1 \chapter{Basic Concepts} |
1 \chapter{Basic Concepts} |
2 |
2 |
3 \section{Introduction} |
3 \section{Introduction} |
4 |
4 |
5 This is a tutorial on how to use Isabelle/HOL as a specification and |
5 This is a tutorial on how to use the theorem prover Isabelle/HOL as a specification and |
6 verification system. Isabelle is a generic system for implementing logical |
6 verification system. Isabelle is a generic system for implementing logical |
7 formalisms, and Isabelle/HOL is the specialization of Isabelle for |
7 formalisms, and Isabelle/HOL is the specialization of Isabelle for |
8 HOL, which abbreviates Higher-Order Logic. We introduce HOL step by step |
8 HOL, which abbreviates Higher-Order Logic. We introduce HOL step by step |
9 following the equation |
9 following the equation |
10 \[ \mbox{HOL} = \mbox{Functional Programming} + \mbox{Logic}. \] |
10 \[ \mbox{HOL} = \mbox{Functional Programming} + \mbox{Logic}. \] |
13 by Bird and Wadler~\cite{Bird-Wadler} or Paulson~\cite{paulson-ml2}. Although |
13 by Bird and Wadler~\cite{Bird-Wadler} or Paulson~\cite{paulson-ml2}. Although |
14 this tutorial initially concentrates on functional programming, do not be |
14 this tutorial initially concentrates on functional programming, do not be |
15 misled: HOL can express most mathematical concepts, and functional |
15 misled: HOL can express most mathematical concepts, and functional |
16 programming is just one particularly simple and ubiquitous instance. |
16 programming is just one particularly simple and ubiquitous instance. |
17 |
17 |
18 This tutorial introduces HOL via Isabelle/Isar~\cite{isabelle-isar-ref}, |
18 Isabelle~\cite{paulson-isa-book} is implemented in ML~\cite{SML}. |
19 which is an extension of Isabelle~\cite{paulson-isa-book} with structured |
19 This has influenced some of HOL's concrete syntax but is otherwise |
20 proofs.\footnote{Thus the full name of the system should be |
20 irrelevant for us because this tutorial is based on |
21 Isabelle/Isar/HOL, but that is a bit of a mouthful.} The most noticeable |
21 Isabelle/Isar~\cite{isabelle-isar-ref}, an extension of Isabelle |
22 difference to classical Isabelle (which is the basis of another version of |
22 with structured proofs.\footnote{Thus the full name of the system should be |
23 this tutorial) is the replacement of the ML level by a dedicated language for |
23 Isabelle/Isar/HOL, but that is a bit of a mouthful.} |
24 definitions and proofs. |
|
25 |
24 |
26 A tutorial is by definition incomplete. Currently the tutorial only |
25 A tutorial is by definition incomplete. Currently the tutorial only |
27 introduces the rudiments of Isar's proof language. To fully exploit the power |
26 introduces the rudiments of Isar's proof language. To fully exploit the power |
28 of Isar you need to consult the Isabelle/Isar Reference |
27 of Isar you need to consult the Isabelle/Isar Reference |
29 Manual~\cite{isabelle-isar-ref}. If you want to use Isabelle's ML level |
28 Manual~\cite{isabelle-isar-ref}. If you want to use Isabelle's ML level |
72 |
71 |
73 \begin{warn} |
72 \begin{warn} |
74 HOL contains a theory \isaindexbold{Main}, the union of all the basic |
73 HOL contains a theory \isaindexbold{Main}, the union of all the basic |
75 predefined theories like arithmetic, lists, sets, etc. |
74 predefined theories like arithmetic, lists, sets, etc. |
76 Unless you know what you are doing, always include \isa{Main} |
75 Unless you know what you are doing, always include \isa{Main} |
77 as a direct or indirect parent theory of all your theories. |
76 as a direct or indirect parent of all your theories. |
78 \end{warn} |
77 \end{warn} |
79 |
78 |
80 |
79 |
81 \section{Types, Terms and Formulae} |
80 \section{Types, Terms and Formulae} |
82 \label{sec:TypesTermsForms} |
81 \label{sec:TypesTermsForms} |
194 In general, HOL's concrete syntax tries to follow the conventions of |
194 In general, HOL's concrete syntax tries to follow the conventions of |
195 functional programming and mathematics. Below we list the main rules that you |
195 functional programming and mathematics. Below we list the main rules that you |
196 should be familiar with to avoid certain syntactic traps. A particular |
196 should be familiar with to avoid certain syntactic traps. A particular |
197 problem for novices can be the priority of operators. If you are unsure, use |
197 problem for novices can be the priority of operators. If you are unsure, use |
198 additional parentheses. In those cases where Isabelle echoes your |
198 additional parentheses. In those cases where Isabelle echoes your |
199 input, you can see which parentheses are dropped---they were superfluous. If |
199 input, you can see which parentheses are dropped --- they were superfluous. If |
200 you are unsure how to interpret Isabelle's output because you don't know |
200 you are unsure how to interpret Isabelle's output because you don't know |
201 where the (dropped) parentheses go, set the \rmindex{flag} |
201 where the (dropped) parentheses go, set the \rmindex{flag} |
202 \isaindexbold{show_brackets}: |
202 \isaindexbold{show_brackets}: |
203 \begin{ttbox} |
203 \begin{ttbox} |
204 ML "set show_brackets"; \(\dots\); ML "reset show_brackets"; |
204 ML "set show_brackets"; \(\dots\); ML "reset show_brackets"; |
220 logical equivalence, enclose both operands in parentheses, as in \isa{(A |
220 logical equivalence, enclose both operands in parentheses, as in \isa{(A |
221 \isasymand~B) = (B \isasymand~A)}. |
221 \isasymand~B) = (B \isasymand~A)}. |
222 \item |
222 \item |
223 Constructs with an opening but without a closing delimiter bind very weakly |
223 Constructs with an opening but without a closing delimiter bind very weakly |
224 and should therefore be enclosed in parentheses if they appear in subterms, as |
224 and should therefore be enclosed in parentheses if they appear in subterms, as |
225 in \isa{f = (\isasymlambda{}x.~x)}. This includes \isaindex{if}, |
225 in \isa{(\isasymlambda{}x.~x) = f}. This includes \isaindex{if}, |
226 \isaindex{let}, \isaindex{case}, \isa{\isasymlambda}, and quantifiers. |
226 \isaindex{let}, \isaindex{case}, \isa{\isasymlambda}, and quantifiers. |
227 \item |
227 \item |
228 Never write \isa{\isasymlambda{}x.x} or \isa{\isasymforall{}x.x=x} |
228 Never write \isa{\isasymlambda{}x.x} or \isa{\isasymforall{}x.x=x} |
229 because \isa{x.x} is always read as a single qualified identifier that |
229 because \isa{x.x} is always read as a single qualified identifier that |
230 refers to an item \isa{x} in theory \isa{x}. Write |
230 refers to an item \isa{x} in theory \isa{x}. Write |