the new subst tactic, by Lucas Dixon
authorpaulson
Tue Feb 01 18:01:57 2005 +0100 (2005-02-01)
changeset 15481fc075ae929e4
parent 15480 cb3612cc41a3
child 15482 b3f530e7aa1c
the new subst tactic, by Lucas Dixon
NEWS
TFL/isand.ML
doc-src/TutorialI/Advanced/document/Partial.tex
doc-src/TutorialI/Advanced/document/WFrec.tex
doc-src/TutorialI/CodeGen/document/CodeGen.tex
doc-src/TutorialI/Datatype/document/ABexpr.tex
doc-src/TutorialI/Datatype/document/Fundata.tex
doc-src/TutorialI/Datatype/document/Nested.tex
doc-src/TutorialI/Documents/document/Documents.tex
doc-src/TutorialI/Ifexpr/document/Ifexpr.tex
doc-src/TutorialI/Inductive/document/AB.tex
doc-src/TutorialI/Inductive/document/Advanced.tex
doc-src/TutorialI/Inductive/document/Even.tex
doc-src/TutorialI/Inductive/document/Mutual.tex
doc-src/TutorialI/Inductive/document/Star.tex
doc-src/TutorialI/Misc/document/AdvancedInd.tex
doc-src/TutorialI/Misc/document/Itrev.tex
doc-src/TutorialI/Misc/document/case_exprs.tex
doc-src/TutorialI/Misc/document/natsum.tex
doc-src/TutorialI/Misc/document/simp.tex
doc-src/TutorialI/Recdef/document/Induction.tex
doc-src/TutorialI/Recdef/document/Nested2.tex
doc-src/TutorialI/Recdef/document/simplification.tex
doc-src/TutorialI/Recdef/document/termination.tex
doc-src/TutorialI/ToyList/document/ToyList.tex
doc-src/TutorialI/Trie/document/Trie.tex
doc-src/TutorialI/Types/document/Axioms.tex
doc-src/TutorialI/Types/document/Numbers.tex
doc-src/TutorialI/Types/document/Overloading.tex
doc-src/TutorialI/Types/document/Overloading1.tex
doc-src/TutorialI/Types/document/Overloading2.tex
doc-src/TutorialI/Types/document/Pairs.tex
doc-src/TutorialI/Types/document/Records.tex
doc-src/TutorialI/Types/document/Typedefs.tex
src/FOL/FOL.thy
src/FOL/IFOL.thy
src/FOL/IsaMakefile
src/FOL/eqrule_FOL_data.ML
src/HOL/Algebra/UnivPoly.thy
src/HOL/Algebra/poly/LongDiv.thy
src/HOL/Algebra/poly/UnivPoly2.thy
src/HOL/Complex/Complex.thy
src/HOL/HOL.thy
src/HOL/Hyperreal/Integration.thy
src/HOL/Hyperreal/MacLaurin.thy
src/HOL/Hyperreal/Transcendental.thy
src/HOL/IMP/Denotation.thy
src/HOL/Induct/LList.thy
src/HOL/Integ/IntDef.thy
src/HOL/IsaMakefile
src/HOL/Library/Word.thy
src/HOL/Matrix/Matrix.thy
src/HOL/Matrix/MatrixGeneral.thy
src/HOL/Matrix/SparseMatrix.thy
src/HOL/MicroJava/BV/Effect.thy
src/HOL/MicroJava/Comp/CorrComp.thy
src/HOL/MicroJava/Comp/CorrCompTp.thy
src/HOL/MicroJava/Comp/DefsComp.thy
src/HOL/MicroJava/Comp/TranslCompTp.thy
src/HOL/MicroJava/J/WellForm.thy
src/HOL/NumberTheory/EulerFermat.thy
src/HOL/OrderedGroup.thy
src/HOL/Product_Type.thy
src/HOL/Recdef.thy
src/HOL/Ring_and_Field.thy
src/HOL/SET-Protocol/Purchase.thy
src/HOL/UNITY/FP.thy
src/HOL/UNITY/ListOrder.thy
src/HOL/UNITY/Rename.thy
src/HOL/eqrule_HOL_data.ML
src/HOL/ex/set.thy
src/Provers/eqsubst.ML
src/Provers/hypsubst.ML
src/Pure/IsaMakefile
src/Pure/IsaPlanner/ROOT.ML
src/Pure/IsaPlanner/focus_term_lib.ML
src/Pure/IsaPlanner/isa_fterm.ML
src/Pure/IsaPlanner/isand.ML
src/Pure/IsaPlanner/isaplib.ML
src/Pure/IsaPlanner/rw_inst.ML
src/Pure/IsaPlanner/rw_tools.ML
src/Pure/IsaPlanner/term_lib.ML
src/Pure/IsaPlanner/upterm_lib.ML
src/Pure/ROOT.ML
src/ZF/AC/HH.thy
src/ZF/AC/WO2_AC16.thy
src/ZF/ArithSimp.thy
src/ZF/Constructible/Formula.thy
src/ZF/Epsilon.thy
src/ZF/Induct/Multiset.thy
src/ZF/Integ/IntDiv.thy
src/ZF/ROOT.ML
src/ZF/Resid/Residuals.thy
src/ZF/UNITY/AllocImpl.thy
src/ZF/UNITY/FP.thy
src/ZF/Univ.thy
src/ZF/ZF.thy
src/ZF/ex/Limit.thy
     1.1 --- a/NEWS	Sun Jan 30 20:48:50 2005 +0100
     1.2 +++ b/NEWS	Tue Feb 01 18:01:57 2005 +0100
     1.3 @@ -37,6 +37,12 @@
     1.4  * Provers/blast.ML:  new reference depth_limit to make blast's depth
     1.5    limit (previously hard-coded with a value of 20) user-definable.
     1.6  
     1.7 +* Provers: new version of the subst method, for single-step rewriting: it now
     1.8 +  works in bound variable contexts. New is subst (asm), for rewriting an
     1.9 +  assumption. Thanks to Lucas Dixon! INCOMPATIBILITY: may rewrite a different
    1.10 +  subterm than the original subst method, which is still available under the
    1.11 +  name simplesubst.
    1.12 +
    1.13  * Pure: thin_tac now works even if the assumption being deleted contains !! or ==>. 
    1.14    More generally, erule now works even if the major premise of the elimination rule
    1.15    contains !! or ==>.
     2.1 --- a/TFL/isand.ML	Sun Jan 30 20:48:50 2005 +0100
     2.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.3 @@ -1,558 +0,0 @@
     2.4 -(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
     2.5 -(*  Title:      sys/isand.ML
     2.6 -    Author:     Lucas Dixon, University of Edinburgh
     2.7 -                lucas.dixon@ed.ac.uk
     2.8 -    Date:       6 Aug 2004
     2.9 -*)
    2.10 -(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    2.11 -(*  DESCRIPTION:
    2.12 -
    2.13 -    Natural Deduction tools
    2.14 -
    2.15 -    For working with Isbaelle theorem in a natural detuction style,
    2.16 -    ie, not having to deal with meta level quantified varaibles,
    2.17 -    instead, we work with newly introduced frees, and hide the
    2.18 -    "all"'s, exporting results from theorems proved with the frees, to
    2.19 -    solve the all cases of the previous goal. 
    2.20 -
    2.21 -    Note: A nice idea: allow esxporting to solve any subgoal, thus
    2.22 -    allowing the interleaving of proof, or provide a structure for the
    2.23 -    ordering of proof, thus allowing proof attempts in parrelle, but
    2.24 -    recording the order to apply things in.
    2.25 -
    2.26 -debugging tools:
    2.27 -fun asm_mk t = (assume (cterm_of (Theory.sign_of (the_context())) t)); 
    2.28 -fun asm_read s =  
    2.29 -    (assume (read_cterm (Theory.sign_of (Context.the_context())) (s,propT))); 
    2.30 -
    2.31 -    THINK: are we really ok with our varify name w.r.t the prop - do
    2.32 -    we alos need to avoid named in the hidden hyps?
    2.33 -
    2.34 -*)
    2.35 -
    2.36 -structure IsaND =
    2.37 -struct
    2.38 -
    2.39 -(* Solve *some* subgoal of "th" directly by "sol" *)
    2.40 -(* Note: this is probably what Markus ment to do upon export of a
    2.41 -"show" but maybe he used RS/rtac instead, which would wrongly lead to
    2.42 -failing if there are premices to the shown goal. *)
    2.43 -fun solve_with sol th = 
    2.44 -    let fun solvei 0 = Seq.empty
    2.45 -          | solvei i = 
    2.46 -            Seq.append (bicompose false (false,sol,0) i th, 
    2.47 -                        solvei (i - 1))
    2.48 -    in
    2.49 -      solvei (Thm.nprems_of th)
    2.50 -    end;
    2.51 -
    2.52 -
    2.53 -(* Given ctertmify function, (string,type) pairs capturing the free
    2.54 -vars that need to be allified in the assumption, and a theorem with
    2.55 -assumptions possibly containing the free vars, then we give back the
    2.56 -assumptions allified as hidden hyps. *)
    2.57 -(* 
    2.58 -Given: vs 
    2.59 -th: A vs ==> B vs
    2.60 -Results in: "B vs" [!!x. A x]
    2.61 -*)
    2.62 -fun allify_conditions ctermify Ts th = 
    2.63 -    let 
    2.64 -      val premts = Thm.prems_of th
    2.65 -    
    2.66 -      fun allify_prem_var (vt as (n,ty),t)  = 
    2.67 -          (Term.all ty) $ (Abs(n,ty,Term.abstract_over (Free vt, t)))
    2.68 -
    2.69 -      fun allify_prem Ts p = foldr allify_prem_var (Ts, p)
    2.70 -
    2.71 -      val cTs = map (ctermify o Free) Ts
    2.72 -      val cterm_asms = map (ctermify o allify_prem Ts) premts
    2.73 -      val allifyied_asm_thms = map (Drule.forall_elim_list cTs o Thm.assume) cterm_asms
    2.74 -    in
    2.75 -      (foldl (fn (x,y) => y RS x) (th, allifyied_asm_thms), cterm_asms)
    2.76 -    end;
    2.77 -
    2.78 -fun allify_conditions' Ts th = 
    2.79 -    allify_conditions (Thm.cterm_of (Thm.sign_of_thm th)) Ts th;
    2.80 -
    2.81 -
    2.82 -
    2.83 -(* change schematic vars to fresh free vars *)
    2.84 -fun fix_vars_to_frees th = 
    2.85 -    let 
    2.86 -      val ctermify = Thm.cterm_of (Thm.sign_of_thm th)
    2.87 -      val prop = Thm.prop_of th
    2.88 -      val vars = map Term.dest_Var (Term.term_vars prop)
    2.89 -
    2.90 -      val names = Term.add_term_names (prop, [])
    2.91 -
    2.92 -      val (insts,names2) = 
    2.93 -          foldl (fn ((insts,names),v as ((n,i),ty)) => 
    2.94 -                    let val n2 = Term.variant names n in
    2.95 -                      ((ctermify (Var v), ctermify (Free(n2,ty))) :: insts, 
    2.96 -                       n2 :: names)
    2.97 -                    end)
    2.98 -                (([],names), vars)
    2.99 -    in (insts, Thm.instantiate ([], insts) th) end;
   2.100 -
   2.101 -(* *)
   2.102 -(*
   2.103 -val th = Thm.freezeT (topthm());
   2.104 -val (insts, th') = fix_vars_to_frees th;
   2.105 -val Ts = map (Term.dest_Free o Thm.term_of o snd) insts;
   2.106 -allify_conditions' Ts th';
   2.107 -*)
   2.108 -
   2.109 -
   2.110 -(* datatype to capture an exported result, ie a fix or assume. *)
   2.111 -datatype export = 
   2.112 -         export of {fixes : Thm.cterm list, (* fixed vars *)
   2.113 -                    assumes : Thm.cterm list, (* hidden hyps/assumed prems *)
   2.114 -                    sgid : int,
   2.115 -                    gth :  Thm.thm}; (* subgoal/goalthm *)
   2.116 -
   2.117 -
   2.118 -
   2.119 -(* export the result of the new goal thm, ie if we reduced teh
   2.120 -subgoal, then we get a new reduced subtgoal with the old
   2.121 -all-quantified variables *)
   2.122 -local 
   2.123 -fun allify_term (v, t) = 
   2.124 -    let val vt = #t (Thm.rep_cterm v)
   2.125 -      val (n,ty) = Term.dest_Free vt
   2.126 -    in (Term.all ty) $ (Abs(n,ty,Term.abstract_over (vt, t))) end;
   2.127 -
   2.128 -fun allify_for_sg_term ctermify vs t =
   2.129 -    let val t_alls = foldr allify_term (vs,t);
   2.130 -        val ct_alls = ctermify t_alls; 
   2.131 -    in 
   2.132 -      (ct_alls, Drule.forall_elim_list vs (Thm.assume ct_alls))
   2.133 -    end;
   2.134 -
   2.135 -fun lookupfree vs vn  = 
   2.136 -    case Library.find_first (fn (n,ty) => n = vn) vs of 
   2.137 -      None => raise ERROR_MESSAGE ("prepare_goal_export:lookupfree: " 
   2.138 -                    ^ vn ^ " does not occur in the term")
   2.139 -    | Some x => x;
   2.140 -in
   2.141 -fun export_back (export {fixes = vs, assumes = hprems, 
   2.142 -                         sgid = i, gth = gth}) newth = 
   2.143 -    let 
   2.144 -      val sgn = Thm.sign_of_thm newth;
   2.145 -      val ctermify = Thm.cterm_of sgn;
   2.146 -
   2.147 -      val sgs = prems_of newth;
   2.148 -      val (sgallcts, sgthms) = 
   2.149 -          Library.split_list (map (allify_for_sg_term ctermify vs) sgs);
   2.150 -      val minimal_newth = 
   2.151 -          (foldl (fn ( newth', sgthm) => 
   2.152 -                          Drule.compose_single (sgthm, 1, newth'))
   2.153 -                      (newth, sgthms));
   2.154 -      val allified_newth = 
   2.155 -          minimal_newth 
   2.156 -            |> Drule.implies_intr_list hprems
   2.157 -            |> Drule.forall_intr_list vs 
   2.158 -
   2.159 -      val newth' = Drule.implies_intr_list sgallcts allified_newth
   2.160 -    in
   2.161 -      bicompose false (false, newth', (length sgallcts)) i gth
   2.162 -    end;
   2.163 -
   2.164 -(* given a thm of the form: 
   2.165 -P1 vs; ...; Pn vs ==> Goal(C vs)
   2.166 -
   2.167 -Gives back: 
   2.168 -n,
   2.169 -[| !! vs. P1 vs; !! vs. Pn vs |] 
   2.170 -  ==> !! C vs
   2.171 -*)
   2.172 -(* note: C may contain further premices etc 
   2.173 -Note that cterms is the assumed facts, ie prems of "P1" that are
   2.174 -reintroduced.
   2.175 -*)
   2.176 -fun prepare_goal_export (vs, cterms) th = 
   2.177 -    let 
   2.178 -      val sgn = Thm.sign_of_thm th;
   2.179 -      val ctermify = Thm.cterm_of sgn;
   2.180 -
   2.181 -      val allfrees = map Term.dest_Free (Term.term_frees (Thm.prop_of th))
   2.182 -      val cfrees = map (ctermify o Free o lookupfree allfrees) vs
   2.183 -
   2.184 -      val sgs = prems_of th;
   2.185 -      val (sgallcts, sgthms) = 
   2.186 -          Library.split_list (map (allify_for_sg_term ctermify cfrees) sgs);
   2.187 -
   2.188 -      val minimal_th = 
   2.189 -          (foldl (fn ( th', sgthm) => 
   2.190 -                          Drule.compose_single (sgthm, 1, th'))
   2.191 -                      (th, sgthms)) RS Drule.rev_triv_goal;
   2.192 -
   2.193 -      val allified_th = 
   2.194 -          minimal_th 
   2.195 -            |> Drule.implies_intr_list cterms
   2.196 -            |> Drule.forall_intr_list cfrees 
   2.197 -
   2.198 -      val th' = Drule.implies_intr_list sgallcts allified_th
   2.199 -    in
   2.200 -      ((length sgallcts), th')
   2.201 -    end;
   2.202 -
   2.203 -end;
   2.204 -
   2.205 -(* val exports_back = foldr (uncurry export_to_sg); *)
   2.206 -
   2.207 -(* test with:
   2.208 -
   2.209 -fun asm_mk t = (assume (cterm_of (Theory.sign_of (the_context())) t)); 
   2.210 -fun asm_read s =  
   2.211 -    (assume (read_cterm (Theory.sign_of (Context.the_context())) (s,propT))); 
   2.212 -use_thy "theories/dbg2";
   2.213 -Goal "!! x :: nat. [| A x; B x; C x; D x |] ==> ((P1 x & P2 x) & P3 x)";
   2.214 -by (rtac conjI 1);
   2.215 -by (rtac conjI 1);
   2.216 -val th = topthm();
   2.217 -val i = 1;
   2.218 -val (gthi, exp) = IsaND.fix_alls i th;
   2.219 -val [th'] = Seq.list_of (rtac (thm "p321") 1 gthi);
   2.220 -val oldthewth = Seq.list_of (IsaND.export_back exp th');
   2.221 - or 
   2.222 -val [th'] = Seq.list_of (RWStepTac.rwstep_tac (thms "aa2") 1 gthi);
   2.223 -val oldthewth = Seq.list_of (IsaND.export_back exp th');
   2.224 -
   2.225 -
   2.226 -val th = topthm();
   2.227 -val i = 1;
   2.228 -val (goalth, exp1) = IsaND.fix_alls' i th;
   2.229 -val (newth, exp2) = IsaND.hide_other_goals 2 goalth;
   2.230 -val oldthewth = Seq.list_of (IsaND.export_back exp2 newth);
   2.231 -val (export {fixes = vs, assumes = hprems, 
   2.232 -                            sgid = i, gth = gth}) = exp2;
   2.233 -
   2.234 -
   2.235 -Goal "!! x y. P (x + (Suc y)) ==> Z x y ==> Q ((Suc x) + y)"; 
   2.236 -val th = topthm();
   2.237 -val i = 1;
   2.238 -val (gthi, exp) = IsaND.fix_alls i th;
   2.239 -val newth = Seq.hd (Asm_full_simp_tac 1 gthi);
   2.240 -Seq.list_of (IsaND.export_back exp newth);
   2.241 -*)
   2.242 -
   2.243 -
   2.244 -
   2.245 -(* exporting function that takes a solution to the fixed/assumed goal,
   2.246 -and uses this to solve the subgoal in the main theorem *)
   2.247 -fun export_solution (export {fixes = cfvs, assumes = hcprems,
   2.248 -                             sgid = i, gth = gth}) solth = 
   2.249 -    let 
   2.250 -      val solth' = 
   2.251 -          solth |> Drule.implies_intr_list hcprems
   2.252 -                |> Drule.forall_intr_list cfvs
   2.253 -    in Drule.compose_single (solth', i, gth) end;
   2.254 -
   2.255 -val exports_solution = foldr (uncurry export_solution);
   2.256 -
   2.257 -
   2.258 -
   2.259 -
   2.260 -(* fix parameters of a subgoal "i", as free variables, and create an
   2.261 -exporting function that will use the result of this proved goal to
   2.262 -show the goal in the original theorem. 
   2.263 -
   2.264 -Note, an advantage of this over Isar is that it supports instantiation
   2.265 -of unkowns in the earlier theorem, ie we can do instantiation of meta
   2.266 -vars! *)
   2.267 -(* loosely corresponds to:
   2.268 -Given "[| SG0; ... !! x. As ==> SGi x; ... SGm |] ==> G" : thm
   2.269 -Result: 
   2.270 -  ("(As ==> SGi x') ==> (As ==> SGi x')" : thm, 
   2.271 -   expf : 
   2.272 -     ("As ==> SGi x'" : thm) -> 
   2.273 -     ("[| SG0; ... SGi-1; SGi+1; ... SGm |] ==> G") : thm)
   2.274 -*)
   2.275 -fun fix_alls' i th = 
   2.276 -    let 
   2.277 -      val t = (prop_of th); 
   2.278 -      val names = Term.add_term_names (t,[]);
   2.279 -      val gt = Logic.get_goal t i;
   2.280 -      val body = Term.strip_all_body gt;
   2.281 -      val alls = rev (Term.strip_all_vars gt);
   2.282 -      val fvs = map Free 
   2.283 -                    ((Term.variantlist (map fst alls, names)) 
   2.284 -                       ~~ (map snd alls));
   2.285 -      val sgn = Thm.sign_of_thm th;
   2.286 -      val ctermify = Thm.cterm_of sgn;
   2.287 -      val cfvs = rev (map ctermify fvs);
   2.288 -
   2.289 -      val body' = (subst_bounds (fvs,body));
   2.290 -      val gthi0 = Thm.trivial (ctermify body');
   2.291 -      
   2.292 -      (* Given a thm justifying subgoal i, solve subgoal i *)
   2.293 -      (* Note: fails if there are choices! *)
   2.294 -      (* fun exportf thi = 
   2.295 -          Drule.compose_single (Drule.forall_intr_list cfvs thi, 
   2.296 -                                i, th) *)
   2.297 -    in (gthi0, cfvs) end;
   2.298 -
   2.299 -(* small example: 
   2.300 -Goal "!! x. [| False; C x |] ==> P x";
   2.301 -val th = topthm();
   2.302 -val i = 1;
   2.303 -val (goalth, fixes) = fix_alls' i (topthm());
   2.304 -
   2.305 -Goal "!! x. P (x + (Suc y)) ==> Q ((Suc x) + y)";
   2.306 -Goal "!! x. P x y = Q y x ==> P x y";
   2.307 -val th = topthm();
   2.308 -val i = 1;
   2.309 -val (prems, gthi, expf) = IsaND.fixes_and_assumes i th;
   2.310 -val gth2 = Seq.hd (RWStepTac.rwstep_tac prems 1 gthi);
   2.311 -*)
   2.312 -
   2.313 -
   2.314 -(* hide other goals *) 
   2.315 -(* note the export goal is rotated by (i - 1) and will have to be
   2.316 -unrotated to get backto the originial position(s) *)
   2.317 -fun hide_other_goals th = 
   2.318 -    let
   2.319 -      (* tl beacuse fst sg is the goal we are interested in *)
   2.320 -      val cprems = tl (Drule.cprems_of th)
   2.321 -      val aprems = map Thm.assume cprems
   2.322 -    in
   2.323 -      (Drule.implies_elim_list (Drule.rotate_prems 1 th) aprems, 
   2.324 -       cprems)
   2.325 -    end;
   2.326 -(* test with: 
   2.327 -Goal "!! x. [| False; C x |] ==> P x";
   2.328 -val th = topthm();
   2.329 -val i = 1;
   2.330 -val (goalth, fixedvars) = IsaND.fix_alls' i th;
   2.331 -val (newth, hiddenprems) = IsaND.hide_other_goals goalth;
   2.332 -*)
   2.333 -
   2.334 -(* a nicer version of the above that leaves only a single subgoal (the
   2.335 -other subgoals are hidden hyps, that the exporter suffles about)
   2.336 -namely the subgoal that we were trying to solve. *)
   2.337 -(* loosely corresponds to:
   2.338 -Given "[| SG0; ... !! x. As ==> SGi x; ... SGm |] ==> G" : thm
   2.339 -Result: 
   2.340 -  ("(As ==> SGi x') ==> SGi x'" : thm, 
   2.341 -   expf : 
   2.342 -     ("SGi x'" : thm) -> 
   2.343 -     ("[| SG0; ... SGi-1; SGi+1; ... SGm |] ==> G") : thm)
   2.344 -*)
   2.345 -fun fix_alls i th = 
   2.346 -    let 
   2.347 -      val (fixed_gth, fixedvars) = fix_alls' i th
   2.348 -      val (sml_gth, othergoals) = hide_other_goals fixed_gth
   2.349 -    in
   2.350 -      (sml_gth, export {fixes = fixedvars, 
   2.351 -                        assumes = othergoals, 
   2.352 -                        sgid = i, gth = th})
   2.353 -    end;
   2.354 -
   2.355 -(* small example: 
   2.356 -Goal "!! x. [| False; C x |] ==> P x";
   2.357 -val th = topthm();
   2.358 -val i = 1;
   2.359 -val (goalth, exp) = IsaND.fix_alls i th;
   2.360 -val oldthewth = Seq.list_of (IsaND.export_back exp goalth);
   2.361 -
   2.362 -val (premths, goalth2, expf2) = IsaND.assume_prems 1 goalth;
   2.363 -val False_th = nth_elem (0,premths);
   2.364 -val anything = False_th RS (thm "FalseE");
   2.365 -val th2 = anything RS goalth2;
   2.366 -val th1 = expf2 th2;
   2.367 -val final_th = flat (map expf th1);
   2.368 -*)
   2.369 -
   2.370 -
   2.371 -(* assume the premises of subgoal "i", this gives back a list of
   2.372 -assumed theorems that are the premices of subgoal i, it also gives
   2.373 -back a new goal thm and an exporter, the new goalthm is as the old
   2.374 -one, but without the premices, and the exporter will use a proof of
   2.375 -the new goalthm, possibly using the assumed premices, to shoe the
   2.376 -orginial goal. *)
   2.377 -
   2.378 -(* Note: Dealing with meta vars, need to meta-level-all them in the
   2.379 -shyps, which we can later instantiate with a specific value.... ? 
   2.380 -think about this... maybe need to introduce some new fixed vars and
   2.381 -then remove them again at the end... like I do with rw_inst. *)
   2.382 -(* loosely corresponds to:
   2.383 -Given "[| SG0; ... [| A0; ... An |] ==> SGi; ... SGm |] ==> G" : thm
   2.384 -Result: 
   2.385 -(["A0" [A0], ... ,"An" [An]] : thm list, -- assumptions
   2.386 - "SGi ==> SGi" : thm, -- new goal 
   2.387 - "SGi" ["A0" ... "An"] : thm ->   -- export function
   2.388 -    ("[| SG0 ... SGi-1, SGi+1, SGm |] ==> G" : thm) list)
   2.389 -*)
   2.390 -fun assume_prems i th =
   2.391 -    let 
   2.392 -      val t = (prop_of th); 
   2.393 -      val gt = Logic.get_goal t i;
   2.394 -      val _ = case Term.strip_all_vars gt of [] => () 
   2.395 -              | _ => raise ERROR_MESSAGE "assume_prems: goal has params"
   2.396 -      val body = gt;
   2.397 -      val prems = Logic.strip_imp_prems body;
   2.398 -      val concl = Logic.strip_imp_concl body;
   2.399 -
   2.400 -      val sgn = Thm.sign_of_thm th;
   2.401 -      val ctermify = Thm.cterm_of sgn;
   2.402 -      val cprems = map ctermify prems;
   2.403 -      val aprems = map Thm.assume cprems;
   2.404 -      val gthi = Thm.trivial (ctermify concl);
   2.405 -
   2.406 -      (* fun explortf thi = 
   2.407 -          Drule.compose (Drule.implies_intr_list cprems thi, 
   2.408 -                         i, th) *)
   2.409 -    in
   2.410 -      (aprems, gthi, cprems)
   2.411 -    end;
   2.412 -(* small example: 
   2.413 -Goal "False ==> b";
   2.414 -val th = topthm();
   2.415 -val i = 1;
   2.416 -val (prems, goalth, cprems) = IsaND.assume_prems i (topthm());
   2.417 -val F = hd prems;
   2.418 -val FalseE = thm "FalseE";
   2.419 -val anything = F RS FalseE;
   2.420 -val thi = anything RS goalth;
   2.421 -val res' = expf thi;
   2.422 -*)
   2.423 -
   2.424 -
   2.425 -(* first fix the variables, then assume the assumptions *)
   2.426 -(* loosely corresponds to:
   2.427 -Given 
   2.428 -  "[| SG0; ... 
   2.429 -      !! xs. [| A0 xs; ... An xs |] ==> SGi xs; 
   2.430 -      ... SGm |] ==> G" : thm
   2.431 -Result: 
   2.432 -(["A0 xs'" [A0 xs'], ... ,"An xs'" [An xs']] : thm list, -- assumptions
   2.433 - "SGi xs' ==> SGi xs'" : thm,  -- new goal 
   2.434 - "SGi xs'" ["A0 xs'" ... "An xs'"] : thm ->   -- export function
   2.435 -    ("[| SG0 ... SGi-1, SGi+1, SGm |] ==> G" : thm) list)
   2.436 -*)
   2.437 -
   2.438 -(* Note: the fix_alls actually pulls through all the assumptions which
   2.439 -means that the second export is not needed. *)
   2.440 -fun fixes_and_assumes i th = 
   2.441 -    let 
   2.442 -      val (fixgth, exp1) = fix_alls i th
   2.443 -      val (assumps, goalth, _) = assume_prems 1 fixgth
   2.444 -    in 
   2.445 -      (assumps, goalth, exp1)
   2.446 -    end;
   2.447 -(* test with: 
   2.448 -Goal "!! x. [| False; C x |] ==> P x";
   2.449 -val th = topthm();
   2.450 -val i = 1;
   2.451 -val (fixgth, exp) = IsaND.fix_alls i th;
   2.452 -val (assumps, goalth, _) = assume_prems 1 fixgth;
   2.453 -
   2.454 -val oldthewth = Seq.list_of (IsaND.export_back exp fixgth);
   2.455 -val oldthewth = Seq.list_of (IsaND.export_back exp goalth);
   2.456 -
   2.457 -
   2.458 -val (prems, goalth, expf) = IsaND.fixes_and_assumes i th;
   2.459 -val F = hd prems;
   2.460 -val FalseE = thm "FalseE";
   2.461 -val anything = F RS FalseE;
   2.462 -val thi = anything RS goalth;
   2.463 -val res' = expf thi;
   2.464 -*)
   2.465 -
   2.466 -(* Fixme: allow different order of subgoals given to expf *)
   2.467 -(* make each subgoal into a separate thm that needs to be proved *)
   2.468 -(* loosely corresponds to:
   2.469 -Given 
   2.470 -  "[| SG0; ... SGm |] ==> G" : thm
   2.471 -Result: 
   2.472 -(["SG0 ==> SG0", ... ,"SGm ==> SGm"] : thm list, -- goals
   2.473 - ["SG0", ..., "SGm"] : thm list ->   -- export function
   2.474 -   "G" : thm)
   2.475 -*)
   2.476 -fun subgoal_thms th = 
   2.477 -    let 
   2.478 -      val t = (prop_of th); 
   2.479 -
   2.480 -      val prems = Logic.strip_imp_prems t;
   2.481 -
   2.482 -      val sgn = Thm.sign_of_thm th;
   2.483 -      val ctermify = Thm.cterm_of sgn;
   2.484 -
   2.485 -      val aprems = map (Thm.trivial o ctermify) prems;
   2.486 -
   2.487 -      fun explortf premths = 
   2.488 -          Drule.implies_elim_list th premths
   2.489 -    in
   2.490 -      (aprems, explortf)
   2.491 -    end;
   2.492 -(* small example: 
   2.493 -Goal "A & B";
   2.494 -by (rtac conjI 1);
   2.495 -val th = topthm();
   2.496 -val (subgoals, expf) = subgoal_thms (topthm());
   2.497 -*)
   2.498 -
   2.499 -(* make all the premices of a theorem hidden, and provide an unhide
   2.500 -function, that will bring them back out at a later point. This is
   2.501 -useful if you want to get back these premices, after having used the
   2.502 -theorem with the premices hidden *)
   2.503 -(* loosely corresponds to:
   2.504 -Given "As ==> G" : thm
   2.505 -Result: ("G [As]" : thm, 
   2.506 -         "G [As]" : thm -> "As ==> G" : thm
   2.507 -*)
   2.508 -fun hide_prems th = 
   2.509 -    let 
   2.510 -      val sgn = Thm.sign_of_thm th;
   2.511 -      val ctermify = Thm.cterm_of sgn;
   2.512 -
   2.513 -      val t = (prop_of th);
   2.514 -      val prems = Logic.strip_imp_prems t;
   2.515 -      val cprems = map ctermify prems;
   2.516 -      val aprems = map Thm.trivial cprems;
   2.517 -
   2.518 -    (*   val unhidef = Drule.implies_intr_list cprems; *)
   2.519 -    in
   2.520 -      (Drule.implies_elim_list th aprems, cprems)
   2.521 -    end;
   2.522 -
   2.523 -
   2.524 -
   2.525 -
   2.526 -(* Fixme: allow different order of subgoals in exportf *)
   2.527 -(* as above, but also fix all parameters in all subgoals, and uses
   2.528 -fix_alls, not fix_alls', ie doesn't leave extra asumptions as apparent
   2.529 -subgoals. *)
   2.530 -(* loosely corresponds to:
   2.531 -Given 
   2.532 -  "[| !! x0s. A0s x0s ==> SG0 x0s; 
   2.533 -      ...; !! xms. Ams xms ==> SGm xms|] ==> G" : thm
   2.534 -Result: 
   2.535 -(["(A0s x0s' ==> SG0 x0s') ==> SG0 x0s'", 
   2.536 -  ... ,"(Ams xms' ==> SGm xms') ==> SGm xms'"] : thm list, -- goals
   2.537 - ["SG0 x0s'", ..., "SGm xms'"] : thm list ->   -- export function
   2.538 -   "G" : thm)
   2.539 -*)
   2.540 -(* requires being given solutions! *)
   2.541 -fun fixed_subgoal_thms th = 
   2.542 -    let 
   2.543 -      val (subgoals, expf) = subgoal_thms th;
   2.544 -(*       fun export_sg (th, exp) = exp th; *)
   2.545 -      fun export_sgs expfs solthms = 
   2.546 -          expf (map2 (op |>) (solthms, expfs));
   2.547 -(*           expf (map export_sg (ths ~~ expfs)); *)
   2.548 -    in 
   2.549 -      apsnd export_sgs (Library.split_list (map (apsnd export_solution o 
   2.550 -                                                 fix_alls 1) subgoals))
   2.551 -    end;
   2.552 -
   2.553 -
   2.554 -(* small example: 
   2.555 -Goal "(!! x. ((C x) ==> (A x)))";
   2.556 -val th = topthm();
   2.557 -val i = 1;
   2.558 -val (subgoals, expf) = fixed_subgoal_thms (topthm());
   2.559 -*)
   2.560 -
   2.561 -end;
     3.1 --- a/doc-src/TutorialI/Advanced/document/Partial.tex	Sun Jan 30 20:48:50 2005 +0100
     3.2 +++ b/doc-src/TutorialI/Advanced/document/Partial.tex	Tue Feb 01 18:01:57 2005 +0100
     3.3 @@ -150,7 +150,7 @@
     3.4  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\isanewline
     3.5  \ \ {\isachardoublequote}wf{\isacharparenleft}step{\isadigit{1}}\ f{\isacharparenright}\ {\isasymLongrightarrow}\ find{\isacharparenleft}f{\isacharcomma}x{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}if\ f\ x\ {\isacharequal}\ x\ then\ x\ else\ find{\isacharparenleft}f{\isacharcomma}\ f\ x{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isanewline
     3.6  \isamarkupfalse%
     3.7 -\isacommand{by}\ simp\isamarkupfalse%
     3.8 +\isamarkupfalse%
     3.9  %
    3.10  \begin{isamarkuptext}%
    3.11  \noindent Then you should disable the original recursion equation:%
    3.12 @@ -165,11 +165,9 @@
    3.13  \isamarkuptrue%
    3.14  \isacommand{lemma}\ {\isachardoublequote}wf{\isacharparenleft}step{\isadigit{1}}\ f{\isacharparenright}\ {\isasymlongrightarrow}\ f{\isacharparenleft}find{\isacharparenleft}f{\isacharcomma}x{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ find{\isacharparenleft}f{\isacharcomma}x{\isacharparenright}{\isachardoublequote}\isanewline
    3.15  \isamarkupfalse%
    3.16 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ f\ x\ rule{\isacharcolon}\ find{\isachardot}induct{\isacharparenright}\isanewline
    3.17 +\isamarkupfalse%
    3.18  \isamarkupfalse%
    3.19 -\isacommand{apply}\ simp\isanewline
    3.20  \isamarkupfalse%
    3.21 -\isacommand{done}\isamarkupfalse%
    3.22  %
    3.23  \isamarkupsubsubsection{The {\tt\slshape while} Combinator%
    3.24  }
    3.25 @@ -231,14 +229,10 @@
    3.26  \ \ {\isasymexists}y{\isachardot}\ while\ {\isacharparenleft}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}x{\isacharprime}{\isacharparenright}{\isachardot}\ x{\isacharprime}\ {\isasymnoteq}\ x{\isacharparenright}\ {\isacharparenleft}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}x{\isacharprime}{\isacharparenright}{\isachardot}\ {\isacharparenleft}x{\isacharprime}{\isacharcomma}f\ x{\isacharprime}{\isacharparenright}{\isacharparenright}\ {\isacharparenleft}x{\isacharcomma}f\ x{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}y{\isacharcomma}y{\isacharparenright}\ {\isasymand}\isanewline
    3.27  \ \ \ \ \ \ \ f\ y\ {\isacharequal}\ y{\isachardoublequote}\isanewline
    3.28  \isamarkupfalse%
    3.29 -\isacommand{apply}{\isacharparenleft}rule{\isacharunderscore}tac\ P\ {\isacharequal}\ {\isachardoublequote}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}x{\isacharprime}{\isacharparenright}{\isachardot}\ x{\isacharprime}\ {\isacharequal}\ f\ x{\isachardoublequote}\ \isakeyword{and}\isanewline
    3.30 -\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ r\ {\isacharequal}\ {\isachardoublequote}inv{\isacharunderscore}image\ {\isacharparenleft}step{\isadigit{1}}\ f{\isacharparenright}\ fst{\isachardoublequote}\ \isakeyword{in}\ while{\isacharunderscore}rule{\isacharparenright}\isanewline
    3.31 +\isamarkupfalse%
    3.32  \isamarkupfalse%
    3.33 -\isacommand{apply}\ auto\isanewline
    3.34  \isamarkupfalse%
    3.35 -\isacommand{apply}{\isacharparenleft}simp\ add{\isacharcolon}\ inv{\isacharunderscore}image{\isacharunderscore}def\ step{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}\isanewline
    3.36  \isamarkupfalse%
    3.37 -\isacommand{done}\isamarkupfalse%
    3.38  %
    3.39  \begin{isamarkuptext}%
    3.40  The theorem itself is a simple consequence of this lemma:%
    3.41 @@ -246,11 +240,9 @@
    3.42  \isamarkuptrue%
    3.43  \isacommand{theorem}\ {\isachardoublequote}wf{\isacharparenleft}step{\isadigit{1}}\ f{\isacharparenright}\ {\isasymLongrightarrow}\ f{\isacharparenleft}find{\isadigit{2}}\ f\ x{\isacharparenright}\ {\isacharequal}\ find{\isadigit{2}}\ f\ x{\isachardoublequote}\isanewline
    3.44  \isamarkupfalse%
    3.45 -\isacommand{apply}{\isacharparenleft}drule{\isacharunderscore}tac\ x\ {\isacharequal}\ x\ \isakeyword{in}\ lem{\isacharparenright}\isanewline
    3.46 +\isamarkupfalse%
    3.47  \isamarkupfalse%
    3.48 -\isacommand{apply}{\isacharparenleft}auto\ simp\ add{\isacharcolon}\ find{\isadigit{2}}{\isacharunderscore}def{\isacharparenright}\isanewline
    3.49  \isamarkupfalse%
    3.50 -\isacommand{done}\isamarkupfalse%
    3.51  %
    3.52  \begin{isamarkuptext}%
    3.53  Let us conclude this section on partial functions by a
     4.1 --- a/doc-src/TutorialI/Advanced/document/WFrec.tex	Sun Jan 30 20:48:50 2005 +0100
     4.2 +++ b/doc-src/TutorialI/Advanced/document/WFrec.tex	Tue Feb 01 18:01:57 2005 +0100
     4.3 @@ -85,37 +85,12 @@
     4.4  \end{isamarkuptext}%
     4.5  \isamarkuptrue%
     4.6  \isacommand{lemma}\ wf{\isacharunderscore}greater{\isacharcolon}\ {\isachardoublequote}wf\ {\isacharbraceleft}{\isacharparenleft}i{\isacharcomma}j{\isacharparenright}{\isachardot}\ j{\isacharless}i\ {\isasymand}\ i\ {\isasymle}\ {\isacharparenleft}N{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isacharbraceright}{\isachardoublequote}\isamarkupfalse%
     4.7 -%
     4.8 -\begin{isamarkuptxt}%
     4.9 -\noindent
    4.10 -The proof is by showing that our relation is a subset of another well-founded
    4.11 -relation: one given by a measure function.\index{*wf_subset (theorem)}%
    4.12 -\end{isamarkuptxt}%
    4.13 +\isamarkuptrue%
    4.14 +\isamarkupfalse%
    4.15  \isamarkuptrue%
    4.16 -\isacommand{apply}\ {\isacharparenleft}rule\ wf{\isacharunderscore}subset\ {\isacharbrackleft}of\ {\isachardoublequote}measure\ {\isacharparenleft}{\isasymlambda}k{\isacharcolon}{\isacharcolon}nat{\isachardot}\ N{\isacharminus}k{\isacharparenright}{\isachardoublequote}{\isacharbrackright}{\isacharcomma}\ blast{\isacharparenright}\isamarkupfalse%
    4.17 -%
    4.18 -\begin{isamarkuptxt}%
    4.19 -\begin{isabelle}%
    4.20 -\ {\isadigit{1}}{\isachardot}\ {\isacharbraceleft}{\isacharparenleft}i{\isacharcomma}\ j{\isacharparenright}{\isachardot}\ j\ {\isacharless}\ i\ {\isasymand}\ i\ {\isasymle}\ N{\isacharbraceright}\ {\isasymsubseteq}\ measure\ {\isacharparenleft}op\ {\isacharminus}\ N{\isacharparenright}%
    4.21 -\end{isabelle}
    4.22 -
    4.23 -\noindent
    4.24 -The inclusion remains to be proved. After unfolding some definitions, 
    4.25 -we are left with simple arithmetic:%
    4.26 -\end{isamarkuptxt}%
    4.27 +\isamarkupfalse%
    4.28  \isamarkuptrue%
    4.29 -\isacommand{apply}\ {\isacharparenleft}clarify{\isacharcomma}\ simp\ add{\isacharcolon}\ measure{\isacharunderscore}def\ inv{\isacharunderscore}image{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
    4.30 -%
    4.31 -\begin{isamarkuptxt}%
    4.32 -\begin{isabelle}%
    4.33 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ b{\isachardot}\ {\isasymlbrakk}b\ {\isacharless}\ a{\isacharsemicolon}\ a\ {\isasymle}\ N{\isasymrbrakk}\ {\isasymLongrightarrow}\ N\ {\isacharminus}\ a\ {\isacharless}\ N\ {\isacharminus}\ b%
    4.34 -\end{isabelle}
    4.35 -
    4.36 -\noindent
    4.37 -And that is dispatched automatically:%
    4.38 -\end{isamarkuptxt}%
    4.39 -\isamarkuptrue%
    4.40 -\isacommand{by}\ arith\isamarkupfalse%
    4.41 +\isamarkupfalse%
    4.42  %
    4.43  \begin{isamarkuptext}%
    4.44  \noindent
     5.1 --- a/doc-src/TutorialI/CodeGen/document/CodeGen.tex	Sun Jan 30 20:48:50 2005 +0100
     5.2 +++ b/doc-src/TutorialI/CodeGen/document/CodeGen.tex	Tue Feb 01 18:01:57 2005 +0100
     5.3 @@ -105,27 +105,12 @@
     5.4  \end{isamarkuptext}%
     5.5  \isamarkuptrue%
     5.6  \isacommand{theorem}\ {\isachardoublequote}{\isasymforall}vs{\isachardot}\ exec\ {\isacharparenleft}comp\ e{\isacharparenright}\ s\ vs\ {\isacharequal}\ {\isacharparenleft}value\ e\ s{\isacharparenright}\ {\isacharhash}\ vs{\isachardoublequote}\isamarkupfalse%
     5.7 -%
     5.8 -\begin{isamarkuptxt}%
     5.9 -\noindent
    5.10 -It will be proved by induction on \isa{e} followed by simplification.  
    5.11 -First, we must prove a lemma about executing the concatenation of two
    5.12 -instruction sequences:%
    5.13 -\end{isamarkuptxt}%
    5.14  \isamarkuptrue%
    5.15  \isamarkupfalse%
    5.16  \isacommand{lemma}\ exec{\isacharunderscore}app{\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\isanewline
    5.17  \ \ {\isachardoublequote}{\isasymforall}vs{\isachardot}\ exec\ {\isacharparenleft}xs{\isacharat}ys{\isacharparenright}\ s\ vs\ {\isacharequal}\ exec\ ys\ s\ {\isacharparenleft}exec\ xs\ s\ vs{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
    5.18 -%
    5.19 -\begin{isamarkuptxt}%
    5.20 -\noindent
    5.21 -This requires induction on \isa{xs} and ordinary simplification for the
    5.22 -base cases. In the induction step, simplification leaves us with a formula
    5.23 -that contains two \isa{case}-expressions over instructions. Thus we add
    5.24 -automatic case splitting, which finishes the proof:%
    5.25 -\end{isamarkuptxt}%
    5.26  \isamarkuptrue%
    5.27 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharcomma}\ simp{\isacharcomma}\ simp\ split{\isacharcolon}\ instr{\isachardot}split{\isacharparenright}\isamarkupfalse%
    5.28 +\isamarkupfalse%
    5.29  \isamarkupfalse%
    5.30  %
    5.31  \begin{isamarkuptext}%
    5.32 @@ -137,7 +122,7 @@
    5.33  \isamarkuptrue%
    5.34  \isamarkupfalse%
    5.35  \isamarkupfalse%
    5.36 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharcomma}\ simp{\isacharunderscore}all\ split{\isacharcolon}\ instr{\isachardot}split{\isacharparenright}\isamarkupfalse%
    5.37 +\isamarkupfalse%
    5.38  \isamarkupfalse%
    5.39  %
    5.40  \begin{isamarkuptext}%
     6.1 --- a/doc-src/TutorialI/Datatype/document/ABexpr.tex	Sun Jan 30 20:48:50 2005 +0100
     6.2 +++ b/doc-src/TutorialI/Datatype/document/ABexpr.tex	Tue Feb 01 18:01:57 2005 +0100
     6.3 @@ -103,14 +103,9 @@
     6.4  \isacommand{lemma}\ {\isachardoublequote}evala\ {\isacharparenleft}substa\ s\ a{\isacharparenright}\ env\ {\isacharequal}\ evala\ a\ {\isacharparenleft}{\isasymlambda}x{\isachardot}\ evala\ {\isacharparenleft}s\ x{\isacharparenright}\ env{\isacharparenright}\ {\isasymand}\isanewline
     6.5  \ \ \ \ \ \ \ \ evalb\ {\isacharparenleft}substb\ s\ b{\isacharparenright}\ env\ {\isacharequal}\ evalb\ b\ {\isacharparenleft}{\isasymlambda}x{\isachardot}\ evala\ {\isacharparenleft}s\ x{\isacharparenright}\ env{\isacharparenright}{\isachardoublequote}\isanewline
     6.6  \isamarkupfalse%
     6.7 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ a\ \isakeyword{and}\ b{\isacharparenright}\isamarkupfalse%
     6.8 -%
     6.9 -\begin{isamarkuptxt}%
    6.10 -\noindent
    6.11 -The resulting 8 goals (one for each constructor) are proved in one fell swoop:%
    6.12 -\end{isamarkuptxt}%
    6.13 +\isamarkupfalse%
    6.14  \isamarkuptrue%
    6.15 -\isacommand{apply}\ simp{\isacharunderscore}all\isamarkupfalse%
    6.16 +\isamarkupfalse%
    6.17  \isamarkupfalse%
    6.18  %
    6.19  \begin{isamarkuptext}%
     7.1 --- a/doc-src/TutorialI/Datatype/document/Fundata.tex	Sun Jan 30 20:48:50 2005 +0100
     7.2 +++ b/doc-src/TutorialI/Datatype/document/Fundata.tex	Tue Feb 01 18:01:57 2005 +0100
     7.3 @@ -43,22 +43,10 @@
     7.4  \isamarkuptrue%
     7.5  \isacommand{lemma}\ {\isachardoublequote}map{\isacharunderscore}bt\ {\isacharparenleft}g\ o\ f{\isacharparenright}\ T\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ T{\isacharparenright}{\isachardoublequote}\isanewline
     7.6  \isamarkupfalse%
     7.7 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ T{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
     7.8 -\isamarkupfalse%
     7.9 -\isacommand{done}\isamarkupfalse%
    7.10  \isamarkupfalse%
    7.11  \isamarkupfalse%
    7.12 -%
    7.13 -\begin{isamarkuptxt}%
    7.14 -\noindent
    7.15 -Because of the function type, the proof state after induction looks unusual.
    7.16 -Notice the quantified induction hypothesis:
    7.17 -\begin{isabelle}%
    7.18 -\ {\isadigit{1}}{\isachardot}\ map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ Tip\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ Tip{\isacharparenright}\isanewline
    7.19 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ F{\isachardot}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ {\isacharparenleft}F\ x{\isacharparenright}\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ {\isacharparenleft}F\ x{\isacharparenright}{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\isanewline
    7.20 -\isaindent{\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ F{\isachardot}\ }map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ {\isacharparenleft}Br\ a\ F{\isacharparenright}\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ {\isacharparenleft}Br\ a\ F{\isacharparenright}{\isacharparenright}%
    7.21 -\end{isabelle}%
    7.22 -\end{isamarkuptxt}%
    7.23 +\isamarkupfalse%
    7.24 +\isamarkupfalse%
    7.25  \isamarkuptrue%
    7.26  \isamarkupfalse%
    7.27  \isamarkupfalse%
     8.1 --- a/doc-src/TutorialI/Datatype/document/Nested.tex	Sun Jan 30 20:48:50 2005 +0100
     8.2 +++ b/doc-src/TutorialI/Datatype/document/Nested.tex	Tue Feb 01 18:01:57 2005 +0100
     8.3 @@ -73,9 +73,8 @@
     8.4  \isacommand{lemma}\ subst{\isacharunderscore}id{\isacharcolon}\ {\isachardoublequote}subst\ \ Var\ t\ \ {\isacharequal}\ {\isacharparenleft}t\ {\isacharcolon}{\isacharcolon}{\isacharparenleft}{\isacharprime}v{\isacharcomma}{\isacharprime}f{\isacharparenright}term{\isacharparenright}\ \ {\isasymand}\isanewline
     8.5  \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ substs\ Var\ ts\ {\isacharequal}\ {\isacharparenleft}ts{\isacharcolon}{\isacharcolon}{\isacharparenleft}{\isacharprime}v{\isacharcomma}{\isacharprime}f{\isacharparenright}term\ list{\isacharparenright}{\isachardoublequote}\isanewline
     8.6  \isamarkupfalse%
     8.7 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ t\ \isakeyword{and}\ ts{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
     8.8  \isamarkupfalse%
     8.9 -\isacommand{done}\isamarkupfalse%
    8.10 +\isamarkupfalse%
    8.11  %
    8.12  \begin{isamarkuptext}%
    8.13  \noindent
    8.14 @@ -129,9 +128,8 @@
    8.15  \isamarkupfalse%
    8.16  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}subst\ s\ {\isacharparenleft}App\ f\ ts{\isacharparenright}\ {\isacharequal}\ App\ f\ {\isacharparenleft}map\ {\isacharparenleft}subst\ s{\isacharparenright}\ ts{\isacharparenright}{\isachardoublequote}\isanewline
    8.17  \isamarkupfalse%
    8.18 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ ts{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
    8.19  \isamarkupfalse%
    8.20 -\isacommand{done}\isamarkupfalse%
    8.21 +\isamarkupfalse%
    8.22  %
    8.23  \begin{isamarkuptext}%
    8.24  \noindent
     9.1 --- a/doc-src/TutorialI/Documents/document/Documents.tex	Sun Jan 30 20:48:50 2005 +0100
     9.2 +++ b/doc-src/TutorialI/Documents/document/Documents.tex	Tue Feb 01 18:01:57 2005 +0100
     9.3 @@ -587,9 +587,6 @@
     9.4  }
     9.5  \isanewline
     9.6  \ \ \isamarkupfalse%
     9.7 -\isacommand{by}\ {\isacharparenleft}rule\ impI{\isacharparenright}\ %
     9.8 -\isamarkupcmt{implicit assumption step involved here%
     9.9 -}
    9.10  \isamarkupfalse%
    9.11  %
    9.12  \begin{isamarkuptext}%
    9.13 @@ -815,7 +812,7 @@
    9.14  \isamarkuptrue%
    9.15  \isacommand{lemma}\ {\isachardoublequote}x\ {\isasymnoteq}\ {\isacharparenleft}{\isadigit{0}}{\isacharcolon}{\isacharcolon}int{\isacharparenright}\ {\isasymLongrightarrow}\ {\isadigit{0}}\ {\isacharless}\ x\ {\isacharasterisk}\ x{\isachardoublequote}\isanewline
    9.16  \ \ \isamarkupfalse%
    9.17 -\isacommand{by}\ {\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
    9.18 +\isamarkupfalse%
    9.19  %
    9.20  \begin{isamarkuptext}%
    9.21  \noindent Here the real source of the proof has been as follows:
    10.1 --- a/doc-src/TutorialI/Ifexpr/document/Ifexpr.tex	Sun Jan 30 20:48:50 2005 +0100
    10.2 +++ b/doc-src/TutorialI/Ifexpr/document/Ifexpr.tex	Tue Feb 01 18:01:57 2005 +0100
    10.3 @@ -100,17 +100,10 @@
    10.4  \end{isamarkuptext}%
    10.5  \isamarkuptrue%
    10.6  \isacommand{lemma}\ {\isachardoublequote}valif\ {\isacharparenleft}bool{\isadigit{2}}if\ b{\isacharparenright}\ env\ {\isacharequal}\ value\ b\ env{\isachardoublequote}\isamarkupfalse%
    10.7 -%
    10.8 -\begin{isamarkuptxt}%
    10.9 -\noindent
   10.10 -The proof is canonical:%
   10.11 -\end{isamarkuptxt}%
   10.12  \isamarkuptrue%
   10.13 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ b{\isacharparenright}\isanewline
   10.14 +\isamarkupfalse%
   10.15  \isamarkupfalse%
   10.16 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
   10.17  \isamarkupfalse%
   10.18 -\isacommand{done}\isamarkupfalse%
   10.19  %
   10.20  \begin{isamarkuptext}%
   10.21  \noindent
    11.1 --- a/doc-src/TutorialI/Inductive/document/AB.tex	Sun Jan 30 20:48:50 2005 +0100
    11.2 +++ b/doc-src/TutorialI/Inductive/document/AB.tex	Tue Feb 01 18:01:57 2005 +0100
    11.3 @@ -38,7 +38,7 @@
    11.4  \isamarkuptrue%
    11.5  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}x\ {\isasymnoteq}\ a{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}x\ {\isacharequal}\ b{\isacharparenright}\ {\isasymand}\ {\isacharparenleft}x\ {\isasymnoteq}\ b{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}x\ {\isacharequal}\ a{\isacharparenright}{\isachardoublequote}\isanewline
    11.6  \isamarkupfalse%
    11.7 -\isacommand{by}\ {\isacharparenleft}case{\isacharunderscore}tac\ x{\isacharcomma}\ auto{\isacharparenright}\isamarkupfalse%
    11.8 +\isamarkupfalse%
    11.9  %
   11.10  \begin{isamarkuptext}%
   11.11  \noindent
   11.12 @@ -80,16 +80,8 @@
   11.13  \ \ {\isachardoublequote}{\isacharparenleft}w\ {\isasymin}\ S\ {\isasymlongrightarrow}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}{\isacharparenright}\ \ \ \ \ {\isasymand}\isanewline
   11.14  \ \ \ {\isacharparenleft}w\ {\isasymin}\ A\ {\isasymlongrightarrow}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}\ {\isasymand}\isanewline
   11.15  \ \ \ {\isacharparenleft}w\ {\isasymin}\ B\ {\isasymlongrightarrow}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
   11.16 -%
   11.17 -\begin{isamarkuptxt}%
   11.18 -\noindent
   11.19 -These propositions are expressed with the help of the predefined \isa{filter} function on lists, which has the convenient syntax \isa{{\isacharbrackleft}x{\isasymin}xs{\isachardot}\ P\ x{\isacharbrackright}}, the list of all elements \isa{x} in \isa{xs} such that \isa{P\ x}
   11.20 -holds. Remember that on lists \isa{size} and \isa{length} are synonymous.
   11.21 -
   11.22 -The proof itself is by rule induction and afterwards automatic:%
   11.23 -\end{isamarkuptxt}%
   11.24  \isamarkuptrue%
   11.25 -\isacommand{by}\ {\isacharparenleft}rule\ S{\isacharunderscore}A{\isacharunderscore}B{\isachardot}induct{\isacharcomma}\ auto{\isacharparenright}\isamarkupfalse%
   11.26 +\isamarkupfalse%
   11.27  %
   11.28  \begin{isamarkuptext}%
   11.29  \noindent
   11.30 @@ -128,26 +120,10 @@
   11.31  \isacommand{lemma}\ step{\isadigit{1}}{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i\ {\isacharless}\ size\ w{\isachardot}\isanewline
   11.32  \ \ {\isasymbar}{\isacharparenleft}int{\isacharparenleft}size{\isacharbrackleft}x{\isasymin}take\ {\isacharparenleft}i{\isacharplus}{\isadigit{1}}{\isacharparenright}\ w{\isachardot}\ P\ x{\isacharbrackright}{\isacharparenright}{\isacharminus}int{\isacharparenleft}size{\isacharbrackleft}x{\isasymin}take\ {\isacharparenleft}i{\isacharplus}{\isadigit{1}}{\isacharparenright}\ w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharparenright}{\isacharparenright}\isanewline
   11.33  \ \ \ {\isacharminus}\ {\isacharparenleft}int{\isacharparenleft}size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ P\ x{\isacharbrackright}{\isacharparenright}{\isacharminus}int{\isacharparenleft}size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharparenright}{\isacharparenright}{\isasymbar}\ {\isasymle}\ {\isadigit{1}}{\isachardoublequote}\isamarkupfalse%
   11.34 -%
   11.35 -\begin{isamarkuptxt}%
   11.36 -\noindent
   11.37 -The lemma is a bit hard to read because of the coercion function
   11.38 -\isa{int\ {\isacharcolon}{\isacharcolon}\ nat\ {\isasymRightarrow}\ int}. It is required because \isa{size} returns
   11.39 -a natural number, but subtraction on type~\isa{nat} will do the wrong thing.
   11.40 -Function \isa{take} is predefined and \isa{take\ i\ xs} is the prefix of
   11.41 -length \isa{i} of \isa{xs}; below we also need \isa{drop\ i\ xs}, which
   11.42 -is what remains after that prefix has been dropped from \isa{xs}.
   11.43 -
   11.44 -The proof is by induction on \isa{w}, with a trivial base case, and a not
   11.45 -so trivial induction step. Since it is essentially just arithmetic, we do not
   11.46 -discuss it.%
   11.47 -\end{isamarkuptxt}%
   11.48  \isamarkuptrue%
   11.49 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ w{\isacharparenright}\isanewline
   11.50 -\ \isamarkupfalse%
   11.51 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isanewline
   11.52 +\isamarkupfalse%
   11.53  \isamarkupfalse%
   11.54 -\isacommand{by}{\isacharparenleft}force\ simp\ add{\isacharcolon}\ zabs{\isacharunderscore}def\ take{\isacharunderscore}Cons\ split{\isacharcolon}\ nat{\isachardot}split\ if{\isacharunderscore}splits{\isacharparenright}\isamarkupfalse%
   11.55 +\isamarkupfalse%
   11.56  %
   11.57  \begin{isamarkuptext}%
   11.58  Finally we come to the above-mentioned lemma about cutting in half a word with two more elements of one sort than of the other sort:%
   11.59 @@ -156,17 +132,9 @@
   11.60  \isacommand{lemma}\ part{\isadigit{1}}{\isacharcolon}\isanewline
   11.61  \ {\isachardoublequote}size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ P\ x{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharplus}{\isadigit{2}}\ {\isasymLongrightarrow}\isanewline
   11.62  \ \ {\isasymexists}i{\isasymle}size\ w{\isachardot}\ size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ P\ x{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharplus}{\isadigit{1}}{\isachardoublequote}\isamarkupfalse%
   11.63 -%
   11.64 -\begin{isamarkuptxt}%
   11.65 -\noindent
   11.66 -This is proved by \isa{force} with the help of the intermediate value theorem,
   11.67 -instantiated appropriately and with its first premise disposed of by lemma
   11.68 -\isa{step{\isadigit{1}}}:%
   11.69 -\end{isamarkuptxt}%
   11.70  \isamarkuptrue%
   11.71 -\isacommand{apply}{\isacharparenleft}insert\ nat{\isadigit{0}}{\isacharunderscore}intermed{\isacharunderscore}int{\isacharunderscore}val{\isacharbrackleft}OF\ step{\isadigit{1}}{\isacharcomma}\ of\ {\isachardoublequote}P{\isachardoublequote}\ {\isachardoublequote}w{\isachardoublequote}\ {\isachardoublequote}{\isadigit{1}}{\isachardoublequote}{\isacharbrackright}{\isacharparenright}\isanewline
   11.72  \isamarkupfalse%
   11.73 -\isacommand{by}\ force\isamarkupfalse%
   11.74 +\isamarkupfalse%
   11.75  %
   11.76  \begin{isamarkuptext}%
   11.77  \noindent
   11.78 @@ -181,7 +149,7 @@
   11.79  \ \ \ \ size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ P\ x{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}take\ i\ w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharplus}{\isadigit{1}}{\isasymrbrakk}\isanewline
   11.80  \ \ \ {\isasymLongrightarrow}\ size{\isacharbrackleft}x{\isasymin}drop\ i\ w{\isachardot}\ P\ x{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}drop\ i\ w{\isachardot}\ {\isasymnot}P\ x{\isacharbrackright}{\isacharplus}{\isadigit{1}}{\isachardoublequote}\isanewline
   11.81  \isamarkupfalse%
   11.82 -\isacommand{by}{\isacharparenleft}simp\ del{\isacharcolon}\ append{\isacharunderscore}take{\isacharunderscore}drop{\isacharunderscore}id{\isacharparenright}\isamarkupfalse%
   11.83 +\isamarkupfalse%
   11.84  %
   11.85  \begin{isamarkuptext}%
   11.86  \noindent
   11.87 @@ -214,119 +182,38 @@
   11.88  \ \ {\isachardoublequote}{\isacharparenleft}size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}\ \ \ \ \ {\isasymlongrightarrow}\ w\ {\isasymin}\ S{\isacharparenright}\ {\isasymand}\isanewline
   11.89  \ \ \ {\isacharparenleft}size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}\ {\isasymlongrightarrow}\ w\ {\isasymin}\ A{\isacharparenright}\ {\isasymand}\isanewline
   11.90  \ \ \ {\isacharparenleft}size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}b{\isacharbrackright}\ {\isacharequal}\ size{\isacharbrackleft}x{\isasymin}w{\isachardot}\ x{\isacharequal}a{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}\ {\isasymlongrightarrow}\ w\ {\isasymin}\ B{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
   11.91 -%
   11.92 -\begin{isamarkuptxt}%
   11.93 -\noindent
   11.94 -The proof is by induction on \isa{w}. Structural induction would fail here
   11.95 -because, as we can see from the grammar, we need to make bigger steps than
   11.96 -merely appending a single letter at the front. Hence we induct on the length
   11.97 -of \isa{w}, using the induction rule \isa{length{\isacharunderscore}induct}:%
   11.98 -\end{isamarkuptxt}%
   11.99  \isamarkuptrue%
  11.100 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ w\ rule{\isacharcolon}\ length{\isacharunderscore}induct{\isacharparenright}\isamarkupfalse%
  11.101 +\isamarkupfalse%
  11.102 +\isamarkupfalse%
  11.103 +\isamarkuptrue%
  11.104 +\isamarkupfalse%
  11.105 +\isamarkupfalse%
  11.106  \isamarkupfalse%
  11.107 -%
  11.108 -\begin{isamarkuptxt}%
  11.109 -\noindent
  11.110 -The \isa{rule} parameter tells \isa{induct{\isacharunderscore}tac} explicitly which induction
  11.111 -rule to use. For details see \S\ref{sec:complete-ind} below.
  11.112 -In this case the result is that we may assume the lemma already
  11.113 -holds for all words shorter than \isa{w}.
  11.114 -
  11.115 -The proof continues with a case distinction on \isa{w},
  11.116 -on whether \isa{w} is empty or not.%
  11.117 -\end{isamarkuptxt}%
  11.118  \isamarkuptrue%
  11.119 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ w{\isacharparenright}\isanewline
  11.120 -\ \isamarkupfalse%
  11.121 -\isacommand{apply}{\isacharparenleft}simp{\isacharunderscore}all{\isacharparenright}\isamarkupfalse%
  11.122 +\isamarkupfalse%
  11.123 +\isamarkupfalse%
  11.124 +\isamarkupfalse%
  11.125  \isamarkupfalse%
  11.126 -%
  11.127 -\begin{isamarkuptxt}%
  11.128 -\noindent
  11.129 -Simplification disposes of the base case and leaves only a conjunction
  11.130 -of two step cases to be proved:
  11.131 -if \isa{w\ {\isacharequal}\ a\ {\isacharhash}\ v} and \begin{isabelle}%
  11.132 -\ \ \ \ \ length\ {\isacharbrackleft}x{\isasymin}v\ {\isachardot}\ x\ {\isacharequal}\ a{\isacharbrackright}\ {\isacharequal}\ length\ {\isacharbrackleft}x{\isasymin}v\ {\isachardot}\ x\ {\isacharequal}\ b{\isacharbrackright}\ {\isacharplus}\ {\isadigit{2}}%
  11.133 -\end{isabelle} then
  11.134 -\isa{b\ {\isacharhash}\ v\ {\isasymin}\ A}, and similarly for \isa{w\ {\isacharequal}\ b\ {\isacharhash}\ v}.
  11.135 -We only consider the first case in detail.
  11.136 -
  11.137 -After breaking the conjunction up into two cases, we can apply
  11.138 -\isa{part{\isadigit{1}}} to the assumption that \isa{w} contains two more \isa{a}'s than \isa{b}'s.%
  11.139 -\end{isamarkuptxt}%
  11.140 +\isamarkuptrue%
  11.141 +\isamarkupfalse%
  11.142 +\isamarkupfalse%
  11.143  \isamarkuptrue%
  11.144 -\isacommand{apply}{\isacharparenleft}rule\ conjI{\isacharparenright}\isanewline
  11.145 -\ \isamarkupfalse%
  11.146 -\isacommand{apply}{\isacharparenleft}clarify{\isacharparenright}\isanewline
  11.147 -\ \isamarkupfalse%
  11.148 -\isacommand{apply}{\isacharparenleft}frule\ part{\isadigit{1}}{\isacharbrackleft}of\ {\isachardoublequote}{\isasymlambda}x{\isachardot}\ x{\isacharequal}a{\isachardoublequote}{\isacharcomma}\ simplified{\isacharbrackright}{\isacharparenright}\isanewline
  11.149 -\ \isamarkupfalse%
  11.150 -\isacommand{apply}{\isacharparenleft}clarify{\isacharparenright}\isamarkupfalse%
  11.151 -%
  11.152 -\begin{isamarkuptxt}%
  11.153 -\noindent
  11.154 -This yields an index \isa{i\ {\isasymle}\ length\ v} such that
  11.155 -\begin{isabelle}%
  11.156 -\ \ \ \ \ length\ {\isacharbrackleft}x{\isasymin}take\ i\ v\ {\isachardot}\ x\ {\isacharequal}\ a{\isacharbrackright}\ {\isacharequal}\ length\ {\isacharbrackleft}x{\isasymin}take\ i\ v\ {\isachardot}\ x\ {\isacharequal}\ b{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}%
  11.157 -\end{isabelle}
  11.158 -With the help of \isa{part{\isadigit{2}}} it follows that
  11.159 -\begin{isabelle}%
  11.160 -\ \ \ \ \ length\ {\isacharbrackleft}x{\isasymin}drop\ i\ v\ {\isachardot}\ x\ {\isacharequal}\ a{\isacharbrackright}\ {\isacharequal}\ length\ {\isacharbrackleft}x{\isasymin}drop\ i\ v\ {\isachardot}\ x\ {\isacharequal}\ b{\isacharbrackright}\ {\isacharplus}\ {\isadigit{1}}%
  11.161 -\end{isabelle}%
  11.162 -\end{isamarkuptxt}%
  11.163 -\ \isamarkuptrue%
  11.164 -\isacommand{apply}{\isacharparenleft}drule\ part{\isadigit{2}}{\isacharbrackleft}of\ {\isachardoublequote}{\isasymlambda}x{\isachardot}\ x{\isacharequal}a{\isachardoublequote}{\isacharcomma}\ simplified{\isacharbrackright}{\isacharparenright}\isanewline
  11.165 -\ \ \isamarkupfalse%
  11.166 -\isacommand{apply}{\isacharparenleft}assumption{\isacharparenright}\isamarkupfalse%
  11.167 -%
  11.168 -\begin{isamarkuptxt}%
  11.169 -\noindent
  11.170 -Now it is time to decompose \isa{v} in the conclusion \isa{b\ {\isacharhash}\ v\ {\isasymin}\ A}
  11.171 -into \isa{take\ i\ v\ {\isacharat}\ drop\ i\ v},%
  11.172 -\end{isamarkuptxt}%
  11.173 -\ \isamarkuptrue%
  11.174 -\isacommand{apply}{\isacharparenleft}rule{\isacharunderscore}tac\ n{\isadigit{1}}{\isacharequal}i\ \isakeyword{and}\ t{\isacharequal}v\ \isakeyword{in}\ subst{\isacharbrackleft}OF\ append{\isacharunderscore}take{\isacharunderscore}drop{\isacharunderscore}id{\isacharbrackright}{\isacharparenright}\isamarkupfalse%
  11.175 -%
  11.176 -\begin{isamarkuptxt}%
  11.177 -\noindent
  11.178 -(the variables \isa{n{\isadigit{1}}} and \isa{t} are the result of composing the
  11.179 -theorems \isa{subst} and \isa{append{\isacharunderscore}take{\isacharunderscore}drop{\isacharunderscore}id})
  11.180 -after which the appropriate rule of the grammar reduces the goal
  11.181 -to the two subgoals \isa{take\ i\ v\ {\isasymin}\ A} and \isa{drop\ i\ v\ {\isasymin}\ A}:%
  11.182 -\end{isamarkuptxt}%
  11.183 -\ \isamarkuptrue%
  11.184 -\isacommand{apply}{\isacharparenleft}rule\ S{\isacharunderscore}A{\isacharunderscore}B{\isachardot}intros{\isacharparenright}\isamarkupfalse%
  11.185 -%
  11.186 -\begin{isamarkuptxt}%
  11.187 -Both subgoals follow from the induction hypothesis because both \isa{take\ i\ v} and \isa{drop\ i\ v} are shorter than \isa{w}:%
  11.188 -\end{isamarkuptxt}%
  11.189 -\ \ \isamarkuptrue%
  11.190 -\isacommand{apply}{\isacharparenleft}force\ simp\ add{\isacharcolon}\ min{\isacharunderscore}less{\isacharunderscore}iff{\isacharunderscore}disj{\isacharparenright}\isanewline
  11.191 -\ \isamarkupfalse%
  11.192 -\isacommand{apply}{\isacharparenleft}force\ split\ add{\isacharcolon}\ nat{\isacharunderscore}diff{\isacharunderscore}split{\isacharparenright}\isamarkupfalse%
  11.193 -%
  11.194 -\begin{isamarkuptxt}%
  11.195 -The case \isa{w\ {\isacharequal}\ b\ {\isacharhash}\ v} is proved analogously:%
  11.196 -\end{isamarkuptxt}%
  11.197 +\isamarkupfalse%
  11.198 +\isamarkuptrue%
  11.199 +\isamarkupfalse%
  11.200 +\isamarkuptrue%
  11.201 +\isamarkupfalse%
  11.202 +\isamarkupfalse%
  11.203  \isamarkuptrue%
  11.204 -\isacommand{apply}{\isacharparenleft}clarify{\isacharparenright}\isanewline
  11.205 +\isamarkupfalse%
  11.206  \isamarkupfalse%
  11.207 -\isacommand{apply}{\isacharparenleft}frule\ part{\isadigit{1}}{\isacharbrackleft}of\ {\isachardoublequote}{\isasymlambda}x{\isachardot}\ x{\isacharequal}b{\isachardoublequote}{\isacharcomma}\ simplified{\isacharbrackright}{\isacharparenright}\isanewline
  11.208  \isamarkupfalse%
  11.209 -\isacommand{apply}{\isacharparenleft}clarify{\isacharparenright}\isanewline
  11.210 +\isamarkupfalse%
  11.211  \isamarkupfalse%
  11.212 -\isacommand{apply}{\isacharparenleft}drule\ part{\isadigit{2}}{\isacharbrackleft}of\ {\isachardoublequote}{\isasymlambda}x{\isachardot}\ x{\isacharequal}b{\isachardoublequote}{\isacharcomma}\ simplified{\isacharbrackright}{\isacharparenright}\isanewline
  11.213 -\ \isamarkupfalse%
  11.214 -\isacommand{apply}{\isacharparenleft}assumption{\isacharparenright}\isanewline
  11.215  \isamarkupfalse%
  11.216 -\isacommand{apply}{\isacharparenleft}rule{\isacharunderscore}tac\ n{\isadigit{1}}{\isacharequal}i\ \isakeyword{and}\ t{\isacharequal}v\ \isakeyword{in}\ subst{\isacharbrackleft}OF\ append{\isacharunderscore}take{\isacharunderscore}drop{\isacharunderscore}id{\isacharbrackright}{\isacharparenright}\isanewline
  11.217  \isamarkupfalse%
  11.218 -\isacommand{apply}{\isacharparenleft}rule\ S{\isacharunderscore}A{\isacharunderscore}B{\isachardot}intros{\isacharparenright}\isanewline
  11.219 -\ \isamarkupfalse%
  11.220 -\isacommand{apply}{\isacharparenleft}force\ simp\ add{\isacharcolon}\ min{\isacharunderscore}less{\isacharunderscore}iff{\isacharunderscore}disj{\isacharparenright}\isanewline
  11.221  \isamarkupfalse%
  11.222 -\isacommand{by}{\isacharparenleft}force\ simp\ add{\isacharcolon}\ min{\isacharunderscore}less{\isacharunderscore}iff{\isacharunderscore}disj\ split\ add{\isacharcolon}\ nat{\isacharunderscore}diff{\isacharunderscore}split{\isacharparenright}\isamarkupfalse%
  11.223 +\isamarkupfalse%
  11.224  %
  11.225  \begin{isamarkuptext}%
  11.226  We conclude this section with a comparison of our proof with 
    12.1 --- a/doc-src/TutorialI/Inductive/document/Advanced.tex	Sun Jan 30 20:48:50 2005 +0100
    12.2 +++ b/doc-src/TutorialI/Inductive/document/Advanced.tex	Tue Feb 01 18:01:57 2005 +0100
    12.3 @@ -22,21 +22,11 @@
    12.4  \isamarkupfalse%
    12.5  \isacommand{lemma}\ gterms{\isacharunderscore}mono{\isacharcolon}\ {\isachardoublequote}F{\isasymsubseteq}G\ {\isasymLongrightarrow}\ gterms\ F\ {\isasymsubseteq}\ gterms\ G{\isachardoublequote}\isanewline
    12.6  \isamarkupfalse%
    12.7 -\isacommand{apply}\ clarify\isanewline
    12.8 +\isamarkupfalse%
    12.9  \isamarkupfalse%
   12.10 -\isacommand{apply}\ {\isacharparenleft}erule\ gterms{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   12.11 -%
   12.12 -\begin{isamarkuptxt}%
   12.13 -\begin{isabelle}%
   12.14 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x\ args\ f{\isachardot}\isanewline
   12.15 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}F\ {\isasymsubseteq}\ G{\isacharsemicolon}\ {\isasymforall}t{\isasymin}set\ args{\isachardot}\ t\ {\isasymin}\ gterms\ F\ {\isasymand}\ t\ {\isasymin}\ gterms\ G{\isacharsemicolon}\ f\ {\isasymin}\ F{\isasymrbrakk}\isanewline
   12.16 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ Apply\ f\ args\ {\isasymin}\ gterms\ G%
   12.17 -\end{isabelle}%
   12.18 -\end{isamarkuptxt}%
   12.19  \isamarkuptrue%
   12.20 -\isacommand{apply}\ blast\isanewline
   12.21  \isamarkupfalse%
   12.22 -\isacommand{done}\isamarkupfalse%
   12.23 +\isamarkupfalse%
   12.24  %
   12.25  \begin{isamarkuptext}%
   12.26  \begin{isabelle}%
   12.27 @@ -67,9 +57,8 @@
   12.28  \isamarkuptrue%
   12.29  \isacommand{lemma}\ {\isachardoublequote}Suc{\isacharparenleft}Suc\ n{\isacharparenright}\ {\isasymin}\ even\ {\isasymLongrightarrow}\ P\ n{\isachardoublequote}\isanewline
   12.30  \isamarkupfalse%
   12.31 -\isacommand{apply}\ {\isacharparenleft}ind{\isacharunderscore}cases\ {\isachardoublequote}Suc{\isacharparenleft}Suc\ n{\isacharparenright}\ {\isasymin}\ even{\isachardoublequote}{\isacharparenright}\isanewline
   12.32  \isamarkupfalse%
   12.33 -\isacommand{oops}\isanewline
   12.34 +\isanewline
   12.35  \isanewline
   12.36  \isamarkupfalse%
   12.37  \isacommand{inductive{\isacharunderscore}cases}\ gterm{\isacharunderscore}Apply{\isacharunderscore}elim\ {\isacharbrackleft}elim{\isacharbang}{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}Apply\ f\ args\ {\isasymin}\ gterms\ F{\isachardoublequote}\isamarkupfalse%
   12.38 @@ -86,22 +75,10 @@
   12.39  \isacommand{lemma}\ gterms{\isacharunderscore}IntI\ {\isacharbrackleft}rule{\isacharunderscore}format{\isacharcomma}\ intro{\isacharbang}{\isacharbrackright}{\isacharcolon}\isanewline
   12.40  \ \ \ \ \ {\isachardoublequote}t\ {\isasymin}\ gterms\ F\ {\isasymLongrightarrow}\ t\ {\isasymin}\ gterms\ G\ {\isasymlongrightarrow}\ t\ {\isasymin}\ gterms\ {\isacharparenleft}F{\isasyminter}G{\isacharparenright}{\isachardoublequote}\isanewline
   12.41  \isamarkupfalse%
   12.42 -\isacommand{apply}\ {\isacharparenleft}erule\ gterms{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   12.43 -%
   12.44 -\begin{isamarkuptxt}%
   12.45 -\begin{isabelle}%
   12.46 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}args\ f{\isachardot}\isanewline
   12.47 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isasymforall}t{\isasymin}set\ args{\isachardot}\isanewline
   12.48 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}\ \ \ }t\ {\isasymin}\ gterms\ F\ {\isasymand}\ {\isacharparenleft}t\ {\isasymin}\ gterms\ G\ {\isasymlongrightarrow}\ t\ {\isasymin}\ gterms\ {\isacharparenleft}F\ {\isasyminter}\ G{\isacharparenright}{\isacharparenright}{\isacharsemicolon}\isanewline
   12.49 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ \ }f\ {\isasymin}\ F{\isasymrbrakk}\isanewline
   12.50 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ Apply\ f\ args\ {\isasymin}\ gterms\ G\ {\isasymlongrightarrow}\isanewline
   12.51 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymLongrightarrow}\ }Apply\ f\ args\ {\isasymin}\ gterms\ {\isacharparenleft}F\ {\isasyminter}\ G{\isacharparenright}%
   12.52 -\end{isabelle}%
   12.53 -\end{isamarkuptxt}%
   12.54 +\isamarkupfalse%
   12.55  \isamarkuptrue%
   12.56 -\isacommand{apply}\ blast\isanewline
   12.57  \isamarkupfalse%
   12.58 -\isacommand{done}\isamarkupfalse%
   12.59 +\isamarkupfalse%
   12.60  %
   12.61  \begin{isamarkuptext}%
   12.62  \begin{isabelle}%
   12.63 @@ -113,7 +90,7 @@
   12.64  \isacommand{lemma}\ gterms{\isacharunderscore}Int{\isacharunderscore}eq\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\isanewline
   12.65  \ \ \ \ \ {\isachardoublequote}gterms\ {\isacharparenleft}F{\isasyminter}G{\isacharparenright}\ {\isacharequal}\ gterms\ F\ {\isasyminter}\ gterms\ G{\isachardoublequote}\isanewline
   12.66  \isamarkupfalse%
   12.67 -\isacommand{by}\ {\isacharparenleft}blast\ intro{\isacharbang}{\isacharcolon}\ mono{\isacharunderscore}Int\ monoI\ gterms{\isacharunderscore}mono{\isacharparenright}\isamarkupfalse%
   12.68 +\isamarkupfalse%
   12.69  %
   12.70  \begin{isamarkuptext}%
   12.71  the following declaration isn't actually used%
   12.72 @@ -149,67 +126,24 @@
   12.73  \isamarkupfalse%
   12.74  \isacommand{lemma}\ {\isachardoublequote}well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity\ {\isasymsubseteq}\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity{\isachardoublequote}\isanewline
   12.75  \isamarkupfalse%
   12.76 -\isacommand{apply}\ clarify\isamarkupfalse%
   12.77 -%
   12.78 -\begin{isamarkuptxt}%
   12.79 -The situation after clarify
   12.80 -\begin{isabelle}%
   12.81 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ x\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity\ {\isasymLongrightarrow}\isanewline
   12.82 -\isaindent{\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ }x\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity%
   12.83 -\end{isabelle}%
   12.84 -\end{isamarkuptxt}%
   12.85 +\isamarkupfalse%
   12.86  \isamarkuptrue%
   12.87 -\isacommand{apply}\ {\isacharparenleft}erule\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   12.88 -%
   12.89 -\begin{isamarkuptxt}%
   12.90 -note the induction hypothesis!
   12.91 -\begin{isabelle}%
   12.92 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x\ args\ f{\isachardot}\isanewline
   12.93 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isasymforall}t{\isasymin}set\ args{\isachardot}\isanewline
   12.94 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}\ \ \ }t\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity\ {\isasymand}\isanewline
   12.95 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}\ \ \ }t\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity{\isacharsemicolon}\isanewline
   12.96 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ \ }length\ args\ {\isacharequal}\ arity\ f{\isasymrbrakk}\isanewline
   12.97 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ Apply\ f\ args\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity%
   12.98 -\end{isabelle}%
   12.99 -\end{isamarkuptxt}%
  12.100 +\isamarkupfalse%
  12.101  \isamarkuptrue%
  12.102 -\isacommand{apply}\ auto\isanewline
  12.103  \isamarkupfalse%
  12.104 -\isacommand{done}\isanewline
  12.105 +\isanewline
  12.106  \isanewline
  12.107  \isanewline
  12.108  \isanewline
  12.109  \isamarkupfalse%
  12.110  \isacommand{lemma}\ {\isachardoublequote}well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity\ {\isasymsubseteq}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity{\isachardoublequote}\isanewline
  12.111  \isamarkupfalse%
  12.112 -\isacommand{apply}\ clarify\isamarkupfalse%
  12.113 -%
  12.114 -\begin{isamarkuptxt}%
  12.115 -The situation after clarify
  12.116 -\begin{isabelle}%
  12.117 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ x\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity\ {\isasymLongrightarrow}\isanewline
  12.118 -\isaindent{\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ }x\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity%
  12.119 -\end{isabelle}%
  12.120 -\end{isamarkuptxt}%
  12.121 +\isamarkupfalse%
  12.122  \isamarkuptrue%
  12.123 -\isacommand{apply}\ {\isacharparenleft}erule\ well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}{\isachardot}induct{\isacharparenright}\isamarkupfalse%
  12.124 -%
  12.125 -\begin{isamarkuptxt}%
  12.126 -note the induction hypothesis!
  12.127 -\begin{isabelle}%
  12.128 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x\ args\ f{\isachardot}\isanewline
  12.129 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}args\isanewline
  12.130 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}}{\isasymin}\ lists\isanewline
  12.131 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}{\isasymin}\ \ }{\isacharparenleft}well{\isacharunderscore}formed{\isacharunderscore}gterm{\isacharprime}\ arity\ {\isasyminter}\isanewline
  12.132 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ {\isasymlbrakk}{\isasymin}\ \ {\isacharparenleft}}{\isacharbraceleft}x{\isachardot}\ x\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity{\isacharbraceright}{\isacharparenright}{\isacharsemicolon}\isanewline
  12.133 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ \ }length\ args\ {\isacharequal}\ arity\ f{\isasymrbrakk}\isanewline
  12.134 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ Apply\ f\ args\ {\isasymin}\ well{\isacharunderscore}formed{\isacharunderscore}gterm\ arity%
  12.135 -\end{isabelle}%
  12.136 -\end{isamarkuptxt}%
  12.137 +\isamarkupfalse%
  12.138  \isamarkuptrue%
  12.139 -\isacommand{apply}\ auto\isanewline
  12.140  \isamarkupfalse%
  12.141 -\isacommand{done}\isamarkupfalse%
  12.142 +\isamarkupfalse%
  12.143  %
  12.144  \begin{isamarkuptext}%
  12.145  \begin{isabelle}%
  12.146 @@ -258,24 +192,18 @@
  12.147  \isamarkupfalse%
  12.148  \isacommand{lemma}\ {\isachardoublequote}well{\isacharunderscore}typed{\isacharunderscore}gterm\ sig\ {\isasymsubseteq}\ well{\isacharunderscore}typed{\isacharunderscore}gterm{\isacharprime}\ sig{\isachardoublequote}\isanewline
  12.149  \isamarkupfalse%
  12.150 -\isacommand{apply}\ clarify\isanewline
  12.151  \isamarkupfalse%
  12.152 -\isacommand{apply}\ {\isacharparenleft}erule\ well{\isacharunderscore}typed{\isacharunderscore}gterm{\isachardot}induct{\isacharparenright}\isanewline
  12.153  \isamarkupfalse%
  12.154 -\isacommand{apply}\ auto\isanewline
  12.155  \isamarkupfalse%
  12.156 -\isacommand{done}\isanewline
  12.157 +\isanewline
  12.158  \isanewline
  12.159  \isamarkupfalse%
  12.160  \isacommand{lemma}\ {\isachardoublequote}well{\isacharunderscore}typed{\isacharunderscore}gterm{\isacharprime}\ sig\ {\isasymsubseteq}\ well{\isacharunderscore}typed{\isacharunderscore}gterm\ sig{\isachardoublequote}\isanewline
  12.161  \isamarkupfalse%
  12.162 -\isacommand{apply}\ clarify\isanewline
  12.163  \isamarkupfalse%
  12.164 -\isacommand{apply}\ {\isacharparenleft}erule\ well{\isacharunderscore}typed{\isacharunderscore}gterm{\isacharprime}{\isachardot}induct{\isacharparenright}\isanewline
  12.165  \isamarkupfalse%
  12.166 -\isacommand{apply}\ auto\isanewline
  12.167  \isamarkupfalse%
  12.168 -\isacommand{done}\isanewline
  12.169 +\isanewline
  12.170  \isanewline
  12.171  \isanewline
  12.172  \isamarkupfalse%
    13.1 --- a/doc-src/TutorialI/Inductive/document/Even.tex	Sun Jan 30 20:48:50 2005 +0100
    13.2 +++ b/doc-src/TutorialI/Inductive/document/Even.tex	Tue Feb 01 18:01:57 2005 +0100
    13.3 @@ -35,22 +35,10 @@
    13.4  \isamarkuptrue%
    13.5  \isacommand{lemma}\ two{\isacharunderscore}times{\isacharunderscore}even{\isacharbrackleft}intro{\isacharbang}{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isadigit{2}}{\isacharasterisk}k\ {\isasymin}\ even{\isachardoublequote}\isanewline
    13.6  \isamarkupfalse%
    13.7 -\isacommand{apply}\ {\isacharparenleft}induct{\isacharunderscore}tac\ k{\isacharparenright}\isamarkupfalse%
    13.8 -%
    13.9 -\begin{isamarkuptxt}%
   13.10 -The first step is induction on the natural number \isa{k}, which leaves
   13.11 -two subgoals:
   13.12 -\begin{isabelle}%
   13.13 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{2}}\ {\isacharasterisk}\ {\isadigit{0}}\ {\isasymin}\ Even{\isachardot}even\isanewline
   13.14 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isadigit{2}}\ {\isacharasterisk}\ n\ {\isasymin}\ Even{\isachardot}even\ {\isasymLongrightarrow}\ {\isadigit{2}}\ {\isacharasterisk}\ Suc\ n\ {\isasymin}\ Even{\isachardot}even%
   13.15 -\end{isabelle}
   13.16 -Here \isa{auto} simplifies both subgoals so that they match the introduction
   13.17 -rules, which then are applied automatically.%
   13.18 -\end{isamarkuptxt}%
   13.19 -\ \isamarkuptrue%
   13.20 -\isacommand{apply}\ auto\isanewline
   13.21  \isamarkupfalse%
   13.22 -\isacommand{done}\isamarkupfalse%
   13.23 +\isamarkuptrue%
   13.24 +\isamarkupfalse%
   13.25 +\isamarkupfalse%
   13.26  %
   13.27  \begin{isamarkuptext}%
   13.28  Our goal is to prove the equivalence between the traditional definition
   13.29 @@ -61,7 +49,7 @@
   13.30  \isamarkuptrue%
   13.31  \isacommand{lemma}\ dvd{\isacharunderscore}imp{\isacharunderscore}even{\isacharcolon}\ {\isachardoublequote}{\isadigit{2}}\ dvd\ n\ {\isasymLongrightarrow}\ n\ {\isasymin}\ even{\isachardoublequote}\isanewline
   13.32  \isamarkupfalse%
   13.33 -\isacommand{by}\ {\isacharparenleft}auto\ simp\ add{\isacharcolon}\ dvd{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   13.34 +\isamarkupfalse%
   13.35  %
   13.36  \begin{isamarkuptext}%
   13.37  our first rule induction!%
   13.38 @@ -69,34 +57,14 @@
   13.39  \isamarkuptrue%
   13.40  \isacommand{lemma}\ even{\isacharunderscore}imp{\isacharunderscore}dvd{\isacharcolon}\ {\isachardoublequote}n\ {\isasymin}\ even\ {\isasymLongrightarrow}\ {\isadigit{2}}\ dvd\ n{\isachardoublequote}\isanewline
   13.41  \isamarkupfalse%
   13.42 -\isacommand{apply}\ {\isacharparenleft}erule\ even{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   13.43 -%
   13.44 -\begin{isamarkuptxt}%
   13.45 -\begin{isabelle}%
   13.46 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{2}}\ dvd\ {\isadigit{0}}\isanewline
   13.47 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymlbrakk}n\ {\isasymin}\ Even{\isachardot}even{\isacharsemicolon}\ {\isadigit{2}}\ dvd\ n{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isadigit{2}}\ dvd\ Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}%
   13.48 -\end{isabelle}%
   13.49 -\end{isamarkuptxt}%
   13.50 +\isamarkupfalse%
   13.51 +\isamarkuptrue%
   13.52 +\isamarkupfalse%
   13.53  \isamarkuptrue%
   13.54 -\isacommand{apply}\ {\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ dvd{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   13.55 -%
   13.56 -\begin{isamarkuptxt}%
   13.57 -\begin{isabelle}%
   13.58 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymlbrakk}n\ {\isasymin}\ Even{\isachardot}even{\isacharsemicolon}\ {\isasymexists}k{\isachardot}\ n\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ k{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isasymexists}k{\isachardot}\ Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ k%
   13.59 -\end{isabelle}%
   13.60 -\end{isamarkuptxt}%
   13.61 +\isamarkupfalse%
   13.62  \isamarkuptrue%
   13.63 -\isacommand{apply}\ clarify\isamarkupfalse%
   13.64 -%
   13.65 -\begin{isamarkuptxt}%
   13.66 -\begin{isabelle}%
   13.67 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}n\ k{\isachardot}\ {\isadigit{2}}\ {\isacharasterisk}\ k\ {\isasymin}\ Even{\isachardot}even\ {\isasymLongrightarrow}\ {\isasymexists}ka{\isachardot}\ Suc\ {\isacharparenleft}Suc\ {\isacharparenleft}{\isadigit{2}}\ {\isacharasterisk}\ k{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ ka%
   13.68 -\end{isabelle}%
   13.69 -\end{isamarkuptxt}%
   13.70 -\isamarkuptrue%
   13.71 -\isacommand{apply}\ {\isacharparenleft}rule{\isacharunderscore}tac\ x\ {\isacharequal}\ {\isachardoublequote}Suc\ k{\isachardoublequote}\ \isakeyword{in}\ exI{\isacharcomma}\ simp{\isacharparenright}\isanewline
   13.72  \isamarkupfalse%
   13.73 -\isacommand{done}\isamarkupfalse%
   13.74 +\isamarkupfalse%
   13.75  %
   13.76  \begin{isamarkuptext}%
   13.77  no iff-attribute because we don't always want to use it%
   13.78 @@ -104,7 +72,7 @@
   13.79  \isamarkuptrue%
   13.80  \isacommand{theorem}\ even{\isacharunderscore}iff{\isacharunderscore}dvd{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}n\ {\isasymin}\ even{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}{\isadigit{2}}\ dvd\ n{\isacharparenright}{\isachardoublequote}\isanewline
   13.81  \isamarkupfalse%
   13.82 -\isacommand{by}\ {\isacharparenleft}blast\ intro{\isacharcolon}\ dvd{\isacharunderscore}imp{\isacharunderscore}even\ even{\isacharunderscore}imp{\isacharunderscore}dvd{\isacharparenright}\isamarkupfalse%
   13.83 +\isamarkupfalse%
   13.84  %
   13.85  \begin{isamarkuptext}%
   13.86  this result ISN'T inductive...%
   13.87 @@ -112,16 +80,9 @@
   13.88  \isamarkuptrue%
   13.89  \isacommand{lemma}\ Suc{\isacharunderscore}Suc{\isacharunderscore}even{\isacharunderscore}imp{\isacharunderscore}even{\isacharcolon}\ {\isachardoublequote}Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isasymin}\ even\ {\isasymLongrightarrow}\ n\ {\isasymin}\ even{\isachardoublequote}\isanewline
   13.90  \isamarkupfalse%
   13.91 -\isacommand{apply}\ {\isacharparenleft}erule\ even{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   13.92 -%
   13.93 -\begin{isamarkuptxt}%
   13.94 -\begin{isabelle}%
   13.95 -\ {\isadigit{1}}{\isachardot}\ n\ {\isasymin}\ Even{\isachardot}even\isanewline
   13.96 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}na{\isachardot}\ {\isasymlbrakk}na\ {\isasymin}\ Even{\isachardot}even{\isacharsemicolon}\ n\ {\isasymin}\ Even{\isachardot}even{\isasymrbrakk}\ {\isasymLongrightarrow}\ n\ {\isasymin}\ Even{\isachardot}even%
   13.97 -\end{isabelle}%
   13.98 -\end{isamarkuptxt}%
   13.99 +\isamarkupfalse%
  13.100  \isamarkuptrue%
  13.101 -\isacommand{oops}\isamarkupfalse%
  13.102 +\isamarkupfalse%
  13.103  %
  13.104  \begin{isamarkuptext}%
  13.105  ...so we need an inductive lemma...%
  13.106 @@ -129,19 +90,10 @@
  13.107  \isamarkuptrue%
  13.108  \isacommand{lemma}\ even{\isacharunderscore}imp{\isacharunderscore}even{\isacharunderscore}minus{\isacharunderscore}{\isadigit{2}}{\isacharcolon}\ {\isachardoublequote}n\ {\isasymin}\ even\ {\isasymLongrightarrow}\ n\ {\isacharminus}\ {\isadigit{2}}\ {\isasymin}\ even{\isachardoublequote}\isanewline
  13.109  \isamarkupfalse%
  13.110 -\isacommand{apply}\ {\isacharparenleft}erule\ even{\isachardot}induct{\isacharparenright}\isamarkupfalse%
  13.111 -%
  13.112 -\begin{isamarkuptxt}%
  13.113 -\begin{isabelle}%
  13.114 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{0}}\ {\isacharminus}\ {\isadigit{2}}\ {\isasymin}\ Even{\isachardot}even\isanewline
  13.115 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymlbrakk}n\ {\isasymin}\ Even{\isachardot}even{\isacharsemicolon}\ n\ {\isacharminus}\ {\isadigit{2}}\ {\isasymin}\ Even{\isachardot}even{\isasymrbrakk}\isanewline
  13.116 -\isaindent{\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ }{\isasymLongrightarrow}\ Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharminus}\ {\isadigit{2}}\ {\isasymin}\ Even{\isachardot}even%
  13.117 -\end{isabelle}%
  13.118 -\end{isamarkuptxt}%
  13.119 +\isamarkupfalse%
  13.120  \isamarkuptrue%
  13.121 -\isacommand{apply}\ auto\isanewline
  13.122  \isamarkupfalse%
  13.123 -\isacommand{done}\isamarkupfalse%
  13.124 +\isamarkupfalse%
  13.125  %
  13.126  \begin{isamarkuptext}%
  13.127  ...and prove it in a separate step%
  13.128 @@ -149,13 +101,13 @@
  13.129  \isamarkuptrue%
  13.130  \isacommand{lemma}\ Suc{\isacharunderscore}Suc{\isacharunderscore}even{\isacharunderscore}imp{\isacharunderscore}even{\isacharcolon}\ {\isachardoublequote}Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isasymin}\ even\ {\isasymLongrightarrow}\ n\ {\isasymin}\ even{\isachardoublequote}\isanewline
  13.131  \isamarkupfalse%
  13.132 -\isacommand{by}\ {\isacharparenleft}drule\ even{\isacharunderscore}imp{\isacharunderscore}even{\isacharunderscore}minus{\isacharunderscore}{\isadigit{2}}{\isacharcomma}\ simp{\isacharparenright}\isanewline
  13.133 +\isanewline
  13.134  \isanewline
  13.135  \isanewline
  13.136  \isamarkupfalse%
  13.137  \isacommand{lemma}\ {\isacharbrackleft}iff{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isacharparenleft}Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}{\isacharparenright}\ {\isasymin}\ even{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}n\ {\isasymin}\ even{\isacharparenright}{\isachardoublequote}\isanewline
  13.138  \isamarkupfalse%
  13.139 -\isacommand{by}\ {\isacharparenleft}blast\ dest{\isacharcolon}\ Suc{\isacharunderscore}Suc{\isacharunderscore}even{\isacharunderscore}imp{\isacharunderscore}even{\isacharparenright}\isanewline
  13.140 +\isanewline
  13.141  \isanewline
  13.142  \isamarkupfalse%
  13.143  \isacommand{end}\isanewline
    14.1 --- a/doc-src/TutorialI/Inductive/document/Mutual.tex	Sun Jan 30 20:48:50 2005 +0100
    14.2 +++ b/doc-src/TutorialI/Inductive/document/Mutual.tex	Tue Feb 01 18:01:57 2005 +0100
    14.3 @@ -39,27 +39,8 @@
    14.4  \end{isamarkuptext}%
    14.5  \isamarkuptrue%
    14.6  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}m\ {\isasymin}\ even\ {\isasymlongrightarrow}\ {\isadigit{2}}\ dvd\ m{\isacharparenright}\ {\isasymand}\ {\isacharparenleft}n\ {\isasymin}\ odd\ {\isasymlongrightarrow}\ {\isadigit{2}}\ dvd\ {\isacharparenleft}Suc\ n{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
    14.7 -%
    14.8 -\begin{isamarkuptxt}%
    14.9 -\noindent
   14.10 -The proof is by rule induction. Because of the form of the induction theorem,
   14.11 -it is applied by \isa{rule} rather than \isa{erule} as for ordinary
   14.12 -inductive definitions:%
   14.13 -\end{isamarkuptxt}%
   14.14  \isamarkuptrue%
   14.15 -\isacommand{apply}{\isacharparenleft}rule\ even{\isacharunderscore}odd{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   14.16 -%
   14.17 -\begin{isamarkuptxt}%
   14.18 -\begin{isabelle}%
   14.19 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{2}}\ dvd\ {\isadigit{0}}\isanewline
   14.20 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymlbrakk}n\ {\isasymin}\ odd{\isacharsemicolon}\ {\isadigit{2}}\ dvd\ Suc\ n{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isadigit{2}}\ dvd\ Suc\ n\isanewline
   14.21 -\ {\isadigit{3}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymlbrakk}n\ {\isasymin}\ Mutual{\isachardot}even{\isacharsemicolon}\ {\isadigit{2}}\ dvd\ n{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isadigit{2}}\ dvd\ Suc\ {\isacharparenleft}Suc\ n{\isacharparenright}%
   14.22 -\end{isabelle}
   14.23 -The first two subgoals are proved by simplification and the final one can be
   14.24 -proved in the same manner as in \S\ref{sec:rule-induction}
   14.25 -where the same subgoal was encountered before.
   14.26 -We do not show the proof script.%
   14.27 -\end{isamarkuptxt}%
   14.28 +\isamarkupfalse%
   14.29  \isamarkuptrue%
   14.30  \isamarkupfalse%
   14.31  \isamarkupfalse%
    15.1 --- a/doc-src/TutorialI/Inductive/document/Star.tex	Sun Jan 30 20:48:50 2005 +0100
    15.2 +++ b/doc-src/TutorialI/Inductive/document/Star.tex	Tue Feb 01 18:01:57 2005 +0100
    15.3 @@ -47,7 +47,7 @@
    15.4  \isamarkuptrue%
    15.5  \isacommand{lemma}\ {\isacharbrackleft}intro{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
    15.6  \isamarkupfalse%
    15.7 -\isacommand{by}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}\isamarkupfalse%
    15.8 +\isamarkupfalse%
    15.9  %
   15.10  \begin{isamarkuptext}%
   15.11  \noindent
   15.12 @@ -76,69 +76,17 @@
   15.13  \isamarkuptrue%
   15.14  \isacommand{lemma}\ rtc{\isacharunderscore}trans{\isacharcolon}\ {\isachardoublequote}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
   15.15  \isamarkupfalse%
   15.16 -\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   15.17 -%
   15.18 -\begin{isamarkuptxt}%
   15.19 -\noindent
   15.20 -Unfortunately, even the base case is a problem:
   15.21 -\begin{isabelle}%
   15.22 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
   15.23 -\end{isabelle}
   15.24 -We have to abandon this proof attempt.
   15.25 -To understand what is going on, let us look again at \isa{rtc{\isachardot}induct}.
   15.26 -In the above application of \isa{erule}, the first premise of
   15.27 -\isa{rtc{\isachardot}induct} is unified with the first suitable assumption, which
   15.28 -is \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} rather than \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}. Although that
   15.29 -is what we want, it is merely due to the order in which the assumptions occur
   15.30 -in the subgoal, which it is not good practice to rely on. As a result,
   15.31 -\isa{{\isacharquery}xb} becomes \isa{x}, \isa{{\isacharquery}xa} becomes
   15.32 -\isa{y} and \isa{{\isacharquery}P} becomes \isa{{\isasymlambda}u\ v{\isachardot}\ {\isacharparenleft}u{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}, thus
   15.33 -yielding the above subgoal. So what went wrong?
   15.34 -
   15.35 -When looking at the instantiation of \isa{{\isacharquery}P} we see that it does not
   15.36 -depend on its second parameter at all. The reason is that in our original
   15.37 -goal, of the pair \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}} only \isa{x} appears also in the
   15.38 -conclusion, but not \isa{y}. Thus our induction statement is too
   15.39 -weak. Fortunately, it can easily be strengthened:
   15.40 -transfer the additional premise \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} into the conclusion:%
   15.41 -\end{isamarkuptxt}%
   15.42 +\isamarkupfalse%
   15.43  \isamarkuptrue%
   15.44  \isamarkupfalse%
   15.45  \isacommand{lemma}\ rtc{\isacharunderscore}trans{\isacharbrackleft}rule{\isacharunderscore}format{\isacharbrackright}{\isacharcolon}\isanewline
   15.46  \ \ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isamarkupfalse%
   15.47 -%
   15.48 -\begin{isamarkuptxt}%
   15.49 -\noindent
   15.50 -This is not an obscure trick but a generally applicable heuristic:
   15.51 -\begin{quote}\em
   15.52 -When proving a statement by rule induction on $(x@1,\dots,x@n) \in R$,
   15.53 -pull all other premises containing any of the $x@i$ into the conclusion
   15.54 -using $\longrightarrow$.
   15.55 -\end{quote}
   15.56 -A similar heuristic for other kinds of inductions is formulated in
   15.57 -\S\ref{sec:ind-var-in-prems}. The \isa{rule{\isacharunderscore}format} directive turns
   15.58 -\isa{{\isasymlongrightarrow}} back into \isa{{\isasymLongrightarrow}}: in the end we obtain the original
   15.59 -statement of our lemma.%
   15.60 -\end{isamarkuptxt}%
   15.61 +\isamarkuptrue%
   15.62 +\isamarkupfalse%
   15.63  \isamarkuptrue%
   15.64 -\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   15.65 -%
   15.66 -\begin{isamarkuptxt}%
   15.67 -\noindent
   15.68 -Now induction produces two subgoals which are both proved automatically:
   15.69 -\begin{isabelle}%
   15.70 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\isanewline
   15.71 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}x\ y\ za{\isachardot}\isanewline
   15.72 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ za{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isasymrbrakk}\isanewline
   15.73 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
   15.74 -\end{isabelle}%
   15.75 -\end{isamarkuptxt}%
   15.76 -\ \isamarkuptrue%
   15.77 -\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
   15.78 +\isamarkupfalse%
   15.79  \isamarkupfalse%
   15.80 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}\isanewline
   15.81  \isamarkupfalse%
   15.82 -\isacommand{done}\isamarkupfalse%
   15.83  %
   15.84  \begin{isamarkuptext}%
   15.85  Let us now prove that \isa{r{\isacharasterisk}} is really the reflexive transitive closure
   15.86 @@ -162,26 +110,19 @@
   15.87  \isamarkuptrue%
   15.88  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
   15.89  \isamarkupfalse%
   15.90 -\isacommand{apply}{\isacharparenleft}erule\ rtc{\isadigit{2}}{\isachardot}induct{\isacharparenright}\isanewline
   15.91 -\ \ \isamarkupfalse%
   15.92 -\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
   15.93 -\ \isamarkupfalse%
   15.94 -\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
   15.95 +\isamarkupfalse%
   15.96 +\isamarkupfalse%
   15.97  \isamarkupfalse%
   15.98 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}trans{\isacharparenright}\isanewline
   15.99  \isamarkupfalse%
  15.100 -\isacommand{done}\isanewline
  15.101 +\isanewline
  15.102  \isanewline
  15.103  \isamarkupfalse%
  15.104  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequote}\isanewline
  15.105  \isamarkupfalse%
  15.106 -\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isanewline
  15.107 -\ \isamarkupfalse%
  15.108 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
  15.109 +\isamarkupfalse%
  15.110  \isamarkupfalse%
  15.111 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
  15.112  \isamarkupfalse%
  15.113 -\isacommand{done}\isamarkupfalse%
  15.114 +\isamarkupfalse%
  15.115  %
  15.116  \begin{isamarkuptext}%
  15.117  So why did we start with the first definition? Because it is simpler. It
    16.1 --- a/doc-src/TutorialI/Misc/document/AdvancedInd.tex	Sun Jan 30 20:48:50 2005 +0100
    16.2 +++ b/doc-src/TutorialI/Misc/document/AdvancedInd.tex	Tue Feb 01 18:01:57 2005 +0100
    16.3 @@ -29,99 +29,11 @@
    16.4  \isamarkuptrue%
    16.5  \isacommand{lemma}\ {\isachardoublequote}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ hd{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ last\ xs{\isachardoublequote}\isanewline
    16.6  \isamarkupfalse%
    16.7 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse%
    16.8 -%
    16.9 -\begin{isamarkuptxt}%
   16.10 -\noindent
   16.11 -But induction produces the warning
   16.12 -\begin{quote}\tt
   16.13 -Induction variable occurs also among premises!
   16.14 -\end{quote}
   16.15 -and leads to the base case
   16.16 -\begin{isabelle}%
   16.17 -\ {\isadigit{1}}{\isachardot}\ xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ hd\ {\isacharparenleft}rev\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ last\ {\isacharbrackleft}{\isacharbrackright}%
   16.18 -\end{isabelle}
   16.19 -Simplification reduces the base case to this:
   16.20 -\begin{isabelle}
   16.21 -\ 1.\ xs\ {\isasymnoteq}\ []\ {\isasymLongrightarrow}\ hd\ []\ =\ last\ []
   16.22 -\end{isabelle}
   16.23 -We cannot prove this equality because we do not know what \isa{hd} and
   16.24 -\isa{last} return when applied to \isa{{\isacharbrackleft}{\isacharbrackright}}.
   16.25 -
   16.26 -We should not have ignored the warning. Because the induction
   16.27 -formula is only the conclusion, induction does not affect the occurrence of \isa{xs} in the premises.  
   16.28 -Thus the case that should have been trivial
   16.29 -becomes unprovable. Fortunately, the solution is easy:\footnote{A similar
   16.30 -heuristic applies to rule inductions; see \S\ref{sec:rtc}.}
   16.31 -\begin{quote}
   16.32 -\emph{Pull all occurrences of the induction variable into the conclusion
   16.33 -using \isa{{\isasymlongrightarrow}}.}
   16.34 -\end{quote}
   16.35 -Thus we should state the lemma as an ordinary 
   16.36 -implication~(\isa{{\isasymlongrightarrow}}), letting
   16.37 -\attrdx{rule_format} (\S\ref{sec:forward}) convert the
   16.38 -result to the usual \isa{{\isasymLongrightarrow}} form:%
   16.39 -\end{isamarkuptxt}%
   16.40 +\isamarkupfalse%
   16.41  \isamarkuptrue%
   16.42  \isamarkupfalse%
   16.43  \isacommand{lemma}\ hd{\isacharunderscore}rev\ {\isacharbrackleft}rule{\isacharunderscore}format{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongrightarrow}\ hd{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ last\ xs{\isachardoublequote}\isamarkupfalse%
   16.44  \isamarkupfalse%
   16.45 -%
   16.46 -\begin{isamarkuptxt}%
   16.47 -\noindent
   16.48 -This time, induction leaves us with a trivial base case:
   16.49 -\begin{isabelle}%
   16.50 -\ {\isadigit{1}}{\isachardot}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongrightarrow}\ hd\ {\isacharparenleft}rev\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ last\ {\isacharbrackleft}{\isacharbrackright}%
   16.51 -\end{isabelle}
   16.52 -And \isa{auto} completes the proof.
   16.53 -
   16.54 -If there are multiple premises $A@1$, \dots, $A@n$ containing the
   16.55 -induction variable, you should turn the conclusion $C$ into
   16.56 -\[ A@1 \longrightarrow \cdots A@n \longrightarrow C. \]
   16.57 -Additionally, you may also have to universally quantify some other variables,
   16.58 -which can yield a fairly complex conclusion.  However, \isa{rule{\isacharunderscore}format} 
   16.59 -can remove any number of occurrences of \isa{{\isasymforall}} and
   16.60 -\isa{{\isasymlongrightarrow}}.
   16.61 -
   16.62 -\index{induction!on a term}%
   16.63 -A second reason why your proposition may not be amenable to induction is that
   16.64 -you want to induct on a complex term, rather than a variable. In
   16.65 -general, induction on a term~$t$ requires rephrasing the conclusion~$C$
   16.66 -as
   16.67 -\begin{equation}\label{eqn:ind-over-term}
   16.68 -\forall y@1 \dots y@n.~ x = t \longrightarrow C.
   16.69 -\end{equation}
   16.70 -where $y@1 \dots y@n$ are the free variables in $t$ and $x$ is a new variable.
   16.71 -Now you can perform induction on~$x$. An example appears in
   16.72 -\S\ref{sec:complete-ind} below.
   16.73 -
   16.74 -The very same problem may occur in connection with rule induction. Remember
   16.75 -that it requires a premise of the form $(x@1,\dots,x@k) \in R$, where $R$ is
   16.76 -some inductively defined set and the $x@i$ are variables.  If instead we have
   16.77 -a premise $t \in R$, where $t$ is not just an $n$-tuple of variables, we
   16.78 -replace it with $(x@1,\dots,x@k) \in R$, and rephrase the conclusion $C$ as
   16.79 -\[ \forall y@1 \dots y@n.~ (x@1,\dots,x@k) = t \longrightarrow C. \]
   16.80 -For an example see \S\ref{sec:CTL-revisited} below.
   16.81 -
   16.82 -Of course, all premises that share free variables with $t$ need to be pulled into
   16.83 -the conclusion as well, under the \isa{{\isasymforall}}, again using \isa{{\isasymlongrightarrow}} as shown above.
   16.84 -
   16.85 -Readers who are puzzled by the form of statement
   16.86 -(\ref{eqn:ind-over-term}) above should remember that the
   16.87 -transformation is only performed to permit induction. Once induction
   16.88 -has been applied, the statement can be transformed back into something quite
   16.89 -intuitive. For example, applying wellfounded induction on $x$ (w.r.t.\
   16.90 -$\prec$) to (\ref{eqn:ind-over-term}) and transforming the result a
   16.91 -little leads to the goal
   16.92 -\[ \bigwedge\overline{y}.\ 
   16.93 -   \forall \overline{z}.\ t\,\overline{z} \prec t\,\overline{y}\ \longrightarrow\ C\,\overline{z}
   16.94 -    \ \Longrightarrow\ C\,\overline{y} \]
   16.95 -where $\overline{y}$ stands for $y@1 \dots y@n$ and the dependence of $t$ and
   16.96 -$C$ on the free variables of $t$ has been made explicit.
   16.97 -Unfortunately, this induction schema cannot be expressed as a
   16.98 -single theorem because it depends on the number of free variables in $t$ ---
   16.99 -the notation $\overline{y}$ is merely an informal device.%
  16.100 -\end{isamarkuptxt}%
  16.101  \isamarkuptrue%
  16.102  \isamarkupfalse%
  16.103  %
  16.104 @@ -170,41 +82,14 @@
  16.105  \end{isamarkuptext}%
  16.106  \isamarkuptrue%
  16.107  \isacommand{lemma}\ f{\isacharunderscore}incr{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i{\isachardot}\ k\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isachardoublequote}\isamarkupfalse%
  16.108 -%
  16.109 -\begin{isamarkuptxt}%
  16.110 -\noindent
  16.111 -To perform induction on \isa{k} using \isa{nat{\isacharunderscore}less{\isacharunderscore}induct}, we use
  16.112 -the same general induction method as for recursion induction (see
  16.113 -\S\ref{sec:recdef-induction}):%
  16.114 -\end{isamarkuptxt}%
  16.115 +\isamarkuptrue%
  16.116 +\isamarkupfalse%
  16.117  \isamarkuptrue%
  16.118 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ k\ rule{\isacharcolon}\ nat{\isacharunderscore}less{\isacharunderscore}induct{\isacharparenright}\isamarkupfalse%
  16.119 -%
  16.120 -\begin{isamarkuptxt}%
  16.121 -\noindent
  16.122 -We get the following proof state:
  16.123 -\begin{isabelle}%
  16.124 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}n{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ {\isasymforall}i{\isachardot}\ m\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i\ {\isasymLongrightarrow}\ {\isasymforall}i{\isachardot}\ n\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i%
  16.125 -\end{isabelle}
  16.126 -After stripping the \isa{{\isasymforall}i}, the proof continues with a case
  16.127 -distinction on \isa{i}. The case \isa{i\ {\isacharequal}\ {\isadigit{0}}} is trivial and we focus on
  16.128 -the other case:%
  16.129 -\end{isamarkuptxt}%
  16.130 +\isamarkupfalse%
  16.131 +\isamarkupfalse%
  16.132 +\isamarkupfalse%
  16.133  \isamarkuptrue%
  16.134 -\isacommand{apply}{\isacharparenleft}rule\ allI{\isacharparenright}\isanewline
  16.135  \isamarkupfalse%
  16.136 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ i{\isacharparenright}\isanewline
  16.137 -\ \isamarkupfalse%
  16.138 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isamarkupfalse%
  16.139 -%
  16.140 -\begin{isamarkuptxt}%
  16.141 -\begin{isabelle}%
  16.142 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}n\ i\ nat{\isachardot}\isanewline
  16.143 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isasymforall}m{\isacharless}n{\isachardot}\ {\isasymforall}i{\isachardot}\ m\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isacharsemicolon}\ i\ {\isacharequal}\ Suc\ nat{\isasymrbrakk}\ {\isasymLongrightarrow}\ n\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i%
  16.144 -\end{isabelle}%
  16.145 -\end{isamarkuptxt}%
  16.146 -\isamarkuptrue%
  16.147 -\isacommand{by}{\isacharparenleft}blast\ intro{\isacharbang}{\isacharcolon}\ f{\isacharunderscore}ax\ Suc{\isacharunderscore}leI\ intro{\isacharcolon}\ le{\isacharunderscore}less{\isacharunderscore}trans{\isacharparenright}\isamarkupfalse%
  16.148  %
  16.149  \begin{isamarkuptext}%
  16.150  \noindent
  16.151 @@ -295,18 +180,10 @@
  16.152  \isamarkuptrue%
  16.153  \isacommand{lemma}\ induct{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m{\isachardoublequote}\isanewline
  16.154  \isamarkupfalse%
  16.155 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ n{\isacharparenright}\isamarkupfalse%
  16.156 -%
  16.157 -\begin{isamarkuptxt}%
  16.158 -\noindent
  16.159 -The base case is vacuously true. For the induction step (\isa{m\ {\isacharless}\ Suc\ n}) we distinguish two cases: case \isa{m\ {\isacharless}\ n} is true by induction
  16.160 -hypothesis and case \isa{m\ {\isacharequal}\ n} follows from the assumption, again using
  16.161 -the induction hypothesis:%
  16.162 -\end{isamarkuptxt}%
  16.163 -\ \isamarkuptrue%
  16.164 -\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
  16.165  \isamarkupfalse%
  16.166 -\isacommand{by}{\isacharparenleft}blast\ elim{\isacharcolon}\ less{\isacharunderscore}SucE{\isacharparenright}\isamarkupfalse%
  16.167 +\isamarkuptrue%
  16.168 +\isamarkupfalse%
  16.169 +\isamarkupfalse%
  16.170  %
  16.171  \begin{isamarkuptext}%
  16.172  \noindent
  16.173 @@ -325,7 +202,7 @@
  16.174  \isamarkuptrue%
  16.175  \isacommand{theorem}\ nat{\isacharunderscore}less{\isacharunderscore}induct{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n{\isachardoublequote}\isanewline
  16.176  \isamarkupfalse%
  16.177 -\isacommand{by}{\isacharparenleft}insert\ induct{\isacharunderscore}lem{\isacharcomma}\ blast{\isacharparenright}\isamarkupfalse%
  16.178 +\isamarkupfalse%
  16.179  %
  16.180  \begin{isamarkuptext}%
  16.181  HOL already provides the mother of
    17.1 --- a/doc-src/TutorialI/Misc/document/Itrev.tex	Sun Jan 30 20:48:50 2005 +0100
    17.2 +++ b/doc-src/TutorialI/Misc/document/Itrev.tex	Tue Feb 01 18:01:57 2005 +0100
    17.3 @@ -65,58 +65,12 @@
    17.4  \end{isamarkuptext}%
    17.5  \isamarkuptrue%
    17.6  \isacommand{lemma}\ {\isachardoublequote}itrev\ xs\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ rev\ xs{\isachardoublequote}\isamarkupfalse%
    17.7 -%
    17.8 -\begin{isamarkuptxt}%
    17.9 -\noindent
   17.10 -There is no choice as to the induction variable, and we immediately simplify:%
   17.11 -\end{isamarkuptxt}%
   17.12  \isamarkuptrue%
   17.13 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isamarkupfalse%
   17.14 -%
   17.15 -\begin{isamarkuptxt}%
   17.16 -\noindent
   17.17 -Unfortunately, this attempt does not prove
   17.18 -the induction step:
   17.19 -\begin{isabelle}%
   17.20 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
   17.21 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }itrev\ list\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ rev\ list\ {\isasymLongrightarrow}\ itrev\ list\ {\isacharbrackleft}a{\isacharbrackright}\ {\isacharequal}\ rev\ list\ {\isacharat}\ {\isacharbrackleft}a{\isacharbrackright}%
   17.22 -\end{isabelle}
   17.23 -The induction hypothesis is too weak.  The fixed
   17.24 -argument,~\isa{{\isacharbrackleft}{\isacharbrackright}}, prevents it from rewriting the conclusion.  
   17.25 -This example suggests a heuristic:
   17.26 -\begin{quote}\index{generalizing induction formulae}%
   17.27 -\emph{Generalize goals for induction by replacing constants by variables.}
   17.28 -\end{quote}
   17.29 -Of course one cannot do this na\"{\i}vely: \isa{itrev\ xs\ ys\ {\isacharequal}\ rev\ xs} is
   17.30 -just not true.  The correct generalization is%
   17.31 -\end{isamarkuptxt}%
   17.32 +\isamarkupfalse%
   17.33  \isamarkuptrue%
   17.34  \isamarkupfalse%
   17.35  \isacommand{lemma}\ {\isachardoublequote}itrev\ xs\ ys\ {\isacharequal}\ rev\ xs\ {\isacharat}\ ys{\isachardoublequote}\isamarkupfalse%
   17.36  \isamarkupfalse%
   17.37 -%
   17.38 -\begin{isamarkuptxt}%
   17.39 -\noindent
   17.40 -If \isa{ys} is replaced by \isa{{\isacharbrackleft}{\isacharbrackright}}, the right-hand side simplifies to
   17.41 -\isa{rev\ xs}, as required.
   17.42 -
   17.43 -In this instance it was easy to guess the right generalization.
   17.44 -Other situations can require a good deal of creativity.  
   17.45 -
   17.46 -Although we now have two variables, only \isa{xs} is suitable for
   17.47 -induction, and we repeat our proof attempt. Unfortunately, we are still
   17.48 -not there:
   17.49 -\begin{isabelle}%
   17.50 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
   17.51 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }itrev\ list\ ys\ {\isacharequal}\ rev\ list\ {\isacharat}\ ys\ {\isasymLongrightarrow}\isanewline
   17.52 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }itrev\ list\ {\isacharparenleft}a\ {\isacharhash}\ ys{\isacharparenright}\ {\isacharequal}\ rev\ list\ {\isacharat}\ a\ {\isacharhash}\ ys%
   17.53 -\end{isabelle}
   17.54 -The induction hypothesis is still too weak, but this time it takes no
   17.55 -intuition to generalize: the problem is that \isa{ys} is fixed throughout
   17.56 -the subgoal, but the induction hypothesis needs to be applied with
   17.57 -\isa{a\ {\isacharhash}\ ys} instead of \isa{ys}. Hence we prove the theorem
   17.58 -for all \isa{ys} instead of a fixed one:%
   17.59 -\end{isamarkuptxt}%
   17.60  \isamarkuptrue%
   17.61  \isamarkupfalse%
   17.62  \isacommand{lemma}\ {\isachardoublequote}{\isasymforall}ys{\isachardot}\ itrev\ xs\ ys\ {\isacharequal}\ rev\ xs\ {\isacharat}\ ys{\isachardoublequote}\isamarkupfalse%
    18.1 --- a/doc-src/TutorialI/Misc/document/case_exprs.tex	Sun Jan 30 20:48:50 2005 +0100
    18.2 +++ b/doc-src/TutorialI/Misc/document/case_exprs.tex	Tue Feb 01 18:01:57 2005 +0100
    18.3 @@ -67,20 +67,9 @@
    18.4  \isamarkuptrue%
    18.5  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}case\ xs\ of\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymRightarrow}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbar}\ y{\isacharhash}ys\ {\isasymRightarrow}\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
    18.6  \isamarkupfalse%
    18.7 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse%
    18.8 -%
    18.9 -\begin{isamarkuptxt}%
   18.10 -\noindent
   18.11 -results in the proof state
   18.12 -\begin{isabelle}%
   18.13 -\ {\isadigit{1}}{\isachardot}\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ {\isacharparenleft}case\ xs\ of\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymRightarrow}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbar}\ y\ {\isacharhash}\ ys\ {\isasymRightarrow}\ xs{\isacharparenright}\ {\isacharequal}\ xs\isanewline
   18.14 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
   18.15 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }xs\ {\isacharequal}\ a\ {\isacharhash}\ list\ {\isasymLongrightarrow}\ {\isacharparenleft}case\ xs\ of\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymRightarrow}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharbar}\ y\ {\isacharhash}\ ys\ {\isasymRightarrow}\ xs{\isacharparenright}\ {\isacharequal}\ xs%
   18.16 -\end{isabelle}
   18.17 -which is solved automatically:%
   18.18 -\end{isamarkuptxt}%
   18.19 +\isamarkupfalse%
   18.20  \isamarkuptrue%
   18.21 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
   18.22 +\isamarkupfalse%
   18.23  \isamarkupfalse%
   18.24  %
   18.25  \begin{isamarkuptext}%
    19.1 --- a/doc-src/TutorialI/Misc/document/natsum.tex	Sun Jan 30 20:48:50 2005 +0100
    19.2 +++ b/doc-src/TutorialI/Misc/document/natsum.tex	Tue Feb 01 18:01:57 2005 +0100
    19.3 @@ -24,11 +24,9 @@
    19.4  \isamarkuptrue%
    19.5  \isacommand{lemma}\ {\isachardoublequote}sum\ n\ {\isacharplus}\ sum\ n\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}Suc\ n{\isacharparenright}{\isachardoublequote}\isanewline
    19.6  \isamarkupfalse%
    19.7 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ n{\isacharparenright}\isanewline
    19.8 +\isamarkupfalse%
    19.9  \isamarkupfalse%
   19.10 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
   19.11  \isamarkupfalse%
   19.12 -\isacommand{done}\isamarkupfalse%
   19.13  %
   19.14  \begin{isamarkuptext}%
   19.15  \newcommand{\mystar}{*%
   19.16 @@ -109,7 +107,7 @@
   19.17  \isamarkuptrue%
   19.18  \isacommand{lemma}\ {\isachardoublequote}min\ i\ {\isacharparenleft}max\ j\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ max\ {\isacharparenleft}min\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}\ i{\isacharparenright}\ {\isacharparenleft}min\ i\ {\isacharparenleft}j{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isanewline
   19.19  \isamarkupfalse%
   19.20 -\isacommand{apply}{\isacharparenleft}arith{\isacharparenright}\isamarkupfalse%
   19.21 +\isamarkupfalse%
   19.22  \isamarkupfalse%
   19.23  %
   19.24  \begin{isamarkuptext}%
    20.1 --- a/doc-src/TutorialI/Misc/document/simp.tex	Sun Jan 30 20:48:50 2005 +0100
    20.2 +++ b/doc-src/TutorialI/Misc/document/simp.tex	Tue Feb 01 18:01:57 2005 +0100
    20.3 @@ -114,9 +114,8 @@
    20.4  \isamarkuptrue%
    20.5  \isacommand{lemma}\ {\isachardoublequote}{\isasymlbrakk}\ xs\ {\isacharat}\ zs\ {\isacharequal}\ ys\ {\isacharat}\ xs{\isacharsemicolon}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ ys\ {\isacharequal}\ zs{\isachardoublequote}\isanewline
    20.6  \isamarkupfalse%
    20.7 -\isacommand{apply}\ simp\isanewline
    20.8  \isamarkupfalse%
    20.9 -\isacommand{done}\isamarkupfalse%
   20.10 +\isamarkupfalse%
   20.11  %
   20.12  \begin{isamarkuptext}%
   20.13  \noindent
   20.14 @@ -128,19 +127,9 @@
   20.15  \end{isamarkuptext}%
   20.16  \isamarkuptrue%
   20.17  \isacommand{lemma}\ {\isachardoublequote}{\isasymforall}x{\isachardot}\ f\ x\ {\isacharequal}\ g\ {\isacharparenleft}f\ {\isacharparenleft}g\ x{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\ f\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ f\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isamarkupfalse%
   20.18 -%
   20.19 -\begin{isamarkuptxt}%
   20.20 -\noindent
   20.21 -An unmodified application of \isa{simp} loops.  The culprit is the
   20.22 -simplification rule \isa{f\ x\ {\isacharequal}\ g\ {\isacharparenleft}f\ {\isacharparenleft}g\ x{\isacharparenright}{\isacharparenright}}, which is extracted from
   20.23 -the assumption.  (Isabelle notices certain simple forms of
   20.24 -nontermination but not this one.)  The problem can be circumvented by
   20.25 -telling the simplifier to ignore the assumptions:%
   20.26 -\end{isamarkuptxt}%
   20.27  \isamarkuptrue%
   20.28 -\isacommand{apply}{\isacharparenleft}simp\ {\isacharparenleft}no{\isacharunderscore}asm{\isacharparenright}{\isacharparenright}\isanewline
   20.29  \isamarkupfalse%
   20.30 -\isacommand{done}\isamarkupfalse%
   20.31 +\isamarkupfalse%
   20.32  %
   20.33  \begin{isamarkuptext}%
   20.34  \noindent
   20.35 @@ -198,27 +187,12 @@
   20.36  \end{isamarkuptext}%
   20.37  \isamarkuptrue%
   20.38  \isacommand{lemma}\ {\isachardoublequote}xor\ A\ {\isacharparenleft}{\isasymnot}A{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
   20.39 -%
   20.40 -\begin{isamarkuptxt}%
   20.41 -\noindent
   20.42 -Typically, we begin by unfolding some definitions:
   20.43 -\indexbold{definitions!unfolding}%
   20.44 -\end{isamarkuptxt}%
   20.45  \isamarkuptrue%
   20.46 -\isacommand{apply}{\isacharparenleft}simp\ only{\isacharcolon}\ xor{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   20.47 -%
   20.48 -\begin{isamarkuptxt}%
   20.49 -\noindent
   20.50 -In this particular case, the resulting goal
   20.51 -\begin{isabelle}%
   20.52 -\ {\isadigit{1}}{\isachardot}\ A\ {\isasymand}\ {\isasymnot}\ {\isasymnot}\ A\ {\isasymor}\ {\isasymnot}\ A\ {\isasymand}\ {\isasymnot}\ A%
   20.53 -\end{isabelle}
   20.54 -can be proved by simplification. Thus we could have proved the lemma outright by%
   20.55 -\end{isamarkuptxt}%
   20.56 +\isamarkupfalse%
   20.57  \isamarkuptrue%
   20.58  \isamarkupfalse%
   20.59  \isamarkupfalse%
   20.60 -\isacommand{apply}{\isacharparenleft}simp\ add{\isacharcolon}\ xor{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   20.61 +\isamarkupfalse%
   20.62  \isamarkupfalse%
   20.63  %
   20.64  \begin{isamarkuptext}%
   20.65 @@ -255,9 +229,8 @@
   20.66  \isamarkuptrue%
   20.67  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}let\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ in\ xs{\isacharat}ys{\isacharat}xs{\isacharparenright}\ {\isacharequal}\ ys{\isachardoublequote}\isanewline
   20.68  \isamarkupfalse%
   20.69 -\isacommand{apply}{\isacharparenleft}simp\ add{\isacharcolon}\ Let{\isacharunderscore}def{\isacharparenright}\isanewline
   20.70  \isamarkupfalse%
   20.71 -\isacommand{done}\isamarkupfalse%
   20.72 +\isamarkupfalse%
   20.73  %
   20.74  \begin{isamarkuptext}%
   20.75  If, in a particular context, there is no danger of a combinatorial explosion
   20.76 @@ -279,9 +252,8 @@
   20.77  \isamarkuptrue%
   20.78  \isacommand{lemma}\ hd{\isacharunderscore}Cons{\isacharunderscore}tl{\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ \ {\isasymLongrightarrow}\ \ hd\ xs\ {\isacharhash}\ tl\ xs\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
   20.79  \isamarkupfalse%
   20.80 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ xs{\isacharcomma}\ simp{\isacharcomma}\ simp{\isacharparenright}\isanewline
   20.81  \isamarkupfalse%
   20.82 -\isacommand{done}\isamarkupfalse%
   20.83 +\isamarkupfalse%
   20.84  %
   20.85  \begin{isamarkuptext}%
   20.86  \noindent
   20.87 @@ -317,51 +289,17 @@
   20.88  \end{isamarkuptext}%
   20.89  \isamarkuptrue%
   20.90  \isacommand{lemma}\ {\isachardoublequote}{\isasymforall}xs{\isachardot}\ if\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ then\ rev\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ else\ rev\ xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isamarkupfalse%
   20.91 -%
   20.92 -\begin{isamarkuptxt}%
   20.93 -\noindent
   20.94 -The goal can be split by a special method, \methdx{split}:%
   20.95 -\end{isamarkuptxt}%
   20.96  \isamarkuptrue%
   20.97 -\isacommand{apply}{\isacharparenleft}split\ split{\isacharunderscore}if{\isacharparenright}\isamarkupfalse%
   20.98 -%
   20.99 -\begin{isamarkuptxt}%
  20.100 -\noindent
  20.101 -\begin{isabelle}%
  20.102 -\ {\isadigit{1}}{\isachardot}\ {\isasymforall}xs{\isachardot}\ {\isacharparenleft}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongrightarrow}\ rev\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isasymand}\ {\isacharparenleft}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongrightarrow}\ rev\ xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}%
  20.103 -\end{isabelle}
  20.104 -where \tdx{split_if} is a theorem that expresses splitting of
  20.105 -\isa{if}s. Because
  20.106 -splitting the \isa{if}s is usually the right proof strategy, the
  20.107 -simplifier does it automatically.  Try \isacommand{apply}\isa{{\isacharparenleft}simp{\isacharparenright}}
  20.108 -on the initial goal above.
  20.109 -
  20.110 -This splitting idea generalizes from \isa{if} to \sdx{case}.
  20.111 -Let us simplify a case analysis over lists:\index{*list.split (theorem)}%
  20.112 -\end{isamarkuptxt}%
  20.113 +\isamarkupfalse%
  20.114  \isamarkuptrue%
  20.115  \isamarkupfalse%
  20.116  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}case\ xs\ of\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymRightarrow}\ zs\ {\isacharbar}\ y{\isacharhash}ys\ {\isasymRightarrow}\ y{\isacharhash}{\isacharparenleft}ys{\isacharat}zs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ xs{\isacharat}zs{\isachardoublequote}\isanewline
  20.117  \isamarkupfalse%
  20.118 -\isacommand{apply}{\isacharparenleft}split\ list{\isachardot}split{\isacharparenright}\isamarkupfalse%
  20.119 -%
  20.120 -\begin{isamarkuptxt}%
  20.121 -\begin{isabelle}%
  20.122 -\ {\isadigit{1}}{\isachardot}\ {\isacharparenleft}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymlongrightarrow}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ zs{\isacharparenright}\ {\isasymand}\isanewline
  20.123 -\isaindent{\ {\isadigit{1}}{\isachardot}\ }{\isacharparenleft}{\isasymforall}a\ list{\isachardot}\ xs\ {\isacharequal}\ a\ {\isacharhash}\ list\ {\isasymlongrightarrow}\ a\ {\isacharhash}\ list\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ zs{\isacharparenright}%
  20.124 -\end{isabelle}
  20.125 -The simplifier does not split
  20.126 -\isa{case}-expressions, as it does \isa{if}-expressions, 
  20.127 -because with recursive datatypes it could lead to nontermination.
  20.128 -Instead, the simplifier has a modifier
  20.129 -\isa{split}\index{*split (modifier)} 
  20.130 -for adding splitting rules explicitly.  The
  20.131 -lemma above can be proved in one step by%
  20.132 -\end{isamarkuptxt}%
  20.133 +\isamarkupfalse%
  20.134  \isamarkuptrue%
  20.135  \isamarkupfalse%
  20.136  \isamarkupfalse%
  20.137 -\isacommand{apply}{\isacharparenleft}simp\ split{\isacharcolon}\ list{\isachardot}split{\isacharparenright}\isamarkupfalse%
  20.138 +\isamarkupfalse%
  20.139  \isamarkupfalse%
  20.140  %
  20.141  \begin{isamarkuptext}%
  20.142 @@ -382,7 +320,7 @@
  20.143  \end{isamarkuptext}%
  20.144  \isamarkuptrue%
  20.145  \isamarkupfalse%
  20.146 -\isacommand{apply}{\isacharparenleft}simp\ split\ del{\isacharcolon}\ split{\isacharunderscore}if{\isacharparenright}\isamarkupfalse%
  20.147 +\isamarkupfalse%
  20.148  \isamarkupfalse%
  20.149  %
  20.150  \begin{isamarkuptext}%
  20.151 @@ -407,30 +345,7 @@
  20.152  \isamarkuptrue%
  20.153  \isacommand{lemma}\ {\isachardoublequote}if\ xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ then\ ys\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ else\ ys\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ xs\ {\isacharat}\ ys\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isanewline
  20.154  \isamarkupfalse%
  20.155 -\isacommand{apply}{\isacharparenleft}split\ split{\isacharunderscore}if{\isacharunderscore}asm{\isacharparenright}\isamarkupfalse%
  20.156 -%
  20.157 -\begin{isamarkuptxt}%
  20.158 -\noindent
  20.159 -Unlike splitting the conclusion, this step creates two
  20.160 -separate subgoals, which here can be solved by \isa{simp{\isacharunderscore}all}:
  20.161 -\begin{isabelle}%
  20.162 -\ {\isadigit{1}}{\isachardot}\ {\isasymlbrakk}xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isacharsemicolon}\ ys\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}{\isasymrbrakk}\ {\isasymLongrightarrow}\ xs\ {\isacharat}\ ys\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\isanewline
  20.163 -\ {\isadigit{2}}{\isachardot}\ {\isasymlbrakk}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}{\isacharsemicolon}\ ys\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isasymrbrakk}\ {\isasymLongrightarrow}\ xs\ {\isacharat}\ ys\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}%
  20.164 -\end{isabelle}
  20.165 -If you need to split both in the assumptions and the conclusion,
  20.166 -use $t$\isa{{\isachardot}splits} which subsumes $t$\isa{{\isachardot}split} and
  20.167 -$t$\isa{{\isachardot}split{\isacharunderscore}asm}. Analogously, there is \isa{if{\isacharunderscore}splits}.
  20.168 -
  20.169 -\begin{warn}
  20.170 -  The simplifier merely simplifies the condition of an 
  20.171 -  \isa{if}\index{*if expressions!simplification of} but not the
  20.172 -  \isa{then} or \isa{else} parts. The latter are simplified only after the
  20.173 -  condition reduces to \isa{True} or \isa{False}, or after splitting. The
  20.174 -  same is true for \sdx{case}-expressions: only the selector is
  20.175 -  simplified at first, until either the expression reduces to one of the
  20.176 -  cases or it is split.
  20.177 -\end{warn}%
  20.178 -\end{isamarkuptxt}%
  20.179 +\isamarkupfalse%
  20.180  \isamarkuptrue%
  20.181  \isamarkupfalse%
  20.182  %
  20.183 @@ -446,11 +361,10 @@
  20.184  on:%
  20.185  \end{isamarkuptext}%
  20.186  \isamarkuptrue%
  20.187 -\isacommand{ML}\ {\isachardoublequote}set\ trace{\isacharunderscore}simp{\isachardoublequote}\isanewline
  20.188  \isamarkupfalse%
  20.189  \isacommand{lemma}\ {\isachardoublequote}rev\ {\isacharbrackleft}a{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isanewline
  20.190  \isamarkupfalse%
  20.191 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isamarkupfalse%
  20.192 +\isamarkupfalse%
  20.193  \isamarkupfalse%
  20.194  %
  20.195  \begin{isamarkuptext}%
  20.196 @@ -487,7 +401,6 @@
  20.197  rules.  Thus it is advisable to reset it:%
  20.198  \end{isamarkuptext}%
  20.199  \isamarkuptrue%
  20.200 -\isacommand{ML}\ {\isachardoublequote}reset\ trace{\isacharunderscore}simp{\isachardoublequote}\isanewline
  20.201  \isamarkupfalse%
  20.202  \isamarkupfalse%
  20.203  \end{isabellebody}%
    21.1 --- a/doc-src/TutorialI/Recdef/document/Induction.tex	Sun Jan 30 20:48:50 2005 +0100
    21.2 +++ b/doc-src/TutorialI/Recdef/document/Induction.tex	Tue Feb 01 18:01:57 2005 +0100
    21.3 @@ -21,33 +21,11 @@
    21.4  \end{isamarkuptext}%
    21.5  \isamarkuptrue%
    21.6  \isacommand{lemma}\ {\isachardoublequote}map\ f\ {\isacharparenleft}sep{\isacharparenleft}x{\isacharcomma}xs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep{\isacharparenleft}f\ x{\isacharcomma}\ map\ f\ xs{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
    21.7 -%
    21.8 -\begin{isamarkuptxt}%
    21.9 -\noindent
   21.10 -Note that \isa{map\ f\ xs}
   21.11 -is the result of applying \isa{f} to all elements of \isa{xs}. We prove
   21.12 -this lemma by recursion induction over \isa{sep}:%
   21.13 -\end{isamarkuptxt}%
   21.14 +\isamarkuptrue%
   21.15 +\isamarkupfalse%
   21.16  \isamarkuptrue%
   21.17 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ x\ xs\ rule{\isacharcolon}\ sep{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   21.18 -%
   21.19 -\begin{isamarkuptxt}%
   21.20 -\noindent
   21.21 -The resulting proof state has three subgoals corresponding to the three
   21.22 -clauses for \isa{sep}:
   21.23 -\begin{isabelle}%
   21.24 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a{\isachardot}\ map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\isanewline
   21.25 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ x{\isachardot}\ map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ {\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}\isanewline
   21.26 -\ {\isadigit{3}}{\isachardot}\ {\isasymAnd}a\ x\ y\ zs{\isachardot}\isanewline
   21.27 -\isaindent{\ {\isadigit{3}}{\isachardot}\ \ \ \ }map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharparenleft}y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\isanewline
   21.28 -\isaindent{\ {\isadigit{3}}{\isachardot}\ \ \ \ }map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharparenleft}x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}%
   21.29 -\end{isabelle}
   21.30 -The rest is pure simplification:%
   21.31 -\end{isamarkuptxt}%
   21.32 -\isamarkuptrue%
   21.33 -\isacommand{apply}\ simp{\isacharunderscore}all\isanewline
   21.34  \isamarkupfalse%
   21.35 -\isacommand{done}\isamarkupfalse%
   21.36 +\isamarkupfalse%
   21.37  %
   21.38  \begin{isamarkuptext}%
   21.39  Try proving the above lemma by structural induction, and you find that you
    22.1 --- a/doc-src/TutorialI/Recdef/document/Nested2.tex	Sun Jan 30 20:48:50 2005 +0100
    22.2 +++ b/doc-src/TutorialI/Recdef/document/Nested2.tex	Tue Feb 01 18:01:57 2005 +0100
    22.3 @@ -5,7 +5,7 @@
    22.4  \isamarkupfalse%
    22.5  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}t\ {\isasymin}\ set\ ts\ {\isasymlongrightarrow}\ size\ t\ {\isacharless}\ Suc{\isacharparenleft}term{\isacharunderscore}list{\isacharunderscore}size\ ts{\isacharparenright}{\isachardoublequote}\isanewline
    22.6  \isamarkupfalse%
    22.7 -\isacommand{by}{\isacharparenleft}induct{\isacharunderscore}tac\ ts{\isacharcomma}\ auto{\isacharparenright}\isamarkupfalse%
    22.8 +\isamarkupfalse%
    22.9  \isamarkupfalse%
   22.10  %
   22.11  \begin{isamarkuptext}%
   22.12 @@ -20,19 +20,9 @@
   22.13  \isamarkuptrue%
   22.14  \isacommand{lemma}\ {\isachardoublequote}trev{\isacharparenleft}trev\ t{\isacharparenright}\ {\isacharequal}\ t{\isachardoublequote}\isanewline
   22.15  \isamarkupfalse%
   22.16 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ t\ rule{\isacharcolon}\ trev{\isachardot}induct{\isacharparenright}\isamarkupfalse%
   22.17 -%
   22.18 -\begin{isamarkuptxt}%
   22.19 -\begin{isabelle}%
   22.20 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ trev\ {\isacharparenleft}trev\ {\isacharparenleft}Var\ x{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ Var\ x\isanewline
   22.21 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}f\ ts{\isachardot}\isanewline
   22.22 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymforall}x{\isachardot}\ x\ {\isasymin}\ set\ ts\ {\isasymlongrightarrow}\ trev\ {\isacharparenleft}trev\ x{\isacharparenright}\ {\isacharequal}\ x\ {\isasymLongrightarrow}\isanewline
   22.23 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }trev\ {\isacharparenleft}trev\ {\isacharparenleft}App\ f\ ts{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ App\ f\ ts%
   22.24 -\end{isabelle}
   22.25 -Both the base case and the induction step fall to simplification:%
   22.26 -\end{isamarkuptxt}%
   22.27 +\isamarkupfalse%
   22.28  \isamarkuptrue%
   22.29 -\isacommand{by}{\isacharparenleft}simp{\isacharunderscore}all\ add{\isacharcolon}\ rev{\isacharunderscore}map\ sym{\isacharbrackleft}OF\ map{\isacharunderscore}compose{\isacharbrackright}\ cong{\isacharcolon}\ map{\isacharunderscore}cong{\isacharparenright}\isamarkupfalse%
   22.30 +\isamarkupfalse%
   22.31  %
   22.32  \begin{isamarkuptext}%
   22.33  \noindent
    23.1 --- a/doc-src/TutorialI/Recdef/document/simplification.tex	Sun Jan 30 20:48:50 2005 +0100
    23.2 +++ b/doc-src/TutorialI/Recdef/document/simplification.tex	Tue Feb 01 18:01:57 2005 +0100
    23.3 @@ -94,16 +94,14 @@
    23.4  \isamarkuptrue%
    23.5  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}gcd\ {\isacharparenleft}m{\isacharcomma}\ {\isadigit{0}}{\isacharparenright}\ {\isacharequal}\ m{\isachardoublequote}\isanewline
    23.6  \isamarkupfalse%
    23.7 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isanewline
    23.8  \isamarkupfalse%
    23.9 -\isacommand{done}\isanewline
   23.10 +\isanewline
   23.11  \isanewline
   23.12  \isamarkupfalse%
   23.13  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}n\ {\isasymnoteq}\ {\isadigit{0}}\ {\isasymLongrightarrow}\ gcd{\isacharparenleft}m{\isacharcomma}\ n{\isacharparenright}\ {\isacharequal}\ gcd{\isacharparenleft}n{\isacharcomma}\ m\ mod\ n{\isacharparenright}{\isachardoublequote}\isanewline
   23.14  \isamarkupfalse%
   23.15 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isanewline
   23.16  \isamarkupfalse%
   23.17 -\isacommand{done}\isamarkupfalse%
   23.18 +\isamarkupfalse%
   23.19  %
   23.20  \begin{isamarkuptext}%
   23.21  \noindent
    24.1 --- a/doc-src/TutorialI/Recdef/document/termination.tex	Sun Jan 30 20:48:50 2005 +0100
    24.2 +++ b/doc-src/TutorialI/Recdef/document/termination.tex	Tue Feb 01 18:01:57 2005 +0100
    24.3 @@ -65,9 +65,8 @@
    24.4  \isamarkuptrue%
    24.5  \isacommand{theorem}\ {\isachardoublequote}qs{\isacharbrackleft}{\isadigit{2}}{\isacharcomma}{\isadigit{3}}{\isacharcomma}{\isadigit{0}}{\isacharbrackright}\ {\isacharequal}\ qs{\isacharbrackleft}{\isadigit{3}}{\isacharcomma}{\isadigit{0}}{\isacharcomma}{\isadigit{2}}{\isacharbrackright}{\isachardoublequote}\isanewline
    24.6  \isamarkupfalse%
    24.7 -\isacommand{apply}{\isacharparenleft}simp{\isacharparenright}\isanewline
    24.8  \isamarkupfalse%
    24.9 -\isacommand{done}\isamarkupfalse%
   24.10 +\isamarkupfalse%
   24.11  %
   24.12  \begin{isamarkuptext}%
   24.13  \noindent
    25.1 --- a/doc-src/TutorialI/ToyList/document/ToyList.tex	Sun Jan 30 20:48:50 2005 +0100
    25.2 +++ b/doc-src/TutorialI/ToyList/document/ToyList.tex	Tue Feb 01 18:01:57 2005 +0100
    25.3 @@ -136,98 +136,10 @@
    25.4  \end{isamarkuptext}%
    25.5  \isamarkuptrue%
    25.6  \isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isamarkupfalse%
    25.7 -%
    25.8 -\begin{isamarkuptxt}%
    25.9 -\index{theorem@\isacommand {theorem} (command)|bold}%
   25.10 -\noindent
   25.11 -This \isacommand{theorem} command does several things:
   25.12 -\begin{itemize}
   25.13 -\item
   25.14 -It establishes a new theorem to be proved, namely \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}.
   25.15 -\item
   25.16 -It gives that theorem the name \isa{rev{\isacharunderscore}rev}, for later reference.
   25.17 -\item
   25.18 -It tells Isabelle (via the bracketed attribute \attrdx{simp}) to take the eventual theorem as a simplification rule: future proofs involving
   25.19 -simplification will replace occurrences of \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}} by
   25.20 -\isa{xs}.
   25.21 -\end{itemize}
   25.22 -The name and the simplification attribute are optional.
   25.23 -Isabelle's response is to print the initial proof state consisting
   25.24 -of some header information (like how many subgoals there are) followed by
   25.25 -\begin{isabelle}%
   25.26 -\ {\isadigit{1}}{\isachardot}\ rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs%
   25.27 -\end{isabelle}
   25.28 -For compactness reasons we omit the header in this tutorial.
   25.29 -Until we have finished a proof, the \rmindex{proof state} proper
   25.30 -always looks like this:
   25.31 -\begin{isabelle}
   25.32 -~1.~$G\sb{1}$\isanewline
   25.33 -~~\vdots~~\isanewline
   25.34 -~$n$.~$G\sb{n}$
   25.35 -\end{isabelle}
   25.36 -The numbered lines contain the subgoals $G\sb{1}$, \dots, $G\sb{n}$
   25.37 -that we need to prove to establish the main goal.\index{subgoals}
   25.38 -Initially there is only one subgoal, which is identical with the
   25.39 -main goal. (If you always want to see the main goal as well,
   25.40 -set the flag \isa{Proof.show_main_goal}\index{*show_main_goal (flag)}
   25.41 ---- this flag used to be set by default.)
   25.42 -
   25.43 -Let us now get back to \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}. Properties of recursively
   25.44 -defined functions are best established by induction. In this case there is
   25.45 -nothing obvious except induction on \isa{xs}:%
   25.46 -\end{isamarkuptxt}%
   25.47  \isamarkuptrue%
   25.48 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse%
   25.49 -%
   25.50 -\begin{isamarkuptxt}%
   25.51 -\noindent\index{*induct_tac (method)}%
   25.52 -This tells Isabelle to perform induction on variable \isa{xs}. The suffix
   25.53 -\isa{tac} stands for \textbf{tactic},\index{tactics}
   25.54 -a synonym for ``theorem proving function''.
   25.55 -By default, induction acts on the first subgoal. The new proof state contains
   25.56 -two subgoals, namely the base case (\isa{Nil}) and the induction step
   25.57 -(\isa{Cons}):
   25.58 -\begin{isabelle}%
   25.59 -\ {\isadigit{1}}{\isachardot}\ rev\ {\isacharparenleft}rev\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\isanewline
   25.60 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
   25.61 -\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ {\isacharparenleft}a\ {\isacharhash}\ list{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list%
   25.62 -\end{isabelle}
   25.63 -
   25.64 -The induction step is an example of the general format of a subgoal:\index{subgoals}
   25.65 -\begin{isabelle}
   25.66 -~$i$.~{\isasymAnd}$x\sb{1}$~\dots$x\sb{n}$.~{\it assumptions}~{\isasymLongrightarrow}~{\it conclusion}
   25.67 -\end{isabelle}\index{$IsaAnd@\isasymAnd|bold}
   25.68 -The prefix of bound variables \isasymAnd$x\sb{1}$~\dots~$x\sb{n}$ can be
   25.69 -ignored most of the time, or simply treated as a list of variables local to
   25.70 -this subgoal. Their deeper significance is explained in Chapter~\ref{chap:rules}.
   25.71 -The {\it assumptions}\index{assumptions!of subgoal}
   25.72 -are the local assumptions for this subgoal and {\it
   25.73 -  conclusion}\index{conclusion!of subgoal} is the actual proposition to be proved. 
   25.74 -Typical proof steps
   25.75 -that add new assumptions are induction and case distinction. In our example
   25.76 -the only assumption is the induction hypothesis \isa{rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list}, where \isa{list} is a variable name chosen by Isabelle. If there
   25.77 -are multiple assumptions, they are enclosed in the bracket pair
   25.78 -\indexboldpos{\isasymlbrakk}{$Isabrl} and
   25.79 -\indexboldpos{\isasymrbrakk}{$Isabrr} and separated by semicolons.
   25.80 -
   25.81 -Let us try to solve both goals automatically:%
   25.82 -\end{isamarkuptxt}%
   25.83 +\isamarkupfalse%
   25.84  \isamarkuptrue%
   25.85 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
   25.86 -%
   25.87 -\begin{isamarkuptxt}%
   25.88 -\noindent
   25.89 -This command tells Isabelle to apply a proof strategy called
   25.90 -\isa{auto} to all subgoals. Essentially, \isa{auto} tries to
   25.91 -simplify the subgoals.  In our case, subgoal~1 is solved completely (thanks
   25.92 -to the equation \isa{rev\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}}) and disappears; the simplified version
   25.93 -of subgoal~2 becomes the new subgoal~1:
   25.94 -\begin{isabelle}%
   25.95 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
   25.96 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list%
   25.97 -\end{isabelle}
   25.98 -In order to simplify this subgoal further, a lemma suggests itself.%
   25.99 -\end{isamarkuptxt}%
  25.100 +\isamarkupfalse%
  25.101  \isamarkuptrue%
  25.102  \isamarkupfalse%
  25.103  %
  25.104 @@ -242,35 +154,10 @@
  25.105  \end{isamarkuptext}%
  25.106  \isamarkuptrue%
  25.107  \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
  25.108 -%
  25.109 -\begin{isamarkuptxt}%
  25.110 -\noindent The keywords \commdx{theorem} and
  25.111 -\commdx{lemma} are interchangeable and merely indicate
  25.112 -the importance we attach to a proposition.  Therefore we use the words
  25.113 -\emph{theorem} and \emph{lemma} pretty much interchangeably, too.
  25.114 -
  25.115 -There are two variables that we could induct on: \isa{xs} and
  25.116 -\isa{ys}. Because \isa{{\isacharat}} is defined by recursion on
  25.117 -the first argument, \isa{xs} is the correct one:%
  25.118 -\end{isamarkuptxt}%
  25.119  \isamarkuptrue%
  25.120 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse%
  25.121 -%
  25.122 -\begin{isamarkuptxt}%
  25.123 -\noindent
  25.124 -This time not even the base case is solved automatically:%
  25.125 -\end{isamarkuptxt}%
  25.126 +\isamarkupfalse%
  25.127  \isamarkuptrue%
  25.128 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
  25.129 -%
  25.130 -\begin{isamarkuptxt}%
  25.131 -\begin{isabelle}%
  25.132 -\ {\isadigit{1}}{\isachardot}\ rev\ ys\ {\isacharequal}\ rev\ ys\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}%
  25.133 -\end{isabelle}
  25.134 -Again, we need to abandon this proof attempt and prove another simple lemma
  25.135 -first. In the future the step of abandoning an incomplete proof before
  25.136 -embarking on the proof of a lemma usually remains implicit.%
  25.137 -\end{isamarkuptxt}%
  25.138 +\isamarkupfalse%
  25.139  \isamarkuptrue%
  25.140  \isamarkupfalse%
  25.141  %
  25.142 @@ -284,21 +171,10 @@
  25.143  \isamarkuptrue%
  25.144  \isacommand{lemma}\ app{\isacharunderscore}Nil{\isadigit{2}}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
  25.145  \isamarkupfalse%
  25.146 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
  25.147 +\isamarkupfalse%
  25.148  \isamarkupfalse%
  25.149 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
  25.150 -%
  25.151 -\begin{isamarkuptxt}%
  25.152 -\noindent
  25.153 -It works, yielding the desired message \isa{No\ subgoals{\isacharbang}}:
  25.154 -\begin{isabelle}%
  25.155 -xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs\isanewline
  25.156 -No\ subgoals{\isacharbang}%
  25.157 -\end{isabelle}
  25.158 -We still need to confirm that the proof is now finished:%
  25.159 -\end{isamarkuptxt}%
  25.160  \isamarkuptrue%
  25.161 -\isacommand{done}\isamarkupfalse%
  25.162 +\isamarkupfalse%
  25.163  %
  25.164  \begin{isamarkuptext}%
  25.165  \noindent
  25.166 @@ -318,27 +194,8 @@
  25.167  \isamarkuptrue%
  25.168  \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline
  25.169  \isamarkupfalse%
  25.170 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
  25.171  \isamarkupfalse%
  25.172 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse%
  25.173 -%
  25.174 -\begin{isamarkuptxt}%
  25.175 -\noindent
  25.176 -we find that this time \isa{auto} solves the base case, but the
  25.177 -induction step merely simplifies to
  25.178 -\begin{isabelle}%
  25.179 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
  25.180 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}list\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ rev\ ys\ {\isacharat}\ rev\ list\ {\isasymLongrightarrow}\isanewline
  25.181 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isacharparenleft}rev\ ys\ {\isacharat}\ rev\ list{\isacharparenright}\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ rev\ ys\ {\isacharat}\ rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}%
  25.182 -\end{isabelle}
  25.183 -Now we need to remember that \isa{{\isacharat}} associates to the right, and that
  25.184 -\isa{{\isacharhash}} and \isa{{\isacharat}} have the same priority (namely the \isa{{\isadigit{6}}{\isadigit{5}}}
  25.185 -in their \isacommand{infixr} annotation). Thus the conclusion really is
  25.186 -\begin{isabelle}
  25.187 -~~~~~(rev~ys~@~rev~list)~@~(a~\#~[])~=~rev~ys~@~(rev~list~@~(a~\#~[]))
  25.188 -\end{isabelle}
  25.189 -and the missing lemma is associativity of \isa{{\isacharat}}.%
  25.190 -\end{isamarkuptxt}%
  25.191 +\isamarkupfalse%
  25.192  \isamarkuptrue%
  25.193  \isamarkupfalse%
  25.194  %
  25.195 @@ -353,11 +210,9 @@
  25.196  \isamarkuptrue%
  25.197  \isacommand{lemma}\ app{\isacharunderscore}assoc\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ {\isacharparenleft}ys\ {\isacharat}\ zs{\isacharparenright}{\isachardoublequote}\isanewline
  25.198  \isamarkupfalse%
  25.199 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
  25.200 +\isamarkupfalse%
  25.201  \isamarkupfalse%
  25.202 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
  25.203  \isamarkupfalse%
  25.204 -\isacommand{done}\isamarkupfalse%
  25.205  %
  25.206  \begin{isamarkuptext}%
  25.207  \noindent
  25.208 @@ -366,11 +221,9 @@
  25.209  \isamarkuptrue%
  25.210  \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline
  25.211  \isamarkupfalse%
  25.212 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
  25.213 +\isamarkupfalse%
  25.214  \isamarkupfalse%
  25.215 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
  25.216  \isamarkupfalse%
  25.217 -\isacommand{done}\isamarkupfalse%
  25.218  %
  25.219  \begin{isamarkuptext}%
  25.220  \noindent
  25.221 @@ -379,11 +232,9 @@
  25.222  \isamarkuptrue%
  25.223  \isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
  25.224  \isamarkupfalse%
  25.225 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
  25.226 +\isamarkupfalse%
  25.227  \isamarkupfalse%
  25.228 -\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
  25.229  \isamarkupfalse%
  25.230 -\isacommand{done}\isamarkupfalse%
  25.231  %
  25.232  \begin{isamarkuptext}%
  25.233  \noindent
    26.1 --- a/doc-src/TutorialI/Trie/document/Trie.tex	Sun Jan 30 20:48:50 2005 +0100
    26.2 +++ b/doc-src/TutorialI/Trie/document/Trie.tex	Tue Feb 01 18:01:57 2005 +0100
    26.3 @@ -63,9 +63,8 @@
    26.4  \isamarkuptrue%
    26.5  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}lookup\ {\isacharparenleft}Trie\ None\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ as\ {\isacharequal}\ None{\isachardoublequote}\isanewline
    26.6  \isamarkupfalse%
    26.7 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ as{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
    26.8  \isamarkupfalse%
    26.9 -\isacommand{done}\isamarkupfalse%
   26.10 +\isamarkupfalse%
   26.11  %
   26.12  \begin{isamarkuptext}%
   26.13  Things begin to get interesting with the definition of an update function
   26.14 @@ -110,36 +109,11 @@
   26.15  \isamarkuptrue%
   26.16  \isacommand{theorem}\ {\isachardoublequote}{\isasymforall}t\ v\ bs{\isachardot}\ lookup\ {\isacharparenleft}update\ t\ as\ v{\isacharparenright}\ bs\ {\isacharequal}\isanewline
   26.17  \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}if\ as{\isacharequal}bs\ then\ Some\ v\ else\ lookup\ t\ bs{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
   26.18 -%
   26.19 -\begin{isamarkuptxt}%
   26.20 -\noindent
   26.21 -Our plan is to induct on \isa{as}; hence the remaining variables are
   26.22 -quantified. From the definitions it is clear that induction on either
   26.23 -\isa{as} or \isa{bs} is required. The choice of \isa{as} is 
   26.24 -guided by the intuition that simplification of \isa{lookup} might be easier
   26.25 -if \isa{update} has already been simplified, which can only happen if
   26.26 -\isa{as} is instantiated.
   26.27 -The start of the proof is conventional:%
   26.28 -\end{isamarkuptxt}%
   26.29 +\isamarkuptrue%
   26.30 +\isamarkupfalse%
   26.31  \isamarkuptrue%
   26.32 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ as{\isacharcomma}\ auto{\isacharparenright}\isamarkupfalse%
   26.33 -%
   26.34 -\begin{isamarkuptxt}%
   26.35 -\noindent
   26.36 -Unfortunately, this time we are left with three intimidating looking subgoals:
   26.37 -\begin{isabelle}
   26.38 -~1.~\dots~{\isasymLongrightarrow}~lookup~\dots~bs~=~lookup~t~bs\isanewline
   26.39 -~2.~\dots~{\isasymLongrightarrow}~lookup~\dots~bs~=~lookup~t~bs\isanewline
   26.40 -~3.~\dots~{\isasymLongrightarrow}~lookup~\dots~bs~=~lookup~t~bs
   26.41 -\end{isabelle}
   26.42 -Clearly, if we want to make headway we have to instantiate \isa{bs} as
   26.43 -well now. It turns out that instead of induction, case distinction
   26.44 -suffices:%
   26.45 -\end{isamarkuptxt}%
   26.46 -\isamarkuptrue%
   26.47 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac{\isacharbrackleft}{\isacharbang}{\isacharbrackright}\ bs{\isacharcomma}\ auto{\isacharparenright}\isanewline
   26.48  \isamarkupfalse%
   26.49 -\isacommand{done}\isamarkupfalse%
   26.50 +\isamarkupfalse%
   26.51  %
   26.52  \begin{isamarkuptext}%
   26.53  \noindent
    27.1 --- a/doc-src/TutorialI/Types/document/Axioms.tex	Sun Jan 30 20:48:50 2005 +0100
    27.2 +++ b/doc-src/TutorialI/Types/document/Axioms.tex	Tue Feb 01 18:01:57 2005 +0100
    27.3 @@ -49,22 +49,8 @@
    27.4  \end{isamarkuptext}%
    27.5  \isamarkuptrue%
    27.6  \isacommand{lemma}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcolon}{\isacharcolon}{\isacharprime}a{\isacharcolon}{\isacharcolon}parord{\isacharparenright}\ {\isacharless}{\isacharless}\ y\ {\isasymLongrightarrow}\ {\isacharparenleft}{\isasymnot}\ y\ {\isacharless}{\isacharless}\ x{\isacharparenright}\ {\isacharequal}\ True{\isachardoublequote}\isamarkupfalse%
    27.7 -%
    27.8 -\begin{isamarkuptxt}%
    27.9 -\noindent
   27.10 -The conclusion is not just \isa{{\isasymnot}\ y\ {\isacharless}{\isacharless}\ x} because the 
   27.11 -simplifier's preprocessor (see \S\ref{sec:simp-preprocessor})
   27.12 -would turn it into \isa{{\isacharparenleft}y\ {\isacharless}{\isacharless}\ x{\isacharparenright}\ {\isacharequal}\ False}, yielding
   27.13 -a nonterminating rewrite rule.  
   27.14 -(It would be used to try to prove its own precondition \emph{ad
   27.15 -    infinitum}.)
   27.16 -In the form above, the rule is useful.
   27.17 -The type constraint is necessary because otherwise Isabelle would only assume
   27.18 -\isa{{\isacharprime}a{\isacharcolon}{\isacharcolon}ordrel} (as required in the type of \isa{{\isacharless}{\isacharless}}), 
   27.19 -when the proposition is not a theorem.  The proof is easy:%
   27.20 -\end{isamarkuptxt}%
   27.21  \isamarkuptrue%
   27.22 -\isacommand{by}{\isacharparenleft}simp\ add{\isacharcolon}\ less{\isacharunderscore}le\ antisym{\isacharparenright}\isamarkupfalse%
   27.23 +\isamarkupfalse%
   27.24  %
   27.25  \begin{isamarkuptext}%
   27.26  We could now continue in this vein and develop a whole theory of
   27.27 @@ -76,26 +62,10 @@
   27.28  \isamarkuptrue%
   27.29  \isacommand{instance}\ bool\ {\isacharcolon}{\isacharcolon}\ parord\isanewline
   27.30  \isamarkupfalse%
   27.31 -\isacommand{apply}\ intro{\isacharunderscore}classes\isamarkupfalse%
   27.32 -%
   27.33 -\begin{isamarkuptxt}%
   27.34 -\noindent
   27.35 -This time \isa{intro{\isacharunderscore}classes} leaves us with the four axioms,
   27.36 -specialized to type \isa{bool}, as subgoals:
   27.37 -\begin{isabelle}%
   27.38 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isasymColon}bool{\isachardot}\ x\ {\isacharless}{\isacharless}{\isacharequal}\ x\isanewline
   27.39 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}{\isacharparenleft}x{\isasymColon}bool{\isacharparenright}\ {\isacharparenleft}y{\isasymColon}bool{\isacharparenright}\ z{\isasymColon}bool{\isachardot}\ {\isasymlbrakk}x\ {\isacharless}{\isacharless}{\isacharequal}\ y{\isacharsemicolon}\ y\ {\isacharless}{\isacharless}{\isacharequal}\ z{\isasymrbrakk}\ {\isasymLongrightarrow}\ x\ {\isacharless}{\isacharless}{\isacharequal}\ z\isanewline
   27.40 -\ {\isadigit{3}}{\isachardot}\ {\isasymAnd}{\isacharparenleft}x{\isasymColon}bool{\isacharparenright}\ y{\isasymColon}bool{\isachardot}\ {\isasymlbrakk}x\ {\isacharless}{\isacharless}{\isacharequal}\ y{\isacharsemicolon}\ y\ {\isacharless}{\isacharless}{\isacharequal}\ x{\isasymrbrakk}\ {\isasymLongrightarrow}\ x\ {\isacharequal}\ y\isanewline
   27.41 -\ {\isadigit{4}}{\isachardot}\ {\isasymAnd}{\isacharparenleft}x{\isasymColon}bool{\isacharparenright}\ y{\isasymColon}bool{\isachardot}\ {\isacharparenleft}x\ {\isacharless}{\isacharless}\ y{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}x\ {\isacharless}{\isacharless}{\isacharequal}\ y\ {\isasymand}\ x\ {\isasymnoteq}\ y{\isacharparenright}%
   27.42 -\end{isabelle}
   27.43 -Fortunately, the proof is easy for \isa{blast}
   27.44 -once we have unfolded the definitions
   27.45 -of \isa{{\isacharless}{\isacharless}} and \isa{{\isacharless}{\isacharless}{\isacharequal}} at type \isa{bool}:%
   27.46 -\end{isamarkuptxt}%
   27.47 +\isamarkupfalse%
   27.48  \isamarkuptrue%
   27.49 -\isacommand{apply}{\isacharparenleft}simp{\isacharunderscore}all\ {\isacharparenleft}no{\isacharunderscore}asm{\isacharunderscore}use{\isacharparenright}\ only{\isacharcolon}\ le{\isacharunderscore}bool{\isacharunderscore}def\ less{\isacharunderscore}bool{\isacharunderscore}def{\isacharparenright}\isanewline
   27.50  \isamarkupfalse%
   27.51 -\isacommand{by}{\isacharparenleft}blast{\isacharcomma}\ blast{\isacharcomma}\ blast{\isacharcomma}\ blast{\isacharparenright}\isamarkupfalse%
   27.52 +\isamarkupfalse%
   27.53  %
   27.54  \begin{isamarkuptext}%
   27.55  \noindent
   27.56 @@ -106,7 +76,7 @@
   27.57  \isamarkuptrue%
   27.58  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}P{\isacharcolon}{\isacharcolon}bool{\isacharparenright}\ {\isacharless}{\isacharless}\ Q\ {\isasymLongrightarrow}\ {\isasymnot}{\isacharparenleft}Q\ {\isacharless}{\isacharless}\ P{\isacharparenright}{\isachardoublequote}\isanewline
   27.59  \isamarkupfalse%
   27.60 -\isacommand{by}\ simp\isamarkupfalse%
   27.61 +\isamarkupfalse%
   27.62  %
   27.63  \begin{isamarkuptext}%
   27.64  \noindent
   27.65 @@ -138,13 +108,10 @@
   27.66  \isamarkuptrue%
   27.67  \isacommand{lemma}\ {\isachardoublequote}{\isasymAnd}x{\isacharcolon}{\isacharcolon}{\isacharprime}a{\isacharcolon}{\isacharcolon}linord{\isachardot}\ x\ {\isacharless}{\isacharless}\ y\ {\isasymor}\ x\ {\isacharequal}\ y\ {\isasymor}\ y\ {\isacharless}{\isacharless}\ x{\isachardoublequote}\isanewline
   27.68  \isamarkupfalse%
   27.69 -\isacommand{apply}{\isacharparenleft}simp\ add{\isacharcolon}\ less{\isacharunderscore}le{\isacharparenright}\isanewline
   27.70  \isamarkupfalse%
   27.71 -\isacommand{apply}{\isacharparenleft}insert\ linear{\isacharparenright}\isanewline
   27.72  \isamarkupfalse%
   27.73 -\isacommand{apply}\ blast\isanewline
   27.74  \isamarkupfalse%
   27.75 -\isacommand{done}\isamarkupfalse%
   27.76 +\isamarkupfalse%
   27.77  %
   27.78  \begin{isamarkuptext}%
   27.79  Linear orders are an example of subclassing\index{subclasses}
   27.80 @@ -178,28 +145,12 @@
   27.81  \isamarkuptrue%
   27.82  \isacommand{instance}\ parord\ {\isacharless}\ strord\isanewline
   27.83  \isamarkupfalse%
   27.84 -\isacommand{apply}\ intro{\isacharunderscore}classes\isamarkupfalse%
   27.85 -%
   27.86 -\begin{isamarkuptxt}%
   27.87 -\noindent
   27.88 -\begin{isabelle}%
   27.89 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isasymColon}{\isacharprime}a{\isachardot}\ {\isasymnot}\ x\ {\isacharless}{\isacharless}\ x\isanewline
   27.90 -\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}{\isacharparenleft}x{\isasymColon}{\isacharprime}a{\isacharparenright}\ {\isacharparenleft}y{\isasymColon}{\isacharprime}a{\isacharparenright}\ z{\isasymColon}{\isacharprime}a{\isachardot}\ {\isasymlbrakk}x\ {\isacharless}{\isacharless}\ y{\isacharsemicolon}\ y\ {\isacharless}{\isacharless}\ z{\isasymrbrakk}\ {\isasymLongrightarrow}\ x\ {\isacharless}{\isacharless}\ z\isanewline
   27.91 -\ {\isadigit{3}}{\isachardot}\ {\isasymAnd}{\isacharparenleft}x{\isasymColon}{\isacharprime}a{\isacharparenright}\ y{\isasymColon}{\isacharprime}a{\isachardot}\ {\isacharparenleft}x\ {\isacharless}{\isacharless}{\isacharequal}\ y{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}x\ {\isacharless}{\isacharless}\ y\ {\isasymor}\ x\ {\isacharequal}\ y{\isacharparenright}\isanewline
   27.92 -type\ variables{\isacharcolon}\isanewline
   27.93 -\isaindent{\ \ }{\isacharprime}a\ {\isacharcolon}{\isacharcolon}\ parord%
   27.94 -\end{isabelle}
   27.95 -Assuming \isa{{\isacharprime}a\ {\isacharcolon}{\isacharcolon}\ parord}, the three axioms of class \isa{strord}
   27.96 -are easily proved:%
   27.97 -\end{isamarkuptxt}%
   27.98 -\ \ \isamarkuptrue%
   27.99 -\isacommand{apply}{\isacharparenleft}simp{\isacharunderscore}all\ {\isacharparenleft}no{\isacharunderscore}asm{\isacharunderscore}use{\isacharparenright}\ add{\isacharcolon}\ less{\isacharunderscore}le{\isacharparenright}\isanewline
  27.100 -\ \isamarkupfalse%
  27.101 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ trans\ antisym{\isacharparenright}\isanewline
  27.102 +\isamarkupfalse%
  27.103 +\isamarkuptrue%
  27.104  \isamarkupfalse%
  27.105 -\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ refl{\isacharparenright}\isanewline
  27.106 +\isamarkupfalse%
  27.107  \isamarkupfalse%
  27.108 -\isacommand{done}\isamarkupfalse%
  27.109 +\isamarkupfalse%
  27.110  %
  27.111  \begin{isamarkuptext}%
  27.112  The subclass relation must always be acyclic. Therefore Isabelle will
    28.1 --- a/doc-src/TutorialI/Types/document/Numbers.tex	Sun Jan 30 20:48:50 2005 +0100
    28.2 +++ b/doc-src/TutorialI/Types/document/Numbers.tex	Tue Feb 01 18:01:57 2005 +0100
    28.3 @@ -5,23 +5,16 @@
    28.4  \isacommand{theory}\ Numbers\ {\isacharequal}\ Real{\isacharcolon}\isanewline
    28.5  \isanewline
    28.6  \isamarkupfalse%
    28.7 -\isacommand{ML}\ {\isachardoublequote}Pretty{\isachardot}setmargin\ {\isadigit{6}}{\isadigit{4}}{\isachardoublequote}\isanewline
    28.8  \isamarkupfalse%
    28.9 -\isacommand{ML}\ {\isachardoublequote}IsarOutput{\isachardot}indent\ {\isacharcolon}{\isacharequal}\ {\isadigit{0}}{\isachardoublequote}\isamarkupfalse%
   28.10 +\isamarkupfalse%
   28.11  %
   28.12  \begin{isamarkuptext}%
   28.13  numeric literals; default simprules; can re-orient%
   28.14  \end{isamarkuptext}%
   28.15  \isamarkuptrue%
   28.16  \isacommand{lemma}\ {\isachardoublequote}{\isadigit{2}}\ {\isacharasterisk}\ m\ {\isacharequal}\ m\ {\isacharplus}\ m{\isachardoublequote}\isamarkupfalse%
   28.17 -%
   28.18 -\begin{isamarkuptxt}%
   28.19 -\begin{isabelle}%
   28.20 -\ {\isadigit{1}}{\isachardot}\ {\isacharparenleft}{\isadigit{2}}{\isasymColon}{\isacharprime}a{\isacharparenright}\ {\isacharasterisk}\ m\ {\isacharequal}\ m\ {\isacharplus}\ m%
   28.21 -\end{isabelle}%
   28.22 -\end{isamarkuptxt}%
   28.23  \isamarkuptrue%
   28.24 -\isacommand{oops}\isanewline
   28.25 +\isanewline
   28.26  \isanewline
   28.27  \isamarkupfalse%
   28.28  \isacommand{consts}\ h\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat\ {\isasymRightarrow}\ nat{\isachardoublequote}\isanewline
   28.29 @@ -75,23 +68,10 @@
   28.30  \end{isamarkuptext}%
   28.31  \isamarkuptrue%
   28.32  \isacommand{lemma}\ {\isachardoublequote}Suc{\isacharparenleft}i\ {\isacharplus}\ j{\isacharasterisk}l{\isacharasterisk}k\ {\isacharplus}\ m{\isacharasterisk}n{\isacharparenright}\ {\isacharequal}\ f\ {\isacharparenleft}n{\isacharasterisk}m\ {\isacharplus}\ i\ {\isacharplus}\ k{\isacharasterisk}j{\isacharasterisk}l{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
   28.33 -%
   28.34 -\begin{isamarkuptxt}%
   28.35 -\begin{isabelle}%
   28.36 -\ {\isadigit{1}}{\isachardot}\ Suc\ {\isacharparenleft}i\ {\isacharplus}\ j\ {\isacharasterisk}\ l\ {\isacharasterisk}\ k\ {\isacharplus}\ m\ {\isacharasterisk}\ n{\isacharparenright}\ {\isacharequal}\ f\ {\isacharparenleft}n\ {\isacharasterisk}\ m\ {\isacharplus}\ i\ {\isacharplus}\ k\ {\isacharasterisk}\ j\ {\isacharasterisk}\ l{\isacharparenright}%
   28.37 -\end{isabelle}%
   28.38 -\end{isamarkuptxt}%
   28.39  \isamarkuptrue%
   28.40 -\isacommand{apply}\ {\isacharparenleft}simp\ add{\isacharcolon}\ add{\isacharunderscore}ac\ mult{\isacharunderscore}ac{\isacharparenright}\isamarkupfalse%
   28.41 -%
   28.42 -\begin{isamarkuptxt}%
   28.43 -\begin{isabelle}%
   28.44 -\ {\isadigit{1}}{\isachardot}\ Suc\ {\isacharparenleft}i\ {\isacharplus}\ {\isacharparenleft}m\ {\isacharasterisk}\ n\ {\isacharplus}\ j\ {\isacharasterisk}\ {\isacharparenleft}k\ {\isacharasterisk}\ l{\isacharparenright}{\isacharparenright}{\isacharparenright}\ {\isacharequal}\isanewline
   28.45 -\isaindent{\ {\isadigit{1}}{\isachardot}\ }f\ {\isacharparenleft}i\ {\isacharplus}\ {\isacharparenleft}m\ {\isacharasterisk}\ n\ {\isacharplus}\ j\ {\isacharasterisk}\ {\isacharparenleft}k\ {\isacharasterisk}\ l{\isacharparenright}{\isacharparenright}{\isacharparenright}%
   28.46 -\end{isabelle}%
   28.47 -\end{isamarkuptxt}%
   28.48 +\isamarkupfalse%
   28.49  \isamarkuptrue%
   28.50 -\isacommand{oops}\isamarkupfalse%
   28.51 +\isamarkupfalse%
   28.52  %
   28.53  \begin{isamarkuptext}%
   28.54  \begin{isabelle}%
   28.55 @@ -117,33 +97,17 @@
   28.56  \isamarkuptrue%
   28.57  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}n\ {\isacharminus}\ {\isadigit{1}}{\isacharparenright}\ {\isacharasterisk}\ {\isacharparenleft}n\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}\ {\isacharequal}\ n\ {\isacharasterisk}\ n\ {\isacharminus}\ {\isacharparenleft}{\isadigit{1}}{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isachardoublequote}\isanewline
   28.58  \isamarkupfalse%
   28.59 -\isacommand{apply}\ {\isacharparenleft}clarsimp\ split{\isacharcolon}\ nat{\isacharunderscore}diff{\isacharunderscore}split\ iff\ del{\isacharcolon}\ less{\isacharunderscore}Suc{\isadigit{0}}{\isacharparenright}\isanewline
   28.60 -\ %
   28.61 -\isamarkupcmt{\begin{isabelle}%
   28.62 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}d{\isachardot}\ {\isasymlbrakk}n\ {\isacharless}\ Suc\ {\isadigit{0}}{\isacharsemicolon}\ n\ {\isacharasterisk}\ n\ {\isacharequal}\ Suc\ d{\isasymrbrakk}\ {\isasymLongrightarrow}\ d\ {\isacharequal}\ {\isadigit{0}}%
   28.63 -\end{isabelle}%
   28.64 -}
   28.65 +\isamarkupfalse%
   28.66 +\isamarkupfalse%
   28.67  \isanewline
   28.68 -\isamarkupfalse%
   28.69 -\isacommand{apply}\ {\isacharparenleft}subgoal{\isacharunderscore}tac\ {\isachardoublequote}n{\isacharequal}{\isadigit{0}}{\isachardoublequote}{\isacharcomma}\ force{\isacharcomma}\ arith{\isacharparenright}\isanewline
   28.70 -\isamarkupfalse%
   28.71 -\isacommand{done}\isanewline
   28.72  \isanewline
   28.73  \isanewline
   28.74  \isamarkupfalse%
   28.75  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}n\ {\isacharminus}\ {\isadigit{2}}{\isacharparenright}\ {\isacharasterisk}\ {\isacharparenleft}n\ {\isacharplus}\ {\isadigit{2}}{\isacharparenright}\ {\isacharequal}\ n\ {\isacharasterisk}\ n\ {\isacharminus}\ {\isacharparenleft}{\isadigit{4}}{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isachardoublequote}\isanewline
   28.76  \isamarkupfalse%
   28.77 -\isacommand{apply}\ {\isacharparenleft}simp\ split{\isacharcolon}\ nat{\isacharunderscore}diff{\isacharunderscore}split{\isacharcomma}\ clarify{\isacharparenright}\isanewline
   28.78 -\ %
   28.79 -\isamarkupcmt{\begin{isabelle}%
   28.80 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}d{\isachardot}\ {\isasymlbrakk}n\ {\isacharless}\ {\isadigit{2}}{\isacharsemicolon}\ n\ {\isacharasterisk}\ n\ {\isacharequal}\ {\isadigit{4}}\ {\isacharplus}\ d{\isasymrbrakk}\ {\isasymLongrightarrow}\ d\ {\isacharequal}\ {\isadigit{0}}%
   28.81 -\end{isabelle}%
   28.82 -}
   28.83 -\isanewline
   28.84 +\isamarkupfalse%
   28.85  \isamarkupfalse%
   28.86 -\isacommand{apply}\ {\isacharparenleft}subgoal{\isacharunderscore}tac\ {\isachardoublequote}n{\isacharequal}{\isadigit{0}}\ {\isacharbar}\ n{\isacharequal}{\isadigit{1}}{\isachardoublequote}{\isacharcomma}\ force{\isacharcomma}\ arith{\isacharparenright}\isanewline
   28.87  \isamarkupfalse%
   28.88 -\isacommand{done}\isamarkupfalse%
   28.89  %
   28.90  \begin{isamarkuptext}%
   28.91  \begin{isabelle}%
   28.92 @@ -264,12 +228,12 @@
   28.93  \isamarkuptrue%
   28.94  \isacommand{lemma}\ {\isachardoublequote}abs\ {\isacharparenleft}x{\isacharplus}y{\isacharparenright}\ {\isasymle}\ abs\ x\ {\isacharplus}\ abs\ {\isacharparenleft}y\ {\isacharcolon}{\isacharcolon}\ int{\isacharparenright}{\isachardoublequote}\isanewline
   28.95  \isamarkupfalse%
   28.96 -\isacommand{by}\ arith\isanewline
   28.97 +\isanewline
   28.98  \isanewline
   28.99  \isamarkupfalse%
  28.100  \isacommand{lemma}\ {\isachardoublequote}abs\ {\isacharparenleft}{\isadigit{2}}{\isacharasterisk}x{\isacharparenright}\ {\isacharequal}\ {\isadigit{2}}\ {\isacharasterisk}\ abs\ {\isacharparenleft}x\ {\isacharcolon}{\isacharcolon}\ int{\isacharparenright}{\isachardoublequote}\isanewline
  28.101  \isamarkupfalse%
  28.102 -\isacommand{by}\ {\isacharparenleft}simp\ add{\isacharcolon}\ zabs{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
  28.103 +\isamarkupfalse%
  28.104  %
  28.105  \begin{isamarkuptext}%
  28.106  Induction rules for the Integers
  28.107 @@ -344,52 +308,26 @@
  28.108  \isamarkuptrue%
  28.109  \isacommand{lemma}\ {\isachardoublequote}{\isadigit{3}}{\isacharslash}{\isadigit{4}}\ {\isacharless}\ {\isacharparenleft}{\isadigit{7}}{\isacharslash}{\isadigit{8}}\ {\isacharcolon}{\isacharcolon}\ real{\isacharparenright}{\isachardoublequote}\isanewline
  28.110  \isamarkupfalse%
  28.111 -\isacommand{by}\ simp\ \isanewline
  28.112  \isanewline
  28.113  \isamarkupfalse%
  28.114  \isacommand{lemma}\ {\isachardoublequote}P\ {\isacharparenleft}{\isacharparenleft}{\isadigit{3}}{\isacharslash}{\isadigit{4}}{\isacharparenright}\ {\isacharasterisk}\ {\isacharparenleft}{\isadigit{8}}{\isacharslash}{\isadigit{1}}{\isadigit{5}}\ {\isacharcolon}{\isacharcolon}\ real{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
  28.115 -%
  28.116 -\begin{isamarkuptxt}%
  28.117 -\begin{isabelle}%
  28.118 -\ {\isadigit{1}}{\isachardot}\ P\ {\isacharparenleft}{\isadigit{3}}\ {\isacharslash}\ {\isadigit{4}}\ {\isacharasterisk}\ {\isacharparenleft}{\isadigit{8}}\ {\isacharslash}\ {\isadigit{1}}{\isadigit{5}}{\isacharparenright}{\isacharparenright}%
  28.119 -\end{isabelle}%
  28.120 -\end{isamarkuptxt}%
  28.121  \isamarkuptrue%
  28.122 -\isacommand{apply}\ simp\isamarkupfalse%
  28.123 -%
  28.124 -\begin{isamarkuptxt}%
  28.125 -\begin{isabelle}%
  28.126 -\ {\isadigit{1}}{\isachardot}\ P\ {\isacharparenleft}{\isadigit{2}}\ {\isacharslash}\ {\isadigit{5}}{\isacharparenright}%
  28.127 -\end{isabelle}%
  28.128 -\end{isamarkuptxt}%
  28.129 +\isamarkupfalse%
  28.130  \isamarkuptrue%
  28.131 -\isacommand{oops}\isanewline
  28.132 +\isanewline
  28.133  \isanewline
  28.134  \isamarkupfalse%
  28.135  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}{\isadigit{3}}{\isacharslash}{\isadigit{4}}{\isacharparenright}\ {\isacharasterisk}\ {\isacharparenleft}{\isadigit{8}}{\isacharslash}{\isadigit{1}}{\isadigit{5}}{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x\ {\isacharcolon}{\isacharcolon}\ real{\isacharparenright}{\isachardoublequote}\isamarkupfalse%
  28.136 -%
  28.137 -\begin{isamarkuptxt}%
  28.138 -\begin{isabelle}%
  28.139 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{3}}\ {\isacharslash}\ {\isadigit{4}}\ {\isacharasterisk}\ {\isacharparenleft}{\isadigit{8}}\ {\isacharslash}\ {\isadigit{1}}{\isadigit{5}}{\isacharparenright}\ {\isacharless}\ x%
  28.140 -\end{isabelle}%
  28.141 -\end{isamarkuptxt}%
  28.142  \isamarkuptrue%
  28.143 -\isacommand{apply}\ simp\isamarkupfalse%
  28.144 -%
  28.145 -\begin{isamarkuptxt}%
  28.146 -\begin{isabelle}%
  28.147 -\ {\isadigit{1}}{\isachardot}\ {\isadigit{2}}\ {\isacharless}\ x\ {\isacharasterisk}\ {\isadigit{5}}%
  28.148 -\end{isabelle}%
  28.149 -\end{isamarkuptxt}%
  28.150 +\isamarkupfalse%
  28.151  \isamarkuptrue%
  28.152 -\isacommand{oops}\isanewline
  28.153 +\isanewline
  28.154  \isanewline
  28.155  \isamarkupfalse%
  28.156  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}{\isadigit{3}}{\isacharslash}{\isadigit{4}}{\isacharparenright}\ {\isacharasterisk}\ {\isacharparenleft}{\isadigit{1}}{\isadigit{0}}{\isacharcircum}{\isadigit{1}}{\isadigit{5}}{\isacharparenright}\ {\isacharless}\ {\isacharparenleft}x\ {\isacharcolon}{\isacharcolon}\ real{\isacharparenright}{\isachardoublequote}\isanewline
  28.157  \isamarkupfalse%
  28.158 -\isacommand{apply}\ simp\ \isanewline
  28.159  \isamarkupfalse%
  28.160 -\isacommand{oops}\isamarkupfalse%
  28.161 +\isamarkupfalse%
  28.162  %
  28.163  \begin{isamarkuptext}%
  28.164  Ring and Field
  28.165 @@ -417,7 +355,7 @@
  28.166  \rulename{field_mult_cancel_right}%
  28.167  \end{isamarkuptext}%
  28.168  \isamarkuptrue%
  28.169 -\isacommand{ML}{\isacharbraceleft}{\isacharasterisk}set\ show{\isacharunderscore}sorts{\isacharasterisk}{\isacharbraceright}\isamarkupfalse%
  28.170 +\isamarkupfalse%
  28.171  %
  28.172  \begin{isamarkuptext}%
  28.173  effect of show sorts on the above
  28.174 @@ -429,7 +367,7 @@
  28.175  \rulename{field_mult_cancel_right}%
  28.176  \end{isamarkuptext}%
  28.177  \isamarkuptrue%
  28.178 -\isacommand{ML}{\isacharbraceleft}{\isacharasterisk}reset\ show{\isacharunderscore}sorts{\isacharasterisk}{\isacharbraceright}\isamarkupfalse%
  28.179 +\isamarkupfalse%
  28.180  %
  28.181  \begin{isamarkuptext}%
  28.182  absolute value
    29.1 --- a/doc-src/TutorialI/Types/document/Overloading.tex	Sun Jan 30 20:48:50 2005 +0100
    29.2 +++ b/doc-src/TutorialI/Types/document/Overloading.tex	Tue Feb 01 18:01:57 2005 +0100
    29.3 @@ -4,7 +4,7 @@
    29.4  \isamarkupfalse%
    29.5  \isacommand{instance}\ list\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}type{\isacharparenright}ordrel\isanewline
    29.6  \isamarkupfalse%
    29.7 -\isacommand{by}\ intro{\isacharunderscore}classes\isamarkupfalse%
    29.8 +\isamarkupfalse%
    29.9  %
   29.10  \begin{isamarkuptext}%
   29.11  \noindent
    30.1 --- a/doc-src/TutorialI/Types/document/Overloading1.tex	Sun Jan 30 20:48:50 2005 +0100
    30.2 +++ b/doc-src/TutorialI/Types/document/Overloading1.tex	Tue Feb 01 18:01:57 2005 +0100
    30.3 @@ -41,16 +41,8 @@
    30.4  \end{isamarkuptext}%
    30.5  \isamarkuptrue%
    30.6  \isacommand{instance}\ bool\ {\isacharcolon}{\isacharcolon}\ ordrel\isamarkupfalse%
    30.7 -%
    30.8 -\begin{isamarkuptxt}%
    30.9 -\noindent
   30.10 -Command \isacommand{instance} actually starts a proof, namely that
   30.11 -\isa{bool} satisfies all axioms of \isa{ordrel}.
   30.12 -There are none, but we still need to finish that proof, which we do
   30.13 -by invoking the \methdx{intro_classes} method:%
   30.14 -\end{isamarkuptxt}%
   30.15  \isamarkuptrue%
   30.16 -\isacommand{by}\ intro{\isacharunderscore}classes\isamarkupfalse%
   30.17 +\isamarkupfalse%
   30.18  %
   30.19  \begin{isamarkuptext}%
   30.20  \noindent
   30.21 @@ -72,7 +64,7 @@
   30.22  \isamarkuptrue%
   30.23  \isacommand{lemma}\ {\isachardoublequote}False\ {\isacharless}{\isacharless}{\isacharequal}\ P{\isachardoublequote}\isanewline
   30.24  \isamarkupfalse%
   30.25 -\isacommand{by}{\isacharparenleft}simp\ add{\isacharcolon}\ le{\isacharunderscore}bool{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   30.26 +\isamarkupfalse%
   30.27  %
   30.28  \begin{isamarkuptext}%
   30.29  \noindent
    31.1 --- a/doc-src/TutorialI/Types/document/Overloading2.tex	Sun Jan 30 20:48:50 2005 +0100
    31.2 +++ b/doc-src/TutorialI/Types/document/Overloading2.tex	Tue Feb 01 18:01:57 2005 +0100
    31.3 @@ -12,7 +12,7 @@
    31.4  \isamarkuptrue%
    31.5  \isacommand{instance}\ list\ {\isacharcolon}{\isacharcolon}\ {\isacharparenleft}ordrel{\isacharparenright}ordrel\isanewline
    31.6  \isamarkupfalse%
    31.7 -\isacommand{by}\ intro{\isacharunderscore}classes\isanewline
    31.8 +\isanewline
    31.9  \isanewline
   31.10  \isamarkupfalse%
   31.11  \isacommand{defs}\ {\isacharparenleft}\isakeyword{overloaded}{\isacharparenright}\isanewline
    32.1 --- a/doc-src/TutorialI/Types/document/Pairs.tex	Sun Jan 30 20:48:50 2005 +0100
    32.2 +++ b/doc-src/TutorialI/Types/document/Pairs.tex	Tue Feb 01 18:01:57 2005 +0100
    32.3 @@ -67,7 +67,7 @@
    32.4  \isamarkuptrue%
    32.5  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}{\isachardot}x{\isacharparenright}\ p\ {\isacharequal}\ fst\ p{\isachardoublequote}\isanewline
    32.6  \isamarkupfalse%
    32.7 -\isacommand{by}{\isacharparenleft}simp\ add{\isacharcolon}\ split{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
    32.8 +\isamarkupfalse%
    32.9  %
   32.10  \begin{isamarkuptext}%
   32.11  This works well if rewriting with \isa{split{\isacharunderscore}def} finishes the
   32.12 @@ -90,19 +90,11 @@
   32.13  \isamarkuptrue%
   32.14  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}{\isachardot}y{\isacharparenright}\ p\ {\isacharequal}\ snd\ p{\isachardoublequote}\isanewline
   32.15  \isamarkupfalse%
   32.16 -\isacommand{apply}{\isacharparenleft}split\ split{\isacharunderscore}split{\isacharparenright}\isamarkupfalse%
   32.17 -%
   32.18 -\begin{isamarkuptxt}%
   32.19 -\begin{isabelle}%
   32.20 -\ {\isadigit{1}}{\isachardot}\ {\isasymforall}x\ y{\isachardot}\ p\ {\isacharequal}\ {\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymlongrightarrow}\ y\ {\isacharequal}\ snd\ p%
   32.21 -\end{isabelle}
   32.22 -This subgoal is easily proved by simplification. Thus we could have combined
   32.23 -simplification and splitting in one command that proves the goal outright:%
   32.24 -\end{isamarkuptxt}%
   32.25 +\isamarkupfalse%
   32.26  \isamarkuptrue%
   32.27  \isamarkupfalse%
   32.28  \isamarkupfalse%
   32.29 -\isacommand{by}{\isacharparenleft}simp\ split{\isacharcolon}\ split{\isacharunderscore}split{\isacharparenright}\isamarkupfalse%
   32.30 +\isamarkupfalse%
   32.31  %
   32.32  \begin{isamarkuptext}%
   32.33  Let us look at a second example:%
   32.34 @@ -110,42 +102,15 @@
   32.35  \isamarkuptrue%
   32.36  \isacommand{lemma}\ {\isachardoublequote}let\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isacharequal}\ p\ in\ fst\ p\ {\isacharequal}\ x{\isachardoublequote}\isanewline
   32.37  \isamarkupfalse%
   32.38 -\isacommand{apply}{\isacharparenleft}simp\ only{\isacharcolon}\ Let{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   32.39 -%
   32.40 -\begin{isamarkuptxt}%
   32.41 -\begin{isabelle}%
   32.42 -\ {\isadigit{1}}{\isachardot}\ {\isacharparenleft}{\isasymlambda}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}{\isachardot}\ fst\ p\ {\isacharequal}\ x{\isacharparenright}\ p%
   32.43 -\end{isabelle}
   32.44 -A paired \isa{let} reduces to a paired $\lambda$-abstraction, which
   32.45 -can be split as above. The same is true for paired set comprehension:%
   32.46 -\end{isamarkuptxt}%
   32.47 +\isamarkupfalse%
   32.48  \isamarkuptrue%
   32.49  \isamarkupfalse%
   32.50  \isacommand{lemma}\ {\isachardoublequote}p\ {\isasymin}\ {\isacharbraceleft}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}{\isachardot}\ x{\isacharequal}y{\isacharbraceright}\ {\isasymlongrightarrow}\ fst\ p\ {\isacharequal}\ snd\ p{\isachardoublequote}\isanewline
   32.51  \isamarkupfalse%
   32.52 -\isacommand{apply}\ simp\isamarkupfalse%
   32.53 -%
   32.54 -\begin{isamarkuptxt}%
   32.55 -\begin{isabelle}%
   32.56 -\ {\isadigit{1}}{\isachardot}\ split\ op\ {\isacharequal}\ p\ {\isasymlongrightarrow}\ fst\ p\ {\isacharequal}\ snd\ p%
   32.57 -\end{isabelle}
   32.58 -Again, simplification produces a term suitable for \isa{split{\isacharunderscore}split}
   32.59 -as above. If you are worried about the strange form of the premise:
   32.60 -\isa{{\isasymlambda}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}{\isachardot}\ x\ {\isacharequal}\ y} is short for \isa{{\isasymlambda}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}{\isachardot}\ x{\isacharequal}y}.
   32.61 -The same proof procedure works for%
   32.62 -\end{isamarkuptxt}%
   32.63 +\isamarkupfalse%
   32.64  \isamarkuptrue%
   32.65  \isamarkupfalse%
   32.66  \isacommand{lemma}\ {\isachardoublequote}p\ {\isasymin}\ {\isacharbraceleft}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}{\isachardot}\ x{\isacharequal}y{\isacharbraceright}\ {\isasymLongrightarrow}\ fst\ p\ {\isacharequal}\ snd\ p{\isachardoublequote}\isamarkupfalse%
   32.67 -%
   32.68 -\begin{isamarkuptxt}%
   32.69 -\noindent
   32.70 -except that we now have to use \isa{split{\isacharunderscore}split{\isacharunderscore}asm}, because
   32.71 -\isa{split} occurs in the assumptions.
   32.72 -
   32.73 -However, splitting \isa{split} is not always a solution, as no \isa{split}
   32.74 -may be present in the goal. Consider the following function:%
   32.75 -\end{isamarkuptxt}%
   32.76  \isamarkuptrue%
   32.77  \isamarkupfalse%
   32.78  \isacommand{consts}\ swap\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b\ {\isasymRightarrow}\ {\isacharprime}b\ {\isasymtimes}\ {\isacharprime}a{\isachardoublequote}\isanewline
   32.79 @@ -160,50 +125,16 @@
   32.80  \end{isamarkuptext}%
   32.81  \isamarkuptrue%
   32.82  \isacommand{lemma}\ {\isachardoublequote}swap{\isacharparenleft}swap\ p{\isacharparenright}\ {\isacharequal}\ p{\isachardoublequote}\isamarkupfalse%
   32.83 -%
   32.84 -\begin{isamarkuptxt}%
   32.85 -\noindent
   32.86 -simplification will do nothing, because the defining equation for \isa{swap}
   32.87 -expects a pair. Again, we need to turn \isa{p} into a pair first, but this
   32.88 -time there is no \isa{split} in sight. In this case the only thing we can do
   32.89 -is to split the term by hand:%
   32.90 -\end{isamarkuptxt}%
   32.91  \isamarkuptrue%
   32.92 -\isacommand{apply}{\isacharparenleft}case{\isacharunderscore}tac\ p{\isacharparenright}\isamarkupfalse%
   32.93 -%
   32.94 -\begin{isamarkuptxt}%
   32.95 -\noindent
   32.96 -\begin{isabelle}%
   32.97 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ b{\isachardot}\ p\ {\isacharequal}\ {\isacharparenleft}a{\isacharcomma}\ b{\isacharparenright}\ {\isasymLongrightarrow}\ swap\ {\isacharparenleft}swap\ p{\isacharparenright}\ {\isacharequal}\ p%
   32.98 -\end{isabelle}
   32.99 -Again, \methdx{case_tac} is applicable because \isa{{\isasymtimes}} is a datatype.
  32.100 -The subgoal is easily proved by \isa{simp}.
  32.101 -
  32.102 -Splitting by \isa{case{\isacharunderscore}tac} also solves the previous examples and may thus
  32.103 -appear preferable to the more arcane methods introduced first. However, see
  32.104 -the warning about \isa{case{\isacharunderscore}tac} in \S\ref{sec:struct-ind-case}.
  32.105 -
  32.106 -In case the term to be split is a quantified variable, there are more options.
  32.107 -You can split \emph{all} \isa{{\isasymAnd}}-quantified variables in a goal
  32.108 -with the rewrite rule \isa{split{\isacharunderscore}paired{\isacharunderscore}all}:%
  32.109 -\end{isamarkuptxt}%
  32.110 +\isamarkupfalse%
  32.111  \isamarkuptrue%
  32.112  \isamarkupfalse%
  32.113  \isacommand{lemma}\ {\isachardoublequote}{\isasymAnd}p\ q{\isachardot}\ swap{\isacharparenleft}swap\ p{\isacharparenright}\ {\isacharequal}\ q\ {\isasymlongrightarrow}\ p\ {\isacharequal}\ q{\isachardoublequote}\isanewline
  32.114  \isamarkupfalse%
  32.115 -\isacommand{apply}{\isacharparenleft}simp\ only{\isacharcolon}\ split{\isacharunderscore}paired{\isacharunderscore}all{\isacharparenright}\isamarkupfalse%
  32.116 -%
  32.117 -\begin{isamarkuptxt}%
  32.118 -\noindent
  32.119 -\begin{isabelle}%
  32.120 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ b\ aa\ ba{\isachardot}\isanewline
  32.121 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }swap\ {\isacharparenleft}swap\ {\isacharparenleft}a{\isacharcomma}\ b{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}aa{\isacharcomma}\ ba{\isacharparenright}\ {\isasymlongrightarrow}\ {\isacharparenleft}a{\isacharcomma}\ b{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}aa{\isacharcomma}\ ba{\isacharparenright}%
  32.122 -\end{isabelle}%
  32.123 -\end{isamarkuptxt}%
  32.124 +\isamarkupfalse%
  32.125  \isamarkuptrue%
  32.126 -\isacommand{apply}\ simp\isanewline
  32.127  \isamarkupfalse%
  32.128 -\isacommand{done}\isamarkupfalse%
  32.129 +\isamarkupfalse%
  32.130  %
  32.131  \begin{isamarkuptext}%
  32.132  \noindent
  32.133 @@ -218,7 +149,7 @@
  32.134  \end{isamarkuptext}%
  32.135  \isamarkuptrue%
  32.136  \isamarkupfalse%
  32.137 -\isacommand{apply}{\isacharparenleft}simp\ add{\isacharcolon}\ split{\isacharunderscore}paired{\isacharunderscore}all{\isacharparenright}\isamarkupfalse%
  32.138 +\isamarkupfalse%
  32.139  \isamarkupfalse%
  32.140  %
  32.141  \begin{isamarkuptext}%
  32.142 @@ -229,7 +160,7 @@
  32.143  \isamarkuptrue%
  32.144  \isacommand{lemma}\ {\isachardoublequote}{\isasymforall}p{\isachardot}\ {\isasymexists}q{\isachardot}\ swap\ p\ {\isacharequal}\ swap\ q{\isachardoublequote}\isanewline
  32.145  \isamarkupfalse%
  32.146 -\isacommand{by}\ simp\isamarkupfalse%
  32.147 +\isamarkupfalse%
  32.148  %
  32.149  \begin{isamarkuptext}%
  32.150  \noindent
    33.1 --- a/doc-src/TutorialI/Types/document/Records.tex	Sun Jan 30 20:48:50 2005 +0100
    33.2 +++ b/doc-src/TutorialI/Types/document/Records.tex	Tue Feb 01 18:01:57 2005 +0100
    33.3 @@ -77,7 +77,7 @@
    33.4  \isamarkuptrue%
    33.5  \isacommand{lemma}\ {\isachardoublequote}Xcoord\ {\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isasymrparr}\ {\isacharequal}\ a{\isachardoublequote}\isanewline
    33.6  \ \ \isamarkupfalse%
    33.7 -\isacommand{by}\ simp\isamarkupfalse%
    33.8 +\isamarkupfalse%
    33.9  %
   33.10  \begin{isamarkuptext}%
   33.11  The \emph{update}\index{update!record} operation is functional.  For
   33.12 @@ -88,7 +88,7 @@
   33.13  \isacommand{lemma}\ {\isachardoublequote}{\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isasymrparr}{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ {\isadigit{0}}{\isasymrparr}\ {\isacharequal}\isanewline
   33.14  \ \ \ \ {\isasymlparr}Xcoord\ {\isacharequal}\ {\isadigit{0}}{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isasymrparr}{\isachardoublequote}\isanewline
   33.15  \ \ \isamarkupfalse%
   33.16 -\isacommand{by}\ simp\isamarkupfalse%
   33.17 +\isamarkupfalse%
   33.18  %
   33.19  \begin{isamarkuptext}%
   33.20  \begin{warn}
   33.21 @@ -139,7 +139,7 @@
   33.22  \isamarkuptrue%
   33.23  \isacommand{lemma}\ {\isachardoublequote}Xcoord\ {\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isacharcomma}\ {\isasymdots}\ {\isacharequal}\ p{\isasymrparr}\ {\isacharequal}\ a{\isachardoublequote}\isanewline
   33.24  \ \ \isamarkupfalse%
   33.25 -\isacommand{by}\ simp\isamarkupfalse%
   33.26 +\isamarkupfalse%
   33.27  %
   33.28  \begin{isamarkuptext}%
   33.29  This lemma applies to any record whose first two fields are \isa{Xcoord} and~\isa{Ycoord}.  Note that \isa{{\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isacharcomma}\ {\isasymdots}\ {\isacharequal}\ {\isacharparenleft}{\isacharparenright}{\isasymrparr}} is exactly the same as \isa{{\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isasymrparr}}.  Selectors and updates are always polymorphic wrt.\ the
   33.30 @@ -152,7 +152,7 @@
   33.31  \isamarkuptrue%
   33.32  \isacommand{lemma}\ {\isachardoublequote}point{\isachardot}more\ cpt{\isadigit{1}}\ {\isacharequal}\ {\isasymlparr}col\ {\isacharequal}\ Green{\isasymrparr}{\isachardoublequote}\isanewline
   33.33  \ \ \isamarkupfalse%
   33.34 -\isacommand{by}\ {\isacharparenleft}simp\ add{\isacharcolon}\ cpt{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   33.35 +\isamarkupfalse%
   33.36  %
   33.37  \begin{isamarkuptext}%
   33.38  We see that the colour part attached to this \isa{point} is a
   33.39 @@ -204,7 +204,7 @@
   33.40  \isamarkuptrue%
   33.41  \isacommand{lemma}\ {\isachardoublequote}incX\ r\ {\isacharequal}\ setX\ r\ {\isacharparenleft}getX\ r\ {\isacharplus}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequote}\isanewline
   33.42  \ \ \isamarkupfalse%
   33.43 -\isacommand{by}\ {\isacharparenleft}simp\ add{\isacharcolon}\ getX{\isacharunderscore}def\ setX{\isacharunderscore}def\ incX{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   33.44 +\isamarkupfalse%
   33.45  %
   33.46  \begin{isamarkuptext}%
   33.47  \begin{warn}
   33.48 @@ -231,7 +231,7 @@
   33.49  \isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}{\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isasymrparr}\ {\isacharequal}\ {\isasymlparr}Xcoord\ {\isacharequal}\ a{\isacharprime}{\isacharcomma}\ Ycoord\ {\isacharequal}\ b{\isacharprime}{\isasymrparr}{\isacharparenright}\ {\isacharequal}\isanewline
   33.50  \ \ \ \ {\isacharparenleft}a\ {\isacharequal}\ a{\isacharprime}\ {\isasymand}\ b\ {\isacharequal}\ b{\isacharprime}{\isacharparenright}{\isachardoublequote}\isanewline
   33.51  \ \ \isamarkupfalse%
   33.52 -\isacommand{by}\ simp\isamarkupfalse%
   33.53 +\isamarkupfalse%
   33.54  %
   33.55  \begin{isamarkuptext}%
   33.56  The following equality is similar, but generic, in that \isa{r}
   33.57 @@ -240,7 +240,7 @@
   33.58  \isamarkuptrue%
   33.59  \isacommand{lemma}\ {\isachardoublequote}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharcomma}\ Ycoord\ {\isacharcolon}{\isacharequal}\ b{\isasymrparr}\ {\isacharequal}\ r{\isasymlparr}Ycoord\ {\isacharcolon}{\isacharequal}\ b{\isacharcomma}\ Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}{\isachardoublequote}\isanewline
   33.60  \ \ \isamarkupfalse%
   33.61 -\isacommand{by}\ simp\isamarkupfalse%
   33.62 +\isamarkupfalse%
   33.63  %
   33.64  \begin{isamarkuptext}%
   33.65  We see above the syntax for iterated updates.  We could equivalently
   33.66 @@ -253,7 +253,7 @@
   33.67  \isamarkuptrue%
   33.68  \isacommand{lemma}\ {\isachardoublequote}r\ {\isacharequal}\ {\isasymlparr}Xcoord\ {\isacharequal}\ Xcoord\ r{\isacharcomma}\ Ycoord\ {\isacharequal}\ Ycoord\ r{\isasymrparr}{\isachardoublequote}\isanewline
   33.69  \ \ \isamarkupfalse%
   33.70 -\isacommand{by}\ simp\isamarkupfalse%
   33.71 +\isamarkupfalse%
   33.72  %
   33.73  \begin{isamarkuptext}%
   33.74  The generic version of this equality includes the pseudo-field
   33.75 @@ -262,7 +262,7 @@
   33.76  \isamarkuptrue%
   33.77  \isacommand{lemma}\ {\isachardoublequote}r\ {\isacharequal}\ {\isasymlparr}Xcoord\ {\isacharequal}\ Xcoord\ r{\isacharcomma}\ Ycoord\ {\isacharequal}\ Ycoord\ r{\isacharcomma}\ {\isasymdots}\ {\isacharequal}\ point{\isachardot}more\ r{\isasymrparr}{\isachardoublequote}\isanewline
   33.78  \ \ \isamarkupfalse%
   33.79 -\isacommand{by}\ simp\isamarkupfalse%
   33.80 +\isamarkupfalse%
   33.81  %
   33.82  \begin{isamarkuptext}%
   33.83  \medskip The simplifier can prove many record equalities
   33.84 @@ -272,9 +272,8 @@
   33.85  \isamarkuptrue%
   33.86  \isacommand{lemma}\ {\isachardoublequote}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}\ {\isacharequal}\ r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharprime}{\isasymrparr}\ {\isasymLongrightarrow}\ a\ {\isacharequal}\ a{\isacharprime}{\isachardoublequote}\isanewline
   33.87  \ \ \isamarkupfalse%
   33.88 -\isacommand{apply}\ simp{\isacharquery}\isanewline
   33.89 -\ \ \isamarkupfalse%
   33.90 -\isacommand{oops}\isamarkupfalse%
   33.91 +\isamarkupfalse%
   33.92 +\isamarkupfalse%
   33.93  %
   33.94  \begin{isamarkuptext}%
   33.95  Here the simplifier can do nothing, since general record equality is
   33.96 @@ -285,19 +284,10 @@
   33.97  \isamarkuptrue%
   33.98  \isacommand{lemma}\ {\isachardoublequote}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}\ {\isacharequal}\ r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharprime}{\isasymrparr}\ {\isasymLongrightarrow}\ a\ {\isacharequal}\ a{\isacharprime}{\isachardoublequote}\isanewline
   33.99  \ \ \isamarkupfalse%
  33.100 -\isacommand{apply}\ {\isacharparenleft}drule{\isacharunderscore}tac\ f\ {\isacharequal}\ Xcoord\ \isakeyword{in}\ arg{\isacharunderscore}cong{\isacharparenright}\isamarkupfalse%
  33.101 -%
  33.102 -\begin{isamarkuptxt}%
  33.103 -\begin{isabelle}%
  33.104 -\ {\isadigit{1}}{\isachardot}\ Xcoord\ {\isacharparenleft}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}{\isacharparenright}\ {\isacharequal}\ Xcoord\ {\isacharparenleft}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharprime}{\isasymrparr}{\isacharparenright}\ {\isasymLongrightarrow}\ a\ {\isacharequal}\ a{\isacharprime}%
  33.105 -\end{isabelle}
  33.106 -    Now, \isa{simp} will reduce the assumption to the desired
  33.107 -    conclusion.%
  33.108 -\end{isamarkuptxt}%
  33.109 -\ \ \isamarkuptrue%
  33.110 -\isacommand{apply}\ simp\isanewline
  33.111 -\ \ \isamarkupfalse%
  33.112 -\isacommand{done}\isamarkupfalse%
  33.113 +\isamarkupfalse%
  33.114 +\isamarkuptrue%
  33.115 +\isamarkupfalse%
  33.116 +\isamarkupfalse%
  33.117  %
  33.118  \begin{isamarkuptext}%
  33.119  The \isa{cases} method is preferable to such a forward proof.  We
  33.120 @@ -305,31 +295,11 @@
  33.121  \end{isamarkuptext}%
  33.122  \isamarkuptrue%
  33.123  \isacommand{lemma}\ {\isachardoublequote}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}\ {\isacharequal}\ r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharprime}{\isasymrparr}\ {\isasymLongrightarrow}\ a\ {\isacharequal}\ a{\isacharprime}{\isachardoublequote}\isamarkupfalse%
  33.124 -%
  33.125 -\begin{isamarkuptxt}%
  33.126 -The \methdx{cases} method adds an equality to replace the
  33.127 -  named record term by an explicit record expression, listing all
  33.128 -  fields.  It even includes the pseudo-field \isa{more}, since the
  33.129 -  record equality stated here is generic for all extensions.%
  33.130 -\end{isamarkuptxt}%
  33.131 -\ \ \isamarkuptrue%
  33.132 -\isacommand{apply}\ {\isacharparenleft}cases\ r{\isacharparenright}\isamarkupfalse%
  33.133 -%
  33.134 -\begin{isamarkuptxt}%
  33.135 -\begin{isabelle}%
  33.136 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}Xcoord\ Ycoord\ more{\isachardot}\isanewline
  33.137 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymlbrakk}r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isasymrparr}\ {\isacharequal}\ r{\isasymlparr}Xcoord\ {\isacharcolon}{\isacharequal}\ a{\isacharprime}{\isasymrparr}{\isacharsemicolon}\isanewline
  33.138 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ \ }r\ {\isacharequal}\ {\isasymlparr}Xcoord\ {\isacharequal}\ Xcoord{\isacharcomma}\ Ycoord\ {\isacharequal}\ Ycoord{\isacharcomma}\ {\isasymdots}\ {\isacharequal}\ more{\isasymrparr}{\isasymrbrakk}\isanewline
  33.139 -\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ a\ {\isacharequal}\ a{\isacharprime}%
  33.140 -\end{isabelle} Again, \isa{simp} finishes the proof.  Because \isa{r} is now represented as
  33.141 -  an explicit record construction, the updates can be applied and the
  33.142 -  record equality can be replaced by equality of the corresponding
  33.143 -  fields (due to injectivity).%
  33.144 -\end{isamarkuptxt}%
  33.145 -\ \ \isamarkuptrue%
  33.146 -\isacommand{apply}\ simp\isanewline
  33.147 -\ \ \isamarkupfalse%
  33.148 -\isacommand{done}\isamarkupfalse%
  33.149 +\isamarkuptrue%
  33.150 +\isamarkupfalse%
  33.151 +\isamarkuptrue%
  33.152 +\isamarkupfalse%
  33.153 +\isamarkupfalse%
  33.154  %
  33.155  \begin{isamarkuptext}%
  33.156  The generic cases method does not admit references to locally bound
  33.157 @@ -416,17 +386,10 @@
  33.158  \isamarkuptrue%
  33.159  \isacommand{lemma}\ {\isachardoublequote}cpt{\isadigit{1}}\ {\isacharequal}\ cpt{\isadigit{2}}{\isachardoublequote}\isanewline
  33.160  \ \ \isamarkupfalse%
  33.161 -\isacommand{apply}\ {\isacharparenleft}simp\ add{\isacharcolon}\ cpt{\isadigit{1}}{\isacharunderscore}def\ cpt{\isadigit{2}}{\isacharunderscore}def\ point{\isachardot}defs\ cpoint{\isachardot}defs{\isacharparenright}\isamarkupfalse%
  33.162 -%
  33.163 -\begin{isamarkuptxt}%
  33.164 -\begin{isabelle}%
  33.165 -\ {\isadigit{1}}{\isachardot}\ Xcoord\ pt{\isadigit{1}}\ {\isacharequal}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}\ {\isasymand}\ Ycoord\ pt{\isadigit{1}}\ {\isacharequal}\ {\isadigit{2}}{\isadigit{3}}%
  33.166 -\end{isabelle}%
  33.167 -\end{isamarkuptxt}%
  33.168 -\ \ \isamarkuptrue%
  33.169 -\isacommand{apply}\ {\isacharparenleft}simp\ add{\isacharcolon}\ pt{\isadigit{1}}{\isacharunderscore}def{\isacharparenright}\isanewline
  33.170 -\ \ \isamarkupfalse%
  33.171 -\isacommand{done}\isamarkupfalse%
  33.172 +\isamarkupfalse%
  33.173 +\isamarkuptrue%
  33.174 +\isamarkupfalse%
  33.175 +\isamarkupfalse%
  33.176  %
  33.177  \begin{isamarkuptext}%
  33.178  In the example below, a coloured point is truncated to leave a
  33.179 @@ -435,7 +398,7 @@
  33.180  \isamarkuptrue%
  33.181  \isacommand{lemma}\ {\isachardoublequote}point{\isachardot}truncate\ cpt{\isadigit{2}}\ {\isacharequal}\ pt{\isadigit{1}}{\isachardoublequote}\isanewline
  33.182  \ \ \isamarkupfalse%
  33.183 -\isacommand{by}\ {\isacharparenleft}simp\ add{\isacharcolon}\ pt{\isadigit{1}}{\isacharunderscore}def\ cpt{\isadigit{2}}{\isacharunderscore}def\ point{\isachardot}defs{\isacharparenright}\isamarkupfalse%
  33.184 +\isamarkupfalse%
  33.185  %
  33.186  \begin{isamarkuptext}%
  33.187  \begin{exercise}
    34.1 --- a/doc-src/TutorialI/Types/document/Typedefs.tex	Sun Jan 30 20:48:50 2005 +0100
    34.2 +++ b/doc-src/TutorialI/Types/document/Typedefs.tex	Tue Feb 01 18:01:57 2005 +0100
    34.3 @@ -87,21 +87,9 @@
    34.4  \end{isamarkuptext}%
    34.5  \isamarkuptrue%
    34.6  \isacommand{typedef}\ three\ {\isacharequal}\ {\isachardoublequote}{\isacharbraceleft}{\isadigit{0}}{\isacharcolon}{\isacharcolon}nat{\isacharcomma}\ {\isadigit{1}}{\isacharcomma}\ {\isadigit{2}}{\isacharbraceright}{\isachardoublequote}\isamarkupfalse%
    34.7 -%
    34.8 -\begin{isamarkuptxt}%
    34.9 -\noindent
   34.10 -In order to enforce that the representing set on the right-hand side is
   34.11 -non-empty, this definition actually starts a proof to that effect:
   34.12 -\begin{isabelle}%
   34.13 -\ {\isadigit{1}}{\isachardot}\ {\isasymexists}x{\isachardot}\ x\ {\isasymin}\ {\isacharbraceleft}{\isadigit{0}}{\isacharcomma}\ {\isadigit{1}}{\isacharcomma}\ {\isadigit{2}}{\isacharbraceright}%
   34.14 -\end{isabelle}
   34.15 -Fortunately, this is easy enough to show, even \isa{auto} could do it.
   34.16 -In general, one has to provide a witness, in our case 0:%
   34.17 -\end{isamarkuptxt}%
   34.18  \isamarkuptrue%
   34.19 -\isacommand{apply}{\isacharparenleft}rule{\isacharunderscore}tac\ x\ {\isacharequal}\ {\isadigit{0}}\ \isakeyword{in}\ exI{\isacharparenright}\isanewline
   34.20  \isamarkupfalse%
   34.21 -\isacommand{by}\ simp\isamarkupfalse%
   34.22 +\isamarkupfalse%
   34.23  %
   34.24  \begin{isamarkuptext}%
   34.25  This type definition introduces the new type \isa{three} and asserts
   34.26 @@ -200,7 +188,7 @@
   34.27  \isamarkuptrue%
   34.28  \isacommand{lemma}\ {\isachardoublequote}A\ {\isasymnoteq}\ B\ {\isasymand}\ B\ {\isasymnoteq}\ A\ {\isasymand}\ A\ {\isasymnoteq}\ C\ {\isasymand}\ C\ {\isasymnoteq}\ A\ {\isasymand}\ B\ {\isasymnoteq}\ C\ {\isasymand}\ C\ {\isasymnoteq}\ B{\isachardoublequote}\isanewline
   34.29  \isamarkupfalse%
   34.30 -\isacommand{by}{\isacharparenleft}simp\ add{\isacharcolon}\ Abs{\isacharunderscore}three{\isacharunderscore}inject\ A{\isacharunderscore}def\ B{\isacharunderscore}def\ C{\isacharunderscore}def\ three{\isacharunderscore}def{\isacharparenright}\isamarkupfalse%
   34.31 +\isamarkupfalse%
   34.32  %
   34.33  \begin{isamarkuptext}%
   34.34  \noindent
   34.35 @@ -213,24 +201,11 @@
   34.36  \end{isamarkuptext}%
   34.37  \isamarkuptrue%
   34.38  \isacommand{lemma}\ three{\isacharunderscore}cases{\isacharcolon}\ {\isachardoublequote}{\isasymlbrakk}\ P\ A{\isacharsemicolon}\ P\ B{\isacharsemicolon}\ P\ C\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ x{\isachardoublequote}\isamarkupfalse%
   34.39 -%
   34.40 -\begin{isamarkuptxt}%
   34.41 -\noindent Again this follows easily from a pre-proved general theorem:%
   34.42 -\end{isamarkuptxt}%
   34.43 +\isamarkuptrue%
   34.44 +\isamarkupfalse%
   34.45  \isamarkuptrue%
   34.46 -\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ x\ rule{\isacharcolon}\ Abs{\isacharunderscore}three{\isacharunderscore}induct{\isacharparenright}\isamarkupfalse%
   34.47 -%
   34.48 -\begin{isamarkuptxt}%
   34.49 -\begin{isabelle}%
   34.50 -\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}y{\isachardot}\ {\isasymlbrakk}P\ A{\isacharsemicolon}\ P\ B{\isacharsemicolon}\ P\ C{\isacharsemicolon}\ y\ {\isasymin}\ three{\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ {\isacharparenleft}Abs{\isacharunderscore}three\ y{\isacharparenright}%
   34.51 -\end{isabelle}
   34.52 -Simplification with \isa{three{\isacharunderscore}def} leads to the disjunction \isa{y\ {\isacharequal}\ {\isadigit{0}}\ {\isasymor}\ y\ {\isacharequal}\ {\isadigit{1}}\ {\isasymor}\ y\ {\isacharequal}\ {\isadigit{2}}} which \isa{auto} separates into three
   34.53 -subgoals, each of which is easily solved by simplification:%
   34.54 -\end{isamarkuptxt}%
   34.55 -\isamarkuptrue%
   34.56 -\isacommand{apply}{\isacharparenleft}auto\ simp\ add{\isacharcolon}\ three{\isacharunderscore}def\ A{\isacharunderscore}def\ B{\isacharunderscore}def\ C{\isacharunderscore}def{\isacharparenright}\isanewline
   34.57  \isamarkupfalse%
   34.58 -\isacommand{done}\isamarkupfalse%
   34.59 +\isamarkupfalse%
   34.60  %
   34.61  \begin{isamarkuptext}%
   34.62  \noindent
    35.1 --- a/src/FOL/FOL.thy	Sun Jan 30 20:48:50 2005 +0100
    35.2 +++ b/src/FOL/FOL.thy	Tue Feb 01 18:01:57 2005 +0100
    35.3 @@ -5,9 +5,12 @@
    35.4  
    35.5  header {* Classical first-order logic *}
    35.6  
    35.7 -theory FOL = IFOL
    35.8 -files
    35.9 -  ("FOL_lemmas1.ML") ("cladata.ML") ("blastdata.ML") ("simpdata.ML"):
   35.10 +theory FOL 
   35.11 +imports IFOL
   35.12 +files ("FOL_lemmas1.ML") ("cladata.ML") ("blastdata.ML") ("simpdata.ML")
   35.13 +      ("eqrule_FOL_data.ML")
   35.14 +      ("~~/src/Provers/eqsubst.ML")
   35.15 +begin  
   35.16  
   35.17  
   35.18  subsection {* The classical axiom *}
   35.19 @@ -43,6 +46,15 @@
   35.20  setup Splitter.setup
   35.21  setup Clasimp.setup
   35.22  
   35.23 +
   35.24 +subsection {* Lucas Dixon's eqstep tactic *}
   35.25 +
   35.26 +use "~~/src/Provers/eqsubst.ML";
   35.27 +use "eqrule_FOL_data.ML";
   35.28 +
   35.29 +setup EQSubstTac.setup
   35.30 +
   35.31 +
   35.32  subsection {* Other simple lemmas *}
   35.33  
   35.34  lemma [simp]: "((P-->R) <-> (Q-->R)) <-> ((P<->Q) | R)"
    36.1 --- a/src/FOL/IFOL.thy	Sun Jan 30 20:48:50 2005 +0100
    36.2 +++ b/src/FOL/IFOL.thy	Tue Feb 01 18:01:57 2005 +0100
    36.3 @@ -5,8 +5,10 @@
    36.4  
    36.5  header {* Intuitionistic first-order logic *}
    36.6  
    36.7 -theory IFOL = Pure
    36.8 -files ("IFOL_lemmas.ML") ("fologic.ML") ("hypsubstdata.ML") ("intprover.ML"):
    36.9 +theory IFOL
   36.10 +imports Pure
   36.11 +files ("IFOL_lemmas.ML") ("fologic.ML") ("hypsubstdata.ML") ("intprover.ML")
   36.12 +begin
   36.13  
   36.14  
   36.15  subsection {* Syntax and axiomatic basis *}
   36.16 @@ -268,8 +270,6 @@
   36.17    mp
   36.18    trans
   36.19  
   36.20 -
   36.21 -
   36.22  subsection {* ``Let'' declarations *}
   36.23  
   36.24  nonterminals letbinds letbind
    37.1 --- a/src/FOL/IsaMakefile	Sun Jan 30 20:48:50 2005 +0100
    37.2 +++ b/src/FOL/IsaMakefile	Tue Feb 01 18:01:57 2005 +0100
    37.3 @@ -32,6 +32,8 @@
    37.4    $(SRC)/Provers/clasimp.ML $(SRC)/Provers/classical.ML \
    37.5    $(SRC)/Provers/hypsubst.ML $(SRC)/Provers/ind.ML $(SRC)/Provers/induct_method.ML \
    37.6    $(SRC)/Provers/simplifier.ML $(SRC)/Provers/splitter.ML $(SRC)/Provers/quantifier1.ML\
    37.7 +  $(SRC)/Provers/eqsubst.ML\
    37.8 +  eqrule_FOL_data.ML\
    37.9    FOL.ML FOL.thy FOL_lemmas1.ML IFOL.ML IFOL.thy \
   37.10    IFOL_lemmas.ML ROOT.ML blastdata.ML cladata.ML document/root.tex \
   37.11    fologic.ML hypsubstdata.ML intprover.ML simpdata.ML
    38.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    38.2 +++ b/src/FOL/eqrule_FOL_data.ML	Tue Feb 01 18:01:57 2005 +0100
    38.3 @@ -0,0 +1,57 @@
    38.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    38.5 +(*  Title:      sys/eqrule_FOL_data.ML
    38.6 +    Author:     Lucas Dixon, University of Edinburgh
    38.7 +                lucas.dixon@ed.ac.uk
    38.8 +    Created:    18 Feb 2004
    38.9 +*)
   38.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   38.11 +(*  DESCRIPTION:
   38.12 +
   38.13 +    Data for equality rules in the logic
   38.14 +
   38.15 +*)   
   38.16 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   38.17 +
   38.18 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   38.19 +structure ZF_EqRuleData : EQRULE_DATA =
   38.20 +struct
   38.21 +
   38.22 +fun mk_eq th = case concl_of th of
   38.23 +        Const("==",_)$_$_       => Some (th)
   38.24 +    |   _$(Const("op <->",_)$_$_) => Some (th RS iff_reflection)
   38.25 +    |   _$(Const("op =",_)$_$_) => Some (th RS eq_reflection)
   38.26 +    |   _ => None;
   38.27 +
   38.28 +val tranformation_pairs =
   38.29 +  [("op -->", [mp]), ("op &", [conjunct1,conjunct2]),
   38.30 +   ("All", [spec]), ("True", []), ("False", [])];
   38.31 +
   38.32 +(*
   38.33 +val mk_atomize:      (string * thm list) list -> thm -> thm list
   38.34 +looks too specific to move it somewhere else
   38.35 +*)
   38.36 +fun mk_atomize pairs =
   38.37 +  let fun atoms th =
   38.38 +        (case Thm.concl_of th of
   38.39 +           Const("Trueprop",_) $ p =>
   38.40 +             (case Term.head_of p of
   38.41 +                Const(a,_) =>
   38.42 +                  (case Library.assoc(pairs,a) of
   38.43 +                     Some(rls) => flat (map atoms ([th] RL rls))
   38.44 +                   | None => [th])
   38.45 +              | _ => [th])
   38.46 +         | _ => [th])
   38.47 +  in atoms end;
   38.48 +
   38.49 +val prep_meta_eq = 
   38.50 +    (mapfilter  
   38.51 +       mk_eq
   38.52 +       o (mk_atomize tranformation_pairs)
   38.53 +       o Drule.gen_all 
   38.54 +       o zero_var_indexes)
   38.55 +
   38.56 +end;
   38.57 +structure EqRuleData = ZF_EqRuleData;
   38.58 +
   38.59 +structure EQSubstTac = 
   38.60 +  EQSubstTacFUN(structure EqRuleData = EqRuleData);
    39.1 --- a/src/HOL/Algebra/UnivPoly.thy	Sun Jan 30 20:48:50 2005 +0100
    39.2 +++ b/src/HOL/Algebra/UnivPoly.thy	Tue Feb 01 18:01:57 2005 +0100
    39.3 @@ -357,7 +357,7 @@
    39.4        case 0 then show ?case by (simp add: Pi_def)
    39.5      next
    39.6        case (Suc k) then show ?case
    39.7 -        by (subst finsum_Suc2) (simp add: Pi_def a_comm)+
    39.8 +        by (simplesubst finsum_Suc2) (simp add: Pi_def a_comm)+
    39.9      qed
   39.10    }
   39.11    note l = this
    40.1 --- a/src/HOL/Algebra/poly/LongDiv.thy	Sun Jan 30 20:48:50 2005 +0100
    40.2 +++ b/src/HOL/Algebra/poly/LongDiv.thy	Tue Feb 01 18:01:57 2005 +0100
    40.3 @@ -18,12 +18,10 @@
    40.4    "!! f::(nat=>'a::ring). (ALL i. i < m --> f i = 0) --> 
    40.5    setsum (%i. f (i+m)) {..d} = setsum f {..m+d}"
    40.6    apply (induct_tac d)
    40.7 -  apply (induct_tac m)
    40.8 -  apply (simp)
    40.9 -  apply (force)
   40.10 -  apply (simp)
   40.11 -  apply (subst ab_semigroup_add.add_commute[of m])
   40.12 -  apply (simp)
   40.13 +   apply (induct_tac m)
   40.14 +    apply (simp)
   40.15 +   apply (force)
   40.16 +  apply (simp add: ab_semigroup_add.add_commute[of m]) 
   40.17    done
   40.18  
   40.19  end
    41.1 --- a/src/HOL/Algebra/poly/UnivPoly2.thy	Sun Jan 30 20:48:50 2005 +0100
    41.2 +++ b/src/HOL/Algebra/poly/UnivPoly2.thy	Tue Feb 01 18:01:57 2005 +0100
    41.3 @@ -7,7 +7,9 @@
    41.4  
    41.5  header {* Univariate Polynomials *}
    41.6  
    41.7 -theory UnivPoly2 = Abstract:
    41.8 +theory UnivPoly2
    41.9 +imports "../abstract/Abstract"
   41.10 +begin
   41.11  
   41.12  (* already proved in Finite_Set.thy
   41.13  
    42.1 --- a/src/HOL/Complex/Complex.thy	Sun Jan 30 20:48:50 2005 +0100
    42.2 +++ b/src/HOL/Complex/Complex.thy	Tue Feb 01 18:01:57 2005 +0100
    42.3 @@ -865,9 +865,7 @@
    42.4                 iszero_def)  
    42.5  
    42.6  lemma complex_number_of_cnj [simp]: "cnj(number_of v :: complex) = number_of v"
    42.7 -apply (subst complex_number_of [symmetric])
    42.8 -apply (rule complex_cnj_complex_of_real)
    42.9 -done
   42.10 +by (simp only: complex_number_of [symmetric] complex_cnj_complex_of_real)
   42.11  
   42.12  lemma complex_number_of_cmod: 
   42.13        "cmod(number_of v :: complex) = abs (number_of v :: real)"
    43.1 --- a/src/HOL/HOL.thy	Sun Jan 30 20:48:50 2005 +0100
    43.2 +++ b/src/HOL/HOL.thy	Tue Feb 01 18:01:57 2005 +0100
    43.3 @@ -8,6 +8,8 @@
    43.4  theory HOL
    43.5  imports CPure
    43.6  files ("cladata.ML") ("blastdata.ML") ("simpdata.ML") ("antisym_setup.ML")
    43.7 +      ("eqrule_HOL_data.ML")
    43.8 +      ("~~/src/Provers/eqsubst.ML")
    43.9  begin
   43.10  
   43.11  subsection {* Primitive logic *}
   43.12 @@ -898,7 +900,7 @@
   43.13  setup Blast.setup
   43.14  
   43.15  
   43.16 -subsubsection {* Simplifier setup *}
   43.17 +subsection {* Simplifier setup *}
   43.18  
   43.19  lemma meta_eq_to_obj_eq: "x == y ==> x = y"
   43.20  proof -
   43.21 @@ -1068,12 +1070,12 @@
   43.22  
   43.23  lemma split_if: "P (if Q then x else y) = ((Q --> P(x)) & (~Q --> P(y)))"
   43.24    apply (rule case_split [of Q])
   43.25 -   apply (subst if_P)
   43.26 -    prefer 3 apply (subst if_not_P, blast+)
   43.27 +   apply (simplesubst if_P)
   43.28 +    prefer 3 apply (simplesubst if_not_P, blast+)
   43.29    done
   43.30  
   43.31  lemma split_if_asm: "P (if Q then x else y) = (~((Q & ~P x) | (~Q & ~P y)))"
   43.32 -by (subst split_if, blast)
   43.33 +by (simplesubst split_if, blast)
   43.34  
   43.35  lemmas if_splits = split_if split_if_asm
   43.36  
   43.37 @@ -1081,10 +1083,10 @@
   43.38    by (rule split_if)
   43.39  
   43.40  lemma if_cancel: "(if c then x else x) = x"
   43.41 -by (subst split_if, blast)
   43.42 +by (simplesubst split_if, blast)
   43.43  
   43.44  lemma if_eq_cancel: "(if x = y then y else x) = x"
   43.45 -by (subst split_if, blast)
   43.46 +by (simplesubst split_if, blast)
   43.47  
   43.48  lemma if_bool_eq_conj: "(if P then Q else R) = ((P-->Q) & (~P-->R))"
   43.49    -- {* This form is useful for expanding @{text if}s on the RIGHT of the @{text "==>"} symbol. *}
   43.50 @@ -1092,7 +1094,7 @@
   43.51  
   43.52  lemma if_bool_eq_disj: "(if P then Q else R) = ((P&Q) | (~P&R))"
   43.53    -- {* And this form is useful for expanding @{text if}s on the LEFT. *}
   43.54 -  apply (subst split_if, blast)
   43.55 +  apply (simplesubst split_if, blast)
   43.56    done
   43.57  
   43.58  lemma Eq_TrueI: "P ==> P == True" by (unfold atomize_eq) rules
   43.59 @@ -1113,11 +1115,23 @@
   43.60  setup "Simplifier.method_setup Splitter.split_modifiers" setup simpsetup
   43.61  setup Splitter.setup setup Clasimp.setup
   43.62  
   43.63 +
   43.64 +subsubsection {* Lucas Dixon's eqstep tactic *}
   43.65 +
   43.66 +use "~~/src/Provers/eqsubst.ML";
   43.67 +use "eqrule_HOL_data.ML";
   43.68 +
   43.69 +setup EQSubstTac.setup
   43.70 +
   43.71 +
   43.72 +subsection {* Other simple lemmas *}
   43.73 +
   43.74  declare disj_absorb [simp] conj_absorb [simp]
   43.75  
   43.76  lemma ex1_eq[iff]: "EX! x. x = t" "EX! x. t = x"
   43.77  by blast+
   43.78  
   43.79 +
   43.80  theorem choice_eq: "(ALL x. EX! y. P x y) = (EX! f. ALL x. P x (f x))"
   43.81    apply (rule iffI)
   43.82    apply (rule_tac a = "%x. THE y. P x y" in ex1I)
   43.83 @@ -1142,7 +1156,7 @@
   43.84  by(rule trans[OF trans[OF c a] arg_cong[OF c, of "f y"]])
   43.85  
   43.86  
   43.87 -subsubsection {* Generic cases and induction *}
   43.88 +subsection {* Generic cases and induction *}
   43.89  
   43.90  constdefs
   43.91    induct_forall :: "('a => bool) => bool"
    44.1 --- a/src/HOL/Hyperreal/Integration.thy	Sun Jan 30 20:48:50 2005 +0100
    44.2 +++ b/src/HOL/Hyperreal/Integration.thy	Tue Feb 01 18:01:57 2005 +0100
    44.3 @@ -263,12 +263,14 @@
    44.4   apply (drule partition_lhs, auto)
    44.5  apply (simp split: nat_diff_split)
    44.6  apply (subst partition)
    44.7 -apply (subst lemma_partition_append2, assumption+)
    44.8 +apply (simplesubst lemma_partition_append2, assumption+)
    44.9 +   --{*Need to substitute the last occurrence*}
   44.10  apply (rule conjI)
   44.11  apply (drule_tac [2] lemma_partition_append1)
   44.12  apply (auto simp add: partition_lhs partition_rhs)
   44.13  done
   44.14  
   44.15 +
   44.16  text{*We can always find a division that is fine wrt any gauge*}
   44.17  
   44.18  lemma partition_exists:
    45.1 --- a/src/HOL/Hyperreal/MacLaurin.thy	Sun Jan 30 20:48:50 2005 +0100
    45.2 +++ b/src/HOL/Hyperreal/MacLaurin.thy	Tue Feb 01 18:01:57 2005 +0100
    45.3 @@ -579,7 +579,7 @@
    45.4        in Maclaurin_all_le_objl)
    45.5      apply safe
    45.6      apply simp
    45.7 -    apply (subst mod_Suc_eq_Suc_mod)
    45.8 +    apply (simplesubst mod_Suc_eq_Suc_mod)  --{*simultaneous substitution*}
    45.9      apply (cut_tac m=m in mod_exhaust_less_4, safe, simp+)
   45.10      apply (rule DERIV_minus, simp+)
   45.11      apply (rule lemma_DERIV_subst, rule DERIV_minus, rule DERIV_cos, simp)
    46.1 --- a/src/HOL/Hyperreal/Transcendental.thy	Sun Jan 30 20:48:50 2005 +0100
    46.2 +++ b/src/HOL/Hyperreal/Transcendental.thy	Tue Feb 01 18:01:57 2005 +0100
    46.3 @@ -138,8 +138,7 @@
    46.4  lemma real_pow_sqrt_eq_sqrt_pow: 
    46.5        "0 \<le> x ==> (sqrt x)\<twosuperior> = sqrt(x\<twosuperior>)"
    46.6  apply (simp add: sqrt_def)
    46.7 -apply (subst numeral_2_eq_2)
    46.8 -apply (auto intro: real_root_pow_pos2 [THEN ssubst] real_root_pos2 [THEN ssubst] simp del: realpow_Suc)
    46.9 +apply (simp only: numeral_2_eq_2 real_root_pow_pos2 real_root_pos2)
   46.10  done
   46.11  
   46.12  lemma real_pow_sqrt_eq_sqrt_abs_pow2:
   46.13 @@ -1424,7 +1423,9 @@
   46.14  apply (drule sums_minus)
   46.15  apply (rule neg_less_iff_less [THEN iffD1]) 
   46.16  apply (frule sums_unique, auto simp add: times_divide_eq)
   46.17 -apply (rule_tac y = "sumr 0 (Suc (Suc (Suc 0))) (%n. - ((- 1) ^ n / (real (fact (2 * n))) * 2 ^ (2 * n)))" in order_less_trans)
   46.18 +apply (rule_tac y = "sumr 0 (Suc (Suc (Suc 0))) 
   46.19 +                      (%n. - ((- 1) ^ n / (real(fact (2*n))) * 2 ^ (2*n)))" 
   46.20 +       in order_less_trans)
   46.21  apply (simp (no_asm) add: fact_num_eq_if realpow_num_eq_if del: fact_Suc realpow_Suc)
   46.22  apply (simp (no_asm) add: mult_assoc times_divide_eq del: sumr_Suc)
   46.23  apply (rule sumr_pos_lt_pair)
   46.24 @@ -1435,12 +1436,11 @@
   46.25  apply (rule real_of_nat_fact_gt_zero)+
   46.26  apply (simp (no_asm) add: mult_assoc [symmetric] del: fact_Suc)
   46.27  apply (subst fact_lemma) 
   46.28 -apply (subst fact_Suc)
   46.29 -apply (subst real_of_nat_mult)
   46.30 -apply (erule ssubst, subst real_of_nat_mult)
   46.31 +apply (subst fact_Suc [of "Suc (Suc (Suc (Suc (Suc (Suc (Suc (4 * d)))))))"])
   46.32 +apply (simp only: real_of_nat_mult)
   46.33  apply (rule real_mult_less_mono, force)
   46.34 -prefer 2 apply force
   46.35 -apply (rule_tac [2] real_of_nat_fact_gt_zero)
   46.36 +  apply (rule_tac [3] real_of_nat_fact_gt_zero)
   46.37 + prefer 2 apply force
   46.38  apply (rule real_of_nat_less_iff [THEN iffD2])
   46.39  apply (rule fact_less_mono, auto)
   46.40  done
    47.1 --- a/src/HOL/IMP/Denotation.thy	Sun Jan 30 20:48:50 2005 +0100
    47.2 +++ b/src/HOL/IMP/Denotation.thy	Tue Feb 01 18:01:57 2005 +0100
    47.3 @@ -34,15 +34,13 @@
    47.4  
    47.5  lemma C_While_If: "C(\<WHILE> b \<DO> c) = C(\<IF> b \<THEN> c;\<WHILE> b \<DO> c \<ELSE> \<SKIP>)"
    47.6  apply (simp (no_asm)) 
    47.7 -apply (subst lfp_unfold [OF Gamma_mono]) back back
    47.8 -apply (subst Gamma_def [THEN meta_eq_to_obj_eq, THEN fun_cong]) 
    47.9 -apply simp
   47.10 +apply (subst lfp_unfold [OF Gamma_mono])  --{*lhs only*}
   47.11 +apply (simp add: Gamma_def)
   47.12  done
   47.13  
   47.14  (* Operational Semantics implies Denotational Semantics *)
   47.15  
   47.16  lemma com1: "\<langle>c,s\<rangle> \<longrightarrow>\<^sub>c t \<Longrightarrow> (s,t) \<in> C(c)"
   47.17 -
   47.18  (* start with rule induction *)
   47.19  apply (erule evalc.induct)
   47.20  apply auto
    48.1 --- a/src/HOL/Induct/LList.thy	Sun Jan 30 20:48:50 2005 +0100
    48.2 +++ b/src/HOL/Induct/LList.thy	Tue Feb 01 18:01:57 2005 +0100
    48.3 @@ -673,12 +673,9 @@
    48.4  subsection{* Deriving @{text llist_equalityI} -- @{text llist} equality is a bisimulation *}
    48.5  
    48.6  lemma LListD_Fun_subset_Times_llist: 
    48.7 -    "r <= (llist A) <*> (llist A) ==>  
    48.8 -            LListD_Fun (diag A) r <= (llist A) <*> (llist A)"
    48.9 -apply (unfold LListD_Fun_def)
   48.10 -apply (subst llist_unfold)
   48.11 -apply (simp add: NIL_def CONS_def, fast)
   48.12 -done
   48.13 +    "r <= (llist A) <*> (llist A) 
   48.14 +     ==> LListD_Fun (diag A) r <= (llist A) <*> (llist A)"
   48.15 +by (auto simp add: LListD_Fun_def)
   48.16  
   48.17  lemma subset_Times_llist:
   48.18       "prod_fun Rep_LList Rep_LList ` r <=  
   48.19 @@ -866,8 +863,9 @@
   48.20  lemma lappend_iterates [simp]: "lappend (iterates f x) N = iterates f x"
   48.21  apply (rule_tac r = "range (%u. (lappend (iterates f u) N,iterates f u))" 
   48.22         in llist_equalityI)
   48.23 -apply (rule rangeI, safe)
   48.24 -apply (subst iterates, simp)
   48.25 + apply (rule rangeI)
   48.26 +apply (safe)
   48.27 +apply (simplesubst iterates, simp)  --{*two redexes*}
   48.28  done
   48.29  
   48.30  subsubsection{* Two proofs that @{text lmap} distributes over lappend *}
    49.1 --- a/src/HOL/Integ/IntDef.thy	Sun Jan 30 20:48:50 2005 +0100
    49.2 +++ b/src/HOL/Integ/IntDef.thy	Tue Feb 01 18:01:57 2005 +0100
    49.3 @@ -849,7 +849,7 @@
    49.4    done
    49.5  
    49.6  lemma int_setsum: "int (setsum f A) = setsum (int \<circ> f) A"
    49.7 -  by (subst int_eq_of_nat, rule setsum_of_nat)
    49.8 +  by (simp add: int_eq_of_nat setsum_of_nat) 
    49.9  
   49.10  lemma setprod_of_nat: "of_nat (setprod f A) = setprod (of_nat \<circ> f) A"
   49.11    apply (case_tac "finite A")
   49.12 @@ -862,7 +862,7 @@
   49.13    done
   49.14  
   49.15  lemma int_setprod: "int (setprod f A) = setprod (int \<circ> f) A"
   49.16 -  by (subst int_eq_of_nat, rule setprod_of_nat)
   49.17 +  by (simp add: int_eq_of_nat setprod_of_nat)
   49.18  
   49.19  lemma setsum_constant [simp]: "finite A ==> (\<Sum>x \<in> A. y) = of_nat(card A) * y"
   49.20    apply (erule finite_induct)
    50.1 --- a/src/HOL/IsaMakefile	Sun Jan 30 20:48:50 2005 +0100
    50.2 +++ b/src/HOL/IsaMakefile	Tue Feb 01 18:01:57 2005 +0100
    50.3 @@ -74,13 +74,14 @@
    50.4    $(SRC)/Provers/Arith/fast_lin_arith.ML $(SRC)/Provers/blast.ML \
    50.5    $(SRC)/Provers/clasimp.ML $(SRC)/Provers/classical.ML \
    50.6    $(SRC)/Provers/hypsubst.ML $(SRC)/Provers/induct_method.ML \
    50.7 -  $(SRC)/Provers/make_elim.ML $(SRC)/Provers/order.ML \
    50.8 -  $(SRC)/Provers/quasi.ML \
    50.9 +  $(SRC)/Provers/make_elim.ML $(SRC)/Provers/order.ML $(SRC)/Provers/quasi.ML\
   50.10    $(SRC)/Provers/simplifier.ML $(SRC)/Provers/splitter.ML \
   50.11    $(SRC)/Provers/trancl.ML \
   50.12    $(SRC)/TFL/dcterm.ML $(SRC)/TFL/post.ML $(SRC)/TFL/rules.ML \
   50.13    $(SRC)/TFL/tfl.ML $(SRC)/TFL/thms.ML $(SRC)/TFL/thry.ML \
   50.14    $(SRC)/TFL/usyntax.ML $(SRC)/TFL/utils.ML \
   50.15 +  $(SRC)/Provers/eqsubst.ML\
   50.16 +  eqrule_HOL_data.ML\
   50.17    Datatype.thy Datatype_Universe.thy \
   50.18    Divides.thy Equiv_Relations.thy Extraction.thy Finite_Set.ML Finite_Set.thy \
   50.19    Fun.thy Gfp.thy Hilbert_Choice.thy HOL.ML \
    51.1 --- a/src/HOL/Library/Word.thy	Sun Jan 30 20:48:50 2005 +0100
    51.2 +++ b/src/HOL/Library/Word.thy	Tue Feb 01 18:01:57 2005 +0100
    51.3 @@ -455,7 +455,7 @@
    51.4  	proof (rule n_div_2_cases [of n])
    51.5  	  assume [simp]: "n = 0"
    51.6  	  show ?thesis
    51.7 -	    apply (subst nat_to_bv_helper.simps [of n])
    51.8 +	    apply (simp only: nat_to_bv_helper.simps [of n])
    51.9  	    apply simp
   51.10  	    done
   51.11  	next
   51.12 @@ -467,7 +467,7 @@
   51.13  	  have ind': "\<forall>l. nat_to_bv_helper (n div 2) l = nat_to_bv_helper (n div 2) [] @ l"
   51.14  	    by blast
   51.15  	  show ?thesis
   51.16 -	    apply (subst nat_to_bv_helper.simps [of n])
   51.17 +	    apply (simp only: nat_to_bv_helper.simps [of n])
   51.18  	    apply (cases "n=0")
   51.19  	    apply simp
   51.20  	    apply (simp only: if_False)
   51.21 @@ -491,7 +491,7 @@
   51.22    assume [simp]: "0 < n"
   51.23    show ?thesis
   51.24      apply (subst nat_to_bv_def [of n])
   51.25 -    apply (subst nat_to_bv_helper.simps [of n])
   51.26 +    apply (simp only: nat_to_bv_helper.simps [of n])
   51.27      apply (subst unfold_nat_to_bv_helper)
   51.28      using prems
   51.29      apply simp
   51.30 @@ -545,7 +545,7 @@
   51.31        by simp
   51.32      show ?thesis
   51.33        apply (subst nat_to_bv_def)
   51.34 -      apply (subst nat_to_bv_helper.simps [of n])
   51.35 +      apply (simp only: nat_to_bv_helper.simps [of n])
   51.36        apply (simp only: n0' if_False)
   51.37        apply (subst unfold_nat_to_bv_helper)
   51.38        apply (subst bv_to_nat_dist_append)
   51.39 @@ -2425,7 +2425,7 @@
   51.40  
   51.41    from ki ij jl lw
   51.42    show ?thesis
   51.43 -    apply (subst bv_sliceI [where ?j = i and ?i = j and ?w = w and ?w1.0 = "w1 @ w2" and ?w2.0 = w3 and ?w3.0 = "w4 @ w5"])
   51.44 +    apply (simplesubst bv_sliceI [where ?j = i and ?i = j and ?w = w and ?w1.0 = "w1 @ w2" and ?w2.0 = w3 and ?w3.0 = "w4 @ w5"])
   51.45      apply simp_all
   51.46      apply (rule w_def)
   51.47      apply (simp add: w_defs min_def)
   51.48 @@ -2566,7 +2566,7 @@
   51.49        apply (subst indq [symmetric])
   51.50        apply (subst indq [symmetric])
   51.51        apply auto
   51.52 -      apply (subst nat_to_bv_helper.simps [of "2 * qq + 1"])
   51.53 +      apply (simp only: nat_to_bv_helper.simps [of "2 * qq + 1"])
   51.54        apply simp
   51.55        apply safe
   51.56        apply (subgoal_tac "2 * qq + 1 ~= 2 * q")
   51.57 @@ -2575,7 +2575,7 @@
   51.58        apply (subgoal_tac "(2 * qq + 1) div 2 = qq")
   51.59        apply simp
   51.60        apply (subst zdiv_zadd1_eq,simp)
   51.61 -      apply (subst nat_to_bv_helper.simps [of "2 * qq"])
   51.62 +      apply (simp only: nat_to_bv_helper.simps [of "2 * qq"])
   51.63        apply simp
   51.64        done
   51.65    qed
    52.1 --- a/src/HOL/Matrix/Matrix.thy	Sun Jan 30 20:48:50 2005 +0100
    52.2 +++ b/src/HOL/Matrix/Matrix.thy	Tue Feb 01 18:01:57 2005 +0100
    52.3 @@ -129,7 +129,7 @@
    52.4  
    52.5  lemma Rep_one_matrix[simp]: "Rep_matrix (one_matrix n) j i = (if (j = i & j < n) then 1 else 0)"
    52.6  apply (simp add: one_matrix_def)
    52.7 -apply (subst RepAbs_matrix)
    52.8 +apply (simplesubst RepAbs_matrix)
    52.9  apply (rule exI[of _ n], simp add: split_if)+
   52.10  by (simp add: split_if, arith)
   52.11  
    53.1 --- a/src/HOL/Matrix/MatrixGeneral.thy	Sun Jan 30 20:48:50 2005 +0100
    53.2 +++ b/src/HOL/Matrix/MatrixGeneral.thy	Tue Feb 01 18:01:57 2005 +0100
    53.3 @@ -699,16 +699,16 @@
    53.4        let ?mx = "max (ncols a) (max (nrows u) (nrows v))"
    53.5        from prems show "mult_matrix_n (max (ncols a) (nrows (combine_matrix fadd u v))) fmul fadd a (combine_matrix fadd u v) =
    53.6          combine_matrix fadd (mult_matrix_n (max (ncols a) (nrows u)) fmul fadd a u) (mult_matrix_n (max (ncols a) (nrows v)) fmul fadd a v)"
    53.7 -        apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
    53.8 +        apply (simplesubst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
    53.9          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.10 -        apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.11 +        apply (simplesubst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.12          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.13 -        apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.14 +        apply (simplesubst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.15          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.16          apply (simp add: mult_matrix_n_def r_distributive_def foldseq_distr[of fadd])
   53.17          apply (simp add: combine_matrix_def combine_infmatrix_def)
   53.18          apply (rule comb[of "Abs_matrix" "Abs_matrix"], simp, (rule ext)+)
   53.19 -        apply (subst RepAbs_matrix)
   53.20 +        apply (simplesubst RepAbs_matrix)
   53.21          apply (simp, auto)
   53.22          apply (rule exI[of _ "nrows a"], simp add: nrows_le foldseq_zero)
   53.23          apply (rule exI[of _ "ncols v"], simp add: ncols_le foldseq_zero)
   53.24 @@ -739,16 +739,16 @@
   53.25        let ?mx = "max (nrows a) (max (ncols u) (ncols v))"
   53.26        from prems show "mult_matrix_n (max (ncols (combine_matrix fadd u v)) (nrows a)) fmul fadd (combine_matrix fadd u v) a =
   53.27                 combine_matrix fadd (mult_matrix_n (max (ncols u) (nrows a)) fmul fadd u a) (mult_matrix_n (max (ncols v) (nrows a)) fmul fadd v a)"
   53.28 -        apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.29 +        apply (simplesubst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.30          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.31 -        apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.32 +        apply (simplesubst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.33          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.34          apply (subst mult_matrix_nm[of _ _ _ ?mx fadd fmul])
   53.35          apply (simp add: max1 max2 combine_nrows combine_ncols)+
   53.36          apply (simp add: mult_matrix_n_def l_distributive_def foldseq_distr[of fadd])
   53.37          apply (simp add: combine_matrix_def combine_infmatrix_def)
   53.38          apply (rule comb[of "Abs_matrix" "Abs_matrix"], simp, (rule ext)+)
   53.39 -        apply (subst RepAbs_matrix)
   53.40 +        apply (simplesubst RepAbs_matrix)
   53.41          apply (simp, auto)
   53.42          apply (rule exI[of _ "nrows v"], simp add: nrows_le foldseq_zero)
   53.43          apply (rule exI[of _ "ncols a"], simp add: ncols_le foldseq_zero)
   53.44 @@ -792,18 +792,19 @@
   53.45  
   53.46  lemma mult_matrix_zero_closed: "\<lbrakk>fadd 0 0 = 0; zero_closed fmul\<rbrakk> \<Longrightarrow> zero_closed (mult_matrix fmul fadd)"
   53.47    apply (simp add: zero_closed_def mult_matrix_def mult_matrix_n_def)
   53.48 -  apply (auto)
   53.49 -  by (subst foldseq_zero, (simp add: zero_matrix_def)+)+
   53.50 +  apply (simp add: foldseq_zero zero_matrix_def) 
   53.51 +  done
   53.52 +
   53.53  
   53.54  lemma mult_matrix_n_zero_right[simp]: "\<lbrakk>fadd 0 0 = 0; !a. fmul a 0 = 0\<rbrakk> \<Longrightarrow> mult_matrix_n n fmul fadd A 0 = 0"
   53.55    apply (simp add: mult_matrix_n_def)
   53.56 -  apply (subst foldseq_zero)
   53.57 -  by (simp_all add: zero_matrix_def)
   53.58 +  apply (simp add: foldseq_zero zero_matrix_def)
   53.59 +  done
   53.60  
   53.61  lemma mult_matrix_n_zero_left[simp]: "\<lbrakk>fadd 0 0 = 0; !a. fmul 0 a = 0\<rbrakk> \<Longrightarrow> mult_matrix_n n fmul fadd 0 A = 0"
   53.62    apply (simp add: mult_matrix_n_def)
   53.63 -  apply (subst foldseq_zero)
   53.64 -  by (simp_all add: zero_matrix_def)
   53.65 +  apply (simp add: foldseq_zero zero_matrix_def)
   53.66 +  done
   53.67  
   53.68  lemma mult_matrix_zero_left[simp]: "\<lbrakk>fadd 0 0 = 0; !a. fmul 0 a = 0\<rbrakk> \<Longrightarrow> mult_matrix fmul fadd 0 A = 0"
   53.69  by (simp add: mult_matrix_def)
   53.70 @@ -851,7 +852,7 @@
   53.71  apply (subst RepAbs_matrix)
   53.72  apply (rule exI[of _ "Suc m"], simp)
   53.73  apply (rule exI[of _ "Suc n"], simp+)
   53.74 -by (subst RepAbs_matrix, rule exI[of _ "Suc j"], simp, rule exI[of _ "Suc i"], simp+)+
   53.75 +by (simplesubst RepAbs_matrix, rule exI[of _ "Suc j"], simp, rule exI[of _ "Suc i"], simp+)+
   53.76  
   53.77  lemma apply_singleton_matrix[simp]: "f 0 = 0 \<Longrightarrow> apply_matrix f (singleton_matrix j i x) = (singleton_matrix j i (f x))"
   53.78  apply (subst Rep_matrix_inject[symmetric])
   53.79 @@ -892,7 +893,7 @@
   53.80  
   53.81  lemma combine_singleton: "f 0 0 = 0 \<Longrightarrow> combine_matrix f (singleton_matrix j i a) (singleton_matrix j i b) = singleton_matrix j i (f a b)"
   53.82  apply (simp add: singleton_matrix_def combine_matrix_def combine_infmatrix_def)
   53.83 -apply (subst RepAbs_matrix)
   53.84 +apply (simplesubst RepAbs_matrix)
   53.85  apply (rule exI[of _ "Suc j"], simp)
   53.86  apply (rule exI[of _ "Suc i"], simp)
   53.87  apply (rule comb[of "Abs_matrix" "Abs_matrix"], simp, (rule ext)+)
   53.88 @@ -911,7 +912,7 @@
   53.89    (if (neg ((int j)-y)) | (neg ((int i)-x)) then 0 else Rep_matrix A (nat((int j)-y)) (nat((int i)-x)))"
   53.90  apply (simp add: move_matrix_def)
   53.91  apply (auto)
   53.92 -by (subst RepAbs_matrix,
   53.93 +by (simplesubst RepAbs_matrix,
   53.94    rule exI[of _ "(nrows A)+(nat (abs y))"], auto, rule nrows, arith,
   53.95    rule exI[of _ "(ncols A)+(nat (abs x))"], auto, rule ncols, arith)+
   53.96  
   53.97 @@ -946,7 +947,7 @@
   53.98    "Rep_matrix (take_columns A c) j i =
   53.99    (if i < c then (Rep_matrix A j i) else 0)"
  53.100  apply (simp add: take_columns_def)
  53.101 -apply (subst RepAbs_matrix)
  53.102 +apply (simplesubst RepAbs_matrix)
  53.103  apply (rule exI[of _ "nrows A"], auto, simp add: nrows_le)
  53.104  apply (rule exI[of _ "ncols A"], auto, simp add: ncols_le)
  53.105  done
  53.106 @@ -955,7 +956,7 @@
  53.107    "Rep_matrix (take_rows A r) j i =
  53.108    (if j < r then (Rep_matrix A j i) else 0)"
  53.109  apply (simp add: take_rows_def)
  53.110 -apply (subst RepAbs_matrix)
  53.111 +apply (simplesubst RepAbs_matrix)
  53.112  apply (rule exI[of _ "nrows A"], auto, simp add: nrows_le)
  53.113  apply (rule exI[of _ "ncols A"], auto, simp add: ncols_le)
  53.114  done
  53.115 @@ -1163,21 +1164,21 @@
  53.116      apply (simp add: Rep_matrix_inject[THEN sym])
  53.117      apply (rule ext)+
  53.118      apply (simp add: mult_matrix_def)
  53.119 -    apply (subst mult_matrix_nm[of _ "max (ncols (mult_matrix_n (max (ncols A) (nrows B)) fmul1 fadd1 A B)) (nrows C)" _ "max (ncols B) (nrows C)"])
  53.120 +    apply (simplesubst mult_matrix_nm[of _ "max (ncols (mult_matrix_n (max (ncols A) (nrows B)) fmul1 fadd1 A B)) (nrows C)" _ "max (ncols B) (nrows C)"])
  53.121      apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.122 -    apply (subst mult_matrix_nm[of _ "max (ncols A) (nrows (mult_matrix_n (max (ncols B) (nrows C)) fmul2 fadd2 B C))" _ "max (ncols A) (nrows B)"])     apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.123 -    apply (subst mult_matrix_nm[of _ _ _ "?N"])
  53.124 +    apply (simplesubst mult_matrix_nm[of _ "max (ncols A) (nrows (mult_matrix_n (max (ncols B) (nrows C)) fmul2 fadd2 B C))" _ "max (ncols A) (nrows B)"])     apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.125 +    apply (simplesubst mult_matrix_nm[of _ _ _ "?N"])
  53.126      apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.127 -    apply (subst mult_matrix_nm[of _ _ _ "?N"])
  53.128 +    apply (simplesubst mult_matrix_nm[of _ _ _ "?N"])
  53.129      apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.130 -    apply (subst mult_matrix_nm[of _ _ _ "?N"])
  53.131 +    apply (simplesubst mult_matrix_nm[of _ _ _ "?N"])
  53.132      apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.133 -    apply (subst mult_matrix_nm[of _ _ _ "?N"])
  53.134 +    apply (simplesubst mult_matrix_nm[of _ _ _ "?N"])
  53.135      apply (simp add: max1 max2 mult_n_ncols mult_n_nrows prems)+
  53.136      apply (simp add: mult_matrix_n_def)
  53.137      apply (rule comb_left)
  53.138      apply ((rule ext)+, simp)
  53.139 -    apply (subst RepAbs_matrix)
  53.140 +    apply (simplesubst RepAbs_matrix)
  53.141      apply (rule exI[of _ "nrows B"])
  53.142      apply (simp add: nrows prems foldseq_zero)
  53.143      apply (rule exI[of _ "ncols C"])
  53.144 @@ -1227,7 +1228,7 @@
  53.145    have "!! a b c d. fadd (fadd a b) (fadd c d) = fadd (fadd a c) (fadd b d)"
  53.146      by (simp! add: associative_def commutative_def)
  53.147    then show ?concl
  53.148 -    apply (subst mult_matrix_assoc)
  53.149 +    apply (simplesubst mult_matrix_assoc)
  53.150      apply (simp_all!)
  53.151      by (simp add: associative_def distributive_def l_distributive_def r_distributive_def)+
  53.152  qed
  53.153 @@ -1361,7 +1362,7 @@
  53.154    "mult_matrix fmul fadd C A <= mult_matrix fmul fadd C B"
  53.155    apply (simp! add: le_matrix_def Rep_mult_matrix)
  53.156    apply (auto)
  53.157 -  apply (subst foldseq_zerotail[of _ _ _ "max (ncols C) (max (nrows A) (nrows B))"], simp_all add: nrows ncols max1 max2)+
  53.158 +  apply (simplesubst foldseq_zerotail[of _ _ _ "max (ncols C) (max (nrows A) (nrows B))"], simp_all add: nrows ncols max1 max2)+
  53.159    apply (rule le_foldseq)
  53.160    by (auto)
  53.161  
  53.162 @@ -1378,7 +1379,7 @@
  53.163    "mult_matrix fmul fadd A C <= mult_matrix fmul fadd B C"
  53.164    apply (simp! add: le_matrix_def Rep_mult_matrix)
  53.165    apply (auto)
  53.166 -  apply (subst foldseq_zerotail[of _ _ _ "max (nrows C) (max (ncols A) (ncols B))"], simp_all add: nrows ncols max1 max2)+
  53.167 +  apply (simplesubst foldseq_zerotail[of _ _ _ "max (nrows C) (max (ncols A) (ncols B))"], simp_all add: nrows ncols max1 max2)+
  53.168    apply (rule le_foldseq)
  53.169    by (auto)
  53.170  
    54.1 --- a/src/HOL/Matrix/SparseMatrix.thy	Sun Jan 30 20:48:50 2005 +0100
    54.2 +++ b/src/HOL/Matrix/SparseMatrix.thy	Tue Feb 01 18:01:57 2005 +0100
    54.3 @@ -271,7 +271,7 @@
    54.4      apply (intro strip)
    54.5      apply (frule_tac as=brr in sorted_spvec_cons1)
    54.6      apply (simp add: ring_eq_simps sparse_row_matrix_cons)
    54.7 -    apply (subst Rep_matrix_zero_imp_mult_zero) 
    54.8 +    apply (simplesubst Rep_matrix_zero_imp_mult_zero) 
    54.9      apply (simp)
   54.10      apply (intro strip)
   54.11      apply (rule disjI2)
   54.12 @@ -805,9 +805,9 @@
   54.13    apply auto
   54.14    apply (case_tac "x=a")
   54.15    apply (simp)
   54.16 -  apply (subst sorted_sparse_row_matrix_zero)
   54.17 +  apply (simplesubst sorted_sparse_row_matrix_zero)
   54.18    apply auto
   54.19 -  apply (subst Rep_sparse_row_vector_zero)
   54.20 +  apply (simplesubst Rep_sparse_row_vector_zero)
   54.21    apply (simp_all add: neg_def)
   54.22    done
   54.23  
    55.1 --- a/src/HOL/MicroJava/BV/Effect.thy	Sun Jan 30 20:48:50 2005 +0100
    55.2 +++ b/src/HOL/MicroJava/BV/Effect.thy	Tue Feb 01 18:01:57 2005 +0100
    55.3 @@ -6,7 +6,10 @@
    55.4  
    55.5  header {* \isaheader{Effect of Instructions on the State Type} *}
    55.6  
    55.7 -theory Effect = JVMType + JVMExceptions:
    55.8 +theory Effect 
    55.9 +imports JVMType "../JVM/JVMExceptions"
   55.10 +begin
   55.11 +
   55.12  
   55.13  types
   55.14    succ_type = "(p_count \<times> state_type option) list"
    56.1 --- a/src/HOL/MicroJava/Comp/CorrComp.thy	Sun Jan 30 20:48:50 2005 +0100
    56.2 +++ b/src/HOL/MicroJava/Comp/CorrComp.thy	Tue Feb 01 18:01:57 2005 +0100
    56.3 @@ -295,7 +295,7 @@
    56.4   apply simp
    56.5   apply assumption apply simp apply assumption apply simp
    56.6  
    56.7 -apply (subst method_rec) apply simp
    56.8 +apply (simplesubst method_rec) apply simp
    56.9  apply force
   56.10  apply simp
   56.11  apply (simp only: map_add_def)
    57.1 --- a/src/HOL/MicroJava/Comp/CorrCompTp.thy	Sun Jan 30 20:48:50 2005 +0100
    57.2 +++ b/src/HOL/MicroJava/Comp/CorrCompTp.thy	Tue Feb 01 18:01:57 2005 +0100
    57.3 @@ -3,7 +3,9 @@
    57.4      Author:     Martin Strecker
    57.5  *)
    57.6  
    57.7 -theory CorrCompTp =  LemmasComp + JVM + TypeInf + Altern:
    57.8 +theory CorrCompTp
    57.9 +imports LemmasComp TypeInf "../BV/JVM" "../BV/Altern"
   57.10 +begin
   57.11  
   57.12  declare split_paired_All [simp del]
   57.13  declare split_paired_Ex [simp del]
    58.1 --- a/src/HOL/MicroJava/Comp/DefsComp.thy	Sun Jan 30 20:48:50 2005 +0100
    58.2 +++ b/src/HOL/MicroJava/Comp/DefsComp.thy	Tue Feb 01 18:01:57 2005 +0100
    58.3 @@ -5,8 +5,9 @@
    58.4  
    58.5  (* Definitions for accessing parts of methods, states etc. *)
    58.6  
    58.7 -theory DefsComp = JVMExec:
    58.8 -
    58.9 +theory DefsComp
   58.10 +imports "../JVM/JVMExec"
   58.11 +begin
   58.12  
   58.13  
   58.14  constdefs
    59.1 --- a/src/HOL/MicroJava/Comp/TranslCompTp.thy	Sun Jan 30 20:48:50 2005 +0100
    59.2 +++ b/src/HOL/MicroJava/Comp/TranslCompTp.thy	Tue Feb 01 18:01:57 2005 +0100
    59.3 @@ -3,7 +3,10 @@
    59.4      Author:     Martin Strecker
    59.5  *)
    59.6  
    59.7 -theory TranslCompTp =  JVMType + Index:
    59.8 +theory TranslCompTp
    59.9 +imports Index "../BV/JVMType"
   59.10 +begin
   59.11 +
   59.12  
   59.13  
   59.14  (**********************************************************************)
    60.1 --- a/src/HOL/MicroJava/J/WellForm.thy	Sun Jan 30 20:48:50 2005 +0100
    60.2 +++ b/src/HOL/MicroJava/J/WellForm.thy	Tue Feb 01 18:01:57 2005 +0100
    60.3 @@ -542,17 +542,13 @@
    60.4   apply hypsubst
    60.5   apply simp
    60.6  apply (erule conjE)
    60.7 -apply (subst method_rec)
    60.8 -  apply (assumption)
    60.9 - apply (assumption)
   60.10 +apply (simplesubst method_rec, assumption+)
   60.11  apply (clarify)
   60.12  apply (erule_tac x = "Da" in allE)
   60.13  apply (clarsimp)
   60.14   apply (simp add: map_of_map)
   60.15   apply (clarify)
   60.16 - apply (subst method_rec)
   60.17 -   apply (assumption)
   60.18 -  apply (assumption)
   60.19 + apply (subst method_rec, assumption+)
   60.20   apply (simp add: map_add_def map_of_map split add: option.split)
   60.21  done
   60.22  
   60.23 @@ -566,17 +562,13 @@
   60.24   apply hypsubst
   60.25   apply simp
   60.26  apply (erule conjE)
   60.27 -apply (subst method_rec)
   60.28 -  apply (assumption)
   60.29 - apply (assumption)
   60.30 +apply (simplesubst method_rec, assumption+)
   60.31  apply (clarify)
   60.32  apply (erule_tac x = "Da" in allE)
   60.33  apply (clarsimp)
   60.34   apply (simp add: map_of_map)
   60.35   apply (clarify)
   60.36 - apply (subst method_rec)
   60.37 -   apply (assumption)
   60.38 -  apply (assumption)
   60.39 + apply (subst method_rec, assumption+)
   60.40   apply (simp add: map_add_def map_of_map split add: option.split)
   60.41  done
   60.42  
    61.1 --- a/src/HOL/NumberTheory/EulerFermat.thy	Sun Jan 30 20:48:50 2005 +0100
    61.2 +++ b/src/HOL/NumberTheory/EulerFermat.thy	Tue Feb 01 18:01:57 2005 +0100
    61.3 @@ -259,7 +259,7 @@
    61.4        \<Prod>(BnorRset(a, m)) * x^card (BnorRset (a, m))"
    61.5    apply (induct a m rule: BnorRset_induct)
    61.6     prefer 2
    61.7 -   apply (subst BnorRset.simps)
    61.8 +   apply (simplesubst BnorRset.simps)  --{*multiple redexes*}
    61.9     apply (unfold Let_def, auto)
   61.10    apply (simp add: Bnor_fin Bnor_mem_zle_swap)
   61.11    apply (subst setprod_insert)
    62.1 --- a/src/HOL/OrderedGroup.thy	Sun Jan 30 20:48:50 2005 +0100
    62.2 +++ b/src/HOL/OrderedGroup.thy	Tue Feb 01 18:01:57 2005 +0100
    62.3 @@ -435,14 +435,14 @@
    62.4  qed
    62.5  
    62.6  lemma diff_less_eq: "(a-b < c) = (a < c + (b::'a::pordered_ab_group_add))"
    62.7 -apply (subst less_iff_diff_less_0)
    62.8 +apply (subst less_iff_diff_less_0 [of a])
    62.9  apply (rule less_iff_diff_less_0 [of _ c, THEN ssubst])
   62.10  apply (simp add: diff_minus add_ac)
   62.11  done
   62.12  
   62.13  lemma less_diff_eq: "(a < c-b) = (a + (b::'a::pordered_ab_group_add) < c)"
   62.14 -apply (subst less_iff_diff_less_0)
   62.15 -apply (rule less_iff_diff_less_0 [of _ "c-b", THEN ssubst])
   62.16 +apply (subst less_iff_diff_less_0 [of "a+b"])
   62.17 +apply (subst less_iff_diff_less_0 [of a])
   62.18  apply (simp add: diff_minus add_ac)
   62.19  done
   62.20  
   62.21 @@ -608,8 +608,8 @@
   62.22  lemma meet_0_imp_0: "meet a (-a) = 0 \<Longrightarrow> a = (0::'a::lordered_ab_group)"
   62.23  apply (simp add: meet_eq_neg_join)
   62.24  apply (simp add: join_comm)
   62.25 -apply (subst join_0_imp_0)
   62.26 -by auto
   62.27 +apply (erule join_0_imp_0)
   62.28 +done
   62.29  
   62.30  lemma join_0_eq_0[simp]: "(join a (-a) = 0) = (a = (0::'a::lordered_ab_group))"
   62.31  by (auto, erule join_0_imp_0)
    63.1 --- a/src/HOL/Product_Type.thy	Sun Jan 30 20:48:50 2005 +0100
    63.2 +++ b/src/HOL/Product_Type.thy	Tue Feb 01 18:01:57 2005 +0100
    63.3 @@ -451,9 +451,7 @@
    63.4  
    63.5  lemma split_split: "R (split c p) = (ALL x y. p = (x, y) --> R (c x y))"
    63.6    -- {* For use with @{text split} and the Simplifier. *}
    63.7 -  apply (subst surjective_pairing)
    63.8 -  apply (subst split_conv, blast)
    63.9 -  done
   63.10 +  by (insert surj_pair [of p], clarify, simp)
   63.11  
   63.12  text {*
   63.13    @{thm [source] split_split} could be declared as @{text "[split]"}
    64.1 --- a/src/HOL/Recdef.thy	Sun Jan 30 20:48:50 2005 +0100
    64.2 +++ b/src/HOL/Recdef.thy	Tue Feb 01 18:01:57 2005 +0100
    64.3 @@ -8,7 +8,6 @@
    64.4  theory Recdef
    64.5  imports Wellfounded_Relations Datatype
    64.6  files
    64.7 -  ("../TFL/isand.ML")
    64.8    ("../TFL/casesplit.ML")
    64.9    ("../TFL/utils.ML")
   64.10    ("../TFL/usyntax.ML")
   64.11 @@ -45,7 +44,6 @@
   64.12  lemma tfl_exE: "\<exists>x. P x ==> \<forall>x. P x --> Q ==> Q"
   64.13    by blast
   64.14  
   64.15 -use "../TFL/isand.ML"
   64.16  use "../TFL/casesplit.ML"
   64.17  use "../TFL/utils.ML"
   64.18  use "../TFL/usyntax.ML"
    65.1 --- a/src/HOL/Ring_and_Field.thy	Sun Jan 30 20:48:50 2005 +0100
    65.2 +++ b/src/HOL/Ring_and_Field.thy	Tue Feb 01 18:01:57 2005 +0100
    65.3 @@ -1546,7 +1546,9 @@
    65.4      by (simp only: abs_prts[of a] abs_prts[of b] ring_eq_simps)
    65.5    {
    65.6      fix u v :: 'a
    65.7 -    have bh: "\<lbrakk>u = a; v = b\<rbrakk> \<Longrightarrow> u * v = ?y"
    65.8 +    have bh: "\<lbrakk>u = a; v = b\<rbrakk> \<Longrightarrow> 
    65.9 +              u * v = pprt a * pprt b + pprt a * nprt b + 
   65.10 +                      nprt a * pprt b + nprt a * nprt b"
   65.11        apply (subst prts[of u], subst prts[of v])
   65.12        apply (simp add: left_distrib right_distrib add_ac) 
   65.13        done
    66.1 --- a/src/HOL/SET-Protocol/Purchase.thy	Sun Jan 30 20:48:50 2005 +0100
    66.2 +++ b/src/HOL/SET-Protocol/Purchase.thy	Tue Feb 01 18:01:57 2005 +0100
    66.3 @@ -51,11 +51,11 @@
    66.4  consts
    66.5  
    66.6      CardSecret :: "nat => nat"
    66.7 -     (*Maps Cardholders to CardSecrets.
    66.8 -       A CardSecret of 0 means no cerificate, must use unsigned format.*)
    66.9 +     --{*Maps Cardholders to CardSecrets.
   66.10 +         A CardSecret of 0 means no cerificate, must use unsigned format.*}
   66.11  
   66.12      PANSecret :: "nat => nat"
   66.13 -     (*Maps Cardholders to PANSecrets.*)
   66.14 +     --{*Maps Cardholders to PANSecrets.*}
   66.15  
   66.16      set_pur  :: "event list set"
   66.17  
   66.18 @@ -372,7 +372,7 @@
   66.19  apply (auto simp add: used_Cons symKeys_neq_imp_neq) 
   66.20  done
   66.21  
   66.22 -(*General facts about message reception*)
   66.23 +text{*General facts about message reception*}
   66.24  lemma Gets_imp_Says:
   66.25       "[| Gets B X \<in> set evs; evs \<in> set_pur |]
   66.26     ==> \<exists>A. Says A B X \<in> set evs"
   66.27 @@ -425,30 +425,28 @@
   66.28          evs \<in> set_pur|] ==> priEK C \<in> KK | C \<in> bad"
   66.29  by auto
   66.30  
   66.31 -text{*trivial proof because (priEK C) never appears even in (parts evs)*}
   66.32 +text{*trivial proof because @{term"priEK C"} never appears even in
   66.33 +  @{term "parts evs"}. *}
   66.34  lemma analz_image_priEK:
   66.35       "evs \<in> set_pur ==>
   66.36            (Key (priEK C) \<in> analz (Key`KK Un (knows Spy evs))) =
   66.37            (priEK C \<in> KK | C \<in> bad)"
   66.38  by (blast dest!: parts_image_priEK intro: analz_mono [THEN [2] rev_subsetD])
   66.39  
   66.40 +
   66.41  subsection{*Public Keys in Certificates are Correct*}
   66.42  
   66.43  lemma Crypt_valid_pubEK [dest!]:
   66.44       "[| Crypt (priSK RCA) {|Agent C, Key EKi, onlyEnc|}
   66.45             \<in> parts (knows Spy evs);
   66.46           evs \<in> set_pur |] ==> EKi = pubEK C"
   66.47 -apply (erule rev_mp)
   66.48 -apply (erule set_pur.induct, auto)
   66.49 -done
   66.50 +by (erule rev_mp, erule set_pur.induct, auto)
   66.51  
   66.52  lemma Crypt_valid_pubSK [dest!]:
   66.53       "[| Crypt (priSK RCA) {|Agent C, Key SKi, onlySig|}
   66.54             \<in> parts (knows Spy evs);
   66.55           evs \<in> set_pur |] ==> SKi = pubSK C"
   66.56 -apply (erule rev_mp)
   66.57 -apply (erule set_pur.induct, auto)
   66.58 -done
   66.59 +by (erule rev_mp, erule set_pur.induct, auto)
   66.60  
   66.61  lemma certificate_valid_pubEK:
   66.62      "[| cert C EKi onlyEnc (priSK RCA) \<in> parts (knows Spy evs);
   66.63 @@ -730,9 +728,7 @@
   66.64  lemma M_Notes_PG:
   66.65       "[|Notes M {|Number LID_M, Agent P, Agent M, Agent C, etc|} \<in> set evs;
   66.66          evs \<in> set_pur|] ==> \<exists>j. P = PG j"
   66.67 -apply (erule rev_mp)
   66.68 -apply (erule set_pur.induct, simp_all)
   66.69 -done
   66.70 +by (erule rev_mp, erule set_pur.induct, simp_all)
   66.71  
   66.72  text{*If we trust M, then @{term LID_M} determines his choice of P
   66.73        (Payment Gateway)*}
   66.74 @@ -816,7 +812,7 @@
   66.75  done
   66.76  
   66.77  text{*When M receives AuthRes, he knows that P signed it, including
   66.78 -  the identifying tages and the purchase amount, which he can verify.
   66.79 +  the identifying tags and the purchase amount, which he can verify.
   66.80    (Although the spec has SIGNED and UNSIGNED forms of AuthRes, they
   66.81     send the same message to M.)*}
   66.82  theorem M_verifies_AuthRes:
   66.83 @@ -1015,9 +1011,7 @@
   66.84       "[|Notes (Cardholder k)
   66.85            {|Number n, Agent P, Agent (Cardholder k), Agent C, etc|} \<in> set evs;
   66.86          evs \<in> set_pur|] ==> False"
   66.87 -apply (erule rev_mp)
   66.88 -apply (erule set_pur.induct, auto)
   66.89 -done
   66.90 +by (erule rev_mp, erule set_pur.induct, auto)
   66.91  
   66.92  text{*When M sees a dual signature, he knows that it originated with C.
   66.93    Using XID he knows it was intended for him.
   66.94 @@ -1166,5 +1160,3 @@
   66.95  done
   66.96  
   66.97  end
   66.98 -
   66.99 -
    67.1 --- a/src/HOL/UNITY/FP.thy	Sun Jan 30 20:48:50 2005 +0100
    67.2 +++ b/src/HOL/UNITY/FP.thy	Tue Feb 01 18:01:57 2005 +0100
    67.3 @@ -19,20 +19,19 @@
    67.4      "FP F == {s. F : stable {s}}"
    67.5  
    67.6  lemma stable_FP_Orig_Int: "F : stable (FP_Orig F Int B)"
    67.7 -apply (unfold FP_Orig_def stable_def)
    67.8 -apply (subst Int_Union2)
    67.9 +apply (simp only: FP_Orig_def stable_def Int_Union2)
   67.10  apply (blast intro: constrains_UN)
   67.11  done
   67.12  
   67.13  lemma FP_Orig_weakest:
   67.14      "(!!B. F : stable (A Int B)) ==> A <= FP_Orig F"
   67.15 -by (unfold FP_Orig_def stable_def, blast)
   67.16 +by (simp add: FP_Orig_def stable_def, blast)
   67.17  
   67.18  lemma stable_FP_Int: "F : stable (FP F Int B)"
   67.19  apply (subgoal_tac "FP F Int B = (UN x:B. FP F Int {x}) ")
   67.20  prefer 2 apply blast
   67.21  apply (simp (no_asm_simp) add: Int_insert_right)
   67.22 -apply (unfold FP_def stable_def)
   67.23 +apply (simp add: FP_def stable_def)
   67.24  apply (rule constrains_UN)
   67.25  apply (simp (no_asm))
   67.26  done
   67.27 @@ -40,7 +39,7 @@
   67.28  lemma FP_equivalence: "FP F = FP_Orig F"
   67.29  apply (rule equalityI) 
   67.30   apply (rule stable_FP_Int [THEN FP_Orig_weakest])
   67.31 -apply (unfold FP_Orig_def FP_def, clarify)
   67.32 +apply (simp add: FP_Orig_def FP_def, clarify)
   67.33  apply (drule_tac x = "{x}" in spec)
   67.34  apply (simp add: Int_insert_right)
   67.35  done
    68.1 --- a/src/HOL/UNITY/ListOrder.thy	Sun Jan 30 20:48:50 2005 +0100
    68.2 +++ b/src/HOL/UNITY/ListOrder.thy	Tue Feb 01 18:01:57 2005 +0100
    68.3 @@ -215,8 +215,7 @@
    68.4  apply (erule disjE)
    68.5  apply (simp_all (no_asm_simp) add: neq_Nil_conv nth_append)
    68.6  apply (blast intro: genPrefix.append, auto)
    68.7 -apply (subst append_cons_eq)
    68.8 -apply (blast intro: genPrefix_append_both genPrefix.append)
    68.9 +apply (subst append_cons_eq, fast intro: genPrefix_append_both genPrefix.append)
   68.10  done
   68.11  
   68.12  lemma append_one_genPrefix:
    69.1 --- a/src/HOL/UNITY/Rename.thy	Sun Jan 30 20:48:50 2005 +0100
    69.2 +++ b/src/HOL/UNITY/Rename.thy	Tue Feb 01 18:01:57 2005 +0100
    69.3 @@ -110,8 +110,8 @@
    69.4  lemma bij_extend: "bij h ==> bij (extend (%(x,u::'c). h x))"
    69.5  apply (rule bijI)
    69.6  apply (blast intro: Extend.inj_extend)
    69.7 -apply (rule_tac f = "extend (% (x,u) . inv h x) " in surjI)
    69.8 -apply (subst inv_inv_eq [of h, symmetric], assumption) 
    69.9 +apply (rule_tac f = "extend (% (x,u) . inv h x) " in surjI) 
   69.10 +apply (simplesubst inv_inv_eq [of h, symmetric], assumption) 
   69.11  apply (subst extend_inv, simp add: bij_imp_bij_inv) 
   69.12  apply (simp add: inv_inv_eq) 
   69.13  apply (rule Extend.extend_inverse) 
    70.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    70.2 +++ b/src/HOL/eqrule_HOL_data.ML	Tue Feb 01 18:01:57 2005 +0100
    70.3 @@ -0,0 +1,68 @@
    70.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    70.5 +(*  Title:      sys/eqrule_HOL_data.ML
    70.6 +    Author:     Lucas Dixon, University of Edinburgh
    70.7 +                lucas.dixon@ed.ac.uk
    70.8 +    Modified:   22 July 2004
    70.9 +    Created:    18 Feb 2004
   70.10 +*)
   70.11 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   70.12 +(*  DESCRIPTION:
   70.13 +
   70.14 +    Data for equality rules in the logic
   70.15 +
   70.16 +*)
   70.17 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   70.18 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   70.19 +structure HOL_EqRuleData : EQRULE_DATA =
   70.20 +struct
   70.21 +
   70.22 +val eq_reflection = thm "eq_reflection";
   70.23 +val mp = thm "mp";
   70.24 +val spec = thm "spec";
   70.25 +val if_bool_eq_conj = thm "if_bool_eq_conj";
   70.26 +val iffD1 = thm "iffD1";
   70.27 +val conjunct2 = thm "conjunct2";
   70.28 +val conjunct1 = thm "conjunct1";
   70.29 +
   70.30 +fun mk_eq th = case concl_of th of
   70.31 +        Const("==",_)$_$_       => Some (th)
   70.32 +    |   _$(Const("op =",_)$_$_) => Some (th RS eq_reflection)
   70.33 +    |   _ => None;
   70.34 +
   70.35 +val tranformation_pairs =
   70.36 +  [("op -->", [mp]), ("op &", [conjunct1,conjunct2]),
   70.37 +   ("All", [spec]), ("True", []), ("False", []),
   70.38 +   ("If", [if_bool_eq_conj RS iffD1])];
   70.39 +
   70.40 +(*
   70.41 +val mk_atomize:      (string * thm list) list -> thm -> thm list
   70.42 +looks too specific to move it somewhere else
   70.43 +*)
   70.44 +fun mk_atomize pairs =
   70.45 +  let fun atoms th =
   70.46 +        (case Thm.concl_of th of
   70.47 +           Const("Trueprop",_) $ p =>
   70.48 +             (case Term.head_of p of
   70.49 +                Const(a,_) =>
   70.50 +                  (case Library.assoc(pairs,a) of
   70.51 +                     Some(rls) => flat (map atoms ([th] RL rls))
   70.52 +                   | None => [th])
   70.53 +              | _ => [th])
   70.54 +         | _ => [th])
   70.55 +  in atoms end;
   70.56 +
   70.57 +val prep_meta_eq = 
   70.58 +    (mapfilter  
   70.59 +       mk_eq
   70.60 +       o (mk_atomize tranformation_pairs)
   70.61 +       o Drule.gen_all 
   70.62 +       o zero_var_indexes)
   70.63 +
   70.64 +end;
   70.65 +
   70.66 +structure EqRuleData = HOL_EqRuleData;
   70.67 +
   70.68 +structure EQSubstTac = 
   70.69 +  EQSubstTacFUN(structure EqRuleData = EqRuleData);
   70.70 +
   70.71 +
    71.1 --- a/src/HOL/ex/set.thy	Sun Jan 30 20:48:50 2005 +0100
    71.2 +++ b/src/HOL/ex/set.thy	Tue Feb 01 18:01:57 2005 +0100
    71.3 @@ -110,9 +110,9 @@
    71.4      apply (rule_tac [2] inj_on_inv)
    71.5      apply (erule subset_inj_on [OF _ subset_UNIV])
    71.6     txt {* Tricky variable instantiations! *}
    71.7 -   apply (erule ssubst, subst double_complement)
    71.8 +   apply (erule ssubst, simplesubst double_complement)
    71.9     apply (rule subsetI, erule imageE, erule ssubst, rule rangeI)
   71.10 -  apply (erule ssubst, subst double_complement, erule inv_image_comp [symmetric])
   71.11 +  apply (erule ssubst, simplesubst double_complement, erule inv_image_comp [symmetric])
   71.12    done
   71.13  
   71.14  
    72.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    72.2 +++ b/src/Provers/eqsubst.ML	Tue Feb 01 18:01:57 2005 +0100
    72.3 @@ -0,0 +1,212 @@
    72.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    72.5 +(*  Title:      sys/eqsubst_tac.ML
    72.6 +    Author:     Lucas Dixon, University of Edinburgh
    72.7 +                lucas.dixon@ed.ac.uk
    72.8 +    Created:    29 Jan 2005
    72.9 +*)
   72.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   72.11 +(*  DESCRIPTION:
   72.12 +
   72.13 +    A Tactic to perform a substiution using an equation.
   72.14 +
   72.15 +*)
   72.16 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   72.17 +
   72.18 +(* Logic specific data *)
   72.19 +signature EQRULE_DATA =
   72.20 +sig
   72.21 +  (* to make a meta equality theorem in the current logic *)
   72.22 +  val prep_meta_eq : thm -> thm list
   72.23 +end;
   72.24 +
   72.25 +(* the signature of an instance of the SQSUBST tactic *)
   72.26 +signature EQSUBST_TAC = 
   72.27 +sig
   72.28 +  val eqsubst_asm_meth : Thm.thm list -> Proof.method
   72.29 +  val eqsubst_asm_tac : Thm.thm list -> int -> Thm.thm -> Thm.thm Seq.seq
   72.30 +  val eqsubst_asm_tac' : Thm.thm -> int -> Thm.thm -> Thm.thm Seq.seq
   72.31 +  val eqsubst_meth : Thm.thm list -> Proof.method
   72.32 +  val eqsubst_tac : Thm.thm list -> int -> Thm.thm -> Thm.thm Seq.seq
   72.33 +  val eqsubst_tac' : Thm.thm -> int -> Thm.thm -> Thm.thm Seq.seq
   72.34 +  val meth : bool * Thm.thm list -> Proof.context -> Proof.method
   72.35 +  val subst : Thm.thm -> int -> Thm.thm -> Thm.thm Seq.seq
   72.36 +  val subst_asm : Thm.thm -> int -> Thm.thm -> Thm.thm Seq.seq
   72.37 +
   72.38 +  val setup : (Theory.theory -> Theory.theory) list
   72.39 +end;
   72.40 +
   72.41 +functor EQSubstTacFUN (structure EqRuleData : EQRULE_DATA) 
   72.42 +(* : EQSUBST_TAC *)
   72.43 += struct
   72.44 +
   72.45 +fun search_tb_lr_f f ft = 
   72.46 +    let
   72.47 +      fun maux ft = 
   72.48 +          let val t' = (IsaFTerm.focus_of_fcterm ft) 
   72.49 +     (*   val _ = writeln ("Examining: " ^ (TermLib.string_of_term t')) *)
   72.50 +          in 
   72.51 +          (case t' of 
   72.52 +            (_ $ _) => Seq.append(f ft, 
   72.53 +                       Seq.append(maux (IsaFTerm.focus_left ft), 
   72.54 +                                  maux (IsaFTerm.focus_right ft)))
   72.55 +          | (Abs _) => Seq.append (f ft, maux (IsaFTerm.focus_abs ft))
   72.56 +          | leaf => f ft) end
   72.57 +    in maux ft end;
   72.58 +
   72.59 +fun search_for_match sgn lhs maxidx = 
   72.60 +    IsaFTerm.find_fcterm_matches 
   72.61 +      search_tb_lr_f 
   72.62 +      (IsaFTerm.clean_unify_ft sgn maxidx lhs);
   72.63 +
   72.64 +
   72.65 +(* CLEANUP: lots of duplication of code for substituting in
   72.66 +assumptions and conclusion - this could be cleaned up a little. *)
   72.67 +
   72.68 +fun subst_concl rule cfvs i th (conclthm, concl_matches)= 
   72.69 +    let 
   72.70 +      fun apply_subst m = 
   72.71 +          (RWInst.rw m rule conclthm)
   72.72 +            |> IsaND.schemify_frees_to_vars cfvs
   72.73 +            |> RWInst.beta_eta_contract_tac
   72.74 +            |> (fn r => Tactic.rtac r i th)
   72.75 +            |> Seq.map Drule.zero_var_indexes
   72.76 +    in
   72.77 +      Seq.flat (Seq.map apply_subst concl_matches)
   72.78 +    end;
   72.79 +
   72.80 +
   72.81 +(* substitute within the conclusion of goal i of gth, using a meta
   72.82 +equation rule *)
   72.83 +fun subst rule i gth = 
   72.84 +    let 
   72.85 +      val th = Thm.incr_indexes 1 gth;
   72.86 +      val tgt_term = Thm.prop_of th;
   72.87 +      val maxidx = Term.maxidx_of_term tgt_term;
   72.88 +
   72.89 +      val rule' = Drule.zero_var_indexes rule;
   72.90 +      val (lhs,_) = Logic.dest_equals (Thm.concl_of rule');
   72.91 +
   72.92 +      val sgn = Thm.sign_of_thm th;
   72.93 +      val ctermify = Thm.cterm_of sgn;
   72.94 +      val trivify = Thm.trivial o ctermify;
   72.95 +
   72.96 +      val (fixedbody, fvs) = IsaND.fix_alls_term i tgt_term;
   72.97 +      val cfvs = rev (map ctermify fvs);
   72.98 +
   72.99 +      val conclthm = trivify (Logic.strip_imp_concl fixedbody);
  72.100 +      val concl_matches = 
  72.101 +          search_for_match sgn lhs maxidx 
  72.102 +                           ((IsaFTerm.focus_right  
  72.103 +                             o IsaFTerm.focus_left
  72.104 +                             o IsaFTerm.fcterm_of_term 
  72.105 +                             o Thm.prop_of) conclthm);
  72.106 +    in
  72.107 +      subst_concl rule' cfvs i th (conclthm, concl_matches)
  72.108 +    end;
  72.109 +
  72.110 +(* substitute using an object or meta level equality *)
  72.111 +fun eqsubst_tac' instepthm i th = 
  72.112 +    let val stepthms = Seq.of_list (EqRuleData.prep_meta_eq instepthm) in
  72.113 +      Seq.flat (Seq.map (fn rule => subst rule i th) stepthms)
  72.114 +    end;
  72.115 +(* substitute using one of the given theorems *)
  72.116 +fun eqsubst_tac instepthms i th = 
  72.117 +    Seq.flat (Seq.map (fn r => eqsubst_tac' r i th) (Seq.of_list instepthms));
  72.118 +
  72.119 +(* inthms are the given arguments in Isar, and treated as eqstep with
  72.120 +   the first one, then the second etc *)
  72.121 +fun eqsubst_meth inthms =
  72.122 +    Method.METHOD 
  72.123 +      (fn facts =>
  72.124 +          HEADGOAL (eqsubst_tac inthms THEN' Method.insert_tac facts));
  72.125 +
  72.126 +
  72.127 +fun apply_subst_in_asm rule cfvs i th matchseq = 
  72.128 +    let 
  72.129 +      fun apply_subst ((j, pth), mseq) = 
  72.130 +          Seq.flat (Seq.map 
  72.131 +             (fn m =>
  72.132 +                 (RWInst.rw m rule pth)
  72.133 +                   |> Thm.permute_prems 0 ~1
  72.134 +                   |> IsaND.schemify_frees_to_vars cfvs
  72.135 +                   |> RWInst.beta_eta_contract_tac
  72.136 +                   |> (fn r => Tactic.dtac r i th)
  72.137 +                   |> Seq.map Drule.zero_var_indexes)
  72.138 +             mseq)
  72.139 +    in
  72.140 +      Seq.flat (Seq.map apply_subst matchseq)
  72.141 +    end;
  72.142 +
  72.143 +
  72.144 +(* substitute within an assumption of goal i of gth, using a meta
  72.145 +equation rule *)
  72.146 +fun subst_asm rule i gth = 
  72.147 +    let 
  72.148 +      val th = Thm.incr_indexes 1 gth;
  72.149 +      val tgt_term = Thm.prop_of th;
  72.150 +      val maxidx = Term.maxidx_of_term tgt_term;
  72.151 +
  72.152 +      val rule' = Drule.zero_var_indexes rule;
  72.153 +      val (lhs,_) = Logic.dest_equals (Thm.concl_of rule');
  72.154 +
  72.155 +      val sgn = Thm.sign_of_thm th;
  72.156 +      val ctermify = Thm.cterm_of sgn;
  72.157 +      val trivify = Thm.trivial o ctermify;
  72.158 +
  72.159 +      val (fixedbody, fvs) = IsaND.fix_alls_term i tgt_term;
  72.160 +      val cfvs = rev (map ctermify fvs);
  72.161 +
  72.162 +      val premthms = Seq.of_list (IsaPLib.number_list 1
  72.163 +                       (map trivify (Logic.strip_imp_prems fixedbody)));
  72.164 +      val prem_matches = 
  72.165 +          Seq.map (fn (i, pth) => 
  72.166 +                  ((i, pth), search_for_match sgn lhs maxidx 
  72.167 +                                              ((IsaFTerm.focus_right 
  72.168 +                                                o IsaFTerm.fcterm_of_term 
  72.169 +                                                o Thm.prop_of) pth)))
  72.170 +              premthms;
  72.171 +    in
  72.172 +      apply_subst_in_asm rule' cfvs i th prem_matches
  72.173 +    end;
  72.174 +
  72.175 +(* substitute using an object or meta level equality *)
  72.176 +fun eqsubst_asm_tac' instepthm i th = 
  72.177 +    let val stepthms = Seq.of_list (EqRuleData.prep_meta_eq instepthm) in
  72.178 +      Seq.flat (Seq.map (fn rule => subst_asm rule i th) stepthms)
  72.179 +    end;
  72.180 +
  72.181 +(* substitute using one of the given theorems *)
  72.182 +fun eqsubst_asm_tac instepthms i th = 
  72.183 +    Seq.flat (Seq.map (fn r => eqsubst_asm_tac' r i th) 
  72.184 +                      (Seq.of_list instepthms));
  72.185 +
  72.186 +(* inthms are the given arguments in Isar, and treated as eqstep with
  72.187 +   the first one, then the second etc *)
  72.188 +fun eqsubst_asm_meth inthms =
  72.189 +    Method.METHOD 
  72.190 +      (fn facts =>
  72.191 +          HEADGOAL (eqsubst_asm_tac inthms THEN' Method.insert_tac facts));
  72.192 +
  72.193 +(* combination method that takes a flag (true indicates that subst
  72.194 +should be done to an assumption, false = apply to the conclusion of
  72.195 +the goal) as well as the theorems to use *)
  72.196 +fun meth (asmflag, inthms) ctxt = 
  72.197 +    if asmflag then eqsubst_asm_meth inthms else eqsubst_meth inthms;
  72.198 +
  72.199 +(* syntax for options, given "(asm)" will give back true, without
  72.200 +   gives back false *)
  72.201 +val options_syntax =
  72.202 +    (Args.parens (Args.$$$ "asm") >> (K true)) ||
  72.203 +     (Scan.succeed false);
  72.204 +
  72.205 +(* method syntax, first take options, then theorems *)
  72.206 +fun meth_syntax meth src ctxt =
  72.207 +    meth (snd (Method.syntax ((Scan.lift options_syntax) 
  72.208 +                                -- Attrib.local_thms) src ctxt)) 
  72.209 +         ctxt;
  72.210 +
  72.211 +(* setup function for adding method to theory. *)
  72.212 +val setup = 
  72.213 +    [Method.add_method ("subst", meth_syntax meth, "Substiution with an equation. Use \"(asm)\" option to substitute in an assumption.")];
  72.214 +
  72.215 +end;
  72.216 \ No newline at end of file
    73.1 --- a/src/Provers/hypsubst.ML	Sun Jan 30 20:48:50 2005 +0100
    73.2 +++ b/src/Provers/hypsubst.ML	Tue Feb 01 18:01:57 2005 +0100
    73.3 @@ -247,6 +247,6 @@
    73.4  val hypsubst_setup =
    73.5   [Method.add_methods
    73.6    [("hypsubst", hyp_subst_meth, "substitution using an assumption (improper)"),
    73.7 -   ("subst", subst_meth, "substitution")]];
    73.8 +   ("simplesubst", subst_meth, "simple substitution")]];
    73.9  
   73.10  end;
    74.1 --- a/src/Pure/IsaMakefile	Sun Jan 30 20:48:50 2005 +0100
    74.2 +++ b/src/Pure/IsaMakefile	Tue Feb 01 18:01:57 2005 +0100
    74.3 @@ -23,36 +23,42 @@
    74.4  
    74.5  Pure: $(OUT)/Pure
    74.6  
    74.7 -$(OUT)/Pure: General/ROOT.ML General/buffer.ML General/file.ML			\
    74.8 -  General/graph.ML General/heap.ML General/history.ML				\
    74.9 -  General/lazy_scan.ML General/lazy_seq.ML General/name_space.ML		\
   74.10 -  General/object.ML General/output.ML General/path.ML General/position.ML	\
   74.11 -  General/pretty.ML General/scan.ML General/seq.ML General/source.ML		\
   74.12 -  General/susp.ML General/symbol.ML General/table.ML General/url.ML		\
   74.13 -  General/xml.ML Isar/ROOT.ML Isar/antiquote.ML Isar/args.ML			\
   74.14 -  Isar/attrib.ML Isar/auto_bind.ML Isar/calculation.ML Isar/constdefs.ML	\
   74.15 -  Isar/context_rules.ML Isar/induct_attrib.ML Isar/isar.ML			\
   74.16 -  Isar/isar_cmd.ML Isar/isar_output.ML Isar/isar_syn.ML Isar/isar_thy.ML	\
   74.17 -  Isar/locale.ML Isar/method.ML Isar/net_rules.ML Isar/object_logic.ML		\
   74.18 -  Isar/obtain.ML Isar/outer_lex.ML Isar/outer_parse.ML				\
   74.19 -  Isar/outer_syntax.ML Isar/proof.ML Isar/proof_context.ML			\
   74.20 -  Isar/proof_data.ML Isar/proof_history.ML Isar/rule_cases.ML			\
   74.21 -  Isar/session.ML Isar/skip_proof.ML Isar/thy_header.ML Isar/toplevel.ML	\
   74.22 -  ML-Systems/cpu-timer-basis.ML ML-Systems/cpu-timer-gc.ML			\
   74.23 -  ML-Systems/polyml.ML ML-Systems/polyml-time-limit.ML				\
   74.24 -  ML-Systems/smlnj-basis-compat.ML ML-Systems/smlnj-compiler.ML			\
   74.25 -  ML-Systems/smlnj-pp-new.ML ML-Systems/smlnj-pp-old.ML				\
   74.26 -  ML-Systems/smlnj.ML Proof/ROOT.ML Proof/extraction.ML				\
   74.27 -  Proof/proof_rewrite_rules.ML Proof/proof_syntax.ML Proof/proofchecker.ML	\
   74.28 -  Proof/reconstruct.ML ROOT.ML Syntax/ROOT.ML Syntax/ast.ML Syntax/lexicon.ML	\
   74.29 -  Syntax/mixfix.ML Syntax/parser.ML Syntax/printer.ML Syntax/syn_ext.ML		\
   74.30 -  Syntax/syn_trans.ML Syntax/syntax.ML Syntax/token_trans.ML Syntax/type_ext.ML	\
   74.31 -  Thy/ROOT.ML Thy/html.ML Thy/latex.ML Thy/present.ML Thy/thm_database.ML	\
   74.32 -  Thy/thm_deps.ML Thy/thy_info.ML Thy/thy_load.ML Thy/thy_parse.ML		\
   74.33 -  Thy/thy_scan.ML Thy/thy_syn.ML axclass.ML codegen.ML context.ML display.ML	\
   74.34 -  drule.ML envir.ML fact_index.ML goals.ML install_pp.ML library.ML logic.ML	\
   74.35 -  meta_simplifier.ML net.ML pattern.ML proof_general.ML proofterm.ML pure.ML	\
   74.36 -  pure_thy.ML search.ML sign.ML sorts.ML tactic.ML tctical.ML term.ML theory.ML	\
   74.37 +$(OUT)/Pure: General/ROOT.ML General/buffer.ML General/file.ML		\
   74.38 +  General/graph.ML General/heap.ML General/history.ML			\
   74.39 +  General/lazy_scan.ML General/lazy_seq.ML General/name_space.ML	\
   74.40 +  General/object.ML General/output.ML General/path.ML General/position.ML\
   74.41 +  General/pretty.ML General/scan.ML General/seq.ML General/source.ML	\
   74.42 +  General/susp.ML General/symbol.ML General/table.ML General/url.ML	\
   74.43 +  General/xml.ML\
   74.44 +  IsaPlanner/isaplib.ML  IsaPlanner/term_lib.ML\
   74.45 +  IsaPlanner/isa_fterm.ML IsaPlanner/upterm_lib.ML\
   74.46 +  IsaPlanner/focus_term_lib.ML\
   74.47 +  IsaPlanner/rw_tools.ML IsaPlanner/rw_inst.ML\
   74.48 +  IsaPlanner/isand.ML\
   74.49 +  Isar/ROOT.ML Isar/antiquote.ML Isar/args.ML		\
   74.50 +  Isar/attrib.ML Isar/auto_bind.ML Isar/calculation.ML Isar/constdefs.ML\
   74.51 +  Isar/context_rules.ML Isar/induct_attrib.ML Isar/isar.ML		\
   74.52 +  Isar/isar_cmd.ML Isar/isar_output.ML Isar/isar_syn.ML Isar/isar_thy.ML\
   74.53 +  Isar/locale.ML Isar/method.ML Isar/net_rules.ML Isar/object_logic.ML	\
   74.54 +  Isar/obtain.ML Isar/outer_lex.ML Isar/outer_parse.ML			\
   74.55 +  Isar/outer_syntax.ML Isar/proof.ML Isar/proof_context.ML		\
   74.56 +  Isar/proof_data.ML Isar/proof_history.ML Isar/rule_cases.ML		\
   74.57 +  Isar/session.ML Isar/skip_proof.ML Isar/thy_header.ML Isar/toplevel.ML\
   74.58 +  ML-Systems/cpu-timer-basis.ML ML-Systems/cpu-timer-gc.ML		\
   74.59 +  ML-Systems/polyml.ML ML-Systems/polyml-time-limit.ML			\
   74.60 +  ML-Systems/smlnj-basis-compat.ML ML-Systems/smlnj-compiler.ML		\
   74.61 +  ML-Systems/smlnj-pp-new.ML ML-Systems/smlnj-pp-old.ML			\
   74.62 +  ML-Systems/smlnj.ML Proof/ROOT.ML Proof/extraction.ML			\
   74.63 +  Proof/proof_rewrite_rules.ML Proof/proof_syntax.ML Proof/proofchecker.ML\
   74.64 +  Proof/reconstruct.ML ROOT.ML Syntax/ROOT.ML Syntax/ast.ML Syntax/lexicon.ML\
   74.65 +  Syntax/mixfix.ML Syntax/parser.ML Syntax/printer.ML Syntax/syn_ext.ML	\
   74.66 +  Syntax/syn_trans.ML Syntax/syntax.ML Syntax/token_trans.ML Syntax/type_ext.ML\
   74.67 +  Thy/ROOT.ML Thy/html.ML Thy/latex.ML Thy/present.ML Thy/thm_database.ML\
   74.68 +  Thy/thm_deps.ML Thy/thy_info.ML Thy/thy_load.ML Thy/thy_parse.ML	\
   74.69 +  Thy/thy_scan.ML Thy/thy_syn.ML axclass.ML codegen.ML context.ML display.ML\
   74.70 +  drule.ML envir.ML fact_index.ML goals.ML install_pp.ML library.ML logic.ML\
   74.71 +  meta_simplifier.ML net.ML pattern.ML proof_general.ML proofterm.ML pure.ML\
   74.72 +  pure_thy.ML search.ML sign.ML sorts.ML tactic.ML tctical.ML term.ML theory.ML\
   74.73    theory_data.ML thm.ML type.ML type_infer.ML unify.ML
   74.74  	@./mk
   74.75  
    75.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    75.2 +++ b/src/Pure/IsaPlanner/ROOT.ML	Tue Feb 01 18:01:57 2005 +0100
    75.3 @@ -0,0 +1,15 @@
    75.4 +(*  ID:         $Id$
    75.5 +    Author:     Lucas Dixon, University of Edinburgh
    75.6 +                lucasd@dai.ed.ac.uk
    75.7 +
    75.8 +The IsaPlanner subsystem.
    75.9 +*)
   75.10 +
   75.11 +use "isand.ML";
   75.12 +use "isaplib.ML";
   75.13 +use "term_lib.ML";
   75.14 +use "upterm_lib.ML";
   75.15 +use "focus_term_lib.ML";
   75.16 +use "rw_tools.ML";
   75.17 +use "rw_inst.ML";
   75.18 +use "isa_fterm.ML";
    76.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    76.2 +++ b/src/Pure/IsaPlanner/focus_term_lib.ML	Tue Feb 01 18:01:57 2005 +0100
    76.3 @@ -0,0 +1,379 @@
    76.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    76.5 +(*  Title:      libs/focus_term_lib.ML
    76.6 +    Author:     Lucas Dixon, University of Edinburgh
    76.7 +                lucasd@dai.ed.ac.uk
    76.8 +    Date:       16 April 2003
    76.9 +*)
   76.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   76.11 +(*  DESCRIPTION:
   76.12 +
   76.13 +    Generic Foucs terms (like Zippers), which allows modification and
   76.14 +    manipulation of term keeping track of how we got to the position
   76.15 +    in the term. We provide a signature for terms, ie any kind of
   76.16 +    lamda calculus with abs and application, and some notion of types
   76.17 +    and naming of abstracted vars. 
   76.18 +
   76.19 +    FIXME: at some point in the future make a library to work simply
   76.20 +    with polymorphic upterms - that way if I want to use them without
   76.21 +    the focus part, then I don't need to include all the focus stuff.
   76.22 +
   76.23 +*)   
   76.24 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   76.25 +
   76.26 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   76.27 +
   76.28 +(*  to endoce and decode general terms into the type needed by focus
   76.29 +term, this is an easy thing to write, but needs to be done for each
   76.30 +type that is going to be used with focus terms. *)
   76.31 +
   76.32 +signature F_ENCODE_TERM_SIG = 
   76.33 +sig
   76.34 +
   76.35 +  type term (* type of term to be encoded into TermT for focus term manip *)
   76.36 +  type TypeT (* type annotation for abstractions *)
   76.37 +  type LeafT (* type for other leaf types in term sturcture *)
   76.38 +
   76.39 +  (* the type to be encoded into *)
   76.40 +  datatype TermT = $ of TermT * TermT
   76.41 +    | Abs of string * TypeT * TermT
   76.42 +    | lf of LeafT
   76.43 +
   76.44 +  (* the encode and decode functions *)
   76.45 +  val fakebounds : string * TypeT -> term -> term
   76.46 +  val encode : term -> TermT
   76.47 +  val decode : TermT -> term
   76.48 +
   76.49 +end;
   76.50 +
   76.51 +
   76.52 +
   76.53 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   76.54 +signature FOCUS_TERM_SIG = 
   76.55 +sig
   76.56 +     structure MinTermS : F_ENCODE_TERM_SIG
   76.57 +
   76.58 +     exception focus_term_exp of string;
   76.59 +     exception out_of_term_exception of string;
   76.60 +
   76.61 +     type Term = MinTermS.TermT;
   76.62 +     type Type = MinTermS.TypeT;
   76.63 +
   76.64 +     type UpTerm = (Term,Type) UpTermLib.T;
   76.65 +
   76.66 +(*   datatype
   76.67 +       UpTerm =
   76.68 +           abs of string * Type * UpTerm
   76.69 +         | appl of Term * UpTerm
   76.70 +         | appr of Term * UpTerm
   76.71 +         | root *)
   76.72 +
   76.73 +     datatype FcTerm = focus of Term * UpTerm
   76.74 +
   76.75 +     (* translating *)
   76.76 +     val fcterm_of_term : MinTermS.term -> FcTerm
   76.77 +     val term_of_fcterm : FcTerm -> MinTermS.term
   76.78 +
   76.79 +     (* editing/constrution *)
   76.80 +     val enc_appl : (MinTermS.term * UpTerm) -> UpTerm
   76.81 +     val enc_appr : (MinTermS.term * UpTerm) -> UpTerm
   76.82 +
   76.83 +     (* upterm creatioin *)
   76.84 +     val upterm_of : FcTerm -> UpTerm
   76.85 +     val add_upterm : UpTerm -> FcTerm -> FcTerm
   76.86 +     val mk_term_of_upterm : (MinTermS.term * UpTerm) -> MinTermS.term
   76.87 +     val mk_termf_of_upterm : UpTerm -> 
   76.88 +            (((string * Type) list) * 
   76.89 +             (MinTermS.term -> MinTermS.term))
   76.90 +     val pure_mk_termf_of_upterm : (MinTermS.term, Type) UpTermLib.T -> 
   76.91 +                                   (((string * Type) list) * 
   76.92 +                                    (MinTermS.term -> MinTermS.term))
   76.93 +
   76.94 +     (* focusing, throws exceptions *)
   76.95 +     val focus_bot_left_leaf : FcTerm -> FcTerm
   76.96 +     val focus_left : FcTerm -> FcTerm
   76.97 +     val focus_right : FcTerm -> FcTerm
   76.98 +     val focus_abs : FcTerm -> FcTerm
   76.99 +     val focus_fake_abs : FcTerm -> FcTerm
  76.100 +     val focus_to_top : FcTerm -> FcTerm
  76.101 +     val focus_up : FcTerm -> FcTerm
  76.102 +     val focus_up_right : FcTerm -> FcTerm
  76.103 +     val focus_up_right1 : FcTerm -> FcTerm
  76.104 +
  76.105 +     (* optional focus changes *)
  76.106 +     val focus_up_abs : FcTerm -> FcTerm option
  76.107 +     val focus_up_appr : FcTerm -> FcTerm option
  76.108 +     val focus_up_appl : FcTerm -> FcTerm option
  76.109 +     val focus_up_abs_or_appr : FcTerm -> FcTerm option
  76.110 +
  76.111 +     val tyenv_of_focus : FcTerm -> (string * Type) list
  76.112 +     val tyenv_of_focus' : FcTerm -> Type list
  76.113 +
  76.114 +     (* set/get the focus term *)
  76.115 +     val set_focus_of_fcterm : FcTerm -> MinTermS.term -> FcTerm
  76.116 +     val focus_of_fcterm : FcTerm -> MinTermS.term
  76.117 +
  76.118 +     (* leaf navigation *) 
  76.119 +     val leaf_seq_of_fcterm : FcTerm -> FcTerm Seq.seq
  76.120 +     val next_leaf_fcterm : FcTerm -> FcTerm
  76.121 +     val next_leaf_of_fcterm_seq : FcTerm -> FcTerm Seq.seq
  76.122 +
  76.123 +     (* analysis *)
  76.124 +     val upsize_of_fcterm : FcTerm -> int
  76.125 +     val pretty_fcterm : FcTerm -> Pretty.T
  76.126 +end;
  76.127 +
  76.128 +
  76.129 +
  76.130 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  76.131 +(* 
  76.132 +
  76.133 +   NOTE!!! I think this can be done in a purely functional way with a
  76.134 +   pair of a term (the focus) and a function, that when applied
  76.135 +   unfocuses one level... maybe think about this as it would be a very
  76.136 +   nice generic consrtuction, without the need for encoding/decoding
  76.137 +   strutcures.
  76.138 +
  76.139 +*)
  76.140 +functor FocusTermFUN(structure EncodeTerm : F_ENCODE_TERM_SIG)
  76.141 +  : FOCUS_TERM_SIG = 
  76.142 +struct
  76.143 +
  76.144 +structure MinTermS = EncodeTerm;
  76.145 +
  76.146 +local open MinTermS open UpTermLib in
  76.147 +
  76.148 +  type Term = MinTermS.TermT;
  76.149 +  type Type = MinTermS.TypeT;
  76.150 +
  76.151 +  exception focus_term_exp of string;
  76.152 +  exception out_of_term_exception of string;
  76.153 +
  76.154 +  infix 9 $
  76.155 +
  76.156 +  (* datatype to hold a term tree and the path to where you are in the term *)
  76.157 +(*   datatype UpTerm = root
  76.158 +                  | appl of (Term * UpTerm)
  76.159 +                  | appr of (Term * UpTerm)
  76.160 +                  | abs of (string * Type * UpTerm); *)
  76.161 +
  76.162 +  type UpTerm = (Term,Type) UpTermLib.T;
  76.163 +
  76.164 +  fun enc_appl (t,u) = appl((MinTermS.encode t),u);
  76.165 +  fun enc_appr (t,u) = appr((MinTermS.encode t),u);
  76.166 +
  76.167 +  datatype FcTerm = focus of (Term * UpTerm);
  76.168 +
  76.169 +  (* the the term of the upterm *)
  76.170 +  fun mk_term_of_upt_aux (t, root) = MinTermS.decode t
  76.171 +    | mk_term_of_upt_aux (t, appl (l,m)) =  mk_term_of_upt_aux(l$t, m)
  76.172 +    | mk_term_of_upt_aux (t, appr (r,m)) =  mk_term_of_upt_aux(t$r, m)
  76.173 +    | mk_term_of_upt_aux (t, abs (s,ty,m)) = mk_term_of_upt_aux(Abs(s,ty,t),m);
  76.174 +
  76.175 +  fun mk_term_of_upterm (t, ut) = mk_term_of_upt_aux (MinTermS.encode t, ut);
  76.176 +
  76.177 +  (* a function version of the above, given an upterm it returns:
  76.178 +     a function on that given a term puts it in the context of the upterm,
  76.179 +     and a list of bound variables that are in the upterm, added as 
  76.180 +     we go up - so in reverse order from that typiclaly used by top-down
  76.181 +     parsing of terms. *)
  76.182 +  fun mk_termf_of_upt_aux (f, bs, root) = 
  76.183 +      (bs, fn t => MinTermS.decode (f t))
  76.184 +    | mk_termf_of_upt_aux (f, bs, appl (l,m)) =  
  76.185 +      mk_termf_of_upt_aux (fn t => l $ (f t), bs, m)
  76.186 +    | mk_termf_of_upt_aux (f, bs, appr (r,m)) =  
  76.187 +      mk_termf_of_upt_aux (fn t => (f t) $ r, bs, m)
  76.188 +    | mk_termf_of_upt_aux (f, bs, abs (s,ty,m)) = 
  76.189 +      mk_termf_of_upt_aux (fn t => Abs(s,ty,(f t)), (s,ty)::bs, m);
  76.190 +
  76.191 +  fun mk_termf_of_upterm ut = mk_termf_of_upt_aux (MinTermS.encode, [], ut);
  76.192 +
  76.193 + 
  76.194 +  fun upterm_of (focus(t, u)) = u;
  76.195 +
  76.196 +  (* put a new upterm at the start of our current term *)
  76.197 +  fun add_upterm u2 (focus(t, u)) = focus(t, UpTermLib.apply u2 u);
  76.198 +
  76.199 +
  76.200 +  (* As above but work on the pure originial upterm type *)
  76.201 +  fun pure_mk_termf_of_upterm ut = 
  76.202 +      mk_termf_of_upt_aux 
  76.203 +        (encode, [], (map_to_upterm_parts (encode, I) ut));
  76.204 +
  76.205 +  fun fcterm_of_term t = focus(encode t, root);
  76.206 +
  76.207 +  fun term_of_fcterm (focus (t, m)) = mk_term_of_upt_aux (t, m);
  76.208 +
  76.209 +(*  fun term_of_fcterm (focus (t, root)) = mk_term_of_upt_aux (t, root)
  76.210 +    | term_of_fcterm _ = raise focus_term_exp "term_of_fcterm: something bad has happened here."; *)
  76.211 +
  76.212 +  fun focus_of_fcterm (focus(t, _)) = MinTermS.decode t;
  76.213 +
  76.214 +  (* replace the focus term with a new term... *)
  76.215 +  fun set_focus_of_fcterm (focus(_, m)) nt = focus(MinTermS.encode nt, m);
  76.216 +
  76.217 +  fun focus_left (focus(a $ b, m)) = focus(a, appr(b, m))
  76.218 +    | focus_left (focus(Abs(s,ty,t), m)) = focus_left (focus(t, abs(s,ty,m)))
  76.219 +    | focus_left (focus(l, m)) = raise out_of_term_exception "focus_left";
  76.220 +
  76.221 +(* Note: ":" is standard for faked bound vars... see: EQStepTacTermTools *)
  76.222 +  fun focus_fake_abs (focus(Abs(s,ty,t), m)) = 
  76.223 +      let val t' = MinTermS.encode (fakebounds (s,ty) (MinTermS.decode t))
  76.224 +      in focus(t', abs(s,ty,m)) end
  76.225 +    | focus_fake_abs (focus(l, m)) = raise out_of_term_exception "focus_fake_abs";
  76.226 +
  76.227 +  fun focus_abs (focus(Abs(s,ty,t), m)) = focus(t, abs(s,ty,m))
  76.228 +    | focus_abs (focus(l, m)) = raise out_of_term_exception "focus_abs";
  76.229 +
  76.230 +
  76.231 +  fun focus_right (focus(a $ b, m)) = focus(b, appl(a, m))
  76.232 +    | focus_right (focus(Abs(s,ty,t), m)) = focus_right (focus(t, abs(s,ty,m)))
  76.233 +    | focus_right (focus(l, m)) = raise out_of_term_exception "focus_right";
  76.234 +
  76.235 +  fun focus_up (focus(t, appl(l,m))) = focus(l$t, m)
  76.236 +    | focus_up (focus(t, appr(r,m))) = focus(t$r, m)
  76.237 +    | focus_up (focus(t, abs(s,ty,m))) = focus_up (focus(Abs(s,ty,t), m))
  76.238 +    | focus_up (focus(t, root)) = raise out_of_term_exception "focus_up";
  76.239 +
  76.240 +  fun focus_to_top t = 
  76.241 +    focus_to_top (focus_up t) handle out_of_term_exception _ => t;
  76.242 +
  76.243 +  (* focus up until you can move right, and then do so *)
  76.244 +  fun focus_up_right (focus(t, appl(l,m))) = 
  76.245 +      focus_up_right (focus(l$t, m))
  76.246 +    | focus_up_right (focus(t, appr(r,m))) = 
  76.247 +      focus(r, appl(t,m))
  76.248 +    | focus_up_right (focus(t, abs(s,ty,m))) = 
  76.249 +      focus_up_right (focus(Abs(s,ty,t), m))
  76.250 +    | focus_up_right (focus(t, root)) = 
  76.251 +      raise out_of_term_exception "focus_up_right";
  76.252 +
  76.253 +  (* as above, but do not move up over a left application *)
  76.254 +  fun focus_up_right1 (focus(t, appl(l,m))) = 
  76.255 +      raise out_of_term_exception "focus_up_right1"
  76.256 +    | focus_up_right1 (focus(t, appr(r,m))) = 
  76.257 +      focus(r, appl(t,m))
  76.258 +    | focus_up_right1 (focus(t, abs(s,ty,m))) = 
  76.259 +      focus_up_right (focus(Abs(s,ty,t), m))
  76.260 +    | focus_up_right1 (focus(t, root)) = 
  76.261 +      raise out_of_term_exception "focus_up_right1";
  76.262 +
  76.263 +  (* move focus to the bottom left *)
  76.264 +  fun focus_bot_left_leaf (ft as focus(t, _)) = 
  76.265 +        focus_bot_left_leaf (focus_left ft) 
  76.266 +        handle out_of_term_exception  _=> ft;
  76.267 +
  76.268 +  (* focus tools for working directly with the focus representation *)
  76.269 +  fun focus_up_appr (focus(t, appl(l,m))) = None
  76.270 +    | focus_up_appr (focus(t, appr(r,m))) = Some (focus(t$r, m))
  76.271 +    | focus_up_appr (focus(t, abs(s,ty,m))) = None
  76.272 +    | focus_up_appr (focus(t, root)) = None;
  76.273 +
  76.274 +  fun focus_up_appl (focus(t, appl(l,m))) = Some (focus(l$t, m))
  76.275 +    | focus_up_appl (focus(t, appr(r,m))) = None
  76.276 +    | focus_up_appl (focus(t, abs(s,ty,m))) = None
  76.277 +    | focus_up_appl (focus(t, root)) = None;
  76.278 +
  76.279 +  fun focus_up_abs (focus(t, appl(l,m))) = None
  76.280 +    | focus_up_abs (focus(t, appr(r,m))) = None
  76.281 +    | focus_up_abs (focus(t, abs(s,ty,m))) = 
  76.282 +      Some (focus_up (focus(Abs(s,ty,t), m)))
  76.283 +    | focus_up_abs (focus(t, root)) = None;
  76.284 +
  76.285 +  fun focus_up_abs_or_appr (focus(t, appl(l,m))) = None
  76.286 +    | focus_up_abs_or_appr (focus(t, appr(r,m))) = Some (focus(t$r, m))
  76.287 +    | focus_up_abs_or_appr (focus(t, abs(s,ty,m))) = 
  76.288 +      Some (focus_up (focus(Abs(s,ty,t), m)))
  76.289 +    | focus_up_abs_or_appr (focus(t, root)) = None;
  76.290 +
  76.291 +
  76.292 +  fun tyenv_of_focus (focus(t, u)) = tyenv_of_upterm u;
  76.293 +  fun tyenv_of_focus' (focus(t, u)) = tyenv_of_upterm' u;
  76.294 +
  76.295 +  (* return the Term.type of the focus term, computes bound vars type,
  76.296 +     does a quick check only. *)
  76.297 +(*  fun fastype_of_focus (focus(t, m)) = 
  76.298 +       let 
  76.299 +         fun boundtypes_of_upterm (abs(s,ty,m)) = 
  76.300 +         ty::(boundtypes_of_upterm m)
  76.301 +           | boundtypes_of_upterm (appl(t,m)) = 
  76.302 +         boundtypes_of_upterm m
  76.303 +           | boundtypes_of_upterm (appr(t,m)) = 
  76.304 +         boundtypes_of_upterm m
  76.305 +           | boundtypes_of_upterm (root) = []
  76.306 +       in
  76.307 +         fastype_of1 ((boundtypes_of_upterm m), t)
  76.308 +       end; *)
  76.309 +
  76.310 +  (* gets the next left hand side term, or throws an exception *)
  76.311 +  fun next_leaf_fcterm ft = focus_bot_left_leaf (focus_up_right ft);
  76.312 +
  76.313 +  fun next_leaf_of_fcterm_seq_aux t () = 
  76.314 +    let val nextt = next_leaf_fcterm t
  76.315 +    in 
  76.316 +        Some (nextt, Seq.make (next_leaf_of_fcterm_seq_aux nextt))
  76.317 +    end handle out_of_term_exception _ => None;
  76.318 +
  76.319 +  (* sequence of next upterms from start upterm... 
  76.320 +     ie a sequence of all leafs after this one*)
  76.321 +  fun next_leaf_of_fcterm_seq in_t = 
  76.322 +    Seq.make (next_leaf_of_fcterm_seq_aux in_t);
  76.323 +
  76.324 +  (* returns a sequence of all leaf up terms from term, ie DFS on 
  76.325 +   leafs of term, ie uses time O(n), n = sizeof term. *)
  76.326 +  fun leaf_seq_of_fcterm in_t = 
  76.327 +    let 
  76.328 +      val botleft = (focus_bot_left_leaf in_t)
  76.329 +    in
  76.330 +      Seq.cons (botleft, (Seq.make (next_leaf_of_fcterm_seq_aux botleft)) )
  76.331 +    end;
  76.332 +
  76.333 +
  76.334 +  fun upsize_of_fcterm (focus(t, ut)) = upsize_of_upterm ut;
  76.335 +
  76.336 +  fun pretty_fcterm ft = Pretty.str "no yet implemented";
  76.337 +
  76.338 +end; (* local *)
  76.339 +
  76.340 +end; (* functor *)
  76.341 +
  76.342 +
  76.343 +
  76.344 +
  76.345 +
  76.346 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  76.347 +(* focus term encoding sturcture for isabelle terms *)
  76.348 +structure EncodeIsaFTerm : F_ENCODE_TERM_SIG = 
  76.349 +struct
  76.350 +  infix 9 $;
  76.351 +
  76.352 +  type term = Term.term;
  76.353 +
  76.354 +  type TypeT = Term.typ;
  76.355 +
  76.356 +  datatype LeafT = lConst of string * Term.typ
  76.357 +     | lVar of ((string * int) * Term.typ)
  76.358 +     | lFree of (string * Term.typ)
  76.359 +     | lBound of int;
  76.360 +
  76.361 +  datatype TermT = op $ of TermT * TermT
  76.362 +    | Abs of string * TypeT * TermT
  76.363 +    | lf of LeafT;
  76.364 +
  76.365 +  fun fakebounds (s, ty) t = subst_bound (Free(":" ^ s, ty), t);
  76.366 +
  76.367 +  fun encode (Term.$(a,b)) = (encode a) $ (encode b)
  76.368 +    | encode (Term.Abs(s,ty,t)) = Abs(s,ty,(encode t))
  76.369 +    | encode (Term.Const(s,ty)) = lf(lConst(s,ty))
  76.370 +    | encode (Term.Var((s,i),ty)) = lf(lVar((s,i),ty))
  76.371 +    | encode (Term.Free(s,ty)) = lf(lFree(s,ty))
  76.372 +    | encode (Term.Bound i) = lf(lBound i);
  76.373 +
  76.374 +  fun decode (a $ b) = Term.$(decode a, decode b)
  76.375 +    | decode (Abs(s,ty,t)) = (Term.Abs(s,ty,decode t))
  76.376 +    | decode (lf(lConst(s,ty))) = Term.Const(s,ty)
  76.377 +    | decode (lf(lVar((s,i),ty))) = Term.Var((s,i),ty)
  76.378 +    | decode (lf(lFree(s,ty))) = (Term.Free(s,ty))
  76.379 +    | decode (lf(lBound i)) = (Term.Bound i);
  76.380 +
  76.381 +end;
  76.382 +
    77.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    77.2 +++ b/src/Pure/IsaPlanner/isa_fterm.ML	Tue Feb 01 18:01:57 2005 +0100
    77.3 @@ -0,0 +1,368 @@
    77.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    77.5 +(*  Title:      libs/isa_fterm.ML
    77.6 +    Author:     Lucas Dixon, University of Edinburgh
    77.7 +                lucasd@dai.ed.ac.uk
    77.8 +    Date:       16 April 2003
    77.9 +*)
   77.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   77.11 +(*  DESCRIPTION:
   77.12 +
   77.13 +    Generic Foucs terms (like Zippers) instantiation for Isabelle terms. 
   77.14 +
   77.15 +*)   
   77.16 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   77.17 +
   77.18 +signature ISA_ENCODE_TERM = 
   77.19 +  F_ENCODE_TERM_SIG
   77.20 +    where type term = Term.term type TypeT = Term.typ;
   77.21 +
   77.22 +
   77.23 +(* signature BASIC_ISA_FTERM = 
   77.24 +FOCUS_TERM_SIG where type Term = ISA_ENCODE_TERM.Term *)
   77.25 +
   77.26 +(* 
   77.27 +signature ISA_FTERM =
   77.28 +sig
   77.29 +  include F_ENCODE_TERM_SIG
   77.30 +
   77.31 +    val clean_match_ft :
   77.32 +       Type.tsig ->
   77.33 +       FcTerm ->
   77.34 +       Term.term ->
   77.35 +       (
   77.36 +       ((Term.indexname * Term.typ) list * (Term.indexname * Term.term) list)
   77.37 +       * (string * Type) list * Term.term) Library.option
   77.38 +    val clean_unify_ft :
   77.39 +       Sign.sg ->
   77.40 +       int ->
   77.41 +       FcTerm ->
   77.42 +       Term.term ->
   77.43 +       (
   77.44 +       ((Term.indexname * Term.typ) list * (Term.indexname * Term.term) list)
   77.45 +       * (string * Type) list * Term.term) Seq.seq
   77.46 +    val fakefree_badbounds :
   77.47 +       (string * Term.typ) list -> int -> Term.term -> Term.term
   77.48 +    val find_fcterm_matches :
   77.49 +       ((FcTerm -> 'a) -> FcTerm -> 'b) ->
   77.50 +       (FcTerm -> 'a) -> FcTerm -> 'b
   77.51 +    val find_sg_concl_matches :
   77.52 +       ((FcTerm -> 'a) -> FcTerm -> 'b) ->
   77.53 +       (FcTerm -> 'a) -> int -> EncodeIsaFTerm.term -> 'b
   77.54 +    val find_sg_concl_thm_matches :
   77.55 +       ((FcTerm -> 'a) -> FcTerm -> 'b) ->
   77.56 +       (FcTerm -> 'a) -> int -> Thm.thm -> 'b
   77.57 +    val find_sg_matches :
   77.58 +       ((FcTerm -> 'a) -> FcTerm -> 'b) ->
   77.59 +       (FcTerm -> 'a) -> int -> EncodeIsaFTerm.term -> 'b
   77.60 +    val find_sg_thm_matches :
   77.61 +       ((FcTerm -> 'a) -> FcTerm -> 'b) ->
   77.62 +       (FcTerm -> 'a) -> int -> Thm.thm -> 'b
   77.63 +    val focus_to_concl : FcTerm -> FcTerm
   77.64 +    val focus_to_concl_of_term : EncodeIsaFTerm.term -> FcTerm
   77.65 +    val focus_to_subgoal :
   77.66 +       int -> FcTerm -> FcTerm
   77.67 +    val focus_to_subgoal_of_term :
   77.68 +       int -> EncodeIsaFTerm.term -> FcTerm
   77.69 +    val focus_to_term_goal_prem :
   77.70 +       int * int -> EncodeIsaFTerm.term -> FcTerm
   77.71 +    val focuseq_to_subgoals :
   77.72 +       FcTerm -> FcTerm Seq.seq
   77.73 +    exception isa_focus_term_exp of string
   77.74 +    val mk_foo_match :
   77.75 +       (Term.term -> Term.term) ->
   77.76 +       ('a * Term.typ) list -> Term.term -> Term.term
   77.77 +    val prepmatch :
   77.78 +       FcTerm ->
   77.79 +       Term.term * ((string * Type) list * Term.term)
   77.80 +    val search_bl_ru_f :
   77.81 +       (FcTerm -> 'a Seq.seq) ->
   77.82 +       FcTerm -> 'a Seq.seq
   77.83 +    val search_bl_ur_f :
   77.84 +       (FcTerm -> 'a Seq.seq) ->
   77.85 +       FcTerm -> 'a Seq.seq
   77.86 +    val valid_match_start : FcTerm -> bool
   77.87 +
   77.88 +end *)
   77.89 +
   77.90 +structure BasicIsaFTerm = 
   77.91 +FocusTermFUN( structure EncodeTerm = EncodeIsaFTerm);
   77.92 +
   77.93 +(* HOL Dependent *)
   77.94 +structure IsaFTerm =
   77.95 +struct 
   77.96 +
   77.97 +(* include BasicIsaFTerm *)
   77.98 +(* open FocusTermFUN( structure EncodeTerm = EncodeIsaFTerm ); *)
   77.99 +
  77.100 +open BasicIsaFTerm;
  77.101 +
  77.102 +
  77.103 +(* Some general search within a focus term... *)
  77.104 +
  77.105 +(* Note: only upterms with a free or constant are going to yeald a
  77.106 +match, thus if we get anything else (bound or var) skip it! This is
  77.107 +important if we switch to a unification net! in particular to avoid
  77.108 +vars. *)
  77.109 +
  77.110 +fun valid_match_start ft =
  77.111 +    (case TermLib.bot_left_leaf_of (focus_of_fcterm ft) of 
  77.112 +       Const _ => true
  77.113 +     | Free _ =>  true
  77.114 +     | Abs _ =>  true
  77.115 +     | _ => false);
  77.116 +
  77.117 +(* match starting at the bottom left, moving up to top of the term,
  77.118 +   then moving right to the next leaf and up again etc *)
  77.119 +(* FIXME: make properly lazy! *)
  77.120 +fun search_nonvar_bl_ur_f f ft = 
  77.121 +    let 
  77.122 +      val fts = 
  77.123 +          Seq.filter valid_match_start
  77.124 +                     (leaf_seq_of_fcterm ft)
  77.125 +
  77.126 +      fun mk_match_up_seq ft =
  77.127 +          case focus_up_abs_or_appr ft of 
  77.128 +            Some ft' => Seq.append(f ft, mk_match_up_seq ft')
  77.129 +          | None => f ft
  77.130 +    in
  77.131 +      Seq.flat (Seq.map mk_match_up_seq fts)
  77.132 +    end;
  77.133 +
  77.134 +fun search_bl_ur_f f ft = 
  77.135 +    let 
  77.136 +      val fts = (leaf_seq_of_fcterm ft)
  77.137 +
  77.138 +      fun mk_match_up_seq ft =
  77.139 +          case focus_up_abs_or_appr ft of 
  77.140 +            Some ft' => Seq.append(f ft, mk_match_up_seq ft')
  77.141 +          | None => f ft
  77.142 +    in
  77.143 +      Seq.flat (Seq.map mk_match_up_seq fts)
  77.144 +    end;
  77.145 +
  77.146 +
  77.147 +(* FIXME: make properly lazy! *)
  77.148 +(* FIXME: make faking of bound vars local - for speeeeed *)
  77.149 +fun search_nonvar_bl_ru_f f ft = 
  77.150 +    let
  77.151 +      fun mauxtop ft = 
  77.152 +          if (valid_match_start ft)
  77.153 +            then maux ft else Seq.empty
  77.154 +      and maux ft = 
  77.155 +          let val t' = (focus_of_fcterm ft) 
  77.156 +          (* val _ = writeln ("Examining: " ^ (TermLib.string_of_term t')) *)
  77.157 +          in 
  77.158 +          (case t' of 
  77.159 +            (_ $ _) => Seq.append (maux (focus_left ft), 
  77.160 +                         Seq.append(mauxtop (focus_right ft), 
  77.161 +                                    f ft))
  77.162 +          | (Abs _) => Seq.append (maux (focus_abs ft), 
  77.163 +                                   f ft)
  77.164 +          | leaf => f ft) end
  77.165 +    in
  77.166 +      mauxtop ft
  77.167 +    end;
  77.168 +
  77.169 +
  77.170 +fun search_bl_ru_f f ft = 
  77.171 +    let
  77.172 +      fun maux ft = 
  77.173 +          let val t' = (focus_of_fcterm ft) 
  77.174 +          (*   val _ = writeln ("Examining: " ^ (TermLib.string_of_term t')) *)
  77.175 +          in 
  77.176 +          (case t' of 
  77.177 +            (_ $ _) => Seq.append (maux (focus_left ft), 
  77.178 +                         Seq.append(maux (focus_right ft), 
  77.179 +                                    f ft))
  77.180 +          | (Abs _) => Seq.append (maux (focus_abs ft), 
  77.181 +                                   f ft)
  77.182 +          | leaf => f ft) end
  77.183 +    in maux ft end;
  77.184 +
  77.185 +
  77.186 +
  77.187 +exception isa_focus_term_exp of string;
  77.188 +
  77.189 +
  77.190 +fun focus_to_dest_impl ft = 
  77.191 +    let val (lhs, rhs) = 
  77.192 +            Logic.dest_implies (focus_of_fcterm ft) 
  77.193 +    in (focus_left ft, focus_right ft) end
  77.194 +    handle Term.TERM _ => 
  77.195 +           raise isa_focus_term_exp 
  77.196 +                   "focus_to_dest_impl: applied to non implication";
  77.197 +
  77.198 +
  77.199 +(* move focus to the conlusion *)
  77.200 +fun focus_to_concl ft = 
  77.201 +    let val (lhs, rhs) = 
  77.202 +            Logic.dest_implies (focus_of_fcterm ft) 
  77.203 +    in focus_to_concl (focus_right ft) end
  77.204 +    handle Term.TERM _ =>  ft;
  77.205 +
  77.206 +val focus_to_concl_of_term = focus_to_concl o fcterm_of_term;
  77.207 +
  77.208 +
  77.209 +
  77.210 +(* give back sequence of focuses at different subgoals *)
  77.211 +(* FIXME: make truly lazy *)
  77.212 +fun focuseq_to_subgoals ft = 
  77.213 +    if (Logic.is_implies (focus_of_fcterm ft)) then 
  77.214 +      Seq.cons (focus_right (focus_left ft), focuseq_to_subgoals (focus_right ft))
  77.215 +    else
  77.216 +      Seq.empty;
  77.217 +
  77.218 +(* move focus to a specific subgoal, 0 is first  *)
  77.219 +fun focus_to_subgoal j ft = 
  77.220 +    let fun focus_to_subgoal' (ft, 0) = 
  77.221 +            let val (lhs, rhs) = Logic.dest_implies (focus_of_fcterm ft) 
  77.222 +            in ft |> focus_left |> focus_right end
  77.223 +          | focus_to_subgoal' (ft, i) = 
  77.224 +            let val (lhs, rhs) = Logic.dest_implies (focus_of_fcterm ft) 
  77.225 +            in focus_to_subgoal' (focus_right ft, i - 1) end
  77.226 +    in focus_to_subgoal' (ft, j - 1) end
  77.227 +    handle Term.TERM _ => 
  77.228 +           raise isa_focus_term_exp 
  77.229 +                   ("focus_to_subgoal: No such subgoal: " ^ 
  77.230 +                    (string_of_int j));
  77.231 +
  77.232 +fun focus_to_subgoal_of_term i t = 
  77.233 +    focus_to_subgoal i (fcterm_of_term t)
  77.234 +
  77.235 +(* move focus to a specific premise *)
  77.236 +(* fun focus_past_params i ft = 
  77.237 +    (focus_to_subgoal (focus_right ft, i))
  77.238 +    handle isa_focus_term_exp _ => 
  77.239 +           raise isa_focus_term_exp 
  77.240 +             ("focus_to_prmise: No such premise: " ^ (string_of_int i)); *)
  77.241 +
  77.242 +fun focus_to_term_goal_prem (premid,gaolid) t = 
  77.243 +    focus_to_subgoal premid (focus_to_subgoal_of_term gaolid t);
  77.244 +
  77.245 +
  77.246 +
  77.247 +
  77.248 +(* T is outer bound vars, n is number of locally bound vars *)
  77.249 +fun fakefree_badbounds T n (a $ b) = 
  77.250 +    (fakefree_badbounds T n a) $ (fakefree_badbounds T n b)
  77.251 +  | fakefree_badbounds T n (Abs(s,ty,t)) =  
  77.252 +    Abs(s,ty, fakefree_badbounds T (n + 1) t)
  77.253 +  | fakefree_badbounds T n (b as Bound i) = 
  77.254 +    let fun mkfake_bound j [] = 
  77.255 +            raise ERROR_MESSAGE "fakefree_badbounds: bound is outside of the known types!"
  77.256 +          | mkfake_bound 0 ((s,ty)::Ts) = 
  77.257 +            Free (RWTools.mk_fake_bound_name s,ty)
  77.258 +          | mkfake_bound j (d::Ts) = mkfake_bound (j - 1) Ts
  77.259 +    in if n <= i then mkfake_bound (i - n) T else b end
  77.260 +  | fakefree_badbounds T n t = t;
  77.261 +
  77.262 +
  77.263 +(* note: outerterm is the taget with the match replaced by a bound 
  77.264 +         variable : ie: "P lhs" beocmes "%x. P x" 
  77.265 +         insts is the types of instantiations of vars in lhs
  77.266 +         and typinsts is the type instantiations of types in the lhs
  77.267 +         Note: Final rule is the rule lifted into the ontext of the 
  77.268 +         taget thm. *)
  77.269 +fun mk_foo_match mkuptermfunc Ts t = 
  77.270 +    let 
  77.271 +      val ty = Term.type_of t
  77.272 +      val bigtype = (rev (map snd Ts)) ---> ty
  77.273 +      fun mk_foo 0 t = t
  77.274 +        | mk_foo i t = mk_foo (i - 1) (t $ (Bound (i - 1)))
  77.275 +      val num_of_bnds = (length Ts)
  77.276 +      (* foo_term = "fooabs y0 ... yn" where y's are local bounds *)
  77.277 +      val foo_term = mk_foo num_of_bnds (Bound num_of_bnds)
  77.278 +    in Abs("fooabs", bigtype, mkuptermfunc foo_term) end;
  77.279 +
  77.280 +(* before matching we need to fake the bound vars that missing an
  77.281 +abstraction. In this function we additionally construct the
  77.282 +abstraction environment, and an outer context term (with the focus
  77.283 +abstracted out) for use in rewriting with RWInst.rw *)
  77.284 +fun prepmatch ft = 
  77.285 +    let 
  77.286 +      val t = focus_of_fcterm ft  
  77.287 +      val Ts = tyenv_of_focus ft
  77.288 +      val t' = fakefree_badbounds Ts 0 t
  77.289 +      fun mktermf t = 
  77.290 +          term_of_fcterm (set_focus_of_fcterm ft t)
  77.291 +      val absterm = mk_foo_match mktermf Ts t'
  77.292 +    in
  77.293 +      (t', (Ts, absterm))
  77.294 +    end;
  77.295 +
  77.296 +(* matching and unification for a focus term's focus *)
  77.297 +fun clean_match_ft tsig pat ft = 
  77.298 +    let val (t, (Ts,absterm)) = prepmatch ft in
  77.299 +      case TermLib.clean_match tsig (pat, t) of 
  77.300 +        None => None 
  77.301 +      | Some insts => Some (insts, Ts, absterm) end;
  77.302 +(* ix = max var index *)
  77.303 +fun clean_unify_ft sgn ix pat ft = 
  77.304 +    let val (t, (Ts,absterm)) = prepmatch ft in
  77.305 +    Seq.map (fn insts => (insts, Ts, absterm)) 
  77.306 +            (TermLib.clean_unify sgn ix (t, pat)) end;
  77.307 +
  77.308 +
  77.309 +(* THINK: ? do we not need to incremement bound indices? *)
  77.310 +(* THINK: it should be the search which localisaes the search to the
  77.311 +current focus, not this hack in the matcher... ? *)
  77.312 +(* find matches below this particular focus term *) 
  77.313 +(* The search function is to find a match within a term... *)
  77.314 +(* the matcher is something that is applied to each node chosen by the
  77.315 +searchf and the results are flattened to form a lazy list. *)
  77.316 +fun find_fcterm_matches searchf matcher ft = 
  77.317 +    let 
  77.318 +      val ftupterm = upterm_of ft
  77.319 +      val focusft = focus_of_fcterm ft
  77.320 +      val add_uptermf = add_upterm ftupterm 
  77.321 +    in
  77.322 +    searchf
  77.323 +      (fn ft' => matcher (add_uptermf ft'))
  77.324 +      (fcterm_of_term focusft)
  77.325 +    end;
  77.326 +
  77.327 +(* FIXME: move argument orders for efficiency... 
  77.328 +i.e. wenzel style val foofunc = x o y;
  77.329 +*)
  77.330 +
  77.331 +(* find the matches inside subgoal i of th *)
  77.332 +fun find_sg_matches searchf matcher i t = 
  77.333 +    let val subgoal_fcterm = focus_to_subgoal_of_term i t
  77.334 +    in find_fcterm_matches searchf matcher subgoal_fcterm end;
  77.335 +
  77.336 +(* find the matches inside subgoal i of th *)
  77.337 +fun find_sg_thm_matches searchf matcher i th = 
  77.338 +    find_sg_matches searchf matcher i (Thm.prop_of th);
  77.339 +
  77.340 +
  77.341 +(* find the matches inside subgoal i's conclusion of th *)
  77.342 +fun find_sg_concl_matches searchf matcher i t = 
  77.343 +    let 
  77.344 +      val subgoal_fcterm = 
  77.345 +          focus_to_concl (focus_to_subgoal_of_term i t)
  77.346 +    in
  77.347 +      find_fcterm_matches searchf matcher subgoal_fcterm
  77.348 +    end;
  77.349 +
  77.350 +(* find the matches inside subgoal i's conclusion of th *)
  77.351 +fun find_sg_concl_thm_matches searchf matcher i th = 
  77.352 +    find_sg_concl_matches searchf matcher i (Thm.prop_of th);
  77.353 +
  77.354 +end;
  77.355 +
  77.356 +(* 
  77.357 +test... 
  77.358 +
  77.359 +f_encode_isatermS.encode (read "P a");
  77.360 +isafocustermS.fcterm_of_term (read "f a");
  77.361 +isafocustermS.term_of_fcterm it;
  77.362 +
  77.363 +Goal "P b ==> P (suc b)";
  77.364 +
  77.365 +TermLib.string_of_term ((focus_of_fcterm o focus_to_subgoal_of_term 1 o prop_of) (topthm()));
  77.366 +
  77.367 +TermLib.string_of_term ((focus_of_fcterm o focus_to_concl o focus_to_subgoal_of_term 1 o prop_of) (topthm()));
  77.368 +
  77.369 +TermLib.string_of_term ((focus_of_fcterm o focus_to_term_goal_prem (1,1) o prop_of) (topthm()));
  77.370 +
  77.371 +*)
    78.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    78.2 +++ b/src/Pure/IsaPlanner/isand.ML	Tue Feb 01 18:01:57 2005 +0100
    78.3 @@ -0,0 +1,486 @@
    78.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    78.5 +(*  Title:      sys/isand.ML
    78.6 +    Author:     Lucas Dixon, University of Edinburgh
    78.7 +                lucas.dixon@ed.ac.uk
    78.8 +    Date:       6 Aug 2004
    78.9 +*)
   78.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   78.11 +(*  DESCRIPTION:
   78.12 +
   78.13 +    Natural Deduction tools
   78.14 +
   78.15 +    For working with Isbaelle theorem in a natural detuction style,
   78.16 +    ie, not having to deal with meta level quantified varaibles,
   78.17 +    instead, we work with newly introduced frees, and hide the
   78.18 +    "all"'s, exporting results from theorems proved with the frees, to
   78.19 +    solve the all cases of the previous goal. 
   78.20 +
   78.21 +    Note: A nice idea: allow esxporting to solve any subgoal, thus
   78.22 +    allowing the interleaving of proof, or provide a structure for the
   78.23 +    ordering of proof, thus allowing proof attempts in parrelle, but
   78.24 +    recording the order to apply things in.
   78.25 +
   78.26 +    debugging tools:
   78.27 +
   78.28 +    fun asm_mk t = (assume (cterm_of (Theory.sign_of (the_context())) t)); 
   78.29 +    fun asm_read s =  
   78.30 +      (assume (read_cterm (Theory.sign_of (Context.the_context())) (s,propT))); 
   78.31 +
   78.32 +    THINK: are we really ok with our varify name w.r.t the prop - do
   78.33 +    we alos need to avoid names in the hidden hyps?
   78.34 +*)
   78.35 +
   78.36 +signature ISA_ND =
   78.37 +sig
   78.38 +  datatype export = export of
   78.39 +           {gth: Thm.thm, (* initial goal theorem *)
   78.40 +            sgid: int, (* subgoal id which has been fixed etc *)
   78.41 +            fixes: Thm.cterm list, (* frees *)
   78.42 +            assumes: Thm.cterm list} (* assumptions *)
   78.43 +
   78.44 +  val fixes_of_exp : export -> Thm.cterm list
   78.45 +
   78.46 +  val export_back : export -> Thm.thm -> Thm.thm Seq.seq
   78.47 +  val export_solution : export -> Thm.thm -> Thm.thm
   78.48 +  val export_solutions : export list * Thm.thm -> Thm.thm
   78.49 +
   78.50 +  val allify_conditions :
   78.51 +      (Term.term -> Thm.cterm) ->
   78.52 +      (string * Term.typ) list -> Thm.thm -> Thm.thm * Thm.cterm list
   78.53 +  val allify_conditions' :
   78.54 +      (string * Term.typ) list -> Thm.thm -> Thm.thm * Thm.cterm list
   78.55 +
   78.56 +  val assume_prems :
   78.57 +      int -> Thm.thm -> Thm.thm list * Thm.thm * Thm.cterm list
   78.58 +
   78.59 +  val fix_alls_term : int -> Term.term -> Term.term * Term.term list
   78.60 +  val fix_alls_cterm : int -> Thm.thm -> Thm.cterm * Thm.cterm list
   78.61 +  val fix_alls' : int -> Thm.thm -> Thm.thm * Thm.cterm list
   78.62 +  val fix_alls : int -> Thm.thm -> Thm.thm * export
   78.63 +
   78.64 +  val fix_vars_to_frees : Thm.thm -> (Thm.cterm * Thm.cterm) list * Thm.thm
   78.65 +  val schemify_frees_to_vars : Thm.cterm list -> Thm.thm -> Thm.thm
   78.66 +
   78.67 +  val fixed_subgoal_thms : Thm.thm -> Thm.thm list * (Thm.thm list -> Thm.thm)
   78.68 +  val fixes_and_assumes : int -> Thm.thm -> Thm.thm list * Thm.thm * export
   78.69 +
   78.70 +  val hide_other_goals : Thm.thm -> Thm.thm * Thm.cterm list
   78.71 +  val hide_prems : Thm.thm -> Thm.thm * Thm.cterm list
   78.72 +
   78.73 +  (* abstracts cterms (vars) to locally meta-all bounds *)
   78.74 +  val prepare_goal_export : string list * Thm.cterm list -> Thm.thm 
   78.75 +                            -> int * Thm.thm
   78.76 +  val solve_with : Thm.thm -> Thm.thm -> Thm.thm Seq.seq
   78.77 +  val subgoal_thms : Thm.thm -> Thm.thm list * (Thm.thm list -> Thm.thm)
   78.78 +end
   78.79 +
   78.80 +
   78.81 +structure IsaND : ISA_ND =
   78.82 +struct
   78.83 +
   78.84 +(* Solve *some* subgoal of "th" directly by "sol" *)
   78.85 +(* Note: this is probably what Markus ment to do upon export of a
   78.86 +"show" but maybe he used RS/rtac instead, which would wrongly lead to
   78.87 +failing if there are premices to the shown goal. *)
   78.88 +fun solve_with sol th = 
   78.89 +    let fun solvei 0 = Seq.empty
   78.90 +          | solvei i = 
   78.91 +            Seq.append (bicompose false (false,sol,0) i th, 
   78.92 +                        solvei (i - 1))
   78.93 +    in
   78.94 +      solvei (Thm.nprems_of th)
   78.95 +    end;
   78.96 +
   78.97 +
   78.98 +(* Given ctertmify function, (string,type) pairs capturing the free
   78.99 +vars that need to be allified in the assumption, and a theorem with
  78.100 +assumptions possibly containing the free vars, then we give back the
  78.101 +assumptions allified as hidden hyps. *)
  78.102 +(* 
  78.103 +Given: vs 
  78.104 +th: A vs ==> B vs 
  78.105 +Results in: "B vs" [!!x. A x]
  78.106 +*)
  78.107 +fun allify_conditions ctermify Ts th = 
  78.108 +    let 
  78.109 +      val premts = Thm.prems_of th;
  78.110 +    
  78.111 +      fun allify_prem_var (vt as (n,ty),t)  = 
  78.112 +          (Term.all ty) $ (Abs(n,ty,Term.abstract_over (Free vt, t)))
  78.113 +
  78.114 +      fun allify_prem Ts p = foldr allify_prem_var (Ts, p)
  78.115 +
  78.116 +      val cTs = map (ctermify o Free) Ts
  78.117 +      val cterm_asms = map (ctermify o allify_prem Ts) premts
  78.118 +      val allifyied_asm_thms = map (Drule.forall_elim_list cTs o Thm.assume) cterm_asms
  78.119 +    in 
  78.120 +      (foldl (fn (x,y) => y COMP x) (th, allifyied_asm_thms), cterm_asms)
  78.121 +    end;
  78.122 +
  78.123 +fun allify_conditions' Ts th = 
  78.124 +    allify_conditions (Thm.cterm_of (Thm.sign_of_thm th)) Ts th;
  78.125 +
  78.126 +
  78.127 +
  78.128 +(* change schematic vars to fresh free vars *)
  78.129 +fun fix_vars_to_frees th = 
  78.130 +    let 
  78.131 +      val ctermify = Thm.cterm_of (Thm.sign_of_thm th)
  78.132 +      val prop = Thm.prop_of th
  78.133 +      val vars = map Term.dest_Var (Term.term_vars prop)
  78.134 +
  78.135 +      val names = Term.add_term_names (prop, [])
  78.136 +
  78.137 +      val (insts,names2) = 
  78.138 +          foldl (fn ((insts,names),v as ((n,i),ty)) => 
  78.139 +                    let val n2 = Term.variant names n in
  78.140 +                      ((ctermify (Var v), ctermify (Free(n2,ty))) :: insts, 
  78.141 +                       n2 :: names)
  78.142 +                    end)
  78.143 +                (([],names), vars)
  78.144 +    in (insts, Thm.instantiate ([], insts) th) end;
  78.145 +
  78.146 +(* make free vars into schematic vars with index zero *)
  78.147 + fun schemify_frees_to_vars frees = 
  78.148 +     apply (map (K (Drule.forall_elim_var 0)) frees) 
  78.149 +     o Drule.forall_intr_list frees;
  78.150 +
  78.151 +
  78.152 +(* datatype to capture an exported result, ie a fix or assume. *)
  78.153 +datatype export = 
  78.154 +         export of {fixes : Thm.cterm list, (* fixed vars *)
  78.155 +                    assumes : Thm.cterm list, (* hidden hyps/assumed prems *)
  78.156 +                    sgid : int,
  78.157 +                    gth :  Thm.thm}; (* subgoal/goalthm *)
  78.158 +
  78.159 +fun fixes_of_exp (export rep) = #fixes rep;
  78.160 +
  78.161 +(* export the result of the new goal thm, ie if we reduced teh
  78.162 +subgoal, then we get a new reduced subtgoal with the old
  78.163 +all-quantified variables *)
  78.164 +local 
  78.165 +
  78.166 +(* allify puts in a meta level univ quantifier for a free variavble *)
  78.167 +fun allify_term (v, t) = 
  78.168 +    let val vt = #t (Thm.rep_cterm v)
  78.169 +      val (n,ty) = Term.dest_Free vt
  78.170 +    in (Term.all ty) $ (Abs(n,ty,Term.abstract_over (vt, t))) end;
  78.171 +
  78.172 +fun allify_for_sg_term ctermify vs t =
  78.173 +    let val t_alls = foldr allify_term (vs,t);
  78.174 +        val ct_alls = ctermify t_alls; 
  78.175 +    in 
  78.176 +      (ct_alls, Drule.forall_elim_list vs (Thm.assume ct_alls))
  78.177 +    end;
  78.178 +(* lookup type of a free var name from a list *)
  78.179 +fun lookupfree vs vn  = 
  78.180 +    case Library.find_first (fn (n,ty) => n = vn) vs of 
  78.181 +      None => raise ERROR_MESSAGE ("prepare_goal_export:lookupfree: " 
  78.182 +                    ^ vn ^ " does not occur in the term")
  78.183 +    | Some x => x;
  78.184 +in
  78.185 +fun export_back (export {fixes = vs, assumes = hprems, 
  78.186 +                         sgid = i, gth = gth}) newth = 
  78.187 +    let 
  78.188 +      val sgn = Thm.sign_of_thm newth;
  78.189 +      val ctermify = Thm.cterm_of sgn;
  78.190 +
  78.191 +      val sgs = prems_of newth;
  78.192 +      val (sgallcts, sgthms) = 
  78.193 +          Library.split_list (map (allify_for_sg_term ctermify vs) sgs);
  78.194 +      val minimal_newth = 
  78.195 +          (foldl (fn ( newth', sgthm) => 
  78.196 +                          Drule.compose_single (sgthm, 1, newth'))
  78.197 +                      (newth, sgthms));
  78.198 +      val allified_newth = 
  78.199 +          minimal_newth 
  78.200 +            |> Drule.implies_intr_list hprems
  78.201 +            |> Drule.forall_intr_list vs 
  78.202 +
  78.203 +      val newth' = Drule.implies_intr_list sgallcts allified_newth
  78.204 +    in
  78.205 +      bicompose false (false, newth', (length sgallcts)) i gth
  78.206 +    end;
  78.207 +
  78.208 +(* 
  78.209 +Given "vs" : names of free variables to abstract over,
  78.210 +Given cterms : premices to abstract over (P1... Pn) in terms of vs,
  78.211 +Given a thm of the form: 
  78.212 +P1 vs; ...; Pn vs ==> Goal(C vs)
  78.213 +
  78.214 +Gives back: 
  78.215 +(n, length of given cterms which have been allified
  78.216 + [| !! vs. P1 vs; !! vs. Pn vs |] ==> !! C vs) the allified thm
  78.217 +*)
  78.218 +(* note: C may contain further premices etc 
  78.219 +Note that cterms is the assumed facts, ie prems of "P1" that are
  78.220 +reintroduced in allified form.
  78.221 +*)
  78.222 +fun prepare_goal_export (vs, cterms) th = 
  78.223 +    let 
  78.224 +      val sgn = Thm.sign_of_thm th;
  78.225 +      val ctermify = Thm.cterm_of sgn;
  78.226 +
  78.227 +      val allfrees = map Term.dest_Free (Term.term_frees (Thm.prop_of th))
  78.228 +      val cfrees = map (ctermify o Free o lookupfree allfrees) vs
  78.229 +
  78.230 +      val sgs = prems_of th;
  78.231 +      val (sgallcts, sgthms) = 
  78.232 +          Library.split_list (map (allify_for_sg_term ctermify cfrees) sgs);
  78.233 +
  78.234 +      val minimal_th = 
  78.235 +          (foldl (fn ( th', sgthm) => 
  78.236 +                          Drule.compose_single (sgthm, 1, th'))
  78.237 +                      (th, sgthms)) RS Drule.rev_triv_goal;
  78.238 +
  78.239 +      val allified_th = 
  78.240 +          minimal_th 
  78.241 +            |> Drule.implies_intr_list cterms
  78.242 +            |> Drule.forall_intr_list cfrees 
  78.243 +
  78.244 +      val th' = Drule.implies_intr_list sgallcts allified_th
  78.245 +    in
  78.246 +      ((length sgallcts), th')
  78.247 +    end;
  78.248 +
  78.249 +end;
  78.250 +
  78.251 +
  78.252 +(* exporting function that takes a solution to the fixed/assumed goal,
  78.253 +and uses this to solve the subgoal in the main theorem *)
  78.254 +fun export_solution (export {fixes = cfvs, assumes = hcprems,
  78.255 +                             sgid = i, gth = gth}) solth = 
  78.256 +    let 
  78.257 +      val solth' = 
  78.258 +          solth |> Drule.implies_intr_list hcprems
  78.259 +                |> Drule.forall_intr_list cfvs
  78.260 +    in Drule.compose_single (solth', i, gth) end;
  78.261 +
  78.262 +val export_solutions = foldr (uncurry export_solution);
  78.263 +
  78.264 +
  78.265 +(* fix parameters of a subgoal "i", as free variables, and create an
  78.266 +exporting function that will use the result of this proved goal to
  78.267 +show the goal in the original theorem. 
  78.268 +
  78.269 +Note, an advantage of this over Isar is that it supports instantiation
  78.270 +of unkowns in the earlier theorem, ie we can do instantiation of meta
  78.271 +vars! *)
  78.272 +(* loosely corresponds to:
  78.273 +Given "[| SG0; ... !! x. As ==> SGi x; ... SGm |] ==> G" : thm
  78.274 +Result: 
  78.275 +  ("(As ==> SGi x') ==> (As ==> SGi x')" : thm, 
  78.276 +   expf : 
  78.277 +     ("As ==> SGi x'" : thm) -> 
  78.278 +     ("[| SG0; ... SGi-1; SGi+1; ... SGm |] ==> G") : thm)
  78.279 +*)
  78.280 +fun fix_alls_term i t = 
  78.281 +    let 
  78.282 +      val names = Term.add_term_names (t,[]);
  78.283 +      val gt = Logic.get_goal t i;
  78.284 +      val body = Term.strip_all_body gt;
  78.285 +      val alls = rev (Term.strip_all_vars gt);
  78.286 +      val fvs = map Free 
  78.287 +                    ((Term.variantlist (map fst alls, names)) 
  78.288 +                       ~~ (map snd alls));
  78.289 +    in ((subst_bounds (fvs,body)), fvs) end;
  78.290 +
  78.291 +fun fix_alls_cterm i th = 
  78.292 +    let
  78.293 +      val ctermify = Thm.cterm_of (Thm.sign_of_thm th);
  78.294 +      val (fixedbody, fvs) = fix_alls_term i (Thm.prop_of th);
  78.295 +      val cfvs = rev (map ctermify fvs);
  78.296 +      val ct_body = ctermify fixedbody
  78.297 +    in
  78.298 +      (ct_body, cfvs)
  78.299 +    end;
  78.300 +
  78.301 +fun fix_alls' i = 
  78.302 +     (apfst Thm.trivial) o (fix_alls_cterm i);
  78.303 +
  78.304 +
  78.305 +(* hide other goals *) 
  78.306 +(* note the export goal is rotated by (i - 1) and will have to be
  78.307 +unrotated to get backto the originial position(s) *)
  78.308 +fun hide_other_goals th = 
  78.309 +    let
  78.310 +      (* tl beacuse fst sg is the goal we are interested in *)
  78.311 +      val cprems = tl (Drule.cprems_of th)
  78.312 +      val aprems = map Thm.assume cprems
  78.313 +    in
  78.314 +      (Drule.implies_elim_list (Drule.rotate_prems 1 th) aprems, 
  78.315 +       cprems)
  78.316 +    end;
  78.317 +
  78.318 +(* a nicer version of the above that leaves only a single subgoal (the
  78.319 +other subgoals are hidden hyps, that the exporter suffles about)
  78.320 +namely the subgoal that we were trying to solve. *)
  78.321 +(* loosely corresponds to:
  78.322 +Given "[| SG0; ... !! x. As ==> SGi x; ... SGm |] ==> G" : thm
  78.323 +Result: 
  78.324 +  ("(As ==> SGi x') ==> SGi x'" : thm, 
  78.325 +   expf : 
  78.326 +     ("SGi x'" : thm) -> 
  78.327 +     ("[| SG0; ... SGi-1; SGi+1; ... SGm |] ==> G") : thm)
  78.328 +*)
  78.329 +fun fix_alls i th = 
  78.330 +    let 
  78.331 +      val (fixed_gth, fixedvars) = fix_alls' i th
  78.332 +      val (sml_gth, othergoals) = hide_other_goals fixed_gth
  78.333 +    in
  78.334 +      (sml_gth, export {fixes = fixedvars, 
  78.335 +                        assumes = othergoals, 
  78.336 +                        sgid = i, gth = th})
  78.337 +    end;
  78.338 +
  78.339 +
  78.340 +(* assume the premises of subgoal "i", this gives back a list of
  78.341 +assumed theorems that are the premices of subgoal i, it also gives
  78.342 +back a new goal thm and an exporter, the new goalthm is as the old
  78.343 +one, but without the premices, and the exporter will use a proof of
  78.344 +the new goalthm, possibly using the assumed premices, to shoe the
  78.345 +orginial goal. *)
  78.346 +
  78.347 +(* Note: Dealing with meta vars, need to meta-level-all them in the
  78.348 +shyps, which we can later instantiate with a specific value.... ? 
  78.349 +think about this... maybe need to introduce some new fixed vars and
  78.350 +then remove them again at the end... like I do with rw_inst. *)
  78.351 +(* loosely corresponds to:
  78.352 +Given "[| SG0; ... [| A0; ... An |] ==> SGi; ... SGm |] ==> G" : thm
  78.353 +Result: 
  78.354 +(["A0" [A0], ... ,"An" [An]] : thm list, -- assumptions
  78.355 + "SGi ==> SGi" : thm, -- new goal 
  78.356 + "SGi" ["A0" ... "An"] : thm ->   -- export function
  78.357 +    ("[| SG0 ... SGi-1, SGi+1, SGm |] ==> G" : thm) list)
  78.358 +*)
  78.359 +fun assume_prems i th =
  78.360 +    let 
  78.361 +      val t = (prop_of th); 
  78.362 +      val gt = Logic.get_goal t i;
  78.363 +      val _ = case Term.strip_all_vars gt of [] => () 
  78.364 +              | _ => raise ERROR_MESSAGE "assume_prems: goal has params"
  78.365 +      val body = gt;
  78.366 +      val prems = Logic.strip_imp_prems body;
  78.367 +      val concl = Logic.strip_imp_concl body;
  78.368 +
  78.369 +      val sgn = Thm.sign_of_thm th;
  78.370 +      val ctermify = Thm.cterm_of sgn;
  78.371 +      val cprems = map ctermify prems;
  78.372 +      val aprems = map Thm.assume cprems;
  78.373 +      val gthi = Thm.trivial (ctermify concl);
  78.374 +
  78.375 +      (* fun explortf thi = 
  78.376 +          Drule.compose (Drule.implies_intr_list cprems thi, 
  78.377 +                         i, th) *)
  78.378 +    in
  78.379 +      (aprems, gthi, cprems)
  78.380 +    end;
  78.381 +
  78.382 +
  78.383 +(* first fix the variables, then assume the assumptions *)
  78.384 +(* loosely corresponds to:
  78.385 +Given 
  78.386 +  "[| SG0; ... 
  78.387 +      !! xs. [| A0 xs; ... An xs |] ==> SGi xs; 
  78.388 +      ... SGm |] ==> G" : thm
  78.389 +Result: 
  78.390 +(["A0 xs'" [A0 xs'], ... ,"An xs'" [An xs']] : thm list, -- assumptions
  78.391 + "SGi xs' ==> SGi xs'" : thm,  -- new goal 
  78.392 + "SGi xs'" ["A0 xs'" ... "An xs'"] : thm ->   -- export function
  78.393 +    ("[| SG0 ... SGi-1, SGi+1, SGm |] ==> G" : thm) list)
  78.394 +*)
  78.395 +
  78.396 +(* Note: the fix_alls actually pulls through all the assumptions which
  78.397 +means that the second export is not needed. *)
  78.398 +fun fixes_and_assumes i th = 
  78.399 +    let 
  78.400 +      val (fixgth, exp1) = fix_alls i th
  78.401 +      val (assumps, goalth, _) = assume_prems 1 fixgth
  78.402 +    in 
  78.403 +      (assumps, goalth, exp1)
  78.404 +    end;
  78.405 +
  78.406 +
  78.407 +(* Fixme: allow different order of subgoals given to expf *)
  78.408 +(* make each subgoal into a separate thm that needs to be proved *)
  78.409 +(* loosely corresponds to:
  78.410 +Given 
  78.411 +  "[| SG0; ... SGm |] ==> G" : thm
  78.412 +Result: 
  78.413 +(["SG0 ==> SG0", ... ,"SGm ==> SGm"] : thm list, -- goals
  78.414 + ["SG0", ..., "SGm"] : thm list ->   -- export function
  78.415 +   "G" : thm)
  78.416 +*)
  78.417 +fun subgoal_thms th = 
  78.418 +    let 
  78.419 +      val t = (prop_of th); 
  78.420 +
  78.421 +      val prems = Logic.strip_imp_prems t;
  78.422 +
  78.423 +      val sgn = Thm.sign_of_thm th;
  78.424 +      val ctermify = Thm.cterm_of sgn;
  78.425 +
  78.426 +      val aprems = map (Thm.trivial o ctermify) prems;
  78.427 +
  78.428 +      fun explortf premths = 
  78.429 +          Drule.implies_elim_list th premths
  78.430 +    in
  78.431 +      (aprems, explortf)
  78.432 +    end;
  78.433 +
  78.434 +
  78.435 +(* make all the premices of a theorem hidden, and provide an unhide
  78.436 +function, that will bring them back out at a later point. This is
  78.437 +useful if you want to get back these premices, after having used the
  78.438 +theorem with the premices hidden *)
  78.439 +(* loosely corresponds to:
  78.440 +Given "As ==> G" : thm
  78.441 +Result: ("G [As]" : thm, 
  78.442 +         "G [As]" : thm -> "As ==> G" : thm
  78.443 +*)
  78.444 +fun hide_prems th = 
  78.445 +    let 
  78.446 +      val sgn = Thm.sign_of_thm th;
  78.447 +      val ctermify = Thm.cterm_of sgn;
  78.448 +
  78.449 +      val t = (prop_of th);
  78.450 +      val prems = Logic.strip_imp_prems t;
  78.451 +      val cprems = map ctermify prems;
  78.452 +      val aprems = map Thm.trivial cprems;
  78.453 +
  78.454 +    (*   val unhidef = Drule.implies_intr_list cprems; *)
  78.455 +    in
  78.456 +      (Drule.implies_elim_list th aprems, cprems)
  78.457 +    end;
  78.458 +
  78.459 +
  78.460 +
  78.461 +
  78.462 +(* Fixme: allow different order of subgoals in exportf *)
  78.463 +(* as above, but also fix all parameters in all subgoals, and uses
  78.464 +fix_alls, not fix_alls', ie doesn't leave extra asumptions as apparent
  78.465 +subgoals. *)
  78.466 +(* loosely corresponds to:
  78.467 +Given 
  78.468 +  "[| !! x0s. A0s x0s ==> SG0 x0s; 
  78.469 +      ...; !! xms. Ams xms ==> SGm xms|] ==> G" : thm
  78.470 +Result: 
  78.471 +(["(A0s x0s' ==> SG0 x0s') ==> SG0 x0s'", 
  78.472 +  ... ,"(Ams xms' ==> SGm xms') ==> SGm xms'"] : thm list, -- goals
  78.473 + ["SG0 x0s'", ..., "SGm xms'"] : thm list ->   -- export function
  78.474 +   "G" : thm)
  78.475 +*)
  78.476 +(* requires being given solutions! *)
  78.477 +fun fixed_subgoal_thms th = 
  78.478 +    let 
  78.479 +      val (subgoals, expf) = subgoal_thms th;
  78.480 +(*       fun export_sg (th, exp) = exp th; *)
  78.481 +      fun export_sgs expfs solthms = 
  78.482 +          expf (map2 (op |>) (solthms, expfs));
  78.483 +(*           expf (map export_sg (ths ~~ expfs)); *)
  78.484 +    in 
  78.485 +      apsnd export_sgs (Library.split_list (map (apsnd export_solution o 
  78.486 +                                                 fix_alls 1) subgoals))
  78.487 +    end;
  78.488 +
  78.489 +end;
    79.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    79.2 +++ b/src/Pure/IsaPlanner/isaplib.ML	Tue Feb 01 18:01:57 2005 +0100
    79.3 @@ -0,0 +1,296 @@
    79.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    79.5 +(*  Title:      generic/isaplib.ML
    79.6 +    Author:     Lucas Dixon, University of Edinburgh
    79.7 +                lucasd@dai.ed.ac.uk
    79.8 +*)
    79.9 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   79.10 +(*  DESCRIPTION:
   79.11 +
   79.12 +    A few useful system-independent utilities.
   79.13 +*)
   79.14 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   79.15 +signature ISAP_LIB =
   79.16 +sig
   79.17 +  (* ints *)
   79.18 +  val max : int * int -> int
   79.19 +
   79.20 +  (* seq operations *)
   79.21 +  val ALL_BUT_LAST : ('a -> 'b Seq.seq) -> 'a -> 'b Seq.seq
   79.22 +  val FST : ('a -> 'b Seq.seq) -> 'a -> 'b Seq.seq
   79.23 +  val NTH : int -> ('a -> 'b Seq.seq) -> 'a -> 'b Seq.seq
   79.24 +  val all_but_last_of_seq : 'a Seq.seq -> 'a Seq.seq
   79.25 +  val nat_seq : int Seq.seq
   79.26 +  val nth_of_seq : int -> 'a Seq.seq -> 'a Library.option
   79.27 +  val pair_seq : 'a Seq.seq -> 'b Seq.seq -> ('a * 'b) Seq.seq
   79.28 +  val seq_is_empty : 'a Seq.seq -> bool
   79.29 +  val number_seq : 'a Seq.seq -> (int * 'a) Seq.seq
   79.30 +
   79.31 +  (* lists *)
   79.32 +  val mk_num_list : int -> int list
   79.33 +  val number_list : int -> 'a list -> (int * 'a) list
   79.34 +  val repeated_list : int -> 'a -> 'a list
   79.35 +  val all_pairs : 'a list -> 'b list -> ('a * 'b) list
   79.36 +	val get_ends_of : ('a * 'a -> bool) ->
   79.37 +										('a * 'a) -> 'a list -> ('a * 'a)
   79.38 +  val flatmap : ('a -> 'b list) -> 'a list -> 'b list
   79.39 +
   79.40 +	val lrem : ('a * 'b -> bool) -> 'a list -> 'b list -> 'b list
   79.41 +  val forall_list : ('a -> bool) -> 'a list -> bool
   79.42 +
   79.43 +  (* the list of lists with one of each of the original sublists *)
   79.44 +  val one_of_each : 'a list list -> 'a list list
   79.45 +
   79.46 +  (* type changing *)
   79.47 +  exception NOT_A_DIGIT of string
   79.48 +  val int_of_string : string -> int
   79.49 +
   79.50 +  (* string manipulations *)
   79.51 +  val remove_end_spaces : string -> string
   79.52 +  val str_indent : string -> string
   79.53 +  val string_of_intlist : int list -> string
   79.54 +  val string_of_list : ('a -> string) -> 'a list -> string
   79.55 +
   79.56 +  (* options *)
   79.57 +  val aptosome : 'a Library.option -> ('a -> 'b) -> 'b Library.option
   79.58 +  val seq_mapfilter : ('a -> 'b Library.option) -> 'a Seq.seq -> 'b Seq.seq
   79.59 +  val seq_map_to_some_filter : ('a -> 'b) -> 'a Library.option Seq.seq 
   79.60 +                               -> 'b Seq.seq
   79.61 +end;
   79.62 +
   79.63 +
   79.64 +
   79.65 +structure IsaPLib :> ISAP_LIB = 
   79.66 +struct
   79.67 + 
   79.68 +(* Int *)
   79.69 +fun max (x,y) = if x > y then x else y;
   79.70 +
   79.71 +(* Seq *)
   79.72 +fun seq_map_to_some_filter f s0 =
   79.73 +    let 
   79.74 +      fun recf s () = 
   79.75 +          case (Seq.pull s) of 
   79.76 +            None => None
   79.77 +          | Some (None,s') => recf s' ()
   79.78 +          | Some (Some d, s') => 
   79.79 +            Some (f d, Seq.make (recf s'))
   79.80 +    in Seq.make (recf s0) end;
   79.81 +
   79.82 +fun seq_mapfilter f s0 =
   79.83 +    let 
   79.84 +      fun recf s () = 
   79.85 +          case (Seq.pull s) of 
   79.86 +            None => None
   79.87 +          | Some (a,s') => 
   79.88 +            (case f a of None => recf s' ()
   79.89 +                       | Some b => Some (b, Seq.make (recf s')))
   79.90 +    in Seq.make (recf s0) end;
   79.91 +
   79.92 +
   79.93 +
   79.94 +(* a simple function to pair with each element of a list, a number *)
   79.95 +fun number_list i [] = []
   79.96 +	| number_list i (h::t) = 
   79.97 +		(i,h)::(number_list (i+1) t)
   79.98 +
   79.99 +(* check to see if a sequence is empty *)
  79.100 +fun seq_is_empty s = is_none (Seq.pull s);
  79.101 +
  79.102 +(* the sequence of natural numbers *)
  79.103 +val nat_seq = 
  79.104 +      let fun nseq i () = Some (i, Seq.make (nseq (i+1)))
  79.105 +      in Seq.make (nseq 1)
  79.106 +      end;
  79.107 +
  79.108 +(* create a sequence of pairs of the elements of the two sequences
  79.109 +   If one sequence becomes empty, then so does the pairing of them. 
  79.110 +   
  79.111 +   This is particularly useful if you wish to perform counting or
  79.112 +   other repeated operations on a sequence and you want to combvine
  79.113 +   this infinite sequence with a possibly finite one.
  79.114 +
  79.115 +   behaviour: 
  79.116 +   s1: a1, a2, ... an
  79.117 +   s2: b1, b2, ... bn ...
  79.118 +
  79.119 +   pair_seq s1 s2: (a1,b1), (a2,b2), ... (an,bn)
  79.120 +*)
  79.121 +fun pair_seq seq1 seq2 = 
  79.122 +    let
  79.123 +      fun pseq s1 s2 () = 
  79.124 +	        case Seq.pull s1 of 
  79.125 +	          None => None
  79.126 +	        | Some (s1h, s1t) => 
  79.127 +	          case Seq.pull s2 of 
  79.128 +		          None => None
  79.129 +	          | Some (s2h, s2t) =>
  79.130 +		          Some ((s1h, s2h), Seq.make (pseq s1t s2t))
  79.131 +    in
  79.132 +      Seq.make (pseq seq1 seq2)
  79.133 +    end;
  79.134 +
  79.135 +(* number a sequence *)
  79.136 +fun number_seq s = pair_seq nat_seq s;
  79.137 +
  79.138 +(* cuts off the last element of a sequence *)
  79.139 +fun all_but_last_of_seq s = 
  79.140 +    let 
  79.141 +      fun f () = 
  79.142 +	  case Seq.pull s of
  79.143 +	    None => None
  79.144 +	  | Some (a, s2) => 
  79.145 +	    (case Seq.pull s2 of 
  79.146 +	       None => None
  79.147 +	     | Some (a2,s3) => 
  79.148 +	       Some (a, all_but_last_of_seq (Seq.cons (a2,s3))))
  79.149 +    in
  79.150 +      Seq.make f
  79.151 +    end;
  79.152 +
  79.153 + fun ALL_BUT_LAST r st = all_but_last_of_seq (r st);
  79.154 +
  79.155 +
  79.156 +  (* nth elem for sequenes, return none if out of bounds *)
  79.157 +  fun nth_of_seq i l = 
  79.158 +           if (seq_is_empty l) then None 
  79.159 +           else if i <= 1 then Some (Seq.hd l)
  79.160 +           else nth_of_seq (i-1) (Seq.tl l);
  79.161 +
  79.162 +  (* for use with tactics... gives no_tac if element isn't there *)
  79.163 +  fun NTH n f st = 
  79.164 +      let val r = nth_of_seq n (f st) in 
  79.165 +        if (is_none r) then Seq.empty else (Seq.single (the r))
  79.166 +      end;
  79.167 + 
  79.168 +  (* First result of a tactic... uses NTH, so if there is no elements,
  79.169 +
  79.170 +
  79.171 +     then no_tac is returned. *)
  79.172 +  fun FST f = NTH 1 f;
  79.173 +
  79.174 +  (* create a list opf the form (n, n-1, n-2, ... ) *)
  79.175 +  fun mk_num_list n =  
  79.176 +      if n < 1 then [] else (n :: (mk_num_list (n-1))); 
  79.177 +
  79.178 +  fun repeated_list n a =  
  79.179 +      if n < 1 then [] else (a :: (repeated_list (n-1) a)); 
  79.180 +
  79.181 +  (* create all possible pairs with fst element from the first list
  79.182 +     and snd element from teh second list *)
  79.183 +  fun all_pairs xs ys = 
  79.184 +      let 
  79.185 +        fun all_pairs_aux yss [] _ acc = acc
  79.186 +          | all_pairs_aux yss (x::xs) [] acc = 
  79.187 +            all_pairs_aux yss xs yss acc
  79.188 +          | all_pairs_aux yss (xs as (x1::x1s)) (y::ys) acc = 
  79.189 +                               all_pairs_aux yss xs ys ((x1,y)::acc)
  79.190 +      in
  79.191 +        all_pairs_aux ys xs ys []
  79.192 +      end;
  79.193 +
  79.194 +
  79.195 +  (* create all possible pairs with fst element from the first list
  79.196 +     and snd element from teh second list *)
  79.197 +  (* FIXME: make tail recursive and quick *)
  79.198 +  fun one_of_each [] = []
  79.199 +    | one_of_each [[]] = []
  79.200 +    | one_of_each [(h::t)] = [h] :: (one_of_each [t])
  79.201 +    | one_of_each ([] :: xs) = []
  79.202 +    | one_of_each ((h :: t) :: xs) = 
  79.203 +      (map (fn z => h :: z) (one_of_each xs)) 
  79.204 +      @ (one_of_each (t :: xs));
  79.205 +
  79.206 +
  79.207 +(* function to get the upper/lower bounds of a list 
  79.208 +given: 
  79.209 +gr : 'a * 'a -> bool  = greater than check
  79.210 +e as (u,l) : ('a * 'a) = upper and lower bits
  79.211 +l : 'a list = the list to get the upper and lower bounds of
  79.212 +returns a pair ('a * 'a) of the biggest and lowest value w.r.t "gr"
  79.213 +*)
  79.214 +fun get_ends_of gr (e as (u,l)) [] = e
  79.215 +  | get_ends_of gr (e as (u,l)) (h :: t) = 
  79.216 +    if gr(h,u) then get_ends_of gr (h,l) t
  79.217 +    else if gr(l,h) then get_ends_of gr (u,h) t
  79.218 +    else get_ends_of gr (u,l) t;
  79.219 +
  79.220 +fun flatmap f = flat o map f;
  79.221 +
  79.222 +  (* quick removal of "rs" elements from "ls" when (eqf (r,l)) is true 
  79.223 +		 Ignores ordering. *)
  79.224 +  fun lrem eqf rs ls = 
  79.225 +			let fun list_remove rs ([],[]) = []
  79.226 +						| list_remove [] (xs,_) = xs
  79.227 +						| list_remove (r::rs) ([],leftovers) = 
  79.228 +							list_remove rs (leftovers,[])
  79.229 +						| list_remove (r1::rs) ((x::xs),leftovers) = 
  79.230 +							if eqf (r1, x) then list_remove (r1::rs) (xs,leftovers)
  79.231 +							else list_remove (r1::rs) (xs, x::leftovers)
  79.232 +			in
  79.233 +				list_remove rs (ls,[])
  79.234 +			end;
  79.235 +
  79.236 +fun forall_list f [] = true
  79.237 +  | forall_list f (a::t) = f a orelse forall_list f t;
  79.238 +
  79.239 +
  79.240 +  (* crappy string indeter *)
  79.241 +  fun str_indent s = 
  79.242 +    implode (map (fn s => if s = "\n" then "\n  " else s) (explode s));
  79.243 +      
  79.244 +
  79.245 +  fun remove_end_spaces s = 
  79.246 +      let 
  79.247 +				fun rem_starts [] = [] 
  79.248 +					| rem_starts (" " :: t) = rem_starts t
  79.249 +					| rem_starts ("\t" :: t) = rem_starts t
  79.250 +					| rem_starts ("\n" :: t) = rem_starts t
  79.251 +					| rem_starts l = l
  79.252 +				fun rem_ends l = rev (rem_starts (rev l))
  79.253 +      in
  79.254 +				implode (rem_ends (rem_starts (explode s)))
  79.255 +      end;
  79.256 +
  79.257 +(* convert a string to an integer *)
  79.258 +  exception NOT_A_DIGIT of string;
  79.259 +
  79.260 +  fun int_of_string s = 
  79.261 +      let 
  79.262 +				fun digits_to_int [] x = x
  79.263 +					| digits_to_int (h :: t) x = digits_to_int t (x * 10 + h);
  79.264 +	
  79.265 +				fun char_to_digit c = 
  79.266 +						case c of 
  79.267 +							"0" => 0
  79.268 +						| "1" => 1
  79.269 +						| "2" => 2
  79.270 +						| "3" => 3
  79.271 +						| "4" => 4
  79.272 +						| "5" => 5
  79.273 +						| "6" => 6
  79.274 +						| "7" => 7
  79.275 +						| "8" => 8
  79.276 +						| "9" => 9
  79.277 +						| _ => raise NOT_A_DIGIT c
  79.278 +      in
  79.279 +				digits_to_int (map char_to_digit (explode (remove_end_spaces s))) 0
  79.280 +      end;
  79.281 +
  79.282 +  (* Debugging/printing code for this datatype *)
  79.283 +  fun string_of_list f l = 
  79.284 +      let 
  79.285 +				fun auxf [] = ""
  79.286 +					| auxf [a] = (f a)
  79.287 +					| auxf (h :: (t as (h2 :: t2))) = (f h) ^ ", " ^ (auxf t)
  79.288 +      in
  79.289 +				"[" ^ (auxf l) ^ "]"
  79.290 +      end;
  79.291 +
  79.292 +   val string_of_intlist = string_of_list string_of_int;
  79.293 +
  79.294 +
  79.295 +  (* options *)
  79.296 +  fun aptosome None f = None
  79.297 +    | aptosome (Some x) f = Some (f x);
  79.298 +
  79.299 +end;
    80.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    80.2 +++ b/src/Pure/IsaPlanner/rw_inst.ML	Tue Feb 01 18:01:57 2005 +0100
    80.3 @@ -0,0 +1,278 @@
    80.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    80.5 +(*  Title:      sys/rw_inst.ML
    80.6 +    Author:     Lucas Dixon, University of Edinburgh
    80.7 +                lucas.dixon@ed.ac.uk
    80.8 +    Created:    25 Aug 2004
    80.9 +*)
   80.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   80.11 +(*  DESCRIPTION:
   80.12 +
   80.13 +    rewriting using a conditional meta-equality theorem which supports 
   80.14 +    schematic variable instantiation.
   80.15 +
   80.16 +*)   
   80.17 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   80.18 +signature RW_INST =
   80.19 +sig
   80.20 +
   80.21 +  (* Rewrite: give it instantiation infromation, a rule, and the
   80.22 +  target thm, and it will return the rewritten target thm *)
   80.23 +  val rw :
   80.24 +      ((Term.indexname * Term.typ) list *    (* type var instantiations *)
   80.25 +       (Term.indexname * Term.term) list)    (* schematic var instantiations *)
   80.26 +       * (string * Term.typ) list *          (* bound types *)
   80.27 +      Term.term ->                           (* outer term for instantiation *)
   80.28 +      Thm.thm ->                             (* rule with indexies lifted *)
   80.29 +      Thm.thm ->                             (* target thm *)
   80.30 +      Thm.thm                                (* rewritten theorem possibly 
   80.31 +                                                with additional premises for 
   80.32 +                                                rule conditions *)
   80.33 +
   80.34 +  (* used tools *)
   80.35 +  val mk_abstractedrule :
   80.36 +      (string * Term.typ) list -> Thm.thm -> Thm.cterm list * Thm.thm
   80.37 +  val mk_fixtvar_tyinsts :
   80.38 +      Term.indexname list ->
   80.39 +      Term.term list -> ((string * int) * Term.typ) list * string list
   80.40 +  val mk_renamings :
   80.41 +      Term.term -> Thm.thm -> (((string * int) * Term.typ) * Term.term) list
   80.42 +  val new_tfree :
   80.43 +      ((string * int) * Term.sort) *
   80.44 +      (((string * int) * Term.typ) list * string list) ->
   80.45 +      ((string * int) * Term.typ) list * string list
   80.46 +  val cross_inst : (Term.indexname * Term.term) list 
   80.47 +                   -> (Term.indexname * Term.term) list
   80.48 +
   80.49 +  val beta_contract_tac : Thm.thm -> Thm.thm
   80.50 +  val beta_eta_contract_tac : Thm.thm -> Thm.thm
   80.51 +
   80.52 +end;
   80.53 +
   80.54 +structure RWInst : RW_INST= 
   80.55 +struct
   80.56 +
   80.57 +
   80.58 +(* beta contract the theorem *)
   80.59 +fun beta_contract_tac thm = 
   80.60 +    equal_elim (Thm.beta_conversion true (Thm.cprop_of thm)) thm;
   80.61 +
   80.62 +(* beta-eta contract the theorem *)
   80.63 +fun beta_eta_contract_tac thm = 
   80.64 +    let
   80.65 +      val thm2 = equal_elim (Thm.beta_conversion true (Thm.cprop_of thm)) thm
   80.66 +      val thm3 = equal_elim (Thm.eta_conversion (Thm.cprop_of thm2)) thm2
   80.67 +    in thm3 end;
   80.68 +
   80.69 +(* Given a list of variables that were bound, and a that has been
   80.70 +instantiated with free variable placeholders for the bound vars, it
   80.71 +creates an abstracted version of the theorem, with local bound vars as
   80.72 +lambda-params:
   80.73 +
   80.74 +Ts: 
   80.75 +("x", ty)
   80.76 +
   80.77 +rule::
   80.78 +C :x ==> P :x = Q :x
   80.79 +
   80.80 +results in:
   80.81 +("!! x. C x", (%x. p x = %y. p y) [!! x. C x])
   80.82 +
   80.83 +note: assumes rule is instantiated
   80.84 +*)
   80.85 +(* Note, we take abstraction in the order of last abstraction first *)
   80.86 +fun mk_abstractedrule Ts rule = 
   80.87 +    let 
   80.88 +      val ctermify = Thm.cterm_of (Thm.sign_of_thm rule);
   80.89 +
   80.90 +      (* now we change the names the temporary free vars that represent 
   80.91 +         bound vars with binders outside the redex *)
   80.92 +      val prop = Thm.prop_of rule;
   80.93 +      val names = Term.add_term_names (prop, []);
   80.94 +      val (fromnames,tonames,names2) = 
   80.95 +          foldl (fn ((rnf,rnt,names),(n,ty)) => 
   80.96 +                    let val n2 = Term.variant names n in
   80.97 +                      (ctermify (Free(RWTools.mk_fake_bound_name n,
   80.98 +                                      ty)) :: rnf,
   80.99 +                       ctermify (Free(n2,ty)) :: rnt, 
  80.100 +                       n2 :: names)
  80.101 +                    end)
  80.102 +                (([],[],names), Ts);
  80.103 +      val rule' = rule |> Drule.forall_intr_list fromnames
  80.104 +                       |> Drule.forall_elim_list tonames;
  80.105 +      
  80.106 +      (* make unconditional rule and prems *)
  80.107 +      val (uncond_rule, cprems) = IsaND.allify_conditions ctermify Ts rule';
  80.108 +
  80.109 +      (* using these names create lambda-abstracted version of the rule *)
  80.110 +      val abstractions = Ts ~~ (rev tonames);
  80.111 +      val abstract_rule = foldl (fn (th,((n,ty),ct)) => 
  80.112 +                                    Thm.abstract_rule n ct th)
  80.113 +                                (uncond_rule, abstractions);
  80.114 +    in (cprems, abstract_rule) end;
  80.115 +
  80.116 +
  80.117 +(* given names to avoid, and vars that need to be fixed, it gives
  80.118 +unique new names to the vars so that they can be fixed as free
  80.119 +variables *)
  80.120 +(* make fixed unique free variable instantiations for non-ground vars *)
  80.121 +(* Create a table of vars to be renamed after instantiation - ie
  80.122 +      other uninstantiated vars in the hyps of the rule 
  80.123 +      ie ?z in C ?z ?x ==> A ?x ?y = B ?x ?y *)
  80.124 +fun mk_renamings tgt rule_inst = 
  80.125 +    let
  80.126 +      val rule_conds = Thm.prems_of rule_inst
  80.127 +      val names = foldr Term.add_term_names (tgt :: rule_conds, []);
  80.128 +      val (conds_tyvs,cond_vs) = 
  80.129 +          foldl (fn ((tyvs, vs), t) => 
  80.130 +                    (Library.union
  80.131 +                       (Term.term_tvars t, tyvs),
  80.132 +                     Library.union 
  80.133 +                       (map Term.dest_Var (Term.term_vars t), vs))) 
  80.134 +                (([],[]), rule_conds);
  80.135 +      val termvars = map Term.dest_Var (Term.term_vars tgt); 
  80.136 +      val vars_to_fix = Library.union (termvars, cond_vs);
  80.137 +      val (renamings, names2) = 
  80.138 +          foldr (fn (((n,i),ty), (vs, names')) => 
  80.139 +                    let val n' = Term.variant names' n in
  80.140 +                      ((((n,i),ty), Free (n', ty)) :: vs, n'::names')
  80.141 +                    end)
  80.142 +                (vars_to_fix, ([], names));
  80.143 +    in renamings end;
  80.144 +
  80.145 +(* make a new fresh typefree instantiation for the given tvar *)
  80.146 +fun new_tfree (tv as (ix,sort), (pairs,used)) =
  80.147 +      let val v = variant used (string_of_indexname ix)
  80.148 +      in  ((ix,TFree(v,sort))::pairs, v::used)  end;
  80.149 +
  80.150 +
  80.151 +(* make instantiations to fix type variables that are not 
  80.152 +   already instantiated (in ignore_ixs) from the list of terms. *)
  80.153 +fun mk_fixtvar_tyinsts ignore_ixs ts = 
  80.154 +    let val (tvars, tfreenames) = 
  80.155 +            foldr (fn (t, (varixs, tfreenames)) => 
  80.156 +                      (Term.add_term_tvars (t,varixs),
  80.157 +                       Term.add_term_tfree_names (t,tfreenames)))
  80.158 +                  (ts, ([],[]));
  80.159 +        val unfixed_tvars = filter (fn (ix,s) => not (ix mem ignore_ixs)) tvars;
  80.160 +        val (fixtyinsts, _) = foldr new_tfree (unfixed_tvars, ([], tfreenames))
  80.161 +    in (fixtyinsts, tfreenames) end;
  80.162 +
  80.163 +
  80.164 +(* cross-instantiate the instantiations - ie for each instantiation
  80.165 +replace all occurances in other instantiations - no loops are possible
  80.166 +and thus only one-parsing of the instantiations is necessary. *)
  80.167 +fun cross_inst insts = 
  80.168 +    let 
  80.169 +      fun instL (ix, t) = 
  80.170 +          map (fn (ix2,t2) => (ix2, Term.subst_vars ([], [(ix, t)]) t2));
  80.171 +
  80.172 +      fun cross_instL ([], l) = rev l
  80.173 +        | cross_instL ((ix, t) :: insts, l) = 
  80.174 +          cross_instL (instL (ix, t) insts, (ix, t) :: (instL (ix, t) l));
  80.175 +
  80.176 +    in cross_instL (insts, []) end;
  80.177 +(* as above but for types -- I don't know if this is needed, will we ever incur mixed up types? *)
  80.178 +fun cross_inst_typs insts = 
  80.179 +    let 
  80.180 +      fun instL (ix, ty) = 
  80.181 +          map (fn (ix2,ty2) => (ix2, Term.typ_subst_TVars [(ix, ty)] ty2));
  80.182 +
  80.183 +      fun cross_instL ([], l) = rev l
  80.184 +        | cross_instL ((ix, t) :: insts, l) = 
  80.185 +          cross_instL (instL (ix, t) insts, (ix, t) :: (instL (ix, t) l));
  80.186 +
  80.187 +    in cross_instL (insts, []) end;
  80.188 +
  80.189 +
  80.190 +(* assume that rule and target_thm have distinct var names *)
  80.191 +(* THINK: efficient version with tables for vars for: target vars,
  80.192 +introduced vars, and rule vars, for quicker instantiation? *)
  80.193 +(* The outerterm defines which part of the target_thm was modified *)
  80.194 +(* Note: we take Ts in the upterm order, ie last abstraction first.,
  80.195 +and with an outeterm where the abstracted subterm has the arguments in
  80.196 +the revered order, ie first abstraction first. *)
  80.197 +fun rw ((nonfixed_typinsts, unprepinsts), Ts, outerterm) rule target_thm = 
  80.198 +    let 
  80.199 +      (* general signature info *)
  80.200 +      val target_sign = (Thm.sign_of_thm target_thm);
  80.201 +      val ctermify = Thm.cterm_of target_sign;
  80.202 +      val ctypeify = Thm.ctyp_of target_sign;
  80.203 +
  80.204 +      (* fix all non-instantiated tvars *)
  80.205 +      val (fixtyinsts, othertfrees) = 
  80.206 +          mk_fixtvar_tyinsts (map fst nonfixed_typinsts) 
  80.207 +                             [Thm.prop_of rule, Thm.prop_of target_thm];
  80.208 +
  80.209 +      val typinsts = cross_inst_typs (nonfixed_typinsts @ fixtyinsts);
  80.210 +
  80.211 +      (* certified instantiations for types *)
  80.212 +      val ctyp_insts = map (apsnd ctypeify) typinsts;
  80.213 +
  80.214 +      (* type instantiated versions *)
  80.215 +      val tgt_th_tyinst = 
  80.216 +          Thm.instantiate (ctyp_insts, []) target_thm;
  80.217 +      val rule_tyinst = 
  80.218 +          Thm.instantiate (ctyp_insts, []) rule;
  80.219 +
  80.220 +      (* type instanitated outer term *)
  80.221 +      val outerterm_tyinst = 
  80.222 +          Term.subst_vars (typinsts,[]) outerterm;
  80.223 +
  80.224 +      (* type-instantiate the var instantiations *)
  80.225 +      val insts_tyinst = foldr (fn ((ix,t),insts_tyinst) => 
  80.226 +                            (ix, Term.subst_vars (typinsts,[]) t)
  80.227 +                            :: insts_tyinst)
  80.228 +                        (unprepinsts,[]);
  80.229 +
  80.230 +      (* cross-instantiate *)
  80.231 +      val insts_tyinst_inst = cross_inst insts_tyinst;
  80.232 +
  80.233 +      (* create certms of instantiations *)
  80.234 +      val cinsts_tyinst = 
  80.235 +          map (fn (ix,t) => (ctermify (Var (ix, Term.type_of t)), 
  80.236 +                             ctermify t)) insts_tyinst_inst;
  80.237 +
  80.238 +      (* The instantiated rule *)
  80.239 +      val rule_inst = rule_tyinst |> Thm.instantiate ([], cinsts_tyinst);
  80.240 +
  80.241 +      (* Create a table of vars to be renamed after instantiation - ie
  80.242 +      other uninstantiated vars in the hyps the *instantiated* rule 
  80.243 +      ie ?z in C ?z ?x ==> A ?x ?y = B ?x ?y *)
  80.244 +      val renamings = mk_renamings (Thm.prop_of tgt_th_tyinst) 
  80.245 +                                   rule_inst;
  80.246 +      val cterm_renamings = 
  80.247 +          map (fn (x,y) => (ctermify (Var x), ctermify y)) renamings;
  80.248 +
  80.249 +      (* Create the specific version of the rule for this target application *)
  80.250 +      val outerterm_inst = 
  80.251 +          outerterm_tyinst 
  80.252 +            |> Term.subst_vars ([], insts_tyinst_inst)
  80.253 +            |> Term.subst_vars ([], map (fn ((ix,ty),t) => (ix,t)) 
  80.254 +                                        renamings);
  80.255 +      val couter_inst = Thm.reflexive (ctermify outerterm_inst);
  80.256 +      val (cprems, abstract_rule_inst) = 
  80.257 +          rule_inst |> Thm.instantiate ([], cterm_renamings)
  80.258 +                    |> mk_abstractedrule Ts;
  80.259 +      val specific_tgt_rule = 
  80.260 +          beta_eta_contract_tac
  80.261 +            (Thm.combination couter_inst abstract_rule_inst);
  80.262 +
  80.263 +      (* create an instantiated version of the target thm *)
  80.264 +      val tgt_th_inst = 
  80.265 +          tgt_th_tyinst |> Thm.instantiate ([], cinsts_tyinst)
  80.266 +                        |> Thm.instantiate ([], cterm_renamings);
  80.267 +
  80.268 +      val (vars,frees_of_fixed_vars) = Library.split_list cterm_renamings;
  80.269 +
  80.270 +    in
  80.271 +      (beta_eta_contract_tac tgt_th_inst)
  80.272 +        |> Thm.equal_elim specific_tgt_rule
  80.273 +        |> Drule.implies_intr_list cprems
  80.274 +        |> Drule.forall_intr_list frees_of_fixed_vars
  80.275 +        |> Drule.forall_elim_list vars
  80.276 +        |> fst o Thm.varifyT' othertfrees
  80.277 +        |> Drule.zero_var_indexes
  80.278 +    end;
  80.279 +
  80.280 +
  80.281 +end; (* struct *)
    81.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    81.2 +++ b/src/Pure/IsaPlanner/rw_tools.ML	Tue Feb 01 18:01:57 2005 +0100
    81.3 @@ -0,0 +1,187 @@
    81.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    81.5 +(*  Title:      sys/rw_tools.ML
    81.6 +    Author:     Lucas Dixon, University of Edinburgh
    81.7 +                lucas.dixon@ed.ac.uk
    81.8 +    Created:    28 May 2004
    81.9 +*)
   81.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   81.11 +(*  DESCRIPTION:
   81.12 +
   81.13 +    term related tools used for rewriting
   81.14 +
   81.15 +*)   
   81.16 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   81.17 +
   81.18 +signature RWTOOLS =
   81.19 +sig
   81.20 +end;
   81.21 +
   81.22 +structure RWTools 
   81.23 += struct
   81.24 +
   81.25 +(* THINKABOUT: don't need this: should be able to generate the paired 
   81.26 +   NsTs directly ? --already implemented as ~~
   81.27 +fun join_lists ([],[]) = []
   81.28 +  | join_lists (x::xs, y::ys) = (x,y) :: (join_lists (xs,ys))
   81.29 +  | join_lists (_, _) = raise ERROR_MESSAGE "join_lists: unequal size lists";
   81.30 + *)
   81.31 +
   81.32 +(* fake free variable names for locally bound variables - these work
   81.33 +as placeholders. *)
   81.34 +fun dest_fake_bound_name n = 
   81.35 +    case (explode n) of 
   81.36 +      (":" :: realchars) => implode realchars
   81.37 +    | _ => n;
   81.38 +fun is_fake_bound_name n = (hd (explode n) = ":");
   81.39 +fun mk_fake_bound_name n = ":" ^ n;
   81.40 +
   81.41 +
   81.42 +
   81.43 +(* fake free variable names for local meta variables - these work
   81.44 +as placeholders. *)
   81.45 +fun dest_fake_fix_name n = 
   81.46 +    case (explode n) of 
   81.47 +      ("@" :: realchars) => implode realchars
   81.48 +    | _ => n;
   81.49 +fun is_fake_fix_name n = (hd (explode n) = "@");
   81.50 +fun mk_fake_fix_name n = "@" ^ n;
   81.51 +
   81.52 +
   81.53 +
   81.54 +(* fake free variable names for meta level bound variables *)
   81.55 +fun dest_fake_all_name n = 
   81.56 +    case (explode n) of 
   81.57 +      ("+" :: realchars) => implode realchars
   81.58 +    | _ => n;
   81.59 +fun is_fake_all_name n = (hd (explode n) = "+");
   81.60 +fun mk_fake_all_name n = "+" ^ n;
   81.61 +
   81.62 +
   81.63 +
   81.64 +
   81.65 +(* Ys and Ts not used, Ns are real names of faked local bounds, the
   81.66 +idea is that this will be mapped to free variables thus if a free
   81.67 +variable is a faked local bound then we change it to being a meta
   81.68 +variable so that it can later be instantiated *)
   81.69 +(* FIXME: rename this - avoid the word fix! *)
   81.70 +(* note we are not really "fix"'ing the free, more like making it variable! *)
   81.71 +fun trymkvar_of_fakefree (Ns, Ts) Ys (n,ty) = 
   81.72 +    if (dest_fake_bound_name n) mem Ns then Var((n,0),ty) else Free (n,ty);
   81.73 +
   81.74 +(* make a var into a fixed free (ie prefixed with "@") *)
   81.75 +fun mk_fakefixvar Ts ((n,i),ty) = Free(mk_fake_fix_name n, ty);
   81.76 +
   81.77 +
   81.78 +(* mk_frees_bound: string list -> Term.term -> Term.term *)
   81.79 +(* This function changes free variables to being represented as bound
   81.80 +variables if the free's variable name is in the given list. The debruijn 
   81.81 +index is simply the position in the list *)
   81.82 +(* THINKABOUT: danger of an existing free variable with the same name: fix
   81.83 +this so that name conflict are avoided automatically! In the meantime,
   81.84 +don't have free variables named starting with a ":" *)
   81.85 +fun bounds_of_fakefrees Ys (a $ b) = 
   81.86 +    (bounds_of_fakefrees Ys a) $ (bounds_of_fakefrees Ys b)
   81.87 +  | bounds_of_fakefrees Ys (Abs(n,ty,t)) = 
   81.88 +    Abs(n,ty, bounds_of_fakefrees (n::Ys) t)
   81.89 +  | bounds_of_fakefrees Ys (Free (n,ty)) = 
   81.90 +    let fun try_mk_bound_of_free (i,[]) = Free (n,ty)
   81.91 +          | try_mk_bound_of_free (i,(y::ys)) = 
   81.92 +            if n = y then Bound i else try_mk_bound_of_free (i+1,ys)
   81.93 +    in try_mk_bound_of_free (0,Ys) end
   81.94 +  | bounds_of_fakefrees Ys t = t;
   81.95 +
   81.96 +
   81.97 +(* map a function f onto each free variables *)
   81.98 +fun map_to_frees f Ys (a $ b) = 
   81.99 +    (map_to_frees f Ys a) $ (map_to_frees f Ys b)
  81.100 +  | map_to_frees f Ys (Abs(n,ty,t)) = 
  81.101 +    Abs(n,ty, map_to_frees f ((n,ty)::Ys) t)
  81.102 +  | map_to_frees f Ys (Free a) = 
  81.103 +    f Ys a
  81.104 +  | map_to_frees f Ys t = t;
  81.105 +
  81.106 +
  81.107 +(* map a function f onto each meta variable  *)
  81.108 +fun map_to_vars f Ys (a $ b) = 
  81.109 +    (map_to_vars f Ys a) $ (map_to_vars f Ys b)
  81.110 +  | map_to_vars f Ys (Abs(n,ty,t)) = 
  81.111 +    Abs(n,ty, map_to_vars f ((n,ty)::Ys) t)
  81.112 +  | map_to_vars f Ys (Var a) = 
  81.113 +    f Ys a
  81.114 +  | map_to_vars f Ys t = t;
  81.115 +
  81.116 +(* map a function f onto each free variables *)
  81.117 +fun map_to_alls f (Const("all",allty) $ Abs(n,ty,t)) = 
  81.118 +    let val (n2,ty2) = f (n,ty) 
  81.119 +    in (Const("all",allty) $ Abs(n2,ty2,map_to_alls f t)) end
  81.120 +  | map_to_alls f x = x;
  81.121 +
  81.122 +(* map a function f to each type variable in a term *)
  81.123 +(* implicit arg: term *)
  81.124 +fun map_to_term_tvars f =
  81.125 +    Term.map_term_types (fn TVar(ix,ty) => f (ix,ty) | x => x);
  81.126 +
  81.127 +
  81.128 +
  81.129 +(* what if a param desn't occur in the concl? think about! Note: This
  81.130 +simply fixes meta level univ bound vars as Frees.  At the end, we will
  81.131 +change them back to schematic vars that will then unify
  81.132 +appropriactely, ie with unfake_vars *)
  81.133 +fun fake_concl_of_goal gt i = 
  81.134 +    let 
  81.135 +      val prems = Logic.strip_imp_prems gt
  81.136 +      val sgt = nth_elem (i - 1, prems)
  81.137 +
  81.138 +      val tbody = Logic.strip_imp_concl (Term.strip_all_body sgt)
  81.139 +      val tparams = Term.strip_all_vars sgt
  81.140 +
  81.141 +      val fakefrees = map (fn (n, ty) => Free(mk_fake_all_name n, ty)) 
  81.142 +                          tparams
  81.143 +    in
  81.144 +      Term.subst_bounds (rev fakefrees,tbody)
  81.145 +    end;
  81.146 +
  81.147 +(* what if a param desn't occur in the concl? think about! Note: This
  81.148 +simply fixes meta level univ bound vars as Frees.  At the end, we will
  81.149 +change them back to schematic vars that will then unify
  81.150 +appropriactely, ie with unfake_vars *)
  81.151 +fun fake_goal gt i = 
  81.152 +    let 
  81.153 +      val prems = Logic.strip_imp_prems gt
  81.154 +      val sgt = nth_elem (i - 1, prems)
  81.155 +
  81.156 +      val tbody = Term.strip_all_body sgt
  81.157 +      val tparams = Term.strip_all_vars sgt
  81.158 +
  81.159 +      val fakefrees = map (fn (n, ty) => Free(mk_fake_all_name n, ty)) 
  81.160 +                          tparams
  81.161 +    in
  81.162 +      Term.subst_bounds (rev fakefrees,tbody)
  81.163 +    end;
  81.164 +
  81.165 +
  81.166 +(* hand written - for some reason the Isabelle version in drule is broken!
  81.167 +Example? something to do with Bin Yangs examples? 
  81.168 + *)
  81.169 +fun rename_term_bvars ns (Abs(s,ty,t)) = 
  81.170 +    let val s2opt = Library.find_first (fn (x,y) => s = x) ns
  81.171 +    in case s2opt of 
  81.172 +         None => (Abs(s,ty,rename_term_bvars  ns t))
  81.173 +       | Some (_,s2) => Abs(s2,ty, rename_term_bvars ns t) end
  81.174 +  | rename_term_bvars ns (a$b) = 
  81.175 +    (rename_term_bvars ns a) $ (rename_term_bvars ns b)
  81.176 +  | rename_term_bvars _ x = x;
  81.177 +
  81.178 +fun rename_thm_bvars ns th = 
  81.179 +    let val t = Thm.prop_of th 
  81.180 +    in Thm.rename_boundvars t (rename_term_bvars ns t) th end;
  81.181 +
  81.182 +(* Finish this to show how it breaks! (raises the exception): 
  81.183 +
  81.184 +exception rename_thm_bvars_exp of ((string * string) list * Thm.thm)
  81.185 +
  81.186 +    Drule.rename_bvars ns th 
  81.187 +    handle TERM _ => raise rename_thm_bvars_exp (ns, th); 
  81.188 +*)
  81.189 +
  81.190 +end;
    82.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    82.2 +++ b/src/Pure/IsaPlanner/term_lib.ML	Tue Feb 01 18:01:57 2005 +0100
    82.3 @@ -0,0 +1,824 @@
    82.4 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
    82.5 +(*  Title:      libs/term_lib.ML
    82.6 +    Author:     Lucas Dixon, University of Edinburgh
    82.7 +                lucasd@dai.ed.ac.uk
    82.8 +    Created:    17 Aug 2002
    82.9 +*)
   82.10 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *) 
   82.11 +(*  DESCRIPTION:
   82.12 +
   82.13 +    Additional code to work with terms.
   82.14 +
   82.15 +*)   
   82.16 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
   82.17 +signature TERM_LIB =
   82.18 +sig
   82.19 +    val fo_term_height : Term.term -> int
   82.20 +    val ho_term_height : Term.term -> int
   82.21 +
   82.22 +    val current_sign : unit -> Sign.sg
   82.23 +
   82.24 +    structure fvartabS : TABLE
   82.25 +
   82.26 +    (* Matching/unification with exceptions handled *)
   82.27 +    val clean_match : Type.tsig -> Term.term * Term.term 
   82.28 +                      -> ((Term.indexname * Term.typ) list 
   82.29 +                         * (Term.indexname * Term.term) list) Library.option
   82.30 +    val clean_unify : Sign.sg -> int -> Term.term * Term.term 
   82.31 +                      -> ((Term.indexname * Term.typ) list 
   82.32 +                         * (Term.indexname * Term.term) list) Seq.seq
   82.33 +
   82.34 +    (* managing variables in terms, can doing conversions *)
   82.35 +    val bounds_to_frees : Term.term -> Term.term
   82.36 +    val bounds_to_frees_with_vars :
   82.37 +       (string * Term.typ) list -> Term.term -> Term.term
   82.38 +
   82.39 +    val change_bounds_to_frees : Term.term -> Term.term
   82.40 +    val change_frees_to_vars : Term.term -> Term.term
   82.41 +    val change_vars_to_frees : Term.term -> Term.term
   82.42 +    val loose_bnds_to_frees :
   82.43 +       (string * Term.typ) list -> Term.term -> Term.term
   82.44 +
   82.45 +    (* make all variables named uniquely *)
   82.46 +    val unique_namify : Term.term -> Term.term
   82.47 +
   82.48 +		(* breasking up a term and putting it into a normal form 
   82.49 +       independent of internal term context *)
   82.50 +    val cleaned_term_conc : Term.term -> Term.term
   82.51 +    val cleaned_term_parts : Term.term -> Term.term list * Term.term
   82.52 +    val cterm_of_term : Term.term -> Thm.cterm
   82.53 +
   82.54 +    (* terms of theorems and subgoals *)
   82.55 +    val term_of_thm : Thm.thm -> Term.term
   82.56 +    val get_prems_of_sg_term : Term.term -> Term.term list
   82.57 +    val triv_thm_from_string : string -> Thm.thm
   82.58 +(*    val make_term_into_simp_thm :
   82.59 +       (string * Term.typ) list -> Sign.sg -> Term.term -> Thm.thm
   82.60 +    val thms_of_prems_in_goal : int -> Thm.thm -> Thm.thm list
   82.61 +*)
   82.62 +
   82.63 +
   82.64 +    (* some common term manipulations *)
   82.65 +    val try_dest_Goal : Term.term -> Term.term
   82.66 +    val try_dest_Trueprop : Term.term -> Term.term
   82.67 +
   82.68 +    val bot_left_leaf_of : Term.term -> Term.term
   82.69 +
   82.70 +    (* term containing another term - an embedding check *)
   82.71 +    val term_contains : Term.term -> Term.term -> bool
   82.72 +
   82.73 +    (* name-convertable checking - like ae-convertable, but allows for
   82.74 +       var's and free's to be mixed - and doesn't used buggy code. :-) *)
   82.75 +		val get_name_eq_member : Term.term -> Term.term list -> Term.term option
   82.76 +    val name_eq_member : Term.term -> Term.term list -> bool
   82.77 +    val term_name_eq :
   82.78 +       Term.term ->
   82.79 +       Term.term ->
   82.80 +       (Term.term * Term.term) list ->
   82.81 +       (Term.term * Term.term) list Library.option
   82.82 +
   82.83 +     (* is the typ a function or is it atomic *)
   82.84 +     val is_fun_typ : Term.typ -> bool
   82.85 +     val is_atomic_typ : Term.typ -> bool
   82.86 +
   82.87 +    (* variable analysis *)
   82.88 +    val is_some_kind_of_var : Term.term -> bool
   82.89 +    val same_var_check :
   82.90 +       ''a -> ''b -> (''a * ''b) list -> (''a * ''b) list Library.option
   82.91 +		val has_new_vars : Term.term * Term.term -> bool
   82.92 +    val has_new_typ_vars : Term.term * Term.term -> bool
   82.93 +   (* checks to see if the lhs -> rhs is a invalid rewrite rule *)
   82.94 +    val is_not_valid_rwrule : Type.tsig -> (Term.term * Term.term) -> bool
   82.95 +
   82.96 +    (* get the frees in a term that are of atomic type, ie non-functions *)
   82.97 +    val atomic_frees_of_term : Term.term -> (string * Term.typ) list
   82.98 +
   82.99 +    (* Isar term skolemisationm and unsolemisation *)
  82.100 +    (* I think this is written also in IsarRTechn and also in somewhere else *)
  82.101 +    (* val skolemise_term : (string,Term.typ) list -> Term.term -> Term.term
  82.102 +     val unskolemise_term : (string,Term.typ) list -> Term.term -> Term.term *)
  82.103 +    val unskolemise_all_term : 
  82.104 +        Term.term -> 
  82.105 +        (((string * Term.typ) * string) list * Term.term)
  82.106 +
  82.107 +    (* given a string describing term then a string for its type, returns 
  82.108 +       read term *)
  82.109 +    val readwty : string -> string -> Term.term
  82.110 +
  82.111 +    (* pretty stuff *)
  82.112 +    val pp_term : Term.term -> unit
  82.113 +    val pretty_print_sort : string list -> string
  82.114 +    val pretty_print_term : Term.term -> string
  82.115 +    val pretty_print_type : Term.typ -> string
  82.116 +    val pretty_print_typelist :
  82.117 +       Term.typ list -> (Term.typ -> string) -> string
  82.118 + 
  82.119 +    val string_of_term : Term.term -> string
  82.120 +
  82.121 +    (* these are perhaps redundent, check the standard basis 
  82.122 +       lib for generic versions for any datatype? *)
  82.123 +    val writesort : string list -> unit
  82.124 +    val writeterm : Term.term -> unit
  82.125 +    val writetype : Term.typ -> unit
  82.126 +  end
  82.127 +
  82.128 +
  82.129 +structure TermLib : TERM_LIB = 
  82.130 +struct
  82.131 +
  82.132 +(* Two kinds of depth measure for HOAS terms, a first order (flat) and a 
  82.133 +   higher order one. 
  82.134 +   Note: not stable of eta-contraction: embedding eta-expands term, 
  82.135 +   thus we assume eta-expanded *)
  82.136 +fun fo_term_height (a $ b) = 
  82.137 +    IsaPLib.max (1 + fo_term_height b, (fo_term_height a))
  82.138 +  | fo_term_height (Abs(_,_,t)) = fo_term_height t
  82.139 +  | fo_term_height _ = 0;
  82.140 +    
  82.141 +fun ho_term_height  (a $ b) = 
  82.142 +    1 + (IsaPLib.max (ho_term_height b, ho_term_height a))
  82.143 +  | ho_term_height (Abs(_,_,t)) = ho_term_height t
  82.144 +  | ho_term_height _ = 0;
  82.145 +
  82.146 +(* Higher order matching with exception handled *)
  82.147 +(* returns optional instantiation *)
  82.148 +fun clean_match tsig (a as (pat, t)) = 
  82.149 +    Some (Pattern.match tsig a) handle Pattern.MATCH => None;
  82.150 +(* Higher order unification with exception handled, return the instantiations *)
  82.151 +(* given Signature, max var index, pat, tgt *)
  82.152 +(* returns Seq of instantiations *)
  82.153 +fun clean_unify sgn ix (a as (pat, tgt)) = 
  82.154 +    let 
  82.155 +      (* type info will be re-derived, maybe this can be cached 
  82.156 +         for efficiency? *)
  82.157 +      val pat_ty = Term.type_of pat;
  82.158 +      val tgt_ty = Term.type_of tgt;
  82.159 +      (* is it OK to ignore the type instantiation info? 
  82.160 +         or should I be using it? *)
  82.161 +      val typs_unify = 
  82.162 +          (Some (Type.unify (Sign.tsig_of sgn) (Term.Vartab.empty, ix) 
  82.163 +                            (pat_ty, tgt_ty)))
  82.164 +          handle Type.TUNIFY => None;
  82.165 +    in
  82.166 +      case typs_unify of
  82.167 +        Some (typinsttab, ix2) =>
  82.168 +        let 
  82.169 +      (* is it right to throw away teh flexes? 
  82.170 +         or should I be using them somehow? *)
  82.171 +          fun mk_insts (env,flexflexes) = 
  82.172 +              (Vartab.dest (Envir.type_env env),  Envir.alist_of env);
  82.173 +          val initenv = Envir.Envir {asol = Vartab.empty, 
  82.174 +                                     iTs = typinsttab, maxidx = ix2};
  82.175 +          val useq = (Unify.unifiers (sgn,initenv,[a]))
  82.176 +              handle Library.LIST _ => Seq.empty
  82.177 +                   | Term.TERM _ => Seq.empty;
  82.178 +          fun clean_unify' useq () = 
  82.179 +              (case (Seq.pull useq) of 
  82.180 +                 None => None
  82.181 +               | Some (h,t) => Some (mk_insts h, Seq.make (clean_unify' t)))
  82.182 +              handle Library.LIST _ => None
  82.183 +                   | Term.TERM _ => None;
  82.184 +        in
  82.185 +          (Seq.make (clean_unify' useq))
  82.186 +        end
  82.187 +      | None => Seq.empty
  82.188 +    end;
  82.189 +
  82.190 +fun asm_mk t = (assume (cterm_of (Theory.sign_of (the_context())) t));
  82.191 +fun asm_read s = 
  82.192 +    (Thm.assume (read_cterm (Theory.sign_of (Context.the_context())) (s,propT)));
  82.193 +
  82.194 +
  82.195 +(* more pretty printing code for Isabelle terms etc *)
  82.196 +
  82.197 +
  82.198 +(* pretty_print_typelist l f = print a typelist. 
  82.199 +   l = list of types to print : typ list
  82.200 +   f = function used to print a single type : typ -> string
  82.201 +*)
  82.202 +fun pretty_print_typelist [] f = ""
  82.203 +  | pretty_print_typelist [(h: typ)] (f : typ -> string) = (f h)
  82.204 +  | pretty_print_typelist ((h: typ) :: t) (f : typ -> string) = 
  82.205 +      (f h) ^ ", " ^ (pretty_print_typelist t f);
  82.206 +
  82.207 +
  82.208 +
  82.209 +(* pretty_print_sort s = print a sort 
  82.210 +   s = sort to print : string list
  82.211 +*)
  82.212 +fun pretty_print_sort [] = ""
  82.213 +  | pretty_print_sort ([h])  = "\"" ^ h ^ "\""
  82.214 +  | pretty_print_sort (h :: t)  = "\"" ^ h ^ "\"," ^ (pretty_print_sort t);
  82.215 +
  82.216 +
  82.217 +(* pretty_print_type t = print a type
  82.218 +   t = type to print : type
  82.219 +*)
  82.220 +fun pretty_print_type (Type (n, l)) = 
  82.221 +      "Type(\"" ^ n ^ "\", [" ^ (pretty_print_typelist l pretty_print_type) ^ "])"
  82.222 +  | pretty_print_type (TFree (n, s)) = 
  82.223 +      "TFree(\"" ^ n ^ "\", [" ^ (pretty_print_sort s) ^ "])"
  82.224 +  | pretty_print_type (TVar ((n, i), s)) = 
  82.225 +      "TVar( (\"" ^ n ^ "\", " ^ (string_of_int i) ^ "), [" ^ (pretty_print_sort s) ^ "])";
  82.226 +
  82.227 +
  82.228 +(* pretty_print_term t = print a term prints types and sorts too.
  82.229 +   t = term to print : term
  82.230 +*)
  82.231 +fun pretty_print_term (Const (s, t)) = 
  82.232 +      "Const(\"" ^ s ^ "\", " ^ (pretty_print_type t) ^ ")"
  82.233 +  | pretty_print_term (Free (s, t)) = 
  82.234 +      "Free(\"" ^ s ^ "\", " ^ (pretty_print_type t) ^ ")"
  82.235 +  | pretty_print_term (Var ((n, i), t)) = 
  82.236 +      "Var( (\"" ^ n ^ "\"," ^ (string_of_int i) ^ "), " ^ (pretty_print_type t) ^ ")"
  82.237 +  | pretty_print_term (Bound i) = 
  82.238 +      "Bound(" ^ (string_of_int i) ^ ")"
  82.239 +  | pretty_print_term (Abs (s, t, r)) = 
  82.240 +      "Abs(\"" ^ s ^ "\"," ^ (pretty_print_type t) ^ ", \n  " ^ (pretty_print_term r) ^ ")"
  82.241 +  | pretty_print_term (op $ (t1, t2)) = 
  82.242 +      "(" ^ (pretty_print_term t1) ^ ") $\n (" ^ (pretty_print_term t2) ^ ")";
  82.243 +
  82.244 +(* Write the term out nicly instead of just creating a string for it *)
  82.245 +fun writeterm t = writeln (pretty_print_term t);
  82.246 +fun writetype t = writeln (pretty_print_type t);
  82.247 +fun writesort s = writeln (pretty_print_sort s);
  82.248 +
  82.249 +
  82.250 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  82.251 +(*  Turn on show types *)
  82.252 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  82.253 +
  82.254 +(* if (!show_types) then true else set show_types; *)
  82.255 +
  82.256 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  82.257 +(*  functions *)
  82.258 +(* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- *)
  82.259 +
  82.260 +fun current_sign () = sign_of (the_context());
  82.261 +fun cterm_of_term (t : term) = cterm_of (current_sign()) t;
  82.262 +fun term_of_thm t = (Thm.prop_of t);
  82.263 +
  82.264 +(* little function to make a trueprop of anything by putting a P 
  82.265 +   function in front of it... 
  82.266 +fun HOL_mk_term_prop t = 
  82.267 +  ((Const("Trueprop", Type("fun", 
  82.268 +    [Type("bool", []), Type("prop", [])]))) $
  82.269 +      ((Free("P", Type("fun", [type_of t, 
  82.270 +        Type("bool", [])]))) $ t));
  82.271 +
  82.272 +*)
  82.273 +
  82.274 +fun string_of_term t =
  82.275 +  (Sign.string_of_term (current_sign()) t);
  82.276 +
  82.277 +(*
  82.278 +(allt as (Const("Trueprop", ty) $ m)) = 
  82.279 +    (string_of_cterm (cterm_of_term allt))
  82.280 +  | string_of_term (t : term) = 
  82.281 +    string_of_cterm (cterm_of_term (HOL_mk_term_prop t));
  82.282 +*)
  82.283 +
  82.284 +(* creates a simple cterm of the term if it's not already a prop by 
  82.285 +   prefixing it with a polymorphic function P, then create the cterm
  82.286 +   and print that. Handy tool for printing terms that are not
  82.287 +   already propositions, or not cterms. 
  82.288 +*)
  82.289 +fun pp_term t = writeln (string_of_term t);
  82.290 +
  82.291 +(* create a trivial HOL thm from anything... *)
  82.292 +fun triv_thm_from_string s = 
  82.293 +  Thm.trivial (cterm_of (current_sign()) (read s));
  82.294 +
  82.295 +  (* Checks if vars could be the same - alpha convertable
  82.296 +  w.r.t. previous vars, a and b are assumed to be vars,
  82.297 +  free vars, but not bound vars,
  82.298 +  Note frees and vars must all have unique names. *)
  82.299 +  fun same_var_check a b L =
  82.300 +  let 
  82.301 +    fun bterm_from t [] = None
  82.302 +      | bterm_from t ((a,b)::m) = 
  82.303 +          if t = a then Some b else bterm_from t m
  82.304 +
  82.305 +    val bl_opt = bterm_from a L
  82.306 +  in
  82.307 +		case bterm_from a L of
  82.308 +			None => Some ((a,b)::L)
  82.309 +		| Some b2 => if b2 = b then Some L else None
  82.310 +  end;
  82.311 +
  82.312 +  (* FIXME: make more efficient, only require a single new var! *)
  82.313 +  (* check if the new term has any meta variables not in the old term *)
  82.314 +  fun has_new_vars (old, new) = 
  82.315 +			(case IsaPLib.lrem (op =) (Term.term_vars old) (Term.term_vars new) of 
  82.316 +				 [] => false
  82.317 +			 | (_::_) => true);
  82.318 +  (* check if the new term has any meta variables not in the old term *)
  82.319 +  fun has_new_typ_vars (old, new) = 
  82.320 +			(case IsaPLib.lrem (op =) (Term.term_tvars old) (Term.term_tvars new) of 
  82.321 +				 [] => false
  82.322 +			 | (_::_) => true);
  82.323 +
  82.324 +  (* working with Isar terms and their skolemisation(s) *)
  82.325 +(*    val skolemise_term : (string,Term.typ) list -> Term.term -> Term.term
  82.326 +    val unskolemise_term : (string,Term.typ) list -> Term.term -> Term.term
  82.327 +*)
  82.328 +
  82.329 +(* cunning version *)
  82.330 +
  82.331 +(* This version avoids name conflicts that might be intorduced by
  82.332 +unskolemisation, and returns a list of (string * Term.typ) * string,
  82.333 +where the outer string is the original name, and the inner string is
  82.334 +the new name, and the type is the type of the free variable that was
  82.335 +renamed. *)
  82.336 +local
  82.337 +  fun myadd (n,ty) (L as (renames, names)) = 
  82.338 +      let val n' = Syntax.dest_skolem n in 
  82.339 +        case (Library.find_first (fn (_,n2) => (n2 = n)) renames) of 
  82.340 +          None => 
  82.341 +          let val renamedn = Term.variant names n' in 
  82.342 +            (renamedn, (((renamedn, ty), n) :: renames, 
  82.343 +                        renamedn :: names)) end
  82.344 +        | (Some ((renamedn, _), _)) => (renamedn, L)
  82.345 +      end
  82.346 +      handle LIST _ => (n, L);
  82.347 +
  82.348 +  fun unsk (L,f) (t1 $ t2) = 
  82.349 +      let val (L', t1') = unsk (L, I) t1 
  82.350 +      in unsk (L', (fn x => f (t1' $ x))) t2 end
  82.351 +    | unsk (L,f) (Abs(n,ty,t)) = 
  82.352 +      unsk (L, (fn x => Abs(n,ty,x))) t
  82.353 +    | unsk (L, f) (Free (n,ty)) = 
  82.354 +      let val (renamed_n, L') = myadd (n ,ty) L
  82.355 +       in (L', f (Free (renamed_n, ty))) end
  82.356 +    | unsk (L, f) l = (L, f l);
  82.357 +in
  82.358 +fun unskolemise_all_term t = 
  82.359 +    let 
  82.360 +      val names = Term.add_term_names (t,[]) 
  82.361 +      val ((renames,names'),t') = unsk (([], names),I) t
  82.362 +    in (renames,t') end;
  82.363 +end
  82.364 +
  82.365 +(*    fun unskolemise_all_term t = 
  82.366 +        let 
  82.367 +          fun fmap fv = 
  82.368 +              let (n,ty) = (Term.dest_Free fv) in 
  82.369 +                Some (fv, Free (Syntax.dest_skolem n, ty)) handle LIST _ => None
  82.370 +              end
  82.371 +          val substfrees = mapfilter fmap (Term.term_frees t)
  82.372 +        in
  82.373 +          Term.subst_free substfrees t
  82.374 +        end; *)
  82.375 +
  82.376 +(* true if the type t is a function *)
  82.377 +fun is_fun_typ (Type(s, l)) = 
  82.378 +    if s = "fun" then true else false
  82.379 +  | is_fun_typ _ = false;
  82.380 +
  82.381 +val is_atomic_typ = not o is_fun_typ;
  82.382 +
  82.383 +(* get the frees in a term that are of atomic type, ie non-functions *)
  82.384 +val atomic_frees_of_term =
  82.385 +     filter (is_atomic_typ o snd) 
  82.386 +     o map Term.dest_Free 
  82.387 +     o Term.term_frees;
  82.388 +
  82.389 +
  82.390 +(* read in a string and a top-level type and this will give back a term *) 
  82.391 +fun readwty tstr tystr = 
  82.392 +    let 
  82.393 +      val sgn = Theory.sign_of (the_context())
  82.394 +    in
  82.395 +      Sign.simple_read_term sgn (Sign.read_typ (sgn, K None) tystr) tstr
  82.396 +    end;
  82.397 +
  82.398 +
  82.399 +  (* first term is equal to the second in some name convertable
  82.400 +  way... Note: This differs from the aeconv in the Term.ML file of
  82.401 +  Isabelle in that it allows a var to be alpha-equiv to a free var. 
  82.402 +  
  82.403 +  Also, the isabelle term.ML version of aeconv uses a
  82.404 +  function that it claims doesn't work! *)
  82.405 +
  82.406 +  fun term_name_eq (Abs(_,ty1,t1)) (Abs(_,ty2,t2)) l = 
  82.407 +    if ty1 = ty2 then term_name_eq t1 t2 l
  82.408 +    else None
  82.409 +
  82.410 +  | term_name_eq (ah $ at) (bh $ bt) l =
  82.411 +    let 
  82.412 +      val lopt = (term_name_eq ah bh l)
  82.413 +    in
  82.414 +      if is_some lopt then 
  82.415 +	term_name_eq at bt (the lopt)
  82.416 +      else
  82.417 +        None
  82.418 +    end
  82.419 +
  82.420 +  | term_name_eq (Const(a,T)) (Const(b,U)) l = 
  82.421 +    if a=b andalso T=U then Some l
  82.422 +    else None
  82.423 +
  82.424 +  | term_name_eq (a as Free(s1,ty1)) (b as Free(s2,ty2)) l = 
  82.425 +    same_var_check a b l
  82.426 +
  82.427 +  | term_name_eq (a as Free(s1,ty1)) (b as Var(n2,ty2)) l = 
  82.428 +    same_var_check a b l
  82.429 +
  82.430 +  | term_name_eq (a as Var(n1,ty1)) (b as Free(s2,ty2)) l = 
  82.431 +    same_var_check a b l
  82.432 +
  82.433 +  | term_name_eq (a as Var(n1,ty1)) (b as Var(n2,ty2)) l = 
  82.434 +    same_var_check a b l
  82.435 +
  82.436 +  | term_name_eq (Bound i) (Bound j) l = 
  82.437 +    if i = j then Some l else None
  82.438 +
  82.439 +  | term_name_eq a b l = ((*writeln ("unchecked case:\n" ^ "a:\n" ^ (pretty_print_term a) ^ "\nb:\n" ^ (pretty_print_term b));*) None);
  82.440 +
  82.441 + (* checks to see if the term in a name-equivalent member of the list of terms. *)
  82.442 +  fun get_name_eq_member a [] = None
  82.443 +    | get_name_eq_member a (h :: t) = 
  82.444 +        if is_some (term_name_eq a h []) then Some h 
  82.445 +				else get_name_eq_member a t;
  82.446 +
  82.447 +  fun name_eq_member a [] = false
  82.448 +    | name_eq_member a (h :: t) = 
  82.449 +        if is_some (term_name_eq a h []) then true 
  82.450 +				else name_eq_member a t;
  82.451 +
  82.452 +  (* true if term is a variable *)
  82.453 +  fun is_some_kind_of_var (Free(s, ty)) = true
  82.454 +    | is_some_kind_of_var (Var(i, ty)) = true
  82.455 +    | is_some_kind_of_var (Bound(i)) = true
  82.456 +    | is_some_kind_of_var _ = false;
  82.457 +
  82.458 +    (* checks to see if the lhs -> rhs is a invalid rewrite rule *)
  82.459 +(* FIXME: we should really check that there is a subterm on the lhs
  82.460 +which embeds into the rhs, this would be much closer to the normal
  82.461 +notion of valid wave rule - ie there exists at least one case where it
  82.462 +is a valid wave rule... *)                                        
  82.463 +	fun is_not_valid_rwrule tysig (lhs, rhs) = 
  82.464 +			(Pattern.matches_subterm tysig (lhs, rhs)) orelse
  82.465 +			has_new_vars (lhs,rhs) orelse
  82.466 +      has_new_typ_vars (lhs,rhs);
  82.467 +
  82.468 +
  82.469 +  (* first term contains the second in some name convertable way... *)
  82.470 +  (* note: this is equivalent to an alpha-convertable emedding *)
  82.471 +  (* takes as args: term containing a, term contained b,
  82.472 +     (bound vars of a, bound vars of b), 
  82.473 +     current alpha-conversion-pairs, 
  82.474 +     returns: bool:can convert, new alpha-conversion table *)
  82.475 +  (* in bellow: we *don't* use: a loose notion that only requires
  82.476 +  variables to match variables, and doesn't worry about the actual
  82.477 +  pattern in the variables. *)
  82.478 +  fun term_contains1 (Bs, FVs) (Abs(s,ty,t)) (Abs(s2,ty2,t2)) = 
  82.479 +			if ty = ty2 then 
  82.480 +				term_contains1 ((Some(s,s2,ty)::Bs), FVs) t t2
  82.481 +			else []
  82.482 +
  82.483 +  | term_contains1 T t1 (Abs(s2,ty2,t2)) = []
  82.484 +
  82.485 +  | term_contains1 (Bs, FVs) (Abs(s,ty,t)) t2 = 
  82.486 +    term_contains1 (None::Bs, FVs) t t2
  82.487 +
  82.488 +  | term_contains1 T (ah $ at) (bh $ bt) =
  82.489 +    (term_contains1 T ah (bh $ bt)) @ 
  82.490 +    (term_contains1 T at (bh $ bt)) @
  82.491 +    (flat (map (fn inT => (term_contains1 inT at bt)) 
  82.492 +               (term_contains1 T ah bh)))
  82.493 +
  82.494 +  | term_contains1 T a (bh $ bt) = []
  82.495 +
  82.496 +  | term_contains1 T (ah $ at) b =
  82.497 +		(term_contains1 T ah b) @ (term_contains1 T at b)
  82.498 +
  82.499 +  | term_contains1 T a b = 
  82.500 +  (* simple list table lookup to check if a named variable has been
  82.501 +  mapped to a variable, if not adds the mapping and return some new
  82.502 +  list mapping, if it is then it checks that the pair are mapped to
  82.503 +  each other, if so returns the current mapping list, else none. *)
  82.504 +		let 
  82.505 +			fun bterm_from t [] = None
  82.506 +				| bterm_from t ((a,b)::m) = 
  82.507 +					if t = a then Some b else bterm_from t m
  82.508 +
  82.509 +  (* check to see if, w.r.t. the variable mapping, two terms are leaf
  82.510 +  terms and are mapped to each other. Note constants are only mapped
  82.511 +  to the same constant. *) 
  82.512 +			fun same_leaf_check (T as (Bs,FVs)) (Bound i) (Bound j) =
  82.513 +					let 
  82.514 +						fun aux_chk (i1,i2) [] = false
  82.515 +							| aux_chk (0,0) ((Some _) :: bnds) = true
  82.516 +							| aux_chk (i1,0) (None :: bnds) = false
  82.517 +							| aux_chk (i1,i2) ((Some _) :: bnds) =
  82.518 +								aux_chk (i1 - 1,i2 - 1) bnds
  82.519 +							| aux_chk (i1,i2) (None :: bnds) =
  82.520 +								aux_chk (i1,i2 - 1) bnds 
  82.521 +					in
  82.522 +						if (aux_chk (i,j) Bs) then [T]
  82.523 +						else []
  82.524 +					end
  82.525 +				| same_leaf_check (T as (Bs,(Fs,Vs))) 
  82.526 +                          (a as (Free (an,aty))) 
  82.527 +                          (b as (Free (bn,bty))) =
  82.528 +					(case bterm_from an Fs of 
  82.529 +						 Some b2n => if bn = b2n then [T]
  82.530 +												 else [] (* conflict of var name *)
  82.531 +					 | None => [(Bs,((an,bn)::Fs,Vs))])
  82.532 +				| same_leaf_check (T as (Bs,(Fs,Vs))) 
  82.533 +                          (a as (Var (an,aty))) 
  82.534 +                          (b as (Var (bn,bty))) =
  82.535 +					(case bterm_from an Vs of 
  82.536 +						 Some b2n => if bn = b2n then [T]
  82.537 +												 else [] (* conflict of var name *)
  82.538 +					 | None => [(Bs,(Fs,(an,bn)::Vs))])
  82.539 +				| same_leaf_check T (a as (Const _)) (b as (Const _)) =
  82.540 +					if a = b then [T] else []
  82.541 +				| same_leaf_check T _ _ = []
  82.542 +
  82.543 +		in
  82.544 +			same_leaf_check T a b
  82.545 +		end;
  82.546 +
  82.547 +  (* wrapper for term_contains1: checks if the term "a" contains in
  82.548 +  some embedded way, (w.r.t. name -convertable) the term "b" *)
  82.549 +  fun term_contains a b = 
  82.550 +			case term_contains1 ([],([],[])) a b of
  82.551 +			  (_ :: _) => true
  82.552 +			| [] => false;
  82.553 +
  82.554 +
  82.555 +      (* pp_term a; pp_term b; writeln "EQTerm matches are: "; map (fn (a,b) => writeln ("(" ^ (string_of_term a) ^ ", " ^ (string_of_term b) ^ ")")) L;*) 
  82.556 +
  82.557 +
  82.558 +  (* change all bound variables to see ones with appropriate name and
  82.559 +  type *)
  82.560 +
  82.561 +  (* naming convention is OK as we use 'variant' from term.ML *)
  82.562 +
  82.563 +  (* Note "bounds_to_frees" defined below, its better and quicker, but
  82.564 +  keeps the quantifiers handing about, and changes all bounds, not
  82.565 +  just universally quantified ones. *)
  82.566 +  fun change_bounds_to_frees t =  
  82.567 +    let 
  82.568 +      val vars = strip_all_vars t
  82.569 +      val frees_names = map (fn Free(s,n) => s | _ => "") (term_frees t)
  82.570 +      val body = strip_all_body t
  82.571 +
  82.572 +      fun bnds_to_frees [] _ acc = acc
  82.573 +        | bnds_to_frees ((name,ty)::more) names acc = 
  82.574 +            let 
  82.575 +	      val new_name = variant names name
  82.576 +	    in
  82.577 +	      bnds_to_frees more (new_name::names) (Free(new_name,ty)::acc)
  82.578 +	    end
  82.579 +    in
  82.580 +      (subst_bounds ((bnds_to_frees vars frees_names []), body))
  82.581 +    end; 
  82.582 +
  82.583 +
  82.584 +
  82.585 +structure fvartabS = TableFun(type key = string val ord = string_ord);
  82.586 +
  82.587 +(* a runtime-quick function which makes sure that every variable has a
  82.588 +unique name *)
  82.589 +fun unique_namify_aux (ntab,(Abs(s,ty,t))) = 
  82.590 +    (case (fvartabS.lookup (ntab,s)) of
  82.591 +       None => 
  82.592 +       let 
  82.593 +				 val (ntab2,t2) = unique_namify_aux ((fvartabS.update ((s,s),ntab)), t)
  82.594 +       in
  82.595 +				 (ntab2,Abs(s,ty,t2))
  82.596 +       end
  82.597 +     | Some s2 => 
  82.598 +       let 
  82.599 +				 val s_new = (Term.variant (fvartabS.keys ntab) s)
  82.600 +				 val (ntab2,t2) = 
  82.601 +						 unique_namify_aux ((fvartabS.update ((s_new,s_new),ntab)), t)
  82.602 +       in
  82.603 +				 (ntab2,Abs(s_new,ty,t2))
  82.604 +       end)
  82.605 +  | unique_namify_aux (ntab,(a $ b)) = 
  82.606 +    let 
  82.607 +      val (ntab1,t1) = unique_namify_aux (ntab,a)
  82.608 +      val (ntab2,t2) = unique_namify_aux (ntab1,b)		       
  82.609 +    in
  82.610 +      (ntab2, t1$t2)
  82.611 +    end
  82.612 +  | unique_namify_aux (nt as (ntab,Const x)) = nt
  82.613 +  | unique_namify_aux (nt as (ntab,f as Free (s,ty))) = 
  82.614 +    (case (fvartabS.lookup (ntab,s)) of
  82.615 +       None => ((fvartabS.update ((s,s),ntab)), f)
  82.616 +     | Some _ => nt)
  82.617 +  | unique_namify_aux (nt as (ntab,v as Var ((s,i),ty))) = 
  82.618 +    (case (fvartabS.lookup (ntab,s)) of
  82.619 +       None => ((fvartabS.update ((s,s),ntab)), v)
  82.620 +     | Some _ => nt)
  82.621 +  | unique_namify_aux (nt as (ntab, Bound i)) = nt;
  82.622 +		
  82.623 +fun unique_namify t = 
  82.624 +    #2 (unique_namify_aux (fvartabS.empty, t));
  82.625 +
  82.626 +(* a runtime-quick function which makes sure that every variable has a
  82.627 +unique name and also changes bound variables to free variables, used
  82.628 +for embedding checks, Note that this is a pretty naughty term
  82.629 +manipulation, which doesn't have necessary relation to the original
  82.630 +sematics of the term. This is really a trick for our embedding code. *)
  82.631 +
  82.632 +fun bounds_to_frees_aux T (ntab,(Abs(s,ty,t))) = 
  82.633 +    (case (fvartabS.lookup (ntab,s)) of
  82.634 +      None => 
  82.635 +      let 
  82.636 +	val (ntab2,t2) = bounds_to_frees_aux ((s,ty)::T)
  82.637 +				       ((fvartabS.update ((s,s),ntab)), t)
  82.638 +      in
  82.639 +	(ntab2,Abs(s,ty,t2))
  82.640 +      end
  82.641 +    | Some s2 => 
  82.642 +      let 
  82.643 +	val s_new = (Term.variant (fvartabS.keys ntab) s)
  82.644 +	val (ntab2,t2) = 
  82.645 +	    bounds_to_frees_aux ((s_new,ty)::T) 
  82.646 +			  (fvartabS.update (((s_new,s_new),ntab)), t)
  82.647 +      in
  82.648 +	(ntab2,Abs(s_new,ty,t2))
  82.649 +      end)
  82.650 +  | bounds_to_frees_aux T (ntab,(a $ b)) = 
  82.651 +    let 
  82.652 +      val (ntab1,t1) = bounds_to_frees_aux T (ntab,a)
  82.653 +      val (ntab2,t2) = bounds_to_frees_aux T (ntab1,b)		       
  82.654 +    in
  82.655 +      (ntab2, t1$t2)
  82.656 +    end
  82.657 +  | bounds_to_frees_aux T (nt as (ntab,Const x)) = nt
  82.658 +  | bounds_to_frees_aux T (nt as (ntab,f as Free (s,ty))) = 
  82.659 +    (case (fvartabS.lookup (ntab,s)) of
  82.660 +      None => ((fvartabS.update ((s,s),ntab)), f)
  82.661 +    | Some _ => nt)
  82.662 +  | bounds_to_frees_aux T (nt as (ntab,v as Var ((s,i),ty))) = 
  82.663 +     (case (fvartabS.lookup (ntab,s)) of
  82.664 +      None => ((fvartabS.update ((s,s),ntab)), v)
  82.665 +    | Some _ => nt)
  82.666 +  | bounds_to_frees_aux T (nt as (ntab, Bound i)) = 
  82.667 +    let 
  82.668 +      val (s,ty) = Library.nth_elem (i,T) 
  82.669 +    in
  82.670 +      (ntab, Free (s,ty))
  82.671 +    end;
  82.672 +
  82.673 +
  82.674 +fun bounds_to_frees t = 
  82.675 +    #2 (bounds_to_frees_aux [] (fvartabS.empty,t));
  82.676 +
  82.677 +fun bounds_to_frees_with_vars vars t = 
  82.678 +    #2 (bounds_to_frees_aux vars (fvartabS.empty,t));
  82.679 +
  82.680 +
  82.681 +
  82.682 +(* loose bounds to frees *)
  82.683 +fun loose_bnds_to_frees_aux (bnds,vars) (Abs(s,ty,t)) = 
  82.684 +    Abs(s,ty,loose_bnds_to_frees_aux (bnds + 1,vars) t)
  82.685 +  | loose_bnds_to_frees_aux (bnds,vars) (a $ b) = 
  82.686 +    (loose_bnds_to_frees_aux (bnds,vars) a) 
  82.687 +      $ (loose_bnds_to_frees_aux (bnds,vars) b)
  82.688 +  | loose_bnds_to_frees_aux (bnds,vars) (t as (Bound i)) = 
  82.689 +    if (bnds <= i) then Free (Library.nth_elem (i - bnds,vars))
  82.690 +    else t
  82.691 +  | loose_bnds_to_frees_aux (bnds,vars) t = t;
  82.692 +
  82.693 +
  82.694 +fun loose_bnds_to_frees vars t = 
  82.695 +    loose_bnds_to_frees_aux (0,vars) t;
  82.696 +
  82.697 +(* puts prems of a theorem into a useful form, (rulify) 
  82.698 +  Note that any loose bound variables are treated as free vars 
  82.699 +*)
  82.700 +(* fun make_term_into_simp_thm vars sgn t = 
  82.701 +    let 
  82.702 +      val triv =