Return-Path:
Return-Path: <john.harrison-request@uk.ac.cam.cl>
Received: from nsf.ac.uk by swan.cl.cam.ac.uk via JANET
          with NIFTP to fgate (PP) id <3546-0@swan.cl.cam.ac.uk>;
          Thu, 27 Jun 1991 12:37:01 +0100
Received: from vax.nsfnet-relay.ac.uk by sun2.nsfnet-relay.ac.uk
          with SMTP inbound id <6588-4@sun2.nsfnet-relay.ac.uk>;
          Thu, 27 Jun 1991 12:01:25 +0100
Received: from [129.101.100.20] by vax.NSFnet-Relay.AC.UK via NSFnet with SMTP
          id aa02844; 27 Jun 91 10:59 BST
Received: from mcsun.EU.net by ted.cs.uidaho.edu (15.11/1.34) id AA06305;
          Thu, 27 Jun 91 01:19:01 pdt
Received: from kestrel.ukc.ac.uk by mcsun.EU.net with SMTP;
          id AA26273 (5.65a/CWI-2.95); Thu, 27 Jun 91 10:21:23 +0200
Received: from bnr.co.uk by kestrel.Ukc.AC.UK via PSS (UKC CAMEL FTP)
          id aa25135; 27 Jun 91 9:20 BST
Received: from gannet.dsbc.icl.co.uk by hedera.stl.stc.co.uk with SMTP (PP)
          id <19910627081933-0@hedera.stl.stc.co.uk>;
          Thu, 27 Jun 1991 09:19:33 +0100
Received: from wilfrid by iclbra.oasis.icl.co.uk (4.14) over UUCP/SMTP
          id AA03436; Thu, 27 Jun 91 09:18:54 bst
Message-Id: <9106270844.AA02964@erbert.win.icl.co.uk>
From: Rob Arthan <rda@uk.co.icl.win>
Date: Thu, 27 Jun 91 08:44:55 GMT
To: info-hol@edu.uidaho.cs.ted
Subject: select

Concerning Sandy Murphy's meta-theoretical conjecture:

>       So presumably, if one had a proof of a
>       term involving (@x.Px), the same proof should work for a term which
>       substituted (f P) for (@x.Px).  But this is a meta-theorem, something
>       like
>       (|- t[...,(@x.Px),...])  ==> (|-(!f (!Q.Q (f Q)) ==> t[...,(f P),...]))
>       I don't think the un-meta version of this (take out the turnstiles) can
>       be proven in HOL.  (From what I understand about Isabelle, the meta
>       version could be proven there.)

This meta-result is not valid. E.g. consider P (x:*) = T \/ F. Then we can prove
in HOL that (@x.P x)  = (@x.T) (since (@x.P x) = (@x. T \/ F) = (@x.T)).
So

        |- (@x.P x) = (@x.T)

I.e. I am taking t[f] = (f = @x.T). But we cannot have:

        |- (!f.!Q.Q(f Q)) ==> |- f P = (@x.T)

since that says that there is only one choice function for the identically true
predicate (\x:*.T), whereas clearly there are as many such choice functions as
there are elements of *.

Semantically, the fact that you can't prove such a meta-result indicates
that @ must be interpreted by a predetermined fixed choice of representative
for every non-empty subset of every type in the universe. Thus the comment:

>       On the other hand, the only property of x that one knows and can use in
>       a proof is that x satisfies P.

(where x = @x.P) is not really true. One `knows' much more about x, namely that
it is the predetermined representative for P.

Rob Arthan.