-
Notifications
You must be signed in to change notification settings - Fork 4
/
fusion.fs
1129 lines (983 loc) · 44.4 KB
/
fusion.fs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
(*
Copyright 1998 University of Cambridge
Copyright 1998-2007 John Harrison
Copyright 2013 Jack Pappas, Anh-Dung Phan, Eric Taucher
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*)
#if USE
#else
/// Complete HOL kernel of types, terms and theorems.
module NHol.fusion
open System
open FSharp.Compatibility.OCaml
open FSharp.Compatibility.OCaml.Num
open ExtCore.Control
open ExtCore.Control.Collections
open NHol
open system
open lib
#endif
infof "Entering fusion.fs"
[<AutoOpen>]
module Hol_kernel =
type hol_type =
| Tyvar of string
| Tyapp of string * hol_type list
override this.ToString() =
match this with
| Tyvar s ->
sprintf "Tyvar \"%s\"" s
| Tyapp(s, htlist) ->
sprintf "Tyapp (\"%s\", %O)" s htlist
type term =
| Var of string * hol_type
| Const of string * hol_type
| Comb of term * term
| Abs of term * term
override this.ToString() =
match this with
| Var(s, t) ->
sprintf "Var (\"%s\", %O)" s t
| Const(s, t) ->
sprintf "Const (\"%s\", %O)" s t
| Comb(t1, t2) ->
sprintf "Comb (%O, %O)" t1 t2
| Abs(t1, t2) ->
sprintf "Abs (%O, %O)" t1 t2
type thm0 =
| Sequent of term list * term
override this.ToString() =
match this with
| Sequent(tlist, t) ->
sprintf "Sequent (%O, %O)" tlist t
#if BUGGY
#else
type thm = Protected<thm0>
#endif
(* ------------------------------------------------------------------------- *)
(* List of current type constants with their arities. *)
(* *)
(* Initially we just have the boolean type and the function space *)
(* constructor. Later on we add as primitive the type of individuals. *)
(* All other new types result from definitional extension. *)
(* ------------------------------------------------------------------------- *)
let the_type_constants =
ref ["bool", 0; "fun", 2]
(* ------------------------------------------------------------------------- *)
(* Return all the defined types. *)
(* ------------------------------------------------------------------------- *)
/// Lists all the types presently declared.
let types() = !the_type_constants
(* ------------------------------------------------------------------------- *)
(* Lookup function for type constants. Returns arity if it succeeds. *)
(* ------------------------------------------------------------------------- *)
/// Returns the arity of a type constructor.
let get_type_arity s : Protected<int> =
match assoc s !the_type_constants with
| Some result ->
Choice.result result
| None ->
Choice.failwith "find"
(* ------------------------------------------------------------------------- *)
(* Declare a new type. *)
(* ------------------------------------------------------------------------- *)
/// Declares a new type or type constructor.
let new_type(name, arity) : Protected<unit> =
if Choice.isResult <| get_type_arity name then
let msg = sprintf "new_type: type %s has already been declared" name
logger.Error(msg)
Choice.failwith msg
else
the_type_constants := (name, arity) :: !the_type_constants
Choice.result ()
(* ------------------------------------------------------------------------- *)
(* Basic type constructors. *)
(* ------------------------------------------------------------------------- *)
/// Constructs a type (other than a variable type).
let mk_type(tyop, args) : Protected<hol_type> =
choice {
let! arity =
get_type_arity tyop
|> Choice.mapError (fun ex ->
nestedFailure ex ("mk_type: type " + tyop + " has not been defined"))
if arity = length args then
return Tyapp(tyop, args)
else
return! Choice.failwith ("mk_type: wrong number of arguments to " + tyop)
}
/// Constructs a type variable of the given name.
let mk_vartype v = Tyvar(v)
(* ------------------------------------------------------------------------- *)
(* Basic type destructors. *)
(* ------------------------------------------------------------------------- *)
/// Breaks apart a type (other than a variable type).
let dest_type ty : Protected<string * hol_type list> =
match ty with
| Tyapp(s, ty) ->
Choice.result (s, ty)
| Tyvar _ ->
Choice.failwith "dest_type: type variable not a constructor"
/// Breaks a type variable down to its name.
let dest_vartype ty : Protected<string> =
match ty with
| Tyvar s ->
Choice.result s
| Tyapp(_, _) ->
Choice.failwith "dest_vartype: type constructor not a variable"
(* ------------------------------------------------------------------------- *)
(* Basic type discriminators. *)
(* ------------------------------------------------------------------------- *)
/// Tests whether a type is an instance of a type constructor.
let is_type = Choice.isResult << dest_type
/// Tests a type to see if it is a type variable.
let is_vartype = Choice.isResult << dest_vartype
(* ------------------------------------------------------------------------- *)
(* Return the type variables in a type and in a list of types. *)
(* ------------------------------------------------------------------------- *)
/// Returns a list of the type variables in a type.
let rec tyvars ty =
match ty with
| Tyapp(_, args) ->
itlist (union << tyvars) args []
| Tyvar v as tv ->
[tv]
(* ------------------------------------------------------------------------- *)
(* Substitute types for type variables. *)
(* *)
(* NB: non-variables in subst list are just ignored (a check would be *)
(* repeated many times), as are repetitions (first possibility is taken). *)
(* ------------------------------------------------------------------------- *)
/// Substitute chosen types for type variables in a type.
let rec type_subst i ty =
match ty with
| Tyapp(tycon, args) ->
let args' = qmap (type_subst i) args
if args' == args then ty
else Tyapp(tycon, args')
| _ -> rev_assocd ty i ty
/// The type ':bool'.
let bool_ty = Tyapp("bool", [])
/// The type variable ':A'.
let aty = Tyvar "A"
(* ------------------------------------------------------------------------- *)
(* List of term constants and their types. *)
(* *)
(* We begin with just equality (over all types). Later, the Hilbert choice *)
(* operator is added. All other new constants are defined. *)
(* ------------------------------------------------------------------------- *)
let the_term_constants =
ref ["=", Tyapp("fun", [aty; Tyapp("fun", [aty; bool_ty])])]
(* ------------------------------------------------------------------------- *)
(* Return all the defined constants with generic types. *)
(* ------------------------------------------------------------------------- *)
/// Returns a list of the constants currently defined.
let constants() = !the_term_constants
(* ------------------------------------------------------------------------- *)
(* Gets type of constant if it succeeds. *)
(* ------------------------------------------------------------------------- *)
/// Gets the generic type of a constant from the name of the constant.
let get_const_type s : Protected<hol_type> =
choice {
match assoc s !the_term_constants with
| Some result ->
return result
| None ->
return! Choice.failwith "find"
}
(* ------------------------------------------------------------------------- *)
(* Declare a new constant. *)
(* ------------------------------------------------------------------------- *)
/// Declares a new constant.
let new_constant(name, ty) : Protected<unit> =
if Choice.isResult <| get_const_type name then
let msg = "new_constant: constant " + name + " has already been declared"
logger.Error(msg)
Choice.failwith msg
else
Choice.result (the_term_constants := (name, ty) :: (!the_term_constants))
(* ------------------------------------------------------------------------- *)
(* Finds the type of a term (assumes it is well-typed). *)
(* ------------------------------------------------------------------------- *)
/// Returns the type of a term.
// OPTIMIZE : Use ChoiceCont from ExtCore here to recurse in bounded stack space.
let rec type_of tm : Protected<hol_type> =
choice {
match tm with
| Var(_, ty) ->
return ty
| Const(_, ty) ->
return ty
| Comb(s, _) ->
let! type_of_s = type_of s
let! dest_type_of_s = dest_type type_of_s
return hd (tl (snd dest_type_of_s))
| Abs(Var(_, ty), t) ->
let! type_of_t = type_of t
return Tyapp("fun", [ty; type_of_t])
| _ ->
return! Choice.failwith "type_of: not a type of a term"
}
(* ------------------------------------------------------------------------- *)
(* Primitive discriminators. *)
(* ------------------------------------------------------------------------- *)
/// Tests a term to see if it is a variable.
let is_var =
function
| Var(_, _) -> true
| _ -> false
/// Tests a term to see if it is a constant.
let is_const =
function
| Const(_, _) -> true
| _ -> false
/// Tests a term to see if it is an abstraction.
let is_abs =
function
| Abs(_, _) -> true
| _ -> false
/// Tests a term to see if it is a combination (function application).
let is_comb =
function
| Comb(_, _) -> true
| _ -> false
(* ------------------------------------------------------------------------- *)
(* Primitive constructors. *)
(* ------------------------------------------------------------------------- *)
/// Constructs a variable of given name and type.
let inline mk_var(v, ty) = Var(v, ty)
/// Produce constant term by applying an instantiation to its generic type.
let mk_const(name, theta) : Protected<term> =
choice {
let! uty = get_const_type name
return Const(name, type_subst theta uty)
}
|> Choice.mapError (fun e ->
nestedFailure e "mk_const: not a constant name")
/// Constructs an abstraction.
let mk_abs(bvar, bod) : Protected<term> =
choice {
match bvar with
| Var(_, _) ->
return Abs(bvar, bod)
| _ ->
return! Choice.failwith "mk_abs: not a variable"
}
/// Constructs a combination.
let mk_comb(f, a) : Protected<term> =
choice {
let! ty0 = type_of f
match ty0 with
| Tyapp("fun", [ty; _]) ->
let! ta = type_of a
if compare ty ta = 0 then
return Comb(f, a)
else
return! Choice.failwith "mk_comb: types do not agree"
| _ ->
return! Choice.failwith "mk_comb: types do not agree"
}
(* ------------------------------------------------------------------------- *)
(* Primitive destructors. *)
(* ------------------------------------------------------------------------- *)
/// Breaks apart a variable into name and type.
let dest_var tm : Protected<string * hol_type> =
match tm with
| Var(s, ty) ->
Choice.result (s, ty)
| _ ->
Choice.failwith "dest_var: not a variable"
/// Breaks apart a constant into name and type.
let dest_const tm : Protected<string * hol_type> =
match tm with
| Const(s, ty) ->
Choice.result (s, ty)
| _ ->
Choice.failwith "dest_const: not a constant"
/// Breaks apart a combination (function application) into rator and rand.
let dest_comb tm : Protected<term * term> =
match tm with
| Comb(f, x) ->
Choice.result (f, x)
| _ ->
Choice.failwith "dest_comb: not a combination"
/// Breaks apart an abstraction into abstracted variable and body.
let dest_abs tm : Protected<term * term> =
match tm with
| Abs(v, b) ->
Choice.result (v, b)
| _ ->
Choice.failwith "dest_abs: not an abstraction"
(* ------------------------------------------------------------------------- *)
(* Finds the variables free in a term (list of terms). *)
(* ------------------------------------------------------------------------- *)
/// Returns a list of the variables free in a term.
let rec frees tm =
match tm with
| Const(_, _) ->
[]
| Var(_, _) ->
[tm]
| Abs(bv, bod) ->
subtract (frees bod) [bv]
| Comb(s, t) ->
union (frees s) (frees t)
/// Returns a list of the free variables in a list of terms.
let freesl tml = itlist (union << frees) tml []
(* ------------------------------------------------------------------------- *)
(* Whether all free variables in a term appear in a list. *)
(* ------------------------------------------------------------------------- *)
/// Tests if all free variables of a term appear in a list.
let rec freesin acc tm =
match tm with
| Const(_, _) ->
true
| Var(_, _) ->
mem tm acc
| Abs(bv, bod) ->
freesin (bv :: acc) bod
| Comb(s, t) ->
freesin acc s && freesin acc t
(* ------------------------------------------------------------------------- *)
(* Whether a variable (or constant in fact) is free in a term. *)
(* ------------------------------------------------------------------------- *)
/// Tests whether a variable (or constant) occurs free in a term.
let rec vfree_in v tm =
match tm with
| Abs(bv, bod) ->
v <> bv && vfree_in v bod
| Comb(s, t) ->
vfree_in v s || vfree_in v t
| _ ->
compare tm v = 0
(* ------------------------------------------------------------------------- *)
(* Finds the type variables (free) in a term. *)
(* ------------------------------------------------------------------------- *)
/// Returns the set of type variables used in a term.
let rec type_vars_in_term tm : Protected<hol_type list> =
choice {
match tm with
| Var(_, ty) ->
return tyvars ty
| Const(_, ty) ->
return tyvars ty
| Comb(s, t) ->
let! l = type_vars_in_term s
let! r = type_vars_in_term t
return union l r
| Abs(Var(_, ty), t) ->
let l = tyvars ty
let! r = type_vars_in_term t
return union l r
| _ ->
return! Choice.failwith "type_vars_in_term: not a type variable"
}
(* ------------------------------------------------------------------------- *)
(* For name-carrying syntax, we need this early. *)
(* ------------------------------------------------------------------------- *)
/// Modifies a variable name to avoid clashes.
let rec variant avoid v : Protected<term> =
choice {
if not(exists (vfree_in v) avoid) then
return v
else
match v with
| Var(s, ty) ->
return! variant avoid (Var(s + "'", ty))
| _ ->
return! Choice.failwith "variant: not a variable"
}
(* ------------------------------------------------------------------------- *)
(* Substitution primitive (substitution for variables only!) *)
(* ------------------------------------------------------------------------- *)
// CLEAN : Change the name of the 'ilist' parameter here to 'theta' if it makes sense,
// or change the the 'theta' parameter in the vsubst function to 'ilist' -- either way,
// the code would be more readable if they had the same name.
let rec private vsubstRec ilist tm : Protected<term> =
choice {
match tm with
| Const(_, _) ->
return tm
| Var(_, _) ->
return rev_assocd tm ilist tm
| Comb(s, t) ->
let! s' = vsubstRec ilist s
let! t' = vsubstRec ilist t
if s' == s && t' == t then
return tm
else
return Comb(s', t')
| Abs(v, s) ->
let ilist' = filter (fun (t, x) -> x <> v) ilist
if ilist' = [] then
return tm
else
let! s' = vsubstRec ilist' s
if s' == s then
return tm
elif exists (fun (t, x) -> vfree_in v t && vfree_in x s) ilist' then
let! v' = variant [s'] v
// CLEAN : Replace the name of this value with something sensible.
let! foo1 = vsubstRec ((v', v) :: ilist') s
return Abs(v', foo1)
else
return Abs(v, s')
}
// CLEAN : Replace the name of this function with something more descriptive.
let private checkTermAndVarTypesMatch theta =
theta
|> forall (fun (t, x) ->
match type_of t, dest_var x with
| Success r1, Success r2 ->
r1 = snd r2
| _ -> false)
/// Substitute terms for variables inside a term.
// CLEAN : Unless it offers a _specific_ performance benefit, it would simplify the code if we
// added an extra parameter 'tm : term' to this function instead of returning a closure.
let vsubst theta : (term -> Protected<term>) =
if List.isEmpty theta then
Choice.result
elif checkTermAndVarTypesMatch theta then
vsubstRec theta
else
fun (_ : term) ->
Choice.failwith "vsubst: Bad substitution list"
(* ------------------------------------------------------------------------- *)
(* Type instantiation primitive. *)
(* ------------------------------------------------------------------------- *)
(* NOTE : The original hol-light code defined an exception "Clash of term" for use
by the 'inst' function below. Instead of using exceptions, the F# code below
uses Choice<_,_,_> values; in this future, this should be modified to use
nested Choice<_,_> values instead (so Clash would be (Choice1Of2 << Choice2Of2)
so we can make better use of workflows. *)
let rec private instRec env tyin tm : Choice<term, term, exn> =
// These helper functions simplify some of the code below.
let inline result x = Choice1Of3 x
let inline clash x = Choice2Of3 x
let inline error x = Choice3Of3 x
let inline (|Result|Clash|Err|) value =
match value with
| Choice1Of3 tm -> Result tm
| Choice2Of3 tm -> Clash tm
| Choice3Of3 ex -> Err ex
match tm with
| Var(n, ty) ->
let tm' =
let ty' = type_subst tyin ty
if ty' == ty then tm
else Var(n, ty')
if compare (rev_assocd tm' env tm) tm = 0 then
result tm'
else
clash tm'
| Const(c, ty) ->
let ty' = type_subst tyin ty
if ty' == ty then
result tm
else
result <| Const(c, ty')
| Comb(f, x) ->
match instRec env tyin f with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result f' ->
match instRec env tyin x with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result x' ->
if f' == f && x' == x then
result tm
else
result <| Comb(f', x')
| Abs(y, t) ->
match instRec [] tyin y with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result y' ->
let env' = (y, y') :: env
match instRec env' tyin t with
| Err ex ->
error ex
| Clash w' ->
if w' <> y' then
// At this point, we assume the clash cannot be fixed and return an error.
// TODO : Provide a better error message; perhaps include the clashing terms.
error <| exn "instRec: clash"
else
let ifrees =
// Original code: map (instRec [] tyin) (frees t)
// This is similar to Choice.List.map in ExtCore, except it uses Choice<_,_,_>.
(Choice1Of3 [], frees t)
||> List.fold (fun state tm ->
match state with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result lst ->
match instRec [] tyin tm with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result tm ->
result (tm :: lst))
|> function
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result lst ->
result (List.rev lst)
match ifrees with
| Err ex ->
error ex
| Clash tm ->
clash tm
| Result ifrees ->
match variant ifrees y' with
| Error ex ->
error ex
| Success y'' ->
match dest_var y'' with
| Error ex ->
error ex
| Success dest_y'' ->
match dest_var y with
| Error ex ->
error ex
| Success dest_var_y ->
let z = Var(fst dest_y'', snd dest_var_y)
match vsubst [z, y] t with
| Error ex ->
error ex
| Success vsubst_zy_t ->
instRec env tyin (Abs(z, vsubst_zy_t))
| Result t' ->
if y' == y && t' == t then
result tm
else
result <| Abs(y', t')
let private instImpl env tyin tm : Protected<_> =
match instRec env tyin tm with
| Choice1Of3 result ->
Choice.result result
| Choice2Of3 clashTerm ->
// This handles the "Clash" case.
// TODO : Improve this error message; include the clashing term.
// NOTE : This case probably shouldn't ever be matched -- 'instRec' attempts to handle
// clashes, and finally returns an error (Choice3Of3) if a clash can't be handled.
Choice.failwith "instImpl: Clash"
| Choice3Of3 ex ->
Choice.error ex
/// Instantiate type variables in a term.
// CLEAN : Unless it offers a _specific_ performance benefit, it would simplify the code if we
// added an extra parameter 'tm : term' to this function instead of returning a closure.
let inst tyin : (term -> Protected<term>) =
if List.isEmpty tyin then Choice.result
else instImpl [] tyin
(* ------------------------------------------------------------------------- *)
(* A few bits of general derived syntax. *)
(* ------------------------------------------------------------------------- *)
/// Returns the operator from a combination (function application).
let rator tm : Protected<term> =
choice {
match tm with
| Comb(l, r) ->
return l
| _ ->
return! Choice.failwith "rator: Not a combination"
}
/// Returns the operand from a combination (function application).
let rand tm : Protected<term> =
choice {
match tm with
| Comb(l, r) ->
return r
| _ ->
return! Choice.failwith "rand: Not a combination"
}
(* ------------------------------------------------------------------------- *)
(* Syntax operations for equations. *)
(* ------------------------------------------------------------------------- *)
let safe_mk_eq l r : Protected<term> =
choice {
let! ty = type_of l
return Comb(Comb(Const("=", Tyapp("fun", [ty; Tyapp("fun", [ty; bool_ty])])), l), r)
}
/// Term destructor for equality.
let dest_eq tm : Protected<term * term> =
choice {
match tm with
| Comb(Comb(Const("=", _), l), r) ->
return l, r
| _ ->
return! Choice.failwith "dest_eq"
}
(* ------------------------------------------------------------------------- *)
(* Useful to have term union modulo alpha-conversion for assumption lists. *)
(* ------------------------------------------------------------------------- *)
let rec ordav env x1 x2 =
match env with
| [] -> compare x1 x2
| (t1, t2) :: oenv ->
if compare x1 t1 = 0 then
if compare x2 t2 = 0 then 0
else -1
elif compare x2 t2 = 0 then 1
else ordav oenv x1 x2
let rec orda env tm1 tm2 =
// (fun (x, y) -> x = y) is equivalent to (uncurry (=))
if tm1 == tm2 && forall (fun (x, y) -> x = y) env then 0
else
match tm1, tm2 with
| Var(x1, ty1), Var(x2, ty2) ->
ordav env tm1 tm2
| Const(x1, ty1), Const(x2, ty2) ->
compare tm1 tm2
| Comb(s1, t1), Comb(s2, t2) ->
match orda env s1 s2 with
| 0 -> orda env t1 t2
| c -> c
| Abs(Var(_, ty1) as x1, t1), Abs(Var(_, ty2) as x2, t2) ->
match compare ty1 ty2 with
| 0 -> orda ((x1, x2) :: env) t1 t2
| c -> c
| Const(_, _), _ -> -1
| _, Const(_, _) -> 1
| Var(_, _), _ -> -1
| _, Var(_, _) -> 1
| Comb(_, _), _ -> -1
| _, Comb(_, _) -> 1
| _ -> failwith "orda: unexpected pattern"
/// Total ordering on terms respecting alpha-equivalence.
let alphaorder = orda []
/// Union of two sets of terms up to alpha-equivalence.
let rec term_union l1 l2 =
match l1, l2 with
| [], l2 -> l2
| l1, [] -> l1
| h1 :: t1, h2 :: t2 ->
let c = alphaorder h1 h2
if c = 0 then h1 :: (term_union t1 t2)
elif c < 0 then h1 :: (term_union t1 l2)
else h2 :: (term_union l1 t2)
let rec term_remove t l =
match l with
| [] -> l
| s :: ss ->
let c = alphaorder t s
if c > 0 then
let ss' = term_remove t ss
if ss' == ss then l
else s :: ss'
elif c = 0 then ss
else l
let rec term_image f l =
match l with
| [] -> l
| h :: t ->
let h' = f h
let t' = term_image f t
if h' == h && t' == t then l
else term_union [h'] t'
(* ------------------------------------------------------------------------- *)
(* Basic theorem destructors. *)
(* ------------------------------------------------------------------------- *)
/// Breaks a theorem into assumption list and conclusion.
let dest_thm(Sequent(asl, c)) = (asl, c)
/// Returns the hypotheses of a theorem.
let hyp(Sequent(asl, c)) = asl
/// Returns the conclusion of a theorem.
let concl(Sequent(asl, c)) = c
(* ------------------------------------------------------------------------- *)
(* Basic equality properties; TRANS is derivable but included for efficiency *)
(* ------------------------------------------------------------------------- *)
/// Returns theorem expressing reflexivity of equality.
let REFL tm : Protected<thm0> =
choice {
let! tm' = safe_mk_eq tm tm
return Sequent([], tm')
}
/// Uses transitivity of equality on two equational theorems.
let TRANS (thm1 : Protected<thm0>) (thm2 : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl1, eq)) = thm1
let! (Sequent(asl2, c)) = thm2
match eq, c with
| Comb((Comb(Const("=", _), _) as eql), m1), Comb(Comb(Const("=", _), m2), r) when alphaorder m1 m2 = 0 ->
return Sequent(term_union asl1 asl2, Comb(eql, r))
| _ ->
return! Choice.failwith "TRANS"
}
(* ------------------------------------------------------------------------- *)
(* Congruence properties of equality. *)
(* ------------------------------------------------------------------------- *)
/// Proves equality of combinations constructed from equal functions and operands.
let MK_COMB (thm1 : Protected<thm0>, thm2 : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl1, eq)) = thm1
let! (Sequent(asl2, c)) = thm2
match eq, c with
| Comb(Comb(Const("=", _), l1), r1), Comb(Comb(Const("=", _), l2), r2) ->
let! ty1 = type_of l1
let! ty2 = type_of l2
match ty1 with
| Tyapp("fun", [ty; _]) when compare ty ty2 = 0 ->
let! tm = safe_mk_eq (Comb(l1, l2)) (Comb(r1, r2))
return Sequent(term_union asl1 asl2, tm)
| _ ->
return! Choice.failwith "MK_COMB: types do not agree"
| _ ->
return! Choice.failwith "MK_COMB: not both equations"
}
/// Abstracts both sides of an equation.
let ABS v (thm : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl, c)) = thm
match v, c with
| Var(_, _), Comb(Comb(Const("=", _), l), r) when not(exists (vfree_in v) asl) ->
let! tm = safe_mk_eq (Abs(v, l)) (Abs(v, r))
return Sequent(asl, tm)
| _ ->
return! Choice.failwith "ABS"
}
(* ------------------------------------------------------------------------- *)
(* Trivial case of lambda calculus beta-conversion. *)
(* ------------------------------------------------------------------------- *)
/// Special primitive case of beta-reduction.
let BETA tm : Protected<thm0> =
choice {
match tm with
| Comb(Abs(v, bod), arg) when compare arg v = 0 ->
let! tm = safe_mk_eq tm bod
return Sequent([], tm)
| _ ->
return! Choice.failwith "BETA: not a trivial beta-redex"
}
(* ------------------------------------------------------------------------- *)
(* Rules connected with deduction. *)
(* ------------------------------------------------------------------------- *)
/// Introduces an assumption.
let ASSUME tm : Protected<thm0> =
choice {
let! ty = type_of tm
if compare ty bool_ty = 0 then
return Sequent([tm], tm)
else
return! Choice.failwith "ASSUME: not a proposition"
}
/// Equality version of the Modus Ponens rule.
let EQ_MP (thm1 : Protected<thm0>) (thm2 : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl1, eq)) = thm1
let! (Sequent(asl2, c)) = thm2
match eq with
| Comb(Comb(Const("=", _), l), r) when alphaorder l c = 0 ->
return Sequent(term_union asl1 asl2, r)
| _ ->
return! Choice.failwith "EQ_MP"
}
/// Deduces logical equivalence from deduction in both directions.
let DEDUCT_ANTISYM_RULE (thm1 : Protected<thm0>) (thm2 : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl1, eq)) = thm1
let! (Sequent(asl2, c)) = thm2
let asl1' = term_remove c asl1
let asl2' = term_remove eq asl2
let! tm = safe_mk_eq eq c
return Sequent(term_union asl1' asl2', tm)
}
(* ------------------------------------------------------------------------- *)
(* Type and term instantiation. *)
(* ------------------------------------------------------------------------- *)
/// Instantiates types in a theorem.
let INST_TYPE (theta : (hol_type * hol_type) list) (thm : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl, c)) = thm
let inst_fun = inst theta
// TODO : Modify term_image so it works with functions returning a Protected<_> value.
let! foo1 =
Choice.attempt <| fun () ->
term_image (inst_fun >> ExtCore.Choice.bindOrRaise) asl
let! foo2 = inst_fun c
return Sequent(foo1, foo2)
}
/// Instantiates free variables in a theorem.
let INST theta (thm : Protected<thm0>) : Protected<thm0> =
choice {
let! (Sequent(asl, c)) = thm
let inst_fun = vsubst theta
// TODO : Modify term_image so it works with functions returning a Protected<_> value.
let! foo1 =
Choice.attempt <| fun () ->
term_image (inst_fun >> ExtCore.Choice.bindOrRaise) asl
let! foo2 = inst_fun c
return Sequent(foo1, foo2)
}
(* ------------------------------------------------------------------------- *)
(* Handling of axioms. *)
(* ------------------------------------------------------------------------- *)
let the_axioms = ref([] : thm0 list)
/// Returns the current set of axioms.
let axioms() = !the_axioms
/// Sets up a new axiom.
let new_axiom tm : Protected<thm0> =
choice {
let! ty = type_of tm
if compare ty bool_ty = 0 then
let th = Sequent([], tm)
the_axioms := th :: (!the_axioms)
return th
else
return! Choice.failwith "new_axiom: Not a proposition"
}
|> Choice.mapError (fun e ->
logger.Error(Printf.sprintf "new_axiom returns %O" e)
e)
(* ------------------------------------------------------------------------- *)
(* Handling of (term) definitions. *)
(* ------------------------------------------------------------------------- *)
/// List of all definitions introduced so far.
let the_definitions = ref([] : thm0 list)
/// Returns the current set of primitive definitions.
let definitions() = !the_definitions
/// Makes a simple new definition of the form 'c = t'.
let new_basic_definition tm : Protected<thm0> =
choice {
match tm with
| Comb(Comb(Const("=", _), Var(cname, ty)), r) ->
if not <| freesin [] r then
return! Choice.failwith "new_definition: term not closed"
else
let! ty' = type_vars_in_term r
if not <| subset ty' (tyvars ty) then
return! Choice.failwith "new_definition: Type variables not reflected in constant"
else
do! new_constant(cname, ty)
let c = Const(cname, ty)
let! dth =