isabelle-cookbook: comparison ProgTutorial/General.thy

equal deleted inserted replaced

-:f118240ab44a
+:9f12e53eb121
 Similarly the function @{ML_ind subst_bounds in Term}, replaces lose bound
 variables with terms. To see how this function works, let us implement a
 function that strips off the outermost quantifiers in a term.
 *}
-ML{*fun strip_alls (Const ("All", _) $ Abs (n, T, t)) =
+ML{*fun strip_alls t =
-strip_alls t |>> cons (Free (n, T))
+let
-| strip_alls t = ([], t) *}
+fun aux (x, T, t) = strip_alls t |>> cons (Free (x, T))
+in
+case t of
+Const ("All", _) $ Abs body => aux body
+| _ => ([], t)
+end*}
 text {*
 The function returns a pair consisting of the stripped off variables and
 the body of the universal quantification. For example
 |> string_of_term @{context}
 |> tracing
 end"
 "x = y"}
-Note that in Line 4 we had to reverse the list of variables that @{ML strip_alls}
+Note that in Line 4 we had to reverse the list of variables that @{ML
-returned. The reason is that the head of the list the function @{ML subst_bounds}
+strip_alls} returned. The reason is that the head of the list the function
-takes is the replacement for @{ML "Bound 0"}, the next element for @{ML "Bound 1"}
+@{ML subst_bounds} takes is the replacement for @{ML "Bound 0"}, the next
-and so on.
+element for @{ML "Bound 1"} and so on.
+Notice also that this function might introduce name clashes, since we
+substitute just a variable with the name recorded in an abstraction. This
+name is by no means unique. If clashes need to be avoided, then we should
+use the function @{ML_ind dest_abs in Term}, which returns the body where
+the lose de Bruijn index is replaced by a unique free variable. For example
+@{ML_response_fake [display,gray]
+"let
+val app = Bound 0 $ Free (\"x\", @{typ nat})
+in
+Term.dest_abs (\"x\", @{typ \"nat \<Rightarrow> bool\"}, app)
+end"
+"(\"xa\", Free (\"xa\", \"nat \<Rightarrow> bool\") $ Free (\"x\", \"nat\"))"}
 There are also many convenient functions that construct specific HOL-terms
 in the structure @{ML_struct HOLogic}. For
 example @{ML_ind mk_eq in HOLogic} constructs an equality out of two terms.
 The types needed in this equality are calculated from the type of the
 @{ML_file "Pure/thm.ML"}, @{ML_file "Pure/more_thm.ML"} and @{ML_file "Pure/drule.ML"}.
 \end{readmore}
 The simplifier can be used to unfold definition in theorms. To show
 this we build the theorem @{term "True \<equiv> True"} (Line 1) and then
-unfold the constant according to its definition (Line 2).
+unfold the constant @{term "True"} according to its definition (Line 2).
 @{ML_response_fake [display,gray,linenos]
 "Thm.reflexive @{cterm \"True\"}
 |> Simplifier.rewrite_rule [@{thm True_def}]
 |> string_of_thm @{context}
 |> tracing"
 "(\<lambda>x. x) = (\<lambda>x. x) \<equiv> (\<lambda>x. x) = (\<lambda>x. x)"}
 Often it is necessary to transform theorems to and from the object
-logic.  For example, the function @{ML_ind rulify in ObjectLogic}
+logic, that is eplacing all @{text "\<longrightarrow>"} and @{text "\<forall>"} with @{text "\<Longrightarrow>"}
-replaces all @{text "\<longrightarrow>"} and @{text "\<forall>"} into the equivalents of the
+and @{text "\<And>"}, respectively.  A reason for such transformations is
-meta logic. For example
+that definitions can only be stated using object logic connectives, while
+theorems using the connectives from the meta logic are more convenient for
+reasoning. The function  @{ML_ind rulify in ObjectLogic} replaces all
+object connectives by equivalents in the meta logic. For example
 @{ML_response_fake [display, gray]
 "ObjectLogic.rulify @{thm foo_test2}"
 "\<lbrakk>?A; ?B\<rbrakk> \<Longrightarrow> ?C"}
 such as @{thm [source] list.induct}, which is of the form
 @{thm [display] list.induct}
 we have to first abstract over the meta variables @{text "?P"} and
-@{text "?list"}. For this we can use the function
+@{text "?list"} in the theorem. For this we can use the function
-@{ML_ind forall_intr_vars in Drule}.
+@{ML_ind forall_intr_vars in Drule}. This allows us to implement the
+following function for atomizing a theorem.
 *}
 ML{*fun atomize_thm thm =
 let
 val thm' = forall_intr_vars thm
 in
 MetaSimplifier.rewrite_rule [thm''] thm'
 end*}
 text {*
-For the theorem @{thm [source] list.induct}, this function produces:
+This function produces for the theorem @{thm [source] list.induct}
 @{ML_response_fake [display, gray]
 "atomize_thm @{thm list.induct}"
 "\<forall>P list. P [] \<longrightarrow> (\<forall>a list. P list \<longrightarrow> P (a # list)) \<longrightarrow> P list"}
 Theorems can also be produced from terms by giving an explicit proof.
-One way to achive this is by using the function @{ML_ind prove in Goal}.
+One way to achive this is by using the function @{ML_ind prove in Goal}
-For example below we prove the term @{term "P \<Longrightarrow> P"}.
+in the structure @{ML_struct Goal}. For example below we prove the term
+@{term "P \<Longrightarrow> P"}.
 @{ML_response_fake [display,gray]
 "let
 val trm = @{term \"P \<Longrightarrow> P::bool\"}
 val tac = K (atac 1)
 in
 Goal.prove @{context} [\"P\"] [] trm tac
 end"
 "?P \<Longrightarrow> ?P"}
-This function takes as second argument a list of strings. This list specifies
+This function takes first a context and second a list of strings. This list
-which variables should be turned into meta-variables once the term is proved.
+specifies which variables should be turned into meta-variables once the term
-The proof is given in form of a tactic as last argument. We explain tactics in
+is proved.  The fourth argument is the term to be proved. The fifth is a
-Chapter~\ref{chp:tactical}. In the code above the tactic proved the theorem
+corresponding proof given in form of a tactic. We explain tactics in
+Chapter~\ref{chp:tactical}. In the code above, the tactic proves the theorem
 by assumption.
-Theorems also contain auxiliary data, such their names and kind, but also
+Theorems also contain auxiliary data, such as the name of the theorem, its
-names for cases etc. This data is stored in a string-string list and can
+kind, the names for cases and so on. This data is stored in a string-string
-be retrieved with the function @{ML_ind get_tags in Thm}. Assume the
+list and can be retrieved with the function @{ML_ind get_tags in
-following lemma.
+Thm}. Assume the following lemma.
 *}
 lemma foo_data: "P \<Longrightarrow> P \<Longrightarrow> P" by assumption
 text {*
-The auxiliary data of this lemma is as follows.
+So far the the auxiliary data of this lemma is:
 @{ML_response_fake [display,gray]
 "Thm.get_tags @{thm foo_data}"
 "[(\"name\", \"General.foo_data\"), (\"kind\", \"lemma\")]"}
-When we store lemmas in the theorem database, we can explicitly extend the data
+When we store lemmas in the theorem database, we may want to explicitly extend
-associated with this lemma by attaching case names.
+this data by attaching case names to the two premises of the lemma.  This can
+be achieved with the function @{ML_ind name in RuleCases}.
 *}
 local_setup %gray {*
 LocalTheory.note Thm.lemmaK
 ((@{binding "foo_data'"}, []),
-[(RuleCases.name ["foo_case1", "foo_case2"]
+[(RuleCases.name ["foo_case_one", "foo_case_two"]
 @{thm foo_data})]) #> snd *}
 text {*
 The data of the theorem @{thm [source] foo_data'} is then as follows:
 @{ML_response_fake [display,gray]
 "Thm.get_tags @{thm foo_data'}"
 "[(\"name\", \"General.foo_data'\"), (\"kind\", \"lemma\"),
-(\"case_names\", \"foo_case1;foo_case2\")]"}
+(\"case_names\", \"foo_case_one;foo_case_two\")]"}
-You notice the difference when using the proof methods @{ML_text cases}
+You can notice the case names on the user level when using the proof
-or @{ML_text induct}. In the proof below
+methods @{ML_text cases} and @{ML_text induct}. In the proof below
 *}
 lemma
-"Q \<Longrightarrow> Q \<Longrightarrow> Q"
+shows "Q \<Longrightarrow> Q \<Longrightarrow> Q"
 proof (cases rule: foo_data')
-print_cases
 (*<*)oops(*>*)
+text_raw{*
-text {*
+\begin{tabular}{@ {}l}
-we can proceed by analysing the cases @{ML_text "foo_case1"} and
+\isacommand{print\_cases}\\
-@{ML_text "foo_case2"}. While if the theorem has no names, then
+@{text "> cases:"}\\
-the cases have standard names @{ML_text 1}, @{ML_text 2} and so
+@{text ">   foo_case_one:"}\\
+@{text ">     let \"?case\" = \"?P\""}\\
+@{text ">   foo_case_two:"}\\
+@{text ">     let \"?case\" = \"?P\""}
+\end{tabular}*}
+text {*
+we can proceed by analysing the cases @{text "foo_case1"} and
+@{text "foo_case2"}. While if the theorem has no names, then
+the cases have standard names @{text 1}, @{text 2} and so
 on. This can be seen in the proof below.
 *}
 lemma
-"Q \<Longrightarrow> Q \<Longrightarrow> Q"
+shows "Q \<Longrightarrow> Q \<Longrightarrow> Q"
 proof (cases rule: foo_data)
-print_cases
 (*<*)oops(*>*)
+text_raw{*
-text {*
+\begin{tabular}{@ {}l}
-TBD below
+\isacommand{print\_cases}\\
+@{text "> cases:"}\\
-One great feature of Isabelle is its document preparation system where
+@{text ">   1:"}\\
+@{text ">     let \"?case\" = \"?P\""}\\
+@{text ">   2:"}\\
+@{text ">     let \"?case\" = \"?P\""}
+\end{tabular}*}
+text {*
+One great feature of Isabelle is its document preparation system, where
 proved theorems can be quoted in the text directly from the formalisation.
+This helps minimises cut-and-paste errors. However, sometimes the verbatim
-(FIXME: example for how to add theorem styles)
+quoting is not what is wanted. For such situations Isabelle allows the
-*}
+installation of \emph{styles}. These are, roughly speaking, functions from
+terms to terms. The input term stands for the theorem to be presented.
-ML {*
+Let us assume we want to display theorems without leading quantifiers.
-fun strip_assums_all (params, Const("all",_) $ Abs(a, T, t)) =
+For this we can implement the following function that strips off
-strip_assums_all ((a, T)::params, t)
+meta-quantifiers.
-| strip_assums_all (params, B) = (params, B)
+*}
-fun style_parm_premise i ctxt t =
+ML {*fun strip_all (Const (@{const_name "All"}, _) $ Abs body) =
-let val prems = Logic.strip_imp_prems t in
+Term.dest_abs body |> snd |> strip_all
-if i <= length prems
+| strip_all (Const (@{const_name "Trueprop"}, _) $ t) = strip_all t
-then let val (params,t) = strip_assums_all([], nth prems (i - 1))
+| strip_all t = t*}
-in subst_bounds(map Free params, t) end
-else error ("Not enough premises for prem" ^ string_of_int i ^
+ML {* strip_all @{term "\<forall>x y z. P x y z"}*}
-" in propositon: " ^ string_of_term ctxt t)
-end;
+text {*
-*}
+Now we can install this function as the theorem style named
+@{text "strip_all"}.
-ML {*
+*}
-strip_assums_all ([], @{term "\<And>x y. A x y"})
-*}
-(*
 setup %gray {*
-TermStyle.add_style "no_all_prem1" (style_parm_premise 1) #>
+Term_Style.setup "strip_all" (Scan.succeed (K strip_all))
-TermStyle.add_style "no_all_prem2" (style_parm_premise 2)
+*}
-*}
-*)
+text {*
-lemma
+We can test the theorem style with the following theorem
-shows "A \<Longrightarrow> B"
+*}
-and   "C \<Longrightarrow> D"
-oops
+theorem style_test:
+shows "\<forall>x y z. (x, x) = (y, z)" sorry
+text {*
+Now printing out the theorem @{thm [source] style_test} normally
+in a document produces
+@{thm [display] style_test}
+as expected. But with the theorem style @{text "@{thm (strip_all) \<dots>}"}
+we obtain
+@{thm [display] (strip_all) style_test}
+without the leading quantifiers. Such theorem styles allow one to
+print out theorems in documents formatted in any way wanted. Next we
+explain theorem attributes, which is another mechanism for treating
+theorems.
+*}
 section {* Theorem Attributes\label{sec:attributes} *}
 text {*

changeset 352	9f12e53eb121
parent 351	f118240ab44a
child 353	e73ccbed776e