115 together with a heuristic selection of hundreds of facts (theorems) from the |
115 together with a heuristic selection of hundreds of facts (theorems) from the |
116 current theory context, filtered by relevance. |
116 current theory context, filtered by relevance. |
117 |
117 |
118 The result of a successful proof search is some source text that usually (but |
118 The result of a successful proof search is some source text that usually (but |
119 not always) reconstructs the proof within Isabelle. For ATPs, the reconstructed |
119 not always) reconstructs the proof within Isabelle. For ATPs, the reconstructed |
120 proof relies on the general-purpose \textit{metis} proof method, which |
120 proof typically relies on the general-purpose \textit{metis} proof method, which |
121 integrates the Metis ATP in Isabelle/HOL with explicit inferences going through |
121 integrates the Metis ATP in Isabelle/HOL with explicit inferences going through |
122 the kernel. Thus its results are correct by construction. |
122 the kernel. Thus its results are correct by construction. |
123 |
123 |
124 For Isabelle/jEdit users, Sledgehammer provides an automatic mode that can be |
124 For Isabelle/jEdit users, Sledgehammer provides an automatic mode that can be |
125 enabled via the ``Auto Sledgehammer'' option under ``Plugins > Plugin Options > |
125 enabled via the ``Auto Sledgehammer'' option under ``Plugins > Plugin Options > |
294 which provers are installed and how many processor cores are available, some of |
294 which provers are installed and how many processor cores are available, some of |
295 the provers might be missing or present with a \textit{remote\_} prefix. |
295 the provers might be missing or present with a \textit{remote\_} prefix. |
296 Waldmeister is run only for unit equational problems, where the goal's |
296 Waldmeister is run only for unit equational problems, where the goal's |
297 conclusion is a (universally quantified) equation. |
297 conclusion is a (universally quantified) equation. |
298 |
298 |
299 For each successful prover, Sledgehammer gives a one-liner \textit{metis} or |
299 For each successful prover, Sledgehammer gives a one-line \textit{metis} or |
300 \textit{smt} method call. Rough timings are shown in parentheses, indicating how |
300 \textit{smt} method call. Rough timings are shown in parentheses, indicating how |
301 fast the call is. You can click the proof to insert it into the theory text. |
301 fast the call is. You can click the proof to insert it into the theory text. |
302 |
302 |
303 In addition, you can ask Sledgehammer for an Isar text proof by enabling the |
303 In addition, you can ask Sledgehammer for an Isar text proof by enabling the |
304 \textit{isar\_proofs} option (\S\ref{output-format}): |
304 \textit{isar\_proofs} option (\S\ref{output-format}): |
306 \prew |
306 \prew |
307 \textbf{sledgehammer} [\textit{isar\_proofs}] |
307 \textbf{sledgehammer} [\textit{isar\_proofs}] |
308 \postw |
308 \postw |
309 |
309 |
310 When Isar proof construction is successful, it can yield proofs that are more |
310 When Isar proof construction is successful, it can yield proofs that are more |
311 readable and also faster than the \textit{metis} or \textit{smt} one-liners. |
311 readable and also faster than the \textit{metis} or \textit{smt} one-line proofs. |
312 This feature is experimental and is only available for ATPs. |
312 This feature is experimental and is only available for ATPs. |
313 |
313 |
314 \section{Hints} |
314 \section{Hints} |
315 \label{hints} |
315 \label{hints} |
316 |
316 |
357 default, the value is prover-dependent but varies between about 50 and 1000. If |
357 default, the value is prover-dependent but varies between about 50 and 1000. If |
358 the provers time out, you can try lowering this value to, say, 25 or 50 and see |
358 the provers time out, you can try lowering this value to, say, 25 or 50 and see |
359 if that helps. |
359 if that helps. |
360 |
360 |
361 \item[\labelitemi] \textbf{\textit{isar\_proofs}} (\S\ref{output-format}) specifies |
361 \item[\labelitemi] \textbf{\textit{isar\_proofs}} (\S\ref{output-format}) specifies |
362 that Isar proofs should be generated, in addition to one-liner \textit{metis} or |
362 that Isar proofs should be generated, in addition to one-line \textit{metis} or |
363 \textit{smt} proofs. The length of the Isar proofs can be controlled by setting |
363 \textit{smt} proofs. The length of the Isar proofs can be controlled by setting |
364 \textit{compress\_isar} (\S\ref{output-format}). |
364 \textit{compress\_isar} (\S\ref{output-format}). |
365 |
365 |
366 \item[\labelitemi] \textbf{\textit{timeout}} (\S\ref{timeouts}) controls the |
366 \item[\labelitemi] \textbf{\textit{timeout}} (\S\ref{timeouts}) controls the |
367 provers' time limit. It is set to 30 seconds, but since Sledgehammer runs |
367 provers' time limit. It is set to 30 seconds, but since Sledgehammer runs |
461 eventually find it, but that's little consolation. There are several possible |
461 eventually find it, but that's little consolation. There are several possible |
462 solutions: |
462 solutions: |
463 |
463 |
464 \begin{enum} |
464 \begin{enum} |
465 \item[\labelitemi] Try the \textit{isar\_proofs} option (\S\ref{output-format}) to |
465 \item[\labelitemi] Try the \textit{isar\_proofs} option (\S\ref{output-format}) to |
466 obtain a step-by-step Isar proof where each step is justified by \textit{metis}. |
466 obtain a step-by-step Isar proof. Since the steps are fairly small, \textit{metis} |
467 Since the steps are fairly small, \textit{metis} is more likely to be able to |
467 and the other Isabelle proof methods are more likely to be able to replay them. |
468 replay them. |
|
469 |
468 |
470 \item[\labelitemi] Try the \textit{smt} proof method instead of \textit{metis}. |
469 \item[\labelitemi] Try the \textit{smt} proof method instead of \textit{metis}. |
471 It is usually stronger, but you need to either have Z3 available to replay the |
470 It is usually stronger, but you need to either have Z3 available to replay the |
472 proofs, trust the SMT solver, or use certificates. See the documentation in the |
471 proofs, trust the SMT solver, or use certificates. See the documentation in the |
473 \emph{SMT} theory (\texttt{\$ISABELLE\_HOME/src/HOL/SMT.thy}) for details. |
472 \emph{SMT} theory (\texttt{\$ISABELLE\_HOME/src/HOL/SMT.thy}) for details. |
523 The \textit{metis}~(\textit{full\_types}) proof method |
522 The \textit{metis}~(\textit{full\_types}) proof method |
524 and its cousin \textit{metis}~(\textit{mono\_tags}) are fully-typed |
523 and its cousin \textit{metis}~(\textit{mono\_tags}) are fully-typed |
525 versions of Metis. It is somewhat slower than \textit{metis}, but the proof |
524 versions of Metis. It is somewhat slower than \textit{metis}, but the proof |
526 search is fully typed, and it also includes more powerful rules such as the |
525 search is fully typed, and it also includes more powerful rules such as the |
527 axiom ``$x = \const{True} \mathrel{\lor} x = \const{False}$'' for reasoning in |
526 axiom ``$x = \const{True} \mathrel{\lor} x = \const{False}$'' for reasoning in |
528 higher-order places (e.g., in set comprehensions). The method kicks in |
527 higher-order places (e.g., in set comprehensions). The method is automatically |
529 automatically as a fallback when \textit{metis} fails, and it is sometimes |
528 tried as a fallback when \textit{metis} fails, and it is sometimes |
530 generated by Sledgehammer instead of \textit{metis} if the proof obviously |
529 generated by Sledgehammer instead of \textit{metis} if the proof obviously |
531 requires type information or if \textit{metis} failed when Sledgehammer |
530 requires type information or if \textit{metis} failed when Sledgehammer |
532 preplayed the proof. (By default, Sledgehammer tries to run \textit{metis} with |
531 preplayed the proof. (By default, Sledgehammer tries to run \textit{metis} with |
533 various sets of option for up to 2~seconds each time to ensure that the generated |
532 various sets of option for up to 2~seconds each time to ensure that the generated |
534 one-line proofs actually work and to display timing information. This can be |
533 one-line proofs actually work and to display timing information. This can be |
1067 MaSh is enabled; otherwise, MePo. |
1066 MaSh is enabled; otherwise, MePo. |
1068 \end{enum} |
1067 \end{enum} |
1069 |
1068 |
1070 \opdefault{max\_facts}{smart\_int}{smart} |
1069 \opdefault{max\_facts}{smart\_int}{smart} |
1071 Specifies the maximum number of facts that may be returned by the relevance |
1070 Specifies the maximum number of facts that may be returned by the relevance |
1072 filter. If the option is set to \textit{smart}, it effectively takes a value |
1071 filter. If the option is set to \textit{smart} (the default), it effectively |
1073 that was empirically found to be appropriate for the prover. Typical values |
1072 takes a value that was empirically found to be appropriate for the prover. |
1074 range between 50 and 1000. |
1073 Typical values range between 50 and 1000. |
1075 |
1074 |
1076 For the MaSh-related commands \textit{learn\_isar}, \textit{learn\_prover}, |
1075 For the MaSh-related commands \textit{learn\_isar}, \textit{learn\_prover}, |
1077 \textit{relearn\_isar}, and \textit{relearn\_prover}, this option specifies the |
1076 \textit{relearn\_isar}, and \textit{relearn\_prover}, this option specifies the |
1078 maximum number of facts from the background library that should be learned |
1077 maximum number of facts from the background library that should be learned |
1079 ($\infty$ by default). |
1078 ($\infty$ by default). |
1093 |
1092 |
1094 \opdefault{max\_new\_mono\_instances}{int}{smart} |
1093 \opdefault{max\_new\_mono\_instances}{int}{smart} |
1095 Specifies the maximum number of monomorphic instances to generate beyond |
1094 Specifies the maximum number of monomorphic instances to generate beyond |
1096 \textit{max\_facts}. The higher this limit is, the more monomorphic instances |
1095 \textit{max\_facts}. The higher this limit is, the more monomorphic instances |
1097 are potentially generated. Whether monomorphization takes place depends on the |
1096 are potentially generated. Whether monomorphization takes place depends on the |
1098 type encoding used. If the option is set to \textit{smart}, it takes a value |
1097 type encoding used. If the option is set to \textit{smart} (the default), it |
1099 that was empirically found to be appropriate for the prover. For most provers, |
1098 takes a value that was empirically found to be appropriate for the prover. For |
1100 this value is 100. |
1099 most provers, this value is 100. |
1101 |
1100 |
1102 \nopagebreak |
1101 \nopagebreak |
1103 {\small See also \textit{type\_enc} (\S\ref{problem-encoding}).} |
1102 {\small See also \textit{type\_enc} (\S\ref{problem-encoding}).} |
1104 |
1103 |
1105 \opdefault{max\_mono\_iters}{int}{smart} |
1104 \opdefault{max\_mono\_iters}{int}{smart} |
1106 Specifies the maximum number of iterations for the monomorphization fixpoint |
1105 Specifies the maximum number of iterations for the monomorphization fixpoint |
1107 construction. The higher this limit is, the more monomorphic instances are |
1106 construction. The higher this limit is, the more monomorphic instances are |
1108 potentially generated. Whether monomorphization takes place depends on the |
1107 potentially generated. Whether monomorphization takes place depends on the |
1109 type encoding used. If the option is set to \textit{smart}, it takes a value |
1108 type encoding used. If the option is set to \textit{smart} (the default), it |
1110 that was empirically found to be appropriate for the prover. For most provers, |
1109 takes a value that was empirically found to be appropriate for the prover. |
1111 this value is 3. |
1110 For most provers, this value is 3. |
1112 |
1111 |
1113 \nopagebreak |
1112 \nopagebreak |
1114 {\small See also \textit{type\_enc} (\S\ref{problem-encoding}).} |
1113 {\small See also \textit{type\_enc} (\S\ref{problem-encoding}).} |
1115 \end{enum} |
1114 \end{enum} |
1116 |
1115 |
1296 \nopagebreak |
1295 \nopagebreak |
1297 {\small See also \textit{spy} (\S\ref{mode-of-operation}) and |
1296 {\small See also \textit{spy} (\S\ref{mode-of-operation}) and |
1298 \textit{overlord} (\S\ref{mode-of-operation}).} |
1297 \textit{overlord} (\S\ref{mode-of-operation}).} |
1299 |
1298 |
1300 \opsmart{isar\_proofs}{no\_isar\_proofs} |
1299 \opsmart{isar\_proofs}{no\_isar\_proofs} |
1301 Specifies whether Isar proofs should be output in addition to one-liner |
1300 Specifies whether Isar proofs should be output in addition to one-line proofs. |
1302 \textit{metis} proofs. The construction of Isar proof is still experimental and |
1301 The construction of Isar proof is still experimental and may sometimes fail; |
1303 may sometimes fail; however, when they succeed they are usually faster and more |
1302 however, when they succeed they are usually faster and more intelligible than |
1304 intelligible than \textit{metis} proofs. If the option is set to \textit{smart} |
1303 one-line proofs. If the option is set to \textit{smart} (the default), Isar |
1305 (the default), Isar proofs are only generated when no working one-liner |
1304 proofs are only generated when no working one-line proof is available. |
1306 \textit{metis} proof is available. |
|
1307 |
1305 |
1308 \opdefault{compress\_isar}{int}{\upshape 10} |
1306 \opdefault{compress\_isar}{int}{\upshape 10} |
1309 Specifies the granularity of the generated Isar proofs if \textit{isar\_proofs} |
1307 Specifies the granularity of the generated Isar proofs if \textit{isar\_proofs} |
1310 is explicitly enabled. A value of $n$ indicates that each Isar proof step should |
1308 is explicitly enabled. A value of $n$ indicates that each Isar proof step should |
1311 correspond to a group of up to $n$ consecutive proof steps in the ATP proof. |
1309 correspond to a group of up to $n$ consecutive proof steps in the ATP proof. |
1316 \optrue{try0\_isar}{dont\_try0\_isar} |
1314 \optrue{try0\_isar}{dont\_try0\_isar} |
1317 Specifies whether standard proof methods such as \textit{auto} and |
1315 Specifies whether standard proof methods such as \textit{auto} and |
1318 \textit{blast} should be tried as alternatives to \textit{metis} in Isar proofs. |
1316 \textit{blast} should be tried as alternatives to \textit{metis} in Isar proofs. |
1319 The collection of methods is roughly the same as for the \textbf{try0} command. |
1317 The collection of methods is roughly the same as for the \textbf{try0} command. |
1320 |
1318 |
1321 \opsmart{smt}{no\_smt} |
1319 \opsmart{smt\_proofs}{no\_smt\_proofs} |
1322 Specifies whether the \textit{smt} proof method should be tried as an |
1320 Specifies whether the \textit{smt} proof method should be tried as an |
1323 alternative to \textit{metis}. If the option is set to \textit{smart}, the |
1321 alternative to \textit{metis}. If the option is set to \textit{smart} (the |
1324 \textit{smt} method is used for one-line proofs but not in Isar proofs. |
1322 default), the \textit{smt} method is used for one-line proofs but not in Isar |
|
1323 proofs. |
1325 \end{enum} |
1324 \end{enum} |
1326 |
1325 |
1327 \subsection{Authentication} |
1326 \subsection{Authentication} |
1328 \label{authentication} |
1327 \label{authentication} |
1329 |
1328 |
1355 \opdefault{timeout}{float}{\upshape 30} |
1354 \opdefault{timeout}{float}{\upshape 30} |
1356 Specifies the maximum number of seconds that the automatic provers should spend |
1355 Specifies the maximum number of seconds that the automatic provers should spend |
1357 searching for a proof. This excludes problem preparation and is a soft limit. |
1356 searching for a proof. This excludes problem preparation and is a soft limit. |
1358 |
1357 |
1359 \opdefault{preplay\_timeout}{float}{\upshape 2} |
1358 \opdefault{preplay\_timeout}{float}{\upshape 2} |
1360 Specifies the maximum number of seconds that \textit{metis} or \textit{smt} |
1359 Specifies the maximum number of seconds that \textit{metis} or other proof |
1361 should spend trying to ``preplay'' the found proof. If this option is set to 0, |
1360 methods should spend trying to ``preplay'' the found proof. If this option |
1362 no preplaying takes place, and no timing information is displayed next to the |
1361 is set to 0, no preplaying takes place, and no timing information is displayed |
1363 suggested \textit{metis} calls. |
1362 next to the suggested proof method calls. |
1364 |
1363 |
1365 \nopagebreak |
1364 \nopagebreak |
1366 {\small See also \textit{minimize} (\S\ref{mode-of-operation}).} |
1365 {\small See also \textit{minimize} (\S\ref{mode-of-operation}).} |
1367 |
1366 |
1368 \optrueonly{dont\_preplay} |
1367 \optrueonly{dont\_preplay} |