Generic Instantiation: Difference between revisions

From Event-B
Jump to navigationJump to search
imported>Son
imported>Son
Line 16: Line 16:
However, the second theorem can be proved if <code>S</code> is instantiated to another carrier set in the instantiating context.
However, the second theorem can be proved if <code>S</code> is instantiated to another carrier set in the instantiating context.


This could be a limitation of generic instantiation (?<font color=red>to be discussed</font>) and may restrict the applicability of the approach. One should allow carrier sets to be instantiated to some set expressions which are not necessary carrier sets themselves.
This could be a limitation of generic instantiation (<font color=red>Son: Is this a real limitation? To be discussed</font>) and may restrict the applicability of the approach. One should allow carrier sets to be instantiated to some set expressions which are not necessary carrier sets themselves.


The issue, here is that this will definitely introduce unsoundness into the instantiation process.  An example is formula which are no longer well-defined, and the meaning operator such <code>id</code> or <code>prj1</code>, <code>prj2</code> has been changed.
The issue, here is that this will definitely introduce unsoundness into the instantiation process.  An example is formula which are no longer well-defined, and the meaning operator such <code>id</code> or <code>prj1</code>, <code>prj2</code> has been changed <font color=red>Son: Maybe need some examples</font>.

Revision as of 16:23, 26 March 2010

The initial proposal from Southampton is as follows. File:Proposal generic instantiation rodin.pdf.

Issues: Instantiation of Carrier Sets

Currently, the proposal mentions that the carrier sets can be instantiated to any set expressions (which contains existing carrier sets and constants). Beside the declared axioms in the development to be extended there are two hidden axioms about a carrier set S


  S \neq \emptyset

\forall x \qdot x \in S

Both these axioms can be generated as theorems in the instantiating context which need to be proved.

However, the second theorem can be proved if S is instantiated to another carrier set in the instantiating context.

This could be a limitation of generic instantiation (Son: Is this a real limitation? To be discussed) and may restrict the applicability of the approach. One should allow carrier sets to be instantiated to some set expressions which are not necessary carrier sets themselves.

The issue, here is that this will definitely introduce unsoundness into the instantiation process. An example is formula which are no longer well-defined, and the meaning operator such id or prj1, prj2 has been changed Son: Maybe need some examples.