(* ======== Examples/mizar.ml ============================================== *) hide_constant "<=";; horizon := 0;; let KNASTER_TARSKI = thm `; let (<=) be A->A->bool; thus !f. (!x y. x <= y /\ y <= x ==> (x = y)) /\ (!x y z. x <= y /\ y <= z ==> x <= z) /\ (!x y. x <= y ==> f x <= f y) /\ (!X. ?s. (!x. x IN X ==> s <= x) /\ (!s'. (!x. x IN X ==> s' <= x) ==> s' <= s)) ==> ?x. f x = x proof let f be A->A; exec DISCH_THEN (LABEL_TAC "L"); !x y. x <= y /\ y <= x ==> (x = y) [antisymmetry] by L; !x y z. x <= y /\ y <= z ==> x <= z [transitivity] by L; !x y. x <= y ==> f x <= f y [monotonicity] by L; !X. ?s:A. (!x. x IN X ==> s <= x) /\ (!s'. (!x. x IN X ==> s' <= x) ==> s' <= s) [least_upper_bound] by L; set Y = {b | f b <= b} [Y_def]; !b. b IN Y <=> f b <= b [Y_thm] by ALL_TAC,Y_def,IN_ELIM_THM,BETA_THM; consider a such that (!x. x IN Y ==> a <= x) /\ (!a'. (!x. x IN Y ==> a' <= x) ==> a' <= a) [lub] by least_upper_bound; take a; !b. b IN Y ==> f a <= b proof let b be A; assume b IN Y [b_in_Y]; f b <= b [L0] by -,Y_thm; a <= b by b_in_Y,lub; f a <= f b by -,monotonicity; thus f a <= b by -,L0,transitivity; end; f(a) <= a [Part1] by -,lub; f(f(a)) <= f(a) by -,monotonicity; f(a) IN Y by -,Y_thm; a <= f(a) by -,lub; qed by -,Part1,antisymmetry`;; unhide_constant "<=";; (* ======== Mizarlight/duality.ml ========================================== *) parse_as_infix("ON",(11,"right"));; hide_constant "ON";; let projective = new_definition `projective((ON):Point->Line->bool) <=> (!p p'. ~(p = p') ==> ?!l. p ON l /\ p' ON l) /\ (!l l'. ?p. p ON l /\ p ON l') /\ (?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ ~(?l. p ON l /\ p' ON l /\ p'' ON l)) /\ (!l. ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ p ON l /\ p' ON l /\ p'' ON l)`;; horizon := 1;; let LEMMA_1 = thm `; !(ON):Point->Line->bool. projective(ON) ==> !p. ?l. p ON l proof let (ON) be Point->Line->bool; assume projective(ON) [0]; !p p'. ~(p = p') ==> ?!l. p ON l /\ p' ON l [1] by 0,projective; ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ ~(?l. p ON l /\ p' ON l /\ p'' ON l) [3] by 0,projective; let p be Point; consider q q' such that ~(q = q':Point); ~(p = q) \/ ~(p = q'); consider l such that p ON l by 1; take l; qed`;; let LEMMA_2 = thm `; !(ON):Point->Line->bool. projective(ON) ==> !p1 p2 q l l1 l2. p1 ON l /\ p2 ON l /\ p1 ON l1 /\ p2 ON l2 /\ q ON l2 /\ ~(q ON l) /\ ~(p1 = p2) ==> ~(l1 = l2) proof let (ON) be Point->Line->bool; assume projective(ON) [0]; !p p'. ~(p = p') ==> ?!l. p ON l /\ p' ON l [1] by 0,projective; // here qed already works let p1 p2 q be Point; let l l1 l2 be Line; assume p1 ON l [5]; assume p2 ON l [6]; assume p1 ON l1 [7]; assume p2 ON l2 [9]; assume q ON l2 [10]; assume ~(q ON l) [11]; assume ~(p1 = p2) [12]; assume l1 = l2 [13]; p1 ON l2 by 7; l = l2 by 1,5,6,9,12; thus F by 10,11; end`;; let PROJECTIVE_DUALITY = thm `; !(ON):Point->Line->bool. projective(ON) ==> projective (\l p. p ON l) proof let (ON) be Point->Line->bool; assume projective(ON) [0]; !p p'. ~(p = p') ==> ?!l. p ON l /\ p' ON l [1] by 0,projective; !l l'. ?p. p ON l /\ p ON l' [2] by 0,projective; ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ ~(?l. p ON l /\ p' ON l /\ p'' ON l) [3] by 0,projective; !l. ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ p ON l /\ p' ON l /\ p'' ON l [4] by 0,projective; // dual of axiom 1 !l1 l2. ~(l1 = l2) ==> ?!p. p ON l1 /\ p ON l2 [5] proof let l1 l2 be Line; assume ~(l1 = l2) [6]; consider p such that p ON l1 /\ p ON l2 [7] by 2; !p'. p' ON l1 /\ p' ON l2 ==> (p' = p) proof let p' be Point; assume p' ON l1 /\ p' ON l2 [8]; assume ~(p' = p); l1 = l2 by 1,7,8; thus F by 6; end; qed by 7; // dual of axiom 2 !p1 p2. ?l. p1 ON l /\ p2 ON l [9] proof let p1 p2 be Point; cases; suppose p1 = p2; qed by 0,LEMMA_1; suppose ~(p1 = p2); qed by 1; end; // dual of axiom 3 ?l1 l2 l3. ~(l1 = l2) /\ ~(l2 = l3) /\ ~(l1 = l3) /\ ~(?p. p ON l1 /\ p ON l2 /\ p ON l3) [10] proof consider p1 p2 p3 such that ~(p1 = p2) /\ ~(p2 = p3) /\ ~(p1 = p3) /\ ~(?l. p1 ON l /\ p2 ON l /\ p3 ON l) [11] by 3; ~(p1 = p3) by 11; ?!l1. p1 ON l1 /\ p3 ON l1 by 1; // ADDED STEP consider l1 such that p1 ON l1 /\ p3 ON l1 /\ !l'. p1 ON l' /\ p3 ON l' ==> (l1 = l') [12]; ~(p2 = p3) by 11; ?!l2. p2 ON l2 /\ p3 ON l2 by 1; // ADDED STEP consider l2 such that p2 ON l2 /\ p3 ON l2 /\ !l'. p2 ON l' /\ p3 ON l' ==> (l2 = l') [13]; ~(p1 = p2) by 11; ?!l3. p1 ON l3 /\ p2 ON l3 by 1; // ADDED STEP consider l3 such that p1 ON l3 /\ p2 ON l3 /\ !l'. p1 ON l' /\ p2 ON l' ==> (l3 = l') [14]; take l1; take l2; take l3; thus ~(l1 = l2) /\ ~(l2 = l3) /\ ~(l1 = l3) [15] by 11,12,13,14; assume ?q. q ON l1 /\ q ON l2 /\ q ON l3; consider q such that q ON l1 /\ q ON l2 /\ q ON l3; (p1 = q) /\ (p2 = q) /\ (p3 = q) by 5,12,13,14,15; thus F by 11; end; // dual of axiom 4 !p0. ?l0 L1 L2. ~(l0 = L1) /\ ~(L1 = L2) /\ ~(l0 = L2) /\ p0 ON l0 /\ p0 ON L1 /\ p0 ON L2 proof let p0 be Point; consider l0 such that p0 ON l0 [16] by 0,LEMMA_1; consider p such that ~(p = p0) /\ p ON l0 [17] by 4; consider q such that ~(q ON l0) [18] by 3; consider l1 such that p ON l1 /\ q ON l1 [19] by 1,16; consider r such that r ON l1 /\ ~(r = p) /\ ~(r = q) [20] proof consider r1 r2 r3 such that ~(r1 = r2) /\ ~(r2 = r3) /\ ~(r1 = r3) /\ r1 ON l1 /\ r2 ON l1 /\ r3 ON l1 [21] by 4; ~(r1 = p) /\ ~(r1 = q) \/ ~(r2 = p) /\ ~(r2 = q) \/ ~(r3 = p) /\ ~(r3 = q); qed by 21; ~(p0 ON l1) [22] proof assume p0 ON l1; l1 = l0 by 1,16,17,19; qed by 18,19; ~(p0 = r) by 20; consider L1 such that r ON L1 /\ p0 ON L1 [23] by 1; consider L2 such that q ON L2 /\ p0 ON L2 [24] by 1,16,18; take l0; take L1; take L2; thus ~(l0 = L1) by 0,17,19,20,22,23,LEMMA_2; thus ~(L1 = L2) by 0,19,20,22,23,24,LEMMA_2; thus ~(l0 = L2) by 18,24; thus p0 ON l0 /\ p0 ON L2 /\ p0 ON L1 by 16,24,23; end; qed by REWRITE_TAC,5,9,10,projective`;; unhide_constant "ON";; (* ======== Mizarlight/duality_holby.ml ==================================== *) horizon := 1;; let Line_INDUCT,Line_RECURSION = define_type "fano_Line = Line_1 | Line_2 | Line_3 | Line_4 | Line_5 | Line_6 | Line_7";; let Point_INDUCT,Point_RECURSION = define_type "fano_Point = Point_1 | Point_2 | Point_3 | Point_4 | Point_5 | Point_6 | Point_7";; let Point_DISTINCT = distinctness "fano_Point";; let Line_DISTINCT = distinctness "fano_Line";; let fano_incidence = [1,1; 1,2; 1,3; 2,1; 2,4; 2,5; 3,1; 3,6; 3,7; 4,2; 4,4; 4,6; 5,2; 5,5; 5,7; 6,3; 6,4; 6,7; 7,3; 7,5; 7,6];; let fano_point i = mk_const("Point_"^string_of_int i,[]) and fano_line i = mk_const("Line_"^string_of_int i,[]);; let fano_clause (i,j) = let p = `p:fano_Point` and l = `l:fano_Line` in mk_conj(mk_eq(p,fano_point i),mk_eq(l,fano_line j));; let ON = new_definition (mk_eq(`((ON):fano_Point->fano_Line->bool) p l`, list_mk_disj(map fano_clause fano_incidence)));; let ON_CLAUSES = prove (list_mk_conj(allpairs (fun i j -> mk_eq(list_mk_comb(`(ON)`,[fano_point i; fano_line j]), if mem (i,j) fano_incidence then `T` else `F`)) (1--7) (1--7)), REWRITE_TAC[ON; Line_DISTINCT; Point_DISTINCT]);; let FORALL_POINT = thm `; !P. (!p. P p) <=> P Point_1 /\ P Point_2 /\ P Point_3 /\ P Point_4 /\ P Point_5 /\ P Point_6 /\ P Point_7 by Point_INDUCT`;; let EXISTS_POINT = thm `; !P. (?p. P p) <=> P Point_1 \/ P Point_2 \/ P Point_3 \/ P Point_4 \/ P Point_5 \/ P Point_6 \/ P Point_7 proof let P be fano_Point->bool; ~(?p. P p) <=> ~(P Point_1 \/ P Point_2 \/ P Point_3 \/ P Point_4 \/ P Point_5 \/ P Point_6 \/ P Point_7) by REWRITE_TAC,DE_MORGAN_THM,NOT_EXISTS_THM,FORALL_POINT; qed`;; let FORALL_LINE = thm `; !P. (!p. P p) <=> P Line_1 /\ P Line_2 /\ P Line_3 /\ P Line_4 /\ P Line_5 /\ P Line_6 /\ P Line_7 by Line_INDUCT`;; let EXISTS_LINE = thm `; !P. (?p. P p) <=> P Line_1 \/ P Line_2 \/ P Line_3 \/ P Line_4 \/ P Line_5 \/ P Line_6 \/ P Line_7 proof let P be fano_Line->bool; ~(?p. P p) <=> ~(P Line_1 \/ P Line_2 \/ P Line_3 \/ P Line_4 \/ P Line_5 \/ P Line_6 \/ P Line_7) by REWRITE_TAC,DE_MORGAN_THM,NOT_EXISTS_THM,FORALL_LINE; qed;`;; let FANO_TAC = GEN_REWRITE_TAC DEPTH_CONV [FORALL_POINT; EXISTS_LINE; EXISTS_POINT; FORALL_LINE] THEN GEN_REWRITE_TAC DEPTH_CONV (basic_rewrites() @ [ON_CLAUSES; Point_DISTINCT; Line_DISTINCT]);; let AXIOM_1 = thm `; !p p'. ~(p = p') ==> ?l. p ON l /\ p' ON l /\ !l'. p ON l' /\ p' ON l' ==> (l' = l) by TIMED_TAC 3 FANO_TAC`;; let AXIOM_2 = thm `; !l l'. ?p. p ON l /\ p ON l' by FANO_TAC`;; let AXIOM_3 = thm `; ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ ~(?l. p ON l /\ p' ON l /\ p'' ON l) by TIMED_TAC 2 FANO_TAC`;; let AXIOM_4 = thm `; !l. ?p p' p''. ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ p ON l /\ p' ON l /\ p'' ON l by TIMED_TAC 3 FANO_TAC`;; let AXIOM_1' = thm `; !p p' l l'. ~(p = p') /\ p ON l /\ p' ON l /\ p ON l' /\ p' ON l' ==> (l' = l) proof let p p' be fano_Point; let l l' be fano_Line; assume ~(p = p') /\ p ON l /\ p' ON l /\ p ON l' /\ p' ON l' [1]; consider l1 such that p ON l1 /\ p' ON l1 /\ !l'. p ON l' /\ p' ON l' ==> (l' = l1) [2] by 1,AXIOM_1; l = l1 by 1,2; .= l' by 1,2; qed`;; let LEMMA_1' = thm `; !O. ?l. O ON l proof consider p p' p'' such that ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ ~(?l. p ON l /\ p' ON l /\ p'' ON l) [1] by AXIOM_3; let O be fano_Point; ~(p = O) \/ ~(p' = O) by 1; consider P such that ~(P = O) [2]; consider l such that O ON l /\ P ON l /\ !l'. O ON l' /\ P ON l' ==> (l' = l) [3] by 2,AXIOM_1; thus ?l. O ON l by 3; end`;; let DUAL_1 = thm `; !l l'. ~(l = l') ==> ?p. p ON l /\ p ON l' /\ !p'. p' ON l /\ p' ON l' ==> (p' = p) proof assume ~thesis; consider l l' such that ~(l = l') /\ !p. p ON l /\ p ON l' ==> ?p'. p' ON l /\ p' ON l' /\ ~(p' = p) [1]; consider p such that p ON l /\ p ON l' [2] by AXIOM_2; consider p' such that p' ON l /\ p' ON l' /\ ~(p' = p) [3] by 1,2; thus F by 1,2,AXIOM_1'; end`;; let DUAL_2 = thm `; !p p'. ?l. p ON l /\ p' ON l proof let p p' be fano_Point; ?l. p ON l [1] by LEMMA_1'; (p = p') \/ ?l. p ON l /\ p' ON l /\ !l'. p ON l' /\ p' ON l' ==> (l' = l) by AXIOM_1; qed by 1`;; let DUAL_3 = thm `; ?l1 l2 l3. ~(l1 = l2) /\ ~(l2 = l3) /\ ~(l1 = l3) /\ ~(?p. p ON l1 /\ p ON l2 /\ p ON l3) proof consider p1 p2 p3 such that ~(p1 = p2) /\ ~(p2 = p3) /\ ~(p1 = p3) /\ ~(?l. p1 ON l /\ p2 ON l /\ p3 ON l) [1] by AXIOM_3; consider l1 such that p1 ON l1 /\ p3 ON l1 [2] by DUAL_2; consider l2 such that p2 ON l2 /\ p3 ON l2 [3] by DUAL_2; consider l3 such that p1 ON l3 /\ p2 ON l3 [4] by DUAL_2; take l1; take l2; take l3; thus ~(l1 = l2) /\ ~(l2 = l3) /\ ~(l1 = l3) [5] by 1,2,3,4; assume ~thesis; consider q such that q ON l1 /\ q ON l2 /\ q ON l3 [6]; consider q' such that q' ON l1 /\ q' ON l3 /\ !p'. p' ON l1 /\ p' ON l3 ==> (p' = q') [7] by 5,DUAL_1; q = q' by 6,7; .= p1 by 2,4,7; thus F by 1,3,6; end`;; let DUAL_4 = thm `; !O. ?OP OQ OR. ~(OP = OQ) /\ ~(OQ = OR) /\ ~(OP = OR) /\ O ON OP /\ O ON OQ /\ O ON OR proof let O be fano_Point; consider OP such that O ON OP [1] by LEMMA_1'; consider p p' p'' such that ~(p = p') /\ ~(p' = p'') /\ ~(p = p'') /\ p ON OP /\ p' ON OP /\ p'' ON OP [2] by AXIOM_4; ~(p = O) \/ ~(p' = O) by 2; consider P such that ~(P = O) /\ P ON OP [3] by 2; consider q q' q'' such that ~(q = q') /\ ~(q' = q'') /\ ~(q = q'') /\ ~(?l. q ON l /\ q' ON l /\ q'' ON l) [4] by AXIOM_3; ~(q ON OP) \/ ~(q' ON OP) \/ ~(q'' ON OP) by 4; consider Q such that ~(Q ON OP) [5]; consider l such that P ON l /\ Q ON l [6] by DUAL_2; consider r r' r'' such that ~(r = r') /\ ~(r' = r'') /\ ~(r = r'') /\ r ON l /\ r' ON l /\ r'' ON l [7] by AXIOM_4; ((r = P) \/ (r = Q) \/ ~(r = P) /\ ~(r = Q)) /\ ((r' = P) \/ (r' = Q) \/ ~(r' = P) /\ ~(r' = Q)); consider R such that R ON l /\ ~(R = P) /\ ~(R = Q) [8] by 7; consider OQ such that O ON OQ /\ Q ON OQ [9] by DUAL_2; consider OR such that O ON OR /\ R ON OR [10] by DUAL_2; take OP; take OQ; take OR; ~(O ON l) by 1,3,5,6,AXIOM_1'; thus ~(OP = OQ) /\ ~(OQ = OR) /\ ~(OP = OR) /\ O ON OP /\ O ON OQ /\ O ON OR by 1,3,5,6,8,9,10,AXIOM_1'; end`;; (* ======== Tutorial/Changing_proof_style.ml =============================== *) horizon := 1;; let NSQRT_2_4 = thm `; !p q. p * p = 2 * q * q ==> q = 0 proof !p. (!m. m < p ==> (!q. m * m = 2 * q * q ==> q = 0)) ==> (!q. p * p = 2 * q * q ==> q = 0) proof let p be num; assume !m. m < p ==> !q. m * m = 2 * q * q ==> q = 0 [A]; let q be num; assume p * p = 2 * q * q [B]; EVEN(p * p) <=> EVEN(2 * q * q); EVEN(p) by TIMED_TAC 2 o MESON_TAC,ARITH,EVEN_MULT; // "EVEN 2 by CONV_TAC o HOL_BY,ARITH;" takes over a minute... consider m such that p = 2 * m [C] by EVEN_EXISTS; cases by ARITH_TAC; suppose q < p; q * q = 2 * m * m ==> m = 0 by A; qed by NUM_RING,B,C; suppose p <= q; p * p <= q * q by LE_MULT2; q * q = 0 by ARITH_TAC,B; qed by NUM_RING; end; qed by MATCH_MP_TAC,num_WF`;;