From c1d6694b7c5419dcb6ae8c613608db86a5f9b7a6 Mon Sep 17 00:00:00 2001 From: Burkhart Wolff Date: Tue, 22 Sep 2020 14:50:57 +0200 Subject: [PATCH] stiluebungen am PML --- .../TR_MyCommentedIsabelle.thy | 108 ++++++++---------- 1 file changed, 49 insertions(+), 59 deletions(-) diff --git a/examples/technical_report/TR_my_commented_isabelle/TR_MyCommentedIsabelle.thy b/examples/technical_report/TR_my_commented_isabelle/TR_MyCommentedIsabelle.thy index 299bc1a2..dfe746db 100755 --- a/examples/technical_report/TR_my_commented_isabelle/TR_MyCommentedIsabelle.thy +++ b/examples/technical_report/TR_my_commented_isabelle/TR_MyCommentedIsabelle.thy @@ -933,7 +933,9 @@ section*[t24::technical]\Backward Proofs: Tactics, Tacticals and Goal-Stat text\At this point, we leave the Pure-Kernel and start to describe the first layer on top of it, involving support for specific styles of reasoning and automation of reasoning.\ -text\ \<^ML_type>\tactic\'s are in principle \<^emph>\relations\ on theorems \<^ML_type>\thm\; this gives a +text\ \<^ML_type>\tactic\'s are in principle \<^emph>\relations\ on theorems \<^ML_type>\thm\; the relation is + lazy and encoded as function of type \<^ML_type>\thm -> thm Seq.seq\. + This gives a natural way to represent the fact that HO-Unification (and therefore the mechanism of rule-instan- tiation) are non-deterministic in principle. Heuristics may choose particular preferences between the theorems in the range of this relation, but the Isabelle Design accepts this fundamental @@ -946,28 +948,20 @@ text\ \<^ML_type>\tactic\'s are in principle \<^emph>\r non-deterministic composition \<^ML>\op ORELSE\, conditionals, repetitions over lists, etc. The following is an excerpt of \<^file>\~~/src/Pure/tactical.ML\:\ -ML\ -signature TACTICAL = -sig - type tactic = thm -> thm Seq.seq - val all_tac: tactic - val no_tac: tactic - val COND: (thm -> bool) -> tactic -> tactic -> tactic +text\ More specialized variants of \<^ML_structure>\Tactical\'s are: - val THEN: tactic * tactic -> tactic - val ORELSE: tactic * tactic -> tactic - val THEN': ('a -> tactic) * ('a -> tactic) -> 'a -> tactic - val ORELSE': ('a -> tactic) * ('a -> tactic) -> 'a -> tactic +\<^item> \<^ML>\op THEN': ('a -> tactic) * ('a -> tactic) -> 'a -> tactic\ -- lifted version +\<^item> \<^ML>\op ORELSE': ('a -> tactic) * ('a -> tactic) -> 'a -> tactic\ -- lifted version +\<^item> \<^ML>\op TRY: tactic -> tactic\ -- option +\<^item> \<^ML>\op EVERY: tactic list -> tactic\ -- sequential enchainment +\<^item> \<^ML>\op EVERY': ('a -> tactic) list -> 'a -> tactic\ -- lifted version +\<^item> \<^ML>\op FIRST: tactic list -> tactic\ -- alternative enchainment +\<^item> etc. - val TRY: tactic -> tactic - val EVERY: tactic list -> tactic - val EVERY': ('a -> tactic) list -> 'a -> tactic - val FIRST: tactic list -> tactic - (* ... *) -end \ + text\The next layer in the architecture describes @{ML_type \tactic\}'s, i.e. basic operations on theorems in a backward reasoning style (bottom up development of proof-trees). An initial goal-state for some property @{term A} --- the \<^emph>\goal\ --- is constructed via the kernel @@ -982,53 +976,52 @@ text\The next layer in the architecture describes @{ML_type \tactic\ has no premise @{term "E\<^sub>i"}, the subgoal @{term C\<^sub>m} is also eliminated ("closed"). The following abstract of the most commonly used @{ML_type \tactic\}'s drawn from - @{file "~~/src/Pure/tactic.ML"} looks as follows:\ + @{file "~~/src/Pure/tactic.ML"} are summarized as follows: -ML\ - (* ... *) - assume_tac: Proof.context -> int -> tactic; - compose_tac: Proof.context -> (bool * thm * int) -> int -> tactic; - resolve_tac: Proof.context -> thm list -> int -> tactic; - eresolve_tac: Proof.context -> thm list -> int -> tactic; - forward_tac: Proof.context -> thm list -> int -> tactic; - dresolve_tac: Proof.context -> thm list -> int -> tactic; - rotate_tac: int -> int -> tactic; - defer_tac: int -> tactic; - prefer_tac: int -> tactic; - (* ... *) +\<^item> \<^ML>\ assume_tac: Proof.context -> int -> tactic\ +\<^item> \<^ML>\ compose_tac: Proof.context -> (bool * thm * int) -> int -> tactic\ +\<^item> \<^ML>\ resolve_tac: Proof.context -> thm list -> int -> tactic\ +\<^item> \<^ML>\ eresolve_tac: Proof.context -> thm list -> int -> tactic\ +\<^item> \<^ML>\ forward_tac: Proof.context -> thm list -> int -> tactic\ +\<^item> \<^ML>\ dresolve_tac: Proof.context -> thm list -> int -> tactic\ +\<^item> \<^ML>\ rotate_tac: int -> int -> tactic\ +\<^item> \<^ML>\ defer_tac: int -> tactic\ +\<^item> \<^ML>\ prefer_tac: int -> tactic\ +\<^item> ... \ + text\Note that "applying a rule" is a fairly complex operation in the Extended Isabelle Kernel, i.e. the tactic layer. It involves at least four phases, interfacing a theorem coming from the global context $\theta$ (=theory), be it axiom or derived, into a given goal-state. \<^item> \<^emph>\generalization\. All free variables in the theorem were replaced by schematic variables. - For example, @{term "x + y = y + x"} is converted into - @{emph \?x + ?y = ?y + ?x\ }. + For example, \<^term>\x + y = y + x\ is converted into + \?x + ?y = ?y + ?x\. By the way, type variables were treated equally. \<^item> \<^emph>\lifting over assumptions\. If a subgoal is of the form: - @{term "B\<^sub>1 \ B\<^sub>2 \ A"} and we have a theorem @{term "D\<^sub>1 \ D\<^sub>2 \ A"}, then before + \<^term>\B\<^sub>1 \ B\<^sub>2 \ A\ and we have a theorem \<^term>\D\<^sub>1 \ D\<^sub>2 \ A\, then before applying the theorem, the premisses were \<^emph>\lifted\ resulting in the logical refinement: - @{term "(B\<^sub>1 \ B\<^sub>2 \ D\<^sub>1) \ (B\<^sub>1 \ B\<^sub>2 \ D\<^sub>2) \ A"}. Now, @{ML "resolve_tac"}, for example, - will replace the subgoal @{term "B\<^sub>1 \ B\<^sub>2 \ A"} by the subgoals - @{term "B\<^sub>1 \ B\<^sub>2 \ D\<^sub>1"} and @{term "B\<^sub>1 \ B\<^sub>2 \ D\<^sub>2"}. Of course, if the theorem wouldn't - have assumptions @{term "D\<^sub>1"} and @{term "D\<^sub>2"}, the subgoal @{term "A"} would be replaced by + \<^term>\(B\<^sub>1 \ B\<^sub>2 \ D\<^sub>1) \ (B\<^sub>1 \ B\<^sub>2 \ D\<^sub>2) \ A\. Now, \<^ML>\resolve_tac\, for example, + will replace the subgoal \<^term>\B\<^sub>1 \ B\<^sub>2 \ A\ by the subgoals + \<^term>\B\<^sub>1 \ B\<^sub>2 \ D\<^sub>1\ and \<^term>\B\<^sub>1 \ B\<^sub>2 \ D\<^sub>2\. Of course, if the theorem wouldn't + have assumptions \<^term>\D\<^sub>1\ and \<^term>\D\<^sub>2\, the subgoal \<^term>\A\ would be replaced by \<^bold>\nothing\, i.e. deleted. \<^item> \<^emph>\lifting over parameters\. If a subgoal is meta-quantified like in: - @{term "\ x y z. A x y z"}, then a theorem like @{term "D\<^sub>1 \ D\<^sub>2 \ A"} is \<^emph>\lifted\ - to @{term "\ x y z. D\<^sub>1' \ D\<^sub>2' \ A'"}, too. Since free variables occurring in @{term "D\<^sub>1"}, - @{term "D\<^sub>2"} and @{term "A"} have been replaced by schematic variables (see phase one), + \<^term>\\ x y z. A x y z\, then a theorem like \<^term>\D\<^sub>1 \ D\<^sub>2 \ A\ is \<^emph>\lifted\ + to \<^term>\\ x y z. D\<^sub>1' \ D\<^sub>2' \ A'\, too. Since free variables occurring in \<^term>\D\<^sub>1\, + \<^term>\D\<^sub>2\ and \<^term>\A\ have been replaced by schematic variables (see phase one), they must be replaced by parameterized schematic variables, i. e. a kind of skolem function. - For example, @{emph \?x + ?y = ?y + ?x\ } would be lifted to - @{emph \!! x y z. ?x x y z + ?y x y z = ?y x y z + ?x x y z\}. This way, the lifted theorem - can be instantiated by the parameters @{term "x y z"} representing "fresh free variables" + For example, \?x + ?y = ?y + ?x\ would be lifted to + \!! x y z. ?x x y z + ?y x y z = ?y x y z + ?x x y z\. This way, the lifted theorem + can be instantiated by the parameters \x y z\ representing "fresh free variables" used for this sub-proof. This mechanism implements their logically correct bookkeeping via kernel primitives. \<^item> \<^emph>\Higher-order unification (of schematic type and term variables)\. Finally, for all these schematic variables, a solution must be found. - In the case of @{ML resolve_tac}, the conclusion of the (doubly lifted) theorem must - be equal to the conclusion of the subgoal, so @{term A} must be $\alpha/\beta$-equivalent to - @{term A'} in the example above, which is established by a higher-order unification + In the case of \<^ML>\resolve_tac\, the conclusion of the (doubly lifted) theorem must + be equal to the conclusion of the subgoal, so \<^term>\A\ must be \\/\\-equivalent to + \<^term>\A'\ in the example above, which is established by a higher-order unification process. It is a bit unfortunate that for implementation efficiency reasons, a very substantial - part of the code for HO-unification is in the kernel module @{ML_type "thm"}, which makes this + part of the code for HO-unification is in the kernel module \<^ML_type>\thm\, which makes this critical component of the architecture larger than necessary. \ @@ -1038,19 +1031,16 @@ text\In a way, the two lifting processes represent an implementation of th section*[goalp::technical]\The classical goal package\ -text\The main mechanism in Isabelle as an LCF-style system is to produce @{ML_type thm}'s +text\The main mechanism in Isabelle as an LCF-style system is to produce \<^ML_type>\thm\'s in backward-style via tactics as described in @{technical "t24"}. Given a context - --- be it global as @{ML_type theory} or be it inside a proof-context as @{ML_type Proof.context}, + --- be it global as \<^ML_type>\theory\ or be it inside a proof-context as \<^ML_type>\Proof.context\, user-programmed verification of (type-checked) terms or just strings can be done via the - operations:\ + operations: - -ML\ -Goal.prove_internal : Proof.context -> cterm list -> cterm -> (thm list -> tactic) -> thm; - -Goal.prove_global : theory -> string list -> term list -> term -> - ({context: Proof.context, prems: thm list} -> tactic) -> thm; -(* ... and many more variants. *) +\<^item> \<^ML>\Goal.prove_internal : Proof.context -> cterm list -> cterm -> (thm list -> tactic) -> thm\ +\<^item> \<^ML>\Goal.prove_global : theory -> string list -> term list -> term -> + ({context: Proof.context, prems: thm list} -> tactic) -> thm\ +\<^item> ... and many more variants. \ subsection*[ex211::example]\Proof Example (Low-level)\ @@ -1103,7 +1093,7 @@ thm "thm111" -section\The Isar Engine\ +section\Toplevel --- aka. ''The Isar Engine''\ text\The main structure of the Isar-engine is @{ ML_structure Toplevel} and provides and internal @{ ML_type state} with the necessary infrastructure ---