Hintikka.ImpB[of A B p q] Imp 2 by auto + next + case (Uni p) + have \p\t/0\ \ A \ M A (p\t/0\)\ \p\t/0\ \ B \ \ M A (p\t/0\)\ for t + using Uni 2 by (metis fm.size(8) in_measure lessI less_add_same_cancel1 size_sub)+ + then show \\<^bold>\p \ A \ M A (\<^bold>\p)\ \\<^bold>\p \ B \ \ M A (\<^bold>\p)\ + using assms Hintikka.UniA[of A B p] Hintikka.UniB[of A B p] by auto + qed +qed + +subsection \Escape Paths Form Hintikka Sets\ + +lemma sset_sdrop: \sset (sdrop n s) \ sset s\ + by (induct n arbitrary: s) (auto intro: stl_sset in_mono) + +lemma epath_sdrop: \epath steps \ epath (sdrop n steps)\ + by (induct n) (auto elim: epath.cases) + +lemma eff_preserves_Pre: + assumes \effStep ((A, B), r) ss\ \(A', B') |\| ss\ + shows \(\<^bold>\n ts [\] A \ \<^bold>\n ts [\] A')\ \\<^bold>\n ts [\] B \ \<^bold>\n ts [\] B'\ + using assms by (induct r \(A, B)\ rule: eff.induct) (auto split: if_splits) + +lemma epath_eff: + assumes \epath steps\ \effStep (shd steps) ss\ + shows \fst (shd (stl steps)) |\| ss\ + using assms by (auto elim: epath.cases) + +abbreviation \lhs s \ fst (fst s)\ +abbreviation \rhs s \ snd (fst s)\ +abbreviation \lhsd s \ lhs (shd s)\ +abbreviation \rhsd s \ rhs (shd s)\ + +lemma epath_Pre_sdrop: + assumes \epath steps\ shows + \\<^bold>\n ts [\] lhs (shd steps) \ \<^bold>\n ts [\] lhsd (sdrop m steps)\ + \\<^bold>\n ts [\] rhs (shd steps) \ \<^bold>\n ts [\] rhsd (sdrop m steps)\ + using assms eff_preserves_Pre + by (induct m arbitrary: steps) (simp; metis (no_types, lifting) epath.cases surjective_pairing)+ + +lemma Saturated_sdrop: + assumes \Saturated steps\ + shows \Saturated (sdrop n steps)\ + using assms unfolding Saturated_def saturated_def by (simp add: alw_iff_sdrop) + +definition treeA :: \(sequent \ rule) stream \ fm set\ where + \treeA steps \ \s \ sset steps. set (lhs s)\ + +definition treeB :: \(sequent \ rule) stream \ fm set\ where + \treeB steps \ \s \ sset steps. set (rhs s)\ + +lemma treeA_snth: \p \ treeA steps \ \n. p [\] lhsd (sdrop n steps)\ + unfolding treeA_def using sset_range[of steps] by simp + +lemma treeB_snth: \p \ treeB steps \ \n. p [\] rhsd (sdrop n steps)\ + unfolding treeB_def using sset_range[of steps] by simp + +lemma treeA_sdrop: \treeA (sdrop n steps) \ treeA steps\ + unfolding treeA_def by (induct n) (simp, metis SUP_subset_mono order_refl sset_sdrop) + +lemma treeB_sdrop: \treeB (sdrop n steps) \ treeB steps\ + unfolding treeB_def by (induct n) (simp, metis SUP_subset_mono order_refl sset_sdrop) + +lemma enabled_ex_taken: + assumes \epath steps\ \Saturated steps\ \enabled r (fst (shd steps))\ + shows \\k. takenAtStep r (shd (sdrop k steps))\ + using assms unfolding Saturated_def saturated_def UNIV_rules by (auto simp: ev_iff_sdrop) + +lemma Hintikka_epath: + assumes \epath steps\ \Saturated steps\ + shows \Hintikka (treeA steps) (treeB steps)\ +proof + fix n ts + assume \\<^bold>\n ts \ treeA steps\ + then obtain m where m: \\<^bold>\n ts [\] lhsd (sdrop m steps)\ + using treeA_snth by auto + + assume \\<^bold>\n ts \ treeB steps\ + then obtain k where k: \\<^bold>\n ts [\] rhsd (sdrop k steps)\ + using treeB_snth by auto + + let ?j = \m + k\ + let ?jstep = \shd (sdrop ?j steps)\ + + have \\<^bold>\n ts [\] lhs ?jstep\ + using assms m epath_sdrop epath_Pre_sdrop by (metis (no_types, lifting) sdrop_add) + moreover have \\<^bold>\n ts [\] rhs ?jstep\ + using assms k epath_sdrop epath_Pre_sdrop by (metis (no_types, lifting) add.commute sdrop_add) + ultimately have \enabled (Axiom n ts) (fst ?jstep)\ + unfolding enabled_def by (metis eff.simps(2) prod.exhaust_sel) + then obtain j' where \takenAtStep (Axiom n ts) (shd (sdrop j' steps))\ + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \eff (snd (shd (sdrop j' steps))) (fst (shd (sdrop j' steps))) = None\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(2) epath.simps equalsffemptyD surjective_pairing) + then show False + using assms(1) epath_sdrop by (metis epath.cases option.discI) +next + show \\<^bold>\ \ treeA steps\ + proof + assume \\<^bold>\ \ treeA steps\ + then have \\j. enabled FlsL (fst (shd (sdrop j steps)))\ + unfolding enabled_def using treeA_snth by (metis eff.simps(3) prod.exhaust_sel sdrop_simps(1)) + then obtain j where \takenAtStep FlsL (shd (sdrop j steps))\ (is \takenAtStep _ (shd ?steps)\) + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \eff (snd (shd ?steps)) (fst (shd ?steps)) = None\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(3) epath.simps equalsffemptyD surjective_pairing) + then show False + using assms(1) epath_sdrop by (metis epath.cases option.discI) + qed +next + fix p q + assume \p \<^bold>\ q \ treeA steps\ + then have \\k. enabled (ImpL p q) (fst (shd (sdrop k steps)))\ + unfolding enabled_def using treeA_snth by (metis eff.simps(5) prod.exhaust_sel sdrop_simps(1)) + then obtain j where \takenAtStep (ImpL p q) (shd (sdrop j steps))\ (is \takenAtStep _ (shd ?s)\) + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \fst (shd (stl ?s)) |\| + {| (lhsd ?s [\
] (p \<^bold>\ q), p # rhsd ?s), (q # lhsd ?s [\
] (p \<^bold>\ q), rhsd ?s) |}\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(5) epath.cases option.distinct(1) prod.collapse) + then have \p [\] rhs (shd (stl ?s)) \ q [\] lhs (shd (stl ?s))\ + by auto + then have \p \ treeB (stl ?s) \ q \ treeA (stl ?s)\ + unfolding treeA_def treeB_def by (meson UN_I shd_sset) + then show \p \ treeB steps \ q \ treeA steps\ + using treeA_sdrop treeB_sdrop by (metis sdrop_simps(2) subsetD) +next + fix p q + assume \p \<^bold>\ q \ treeB steps\ + then have \\k. enabled (ImpR p q) (fst (shd (sdrop k steps)))\ + unfolding enabled_def using treeB_snth by (metis eff.simps(6) prod.exhaust_sel sdrop_simps(1)) + then obtain j where \takenAtStep (ImpR p q) (shd (sdrop j steps))\ (is \takenAtStep _ (shd ?s)\) + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \fst (shd (stl ?s)) |\| {| (p # lhsd ?s, q # rhsd ?s [\
] (p \<^bold>\ q)) |}\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(6) epath.cases option.distinct(1) prod.collapse) + then have \p [\] lhs (shd (stl ?s)) \ q [\] rhs (shd (stl ?s))\ + by auto + then have \p \ treeA (stl ?s) \ q \ treeB (stl ?s)\ + unfolding treeA_def treeB_def by (meson UN_I shd_sset) + then show \p \ treeA steps \ q \ treeB steps\ + using treeA_sdrop treeB_sdrop by (metis sdrop_simps(2) subsetD) +next + fix p + assume *: \\<^bold>\p \ treeA steps\ + show \\t. p\t/0\ \ treeA steps\ + proof + fix t + from * have \\k. enabled (UniL t p) (fst (shd (sdrop k steps)))\ + unfolding enabled_def using treeA_snth by (metis eff.simps(7) prod.exhaust_sel sdrop_simps(1)) + then obtain j where \takenAtStep (UniL t p) (shd (sdrop j steps))\(is \takenAtStep _ (shd ?s)\) + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \fst (shd (stl ?s)) |\| {| (p\t/0\ # lhsd ?s, rhsd ?s) |}\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(7) epath.cases option.distinct(1) prod.collapse) + then have \p\t/0\ [\] lhs (shd (stl ?s))\ + by auto + then have \p\t/0\ \ treeA (stl ?s)\ + unfolding treeA_def by (meson UN_I shd_sset) + then show \p\t/0\ \ treeA steps\ + using treeA_sdrop by (metis sdrop_simps(2) subsetD) + qed +next + fix p + assume *: \\<^bold>\p \ treeB steps\ + then have \\k. enabled (UniR p) (fst (shd (sdrop k steps)))\ + unfolding enabled_def using treeB_snth by (metis eff.simps(8) prod.exhaust_sel sdrop_simps(1)) + then obtain j where \takenAtStep (UniR p) (shd (sdrop j steps))\(is \takenAtStep _ (shd ?s)\) + using enabled_ex_taken[OF epath_sdrop[OF assms(1)] Saturated_sdrop[OF assms(2)]] by auto + then have \fst (shd (stl ?s)) |\| + {| (lhsd ?s, p\\<^bold>#(fresh (lhsd ?s @ rhsd ?s))/0\ # rhsd ?s [\
] \<^bold>\p) |}\ + using assms(1) epath_sdrop epath_eff + by (metis (no_types, lifting) eff.simps(8) epath.cases option.distinct(1) prod.collapse) + then have \\t. p\t/0\ [\] rhs (shd (stl ?s))\ + by auto + then have \\t. p\t/0\ \ treeB (stl ?s)\ + unfolding treeB_def by (meson UN_I shd_sset) + then show \\t. p\t/0\ \ treeB steps\ + using treeB_sdrop by (metis sdrop_simps(2) subsetD) +qed + +subsection \Completeness\ + +lemma fair_stream_rules: \Fair_Stream.fair rules\ + unfolding rules_def using fair_stream surj_rule_of_nat . + +lemma fair_rules: \fair rules\ + using fair_stream_rules unfolding Fair_Stream.fair_def fair_def alw_iff_sdrop ev_holds_sset + by (metis dual_order.refl le_Suc_ex sdrop_snth snth_sset) + +lemma epath_prover: + fixes A B :: \fm list\ + defines \t \ prover (A, B)\ + shows \(fst (root t) = (A, B) \ wf t \ tfinite t) \ + (\steps. fst (shd steps) = (A, B) \ epath steps \ Saturated steps)\ (is \?A \ ?B\) +proof - + { assume \\ ?A\ + with assms have \\ tfinite (mkTree rules (A, B))\ + unfolding prover_def using wf_mkTree fair_rules by simp + then obtain steps where \ipath (mkTree rules (A, B)) steps\ using Konig by blast + with assms have \fst (shd steps) = (A, B) \ epath steps \ Saturated steps\ + by (metis (no_types, lifting) fair_rules UNIV_I fst_conv ipath.cases + ipath_mkTree_Saturated mkTree.simps(1) wf_ipath_epath wf_mkTree) + then have ?B by blast + } + then show ?thesis by blast +qed + +lemma epath_countermodel: + assumes \fst (shd steps) = (A, B)\ \epath steps\ \Saturated steps\ + shows \\(E :: _ \ tm) F G. \ sc (E, F, G) (A, B)\ +proof - + have \Hintikka (treeA steps) (treeB steps)\ (is \Hintikka ?A ?B\) + using assms Hintikka_epath assms by simp + moreover have \\p [\] A. p \ ?A\ \\p [\] B. p \ ?B\ + using assms shd_sset unfolding treeA_def treeB_def by fastforce+ + ultimately have \\p [\] A. M ?A p\ \\p [\] B. \ M ?A p\ + using Hintikka_counter_model assms by blast+ + then show ?thesis + by auto +qed + +theorem prover_completeness: + assumes \\(E :: _ \ tm) F G. sc (E, F, G) (A, B)\ + defines \t \ prover (A, B)\ + shows \fst (root t) = (A, B) \ wf t \ tfinite t\ + using assms epath_prover epath_countermodel by blast + +corollary + assumes \\(E :: _ \ tm) F G. \E, F, G\ p\ + defines \t \ prover ([], [p])\ + shows \fst (root t) = ([], [p]) \ wf t \ tfinite t\ + using assms prover_completeness by simp + +end diff --git a/thys/FOL_Seq_Calc3/Encoding.thy b/thys/FOL_Seq_Calc3/Encoding.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Encoding.thy @@ -0,0 +1,115 @@ +section \Encoding\ + +theory Encoding imports "HOL-Library.Nat_Bijection" Syntax begin + +abbreviation infix_sum_encode (infixr \$\ 100) where + \c $ x \ sum_encode (c x)\ + +lemma lt_sum_encode_Inr: \n < Inr $ n\ + unfolding sum_encode_def by simp + +lemma sum_prod_decode_lt [simp]: \sum_decode n = Inr b \ (x, y) = prod_decode b \ y < Suc n\ + by (metis le_prod_encode_2 less_Suc_eq lt_sum_encode_Inr order_le_less_trans + prod_decode_inverse sum_decode_inverse) + +lemma sum_prod_decode_lt_Suc [simp]: + \sum_decode n = Inr b \ (Suc x, y) = prod_decode b \ x < Suc n\ + by (metis dual_order.strict_trans le_prod_encode_1 lessI linorder_not_less lt_sum_encode_Inr + not_less_eq prod_decode_inverse sum_decode_inverse) + +lemma lt_list_encode: \n [\] ns \ n < list_encode ns\ +proof (induct ns) + case (Cons m ns) + then show ?case + using le_prod_encode_1 le_prod_encode_2 + by (metis dual_order.strict_trans1 le_imp_less_Suc less_SucI list_encode.simps(2) set_ConsD) +qed simp + +lemma prod_Suc_list_decode_lt [simp]: + \(x, Suc y) = prod_decode n \ y' [\] (list_decode y) \ y' < n\ + by (metis Suc_le_lessD lt_list_encode le_prod_encode_2 list_decode_inverse order_less_trans + prod_decode_inverse) + +subsection \Terms\ + +primrec nat_of_tm :: \tm \ nat\ where + \nat_of_tm (\<^bold>#n) = prod_encode (n, 0)\ +| \nat_of_tm (\<^bold>\f ts) = prod_encode (f, Suc (list_encode (map nat_of_tm ts)))\ + +function tm_of_nat :: \nat \ tm\ where + \tm_of_nat n = (case prod_decode n of + (n, 0) \ \<^bold>#n + | (f, Suc ts) \ \<^bold>\f (map tm_of_nat (list_decode ts)))\ + by pat_completeness auto +termination by (relation \measure id\) simp_all + +lemma tm_nat: \tm_of_nat (nat_of_tm t) = t\ + by (induct t) (simp_all add: map_idI) + +lemma surj_tm_of_nat: \surj tm_of_nat\ + unfolding surj_def using tm_nat by metis + +subsection \Formulas\ + +primrec nat_of_fm :: \fm \ nat\ where + \nat_of_fm \<^bold>\ = 0\ +| \nat_of_fm (\<^bold>\P ts) = Suc (Inl $ prod_encode (P, list_encode (map nat_of_tm ts)))\ +| \nat_of_fm (p \<^bold>\ q) = Suc (Inr $ prod_encode (Suc (nat_of_fm p), nat_of_fm q))\ +| \nat_of_fm (\<^bold>\p) = Suc (Inr $ prod_encode (0, nat_of_fm p))\ + +function fm_of_nat :: \nat \ fm\ where + \fm_of_nat 0 = \<^bold>\\ +| \fm_of_nat (Suc n) = (case sum_decode n of + Inl n \ let (P, ts) = prod_decode n in \<^bold>\P (map tm_of_nat (list_decode ts)) + | Inr n \ (case prod_decode n of + (Suc p, q) \ fm_of_nat p \<^bold>\ fm_of_nat q + | (0, p) \ \<^bold>\(fm_of_nat p)))\ + by pat_completeness auto +termination by (relation \measure id\) simp_all + +lemma fm_nat: \fm_of_nat (nat_of_fm p) = p\ + using tm_nat by (induct p) (simp_all add: map_idI) + +lemma surj_fm_of_nat: \surj fm_of_nat\ + unfolding surj_def using fm_nat by metis + +subsection \Rules\ + +text \Pick a large number to help encode the Idle rule, so that we never hit it in practice.\ + +definition idle_nat :: nat where + \idle_nat \ 4294967295\ + +primrec nat_of_rule :: \rule \ nat\ where + \nat_of_rule Idle = Inl $ prod_encode (0, idle_nat)\ +| \nat_of_rule (Axiom n ts) = Inl $ prod_encode (Suc n, Suc (list_encode (map nat_of_tm ts)))\ +| \nat_of_rule FlsL = Inl $ prod_encode (0, 0)\ +| \nat_of_rule FlsR = Inl $ prod_encode (0, Suc 0)\ +| \nat_of_rule (ImpL p q) = Inr $ prod_encode (Inl $ nat_of_fm p, Inl $ nat_of_fm q)\ +| \nat_of_rule (ImpR p q) = Inr $ prod_encode (Inr $ nat_of_fm p, nat_of_fm q)\ +| \nat_of_rule (UniL t p) = Inr $ prod_encode (Inl $ nat_of_tm t, Inr $ nat_of_fm p)\ +| \nat_of_rule (UniR p) = Inl $ prod_encode (Suc (nat_of_fm p), 0)\ + +fun rule_of_nat :: \nat \ rule\ where + \rule_of_nat n = (case sum_decode n of + Inl n \ (case prod_decode n of + (0, 0) \ FlsL + | (0, Suc 0) \ FlsR + | (0, n2) \ if n2 = idle_nat then Idle else + let (p, q) = prod_decode n2 in ImpR (fm_of_nat p) (fm_of_nat q) + | (Suc n, Suc ts) \ Axiom n (map tm_of_nat (list_decode ts)) + | (Suc p, 0) \ UniR (fm_of_nat p)) + | Inr n \ (let (n1, n2) = prod_decode n in + case sum_decode n1 of + Inl n1 \ (case sum_decode n2 of + Inl q \ ImpL (fm_of_nat n1) (fm_of_nat q) + | Inr p \ UniL (tm_of_nat n1) (fm_of_nat p)) + | Inr p \ ImpR (fm_of_nat p) (fm_of_nat n2)))\ + +lemma rule_nat: \rule_of_nat (nat_of_rule r) = r\ + using tm_nat fm_nat by (cases r) (simp_all add: map_idI idle_nat_def) + +lemma surj_rule_of_nat: \surj rule_of_nat\ + unfolding surj_def using rule_nat by metis + +end diff --git a/thys/FOL_Seq_Calc3/Export.thy b/thys/FOL_Seq_Calc3/Export.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Export.thy @@ -0,0 +1,61 @@ +section \Export\ + +theory Export imports Prover begin + +definition \prove_sequent \ i.mkTree eff rules\ +definition \prove \ \p. prove_sequent ([], [p])\ + +declare Stream.smember_code [code del] +lemma [code]: \Stream.smember x (y ## s) = (x = y \ Stream.smember x s)\ + unfolding Stream.smember_def by auto + +code_printing + constant the \ (Haskell) "(\\x -> case x of { Just y -> y })" + | constant Option.is_none \ (Haskell) "(\\x -> case x of { Just y -> False; Nothing -> True })" + +code_identifier + code_module Product_Type \ (Haskell) Arith + | code_module Orderings \ (Haskell) Arith + | code_module Arith \ (Haskell) Prover + | code_module MaybeExt \ (Haskell) Prover + | code_module List \ (Haskell) Prover + | code_module Nat_Bijection \ (Haskell) Prover + | code_module Syntax \ (Haskell) Prover + | code_module Encoding \ (Haskell) Prover + | code_module HOL \ (Haskell) Prover + | code_module Set \ (Haskell) Prover + | code_module FSet \ (Haskell) Prover + | code_module Stream \ (Haskell) Prover + | code_module Fair_Stream \ (Haskell) Prover + | code_module Sum_Type \ (Haskell) Prover + | code_module Abstract_Completeness \ (Haskell) Prover + | code_module Export \ (Haskell) Prover + +export_code open prove in Haskell + +text \ +To export the Haskell code run: +\begin{verbatim} + > isabelle build -e -D . +\end{verbatim} + +To compile the exported code run: +\begin{verbatim} + > ghc -O2 -i./program Main.hs +\end{verbatim} + +To prove a formula, supply it using raw constructor names, e.g.: +\begin{verbatim} + > ./Main "Imp (Pre 0 []) (Imp (Pre 1 []) (Pre 0 []))" + |- (P) --> ((Q) --> (P)) + + ImpR on P and (Q) --> (P) + P |- (Q) --> (P) + + ImpR on Q and P + Q, P |- P + + Axiom on P +\end{verbatim} + +The output is pretty-printed. +\ + +end diff --git a/thys/FOL_Seq_Calc3/Fair_Stream.thy b/thys/FOL_Seq_Calc3/Fair_Stream.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Fair_Stream.thy @@ -0,0 +1,89 @@ +section \Fair Streams\ + +theory Fair_Stream imports "HOL-Library.Stream" begin + +definition upt_lists :: \nat list stream\ where + \upt_lists \ smap (upt 0) (stl nats)\ + +definition fair_nats :: \nat stream\ where + \fair_nats \ flat upt_lists\ + +definition fair :: \'a stream \ bool\ where + \fair s \ \x \ sset s. \m. \n \ m. s !! n = x\ + +lemma upt_lists_snth: \x \ n \ x \ set (upt_lists !! n)\ + unfolding upt_lists_def by auto + +lemma all_ex_upt_lists: \\n \ m. x \ set (upt_lists !! n)\ + using upt_lists_snth by (meson dual_order.strict_trans1 gt_ex nle_le) + +lemma upt_lists_ne: \\xs \ sset upt_lists. xs \ []\ + unfolding upt_lists_def by (simp add: sset_range) + +lemma sset_flat_stl: \sset (flat (stl s)) \ sset (flat s)\ +proof (cases s) + case (SCons x xs) + then show ?thesis + by (cases x) (simp add: stl_sset subsetI, auto) +qed + +lemma flat_snth_nth: + assumes \x = s !! n ! m\ \m < length (s !! n)\ \\xs \ sset s. xs \ []\ + shows \\n' \ n. x = flat s !! n'\ + using assms +proof (induct n arbitrary: s) + case 0 + then show ?case + using flat_snth by fastforce +next + case (Suc n) + have \?case = (\n' \ n. x = flat s !! Suc n')\ + by (metis Suc_le_D Suc_le_mono) + also have \\ = (\n' \ n. x = stl (flat s) !! n')\ + by simp + finally have \?case = (\n' \ n. x = (tl (shd s) @- flat (stl s)) !! n')\ + using Suc.prems flat_unfold by (simp add: shd_sset) + then have ?case if \\n' \ n. x = flat (stl s) !! n'\ + using that by (metis (no_types, opaque_lifting) add.commute add_diff_cancel_left' + dual_order.trans le_add2 shift_snth_ge) + moreover { + have \x = stl s !! n ! m\ \ m < length (stl s !! n)\ + using Suc.prems by simp_all + moreover have \\xs \ sset (stl s). xs \ []\ + using Suc.prems by (cases s) simp_all + ultimately have \\n' \ n. x = flat (stl s) !! n'\ + using Suc.hyps by blast } + ultimately show ?case . +qed + +lemma all_ex_fair_nats: \\n \ m. fair_nats !! n = x\ +proof - + have \\n \ m. x \ set (upt_lists !! n)\ + using all_ex_upt_lists . + then have \\n \ m. \k < length (upt_lists !! n). upt_lists !! n ! k = x\ + by (simp add: in_set_conv_nth) + then obtain n k where \m \ n\ \k < length (upt_lists !! n)\ \upt_lists !! n ! k = x\ + by blast + then obtain n' where \n \ n'\ \x = flat upt_lists !! n'\ + using flat_snth_nth upt_lists_ne by metis + moreover have \m \ n'\ + using \m \ n\ \n \ n'\ by simp + ultimately show ?thesis + unfolding fair_nats_def by blast +qed + +lemma fair_surj: + assumes \surj f\ + shows \fair (smap f fair_nats)\ + using assms unfolding fair_def by (metis UNIV_I all_ex_fair_nats imageE snth_smap) + +definition fair_stream :: \(nat \ 'a) \ 'a stream\ where + \fair_stream f = smap f fair_nats\ + +theorem fair_stream: \surj f \ fair (fair_stream f)\ + unfolding fair_stream_def using fair_surj . + +theorem UNIV_stream: \surj f \ sset (fair_stream f) = UNIV\ + unfolding fair_stream_def using all_ex_fair_nats by (metis sset_range stream.set_map surjI) + +end diff --git a/thys/FOL_Seq_Calc3/List_Syntax.thy b/thys/FOL_Seq_Calc3/List_Syntax.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/List_Syntax.thy @@ -0,0 +1,64 @@ +section \List Syntax\ + +theory List_Syntax imports Main begin + +abbreviation list_member_syntax :: \'a \ 'a list \ bool\ (\_ [\] _\ [51, 51] 50) where + \x [\] A \ x \ set A\ + +abbreviation list_not_member_syntax :: \'a \ 'a list \ bool\ (\_ [\] _\ [51, 51] 50) where + \x [\] A \ x \ set A\ + +abbreviation list_subset_syntax :: \'a list \ 'a list \ bool\ (\_ [\] _\ [51, 51] 50) where + \A [\] B \ set A \ set B\ + +abbreviation list_subset_eq_syntax :: \'a list \ 'a list \ bool\ (\_ [\] _\ [51, 51] 50) where + \A [\] B \ set A \ set B\ + +abbreviation removeAll_syntax :: \'a list \ 'a \ 'a list\ (infix \[\
]\ 75) where + \A [\
] x \ removeAll x A\ + +syntax (ASCII) + "_BallList" :: \pttrn \ 'a list \ bool \ bool\ (\(3ALL (_/[:]_)./ _)\ [0, 0, 10] 10) + "_BexList" :: \pttrn \ 'a list \ bool \ bool\ (\(3EX (_/[:]_)./ _)\ [0, 0, 10] 10) + "_Bex1List" :: \pttrn \ 'a list \ bool \ bool\ (\(3EX! (_/[:]_)./ _)\ [0, 0, 10] 10) + "_BleastList" :: \id \ 'a list \ bool \ 'a\ (\(3LEAST (_/[:]_)./ _)\ [0, 0, 10] 10) + +syntax (input) + "_BallList" :: \pttrn \ 'a list \ bool \ bool\ (\(3! (_/[:]_)./ _)\ [0, 0, 10] 10) + "_BexList" :: \pttrn \ 'a list \ bool \ bool\ (\(3? (_/[:]_)./ _)\ [0, 0, 10] 10) + "_Bex1List" :: \pttrn \ 'a list \ bool \ bool\ (\(3?! (_/[:]_)./ _)\ [0, 0, 10] 10) + +syntax + "_BallList" :: \pttrn \ 'a list \ bool \ bool\ (\(3\(_/[\]_)./ _)\ [0, 0, 10] 10) + "_BexList" :: \pttrn \ 'a list \ bool \ bool\ (\(3\(_/[\]_)./ _)\ [0, 0, 10] 10) + "_Bex1List" :: \pttrn \ 'a list \ bool \ bool\ (\(3\!(_/[\]_)./ _)\ [0, 0, 10] 10) + "_BleastList" :: \id \ 'a list \ bool \ 'a\ (\(3LEAST(_/[\]_)./ _)\ [0, 0, 10] 10) + +translations + "\x[\]A. P" \ "CONST Ball (CONST set A) (\x. P)" + "\x[\]A. P" \ "CONST Bex (CONST set A) (\x. P)" + "\!x[\]A. P" \ "\!x. x [\] A \ P" + "LEAST x[:]A. P" \ "LEAST x. x [\] A \ P" + +syntax (ASCII output) + "_setlessAllList" :: \[idt, 'a, bool] \ bool\ (\(3ALL _[<]_./ _)\ [0, 0, 10] 10) + "_setlessExList" :: \[idt, 'a, bool] \ bool\ (\(3EX _[<]_./ _)\ [0, 0, 10] 10) + "_setleAllList" :: \[idt, 'a, bool] \ bool\ (\(3ALL _[<=]_./ _)\ [0, 0, 10] 10) + "_setleExList" :: \[idt, 'a, bool] \ bool\ (\(3EX _[<=]_./ _)\ [0, 0, 10] 10) + "_setleEx1List" :: \[idt, 'a, bool] \ bool\ (\(3EX! _[<=]_./ _)\ [0, 0, 10] 10) + +syntax + "_setlessAllList" :: \[idt, 'a, bool] \ bool\ (\(3\_[\]_./ _)\ [0, 0, 10] 10) + "_setlessExList" :: \[idt, 'a, bool] \ bool\ (\(3\_[\]_./ _)\ [0, 0, 10] 10) + "_setleAllList" :: \[idt, 'a, bool] \ bool\ (\(3\_[\]_./ _)\ [0, 0, 10] 10) + "_setleExList" :: \[idt, 'a, bool] \ bool\ (\(3\_[\]_./ _)\ [0, 0, 10] 10) + "_setleEx1List" :: \[idt, 'a, bool] \ bool\ (\(3\!_[\]_./ _)\ [0, 0, 10] 10) + +translations + "\A[\]B. P" \ "\A. A [\] B \ P" + "\A[\]B. P" \ "\A. A [\] B \ P" + "\A[\]B. P" \ "\A. A [\] B \ P" + "\A[\]B. P" \ "\A. A [\] B \ P" + "\!A[\]B. P" \ "\!A. A [\] B \ P" + +end diff --git a/thys/FOL_Seq_Calc3/Main.hs b/thys/FOL_Seq_Calc3/Main.hs new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Main.hs @@ -0,0 +1,61 @@ +import Prelude +import Data.Char (chr, ord) +import Data.List (intersperse) +import System.Environment + +import Arith +import Prover + +instance Show Arith.Nat where + show (Nat n) = show n + +charFrom :: Char -> Arith.Nat -> Char +charFrom c n = chr (ord c + fromInteger (Arith.integer_of_nat n)) + +instance Show Tm where + show (Var n) = show n + show (Fun f []) = charFrom 'a' f : "" + show (Fun f ts) = charFrom 'f' f : "(" ++ concat (intersperse ", " (map show ts)) ++ ")" + +instance Show Fm where + show Falsity = "Falsity" + show (Pre p []) = charFrom 'P' p : "" + show (Pre p ts) = charFrom 'P' p : "(" ++ concat (intersperse ", " (map show ts)) ++ ")" + show (Imp p q) = "(" ++ show p ++ ") --> (" ++ show q ++ ")" + show (Uni p) = "forall " ++ show p + +showRule :: Rule -> String +showRule (Axiom n ts) = "Axiom on " ++ show (Pre n ts) +showRule FlsL = "FlsL" +showRule FlsR = "FlsR" +showRule Idle = "Idle" +showRule (ImpL p q) = "ImpL on " ++ show p ++ " and " ++ show q +showRule (ImpR p q) = "ImpR on " ++ show p ++ " and " ++ show q +showRule (UniL t p) = "UniL on " ++ show t ++ " and " ++ show p +showRule (UniR p) = "UniR on " ++ show p + +showFms :: [Fm] -> String +showFms ps = concat (intersperse ", " (map show ps)) + +showTree :: Int -> Tree (([Fm], [Fm]), Rule) -> String +showTree n (Node ((l, r), rule) (Abs_fset (Set ts))) = + let inc = if length ts > 1 then 2 else 0 in + replicate n ' ' ++ showFms l ++ " |- " ++ showFms r ++ "\n" ++ + replicate n ' ' ++ " + " ++ showRule rule ++ "\n" ++ + concat (map (showTree (n + inc)) ts) + +-- deriving instance Read Arith.Nat + +instance Read Arith.Nat where + readsPrec d s = map (\(n, s) -> (Arith.Nat n, s)) (readsPrec d s :: [(Integer, String)]) + +deriving instance Read Tm +deriving instance Read Fm + +main :: IO () +main = do + args <- getArgs + let p = read (head args) :: Fm + let res = prove p + putStrLn (showTree 0 res) + diff --git a/thys/FOL_Seq_Calc3/Prover.thy b/thys/FOL_Seq_Calc3/Prover.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Prover.thy @@ -0,0 +1,48 @@ +section \Prover\ + +theory Prover imports "Abstract_Completeness.Abstract_Completeness" Encoding Fair_Stream begin + +function eff :: \rule \ sequent \ (sequent fset) option\ where + \eff Idle (A, B) = + Some {| (A, B) |}\ +| \eff (Axiom n ts) (A, B) = (if \<^bold>\n ts [\] A \ \<^bold>\n ts [\] B then + Some {||} else None)\ +| \eff FlsL (A, B) = (if \<^bold>\ [\] A then + Some {||} else None)\ +| \eff FlsR (A, B) = (if \<^bold>\ [\] B then + Some {| (A, B [\
] \<^bold>\) |} else None)\ +| \eff (ImpL p q) (A, B) = (if (p \<^bold>\ q) [\] A then + Some {| (A [\
] (p \<^bold>\ q), p # B), (q # A [\
] (p \<^bold>\ q), B) |} else None)\ +| \eff (ImpR p q) (A, B) = (if (p \<^bold>\ q) [\] B then + Some {| (p # A, q # B [\
] (p \<^bold>\ q)) |} else None)\ +| \eff (UniL t p) (A, B) = (if \<^bold>\p [\] A then + Some {| (p\t/0\ # A, B) |} else None)\ +| \eff (UniR p) (A, B) = (if \<^bold>\p [\] B then + Some {| (A, p\\<^bold>#(fresh (A @ B))/0\ # B [\
] \<^bold>\p) |} else None)\ + by pat_completeness auto +termination by (relation \measure size\) standard + +definition rules :: \rule stream\ where + \rules \ fair_stream rule_of_nat\ + +lemma UNIV_rules: \sset rules = UNIV\ + unfolding rules_def using UNIV_stream surj_rule_of_nat . + +interpretation RuleSystem \\r s ss. eff r s = Some ss\ rules UNIV + by unfold_locales (auto simp: UNIV_rules intro: exI[of _ Idle]) + +lemma per_rules': + assumes \enabled r (A, B)\ \\ enabled r (A', B')\ \eff r' (A, B) = Some ss'\ \(A', B') |\| ss'\ + shows \r' = r\ + using assms by (cases r r' rule: rule.exhaust[case_product rule.exhaust]) + (unfold enabled_def, auto split: if_splits) + +lemma per_rules: \per r\ + unfolding per_def UNIV_rules using per_rules' by fast + +interpretation PersistentRuleSystem \\r s ss. eff r s = Some ss\ rules UNIV + using per_rules by unfold_locales + +definition \prover \ mkTree rules\ + +end diff --git a/thys/FOL_Seq_Calc3/ROOT b/thys/FOL_Seq_Calc3/ROOT new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/ROOT @@ -0,0 +1,23 @@ +chapter AFP + +session FOL_Seq_Calc3 (AFP) = "HOL-Library" + + options [timeout = 300] + sessions + Abstract_Soundness + Abstract_Completeness + theories + List_Syntax + Fair_Stream + Syntax + Semantics + Encoding + Prover + Export + Soundness + Completeness + Result + document_files + "root.tex" + "root.bib" + export_files (in "./program") [3] "*:**.hs" + diff --git a/thys/FOL_Seq_Calc3/Result.thy b/thys/FOL_Seq_Calc3/Result.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Result.thy @@ -0,0 +1,17 @@ +section \Result\ + +theory Result imports Soundness Completeness begin + +theorem prover_soundness_completeness: + fixes A B :: \fm list\ + defines \t \ prover (A, B)\ + shows \tfinite t \ wf t \ (\(E :: _ \ tm) F G. sc (E, F, G) (A, B))\ + using assms prover_soundness prover_completeness unfolding prover_def by fastforce + +corollary + fixes p :: fm + defines \t \ prover ([], [p])\ + shows \tfinite t \ wf t \ (\(E :: _ \ tm) F G. \E, F, G\ p)\ + using assms prover_soundness_completeness by simp + +end diff --git a/thys/FOL_Seq_Calc3/Semantics.thy b/thys/FOL_Seq_Calc3/Semantics.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Semantics.thy @@ -0,0 +1,87 @@ +section \Semantics\ + +theory Semantics imports Syntax begin + +subsection \Shift\ + +definition shift :: \(nat \ 'a) \ nat \ 'a \ nat \ 'a\ + (\_\_:_\\ [90, 0, 0] 91) where + \E\n:x\ = (\m. if m < n then E m else if m = n then x else E (m-1))\ + +lemma shift_eq [simp]: \n = m \ (E\n:x\) m = x\ + by (simp add: shift_def) + +lemma shift_gt [simp]: \m < n \ (E\n:x\) m = E m\ + by (simp add: shift_def) + +lemma shift_lt [simp]: \n < m \ (E\n:x\) m = E (m-1)\ + by (simp add: shift_def) + +lemma shift_commute [simp]: \E\n:y\\0:x\ = E\0:x\\n+1:y\\ +proof + fix m + show \(E\n:y\\0:x\) m = (E\0:x\\n+1:y\) m\ + unfolding shift_def by (cases m) simp_all +qed + +subsection \Definition\ + +type_synonym 'a var_denot = \nat \ 'a\ +type_synonym 'a fun_denot = \nat \ 'a list \ 'a\ +type_synonym 'a pre_denot = \nat \ 'a list \ bool\ + +primrec semantics_tm :: \'a var_denot \ 'a fun_denot \ tm \ 'a\ (\\_, _\\) where + \\E, F\ (\<^bold>#n) = E n\ +| \\E, F\ (\<^bold>\f ts) = F f (map \E, F\ ts)\ + +primrec semantics_fm :: \'a var_denot \ 'a fun_denot \ 'a pre_denot \ fm \ bool\ + (\\_, _, _\\) where + \\_, _, _\ \<^bold>\ = False\ +| \\E, F, G\ (\<^bold>\P ts) = G P (map \E, F\ ts)\ +| \\E, F, G\ (p \<^bold>\ q) = (\E, F, G\ p \ \E, F, G\ q)\ +| \\E, F, G\ (\<^bold>\p) = (\x. \E\0:x\, F, G\ p)\ + +fun sc :: \('a var_denot \ 'a fun_denot \ 'a pre_denot) \ sequent \ bool\ where + \sc (E, F, G) (A, B) = ((\p [\] A. \E, F, G\ p) \ (\q [\] B. \E, F, G\ q))\ + +subsection \Instantiation\ + +lemma lift_lemma [simp]: \\E\0:x\, F\ (\<^bold>\t) = \E, F\ t\ + by (induct t) (auto cong: map_cong) + +lemma inst_tm_semantics [simp]: \\E, F\ (t\s/m\) = \E\m:\E, F\ s\, F\ t\ + by (induct t) (auto cong: map_cong) + +lemma inst_fm_semantics [simp]: \\E, F, G\ (p\t/m\) = \E\m:\E, F\ t\, F, G\ p\ + by (induct p arbitrary: E m t) (auto cong: map_cong) + +subsection \Variables\ + +lemma upd_vars_tm [simp]: \n [\] vars_tm t \ \E(n := x), F\ t = \E, F\ t\ + by (induct t) (auto cong: map_cong) + +lemma shift_upd_commute: \m \ n \ (E(n := x)\m:y\) = ((E\m:y\)(Suc n := x))\ + unfolding shift_def by fastforce + +lemma upd_vars_fm [simp]: \max_list (vars_fm p) < n \ \E(n := x), F, G\ p = \E, F, G\ p\ +proof (induct p arbitrary: E n) + case (Pre P ts) + moreover have \max_list (concat (map vars_tm ts)) < n\ + using Pre.prems max_list_concat by simp + then have \n [\] concat (map vars_tm ts)\ + using max_list_in by blast + then have \\t [\] ts. n [\] vars_tm t\ + by simp + ultimately show ?case + using upd_vars_tm by (metis list.map_cong semantics_fm.simps(2)) +next + case (Uni p) + have \?case = ((\y. \E(n := x)\0:y\, F, G\ p) = (\y. \E\0:y\, F, G\ p))\ + by (simp add: fun_upd_def) + also have \\ = ((\y. \(E\0:y\)(n + 1 := x), F, G\ p) = (\y. \E\0:y\, F, G\ p))\ + by (simp add: shift_upd_commute) + finally show ?case + using Uni by fastforce +qed (auto simp: max_list_append cong: map_cong) + +end diff --git a/thys/FOL_Seq_Calc3/Soundness.thy b/thys/FOL_Seq_Calc3/Soundness.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Soundness.thy @@ -0,0 +1,51 @@ +section \Soundness\ + +theory Soundness imports "Abstract_Soundness.Finite_Proof_Soundness" Prover Semantics begin + +lemma eff_sound: + fixes E :: \_ \ 'a\ + assumes \eff r (A, B) = Some ss\ \\A B. (A, B) |\| ss \ (\(E :: _ \ 'a). sc (E, F, G) (A, B))\ + shows \sc (E, F, G) (A, B)\ + using assms +proof (induct r \(A, B)\ rule: eff.induct) + case (5 p q) + then have \sc (E, F, G) (A [\
] (p \<^bold>\ q), p # B)\ \sc (E, F, G) (q # A [\
] (p \<^bold>\ q), B)\ + by (metis eff.simps(5) finsertCI option.inject option.simps(3))+ + then show ?case + using "5.prems"(1) by (force split: if_splits) +next + case (7 t p) + then have \sc (E, F, G) (p\t/0\ # A, B)\ + by (metis eff.simps(7) finsert_iff option.inject option.simps(3)) + then show ?case + using "7.prems"(1) by (fastforce split: if_splits) +next + case (8 p) + let ?n = \fresh (A @ B)\ + have A: \\p [\] A. max_list (vars_fm p) < ?n\ and B: \\p [\] B. max_list (vars_fm p) < ?n\ + unfolding fresh_def using max_list_vars_fms max_list_mono vars_fms_member + by (metis Un_iff le_imp_less_Suc set_append)+ + from 8 have \sc (E(?n := x), F, G) (A, p\\<^bold>#?n/0\ # B [\
] \<^bold>\ p)\ for x + by (metis eff.simps(8) finsert_iff option.inject option.simps(3)) + then have \(\p [\] A. \E, F, G\ p) \ + (\x. \(E\0:x\)(Suc ?n := x), F, G\ p) \ (\q [\] B [\
] \<^bold>\ p. \E, F, G\ q)\ + using A B upd_vars_fm by (auto simp: shift_upd_commute) + moreover have \max_list (vars_fm p) < ?n\ + using B "8.prems"(1) by (metis eff.simps(8) option.distinct(1) vars_fm.simps(4)) + ultimately have \sc (E, F, G) (A, \<^bold>\p # (B [\
] \<^bold>\ p))\ + by auto + moreover have \\<^bold>\p [\] B\ + using "8.prems"(1) by (simp split: if_splits) + ultimately show ?case + by (metis (full_types) Diff_iff sc.simps set_ConsD set_removeAll) +qed (fastforce split: if_splits)+ + +interpretation Soundness \\r s ss. eff r s = Some ss\ rules UNIV sc + unfolding Soundness_def using eff_sound by fast + +theorem prover_soundness: + assumes \tfinite t\ and \wf t\ + shows \sc (E, F, G) (fst (root t))\ + using assms soundness by fast + +end diff --git a/thys/FOL_Seq_Calc3/Syntax.thy b/thys/FOL_Seq_Calc3/Syntax.thy new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/Syntax.thy @@ -0,0 +1,93 @@ +section \Syntax\ + +theory Syntax imports List_Syntax begin + +subsection \Terms and Formulas\ + +datatype tm + = Var nat (\\<^bold>#\) + | Fun nat \tm list\ (\\<^bold>\\) + +datatype fm + = Falsity (\\<^bold>\\) + | Pre nat \tm list\ (\\<^bold>\\) + | Imp fm fm (infixr \\<^bold>\\ 55) + | Uni fm (\\<^bold>\\) + +type_synonym sequent = \fm list \ fm list\ + +subsubsection \Instantiation\ + +primrec lift_tm :: \tm \ tm\ (\\<^bold>\\) where + \\<^bold>\(\<^bold>#n) = \<^bold>#(n+1)\ +| \\<^bold>\(\<^bold>\f ts) = \<^bold>\f (map \<^bold>\ ts)\ + +primrec inst_tm :: \tm \ tm \ nat \ tm\ (\_'\_'/_'\\ [90, 0, 0] 91) where + \(\<^bold>#n)\s/m\ = (if n < m then \<^bold>#n else if n = m then s else \<^bold>#(n-1))\ +| \(\<^bold>\f ts)\s/m\ = \<^bold>\f (map (\t. t\s/m\) ts)\ + +primrec inst_fm :: \fm \ tm \ nat \ fm\ (\_'\_'/_'\\ [90, 0, 0] 91) where + \\<^bold>\\_/_\ = \<^bold>\\ +| \(\<^bold>\P ts)\s/m\ = \<^bold>\P (map (\t. t\s/m\) ts)\ +| \(p \<^bold>\ q)\s/m\ = (p\s/m\ \<^bold>\ q\s/m\)\ +| \(\<^bold>\p)\s/m\ = \<^bold>\(p\\<^bold>\s/m+1\)\ + +subsubsection \Variables\ + +primrec vars_tm :: \tm \ nat list\ where + \vars_tm (\<^bold>#n) = [n]\ +| \vars_tm (\<^bold>\_ ts) = concat (map vars_tm ts)\ + +primrec vars_fm :: \fm \ nat list\ where + \vars_fm \<^bold>\ = []\ +| \vars_fm (\<^bold>\_ ts) = concat (map vars_tm ts)\ +| \vars_fm (p \<^bold>\ q) = vars_fm p @ vars_fm q\ +| \vars_fm (\<^bold>\p) = vars_fm p\ + +primrec max_list :: \nat list \ nat\ where + \max_list [] = 0\ +| \max_list (x # xs) = max x (max_list xs)\ + +definition max_var_fm :: \fm \ nat\ where + \max_var_fm p = max_list (vars_fm p)\ + +lemma max_list_append: \max_list (xs @ ys) = max (max_list xs) (max_list ys)\ + by (induct xs) auto + +lemma max_list_concat: \xs [\] xss \ max_list xs \ max_list (concat xss)\ + by (induct xss) (auto simp: max_list_append) + +lemma max_list_in: \max_list xs < n \ n [\] xs\ + by (induct xs) auto + +definition vars_fms :: \fm list \ nat list\ where + \vars_fms A \ concat (map vars_fm A)\ + +lemma vars_fms_member: \p [\] A \ vars_fm p [\] vars_fms A\ + unfolding vars_fms_def by (induct A) auto + +lemma max_list_mono: \A [\] B \ max_list A \ max_list B\ + by (induct A) (simp, metis linorder_not_le list.set_intros(1) max.absorb2 max.absorb3 + max_list.simps(2) max_list_in set_subset_Cons subset_code(1)) + +lemma max_list_vars_fms: + assumes \max_list (vars_fms A) \ n\ \p [\] A\ + shows \max_list (vars_fm p) \ n\ + using assms max_list_mono vars_fms_member by (meson dual_order.trans) + +definition fresh :: \fm list \ nat\ where + \fresh A \ Suc (max_list (vars_fms A))\ + +subsection \Rules\ + +datatype rule + = Idle + | Axiom nat \tm list\ + | FlsL + | FlsR + | ImpL fm fm + | ImpR fm fm + | UniL tm fm + | UniR fm + +end diff --git a/thys/FOL_Seq_Calc3/document/root.bib b/thys/FOL_Seq_Calc3/document/root.bib new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/document/root.bib @@ -0,0 +1,35 @@ +@article{Abstract-Completeness-AFP, + author = {Jasmin Christian Blanchette and Andrei Popescu and Dmitriy Traytel}, + title = {Abstract Completeness}, + journal = {Archive of Formal Proofs}, + month = apr, + year = 2014, + note = {\url{https://isa-afp.org/entries/Abstract_Completeness.html}, + Formal proof development}, + ISSN = {2150-914x}, +} + +@article{FOL-Seq-Calc2-AFP, + author = {Asta Halkjær From and Frederik Krogsdal Jacobsen}, + title = {A Sequent Calculus Prover for First-Order Logic with Functions}, + journal = {Archive of Formal Proofs}, + month = jan, + year = 2022, + note = {\url{https://isa-afp.org/entries/FOL_Seq_Calc2.html}, + Formal proof development}, + ISSN = {2150-914x}, +} + +@article{BlanchettePT17, + author = {Jasmin Christian Blanchette and + Andrei Popescu and + Dmitriy Traytel}, + title = {Soundness and Completeness Proofs by Coinductive Methods}, + journal = {Journal of Automated Reasoning}, + volume = {58}, + number = {1}, + pages = {149--179}, + year = {2017}, + doi = {10.1007/s10817-016-9391-3} +} + diff --git a/thys/FOL_Seq_Calc3/document/root.tex b/thys/FOL_Seq_Calc3/document/root.tex new file mode 100644 --- /dev/null +++ b/thys/FOL_Seq_Calc3/document/root.tex @@ -0,0 +1,60 @@ +\documentclass[11pt,a4paper]{article} +\usepackage[T1]{fontenc} +\usepackage{isabelle,isabellesym} + +% this should be the last package used +\usepackage{pdfsetup} + +% urls in roman style, theory text in math-similar italics +\urlstyle{rm} +\isabellestyle{it} + +% for uniform font size +% \renewcommand{\isastyle}{\isastyleminor} + +\begin{document} + +\title{A Naive Prover for First-Order Logic} +\author{Asta Halkjær From} +\maketitle + +\begin{abstract} + The AFP entry Abstract Completeness by Blanchette, Popescu and Traytel~\cite{Abstract-Completeness-AFP} formalizes the core of Beth/Hintikka-style completeness proofs for first-order logic and can be used to formalize executable sequent calculus provers. + In the Journal of Automated Reasoning~\cite{BlanchettePT17}, the authors instantiate the framework with a sequent calculus for first-order logic and prove its completeness. + Their use of an infinite set of proof rules indexed by formulas yields very direct arguments. + A fair stream of these rules controls the prover, making its definition remarkably simple. + The AFP entry, however, only contains a toy example for propositional logic. + The AFP entry A Sequent Calculus Prover for First-Order Logic with Functions by From and Jacobsen~\cite{FOL-Seq-Calc2-AFP} also uses the framework, but uses a finite set of generic rules resulting in a more sophisticated prover with more complicated proofs. + + This entry contains an executable sequent calculus prover for first-order logic with functions in the style presented by Blanchette et al. + The prover can be exported to Haskell and this entry includes formalized proofs of its soundness and completeness. + The proofs are simpler than those for the prover by From and Jacobsen~\cite{FOL-Seq-Calc2-AFP} but the performance of the prover is significantly worse. + + The included theory \isa{Fair-Stream} first proves that the sequence of natural numbers 0, 0, 1, 0, 1, 2, etc.\ is fair. + It then proves that mapping any surjective function across the sequence preserves fairness. + This method of obtaining a fair stream of rules is similar to the one given by Blanchette et al.~\cite{BlanchettePT17}. + The concrete functions from natural numbers to terms, formulas and rules are defined using the \isa{Nat-Bijection} theory in the HOL-Library. +\end{abstract} + +\newpage + +\tableofcontents + +\newpage + +% sane default for proof documents +\parindent 0pt\parskip 0.5ex + +% generated text of all theories +\input{session} + +% optional bibliography +\bibliographystyle{abbrv} +\bibliography{root} + +\end{document} + +%%% Local Variables: +%%% mode: latex +%%% TeX-master: t +%%% End: diff --git a/thys/ROOTS b/thys/ROOTS --- a/thys/ROOTS +++ b/thys/ROOTS @@ -1,672 +1,673 @@ ADS_Functor AI_Planning_Languages_Semantics AODV AVL-Trees AWN Abortable_Linearizable_Modules Abs_Int_ITP2012 Abstract-Hoare-Logics Abstract-Rewriting Abstract_Completeness Abstract_Soundness Ackermanns_not_PR Actuarial_Mathematics Adaptive_State_Counting Affine_Arithmetic Aggregation_Algebras Akra_Bazzi Algebraic_Numbers Algebraic_VCs Allen_Calculus Amicable_Numbers Amortized_Complexity AnselmGod Applicative_Lifting Approximation_Algorithms Architectural_Design_Patterns Aristotles_Assertoric_Syllogistic Arith_Prog_Rel_Primes ArrowImpossibilityGS Attack_Trees Auto2_HOL Auto2_Imperative_HOL AutoFocus-Stream Automated_Stateful_Protocol_Verification Automatic_Refinement AxiomaticCategoryTheory BDD BD_Security_Compositional BNF_CC BNF_Operations BTree Banach_Steinhaus Belief_Revision Bell_Numbers_Spivey BenOr_Kozen_Reif Berlekamp_Zassenhaus Bernoulli Bertrands_Postulate Bicategory BinarySearchTree Binding_Syntax_Theory Binomial-Heaps Binomial-Queues BirdKMP Blue_Eyes Bondy Boolean_Expression_Checkers Bounded_Deducibility_Security Buchi_Complementation Budan_Fourier Buffons_Needle Buildings BytecodeLogicJmlTypes C2KA_DistributedSystems CAVA_Automata CAVA_LTL_Modelchecker CCS CISC-Kernel CRDT CSP_RefTK CYK CZH_Elementary_Categories CZH_Foundations CZH_Universal_Constructions CakeML CakeML_Codegen Call_Arity Card_Equiv_Relations Card_Multisets Card_Number_Partitions Card_Partitions Cartan_FP Case_Labeling Catalan_Numbers Category Category2 Category3 Cauchy Cayley_Hamilton Certification_Monads Chandy_Lamport Chord_Segments Circus Clean ClockSynchInst Closest_Pair_Points CoCon CoSMeDis CoSMed CofGroups Coinductive Coinductive_Languages Collections Combinatorics_Words Combinatorics_Words_Graph_Lemma Combinatorics_Words_Lyndon Comparison_Sort_Lower_Bound Compiling-Exceptions-Correctly Complete_Non_Orders Completeness Complex_Bounded_Operators Complex_Geometry Complx ComponentDependencies ConcurrentGC ConcurrentIMP Concurrent_Ref_Alg Concurrent_Revisions Conditional_Simplification Conditional_Transfer_Rule Consensus_Refined Constructive_Cryptography Constructive_Cryptography_CM Constructor_Funs Containers CoreC++ Core_DOM Core_SC_DOM Correctness_Algebras Cotangent_PFD_Formula Count_Complex_Roots CryptHOL CryptoBasedCompositionalProperties Cubic_Quartic_Equations DFS_Framework DOM_Components DPT-SAT-Solver DataRefinementIBP Datatype_Order_Generator Decl_Sem_Fun_PL Decreasing-Diagrams Decreasing-Diagrams-II Dedekind_Real Deep_Learning Delta_System_Lemma Density_Compiler Dependent_SIFUM_Refinement Dependent_SIFUM_Type_Systems Depth-First-Search Derangements Deriving Descartes_Sign_Rule Design_Theory Dict_Construction Differential_Dynamic_Logic Differential_Game_Logic Dijkstra_Shortest_Path Diophantine_Eqns_Lin_Hom Dirichlet_L Dirichlet_Series DiscretePricing Discrete_Summation DiskPaxos Dominance_CHK DynamicArchitectures Dynamic_Tables E_Transcendental Echelon_Form EdmondsKarp_Maxflow Efficient-Mergesort Elliptic_Curves_Group_Law Encodability_Process_Calculi Epistemic_Logic Equivalence_Relation_Enumeration Ergodic_Theory Error_Function Euler_MacLaurin Euler_Partition Eval_FO Example-Submission Extended_Finite_State_Machine_Inference Extended_Finite_State_Machines FFT FLP FOL-Fitting FOL_Axiomatic FOL_Harrison FOL_Seq_Calc1 FOL_Seq_Calc2 +FOL_Seq_Calc3 Factor_Algebraic_Polynomial Factored_Transition_System_Bounding Falling_Factorial_Sum Farkas FeatherweightJava Featherweight_OCL Fermat3_4 FileRefinement FinFun Finger-Trees Finite-Map-Extras Finite_Automata_HF Finitely_Generated_Abelian_Groups First_Order_Terms First_Welfare_Theorem Fishburn_Impossibility Fisher_Yates Flow_Networks Floyd_Warshall Flyspeck-Tame FocusStreamsCaseStudies Forcing Formal_Puiseux_Series Formal_SSA Formula_Derivatives Foundation_of_geometry Fourier FO_Theory_Rewriting Free-Boolean-Algebra Free-Groups Fresh_Identifiers FunWithFunctions FunWithTilings Functional-Automata Functional_Ordered_Resolution_Prover Furstenberg_Topology GPU_Kernel_PL Gabow_SCC GaleStewart_Games Gale_Shapley Game_Based_Crypto Gauss-Jordan-Elim-Fun Gauss_Jordan Gauss_Sums Gaussian_Integers GenClock General-Triangle Generalized_Counting_Sort Generic_Deriving Generic_Join GewirthPGCProof Girth_Chromatic GoedelGod Goedel_HFSet_Semantic Goedel_HFSet_Semanticless Goedel_Incompleteness Goodstein_Lambda GraphMarkingIBP Graph_Saturation Graph_Theory Green Groebner_Bases Groebner_Macaulay Gromov_Hyperbolicity Grothendieck_Schemes Group-Ring-Module HOL-CSP HOLCF-Prelude HRB-Slicing Hahn_Jordan_Decomposition Heard_Of Hello_World HereditarilyFinite Hermite Hermite_Lindemann Hidden_Markov_Models Higher_Order_Terms Hoare_Time Hood_Melville_Queue HotelKeyCards Huffman Hybrid_Logic Hybrid_Multi_Lane_Spatial_Logic Hybrid_Systems_VCs HyperCTL Hyperdual IEEE_Floating_Point IFC_Tracking IMAP-CRDT IMO2019 IMP2 IMP2_Binary_Heap IMP_Compiler IP_Addresses Imperative_Insertion_Sort Impossible_Geometry Incompleteness Incredible_Proof_Machine Independence_CH Inductive_Confidentiality Inductive_Inference InfPathElimination InformationFlowSlicing InformationFlowSlicing_Inter Integration Interpolation_Polynomials_HOL_Algebra Interpreter_Optimizations Interval_Arithmetic_Word32 Intro_Dest_Elim Iptables_Semantics Irrational_Series_Erdos_Straus Irrationality_J_Hancl Irrationals_From_THEBOOK IsaGeoCoq Isabelle_C Isabelle_Marries_Dirac Isabelle_Meta_Model Jacobson_Basic_Algebra Jinja JinjaDCI JinjaThreads JiveDataStoreModel Jordan_Hoelder Jordan_Normal_Form KAD KAT_and_DRA KBPs KD_Tree Key_Agreement_Strong_Adversaries Kleene_Algebra Knights_Tour Knot_Theory Knuth_Bendix_Order Knuth_Morris_Pratt Koenigsberg_Friendship Kruskal Kuratowski_Closure_Complement LLL_Basis_Reduction LLL_Factorization LOFT LTL LTL_Master_Theorem LTL_Normal_Form LTL_to_DRA LTL_to_GBA Lam-ml-Normalization LambdaAuth LambdaMu Lambda_Free_EPO Lambda_Free_KBOs Lambda_Free_RPOs Lambert_W Landau_Symbols Laplace_Transform Latin_Square LatticeProperties Launchbury Laws_of_Large_Numbers Lazy-Lists-II Lazy_Case Lehmer Lifting_Definition_Option Lifting_the_Exponent LightweightJava LinearQuantifierElim Linear_Inequalities Linear_Programming Linear_Recurrences Liouville_Numbers List-Index List-Infinite List_Interleaving List_Inversions List_Update LocalLexing Localization_Ring Locally-Nameless-Sigma Logging_Independent_Anonymity Lowe_Ontological_Argument Lower_Semicontinuous Lp LP_Duality Lucas_Theorem MDP-Algorithms MDP-Rewards MFMC_Countable MFODL_Monitor_Optimized MFOTL_Monitor MSO_Regex_Equivalence Markov_Models Marriage Mason_Stothers Matrices_for_ODEs Matrix Matrix_Tensor Matroids Max-Card-Matching Median_Method Median_Of_Medians_Selection Menger Mereology Mersenne_Primes Metalogic_ProofChecker MiniML MiniSail Minimal_SSA Minkowskis_Theorem Minsky_Machines Modal_Logics_for_NTS Modular_Assembly_Kit_Security Modular_arithmetic_LLL_and_HNF_algorithms Monad_Memo_DP Monad_Normalisation MonoBoolTranAlgebra MonoidalCategory Monomorphic_Monad MuchAdoAboutTwo Multi_Party_Computation Multirelations Myhill-Nerode Name_Carrying_Type_Inference Nash_Williams Nat-Interval-Logic Native_Word Nested_Multisets_Ordinals Network_Security_Policy_Verification Neumann_Morgenstern_Utility No_FTL_observers Nominal2 Noninterference_CSP Noninterference_Concurrent_Composition Noninterference_Generic_Unwinding Noninterference_Inductive_Unwinding Noninterference_Ipurge_Unwinding Noninterference_Sequential_Composition NormByEval Nullstellensatz Octonions OpSets Open_Induction Optics Optimal_BST Orbit_Stabiliser Order_Lattice_Props Ordered_Resolution_Prover Ordinal Ordinal_Partitions Ordinals_and_Cardinals Ordinary_Differential_Equations PAC_Checker PAL PCF PLM POPLmark-deBruijn PSemigroupsConvolution Padic_Ints Pairing_Heap Paraconsistency Parity_Game Partial_Function_MR Partial_Order_Reduction Password_Authentication_Protocol Pell Perfect-Number-Thm Perron_Frobenius Physical_Quantities Pi_Calculus Pi_Transcendental Planarity_Certificates Poincare_Bendixson Poincare_Disc Polynomial_Factorization Polynomial_Interpolation Polynomials Pop_Refinement Posix-Lexing Possibilistic_Noninterference Power_Sum_Polynomials Pratt_Certificate Presburger-Automata Prim_Dijkstra_Simple Prime_Distribution_Elementary Prime_Harmonic_Series Prime_Number_Theorem Priority_Queue_Braun Priority_Search_Trees Probabilistic_Noninterference Probabilistic_Prime_Tests Probabilistic_System_Zoo Probabilistic_Timed_Automata Probabilistic_While Program-Conflict-Analysis Progress_Tracking Projective_Geometry Projective_Measurements Promela Proof_Strategy_Language PropResPI Propositional_Proof_Systems Prpu_Maxflow PseudoHoops Psi_Calculi Ptolemys_Theorem Public_Announcement_Logic QHLProver QR_Decomposition Quantales Quasi_Borel_Spaces Quaternions Quick_Sort_Cost RIPEMD-160-SPARK ROBDD RSAPSS Ramsey-Infinite Random_BSTs Random_Graph_Subgraph_Threshold Randomised_BSTs Randomised_Social_Choice Rank_Nullity_Theorem Real_Impl Real_Power Recursion-Addition Recursion-Theory-I Refine_Imperative_HOL Refine_Monadic RefinementReactive Regex_Equivalence Registers Regression_Test_Selection Regular-Sets Regular_Algebras Regular_Tree_Relations Relation_Algebra Relational-Incorrectness-Logic Relational_Disjoint_Set_Forests Relational_Forests Relational_Method Relational_Minimum_Spanning_Trees Relational_Paths Rep_Fin_Groups ResiduatedTransitionSystem Residuated_Lattices Resolution_FOL Rewriting_Z Ribbon_Proofs Robbins-Conjecture Robinson_Arithmetic Root_Balanced_Tree Roth_Arithmetic_Progressions Routing Roy_Floyd_Warshall SATSolverVerification SC_DOM_Components SDS_Impossibility SIFPL SIFUM_Type_Systems SPARCv8 Safe_Distance Safe_OCL Saturation_Framework Saturation_Framework_Extensions Schutz_Spacetime Secondary_Sylow Security_Protocol_Refinement Selection_Heap_Sort SenSocialChoice Separata Separation_Algebra Separation_Logic_Imperative_HOL SequentInvertibility Shadow_DOM Shadow_SC_DOM Shivers-CFA ShortestPath Show Sigma_Commit_Crypto Signature_Groebner Simpl Simple_Firewall Simplex Simplicial_complexes_and_boolean_functions SimplifiedOntologicalArgument Skew_Heap Skip_Lists Slicing Sliding_Window_Algorithm Smith_Normal_Form Smooth_Manifolds Sort_Encodings Source_Coding_Theorem SpecCheck Special_Function_Bounds Splay_Tree Sqrt_Babylonian Stable_Matching Statecharts Stateful_Protocol_Composition_and_Typing Stellar_Quorums Stern_Brocot Stewart_Apollonius Stirling_Formula Stochastic_Matrices Stone_Algebras Stone_Kleene_Relation_Algebras Stone_Relation_Algebras Store_Buffer_Reduction Stream-Fusion Stream_Fusion_Code Strong_Security Sturm_Sequences Sturm_Tarski Stuttering_Equivalence Subresultants Subset_Boolean_Algebras SumSquares Sunflowers SuperCalc Surprise_Paradox Symmetric_Polynomials Syntax_Independent_Logic Szemeredi_Regularity Szpilrajn TESL_Language TLA Tail_Recursive_Functions Tarskis_Geometry Taylor_Models Three_Circles Timed_Automata Topological_Semantics Topology TortoiseHare Transcendence_Series_Hancl_Rucki Transformer_Semantics Transition_Systems_and_Automata Transitive-Closure Transitive-Closure-II Transitive_Models Treaps Tree-Automata Tree_Decomposition Triangle Trie Twelvefold_Way Tycon Types_Tableaus_and_Goedels_God Types_To_Sets_Extension UPF UPF_Firewall UTP Universal_Hash_Families Universal_Turing_Machine UpDown_Scheme Valuation Van_Emde_Boas_Trees Van_der_Waerden VectorSpace VeriComp Verified-Prover Verified_SAT_Based_AI_Planning VerifyThis2018 VerifyThis2019 Vickrey_Clarke_Groves Virtual_Substitution VolpanoSmith VYDRA_MDL WHATandWHERE_Security WOOT_Strong_Eventual_Consistency WebAssembly Weight_Balanced_Trees Weighted_Path_Order Well_Quasi_Orders Wetzels_Problem Winding_Number_Eval Word_Lib WorkerWrapper X86_Semantics XML Youngs_Inequality ZFC_in_HOL Zeta_3_Irrational Zeta_Function pGCL