theory PropLogic imports Main LaTeXsugar OptionalSugar begin section "Metatheory of Propositional Logic" text{* We formalize the meaning of propositional formulas and define a proof system. We prove completeness of the proof system via Kalmar's variable elimination method. The material in this section is based on several texts on Mathematical Logic~\cite{Bilaniuk:fk,Mendelson:1997lr} and Paulson's completeness proof in Isabelle/ZF~\cite{Paulson:1995fk}. *} subsection "Formulas and their meaning" datatype formula = Atom nat | Fls | Implies formula formula (infixr "\" 101) primrec eval :: "(nat \ bool) \ formula \ bool" where "eval v (Atom a) = v a" | "eval v Fls = False" | "eval v (\ \ \) = ((eval v \) \ eval v \)" definition tautology :: "formula \ bool" where "tautology \ \ (\ v. eval v \)" definition satisfies :: "(nat \ bool) \ formula set \ bool" ("_ sats _" [80,80] 80) where "v sats \ \ (\ \ \ \. eval v \)" definition satisfiable :: "formula set \ bool" where "satisfiable \ \ (\ v. v sats \)" definition implies :: "formula set \ formula \ bool" ("_ \ _" [80,80] 80) where "\ \ \ \ (\ v. v sats \ \ eval v \ = True)" subsection "Natural deduction" definition Neg :: "formula \ formula" ("\") where "\ \ \ \ \ Fls" declare Neg_def[simp] inductive deduction :: "formula set \ formula \ bool" ("_ \ _" [100,100] 100) where hyp: "\ \ \ \ \ \ \ \ \" | imp_elim: "\ \ \ (\ \ \); \ \ \ \ \ \ \ \" | imp_intro: "\ insert \ \ \ \ \ \ \ \ \ \ \" | false_elim: "\ \ Fls \ \ \ \" | excluded_middle: "\ insert \ \ \ \; insert (\ \) \ \ \ \ \ \ \ \" constdefs emp :: "nat \ formula" "emp \ (\ x. (Atom x))" subsection "Basic properties of the proof system" lemma weakening: assumes gp: "\ \ \" and gd: "\ \ \" shows "\ \ \" using gp gd proof (induct arbitrary: \ rule: deduction.induct) fix \ and \ and \::"formula set" assume ps: "\ \ \" and sd: "\ \ \" from ps sd have "\ \ \" by blast thus "\ \ \" by (rule hyp) next fix \ \ \ \ assume "\ \ \ \ \" and IH1: "\\. \ \ \ \ \ \ \ \ \" and "\ \ \" and IH2: "\\. \ \ \ \ \ \ \" and sd: "\ \ \" from IH1 sd have pp: "\ \ \ \ \" by simp from IH2 sd have dp: "\ \ \" by simp from pp dp show "\ \ \" by (rule imp_elim) next fix \ \ \ \ assume IH: "\\. insert \ \ \ \ \ \ \ \" and sd: "\ \ \" show "\ \ \ \ \" proof (rule imp_intro) from sd have sd2: "insert \ \ \ insert \ \" by blast with IH show "insert \ \ \ \" by blast qed next fix \ \ and \::"formula set" assume IH: "\\. \ \ \ \ \ \ Fls" and sd: "\ \ \" from IH sd have "\ \ Fls" by simp thus "\ \ \" by (rule false_elim) next fix \ \ \ \ assume IH1: "\\. insert \ \ \ \ \ \ \ \" and IH2: "\\. insert (\ \) \ \ \ \ \ \ \" and sd: "\ \ \" from IH1 sd have 1: "insert \ \ \ \" by auto from IH2 sd have 2: "insert (\ \) \ \ \" by auto from 1 2 show "\ \ \" by (rule excluded_middle) qed theorem soundness: assumes d: "\ \ \" shows "\ \ \" using d by (induct rule: deduction.induct) (auto simp add: implies_def satisfies_def) lemma lem_1_11_c: "\ \ (Neg \ \ (\ \ \))" proof (rule imp_intro) show "insert (\ \) \ \ \ \ \" proof (rule imp_intro) let ?G = "insert \ (insert (Neg \) \)" have 1: "?G \ \ \ Fls" by (rule hyp) simp have 2: "?G \ \" by (rule hyp) simp from 1 2 have 3: "?G \ Fls" by (rule imp_elim) from 3 show "?G \ \" by (rule false_elim) qed qed lemma lem_1_11_f: "\ \ (\ \ (Neg \ \ Neg (\ \ \)))" proof (rule imp_intro) show "insert \ \ \ (Neg \ \ Neg (\ \ \))" proof (rule imp_intro) show "insert (Neg \) (insert \ \) \ Neg (\ \ \)" proof (simp, rule imp_intro) let ?G = "insert (\ \ \) (insert (\ \ Fls) (insert \ \))" have 1: "?G \ \" by (rule hyp) simp have 2: "?G \ \ \ \" by (rule hyp) simp from 2 1 have 3: "?G \ \" by (rule imp_elim) have 4: "?G \ \ \ Fls" by (rule hyp) simp from 4 3 show "?G \ Fls" by (rule imp_elim) qed qed qed subsection "Completeness" (* A basis of phi is a set of formulas H such that H |- phi. We'll show that for any valuation T, hyps T phi is a basis for phi. *) primrec hyps :: "nat set \ formula \ formula set" where "hyps T (Atom n) = (if n \ T then {Atom n} else {Neg (Atom n)})" | "hyps T Fls = {}" | "hyps T (\ \ \) = hyps T \ \ hyps T \" lemma hyps_finite: "finite (hyps T \)" by (induct \, auto) lemma hyps_member: "\ T x. x \ hyps T \ \ (\ \. (x = Atom \ \ \ \ T) \ (x = Neg (Atom \) \ \ \ T))" by (induct \, auto) lemma hyps_diff: "hyps (T-{\}) \ \ insert (Neg (Atom \)) ((hyps T \) - {Atom \})" by (induct \, auto) lemma hyps_cons: "hyps (insert \ T) \ \ insert (Atom \) ((hyps T \)-{Neg (Atom \)})" by (induct_tac \, auto) definition flip :: "(nat set) \ formula \ formula" where "flip T \ \ (if eval (\ x. x \ T) \ then \ else Neg \)" lemma "eval (\ x. x \ T) (flip T \)" by (simp add: flip_def) lemma kalmar[rule_format]: "\ \. size \ = n \ hyps v \ \ flip v \" apply (induct rule: nat_less_induct) apply clarify proof - fix n and \::formula assume IH: "\ m. \ \. size \ = m \ hyps v \ \ flip v \" show "hyps v \ \ flip v \" proof (cases \) fix \ assume p: "\ = Atom \" thus ?thesis apply (simp add: flip_def) using hyp by blast next assume p: "\ = Fls" have "hyps v \ \ Fls \ Fls" by (rule imp_intro, rule hyp, simp) with p show ?thesis by (simp add: flip_def) next fix \1 \2 assume p: "\ = \1 \ \2" from p have s1: "size \1 < size \" by simp from s1 IH have IH1: "hyps v \1 \ flip v \1" by blast from p have s2: "size \2 < size \" by simp from s2 IH have IH2: "hyps v \2 \ flip v \2" by blast show ?thesis proof (cases "eval (\ x. x \ v) \1") assume ev1: "eval (\ x. x \ v) \1" from ev1 have f1: "flip v \1 = \1" by (simp add: flip_def) show ?thesis proof (cases "eval (\ x. x \ v) \2") assume ev2: "eval (\ x. x \ v) \2" from ev2 IH2 have ps2: "hyps v \2 \ \2" by (simp add: flip_def) have "hyps v \ \ \1 \ \2" apply (rule imp_intro) using ps2 apply (rule weakening) using p by auto with p ev1 ev2 show ?thesis by (simp add: flip_def) next assume ev2: "\ eval (\ x. x \ v) \2" have 1: "hyps v \ \ (\1 \ (Neg \2 \ Neg (\1 \ \2)))" by (rule lem_1_11_f) from p IH1 ev1 have p1: "hyps v \ \ \1" apply (simp add: flip_def) by (rule weakening) auto from p IH2 ev2 have p2: "hyps v \ \ Neg \2" apply (simp add: flip_def) by (rule weakening) auto from 1 p1 have "hyps v \ \ Neg \2 \ Neg (\1 \ \2)" using imp_elim by blast with p2 have "hyps v \ \ Neg (\1 \ \2)" using imp_elim by blast with p ev1 ev2 show ?thesis by (simp add: flip_def) qed next assume ev1: "\ eval (\ x. x \ v) \1" from ev1 p IH1 have ps1: "hyps v \1 \ Neg \1" by (simp add: flip_def) have p12: "hyps v \1 \ (Neg \1 \ (\1 \ \2))" by (rule lem_1_11_c) from p12 ps1 have "hyps v \1 \ \1 \ \2" by (rule imp_elim) with p ev1 show ?thesis apply (simp add: flip_def) apply (rule weakening) by auto qed qed qed lemma variable_elimination: "finite H \ (\ \. tautology \ \ H \ hyps T0 \ \ (\ T. (hyps T \ - H) \ \))" apply (induct rule: finite_induct) apply clarify defer apply clarify defer proof - fix \ T assume taut: "tautology \" have "hyps T \ \ flip T \" apply (rule kalmar) by simp with taut show "(hyps T \ - {}) \ \" by (simp add: flip_def tautology_def) next fix x H \ T assume IH: "\\. tautology \ \ H \ hyps T0 \ \ (\ T. (hyps T \ - H) \ \)" and taut: "tautology \" and xfh: "insert x H \ hyps T0 \" from xfh obtain \ where X: "(x = Atom \ \ \ \ T0) \ (x = Neg (Atom \) \ \ \ T0)" using hyps_member by blast thus "(hyps T \ - insert x H) \ \" proof assume X: "x = Atom \ \ \ \ T0" show "(hyps T \ - insert x H) \ \" proof (rule excluded_middle[of "Atom \"]) from taut xfh IH have a: "(hyps T \ - H) \ \" by blast have b: "hyps T \ - H \ insert (Atom \) (hyps T \ - insert (Atom \) H)" by blast from a b X show "insert (Atom \) (hyps T \ - insert x H) \ \" using weakening by blast next from taut xfh IH have a: "(hyps (T-{\}) \ - H) \ \" by blast have "hyps (T-{\}) \ \ insert (Neg (Atom \)) ((hyps T \) - {Atom \})" by (rule hyps_diff) with X have b: "(hyps (T-{\}) \) - H \ insert (Neg (Atom \)) (hyps T \ - insert (Atom \) H)" by blast from a b X show "insert (Neg (Atom \)) (hyps T \ - insert x H) \ \" using weakening by blast qed next assume X: "x = Neg (Atom \) \ \ \ T0" show "(hyps T \ - insert x H) \ \" proof (rule excluded_middle[of "Atom \"]) from taut xfh IH have a: "(hyps (insert \ T) \ - H) \ \" by blast have b: "hyps (insert \ T) \ \ insert (Atom \) (hyps T \ - {Neg (Atom \)})" by (rule hyps_cons) from b have c: "hyps (insert \ T) \ - H \ insert (Atom \) (hyps T \ - insert (Neg (Atom \)) H)" by blast from a c X show "insert (Atom \) (hyps T \ - insert x H) \ \" using weakening by blast next from taut xfh IH have a: "(hyps T \ - H) \ \" by blast have b: "hyps T \ - H \ insert (Neg (Atom \)) (hyps T \ - insert (Neg (Atom \)) H)" by blast from a b X show "insert (Neg (Atom \)) (hyps T \ - (insert x H)) \ \" using weakening by blast qed qed qed lemma tautology_implies_deducible: assumes taut: "tautology \" shows "{} \ \" proof - have "finite (hyps T \)" by (rule hyps_finite) with taut have "(hyps T \ - hyps T \) \ \" using variable_elimination by blast thus ?thesis by simp qed theorem completeness: assumes dp: "\ \ \" and fd: "finite \" shows "\ \ \" using fd dp proof (induct arbitrary: \ rule: finite_induct) fix \ assume "{} \ \" hence "tautology \" by (simp add: implies_def tautology_def satisfies_def) thus "{} \ \" by (rule tautology_implies_deducible) next fix x F \ assume fF: "finite F" and xF: "x \ F" and IH: "\ \. F \ \ \ F \ \" and xfp: "insert x F \ \" from xfp have fxp: "F \ x \ \" by (simp add: implies_def satisfies_def) from IH fxp have "F \ x \ \" by simp hence xp: "insert x F \ x \ \" apply (rule weakening) by auto have xx: "insert x F \ x" apply (rule hyp) by simp from xp xx show "insert x F \ \" by (rule imp_elim) qed end