isabelle: src/HOL/Isar_examples/BasicLogic.thy@8743e8305611 (annotated)

6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	1	(* Title: HOL/Isar_examples/BasicLogic.thy
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	2	ID: $Id$
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	3	Author: Markus Wenzel, TU Muenchen
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	4
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	5	Basic propositional and quantifier reasoning.
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	6	*)
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	7
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	8	header {* Basic logical reasoning *}
7748 5b9c45b21782 improved presentation; wenzelm parents: 7740 diff changeset	9
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	10	theory BasicLogic = Main:
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	11
7761 7fab9592384f improved presentation; wenzelm parents: 7748 diff changeset	12
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	13	subsection {* Pure backward reasoning *}
7740 2fbe5ce9845f tuned comments; wenzelm parents: 7604 diff changeset	14
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	15	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	16	In order to get a first idea of how Isabelle/Isar proof documents may
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	17	look like, we consider the propositions $I$, $K$, and $S$. The
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	18	following (rather explicit) proofs should require little extra
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	19	explanations.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	20	*}
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	21
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	22	lemma I: "A --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	23	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	24	assume A
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	25	show A by assumption
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	26	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	27
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	28	lemma K: "A --> B --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	29	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	30	assume A
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	31	show "B --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	32	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	33	show A by assumption
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	34	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	35	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	36
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	37	lemma S: "(A --> B --> C) --> (A --> B) --> A --> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	38	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	39	assume "A --> B --> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	40	show "(A --> B) --> A --> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	41	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	42	assume "A --> B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	43	show "A --> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	44	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	45	assume A
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	46	show C
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	47	proof (rule mp)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	48	show "B --> C" by (rule mp)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	49	show B by (rule mp)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	50	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	51	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	52	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	53	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	54
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	55	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	56	Isar provides several ways to fine-tune the reasoning, avoiding
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	57	excessive detail. Several abbreviated language elements are
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	58	available, enabling the writer to express proofs in a more concise
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	59	way, even without referring to any automated proof tools yet.
7761 7fab9592384f improved presentation; wenzelm parents: 7748 diff changeset	60
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	61	First of all, proof by assumption may be abbreviated as a single dot.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	62	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	63
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	64	lemma "A --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	65	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	66	assume A
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	67	show A .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	68	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	69
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	70	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	71	In fact, concluding any (sub-)proof already involves solving any
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	72	remaining goals by assumption\footnote{This is not a completely
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	73	trivial operation, as proof by assumption may involve full
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	74	higher-order unification.}. Thus we may skip the rather vacuous body
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	75	of the above proof as well.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	76	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	77
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	78	lemma "A --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	79	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	80	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	81
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	82	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	83	Note that the \isacommand{proof} command refers to the $\idt{rule}$
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	84	method (without arguments) by default. Thus it implicitly applies a
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	85	single rule, as determined from the syntactic form of the statements
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	86	involved. The \isacommand{by} command abbreviates any proof with
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	87	empty body, so the proof may be further pruned.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	88	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	89
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	90	lemma "A --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	91	by rule
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	92
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	93	text {*
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	94	Proof by a single rule may be abbreviated as double-dot.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	95	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	96
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	97	lemma "A --> A" ..
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	98
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	99	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	100	Thus we have arrived at an adequate representation of the proof of a
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	101	tautology that holds by a single standard rule.\footnote{Apparently,
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	102	the rule here is implication introduction.}
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	103	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	104
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	105	text {*
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	106	Let us also reconsider $K$. Its statement is composed of iterated
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	107	connectives. Basic decomposition is by a single rule at a time,
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	108	which is why our first version above was by nesting two proofs.
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	109
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	110	The $\idt{intro}$ proof method repeatedly decomposes a goal's
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	111	conclusion.\footnote{The dual method is $\idt{elim}$, acting on a
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	112	goal's premises.}
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	113	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	114
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	115	lemma "A --> B --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	116	proof intro
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	117	assume A
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	118	show A .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	119	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	120
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	121	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	122	Again, the body may be collapsed.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	123	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	124
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	125	lemma "A --> B --> A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	126	by intro
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	127
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	128	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	129	Just like $\idt{rule}$, the $\idt{intro}$ and $\idt{elim}$ proof
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	130	methods pick standard structural rules, in case no explicit arguments
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	131	are given. While implicit rules are usually just fine for single
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	132	rule application, this may go too far with iteration. Thus in
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	133	practice, $\idt{intro}$ and $\idt{elim}$ would be typically
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	134	restricted to certain structures by giving a few rules only, e.g.\
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	135	\isacommand{proof}~($\idt{intro}$~\name{impI}~\name{allI}) to strip
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	136	implications and universal quantifiers.
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	137
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	138	Such well-tuned iterated decomposition of certain structures is the
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	139	prime application of $\idt{intro}$ and $\idt{elim}$. In contrast,
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	140	terminal steps that solve a goal completely are usually performed by
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	141	actual automated proof methods (such as
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	142	\isacommand{by}~$\idt{blast}$).
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	143	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	144
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	145
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	146	subsection {* Variations of backward vs.\ forward reasoning *}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	147
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	148	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	149	Certainly, any proof may be performed in backward-style only. On the
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	150	other hand, small steps of reasoning are often more naturally
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	151	expressed in forward-style. Isar supports both backward and forward
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	152	reasoning as a first-class concept. In order to demonstrate the
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	153	difference, we consider several proofs of $A \conj B \impl B \conj
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	154	A$.
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	155
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	156	The first version is purely backward.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	157	*}
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	158
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	159	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	160	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	161	assume "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	162	show "B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	163	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	164	show B by (rule conjunct2)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	165	show A by (rule conjunct1)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	166	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	167	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	168
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	169	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	170	Above, the $\idt{conjunct}_{1/2}$ projection rules had to be named
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	171	explicitly, since the goals $B$ and $A$ did not provide any
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	172	structural clue. This may be avoided using \isacommand{from} to
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	173	focus on $\idt{prems}$ (i.e.\ the $A \conj B$ assumption) as the
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	174	current facts, enabling the use of double-dot proofs. Note that
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	175	\isacommand{from} already does forward-chaining, involving the
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	176	\name{conjE} rule here.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	177	*}
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	178
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	179	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	180	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	181	assume "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	182	show "B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	183	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	184	from prems show B ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	185	from prems show A ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	186	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	187	qed
7604 55566b9ec7d7 tuned; wenzelm parents: 7480 diff changeset	188
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	189	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	190	In the next version, we move the forward step one level upwards.
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	191	Forward-chaining from the most recent facts is indicated by the
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	192	\isacommand{then} command. Thus the proof of $B \conj A$ from $A
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	193	\conj B$ actually becomes an elimination, rather than an
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	194	introduction. The resulting proof structure directly corresponds to
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	195	that of the $\name{conjE}$ rule, including the repeated goal
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	196	proposition that is abbreviated as $\var{thesis}$ below.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	197	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	198
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	199	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	200	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	201	assume "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	202	then show "B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	203	proof -- {* rule \name{conjE} of $A \conj B$ *}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	204	assume A B
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	205	show ?thesis .. -- {* rule \name{conjI} of $B \conj A$ *}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	206	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	207	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	208
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	209	text {*
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	210	In the subsequent version we flatten the structure of the main body
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	211	by doing forward reasoning all the time. Only the outermost
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	212	decomposition step is left as backward.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	213	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	214
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	215	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	216	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	217	assume ab: "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	218	from ab have a: A ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	219	from ab have b: B ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	220	from b a show "B & A" ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	221	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	222
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	223	text {*
9659 b9cf6801f3da tuned; wenzelm parents: 9477 diff changeset	224	We can still push forward-reasoning a bit further, even at the risk
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	225	of getting ridiculous. Note that we force the initial proof step to
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	226	do nothing here, by referring to the ``-'' proof method.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	227	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	228
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	229	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	230	proof -
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	231	{
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	232	assume ab: "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	233	from ab have a: A ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	234	from ab have b: B ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	235	from b a have "B & A" ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	236	}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	237	thus ?thesis .. -- {* rule \name{impI} *}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	238	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	239
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	240	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	241	\medskip With these examples we have shifted through a whole range
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	242	from purely backward to purely forward reasoning. Apparently, in the
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	243	extreme ends we get slightly ill-structured proofs, which also
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	244	require much explicit naming of either rules (backward) or local
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	245	facts (forward).
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	246
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	247	The general lesson learned here is that good proof style would
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	248	achieve just the \emph{right} balance of top-down backward
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	249	decomposition, and bottom-up forward composition. In general, there
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	250	is no single best way to arrange some pieces of formal reasoning, of
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	251	course. Depending on the actual applications, the intended audience
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	252	etc., rules (and methods) on the one hand vs.\ facts on the other
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	253	hand have to be emphasized in an appropriate way. This requires the
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	254	proof writer to develop good taste, and some practice, of course.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	255	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	256
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	257	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	258	For our example the most appropriate way of reasoning is probably the
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	259	middle one, with conjunction introduction done after elimination.
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	260	This reads even more concisely using \isacommand{thus}, which
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	261	abbreviates \isacommand{then}~\isacommand{show}.\footnote{In the same
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	262	vein, \isacommand{hence} abbreviates
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	263	\isacommand{then}~\isacommand{have}.}
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	264	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	265
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	266	lemma "A & B --> B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	267	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	268	assume "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	269	thus "B & A"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	270	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	271	assume A B
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	272	show ?thesis ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	273	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	274	qed
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	275
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	276
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	277
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	278	subsection {* A few examples from ``Introduction to Isabelle'' *}
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	279
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	280	text {*
cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	281	We rephrase some of the basic reasoning examples of
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	282	\cite{isabelle-intro}, using HOL rather than FOL.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	283	*}
7820 cad7cc30fa40 more explanations; wenzelm parents: 7761 diff changeset	284
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	285	subsubsection {* A propositional proof *}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	286
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	287	text {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	288	We consider the proposition $P \disj P \impl P$. The proof below
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	289	involves forward-chaining from $P \disj P$, followed by an explicit
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	290	case-analysis on the two \emph{identical} cases.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	291	*}
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	292
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	293	lemma "P \| P --> P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	294	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	295	assume "P \| P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	296	thus P
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	297	proof -- {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	298	rule \name{disjE}: \smash{$\infer{C}{A \disj B & \infer{C}{[A]} & \infer{C}{[B]}}$}
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	299	*}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	300	assume P show P .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	301	next
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	302	assume P show P .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	303	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	304	qed
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	305
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	306	text {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	307	Case splits are \emph{not} hardwired into the Isar language as a
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	308	special feature. The \isacommand{next} command used to separate the
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	309	cases above is just a short form of managing block structure.
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	310
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	311	\medskip In general, applying proof methods may split up a goal into
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	312	separate ``cases'', i.e.\ new subgoals with individual local
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	313	assumptions. The corresponding proof text typically mimics this by
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	314	establishing results in appropriate contexts, separated by blocks.
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	315
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	316	In order to avoid too much explicit parentheses, the Isar system
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	317	implicitly opens an additional block for any new goal, the
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	318	\isacommand{next} statement then closes one block level, opening a
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	319	new one. The resulting behavior is what one would expect from
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	320	separating cases, only that it is more flexible. E.g.\ an induction
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	321	base case (which does not introduce local assumptions) would
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	322	\emph{not} require \isacommand{next} to separate the subsequent step
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	323	case.
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	324
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	325	\medskip In our example the situation is even simpler, since the two
7874 180364256231 improved presentation; wenzelm parents: 7860 diff changeset	326	cases actually coincide. Consequently the proof may be rephrased as
180364256231 improved presentation; wenzelm parents: 7860 diff changeset	327	follows.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	328	*}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	329
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	330	lemma "P \| P --> P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	331	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	332	assume "P \| P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	333	thus P
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	334	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	335	assume P
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	336	show P .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	337	show P .
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	338	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	339	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	340
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	341	text {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	342	Again, the rather vacuous body of the proof may be collapsed. Thus
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	343	the case analysis degenerates into two assumption steps, which are
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	344	implicitly performed when concluding the single rule step of the
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	345	double-dot proof as follows.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	346	*}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	347
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	348	lemma "P \| P --> P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	349	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	350	assume "P \| P"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	351	thus P ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	352	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	353
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	354
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	355	subsubsection {* A quantifier proof *}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	356
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	357	text {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	358	To illustrate quantifier reasoning, let us prove $(\ex x P \ap (f \ap
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	359	x)) \impl (\ex x P \ap x)$. Informally, this holds because any $a$
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	360	with $P \ap (f \ap a)$ may be taken as a witness for the second
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	361	existential statement.
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	362
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	363	The first proof is rather verbose, exhibiting quite a lot of
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	364	(redundant) detail. It gives explicit rules, even with some
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	365	instantiation. Furthermore, we encounter two new language elements:
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	366	the \isacommand{fix} command augments the context by some new
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	367	``arbitrary, but fixed'' element; the \isacommand{is} annotation
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	368	binds term abbreviations by higher-order pattern matching.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	369	*}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	370
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	371	lemma "(EX x. P (f x)) --> (EX y. P y)"
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	372	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	373	assume "EX x. P (f x)"
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	374	thus "EX y. P y"
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	375	proof (rule exE) -- {*
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	376	rule \name{exE}: \smash{$\infer{B}{\ex x A(x) & \infer*{B}{[A(x)]_x}}$}
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	377	*}
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	378	fix a
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	379	assume "P (f a)" (is "P ?witness")
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	380	show ?thesis by (rule exI [of P ?witness])
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	381	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	382	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	383
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	384	text {*
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	385	While explicit rule instantiation may occasionally improve
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	386	readability of certain aspects of reasoning, it is usually quite
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	387	redundant. Above, the basic proof outline gives already enough
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	388	structural clues for the system to infer both the rules and their
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	389	instances (by higher-order unification). Thus we may as well prune
f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	390	the text as follows.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	391	*}
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	392
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	393	lemma "(EX x. P (f x)) --> (EX y. P y)"
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	394	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	395	assume "EX x. P (f x)"
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	396	thus "EX y. P y"
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	397	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	398	fix a
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	399	assume "P (f a)"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	400	show ?thesis ..
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	401	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	402	qed
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	403
9477 9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	404	text {*
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	405	Explicit $\exists$-elimination as seen above can become quite
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	406	cumbersome in practice. The derived Isar language element
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	407	``\isakeyword{obtain}'' provides a more handsome way to do
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	408	generalized existence reasoning.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	409	*}
9477 9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	410
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	411	lemma "(EX x. P (f x)) --> (EX y. P y)"
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	412	proof
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	413	assume "EX x. P (f x)"
10636 d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	414	then obtain a where "P (f a)" ..
d1efa59ea259 tuned; wenzelm parents: 10007 diff changeset	415	thus "EX y. P y" ..
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	416	qed
9477 9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	417
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	418	text {*
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	419	Technically, \isakeyword{obtain} is similar to \isakeyword{fix} and
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	420	\isakeyword{assume} together with a soundness proof of the
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	421	elimination involved. Thus it behaves similar to any other forward
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	422	proof element. Also note that due to the nature of general existence
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	423	reasoning involved here, any result exported from the context of an
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	424	\isakeyword{obtain} statement may \emph{not} refer to the parameters
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	425	introduced there.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	426	*}
9477 9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	427
9506127f6fbb obtain; wenzelm parents: 8902 diff changeset	428
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	429
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	430	subsubsection {* Deriving rules in Isabelle *}
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	431
7833 f5288e4b95d1 improved presentation; wenzelm parents: 7820 diff changeset	432	text {*
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	433	We derive the conjunction elimination rule from the corresponding
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	434	projections. The proof is quite straight-forward, since
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	435	Isabelle/Isar supports non-atomic goals and assumptions fully
d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	436	transparently.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	437	*}
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	438
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	439	theorem conjE: "A & B ==> (A ==> B ==> C) ==> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	440	proof -
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	441	assume "A & B"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	442	assume r: "A ==> B ==> C"
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	443	show C
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	444	proof (rule r)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	445	show A by (rule conjunct1)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	446	show B by (rule conjunct2)
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	447	qed
64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	448	qed
7001 8121e11ed765 Deriving rules in Isabelle; wenzelm parents: 6892 diff changeset	449
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	450	text {*
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	451	Note that classic Isabelle handles higher rules in a slightly
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	452	different way. The tactic script as given in \cite{isabelle-intro}
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	453	for the same example of \name{conjE} depends on the primitive
7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	454	\texttt{goal} command to decompose the rule into premises and
7982 d534b897ce39 improved presentation; wenzelm parents: 7874 diff changeset	455	conclusion. The actual result would then emerge by discharging of
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	456	the context at \texttt{qed} time.
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	457	*}
7860 7819547df4d8 improved presentation; wenzelm parents: 7833 diff changeset	458
10007 64bf7da1994a isar-strip-terminators; wenzelm parents: 9659 diff changeset	459	end

author	paulson
	Thu, 29 Nov 2001 17:39:23 +0100
changeset 12329	8743e8305611
parent 10636	d1efa59ea259
child 12387	fe2353a8d1e8
permissions	-rw-r--r--