Overview of Isabelle/HOL

HOL = Higher-Order Logic Programming Language Design (CS 422) HOL = Types + Lambda Calculus + Logic HOL has datatypes Elsa L Gunter recursive functions 2112 Siebel Center, UIUC logical operators ( , , , , , , ...) [email protected] ∧ ∨ ¬ −→ ∀ ∃ Contains propositional logic, first-order logic http://courses.engr.illinois.edu/cs422/sp2017 HOL is very similar to a functional programming language Higher-order = functions are values, too! Slides based in part on previous lectures by Grigore Ro¸su We’ll start with propositional and first order logic

March 2, 2017

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 1 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 2 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

Types Terms: Basic syntax

Syntax: Syntax:

τ ::=( τ) term ::=( term) bool nat ... base types c x constant or variable (identifier) | | | | | a b ... type variables term term function application | 0 | 0 | | τ τ total functions (ascii : =>) λx. term function “abstraction” | ⇒ | τ τ pairs (ascii : *) ... lots of syntactic sugar | × | τ list lists | ... user-defined types | Examples: f (g x) yh (λx. f (g x)) Parentheses: f a1 a2 a3 ((f a1) a2) a3 Parentheses: T1 T2 T3 T1 (T2 T3) ≡ ⇒ ⇒ ≡ ⇒ ⇒ Note: Formulae are terms

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 3 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 4 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

λ-calculus in a nutshell λ-calculus in a nutshell

Computation: Informal notation: t[x] term t with 0 or more free occurrences of x Replace formal parameter by actual value

Function application: (“β-reduction”):( λx.t[x])a ;β t[a] f a is the function f called with argument a. Function abstraction: Example:( λx. x + 5) 3 ;β (3 + 5) λx.t[x] is the function with formal parameter x and body/result t[x], Isabelle performs β-reduction automatically i.e. x t[x]. 7→ Isabelle considers( λx.t[x])a and t[a] equivalent

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 5 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 6 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1 Terms and Types Type Inference

Terms must be well-typed! Isabelle automatically computes (“infer”) the type of each variable in a term. The argument of every function call must be of the right type In the presence of overloaded functions (functions with multiple, unrelated types) not always possible. User can help with type annotations inside the term. Notation: t :: τ means t is well-typed term of type τ Example: f(x::nat)

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 7 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 8 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

Terms: Syntactic Sugar Symbol Translations

Some predefined syntactic sugar: x-symbol λ ∀ ∃ ¬ ∧ Infix:+, ,#,@,... ascii (1) − \ \ \ \ \ Mixfix: if then else , case of ,... ascii (2) ALL EX % & ∼ Binders: x.P x means( )(λx. P x) x-symbol ∀ ∀ ∨ −→ ⇒ Prefix binds more strongly than infix: ascii (1) \ \ \ ascii (2) | --> => ! f x + y (f x) + y f (x + y)! ≡ 6≡ (1) is converted to unicode tokens (sometimes with help from you) (2) remains as ascii (most of the time) See Appendix B of Concrete Semantics for more complete list Annotations of definitions let you add your own.

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 9 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 10 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

Formulae (first Approximation) Examples

Syntax (in decreasing priority):

form ::=( form) term = term | form form form |¬ | ∧ form form form form | ∨ | −→ A B C (( A) B) C x. form x. form ¬ ∧ ∨ ≡ ¬ ∧ ∨ |∀ |∃ A B = C A (B = C) and some others ∧ ≡ ∧ x. P x Q x x. (P x Q x) ∀ ∧ ≡ ∀ ∧ x. y. P x y Q x x.( y. (P x y Q x)) Scope of quantifiers: as far to the right as possible ∀ ∃ ∧ ≡ ∀ ∃ ∧

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 11 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 12 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1 Type bool Overloading, Type nat and int

Formulae = terms of type bool Isabelle supports overloading of constants through type classes ! Numerals and arithmetic operations are overloaded: True::bool 0,1,2,...:: nat or:: int or:: real (or others) False::bool + :: nat nat nat and :: bool bool ⇒ ⇒ ¬ ⇒ + :: real real real (and others) , ,...:: bool bool ⇒ ⇒ ∧ ∨ . ⇒ Suc only at:: nat nat Large . ⇒ You need type annotations: 1 :: nat, x + (y :: nat) if-and-only-if: = . . . unless the context is unambiguous: Suc 0 but binds more tightly

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 13 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 14 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

Type list Concrete Syntax

Basic syntax and constructs []: empty list x # xs: list with first element x (“head”) When writing terms and types in .thy files: and rest xs (“tail”) Types and terms need to be enclosed in double quotes "..." Syntactic sugar:[ x1,..., xn] x1# ... #xn#[ ] ≡ Except for single identifiers, e.g. tmpvar or ’a Large library: hd, tl, map, size, filter, set, nth, take, drop, distinct,... "..." won’t always be shown on slides Don’t reinvent, reuse! ; HOL/List.thy

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 15 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 16 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

Introducing New Types

Keywords: typedef: Primitive for type definitions Must build a model and prove it nonempty Only real way of introducing a new type with new properties probably won’t directly use in this class Defining Things typedecl: Pure declaration New type with no properties (except that it is non-empty)

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 17 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 18 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1 Introducing New Types: typedef Introducing New Types

Keywords: Existing type ty type synonym: Abbreviation - used only to make theory files more readable Abs_nty datatype: Defines recursive data-types; solutions to free algebra specifications Model for New type nty Basis for primitive recursive function definitions and patterns new type M Rep_nty record: introduces a record type scheme, introducing its fields. To be covered later (maybe).

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 19 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 20 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1 type synonym datatype: The Example

datatype’a list = Nil | Cons ’a "’a list" Properties: Examples Type constructors: list of one argument type synonym name = string Term constructors: Nil :: ’a list type synonym (’a,’b)foo = "’a list * ’b" Cons :: ’a ’a list ’a list Distinctness: Nil = Cons x xs ⇒ ⇒ Injectivity: 6 Type abbreviations are expanded immediately after parsing (Cons x xs = Cons y ys) = (x = y xs = ys) Not present in internal representation and Isabelle output ∧

Will use for programming language abstract syntax

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 21 Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 22 Elsa L Gunter Programming Language Design (CS 422) / 1 Elsa L Gunter Programming Language Design (CS 422) / 1

A Recursive Function: List Append

Definition by recursion: fun app :: "’a list ’a list ’a list where ⇒ ⇒ app Nil ys = app (Cons x xs) ys = app xs ... | One rule per pattern Recursive calls only applied to “smaller” arguments Uses heuristics to find order based on structural orderings and lexicographic orderings Fails if it can’t find an ordering Guarantees termination (total function) (or fails)

Slides based in part on previous lectures by Grigore Ro¸suMarch 2, 2017 23 Elsa L Gunter Programming Language Design (CS 422) / 1