isabelle

问题 Does Isabelle/HOL proof assistant have any weaknesses and strengths compared to Coq? 回答1: I am mostly familiar with Coq, and do not have much experience with Isabelle/HOL, but I might be able to help a little bit. Perhaps others with more experience on Isabelle/HOL can help improve this. There are two big points of divergence between the two systems: the underlying theories and the style of interaction . I'll try to give a brief overview of the main differences in each case. Theories Both Coq

问题 Here is a simple type system with following types: any, void, integer, real, set. datatype ty = AType | VType | IType | RType | SType ty Types form a semilattice with supremum: notation sup (infixl "⊔" 65) instantiation ty :: semilattice_sup begin inductive less_ty where "τ ≠ VType ⟹ VType < τ" | "τ ≠ AType ⟹ τ < AType" | "IType < RType" | "τ < σ ⟹ SType τ < SType σ" inductive_cases VType_less [elim!]: "VType < τ" inductive_cases less_AType [elim!]: "τ < AType" inductive_cases IType_less

问题 (The question is related to How to define an inductive predicate on fset? but a more concrete) Here is a simple theory with 2 kinds of values and a casting predicate: theory FSetIndTest imports Main "~~/src/HOL/Library/FSet" begin datatype val1 = A | B datatype val2 = C | D inductive cast_val :: "val1 ⇒ val2 ⇒ bool" where "cast_val A C" | "cast_val B D" code_pred [show_modes] cast_val . fun cast_val_fun :: "val1 ⇒ val2" where "cast_val_fun A = C" | "cast_val_fun B = D" fun cast_val_fun_inv ::

问题 Following how-to-use-persistent-heap-images-to-make-loading-of-theories-faster-in-isabelle and another advice I created an image for Nominal Isabelle: isabelle build -v -b -d . Nominal2 The heap image was created under ~/.isabelle: .isabelle/Isabelle2013-2/heaps/polyml-5.5.1_x86-linux/Nominal2 Then I started isabelle jedit -d /path/to/Nominal-distribution -l Nominal2 I expected the system to quickly load a theory that imports a part of Nominal but it took almost a minute. Is that usual? 回答1:

问题 There is a matrix multiplication definition in Cartesian_Euclidean_Space (in directory HOL/Multivariate_Analysis"): definition matrix_matrix_mult :: "('a::semiring_1) ^'n^'m ⇒ 'a ^'p^'n ⇒ 'a ^ 'p ^'m" (infixl "**" 70) where "m ** m' == (χ i j. setsum (λk. ((m$i)$k) * ((m'$k)$j)) (UNIV :: 'n set)) ::'a ^ 'p ^'m" Now the the squared matrix would be A ** A and A^3 would be A ** A ** A . I couldn't find a powerfunction, to define A^n (i.e., A ** A ** ... ** A n times). Is there a power function

问题 Suppose that I have the following expression in Isabelle/HOL: typedecl Person typedecl Car consts age :: "Person ⇒ int" consts drives ::"(Person × Car) set" consts owns ::"(Person × Car) set" This is supposed to model Person and Car types with two relations between them, named drives and owns, and also the age property of Person. I would like to state that everybody who owns a car, would definitely drive the car, and people who drive cars are greater than 17, So the constraints: (∀a. a ∈ owns

问题 I came across a proof that I could not easily automate until I threw this lemma into Isabelle’s simplifier set: lemma ex_ex_eq_hint: "(∃x. (∃xs ys. x = f xs ys ∧ P xs ys) ∧ Q x) ⟷ (∃xs ys. Q (f xs ys) ∧ P xs ys)" by auto Now I am wondering: Is there a good reason why the simplifier or the classical reasoner is not able perform this simplification in general and automatically? Is there a more general form of this lemma that could be added to the default simpset to achieve this? 回答1: In

问题 When I use value to find out some value of a function that returns natural numbers, I always obtain the answer in the form of iterated Successor functions of 0, i.e., Suc(Suc( ... 0 )) which can be hard to read sometimes. Is there a way to output directly the number that Isabelle returns? 回答1: This is something I wanted to fix some time ago but apparently I forgot. Carcigenate's guess is incorrect; this is indeed the fully evaluated result. The problem is just that natural numbers are printed

问题 A question is posed on the IsaUserList on how to prove this lemma : lemma "dom (SOME b. dom b = A) = A" As a first response, P.Lammich says that obtain needs to be used: You have to show that there is such a beast b, ie, proof - obtain b where "dom b = A" ... thus ?thesis sledgehammer (*Should find a proof now, using the rules for SOME, probably SomeI*) Here, I have one main question, one secondary question, and I wonder about some differences between what P.Lammich says to do, some things M

问题 Consider the following minimal working example of Isabelle, where I defined two different functions, func1 and func2, that should emulate Eulers Totient function. Oddly, the obivious definition is false and changing the definition only slightly by introducing ∈ℕ leads to correct, but yet unprovable definition. (The exact questions I interspersed with the code, as that makes it probably clearer to what I'm referring). theory T imports Complex_Main "~~/src/HOL/Number_Theory/Number_Theory" begin