# HG changeset patch # User wenzelm # Date 1455099777 -3600 # Node ID c9b1897d4173ba1dda16fb683ac498cd6af2288b # Parent bed456ada96eefc7b6cf2a32c817169f3468f398 misc tuning and updates; diff -r bed456ada96e -r c9b1897d4173 src/Doc/Isar_Ref/Framework.thy --- a/src/Doc/Isar_Ref/Framework.thy Wed Feb 10 10:53:30 2016 +0100 +++ b/src/Doc/Isar_Ref/Framework.thy Wed Feb 10 11:22:57 2016 +0100 @@ -204,9 +204,9 @@ been spelled out more explicitly as ``\<^theory_text>\proof (rule InterI)\''. Note that the rule involves both a local parameter \A\ and an assumption \A \ \\ in the nested reasoning. Such compound rules typically demands a genuine - sub-proof in Isar, working backwards rather than forwards as seen before. In + subproof in Isar, working backwards rather than forwards as seen before. In the proof body we encounter the \<^theory_text>\fix\-\<^theory_text>\assume\-\<^theory_text>\show\ outline of nested - sub-proofs that is typical for Isar. The final \<^theory_text>\show\ is like \<^theory_text>\have\ + subproofs that is typical for Isar. The final \<^theory_text>\show\ is like \<^theory_text>\have\ followed by an additional refinement of the enclosing claim, using the rule derived from the proof body. @@ -384,7 +384,7 @@ \<^medskip> Goals are also represented as rules: \A\<^sub>1 \ \ A\<^sub>n \ C\ states that the - sub-goals \A\<^sub>1, \, A\<^sub>n\ entail the result \C\; for \n = 0\ the goal is + subgoals \A\<^sub>1, \, A\<^sub>n\ entail the result \C\; for \n = 0\ the goal is finished. To allow \C\ being a rule statement itself, there is an internal protective marker \# :: prop \ prop\, which is defined as identity and hidden from the user. We initialize and finish goal states as follows: @@ -398,8 +398,8 @@ Goal states are refined in intermediate proof steps until a finished form is achieved. Here the two main reasoning principles are @{inference - resolution}, for back-chaining a rule against a sub-goal (replacing it by - zero or more sub-goals), and @{inference assumption}, for solving a sub-goal + resolution}, for back-chaining a rule against a subgoal (replacing it by + zero or more subgoals), and @{inference assumption}, for solving a subgoal (finding a short-circuit with local assumptions). Below \\<^vec>x\ stands for \x\<^sub>1, \, x\<^sub>n\ (for \n \ 0\). @@ -447,33 +447,34 @@ Compositions of @{inference assumption} after @{inference resolution} occurs quite often, typically in elimination steps. Traditional Isabelle tactics accommodate this by a combined @{inference_def elim_resolution} principle. - In contrast, Isar uses a slightly more refined combination, where the - assumptions to be closed are marked explicitly, using again the protective - marker \#\: + In contrast, Isar uses a combined refinement rule as follows:\footnote{For + simplicity and clarity, the presentation ignores \<^emph>\weak premises\ as + introduced via \<^theory_text>\presume\ or \<^theory_text>\show \ when\.} + {\small \[ \infer[(@{inference refinement})] - {\(\\<^vec>x. \<^vec>H \<^vec>x \ \<^vec>G' (\<^vec>a \<^vec>x))\ \ C\\} + {\C\\} {\begin{tabular}{rl} - \sub\proof:\ & - \\<^vec>G \<^vec>a \ B \<^vec>a\ \\ - \goal:\ & + \subgoal:\ & \(\\<^vec>x. \<^vec>H \<^vec>x \ B' \<^vec>x) \ C\ \\ - \goal unifier:\ & + \subproof:\ & + \\<^vec>G \<^vec>a \ B \<^vec>a\ \quad for schematic \\<^vec>a\ \\ + \concl unifier:\ & \(\\<^vec>x. B (\<^vec>a \<^vec>x))\ = B'\\ \\ \assm unifiers:\ & - \(\\<^vec>x. G\<^sub>j (\<^vec>a \<^vec>x))\ = #H\<^sub>i\\ \\ - & \quad (for each marked \G\<^sub>j\ some \#H\<^sub>i\) \\ + \(\\<^vec>x. G\<^sub>j (\<^vec>a \<^vec>x))\ = H\<^sub>i\\ \quad for each \G\<^sub>j\ some \H\<^sub>i\ \\ \end{tabular}} - \] + \]} - Here the \sub\proof\ rule stems from the main \<^theory_text>\fix\-\<^theory_text>\assume\-\<^theory_text>\show\ + Here the \subproof\ rule stems from the main \<^theory_text>\fix\-\<^theory_text>\assume\-\<^theory_text>\show\ outline of Isar (cf.\ \secref{sec:framework-subproof}): each assumption - indicated in the text results in a marked premise \G\ above. The marking - enforces resolution against one of the sub-goal's premises. Consequently, - \<^theory_text>\fix\-\<^theory_text>\assume\-\<^theory_text>\show\ enables to fit the result of a sub-proof quite - robustly into a pending sub-goal, while maintaining a good measure of - flexibility. + indicated in the text results in a marked premise \G\ above. Consequently, + \<^theory_text>\fix\-\<^theory_text>\assume\-\<^theory_text>\show\ enables to fit the result of a subproof quite + robustly into a pending subgoal, while maintaining a good measure of + flexibility: the subproof only needs to fit modulo unification, and its + assumptions may be a proper subset of the subgoal premises (see + \secref{sec:framework-subproof}). \ @@ -566,14 +567,14 @@ \<^medskip> Block structure can be indicated explicitly by ``@{command - "{"}~\\\~@{command "}"}'', although the body of a sub-proof already involves + "{"}~\\\~@{command "}"}'', although the body of a subproof already involves implicit nesting. In any case, @{command next} jumps into the next section of a block, i.e.\ it acts like closing an implicit block scope and opening another one; there is no direct correspondence to subgoals here. The remaining elements @{command fix} and @{command assume} build up a local context (see \secref{sec:framework-context}), while @{command show} refines - a pending sub-goal by the rule resulting from a nested sub-proof (see + a pending subgoal by the rule resulting from a nested subproof (see \secref{sec:framework-subproof}). Further derived concepts will support calculational reasoning (see \secref{sec:framework-calc}). \ @@ -661,7 +662,7 @@ that \A x\ may be assumed for some arbitrary-but-fixed \x\. Also note that ``@{command obtain}~\A \ B\'' without parameters is similar to ``@{command have}~\A \ B\'', but the latter involves multiple - sub-goals. + subgoals. \<^medskip> The subsequent Isar proof texts explain all context elements introduced @@ -824,7 +825,7 @@ like @{command have}, @{command show}. A goal statement changes the mode to \prove\, which means that we may now refine the problem via @{command unfolding} or @{command proof}. Then we are again in \state\ mode of a proof - body, which may issue @{command show} statements to solve pending sub-goals. + body, which may issue @{command show} statements to solve pending subgoals. A concluding @{command qed} will return to the original \state\ mode one level upwards. The subsequent Isar/VM trace indicates block structure, linguistic mode, goal state, and inferences: @@ -878,11 +879,11 @@ text \ Here the @{inference refinement} inference from - \secref{sec:framework-resolution} mediates composition of Isar sub-proofs + \secref{sec:framework-resolution} mediates composition of Isar subproofs nicely. Observe that this principle incorporates some degree of freedom in proof composition. In particular, the proof body allows parameters and assumptions to be re-ordered, or commuted according to Hereditary Harrop - Form. Moreover, context elements that are not used in a sub-proof may be + Form. Moreover, context elements that are not used in a subproof may be omitted altogether. For example: \