17 % |
17 % |
18 \isadelimtheory |
18 \isadelimtheory |
19 % |
19 % |
20 \endisadelimtheory |
20 \endisadelimtheory |
21 % |
21 % |
22 \isamarkupchapter{Tactical theorem proving% |
22 \isamarkupchapter{Goal-directed reasoning% |
23 } |
23 } |
24 \isamarkuptrue% |
24 \isamarkuptrue% |
25 % |
25 % |
26 \begin{isamarkuptext}% |
26 \begin{isamarkuptext}% |
27 The basic idea of tactical theorem proving is to refine the |
27 The basic idea of tactical theorem proving is to refine the initial |
28 initial claim in a backwards fashion, until a solved form is reached. |
28 claim in a backwards fashion, until a solved form is reached. An |
29 An intermediate goal consists of several subgoals that need to be |
29 intermediate goal consists of several subgoals that need to be |
30 solved in order to achieve the main statement; zero subgoals means |
30 solved in order to achieve the main statement; zero subgoals means |
31 that the proof may be finished. Goal refinement operations are called |
31 that the proof may be finished. A \isa{tactic} is a refinement |
32 tactics; combinators for composing tactics are called tacticals.% |
32 operation that maps a goal to a lazy sequence of potential |
|
33 successors. A \isa{tactical} is a combinator for composing |
|
34 tactics.% |
33 \end{isamarkuptext}% |
35 \end{isamarkuptext}% |
34 \isamarkuptrue% |
36 \isamarkuptrue% |
35 % |
37 % |
36 \isamarkupsection{Goals \label{sec:tactical-goals}% |
38 \isamarkupsection{Goals \label{sec:tactical-goals}% |
37 } |
39 } |
38 \isamarkuptrue% |
40 \isamarkuptrue% |
39 % |
41 % |
40 \begin{isamarkuptext}% |
42 \begin{isamarkuptext}% |
41 Isabelle/Pure represents a goal\glossary{Tactical goal}{A |
43 Isabelle/Pure represents a goal\glossary{Tactical goal}{A theorem of |
42 theorem of \seeglossary{Horn Clause} form stating that a number of |
44 \seeglossary{Horn Clause} form stating that a number of subgoals |
43 subgoals imply the main conclusion, which is marked as a protected |
45 imply the main conclusion, which is marked as a protected |
44 proposition.} as a theorem stating that the subgoals imply the main |
46 proposition.} as a theorem stating that the subgoals imply the main |
45 goal: \isa{A\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ A\isactrlsub n\ {\isasymLongrightarrow}\ C}. The outermost goal |
47 goal: \isa{A\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ A\isactrlsub n\ {\isasymLongrightarrow}\ C}. The outermost goal |
46 structure is that of a Horn Clause\glossary{Horn Clause}{An iterated |
48 structure is that of a Horn Clause\glossary{Horn Clause}{An iterated |
47 implication \isa{A\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ A\isactrlsub n\ {\isasymLongrightarrow}\ C}, without any |
49 implication \isa{A\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ A\isactrlsub n\ {\isasymLongrightarrow}\ C}, without any |
48 outermost quantifiers. Strictly speaking, propositions \isa{A\isactrlsub i} need to be atomic in Horn Clauses, but Isabelle admits |
50 outermost quantifiers. Strictly speaking, propositions \isa{A\isactrlsub i} need to be atomic in Horn Clauses, but Isabelle admits |
49 arbitrary substructure here (nested \isa{{\isasymLongrightarrow}} and \isa{{\isasymAnd}} |
51 arbitrary substructure here (nested \isa{{\isasymLongrightarrow}} and \isa{{\isasymAnd}} |
50 connectives).}: an iterated implication without any |
52 connectives).}: i.e.\ an iterated implication without any |
51 quantifiers\footnote{Recall that outermost \isa{{\isasymAnd}x{\isachardot}\ {\isasymphi}{\isacharbrackleft}x{\isacharbrackright}} is |
53 quantifiers\footnote{Recall that outermost \isa{{\isasymAnd}x{\isachardot}\ {\isasymphi}{\isacharbrackleft}x{\isacharbrackright}} is |
52 always represented via schematic variables in the body: \isa{{\isasymphi}{\isacharbrackleft}{\isacharquery}x{\isacharbrackright}}. These may get instantiated during the course of |
54 always represented via schematic variables in the body: \isa{{\isasymphi}{\isacharbrackleft}{\isacharquery}x{\isacharbrackright}}. These variables may get instantiated during the course of |
53 reasoning.}. For \isa{n\ {\isacharequal}\ {\isadigit{0}}} a goal is solved. |
55 reasoning.}. For \isa{n\ {\isacharequal}\ {\isadigit{0}}} a goal is called ``solved''. |
54 |
56 |
55 The structure of each subgoal \isa{A\isactrlsub i} is that of a general |
57 The structure of each subgoal \isa{A\isactrlsub i} is that of a |
56 Heriditary Harrop Formula \isa{{\isasymAnd}x\isactrlsub {\isadigit{1}}\ {\isasymdots}\ {\isasymAnd}x\isactrlsub k{\isachardot}\ H\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ H\isactrlsub m\ {\isasymLongrightarrow}\ B} according to the normal form where any local |
58 general Hereditary Harrop Formula \isa{{\isasymAnd}x\isactrlsub {\isadigit{1}}\ {\isasymdots}\ {\isasymAnd}x\isactrlsub k{\isachardot}\ H\isactrlsub {\isadigit{1}}\ {\isasymLongrightarrow}\ {\isasymdots}\ {\isasymLongrightarrow}\ H\isactrlsub m\ {\isasymLongrightarrow}\ B} according to the normal |
57 \isa{{\isasymAnd}} is pulled before \isa{{\isasymLongrightarrow}}. Here \isa{x\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ x\isactrlsub k} are goal parameters, i.e.\ arbitrary-but-fixed entities of |
59 form where any local \isa{{\isasymAnd}} is pulled before \isa{{\isasymLongrightarrow}}. Here |
58 certain types, and \isa{H\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ H\isactrlsub m} are goal |
60 \isa{x\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ x\isactrlsub k} are goal parameters, i.e.\ |
59 hypotheses, i.e.\ facts that may be assumed locally. Together, this |
61 arbitrary-but-fixed entities of certain types, and \isa{H\isactrlsub {\isadigit{1}}{\isacharcomma}\ {\isasymdots}{\isacharcomma}\ H\isactrlsub m} are goal hypotheses, i.e.\ facts that may |
60 forms the goal context of the conclusion \isa{B} to be established. |
62 be assumed locally. Together, this forms the goal context of the |
61 The goal hypotheses may be again arbitrary Harrop Formulas, although |
63 conclusion \isa{B} to be established. The goal hypotheses may be |
62 the level of nesting rarely exceeds 1--2 in practice. |
64 again Hereditary Harrop Formulas, although the level of nesting |
63 |
65 rarely exceeds 1--2 in practice. |
64 The main conclusion \isa{C} is internally marked as a protected |
66 |
65 proposition\glossary{Protected proposition}{An arbitrarily structured |
67 The main conclusion \isa{C} is internally marked as a protected |
66 proposition \isa{C} which is forced to appear as atomic by |
68 proposition\glossary{Protected proposition}{An arbitrarily |
67 wrapping it into a propositional identity operator; notation \isa{{\isacharhash}C}. Protecting a proposition prevents basic inferences from |
69 structured proposition \isa{C} which is forced to appear as |
68 entering into that structure for the time being.}, which is |
70 atomic by wrapping it into a propositional identity operator; |
69 occasionally represented explicitly by the notation \isa{{\isacharhash}C}. |
71 notation \isa{{\isacharhash}C}. Protecting a proposition prevents basic |
70 This ensures that the decomposition into subgoals and main conclusion |
72 inferences from entering into that structure for the time being.}, |
71 is well-defined for arbitrarily structured claims. |
73 which is occasionally represented explicitly by the notation \isa{{\isacharhash}C}. This ensures that the decomposition into subgoals and main |
72 |
74 conclusion is well-defined for arbitrarily structured claims. |
73 \medskip Basic goal management is performed via the following |
75 |
74 Isabelle/Pure rules: |
76 \medskip Basic goal management is performed via the following |
|
77 Isabelle/Pure rules: |
75 |
78 |
76 \[ |
79 \[ |
77 \infer[\isa{{\isacharparenleft}init{\isacharparenright}}]{\isa{C\ {\isasymLongrightarrow}\ {\isacharhash}C}}{} \qquad |
80 \infer[\isa{{\isacharparenleft}init{\isacharparenright}}]{\isa{C\ {\isasymLongrightarrow}\ {\isacharhash}C}}{} \qquad |
78 \infer[\isa{{\isacharparenleft}finish{\isacharparenright}}]{\isa{{\isacharhash}C}}{\isa{C}} |
81 \infer[\isa{{\isacharparenleft}finish{\isacharparenright}}]{\isa{{\isacharhash}C}}{\isa{C}} |
79 \] |
82 \] |
171 \secref{sec:tactical-goals}. Further checks are required to ensure |
174 \secref{sec:tactical-goals}. Further checks are required to ensure |
172 that the result is actually an instance of the original claim -- |
175 that the result is actually an instance of the original claim -- |
173 ill-behaved tactics could have destroyed that information. |
176 ill-behaved tactics could have destroyed that information. |
174 |
177 |
175 Several simultaneous claims may be handled within a single goal |
178 Several simultaneous claims may be handled within a single goal |
176 statement by using meta-level conjunction internally.\footnote{This |
179 statement by using meta-level conjunction internally. The whole |
177 is merely syntax for certain derived statements within |
180 configuration may be considered within a context of |
178 Isabelle/Pure, there is no need to introduce a separate conjunction |
181 arbitrary-but-fixed parameters and hypotheses, which will be |
179 operator.} The whole configuration may be considered within a |
182 available as local facts during the proof and discharged into |
180 context of arbitrary-but-fixed parameters and hypotheses, which will |
|
181 be available as local facts during the proof and discharged into |
|
182 implications in the result. |
183 implications in the result. |
183 |
184 |
184 All of these administrative tasks are packaged into a separate |
185 All of these administrative tasks are packaged into a separate |
185 operation, such that the user merely needs to provide the statement |
186 operation, such that the user merely needs to provide the statement |
186 and tactic to be applied.% |
187 and tactic to be applied.% |