1

I tried to prove an existential theorem 

lemma "∃ x. x * (t :: nat) = t"
proof
  obtain y where "y * t = t" by (auto)

but I could not finish the proof. So I have the necessary y but how can I feed it into the original goal?

Gergely
  • 6,879
  • 6
  • 25
  • 35

3 Answers3

4

Soundness of natural deduction requires that you get hold of the witness before you open the existential quantifier. This is why you are not allowed to use obtained variables in show statements. In your example, the proof step implicitly applies the rule exI. This turns the existentially quantified variable x into the schematic variable ?x, which can be instantiated later, but the instantiation may only refer to variables that have been in scope when ?x came into place. In the low-level proof state, obtained variables are meta-quantified (!!) and the instantiations for ?x can only refer to such variables that appear as a parameter to ?x.

Therefore, you have to switch the order in your proof:

lemma "∃ x. x * (t :: nat) = t"
proof - (* method - does not change the goal *)
  obtain y where "y * t = t" by (auto)
  then show ?thesis by(rule exI)
qed
Andreas Lochbihler
  • 4,998
  • 12
  • 10
  • You can use `proof` without `-` (which applies the `default` method) if your witness does not mention any obtained variables. I your example, you can use `Suc 0` as the witness rather than obtain it. But I assume that your real use case is more complicated. If you define your witness `y` using `def` from constants instead of using `obtain`, it should work. Alternatively, you can always eliminate obtained variables by using the choice operator `SOME`, but that is cumbersome to write and read. – Andreas Lochbihler Jul 02 '14 at 06:25
  • 1
    I do not have real use case, I wanted to construct an example for using `obtain`. – Gergely Jul 02 '14 at 09:20
4

You can give the witness (i.e. the element you want to put in for x) in the show clause:

lemma "∃ x. x * (t :: nat) = t"
proof
  show "1*t = t" by simp
qed
Peter Zeller
  • 2,245
  • 19
  • 23
2

Alternatively, when you already know the witness (1 or Suc 0 here), you can explicitly instantiate the rule exI to introduce the existential term:

lemma "∃ x. x * (t :: nat) = t"
  by (rule exI[where x = "Suc 0"], simp)

Here, the existential quantifier introduction rule thm exI is

?P ?x ⟹ ∃x. ?P x

you can explore and instantiate it gradually with the answer.

thm exI[where x = "Suc 0"] is:

?P (Suc 0) ⟹ ∃x. ?P x

and exI[where P = "λ x. x * t = t" and x = "Suc 0"] is

Suc 0 * t = t ⟹ ∃x. x * t = t

And Suc 0 * t = t is only one simplification (simp) away. But the system can figure out the last instantiation P = "λ x. x * t = t" via unification, so it isn't really necessary.

Related:

Instantiating theorems in Isabelle

thor
  • 21,418
  • 31
  • 87
  • 173