locales 1 C ONTENT Intro & motivation, getting started with - - PowerPoint PPT Presentation
NICTA Advanced Course Theorem Proving Principles, Techniques, Applications locales 1 C ONTENT Intro & motivation, getting started with Isabelle Foundations & Principles Lambda Calculus Higher Order Logic, natural
NICTA Advanced Course Theorem Proving Principles, Techniques, Applications
1
CONTENT
➜ Intro & motivation, getting started with Isabelle ➜ Foundations & Principles
➜ Proof & Specification Techniques
CONTENT 2
LAST TIME
➜ Syntax and semantics of IMP ➜ Hoare logic rules ➜ Soundness of Hoare logic ➜ Verification conditions ➜ Example program proofs
LAST TIME 3
ISAR IS BASED ON CONTEXTS
theorem x. A = ⇒ C proof - fix x assume Ass: A . . . from Ass show C . . . qed
ISAR IS BASED ON CONTEXTS 4
ISAR IS BASED ON CONTEXTS
theorem x. A = ⇒ C proof - fix x assume Ass: A . . . x and Ass are visible from Ass show C . . . inside this context qed
ISAR IS BASED ON CONTEXTS 4-A
BEYOND ISAR CONTEXTS
Locales are extended contexts
BEYOND ISAR CONTEXTS 5
BEYOND ISAR CONTEXTS
Locales are extended contexts
➜ Locales are named
BEYOND ISAR CONTEXTS 5-A
BEYOND ISAR CONTEXTS
Locales are extended contexts
➜ Locales are named ➜ Fixed variables may have syntax
BEYOND ISAR CONTEXTS 5-B
BEYOND ISAR CONTEXTS
Locales are extended contexts
➜ Locales are named ➜ Fixed variables may have syntax ➜ It is possible to add and export theorems
BEYOND ISAR CONTEXTS 5-C
BEYOND ISAR CONTEXTS
Locales are extended contexts
➜ Locales are named ➜ Fixed variables may have syntax ➜ It is possible to add and export theorems ➜ Locale expression: combine and modify locales
BEYOND ISAR CONTEXTS 5-D
CONTEXT ELEMENTS
Locales consist of context elements.
CONTEXT ELEMENTS 6
CONTEXT ELEMENTS
Locales consist of context elements. fixes Parameter, with syntax
CONTEXT ELEMENTS 6-A
CONTEXT ELEMENTS
Locales consist of context elements. fixes Parameter, with syntax assumes Assumption
CONTEXT ELEMENTS 6-B
CONTEXT ELEMENTS
Locales consist of context elements. fixes Parameter, with syntax assumes Assumption defines Definition
CONTEXT ELEMENTS 6-C
CONTEXT ELEMENTS
Locales consist of context elements. fixes Parameter, with syntax assumes Assumption defines Definition notes Record a theorem
CONTEXT ELEMENTS 6-D
CONTEXT ELEMENTS
Locales consist of context elements. fixes Parameter, with syntax assumes Assumption defines Definition notes Record a theorem includes Import other locales (locale expressions)
CONTEXT ELEMENTS 6-E
DECLARING LOCALES
Declaring locale (named context) loc: locale loc =
DECLARING LOCALES 7
DECLARING LOCALES
Declaring locale (named context) loc: locale loc = loc1 + Import
DECLARING LOCALES 7-A
DECLARING LOCALES
Declaring locale (named context) loc: locale loc = loc1 + Import fixes . . . Context elements assumes . . .
DECLARING LOCALES 7-B
DECLARING LOCALES
Theorems may be stated relative to a named locale. lemma (in loc) P [simp]: proposition proof
DECLARING LOCALES 8
DECLARING LOCALES
Theorems may be stated relative to a named locale. lemma (in loc) P [simp]: proposition proof
➜ Adds theorem P to context loc.
DECLARING LOCALES 8-A
DECLARING LOCALES
Theorems may be stated relative to a named locale. lemma (in loc) P [simp]: proposition proof
➜ Adds theorem P to context loc. ➜ Theorem P is in the simpset in context loc.
DECLARING LOCALES 8-B
DECLARING LOCALES
Theorems may be stated relative to a named locale. lemma (in loc) P [simp]: proposition proof
➜ Adds theorem P to context loc. ➜ Theorem P is in the simpset in context loc. ➜ Exported theorem loc.P visible in the entire theory.
DECLARING LOCALES 8-C
9
PARAMETERS MUST BE CONSISTENT!
➜ Parameters in fixes are distinct.
PARAMETERS MUST BE CONSISTENT! 10
PARAMETERS MUST BE CONSISTENT!
➜ Parameters in fixes are distinct. ➜ Free variables in assumes and defines occur in preceding fixes.
PARAMETERS MUST BE CONSISTENT! 10-A
PARAMETERS MUST BE CONSISTENT!
➜ Parameters in fixes are distinct. ➜ Free variables in assumes and defines occur in preceding fixes. ➜ Defined parameters cannot occur in preceding assumes nor defines.
PARAMETERS MUST BE CONSISTENT! 10-B
LOCALE EXPRESSIONS
Locale name: n
LOCALE EXPRESSIONS 11
LOCALE EXPRESSIONS
Locale name: n Rename: e q1 . . . qn Change names of parameters in e.
LOCALE EXPRESSIONS 11-A
LOCALE EXPRESSIONS
Locale name: n Rename: e q1 . . . qn Change names of parameters in e. Merge: e1 + e2 Context elements of e1, then e2.
LOCALE EXPRESSIONS 11-B
LOCALE EXPRESSIONS
Locale name: n Rename: e q1 . . . qn Change names of parameters in e. Merge: e1 + e2 Context elements of e1, then e2.
➜ Syntax is lost after rename (currently).
LOCALE EXPRESSIONS 11-C
12
NORMAL FORM OF LOCALE EXPRESSIONS
Locale expressions are converted to flattened lists of locale names.
NORMAL FORM OF LOCALE EXPRESSIONS 13
NORMAL FORM OF LOCALE EXPRESSIONS
Locale expressions are converted to flattened lists of locale names.
➜ With full parameter lists
NORMAL FORM OF LOCALE EXPRESSIONS 13-A
NORMAL FORM OF LOCALE EXPRESSIONS
Locale expressions are converted to flattened lists of locale names.
➜ With full parameter lists ➜ Duplicates removed
NORMAL FORM OF LOCALE EXPRESSIONS 13-B
NORMAL FORM OF LOCALE EXPRESSIONS
Locale expressions are converted to flattened lists of locale names.
➜ With full parameter lists ➜ Duplicates removed
Allows for multiple inheritance!
NORMAL FORM OF LOCALE EXPRESSIONS 13-C
INSTANTIATION
Move from abstract to concrete.
INSTANTIATION 14
INSTANTIATION
Move from abstract to concrete. instantiate label: loc
INSTANTIATION 14-A
INSTANTIATION
Move from abstract to concrete. instantiate label: loc
➜ From chained fact loc t1 . . . tn instantiate locale loc.
INSTANTIATION 14-B
INSTANTIATION
Move from abstract to concrete. instantiate label: loc
➜ From chained fact loc t1 . . . tn instantiate locale loc. ➜ Imports all theorems of loc into current context.
INSTANTIATION 14-C
INSTANTIATION
Move from abstract to concrete. instantiate label: loc
➜ From chained fact loc t1 . . . tn instantiate locale loc. ➜ Imports all theorems of loc into current context.
INSTANTIATION 14-D
INSTANTIATION
Move from abstract to concrete. instantiate label: loc
➜ From chained fact loc t1 . . . tn instantiate locale loc. ➜ Imports all theorems of loc into current context.
➜ Currently only works inside Isar contexts.
INSTANTIATION 14-E
15
16
ISABELLE’S BATCH MODE
➜ used to process and check larger number of theories
ISABELLE’S BATCH MODE 17
ISABELLE’S BATCH MODE
➜ used to process and check larger number of theories ➜ no interactive niceties (no sorry, no quick and dirty)
ISABELLE’S BATCH MODE 17-A
ISABELLE’S BATCH MODE
➜ used to process and check larger number of theories ➜ no interactive niceties (no sorry, no quick and dirty) ➜ controlled by file ROOT.ML and script set isatool
ISABELLE’S BATCH MODE 17-B
ISABELLE’S BATCH MODE
➜ used to process and check larger number of theories ➜ no interactive niceties (no sorry, no quick and dirty) ➜ controlled by file ROOT.ML and script set isatool ➜ can save state for later use (images)
ISABELLE’S BATCH MODE 17-C
ISABELLE’S BATCH MODE
➜ used to process and check larger number of theories ➜ no interactive niceties (no sorry, no quick and dirty) ➜ controlled by file ROOT.ML and script set isatool ➜ can save state for later use (images) ➜ can generate HTML and L
AT
EX documentation
ISABELLE’S BATCH MODE 17-D
ISATOOL
isatool <tool> <options>
ISATOOL 18
ISATOOL
isatool <tool> <options> Get help with: isatool shows available tools isatool <tool> -? shows options for <tool>
ISATOOL 18-A
ISATOOL
isatool <tool> <options> Get help with: isatool shows available tools isatool <tool> -? shows options for <tool> Interesting tools: isatool mkdir create session directory make/makeall run make for directory/all logics usedir batch session (documents, HTML, session graph) document/latex run L
AT
EX for generated sources
ISATOOL 18-B
GENERATING L
ATEX FROM ISABELLE
<..>/isatool usedir -d pdf HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyTheory.thy <..>/<session>/document/root.tex
GENERATING L
ATEX FROM ISABELLE
19
GENERATING L
ATEX FROM ISABELLE
<..>/isatool usedir -d pdf HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyTheory.thy <..>/<session>/document/root.tex
➜ In ROOT.ML: no\_document use_thy "MyLibrary"; use_thy "MyTheory";
GENERATING L
ATEX FROM ISABELLE
19-A
GENERATING L
ATEX FROM ISABELLE
<..>/isatool usedir -d pdf HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyTheory.thy <..>/<session>/document/root.tex
➜ In ROOT.ML: no\_document use_thy "MyLibrary"; use_thy "MyTheory"; ➜ In document/root.tex:
session.tex (for all theories) or MyTheory.tex
GENERATING L
ATEX FROM ISABELLE
19-B
20
LARGE DEVELOPMENTS
Creating Images: <..>/<session>/isatool usedir -b HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyLibrary.thy
LARGE DEVELOPMENTS 21
LARGE DEVELOPMENTS
Creating Images: <..>/<session>/isatool usedir -b HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyLibrary.thy
➜ Processes ROOT.ML
LARGE DEVELOPMENTS 21-A
LARGE DEVELOPMENTS
Creating Images: <..>/<session>/isatool usedir -b HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyLibrary.thy
➜ Processes ROOT.ML ➜ Saves state after processing in ˜/isabelle/heaps/<ML-system>/HOL-<session>
LARGE DEVELOPMENTS 21-B
LARGE DEVELOPMENTS
Creating Images: <..>/<session>/isatool usedir -b HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyLibrary.thy
➜ Processes ROOT.ML ➜ Saves state after processing in ˜/isabelle/heaps/<ML-system>/HOL-<session> ➜ Makes HOL-<session> available as logic in menu Isabelle→Logics
LARGE DEVELOPMENTS 21-C
LARGE DEVELOPMENTS
Creating Images: <..>/<session>/isatool usedir -b HOL <session> <..>/<session>/ROOT.ML <..>/<session>/MyLibrary.thy
➜ Processes ROOT.ML ➜ Saves state after processing in ˜/isabelle/heaps/<ML-system>/HOL-<session> ➜ Makes HOL-<session> available as logic in menu Isabelle→Logics ➜ Direct start of Isabelle with new logic: Isabelle -l HOL-<session>
LARGE DEVELOPMENTS 21-D
MARKUP COMMANDS
➜ document structure commands:
MARKUP COMMANDS 22
MARKUP COMMANDS
➜ document structure commands: header section subsection subsubsection (meaning defined in isabelle.sty)
MARKUP COMMANDS 22-A
MARKUP COMMANDS
➜ document structure commands: header section subsection subsubsection (meaning defined in isabelle.sty) ➜ normal text text {∗ . . . ∗} text raw {∗ . . . ∗}
MARKUP COMMANDS 22-B
MARKUP COMMANDS
➜ document structure commands: header section subsection subsubsection (meaning defined in isabelle.sty) ➜ normal text text {∗ . . . ∗} text raw {∗ . . . ∗} ➜ text inside proofs txt {∗ . . . ∗} txt raw {∗ . . . ∗}
MARKUP COMMANDS 22-C
MARKUP COMMANDS
➜ document structure commands: header section subsection subsubsection (meaning defined in isabelle.sty) ➜ normal text text {∗ . . . ∗} text raw {∗ . . . ∗} ➜ text inside proofs txt {∗ . . . ∗} txt raw {∗ . . . ∗} ➜ formal comments
MARKUP COMMANDS 22-D
MARKUP COMMANDS
➜ document structure commands: header section subsection subsubsection (meaning defined in isabelle.sty) ➜ normal text text {∗ . . . ∗} text raw {∗ . . . ∗} ➜ text inside proofs txt {∗ . . . ∗} txt raw {∗ . . . ∗} ➜ formal comments
➜ make text invisible: (∗ < ∗) . . . (∗ > ∗)
MARKUP COMMANDS 22-E
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations:
ANTIQUOTATIONS 23
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations: @{typ τ} print type τ
ANTIQUOTATIONS 23-A
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations: @{typ τ} print type τ @{term t} print term t
ANTIQUOTATIONS 23-B
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations: @{typ τ} print type τ @{term t} print term t @{prop φ} print proposition φ @{prop [display] φ} print proposition φ with linebreaks @{prop [source] φ} check proposition φ, print its input
ANTIQUOTATIONS 23-C
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations: @{typ τ} print type τ @{term t} print term t @{prop φ} print proposition φ @{prop [display] φ} print proposition φ with linebreaks @{prop [source] φ} check proposition φ, print its input @{thm a} print fact a @{thm a [no vars]} print fact a, fixing schematic variables @{thm [source] a} check availability of a, print its name
ANTIQUOTATIONS 23-D
ANTIQUOTATIONS
Inside L
AT
EX you can go back to Isabelle commands and syntax. Useful Antiquotations: @{typ τ} print type τ @{term t} print term t @{prop φ} print proposition φ @{prop [display] φ} print proposition φ with linebreaks @{prop [source] φ} check proposition φ, print its input @{thm a} print fact a @{thm a [no vars]} print fact a, fixing schematic variables @{thm [source] a} check availability of a, print its name @{text s} print uninterpreted text s
ANTIQUOTATIONS 23-E
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
WRITING ABOUT ISABELLE THEORIES 24
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
To write a paper/thesis about a formal development
➜ use a separate theory/document on top of the development
WRITING ABOUT ISABELLE THEORIES 24-A
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
To write a paper/thesis about a formal development
➜ use a separate theory/document on top of the development ➜ only talk about the interesting parts
WRITING ABOUT ISABELLE THEORIES 24-B
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
To write a paper/thesis about a formal development
➜ use a separate theory/document on top of the development ➜ only talk about the interesting parts ➜ use antiquoations for theorems and definitions
WRITING ABOUT ISABELLE THEORIES 24-C
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
To write a paper/thesis about a formal development
➜ use a separate theory/document on top of the development ➜ only talk about the interesting parts ➜ use antiquoations for theorems and definitions ➜ use extra locales, definitions, syntax for polish
WRITING ABOUT ISABELLE THEORIES 24-D
WRITING ABOUT ISABELLE THEORIES
To document definitions and proofs:
➜ put comments explanations directly in original theory ➜ keep explanations short and to the point ➜ formal definitions, lemmas, syntax should speak for themself
To write a paper/thesis about a formal development
➜ use a separate theory/document on top of the development ➜ only talk about the interesting parts ➜ use antiquoations for theorems and definitions ➜ use extra locales, definitions, syntax for polish ➜ make full proof document available separately
WRITING ABOUT ISABELLE THEORIES 24-E
POLISH
Know your audience. Use the right notation.
POLISH 25
POLISH
Know your audience. Use the right notation.
➜ Change L
AT
EX symbol interpretations \renewcommand{\isasymLongrightarrow} {\isamath{\longrightarrow}}
POLISH 25-A
POLISH
Know your audience. Use the right notation.
➜ Change L
AT
EX symbol interpretations \renewcommand{\isasymLongrightarrow} {\isamath{\longrightarrow}} ➜ Declare special L
AT
EX output syntax: syntax (latex) Cons :: ”’a ⇒ ’a list ⇒ ’a list” (” ·/ ” [66,65] 65)
POLISH 25-B
POLISH
Know your audience. Use the right notation.
➜ Change L
AT
EX symbol interpretations \renewcommand{\isasymLongrightarrow} {\isamath{\longrightarrow}} ➜ Declare special L
AT
EX output syntax: syntax (latex) Cons :: ”’a ⇒ ’a list ⇒ ’a list” (” ·/ ” [66,65] 65) ➜ Use translations to change output syntax: syntax (latex) notEx :: ”(’a ⇒ bool) ⇒ bool” (binder ”\<notex>” 10) translations ”\<notex>x. P” <= ”¬(∃x. P)” in document/root.tex: \newcommand{\isasymnotex}{\isamath{\neg\exists}}
POLISH 25-C
USING LOCALES
making large developments more accessible
USING LOCALES 26
USING LOCALES
making large developments more accessible Math textbook: Let (A, ·, 0) in the following be a group with x · y = y · x
USING LOCALES 26-A
USING LOCALES
making large developments more accessible Math textbook: Let (A, ·, 0) in the following be a group with x · y = y · x Isabelle:
➜ Use locales to formalize contexts
USING LOCALES 26-B
USING LOCALES
making large developments more accessible Math textbook: Let (A, ·, 0) in the following be a group with x · y = y · x Isabelle:
➜ Use locales to formalize contexts ➜ Antiquotations are sensitive to current locale context
USING LOCALES 26-C
USING LOCALES
making large developments more accessible Math textbook: Let (A, ·, 0) in the following be a group with x · y = y · x Isabelle:
➜ Use locales to formalize contexts ➜ Antiquotations are sensitive to current locale context ➜ Example: locale agroup = group + assumes com: ”x · y = y · x” . . . (∗ < ∗) lemma (in agroup) True (∗ > ∗) txt {∗ . . . ∗} (∗ < ∗) oops (∗ > ∗)
USING LOCALES 26-D
27
WE HAVE SEEN TODAY ...
➜ Locale Declarations + Theorems in Locales ➜ Locale Expressions + Inheritance ➜ Locale Instantiation ➜ Generating L
AT
EX ➜ Writing a thesis/paper in Isabelle
WE HAVE SEEN TODAY ... 28
EXERCISES
➜ No Exercise Today
EXERCISES 29
EXERCISES
➜ No Exercise Today
Theorem Proving Principles, Techniques, Applications
EXERCISES 29-A