isabelle: doc-src/TutorialI/Inductive/document/Advanced.tex@08ad27488983 (annotated)

10365 a17cf465d29a auto generated paulson parents: diff changeset	1	%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	2	\begin{isabellebody}%
c6e49929e544 auto-update paulson parents: 11173 diff changeset	3	\def\isabellecontext{Advanced}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	4	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	5	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	6	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	7	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	8	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	9	\isatagtheory
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	10	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	11	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	12	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	13	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	14	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	15	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	16	\endisadelimtheory
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	17	%
43564 9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	18	\isadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	19	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	20	\endisadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	21	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	22	\isatagML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	23	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	24	\endisatagML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	25	{\isafoldML}%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	26	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	27	\isadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	28	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	29	\endisadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	30	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	31	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	32	The premises of introduction rules may contain universal quantifiers and
ca73e86c22bb updated berghofe parents: 23733 diff changeset	33	monotone functions. A universal quantifier lets the rule
ca73e86c22bb updated berghofe parents: 23733 diff changeset	34	refer to any number of instances of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	35	the inductively defined set. A monotone function lets the rule refer
ca73e86c22bb updated berghofe parents: 23733 diff changeset	36	to existing constructions (such as ``list of'') over the inductively defined
ca73e86c22bb updated berghofe parents: 23733 diff changeset	37	set. The examples below show how to use the additional expressiveness
ca73e86c22bb updated berghofe parents: 23733 diff changeset	38	and how to reason from the resulting definitions.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	39	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	40	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	41	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	42	\isamarkupsubsection{Universal Quantifiers in Introduction Rules \label{sec:gterm-datatype}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	43	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	44	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	45	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	46	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	47	\index{ground terms example\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	48	\index{quantifiers!and inductive definitions\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	49	As a running example, this section develops the theory of \textbf{ground
ca73e86c22bb updated berghofe parents: 23733 diff changeset	50	terms}: terms constructed from constant and function
ca73e86c22bb updated berghofe parents: 23733 diff changeset	51	symbols but not variables. To simplify matters further, we regard a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	52	constant as a function applied to the null argument list. Let us declare a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	53	datatype \isa{gterm} for the type of ground terms. It is a type constructor
ca73e86c22bb updated berghofe parents: 23733 diff changeset	54	whose argument is a type of function symbols.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	55	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	56	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	57	\isacommand{datatype}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	58	\ {\isaliteral{27}{\isacharprime}}f\ gterm\ {\isaliteral{3D}{\isacharequal}}\ Apply\ {\isaliteral{27}{\isacharprime}}f\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ gterm\ list{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	59	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	60	To try it out, we declare a datatype of some integer operations:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	61	integer constants, the unary minus operator and the addition
ca73e86c22bb updated berghofe parents: 23733 diff changeset	62	operator.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	63	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	64	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	65	\isacommand{datatype}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	66	\ integer{\isaliteral{5F}{\isacharunderscore}}op\ {\isaliteral{3D}{\isacharequal}}\ Number\ int\ {\isaliteral{7C}{\isacharbar}}\ UnaryMinus\ {\isaliteral{7C}{\isacharbar}}\ Plus%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	67	\begin{isamarkuptext}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	68	Now the type \isa{integer{\isaliteral{5F}{\isacharunderscore}}op\ gterm} denotes the ground
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	69	terms built over those symbols.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	70
ca73e86c22bb updated berghofe parents: 23733 diff changeset	71	The type constructor \isa{gterm} can be generalized to a function
ca73e86c22bb updated berghofe parents: 23733 diff changeset	72	over sets. It returns
ca73e86c22bb updated berghofe parents: 23733 diff changeset	73	the set of ground terms that can be formed over a set \isa{F} of function symbols. For
ca73e86c22bb updated berghofe parents: 23733 diff changeset	74	example, we could consider the set of ground terms formed from the finite
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	75	set \isa{{\isaliteral{7B}{\isacharbraceleft}}Number\ {\isadigit{2}}{\isaliteral{2C}{\isacharcomma}}\ UnaryMinus{\isaliteral{2C}{\isacharcomma}}\ Plus{\isaliteral{7D}{\isacharbraceright}}}.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	76
ca73e86c22bb updated berghofe parents: 23733 diff changeset	77	This concept is inductive. If we have a list \isa{args} of ground terms
ca73e86c22bb updated berghofe parents: 23733 diff changeset	78	over~\isa{F} and a function symbol \isa{f} in \isa{F}, then we
ca73e86c22bb updated berghofe parents: 23733 diff changeset	79	can apply \isa{f} to \isa{args} to obtain another ground term.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	80	The only difficulty is that the argument list may be of any length. Hitherto,
ca73e86c22bb updated berghofe parents: 23733 diff changeset	81	each rule in an inductive definition referred to the inductively
ca73e86c22bb updated berghofe parents: 23733 diff changeset	82	defined set a fixed number of times, typically once or twice.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	83	A universal quantifier in the premise of the introduction rule
ca73e86c22bb updated berghofe parents: 23733 diff changeset	84	expresses that every element of \isa{args} belongs
ca73e86c22bb updated berghofe parents: 23733 diff changeset	85	to our inductively defined set: is a ground term
ca73e86c22bb updated berghofe parents: 23733 diff changeset	86	over~\isa{F}. The function \isa{set} denotes the set of elements in a given
ca73e86c22bb updated berghofe parents: 23733 diff changeset	87	list.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	88	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	89	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	90	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}set}\isamarkupfalse%
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 21261 diff changeset	91	\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	92	\ \ gterms\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ set\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}f\ gterm\ set{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	93	\ \ \isakeyword{for}\ F\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ set{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 21261 diff changeset	94	\isakeyword{where}\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	95	step{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ set\ args{\isaliteral{2E}{\isachardot}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F{\isaliteral{3B}{\isacharsemicolon}}\ \ f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ F{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	96	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{28}{\isacharparenleft}}Apply\ f\ args{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	97	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	98	To demonstrate a proof from this definition, let us
ca73e86c22bb updated berghofe parents: 23733 diff changeset	99	show that the function \isa{gterms}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	100	is \textbf{monotone}. We shall need this concept shortly.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	101	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	102	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	103	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	104	\ gterms{\isaliteral{5F}{\isacharunderscore}}mono{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}F{\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}G\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ gterms\ F\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ gterms\ G{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	105	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	106	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	107	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	108	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	109	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	110	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	111	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	112	\ clarify\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	113	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	114	\ {\isaliteral{28}{\isacharparenleft}}erule\ gterms{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	115	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	116	\ blast\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	117	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	118	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	119	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	120	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	121	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	122	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	123	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	124	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	125	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	126	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	127	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	128	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	129	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	130	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	131	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	132	\begin{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	133	Intuitively, this theorem says that
ca73e86c22bb updated berghofe parents: 23733 diff changeset	134	enlarging the set of function symbols enlarges the set of ground
ca73e86c22bb updated berghofe parents: 23733 diff changeset	135	terms. The proof is a trivial rule induction.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	136	First we use the \isa{clarify} method to assume the existence of an element of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	137	\isa{gterms\ F}. (We could have used \isa{intro\ subsetI}.) We then
ca73e86c22bb updated berghofe parents: 23733 diff changeset	138	apply rule induction. Here is the resulting subgoal:
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	139	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	140	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}x\ args\ f{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	141	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}F\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ G{\isaliteral{3B}{\isacharsemicolon}}\ {\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t{\isaliteral{5C3C696E3E}{\isasymin}}set\ args{\isaliteral{2E}{\isachardot}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F\ {\isaliteral{5C3C616E643E}{\isasymand}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G{\isaliteral{3B}{\isacharsemicolon}}\ f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ F{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	142	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G%
11173 094b76968484 revisions in response to comments by Tobias paulson parents: 10950 diff changeset	143	\end{isabelle}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	144	The assumptions state that \isa{f} belongs
ca73e86c22bb updated berghofe parents: 23733 diff changeset	145	to~\isa{F}, which is included in~\isa{G}, and that every element of the list \isa{args} is
ca73e86c22bb updated berghofe parents: 23733 diff changeset	146	a ground term over~\isa{G}. The \isa{blast} method finds this chain of reasoning easily.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	147	\end{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	148	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	149	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	150	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	151	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	152	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	153	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	154	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	155	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	156	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	157	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	158	\begin{warn}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	159	Why do we call this function \isa{gterms} instead
ca73e86c22bb updated berghofe parents: 23733 diff changeset	160	of \isa{gterm}? A constant may have the same name as a type. However,
ca73e86c22bb updated berghofe parents: 23733 diff changeset	161	name clashes could arise in the theorems that Isabelle generates.
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	162	Our choice of names keeps \isa{gterms{\isaliteral{2E}{\isachardot}}induct} separate from
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	163	\isa{gterm{\isaliteral{2E}{\isachardot}}induct}.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	164	\end{warn}
10469 7813f5ccfb18 auto update paulson parents: 10457 diff changeset	165
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	166	Call a term \textbf{well-formed} if each symbol occurring in it is applied
ca73e86c22bb updated berghofe parents: 23733 diff changeset	167	to the correct number of arguments. (This number is called the symbol's
ca73e86c22bb updated berghofe parents: 23733 diff changeset	168	\textbf{arity}.) We can express well-formedness by
ca73e86c22bb updated berghofe parents: 23733 diff changeset	169	generalizing the inductive definition of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	170	\isa{gterms}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	171	Suppose we are given a function called \isa{arity}, specifying the arities
ca73e86c22bb updated berghofe parents: 23733 diff changeset	172	of all symbols. In the inductive step, we have a list \isa{args} of such
ca73e86c22bb updated berghofe parents: 23733 diff changeset	173	terms and a function symbol~\isa{f}. If the length of the list matches the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	174	function's arity then applying \isa{f} to \isa{args} yields a well-formed
ca73e86c22bb updated berghofe parents: 23733 diff changeset	175	term.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	176	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	177	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	178	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}set}\isamarkupfalse%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	179	\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	180	\ \ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}f\ gterm\ set{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	181	\ \ \isakeyword{for}\ arity\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	182	\isakeyword{where}\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	183	step{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ set\ args{\isaliteral{2E}{\isachardot}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity{\isaliteral{3B}{\isacharsemicolon}}\ \ \isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	184	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ length\ args\ {\isaliteral{3D}{\isacharequal}}\ arity\ f{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	185	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{28}{\isacharparenleft}}Apply\ f\ args{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	186	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	187	The inductive definition neatly captures the reasoning above.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	188	The universal quantification over the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	189	\isa{set} of arguments expresses that all of them are well-formed.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	190	\index{quantifiers!and inductive definitions\|)}%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	191	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	192	\isamarkuptrue%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	193	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	194	\isamarkupsubsection{Alternative Definition Using a Monotone Function%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	195	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	196	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	197	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	198	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	199	\index{monotone functions!and inductive definitions\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	200	An inductive definition may refer to the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	201	inductively defined set through an arbitrary monotone function. To
ca73e86c22bb updated berghofe parents: 23733 diff changeset	202	demonstrate this powerful feature, let us
ca73e86c22bb updated berghofe parents: 23733 diff changeset	203	change the inductive definition above, replacing the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	204	quantifier by a use of the function \isa{lists}. This
ca73e86c22bb updated berghofe parents: 23733 diff changeset	205	function, from the Isabelle theory of lists, is analogous to the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	206	function \isa{gterms} declared above: if \isa{A} is a set then
ca73e86c22bb updated berghofe parents: 23733 diff changeset	207	\isa{lists\ A} is the set of lists whose elements belong to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	208	\isa{A}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	209
ca73e86c22bb updated berghofe parents: 23733 diff changeset	210	In the inductive definition of well-formed terms, examine the one
ca73e86c22bb updated berghofe parents: 23733 diff changeset	211	introduction rule. The first premise states that \isa{args} belongs to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	212	the \isa{lists} of well-formed terms. This formulation is more
ca73e86c22bb updated berghofe parents: 23733 diff changeset	213	direct, if more obscure, than using a universal quantifier.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	214	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	215	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	216	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}set}\isamarkupfalse%
10365 a17cf465d29a auto generated paulson parents: diff changeset	217	\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	218	\ \ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}f\ gterm\ set{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	219	\ \ \isakeyword{for}\ arity\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	220	\isakeyword{where}\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	221	step{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ {\isaliteral{28}{\isacharparenleft}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{29}{\isacharparenright}}{\isaliteral{3B}{\isacharsemicolon}}\ \ \isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	222	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ length\ args\ {\isaliteral{3D}{\isacharequal}}\ arity\ f{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	223	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{28}{\isacharparenleft}}Apply\ f\ args{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	224	\isakeyword{monos}\ lists{\isaliteral{5F}{\isacharunderscore}}mono%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	225	\begin{isamarkuptext}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	226	We cite the theorem \isa{lists{\isaliteral{5F}{\isacharunderscore}}mono} to justify
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	227	using the function \isa{lists}.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	228	\footnote{This particular theorem is installed by default already, but we
ca73e86c22bb updated berghofe parents: 23733 diff changeset	229	include the \isakeyword{monos} declaration in order to illustrate its syntax.}
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	230	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	231	A\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ B\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ lists\ A\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ lists\ B\rulename{lists{\isaliteral{5F}{\isacharunderscore}}mono}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	232	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	233	Why must the function be monotone? An inductive definition describes
ca73e86c22bb updated berghofe parents: 23733 diff changeset	234	an iterative construction: each element of the set is constructed by a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	235	finite number of introduction rule applications. For example, the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	236	elements of \isa{even} are constructed by finitely many applications of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	237	the rules
ca73e86c22bb updated berghofe parents: 23733 diff changeset	238	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	239	{\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\isasep\isanewline%
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	240	n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	241	\end{isabelle}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	242	All references to a set in its
ca73e86c22bb updated berghofe parents: 23733 diff changeset	243	inductive definition must be positive. Applications of an
ca73e86c22bb updated berghofe parents: 23733 diff changeset	244	introduction rule cannot invalidate previous applications, allowing the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	245	construction process to converge.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	246	The following pair of rules do not constitute an inductive definition:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	247	\begin{trivlist}
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	248	\item \isa{{\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even}
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	249	\item \isa{n\ {\isaliteral{5C3C6E6F74696E3E}{\isasymnotin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Suc\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	250	\end{trivlist}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	251	Showing that 4 is even using these rules requires showing that 3 is not
ca73e86c22bb updated berghofe parents: 23733 diff changeset	252	even. It is far from trivial to show that this set of rules
ca73e86c22bb updated berghofe parents: 23733 diff changeset	253	characterizes the even numbers.
10469 7813f5ccfb18 auto update paulson parents: 10457 diff changeset	254
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	255	Even with its use of the function \isa{lists}, the premise of our
ca73e86c22bb updated berghofe parents: 23733 diff changeset	256	introduction rule is positive:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	257	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	258	args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ {\isaliteral{28}{\isacharparenleft}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{29}{\isacharparenright}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	259	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	260	To apply the rule we construct a list \isa{args} of previously
ca73e86c22bb updated berghofe parents: 23733 diff changeset	261	constructed well-formed terms. We obtain a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	262	new term, \isa{Apply\ f\ args}. Because \isa{lists} is monotone,
ca73e86c22bb updated berghofe parents: 23733 diff changeset	263	applications of the rule remain valid as new terms are constructed.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	264	Further lists of well-formed
ca73e86c22bb updated berghofe parents: 23733 diff changeset	265	terms become available and none are taken away.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	266	\index{monotone functions!and inductive definitions\|)}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	267	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	268	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	269	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	270	\isamarkupsubsection{A Proof of Equivalence%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	271	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	272	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	273	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	274	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	275	We naturally hope that these two inductive definitions of ``well-formed''
ca73e86c22bb updated berghofe parents: 23733 diff changeset	276	coincide. The equality can be proved by separate inclusions in
ca73e86c22bb updated berghofe parents: 23733 diff changeset	277	each direction. Each is a trivial rule induction.%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	278	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	279	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	280	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	281	\ {\isaliteral{22}{\isachardoublequoteopen}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	282	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	283	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	284	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	285	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	286	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	287	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	288	\isacommand{apply}\isamarkupfalse%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	289	\ clarify\isanewline
ca73e86c22bb updated berghofe parents: 23733 diff changeset	290	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	291	\ {\isaliteral{28}{\isacharparenleft}}erule\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	292	\isacommand{apply}\isamarkupfalse%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	293	\ auto\isanewline
ca73e86c22bb updated berghofe parents: 23733 diff changeset	294	\isacommand{done}\isamarkupfalse%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	295	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	296	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	297	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	298	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	299	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	300	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	301	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	302	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	303	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	304	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	305	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	306	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	307	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	308	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	309	\begin{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	310	The \isa{clarify} method gives
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	311	us an element of \isa{well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity} on which to perform
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	312	induction. The resulting subgoal can be proved automatically:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	313	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	314	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}x\ args\ f{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	315	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t{\isaliteral{5C3C696E3E}{\isasymin}}set\ args{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	316	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}\ \ \ }t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity\ {\isaliteral{5C3C616E643E}{\isasymand}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	317	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ \ }length\ args\ {\isaliteral{3D}{\isacharequal}}\ arity\ f{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	318	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	319	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	320	This proof resembles the one given in
ca73e86c22bb updated berghofe parents: 23733 diff changeset	321	{\S}\ref{sec:gterm-datatype} above, especially in the form of the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	322	induction hypothesis. Next, we consider the opposite inclusion:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	323	\end{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	324	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	325	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	326	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	327	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	328	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	329	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	330	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	331	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	332	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	333	\ {\isaliteral{22}{\isachardoublequoteopen}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	334	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	335	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	336	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	337	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	338	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	339	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	340	\isacommand{apply}\isamarkupfalse%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	341	\ clarify\isanewline
ca73e86c22bb updated berghofe parents: 23733 diff changeset	342	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	343	\ {\isaliteral{28}{\isacharparenleft}}erule\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	344	\isacommand{apply}\isamarkupfalse%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	345	\ auto\isanewline
ca73e86c22bb updated berghofe parents: 23733 diff changeset	346	\isacommand{done}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	347	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	348	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	349	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	350	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	351	\isadelimproof
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	352	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	353	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	354	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	355	\isadelimproof
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	356	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	357	\endisadelimproof
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	358	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	359	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	360	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	361	\begin{isamarkuptxt}%
27167 a99747ccba87 typo nipkow parents: 23848 diff changeset	362	The proof script is virtually identical,
a99747ccba87 typo nipkow parents: 23848 diff changeset	363	but the subgoal after applying induction may be surprising:
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	364	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	365	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}x\ args\ f{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	366	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}args\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	367	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}}{\isaliteral{5C3C696E3E}{\isasymin}}\ lists\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	368	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C696E3E}{\isasymin}}\ \ }{\isaliteral{28}{\isacharparenleft}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	369	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C696E3E}{\isasymin}}\ \ {\isaliteral{28}{\isacharparenleft}}}{\isaliteral{7B}{\isacharbraceleft}}a{\isaliteral{2E}{\isachardot}}\ a\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity{\isaliteral{7D}{\isacharbraceright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	370	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ \ }length\ args\ {\isaliteral{3D}{\isacharequal}}\ arity\ f{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	371	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	372	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	373	The induction hypothesis contains an application of \isa{lists}. Using a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	374	monotone function in the inductive definition always has this effect. The
ca73e86c22bb updated berghofe parents: 23733 diff changeset	375	subgoal may look uninviting, but fortunately
ca73e86c22bb updated berghofe parents: 23733 diff changeset	376	\isa{lists} distributes over intersection:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	377	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	378	listsp\ {\isaliteral{28}{\isacharparenleft}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{5C3C6C616D6264613E}{\isasymlambda}}x{\isaliteral{2E}{\isachardot}}\ x\ {\isaliteral{5C3C696E3E}{\isasymin}}\ A{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ {\isaliteral{28}{\isacharparenleft}}{\isaliteral{5C3C6C616D6264613E}{\isasymlambda}}x{\isaliteral{2E}{\isachardot}}\ x\ {\isaliteral{5C3C696E3E}{\isasymin}}\ B{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{28}{\isacharparenleft}}{\isaliteral{5C3C6C616D6264613E}{\isasymlambda}}x{\isaliteral{2E}{\isachardot}}\ x\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ A{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ {\isaliteral{28}{\isacharparenleft}}{\isaliteral{5C3C6C616D6264613E}{\isasymlambda}}x{\isaliteral{2E}{\isachardot}}\ x\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ B{\isaliteral{29}{\isacharparenright}}\rulename{lists{\isaliteral{5F}{\isacharunderscore}}Int{\isaliteral{5F}{\isacharunderscore}}eq}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	379	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	380	Thanks to this default simplification rule, the induction hypothesis
ca73e86c22bb updated berghofe parents: 23733 diff changeset	381	is quickly replaced by its two parts:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	382	\begin{trivlist}
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	383	\item \isa{args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ {\isaliteral{28}{\isacharparenleft}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{27}{\isacharprime}}\ arity{\isaliteral{29}{\isacharparenright}}}
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	384	\item \isa{args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ lists\ {\isaliteral{28}{\isacharparenleft}}well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm\ arity{\isaliteral{29}{\isacharparenright}}}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	385	\end{trivlist}
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	386	Invoking the rule \isa{well{\isaliteral{5F}{\isacharunderscore}}formed{\isaliteral{5F}{\isacharunderscore}}gterm{\isaliteral{2E}{\isachardot}}step} completes the proof. The
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	387	call to \isa{auto} does all this work.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	388
ca73e86c22bb updated berghofe parents: 23733 diff changeset	389	This example is typical of how monotone functions
ca73e86c22bb updated berghofe parents: 23733 diff changeset	390	\index{monotone functions} can be used. In particular, many of them
ca73e86c22bb updated berghofe parents: 23733 diff changeset	391	distribute over intersection. Monotonicity implies one direction of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	392	this set equality; we have this theorem:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	393	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	394	mono\ f\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ f\ {\isaliteral{28}{\isacharparenleft}}A\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ B{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C73756273657465713E}{\isasymsubseteq}}\ f\ A\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ f\ B\rulename{mono{\isaliteral{5F}{\isacharunderscore}}Int}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	395	\end{isabelle}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	396	\end{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	397	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	398	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	399	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	400	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	401	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	402	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	403	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	404	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	405	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	406	\isamarkupsubsection{Another Example of Rule Inversion%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	407	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	408	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	409	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	410	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	411	\index{rule inversion\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	412	Does \isa{gterms} distribute over intersection? We have proved that this
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	413	function is monotone, so \isa{mono{\isaliteral{5F}{\isacharunderscore}}Int} gives one of the inclusions. The
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	414	opposite inclusion asserts that if \isa{t} is a ground term over both of the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	415	sets
ca73e86c22bb updated berghofe parents: 23733 diff changeset	416	\isa{F} and~\isa{G} then it is also a ground term over their intersection,
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	417	\isa{F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G}.%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	418	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	419	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	420	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	421	\ gterms{\isaliteral{5F}{\isacharunderscore}}IntI{\isaliteral{3A}{\isacharcolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	422	\ \ \ \ \ {\isaliteral{22}{\isachardoublequoteopen}}t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G\ {\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ {\isaliteral{28}{\isacharparenleft}}F{\isaliteral{5C3C696E7465723E}{\isasyminter}}G{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	423	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	424	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	425	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	426	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	427	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	428	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	429	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	430	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	431	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	432	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	433	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	434	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	435	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	436	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	437	Attempting this proof, we get the assumption
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	438	\isa{Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G}, which cannot be broken down.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	439	It looks like a job for rule inversion:\cmmdx{inductive\protect\_cases}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	440	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	441	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	442	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}cases}\isamarkupfalse%
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	443	\ gterm{\isaliteral{5F}{\isacharunderscore}}Apply{\isaliteral{5F}{\isacharunderscore}}elim\ {\isaliteral{5B}{\isacharbrackleft}}elim{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F{\isaliteral{22}{\isachardoublequoteclose}}%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	444	\begin{isamarkuptext}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	445	Here is the result.
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	446	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	447	{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	448	\isaindent{\ }{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t{\isaliteral{5C3C696E3E}{\isasymin}}set\ args{\isaliteral{2E}{\isachardot}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F{\isaliteral{3B}{\isacharsemicolon}}\ f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ F{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	449	{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P\rulename{gterm{\isaliteral{5F}{\isacharunderscore}}Apply{\isaliteral{5F}{\isacharunderscore}}elim}%
10469 7813f5ccfb18 auto update paulson parents: 10457 diff changeset	450	\end{isabelle}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	451	This rule replaces an assumption about \isa{Apply\ f\ args} by
ca73e86c22bb updated berghofe parents: 23733 diff changeset	452	assumptions about \isa{f} and~\isa{args}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	453	No cases are discarded (there was only one to begin
ca73e86c22bb updated berghofe parents: 23733 diff changeset	454	with) but the rule applies specifically to the pattern \isa{Apply\ f\ args}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	455	It can be applied repeatedly as an elimination rule without looping, so we
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	456	have given the \isa{elim{\isaliteral{21}{\isacharbang}}} attribute.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	457
ca73e86c22bb updated berghofe parents: 23733 diff changeset	458	Now we can prove the other half of that distributive law.%
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	459	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	460	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	461	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	462	\ gterms{\isaliteral{5F}{\isacharunderscore}}IntI\ {\isaliteral{5B}{\isacharbrackleft}}rule{\isaliteral{5F}{\isacharunderscore}}format{\isaliteral{2C}{\isacharcomma}}\ intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	463	\ \ \ \ \ {\isaliteral{22}{\isachardoublequoteopen}}t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G\ {\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ {\isaliteral{28}{\isacharparenleft}}F{\isaliteral{5C3C696E7465723E}{\isasyminter}}G{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	464	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	465	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	466	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	467	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	468	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	469	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	470	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	471	\ {\isaliteral{28}{\isacharparenleft}}erule\ gterms{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	472	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	473	\ blast\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	474	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	475	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	476	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	477	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	478	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	479	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	480	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	481	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	482	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	483	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	484	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	485	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	486	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	487	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	488	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	489	\begin{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	490	The proof begins with rule induction over the definition of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	491	\isa{gterms}, which leaves a single subgoal:
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	492	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	493	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}args\ f{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	494	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}{\isaliteral{5C3C666F72616C6C3E}{\isasymforall}}t{\isaliteral{5C3C696E3E}{\isasymin}}set\ args{\isaliteral{2E}{\isachardot}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	495	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}\ \ \ }t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ F\ {\isaliteral{5C3C616E643E}{\isasymand}}\ {\isaliteral{28}{\isacharparenleft}}t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G\ {\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}\ t\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ {\isaliteral{28}{\isacharparenleft}}F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	496	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ \ }f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ F{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	497	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G\ {\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	498	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ }Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ {\isaliteral{28}{\isacharparenleft}}F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G{\isaliteral{29}{\isacharparenright}}%
11173 094b76968484 revisions in response to comments by Tobias paulson parents: 10950 diff changeset	499	\end{isabelle}
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	500	To prove this, we assume \isa{Apply\ f\ args\ {\isaliteral{5C3C696E3E}{\isasymin}}\ gterms\ G}. Rule inversion,
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	501	in the form of \isa{gterm{\isaliteral{5F}{\isacharunderscore}}Apply{\isaliteral{5F}{\isacharunderscore}}elim}, infers
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	502	that every element of \isa{args} belongs to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	503	\isa{gterms\ G}; hence (by the induction hypothesis) it belongs
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	504	to \isa{gterms\ {\isaliteral{28}{\isacharparenleft}}F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G{\isaliteral{29}{\isacharparenright}}}. Rule inversion also yields
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	505	\isa{f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ G} and hence \isa{f\ {\isaliteral{5C3C696E3E}{\isasymin}}\ F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G}.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	506	All of this reasoning is done by \isa{blast}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	507
ca73e86c22bb updated berghofe parents: 23733 diff changeset	508	\smallskip
ca73e86c22bb updated berghofe parents: 23733 diff changeset	509	Our distributive law is a trivial consequence of previously-proved results:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	510	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	511	\isamarkuptrue%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	512	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	513	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	514	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	515	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	516	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	517	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	518	\endisadelimproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	519	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	520	\ gterms{\isaliteral{5F}{\isacharunderscore}}Int{\isaliteral{5F}{\isacharunderscore}}eq\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	521	\ \ \ \ \ {\isaliteral{22}{\isachardoublequoteopen}}gterms\ {\isaliteral{28}{\isacharparenleft}}F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ G{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ gterms\ F\ {\isaliteral{5C3C696E7465723E}{\isasyminter}}\ gterms\ G{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	522	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	523	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	524	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	525	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	526	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	527	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	528	\isacommand{by}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	529	\ {\isaliteral{28}{\isacharparenleft}}blast\ intro{\isaliteral{21}{\isacharbang}}{\isaliteral{3A}{\isacharcolon}}\ mono{\isaliteral{5F}{\isacharunderscore}}Int\ monoI\ gterms{\isaliteral{5F}{\isacharunderscore}}mono{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	530	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	531	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	532	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	533	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	534	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	535	\endisadelimproof
12156 d2758965362e new-style numerals without leading #, along with generic 0 and 1 paulson parents: 11866 diff changeset	536	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	537	\index{rule inversion\|)}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	538	\index{ground terms example\|)}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	539
ca73e86c22bb updated berghofe parents: 23733 diff changeset	540
ca73e86c22bb updated berghofe parents: 23733 diff changeset	541	\begin{isamarkuptext}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	542	\begin{exercise}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	543	A function mapping function symbols to their
ca73e86c22bb updated berghofe parents: 23733 diff changeset	544	types is called a \textbf{signature}. Given a type
ca73e86c22bb updated berghofe parents: 23733 diff changeset	545	ranging over type symbols, we can represent a function's type by a
ca73e86c22bb updated berghofe parents: 23733 diff changeset	546	list of argument types paired with the result type.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	547	Complete this inductive definition:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	548	\begin{isabelle}
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	549	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}set}\isamarkupfalse%
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 21261 diff changeset	550	\isanewline
40406 313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	551	\ \ well{\isaliteral{5F}{\isacharunderscore}}typed{\isaliteral{5F}{\isacharunderscore}}gterm\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}t\ list\ {\isaliteral{2A}{\isacharasterisk}}\ {\isaliteral{27}{\isacharprime}}t{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}f\ gterm\ {\isaliteral{2A}{\isacharasterisk}}\ {\isaliteral{27}{\isacharprime}}t{\isaliteral{29}{\isacharparenright}}set{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 32836 diff changeset	552	\ \ \isakeyword{for}\ sig\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}f\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}t\ list\ {\isaliteral{2A}{\isacharasterisk}}\ {\isaliteral{27}{\isacharprime}}t{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	553	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	554	\end{exercise}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	555	\end{isamarkuptext}
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	556	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	557	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	558	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	559	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	560	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	561	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	562	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	563	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	564	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	565	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	566	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	567	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	568	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	569	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	570	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	571	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	572	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	573	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	574	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	575	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	576	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	577	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	578	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	579	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	580	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	581	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	582	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	583	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	584	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	585	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	586	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	587	\isatagtheory
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	588	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	589	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	590	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	591	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	592	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	593	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	594	\endisadelimtheory
11187 c6e49929e544 auto-update paulson parents: 11173 diff changeset	595	\end{isabellebody}%
10365 a17cf465d29a auto generated paulson parents: diff changeset	596	%%% Local Variables:
a17cf465d29a auto generated paulson parents: diff changeset	597	%%% mode: latex
a17cf465d29a auto generated paulson parents: diff changeset	598	%%% TeX-master: "root"
a17cf465d29a auto generated paulson parents: diff changeset	599	%%% End:

author	huffman
	Mon, 29 Aug 2011 13:50:47 -0700
changeset 44584	08ad27488983
parent 43564	9864182c6bad
child 46192	93eaaacc1955
permissions	-rw-r--r--