35 interactively. Both actual theory specifications and proofs are handled |
36 interactively. Both actual theory specifications and proofs are handled |
36 uniformly --- occasionally definitional mechanisms even require some explicit |
37 uniformly --- occasionally definitional mechanisms even require some explicit |
37 proof as well. In contrast, ``old-style'' Isabelle theories support batch |
38 proof as well. In contrast, ``old-style'' Isabelle theories support batch |
38 processing only, with the proof scripts collected in separate ML files. |
39 processing only, with the proof scripts collected in separate ML files. |
39 |
40 |
40 The first command of any theory has to be $\THEORY$, starting a new theory |
41 The first actual command of any theory has to be $\THEORY$, starting a new |
41 based on the merge of existing ones. The theory context may be also changed |
42 theory based on the merge of existing ones. Just preceding $\THEORY$, there |
42 by $\CONTEXT$ without creating a new theory. In both cases, $\END$ concludes |
43 may be an optional $\isarkeyword{header}$ declaration, which is relevant to |
43 the theory development; it has to be the very last command of any proper |
44 document preparation only; it acts very much like a special pre-theory markup |
44 theory file. |
45 command (cf.\ \S\ref{sec:markup-thy} and \S\ref{sec:markup-thy}). The theory |
45 |
46 context may be also changed by $\CONTEXT$ without creating a new theory. In |
46 \begin{rail} |
47 both cases, $\END$ concludes the theory development; it has to be the very |
|
48 last command in a theory file. |
|
49 |
|
50 \begin{rail} |
|
51 'header' text |
|
52 ; |
47 'theory' name '=' (name + '+') filespecs? ':' |
53 'theory' name '=' (name + '+') filespecs? ':' |
48 ; |
54 ; |
49 'context' name |
55 'context' name |
50 ; |
56 ; |
51 'end' |
57 'end' |
53 |
59 |
54 filespecs: 'files' ((name | parname) +); |
60 filespecs: 'files' ((name | parname) +); |
55 \end{rail} |
61 \end{rail} |
56 |
62 |
57 \begin{descr} |
63 \begin{descr} |
|
64 \item [$\isarkeyword{header}~text$] provides plain text markup just preceding |
|
65 the formal begin of a theory. In actual document preparation the |
|
66 corresponding {\LaTeX} macro \verb,\isamarkupheader, may be redefined to |
|
67 produce chapter or section headings. See also \S\ref{sec:markup-thy} and |
|
68 \S\ref{sec:markup-prf} for further markup commands. |
|
69 |
58 \item [$\THEORY~A = B@1 + \cdots + B@n$] commences a new theory $A$ based on |
70 \item [$\THEORY~A = B@1 + \cdots + B@n$] commences a new theory $A$ based on |
59 existing ones $B@1 + \cdots + B@n$. Isabelle's theory loader system ensures |
71 existing ones $B@1 + \cdots + B@n$. Isabelle's theory loader system ensures |
60 that any of the base theories are properly loaded (and fully up-to-date when |
72 that any of the base theories are properly loaded (and fully up-to-date when |
61 $\THEORY$ is executed interactively). The optional $\isarkeyword{files}$ |
73 $\THEORY$ is executed interactively). The optional $\isarkeyword{files}$ |
62 specification declares additional dependencies on ML files. Unless put in |
74 specification declares additional dependencies on ML files. Unless put in |
63 parentheses, any file will be loaded immediately via $\isarcmd{use}$ (see |
75 parentheses, any file will be loaded immediately via $\isarcmd{use}$ (see |
64 also \S\ref{sec:ML}). The optional ML file \texttt{$A$.ML} that may be |
76 also \S\ref{sec:ML}). The optional ML file \texttt{$A$.ML} that may be |
65 associated with any theory should \emph{not} be included in |
77 associated with any theory should \emph{not} be included in |
66 $\isarkeyword{files}$. |
78 $\isarkeyword{files}$. |
67 |
79 |
68 \item [$\CONTEXT~B$] enters an existing theory context $B$, basically in |
80 \item [$\CONTEXT~B$] enters an existing theory context, basically in read-only |
69 read-only mode, so only a limited set of commands may be performed. Just as |
81 mode, so only a limited set of commands may be performed. Just as for |
70 for $\THEORY$, the theory loader ensures that $B$ is loaded and up-to-date. |
82 $\THEORY$, the theory loader ensures that $B$ is loaded and up-to-date. |
71 |
83 |
72 \item [$\END$] concludes the current theory definition or context switch. |
84 \item [$\END$] concludes the current theory definition or context switch. |
73 Note that this command cannot be undone, instead the theory definition |
85 Note that this command cannot be undone, instead the whole theory definition |
74 itself has to be retracted. |
86 has to be retracted. |
75 \end{descr} |
87 \end{descr} |
76 |
88 |
77 |
89 |
78 \subsection{Formal comments}\label{sec:formal-cmt-thy} |
90 \subsection{Theory markup commands}\label{sec:markup-thy} |
79 |
91 |
80 \indexisarcmd{title}\indexisarcmd{chapter}\indexisarcmd{section}\indexisarcmd{subsection} |
92 \indexisarcmd{chapter}\indexisarcmd{section}\indexisarcmd{subsection} |
81 \indexisarcmd{subsubsection}\indexisarcmd{text} |
93 \indexisarcmd{subsubsection}\indexisarcmd{text}\indexisarcmd{text-raw} |
82 \begin{matharray}{rcl} |
94 \begin{matharray}{rcl} |
83 \isarcmd{title} & : & \isartrans{theory}{theory} \\ |
|
84 \isarcmd{chapter} & : & \isartrans{theory}{theory} \\ |
95 \isarcmd{chapter} & : & \isartrans{theory}{theory} \\ |
85 \isarcmd{section} & : & \isartrans{theory}{theory} \\ |
96 \isarcmd{section} & : & \isartrans{theory}{theory} \\ |
86 \isarcmd{subsection} & : & \isartrans{theory}{theory} \\ |
97 \isarcmd{subsection} & : & \isartrans{theory}{theory} \\ |
87 \isarcmd{subsubsection} & : & \isartrans{theory}{theory} \\ |
98 \isarcmd{subsubsection} & : & \isartrans{theory}{theory} \\ |
88 \isarcmd{text} & : & \isartrans{theory}{theory} \\ |
99 \isarcmd{text} & : & \isartrans{theory}{theory} \\ |
89 \end{matharray} |
100 \isarcmd{text_raw} & : & \isartrans{theory}{theory} \\ |
90 |
101 \end{matharray} |
91 There are several commands to include \emph{formal comments} in theory |
102 |
92 specification (a few more are available for proofs, see |
103 Apart from formal comments (see \S\ref{sec:comments}), markup commands provide |
93 \S\ref{sec:formal-cmt-prf}). In contrast to source-level comments |
104 another way to insert text into the document generated from a theory (see |
94 \verb|(*|\dots\verb|*)|, which are stripped at the lexical level, any text |
105 \cite{isabelle-sys} for more information on Isabelle's document preparation |
95 given as formal comment is meant to be part of the actual document. |
106 tools). |
96 Consequently, it would be included in the final printed version. |
107 |
97 |
108 \railalias{textraw}{text\_raw} |
98 Apart from plain prose, formal comments may also refer to logical entities of |
109 \railterm{textraw} |
99 the theory context (types, terms, theorems etc.). Proper processing of the |
110 |
100 text would then include some further consistency checks with the items |
111 \begin{rail} |
101 declared in the current theory, e.g.\ type-checking of included |
112 ('chapter' | 'section' | 'subsection' | 'subsubsection' | 'text' | textraw) text |
102 terms.\footnote{The current version of Isabelle/Isar does not process formal |
113 ; |
103 comments in any such way. This will be available as part of the automatic |
114 \end{rail} |
104 theory and proof document preparation system (using (PDF){\LaTeX}) that is |
115 |
105 planned for the near future.} |
116 \begin{descr} |
106 |
|
107 \begin{rail} |
|
108 'title' text text? text? |
|
109 ; |
|
110 ('chapter' | 'section' | 'subsection' | 'subsubsection' | 'text') text |
|
111 ; |
|
112 \end{rail} |
|
113 |
|
114 \begin{descr} |
|
115 \item [$\isarkeyword{title}~title~author~date$] specifies the document title |
|
116 just as in typical {\LaTeX} documents. |
|
117 \item [$\isarkeyword{chapter}$, $\isarkeyword{section}$, |
117 \item [$\isarkeyword{chapter}$, $\isarkeyword{section}$, |
118 $\isarkeyword{subsection}$, and $\isarkeyword{subsubsection}$] mark chapter |
118 $\isarkeyword{subsection}$, and $\isarkeyword{subsubsection}$] mark chapter |
119 and section headings. |
119 and section headings. |
120 \item [$\TEXT$] specifies an actual body of prose text, including references |
120 \item [$\TEXT$] specifies paragraphs of plain text, including references to |
121 to formal entities.\footnote{The latter feature is not yet exploited. |
121 formal entities.\footnote{The latter feature is not yet supported. |
122 Nevertheless, any text of the form \texttt{\at\ttlbrace\dots\ttrbrace} |
122 Nevertheless, any source text of the form |
123 should be considered as reserved for future use.} |
123 ``\texttt{\at\ttlbrace$\dots$\ttrbrace}'' should be considered as reserved |
124 \end{descr} |
124 for future use.} |
|
125 \item [$\isarkeyword{text_raw}$] inserts {\LaTeX} source into the output, |
|
126 without additional markup. Thus the full range of document manipulations |
|
127 becomes available. A typical application would be to emit |
|
128 \verb,\begin{comment}, and \verb,\end{comment}, commands to exclude certain |
|
129 parts from the final document.\footnote{This requires the \texttt{comment} |
|
130 {\LaTeX} package to be included} |
|
131 \end{descr} |
|
132 |
|
133 Any markup command (except $\isarkeyword{text_raw}$) corresponds to a {\LaTeX} |
|
134 macro with the name derived from \verb,\isamarkup, (e.g.\ |
|
135 \verb,\isamarkupchapter, for $\isarkeyword{chapter}$). The \railqtoken{text} |
|
136 argument is passed to that macro unchanged, i.e.\ any {\LaTeX} commands may be |
|
137 included here. |
|
138 |
|
139 \medskip Further markup commands are available for proofs (see |
|
140 \S\ref{sec:markup-prf}). Also note that the $\isarkeyword{header}$ |
|
141 declaration (see \S\ref{sec:begin-thy}) admits to insert document markup |
|
142 elements just preceding the actual theory definition. |
125 |
143 |
126 |
144 |
127 \subsection{Type classes and sorts}\label{sec:classes} |
145 \subsection{Type classes and sorts}\label{sec:classes} |
128 |
146 |
129 \indexisarcmd{classes}\indexisarcmd{classrel}\indexisarcmd{defaultsort} |
147 \indexisarcmd{classes}\indexisarcmd{classrel}\indexisarcmd{defaultsort} |
178 |
196 |
179 \begin{descr} |
197 \begin{descr} |
180 \item [$\TYPES~(\vec\alpha)t = \tau$] introduces \emph{type synonym} |
198 \item [$\TYPES~(\vec\alpha)t = \tau$] introduces \emph{type synonym} |
181 $(\vec\alpha)t$ for existing type $\tau$. Unlike actual type definitions, |
199 $(\vec\alpha)t$ for existing type $\tau$. Unlike actual type definitions, |
182 as are available in Isabelle/HOL for example, type synonyms are just purely |
200 as are available in Isabelle/HOL for example, type synonyms are just purely |
183 syntactic abbreviations, without any logical significance. Internally, type |
201 syntactic abbreviations without any logical significance. Internally, type |
184 synonyms are fully expanded, as may be observed when printing terms or |
202 synonyms are fully expanded, as may be observed when printing terms or |
185 theorems. |
203 theorems. |
186 \item [$\isarkeyword{typedecl}~(\vec\alpha)t$] declares a new type constructor |
204 \item [$\isarkeyword{typedecl}~(\vec\alpha)t$] declares a new type constructor |
187 $t$, intended as an actual logical type. Note that some logics such as |
205 $t$, intended as an actual logical type. Note that object-logics such as |
188 Isabelle/HOL provide their own version of $\isarkeyword{typedecl}$. |
206 Isabelle/HOL override $\isarkeyword{typedecl}$ by their own version. |
189 \item [$\isarkeyword{nonterminals}~\vec c$] declares $0$-ary type constructors |
207 \item [$\isarkeyword{nonterminals}~\vec c$] declares $0$-ary type constructors |
190 $\vec c$ to act as purely syntactic types, i.e.\ nonterminal symbols of |
208 $\vec c$ to act as purely syntactic types, i.e.\ nonterminal symbols of |
191 Isabelle's inner syntax of terms or types. |
209 Isabelle's inner syntax of terms or types. |
192 \item [$\isarkeyword{arities}~t::(\vec s)s$] augments Isabelle's order-sorted |
210 \item [$\isarkeyword{arities}~t::(\vec s)s$] augments Isabelle's order-sorted |
193 signature of types by new type constructor arities. This is done |
211 signature of types by new type constructor arities. This is done |
194 axiomatically! The $\isarkeyword{instance}$ command (see |
212 axiomatically! The $\isarkeyword{instance}$ command (see |
195 \S\ref{sec:axclass}) provides a way introduce proven type arities. |
213 \S\ref{sec:axclass}) provides a way to introduce proven type arities. |
196 \end{descr} |
214 \end{descr} |
197 |
215 |
198 |
216 |
199 \subsection{Constants and simple definitions} |
217 \subsection{Constants and simple definitions} |
200 |
218 |
301 \begin{matharray}{rcl} |
319 \begin{matharray}{rcl} |
302 \isarcmd{global} & : & \isartrans{theory}{theory} \\ |
320 \isarcmd{global} & : & \isartrans{theory}{theory} \\ |
303 \isarcmd{local} & : & \isartrans{theory}{theory} \\ |
321 \isarcmd{local} & : & \isartrans{theory}{theory} \\ |
304 \end{matharray} |
322 \end{matharray} |
305 |
323 |
306 Isabelle organizes any kind of names (of types, constants, theorems etc.) by |
324 Isabelle organizes any kind of name declarations (of types, constants, |
307 hierarchically structured name spaces. Normally the user never has to control |
325 theorems etc.) by hierarchically structured name spaces. Normally the user |
308 the behavior of name space entry by hand, yet the following commands provide |
326 never has to control the behavior of name space entry by hand, yet the |
309 some way to do so. |
327 following commands provide some way to do so. |
310 |
328 |
311 \begin{descr} |
329 \begin{descr} |
312 \item [$\isarkeyword{global}$ and $\isarkeyword{local}$] change the current |
330 \item [$\isarkeyword{global}$ and $\isarkeyword{local}$] change the current |
313 name declaration mode. Initially, theories start in $\isarkeyword{local}$ |
331 name declaration mode. Initially, theories start in $\isarkeyword{local}$ |
314 mode, causing all names to be automatically qualified by the theory name. |
332 mode, causing all names to be automatically qualified by the theory name. |
315 Changing this to $\isarkeyword{global}$ causes all names to be declared as |
333 Changing this to $\isarkeyword{global}$ causes all names to be declared |
316 base names only, until $\isarkeyword{local}$ is declared again. |
334 without the theory prefix, until $\isarkeyword{local}$ is declared again. |
317 \end{descr} |
335 \end{descr} |
318 |
336 |
319 |
337 |
320 \subsection{Incorporating ML code}\label{sec:ML} |
338 \subsection{Incorporating ML code}\label{sec:ML} |
321 |
339 |
322 \indexisarcmd{use}\indexisarcmd{ML}\indexisarcmd{setup} |
340 \indexisarcmd{use}\indexisarcmd{ML}\indexisarcmd{ML-setup}\indexisarcmd{setup} |
323 \begin{matharray}{rcl} |
341 \begin{matharray}{rcl} |
324 \isarcmd{use} & : & \isartrans{\cdot}{\cdot} \\ |
342 \isarcmd{use} & : & \isartrans{\cdot}{\cdot} \\ |
325 \isarcmd{ML} & : & \isartrans{\cdot}{\cdot} \\ |
343 \isarcmd{ML} & : & \isartrans{\cdot}{\cdot} \\ |
|
344 \isarcmd{ML_setup} & : & \isartrans{theory}{theory} \\ |
326 \isarcmd{setup} & : & \isartrans{theory}{theory} \\ |
345 \isarcmd{setup} & : & \isartrans{theory}{theory} \\ |
327 \end{matharray} |
346 \end{matharray} |
328 |
347 |
|
348 \railalias{MLsetup}{ML\_setup} |
|
349 \railterm{MLsetup} |
|
350 |
329 \begin{rail} |
351 \begin{rail} |
330 'use' name |
352 'use' name |
331 ; |
353 ; |
332 'ML' text |
354 ('ML' | MLsetup | 'setup') text |
333 ; |
|
334 'setup' text |
|
335 ; |
355 ; |
336 \end{rail} |
356 \end{rail} |
337 |
357 |
338 \begin{descr} |
358 \begin{descr} |
339 \item [$\isarkeyword{use}~file$] reads and executes ML commands from $file$. |
359 \item [$\isarkeyword{use}~file$] reads and executes ML commands from $file$. |
340 The current theory context (if present) is passed down to the ML session, |
360 The current theory context (if present) is passed down to the ML session, |
341 but must not be modified. Furthermore, the file name is checked with the |
361 but must not be modified. Furthermore, the file name is checked with the |
342 $\isarkeyword{files}$ dependency declaration given in the theory header (see |
362 $\isarkeyword{files}$ dependency declaration given in the theory header (see |
343 also \S\ref{sec:begin-thy}). |
363 also \S\ref{sec:begin-thy}). |
344 |
364 |
345 \item [$\isarkeyword{ML}~text$] reads and executes ML commands from $text$. |
365 \item [$\isarkeyword{ML}~text$] executes ML commands from $text$. The theory |
346 The theory context is passed in the same way as for $\isarkeyword{use}$. |
366 context is passed in the same way as for $\isarkeyword{use}$. |
347 |
367 |
|
368 \item [$\isarkeyword{ML_setup}~text$] executes ML commands from $text$. The |
|
369 theory context is passed down to the ML session, and fetched back |
|
370 afterwards. Thus $text$ may actually change the theory as a side effect. |
|
371 |
348 \item [$\isarkeyword{setup}~text$] changes the current theory context by |
372 \item [$\isarkeyword{setup}~text$] changes the current theory context by |
349 applying setup functions $text$, which has to be an ML expression of type |
373 applying setup functions from $text$, which has to refer to an ML expression |
350 $(theory \to theory)~list$. The $\isarkeyword{setup}$ command is the usual |
374 of type $(theory \to theory)~list$. The $\isarkeyword{setup}$ command is |
351 way to initialize object-logic specific tools and packages written in ML. |
375 the canonical way to initialize object-logic specific tools and packages |
|
376 written in ML. |
352 \end{descr} |
377 \end{descr} |
353 |
378 |
354 |
379 |
355 \subsection{Syntax translation functions} |
380 \subsection{Syntax translation functions} |
356 |
381 |
404 transitions are \emph{typed} according to the following three three different |
429 transitions are \emph{typed} according to the following three three different |
405 modes of operation: |
430 modes of operation: |
406 \begin{descr} |
431 \begin{descr} |
407 \item [$proof(prove)$] means that a new goal has just been stated that is now |
432 \item [$proof(prove)$] means that a new goal has just been stated that is now |
408 to be \emph{proven}; the next command may refine it by some proof method |
433 to be \emph{proven}; the next command may refine it by some proof method |
409 ($\approx$ tactic), and enter a sub-proof to establish the final result. |
434 (read: tactic), and enter a sub-proof to establish the actual result. |
410 \item [$proof(state)$] is like an internal theory mode: the context may be |
435 \item [$proof(state)$] is like an internal theory mode: the context may be |
411 augmented by \emph{stating} additional assumptions, intermediate result etc. |
436 augmented by \emph{stating} additional assumptions, intermediate result etc. |
412 \item [$proof(chain)$] is an intermediate mode between $proof(state)$ and |
437 \item [$proof(chain)$] is intermediate between $proof(state)$ and |
413 $proof(prove)$: existing facts (i.e.\ the contents of $this$) have been just |
438 $proof(prove)$: existing facts (i.e.\ the contents of $this$) have been just |
414 picked up in order to use them when refining the goal claimed next. |
439 picked up in order to be used when refining the goal claimed next. |
415 \end{descr} |
440 \end{descr} |
416 |
441 |
417 |
442 |
418 \subsection{Formal comments}\label{sec:formal-cmt-prf} |
443 \subsection{Proof markup commands}\label{sec:markup-prf} |
419 |
444 |
420 \indexisarcmd{sect}\indexisarcmd{subsect}\indexisarcmd{subsect}\indexisarcmd{txt} |
445 \indexisarcmd{sect}\indexisarcmd{subsect}\indexisarcmd{subsect} |
|
446 \indexisarcmd{txt}\indexisarcmd{txt-raw} |
421 \begin{matharray}{rcl} |
447 \begin{matharray}{rcl} |
422 \isarcmd{sect} & : & \isartrans{proof(state)}{proof(state)} \\ |
448 \isarcmd{sect} & : & \isartrans{proof(state)}{proof(state)} \\ |
423 \isarcmd{subsect} & : & \isartrans{proof(state)}{proof(state)} \\ |
449 \isarcmd{subsect} & : & \isartrans{proof(state)}{proof(state)} \\ |
424 \isarcmd{subsubsect} & : & \isartrans{proof(state)}{proof(state)} \\ |
450 \isarcmd{subsubsect} & : & \isartrans{proof(state)}{proof(state)} \\ |
425 \isarcmd{txt} & : & \isartrans{proof(state)}{proof(state)} \\ |
451 \isarcmd{txt} & : & \isartrans{proof(state)}{proof(state)} \\ |
426 \end{matharray} |
452 \isarcmd{txt_raw} & : & \isartrans{proof(state)}{proof(state)} \\ |
427 |
453 \end{matharray} |
428 These formal comments in proof mode closely correspond to the ones of theory |
454 |
429 mode (see \S\ref{sec:formal-cmt-thy}). |
455 These markup commands for proof mode closely correspond to the ones of theory |
430 |
456 mode (see \S\ref{sec:markup-thy}). Note that $\isarkeyword{txt_raw}$ is |
431 \begin{rail} |
457 special in the same way as $\isarkeyword{text_raw}$. |
432 ('sect' | 'subsect' | 'subsubsect' | 'txt') text |
458 |
|
459 \railalias{txtraw}{txt\_raw} |
|
460 \railterm{txtraw} |
|
461 |
|
462 \begin{rail} |
|
463 ('sect' | 'subsect' | 'subsubsect' | 'txt' | txtraw) text |
433 ; |
464 ; |
434 \end{rail} |
465 \end{rail} |
435 |
466 |
436 |
467 |
437 \subsection{Proof context}\label{sec:proof-context} |
468 \subsection{Proof context}\label{sec:proof-context} |
447 The logical proof context consists of fixed variables and assumptions. The |
478 The logical proof context consists of fixed variables and assumptions. The |
448 former closely correspond to Skolem constants, or meta-level universal |
479 former closely correspond to Skolem constants, or meta-level universal |
449 quantification as provided by the Isabelle/Pure logical framework. |
480 quantification as provided by the Isabelle/Pure logical framework. |
450 Introducing some \emph{arbitrary, but fixed} variable via $\FIX x$ results in |
481 Introducing some \emph{arbitrary, but fixed} variable via $\FIX x$ results in |
451 a local object that may be used in the subsequent proof as any other variable |
482 a local object that may be used in the subsequent proof as any other variable |
452 or constant. Furthermore, any result $\phi[x]$ exported from the current |
483 or constant. Furthermore, any result $\edrv \phi[x]$ exported from the |
453 context will be universally closed wrt.\ $x$ at the outermost level (this is |
484 current context will be universally closed wrt.\ $x$ at the outermost level: |
454 expressed using Isabelle's meta-variables). |
485 $\edrv \All x \phi$; this is expressed using Isabelle's meta-variables. |
455 |
486 |
456 Similarly, introducing some assumption $\chi$ has two effects. On the one |
487 Similarly, introducing some assumption $\chi$ has two effects. On the one |
457 hand, a local theorem is created that may be used as a fact in subsequent |
488 hand, a local theorem is created that may be used as a fact in subsequent |
458 proof steps. On the other hand, any result $\phi$ exported from the context |
489 proof steps. On the other hand, any result $\chi \drv \phi$ exported from the |
459 becomes conditional wrt.\ the assumption. Thus, solving an enclosing goal |
490 context becomes conditional wrt.\ the assumption: $\edrv \chi \Imp \phi$. |
460 using such a result would basically introduce a new subgoal stemming from the |
491 Thus, solving an enclosing goal using such a result would basically introduce |
461 assumption. How this situation is handled depends on the actual version of |
492 a new subgoal stemming from the assumption. How this situation is handled |
462 assumption command used: while $\ASSUMENAME$ solves the subgoal by unifying |
493 depends on the actual version of assumption command used: while $\ASSUMENAME$ |
463 with some premise of the goal, $\PRESUMENAME$ leaves the subgoal unchanged to |
494 insists on solving the subgoal by unification with some premise of the goal, |
464 be proved later by the user. |
495 $\PRESUMENAME$ leaves the subgoal unchanged in order to be proved later by the |
|
496 user. |
465 |
497 |
466 Local definitions, introduced by $\DEF{}{x \equiv t}$, are achieved by |
498 Local definitions, introduced by $\DEF{}{x \equiv t}$, are achieved by |
467 combining $\FIX x$ with another kind of assumption that causes any |
499 combining $\FIX x$ with another kind of assumption that causes any |
468 hypothetical equation $x = t$ to be eliminated by reflexivity. Thus, |
500 hypothetical equation $x \equiv t$ to be eliminated by reflexivity. Thus, |
469 exporting some result $\phi[x]$ simply yields $\phi[t]$. |
501 exporting some result $x \equiv t \drv \phi[x]$ yields $\edrv \phi[t]$. |
470 |
502 |
471 \begin{rail} |
503 \begin{rail} |
472 'fix' (vars + 'and') comment? |
504 'fix' (vars + 'and') comment? |
473 ; |
505 ; |
474 ('assume' | 'presume') (assm comment? + 'and') |
506 ('assume' | 'presume') (assm comment? + 'and') |
486 |
518 |
487 \begin{descr} |
519 \begin{descr} |
488 \item [$\FIX{x}$] introduces a local \emph{arbitrary, but fixed} variable $x$. |
520 \item [$\FIX{x}$] introduces a local \emph{arbitrary, but fixed} variable $x$. |
489 \item [$\ASSUME{a}{\Phi}$ and $\PRESUME{a}{\Phi}$] introduce local theorems |
521 \item [$\ASSUME{a}{\Phi}$ and $\PRESUME{a}{\Phi}$] introduce local theorems |
490 $\Phi$ by assumption. Subsequent results applied to an enclosing goal |
522 $\Phi$ by assumption. Subsequent results applied to an enclosing goal |
491 (e.g.\ via $\SHOWNAME$) are handled as follows: $\ASSUMENAME$ expects to be |
523 (e.g.\ by $\SHOWNAME$) are handled as follows: $\ASSUMENAME$ expects to be |
492 able to unify with existing premises in the goal, while $\PRESUMENAME$ |
524 able to unify with existing premises in the goal, while $\PRESUMENAME$ |
493 leaves $\Phi$ as new subgoals. |
525 leaves $\Phi$ as new subgoals. |
494 |
526 |
495 Several lists of assumptions may be given (separated by |
527 Several lists of assumptions may be given (separated by |
496 $\isarkeyword{and}$); the resulting list of facts consists of all of these |
528 $\isarkeyword{and}$); the resulting list of current facts consists of all of |
497 concatenated. |
529 these concatenated. |
498 \item [$\DEF{a}{x \equiv t}$] introduces a local (non-polymorphic) definition. |
530 \item [$\DEF{a}{x \equiv t}$] introduces a local (non-polymorphic) definition. |
499 In results exported from the context, $x$ is replaced by $t$. Basically, |
531 In results exported from the context, $x$ is replaced by $t$. Basically, |
500 $\DEF{}{x \equiv t}$ abbreviates $\FIX{x}~\PRESUME{}{x \equiv t}$, with the |
532 $\DEF{}{x \equiv t}$ abbreviates $\FIX{x}~\PRESUME{}{x \equiv t}$, with the |
501 resulting hypothetical equation solved by reflexivity. |
533 resulting hypothetical equation solved by reflexivity. |
502 |
534 |
503 The default name for the definitional equation is $x_def$. |
535 The default name for the definitional equation is $x_def$. |
504 \end{descr} |
536 \end{descr} |
505 |
537 |
506 The special theorem name $prems$\indexisarthm{prems} refers to all current |
538 The special name $prems$\indexisarthm{prems} refers to all assumptions of the |
507 assumptions. |
539 current context as a list of theorems. |
508 |
540 |
509 |
541 |
510 \subsection{Facts and forward chaining} |
542 \subsection{Facts and forward chaining} |
511 |
543 |
512 \indexisarcmd{note}\indexisarcmd{then}\indexisarcmd{from}\indexisarcmd{with} |
544 \indexisarcmd{note}\indexisarcmd{then}\indexisarcmd{from}\indexisarcmd{with} |
534 \begin{descr} |
566 \begin{descr} |
535 \item [$\NOTE{a}{\vec b}$] recalls existing facts $\vec b$, binding the result |
567 \item [$\NOTE{a}{\vec b}$] recalls existing facts $\vec b$, binding the result |
536 as $a$. Note that attributes may be involved as well, both on the left and |
568 as $a$. Note that attributes may be involved as well, both on the left and |
537 right hand sides. |
569 right hand sides. |
538 \item [$\THEN$] indicates forward chaining by the current facts in order to |
570 \item [$\THEN$] indicates forward chaining by the current facts in order to |
539 establish the goal claimed next. The initial proof method invoked to refine |
571 establish the goal to be claimed next. The initial proof method invoked to |
540 that will be offered these facts to do ``anything appropriate'' (see also |
572 refine that will be offered the facts to do ``anything appropriate'' (cf.\ |
541 \S\ref{sec:proof-steps}). For example, method $rule$ (see |
573 also \S\ref{sec:proof-steps}). For example, method $rule$ (see |
542 \S\ref{sec:pure-meth}) would do an elimination rather than an introduction. |
574 \S\ref{sec:pure-meth}) would typically do an elimination rather than an |
|
575 introduction. Automatic methods usually insert the facts into the goal |
|
576 state before operation. |
543 \item [$\FROM{\vec b}$] abbreviates $\NOTE{}{\vec b}~\THEN$; thus $\THEN$ is |
577 \item [$\FROM{\vec b}$] abbreviates $\NOTE{}{\vec b}~\THEN$; thus $\THEN$ is |
544 equivalent to $\FROM{this}$. |
578 equivalent to $\FROM{this}$. |
545 \item [$\WITH{\vec b}$] abbreviates $\FROM{\vec b~facts}$; thus the forward |
579 \item [$\WITH{\vec b}$] abbreviates $\FROM{\vec b~facts}$; thus the forward |
546 chaining is from earlier facts together with the current ones. |
580 chaining is from earlier facts together with the current ones. |
547 \end{descr} |
581 \end{descr} |
548 |
582 |
549 Basic proof methods (such as $rule$, see \S\ref{sec:pure-meth}) expect |
583 Basic proof methods (such as $rule$, see \S\ref{sec:pure-meth}) expect |
550 multiple facts to be given in proper order, corresponding to a prefix of the |
584 multiple facts to be given in their proper order, corresponding to a prefix of |
551 premises of the rule involved. Note that positions may be easily skipped |
585 the premises of the rule involved. Note that positions may be easily skipped |
552 using a form like $\FROM{\text{\texttt{_}}~a~b}$, for example. This involves |
586 using a form like $\FROM{\text{\texttt{_}}~a~b}$, for example. This involves |
553 the rule $\PROP\psi \Imp \PROP\psi$, which is bound in Isabelle/Pure as |
587 the trivial rule $\PROP\psi \Imp \PROP\psi$, which is bound in Isabelle/Pure |
554 ``\texttt{_}'' (underscore).\indexisarthm{_@\texttt{_}} |
588 as ``\texttt{_}'' (underscore).\indexisarthm{_@\texttt{_}} |
555 |
589 |
556 |
590 |
557 \subsection{Goal statements} |
591 \subsection{Goal statements} |
558 |
592 |
559 \indexisarcmd{theorem}\indexisarcmd{lemma} |
593 \indexisarcmd{theorem}\indexisarcmd{lemma} |
582 ; |
616 ; |
583 \end{rail} |
617 \end{rail} |
584 |
618 |
585 \begin{descr} |
619 \begin{descr} |
586 \item [$\THEOREM{a}{\phi}$] enters proof mode with $\phi$ as main goal, |
620 \item [$\THEOREM{a}{\phi}$] enters proof mode with $\phi$ as main goal, |
587 eventually resulting in some theorem $\turn \phi$, and put back into the |
621 eventually resulting in some theorem $\turn \phi$ put back into the theory. |
588 theory. |
|
589 \item [$\LEMMANAME$] is similar to $\THEOREMNAME$, but tags the result as |
622 \item [$\LEMMANAME$] is similar to $\THEOREMNAME$, but tags the result as |
590 ``lemma''. |
623 ``lemma''. |
591 \item [$\HAVE{a}{\phi}$] claims a local goal, eventually resulting in a |
624 \item [$\HAVE{a}{\phi}$] claims a local goal, eventually resulting in a |
592 theorem with the current assumption context as hypotheses. |
625 theorem with the current assumption context as hypotheses. |
593 \item [$\SHOW{a}{\phi}$] is similar to $\HAVE{a}{\phi}$, but solves some |
626 \item [$\SHOW{a}{\phi}$] is similar to $\HAVE{a}{\phi}$, but solves some |
594 pending goal with the result \emph{exported} into the corresponding context. |
627 pending goal with the result \emph{exported} into the corresponding context |
595 \item [$\HENCE{a}{\phi}$] abbreviates $\THEN~\HAVE{a}{\phi}$, i.e.\ claims a |
628 (cf.\ \S\ref{sec:proof-context}). |
596 local goal to be proven by forward chaining the current facts. Note that |
629 \item [$\HENCENAME$] abbreviates $\THEN~\HAVENAME$, i.e.\ claims a local goal |
597 $\HENCENAME$ is equivalent to $\FROM{this}~\HAVENAME$. |
630 to be proven by forward chaining the current facts. Note that $\HENCENAME$ |
598 \item [$\THUS{a}{\phi}$] abbreviates $\THEN~\SHOW{a}{\phi}$. Note that |
631 is also equivalent to $\FROM{this}~\HAVENAME$. |
599 $\THUSNAME$ is equivalent to $\FROM{this}~\SHOWNAME$. |
632 \item [$\THUSNAME$] abbreviates $\THEN~\SHOWNAME$. Note that $\THUSNAME$ is |
|
633 also equivalent to $\FROM{this}~\SHOWNAME$. |
600 \end{descr} |
634 \end{descr} |
601 |
635 |
602 |
636 |
603 \subsection{Initial and terminal proof steps}\label{sec:proof-steps} |
637 \subsection{Initial and terminal proof steps}\label{sec:proof-steps} |
604 |
638 |
628 $\THUSNAME$), which involves an explicit statement of what is to be solved. |
662 $\THUSNAME$), which involves an explicit statement of what is to be solved. |
629 |
663 |
630 \medskip |
664 \medskip |
631 |
665 |
632 Also note that initial proof methods should either solve the goal completely, |
666 Also note that initial proof methods should either solve the goal completely, |
633 or constitute some well-understood deterministic reduction to new sub-goals. |
667 or constitute some well-understood reduction to new sub-goals. Arbitrary |
634 Arbitrary automatic proof tools that are prone leave a large number of badly |
668 automatic proof tools that are prone leave a large number of badly structured |
635 structured sub-goals are no help in continuing the proof document in any |
669 sub-goals are no help in continuing the proof document in any intelligible |
636 intelligible way. A much better technique would be to $\SHOWNAME$ some |
670 way. A much better technique would be to $\SHOWNAME$ some non-trivial |
637 non-trivial reduction as an explicit rule, which is solved completely by some |
671 reduction as an explicit rule, which is solved completely by some automated |
638 automated method, and then applied to some pending goal. |
672 method, and then applied to some pending goal. |
639 |
673 |
640 \medskip |
674 \medskip |
641 |
675 |
642 Unless given explicitly by the user, the default initial method is |
676 Unless given explicitly by the user, the default initial method is |
643 ``$default$'', which is usually set up to apply a single standard elimination |
677 ``$default$'', which is usually set up to apply a single standard elimination |
644 or introduction rule according to the topmost symbol involved. There is no |
678 or introduction rule according to the topmost symbol involved. There is no |
645 default terminal method; in any case the final step is to solve all remaining |
679 separate default terminal method; in any case the final step is to solve all |
646 goals by assumption. |
680 remaining goals by assumption, though. |
647 |
681 |
648 \begin{rail} |
682 \begin{rail} |
649 'proof' interest? meth? comment? |
683 'proof' interest? meth? comment? |
650 ; |
684 ; |
651 'qed' meth? comment? |
685 'qed' meth? comment? |
661 |
695 |
662 \begin{descr} |
696 \begin{descr} |
663 \item [$\PROOF{m@1}$] refines the goal by proof method $m@1$; facts for |
697 \item [$\PROOF{m@1}$] refines the goal by proof method $m@1$; facts for |
664 forward chaining are passed if so indicated by $proof(chain)$ mode. |
698 forward chaining are passed if so indicated by $proof(chain)$ mode. |
665 \item [$\QED{m@2}$] refines any remaining goals by proof method $m@2$ and |
699 \item [$\QED{m@2}$] refines any remaining goals by proof method $m@2$ and |
666 concludes the sub-proof. If the goal had been $\SHOWNAME$ (or $\THUSNAME$), |
700 concludes the sub-proof by assumption. If the goal had been $\SHOWNAME$ (or |
667 some pending sub-goal is solved as well by the rule resulting from the |
701 $\THUSNAME$), some pending sub-goal is solved as well by the rule resulting |
668 result exported to the enclosing goal context. Thus $\QEDNAME$ may fail for |
702 from the result \emph{exported} into the enclosing goal context. Thus |
669 two reasons: either $m@2$ fails to solve all remaining goals completely, or |
703 $\QEDNAME$ may fail for two reasons: either $m@2$ fails, or the resulting |
670 the resulting rule does not resolve with any enclosing goal. Debugging such |
704 rule does not fit to any pending goal\footnote{This includes any additional |
671 a situation might involve temporarily changing $\SHOWNAME$ into $\HAVENAME$, |
705 ``strong'' assumptions as introduced by $\ASSUMENAME$.} of the enclosing |
672 or softening the local context by replacing $\ASSUMENAME$ by $\PRESUMENAME$. |
706 context. Debugging such a situation might involve temporarily changing |
673 \item [$\BYY{m@1}{m@2}$] is a \emph{terminal proof}; it abbreviates |
707 $\SHOWNAME$ into $\HAVENAME$, or weakening the local context by replacing |
674 $\PROOF{m@1}~\QED{m@2}$, with automatic backtracking across both methods. |
708 some occurrences of $\ASSUMENAME$ by $\PRESUMENAME$. |
675 Debugging an unsuccessful $\BYY{m@1}{m@2}$ commands might be done by simply |
709 \item [$\BYY{m@1}{m@2}$] is a \emph{terminal proof}\index{proof!terminal}; it |
676 expanding the abbreviation by hand; note that $\PROOF{m@1}$ is usually |
710 abbreviates $\PROOF{m@1}~\QED{m@2}$, with automatic backtracking across both |
|
711 methods. Debugging an unsuccessful $\BYY{m@1}{m@2}$ commands might be done |
|
712 by expanding its definition; in many cases $\PROOF{m@1}$ is already |
677 sufficient to see what is going wrong. |
713 sufficient to see what is going wrong. |
678 \item [``$\DDOT$''] is a \emph{default proof}; it abbreviates $\BY{default}$. |
714 \item [``$\DDOT$''] is a \emph{default proof}\index{proof!default}; it |
679 \item [``$\DOT$''] is a \emph{trivial proof}; it abbreviates |
715 abbreviates $\BY{default}$. |
680 $\BY{assumption}$. |
716 \item [``$\DOT$''] is a \emph{trivial proof}\index{proof!trivial}; it |
681 \item [$\isarkeyword{sorry}$] is a \emph{fake proof}; provided that |
717 abbreviates $\BY{assumption}$. |
682 \texttt{quick_and_dirty} is enabled, $\isarkeyword{sorry}$ pretends to solve |
718 \item [$\isarkeyword{sorry}$] is a \emph{fake proof}\index{proof!fake}; |
683 the goal without further ado. Of course, the result is a fake theorem only, |
719 provided that \texttt{quick_and_dirty} is enabled, $\isarkeyword{sorry}$ |
684 involving some oracle in its internal derivation object (this is indicated |
720 pretends to solve the goal without further ado. Of course, the result is a |
685 as $[!]$ in the printed result). The main application of |
721 fake theorem only, involving some oracle in its internal derivation object |
686 $\isarkeyword{sorry}$ is to support top-down proof development. |
722 (this is indicated as ``$[!]$'' in the printed result). The main |
|
723 application of $\isarkeyword{sorry}$ is to support experimentation and |
|
724 top-down proof development. |
687 \end{descr} |
725 \end{descr} |
688 |
726 |
689 |
727 |
690 \subsection{Improper proof steps} |
728 \subsection{Improper proof steps} |
691 |
729 |
692 The following commands emulate unstructured tactic scripts to some extent. |
730 The following commands emulate unstructured tactic scripts to some extent. |
693 While these are anathema for writing proper Isar proof documents, they might |
731 While these are anathema for writing proper Isar proof documents, they might |
694 come in handy for exploring and debugging. |
732 come in handy for interactive exploration and debugging. |
695 |
733 |
696 \indexisarcmd{apply}\indexisarcmd{then-apply}\indexisarcmd{back} |
734 \indexisarcmd{apply}\indexisarcmd{then-apply}\indexisarcmd{back} |
697 \begin{matharray}{rcl} |
735 \begin{matharray}{rcl} |
698 \isarcmd{apply}^* & : & \isartrans{proof}{proof} \\ |
736 \isarcmd{apply}^* & : & \isartrans{proof}{proof} \\ |
699 \isarcmd{then_apply}^* & : & \isartrans{proof}{proof} \\ |
737 \isarcmd{then_apply}^* & : & \isartrans{proof}{proof} \\ |
791 |
829 |
792 While Isar is inherently block-structured, opening and closing blocks is |
830 While Isar is inherently block-structured, opening and closing blocks is |
793 mostly handled rather casually, with little explicit user-intervention. Any |
831 mostly handled rather casually, with little explicit user-intervention. Any |
794 local goal statement automatically opens \emph{two} blocks, which are closed |
832 local goal statement automatically opens \emph{two} blocks, which are closed |
795 again when concluding the sub-proof (by $\QEDNAME$ etc.). Sections of |
833 again when concluding the sub-proof (by $\QEDNAME$ etc.). Sections of |
796 different context within a sub-proof are typically switched via |
834 different context within a sub-proof may be switched via $\isarkeyword{next}$, |
797 $\isarkeyword{next}$, which is just a single block-close followed by |
835 which is just a single block-close followed by block-open again. Thus the |
798 block-open again. Thus the effect of $\isarkeyword{next}$ is to reset the |
836 effect of $\isarkeyword{next}$ is a local reset the proof |
799 proof context to that of the head of the sub-proof. Note that there is no |
837 context.\footnote{There is no goal focus involved here!} |
800 goal focus involved here! |
|
801 |
838 |
802 For slightly more advanced applications, there are explicit block parentheses |
839 For slightly more advanced applications, there are explicit block parentheses |
803 as well. These typically achieve a strong forward style of reasoning. |
840 as well. These typically achieve a stronger forward style of reasoning. |
804 |
841 |
805 \begin{descr} |
842 \begin{descr} |
806 \item [$\isarkeyword{next}$] switches to a fresh block within a sub-proof, |
843 \item [$\isarkeyword{next}$] switches to a fresh block within a sub-proof, |
807 resetting the context to the initial one. |
844 resetting the local context to the initial one. |
808 \item [$\isarkeyword{\{\{}$ and $\isarkeyword{\}\}}$] explicitly open and |
845 \item [$\isarkeyword{\{\{}$ and $\isarkeyword{\}\}}$] explicitly open and |
809 close blocks. Any current facts pass through $\isarkeyword{\{\{}$ |
846 close blocks. Any current facts pass through ``$\isarkeyword{\{\{}$'' |
810 unchanged, while $\isarkeyword{\}\}}$ causes them to be \emph{exported} into |
847 unchanged, while ``$\isarkeyword{\}\}}$'' causes any result to be |
811 the enclosing context. Thus fixed variables are generalized, assumptions |
848 \emph{exported} into the enclosing context. Thus fixed variables are |
812 discharged, and local definitions eliminated. There is no difference of |
849 generalized, assumptions discharged, and local definitions unfolded (cf.\ |
813 $\ASSUMENAME$ and $\PRESUMENAME$ here. |
850 \S\ref{sec:proof-context}). There is no difference of $\ASSUMENAME$ and |
|
851 $\PRESUMENAME$ in this mode of forward reasoning --- in contrast to plain |
|
852 backward reasoning with the result exported at $\SHOWNAME$ time. |
814 \end{descr} |
853 \end{descr} |
815 |
854 |
816 |
855 |
817 \section{Other commands} |
856 \section{Other commands} |
818 |
857 |
870 \item [$\isarkeyword{cd}~name$] changes the current directory of the Isabelle |
913 \item [$\isarkeyword{cd}~name$] changes the current directory of the Isabelle |
871 process. |
914 process. |
872 \item [$\isarkeyword{pwd}~$] prints the current working directory. |
915 \item [$\isarkeyword{pwd}~$] prints the current working directory. |
873 \item [$\isarkeyword{use_thy}$, $\isarkeyword{use_thy_only}$, |
916 \item [$\isarkeyword{use_thy}$, $\isarkeyword{use_thy_only}$, |
874 $\isarkeyword{update_thy}$, and $\isarkeyword{update_thy_only}$] load some |
917 $\isarkeyword{update_thy}$, and $\isarkeyword{update_thy_only}$] load some |
875 theory given as $name$ argument. These commands are exactly the same as the |
918 theory given as $name$ argument. These commands are basically the same as |
876 corresponding ML functions (see also \cite[\S1,\S6]{isabelle-ref}). Note |
919 the corresponding ML functions\footnote{For historic reasons, the original |
877 that both the ML and Isar versions may load new- and old-style theories |
920 ML versions also change the theory context to that of the theory loaded.} |
878 alike. |
921 (see also \cite[\S1,\S6]{isabelle-ref}). Note that both the ML and Isar |
879 \end{descr} |
922 versions may load new- and old-style theories alike. |
880 |
923 \end{descr} |
881 Note that these system commands are scarcely used when working with |
924 |
882 Proof~General, since loading of theories is done fully automatic. |
925 Note that these system commands are scarcely used when working with the |
883 |
926 Proof~General interface, since loading of theories is done fully |
|
927 transparently. |
884 |
928 |
885 %%% Local Variables: |
929 %%% Local Variables: |
886 %%% mode: latex |
930 %%% mode: latex |
887 %%% TeX-master: "isar-ref" |
931 %%% TeX-master: "isar-ref" |
888 %%% End: |
932 %%% End: |