1 %% $Id$ |
1 %% $Id$ |
2 \chapter{The Classical Reasoner} |
2 \chapter{The Classical Reasoner}\label{chap:classical} |
3 \index{classical reasoner|(} |
3 \index{classical reasoner|(} |
4 \newcommand\ainfer[2]{\begin{array}{r@{\,}l}#2\\ \hline#1\end{array}} |
4 \newcommand\ainfer[2]{\begin{array}{r@{\,}l}#2\\ \hline#1\end{array}} |
5 |
5 |
6 Although Isabelle is generic, many users will be working in some extension |
6 Although Isabelle is generic, many users will be working in some extension |
7 of classical first-order logic. Isabelle's set theory~{\tt ZF} is built |
7 of classical first-order logic. Isabelle's set theory~{\tt ZF} is built |
107 the rule $(\neg L)$ has no effect under our representation of sequents! |
107 the rule $(\neg L)$ has no effect under our representation of sequents! |
108 $$ \ainfer{\neg P,\Gamma &\turn \Delta}{\Gamma &\turn \Delta,P} |
108 $$ \ainfer{\neg P,\Gamma &\turn \Delta}{\Gamma &\turn \Delta,P} |
109 \eqno({\neg}L) $$ |
109 \eqno({\neg}L) $$ |
110 What about reasoning on the right? Introduction rules can only affect the |
110 What about reasoning on the right? Introduction rules can only affect the |
111 formula in the conclusion, namely~$Q@1$. The other right-side formulae are |
111 formula in the conclusion, namely~$Q@1$. The other right-side formulae are |
112 represented as negated assumptions, $\neg Q@2$, \ldots,~$\neg Q@n$. In |
112 represented as negated assumptions, $\neg Q@2$, \ldots,~$\neg Q@n$. |
113 order to operate on one of these, it must first be exchanged with~$Q@1$. |
113 \index{assumptions!negated} |
|
114 In order to operate on one of these, it must first be exchanged with~$Q@1$. |
114 Elim-resolution with the {\bf swap} rule has this effect: |
115 Elim-resolution with the {\bf swap} rule has this effect: |
115 $$ \List{\neg P; \; \neg R\Imp P} \Imp R \eqno(swap)$$ |
116 $$ \List{\neg P; \; \neg R\Imp P} \Imp R \eqno(swap)$$ |
116 To ensure that swaps occur only when necessary, each introduction rule is |
117 To ensure that swaps occur only when necessary, each introduction rule is |
117 converted into a swapped form: it is resolved with the second premise |
118 converted into a swapped form: it is resolved with the second premise |
118 of~$(swap)$. The swapped form of~$({\conj}I)$, which might be |
119 of~$(swap)$. The swapped form of~$({\conj}I)$, which might be |
174 in an infinite search space. However, quantifier replication is too |
175 in an infinite search space. However, quantifier replication is too |
175 expensive to prove any but the simplest theorems. |
176 expensive to prove any but the simplest theorems. |
176 |
177 |
177 |
178 |
178 \section{Classical rule sets} |
179 \section{Classical rule sets} |
179 \index{classical sets|bold} |
180 \index{classical sets} |
180 Each automatic tactic takes a {\bf classical rule set} --- a collection of |
181 Each automatic tactic takes a {\bf classical set} --- a collection of |
181 rules, classified as introduction or elimination and as {\bf safe} or {\bf |
182 rules, classified as introduction or elimination and as {\bf safe} or {\bf |
182 unsafe}. In general, safe rules can be attempted blindly, while unsafe |
183 unsafe}. In general, safe rules can be attempted blindly, while unsafe |
183 rules must be used with care. A safe rule must never reduce a provable |
184 rules must be used with care. A safe rule must never reduce a provable |
184 goal to an unprovable set of subgoals. |
185 goal to an unprovable set of subgoals. |
185 |
186 |
201 instantiates an unknown in the proof state --- thus \ttindex{match_tac} |
202 instantiates an unknown in the proof state --- thus \ttindex{match_tac} |
202 must be used, rather than \ttindex{resolve_tac}. Even proof by assumption |
203 must be used, rather than \ttindex{resolve_tac}. Even proof by assumption |
203 is unsafe if it instantiates unknowns shared with other subgoals --- thus |
204 is unsafe if it instantiates unknowns shared with other subgoals --- thus |
204 \ttindex{eq_assume_tac} must be used, rather than \ttindex{assume_tac}. |
205 \ttindex{eq_assume_tac} must be used, rather than \ttindex{assume_tac}. |
205 |
206 |
206 Classical rule sets belong to the abstract type \ttindexbold{claset}, which |
207 Classical rule sets belong to the abstract type \mltydx{claset}, which |
207 supports the following operations (provided the classical reasoner is |
208 supports the following operations (provided the classical reasoner is |
208 installed!): |
209 installed!): |
209 \begin{ttbox} |
210 \begin{ttbox} |
210 empty_cs : claset |
211 empty_cs : claset |
211 addSIs : claset * thm list -> claset \hfill{\bf infix 4} |
212 addSIs : claset * thm list -> claset \hfill{\bf infix 4} |
250 tried first (see \S\ref{biresolve_tac}). |
251 tried first (see \S\ref{biresolve_tac}). |
251 |
252 |
252 For a given classical set, the proof strategy is simple. Perform as many |
253 For a given classical set, the proof strategy is simple. Perform as many |
253 safe inferences as possible; or else, apply certain safe rules, allowing |
254 safe inferences as possible; or else, apply certain safe rules, allowing |
254 instantiation of unknowns; or else, apply an unsafe rule. The tactics may |
255 instantiation of unknowns; or else, apply an unsafe rule. The tactics may |
255 also apply \ttindex{hyp_subst_tac}, if they have been set up to do so (see |
256 also apply {\tt hyp_subst_tac}, if they have been set up to do so (see |
256 below). They may perform a form of Modus Ponens: if there are assumptions |
257 below). They may perform a form of Modus Ponens: if there are assumptions |
257 $P\imp Q$ and~$P$, then replace $P\imp Q$ by~$Q$. |
258 $P\imp Q$ and~$P$, then replace $P\imp Q$ by~$Q$. |
258 |
259 |
259 |
260 |
260 \section{The classical tactics} |
261 \section{The classical tactics} |
261 \index{classical prover!tactics|bold} |
262 \index{classical reasoner!tactics} |
262 \index{tactics!for classical proof|bold} |
|
263 If installed, the classical module provides several tactics (and other |
263 If installed, the classical module provides several tactics (and other |
264 operations) for simulating the classical sequent calculus. |
264 operations) for simulating the classical sequent calculus. |
265 |
265 |
266 \subsection{Single-step tactics} |
266 \subsection{Single-step tactics} |
267 \begin{ttbox} |
267 \begin{ttbox} |
273 \end{ttbox} |
273 \end{ttbox} |
274 The automatic proof procedures call these tactics. By calling them |
274 The automatic proof procedures call these tactics. By calling them |
275 yourself, you can execute these procedures one step at a time. |
275 yourself, you can execute these procedures one step at a time. |
276 \begin{ttdescription} |
276 \begin{ttdescription} |
277 \item[\ttindexbold{safe_step_tac} $cs$ $i$] performs a safe step on |
277 \item[\ttindexbold{safe_step_tac} $cs$ $i$] performs a safe step on |
278 subgoal~$i$. This may include proof by assumption or Modus Ponens, taking |
278 subgoal~$i$. This may include proof by assumption or Modus Ponens (taking |
279 care not to instantiate unknowns, or \ttindex{hyp_subst_tac}. |
279 care not to instantiate unknowns), or {\tt hyp_subst_tac}. |
280 |
280 |
281 \item[\ttindexbold{safe_tac} $cs$] repeatedly performs safe steps on all |
281 \item[\ttindexbold{safe_tac} $cs$] repeatedly performs safe steps on all |
282 subgoals. It is deterministic, with at most one outcome. If the automatic |
282 subgoals. It is deterministic, with at most one outcome. If the automatic |
283 tactics fail, try using {\tt safe_tac} to open up your formula; then you |
283 tactics fail, try using {\tt safe_tac} to open up your formula; then you |
284 can replicate certain quantifiers explicitly by applying appropriate rules. |
284 can replicate certain quantifiers explicitly by applying appropriate rules. |
317 function is supplied when the classical reasoner is set up. |
317 function is supplied when the classical reasoner is set up. |
318 \end{ttdescription} |
318 \end{ttdescription} |
319 |
319 |
320 |
320 |
321 \subsection{Other useful tactics} |
321 \subsection{Other useful tactics} |
322 \index{tactics!for contradiction|bold} |
322 \index{tactics!for contradiction} |
323 \index{tactics!for Modus Ponens|bold} |
323 \index{tactics!for Modus Ponens} |
324 \begin{ttbox} |
324 \begin{ttbox} |
325 contr_tac : int -> tactic |
325 contr_tac : int -> tactic |
326 mp_tac : int -> tactic |
326 mp_tac : int -> tactic |
327 eq_mp_tac : int -> tactic |
327 eq_mp_tac : int -> tactic |
328 swap_res_tac : thm list -> int -> tactic |
328 swap_res_tac : thm list -> int -> tactic |
329 \end{ttbox} |
329 \end{ttbox} |
330 These can be used in the body of a specialized search. |
330 These can be used in the body of a specialized search. |
331 \begin{ttdescription} |
331 \begin{ttdescription} |
332 \item[\ttindexbold{contr_tac} {\it i}] solves subgoal~$i$ by detecting a |
332 \item[\ttindexbold{contr_tac} {\it i}]\index{assumptions!contradictory} |
333 contradiction among two assumptions of the form $P$ and~$\neg P$, or fail. |
333 solves subgoal~$i$ by detecting a contradiction among two assumptions of |
334 It may instantiate unknowns. The tactic can produce multiple outcomes, |
334 the form $P$ and~$\neg P$, or fail. It may instantiate unknowns. The |
335 enumerating all possible contradictions. |
335 tactic can produce multiple outcomes, enumerating all possible |
|
336 contradictions. |
336 |
337 |
337 \item[\ttindexbold{mp_tac} {\it i}] |
338 \item[\ttindexbold{mp_tac} {\it i}] |
338 is like {\tt contr_tac}, but also attempts to perform Modus Ponens in |
339 is like {\tt contr_tac}, but also attempts to perform Modus Ponens in |
339 subgoal~$i$. If there are assumptions $P\imp Q$ and~$P$, then it replaces |
340 subgoal~$i$. If there are assumptions $P\imp Q$ and~$P$, then it replaces |
340 $P\imp Q$ by~$Q$. It may instantiate unknowns. It fails if it can do |
341 $P\imp Q$ by~$Q$. It may instantiate unknowns. It fails if it can do |
344 is like {\tt mp_tac} {\it i}, but may not instantiate unknowns --- thus, it |
345 is like {\tt mp_tac} {\it i}, but may not instantiate unknowns --- thus, it |
345 is safe. |
346 is safe. |
346 |
347 |
347 \item[\ttindexbold{swap_res_tac} {\it thms} {\it i}] refines subgoal~$i$ of |
348 \item[\ttindexbold{swap_res_tac} {\it thms} {\it i}] refines subgoal~$i$ of |
348 the proof state using {\it thms}, which should be a list of introduction |
349 the proof state using {\it thms}, which should be a list of introduction |
349 rules. First, it attempts to solve the goal using \ttindex{assume_tac} or |
350 rules. First, it attempts to solve the goal using {\tt assume_tac} or |
350 {\tt contr_tac}. It then attempts to apply each rule in turn, attempting |
351 {\tt contr_tac}. It then attempts to apply each rule in turn, attempting |
351 resolution and also elim-resolution with the swapped form. |
352 resolution and also elim-resolution with the swapped form. |
352 \end{ttdescription} |
353 \end{ttdescription} |
353 |
354 |
354 \subsection{Creating swapped rules} |
355 \subsection{Creating swapped rules} |
367 elim-resolution). |
368 elim-resolution). |
368 \end{ttdescription} |
369 \end{ttdescription} |
369 |
370 |
370 |
371 |
371 \section{Setting up the classical reasoner} |
372 \section{Setting up the classical reasoner} |
372 \index{classical reasoner!setting up|bold} |
373 \index{classical reasoner!setting up} |
373 Isabelle's classical object-logics, including {\tt FOL} and {\tt HOL}, have |
374 Isabelle's classical object-logics, including {\tt FOL} and {\tt HOL}, have |
374 the classical reasoner already set up. When defining a new classical logic, |
375 the classical reasoner already set up. When defining a new classical logic, |
375 you should set up the reasoner yourself. It consists of the \ML{} functor |
376 you should set up the reasoner yourself. It consists of the \ML{} functor |
376 \ttindex{ClassicalFun}, which takes the argument |
377 \ttindex{ClassicalFun}, which takes the argument |
377 signature\indexbold{*CLASSICAL_DATA} |
378 signature {\tt CLASSICAL_DATA}: |
378 \begin{ttbox} |
379 \begin{ttbox} |
379 signature CLASSICAL_DATA = |
380 signature CLASSICAL_DATA = |
380 sig |
381 sig |
381 val mp : thm |
382 val mp : thm |
382 val not_elim : thm |
383 val not_elim : thm |
385 val hyp_subst_tacs : (int -> tactic) list |
386 val hyp_subst_tacs : (int -> tactic) list |
386 end; |
387 end; |
387 \end{ttbox} |
388 \end{ttbox} |
388 Thus, the functor requires the following items: |
389 Thus, the functor requires the following items: |
389 \begin{ttdescription} |
390 \begin{ttdescription} |
390 \item[\ttindexbold{mp}] should be the Modus Ponens rule |
391 \item[\tdxbold{mp}] should be the Modus Ponens rule |
391 $\List{\Var{P}\imp\Var{Q};\; \Var{P}} \Imp \Var{Q}$. |
392 $\List{\Var{P}\imp\Var{Q};\; \Var{P}} \Imp \Var{Q}$. |
392 |
393 |
393 \item[\ttindexbold{not_elim}] should be the contradiction rule |
394 \item[\tdxbold{not_elim}] should be the contradiction rule |
394 $\List{\neg\Var{P};\; \Var{P}} \Imp \Var{R}$. |
395 $\List{\neg\Var{P};\; \Var{P}} \Imp \Var{R}$. |
395 |
396 |
396 \item[\ttindexbold{swap}] should be the swap rule |
397 \item[\tdxbold{swap}] should be the swap rule |
397 $\List{\neg \Var{P}; \; \neg \Var{R}\Imp \Var{P}} \Imp \Var{R}$. |
398 $\List{\neg \Var{P}; \; \neg \Var{R}\Imp \Var{P}} \Imp \Var{R}$. |
398 |
399 |
399 \item[\ttindexbold{sizef}] is the heuristic function used for best-first |
400 \item[\ttindexbold{sizef}] is the heuristic function used for best-first |
400 search. It should estimate the size of the remaining subgoals. A good |
401 search. It should estimate the size of the remaining subgoals. A good |
401 heuristic function is \ttindex{size_of_thm}, which measures the size of the |
402 heuristic function is \ttindex{size_of_thm}, which measures the size of the |
402 proof state. Another size function might ignore certain subgoals (say, |
403 proof state. Another size function might ignore certain subgoals (say, |
403 those concerned with type checking). A heuristic function might simply |
404 those concerned with type checking). A heuristic function might simply |
404 count the subgoals. |
405 count the subgoals. |
405 |
406 |
406 \item[\ttindexbold{hyp_subst_tac}] is a list of tactics for substitution in |
407 \item[\ttindexbold{hyp_subst_tacs}] is a list of tactics for substitution in |
407 the hypotheses, typically created by \ttindex{HypsubstFun} (see |
408 the hypotheses, typically created by \ttindex{HypsubstFun} (see |
408 Chapter~\ref{substitution}). This list can, of course, be empty. The |
409 Chapter~\ref{substitution}). This list can, of course, be empty. The |
409 tactics are assumed to be safe! |
410 tactics are assumed to be safe! |
410 \end{ttdescription} |
411 \end{ttdescription} |
411 The functor is not at all sensitive to the formalization of the |
412 The functor is not at all sensitive to the formalization of the |
412 object-logic. It does not even examine the rules, but merely applies them |
413 object-logic. It does not even examine the rules, but merely applies them |
413 according to its fixed strategy. The functor resides in {\tt |
414 according to its fixed strategy. The functor resides in {\tt |
414 Provers/classical.ML} on the Isabelle distribution directory. |
415 Provers/classical.ML} in the Isabelle distribution directory. |
415 |
416 |
416 \index{classical prover|)} |
417 \index{classical reasoner|)} |