isabelle: doc-src/IsarRef/Thy/Framework.thy@df4e53d18ebc (annotated)

29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	1	theory Framework
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	2	imports Main
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	3	begin
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	4
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	5	chapter {* The Isabelle/Isar Framework \label{ch:isar-framework} *}
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	6
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	7	text {*
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	8	Isabelle/Isar
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	9	\cite{Wenzel:1999:TPHOL,Wenzel-PhD,Nipkow-TYPES02,Wenzel-Paulson:2006,Wenzel:2006:Festschrift}
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	10	is intended as a generic framework for developing formal
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	11	mathematical documents with full proof checking. Definitions and
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	12	proofs are organized as theories; an assembly of theory sources may
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	13	be presented as a printed document; see also
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	14	\chref{ch:document-prep}.
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	15
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	16	The main objective of Isar is the design of a human-readable
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	17	structured proof language, which is called the ``primary proof
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	18	format'' in Isar terminology. Such a primary proof language is
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	19	somewhere in the middle between the extremes of primitive proof
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	20	objects and actual natural language. In this respect, Isar is a bit
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	21	more formalistic than Mizar
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	22	\cite{Trybulec:1993:MizarFeatures,Rudnicki:1992:MizarOverview,Wiedijk:1999:Mizar},
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	23	using logical symbols for certain reasoning schemes where Mizar
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	24	would prefer English words; see \cite{Wenzel-Wiedijk:2002} for
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	25	further comparisons of these systems.
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	26
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	27	So Isar challenges the traditional way of recording informal proofs
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	28	in mathematical prose, as well as the common tendency to see fully
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	29	formal proofs directly as objects of some logical calculus (e.g.\
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	30	@{text "\<lambda>"}-terms in a version of type theory). In fact, Isar is
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	31	better understood as an interpreter of a simple block-structured
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	32	language for describing data flow of local facts and goals,
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	33	interspersed with occasional invocations of proof methods.
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	34	Everything is reduced to logical inferences internally, but these
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	35	steps are somewhat marginal compared to the overall bookkeeping of
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	36	the interpretation process. Thanks to careful design of the syntax
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	37	and semantics of Isar language elements, a formal record of Isar
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	38	instructions may later appear as an intelligible text to the
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	39	attentive reader.
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	40
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	41	The Isar proof language has emerged from careful analysis of some
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	42	inherent virtues of the existing logical framework of Isabelle/Pure
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	43	\cite{paulson-found,paulson700}, notably composition of higher-order
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	44	natural deduction rules, which is a generalization of Gentzen's
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	45	original calculus \cite{Gentzen:1935}. The approach of generic
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	46	inference systems in Pure is continued by Isar towards actual proof
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	47	texts.
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	48
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	49	Concrete applications require another intermediate layer: an
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	50	object-logic. Isabelle/HOL \cite{isa-tutorial} (simply-typed
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	51	set-theory) is being used most of the time; Isabelle/ZF
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	52	\cite{isabelle-ZF} is less extensively developed, although it would
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	53	probably fit better for classical mathematics.
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	54
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	55	\medskip In order to illustrate typical natural deduction reasoning
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	56	in Isar, we shall refer to the background theory and library of
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	57	Isabelle/HOL. This includes common notions of predicate logic,
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	58	naive set-theory etc.\ using fairly standard mathematical notation.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	59	From the perspective of generic natural deduction there is nothing
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	60	special about the logical connectives of HOL (@{text "\<and>"}, @{text
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	61	"\<or>"}, @{text "\<forall>"}, @{text "\<exists>"}, etc.), only the resulting reasoning
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	62	principles are relevant to the user. There are similar rules
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	63	available for set-theory operators (@{text "\<inter>"}, @{text "\<union>"}, @{text
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	64	"\<Inter>"}, @{text "\<Union>"}, etc.), or any other theory developed in the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	65	library (lattice theory, topology etc.).
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	66
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	67	Subsequently we briefly review fragments of Isar proof texts
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	68	corresponding directly to such general natural deduction schemes.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	69	The examples shall refer to set-theory, to minimize the danger of
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	70	understanding connectives of predicate logic as something special.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	71
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	72	\medskip The following deduction performs @{text "\<inter>"}-introduction,
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	73	working forwards from assumptions towards the conclusion. We give
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	74	both the Isar text, and depict the primitive rule involved, as
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	75	determined by unification of the problem against rules from the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	76	context.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	77	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	78
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	79	text_raw {\medskip\begin{minipage}{0.6\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	80
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	81	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	82	lemma True
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	83	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	84	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	85	assume "x \<in> A" and "x \<in> B"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	86	then have "x \<in> A \<inter> B" ..
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	87	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	88	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	89	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	90
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	91	text_raw {\end{minipage}\begin{minipage}{0.4\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	92
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	93	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	94	\infer{@{prop "x \<in> A \<inter> B"}}{@{prop "x \<in> A"} & @{prop "x \<in> B"}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	95	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	96
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	97	text_raw {\end{minipage}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	98
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	99	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	100	\medskip\noindent Note that @{command "assume"} augments the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	101	context, @{command "then"} indicates that the current facts shall be
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	102	used in the next step, and @{command "have"} states a local claim.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	103	The two dots ``@{command ".."}'' above refer to a complete proof of
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	104	the claim, using the indicated facts and a canonical rule from the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	105	context. We could have been more explicit here by spelling out the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	106	final proof step via the @{command "by"} command:
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	107	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	108
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	109	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	110	lemma True
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	111	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	112	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	113	assume "x \<in> A" and "x \<in> B"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	114	then have "x \<in> A \<inter> B" by (rule IntI)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	115	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	116	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	117	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	118
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	119	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	120	\noindent The format of the @{text "\<inter>"}-introduction rule represents
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	121	the most basic inference, which proceeds from given premises to a
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	122	conclusion, without any additional context involved.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	123
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	124	\medskip The next example performs backwards introduction on @{term
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	125	"\<Inter>\<A>"}, the intersection of all sets within a given set. This
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	126	requires a nested proof of set membership within a local context of
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	127	an arbitrary-but-fixed member of the collection:
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	128	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	129
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	130	text_raw {\medskip\begin{minipage}{0.6\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	131
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	132	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	133	lemma True
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	134	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	135	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	136	have "x \<in> \<Inter>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	137	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	138	fix A
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	139	assume "A \<in> \<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	140	show "x \<in> A" sorry
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	141	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	142	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	143	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	144	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	145
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	146	text_raw {\end{minipage}\begin{minipage}{0.4\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	147
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	148	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	149	\infer{@{prop "x \<in> \<Inter>\<A>"}}{\infer*{@{prop "x \<in> A"}}{@{text "[A][A \<in> \<A>]"}}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	150	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	151
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	152	text_raw {\end{minipage}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	153
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	154	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	155	\medskip\noindent This Isar reasoning pattern again refers to the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	156	primitive rule depicted above. The system determines it in the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	157	``@{command "proof"}'' step, which could have been spelt out more
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	158	explicitly as ``@{command "proof"}~@{text "("}@{method rule}~@{fact
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	159	InterI}@{text ")"}''. Note that this rule involves both a local
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	160	parameter @{term "A"} and an assumption @{prop "A \<in> \<A>"} in the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	161	nested reasoning. This kind of compound rule typically demands a
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	162	genuine sub-proof in Isar, working backwards rather than forwards as
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	163	seen before. In the proof body we encounter the @{command
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	164	"fix"}-@{command "assume"}-@{command "show"} skeleton of nested
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	165	sub-proofs that is typical for Isar. The final @{command "show"} is
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	166	like @{command "have"} followed by an additional refinement of the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	167	enclosing claim, using the rule derived from the proof body. The
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	168	@{command "sorry"} command stands for a hole in the proof -- it may
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	169	be understood as an excuse for not providing a proper proof yet.
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	170
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	171	\medskip The next example involves @{term "\<Union>\<A>"}, which can be
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	172	characterized as the set of all @{term "x"} such that @{prop "\<exists>A. x
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	173	\<in> A \<and> A \<in> \<A>"}. The elimination rule for @{prop "x \<in> \<Union>\<A>"} does
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	174	not mention @{text "\<exists>"} and @{text "\<and>"} at all, but admits to obtain
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	175	directly a local @{term "A"} such that @{prop "x \<in> A"} and @{prop "A
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	176	\<in> \<A>"} hold. This corresponds to the following Isar proof and
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	177	inference rule, respectively:
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	178	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	179
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	180	text_raw {\medskip\begin{minipage}{0.6\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	181
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	182	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	183	lemma True
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	184	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	185	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	186	assume "x \<in> \<Union>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	187	then have C
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	188	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	189	fix A
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	190	assume "x \<in> A" and "A \<in> \<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	191	show C sorry
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	192	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	193	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	194	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	195	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	196
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	197	text_raw {\end{minipage}\begin{minipage}{0.4\textwidth}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	198
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	199	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	200	\infer{@{prop "C"}}{@{prop "x \<in> \<Union>\<A>"} & \infer*{@{prop "C"}~}{@{text "[A][x \<in> A, A \<in> \<A>]"}}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	201	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	202
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	203	text_raw {\end{minipage}}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	204
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	205	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	206	\medskip\noindent Although the Isar proof follows the natural
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	207	deduction rule closely, the text reads not as natural as
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	208	anticipated. There is a double occurrence of an arbitrary
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	209	conclusion @{prop "C"}, which represents the final result, but is
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	210	irrelevant for now. This issue arises for any elimination rule
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	211	involving local parameters. Isar provides the derived language
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	212	element @{command "obtain"}, which is able to perform the same
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	213	elimination proof more conveniently:
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	214	*}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	215
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	216	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	217	lemma True
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	218	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	219	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	220	assume "x \<in> \<Union>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	221	then obtain A where "x \<in> A" and "A \<in> \<A>" ..
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	222	(<)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	223	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	224	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	225
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	226	text {*
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	227	\noindent Here we avoid to mention the final conclusion @{prop "C"}
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	228	and return to plain forward reasoning. The rule involved in the
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	229	``@{command ".."}'' proof is the same as before.
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	230	*}
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	231
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	232	end

author	wenzelm
	Mon, 09 Feb 2009 21:09:24 +0100
changeset 29721	df4e53d18ebc
parent 29716	b6266c4c68fe
child 29729	c2e926455fcc
permissions	-rw-r--r--