isabelle: src/Doc/Isar_Ref/Framework.thy@8b537e1af2ec (annotated)

61656 cfabbc083977 more uniform jEdit properties; wenzelm parents: 61493 diff changeset	1	(:maxLineLen=78:)
cfabbc083977 more uniform jEdit properties; wenzelm parents: 61493 diff changeset	2
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	3	theory Framework
63531 847eefdca90d clarified imports; wenzelm parents: 63039 diff changeset	4	imports Main Base
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	5	begin
b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	6
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	7	chapter \<open>The Isabelle/Isar Framework \label{ch:isar-framework}\<close>
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	8
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	9	text \<open>
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	10	Isabelle/Isar \<^cite>\<open>"Wenzel:1999:TPHOL" and "Wenzel-PhD" and
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	11	"Nipkow-TYPES02" and "Wiedijk:1999:Mizar" and "Wenzel-Paulson:2006" and
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	12	"Wenzel:2006:Festschrift"\<close> is a generic framework for developing formal
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	13	mathematical documents with full proof checking. Definitions, statements and
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	14	proofs are organized as theories. A collection of theories sources may be
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	15	presented as a printed document; see also \chref{ch:document-prep}.
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	16
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	17	The main concern of Isar is the design of a human-readable structured proof
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	18	language, which is called the ``primary proof format'' in Isar terminology.
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	19	Such a primary proof language is somewhere in the middle between the
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	20	extremes of primitive proof objects and actual natural language.
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	21
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	22	Thus Isar challenges the traditional way of recording informal proofs in
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	23	mathematical prose, as well as the common tendency to see fully formal
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	24	proofs directly as objects of some logical calculus (e.g.\ \<open>\<lambda>\<close>-terms in a
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	25	version of type theory). Technically, Isar is an interpreter of a simple
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	26	block-structured language for describing the data flow of local facts and
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	27	goals, interspersed with occasional invocations of proof methods. Everything
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	28	is reduced to logical inferences internally, but these steps are somewhat
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	29	marginal compared to the overall bookkeeping of the interpretation process.
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	30	Thanks to careful design of the syntax and semantics of Isar language
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	31	elements, a formal record of Isar commands may later appear as an
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	32	intelligible text to the human reader.
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	33
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	34	The Isar proof language has emerged from careful analysis of some inherent
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	35	virtues of the logical framework Isabelle/Pure \<^cite>\<open>"paulson-found" and
4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	36	"paulson700"\<close>, notably composition of higher-order natural deduction rules,
4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	37	which is a generalization of Gentzen's original calculus \<^cite>\<open>"Gentzen:1935"\<close>. The approach of generic inference systems in Pure is
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	38	continued by Isar towards actual proof texts. See also
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	39	\figref{fig:natural-deduction}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	40
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	41	\begin{figure}[htb]
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	42
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	43	\begin{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	44	\begin{minipage}[t]{0.9\textwidth}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	45
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	46	\textbf{Inferences:}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	47	\begin{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	48	\begin{tabular}{l@ {\qquad}l}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	49	\infer{\<open>B\<close>}{\<open>A \<longrightarrow> B\<close> & \<open>A\<close>} &
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	50	\infer{\<open>A \<longrightarrow> B\<close>}{\infer*{\<open>B\<close>}{\<open>[A]\<close>}} \\
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	51	\end{tabular}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	52	\end{center}
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	53
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	54	\textbf{Isabelle/Pure:}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	55	\begin{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	56	\begin{tabular}{l@ {\qquad}l}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	57	\<open>(A \<longrightarrow> B) \<Longrightarrow> A \<Longrightarrow> B\<close> &
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	58	\<open>(A \<Longrightarrow> B) \<Longrightarrow> A \<longrightarrow> B\<close>
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	59	\end{tabular}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	60	\end{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	61
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	62	\textbf{Isabelle/Isar:}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	63	\begin{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	64	\begin{minipage}[t]{0.4\textwidth}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	65	@{theory_text [display, indent = 2]
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	66	\<open>have "A \<longrightarrow> B" \<proof>
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	67	also have A \<proof>
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	68	finally have B .\<close>}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	69	\end{minipage}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	70	\begin{minipage}[t]{0.4\textwidth}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	71	@{theory_text [display, indent = 2]
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	72	\<open>have "A \<longrightarrow> B"
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	73	proof
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	74	assume A
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	75	then show B \<proof>
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	76	qed\<close>}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	77	\end{minipage}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	78	\end{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	79
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	80	\end{minipage}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	81	\end{center}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	82
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	83	\caption{Natural Deduction via inferences according to Gentzen, rules in
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	84	Isabelle/Pure, and proofs in Isabelle/Isar}\label{fig:natural-deduction}
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	85
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	86	\end{figure}
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	87
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	88	\<^medskip>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	89	Concrete applications require another intermediate layer: an object-logic.
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	90	Isabelle/HOL \<^cite>\<open>"isa-tutorial"\<close> (simply-typed set-theory) is most
71925 bf085daea304 clarified sessions: "Notable Examples in Isabelle/HOL"; wenzelm parents: 71924 diff changeset	91	commonly used; elementary examples are given in the directories
bf085daea304 clarified sessions: "Notable Examples in Isabelle/HOL"; wenzelm parents: 71924 diff changeset	92	\<^dir>\<open>~~/src/Pure/Examples\<close> and \<^dir>\<open>~~/src/HOL/Examples\<close>. Some examples
bf085daea304 clarified sessions: "Notable Examples in Isabelle/HOL"; wenzelm parents: 71924 diff changeset	93	demonstrate how to start a fresh object-logic from Isabelle/Pure, and use
bf085daea304 clarified sessions: "Notable Examples in Isabelle/HOL"; wenzelm parents: 71924 diff changeset	94	Isar proofs from the very start, despite the lack of advanced proof tools at
bf085daea304 clarified sessions: "Notable Examples in Isabelle/HOL"; wenzelm parents: 71924 diff changeset	95	such an early stage (e.g.\ see
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	96	\<^file>\<open>~~/src/Pure/Examples/Higher_Order_Logic.thy\<close>). Isabelle/FOL \<^cite>\<open>"isabelle-logics"\<close> and Isabelle/ZF \<^cite>\<open>"isabelle-ZF"\<close> also work, but are
63680 6e1e8b5abbfa more symbols; wenzelm parents: 63669 diff changeset	97	much less developed.
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	98
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	99	In order to illustrate natural deduction in Isar, we shall subsequently
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	100	refer to the background theory and library of Isabelle/HOL. This includes
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	101	common notions of predicate logic, naive set-theory etc.\ using fairly
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	102	standard mathematical notation. From the perspective of generic natural
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	103	deduction there is nothing special about the logical connectives of HOL
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	104	(\<open>\<and>\<close>, \<open>\<or>\<close>, \<open>\<forall>\<close>, \<open>\<exists>\<close>, etc.), only the resulting reasoning principles are
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	105	relevant to the user. There are similar rules available for set-theory
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	106	operators (\<open>\<inter>\<close>, \<open>\<union>\<close>, \<open>\<Inter>\<close>, \<open>\<Union>\<close>, etc.), or any other theory developed in the
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	107	library (lattice theory, topology etc.).
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	108
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	109	Subsequently we briefly review fragments of Isar proof texts corresponding
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	110	directly to such general deduction schemes. The examples shall refer to
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	111	set-theory, to minimize the danger of understanding connectives of predicate
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	112	logic as something special.
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	113
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	114	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	115	The following deduction performs \<open>\<inter>\<close>-introduction, working forwards from
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	116	assumptions towards the conclusion. We give both the Isar text, and depict
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	117	the primitive rule involved, as determined by unification of fact and goal
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	118	statements against rules that are declared in the library context.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	119	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	120
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	121	text_raw \<open>\medskip\begin{minipage}{0.6\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	122
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	123	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	124	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	125	begin
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	126	fix x :: 'a and A B
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	127	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	128	assume "x \<in> A" and "x \<in> B"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	129	then have "x \<in> A \<inter> B" ..
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	130	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	131	end
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	132	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	133
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	134	text_raw \<open>\end{minipage}\begin{minipage}{0.4\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	135
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	136	text \<open>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	137	\infer{\<open>x \<in> A \<inter> B\<close>}{\<open>x \<in> A\<close> & \<open>x \<in> B\<close>}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	138	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	139
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	140	text_raw \<open>\end{minipage}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	141
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	142	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	143	\<^medskip>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	144	Note that \<^theory_text>\<open>assume\<close> augments the proof context, \<^theory_text>\<open>then\<close> indicates that the
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	145	current fact shall be used in the next step, and \<^theory_text>\<open>have\<close> states an
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	146	intermediate goal. The two dots ``\<^theory_text>\<open>..\<close>'' refer to a complete proof of this
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	147	claim, using the indicated facts and a canonical rule from the context. We
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	148	could have been more explicit here by spelling out the final proof step via
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	149	the \<^theory_text>\<open>by\<close> command:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	150	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	151
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	152	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	153	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	154	begin
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	155	fix x :: 'a and A B
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	156	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	157	assume "x \<in> A" and "x \<in> B"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	158	then have "x \<in> A \<inter> B" by (rule IntI)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	159	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	160	end
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	161	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	162
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	163	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	164	The format of the \<open>\<inter>\<close>-introduction rule represents the most basic inference,
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	165	which proceeds from given premises to a conclusion, without any nested proof
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	166	context involved.
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	167
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	168	The next example performs backwards introduction of \<open>\<Inter>\<A>\<close>, the intersection
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	169	of all sets within a given set. This requires a nested proof of set
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	170	membership within a local context, where \<open>A\<close> is an arbitrary-but-fixed
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	171	member of the collection:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	172	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	173
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	174	text_raw \<open>\medskip\begin{minipage}{0.6\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	175
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	176	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	177	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	178	begin
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	179	fix x :: 'a and \<A>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	180	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	181	have "x \<in> \<Inter>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	182	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	183	fix A
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	184	assume "A \<in> \<A>"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	185	show "x \<in> A" \<proof>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	186	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	187	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	188	end
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	189	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	190
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	191	text_raw \<open>\end{minipage}\begin{minipage}{0.4\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	192
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	193	text \<open>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	194	\infer{\<open>x \<in> \<Inter>\<A>\<close>}{\infer*{\<open>x \<in> A\<close>}{\<open>[A][A \<in> \<A>]\<close>}}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	195	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	196
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	197	text_raw \<open>\end{minipage}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	198
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	199	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	200	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	201	This Isar reasoning pattern again refers to the primitive rule depicted
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	202	above. The system determines it in the ``\<^theory_text>\<open>proof\<close>'' step, which could have
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	203	been spelled out more explicitly as ``\<^theory_text>\<open>proof (rule InterI)\<close>''. Note that
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	204	the rule involves both a local parameter \<open>A\<close> and an assumption \<open>A \<in> \<A>\<close> in
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	205	the nested reasoning. Such compound rules typically demands a genuine
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	206	subproof in Isar, working backwards rather than forwards as seen before. In
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	207	the proof body we encounter the \<^theory_text>\<open>fix\<close>-\<^theory_text>\<open>assume\<close>-\<^theory_text>\<open>show\<close> outline of nested
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	208	subproofs that is typical for Isar. The final \<^theory_text>\<open>show\<close> is like \<^theory_text>\<open>have\<close>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	209	followed by an additional refinement of the enclosing claim, using the rule
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	210	derived from the proof body.
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	211
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	212	\<^medskip>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	213	The next example involves \<open>\<Union>\<A>\<close>, which can be characterized as the set of
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	214	all \<open>x\<close> such that \<open>\<exists>A. x \<in> A \<and> A \<in> \<A>\<close>. The elimination rule for \<open>x \<in> \<Union>\<A>\<close>
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	215	does not mention \<open>\<exists>\<close> and \<open>\<and>\<close> at all, but admits to obtain directly a local
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	216	\<open>A\<close> such that \<open>x \<in> A\<close> and \<open>A \<in> \<A>\<close> hold. This corresponds to the following
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	217	Isar proof and inference rule, respectively:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	218	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	219
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	220	text_raw \<open>\medskip\begin{minipage}{0.6\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	221
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	222	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	223	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	224	begin
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	225	fix x :: 'a and \<A> C
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	226	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	227	assume "x \<in> \<Union>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	228	then have C
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	229	proof
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	230	fix A
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	231	assume "x \<in> A" and "A \<in> \<A>"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	232	show C \<proof>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	233	qed
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	234	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	235	end
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	236	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	237
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	238	text_raw \<open>\end{minipage}\begin{minipage}{0.4\textwidth}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	239
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	240	text \<open>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	241	\infer{\<open>C\<close>}{\<open>x \<in> \<Union>\<A>\<close> & \infer*{\<open>C\<close>~}{\<open>[A][x \<in> A, A \<in> \<A>]\<close>}}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	242	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	243
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	244	text_raw \<open>\end{minipage}\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	245
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	246	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	247	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	248	Although the Isar proof follows the natural deduction rule closely, the text
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	249	reads not as natural as anticipated. There is a double occurrence of an
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	250	arbitrary conclusion \<open>C\<close>, which represents the final result, but is
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	251	irrelevant for now. This issue arises for any elimination rule involving
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	252	local parameters. Isar provides the derived language element \<^theory_text>\<open>obtain\<close>,
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	253	which is able to perform the same elimination proof more conveniently:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	254	\<close>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	255
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	256	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	257	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	258	begin
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	259	fix x :: 'a and \<A>
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	260	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	261	assume "x \<in> \<Union>\<A>"
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	262	then obtain A where "x \<in> A" and "A \<in> \<A>" ..
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	263	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	264	end
29721 df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	265	(>)
df4e53d18ebc added introductory examples; wenzelm parents: 29716 diff changeset	266
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	267	text \<open>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	268	Here we avoid to mention the final conclusion \<open>C\<close> and return to plain
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	269	forward reasoning. The rule involved in the ``\<^theory_text>\<open>..\<close>'' proof is the same as
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	270	before.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	271	\<close>
29716 b6266c4c68fe basic setup for chapter "The Isabelle/Isar Framework"; wenzelm parents: diff changeset	272
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	273
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	274	section \<open>The Pure framework \label{sec:framework-pure}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	275
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	276	text \<open>
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	277	The Pure logic \<^cite>\<open>"paulson-found" and "paulson700"\<close> is an intuitionistic
4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	278	fragment of higher-order logic \<^cite>\<open>"church40"\<close>. In type-theoretic
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	279	parlance, there are three levels of \<open>\<lambda>\<close>-calculus with corresponding arrows
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	280	\<open>\<Rightarrow>\<close>/\<open>\<And>\<close>/\<open>\<Longrightarrow>\<close>:
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	281
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	282	\<^medskip>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	283	\begin{tabular}{ll}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	284	\<open>\<alpha> \<Rightarrow> \<beta>\<close> & syntactic function space (terms depending on terms) \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	285	\<open>\<And>x. B(x)\<close> & universal quantification (proofs depending on terms) \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	286	\<open>A \<Longrightarrow> B\<close> & implication (proofs depending on proofs) \\
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	287	\end{tabular}
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	288	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	289
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	290	Here only the types of syntactic terms, and the propositions of proof terms
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	291	have been shown. The \<open>\<lambda>\<close>-structure of proofs can be recorded as an optional
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	292	feature of the Pure inference kernel \<^cite>\<open>"Berghofer-Nipkow:2000:TPHOL"\<close>,
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	293	but the formal system can never depend on them due to \<^emph>\<open>proof irrelevance\<close>.
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	294
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	295	On top of this most primitive layer of proofs, Pure implements a generic
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	296	calculus for nested natural deduction rules, similar to \<^cite>\<open>"Schroeder-Heister:1984"\<close>. Here object-logic inferences are internalized as
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	297	formulae over \<open>\<And>\<close> and \<open>\<Longrightarrow>\<close>. Combining such rule statements may involve
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	298	higher-order unification \<^cite>\<open>"paulson-natural"\<close>.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	299	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	300
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	301
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	302	subsection \<open>Primitive inferences\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	303
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	304	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	305	Term syntax provides explicit notation for abstraction \<open>\<lambda>x :: \<alpha>. b(x)\<close> and
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	306	application \<open>b a\<close>, while types are usually implicit thanks to
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	307	type-inference; terms of type \<open>prop\<close> are called propositions. Logical
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	308	statements are composed via \<open>\<And>x :: \<alpha>. B(x)\<close> and \<open>A \<Longrightarrow> B\<close>. Primitive reasoning
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	309	operates on judgments of the form \<open>\<Gamma> \<turnstile> \<phi>\<close>, with standard introduction and
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	310	elimination rules for \<open>\<And>\<close> and \<open>\<Longrightarrow>\<close> that refer to fixed parameters \<open>x\<^sub>1, \<dots>,
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	311	x\<^sub>m\<close> and hypotheses \<open>A\<^sub>1, \<dots>, A\<^sub>n\<close> from the context \<open>\<Gamma>\<close>; the corresponding
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	312	proof terms are left implicit. The subsequent inference rules define \<open>\<Gamma> \<turnstile> \<phi>\<close>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	313	inductively, relative to a collection of axioms from the implicit background
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	314	theory:
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	315
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	316	\[
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	317	\infer{\<open>\<turnstile> A\<close>}{\<open>A\<close> \mbox{~is axiom}}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	318	\qquad
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	319	\infer{\<open>A \<turnstile> A\<close>}{}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	320	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	321
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	322	\[
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	323	\infer{\<open>\<Gamma> \<turnstile> \<And>x. B(x)\<close>}{\<open>\<Gamma> \<turnstile> B(x)\<close> & \<open>x \<notin> \<Gamma>\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	324	\qquad
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	325	\infer{\<open>\<Gamma> \<turnstile> B(a)\<close>}{\<open>\<Gamma> \<turnstile> \<And>x. B(x)\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	326	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	327
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	328	\[
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	329	\infer{\<open>\<Gamma> - A \<turnstile> A \<Longrightarrow> B\<close>}{\<open>\<Gamma> \<turnstile> B\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	330	\qquad
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	331	\infer{\<open>\<Gamma>\<^sub>1 \<union> \<Gamma>\<^sub>2 \<turnstile> B\<close>}{\<open>\<Gamma>\<^sub>1 \<turnstile> A \<Longrightarrow> B\<close> & \<open>\<Gamma>\<^sub>2 \<turnstile> A\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	332	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	333
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	334	Furthermore, Pure provides a built-in equality \<open>\<equiv> :: \<alpha> \<Rightarrow> \<alpha> \<Rightarrow> prop\<close> with
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	335	axioms for reflexivity, substitution, extensionality, and \<open>\<alpha>\<beta>\<eta>\<close>-conversion
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	336	on \<open>\<lambda>\<close>-terms.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	337
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	338	\<^medskip>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	339
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	340	An object-logic introduces another layer on top of Pure, e.g.\ with types
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	341	\<open>i\<close> for individuals and \<open>o\<close> for propositions, term constants \<open>Trueprop :: o
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	342	\<Rightarrow> prop\<close> as (implicit) derivability judgment and connectives like \<open>\<and> :: o \<Rightarrow> o
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	343	\<Rightarrow> o\<close> or \<open>\<forall> :: (i \<Rightarrow> o) \<Rightarrow> o\<close>, and axioms for object-level rules such as
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	344	\<open>conjI: A \<Longrightarrow> B \<Longrightarrow> A \<and> B\<close> or \<open>allI: (\<And>x. B x) \<Longrightarrow> \<forall>x. B x\<close>. Derived object rules
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	345	are represented as theorems of Pure. After the initial object-logic setup,
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	346	further axiomatizations are usually avoided: definitional principles are
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	347	used instead (e.g.\ \<^theory_text>\<open>definition\<close>, \<^theory_text>\<open>inductive\<close>, \<^theory_text>\<open>fun\<close>, \<^theory_text>\<open>function\<close>).
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	348	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	349
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	350
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	351	subsection \<open>Reasoning with rules \label{sec:framework-resolution}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	352
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	353	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	354	Primitive inferences mostly serve foundational purposes. The main reasoning
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	355	mechanisms of Pure operate on nested natural deduction rules expressed as
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	356	formulae, using \<open>\<And>\<close> to bind local parameters and \<open>\<Longrightarrow>\<close> to express entailment.
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	357	Multiple parameters and premises are represented by repeating these
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	358	connectives in a right-associative manner.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	359
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	360	Thanks to the Pure theorem \<^prop>\<open>(A \<Longrightarrow> (\<And>x. B x)) \<equiv> (\<And>x. A \<Longrightarrow> B x)\<close> the
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	361	connectives \<open>\<And>\<close> and \<open>\<Longrightarrow>\<close> commute. So we may assume w.l.o.g.\ that rule
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	362	statements always observe the normal form where quantifiers are pulled in
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	363	front of implications at each level of nesting. This means that any Pure
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	364	proposition may be presented as a \<^emph>\<open>Hereditary Harrop Formula\<close> \<^cite>\<open>"Miller:1991"\<close> which is of the form \<open>\<And>x\<^sub>1 \<dots> x\<^sub>m. H\<^sub>1 \<Longrightarrow> \<dots> H\<^sub>n \<Longrightarrow> A\<close> for \<open>m, n
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	365	\<ge> 0\<close>, and \<open>A\<close> atomic, and \<open>H\<^sub>1, \<dots>, H\<^sub>n\<close> being recursively of the same
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	366	format. Following the convention that outermost quantifiers are implicit,
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	367	Horn clauses \<open>A\<^sub>1 \<Longrightarrow> \<dots> A\<^sub>n \<Longrightarrow> A\<close> are a special case of this.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	368
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	369	For example, the \<open>\<inter>\<close>-introduction rule encountered before is represented as
bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	370	a Pure theorem as follows:
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	371	\[
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	372	\<open>IntI:\<close>~\<^prop>\<open>x \<in> A \<Longrightarrow> x \<in> B \<Longrightarrow> x \<in> A \<inter> B\<close>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	373	\]
1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	374
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	375	This is a plain Horn clause, since no further nesting on the left is
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	376	involved. The general \<open>\<Inter>\<close>-introduction corresponds to a Hereditary Harrop
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	377	Formula with one additional level of nesting:
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	378	\[
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	379	\<open>InterI:\<close>~\<^prop>\<open>(\<And>A. A \<in> \<A> \<Longrightarrow> x \<in> A) \<Longrightarrow> x \<in> \<Inter>\<A>\<close>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	380	\]
1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	381
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	382	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	383	Goals are also represented as rules: \<open>A\<^sub>1 \<Longrightarrow> \<dots> A\<^sub>n \<Longrightarrow> C\<close> states that the
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	384	subgoals \<open>A\<^sub>1, \<dots>, A\<^sub>n\<close> entail the result \<open>C\<close>; for \<open>n = 0\<close> the goal is
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	385	finished. To allow \<open>C\<close> being a rule statement itself, there is an internal
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	386	protective marker \<open># :: prop \<Rightarrow> prop\<close>, which is defined as identity and
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	387	hidden from the user. We initialize and finish goal states as follows:
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	388
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	389	\[
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	390	\begin{array}{c@ {\qquad}c}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	391	\infer[(@{inference_def init})]{\<open>C \<Longrightarrow> #C\<close>}{} &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	392	\infer[(@{inference_def finish})]{\<open>C\<close>}{\<open>#C\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	393	\end{array}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	394	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	395
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	396	Goal states are refined in intermediate proof steps until a finished form is
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	397	achieved. Here the two main reasoning principles are @{inference
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	398	resolution}, for back-chaining a rule against a subgoal (replacing it by
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	399	zero or more subgoals), and @{inference assumption}, for solving a subgoal
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	400	(finding a short-circuit with local assumptions). Below \<open>\<^vec>x\<close> stands
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	401	for \<open>x\<^sub>1, \<dots>, x\<^sub>n\<close> (for \<open>n \<ge> 0\<close>).
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	402
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	403	\[
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	404	\infer[(@{inference_def resolution})]
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	405	{\<open>(\<And>\<^vec>x. \<^vec>H \<^vec>x \<Longrightarrow> \<^vec>A (\<^vec>a \<^vec>x))\<vartheta> \<Longrightarrow> C\<vartheta>\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	406	{\begin{tabular}{rl}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	407	\<open>rule:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	408	\<open>\<^vec>A \<^vec>a \<Longrightarrow> B \<^vec>a\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	409	\<open>goal:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	410	\<open>(\<And>\<^vec>x. \<^vec>H \<^vec>x \<Longrightarrow> B' \<^vec>x) \<Longrightarrow> C\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	411	\<open>goal unifier:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	412	\<open>(\<lambda>\<^vec>x. B (\<^vec>a \<^vec>x))\<vartheta> = B'\<vartheta>\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	413	\end{tabular}}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	414	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	415
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	416	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	417
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	418	\[
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	419	\infer[(@{inference_def assumption})]{\<open>C\<vartheta>\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	420	{\begin{tabular}{rl}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	421	\<open>goal:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	422	\<open>(\<And>\<^vec>x. \<^vec>H \<^vec>x \<Longrightarrow> A \<^vec>x) \<Longrightarrow> C\<close> \\
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	423	\<open>assm unifier:\<close> & \<open>A\<vartheta> = H\<^sub>i\<vartheta>\<close>~~\mbox{for some~\<open>H\<^sub>i\<close>} \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	424	\end{tabular}}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	425	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	426
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	427	The following trace illustrates goal-oriented reasoning in
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	428	Isabelle/Pure:
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	429
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	430	{\footnotesize
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	431	\<^medskip>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	432	\begin{tabular}{r@ {\quad}l}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	433	\<open>(A \<and> B \<Longrightarrow> B \<and> A) \<Longrightarrow> #(A \<and> B \<Longrightarrow> B \<and> A)\<close> & \<open>(init)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	434	\<open>(A \<and> B \<Longrightarrow> B) \<Longrightarrow> (A \<and> B \<Longrightarrow> A) \<Longrightarrow> #\<dots>\<close> & \<open>(resolution B \<Longrightarrow> A \<Longrightarrow> B \<and> A)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	435	\<open>(A \<and> B \<Longrightarrow> A \<and> B) \<Longrightarrow> (A \<and> B \<Longrightarrow> A) \<Longrightarrow> #\<dots>\<close> & \<open>(resolution A \<and> B \<Longrightarrow> B)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	436	\<open>(A \<and> B \<Longrightarrow> A) \<Longrightarrow> #\<dots>\<close> & \<open>(assumption)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	437	\<open>(A \<and> B \<Longrightarrow> A \<and> B) \<Longrightarrow> #\<dots>\<close> & \<open>(resolution A \<and> B \<Longrightarrow> A)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	438	\<open>#\<dots>\<close> & \<open>(assumption)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	439	\<open>A \<and> B \<Longrightarrow> B \<and> A\<close> & \<open>(finish)\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	440	\end{tabular}
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	441	\<^medskip>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	442	}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	443
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	444	Compositions of @{inference assumption} after @{inference resolution} occurs
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	445	quite often, typically in elimination steps. Traditional Isabelle tactics
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	446	accommodate this by a combined @{inference_def elim_resolution} principle.
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	447	In contrast, Isar uses a combined refinement rule as follows:\footnote{For
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	448	simplicity and clarity, the presentation ignores \<^emph>\<open>weak premises\<close> as
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	449	introduced via \<^theory_text>\<open>presume\<close> or \<^theory_text>\<open>show \<dots> when\<close>.}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	450
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	451	{\small
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	452	\[
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	453	\infer[(@{inference refinement})]
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	454	{\<open>C\<vartheta>\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	455	{\begin{tabular}{rl}
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	456	\<open>subgoal:\<close> &
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	457	\<open>(\<And>\<^vec>x. \<^vec>H \<^vec>x \<Longrightarrow> B' \<^vec>x) \<Longrightarrow> C\<close> \\
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	458	\<open>subproof:\<close> &
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	459	\<open>\<^vec>G \<^vec>a \<Longrightarrow> B \<^vec>a\<close> \quad for schematic \<open>\<^vec>a\<close> \\
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	460	\<open>concl unifier:\<close> &
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	461	\<open>(\<lambda>\<^vec>x. B (\<^vec>a \<^vec>x))\<vartheta> = B'\<vartheta>\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	462	\<open>assm unifiers:\<close> &
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	463	\<open>(\<lambda>\<^vec>x. G\<^sub>j (\<^vec>a \<^vec>x))\<vartheta> = H\<^sub>i\<vartheta>\<close> \quad for each \<open>G\<^sub>j\<close> some \<open>H\<^sub>i\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	464	\end{tabular}}
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	465	\]}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	466
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	467	Here the \<open>subproof\<close> rule stems from the main \<^theory_text>\<open>fix\<close>-\<^theory_text>\<open>assume\<close>-\<^theory_text>\<open>show\<close>
62276 bed456ada96e misc tuning; wenzelm parents: 62275 diff changeset	468	outline of Isar (cf.\ \secref{sec:framework-subproof}): each assumption
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	469	indicated in the text results in a marked premise \<open>G\<close> above. Consequently,
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	470	\<^theory_text>\<open>fix\<close>-\<^theory_text>\<open>assume\<close>-\<^theory_text>\<open>show\<close> enables to fit the result of a subproof quite
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	471	robustly into a pending subgoal, while maintaining a good measure of
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	472	flexibility: the subproof only needs to fit modulo unification, and its
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	473	assumptions may be a proper subset of the subgoal premises (see
c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	474	\secref{sec:framework-subproof}).
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	475	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	476
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	477
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	478	section \<open>The Isar proof language \label{sec:framework-isar}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	479
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	480	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	481	Structured proofs are presented as high-level expressions for composing
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	482	entities of Pure (propositions, facts, and goals). The Isar proof language
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	483	allows to organize reasoning within the underlying rule calculus of Pure,
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	484	but Isar is not another logical calculus. Isar merely imposes certain
64510 488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	485	structure and policies on Pure inferences. The main grammar of the Isar
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	486	proof language is given in \figref{fig:isar-syntax}.
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	487
64510 488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	488	\begin{figure}[htb]
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	489	\begin{center}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	490	\begin{tabular}{rcl}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	491	\<open>main\<close> & \<open>=\<close> & \<^theory_text>\<open>notepad begin "statement\<^sup>*" end\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	492	& \<open>\|\<close> & \<^theory_text>\<open>theorem name: props if name: props for vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	493	& \<open>\|\<close> & \<^theory_text>\<open>theorem name:\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	494	& & \quad\<^theory_text>\<open>fixes vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	495	& & \quad\<^theory_text>\<open>assumes name: props\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	496	& & \quad\<^theory_text>\<open>shows name: props "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	497	& \<open>\|\<close> & \<^theory_text>\<open>theorem name:\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	498	& & \quad\<^theory_text>\<open>fixes vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	499	& & \quad\<^theory_text>\<open>assumes name: props\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	500	& & \quad\<^theory_text>\<open>obtains (name) clause "\<^bold>\|" \<dots> "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	501	\<open>proof\<close> & \<open>=\<close> & \<^theory_text>\<open>"refinement\<^sup>* proper_proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	502	\<open>refinement\<close> & \<open>=\<close> & \<^theory_text>\<open>apply method\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	503	& \<open>\|\<close> & \<^theory_text>\<open>supply name = thms\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	504	& \<open>\|\<close> & \<^theory_text>\<open>subgoal premises name for vars "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	505	& \<open>\|\<close> & \<^theory_text>\<open>using thms\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	506	& \<open>\|\<close> & \<^theory_text>\<open>unfolding thms\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	507	\<open>proper_proof\<close> & \<open>=\<close> & \<^theory_text>\<open>proof "method\<^sup>?" "statement\<^sup>*" qed "method\<^sup>?"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	508	& \<open>\|\<close> & \<^theory_text>\<open>by method method\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>..\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>.\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>sorry\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>done\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	509	\<open>statement\<close> & \<open>=\<close> & \<^theory_text>\<open>{ "statement\<^sup>*" }\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>next\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	510	& \<open>\|\<close> & \<^theory_text>\<open>note name = thms\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	511	& \<open>\|\<close> & \<^theory_text>\<open>let "term" = "term"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	512	& \<open>\|\<close> & \<^theory_text>\<open>write name (mixfix)\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	513	& \<open>\|\<close> & \<^theory_text>\<open>fix vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	514	& \<open>\|\<close> & \<^theory_text>\<open>assume name: props if props for vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	515	& \<open>\|\<close> & \<^theory_text>\<open>presume name: props if props for vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	516	& \<open>\|\<close> & \<^theory_text>\<open>define clause\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	517	& \<open>\|\<close> & \<^theory_text>\<open>case name: "case"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	518	& \<open>\|\<close> & \<^theory_text>\<open>then"\<^sup>?" goal\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	519	& \<open>\|\<close> & \<^theory_text>\<open>from thms goal\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	520	& \<open>\|\<close> & \<^theory_text>\<open>with thms goal\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	521	& \<open>\|\<close> & \<^theory_text>\<open>also\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>finally goal\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	522	& \<open>\|\<close> & \<^theory_text>\<open>moreover\<close>~~~\<open>\|\<close>~~~\<^theory_text>\<open>ultimately goal\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	523	\<open>goal\<close> & \<open>=\<close> & \<^theory_text>\<open>have name: props if name: props for vars "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	524	& \<open>\|\<close> & \<^theory_text>\<open>show name: props if name: props for vars "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	525	& \<open>\|\<close> & \<^theory_text>\<open>show name: props when name: props for vars "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	526	& \<open>\|\<close> & \<^theory_text>\<open>consider (name) clause "\<^bold>\|" \<dots> "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	527	& \<open>\|\<close> & \<^theory_text>\<open>obtain (name) clause "proof"\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	528	\<open>clause\<close> & \<open>=\<close> & \<^theory_text>\<open>vars where name: props if props for vars\<close> \\
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	529	\end{tabular}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	530	\end{center}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	531	\caption{Main grammar of the Isar proof language}\label{fig:isar-syntax}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	532	\end{figure}
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	533
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	534	The construction of the Isar proof language proceeds in a bottom-up fashion,
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	535	as an exercise in purity and minimalism. The grammar in
488cb71eeb83 more on Isar proof language; wenzelm parents: 63680 diff changeset	536	\appref{ap:main-grammar} describes the primitive parts of the core language
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	537	(category \<open>proof\<close>), which is embedded into the main outer theory syntax via
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	538	elements that require a proof (e.g.\ \<^theory_text>\<open>theorem\<close>, \<^theory_text>\<open>lemma\<close>, \<^theory_text>\<open>function\<close>,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	539	\<^theory_text>\<open>termination\<close>).
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	540
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	541	The syntax for terms and propositions is inherited from Pure (and the
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	542	object-logic). A \<open>pattern\<close> is a \<open>term\<close> with schematic variables, to be bound
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	543	by higher-order matching. Simultaneous propositions or facts may be
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	544	separated by the \<^theory_text>\<open>and\<close> keyword.
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	545
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	546	\<^medskip>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	547	Facts may be referenced by name or proposition. For example, the result of
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	548	``\<^theory_text>\<open>have a: A \<proof>\<close>'' becomes accessible both via the name \<open>a\<close> and the
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	549	literal proposition \<open>\<open>A\<close>\<close>. Moreover, fact expressions may involve attributes
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	550	that modify either the theorem or the background context. For example, the
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	551	expression ``\<open>a [OF b]\<close>'' refers to the composition of two facts according
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	552	to the @{inference resolution} inference of
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	553	\secref{sec:framework-resolution}, while ``\<open>a [intro]\<close>'' declares a fact as
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	554	introduction rule in the context.
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	555
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	556	The special fact called ``@{fact this}'' always refers to the last result,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	557	as produced by \<^theory_text>\<open>note\<close>, \<^theory_text>\<open>assume\<close>, \<^theory_text>\<open>have\<close>, or \<^theory_text>\<open>show\<close>. Since \<^theory_text>\<open>note\<close> occurs
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	558	frequently together with \<^theory_text>\<open>then\<close>, there are some abbreviations:
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	559
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	560	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	561	\begin{tabular}{rcl}
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	562	\<^theory_text>\<open>from a\<close> & \<open>\<equiv>\<close> & \<^theory_text>\<open>note a then\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	563	\<^theory_text>\<open>with a\<close> & \<open>\<equiv>\<close> & \<^theory_text>\<open>from a and this\<close> \\
29737 866841668584 replaced 'assm' by 'assume' -- regular 'assume' is default, if inference is omitted; wenzelm parents: 29735 diff changeset	564	\end{tabular}
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	565	\<^medskip>
29737 866841668584 replaced 'assm' by 'assume' -- regular 'assume' is default, if inference is omitted; wenzelm parents: 29735 diff changeset	566
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	567	The \<open>method\<close> category is essentially a parameter of the Isar language and
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	568	may be populated later. The command \<^theory_text>\<open>method_setup\<close> allows to define proof
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	569	methods semantically in Isabelle/ML. The Eisbach language allows to define
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	570	proof methods symbolically, as recursive expressions over existing methods
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	571	\<^cite>\<open>"Matichuk-et-al:2014"\<close>; see also \<^dir>\<open>~~/src/HOL/Eisbach\<close>.
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	572
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	573	Methods use the facts indicated by \<^theory_text>\<open>then\<close> or \<^theory_text>\<open>using\<close>, and then operate on
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	574	the goal state. Some basic methods are predefined in Pure: ``@{method "-"}''
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	575	leaves the goal unchanged, ``@{method this}'' applies the facts as rules to
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	576	the goal, ``@{method (Pure) "rule"}'' applies the facts to another rule and
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	577	the result to the goal (both ``@{method this}'' and ``@{method (Pure)
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	578	rule}'' refer to @{inference resolution} of
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	579	\secref{sec:framework-resolution}). The secondary arguments to ``@{method
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	580	(Pure) rule}'' may be specified explicitly as in ``\<open>(rule a)\<close>'', or picked
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	581	from the context. In the latter case, the system first tries rules declared
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	582	as @{attribute (Pure) elim} or @{attribute (Pure) dest}, followed by those
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	583	declared as @{attribute (Pure) intro}.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	584
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	585	The default method for \<^theory_text>\<open>proof\<close> is ``@{method standard}'' (which subsumes
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	586	@{method rule} with arguments picked from the context), for \<^theory_text>\<open>qed\<close> it is
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	587	``@{method "succeed"}''. Further abbreviations for terminal proof steps are
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	588	``\<^theory_text>\<open>by method\<^sub>1 method\<^sub>2\<close>'' for ``\<^theory_text>\<open>proof method\<^sub>1 qed method\<^sub>2\<close>'', and
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	589	``\<^theory_text>\<open>..\<close>'' for ``\<^theory_text>\<open>by standard\<close>, and ``\<^theory_text>\<open>.\<close>'' for ``\<^theory_text>\<open>by this\<close>''. The command
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	590	``\<^theory_text>\<open>unfolding facts\<close>'' operates directly on the goal by applying equalities.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	591
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	592	\<^medskip>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	593	Block structure can be indicated explicitly by ``\<^theory_text>\<open>{ \<dots> }\<close>'', although the
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	594	body of a subproof ``\<^theory_text>\<open>proof \<dots> qed\<close>'' already provides implicit nesting. In
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	595	both situations, \<^theory_text>\<open>next\<close> jumps into the next section of a block, i.e.\ it
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	596	acts like closing an implicit block scope and opening another one. There is
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	597	no direct connection to subgoals here!
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	598
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	599	The commands \<^theory_text>\<open>fix\<close> and \<^theory_text>\<open>assume\<close> build up a local context (see
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	600	\secref{sec:framework-context}), while \<^theory_text>\<open>show\<close> refines a pending subgoal by
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	601	the rule resulting from a nested subproof (see
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	602	\secref{sec:framework-subproof}). Further derived concepts will support
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	603	calculational reasoning (see \secref{sec:framework-calc}).
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	604	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	605
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	606
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	607	subsection \<open>Context elements \label{sec:framework-context}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	608
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	609	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	610	In judgments \<open>\<Gamma> \<turnstile> \<phi>\<close> of the primitive framework, \<open>\<Gamma>\<close> essentially acts like a
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	611	proof context. Isar elaborates this idea towards a more advanced concept,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	612	with additional information for type-inference, term abbreviations, local
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	613	facts, hypotheses etc.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	614
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	615	The element \<^theory_text>\<open>fix x :: \<alpha>\<close> declares a local parameter, i.e.\ an
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	616	arbitrary-but-fixed entity of a given type; in results exported from the
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	617	context, \<open>x\<close> may become anything. The \<^theory_text>\<open>assume \<guillemotleft>inference\<guillemotright>\<close> element provides
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	618	a general interface to hypotheses: \<^theory_text>\<open>assume \<guillemotleft>inference\<guillemotright> A\<close> produces \<open>A \<turnstile> A\<close>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	619	locally, while the included inference tells how to discharge \<open>A\<close> from
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	620	results \<open>A \<turnstile> B\<close> later on. There is no surface syntax for \<open>\<guillemotleft>inference\<guillemotright>\<close>,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	621	i.e.\ it may only occur internally when derived commands are defined in ML.
29737 866841668584 replaced 'assm' by 'assume' -- regular 'assume' is default, if inference is omitted; wenzelm parents: 29735 diff changeset	622
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	623	The default inference for \<^theory_text>\<open>assume\<close> is @{inference export} as given below.
63039 1a20fd9cf281 added Isar command 'define'; wenzelm parents: 62278 diff changeset	624	The derived element \<^theory_text>\<open>define x where "x \<equiv> a"\<close> is defined as \<^theory_text>\<open>fix x assume
1a20fd9cf281 added Isar command 'define'; wenzelm parents: 62278 diff changeset	625	\<guillemotleft>expand\<guillemotright> x \<equiv> a\<close>, with the subsequent inference @{inference expand}.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	626
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	627	\[
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	628	\infer[(@{inference_def export})]{\<open>\<strut>\<Gamma> - A \<turnstile> A \<Longrightarrow> B\<close>}{\<open>\<strut>\<Gamma> \<turnstile> B\<close>}
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	629	\qquad
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	630	\infer[(@{inference_def expand})]{\<open>\<strut>\<Gamma> - (x \<equiv> a) \<turnstile> B a\<close>}{\<open>\<strut>\<Gamma> \<turnstile> B x\<close>}
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	631	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	632
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	633	\<^medskip>
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	634	The most interesting derived context element in Isar is \<^theory_text>\<open>obtain\<close> \<^cite>\<open>\<open>\S5.3\<close> in "Wenzel-PhD"\<close>, which supports generalized elimination steps in a
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	635	purely forward manner. The \<^theory_text>\<open>obtain\<close> command takes a specification of
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	636	parameters \<open>\<^vec>x\<close> and assumptions \<open>\<^vec>A\<close> to be added to the context,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	637	together with a proof of a case rule stating that this extension is
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	638	conservative (i.e.\ may be removed from closed results later on):
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	639
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	640	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	641	\begin{tabular}{l}
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	642	\<^theory_text>\<open>\<langle>facts\<rangle> obtain "\<^vec>x" where "\<^vec>A" "\<^vec>x" \<proof> \<equiv>\<close> \\[0.5ex]
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	643	\quad \<^theory_text>\<open>have "case": "\<And>thesis. (\<And>\<^vec>x. \<^vec>A \<^vec>x \<Longrightarrow> thesis) \<Longrightarrow> thesis"\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	644	\quad \<^theory_text>\<open>proof -\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	645	\qquad \<^theory_text>\<open>fix thesis\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	646	\qquad \<^theory_text>\<open>assume [intro]: "\<And>\<^vec>x. \<^vec>A \<^vec>x \<Longrightarrow> thesis"\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	647	\qquad \<^theory_text>\<open>show thesis using \<langle>facts\<rangle> \<proof>\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	648	\quad \<^theory_text>\<open>qed\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	649	\quad \<^theory_text>\<open>fix "\<^vec>x" assume \<guillemotleft>elimination "case"\<guillemotright> "\<^vec>A \<^vec>x"\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	650	\end{tabular}
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	651	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	652
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	653	\[
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	654	\infer[(@{inference elimination})]{\<open>\<Gamma> \<turnstile> B\<close>}{
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	655	\begin{tabular}{rl}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	656	\<open>case:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	657	\<open>\<Gamma> \<turnstile> \<And>thesis. (\<And>\<^vec>x. \<^vec>A \<^vec>x \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close> \\[0.2ex]
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	658	\<open>result:\<close> &
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	659	\<open>\<Gamma> \<union> \<^vec>A \<^vec>y \<turnstile> B\<close> \\[0.2ex]
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	660	\end{tabular}}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	661	\]
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	662
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	663	Here the name ``\<open>thesis\<close>'' is a specific convention for an
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	664	arbitrary-but-fixed proposition; in the primitive natural deduction rules
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	665	shown before we have occasionally used \<open>C\<close>. The whole statement of
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	666	``\<^theory_text>\<open>obtain x where A x\<close>'' can be read as a claim that \<open>A x\<close> may be assumed
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	667	for some arbitrary-but-fixed \<open>x\<close>. Also note that ``\<^theory_text>\<open>obtain A and B\<close>''
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	668	without parameters is similar to ``\<^theory_text>\<open>have A and B\<close>'', but the latter
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	669	involves multiple subgoals that need to be proven separately.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	670
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	671	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	672	The subsequent Isar proof texts explain all context elements introduced
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	673	above using the formal proof language itself. After finishing a local proof
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	674	within a block, the exported result is indicated via \<^theory_text>\<open>note\<close>.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	675	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	676
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	677	(<)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	678	theorem True
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	679	proof
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	680	(>)
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	681	text_raw \<open>\begin{minipage}[t]{0.45\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	682	{
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	683	fix x
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	684	have "B x" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	685	}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	686	note \<open>\<And>x. B x\<close>
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	687	text_raw \<open>\end{minipage}\quad\begin{minipage}[t]{0.45\textwidth}\<close>(<)next(>)
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	688	{
1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	689	assume A
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	690	have B \<proof>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	691	}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	692	note \<open>A \<Longrightarrow> B\<close>
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	693	text_raw \<open>\end{minipage}\\[3ex]\begin{minipage}[t]{0.45\textwidth}\<close>(<)next(>)
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	694	{
63039 1a20fd9cf281 added Isar command 'define'; wenzelm parents: 62278 diff changeset	695	define x where "x \<equiv> a"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	696	have "B x" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	697	}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	698	note \<open>B a\<close>
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	699	text_raw \<open>\end{minipage}\quad\begin{minipage}[t]{0.45\textwidth}\<close>(<)next(>)
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	700	{
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	701	obtain x where "A x" \<proof>
4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	702	have B \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	703	}
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	704	note \<open>B\<close>
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	705	text_raw \<open>\end{minipage}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	706	(<)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	707	qed
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	708	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	709
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	710	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	711	\<^bigskip>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	712	This explains the meaning of Isar context elements without, without goal
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	713	states getting in the way.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	714	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	715
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	716
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	717	subsection \<open>Structured statements \label{sec:framework-stmt}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	718
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	719	text \<open>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	720	The syntax of top-level theorem statements is defined as follows:
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	721
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	722	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	723	\begin{tabular}{rcl}
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	724	\<open>statement\<close> & \<open>\<equiv>\<close> & \<^theory_text>\<open>name: props and \<dots>\<close> \\
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	725	& \<open>\|\<close> & \<open>context\<^sup>* conclusion\<close> \\[0.5ex]
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	726
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	727	\<open>context\<close> & \<open>\<equiv>\<close> & \<^theory_text>\<open>fixes vars and \<dots>\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	728	& \<open>\|\<close> & \<^theory_text>\<open>assumes name: props and \<dots>\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	729
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	730	\<open>conclusion\<close> & \<open>\<equiv>\<close> & \<^theory_text>\<open>shows name: props and \<dots>\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	731	& \<open>\|\<close> & \<^theory_text>\<open>obtains vars and \<dots> where name: props and \<dots>\<close> \\
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	732	& & \quad \<open>\<BBAR> \<dots>\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	733	\end{tabular}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	734
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	735	\<^medskip>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	736	A simple statement consists of named propositions. The full form admits
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	737	local context elements followed by the actual conclusions, such as ``\<^theory_text>\<open>fixes
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	738	x assumes A x shows B x\<close>''. The final result emerges as a Pure rule after
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	739	discharging the context: \<^prop>\<open>\<And>x. A x \<Longrightarrow> B x\<close>.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	740
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	741	The \<^theory_text>\<open>obtains\<close> variant is another abbreviation defined below; unlike
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	742	\<^theory_text>\<open>obtain\<close> (cf.\ \secref{sec:framework-context}) there may be several
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	743	``cases'' separated by ``\<open>\<BBAR>\<close>'', each consisting of several parameters
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	744	(\<open>vars\<close>) and several premises (\<open>props\<close>). This specifies multi-branch
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	745	elimination rules.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	746
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	747	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	748	\begin{tabular}{l}
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	749	\<^theory_text>\<open>obtains "\<^vec>x" where "\<^vec>A" "\<^vec>x" "\<BBAR>" \<dots> \<equiv>\<close> \\[0.5ex]
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	750	\quad \<^theory_text>\<open>fixes thesis\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	751	\quad \<^theory_text>\<open>assumes [intro]: "\<And>\<^vec>x. \<^vec>A \<^vec>x \<Longrightarrow> thesis" and \<dots>\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	752	\quad \<^theory_text>\<open>shows thesis\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	753	\end{tabular}
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	754	\<^medskip>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	755
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	756	Presenting structured statements in such an ``open'' format usually
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	757	simplifies the subsequent proof, because the outer structure of the problem
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	758	is already laid out directly. E.g.\ consider the following canonical
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	759	patterns for \<^theory_text>\<open>shows\<close> and \<^theory_text>\<open>obtains\<close>, respectively:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	760	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	761
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	762	text_raw \<open>\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	763
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	764	theorem
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	765	fixes x and y
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	766	assumes "A x" and "B y"
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	767	shows "C x y"
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	768	proof -
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	769	from \<open>A x\<close> and \<open>B y\<close>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	770	show "C x y" \<proof>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	771	qed
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	772
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	773	text_raw \<open>\end{minipage}\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	774
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	775	theorem
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	776	obtains x and y
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	777	where "A x" and "B y"
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	778	proof -
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	779	have "A a" and "B b" \<proof>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	780	then show thesis ..
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	781	qed
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	782
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	783	text_raw \<open>\end{minipage}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	784
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	785	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	786	\<^medskip>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	787	Here local facts \<open>\<open>A x\<close>\<close> and \<open>\<open>B y\<close>\<close> are referenced immediately; there is no
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	788	need to decompose the logical rule structure again. In the second proof the
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	789	final ``\<^theory_text>\<open>then show thesis ..\<close>'' involves the local rule case \<open>\<And>x y. A x \<Longrightarrow> B
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	790	y \<Longrightarrow> thesis\<close> for the particular instance of terms \<open>a\<close> and \<open>b\<close> produced in the
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	791	body.
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	792	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	793
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	794
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	795	subsection \<open>Structured proof refinement \label{sec:framework-subproof}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	796
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	797	text \<open>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	798	By breaking up the grammar for the Isar proof language, we may understand a
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	799	proof text as a linear sequence of individual proof commands. These are
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	800	interpreted as transitions of the Isar virtual machine (Isar/VM), which
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	801	operates on a block-structured configuration in single steps. This allows
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	802	users to write proof texts in an incremental manner, and inspect
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	803	intermediate configurations for debugging.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	804
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	805	The basic idea is analogous to evaluating algebraic expressions on a stack
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	806	machine: \<open>(a + b) \<cdot> c\<close> then corresponds to a sequence of single transitions
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	807	for each symbol \<open>(, a, +, b, ), \<cdot>, c\<close>. In Isar the algebraic values are
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	808	facts or goals, and the operations are inferences.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	809
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	810	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	811	The Isar/VM state maintains a stack of nodes, each node contains the local
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	812	proof context, the linguistic mode, and a pending goal (optional). The mode
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	813	determines the type of transition that may be performed next, it essentially
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	814	alternates between forward and backward reasoning, with an intermediate
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	815	stage for chained facts (see \figref{fig:isar-vm}).
29738 05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	816
05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	817	\begin{figure}[htb]
05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	818	\begin{center}
48958 12afbf6eb7f9 more standard document preparation within session context; wenzelm parents: 48279 diff changeset	819	\includegraphics[width=0.8\textwidth]{isar-vm}
29738 05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	820	\end{center}
05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	821	\caption{Isar/VM modes}\label{fig:isar-vm}
05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	822	\end{figure}
05d5615e12d3 added Isar/VM mode transition diagram; wenzelm parents: 29737 diff changeset	823
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	824	For example, in \<open>state\<close> mode Isar acts like a mathematical scratch-pad,
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	825	accepting declarations like \<^theory_text>\<open>fix\<close>, \<^theory_text>\<open>assume\<close>, and claims like \<^theory_text>\<open>have\<close>,
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	826	\<^theory_text>\<open>show\<close>. A goal statement changes the mode to \<open>prove\<close>, which means that we
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	827	may now refine the problem via \<^theory_text>\<open>unfolding\<close> or \<^theory_text>\<open>proof\<close>. Then we are again
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	828	in \<open>state\<close> mode of a proof body, which may issue \<^theory_text>\<open>show\<close> statements to solve
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	829	pending subgoals. A concluding \<^theory_text>\<open>qed\<close> will return to the original \<open>state\<close>
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	830	mode one level upwards. The subsequent Isar/VM trace indicates block
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	831	structure, linguistic mode, goal state, and inferences:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	832	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	833
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	834	text_raw \<open>\begingroup\footnotesize\<close>
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	835	(<)notepad begin
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	836	(>)
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	837	text_raw \<open>\begin{minipage}[t]{0.18\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	838	have "A \<longrightarrow> B"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	839	proof
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	840	assume A
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	841	show B
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	842	\<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	843	qed
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	844	text_raw \<open>\end{minipage}\quad
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	845	\begin{minipage}[t]{0.06\textwidth}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	846	\<open>begin\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	847	\\
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	848	\\
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	849	\<open>begin\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	850	\<open>end\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	851	\<open>end\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	852	\end{minipage}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	853	\begin{minipage}[t]{0.08\textwidth}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	854	\<open>prove\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	855	\<open>state\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	856	\<open>state\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	857	\<open>prove\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	858	\<open>state\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	859	\<open>state\<close> \\
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	860	\end{minipage}\begin{minipage}[t]{0.35\textwidth}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	861	\<open>(A \<longrightarrow> B) \<Longrightarrow> #(A \<longrightarrow> B)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	862	\<open>(A \<Longrightarrow> B) \<Longrightarrow> #(A \<longrightarrow> B)\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	863	\\
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	864	\\
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	865	\<open>#(A \<longrightarrow> B)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	866	\<open>A \<longrightarrow> B\<close> \\
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	867	\end{minipage}\begin{minipage}[t]{0.4\textwidth}
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	868	\<open>(init)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	869	\<open>(resolution impI)\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	870	\\
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	871	\\
61493 0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	872	\<open>(refinement #A \<Longrightarrow> B)\<close> \\
0debd22f0c0e isabelle update_cartouches -t; wenzelm parents: 61477 diff changeset	873	\<open>(finish)\<close> \\
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	874	\end{minipage}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	875	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	876	end
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	877	(>)
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	878	text_raw \<open>\endgroup\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	879
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	880	text \<open>
61420 ee42cba50933 redundant due to \parindent 0pt; wenzelm parents: 60618 diff changeset	881	Here the @{inference refinement} inference from
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	882	\secref{sec:framework-resolution} mediates composition of Isar subproofs
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	883	nicely. Observe that this principle incorporates some degree of freedom in
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	884	proof composition. In particular, the proof body allows parameters and
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	885	assumptions to be re-ordered, or commuted according to Hereditary Harrop
62277 c9b1897d4173 misc tuning and updates; wenzelm parents: 62276 diff changeset	886	Form. Moreover, context elements that are not used in a subproof may be
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	887	omitted altogether. For example:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	888	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	889
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	890	text_raw \<open>\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	891
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	892	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	893	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	894	begin
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	895	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	896	have "\<And>x y. A x \<Longrightarrow> B y \<Longrightarrow> C x y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	897	proof -
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	898	fix x and y
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	899	assume "A x" and "B y"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	900	show "C x y" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	901	qed
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	902
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	903	text_raw \<open>\end{minipage}\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	904
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	905	(<)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	906	next
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	907	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	908	have "\<And>x y. A x \<Longrightarrow> B y \<Longrightarrow> C x y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	909	proof -
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	910	fix x assume "A x"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	911	fix y assume "B y"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	912	show "C x y" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	913	qed
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	914
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	915	text_raw \<open>\end{minipage}\\[3ex]\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	916
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	917	(<)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	918	next
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	919	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	920	have "\<And>x y. A x \<Longrightarrow> B y \<Longrightarrow> C x y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	921	proof -
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	922	fix y assume "B y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	923	fix x assume "A x"
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	924	show "C x y" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	925	qed
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	926
58999 ed09ae4ea2d8 uniform treatment of all document markup commands: 'text' and 'txt' merely differ in LaTeX style; wenzelm parents: 58618 diff changeset	927	text_raw \<open>\end{minipage}\begin{minipage}{0.5\textwidth}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	928	(<)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	929	next
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	930	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	931	have "\<And>x y. A x \<Longrightarrow> B y \<Longrightarrow> C x y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	932	proof -
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	933	fix y assume "B y"
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	934	fix x
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	935	show "C x y" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	936	qed
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	937	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	938	end
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	939	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	940
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	941	text_raw \<open>\end{minipage}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	942
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	943	text \<open>
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	944	\<^medskip>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	945	Such fine-tuning of Isar text is practically important to improve
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	946	readability. Contexts elements are rearranged according to the natural flow
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	947	of reasoning in the body, while still observing the overall scoping rules.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	948
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	949	\<^medskip>
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	950	This illustrates the basic idea of structured proof processing in Isar. The
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	951	main mechanisms are based on natural deduction rule composition within the
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	952	Pure framework. In particular, there are no direct operations on goal states
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	953	within the proof body. Moreover, there is no hidden automated reasoning
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	954	involved, just plain unification.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	955	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	956
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	957
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	958	subsection \<open>Calculational reasoning \label{sec:framework-calc}\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	959
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	960	text \<open>
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	961	The existing Isar infrastructure is sufficiently flexible to support
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	962	calculational reasoning (chains of transitivity steps) as derived concept.
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	963	The generic proof elements introduced below depend on rules declared as
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	964	@{attribute trans} in the context. It is left to the object-logic to provide
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	965	a suitable rule collection for mixed relations of \<open>=\<close>, \<open><\<close>, \<open>\<le>\<close>, \<open>\<subset>\<close>, \<open>\<subseteq>\<close>
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	966	etc. Due to the flexibility of rule composition
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	967	(\secref{sec:framework-resolution}), substitution of equals by equals is
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	968	covered as well, even substitution of inequalities involving monotonicity
76987 4c275405faae isabelle update -u cite; wenzelm parents: 71925 diff changeset	969	conditions; see also \<^cite>\<open>\<open>\S6\<close> in "Wenzel-PhD"\<close> and \<^cite>\<open>"Bauer-Wenzel:2001"\<close>.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	970
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	971	The generic calculational mechanism is based on the observation that rules
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	972	such as \<open>trans:\<close>~\<^prop>\<open>x = y \<Longrightarrow> y = z \<Longrightarrow> x = z\<close> proceed from the premises
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	973	towards the conclusion in a deterministic fashion. Thus we may reason in
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	974	forward mode, feeding intermediate results into rules selected from the
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	975	context. The course of reasoning is organized by maintaining a secondary
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	976	fact called ``@{fact calculation}'', apart from the primary ``@{fact this}''
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	977	already provided by the Isar primitives. In the definitions below,
29735 1da96affdefe misc tuning; wenzelm parents: 29733 diff changeset	978	@{attribute OF} refers to @{inference resolution}
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	979	(\secref{sec:framework-resolution}) with multiple rule arguments, and
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	980	\<open>trans\<close> represents to a suitable rule from the context:
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	981
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	982	\begin{matharray}{rcl}
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	983	\<^theory_text>\<open>also"\<^sub>0"\<close> & \equiv & \<^theory_text>\<open>note calculation = this\<close> \\
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	984	\<^theory_text>\<open>also"\<^sub>n\<^sub>+\<^sub>1"\<close> & \equiv & \<^theory_text>\<open>note calculation = trans [OF calculation this]\<close> \\[0.5ex]
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	985	\<^theory_text>\<open>finally\<close> & \equiv & \<^theory_text>\<open>also from calculation\<close> \\
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	986	\end{matharray}
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	987
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	988	The start of a calculation is determined implicitly in the text: here
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	989	\<^theory_text>\<open>also\<close> sets @{fact calculation} to the current result; any subsequent
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	990	occurrence will update @{fact calculation} by combination with the next
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	991	result and a transitivity rule. The calculational sequence is concluded via
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	992	\<^theory_text>\<open>finally\<close>, where the final result is exposed for use in a concluding claim.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	993
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	994	Here is a canonical proof pattern, using \<^theory_text>\<open>have\<close> to establish the
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	995	intermediate results:
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	996	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	997
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	998	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	999	notepad
482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	1000	begin
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	1001	fix a b c d :: 'a
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1002	(>)
62271 4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	1003	have "a = b" \<proof>
4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	1004	also have "\<dots> = c" \<proof>
4cfe65cfd369 more explicit dummy proofs; wenzelm parents: 61962 diff changeset	1005	also have "\<dots> = d" \<proof>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1006	finally have "a = d" .
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1007	(<)
40964 482a8334ee9e prefer 'notepad' over 'example_proof'; wenzelm parents: 40476 diff changeset	1008	end
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1009	(>)
c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1010
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	1011	text \<open>
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	1012	The term ``\<open>\<dots>\<close>'' (literal ellipsis) is a special abbreviation provided by
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	1013	the Isabelle/Isar term syntax: it statically refers to the right-hand side
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	1014	argument of the previous statement given in the text. Thus it happens to
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	1015	coincide with relevant sub-expressions in the calculational chain, but the
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	1016	exact correspondence is dependent on the transitivity rules being involved.
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1017
61421 e0825405d398 more symbols; wenzelm parents: 61420 diff changeset	1018	\<^medskip>
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 67399 diff changeset	1019	Symmetry rules such as \<^prop>\<open>x = y \<Longrightarrow> y = x\<close> are like transitivities with
62275 374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	1020	only one premise. Isar maintains a separate rule collection declared via the
374d1b6c473d tuned whitespace; wenzelm parents: 62271 diff changeset	1021	@{attribute sym} attribute, to be used in fact expressions ``\<open>a
62278 c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	1022	[symmetric]\<close>'', or single-step proofs ``\<^theory_text>\<open>assume "x = y" then have "y = x"
c04e97be39d3 misc tuning and updates; wenzelm parents: 62277 diff changeset	1023	..\<close>''.
58618 782f0b662cae more cartouches; wenzelm parents: 58552 diff changeset	1024	\<close>
29729 c2e926455fcc more on Isar framework -- mostly from Trybulec Festschrift; wenzelm parents: 29721 diff changeset	1025
67399 eab6ce8368fa ran isabelle update_op on all sources nipkow parents: 64510 diff changeset	1026	end

author	nipkow
	Tue, 17 Jun 2025 14:11:40 +0200
changeset 82733	8b537e1af2ec
parent 76987	4c275405faae
permissions	-rw-r--r--