├── .gitignore
├── 404.html
├── Gemfile
├── Isabelle-Examples
    ├── AckermannM.thy
    ├── Baby.thy
    ├── Binary_Euclidean_Algorithm.thy
    ├── Binomial_Coeffs.thy
    ├── CTT_Examples.thy
    ├── Calculus.thy
    ├── CauchySchwarz.thy
    ├── Cbrt23_Irrational.thy
    ├── Dirichlet_approx_thm.thy
    ├── Fib_Iter.thy
    ├── Fibonacci.thy
    ├── Fibonacci_Newbie.thy
    ├── Fun_Semantics.thy
    ├── Gowers_Bijection.thy
    ├── Index_ex.thy
    ├── Index_sol.thy
    ├── Ln_lower_bound.thy
    ├── Numeric.thy
    ├── Probabilistic_Example_Erdos.thy
    ├── ROOT
    ├── Sqrt2_Irrational.thy
    ├── XsinX_lower_bounds.thy
    ├── document
    │   ├── examples.bib
    │   └── root.tex
    └── output
    │   ├── document.pdf
    │   └── document
    │       ├── AckermannM.tex
    │       ├── Baby.tex
    │       ├── Binary_Euclidean_Algorithm.tex
    │       ├── Binomial_Coeffs.tex
    │       ├── Calculus.tex
    │       ├── CauchySchwarz.tex
    │       ├── Cbrt23_Irrational.tex
    │       ├── Dirichlet_approx_thm.tex
    │       ├── Fib_Iter.tex
    │       ├── Fibonacci.tex
    │       ├── Fun_Semantics.tex
    │       ├── Gowers_Bijection.tex
    │       ├── Index_ex.tex
    │       ├── Ln_lower_bound.tex
    │       ├── Numeric.tex
    │       ├── Probabilistic_Example_Erdos.tex
    │       ├── Sqrt2_Irrational.tex
    │       ├── XsinX_lower_bounds.tex
    │       ├── comment.sty
    │       ├── examples.bib
    │       ├── isabelle.sty
    │       ├── isabellesym.sty
    │       ├── isabelletags.sty
    │       ├── pdfsetup.sty
    │       ├── railsetup.sty
    │       ├── root.tex
    │       ├── session.tex
    │       └── session_graph.pdf
├── README.md
├── _config.yml
├── _drafts
    ├── 2025-05-22-Definitions.md
    └── new post.md
├── _includes
    ├── analytics.html
    ├── archive.html
    ├── collecttags.html
    ├── head.html
    ├── page-footer.html
    └── page-header.html
├── _layouts
    ├── default.html
    ├── home.html
    ├── page.html
    ├── post.html
    └── tagpage.html
├── _posts
    ├── 2021-08-09-welcome.md
    ├── 2021-10-13-Fib-example.md
    ├── 2021-10-20-Fib-example-contd.md
    ├── 2021-10-27-formalisms.md
    ├── 2021-11-03-AUTOMATH.md
    ├── 2021-11-10-Axiom_of_Choice.md
    ├── 2021-11-17-Cauchy-Schwarz-example.md
    ├── 2021-11-24-Intuitionism.md
    ├── 2021-12-01-Undefined.md
    ├── 2021-12-08-ALEXANDRIA.md
    ├── 2021-12-15-Incompleteness.md
    ├── 2021-12-22-MVT-example.md
    ├── 2021-12-29-Ramsey-1.md
    ├── 2022-01-05-LCF.md
    ├── 2022-01-12-Proving-the-obvious.md
    ├── 2022-01-19-regular_pairs.md
    ├── 2022-01-26-Set_theory.md
    ├── 2022-02-02-Formalising_Math_Set_theory.md
    ├── 2022-02-09-Ackermann-example.md
    ├── 2022-02-16-Irrationals.md
    ├── 2022-02-23-Hereditarily_Finite.md
    ├── 2022-03-02-Type_classes.md
    ├── 2022-03-09-Quaternions.md
    ├── 2022-03-16-Types_vs_Sets.md
    ├── 2022-03-23-Locales.md
    ├── 2022-03-30-Quotienting.md
    ├── 2022-04-06-ZFC_in_HOL.md
    ├── 2022-04-13-Sledgehammer.md
    ├── 2022-04-20-Why-constructive.md
    ├── 2022-04-27-Wetzel.md
    ├── 2022-05-04-baby-examples.md
    ├── 2022-05-11-jEdit-tricks.md
    ├── 2022-05-18-Formalising-Incompleteness-I.md
    ├── 2022-05-25-Formalising-Incompleteness-II.md
    ├── 2022-06-01-Formalising-Incompleteness-III.md
    ├── 2022-06-08-baby-descriptions.md
    ├── 2022-06-15-Ramsey-2.md
    ├── 2022-06-22-Why-formalise.md
    ├── 2022-07-06-Turing_Machines.md
    ├── 2022-07-13-Isabelle_influences.md
    ├── 2022-07-27-Truth_Models.md
    ├── 2022-08-03-Small-Challenges-I.md
    ├── 2022-08-10-Nonstandard_Analysis.md
    ├── 2022-08-17-Gordon-BDDs-HOL.md
    ├── 2022-08-31-Ackermann-not-PR-I.md
    ├── 2022-09-07-Ackermann-not-PR-II.md
    ├── 2022-09-14-Libraries.md
    ├── 2022-09-28-Cambridge_LCF.md
    ├── 2022-10-05-Standard_ML.md
    ├── 2022-10-12-verifying-distributed-systems-isabelle.md
    ├── 2022-10-19-crypto-protocols.md
    ├── 2022-10-26-Multiset-Ordering.md
    ├── 2022-11-02-crypto-protocols-NS.md
    ├── 2022-11-09-Hilbert-Isabelle.md
    ├── 2022-11-16-automation_eng_in_math.md
    ├── 2022-11-23-CTT_in_Isabelle.md
    ├── 2022-11-30-CTT_in_Isabelle-II.md
    ├── 2022-12-07-Memories_first_exposure.md
    ├── 2022-12-14-User_interfaces.md
    ├── 2022-12-21-MetiTarski.md
    ├── 2023-01-04-Hardware_Verification.md
    ├── 2023-01-11-AI_at_Stanford.md
    ├── 2023-01-18-Sqrt2_irrational.md
    ├── 2023-02-01-On-the-infinite.md
    ├── 2023-02-08-Cbrt23_Irrational.md
    ├── 2023-02-22-Binary_GCD.md
    ├── 2023-03-08-Fun_Semantics.md
    ├── 2023-03-22-Binomial_Coeffs.md
    ├── 2023-04-12-Wittgenstein.md
    ├── 2023-04-27-ALEXANDRIA_outcomes.md
    ├── 2023-07-12-Metric_spaces.md
    ├── 2023-07-26-Wang.md
    ├── 2023-08-09-computer_proof.md
    ├── 2023-08-23-Propositions_as_Types.md
    ├── 2023-08-31-ALEXANDRIA_finished.md
    ├── 2023-10-04-Ochigame.md
    ├── 2023-11-01-Foundations.md
    ├── 2023-11-08-CoinductivePuzzle.md
    ├── 2024-01-31-Russells_Paradox.md
    ├── 2024-02-14-Contradiction.md
    ├── 2024-02-28-Gowers_bijection_example.md
    ├── 2024-07-25-Numeric_types.md
    ├── 2024-08-08-Ln_lower_bound.md
    ├── 2024-08-21-Probabilistic_Example.md
    ├── 2024-09-30-Intro_Lambda_Calculus.md
    ├── 2024-10-14-Church_Rosser.md
    ├── 2024-12-20-Quickstart.md
    ├── 2024-12-23-Holiday_Exercises.md
    ├── 2025-01-06-Code_Generation.md
    ├── 2025-01-22-Dirichlet_Approx.md
    ├── 2025-03-14-revisiting_demillo.md
    ├── 2025-03-19-Trickier_lower_bound.md
    └── 2025-03-28-Induction_Fetzer.md
├── _sass
    ├── cayman.scss
    ├── jekyll-theme-cayman.scss
    ├── normalize.scss
    ├── rouge-github.scss
    └── variables.scss
├── about.md
├── assets
    └── css
    │   └── style.scss
├── css
    ├── cayman.css
    ├── fonts
    │   ├── IsabelleDejaVuSans-Bold.ttf
    │   ├── IsabelleDejaVuSans-BoldOblique.ttf
    │   ├── IsabelleDejaVuSans-Oblique.ttf
    │   ├── IsabelleDejaVuSans.ttf
    │   ├── IsabelleDejaVuSansMono-Bold.ttf
    │   ├── IsabelleDejaVuSansMono-BoldOblique.ttf
    │   ├── IsabelleDejaVuSansMono-Oblique.ttf
    │   ├── IsabelleDejaVuSansMono.ttf
    │   ├── IsabelleDejaVuSerif-Bold.ttf
    │   ├── IsabelleDejaVuSerif-BoldItalic.ttf
    │   ├── IsabelleDejaVuSerif-Italic.ttf
    │   ├── IsabelleDejaVuSerif.ttf
    │   └── Vacuous.ttf
    ├── isabelle.css
    └── normalize.css
├── feed.xml
├── images
    ├── 2022-10-induction.png
    ├── 2022-10-system-model.png
    ├── 2022-10-time-steps.png
    ├── 3minus2.png
    ├── AUTOMATH-book-equality.png
    ├── CTT
    │   ├── split-in1.png
    │   ├── split-in2.png
    │   ├── split-out1.png
    │   ├── split-out2.png
    │   ├── struct-AC.png
    │   ├── struct-LEM.png
    │   ├── typefm-in1.png
    │   ├── typefm-in2.png
    │   ├── typefm-in3.png
    │   ├── typefm-in4.png
    │   ├── typefm-out1.png
    │   ├── typefm-out2.png
    │   ├── typefm-out3.png
    │   ├── typefm-out4.png
    │   ├── typeinf-add-in.png
    │   ├── typeinf-add-out.png
    │   ├── typeinf-in.png
    │   ├── typeinf-lemma.png
    │   ├── typeinf-out1.png
    │   ├── typeinf-out2.png
    │   ├── typeinf-out3.png
    │   └── typeinf-out4.png
    ├── ConcaveDef.png
    ├── Concave_ln.png
    ├── Dirichlet-approx-thm.png
    ├── Fib-newbie
    │   ├── f1.png
    │   ├── f10.png
    │   ├── f11.png
    │   ├── f2.png
    │   ├── f3.png
    │   ├── f4.png
    │   ├── f5.png
    │   ├── f6.png
    │   ├── f7.png
    │   ├── f8.png
    │   └── f9.png
    ├── Gowers-example.jpeg
    ├── Hardy-MVT.png
    ├── Jech-118-footnotes.png
    ├── MT-examples.png
    ├── Metitarski-example.png
    ├── PPLAMBDA-proof.png
    ├── Strachey-halting.png
    ├── TypesOfConicSections.jpg
    ├── Univ-Machine-Structure.png
    ├── Univ-Machine.png
    ├── Why trust II.png
    ├── Why trust.png
    ├── chess-board.png
    ├── compose-devices.png
    ├── diamond-in-lambda-calc.png
    ├── diamond2-in-lambda-calc.png
    ├── equality-in-lambda-calc.png
    ├── frozen_friends.jpg
    ├── hw-device.png
    ├── isabelle_logo.gif
    ├── jEdit-tricks-bound.png
    ├── jEdit-tricks-click.png
    ├── jEdit-tricks-hanging.png
    ├── jEdit-tricks-looping-proof.png
    ├── jEdit-tricks-popup.png
    ├── jEdit-tricks-skolem.png
    ├── peg-solitaire.png
    ├── plot_x_ln_x.png
    ├── plot_x_sin_inv_x.png
    ├── pure-silver.jpg
    ├── sqrt2-figure.jpg
    ├── squared_square.png
    ├── transistor.png
    └── tripartite graph.png
├── index.html
├── papers
    ├── Aczel-Inductive-Defs.pdf
    ├── Boolos-iterative-concept-of-set.pdf
    ├── Cohen-TAPS.pdf
    ├── Early-History-of-ATP.pdf
    ├── Edmonds-CPP2024.pdf
    ├── FloydMeaning.pdf
    ├── Knuth-TEX.pdf
    ├── Lam_finite_Proj_plane_order_10.pdf
    ├── ML-Int-TT.pdf
    ├── Matthews-parallel.pdf
    ├── Rosser-Lambda-Calculus.pdf
    ├── Russells-mathematical-logic.pdf
    ├── Scott-Models.pdf
    ├── Wang-Formalisation.pdf
    ├── Wang-Orginal-Sin.pdf
    ├── bachmair-hbar-resolution.pdf
    ├── deBruijn-nameless-dummies.pdf
    ├── on-the-infinite.pdf
    └── unreasonable.pdf
├── tag
    ├── ALEXANDRIA.md
    ├── AUTOMATH.md
    ├── Ackermann's_function.md
    ├── Alan_Turing.md
    ├── Archive_of_Formal_Proofs.md
    ├── BDDs.md
    ├── Bertrand_Russell.md
    ├── Coq.md
    ├── Dana_Scott.md
    ├── David_Hilbert.md
    ├── Ernst_Zermelo.md
    ├── Fibonacci.md
    ├── HOL_Light.md
    ├── HOL_system.md
    ├── Hao_Wang.md
    ├── Imre_Lakatos.md
    ├── Isabelle.md
    ├── Isar.md
    ├── Jacques_Fleuriot.md
    ├── John_Littlewood.md
    ├── Kurt_Gödel.md
    ├── LCF.md
    ├── Leonhard_Euler.md
    ├── MJC_Gordon.md
    ├── Martin-Löf_type_theory.md
    ├── MetiTarski.md
    ├── Mizar.md
    ├── NG_de_Bruijn.md
    ├── PVS.md
    ├── Paul_Erdős.md
    ├── Principia_Mathematica.md
    ├── Proofs_from_THE_BOOK.md
    ├── QED_project.md
    ├── Ramsey's_theorem.md
    ├── Robin_Milner.md
    ├── Standard_ML.md
    ├── Stanford.md
    ├── Szemerédi’s_regularity_lemma.md
    ├── ZFC_in_HOL.md
    ├── analysis.md
    ├── automation.md
    ├── axiom_of_choice.md
    ├── constructive_logic.md
    ├── descriptions.md
    ├── examples.md
    ├── formalised_mathematics.md
    ├── gcd.md
    ├── general.md
    ├── incompleteness.md
    ├── inductive_definitions.md
    ├── intuitionism.md
    ├── jEdit.md
    ├── lambda_calculus.md
    ├── law_of_excluded_middle.md
    ├── locales.md
    ├── logic.md
    ├── memories.md
    ├── newbies.md
    ├── nominal_package.md
    ├── nonstandard_analysis.md
    ├── ordinal_partitions.md
    ├── philosophy.md
    ├── proof_documents.md
    ├── quaternions.md
    ├── quotients.md
    ├── recruitment.md
    ├── recursion.md
    ├── resolution.md
    ├── set_theory.md
    ├── sledgehammer.md
    ├── type_classes.md
    ├── type_theory.md
    └── verification.md
└── tag_generator.py


/.gitignore:
--------------------------------------------------------------------------------
1 | _site/
2 | Gemfile.lock
3 | post.pdf
4 | 


--------------------------------------------------------------------------------
/404.html:
--------------------------------------------------------------------------------
 1 | ---
 2 | permalink: /404.html
 3 | layout: default
 4 | ---
 5 | 
 6 | <style type="text/css" media="screen">
 7 |   .container {
 8 |     margin: 10px auto;
 9 |     max-width: 600px;
10 |     text-align: center;
11 |   }
12 |   h1 {
13 |     margin: 30px 0;
14 |     font-size: 4em;
15 |     line-height: 1;
16 |     letter-spacing: -1px;
17 |   }
18 | </style>
19 | 
20 | <div class="container">
21 |   <h1>404</h1>
22 | 
23 |   <p><strong>Page not found :(</strong></p>
24 |   <p>The requested page could not be found.</p>
25 |   <p>Please notify Larry Paulson at lp15@cam.ac.uk</p>
26 | </div>
27 | 


--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
 1 | source "https://rubygems.org"
 2 | # Hello! This is where you manage which Jekyll version is used to run.
 3 | # When you want to use a different version, change it below, save the
 4 | # file and run `bundle install`. Run Jekyll with `bundle exec`, like so:
 5 | #
 6 | #     bundle exec jekyll serve
 7 | #
 8 | # This will help ensure the proper Jekyll version is running.
 9 | # Happy Jekylling!
10 | ##### gem "jekyll", "~> 4.2.0"
11 | # This is the default theme for new Jekyll sites. You may change this to anything you like.
12 | ## gem "jekyll-theme-cayman", "~> 0.2.0"
13 | # If you want to use GitHub Pages, remove the "gem "jekyll"" above and
14 | # uncomment the line below. To upgrade, run `bundle update github-pages`.
15 | gem "github-pages", group: :jekyll_plugins
16 | # If you have any plugins, put them here!
17 | group :jekyll_plugins do
18 |   gem "jekyll-feed", "~> 0.12"
19 | end
20 | 
21 | # Windows and JRuby does not include zoneinfo files, so bundle the tzinfo-data gem
22 | # and associated library.
23 | platforms :mingw, :x64_mingw, :mswin, :jruby do
24 |   gem "tzinfo", "~> 1.2"
25 |   gem "tzinfo-data"
26 | end
27 | 
28 | # Performance-booster for watching directories on Windows
29 | gem "wdm", "~> 0.1.1", :platforms => [:mingw, :x64_mingw, :mswin]
30 | 
31 | 
32 | gem "webrick", "~> 1.7"
33 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/AckermannM.thy:
--------------------------------------------------------------------------------
 1 | (*  Title:      HOL/Examples/AckermannM.thy
 2 |     Author:     Larry Paulson
 3 | *)
 4 | 
 5 | section \<open>A Tail-Recursive, Stack-Based Ackermann's Function\<close>
 6 | 
 7 | text \<open>Unlike the other Ackermann example, this termination proof uses the argument from
 8 | Nachum Dershowitz and Zohar Manna. Proving termination with multiset orderings.
 9 | Communications of the ACM 22 (8) 1979, 465–476.\<close>
10 | 
11 | theory AckermannM imports "HOL-Library.Multiset_Order" "HOL-Library.Product_Lexorder"
12 | 
13 | begin
14 | 
15 | text\<open>This theory investigates a stack-based implementation of Ackermann's function.
16 | Let's recall the traditional definition,
17 | as modified by R{\'o}zsa P\'eter and Raphael Robinson.\<close>
18 | 
19 | fun ack :: "[nat,nat] \<Rightarrow> nat" where
20 |   "ack 0 n             = Suc n"
21 | | "ack (Suc m) 0       = ack m 1"
22 | | "ack (Suc m) (Suc n) = ack m (ack (Suc m) n)"
23 | 
24 | text\<open>Setting up the termination proof for the stack-based version.\<close>
25 | 
26 | fun ack_mset :: "nat list \<Rightarrow> (nat\<times>nat) multiset" where
27 |   "ack_mset [] = {#}"
28 | | "ack_mset [x] = {#}"
29 | | "ack_mset (z#y#l) =  mset ((y,z) # map (\<lambda>x. (Suc x, 0)) l)"
30 | 
31 | lemma case1: "ack_mset (Suc n # l) < add_mset (0, n) {#(Suc x, 0). x \<in># mset l#}"
32 | proof (cases l)
33 |   case (Cons m list)
34 |   have "{#(m, Suc n)#} < {#(Suc m, 0)#}"
35 |     by auto
36 |   also have "\<dots> \<le> {#(Suc m, 0), (0,n)#}"
37 |     by auto
38 |   finally show ?thesis
39 |     by (simp add: Cons)
40 | qed auto
41 | 
42 | text\<open>Here is the stack-based version, which uses lists.\<close>
43 | 
44 | function ackloop :: "nat list \<Rightarrow> nat" where
45 |   "ackloop (n # 0 # l)         = ackloop (Suc n # l)"
46 | | "ackloop (0 # Suc m # l)     = ackloop (1 # m # l)"
47 | | "ackloop (Suc n # Suc m # l) = ackloop (n # Suc m # m # l)"
48 | | "ackloop [m] = m"
49 | | "ackloop [] =  0"
50 |   by pat_completeness auto
51 | 
52 | termination
53 |   by (relation "inv_image {(x,y). x<y} ack_mset") (auto simp: wf case1)
54 | 
55 | text \<open>Unlike the other Ackermann theory, no extra function is needed to prove equivalence\<close>
56 | lemma ackloop_ack: "ackloop (n # m # l) = ackloop (ack m n # l)"
57 |   by (induction m n arbitrary: l rule: ack.induct) auto
58 | 
59 | theorem ack: "ack m n = ackloop [n,m]"
60 |   by (simp add: ackloop_ack)
61 | 
62 | end
63 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Baby.thy:
--------------------------------------------------------------------------------
  1 | section \<open>Baby examples\<close>
  2 | 
  3 | theory Baby 
  4 |   imports "HOL-Library.Sum_of_Squares" 
  5 |           "HOL-Decision_Procs.Approximation"
  6 |           "HOL-Analysis.Analysis"
  7 | 
  8 | begin
  9 | 
 10 | text \<open>a simplification rule for powers\<close>
 11 | thm power_Suc
 12 | 
 13 | text \<open>Kevin Buzzard's examples\<close>
 14 | lemma
 15 |   fixes x::real
 16 |   shows "(x+y)*(x+2*y)*(x+3*y) = x^3 + 6*x^2*y + 11*x*y^2 + 6*y^3"
 17 |   by (simp add: algebra_simps eval_nat_numeral)
 18 | 
 19 | lemma "sqrt 2 + sqrt 3 < sqrt 10"
 20 | proof -
 21 |   have "(sqrt 2 + sqrt 3)^2 < (sqrt 10)^2"
 22 |   proof (simp add: algebra_simps eval_nat_numeral)
 23 |     have "(2 * (sqrt 2 * sqrt 3))^2 < 5 ^ 2"
 24 |       by (simp add: algebra_simps eval_nat_numeral)
 25 |     then show "2 * (sqrt 2 * sqrt 3) < 5"
 26 |       by (smt (verit, best) power_mono)
 27 |   qed
 28 |   then show ?thesis
 29 |     by (simp add: real_less_rsqrt)
 30 | qed
 31 | 
 32 | lemma "sqrt 2 + sqrt 3 < sqrt 10"
 33 |   by (approximation 10)
 34 | 
 35 | lemma "x \<in> {0.999..1.001} \<Longrightarrow> \<bar>pi - 4 * arctan x\<bar> < 0.0021"
 36 |   by (approximation 20)
 37 | 
 38 | lemma "3.141592635389 < pi"
 39 |   by (approximation 30)
 40 | 
 41 | lemma
 42 |   fixes a::real
 43 |   shows "(a*b + b * c + c*a)^3 \<le> (a^2 + a * b + b^2) * (b^2 + b * c + c^2) * (c^2 + c*a + a^2)"
 44 |   by sos
 45 | 
 46 | lemma "sqrt 2 \<notin> \<rat>"
 47 | proof
 48 |   assume "sqrt 2 \<in> \<rat>"
 49 |   then obtain q::rat where "sqrt 2 = of_rat q"
 50 |     using Rats_cases by blast
 51 |   then have "q\<^sup>2 = 2"
 52 |     by (metis abs_numeral of_rat_eq_iff of_rat_numeral_eq of_rat_power real_sqrt_abs 
 53 |         real_sqrt_power)
 54 |   then obtain m n where "coprime m n" "q = of_int m / of_int n"
 55 |     by (metis Fract_of_int_quotient Rat_cases)
 56 |   then have "(rat_of_int m)\<^sup>2 / (rat_of_int n)\<^sup>2 = 2"
 57 |     by (metis \<open>q\<^sup>2 = 2\<close> power_divide)
 58 |   then have 2: "(rat_of_int m)\<^sup>2 = 2 * (rat_of_int n)\<^sup>2"
 59 |     by (metis div_by_0 nonzero_mult_div_cancel_right times_divide_eq_left zero_neq_numeral)
 60 |   then have "2 dvd m"
 61 |     by (metis (mono_tags, lifting) even_mult_iff even_numeral of_int_eq_iff of_int_mult 
 62 |               of_int_numeral power2_eq_square)
 63 |   then have "2\<^sup>2 dvd m\<^sup>2"
 64 |     using dvd_power_same by blast
 65 |   then have "2 dvd n"
 66 |     by (metis "2" even_mult_iff of_int_eq_iff of_int_mult of_int_numeral power2_eq_square
 67 |         zdvd_mono zero_neq_numeral)
 68 |   then show False
 69 |     using \<open>coprime m n\<close> \<open>even m\<close> by auto
 70 | qed
 71 | 
 72 | subsection \<open>Material for a later post, about descriptions\<close>
 73 | 
 74 | 
 75 | lemma 
 76 |   fixes \<B> :: "'a::metric_space set set" and L :: "nat list set"
 77 |   assumes "\<S> \<subseteq> {ball x r | x r. r>0}" and "L \<noteq> {}"
 78 |   shows "P \<S> L"
 79 | proof -
 80 |   have "\<And>B. B \<in> \<S> \<Longrightarrow> \<exists>x. \<exists>r>0. B = ball x r"
 81 |     using assms by blast
 82 |   then obtain centre rad where rad: "\<And>B. B \<in> \<S> \<Longrightarrow> rad B > 0" 
 83 |                          and centre: "\<And>B. B \<in> \<S> \<Longrightarrow> B = ball (centre B) (rad B)"
 84 |     by metis
 85 |   define infrad where "infrad \<equiv> Inf (rad ` \<S>)"
 86 |   have "infrad \<le> rad B" if "B \<in> \<S>" for B
 87 |     by (smt (verit, best) bdd_below.I cINF_lower image_iff infrad_def rad that)
 88 | 
 89 |   have "\<exists>B \<in> \<S>. rad B = infrad" if "finite \<S>" "\<S> \<noteq> {}"
 90 |     by (smt (verit) empty_is_image finite_imageI finite_less_Inf_iff imageE infrad_def that)
 91 | 
 92 |   define minl where "minl = Inf (length ` L)"
 93 |   obtain l0 where  "l0 \<in> L" "length l0 = minl"
 94 |     by (metis Inf_nat_def1 empty_is_image imageE minl_def \<open>L \<noteq> {}\<close>)
 95 |   then have "length l0 \<le> length l" if "l \<in> L" for l
 96 |     by (simp add: cINF_lower minl_def that)
 97 | 
 98 |   show ?thesis 
 99 |     sorry
100 | qed
101 | 
102 | 
103 | 
104 | 
105 | end
106 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Binary_Euclidean_Algorithm.thy:
--------------------------------------------------------------------------------
  1 | theory Binary_Euclidean_Algorithm 
  2 |   imports "HOL-Computational_Algebra.Primes" 
  3 | begin
  4 | 
  5 | subsection \<open>The binary GCD algorithm\<close>
  6 | 
  7 | inductive_set  bgcd :: "(nat \<times> nat \<times> nat) set" where
  8 |   bgcdZero: "(u, 0, u) \<in> bgcd"
  9 | | bgcdEven: "\<lbrakk> (u, v, g) \<in> bgcd \<rbrakk> \<Longrightarrow> (2*u, 2*v, 2*g) \<in> bgcd"
 10 | | bgcdOdd:  "\<lbrakk> (u, v, g) \<in> bgcd; \<not> 2 dvd v \<rbrakk> \<Longrightarrow> (2*u, v, g) \<in> bgcd"
 11 | | bgcdStep: "\<lbrakk> (u - v, v, g) \<in> bgcd; v \<le> u \<rbrakk> \<Longrightarrow> (u, v, g) \<in> bgcd"
 12 | | bgcdSwap: "\<lbrakk> (v, u, g) \<in> bgcd \<rbrakk> \<Longrightarrow> (u, v, g) \<in> bgcd"
 13 | 
 14 | subsection \<open>Proving that the algorithm is correct\<close>
 15 | 
 16 | text \<open>Show that the bgcd of @{text x} und @{text y} is
 17 | really a divisor of both numbers\<close>
 18 | lemma bgcd_divides: "(x,y,g) \<in> bgcd \<Longrightarrow> g dvd x \<and> g dvd y"
 19 | proof (induct rule: bgcd.induct)
 20 |   case (bgcdStep u v g)
 21 |   with dvd_diffD show ?case
 22 |     by blast
 23 | qed auto
 24 | 
 25 | text \<open>The bgcd of @{text x} und @{text y} really is the greatest common divisor
 26 |  of both numbers, with respect to the divides relation.\<close>
 27 | lemma bgcd_greatest:
 28 |   "(x,y,g) \<in> bgcd \<Longrightarrow> d dvd x \<Longrightarrow> d dvd y \<Longrightarrow> d dvd g"
 29 | proof (induct arbitrary: d rule: bgcd.induct)
 30 |   case (bgcdEven u v g d) 
 31 |   show ?case
 32 |     proof (cases "2 dvd d") 
 33 |       case True thus ?thesis using bgcdEven by (force simp add: dvd_def) 
 34 |     next
 35 |       case False
 36 |       thus ?thesis using bgcdEven
 37 |         by (simp add: coprime_dvd_mult_right_iff)
 38 |     qed
 39 | next
 40 |   case (bgcdOdd u v g d)
 41 |   hence "coprime d 2"
 42 |     by fastforce
 43 |   thus ?case using bgcdOdd
 44 |     by (simp add: coprime_dvd_mult_right_iff)
 45 | qed auto
 46 | 
 47 | subsection \<open>Proving uniqueness and existence\<close>
 48 | 
 49 | text \<open>despite its apparent non-determinism, the relation @{text bgcd} is deterministic 
 50 |   and therefore defines a function\<close>
 51 | lemma bgcd_unique: 
 52 |   "(x,y,g) \<in> bgcd \<Longrightarrow> (x,y,g') \<in> bgcd \<Longrightarrow> g = g'"
 53 |   by (meson bgcd_divides bgcd_greatest gcd_nat.strict_iff_not)
 54 | 
 55 | lemma bgcd_defined_aux: "a+b \<le> n \<Longrightarrow> \<exists>g. (a, b, g) \<in> bgcd"
 56 | proof (induction n arbitrary: a b rule: less_induct)
 57 |   case (less n a b)
 58 |   show ?case
 59 |   proof (cases b)
 60 |     case 0
 61 |     thus ?thesis by (metis bgcdZero) 
 62 |   next
 63 |     case (Suc b')
 64 |     then have *: "a + b' < n"
 65 |       using Suc_le_eq add_Suc_right less.prems by presburger
 66 |     show ?thesis
 67 |     proof (cases "b \<le> a")
 68 |       case True
 69 |       thus ?thesis
 70 |         by (metis bgcd.simps le_add1 le_add_diff_inverse less.IH [OF *])
 71 |     next
 72 |       case False
 73 |       then show ?thesis
 74 |         by (metis less.IH [OF *] Suc Suc_leI bgcd.simps le_add_diff_inverse 
 75 |             less_add_same_cancel2 nle_le zero_less_iff_neq_zero)
 76 |     qed
 77 |   qed
 78 | qed
 79 | 
 80 | theorem bgcd_defined: "\<exists>!g. (a, b, g) \<in> bgcd"
 81 |   using bgcd_defined_aux bgcd_unique by auto
 82 | 
 83 | text \<open>Alternative proof suggested by YawarRaza7349\<close>
 84 | lemma bgcd_defined_aux': "a+b = n \<Longrightarrow> \<exists>g. (a, b, g) \<in> bgcd"
 85 | proof (induction n arbitrary: a b rule: less_induct)
 86 |   case (less n a b)
 87 |   then show ?case
 88 |   proof (cases "b \<le> a")
 89 |     case True
 90 |     with less obtain g where "(a-b, b, g) \<in> bgcd"
 91 |       by (metis add_cancel_right_right bgcd.simps le_add1 le_add_diff_inverse nat_less_le)
 92 |     thus ?thesis
 93 |       using True bgcd.bgcdStep by blast
 94 |   next
 95 |     case False
 96 |     with less show ?thesis
 97 |       by (metis bgcd.simps le_add_diff_inverse less_add_same_cancel2 nle_le zero_less_iff_neq_zero)
 98 |   qed
 99 | qed
100 | 
101 | end 
102 | 
103 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Binomial_Coeffs.thy:
--------------------------------------------------------------------------------
  1 | theory Binomial_Coeffs
  2 | imports Complex_Main "HOL-Number_Theory.Fib"
  3 | begin
  4 | 
  5 | lemma choose_row_sum: "(\<Sum>k\<le>n. n choose k) = 2^n"
  6 |   using binomial [of 1 1 n] by (simp add: numeral_2_eq_2)
  7 | 
  8 | text\<open>sums of binomial coefficients.\<close>
  9 | lemma sum_choose_lower:
 10 |     "(\<Sum>k\<le>n. (r+k) choose k) = Suc (r+n) choose n"
 11 |   by (induction n) auto
 12 | 
 13 | lemma sum_choose_upper:
 14 |     "(\<Sum>k\<le>n. k choose m) = Suc n choose Suc m"
 15 |   by (induction n) auto
 16 | 
 17 | lemma sum_choose_diagonal:
 18 |   assumes "m\<le>n"
 19 |     shows "(\<Sum>k\<le>m. (n-k) choose (m-k)) = Suc n choose m"
 20 | proof -
 21 |   have "(\<Sum>k\<le>m. (n-k) choose (m-k)) = (\<Sum>k\<le>m. (n-m+k) choose k)"
 22 |     using sum.atLeastAtMost_rev [of "\<lambda>k. (n - k) choose (m - k)" 0 m]
 23 |     by (simp add: atMost_atLeast0 \<open>m\<le>n\<close>)
 24 |   also have "\<dots> = Suc (n-m+m) choose m"
 25 |     by (rule sum_choose_lower)
 26 |   also have "\<dots> = Suc n choose m" using assms
 27 |     by simp
 28 |   finally show ?thesis . 
 29 | qed
 30 | 
 31 | lemma choose_mult_lemma:
 32 |   "((m+r+k) choose (m+k)) * ((m+k) choose k) = ((m+r+k) choose k) * ((m+r) choose m)"
 33 |   (is "?lhs = _")
 34 | proof -
 35 |   have "?lhs =
 36 |       fact(m+r+k) div (fact(m+k) * fact(m+r-m)) * (fact(m+k) div (fact k * fact m))"
 37 |     by (simp add: binomial_altdef_nat)
 38 |   also have "\<dots> = fact(m+r+k) * fact(m+k) div
 39 |                  (fact(m+k) * fact(m+r-m) * (fact k * fact m))"
 40 |     by (metis add_implies_diff add_le_mono1 choose_dvd diff_cancel2 div_mult_div_if_dvd
 41 |         le_add1 le_add2)
 42 |   also have "\<dots> = fact(m+r+k) div (fact r * (fact k * fact m))"
 43 |     by (auto simp: algebra_simps fact_fact_dvd_fact)
 44 |   also have "\<dots> = (fact(m+r+k) * fact(m+r)) div (fact r * (fact k * fact m) * fact(m+r))"
 45 |     by simp
 46 |   also have "\<dots> =
 47 |       (fact(m+r+k) div (fact k * fact(m+r)) * (fact(m+r) div (fact r * fact m)))"
 48 |     by (smt (verit) fact_fact_dvd_fact div_mult_div_if_dvd mult.assoc mult.commute)
 49 |   finally show ?thesis
 50 |     by (simp add: binomial_altdef_nat mult.commute)
 51 | qed
 52 | 
 53 | text \<open>The "Subset of a Subset" identity.\<close>
 54 | lemma choose_mult:
 55 |   "k \<le> m \<Longrightarrow> m \<le> n \<Longrightarrow> (n choose m) * (m choose k) = (n choose k) * ((n - k) choose (m - k))"
 56 |   using choose_mult_lemma [of "m-k" "n-m" k] by simp
 57 | 
 58 | 
 59 | text \<open>Concrete Mathematics, 5.18: "this formula is easily verified by induction on m"\<close>
 60 | lemma choose_row_sum_weighted:
 61 |   "(\<Sum>k\<le>m. (r choose k) * (r/2 - k)) = (Suc m)/2 * (r choose (Suc m))"
 62 | proof (induction m)
 63 |   case 0 show ?case by simp
 64 | next
 65 |   case (Suc m)
 66 |   have "(\<Sum>k\<le>Suc m. real (r choose k) * (r/2 - k)) 
 67 |       = ((r choose Suc m) * (r/2 - (Suc m))) + (Suc m) / 2 * (r choose Suc m)"
 68 |     by (simp add: Suc)
 69 |   also have "\<dots> = (r choose Suc m) * (real r - (Suc m)) / 2"
 70 |     by (simp add: field_simps)
 71 |   also have "\<dots> = Suc (Suc m) / 2 * (r choose Suc (Suc m))"
 72 |   proof (cases "r \<ge> Suc m")
 73 |     case True with binomial_absorb_comp[of r "Suc m"] show ?thesis
 74 |       by (metis binomial_absorption mult.commute of_nat_diff of_nat_mult times_divide_eq_left)
 75 |   qed (simp add: binomial_eq_0)
 76 |   finally show ?case .
 77 | qed
 78 | 
 79 | 
 80 | lemma sum_drop_zero: "(\<Sum>k\<le>Suc n. if 0<k then (f (k - 1)) else 0) = (\<Sum>j\<le>n. f j)"
 81 |   by (induction n) auto
 82 | 
 83 | lemma sum_choose_drop_zero:
 84 |   "(\<Sum>k\<le>Suc n. if k = 0 then 0 else (Suc n - k) choose (k - 1)) =
 85 |     (\<Sum>j\<le>n. (n-j) choose j)"
 86 |   by (rule trans [OF sum.cong sum_drop_zero]) auto
 87 | 
 88 | lemma ne_diagonal_fib:
 89 |    "(\<Sum>k\<le>n. (n-k) choose k) = fib (Suc n)"
 90 | proof (induction n rule: fib.induct)
 91 |   case 1 show ?case by simp
 92 | next
 93 |   case 2 show ?case by simp
 94 | next
 95 |   case (3 n)
 96 |   have "(\<Sum>k\<le>Suc n. Suc (Suc n) - k choose k) =
 97 |         (\<Sum>k\<le>Suc n. (Suc n - k choose k) + (if k=0 then 0 else (Suc n - k choose (k - 1))))"
 98 |     by (rule sum.cong) (simp_all add: choose_reduce_nat)
 99 |   also have "\<dots> = (\<Sum>k\<le>Suc n. Suc n - k choose k) +
100 |                   (\<Sum>k\<le>Suc n. if k=0 then 0 else (Suc n - k choose (k - 1)))"
101 |     by (simp add: sum.distrib)
102 |   also have "\<dots> = (\<Sum>k\<le>Suc n. Suc n - k choose k) + (\<Sum>j\<le>n. n - j choose j)"
103 |     by (metis sum_choose_drop_zero)
104 |   finally show ?case using 3
105 |     by simp
106 | qed
107 | 
108 | end
109 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/CTT_Examples.thy:
--------------------------------------------------------------------------------
  1 | (*Run with 
  2 |   isabelle jedit -l CTT  CTT_Examples.thy
  3 | *)
  4 | theory CTT_Examples
  5 | imports "CTT.CTT"
  6 | begin
  7 | 
  8 | schematic_goal "?A type"
  9 |   apply (rule form_rls)
 10 |   back
 11 |    apply (rule form_rls)
 12 |   apply (rule form_rls)
 13 |   done
 14 | 
 15 | schematic_goal "<0, succ(0)> : ?A"
 16 |   apply (rule intr_rls)
 17 |    apply (rule intr_rls)
 18 |   apply (rule intr_rls)
 19 |   apply (rule intr_rls)
 20 |   done
 21 | 
 22 | lemma "<0, succ(0)> : N \<times> N"
 23 |   by (rule intr_rls)+
 24 | 
 25 | text "typechecking the addition function"
 26 | 
 27 | schematic_goal "\<^bold>\<lambda>n. \<^bold>\<lambda>m. rec(n, m, \<lambda>x y. succ(y)) : ?A"
 28 |   apply (rule intr_rls form_rls elim_rls | assumption)+
 29 |   done
 30 | 
 31 | 
 32 | text "This finds the functions fst and snd!"
 33 | 
 34 | schematic_goal "A type \<Longrightarrow> ?a : (A \<times> A) \<longrightarrow> A"
 35 |   apply (rule intr_rls form_rls | erule elim_rls | assumption)+
 36 |   back
 37 |   done
 38 | 
 39 | text "Double negation of the Excluded Middle"
 40 | schematic_goal "A type \<Longrightarrow> ?a : ((A + (A\<longrightarrow>F)) \<longrightarrow> F) \<longrightarrow> F"
 41 |   apply intr
 42 |   apply (rule ProdE)
 43 |    apply assumption
 44 |   apply pc
 45 |   done
 46 | 
 47 | (*Experiment: the proof above in Isar*)
 48 | lemma
 49 |   assumes "A type" shows "(\<^bold>\<lambda>f. f ` inr(\<^bold>\<lambda>y. f ` inl(y))) : ((A + (A\<longrightarrow>F)) \<longrightarrow> F) \<longrightarrow> F"
 50 | proof intr
 51 |   fix f
 52 |   assume f: "f : A + (A \<longrightarrow> F) \<longrightarrow> F" 
 53 |   with assms have "inr(\<^bold>\<lambda>y. f ` inl(y)) : A + (A \<longrightarrow> F)"
 54 |     by pc
 55 |   then show "f ` inr(\<^bold>\<lambda>y. f ` inl(y)) : F" 
 56 |     by (rule ProdE [OF f])
 57 | qed (rule assms)+
 58 | 
 59 | text "Binary sums and products"
 60 | schematic_goal "\<lbrakk>A type; B type; C type\<rbrakk> \<Longrightarrow> ?a : (A + B \<longrightarrow> C) \<longrightarrow> (A \<longrightarrow> C) \<times> (B \<longrightarrow> C)"
 61 |   apply pc
 62 |   done
 63 | 
 64 | (*A distributive law*)
 65 | schematic_goal
 66 |   assumes "A type"
 67 |     and "\<And>x. x:A \<Longrightarrow> B(x) type"
 68 |     and "\<And>x. x:A \<Longrightarrow> C(x) type"
 69 |   shows "?a : (\<Sum>x:A. B(x) + C(x)) \<longrightarrow> (\<Sum>x:A. B(x)) + (\<Sum>x:A. C(x))"
 70 |   apply (pc assms)
 71 |   done
 72 | 
 73 | text "Construction of the currying functional"
 74 | schematic_goal
 75 |   assumes "A type"
 76 |     and "\<And>x. x:A \<Longrightarrow> B(x) type"
 77 |     and "\<And>z. z: (\<Sum>x:A. B(x)) \<Longrightarrow> C(z) type"
 78 |   shows "?a : \<Prod>f: (\<Prod>z : (\<Sum>x:A . B(x)) . C(z)).
 79 |                       (\<Prod>x:A . \<Prod>y:B(x) . C(<x,y>))"
 80 |   apply (pc assms)
 81 |   done
 82 | 
 83 | text "Martin-Löf (1984), page 48: axiom of sum-elimination (uncurry)"
 84 | schematic_goal
 85 |   assumes "A type"
 86 |     and "\<And>x. x:A \<Longrightarrow> B(x) type"
 87 |     and "\<And>z. z: (\<Sum>x:A . B(x)) \<Longrightarrow> C(z) type"
 88 |   shows "?a : (\<Prod>x:A . \<Prod>y:B(x) . C(<x,y>))
 89 |         \<longrightarrow> (\<Prod>z : (\<Sum>x:A . B(x)) . C(z))"
 90 |   apply (pc assms)
 91 |   done
 92 | 
 93 | text "Basic test of quantifier reasoning"
 94 | schematic_goal
 95 |   assumes "A type"
 96 |     and "B type"
 97 |     and "\<And>x y. \<lbrakk>x:A; y:B\<rbrakk> \<Longrightarrow> C(x,y) type"
 98 |   shows
 99 |     "?a :     (\<Sum>y:B . \<Prod>x:A . C(x,y))
100 |           \<longrightarrow> (\<Prod>x:A . \<Sum>y:B . C(x,y))"
101 |   apply (pc assms)
102 |   done
103 | 
104 | text "Martin-Löf (1984) pages 36-7: the combinator S"
105 | schematic_goal
106 |   assumes "A type"
107 |     and "\<And>x. x:A \<Longrightarrow> B(x) type"
108 |     and "\<And>x y. \<lbrakk>x:A; y:B(x)\<rbrakk> \<Longrightarrow> C(x,y) type"
109 |   shows "?a :    (\<Prod>x:A. \<Prod>y:B(x). C(x,y))
110 |              \<longrightarrow> (\<Prod>f: (\<Prod>x:A. B(x)). \<Prod>x:A. C(x, f`x))"
111 |   apply (pc assms)
112 |   done
113 | 
114 | text "Martin-Löf (1984) page 58: the axiom of disjunction elimination"
115 | schematic_goal
116 |   assumes "A type"
117 |     and "B type"
118 |     and "\<And>z. z: A+B \<Longrightarrow> C(z) type"
119 |   shows "?a : (\<Prod>x:A. C(inl(x))) \<longrightarrow> (\<Prod>y:B. C(inr(y)))
120 |           \<longrightarrow> (\<Prod>z: A+B. C(z))"
121 |   apply (pc assms)
122 |   done
123 | 
124 | 
125 | (*Martin-Löf (1984) page 50*)
126 | text "AXIOM OF CHOICE!  Delicate use of elimination rules"
127 | lemma Axiom_of_Choice:
128 |   assumes "A type"
129 |     and "\<And>x. x:A \<Longrightarrow> B(x) type"
130 |     and "\<And>x y. \<lbrakk>x:A; y:B(x)\<rbrakk> \<Longrightarrow> C(x,y) type"
131 |   shows "(\<^bold>\<lambda>f. <\<^bold>\<lambda>x. fst(f`x), \<^bold>\<lambda>x. snd(f`x)>) 
132 |         : (\<Prod>x:A. \<Sum>y:B(x). C(x,y)) \<longrightarrow> (\<Sum>f: (\<Prod>x:A. B(x)). \<Prod>x:A. C(x, f`x))"
133 | proof (intr assms)
134 |   fix f a
135 |   assume f: "f : \<Prod>x:A. Sum(B(x), C(x))" and "a : A" 
136 |   then have fa: "f`a : Sum(B(a), C(a))"
137 |     by (rule ProdE)
138 |   then show "fst(f ` a) : B(a)" 
139 |     by (rule SumE_fst)
140 |   have "snd(f ` a) : C(a, fst(f ` a))"
141 |     by (rule SumE_snd [OF fa]) (typechk SumE_fst assms \<open>a : A\<close>)
142 |   moreover have "(\<^bold>\<lambda>x. fst(f ` x)) ` a = fst(f ` a) : B(a)"
143 |     by (rule ProdC [OF \<open>a : A\<close>]) (typechk SumE_fst f)
144 |   ultimately show "snd(f`a) : C(a, (\<^bold>\<lambda>x. fst(f ` x)) ` a)"
145 |     by (intro replace_type [OF subst_eqtyparg]) (typechk SumE_fst assms \<open>a : A\<close>)
146 | qed
147 | 
148 | end
149 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Calculus.thy:
--------------------------------------------------------------------------------
 1 | theory Calculus
 2 |   imports Complex_Main
 3 | begin
 4 | 
 5 | theorem mvt:
 6 |   fixes \<phi> :: "real \<Rightarrow> real"
 7 |   assumes "a < b"
 8 |     and contf: "continuous_on {a..b} \<phi>"
 9 |     and derf: "\<And>x. \<lbrakk>a < x; x < b\<rbrakk> \<Longrightarrow> (\<phi> has_derivative \<phi>' x) (at x)"
10 |   obtains \<xi> where "a < \<xi>" "\<xi> < b" "\<phi> b - \<phi> a = (\<phi>' \<xi>) (b-a)"
11 | proof -
12 |   define f where "f \<equiv> \<lambda>x. \<phi> x - (\<phi> b - \<phi> a) / (b-a) * x"
13 |   have "\<exists>\<xi>. a < \<xi> \<and> \<xi> < b \<and> (\<lambda>y. \<phi>' \<xi> y - (\<phi> b - \<phi> a) / (b-a) * y) = (\<lambda>v. 0)"
14 |   proof (intro Rolle_deriv[OF \<open>a < b\<close>])
15 |     fix x
16 |     assume x: "a < x" "x < b"
17 |     show "(f has_derivative (\<lambda>y. \<phi>' x y - (\<phi> b - \<phi> a) / (b-a) * y)) (at x)"
18 |       unfolding f_def by (intro derivative_intros derf x)
19 |   next
20 |     show "f a = f b"
21 |       using assms by (simp add: f_def field_simps)
22 |   next
23 |     show "continuous_on {a..b} f"
24 |       unfolding f_def by (intro continuous_intros assms)
25 |   qed
26 |   then show ?thesis
27 |     by (smt (verit, ccfv_SIG) pos_le_divide_eq pos_less_divide_eq that)
28 | qed
29 | 
30 | end
31 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/CauchySchwarz.thy:
--------------------------------------------------------------------------------
 1 | theory CauchySchwarz imports "HOL-Analysis.Analysis"
 2 | begin
 3 | 
 4 | text \<open>Remark: the predicate @{term concave_on} is now to be found in the standard analysis library, 
 5 | as is indeed much of the material below.\<close>
 6 | 
 7 | lemma ln_concave: "concave_on {0<..} ln"
 8 |   unfolding concave_on_def
 9 |   by (rule f''_ge0_imp_convex derivative_eq_intros | simp)+
10 | 
11 | lemma powr_convex:
12 |   assumes "p \<ge> 1" shows "convex_on {0<..} (\<lambda>x. x powr p)"
13 |   using assms
14 |   by (intro f''_ge0_imp_convex derivative_eq_intros | simp)+
15 | 
16 | lemma Youngs_inequality_0:
17 |   fixes a::real
18 |   assumes "0 \<le> \<alpha>" "0 \<le> \<beta>" "\<alpha>+\<beta> = 1" "a>0" "b>0"
19 |   shows "a powr \<alpha> * b powr \<beta> \<le> \<alpha>*a + \<beta>*b"
20 | proof -
21 |   have "\<alpha> * ln a + \<beta> * ln b \<le> ln (\<alpha> * a + \<beta> * b)"
22 |     using assms ln_concave by (simp add: concave_on_iff)
23 |   moreover have "0 < \<alpha> * a + \<beta> * b"
24 |     using assms by (smt (verit) mult_pos_pos split_mult_pos_le)
25 |   ultimately show ?thesis
26 |     using assms by (simp add: powr_def mult_exp_exp flip: ln_ge_iff)
27 | qed
28 | 
29 | lemma Youngs_inequality:
30 |   fixes p::real
31 |   assumes "p>1" "q>1" "1/p + 1/q = 1" "a\<ge>0" "b\<ge>0"
32 |   shows "a * b \<le> a powr p / p + b powr q / q"
33 | proof (cases "a=0 \<or> b=0")
34 |   case False
35 |   then show ?thesis
36 |   using Youngs_inequality_0 [of "1/p" "1/q" "a powr p" "b powr q"] assms
37 |   by (simp add: powr_powr)
38 | qed (use assms in auto)
39 | 
40 | lemma Cauchy_Schwarz_ineq_sum:
41 |   fixes a :: "'a \<Rightarrow> 'b::linordered_field"
42 |   shows "(\<Sum>i\<in>I. a i * b i)\<^sup>2 \<le> (\<Sum>i\<in>I. (a i)\<^sup>2) * (\<Sum>i\<in>I. (b i)\<^sup>2)"
43 | proof (cases "(\<Sum>i\<in>I. (b i)\<^sup>2) > 0")
44 |   case False
45 |   then consider "\<And>i. i\<in>I \<Longrightarrow> b i = 0" | "infinite I"
46 |     by (metis (mono_tags, lifting) sum_pos2 zero_le_power2 zero_less_power2)
47 |   thus ?thesis
48 |     by fastforce
49 | next
50 |   case True
51 |   define r where "r \<equiv> (\<Sum>i\<in>I. a i * b i) / (\<Sum>i\<in>I. (b i)\<^sup>2)"
52 |   have "0 \<le> (\<Sum>i\<in>I. (a i - r * b i)\<^sup>2)"
53 |     by (simp add: sum_nonneg)
54 |   also have "... = (\<Sum>i\<in>I. (a i)\<^sup>2) - 2 * r * (\<Sum>i\<in>I. a i * b i) + r\<^sup>2 * (\<Sum>i\<in>I. (b i)\<^sup>2)"
55 |     by (simp add: algebra_simps power2_eq_square sum_distrib_left flip: sum.distrib)
56 |   also have "\<dots> = (\<Sum>i\<in>I. (a i)\<^sup>2) - ((\<Sum>i\<in>I. a i * b i))\<^sup>2 / (\<Sum>i\<in>I. (b i)\<^sup>2)"
57 |     by (simp add: r_def power2_eq_square)
58 |   finally have "0 \<le> (\<Sum>i\<in>I. (a i)\<^sup>2) - ((\<Sum>i\<in>I. a i * b i))\<^sup>2 / (\<Sum>i\<in>I. (b i)\<^sup>2)" .
59 |   hence "((\<Sum>i\<in>I. a i * b i))\<^sup>2 / (\<Sum>i\<in>I. (b i)\<^sup>2) \<le> (\<Sum>i\<in>I. (a i)\<^sup>2)"
60 |     by (simp add: le_diff_eq)
61 |   thus "((\<Sum>i\<in>I. a i * b i))\<^sup>2 \<le> (\<Sum>i\<in>I. (a i)\<^sup>2) * (\<Sum>i\<in>I. (b i)\<^sup>2)"
62 |     by (simp add: pos_divide_le_eq True)
63 | qed
64 | 
65 | lemma "\<exists>f'. ((\<lambda>x. x^3 + x\<^sup>2) has_real_derivative f' x) (at x) \<and> P (\<lambda>x. f' x)"
66 |   apply (rule exI conjI derivative_eq_intros | simp)+
67 |   oops
68 | 
69 | lemma "x > 0 \<Longrightarrow> \<exists>f'. ((\<lambda>x. (x\<^sup>2 - 1) * ln x) has_real_derivative f' x) (at x) \<and> P (\<lambda>x. f' x)"
70 |   apply (rule exI conjI derivative_eq_intros | simp)+
71 |   oops
72 | 
73 | lemma "\<exists>f'. ((\<lambda>x. (sin x)\<^sup>2 + (cos x)\<^sup>2) has_real_derivative f' x) (at x) \<and> P (\<lambda>x. f' x)"
74 |   apply (rule exI conjI derivative_eq_intros | simp)+
75 |   oops
76 | 
77 | end
78 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Cbrt23_Irrational.thy:
--------------------------------------------------------------------------------
 1 | theory Cbrt23_Irrational 
 2 |   imports Complex_Main
 3 |    
 4 | begin
 5 | 
 6 | lemma cuberoot_irrational:
 7 |   defines "x \<equiv> root 3 2 + root 3 3"
 8 |   shows "x \<notin> \<rat>"
 9 | proof
10 |   assume "x \<in> \<rat>"
11 |   moreover
12 |   have "root 3 8 = 2" "root 3 27 = 3"
13 |     by auto
14 |   then have xcubed: "x^3 = 5 + 3 * x * root 3 6"
15 |     by (simp add: x_def algebra_simps eval_nat_numeral flip: real_root_mult)
16 |   ultimately have Q: "5 + 3 * x * root 3 6 \<in> \<rat>"
17 |     by (metis Rats_power \<open>x \<in> \<rat>\<close>)
18 |   have "root 3 6 \<notin> \<rat>"
19 |   proof 
20 |     assume "root 3 6 \<in> \<rat>"
21 |     then obtain a b where "a / b = root 3 6" and cop: "coprime a b" "b\<noteq>0"
22 |       by (smt (verit, best) Rats_cases')
23 |     then have "(a/b)^3 = 6"
24 |       by auto
25 |     then have eq: "a^3 = 2*3 * b^3" 
26 |       using of_int_eq_iff by (fastforce simp: divide_simps \<open>b\<noteq>0\<close>)
27 |     then have p: "2 dvd a"
28 |       by (metis coprime_left_2_iff_odd coprime_power_right_iff dvd_triv_left mult.assoc)
29 |     then obtain c where "a = 2*c"
30 |       by blast
31 |     with eq have "2 dvd b"
32 |       by (simp add: eval_nat_numeral) (metis even_mult_iff even_numeral odd_numeral)
33 |     with p and cop show False
34 |       by fastforce
35 |   qed
36 |   moreover have "3*x \<in> \<rat> - {0}"
37 |     using xcubed  by (force simp: \<open>x \<in> \<rat>\<close>)
38 |   ultimately have "3 * x * root 3 6 \<notin> \<rat>"
39 |     using Rats_divide by force
40 |   with Q show False
41 |     by (metis Rats_diff Rats_number_of add.commute add_uminus_conv_diff diff_add_cancel)
42 | qed
43 | 
44 | end
45 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Dirichlet_approx_thm.thy:
--------------------------------------------------------------------------------
 1 | theory Dirichlet_approx_thm
 2 | 
 3 | imports "Complex_Main" "HOL-Library.FuncSet"
 4 | 
 5 | begin
 6 | 
 7 | theorem Dirichlet_approx:
 8 |   fixes \<theta>::real and N::nat
 9 |   assumes "N > 0" 
10 |   obtains h k where "0 < k" "k \<le> int N" "\<bar>of_int k * \<theta> - of_int h\<bar> < 1/N"
11 | proof -
12 |   define X where "X \<equiv> (\<lambda>k. frac (k*\<theta>)) ` {..N}"
13 |   define Y where "Y \<equiv> (\<lambda>k::nat. {k/N..< Suc k/N}) ` {..<N}"
14 |   have False 
15 |     if non: "\<not> (\<exists>b\<le>N. \<exists>a<b. \<bar>frac (real b * \<theta>) - frac (real a * \<theta>)\<bar> < 1/N)"
16 |   proof -
17 |     have "inj_on (\<lambda>k::nat. frac (k*\<theta>)) {..N}"
18 |       using non by (intro linorder_inj_onI; force)
19 |     then have caX: "card X = Suc N"
20 |       by (simp add: X_def card_image)
21 |     have caY: "card Y \<le> N" "finite Y"
22 |       unfolding Y_def using card_image_le by force+
23 |     define f where "f \<equiv> \<lambda>x::real. let k = nat \<lfloor>x * N\<rfloor> in {k/N ..< Suc k/N}"
24 |     have "nat \<lfloor>x * N\<rfloor> < N" if "0 \<le> x" "x < 1" for x::real
25 |       using that assms floor_less_iff nat_less_iff by fastforce
26 |     then have "f \<in> X \<rightarrow> Y"
27 |       by (force simp: f_def Let_def X_def Y_def frac_lt_1)
28 |     then have "\<not> inj_on f X"
29 |       using \<open>finite Y\<close> caX caY card_inj by fastforce
30 |     then obtain x x' where "x\<noteq>x'" "x \<in> X" "x' \<in> X" and eq: "f x = f x'"
31 |       by (auto simp: inj_on_def)
32 |     then obtain c d::nat where c: "c \<noteq> d" "c \<le> N" "d \<le> N" 
33 |             and xeq: "x = frac (c*\<theta>)" and xeq': "x' = frac (d*\<theta>)"
34 |       by (metis (no_types, lifting) X_def atMost_iff image_iff)
35 |     define i where "i \<equiv> nat \<lfloor>x * N\<rfloor>"
36 |     then have i: "x \<in> {i/N ..< Suc i/N}" 
37 |       using assms by (auto simp: divide_simps xeq) linarith
38 |     have i': "x' \<in> {i/N ..< Suc i/N}" 
39 |       using eq assms unfolding f_def Let_def xeq' i_def
40 |       by (simp add: divide_simps) linarith
41 |     with assms i have "\<bar>frac (d*\<theta>) - frac (c*\<theta>)\<bar> < 1 / N"
42 |       by (simp add: xeq xeq' abs_if add_divide_distrib)
43 |     with c show False
44 |       by (metis abs_minus_commute nat_neq_iff non)
45 |   qed
46 |   then obtain a b::nat where *: "a<b" "b\<le>N" "\<bar>frac (b*\<theta>) - frac (a*\<theta>)\<bar> < 1/N" 
47 |     by metis
48 |   let ?k = "b-a" and ?h = "\<lfloor>b*\<theta>\<rfloor> - \<lfloor>a*\<theta>\<rfloor>"
49 |   show ?thesis
50 |   proof
51 |     have "frac (b*\<theta>) - frac (a*\<theta>) = ?k*\<theta> - ?h"
52 |       using \<open>a < b\<close> by (simp add: frac_def left_diff_distrib of_nat_diff)
53 |     with * show "\<bar>of_int ?k * \<theta> - ?h\<bar> < 1/N"
54 |       by (metis of_int_of_nat_eq)
55 |   qed (use * in auto)
56 | qed
57 | 
58 | end


--------------------------------------------------------------------------------
/Isabelle-Examples/Fib_Iter.thy:
--------------------------------------------------------------------------------
 1 | section \<open>Iterative Fibonacci and Code Generation \<close>
 2 | 
 3 | theory Fib_Iter
 4 |   imports Complex_Main  \<comment> \<open>allows implicit coercions\<close>
 5 | begin
 6 | 
 7 | text \<open>The type of integers banishes the successor function\<close>
 8 | fun itfib :: "[int,int,int] \<Rightarrow> int" where
 9 |   "itfib n j k = (if n\<le>1 then k else itfib (n-1) k (j+k))"
10 | 
11 | text \<open>Simplification alone can compute this colossal number
12 |    in a fraction of a second\<close>
13 | lemma "itfib 200 0 1 = 280571172992510140037611932413038677189525"
14 |   by simp
15 | 
16 | fun fib :: "nat \<Rightarrow> int" where
17 |     "fib 0 = 0"
18 |   | "fib (Suc 0) = 1"
19 |   | "fib (Suc (Suc n)) = fib n + fib (Suc n)"
20 | 
21 | text \<open>The two functions are closely related\<close>
22 | lemma itfib_fib: "n > 0 \<Longrightarrow> itfib n (fib k) (fib(k+1)) = fib (k+n)"
23 | proof (induction n arbitrary: k)
24 |   case 0
25 |   then show ?case
26 |     by auto
27 | next
28 |   case (Suc n)
29 |   have "n > 0 \<Longrightarrow> itfib n (fib (k+1)) (fib k + fib (k+1)) = fib (k+n+1)"
30 |     by (metis Suc.IH Suc_eq_plus1 add.commute add_Suc_right fib.simps(3))
31 |   with Suc show ?case
32 |     by simp
33 | qed
34 | 
35 | text \<open>Direct recursive evaluation is exponential and slow\<close>
36 | value "fib 44"
37 | 
38 | declare fib.simps [code del]
39 | 
40 | text \<open>New code equation for @{term fib}\<close>
41 | lemma fib_eq_itfib[code]: "fib n = (if n=0 then 0 else itfib (int n) 0 1)"
42 |   using itfib_fib [of n 0] by simp
43 | 
44 | text \<open>FAST\<close>
45 | value "fib 200"
46 | 
47 | end
48 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Fibonacci.thy:
--------------------------------------------------------------------------------
 1 | section \<open>Fib and Gcd commute\<close>
 2 | 
 3 | theory Fibonacci
 4 |   imports "HOL-Computational_Algebra.Primes"
 5 | begin
 6 | 
 7 | text \<open>A few proofs of laws taken from Graham et al. @{cite "concrete-math"}.\<close>
 8 | 
 9 | subsection \<open>Fibonacci numbers\<close>
10 | 
11 | fun fib :: "nat \<Rightarrow> nat" where
12 |     "fib 0 = 0"
13 |   | "fib (Suc 0) = 1"
14 |   | "fib (Suc (Suc n)) = fib n + fib (Suc n)"
15 | 
16 | lemma fib_positive: "fib (Suc n) > 0"
17 |   by (induction n rule: fib.induct) auto
18 | 
19 | subsection \<open>Fib and gcd commute\<close>
20 | 
21 | lemma fib_add: "fib (Suc (n + k)) = fib (Suc k) * fib (Suc n) + fib k * fib n"
22 |   by (induction n rule: fib.induct) (auto simp: distrib_left)
23 | 
24 | lemma coprime_fib_Suc: "coprime (fib n) (fib (Suc n))"
25 | proof (induction n rule: fib.induct)
26 |   case (3 x)
27 |   then show ?case
28 |     by (metis coprime_iff_gcd_eq_1 fib.simps(3) gcd.commute gcd_add1)
29 | qed auto
30 | 
31 | lemma gcd_fib_add: "gcd (fib m) (fib (n + m)) = gcd (fib m) (fib n)"
32 | proof (cases m)
33 |   case 0
34 |   then show ?thesis by simp
35 | next
36 |   case (Suc k)
37 |   then have "gcd (fib m) (fib (n + m))
38 |            = gcd (fib k * fib n) (fib (Suc k))"
39 |     by (metis add_Suc_right fib_add gcd.commute gcd_add_mult mult.commute)
40 |   also have "\<dots> = gcd (fib n) (fib (Suc k))"
41 |     using coprime_commute coprime_fib_Suc gcd_mult_left_left_cancel by blast
42 |   also have "\<dots> = gcd (fib m) (fib n)"
43 |     using Suc by (simp add: ac_simps)
44 |   finally show ?thesis .
45 | qed
46 | 
47 | lemma gcd_fib_diff: "gcd (fib m) (fib (n - m)) = gcd (fib m) (fib n)" if "m \<le> n"
48 | proof -
49 |   have "gcd (fib m) (fib (n - m)) = gcd (fib m) (fib (n - m + m))"
50 |     by (simp add: gcd_fib_add)
51 |   also from \<open>m \<le> n\<close> have "n - m + m = n"
52 |     by simp
53 |   finally show ?thesis .
54 | qed
55 | 
56 | lemma gcd_fib_mod: "gcd (fib m) (fib (n mod m)) = gcd (fib m) (fib n)" if "0 < m"
57 | proof (induction n rule: less_induct)
58 |   case (less n)
59 |   show ?case
60 |   proof -
61 |     have "n mod m = (if n < m then n else (n - m) mod m)"
62 |       by (rule mod_if)
63 |     also have "gcd (fib m) (fib \<dots>) = gcd (fib m) (fib n)"
64 |       using gcd_fib_diff less.IH that by fastforce
65 |     finally show ?thesis .
66 |   qed
67 | qed
68 | 
69 | theorem fib_gcd: "fib (gcd m n) = gcd (fib m) (fib n)"
70 | proof (induction m n rule: gcd_nat_induct)
71 |   case (step m n)
72 |   then show ?case
73 |     by (metis gcd.commute gcd_fib_mod gcd_red_nat)
74 | qed auto
75 | 
76 | end
77 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Fibonacci_Newbie.thy:
--------------------------------------------------------------------------------
 1 | theory Fibonacci_Newbie
 2 |   imports Main
 3 | begin
 4 | 
 5 | fun fib :: "nat \<Rightarrow> nat" where
 6 |     "fib 0 = 0"
 7 |   | "fib (Suc 0) = 1"
 8 |   | "fib (Suc (Suc n)) = fib n + fib (Suc n)"
 9 | 
10 | lemma fib_positive: "fib (Suc n) > 0"
11 |   by (induction n rule: fib.induct, auto)
12 | 
13 | lemma fib_add: "fib (Suc (n + k)) = fib (Suc k) * fib (Suc n) + fib k * fib n"
14 |   by (induction n rule: fib.induct, auto simp: add_mult_distrib2)
15 | 
16 | lemma coprime_fib_Suc: "coprime (fib n) (fib (Suc n))"
17 | proof (induction n rule: fib.induct)
18 | next
19 |   case (3 n)
20 |   then show ?case
21 |     by (metis coprime_def dvd_add_left_iff fib.simps(3))
22 | qed auto
23 | 
24 | end
25 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Fun_Semantics.thy:
--------------------------------------------------------------------------------
  1 | theory Fun_Semantics
  2 | imports Main
  3 | begin
  4 | 
  5 | datatype exp = T | F | Zero | Succ exp | IF exp exp exp | EQ exp exp
  6 | 
  7 | inductive Eval :: "exp \<Rightarrow> exp \<Rightarrow> bool" (infix "\<Rrightarrow>" 50) where
  8 |     IF_T:    "IF T x y \<Rrightarrow> x"
  9 |   | IF_F:    "IF F x y \<Rrightarrow> y"
 10 |   | IF_Eval: "p \<Rrightarrow> q \<Longrightarrow> IF p x y \<Rrightarrow> IF q x y"
 11 |   | Succ_Eval: "x \<Rrightarrow> y \<Longrightarrow> Succ x \<Rrightarrow> Succ y"
 12 |   | EQ_same: "EQ x x \<Rrightarrow> T"
 13 |   | EQ_S0:   "EQ (Succ x) Zero \<Rrightarrow> F"
 14 |   | EQ_0S:   "EQ Zero (Succ y) \<Rrightarrow> F"
 15 |   | EQ_SS:   "EQ (Succ x) (Succ y) \<Rrightarrow> EQ x y"
 16 |   | EQ_Eval1: "x \<Rrightarrow> z \<Longrightarrow> EQ x y \<Rrightarrow> EQ z y"
 17 |   | EQ_Eval2: "y \<Rrightarrow> z \<Longrightarrow> EQ x y \<Rrightarrow> EQ x z"
 18 | 
 19 | inductive_simps T_simp [simp]: "T \<Rrightarrow> z"
 20 | inductive_simps F_simp [simp]: "F \<Rrightarrow> z"
 21 | inductive_simps Zero_simp [simp]: "Zero \<Rrightarrow> z"
 22 | inductive_simps Succ_simp [simp]: "Succ x \<Rrightarrow> z"
 23 | inductive_simps IF_simp [simp]: "IF p x y \<Rrightarrow>  z"
 24 | inductive_simps EQ_simp [simp]: "EQ x y \<Rrightarrow> z"
 25 | 
 26 | datatype tp = bool | num
 27 | 
 28 | inductive TP :: "exp \<Rightarrow> tp \<Rightarrow> bool" where
 29 |   T:    "TP T bool"
 30 | | F:    "TP F bool"
 31 | | Zero: "TP Zero num"
 32 | | IF:   "\<lbrakk>TP p bool; TP x t; TP y t\<rbrakk> \<Longrightarrow> TP (IF p x y) t"
 33 | | Succ: "TP x num \<Longrightarrow> TP (Succ x) num"
 34 | | EQ:   "\<lbrakk>TP x t; TP y t\<rbrakk> \<Longrightarrow> TP (EQ x y) bool"
 35 | 
 36 | inductive_simps TP_IF [simp]: "TP (IF p x y) t"
 37 | inductive_simps TP_Succ [simp]: "TP (Succ x) t"
 38 | inductive_simps TP_EQ [simp]: "TP (EQ x y) t"
 39 | 
 40 | proposition type_preservation:
 41 |   assumes "x \<Rrightarrow> y" "TP x t" shows "TP y t"
 42 |   using assms
 43 |   by (induction x y arbitrary: t rule: Eval.induct) (auto simp: TP.intros)
 44 | 
 45 | fun evl :: "exp \<Rightarrow> nat"
 46 |   where
 47 |     "evl T = 1"
 48 |   | "evl F = 0"
 49 |   | "evl Zero = 0"
 50 |   | "evl (Succ x) = evl x + 1"
 51 |   | "evl (IF x y z) = (if evl x = 1 then evl y else evl z)"
 52 |   | "evl (EQ x y) = (if evl x = evl y then 1 else 0)"
 53 | 
 54 | lemma
 55 |   assumes "TP x t" "t = bool" shows "evl x < 2"
 56 |   using assms by (induction x t; force)
 57 | 
 58 | proposition value_preservation:
 59 |   assumes "x \<Rrightarrow> y" shows "evl x = evl y"
 60 |   using assms by (induction x y; force)
 61 | 
 62 | 
 63 | text \<open>This doesn't hold\<close>
 64 | lemma
 65 |   assumes "x \<Rrightarrow> y" "x \<Rrightarrow> z" shows "\<exists>u. y \<Rrightarrow> u \<and> z \<Rrightarrow> u"
 66 |   nitpick
 67 |   oops
 68 | 
 69 | inductive EvalStar :: "exp \<Rightarrow> exp \<Rightarrow> bool" (infix "\<Rrightarrow>*" 50) where
 70 |     Id: "x \<Rrightarrow>* x"
 71 |   | Step: "x \<Rrightarrow> y \<Longrightarrow> y \<Rrightarrow>* z \<Longrightarrow> x \<Rrightarrow>* z"
 72 | 
 73 | proposition type_preservation_Star:
 74 |   assumes "x \<Rrightarrow>* y" "TP x t" shows "TP y t"
 75 |   using assms by (induction x y) (auto simp: type_preservation)
 76 | 
 77 | lemma Succ_EvalStar:
 78 |   assumes "x \<Rrightarrow>* y" shows "Succ x \<Rrightarrow>* Succ y"
 79 |   using assms by induction (auto intro: Succ_Eval EvalStar.intros)
 80 | 
 81 | lemma IF_EvalStar:
 82 |   assumes "p \<Rrightarrow>* q" shows "IF p x y \<Rrightarrow>* IF q x y"
 83 |   using assms by induction (auto intro: IF_Eval EvalStar.intros)
 84 | 
 85 | lemma EQ_EvalStar1:
 86 |   assumes "x \<Rrightarrow>* z" shows "EQ x y \<Rrightarrow>* EQ z y"
 87 |   using assms by induction (auto intro: EQ_Eval1 EvalStar.intros)
 88 | 
 89 | lemma EQ_EvalStar2:
 90 |   assumes "y \<Rrightarrow>* z" shows "EQ x y \<Rrightarrow>* EQ x z "
 91 |   using assms by induction (auto intro: EQ_Eval2 EvalStar.intros)
 92 | 
 93 | proposition diamond:
 94 |   assumes "x \<Rrightarrow> y" "x \<Rrightarrow> z" shows "\<exists>u. y \<Rrightarrow>* u \<and> z \<Rrightarrow>* u"
 95 |   using assms
 96 | proof (induction x y arbitrary: z)
 97 |   case (IF_Eval p q x y)
 98 |   then show ?case
 99 |     by (simp; meson F_simp IF_EvalStar T_simp)
100 | next
101 |   case (EQ_SS x y)
102 |   then show ?case
103 |     by (simp; meson Eval.intros EvalStar.intros)
104 | next
105 |   case (EQ_Eval1 x u y)
106 |   then show ?case
107 |     by (auto; meson EQ_EvalStar1 Eval.intros EvalStar.intros)+
108 | next
109 |     case (EQ_Eval2 y u x)
110 |     then show ?case
111 |     by (auto; meson EQ_EvalStar2 Eval.intros EvalStar.intros)+
112 | qed (force intro: Succ_EvalStar Eval.intros EvalStar.intros)+
113 | 
114 | end
115 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Gowers_Bijection.thy:
--------------------------------------------------------------------------------
 1 | section \<open>Tim Gowers' Example: A Characterisation of Bijections\<close>
 2 | 
 3 | theory Gowers_Bijection imports Complex_Main
 4 |    
 5 | begin
 6 | 
 7 | text \<open>Isabelle's default syntax for set difference is nonstandard.\<close>
 8 | abbreviation set_difference :: "['a set,'a set] \<Rightarrow> 'a set" (infixl "\<setminus>" 65)
 9 |   where "A \<setminus> B \<equiv> A-B"
10 | 
11 | text \<open>The one-line proof found by sledgehammer\<close>
12 | lemma "bij_betw f X Y \<longleftrightarrow> (\<forall>A. A\<subseteq>X \<longrightarrow> f ` (X\<setminus>A) = Y \<setminus> f`A)"
13 |   by (metis Diff_empty Diff_eq_empty_iff Diff_subset bij_betw_def image_is_empty 
14 |             inj_on_image_set_diff subset_antisym subset_image_inj)
15 | 
16 | text \<open>A more detailed proof. Note use of variables for the left and right sides\<close>
17 | lemma "bij_betw f X Y \<longleftrightarrow> (\<forall>A. A\<subseteq>X \<longrightarrow> f ` (X\<setminus>A) = Y \<setminus> f`A)"  (is "?L=?R")
18 | proof
19 |   show "?L \<Longrightarrow> ?R"
20 |     by (metis Diff_subset bij_betw_def inj_on_image_set_diff)
21 |   assume ?R
22 |   then have "inj_on f X" "f ` X = Y"
23 |     by (auto simp: inj_on_def)
24 |   then show ?L
25 |     by (simp add: bij_betw_def)
26 | qed
27 | 
28 | text \<open>Bonus: an example due to Terrence Tao\<close>
29 | 
30 | lemma
31 |   fixes a :: "nat \<Rightarrow> real"
32 |   assumes a: "decseq a" and D: "\<And>k. D k \<ge> 0" and aD: "\<And>k. a k \<le> D k - D(Suc k)"
33 |   shows "a k \<le> D 0 / (Suc k)"
34 | proof -
35 |   have "a k = (\<Sum>i\<le>k. a k) / (Suc k)"
36 |     by simp
37 |   also have "\<dots> \<le> (\<Sum>i\<le>k. a i) / (Suc k)"
38 |     using a sum_mono[of "{..k}" "\<lambda>i. a k" a] 
39 |     by (simp add: monotone_def divide_simps mult.commute)
40 |   also have "\<dots> \<le> (\<Sum>i\<le>k. D i - D(Suc i)) / (Suc k)"
41 |     by (simp add: aD divide_right_mono sum_mono)
42 |   also have "\<dots> \<le> D 0 / (Suc k)"
43 |     by (simp add: sum_telescope D divide_right_mono)
44 |   finally show ?thesis .
45 | qed
46 | 
47 | end
48 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Index_ex.thy:
--------------------------------------------------------------------------------
 1 | section \<open>Holiday exercises: the greatest prime power divisor\<close>
 2 | 
 3 | theory Index_ex
 4 |   imports "HOL-Computational_Algebra.Primes"
 5 | 
 6 | begin
 7 | 
 8 | lemma primepow_divides_prod:
 9 |   fixes p::nat
10 |   assumes "prime p" "(p^k) dvd (m * n)"
11 |   shows "\<exists>i j. (p^i) dvd m \<and> (p^j) dvd n \<and> k = i + j"
12 |   sorry
13 | 
14 | lemma maximum_index:
15 |   fixes n::nat
16 |   assumes "n > 0" "2 \<le> p"
17 |   shows "\<exists>k. p^k dvd n \<and> (\<forall>l>k. \<not> p^l dvd n)"
18 |   sorry
19 | 
20 | definition index :: "nat \<Rightarrow> nat \<Rightarrow> nat" where
21 |   "index p n 
22 |     \<equiv> if p \<le> 1 \<or> n = 0 then 0 else card {j. 1 \<le> j \<and> p^j dvd n}"
23 | 
24 | proposition pow_divides_index:
25 |   "p^k dvd n \<longleftrightarrow> n = 0 \<or> p = 1 \<or> k \<le> index p n"
26 |   sorry
27 | 
28 | corollary le_index:
29 |   "k \<le> index p n \<longleftrightarrow> (n = 0 \<or> p = 1 \<longrightarrow> k = 0) \<and> p^k dvd n"
30 |   sorry
31 | 
32 | corollary exp_index_divides: "p^(index p n) dvd n"
33 |   sorry
34 | 
35 | lemma index_trivial_bound: "index p n \<le> n"
36 |   sorry
37 | 
38 | proposition index_mult:
39 |   assumes "prime p" "m > 0" "n > 0"
40 |   shows "index p (m * n) = index p m + index p n"
41 |   sorry
42 | 
43 | corollary index_exp:
44 |   assumes "prime p"
45 |   shows "index p (n^k) = k * index p n"
46 |   sorry
47 | 
48 | end
49 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Index_sol.thy:
--------------------------------------------------------------------------------
  1 | theory Index_sol
  2 |   imports "HOL-Computational_Algebra.Primes"
  3 | 
  4 | begin
  5 | 
  6 | lemma primepow_divides_prod:
  7 |   fixes p::nat
  8 |   assumes "prime p" "(p^k) dvd (m * n)"
  9 |   shows "\<exists>i j. (p^i) dvd m \<and> (p^j) dvd n \<and> k = i + j"
 10 |   using assms prime_elem_power_dvd_prod by blast
 11 | 
 12 | lemma maximum_index:
 13 |   fixes n::nat
 14 |   assumes "n > 0" "2 \<le> p"
 15 |   shows "\<exists>k. p^k dvd n \<and> (\<forall>l>k. \<not> p^l dvd n)"
 16 | proof
 17 |   let ?K = "{k. p^k dvd n}"
 18 |   have "\<exists>x. p ^ x dvd n"
 19 |     by (metis one_dvd power_0)
 20 |   then have "?K \<noteq> {}"
 21 |     by auto
 22 |   moreover
 23 |   have "\<And>m. p ^ m dvd n \<Longrightarrow> m \<le> n"
 24 |     by (meson assms dvd_imp_le le_trans self_le_ge2_pow)
 25 |   then have "{k. p^k dvd n} \<subseteq> {..n}"
 26 |     by auto
 27 |   then have "finite ?K"
 28 |     using finite_subset by blast
 29 |   ultimately
 30 |   show "p^Max ?K dvd n \<and> (\<forall>l> Max ?K. \<not> p^l dvd n)"
 31 |     using Max_in by auto
 32 | qed
 33 | 
 34 | definition index :: "nat \<Rightarrow> nat \<Rightarrow> nat" where
 35 |   "index p n 
 36 |     \<equiv> if p \<le> 1 \<or> n = 0 then 0 else card {j. 1 \<le> j \<and> p^j dvd n}"
 37 | 
 38 | proposition pow_divides_index:
 39 |   "p^k dvd n \<longleftrightarrow> n = 0 \<or> p = 1 \<or> k \<le> index p n"
 40 | proof (cases "n = 0 \<or> p < 2")
 41 |   case True
 42 |   then show ?thesis
 43 |     by (force simp: index_def)
 44 | next
 45 |   case False
 46 |   then obtain a where "p^a dvd n \<and> (\<forall>l>a. \<not> p^l dvd n)"
 47 |     using maximum_index [of n p] False by auto
 48 |   then have "p^k dvd n \<longleftrightarrow> k \<le> a" for k
 49 |     by (meson le_less_linear power_le_dvd)
 50 |   moreover have "{j. 1 \<le> j \<and> j \<le> a} = {1..a}"
 51 |     by auto
 52 |   ultimately show ?thesis
 53 |     using False by (simp add: index_def)
 54 | qed
 55 | 
 56 | corollary le_index:
 57 |   "k \<le> index p n \<longleftrightarrow> (n = 0 \<or> p = 1 \<longrightarrow> k = 0) \<and> p^k dvd n"
 58 |   using index_def pow_divides_index by fastforce
 59 | 
 60 | corollary exp_index_divides: "p^(index p n) dvd n"
 61 |   by (simp add: pow_divides_index)
 62 | 
 63 | lemma index_trivial_bound: "index p n \<le> n"
 64 | proof (cases "p \<le> 1 \<or> n = 0")
 65 |   case True
 66 |   then show ?thesis
 67 |     by (simp add: index_def)
 68 | next
 69 |   case False
 70 |   have "index p n \<le> p^(index p n)"
 71 |     using False by auto
 72 |   also have "\<dots> \<le> n"
 73 |     using False dvd_imp_le exp_index_divides by auto
 74 |   finally show ?thesis .
 75 | qed
 76 | 
 77 | proposition index_mult:
 78 |   assumes "prime p" "m > 0" "n > 0"
 79 |   shows "index p (m * n) = index p m + index p n"
 80 | proof (rule order_antisym)
 81 |   have "p \<ge> 2"
 82 |     by (simp add: \<open>prime p\<close> prime_ge_2_nat)
 83 |   then obtain i j where "p^i dvd m" "p^j dvd n" "index p (m * n) = i + j"
 84 |     using assms(1) exp_index_divides primepow_divides_prod by meson
 85 |   then show "index p (m * n) \<le> index p m + index p n"
 86 |     using assms pow_divides_index by auto
 87 |   show "index p m + index p n \<le> index p (m * n)"
 88 |     using assms by (auto simp: le_index power_add exp_index_divides mult_dvd_mono)
 89 | qed
 90 | 
 91 | corollary index_exp:
 92 |   assumes "prime p"
 93 |   shows "index p (n^k) = k * index p n"
 94 | proof (cases "n = 0")
 95 |   case True
 96 |   then show ?thesis
 97 |     by (auto simp: index_def)
 98 | next
 99 |   case False
100 |   show ?thesis
101 |   proof (induction k)
102 |     case 0
103 |     with assms show ?case
104 |       by (auto simp: index_def)
105 |   next
106 |     case (Suc k)
107 |     then show ?case
108 |       using False assms index_mult by auto
109 |   qed
110 | qed
111 | 
112 | end
113 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Ln_lower_bound.thy:
--------------------------------------------------------------------------------
 1 | section \<open>A tricky example of proving a lower bound\<close>
 2 | 
 3 | theory Ln_lower_bound imports
 4 |   "HOL-Analysis.Analysis" "HOL-Decision_Procs.Approximation"  "HOL-Real_Asymp.Real_Asymp" 
 5 |    
 6 | begin
 7 | 
 8 | (*example: prove this lower bound of x*ln(x) for all x>0.
 9 | It's not differentiable at 0. It is continuous at 0, but that's nontrivial to prove.
10 | And you've got a problem if you think it's not even DEFINED at 0. (It is, of course.)*)
11 | 
12 | (*The derivative of x * ln(x) is ln(x)+1. It's zero at 1/e and the minimum value is -1/e.
13 | [minimum = -0.3678794412, [x = 0.3678794412]]
14 | *)
15 | 
16 | text \<open>Thanks to Manuel Eberl\<close>
17 | 
18 | (*real_asymp proves ((\<lambda>x. x * ln x) \<longlongrightarrow> 0 * ln 0) (at_right 0)*)
19 | lemma continuous_at_0: "continuous (at_right 0) (\<lambda>x::real. x * ln x)"
20 |   unfolding continuous_within by real_asymp
21 | 
22 | lemma continuous_nonneg: 
23 |   fixes x::real
24 |   assumes "x \<ge> 0"
25 |   shows "continuous (at x within {0..}) (\<lambda>x. x * ln x)"
26 | proof (cases "x = 0")
27 |   case True with continuous_at_0 show ?thesis
28 |     by (force simp add: continuous_within_topological less_eq_real_def)
29 | qed (auto intro!: continuous_intros)
30 | 
31 | lemma continuous_on_x_ln: "continuous_on {0..} (\<lambda>x::real. x * ln x)"
32 |   unfolding continuous_on_eq_continuous_within
33 |   using continuous_nonneg by blast
34 | 
35 | lemma xln_deriv:
36 |   fixes x::real
37 |   assumes "x > 0"
38 |   shows "((\<lambda>u. u * ln(u)) has_real_derivative ln x + 1) (at x)"
39 |   by (rule derivative_eq_intros refl | use assms in force)+
40 | 
41 | theorem x_ln_lowerbound:
42 |   fixes x::real
43 |   assumes "x \<ge> 0"
44 |   shows "x * ln(x) \<ge> -1 / exp 1"
45 | proof -
46 |   define xmin::real where "xmin \<equiv> 1 / exp 1"
47 |   have "xmin > 0"
48 |     by (auto simp: xmin_def)
49 |   have "x * ln(x) > xmin * ln(xmin)" if "x < xmin"
50 |   proof (intro DERIV_neg_imp_decreasing_open [OF that] exI conjI)
51 |     fix u :: real
52 |     assume "x < u" and "u < xmin" 
53 |     then have "ln u + 1 < ln 1"
54 |       unfolding xmin_def
55 |       by (smt (verit, del_insts) assms exp_diff exp_less_cancel_iff exp_ln_iff)
56 |     then show "ln u + 1 < 0"
57 |       by simp
58 |   next
59 |     show "continuous_on {x..xmin} (\<lambda>u. u * ln u)"
60 |       using continuous_on_x_ln continuous_on_subset assms by fastforce
61 |   qed (use assms xln_deriv in auto)
62 |   moreover
63 |   have "x * ln(x) > xmin * ln(xmin)" if "x > xmin"
64 |   proof (intro DERIV_pos_imp_increasing_open [OF that] exI conjI)
65 |     fix u
66 |     assume "x > u" and "u > xmin" 
67 |     then show "ln u + 1 > 0"
68 |       by (smt (verit, del_insts) \<open>0 < xmin\<close> exp_minus inverse_eq_divide 
69 |           ln_less_cancel_iff ln_unique xmin_def)
70 |   next
71 |     show "continuous_on {xmin..x} (\<lambda>u. u * ln u)"
72 |       using continuous_on_x_ln continuous_on_subset xmin_def by fastforce
73 |   qed (use \<open>0 < xmin\<close> xln_deriv in auto)
74 |   moreover have "xmin * ln(xmin) = -1 / exp 1"
75 |     using assms by (simp add: xmin_def ln_div)
76 |   ultimately show ?thesis
77 |     by force
78 | qed
79 | 
80 | 
81 | corollary
82 |   fixes x::real
83 |   assumes "x \<ge> 0"
84 |   shows "x * ln(x) \<ge> -0.36787944117144233"  (is "_ \<ge> ?rhs")
85 | proof -
86 |   have "(-1::real) / exp 1 \<ge> ?rhs"
87 |     by (approximation 60)
88 |   with x_ln_lowerbound show ?thesis
89 |     using assms by force
90 | qed
91 | 
92 | text \<open>The same proof works for a quite different function\<close>
93 | lemma continuous_at_0_sin: "continuous (at_right 0) (\<lambda>x::real. x * sin(1/x))"
94 |   unfolding continuous_within by real_asymp
95 | 
96 | end
97 | 
98 | 
99 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Numeric.thy:
--------------------------------------------------------------------------------
 1 | section \<open>Numerical experiments\<close>
 2 | 
 3 | theory Numeric imports
 4 |   "HOL-Decision_Procs.Approximation" "HOL-Computational_Algebra.Primes"
 5 |    
 6 | begin
 7 | 
 8 | text \<open>Addition of polymorphic numerals actually works, 
 9 | though nobody should rely on this\<close>
10 | lemma "2+2=4"
11 |   by auto
12 | 
13 | text \<open>Multiplication of polymorphic numerals does not work\<close>
14 | lemma "2*3=6"
15 |   oops
16 | 
17 | text \<open>These do not work because the group identity law is not available.\<close>
18 | lemma "0+2=2" "1*3=3"
19 |   oops
20 | 
21 | text \<open>Works because of the type constraint. And multiplcation is fast!\<close>
22 | lemma "123456789 * (987654321::int) = 121932631112635269"
23 |   by simp
24 | 
25 | text \<open>The function @{term Suc} implies type @{typ nat}\<close>
26 | lemma "Suc (Suc 0) * n = n*2"
27 |   by simp
28 | 
29 | text \<open>We have to expand 5 into Suc-notation.\<close>
30 | lemma "x^5 = x*x*x*x*(x::real)"
31 |   by (simp add: eval_nat_numeral)
32 | 
33 | text \<open>Decimal notation and arithmetic on complex numbers\<close>
34 | lemma "(1 - 0.3*\<i>) * (2.7 + 5*\<i>) = 4.2 + 4.19*\<i>"
35 |   by (simp add: algebra_simps)
36 | 
37 | text \<open>Applying a function to a numeral argument via eval. 
38 |       But only if this has been set up.\<close>
39 | lemma "fact 20 < (2432902008176640001::nat)"
40 |   by eval
41 | 
42 | text \<open>Testing primality via eval, takes a couple of seconds. 
43 |       The type constraint is necessary!\<close>
44 | lemma "prime (179424673::nat)"
45 |   by eval
46 | 
47 | text \<open>A simple demonstration of the approximation method\<close>
48 | lemma "\<bar>pi - 355/113\<bar> < 1/10^6"
49 |   by (approximation 25)
50 | 
51 | text \<open>Ditto, the approximation method\<close>
52 | lemma "\<bar>sqrt 2 - 1.4142135624\<bar> < 1/10^10"
53 |   by (approximation 35)
54 | 
55 | text \<open>The approximation method on a *closed* interval (SLOW). Must avoid zero!\<close>
56 | lemma
57 |   fixes x::real
58 |   assumes "x \<in> {0.1 .. 1}"
59 |   shows "x * ln(x) \<ge> -0.368"
60 |   using assms by (approximation 17 splitting: x=13) 
61 | 
62 | text \<open>A little more accuracy makes it MUCH slower 
63 |   (the exact answer is -1/e = 0.36787944117144233)\<close>
64 | lemma
65 |   fixes x::real
66 |   assumes "x \<in> {0.1 .. 1}"
67 |   shows "x * ln(x) \<ge> -0.3679"
68 | using assms
69 |   by (approximation 18 splitting: x=16) 
70 | 
71 | end
72 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Probabilistic_Example_Erdos.thy:
--------------------------------------------------------------------------------
 1 | section \<open>A Simple Probabilistic Proof by Paul Erdős.\<close>
 2 | 
 3 | text \<open>Actual source is the webpage here: \url{https://www.cut-the-knot.org/Probability/ProbabilisticMethod.shtml}.
 4 | Could not find the Erdős article and he wrote a dozen in 1963, in four languages.\<close>
 5 | 
 6 | theory Probabilistic_Example_Erdos
 7 |   imports "HOL-Library.Ramsey" "HOL-Probability.Probability"
 8 | 
 9 | begin
10 | 
11 | theorem Erdos_1963:
12 |   assumes X: "\<F> \<subseteq> nsets X n" "finite X"
13 |     and "card \<F> = m" and m: "m < 2^(n-1)" and n: "0 < n" "n \<le> card X"
14 |   obtains f::"'a\<Rightarrow>nat" where "f \<in> X \<rightarrow>\<^sub>E {..<2}" "\<And>F c. \<lbrakk>F \<in> \<F>; c<2\<rbrakk> \<Longrightarrow> \<not> f ` F \<subseteq> {c}"
15 | proof -
16 |   have "finite \<F>"
17 |     using X finite_imp_finite_nsets finite_subset by blast
18 |   let ?two = "{..<2::nat}"
19 |   define \<Omega> where "\<Omega> \<equiv> X \<rightarrow>\<^sub>E ?two"
20 |   define M where "M \<equiv> uniform_count_measure \<Omega>"
21 |   have space_eq: "space M = \<Omega>"
22 |     by (simp add: M_def space_uniform_count_measure)
23 |   have sets_eq: "sets M = Pow \<Omega>"
24 |     by (simp add: M_def sets_uniform_count_measure)
25 |   have card\<Omega>: "card \<Omega> = 2 ^ card X"
26 |     using \<open>finite X\<close> by (simp add: \<Omega>_def card_funcsetE)
27 |   have \<Omega>: "finite \<Omega>" "\<Omega> \<noteq> {}"
28 |     using card\<Omega> less_irrefl by fastforce+
29 |   interpret P: prob_space M
30 |     unfolding M_def by (intro prob_space_uniform_count_measure \<Omega>)
31 |   define mchrome where "mchrome \<equiv> \<lambda>c F. {f \<in> \<Omega>. f ` F \<subseteq> {c}}"
32 |       \<comment>\<open>the event to avoid: monochromatic sets\<close>
33 |   have mchrome: "mchrome c F \<in> P.events" "mchrome c F \<subseteq> \<Omega>" for F c
34 |     by (auto simp: sets_eq mchrome_def \<Omega>_def)
35 |   have card_mchrome: "card (mchrome c F) = 2 ^ (card X - n)" if "F \<in> \<F>" "c<2" for F c
36 |   proof -
37 |     have F: "finite F" "card F = n" "F \<subseteq> X"
38 |       using assms that by (auto simp: nsets_def)
39 |     with \<open>finite X\<close> have "card (X-F \<rightarrow>\<^sub>E ?two) = 2 ^ (card X - n)"
40 |       by (simp add: card_funcsetE card_Diff_subset)
41 |     moreover
42 |     have "bij_betw (\<lambda>f. restrict f (X-F)) (mchrome c F) (X-F \<rightarrow>\<^sub>E ?two)"
43 |     proof (intro bij_betwI)
44 |       show "(\<lambda>g x. if x\<in>F then c else g x) \<in> (X-F \<rightarrow>\<^sub>E ?two) \<rightarrow> mchrome c F"
45 |         using that \<open>F \<subseteq> X\<close> by (auto simp: mchrome_def \<Omega>_def)
46 |     qed (fastforce simp: mchrome_def \<Omega>_def)+
47 |     ultimately show ?thesis
48 |       by (metis bij_betw_same_card)
49 |   qed
50 |   have prob_mchrome: "P.prob (mchrome c F) = 1 / 2^n"  
51 |     if "F \<in> \<F>" "c<2" for F c
52 |   proof -
53 |     have emeasure_eq: "emeasure M U = (if U\<subseteq>\<Omega> then ennreal(card U / card \<Omega>) else 0)" for U
54 |       by (simp add: M_def emeasure_uniform_count_measure_if \<open>finite \<Omega>\<close>)
55 |     have "emeasure M (mchrome c F) = ennreal (2 ^ (card X - n) / card \<Omega>)"
56 |       using that mchrome by (simp add: emeasure_eq card_mchrome)
57 |     also have "\<dots> = ennreal (1 / 2^n)"
58 |       by (simp add: n power_diff card\<Omega>)
59 |     finally show ?thesis
60 |       by (simp add: P.emeasure_eq_measure)
61 |   qed
62 | 
63 |   have "(\<Union>F\<in>\<F>. \<Union>c<2. mchrome c F) \<subseteq> \<Omega>"
64 |     by (auto simp: mchrome_def \<Omega>_def)
65 |   moreover have "(\<Union>F\<in>\<F>. \<Union>c<2. mchrome c F) \<noteq> \<Omega>"
66 |   proof -
67 |     have "P.prob (\<Union>F\<in>\<F>. \<Union>c<2. mchrome c F) \<le> (\<Sum>F\<in>\<F>. P.prob (\<Union>c<2. mchrome c F))"
68 |       by (intro measure_UNION_le) (auto simp: countable_Un_Int mchrome \<open>finite \<F>\<close>)
69 |     also have "\<dots> \<le> (\<Sum>F\<in>\<F>. \<Sum>c<2. P.prob (mchrome c F))"
70 |       by (intro sum_mono measure_UNION_le) (auto simp: mchrome)
71 |     also have "\<dots> = m * 2 * (1 / 2^n)"
72 |       by (simp add: prob_mchrome \<open>card \<F> = m\<close>)
73 |     also have "\<dots> < 1"
74 |     proof -
75 |       have "real (m * 2) < 2 ^ n"
76 |         using mult_strict_right_mono [OF m, of 2] \<open>n>0\<close>
77 |         by (metis of_nat_less_numeral_power_cancel_iff pos2 power_minus_mult) 
78 |       then show ?thesis
79 |         by (simp add: divide_simps)
80 |     qed
81 |     finally have "P.prob (\<Union>F\<in>\<F>. \<Union>c<2. mchrome c F) < 1" .
82 |     then show ?thesis
83 |       using P.prob_space space_eq by force
84 |   qed
85 |   ultimately obtain f where f: "f \<in> \<Omega> - (\<Union>F\<in>\<F>. \<Union>c<2. mchrome c F)"
86 |     by blast
87 |   with that show ?thesis
88 |     by (fastforce simp: mchrome_def \<Omega>_def)
89 | qed
90 | 
91 | end
92 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/ROOT:
--------------------------------------------------------------------------------
 1 | session "Isabelle-Examples" = "HOL-Analysis" +
 2 |   description \<open>Simple Isabelle examples for Machine Logic.
 3 |         Run using "isabelle build -d PATH -o browser_info Isabelle-Examples", where PATH refers to this directory\<close>
 4 |   options [quick_and_dirty, document = pdf, document_output = "output"]
 5 |   sessions
 6 |     "HOL-Library"
 7 |     "HOL-Analysis"
 8 |     "HOL-Probability"
 9 |     "HOL-Decision_Procs"
10 |     "HOL-Number_Theory"
11 | theories
12 |     "Fibonacci"
13 |     "CauchySchwarz"
14 |     "Calculus"
15 |     "Baby"
16 |     "AckermannM"
17 |     "Sqrt2_Irrational"
18 |     "Cbrt23_Irrational"
19 |     "Binary_Euclidean_Algorithm"
20 |     "Fun_Semantics"
21 |     "Binomial_Coeffs"
22 |     "Gowers_Bijection"
23 |     "Numeric"
24 |     "Ln_lower_bound"
25 |     "XsinX_lower_bounds"
26 |     "Probabilistic_Example_Erdos"
27 |     "Index_ex"
28 |     "Fib_Iter"
29 |     "Dirichlet_approx_thm"
30 | document_files
31 |     "root.tex"
32 |     "examples.bib"
33 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/Sqrt2_Irrational.thy:
--------------------------------------------------------------------------------
 1 | theory Sqrt2_Irrational imports
 2 |   Complex_Main
 3 |    
 4 | begin
 5 | 
 6 | proposition "sqrt 2 \<notin> \<rat>"
 7 | proof
 8 |   define R where "R \<equiv> {n. n > 0 \<and> real n * sqrt 2 \<in> \<nat>}"
 9 |   define k where "k \<equiv> Inf R"
10 |   assume "sqrt 2 \<in> \<rat>"
11 |   then obtain p q where "q\<noteq>0" "real p / real q = \<bar>sqrt 2\<bar>"
12 |     by (metis Rats_abs_nat_div_natE)
13 |   then have "R \<noteq> {}"
14 |     by (simp add: R_def field_simps) (metis of_nat_in_Nats)
15 |   then have "k \<in> R"
16 |     by (simp add: Inf_nat_def1 k_def)
17 |   then have kR: "real k * sqrt 2 \<in> \<nat>" and "k > 0"
18 |     by (auto simp add: R_def)
19 |   define x where "x \<equiv> real k * (sqrt 2 - 1)"
20 |   have "x \<in> \<nat>"
21 |     using \<open>0 < k\<close> by (simp add: kR right_diff_distrib' x_def)
22 |   then obtain k' where k': "x = real k'"
23 |     using Nats_cases by blast
24 |   have "k' > 0"
25 |     using \<open>0 < k\<close> k' of_nat_eq_0_iff x_def by fastforce
26 |   have "real k' * sqrt 2 = 2 * k - k * sqrt 2"
27 |     by (simp add: x_def algebra_simps flip: k')
28 |   moreover have "real k' * sqrt 2 \<ge> 0"
29 |     by simp
30 |   ultimately have "real k' * sqrt 2 \<in> \<nat>"
31 |     by (simp add: kR)
32 |   with R_def \<open>0 < k'\<close> have "k' \<in> R"
33 |     by blast
34 |   have "x < real k"
35 |     by (simp add: \<open>0 < k\<close> sqrt2_less_2 x_def)
36 |   then have "k' < k"
37 |     by (simp add: k')
38 |   then show False
39 |     using \<open>k' \<in> R\<close> k_def linorder_not_less wellorder_Inf_le1 by auto
40 | qed
41 | 
42 | end
43 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/document/examples.bib:
--------------------------------------------------------------------------------
 1 | %% This BibTeX bibliography file was created using BibDesk.
 2 | %% http://bibdesk.sourceforge.net/
 3 | 
 4 | 
 5 | %% Created for Larry Paulson at 2021-10-13 12:00:57 +0100 
 6 | 
 7 | 
 8 | %% Saved with string encoding Unicode (UTF-8) 
 9 | 
10 | 
11 | 
12 | @book{concrete-math,
13 | 	author = {Ronald L. Graham and Donald E. Knuth and Oren Patashnik},
14 | 	date-added = {2021-10-13 12:00:16 +0100},
15 | 	date-modified = {2021-10-13 12:00:16 +0100},
16 | 	edition = {2nd},
17 | 	publisher = {Addison-Wesley},
18 | 	title = {Concrete Mathematics: A Foundation for Computer Science},
19 | 	year = {1994}}
20 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/document/root.tex:
--------------------------------------------------------------------------------
 1 | \documentclass[11pt,a4paper]{article}
 2 | \usepackage{isabelle,isabellesym,amsfonts,amsmath,amssymb,graphicx,url}
 3 | 
 4 | \date{}
 5 | % this should be the last package used
 6 | \usepackage{pdfsetup}
 7 | 
 8 | % urls in roman style, theory text in math-similar italics
 9 | 
10 | \urlstyle{rm}
11 | \isabellestyle{tt}
12 | 
13 | % for uniform font size
14 | %\renewcommand{\isastyle}{\isastyleminor}
15 | 
16 | \renewcommand\isafold[1]{{}}
17 | 
18 | 
19 | \begin{document}
20 | 
21 | \author{Prof.\ Lawrence C Paulson\\
22 |         Computer Laboratory, University of Cambridge}
23 | 
24 | % generated text of all theories
25 | \newpage
26 | \input{session}
27 | 
28 | \bibliographystyle{plain}\raggedright
29 | \bibliography{examples}
30 | 
31 | \end{document}
32 | 
33 | %%% Local Variables:
34 | %%% mode: latex
35 | %%% TeX-master: t
36 | %%% End:
37 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/Isabelle-Examples/output/document.pdf


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/examples.bib:
--------------------------------------------------------------------------------
 1 | %% This BibTeX bibliography file was created using BibDesk.
 2 | %% http://bibdesk.sourceforge.net/
 3 | 
 4 | 
 5 | %% Created for Larry Paulson at 2021-10-13 12:00:57 +0100 
 6 | 
 7 | 
 8 | %% Saved with string encoding Unicode (UTF-8) 
 9 | 
10 | 
11 | 
12 | @book{concrete-math,
13 | 	author = {Ronald L. Graham and Donald E. Knuth and Oren Patashnik},
14 | 	date-added = {2021-10-13 12:00:16 +0100},
15 | 	date-modified = {2021-10-13 12:00:16 +0100},
16 | 	edition = {2nd},
17 | 	publisher = {Addison-Wesley},
18 | 	title = {Concrete Mathematics: A Foundation for Computer Science},
19 | 	year = {1994}}
20 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/isabelletags.sty:
--------------------------------------------------------------------------------
 1 | %plain TeX version of comment package -- much faster!
 2 | \let\isafmtname\fmtname\def\fmtname{plain}
 3 | \usepackage{comment}
 4 | \let\fmtname\isafmtname
 5 | 
 6 | \newcommand{\isakeeptag}[1]%
 7 | {\includecomment{isadelim#1}\includecomment{isatag#1}\csarg\def{isafold#1}{}}
 8 | \newcommand{\isadroptag}[1]%
 9 | {\excludecomment{isadelim#1}\excludecomment{isatag#1}\csarg\def{isafold#1}{}}
10 | \newcommand{\isafoldtag}[1]%
11 | {\includecomment{isadelim#1}\excludecomment{isatag#1}\csarg\def{isafold#1}{\isafold{#1}}}
12 | 
13 | \isakeeptag{ML}
14 | \isakeeptag{document}
15 | \isakeeptag{important}
16 | \isadroptag{invisible}
17 | \isakeeptag{proof}
18 | \isakeeptag{theory}
19 | \isakeeptag{unimportant}
20 | \isakeeptag{visible}
21 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/pdfsetup.sty:
--------------------------------------------------------------------------------
 1 | %%
 2 | %% default hyperref setup (both for pdf and dvi output)
 3 | %%
 4 | 
 5 | \usepackage{color}
 6 | \definecolor{linkcolor}{rgb}{0,0,0.5}
 7 | \usepackage[colorlinks=true,linkcolor=linkcolor,citecolor=linkcolor,filecolor=linkcolor,urlcolor=linkcolor,pdfpagelabels]{hyperref}
 8 | \endinput
 9 | %:%file=~~/lib/texinputs/pdfsetup.sty%:%
10 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/root.tex:
--------------------------------------------------------------------------------
 1 | \documentclass[11pt,a4paper]{article}
 2 | \usepackage{isabelle,isabellesym,amsfonts,amsmath,amssymb,graphicx,url}
 3 | 
 4 | \date{}
 5 | % this should be the last package used
 6 | \usepackage{pdfsetup}
 7 | 
 8 | % urls in roman style, theory text in math-similar italics
 9 | 
10 | \urlstyle{rm}
11 | \isabellestyle{tt}
12 | 
13 | % for uniform font size
14 | %\renewcommand{\isastyle}{\isastyleminor}
15 | 
16 | \renewcommand\isafold[1]{{}}
17 | 
18 | 
19 | \begin{document}
20 | 
21 | \author{Prof.\ Lawrence C Paulson\\
22 |         Computer Laboratory, University of Cambridge}
23 | 
24 | % generated text of all theories
25 | \newpage
26 | \input{session}
27 | 
28 | \bibliographystyle{plain}\raggedright
29 | \bibliography{examples}
30 | 
31 | \end{document}
32 | 
33 | %%% Local Variables:
34 | %%% mode: latex
35 | %%% TeX-master: t
36 | %%% End:
37 | \endinput
38 | %:%file=~/Internet/MachineLogic/Isabelle-Examples/document/root.tex%:%
39 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/session.tex:
--------------------------------------------------------------------------------
 1 | \input{Fibonacci.tex}
 2 | \input{CauchySchwarz.tex}
 3 | \input{Calculus.tex}
 4 | \input{Baby.tex}
 5 | \input{AckermannM.tex}
 6 | \input{Sqrt2_Irrational.tex}
 7 | \input{Cbrt23_Irrational.tex}
 8 | \input{Binary_Euclidean_Algorithm.tex}
 9 | \input{Fun_Semantics.tex}
10 | \input{Binomial_Coeffs.tex}
11 | \input{Gowers_Bijection.tex}
12 | \input{Numeric.tex}
13 | \input{Ln_lower_bound.tex}
14 | \input{XsinX_lower_bounds.tex}
15 | \input{Probabilistic_Example_Erdos.tex}
16 | \input{Index_ex.tex}
17 | \input{Fib_Iter.tex}
18 | \input{Dirichlet_approx_thm.tex}
19 | 


--------------------------------------------------------------------------------
/Isabelle-Examples/output/document/session_graph.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/Isabelle-Examples/output/document/session_graph.pdf


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | This repository holds the source files of the [Machine Logic](https://lawrencecpaulson.github.io) blog.
2 | 


--------------------------------------------------------------------------------
/_config.yml:
--------------------------------------------------------------------------------
 1 | # Welcome to Jekyll!
 2 | #
 3 | # This config file is meant for settings that affect your whole blog, values
 4 | # which you are expected to set up once and rarely edit after that. If you find
 5 | # yourself editing this file very often, consider using Jekyll's data files
 6 | # feature for the data you need to update frequently.
 7 | #
 8 | # For technical reasons, this file is *NOT* reloaded automatically when you use
 9 | # 'bundle exec jekyll serve'. If you change this file, please restart the server process.
10 | #
11 | # If you need help with YAML syntax, here are some quick references for you:
12 | # https://learn-the-web.algonquindesign.ca/topics/markdown-yaml-cheat-sheet/#yaml
13 | # https://learnxinyminutes.com/docs/yaml/
14 | #
15 | # Site settings
16 | # These are used to personalize your new site. If you look in the HTML files,
17 | # you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
18 | # You can create any custom variable you would like, and they will be accessible
19 | # in the templates via {{ site.myvariable }}.
20 | 
21 | title: Machine Logic
22 | tagline: At the junction of computation, logic and mathematics
23 | email: lp15@cam.ac.uk
24 | description: >- # this means to ignore newlines until "baseurl:"
25 |         Machine Logic is Lawrence Paulson's blog on Isabelle/HOL and related topics.
26 | 
27 | baseurl:      ""
28 | paginate:     1
29 | locale:       "en"
30 | url: "https://lawrencecpaulson.github.io/"
31 | 
32 | 
33 | # About/contact
34 | github_username:  lawrencecpaulson
35 | author:
36 |   name: Lawrence C Paulson
37 |   url:  https://www.cl.cam.ac.uk/~lp15/
38 | 
39 | # Build settings
40 | theme: jekyll-theme-cayman
41 | markdown: kramdown
42 | plugins:
43 |   - jekyll-feed
44 | show_excerpts: true
45 | html:
46 |   comments:
47 |     provider: "utterances"
48 |     utterances:
49 |       repo: "lawrencecpaulson/lawrencecpaulson.github.io"
50 | repository: "lawrencecpaulson/lawrencecpaulson.github.io"
51 | google_analytics: G-9TCSTY02M9
52 |     
53 | # Exclude from processing.
54 | # The following items will not be processed, by default.
55 | # Any item listed under the `exclude:` key here will be automatically added to
56 | # the internal "default list".
57 | #
58 | # Excluded items can be processed by explicitly listing the directories or
59 | # their entries' file path in the `include:` list.
60 | #
61 | # exclude:
62 | #   - .sass-cache/
63 | #   - .jekyll-cache/
64 | #   - gemfiles/
65 | #   - Gemfile
66 | #   - Gemfile.lock
67 | #   - node_modules/
68 | #   - vendor/bundle/
69 | #   - vendor/cache/
70 | #   - vendor/gems/
71 | #   - vendor/ruby/
72 | 


--------------------------------------------------------------------------------
/_drafts/new post.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: post
3 | title:  TITLE
4 | usemathjax: true 
5 | tags: []
6 | ---
7 | 


--------------------------------------------------------------------------------
/_includes/analytics.html:
--------------------------------------------------------------------------------
 1 | <!-- Global site tag (gtag.js) - Google Analytics -->
 2 | <script async src="https://www.googletagmanager.com/gtag/js?id=G-9TCSTY02M9"></script>
 3 | <script>
 4 |   window.dataLayer = window.dataLayer || [];
 5 |   function gtag(){dataLayer.push(arguments);}
 6 |   gtag('js', new Date());
 7 | 
 8 |   gtag('config', 'G-9TCSTY02M9');
 9 | </script>
10 | 


--------------------------------------------------------------------------------
/_includes/archive.html:
--------------------------------------------------------------------------------
 1 | <h1>Archive</h1>
 2 | {%- capture temptags -%}
 3 |   {% for tag in site.tags %}
 4 |     {{ tag[1].size | plus: 1000 }}#{{ tag[0] }}#{{ tag[1].size }}
 5 |   {%- endfor -%}
 6 | {% endcapture %}
 7 | {%- assign sortedtemptags = temptags | replace: " ","_" | split:' ' | sort | uniq | reverse -%}
 8 | {% for temptag in sortedtemptags %}
 9 |   {% assign tagitems = temptag | split: '#' %}
10 |   {% capture tagname %}{{ tagitems[1] }}{% endcapture %}
11 |   {%- if tagname.size > 0 -%}
12 |     <a href="/tag/{{ tagname }}"><code class="highligher-rouge"><nobr>{{ tagname }}</nobr></code></a>
13 |   {%- endif -%}
14 | {% endfor %}
15 | 


--------------------------------------------------------------------------------
/_includes/collecttags.html:
--------------------------------------------------------------------------------
 1 | {{ tag | replace: " ","_" }}
 2 | {% assign rawtags = "" -%}
 3 | {% for post in site.posts -%}
 4 |   {% assign ttags = post.tags | join:'|' | append:'|' -%}
 5 |   {% assign rawtags = rawtags | append:ttags -%}
 6 | {% endfor -%}
 7 | {% assign rawtags = rawtags | split:'|' | sort -%}
 8 | 
 9 | {% assign site.tags = "" -%}
10 | {% for tag in rawtags -%}
11 |   {% if tag != "" -%}
12 |     {% if tags == "" -%}
13 |       {% assign tags = tag | split:'|' -%}
14 |     {% endif -%}
15 |     {% unless tags contains tag -%}
16 |       {% assign tags = tags | join:'|' | append:'|' | append:tag | split:'|' -%}
17 |     {% endunless -%}
18 |   {% endif -%}
19 | {% endfor -%}
20 | 


--------------------------------------------------------------------------------
/_includes/head.html:
--------------------------------------------------------------------------------
 1 | <head>
 2 |   <meta charset="UTF-8">
 3 |   <title>{{ page.title | default: site.title }}</title>
 4 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 5 |   <meta name="theme-color" content="#157878">
 6 |   <link rel="stylesheet" href="{{ site.baseurl }}/css/normalize.css">
 7 |   <link href='https://fonts.googleapis.com/css?family=Open+Sans:400,700' rel='stylesheet' type='text/css'>
 8 |   <link rel="stylesheet" href="{{ site.baseurl }}/css/cayman.css">
 9 |   <link rel="stylesheet" href="{{ site.baseurl }}/css/isabelle.css">
10 | <!-- for mathjax support -->
11 |     {% if page.usemathjax %}
12 | <script type="text/x-mathjax-config"> MathJax.Hub.Config({ TeX: { equationNumbers: { autoNumber: "all" } } }); </script>
13 |        <script type="text/x-mathjax-config">
14 |          MathJax.Hub.Config({
15 |            tex2jax: {
16 |              inlineMath: [ ['$','$'], ["\\(","\\)"] ],
17 |              processEscapes: true
18 |            }
19 |          });
20 |        </script>
21 |        <script src="https://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML" type="text/javascript"></script>
22 |       {% endif %}
23 | <!-- Google analytics but only at Github -->
24 | 	{% if site.google_analytics and jekyll.environment == 'production' %}
25 | 	{% include analytics.html %}
26 | 	{% endif %}
27 | <!-- Collect all tags into site.tags -->
28 | {%- if site.tags != "" -%}
29 |   {%- include collecttags.html -%}
30 | {%- endif -%}
31 | </head>
32 | 


--------------------------------------------------------------------------------
/_includes/page-footer.html:
--------------------------------------------------------------------------------
1 | <footer class="site-footer">
2 |   <span class="site-footer-owner"><a href="{{ site.url }}">{{ site.title }}</a> is maintained by <a href="{{ site.author.url }}">{{ site.author.name }}</a>.</span>
3 |     <p class="rss-subscribe">subscribe <a href="{{ "/feed.xml" | relative_url }}">via RSS</a></p>
4 | </footer>
5 | 


--------------------------------------------------------------------------------
/_includes/page-header.html:
--------------------------------------------------------------------------------
1 | <section class="page-header">
2 |   <a href={{ site.url }} style="color: white"><h1 class="project-name">{{ site.title }}</h1></a>
3 |   <h2 class="project-tagline">{{ site.tagline }}</h2>
4 | </section>
5 | 


--------------------------------------------------------------------------------
/_layouts/default.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="{{ site.locale }}">
 3 | 
 4 |   {% include head.html %}
 5 | 
 6 |   <body>
 7 |     {% include page-header.html %}
 8 | 
 9 |     <section class="main-content">
10 | 
11 |       {{ content }}
12 | 
13 |       {% include page-footer.html %}
14 | 
15 |     </section>
16 | 
17 |   </body>
18 | </html>
19 | 


--------------------------------------------------------------------------------
/_layouts/home.html:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: default
 3 | ---
 4 | 
 5 | <div class="home">
 6 |   {%- if page.title -%}
 7 |     <h1 class="page-heading">{{ page.title }}</h1>
 8 |   {%- endif -%}
 9 | 
10 |   {{ content }}
11 | 
12 |   {%- if site.posts.size > 0 -%}
13 |     <h2 class="post-list-heading">{{ page.list_title | default: "Posts" }}</h2>
14 |     <ul class="post-list">
15 |       {%- for post in site.posts -%}
16 |       <li>
17 |         {%- assign date_format = site.minima.date_format | default: "%b %-d, %Y" -%}
18 |         <span class="post-meta">{{ post.date | date: date_format }}</span>
19 |         <h3>
20 |           <a class="post-link" href="{{ post.url | relative_url }}">
21 |             {{ post.title | escape }}
22 |           </a>
23 |         </h3>
24 |         {%- if site.show_excerpts -%}
25 |           {{ post.excerpt }}
26 |         {%- endif -%}
27 |       </li>
28 |       {%- endfor -%}
29 |     </ul>
30 | 
31 |     <p class="rss-subscribe">subscribe <a href="{{ "/feed.xml" | relative_url }}">via RSS</a></p>
32 |   {%- endif -%}
33 | 
34 | </div>
35 | 


--------------------------------------------------------------------------------
/_layouts/page.html:
--------------------------------------------------------------------------------
1 | ---
2 | layout: default
3 | ---
4 | 
5 | {{ content }}


--------------------------------------------------------------------------------
/_layouts/post.html:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: default
 3 | ---
 4 | <h2>{{ page.title }}</h2>
 5 | <p class="meta">{{ page.date | date_to_string }}</p>
 6 | 
 7 | <span>[
 8 |   {% for tag in page.tags %}
 9 |     {% capture tag_name %}{{ tag }}{% endcapture %}
10 |     <a href="/tag/{{ tag_name | replace: " ","_" }}"><code class="highligher-rouge"><nobr>{{ tag_name }}</nobr></code>&nbsp;</a>
11 |   {% endfor %}
12 | ]</span>
13 | 
14 | {{ content }}
15 | 
16 | 
17 | <div id="comments">
18 | <script src="https://utteranc.es/client.js"
19 | 		repo="lawrencecpaulson/lawrencecpaulson.github.io"
20 | 		issue-term="url"
21 | 		theme="github-light"
22 | 		crossorigin="anonymous"
23 | 		async>
24 | </script>
25 | </div>
26 | 


--------------------------------------------------------------------------------
/_layouts/tagpage.html:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: default
 3 | ---
 4 | <div class="post">
 5 | <h1>Tag: {{ page.tag }}</h1>
 6 | <ul>
 7 | {% for post in site.tags[page.tag] %}
 8 |   <li><a href="{{ post.url }}">{{ post.title }}</a> ({{ post.date | date_to_string }})<br>
 9 |     {{ post.description }}
10 |   </li>
11 | {% endfor %}
12 | </ul>
13 | </div>
14 | <hr>
15 | 


--------------------------------------------------------------------------------
/_posts/2021-08-09-welcome.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "Welcome to Machine Logic!"
 4 | tags: general
 5 | ---
 6 | 
 7 | This blog will cover a variety of topics connected with automated theorem proving and its applications, such as computer system verification and formalised mathematics. It's aimed at readers who have some grasp of formal proofs already, perhaps from an undergraduate course on discrete mathematics or symbolic logic. There will be tutorial posts on such mysteries as LCF, intuitionism and inductive reasoning. Many posts will be overviews of work published elsewhere, so this blog will also function as a shop window into the vast literature on computational logic.
 8 | 
 9 | The focus here will naturally be the work of my research group at Cambridge,
10 | so much of the material will relate to the proof assistant [Isabelle/HOL](https://isabelle.in.tum.de/) and the millions of lines of formalised mathematics in the [Archive of Formal Proofs](https://www.isa-afp.org). 
11 | However, guest posts on appropriate topics are welcome, regardless of perspective.
12 | 


--------------------------------------------------------------------------------
/_posts/2021-10-27-formalisms.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "On logical formalisms"
 4 | usemathjax: true 
 5 | tags: [general, logic, Bertrand Russell, Ernst Zermelo, NG de Bruijn, Principia Mathematica]
 6 | ---
 7 | 
 8 | Looking at the [previous example]({% post_url 2021-10-13-Fib-example %}), on Fibonacci numbers, you may be wondering, *how we can be sure that a machine proof corresponds to actual mathematics?* This question raises complex issues in the foundations of mathematics and logic.
 9 | 
10 | Logic was already being debated by the ancient Greeks. It was concerned with all matters relating to language, observations and thought. Only in the 19th century did modern deductive logic start to emerge. But the meanings even of the logical signs — negation, conjunction, disjunction, implication, all and exists — turned out to contain hidden subtleties. Early in the 20th century, [Russell's paradox](https://plato.stanford.edu/entries/russell-paradox/) overturned prevailing ideas about the nature of sets. [It was unfortunate.](https://existentialcomics.com/comic/416)
11 | 
12 | Russell (with Whitehead) went on to formalise a substantial portion of mathematics in a [language](https://plato.stanford.edu/entries/pm-notation/) of their own devising, in their multi-volume [*Principia Mathematica*](https://www.cambridge.org/gb/academic/subjects/mathematics/logic-categories-and-sets/principia-mathematica-56-2nd-edition). Although they needed 362 pages to prove 1+1=2, their work heavily influenced later formalisms. [*Higher-order logic*](https://plato.stanford.edu/entries/logic-higher-order/) is a direct descendant, greatly simplified, of their ramified theory of types. First-order logic, thanks to its simpler metatheory, gradually [came to dominance](https://plato.stanford.edu/entries/logic-firstorder-emergence/); combined with [Zermelo's axioms](https://plato.stanford.edu/entries/zermelo-set-theory/), it proved to be an adequate foundation for set theory and therefore for mathematics in general.
13 | 
14 | But most working mathematicians never imagine their work to have anything to do with set theory. Encoding mathematical objects as sets is no concern of theirs. A few rebelled openly against the doctrines of set theory, notably [N. G. de Bruijn](https://mathshistory.st-andrews.ac.uk/Biographies/De_Bruijn/): 
15 | 
16 | > I believe that thinking in terms of *types* and *typed sets* is much more natural than appealing to untyped set theory. ... In our mathematical culture we have learned to keep things apart. If we have a rational number and a set of points in the Euclidean plane, we cannot even imagine what it means to form the intersection. The idea that both might have been coded in ZF with a coding so crazy that the intersection is *not empty* seems to be ridiculous. If we think of a set of objects, we usually think of collecting things of a certain type, and set-theoretical operations are to be carried out inside that type. Some types might be considered as subtypes of some other types, but in other cases two different types have nothing to do with each other. That does not mean that their intersection is empty, but that it would be insane to even *talk* about the intersection. 
17 | > [In ["On the roles of types in mathematics"](https://research.tue.nl/en/publications/on-the-roles-of-types-in-mathematics)], 1995.
18 | 
19 | Formalised mathematics is almost invariably done in the presence of types, but there are huge differences in the nature of those types and even in how logic itself behaves. 
20 | The relationship between any formalism and "actual mathematics" is inherently impossible to prove: the latter is not precisely defined. The introduction of computers and software can only muddy the waters further. Ultimately, confidence in an automated formalism can come only with use, as we observe what it lets us prove and what it forbids.
21 | 


--------------------------------------------------------------------------------
/_posts/2021-11-03-AUTOMATH.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "NG de Bruijn and AUTOMATH"
 4 | usemathjax: true 
 5 | tags: [logic, NG de Bruijn, AUTOMATH]
 6 | ---
 7 | 
 8 | NG de Bruijn visited Caltech in the spring of 1977 to deliver a course on his [AUTOMATH](https://www.win.tue.nl/automath/) mathematical language. I was lucky enough to attend and to have private discussions with him. 
 9 | 
10 | AUTOMATH embodies his personal philosophy of mathematics and in particular [his view]({% post_url 2021-10-27-formalisms%}) that mathematical objects are essentially typed. In the AUTOMATH languages (they evolved over time) you can introduce types and elements of types. 
11 | Each element has a unique type. You can also introduce new propositional symbols and instances of them.
12 | Introduced elements of a type are constants or parameters while those of a propositional symbol are axioms or assumptions.
13 | The parallel treatment of types and propositions makes AUTOMATH the first implemention of the idea of [*propositions as types*](https://dl.acm.org/doi/10.1145/2699407). Yet it is much simpler and (by design) weaker than subsequent type theories, with their $\Pi$ and $\Sigma$ type constructors and their internal programming languages. De Bruijn referred to AUTOMATH as a "λ-typed λ-calculus" because it only had one kind of binder, which operated at the level of objects, types and propositions.
14 | 
15 | ### AUTOMATH Syntax
16 | 
17 | The syntax of AUTOMATH looks unappealing now, but it seemed natural in the era of punched cards. The syntax is line based, with three kinds of lines: 
18 | 
19 | - *EB lines* (empty block openers), introducing a new typed variable––representing a parameter or assumption––to the current context
20 | - *PN lines*, asserting axiomatically the existence of some *primitive notion*: a constant or axiom
21 | - *Abbreviation lines*, which define an identifier as equal to some given expression. Such lines express constructions. They can express the proof of a theorem, coded as its type.
22 | 
23 | *Expressions* in AUTOMATH belong to one of three possible levels:
24 | 
25 | 1. `TYPE` and `PROP` (which at first were treated identically)
26 | 2. *types and propositions* (elements of 1-expressions)
27 | 3. *elements of types or propositions* (elements of 2-expressions)
28 | 
29 | Unlike modern λ-calculi, AUTOMATH does not have nested bound variable scopes enclosed in parentheses. You create a new scope by declaring a variable and its type in an EB line. 
30 | 
31 | ``` * 𝛼  := ––    type```
32 | 
33 | Because this is an EB line, 𝛼 can be abstracted over later to create a λ-type. Using PN instead here would introduce type 𝛼 effectively as a constant.
34 | 
35 | Any time later, an EB line can quote the *same* variable and then declare a new one, thereby extending the previously named scope. 
36 | Here, `x` will have type `𝛼`.
37 | 
38 | ```𝛼 * x  := ––    𝛼```
39 | 
40 | Because of this odd approach, several scopes can be available at the same time and it's not so easy to figure out which variables are currently in scope: you have to trace back the chain of variables. A PN or abbreviation line also quotes a variable, designating the corresponding scope. Here, `AX` is in the scope of both `𝛼` and `x`.
41 | 
42 | ``` x * AX := ––    finite(x)```
43 | 
44 | The ability to partly back out of a scope allows for some cryptic partial application tricks.
45 | 
46 | ### Example: A Definition of Equality
47 | 
48 | The following bit of code defines the equality relation, `IS(x,y)`.
49 | In AUTOMATH jargon, this is *book equality*, that is, axiomatically defined mathematical equality, as opposed to the built-in equality by reduction that is intrinsic to AUTOMATH itself. This distinction between book and definitional equality is common to most type theoretic formalisms.
50 | 
51 | ![AUTOMATH text](/images/AUTOMATH-book-equality.png)
52 | 
53 | A series of EB lines introduces the type α, then extends that scope with x and again with y, both of type α. Then a PN line introduces the predicate `IS`, which depends on all three. Note that EB lines can be used to specify the parameters of a primitive notion such as `IS`.
54 | 
55 | The next PN line drops y from the scope and introduces the axiom `REFL`, for reflexivity, of type `IS(x,x)`. The symmetry property will be a rule of inference mapping `IS(x,y)` to `IS(y,x)`. So now the scope ending with y is extended with i, of type `IS(x,y)`. The symmetry axiom is introduced as the primitive notion `SYM`, depending on all four variables and having type `IS(y,x)`.
56 | 
57 | A landmark work was LS van Benthem Jutting's [translation](https://pure.tue.nl/ws/files/1710991/23183.pdf) of Landau's textbook [Foundations of Analysis](https://homepages.math.uic.edu/~kauffman/Landau.pdf). He demonstrated that substantial mathematical material, including equivalence classes and Dedekind cuts, could be formalised in AUTOMATH––and with more elegance and less effort than could be imagined in the formalism of *Principia Mathematica*. 
58 | 
59 | Jutting's work also led to the idea of the [de Bruijn factor](https://www.cs.ru.nl/~freek/factor/): the ratio between the size of the formalisation and the size of the original text. That we speak of a factor embodies de Bruijn's observation that this ratio remained constant as the material being formalised grew more advanced.
60 | Sadly, little mathematical material is as carefully written and detailed as Landau's book.
61 | 
62 | It's truly astonishing what the AUTOMATH community was able to  accomplish using the tools of the 1970s. 
63 | 
64 | ### Additional remarks (added later)
65 | 
66 | - Geuvers and Nederpelt have recently written a much longer [overview](https://arxiv.org/abs/2203.01173) of AUTOMATH, set in the context of modern-day type theories.]
67 | 
68 | - Wiedijk [describes a new implementation](https://rdcu.be/djLvu
69 | ), also discussing the relationships among auto and modern proof assistants such as Coq and Agda.
70 | 


--------------------------------------------------------------------------------
/_posts/2021-11-10-Axiom_of_Choice.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "The axiom of choice and descriptions"
 4 | usemathjax: true
 5 | tags: [logic, set theory, Ernst Zermelo, axiom of choice, HOL system, David Hilbert]
 6 | ---
 7 | 
 8 | Few topics in mathematics are more contentious––or misunderstood––than the axiom of choice. We adopt it in the form of Hilbert's ε-operator.
 9 | 
10 | ### Introduction to AC
11 | 
12 | Let $\lbrace B_x\rbrace_{x\in A}$
13 | be a family of sets indexed by some set $A$ and consider the set of all functions $f$ such that $f(x)\in B_x$ for all $x\in A$. This set can be written $\prod_{x\in A}\,B_x$, the product of a family of sets. It is essentially the same concept as the product of a family of types, typically written $(\prod x:A)\,B(x)$ in type theory.
14 | 
15 | If some $B_x$ is empty then $f(x)\in B_x$ cannot hold and the product must be empty. Conversely, if $B_x$ is nonempty for all $x\in A$, then the product *should* be nonempty. This natural assumption is actually the [*axiom of choice*](https://plato.stanford.edu/entries/axiom-choice/) (AC). It presumes the existence of a function $f$ that chooses an element of $B_x$ for all $x\in A$ even if there is no explicit construction of $f$.
16 | We now know that AC is consistent with the other axioms of set theory (proved by Gödel) but cannot be proved from them either (proved by Cohen).
17 | 
18 | In the 19th century, mathematics was not done on an axiomatic basis and many eminent mathematicians assumed AC without realising it.
19 | Typically they assumed some "obvious" fact such as that a countable union of countable sets is countable, a claim that is actually equivalent to the axiom of choice.
20 | So when Zermelo promulgated the axiom of choice at the turn of the 20th century, he aroused strong opposition.
21 | 
22 | > It is a historic irony that many of the mathematicians who later opposed the Axiom of Choice had used it implicitly in their own researches. This occurred chiefly to those who were pursuing Cantorian set theory or applying it in real analysis. At the turn of the century such analysts included Rene Baire, Emile Borel, and Henri Lebesgue in France, as well as W. H. Young in Germany. ... At times these various mathematicians used [AC]
23 | >  in the guise of infinitely many arbitrary choices, and at times it appeared indirectly via the Countable Union Theorem and similar results. Certainly the indirect uses did not indicate any conscious adoption of non-constructive premises. Yet when infinitely many arbitrary choices occurred in the work of a mathematician such as Borel, they revealed a certain ambivalence toward the methods permissible in mathematics.[^1]
24 | 
25 | [^1]: Gregory H. Moore, *Zermelo's Axiom of Choice* (Springer, 1982), 64--65.
26 | 
27 | In the absence of AC, there exists a model of ZF in which *the set of all real numbers, though uncountable, is a countable union of countable sets*.
28 | In such a model, little survives of the work of Baire and Lebesgue.
29 | The axiom of choice is also necessary for the development of modern alegebra, analysis and particularly set theory. Numerous claims involving infinite cardinalities depend on AC.
30 | 
31 | ### Hilbert's Epsilon-operator
32 | 
33 | A particularly strong version of the axiom of choice asserts the existence of a global choice function, which we could write $\epsilon(A)$, satisfying $\epsilon(A)\in A$ for every nonempty set $A$. This leads us to [Hilbert's ε-operator](https://plato.stanford.edu/entries/epsilon-calculus/), which is syntactic and gives a formalisation of first-order logic without quantifiers.
34 | Let now $A$ denote a first-order formula involving the variable $x$
35 | and introduce the syntax $\epsilon x. A$ satisfying the axiom $A(x)\to A(\epsilon x. A)$. Intuitively, provided the property $A$ holds for some $x$, then $A$ also holds for $\epsilon x. A$. This operator is provided by Isabelle/HOL and most versions of the [HOL system](https://hol-theorem-prover.org).
36 | 
37 |  Hilbert had particular reasons for introducing this symbol, but for machine logic it has a much more fundamental purpose: it gives us a way to refer to something that is defined by a property rather than by name. Such an operator is called a *description* and is analogous to such natural language examples as "somebody older than 18". People who reject the axiom of choice can still use *unique descriptions*. These have the form of $\iota x. A$ and denote the *unique* value satisfying $A$ provided such a thing exists (e.g. "the oldest person in the room"). With either form of description, if the necessary condition is not satisfied, then its value is unspecified. What *that* means is a topic for another post.
38 | 
39 | Descriptions are sometimes necessary, but they can be awkward to reason about due to the duplication of the formula $A$. As Adrian Mathias has [pointed out](https://www.jstor.org/stable/20117295), overly enthusiastic use of Hilbert's ε can have remarkable consequences, such as a definition of the number 1 that explodes to 4,523,659,424,929 symbols.
40 | 


--------------------------------------------------------------------------------
/_posts/2021-12-29-Ramsey-1.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "Formalising Ramsey theory, I"
 4 | usemathjax: true 
 5 | tags: [Ramsey's theorem]
 6 | ---
 7 | 
 8 | To quote Herbert Ryser, Ramsey's theorem is "a profound generalisation" of the pigeon-hole principle, which "asserts that if a set of sufficiently many elements is partitioned into not too many subsets, then at least one of the subsets must contain many of the elements". 
 9 | Ramsey's theorem initiated a new branch of infinitary combinatorics and is also the key to today's software termination checkers. 
10 | 
11 | ### Ramsey's theorem in its finite and infinite forms
12 | 
13 | The theorem is often expressed in terms of graphs: if $p$ and $q$ are given positive integers then there exists some $k$ such that if the edges of any complete graph with at least $k$ vertices are coloured red and blue then it will contain either a blue clique on $p$ vertices or a red clique on $q$ vertices. 
14 | (The colours represent a *partitioning* of the set of edges into two disjoint parts.)
15 | However, this graph-theoretic version understates Ramsey's theorem almost as much as the pigeon-hole principle does.
16 | 
17 | To state Ramsey's theorem properly, we need the concept of an $n$-set, which is simply a set containing $n$ elements for some integer $n$.
18 | The pigeon-hole principle is Ramsey's theorem where $n=1$.
19 | The graph-theoretic version is where $n=2$.
20 | However, the theorem holds for all positive $n$. 
21 | This is sometimes called the *hypergraph* version, with the $n$-sets referred to as *hyperedges*.
22 | 
23 | The full (finite) version of Ramsey's theorem states that, for any positive integers $m_0$, $m_1$ and $n$, there is an integer $k$ such that for every set $X$ having at least $k$ elements, if we partition the $n$-subsets of $X$ into two parts, then there is a $m_i$-subset $Y_i\subseteq X$ for $i<2$ such that every $n$-subset of $Y$ is in the same part $i$ of the partition. The proof is by induction on $n$, and within that, by induction on $m_0+m_1$.
24 | When $n=0$ the theorem is trivial, as there exists only one 0-set.
25 | I was unable to find a good proof online, so the [Isabelle version](https://isabelle.in.tum.de/website-Isabelle2021-1/dist/library/HOL/HOL-Library/Ramsey.html) is based on an old textbook of mine: [*Combinatorial Mathematics*](https://doi.org/10.5948/UPO9781614440147) by Herbert Ryser (CUP, 2014).
26 | This classic text (dated 1963) is still in print.
27 | 
28 | The theorem is easily generalised to multiple colours.
29 | Identifying two of the colours (let's call the result grey) reduces their number.
30 | That observation allows an inductive argument with a further application of the two-colour version of the theorem in case the selected partition is the grey one.
31 | 
32 | ### Variants and extensions
33 | 
34 | Ramsey also proved an infinite version of the theorem stating that if $n$ is a positive integer and we partition the $n$-subsets of a given infinite set $X$ into multiple parts then there is an infinite subset $Y\subseteq X$ such that every $n$-subset of $Y$ is in the same part. 
35 | 
36 | Ramsey's theorem has been generalised in several directions. The most obvious of these is to go from finite integers to infinite cardinals and thus from finite subsets to subsets of specified infinite cardinalities. A separate direction is to consider *transfinite ordinals*. Here we have more complexity, as we are dealing with subsets of ordered sets (typically themselves ordinals) and the Ramsey property concerns the order types of those subsets. Yet another generalisation, due to Nash-Williams, relaxes the condition that the subsets of $X$ all have the same size.  Many of these results have been [formalised in Isabelle](https://doi.org/10.1080/10586458.2021.1980464) and will be covered in future posts.
37 | 
38 | ### Application to program termination
39 | 
40 | Ramsey's theorem has innumerable applications in combinatorial mathematics.
41 | A remarkable and unexpected application is to [prove program termination](https://doi.org/10.1145/1941487.1941509). The unsolvability of the halting problem is of little relevance to software, where programs are generally expected to terminate for trivial reasons. A well-designed program should not resemble an attempt to test an instance of the [Collatz Conjecture](https://xkcd.com/710/). In 2004, Podelski and Rybalchenko introduced *[Transition Invariants](https://swt.informatik.uni-freiburg.de/berit/papers/transition-invariants.pdf)*, a proof rule based on the transition relation of a given program.
42 | It provides a sufficient and useful condition for proving that a given program terminates, and its mathematical justification relies on 
43 | the infinite form of Ramsey's theorem.
44 | 
45 | In his short life, [Frank Ramsey](https://plato.stanford.edu/entries/ramsey/) made tremendous contributions to logic, mathematics and other fields. The New Yorker has also [published](https://www.newyorker.com/magazine/2020/05/04/the-man-who-thought-too-fast) an account of his life.
46 | 


--------------------------------------------------------------------------------
/_posts/2022-01-19-regular_pairs.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "Formalising extremal graph theory, I"
 4 | usemathjax: true 
 5 | tags: [Szemerédi’s regularity lemma, formalised mathematics]
 6 | ---
 7 | 
 8 | [Chelsea Edmonds](https://www.cst.cam.ac.uk/people/cle47), [Angeliki Koutsoukou-Argyraki](https://www.cst.cam.ac.uk/people/ak2110) and I recently formalised [Roth's theorem on arithmetic progressions](https://www.isa-afp.org/entries/Roth_Arithmetic_Progressions.html).
 9 | The project required first formalising [Szemerédi’s regularity lemma](https://www.isa-afp.org/entries/Szemeredi_Regularity.html), which "states that the vertices of every large enough graph can be partitioned into a bounded number of parts so that the edges between different parts behave almost randomly" ([Wikipedia](https://en.wikipedia.org/wiki/Szemerédi_regularity_lemma)).
10 | The mathematics is elementary enough. Our main difficulties were caused by ambiguities, not merely in the proofs but in the statements of the theorems and even the definitions.
11 | 
12 | ### The problem with $\epsilon$-regular pairs
13 | 
14 | A key definition in extremal graph theory is that of an
15 | *$\epsilon$-regular pair*:
16 | 
17 | > Let $G$ be a graph and $X$, $Y \subseteq V(G)$. We call $(X, Y)$ an 
18 | > $\epsilon$-regular pair (in $G$) if for all $A \subset X$, $B \subset Y$ with $|A| \geq \epsilon|X|$, $|B| \geq\epsilon|Y|$, one has
19 | > $|\mathrm{d}(A,B) − \mathrm{d}(X,Y) | \leq \epsilon$.
20 | 
21 | Here $\mathrm{d}(X,Y)$ is a measure of the density of the edges between the vertex sets $X$ and $Y$. The definition is from the lecture notes
22 | for Yufei Zhao's course "[Graph Theory and Additive Combinatorics](https://yufeizhao.com/gtac/)".
23 | (Fields Medallist Tim Gowers, a leading expert on Szemerédi's regularity lemma, uses the same definition; see §3 of [his notes](https://www.dpmms.cam.ac.uk/~par31/notes/tic.pdf).)
24 | At issue is the use of the strict subset, as in $A \subset X$.
25 | 
26 | It needs to be strict because we are dealing with partitions of the vertex set, and they will be created (in the *energy boost lemma*) from partitions of the form $\\{A,\, X\setminus A\\}$. By convention, the empty set does not belong to a partition, hence  $A \subset X$ is necessary. That's on page 51 of Zhao's notes. But a mere three pages later we reach the *triangle counting lemma* and at the start of the proof we "obtain a pair of subsets witnessing the irregularity of $(X,Y)$" and one of these so-called subsets is $Y$ itself. Not a strict subset. These issues are not subtle and trying to reconcile them seemed to take as much time as the proofs themselves. 
27 | 
28 | It didn't help that I was wholly unfamiliar with the subject matter.
29 | I blame my old professor, Caltech's Herbert Ryser. 
30 | He once hinted (ever so discreetly) that graph theory was, well, vulgar.
31 | 
32 | ### Solution attempts
33 | 
34 | I was pleased to be able to prove that an $\epsilon$-regular pair (as defined above) implies its conclusion for all $A \subseteq X$, $B \subseteq Y$ (non-strict subsets) subject to the clearly necessary but trivial condition that $X$ and $Y$ have at least two elements.
35 | That shouldn't be a problem because we are working with huge graphs, right? Wrong: the vertex set gets partitioned into a huge number (an exponential tower) of parts.
36 | There's no guarantee that each part contains at least two elements. Nor could we complete the triangle counting lemma by finding another proof for the degenerate cases.
37 | 
38 | The only way to complete the formalisation seemed to require using non-strict subsets in the definition of $\epsilon$-regular pairs. But then the energy boost lemma had to be changed to not always return a two-element partition, with corresponding changes throughout the construction and use of the overall partition in the main lemma (Lemma 3.11 in Zhao). Those changes were not hard; the difficulty lay in realising that they were necessary.
39 | 
40 | ### A matter of attitude
41 | 
42 | Situations like this illustrate a difference in mentality between mathematics and computer science. In mathematics, you have good intuitions about what you are dealing with, what must be done and what issues are safe to ignore. In computer science, it's not enough to adopt all the appropriate techniques; you have to get every detail right. If the solution is not exactly right, it's wrong. That rocket will explode. 
43 | 
44 | This difference in the attitude to detail is a real issue in formalisation: if you can't rely on the supplied definitions *exactly* as they appear, you will find yourself hacking your way through a jungle of possible alternatives.
45 | Will the push for formalisation force mathematicians to behave more like computer scientists?
46 | 
47 | Chelsea, Angeliki and I discussed these matters with mathematicians familiar with the material. One of their responses really sticks in my mind: that in combinatorics, people don't generally bother to distinguish between strict and non-struct subsets, so $A \subset X$ can mean either. Are you kidding me? 
48 | On another occasion, I bumped into [Andrew Thomason](https://www.maths.cam.ac.uk/person/agt2) in my Cambridge College. 
49 | (He lectures on this subject.) I greeted him with, "Exactly what is a regular pair?" 
50 | 
51 | He burst out laughing.
52 | 


--------------------------------------------------------------------------------
/_posts/2022-03-30-Quotienting.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "Equivalence classes and quotienting"
 4 | usemathjax: true 
 5 | tags: [type theory, set theory, quotients]
 6 | ---
 7 | 
 8 | A *quotient construction* partitions a set according to ∼, some equivalence relation. The *equivalence classes* — members of the partition — are maximal sets of ∼-equivalent elements. To use computer science jargon, the construction yields an *abstract type* (the equivalence classes) and the elements of those classes belong to an underlying *concrete type*.
 9 | For example, pairs of natural numbers can represent integers or nonnegative rationals, depending on the equivalence relation chosen.
10 | However, quotienting has nothing to do with types.
11 | 
12 | ### A small example
13 | 
14 | Let's define the set of integers from pairs of natural numbers by quotienting. 
15 | The required equivalence relation on such pairs is
16 | 
17 | $$
18 | \begin{align*}
19 |  (a,b) \sim (c,d) &\iff a+d = c+b. 
20 | \end{align*}
21 | $$
22 | 
23 | It's trivially reflective, symmetric and transitive. Writing $[(a,b)]$ for the equivalence class of $(a,b)$, which is the set of all $(c,d)$ such that $(a,b) \sim (c,d)$, we can easily define some integer operations:
24 | 
25 | $$
26 | \begin{align*}
27 | a &= [(a,0)] \qquad \text{mapping $\mathbb{N}$ to $\mathbb{Z}$} \\
28 | -[(a,b)] &= [(b,a)] \\
29 | [(a,b)] + [(c,d)] &= [(a+c,b+d)] 
30 | \end{align*}
31 | $$
32 | 
33 | As usual, operations on the equivalence classes are defined in terms of operations on the representatives: pairs of natural numbers. To be well-defined, those operations must *respect the equivalence relation*, delivering the same result regardless of which representative was chosen. Another example is a function to map nonnegative integers to natural numbers:
34 | 
35 | $$
36 | \begin{align*}
37 | [(a,b)] &\mapsto a-b
38 | \end{align*}
39 | $$
40 | 
41 | This makes sense because for nonnegative integers, $a\ge b$.
42 | And if $a+d = c+b$ we quickly obtain $c\ge d$ and $a-b=c-d$.
43 | 
44 | The obvious definitions of the concepts—equivalence relations, equivalence classes, respecting the equivalence relation, etc.—work without fuss. My (2006) [paper](https://dl.acm.org/doi/10.1145/1183278.1183280) (also
45 | [here](https://arxiv.org/abs/1907.07591)) spells out the absolutely straightforward details with an emphasis on definitions and lemmas formulated to allow the simplest machine proofs.
46 | 
47 | 
48 | ### No need for the axiom of choice (AC)
49 | 
50 | Many authors seem to dislike equivalence classes, instead using AC to choose an arbitrary representative. While I accept AC, to use it without cause might be seen as lazy. More to the point, reasoning about AC can be delicate, leading to needlessly complicated proofs. Operations on equivalence classes can be defined simply as the *union of all possible results* of the corresponding operation on representatives. If the operation respects the equivalence relation, then the union will be trivial, the union of a family of identical sets, and we get our result by $\bigcup\\{x\\} = x$.
51 | 
52 | You may well ask, what if the desired result isn't a set? This issue does not arise in Isabelle/ZF, where I first did this work and where everything is a set. For Isabelle/HOL a simple trick solves the problem: it's always possible to define your operation to return a *singleton set*, and finally extract the desired result by calling `the_elem`, which maps $\\{x\\} \mapsto x$.
53 | 
54 | By the way, referring to an operation like `the_elem` as the "axiom of unique choice" is as oxymoronic as referring to plastic as "vegan leather".
55 | I'd call it "[Hobson's axiom](https://en.wikipedia.org/wiki/Hobson%27s_choice)".
56 | 
57 | ### So what about types?
58 | 
59 | Having set out to prove that quotienting has nothing to do with types, I was dismayed to read my own paper on the topic:
60 | 
61 | > A quotient construction defines an abstract type from a concrete type, using an equivalence relation to identify elements of the concrete type that are to be regarded as indistinguishable. The elements of a quotient type are equivalence classes: sets of equivalent concrete values.
62 | 
63 | The idea that types are connected with quotienting is pervasive, especially 
64 | to those who remember that the key idea underlying [LCF-style proof assistants]({% post_url 2022-01-05-LCF %}) is an abstract data type.
65 | But this view narrows our horizons, and the actual mathematics reported in that paper operates at the level of sets.
66 | And by "sets" here it makes little difference whether we are in ZFC or using the typed sets of higher-order logic.
67 | 
68 | The techniques in my paper are fine for declaring something like the integers, but demand a lot of repetitious work in the case of a [recursive datatype with equational constraints](https://isabelle.in.tum.de/library/HOL/HOL-Induct/QuoDataType.html) and even more so when there's [nested datatype recursion](https://isabelle.in.tum.de/library/HOL/HOL-Induct/QuoNestedDataType.html):
69 | the number of trivial facts to be stated and proved is quadratic in the number of datatype constructors. 
70 | 
71 | More automation can be obtained through the [lifting and transfer](https://rdcu.be/cI622) package.
72 | It is powerful, general and modular, but somewhat mysterious and not so easy to learn. And yet I can see nearly 8600 calls to the `transfer` method in the Isabelle distribution and libraries.
73 | It is however, type-based, transferring properties and definitions between concrete and abstract types.
74 | To do a quotient construction on a set, my more direct methods should do the job.
75 | 
76 | 
77 | ### Quotients in dependent type theory
78 | 
79 | I'm not an expert on most of these systems, and what I know I tend to hear indirectly. One thing I hear is that quotienting in type theory often involves a *setoid*, a type paired with an explicit equality relation. (See [Barthe et al.](https://doi.org/10.1017/S0956796802004501), also [here](https://hal.archives-ouvertes.fr/hal-01124972).
80 | See also [*setoid hell*](https://www.google.com/search?client=safari&rls=10_15_7&q=setoid+hell&ie=UTF-8&oe=UTF-8).)
81 | Straightforward quotienting is apparently not possible in Coq, 
82 | but Cyril Cohen suggests some [pragmatic techniques](https://rdcu.be/cI1i6).
83 | 
84 | Quotients in Lean are handled differently, with [quotients built in](https://leanprover.github.io/theorem_proving_in_lean/axioms_and_computation.html#quotients) and supported by an additional axiom.
85 | Nuprl has supported both [subtypes and quotient types](https://doi.org/10.1016/j.jal.2005.10.005) (also available [here](https://www.cs.cornell.edu/courses/cs4860/2018sp/lecture-notes/ICTT.pdf)), for a long time.
86 | 
87 | I gather that type theory purists are outraged by the Lean and Nuprl approaches.
88 | It's puzzling that such sophisticated type theories struggle with something as trivial as equivalence classes.
89 | 


--------------------------------------------------------------------------------
/_posts/2022-05-11-jEdit-tricks.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "Getting started: basic Isabelle/jEdit tricks"
 4 | usemathjax: true 
 5 | tags: jEdit Isabelle newbies
 6 | ---
 7 | 
 8 | As mentioned last time, proof assistants can be daunting, and it's not just about how to prove theorems. It's about being aware of all the bells and whistles provided to help you prove theorems. The first modern proof assistant, [Edinburgh LCF](https://link.springer.com/book/10.1007/3-540-09724-4), provided nothing but a top-level to the ML programming language, designed specifically to the [Meta Language](https://www.research.ed.ac.uk/en/publications/a-metalanguage-for-interactive-proof-in-lcf) for proving theorems. It was a bare-bones environment, but at least it was Turing complete! Nowadays, things work differently. 
 9 | This post is mainly for beginners, but experienced users might learn something too.
10 | 
11 | ### Isabelle/jEdit fundamentals
12 |  
13 | Nothing says daunting like the Isabelle/jEdit
14 | [reference manual](https://www.cl.cam.ac.uk/research/hvg/Isabelle/dist/Isabelle/doc/jedit.pdf). Everything you want is there, I suppose. More useful to a beginner is the brief [tutorial](https://arxiv.org/abs/1208.1368) by Christian Sternagel.
15 | Let me summarise his main points even more briefly:
16 | 
17 | * Isabelle/jEdit looks like a text editor, but Isabelle is processing your text the entire time.
18 | * Each and every symbol you can see has been digested by the Isabelle process, 
19 | * By hovering/clicking you can interrogate symbols for their types and definitions.
20 | * The whole document is processed in parallel, so the last proof can be fully processed while some earlier parts are still running.
21 | 
22 | This last point can be puzzling if you watch the progress bar on the right and follow the processing of your theory: how does it reach the bottom when there are red blobs (inducating errors) and purple blobs (indicating a proof still running)? You need to watch out for this sort of thing:
23 | 
24 | <img src="/images/jEdit-tricks-looping-proof.png" alt="a proof of False?" width="500"/>
25 | 
26 | What's going on? The first lemma, `whoops`, is actually false but the supplied proof fails to terminate. Isabelle assumes that the proof will succeed eventually, so it continues on and proves `False`. This strange phenomenon can only happen in interactive mode: the corresponding batch job will run forever. Unfortunately, a student once submitted work containing this error; it was almost entirely incorrect and he had no idea.
27 | 
28 | More beginner's points:
29 | 
30 | * When typing text, jEdit will flag errors in your partially-entered text. Ignore and keep going.
31 | * Text containing syntactic or type errors is skipped over. Since it can't be interpreted, "live" highlighting is not avaiable.
32 | * Syntax errors can either be inside formulas ("inner syntax") or in Isar elements themselves ("outer syntax").
33 | 
34 | ### Watch those colours
35 | 
36 | Some colours will be obvious to you: purple, as above, for a running proof method, and red for syntax errors. Other uses of colour are subtler, but still important. Look carefully at the penultimate line below:
37 | 
38 | <img src="/images/jEdit-tricks-hanging.png" alt="have with hanging variables" width="500"/>
39 | 
40 | The variables `m` and `n` are shaded. That's because they aren't fixed in the lemma statement (either explicitly by <span class="keyword2 keyword">fixes</span> or implicitly by being mentioned). Neither are they declared locally in the <span class="keyword2 keyword">have</span> line (using <span class="keyword2 keyword">for</span>). So although the little fact has been proved, it just refers to some particular  `m` and `n` that we know nothing about. It's good for nothing.
41 | 
42 | Surely we wanted to prove this fact for *all* `m` and `n`. One way is to make them bound variables. They are rendered in *green*, while free variables are *blue*.
43 | 
44 | <img src="/images/jEdit-tricks-bound.png" alt="fact with bound variables" width="550"/>
45 | 
46 | Another way to make `m` and `n` universal is via <span class="keyword2 keyword">for</span>. Then they are regarded internally as *Skolem variables* and rendered in orange:
47 | 
48 | <img src="/images/jEdit-tricks-skolem.png" alt="fact with bound variables" width="550"/>
49 | 
50 | If you find yourself working with two versions of a variable, say a free `x` and a Skolem `x`, you are in trouble. This can happen in induction proofs that bring the assumptions of the desired theorem into the induction hypotheses.
51 | 
52 | One last point about colours.
53 | We prefer structured proofs, such as you can see in [previous posts]({% post_url 2021-10-20-Fib-example-contd %}).
54 | If you use "improper commands" such as <span class="keyword1 command improper command">apply</span>, they'll be highlighted in red.
55 | There are a couple of instances in the proofs for 
56 | [Wetzel's problem]({% post_url 2022-04-27-Wetzel %}).
57 | It's basically guilt-tripping.
58 | 
59 | ### Deep inspecting of your text
60 | 
61 | You can inspect variables, constants and other elements by holding down CTRL (CMD for Mac users) and then moving the mouse to hover over them. You'll be offered popups, such as this:
62 | 
63 | <img src="/images/jEdit-tricks-popup.png" alt="example of popup" width="550"/>
64 | 
65 | You can hover over any symbol and get a description; you can even hover over symbols in the popups themselves, getting another popup!
66 | 
67 | Finally, having hovered over a symbol, you can click to be taken to its definition.
68 | Here is the definition of the operator `dvd`:
69 | 
70 | <img src="/images/jEdit-tricks-click.png" alt="click to definition" width="550"/>
71 | 
72 | If you hover-click over a theorem name, you get taken to its proof. The text is coloured pink to indicate that it's *frozen*: this definition was compiled into the Isabelle/HOL image and therefore cannot be modified.
73 | 
74 | Sometimes a theory file opens with errors. To jump to them quickly, try these shortcuts:
75 | * skip to next error: SHIFT-C-N
76 | * skip to prev error: SHIFT-C-P
77 | 
78 | Sadly, you can't skip to proof steps that are taking forever. That doesn't count as an error.
79 | 
80 | ### Advanced editing features
81 | 
82 | You can rename a bound or Skolem variable instantly. Simply select it, then press SHIFT-C-RETURN. All visible occurrences of the variable are selected. Then type the new name.
83 | 
84 | Check out the **Edit** menu for tonnes of cool things, e.g.
85 | * *select code block*: type C-8 to select the smallest bracketed expression enclosing a symbol
86 | * *indent lines*: performs "proper" Isabelle indentation on the selected block of text
87 | 
88 | Finally, try some of jEdit's general text editing features. Search/replace handles regular expressions, and *HyperSearch* allows you to search entire files or directories.
89 | *Abbreviations* make it easy to type long, formulaic commands by defining your own brief key sequences.
90 | 
91 | Have fun! Go slowly at first, watching for everything that's going on.
92 | 


--------------------------------------------------------------------------------
/_posts/2022-08-03-Small-Challenges-I.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "A few small formalisation challenges"
 4 | usemathjax: true 
 5 | tags: [general, examples, NG de Bruijn, John Littlewood]
 6 | ---
 7 | 
 8 | Novices getting to grips with interactive theorem proving need examples to formalise.
 9 | When Russell O'Connor was getting to grips with Coq, he thought that a nice little exercise would be to [formalise Gödel's incompleteness theorem](https://rdcu.be/cRs1q).
10 | I hope he will not be offended if I remark that that was a crazy idea, even though he was successful. Below, I list a few proofs that I would like to see formalised. I am not sure how easy they are, but all of them are easier than Gödel's Theorem!
11 | 
12 | ### Filling boxes with bricks
13 | 
14 | NG de Bruijn [published a note](https://doi.org/10.2307/2316785) that began by pointing out that the dimensions of a brick are typically 1×2×4 and that, although such bricks can be fitted together in numerous ways, it is impossible to fill a volume by such bricks unless it can be done trivially, with all the bricks neatly lined up in rows.
15 | He generalises this fact to an arbitrary number of dimensions and he defines necessary and sufficient conditions on the dimensions of bricks
16 | for this condition to hold (it does not hold for 1×2×3 bricks). His paper concludes 
17 | 
18 | > The questions of the bricks 1×2×4 arose from a remark by the proposer's
19 | > son F. W. de Bruijn who discovered, at the age of 7, that he was unable to fill
20 | > his 6×6×6 box by bricks 1×2×4.
21 | 
22 | Shockingly, de Bruijn never received a [Fields Medal](https://www.mathunion.org/imu-awards/fields-medal) for this work. I've had the paper sitting on my computer for 20 years now and never got around to formalising it.
23 | 
24 | ### Defining reals without the use of rationals
25 | 
26 | This is [another paper](https://doi.org/10.1016/1385-7258(76)90055-X) by de Bruijn (I'm clearly a fan of his) and the title is self-explanatory.
27 | Can we construct the real numbers in fewer stages than is usual, and in particular, avoiding any quotient constructions?
28 | (His approach may appeal particularly to users of type theory systems.) 
29 | Unfortunately, defining multiplication looks difficult and he doesn't cover it.
30 | Instead he recommends another paper, [The real numbers as a wreath product](https://doi.org/10.1016/0001-8708(75)90115-2) by Faltin et al.,
31 | which requires the dreaded equivalence classes and might be just the thing for Isabelle/HOL.
32 | I know that we have two formalisations of the reals already, but who's counting?
33 | 
34 | ### A simple proof that π is irrational
35 | 
36 | We know that π is irrational (indeed, transcendental) by the Hermite–Lindemann–Weierstraß transcendence theorem, which has been [formalised in Isabelle](https://www.isa-afp.org/entries/Hermite_Lindemann.html) by [Manuel Eberl](http://cl-informatik.uibk.ac.at/users/meberl/).
37 | But do you really want to rely on some overblown 19th-century result when a [cute one page proof](https://projecteuclid.org/journals/bulletin-of-the-american-mathematical-society/volume-53/issue-6/A-simple-proof-that-pi-is-irrational/bams/1183510788.full) is available?
38 | The proof involves assuming the contrary, defining some polynomials, taking an integral and eventually obtaining an integer between 0 and 1.
39 | This sounds like the same technique used to prove that exponentials were irrational in my [earlier post.]({% post_url 2022-02-16-Irrationals %})
40 | 
41 | *Note added 2024-09-13*: this challenge has [now been fulfilled](https://www.isa-afp.org/entries/Pi_Irrational.html),
42 | by Manuel himself!
43 | 
44 | ### Impossibility of cubing the cube
45 | 
46 | Littlewood, in his *Mathematician's Miscellany*, posed the question
47 | 
48 | > Dissection of squares and cubes into squares and cubes, finite in number and all unequal.
49 | 
50 | "Squaring the square" turns out to be difficult.
51 | The following is the simplest example.
52 | 
53 | <img src="/images/squared_square.png" alt="The smallest squared square" width="800"/>
54 | 
55 | The analogous cube dissection is impossible. Here is Littlewood:
56 | 
57 | > In a square dissection the smallest square is not at an edge (for obvious reasons). Suppose now a cube dissection does exist. The cubes standing on the bottom face induce a square dissection of that face, and the smallest of the cubes at the face stands on an internal square. The top face of this cube is enclosed by walls; cubes must stand on this top face; take the smallest—the process continues indefinitely.”
58 | 
59 | This is not much of a proof.
60 | Floris van Doorn [managed to formalise it](https://florisvandoorn.com/talks/LMF21lean.pdf) within 24 hours, in Lean.
61 | An Isabelle version is still lacking.
62 | 
63 | This problem is of interest because it belongs to the famous [list of 100 "top" theorems](https://www.cs.ru.nl/~freek/100/), maintained by Freek Wiedijk.
64 | As of today, 98 of them have been proved in at least one system.
65 | Isabelle and HOL Light are tied at the top, with 86 problems each.
66 | 
67 | ### Mathematics textbooks
68 | 
69 | I'm sorry to have to mention that the proofs found in mathematics textbooks are frequently little more than a succession of hints and not suitable for formalisation, especially by a novice.
70 | However, the wonderful
71 | [*Proofs from THE BOOK*](https://en.wikipedia.org/wiki/Proofs_from_THE_BOOK)
72 | is full of nice examples, not too complicated, and with reasonably detailed proofs.
73 | You don't have to understand homological algebra or K-theory.
74 | There are still gaps however, so you will have work to do!
75 | 
76 | 


--------------------------------------------------------------------------------
/_posts/2022-08-17-Gordon-BDDs-HOL.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title:  "BDDs in HOL: the coolest thing Mike Gordon ever did"
 4 | usemathjax: true 
 5 | tags: [HOL system, PVS, BDDs, MJC Gordon, verification]
 6 | ---
 7 | 
 8 | On 22 August, it will be five years since the death of [Mike Gordon](https://www.cl.cam.ac.uk/archive/mjcg/), who • basically invented hardware verification
 9 | • contributed to the first version of the [ML programming language](https://doi.org/10.1145/512760.512773)
10 | • made major contributions to proof assistant architecture, and 
11 | • showed that higher-order logic was a powerful formalism for verification.
12 | My [biography](http://doi.org/10.1098/rsbm.2018.0019) (also available [here](https://arxiv.org/abs/1806.04002)) describes his main achievements.
13 | But it is almost silent about the coolest thing he ever did: integrating binary decision diagrams (BDDs) with the HOL system.
14 | 
15 | ### Binary decision diagrams (and model checking)
16 | 
17 | [*Binary decision diagrams*](https://en.wikipedia.org/wiki/Binary_decision_diagram) are a data structure that can represent Boolean formulas compactly and operate on them efficiently.
18 | Each diagram is a decision tree—a [dag](https://en.wikipedia.org/wiki/Directed_acyclic_graph), to be precise, because of identical subtrees are always shared—embodying
19 | all possible sequences of decisions on the Boolean variables, 
20 | subject to some fixed ordering, ρ.
21 | For a given ρ, the BDD corresponding to a formula is the same for all logically equivalent formulas, regardless of their syntactic form.
22 | A BDD can more properly be regarded as representing a boolean *function* as opposed to a formula.
23 | Converting a formula to a BDD yields a *canonical form* for this function.
24 | 
25 | Invented in 1986, BDDs were originally used to verify hardware designs, proving agreement between specification and implementation for combinational hardware devices such as adders.
26 | Crucially, in the event of non-agreement, they exhibited counterexamples.
27 | All was fully automatic, and with luck or skill, highly efficient.
28 | Randall Bryant's [original paper](https://doi.org/10.1109/TC.1986.1676819) described experiments involving numerous devices.
29 | He included a proof that binary multiplication could not be treated efficiently.
30 | 
31 | [Model checking](https://doi.org/10.1145/5397.5399) is a verification technique based on state enumeration, supporting a temporal logic and ideally suited for checking properties of concurrent systems.
32 | Initially, verifying a system required first reducing it (by possibly extreme simplifying assumptions) to a few hundred states.
33 | But in 1990, a breakthrough paper appeared: "[Symbolic model checking: $10^{20}$ states and beyond](https://doi.org/10.1109/LICS.1990.113767)".
34 | Thanks to BDDs, model checkers could be turbocharged.
35 | 
36 | By the mid-1990s, these two powerful, fully automatic technologies were making interactive theorem provers look distinctly feeble.
37 | What to do?
38 | 
39 | ### BDDs in HOL
40 | 
41 | One answer came from the [Prototype Verification System](https://pvs.csl.sri.com/) (PVS) community.
42 | They undertook verification projects that attempted combine interactive proof with model checking.
43 | PVS had included "a BDD-based tautology checker" from the very beginning.
44 | Unfortunately, tautology checking isn't particularly useful in interactive theorem proving, and BDDs are capable of much more.
45 | 
46 | In his (2000) paper "[Reachability Programming in HOL98 Using BDDs](https://rdcu.be/cROox)",
47 | Mike Gordon describes two experiments aimed at achieving a true integration between BDDs and interactive theorem proving.
48 | With both, his aim was to enable "intimate combinations of deduction and algorithmic verification, like model checking."
49 | His first approach involved implementing functions to convert between HOL terms and BDDs, but he found it to be lacking. So what was his second approach? Let's look at Mike's own words:
50 | 
51 | > In the LCF approach, theorems are represented by an abstract type whose primitive operations are the axioms and inference rules of a logic. Theorem proving tools are implemented by composing together the inference rules using ML programs.
52 | > 
53 | > This idea can be generalised to computing valid judgements that represent other kinds of information. In particular, consider judgements $(\rho,t,b)$, where $\rho$ represents a variable order, $t$ is a boolean term all of whose free variables are boolean and $b$ is a BDD. Such a judgement is valid if $b$ is the BDD representing $t$ with respect to $\rho$, and we will write $\rho\, t \mapsto b$ when this is the case. (p. 188)
54 | 
55 | The HOL community has always been deeply resistant to putting things into the kernel—unlike, I must add, certain other communities—so this decision was a big deal. But the rewards made it worthwhile.
56 | Gordon was able to introduce primitives to construct Boolean formulas by the standard logical connectives while applying the corresponding BDD operations.
57 | In addition to $\land$, $\lor$, etc., even *quantifiers* were permitted, though only over Boolean variables (there being no others);
58 | thus, the system can represent so-called [quantified Boolean formulas](https://en.wikipedia.org/wiki/True_quantified_Boolean_formula) (QBFs).
59 | 
60 | Mike went on to show how the set of reachable states of a finite state machine could be computed efficiently as a BDD, using a fixedpoint construction.
61 | He remarked that all 32 steps of the calculation of the BDDs of the sets of reachable states of peg solitaire could be completed in a few hours on his 500MHz Linux box. And that reminds me: all those years ago he asked me to draw a peg solitaire figure for him:
62 | 
63 | <p style="text-align: center;"><img src="/images/peg-solitaire.png" alt="peg solitaire" width="300"/></p>
64 | 
65 | He presumably intended to use this (and another I drew) in his [later paper, on Puzzletool](https://rdcu.be/cRQVN), in which he describes "programming computation and deduction".
66 | But for some reason, he opted for ASCII art figures instead!
67 | 
68 | Mike's student Hasan Amjad went on to [build a model checker](https://doi.org/10.48456/tr-601) for the modal $\mu$-calculus within the HOL system, with acceptable performance through the use of BDDs.
69 | This provided true integration of model checking with theorem proving, a goal that had been sought by many.
70 | 
71 | If you'd like to look deeper into all this, please consult the
72 | [journal version](https://doi.org/10.1112/S1461157000000693)
73 | of Mike's paper, which omits the first experiment and adds further detail about the second one.
74 | And I need to mention that "the coolest thing that Mike ever did" has [tough competition](https://www.cl.cam.ac.uk/events/cl75/posters/f/acjf3-screen.pdf).
75 | 
76 | #### *Postscript*
77 | 
78 | As remarked in the comments below, Mike's implementation of BDD judgements in HOL did not involve extending the proof kernel, but rather, creating a *second kernel* specifically about BDDs. The HOL proof kernel already includes provision for *oracles* (arbitrary code that can generate theorems, labelled as such). Mike provided an oracle to allow some results from the BDD world to be transferred into the world of ordinary theorems.
79 | 


--------------------------------------------------------------------------------
/_posts/2023-08-31-ALEXANDRIA_finished.md:
--------------------------------------------------------------------------------
  1 | ---
  2 | layout: post
  3 | title:  "The End (?) of the ALEXANDRIA project"
  4 | usemathjax: true 
  5 | tags: [general, ALEXANDRIA, Isabelle, Archive of Formal Proofs]
  6 | ---
  7 | 
  8 | Today marks the final day of the [ALEXANDRIA](https://www.cl.cam.ac.uk/~lp15/Grants/Alexandria/) project.
  9 | I outlined a brief history of the project
 10 | [not long ago]({% post_url 2023-04-27-ALEXANDRIA_outcomes %}).
 11 | It is nevertheless right to take a moment to thank
 12 | the European Research Council
 13 | [for funding it](https://cordis.europa.eu/project/id/742178)
 14 | and to state, yet again, what the outcomes were.
 15 | Six years on, what have we learned?
 16 | 
 17 | ### How it started
 18 | 
 19 | A milestone for the start of the project is the [*Big Proof* programme](https://www.newton.ac.uk/event/bpr/),
 20 | organised by the Newton Institute in Cambridge. Its theme mentioned two then recent
 21 | and widely-admired achievements:
 22 | 
 23 | > Interactive proof assistants have been used to check complicated mathematical proofs such as those for the Kepler’s conjecture and the Feit-Thompson odd order theorem.
 24 | 
 25 | It then refers to
 26 | 
 27 | > the challenges of bringing proof technology into mainstream mathematical practice
 28 | 
 29 | and it lists specifically
 30 | 
 31 | 1. Novel pragmatic foundations for representing mathematical knowledge and vernacular inspired by set theory, category theory, and type theory.
 32 | 2.	Large-scale formal mathematical libraries that capture background knowledge spanning a range of domains
 33 | 
 34 | A proposal for a programme 
 35 | devoted entirely to [homotopy type theory](https://homotopytypetheory.org) (HoTT)
 36 | had been rejected, but people from that community were invited to *Big Proof*.
 37 | Dependent type theory, whether HoTT or the already established type theory of Coq,
 38 | was widely assumed to be the future of the formalisation of mathematics.
 39 | I felt very lucky to get funding for a project involving simple type theory
 40 | and  [Isabelle/HOL](https://isabelle.in.tum.de).
 41 | 
 42 | During the programme, prior formalisation efforts were criticised as lacking sophistication.
 43 | As Kevin Buzzard pointedly noted,
 44 | researchers had formalised long proofs about simple objects, but no one had formalised
 45 | *even the definitions* of more complicated objects used every day, 
 46 | such as Grothendieck schemes.
 47 | Much existing work formalised 19th-century mathematics.
 48 | 
 49 | These complaints would have to be tackled.
 50 | 
 51 | 
 52 | ### How it went
 53 | 
 54 | I  chronicled the project in my [previous post]({% post_url 2023-04-27-ALEXANDRIA_outcomes %}).
 55 | Briefly: we formalised heaps of mathematics. 
 56 | We also did groundbreaking work on applications of information retrieval and machine learning
 57 | to formalisation.
 58 | A longer and more formal account can be found [on arXiv](https://arxiv.org/abs/2305.14407).
 59 | 
 60 | ### How it ended (formalisation of mathematics)
 61 | 
 62 | The sheer amount of new formalised material is impressive (and the quality is also high):
 63 | 
 64 | - formalisations of advanced mathematics, including the first ever on topics such as additive combinatorics, combinatorial block designs and ordinal partition theory
 65 | - showing that dependent types aren't necessary to have sophisticated objects like Grothendieck schemes or ω-categories
 66 | - tens of thousands of lines of more basic but necessary library material, e.g. on metric and topological spaces (imported from HOL Light)
 67 | - we formalised advanced work from some of the leading mathematicians of the age: Erdős, Gowers, Roth, Szemerédi
 68 | 
 69 | We developed some highly fruitful techniques:
 70 | 
 71 | - [locales](https://rdcu.be/dkoEr) work exceptionally well for [structuring complicated hierarchies of definitions](https://www.tandfonline.com/doi/full/10.1080/10586458.2022.2062073)
 72 | - "dependent" constructions can typically be formalised as families of (typed) sets
 73 | 
 74 | We arrived at some surprising conclusions:
 75 | 
 76 | - Formalising even advanced mathematics is largely a matter of perseverance.
 77 | - Combining material from different branches of mathematics, say probability theory and graph theory or complex analysis and set theory, works fine.
 78 | - Dependent types aren't necessary and probably aren't even advantageous. We aren't the ones fighting our formalism.
 79 | 
 80 | To be fair, [astonishing progress](https://xenaproject.wordpress.com/2020/12/05/liquid-tensor-experiment/) has also been made by the [Lean](https://leanprover.github.io) community.
 81 | They have been extremely active over the same period 
 82 | and formalised [mountains of material](https://leanprover-community.github.io).
 83 | 
 84 | **We can safely conclude that proof assistants already offer value to mathematicians.**
 85 | Although full formalisation is still not really affordable,
 86 | neither is it necessary.
 87 | You can forego proving the results that you feel confident about,
 88 | focusing your formalisation efforts on the problematical parts.
 89 | 
 90 | 
 91 | ### How it ended (AI techniques)
 92 | 
 93 | The proposal included a lot of speculative ideas about search
 94 | and auto completion, in particular by somehow mining
 95 | the existing libraries for "proof idioms".
 96 | Writing the proposal in 2016, I had no idea how such things could be done.
 97 | I was lucky to attract people who were prepared to apply their specialised knowledge.
 98 | That's how we got
 99 | 
100 | - the [SErAPIS search engine](https://behemoth.cl.cam.ac.uk/search/), a one-of-a-kind tool to search the libraries even on the basis of abstract mathematical concepts
101 | - a tremendous amount of infrastructure to analyse the Isabelle libraries and extract information
102 | - a string of advanced papers on proof synthesis, auto-formalisation, an Isabelle parallel corpus and more
103 | 
104 | These projects are still at the research stage, but show great promise!
105 | 
106 | ### Spreading the word
107 | 
108 | For more detail and links relating to everything described above,
109 | you can visit the [ALEXANDRIA](https://www.cl.cam.ac.uk/~lp15/Grants/Alexandria/)  webpage
110 | or read the [project summary](https://arxiv.org/abs/2305.14407).
111 | 
112 | The team has worked hard to share the knowledge we discovered. We have written
113 | 
114 | - 13 journal articles, including half (3 out of 6) of a special issue of *Experimental Mathematics*
115 | - 15 articles in conference proceedings
116 | - 2 refereed chapters in a [*Synthese Library* volume](https://link.springer.com/book/10.1007/978-3-030-15655-8)
117 | - 33 formal proof developments accepted to Isabelle’s [*Archive of Formal Proofs*](https://www.isa-afp.org)
118 | 
119 | More are forthcoming. 
120 | In addition, we've worked on formalisation projects with about two dozen interns and students,
121 | many of whom have gone on to do PhD research. We've given dozens of talks at variety of venues. We are open to collaboration to take our work forward.
122 | 
123 | 


--------------------------------------------------------------------------------
/_posts/2024-02-14-Contradiction.md:
--------------------------------------------------------------------------------
  1 | ---
  2 | layout: post
  3 | title:  Contradictions and the Principle of Explosion
  4 | usemathjax: true 
  5 | tags: [logic, Bertrand Russell, philosophy]
  6 | ---
  7 | 
  8 | That logic should be [free from contradiction](https://plato.stanford.edu/entries/contradiction/#) is probably its most fundamental principle, 
  9 | dating back to Aristotle. 
As described [last time]({% post_url 2024-01-31-Russells_Paradox %}), 
 10 | the emergence of a contradiction in set theory – in the form of Russell's paradox – was catastrophic. Few question the claim that no statement can be both true and false 
 11 | at the same time.
 12 | But the law of contradiction is widely associated with something else, 
 13 | the [*principle of explosion*](https://plato.stanford.edu/entries/logic-paraconsistent/#BrieHistExContQuod):
 14 | *ex contradictione quodlibet*, a contradiction implies everything. 
 15 | This principle has been disputed. One can formulate predicate logic without it: 
 16 | *minimal logic*.  
 17 | And allegedly a student challenged Bertrand Russell
 18 | by saying "suppose 1=0; prove that you are the Pope". 
 19 | Russell is said to have replied that if 1=0 then 2=1 and therefore 
 20 | the 2-element set consisting of himself and the Pope actually contains only one element. 
 21 | It's an amusing tale, but is the argument rigorous? 
 22 | 
 23 | ### Origins
 24 | 
 25 | A 12th century Parisian logician named 
 26 | [William of Soissons](https://en.wikipedia.org/wiki/William_of_Soissons)
 27 | is said to have been the first to derive the principle of explosion. 
 28 | There is a simple logical proof of an arbitrary conclusion $Q$
 29 | from the two assumptions $P$ and $\neg P$.
 30 | For if we know $P$ then surely $P\lor Q$ follows by the meaning of logical OR.
 31 | So either $P$ or $Q$ holds, but the former is impossible by $\neg P$.
 32 | Hence, we have derived $Q$.
 33 | 
 34 | Unfortunately, this argument cannot be carried out in a typical natural deduction calculus.
 35 | The proof turns out to rely on the principle of explosion itself, 
 36 | which is built into most formalisms: the reasoning would be circular.
 37 | I think the informal version of the proof is pretty convincing, 
 38 | but we can look for other evidence. 
 39 | (And yes, **evidence** is what we should be looking for when trying to justify a principle 
 40 | too fundamental to be proved.)
 41 | In many specific contexts, a contradicting fact leads to an explosion by calculation. 
 42 | 
 43 | ### The explosion in arithmetic 
 44 | 
 45 | As we saw in the argument attributed to Russell, 1=0 in an arithmetic setting 
 46 | allows other identities to be derived by adding or multiplying the two sides by a constant.
 47 | It's trivial to obtain $m=n$ for all pairs of numbers. 
 48 | Conversely, the assumption $m=n$ can be transformed by subtraction and division into 1=0.
 49 | On the other hand, it is possible postulate something like 5=0 
 50 | if the other axioms are weak enough, and then you have simply supplied the axioms for 
 51 | a version of modular arithmetic. 
 52 | 
 53 | ### The explosion in the λ-calculus 
 54 | 
 55 | The λ-calculus is an extremely simple formalism in which a great many 
 56 | computational notions can be encoded.
 57 | Familiar data types such as the Booleans, natural numbers, integers, lists and trees 
 58 | can be represented, as well as algorithms operating on them.
 59 | We can even have infinite lists and trees operated on by "lazy" algorithms. 
 60 | The standard representations of true and false are 
 61 | $\lambda x y.x$ and $\lambda x y.y$, respectively. 
 62 | So what happens if we are given that true equals false? Then
 63 | $M = (\lambda x y.x)MN = (\lambda x y.y)MN = N$. Therefore we can show $M=N$
 64 | for any two given λ-terms, $M$ and $N$.
 65 | The same sort of thing happens given 1=0 and the standard representation of natural numbers,
 66 | though the details are complicated.[^1]
 67 | 
 68 | [^1]: $M = 0(\textbf{K}N)M = 1(\textbf{K}N)M = \textbf{K}NM = N$
 69 | 
 70 | ### The explosion in axiomatic set theory 
 71 | 
 72 | Here things get a little more technical. And with all due respect to Bertrand Russell,  
 73 | he is not a set, and neither is the Pope. 
 74 | In set theory, 0 is the empty set and 1 is $\\{0\\}$, which implies $0\in 1$.
 75 | So 1=0 then we have big problems: $0\in 1$ is both true and false 
 76 | (because nothing can belong to the empty set).
 77 | And so, for any given set $A$, the set $\\{x\in A\mid 0\in 1\\}$ equals $A$
 78 | if we take $0\in 1$ to be true, but otherwise the resulting set is empty. 
 79 | It follows that $A$ equals the empty set for all $A$, so all sets are equal. 
 80 | 
 81 | ### Deriving the explosion in natural deduction logic 
 82 | 
 83 | The rule of disjunction elimination in natural deduction allows us to derive 
 84 | an arbitrary conclusion $R$ from the following three promises: 
 85 | * $P\lor Q$
 86 | * a proof of $R$ that may assume $P$ 
 87 | * a proof of $R$ that may assume $Q$ 
 88 | 
 89 | The idea behind this rule is that one of $P$ or $Q$ must be true, and therefore, 
 90 | $R$ is derivable using the corresponding premise. 
 91 | The rule incorporates the key idea of natural deduction, 
 92 | namely permission to make specified assumptions locally 
 93 | that are *discharged* ("paid off", so to speak) further on. 
 94 | 
 95 | This rule can obviously be generalised to an $n$-ary disjunction. We may derive $R$
 96 | from the following $n+1$ promises: 
 97 | * $P_1\lor \cdots \lor P_n$
 98 | * a proof of $R$ that may assume $P_i$, for $i=1$, ..., $n$ 
 99 | 
100 | Obviously, if $n=2$, we get the same rule as before. 
101 | If $n=1$, it degenerates to a tautology. 
102 | And what happens if $n=0$? 
103 | Then the rule says that $R$ follows from the empty disjunction alone. 
104 | The empty disjunction is falsity.[^2]
105 | If our calculus can derive falsity from $P$ and $\neg P$,
106 | then it has the principle of explosion built in. 
107 | 
108 | [^2]: I hope you can see this: $P_1\lor \cdots \lor P_n$ is true precisely if some $P_i$ is true, $i=1$, ..., $n$. If $n=0$ then it must always be false.
109 | 
110 | 
111 | ### Final remarks
112 | 
113 | As promised, in specific formal systems, the principle of explosion arises all by itself. 
114 | It doesn't have to be assumed. Taking it as a general logical principle 
115 | is then simply a form of abstraction.  
116 | But it also arises naturally in logical formalisms from the basic principles of natural deduction. 
117 | 
118 | [Paraconsistent logics](https://plato.stanford.edu/entries/logic-paraconsistent/) 
119 | are formal systems in which the impact of a contradiction is contained. 
120 | I can't comment on the value of such work to philosophy, 
121 | but they have also been studied in the context of artificial intelligence. 
122 | There, the point is that it's easy for the facts in an inexact real-world situation 
123 | to be inconsistent, and you don't want everything to collapse. 
124 | I would argue however that you should never be using formal logic 
125 | to reason directly about real-world situations. 
126 | And indeed, the symbolic/logical tendency that was so prominent in early AI work
127 | has pretty much vanished in favour of essentially statistical techniques 
128 | based on neural networks.
129 | There, the problem doesn't arise because nothing is being proved. 
130 | 


--------------------------------------------------------------------------------
/_posts/2024-10-14-Church_Rosser.md:
--------------------------------------------------------------------------------
  1 | ---
  2 | layout: post
  3 | title:  "The λ-calculus, 2: the Church-Rosser theorem"
  4 | usemathjax: true 
  5 | tags: [general, lambda calculus]
  6 | ---
  7 | A well-known technique to speed up computer code is to re-order some steps,
  8 | for example to lift a costly operation out of a loop.
  9 | In logic, when we can choose what inference to do next,
 10 | making the right choices yields an exponentially shorter proof.
 11 | Also in the λ-calculus we sometimes have a choice of reduction steps:
 12 | the possible outcomes include, at one extreme,
 13 | terminating exponentially faster or at the opposite extreme, 
 14 | not terminating at all.
 15 | But it would certainly be vexing if two terminating computations 
 16 | could return different final values.
 17 | Church and Rosser proved that couldn't happen,
 18 | implying the consistency of the λ-calculus 
 19 | and giving us some of the tools needed
 20 | to study this question in other situations.
 21 | 
 22 | ### Final values in the λ-calculus
 23 | 
 24 | As mentioned [last time]({% post_url 2024-09-30-Intro_Lambda_Calculus %}), 
 25 | basic things like numbers and lists 
 26 | are not built into the λ-calculus, but can be encoded.
 27 | We'll look at these ingenious encodings in a later post.
 28 | But here is a teaser: it's conventional to represent true and false by
 29 | $\lambda x y.x$ and $\lambda xy.y$, respectively.
 30 | The latter term also represents zero.
 31 | 
 32 | Note that no reductions can be applied to either of these: 
 33 | they are in *normal form*.
 34 | (Remember, a reduction is a β or η step; the α-conversions, 
 35 | which just rename bound variables, do not count.)
 36 | If $M$ is in normal form, then we regard it as a *value*
 37 | rather than as a *computation*.
 38 | Conversely, if it is not in normal form then further reductions are possible.
 39 | There exist more nuanced notions of value 
 40 | that make sense of some infinite computations.
 41 | 
 42 | If we define
 43 | $$ \let\red=\rightarrow
 44 |    \let\redd=\twoheadrightarrow
 45 |    \newcommand\K{\mathbf{K}}
 46 | \K\equiv\lambda x y.x$$ and $$\Omega\equiv(\lambda x.xx)(\lambda x.xx) $$
 47 | then $\K M N \redd M$ and $\Omega\red\Omega$.
 48 | Note that $\redd$ allows zero or many reduction steps.
 49 | Now the term $\K x \Omega$ can be reduced in various ways, 
 50 | including $\K x \Omega \redd x$ and $\K x \Omega\red\K x \Omega$.
 51 | The latter reduction can be continued indefinitely, 
 52 | or terminated at any point using the former reduction to yield simply $x$.
 53 | 
 54 | And a pro tip: if you intend to do λ-calculus derivations, I strongly recommend using abbreviations, like here.
 55 | Working out λ-terms in full, you are bound to go wrong.
 56 | 
 57 | ### Equality in the λ-calculus
 58 | 
 59 | As remarked last time,
 60 | $M=M'$ means it is possible to transform $M$ into $M'$
 61 | through any series of α, β or η steps, 
 62 | possibly within a term and possibly backwards 
 63 | (expansions, as opposed to reductions).
 64 | So we have the following picture:
 65 | 
 66 | <img src="/images/equality-in-lambda-calc.png" alt="chain of reductions for λ-calculus equality" width="500"/>
 67 | 
 68 | From the picture alone, it should be easy to see that equality
 69 | satisfies many of the basic properties we expect, such as being reflexive, symmetric and transitive.
 70 | But how can we show that some things are not equal:
 71 | for example, that $\lambda x y.x \not= \lambda xy.y$?
 72 | 
 73 | ### The Church-Rosser Theorem
 74 | 
 75 | The theorem states that if two terms are equal
 76 | then they can be made identical by a series of reductions.
 77 | More formally, if $M=N$ then $M\redd L$ and $N\redd L$ for some $L$.
 78 | 
 79 | If you really want the gory details of the proof, see the paper by Rosser
 80 | cited last time.
 81 | Many early proofs were wrong, tripping up over 
 82 | substitution and free/bound variable clashes.
 83 | But let's forget the proof for a moment and 
 84 | first look at some of the consequences.
 85 | * If $M=N$ and $N$ is in normal form, then $M\redd N$: reductions
 86 |   alone are enough to reach that normal form.
 87 | * If $M$ and $N$ are distinct terms in normal form, then $M\not=N$. For example, $\lambda xy.x\not=\lambda xy.y$.
 88 | 
 89 | The latter point above implies the consistency of the λ-calculus and gives us a simple way to recognise when two final values are equal.
 90 | (Of course, "distinct" ignores irrelevant differences in bound variable names.) 
 91 | 
 92 | ### The Diamond Property
 93 | 
 94 | The *diamond property* states that if $M\redd M_1$ and $M\redd M_2$ then
 95 | $M_1\redd L$ and $M_2\redd L$ for some $L$: 
 96 | that no matter how far we go reducing a term along two different paths,
 97 | further reductions can bring them back together.
 98 | It implies the Church-Rosser Theorem by an obvious tiling argument:
 99 | 
100 | <img src="/images/diamond-in-lambda-calc.png" alt="diamond property implies Church-Rosser" width="500"/>
101 | 
102 | Note that the diamond property can fail for single-step reductions:
103 | if $M\red M_1$ and $M\red M_2$ we can't guarantee that
104 | $M_1\red L$ and $M_2\red L$, since multiple steps may be necessary
105 | to bring $M_1$ and $M_2$ back together again.
106 | But we can prove diamonds of the following sort,
107 | setting one reduction on the left against possibly many on the right:
108 | 
109 | <img src="/images/diamond2-in-lambda-calc.png" alt="diamond property implies Church-Rosser" width="150"/>
110 | 
111 | Having established this lemma, a further tiling argument 
112 | gives us the diamond property in its original form.
113 | The proof is a tedious case analysis, and
114 | the worst cases involve overlaps: 
115 | when one reduction duplicates a term containing other possible reductions.
116 | 
117 | Offshoots of this work include the study of [term rewriting systems](
118 | https://doi.org/10.1017/CBO9781139172752) 
119 | and their confluence.
120 | 


--------------------------------------------------------------------------------
/_posts/2025-03-19-Trickier_lower_bound.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: post
 3 | title: A trickier lower bound proof
 4 | usemathjax: true 
 5 | tags: [formalised mathematics, analysis]
 6 | ---
 7 | Last summer, I treated an example of reasoning 
 8 | about a function that contained a (removable) singularity.
 9 | [That post]({% post_url 2024-08-08-Ln_lower_bound %}) ended with a challenge: to do the same thing for a much trickier function.
10 | Last week, Alexander Pach responded with a solution, which I am delighted to present below.
11 | 
12 | ### A recap
13 | 
14 | The task last time was to find the minimum of $x\ln x$ for $x\ge0$.
15 | Although strictly speaking it is undefined when $x=0$,
16 | it tends to 0 as $x$ approaches 0 from above, and happily,
17 | 0 is the value Isabelle attaches to it anyway.
18 | We had to show the function's continuity with separate proofs for the cases
19 | $x=0$ and $x>0$.
20 | We then obtained its derivative (for $x$ strictly positive)
21 | and by elementary reasoning about its sign
22 | proved that the desired minimum was $-1/e$.
23 | 
24 | ### The challenge
25 | 
26 | The previous post suggested trying a similar experiment for $x\sin(1/x)$.
27 | This function also has a removable singularity at 0 and its continuity proof (in Isabelle)
28 | is the same as the one for $x\ln x$. However, this function is a horror:
29 | 
30 | <img src="/images/plot_x_sin_inv_x.png" alt="graph of the function x ln x" width="400"/>
31 | 
32 | Its derivative, namely $\sin(1/x) - \cos(1/x)/x$, doesn't look nice either.
33 | The lower bound does not appear to be expressible by a simple formula,
34 | so Alexander set up a framework for proving that a given number was a lower bound.
35 | He then calculated it to 78 decimal places!
36 | 
37 | -0.217233628211221657408279325562470734223044915435587482365449027714505343589063(39)
38 | 
39 | You can download his theory [here](/Isabelle-Examples/XsinX_lower_bounds.thy).
40 | 


--------------------------------------------------------------------------------
/_sass/cayman.scss:
--------------------------------------------------------------------------------
1 | // Placeholder file. If your site uses
2 | //     @import "{{ site.theme }}";
3 | // Then using this theme with jekyll-remote-theme will work fine.
4 | @import "jekyll-theme-cayman";
5 | 


--------------------------------------------------------------------------------
/_sass/rouge-github.scss:
--------------------------------------------------------------------------------
  1 | .highlight table td { padding: 5px; }
  2 | .highlight table pre { margin: 0; }
  3 | .highlight .cm {
  4 |   color: #999988;
  5 |   font-style: italic;
  6 | }
  7 | .highlight .cp {
  8 |   color: #999999;
  9 |   font-weight: bold;
 10 | }
 11 | .highlight .c1 {
 12 |   color: #999988;
 13 |   font-style: italic;
 14 | }
 15 | .highlight .cs {
 16 |   color: #999999;
 17 |   font-weight: bold;
 18 |   font-style: italic;
 19 | }
 20 | .highlight .c, .highlight .cd {
 21 |   color: #999988;
 22 |   font-style: italic;
 23 | }
 24 | .highlight .err {
 25 |   color: #a61717;
 26 |   background-color: #e3d2d2;
 27 | }
 28 | .highlight .gd {
 29 |   color: #000000;
 30 |   background-color: #ffdddd;
 31 | }
 32 | .highlight .ge {
 33 |   color: #000000;
 34 |   font-style: italic;
 35 | }
 36 | .highlight .gr {
 37 |   color: #aa0000;
 38 | }
 39 | .highlight .gh {
 40 |   color: #999999;
 41 | }
 42 | .highlight .gi {
 43 |   color: #000000;
 44 |   background-color: #ddffdd;
 45 | }
 46 | .highlight .go {
 47 |   color: #888888;
 48 | }
 49 | .highlight .gp {
 50 |   color: #555555;
 51 | }
 52 | .highlight .gs {
 53 |   font-weight: bold;
 54 | }
 55 | .highlight .gu {
 56 |   color: #aaaaaa;
 57 | }
 58 | .highlight .gt {
 59 |   color: #aa0000;
 60 | }
 61 | .highlight .kc {
 62 |   color: #000000;
 63 |   font-weight: bold;
 64 | }
 65 | .highlight .kd {
 66 |   color: #000000;
 67 |   font-weight: bold;
 68 | }
 69 | .highlight .kn {
 70 |   color: #000000;
 71 |   font-weight: bold;
 72 | }
 73 | .highlight .kp {
 74 |   color: #000000;
 75 |   font-weight: bold;
 76 | }
 77 | .highlight .kr {
 78 |   color: #000000;
 79 |   font-weight: bold;
 80 | }
 81 | .highlight .kt {
 82 |   color: #445588;
 83 |   font-weight: bold;
 84 | }
 85 | .highlight .k, .highlight .kv {
 86 |   color: #000000;
 87 |   font-weight: bold;
 88 | }
 89 | .highlight .mf {
 90 |   color: #009999;
 91 | }
 92 | .highlight .mh {
 93 |   color: #009999;
 94 | }
 95 | .highlight .il {
 96 |   color: #009999;
 97 | }
 98 | .highlight .mi {
 99 |   color: #009999;
100 | }
101 | .highlight .mo {
102 |   color: #009999;
103 | }
104 | .highlight .m, .highlight .mb, .highlight .mx {
105 |   color: #009999;
106 | }
107 | .highlight .sb {
108 |   color: #d14;
109 | }
110 | .highlight .sc {
111 |   color: #d14;
112 | }
113 | .highlight .sd {
114 |   color: #d14;
115 | }
116 | .highlight .s2 {
117 |   color: #d14;
118 | }
119 | .highlight .se {
120 |   color: #d14;
121 | }
122 | .highlight .sh {
123 |   color: #d14;
124 | }
125 | .highlight .si {
126 |   color: #d14;
127 | }
128 | .highlight .sx {
129 |   color: #d14;
130 | }
131 | .highlight .sr {
132 |   color: #009926;
133 | }
134 | .highlight .s1 {
135 |   color: #d14;
136 | }
137 | .highlight .ss {
138 |   color: #990073;
139 | }
140 | .highlight .s {
141 |   color: #d14;
142 | }
143 | .highlight .na {
144 |   color: #008080;
145 | }
146 | .highlight .bp {
147 |   color: #999999;
148 | }
149 | .highlight .nb {
150 |   color: #0086B3;
151 | }
152 | .highlight .nc {
153 |   color: #445588;
154 |   font-weight: bold;
155 | }
156 | .highlight .no {
157 |   color: #008080;
158 | }
159 | .highlight .nd {
160 |   color: #3c5d5d;
161 |   font-weight: bold;
162 | }
163 | .highlight .ni {
164 |   color: #800080;
165 | }
166 | .highlight .ne {
167 |   color: #990000;
168 |   font-weight: bold;
169 | }
170 | .highlight .nf {
171 |   color: #990000;
172 |   font-weight: bold;
173 | }
174 | .highlight .nl {
175 |   color: #990000;
176 |   font-weight: bold;
177 | }
178 | .highlight .nn {
179 |   color: #555555;
180 | }
181 | .highlight .nt {
182 |   color: #000080;
183 | }
184 | .highlight .vc {
185 |   color: #008080;
186 | }
187 | .highlight .vg {
188 |   color: #008080;
189 | }
190 | .highlight .vi {
191 |   color: #008080;
192 | }
193 | .highlight .nv {
194 |   color: #008080;
195 | }
196 | .highlight .ow {
197 |   color: #000000;
198 |   font-weight: bold;
199 | }
200 | .highlight .o {
201 |   color: #000000;
202 |   font-weight: bold;
203 | }
204 | .highlight .w {
205 |   color: #bbbbbb;
206 | }
207 | .highlight {
208 |   background-color: #f8f8f8;
209 | }
210 | 


--------------------------------------------------------------------------------
/_sass/variables.scss:
--------------------------------------------------------------------------------
 1 | // Breakpoints
 2 | $large-breakpoint: 64em !default;
 3 | $medium-breakpoint: 42em !default;
 4 | 
 5 | // Headers
 6 | $header-heading-color: #fff !default;
 7 | $header-bg-color: #159957 !default;
 8 | $header-bg-color-secondary: #155799 !default;
 9 | 
10 | // Text
11 | $section-headings-color: #159957 !default;
12 | $body-text-color: #606c71 !default;
13 | $body-link-color: #1e6bb8 !default;
14 | $blockquote-text-color: #819198 !default;
15 | 
16 | // Code
17 | $code-bg-color: #f3f6fa !default;
18 | $code-text-color: #567482 !default;
19 | 
20 | // Borders
21 | $border-color: #dce6f0 !default;
22 | $table-border-color: #e9ebec !default;
23 | $hr-border-color: #eff0f1 !default;
24 | 


--------------------------------------------------------------------------------
/about.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: page
3 | title: About
4 | permalink: /about/
5 | ---
6 | 
7 | [Machine Logic](https://lawrencecpaulson.github.io) is [Lawrence Paulson's](https://www.cl.cam.ac.uk/~lp15/) blog on [Isabelle/HOL](https://isabelle.in.tum.de/) and related topics.
8 | 


--------------------------------------------------------------------------------
/assets/css/style.scss:
--------------------------------------------------------------------------------
1 | ---
2 | ---
3 | 
4 | @import 'jekyll-theme-cayman';
5 | 


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSans-Bold.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSans-Bold.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSans-BoldOblique.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSans-BoldOblique.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSans-Oblique.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSans-Oblique.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSans.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSans.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSansMono-Bold.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSansMono-Bold.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSansMono-BoldOblique.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSansMono-BoldOblique.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSansMono-Oblique.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSansMono-Oblique.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSansMono.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSansMono.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSerif-Bold.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSerif-Bold.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSerif-BoldItalic.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSerif-BoldItalic.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSerif-Italic.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSerif-Italic.ttf


--------------------------------------------------------------------------------
/css/fonts/IsabelleDejaVuSerif.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/IsabelleDejaVuSerif.ttf


--------------------------------------------------------------------------------
/css/fonts/Vacuous.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/css/fonts/Vacuous.ttf


--------------------------------------------------------------------------------
/css/isabelle.css:
--------------------------------------------------------------------------------
  1 | /* Isabelle fonts */
  2 | 
  3 | @font-face {
  4 |   font-family: 'Isabelle DejaVu Sans';
  5 |   src: url('fonts/IsabelleDejaVuSans.ttf') format('truetype');
  6 | }
  7 | 
  8 | @font-face {
  9 |   font-family: 'Isabelle DejaVu Sans';
 10 |   src: url('fonts/IsabelleDejaVuSans-Bold.ttf') format('truetype');
 11 |   font-weight: bold;
 12 | }
 13 | 
 14 | @font-face {
 15 |   font-family: 'Isabelle DejaVu Sans';
 16 |   src: url('fonts/IsabelleDejaVuSans-Oblique.ttf') format('truetype');
 17 |   font-style: italic;
 18 | }
 19 | 
 20 | @font-face {
 21 |   font-family: 'Isabelle DejaVu Sans';
 22 |   src: url('fonts/IsabelleDejaVuSans-BoldOblique.ttf') format('truetype');
 23 |   font-weight: bold;
 24 |   font-style: italic;
 25 | }
 26 | 
 27 | @font-face {
 28 |   font-family: 'Isabelle DejaVu Sans Mono';
 29 |   src: url('fonts/IsabelleDejaVuSansMono.ttf') format('truetype');
 30 | }
 31 | 
 32 | @font-face {
 33 |   font-family: 'Isabelle DejaVu Sans Mono';
 34 |   src: url('fonts/IsabelleDejaVuSansMono-Bold.ttf') format('truetype');
 35 |   font-weight: bold;
 36 | }
 37 | 
 38 | @font-face {
 39 |   font-family: 'Isabelle DejaVu Sans Mono';
 40 |   src: url('fonts/IsabelleDejaVuSansMono-Oblique.ttf') format('truetype');
 41 |   font-style: italic;
 42 | }
 43 | 
 44 | @font-face {
 45 |   font-family: 'Isabelle DejaVu Sans Mono';
 46 |   src: url('fonts/IsabelleDejaVuSansMono-BoldOblique.ttf') format('truetype');
 47 |   font-weight: bold;
 48 |   font-style: italic;
 49 | }
 50 | 
 51 | @font-face {
 52 |   font-family: 'Isabelle DejaVu Serif';
 53 |   src: url('fonts/IsabelleDejaVuSerif.ttf') format('truetype');
 54 | }
 55 | 
 56 | @font-face {
 57 |   font-family: 'Isabelle DejaVu Serif';
 58 |   src: url('fonts/IsabelleDejaVuSerif-Bold.ttf') format('truetype');
 59 |   font-weight: bold;
 60 | }
 61 | 
 62 | @font-face {
 63 |   font-family: 'Isabelle DejaVu Serif';
 64 |   src: url('fonts/IsabelleDejaVuSerif-Italic.ttf') format('truetype');
 65 |   font-style: italic;
 66 | }
 67 | 
 68 | @font-face {
 69 |   font-family: 'Isabelle DejaVu Serif';
 70 |   src: url('fonts/IsabelleDejaVuSerif-BoldItalic.ttf') format('truetype');
 71 |   font-weight: bold;
 72 |   font-style: italic;
 73 | }
 74 | 
 75 | @font-face {
 76 |   font-family: 'Vacuous';
 77 |   src: url('fonts/Vacuous.ttf') format('truetype');
 78 | }
 79 | 
 80 | 
 81 | /* standard document markup */
 82 | 
 83 | dt {
 84 |   float: left;
 85 |   clear: left;
 86 |   padding-right: 0.5em;
 87 |   font-weight: bold;
 88 | }
 89 | 
 90 | body {
 91 |   color: #000000;
 92 |   background-color: #FFFFFF;
 93 | }
 94 | 
 95 | .head     { background-color: #FFFFFF; }
 96 | .source   {
 97 |   direction: ltr; unicode-bidi: bidi-override;
 98 |   background-color: #FFFFFF;
 99 |   padding: 10px;
100 |   font-family: "Isabelle DejaVu Sans Mono", monospace;
101 | }
102 | 
103 | .contents { background-color: #FFFFFF; padding: 10px; }
104 | .sessions { background-color: #FFFFFF; padding: 10px; }
105 | .document { white-space: normal; font-family: "Isabelle DejaVu Serif", serif; }
106 | 
107 | .name     { font-style: italic; }
108 | .filename { font-family: "Isabelle DejaVu Sans Mono", monospace; }
109 | 
110 | 
111 | /* basic syntax markup */
112 | 
113 | .hidden         { font-family: Vacuous; font-size: 1%; color: rgba(255,255,255,0); }
114 | .control        { font-weight: bold; font-style: italic; }
115 | 
116 | .binding        { color: #336655; }
117 | .tfree          { color: #A020F0; }
118 | .tvar           { color: #A020F0; }
119 | .free           { color: #0000FF; }
120 | .skolem         { color: #D2691E; }
121 | .bound          { color: #008000; }
122 | .var            { color: #00009B; }
123 | .numeral        { }
124 | .literal        { font-weight: bold; }
125 | .delimiter      { }
126 | .inner_numeral  { color: #FF0000; }
127 | .inner_quoted   { color: #FF00CC; }
128 | .inner_cartouche { color: #CC6600; }
129 | .comment1       { color: #CC0000; }
130 | .comment2       { color: #FF8400; }
131 | .comment3       { color: #6600CC; }
132 | .dynamic        { color: #7BA428; }
133 | .class_parameter_color { color: #D2691E; }
134 | 
135 | .bold           { font-weight: bold; }
136 | 
137 | .main           { color: #000000; }
138 | .command        { font-weight: bold; }
139 | .keyword        { font-weight: bold; }
140 | .keyword1       { color: #006699; }
141 | .keyword2       { color: #009966; }
142 | .keyword3       { color: #0099FF; }
143 | .quasi_keyword  { color: #9966FF; }
144 | .operator       { color: #323232; }
145 | .string         { color: #FF00CC; }
146 | .alt_string     { color: #CC00CC; }
147 | .verbatim       { color: #6600CC; }
148 | .cartouche      { color: #CC6600; }
149 | .comment        { color: #CC0000; }
150 | .improper       { color: #FF5050; }
151 | .antiquote      { color: #6600CC; }
152 | .raw_text       { color: #6600CC; }
153 | .plain_text     { color: #CC6600; }
154 | .bad            { background-color: #FF6A6A; }
155 | .quoted         { background-color: rgba(139,139,139,0.05); }
156 | .antiquoted     { background-color: rgba(255,200,50,0.1); }
157 | 
158 | 
159 | /* message background */
160 | 
161 | .writeln_message      { background-color: #F0F0F0; }
162 | .information_message  { background-color: #DCEAF3; }
163 | .tracing_message      { background-color: #F0F8FF; }
164 | .warning_message      { background-color: #EEE8AA; }
165 | .legacy_message       { background-color: #EEE8AA; }
166 | .error_message        { background-color: #FFC1C1; }
167 | 
168 | 
169 | /* message underline */
170 | 
171 | .writeln { border-bottom: 1px dotted #C0C0C0; }
172 | .information { border-bottom: 1px dotted #C1DFEE; }
173 | .warning { border-bottom: 1px dotted #FF8C00; }
174 | .legacy { border-bottom: 1px dotted #FF8C00; }
175 | .error { border-bottom: 1px dotted #B22222; }
176 | 
177 | 
178 | /* tooltips */
179 | 
180 | .writeln { position: relative; display: inline-block; }
181 | .information { position: relative; display: inline-block; }
182 | .warning { position: relative; display: inline-block; }
183 | .legacy { position: relative; display: inline-block; }
184 | .error { position: relative; display: inline-block; }
185 | 
186 | .writeln:hover .tooltip { visibility: visible; }
187 | .information:hover .tooltip { visibility: visible; }
188 | .warning:hover .tooltip { visibility: visible; }
189 | .legacy:hover .tooltip { visibility: visible; }
190 | .error:hover .tooltip { visibility: visible; }
191 | 
192 | .tooltip {
193 |   top: -0.5ex;
194 |   left: 5em;
195 |   visibility: hidden;
196 |   width: 50em;
197 |   border: 1px solid #808080;
198 |   padding: 1px 1px;
199 |   background-color: #FFFFE9;
200 |   position: absolute;
201 |   z-index: 1;
202 | }
203 | 
204 | .tooltip pre { margin: 1px; white-space: pre-wrap; }
205 | 


--------------------------------------------------------------------------------
/feed.xml:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: none
 3 | ---
 4 | <?xml version="1.0" encoding="UTF-8"?>
 5 | <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
 6 | 	<channel>
 7 | 		<title>{{ site.name | xml_escape }}</title>
 8 | 		<description>{% if site.description %}{{ site.description | xml_escape }}{% endif %}</description>
 9 | 		<link>{{ site.url }}</link>
10 | 		<atom:link href="{{ site.url }}/feed.xml" rel="self" type="application/rss+xml" />
11 | 		{% for post in site.posts limit:10 %}
12 | 			<item>
13 | 				<title>{{ post.title | xml_escape }}</title>
14 | 				<description>{{ post.content | xml_escape }}</description>
15 | 				<pubDate>{{ post.date | date: "%a, %d %b %Y %H:%M:%S %z" }}</pubDate>
16 | 				<link>{{ site.url }}{{ post.url }}</link>
17 | 				<guid isPermaLink="true">{{ site.url }}{{ post.url }}</guid>
18 | 			</item>
19 | 		{% endfor %}
20 | 	</channel>
21 | </rss>
22 | 


--------------------------------------------------------------------------------
/images/2022-10-induction.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/2022-10-induction.png


--------------------------------------------------------------------------------
/images/2022-10-system-model.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/2022-10-system-model.png


--------------------------------------------------------------------------------
/images/2022-10-time-steps.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/2022-10-time-steps.png


--------------------------------------------------------------------------------
/images/3minus2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/3minus2.png


--------------------------------------------------------------------------------
/images/AUTOMATH-book-equality.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/AUTOMATH-book-equality.png


--------------------------------------------------------------------------------
/images/CTT/split-in1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/split-in1.png


--------------------------------------------------------------------------------
/images/CTT/split-in2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/split-in2.png


--------------------------------------------------------------------------------
/images/CTT/split-out1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/split-out1.png


--------------------------------------------------------------------------------
/images/CTT/split-out2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/split-out2.png


--------------------------------------------------------------------------------
/images/CTT/struct-AC.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/struct-AC.png


--------------------------------------------------------------------------------
/images/CTT/struct-LEM.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/struct-LEM.png


--------------------------------------------------------------------------------
/images/CTT/typefm-in1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-in1.png


--------------------------------------------------------------------------------
/images/CTT/typefm-in2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-in2.png


--------------------------------------------------------------------------------
/images/CTT/typefm-in3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-in3.png


--------------------------------------------------------------------------------
/images/CTT/typefm-in4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-in4.png


--------------------------------------------------------------------------------
/images/CTT/typefm-out1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-out1.png


--------------------------------------------------------------------------------
/images/CTT/typefm-out2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-out2.png


--------------------------------------------------------------------------------
/images/CTT/typefm-out3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-out3.png


--------------------------------------------------------------------------------
/images/CTT/typefm-out4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typefm-out4.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-add-in.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-add-in.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-add-out.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-add-out.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-in.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-in.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-lemma.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-lemma.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-out1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-out1.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-out2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-out2.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-out3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-out3.png


--------------------------------------------------------------------------------
/images/CTT/typeinf-out4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/CTT/typeinf-out4.png


--------------------------------------------------------------------------------
/images/ConcaveDef.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/ConcaveDef.png


--------------------------------------------------------------------------------
/images/Concave_ln.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Concave_ln.png


--------------------------------------------------------------------------------
/images/Dirichlet-approx-thm.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Dirichlet-approx-thm.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f1.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f10.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f11.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f2.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f3.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f4.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f5.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f6.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f7.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f8.png


--------------------------------------------------------------------------------
/images/Fib-newbie/f9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Fib-newbie/f9.png


--------------------------------------------------------------------------------
/images/Gowers-example.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Gowers-example.jpeg


--------------------------------------------------------------------------------
/images/Hardy-MVT.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Hardy-MVT.png


--------------------------------------------------------------------------------
/images/Jech-118-footnotes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Jech-118-footnotes.png


--------------------------------------------------------------------------------
/images/MT-examples.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/MT-examples.png


--------------------------------------------------------------------------------
/images/Metitarski-example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Metitarski-example.png


--------------------------------------------------------------------------------
/images/PPLAMBDA-proof.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/PPLAMBDA-proof.png


--------------------------------------------------------------------------------
/images/Strachey-halting.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Strachey-halting.png


--------------------------------------------------------------------------------
/images/TypesOfConicSections.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/TypesOfConicSections.jpg


--------------------------------------------------------------------------------
/images/Univ-Machine-Structure.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Univ-Machine-Structure.png


--------------------------------------------------------------------------------
/images/Univ-Machine.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Univ-Machine.png


--------------------------------------------------------------------------------
/images/Why trust II.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Why trust II.png


--------------------------------------------------------------------------------
/images/Why trust.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/Why trust.png


--------------------------------------------------------------------------------
/images/chess-board.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/chess-board.png


--------------------------------------------------------------------------------
/images/compose-devices.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/compose-devices.png


--------------------------------------------------------------------------------
/images/diamond-in-lambda-calc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/diamond-in-lambda-calc.png


--------------------------------------------------------------------------------
/images/diamond2-in-lambda-calc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/diamond2-in-lambda-calc.png


--------------------------------------------------------------------------------
/images/equality-in-lambda-calc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/equality-in-lambda-calc.png


--------------------------------------------------------------------------------
/images/frozen_friends.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/frozen_friends.jpg


--------------------------------------------------------------------------------
/images/hw-device.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/hw-device.png


--------------------------------------------------------------------------------
/images/isabelle_logo.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/isabelle_logo.gif


--------------------------------------------------------------------------------
/images/jEdit-tricks-bound.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-bound.png


--------------------------------------------------------------------------------
/images/jEdit-tricks-click.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-click.png


--------------------------------------------------------------------------------
/images/jEdit-tricks-hanging.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-hanging.png


--------------------------------------------------------------------------------
/images/jEdit-tricks-looping-proof.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-looping-proof.png


--------------------------------------------------------------------------------
/images/jEdit-tricks-popup.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-popup.png


--------------------------------------------------------------------------------
/images/jEdit-tricks-skolem.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/jEdit-tricks-skolem.png


--------------------------------------------------------------------------------
/images/peg-solitaire.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/peg-solitaire.png


--------------------------------------------------------------------------------
/images/plot_x_ln_x.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/plot_x_ln_x.png


--------------------------------------------------------------------------------
/images/plot_x_sin_inv_x.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/plot_x_sin_inv_x.png


--------------------------------------------------------------------------------
/images/pure-silver.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/pure-silver.jpg


--------------------------------------------------------------------------------
/images/sqrt2-figure.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/sqrt2-figure.jpg


--------------------------------------------------------------------------------
/images/squared_square.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/squared_square.png


--------------------------------------------------------------------------------
/images/transistor.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/transistor.png


--------------------------------------------------------------------------------
/images/tripartite graph.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/images/tripartite graph.png


--------------------------------------------------------------------------------
/index.html:
--------------------------------------------------------------------------------
 1 | ---
 2 | layout: default
 3 | title: {{ site.name }}
 4 | ---
 5 | 
 6 | <div id="home">
 7 | <p>The formal verification of computer systems has become practical.
 8 |         It has an essential role in tech firms such as
 9 |         Amazon, AMD, Intel, Microsoft and Nvidia. In recent years, researchers have started asking whether
10 |         verification technology could also benefit research mathematicians.
11 |         Here, we explore every aspect of doing logic on the computer:
12 |         its foundations, its applications and the issues involved with formalising mathematics.
13 | </p>
14 | {% include archive.html %}
15 | <h1>Posts</h1>
16 |   <ul class="posts">
17 |     {% for post in site.posts %}
18 |       <li><span>{{ post.date | date_to_string }}</span> &raquo; <a href="{{ site.baseurl }}{{ post.url }}">{{ post.title }}</a>
19 |       {{ post.excerpt }}
20 |       </li>
21 |     {% endfor %}
22 |   </ul>
23 | </div>
24 | 


--------------------------------------------------------------------------------
/papers/Aczel-Inductive-Defs.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Aczel-Inductive-Defs.pdf


--------------------------------------------------------------------------------
/papers/Boolos-iterative-concept-of-set.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Boolos-iterative-concept-of-set.pdf


--------------------------------------------------------------------------------
/papers/Cohen-TAPS.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Cohen-TAPS.pdf


--------------------------------------------------------------------------------
/papers/Early-History-of-ATP.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Early-History-of-ATP.pdf


--------------------------------------------------------------------------------
/papers/Edmonds-CPP2024.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Edmonds-CPP2024.pdf


--------------------------------------------------------------------------------
/papers/FloydMeaning.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/FloydMeaning.pdf


--------------------------------------------------------------------------------
/papers/Knuth-TEX.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Knuth-TEX.pdf


--------------------------------------------------------------------------------
/papers/Lam_finite_Proj_plane_order_10.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Lam_finite_Proj_plane_order_10.pdf


--------------------------------------------------------------------------------
/papers/ML-Int-TT.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/ML-Int-TT.pdf


--------------------------------------------------------------------------------
/papers/Matthews-parallel.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Matthews-parallel.pdf


--------------------------------------------------------------------------------
/papers/Rosser-Lambda-Calculus.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Rosser-Lambda-Calculus.pdf


--------------------------------------------------------------------------------
/papers/Russells-mathematical-logic.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Russells-mathematical-logic.pdf


--------------------------------------------------------------------------------
/papers/Scott-Models.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Scott-Models.pdf


--------------------------------------------------------------------------------
/papers/Wang-Formalisation.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Wang-Formalisation.pdf


--------------------------------------------------------------------------------
/papers/Wang-Orginal-Sin.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/Wang-Orginal-Sin.pdf


--------------------------------------------------------------------------------
/papers/bachmair-hbar-resolution.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/bachmair-hbar-resolution.pdf


--------------------------------------------------------------------------------
/papers/deBruijn-nameless-dummies.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/deBruijn-nameless-dummies.pdf


--------------------------------------------------------------------------------
/papers/on-the-infinite.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/on-the-infinite.pdf


--------------------------------------------------------------------------------
/papers/unreasonable.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lawrencecpaulson/lawrencecpaulson.github.io/17b76618df0b0ca0361ae3eb304f29fe813f2d99/papers/unreasonable.pdf


--------------------------------------------------------------------------------
/tag/ALEXANDRIA.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: ALEXANDRIA"
4 | tag: ALEXANDRIA
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/AUTOMATH.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: AUTOMATH"
4 | tag: AUTOMATH
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Ackermann's_function.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Ackermann's function"
4 | tag: Ackermann's function
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Alan_Turing.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Alan Turing"
4 | tag: Alan Turing
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Archive_of_Formal_Proofs.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Archive of Formal Proofs"
4 | tag: Archive of Formal Proofs
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/BDDs.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: BDDs"
4 | tag: BDDs
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Bertrand_Russell.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Bertrand Russell"
4 | tag: Bertrand Russell
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Coq.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Coq"
4 | tag: Coq
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Dana_Scott.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Dana Scott"
4 | tag: Dana Scott
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/David_Hilbert.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: David Hilbert"
4 | tag: David Hilbert
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Ernst_Zermelo.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Ernst Zermelo"
4 | tag: Ernst Zermelo
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Fibonacci.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Fibonacci"
4 | tag: Fibonacci
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/HOL_Light.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: HOL Light"
4 | tag: HOL Light
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/HOL_system.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: HOL system"
4 | tag: HOL system
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Hao_Wang.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Hao Wang"
4 | tag: Hao Wang
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Imre_Lakatos.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Imre Lakatos"
4 | tag: Imre Lakatos
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Isabelle.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Isabelle"
4 | tag: Isabelle
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Isar.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Isar"
4 | tag: Isar
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Jacques_Fleuriot.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Jacques Fleuriot"
4 | tag: Jacques Fleuriot
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/John_Littlewood.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: John Littlewood"
4 | tag: John Littlewood
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Kurt_Gödel.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Kurt Gödel"
4 | tag: Kurt Gödel
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/LCF.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: LCF"
4 | tag: LCF
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Leonhard_Euler.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Leonhard Euler"
4 | tag: Leonhard Euler
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/MJC_Gordon.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: MJC Gordon"
4 | tag: MJC Gordon
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Martin-Löf_type_theory.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Martin-Löf type theory"
4 | tag: Martin-Löf type theory
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/MetiTarski.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: MetiTarski"
4 | tag: MetiTarski
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Mizar.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Mizar"
4 | tag: Mizar
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/NG_de_Bruijn.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: NG de Bruijn"
4 | tag: NG de Bruijn
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/PVS.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: PVS"
4 | tag: PVS
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Paul_Erdős.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Paul Erdős"
4 | tag: Paul Erdős
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Principia_Mathematica.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Principia Mathematica"
4 | tag: Principia Mathematica
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Proofs_from_THE_BOOK.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Proofs from THE BOOK"
4 | tag: Proofs from THE BOOK
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/QED_project.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: QED project"
4 | tag: QED project
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Ramsey's_theorem.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Ramsey's theorem"
4 | tag: Ramsey's theorem
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Robin_Milner.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Robin Milner"
4 | tag: Robin Milner
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Standard_ML.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Standard ML"
4 | tag: Standard ML
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Stanford.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Stanford"
4 | tag: Stanford
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/Szemerédi’s_regularity_lemma.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: Szemerédi’s regularity lemma"
4 | tag: Szemerédi’s regularity lemma
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/ZFC_in_HOL.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: ZFC_in_HOL"
4 | tag: ZFC_in_HOL
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/analysis.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: analysis"
4 | tag: analysis
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/automation.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: automation"
4 | tag: automation
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/axiom_of_choice.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: axiom of choice"
4 | tag: axiom of choice
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/constructive_logic.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: constructive logic"
4 | tag: constructive logic
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/descriptions.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: descriptions"
4 | tag: descriptions
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/examples.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: examples"
4 | tag: examples
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/formalised_mathematics.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: formalised mathematics"
4 | tag: formalised mathematics
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/gcd.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: gcd"
4 | tag: gcd
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/general.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: general"
4 | tag: general
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/incompleteness.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: incompleteness"
4 | tag: incompleteness
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/inductive_definitions.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: inductive definitions"
4 | tag: inductive definitions
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/intuitionism.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: intuitionism"
4 | tag: intuitionism
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/jEdit.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: jEdit"
4 | tag: jEdit
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/lambda_calculus.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: lambda calculus"
4 | tag: lambda calculus
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/law_of_excluded_middle.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: law of excluded middle"
4 | tag: law of excluded middle
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/locales.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: locales"
4 | tag: locales
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/logic.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: logic"
4 | tag: logic
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/memories.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: memories"
4 | tag: memories
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/newbies.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: newbies"
4 | tag: newbies
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/nominal_package.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: nominal package"
4 | tag: nominal package
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/nonstandard_analysis.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: nonstandard analysis"
4 | tag: nonstandard analysis
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/ordinal_partitions.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: ordinal partitions"
4 | tag: ordinal partitions
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/philosophy.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: philosophy"
4 | tag: philosophy
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/proof_documents.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: proof documents"
4 | tag: proof documents
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/quaternions.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: quaternions"
4 | tag: quaternions
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/quotients.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: quotients"
4 | tag: quotients
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/recruitment.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: recruitment"
4 | tag: recruitment
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/recursion.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: recursion"
4 | tag: recursion
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/resolution.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: resolution"
4 | tag: resolution
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/set_theory.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: set theory"
4 | tag: set theory
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/sledgehammer.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: sledgehammer"
4 | tag: sledgehammer
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/type_classes.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: type classes"
4 | tag: type classes
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/type_theory.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: type theory"
4 | tag: type theory
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag/verification.md:
--------------------------------------------------------------------------------
1 | ---
2 | layout: tagpage
3 | title: "Tag: verification"
4 | tag: verification
5 | robots: noindex
6 | ---
7 | 


--------------------------------------------------------------------------------
/tag_generator.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3
 2 | 
 3 | '''
 4 | tag_generator.py
 5 | 
 6 | Copyright 2017 Long Qian
 7 | Contact: lqian8@jhu.edu
 8 | 
 9 | This script creates tags for your Jekyll blog hosted by Github page.
10 | No plugins required.
11 | '''
12 | 
13 | import glob
14 | import os
15 | 
16 | post_dir = '_posts/'
17 | draft_dir = '_drafts/'
18 | tag_dir = 'tag/'
19 | 
20 | filenames = glob.glob(post_dir + '*md')
21 | filenames = filenames + glob.glob(draft_dir + '*md')
22 | 
23 | total_tags = []
24 | for filename in filenames:
25 |     f = open(filename, 'r', encoding='utf8')
26 |     crawl = False
27 |     for line in f:
28 |         if crawl:
29 |             current_tags = line.strip().split(':')
30 |             if current_tags[0] == 'tags':
31 |                 if (current_tags[1].strip().startswith('[')):
32 |                     clean_tag = ''.join(c for c in current_tags[1] if c not in '[]')
33 |                     list_tags = map(str.strip, clean_tag.split(','))
34 |                     total_tags.extend(list_tags)
35 |                 else:
36 |                     list_tags = map(str.strip, current_tags[1].strip().split())
37 |                     total_tags.extend(list_tags)
38 |                 crawl = False
39 |                 break
40 |         if line.strip() == '---':
41 |             if not crawl:
42 |                 crawl = True
43 |             else:
44 |                 crawl = False
45 |                 break
46 |     f.close()
47 | total_tags = set(total_tags)
48 | 
49 | old_tags = glob.glob(tag_dir + '*.md')
50 | for tag in old_tags:
51 |     os.remove(tag)
52 | 
53 | if not os.path.exists(tag_dir):
54 |     os.makedirs(tag_dir)
55 | 
56 | for tag in total_tags:
57 |     tag_filename = tag_dir + tag.replace(' ', '_') + '.md'
58 |     f = open(tag_filename, 'a')
59 |     write_str = '---\nlayout: tagpage\ntitle: \"Tag: ' + tag + '\"\ntag: ' + tag + '\nrobots: noindex\n---\n'
60 |     f.write(write_str)
61 |     f.close()
62 | print("Tags generated, count", total_tags.__len__())
63 | 


--------------------------------------------------------------------------------