isabelle: doc-src/IsarOverview/Isar/document/Induction.tex@8ba39d2d9d0b (annotated)

13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	1	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	2	\begin{isabellebody}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	3	\def\isabellecontext{Induction}%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	4	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	5	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	6	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	7	\endisadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	8	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	9	\isatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	10	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	11	\endisatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	12	{\isafoldtheory}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	13	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	14	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	15	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	16	\endisadelimtheory
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	17	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	18	\isamarkupsection{Case distinction and induction \label{sec:Induct}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	19	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	20	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	21	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	22	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	23	Computer science applications abound with inductively defined
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	24	structures, which is why we treat them in more detail. HOL already
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	25	comes with a datatype of lists with the two constructors \isa{Nil}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	26	and \isa{Cons}. \isa{Nil} is written \isa{{\isacharbrackleft}{\isacharbrackright}} and \isa{Cons\ x\ xs} is written \isa{x\ {\isacharhash}\ xs}.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	27	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	28	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	29	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	30	\isamarkupsubsection{Case distinction\label{sec:CaseDistinction}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	31	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	32	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	33	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	34	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	35	We have already met the \isa{cases} method for performing
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	36	binary case splits. Here is another example:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	37	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	38	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	39	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	40	\ {\isachardoublequoteopen}{\isasymnot}\ A\ {\isasymor}\ A{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	41	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	42	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	43	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	44	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	45	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	46	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	47	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	48	\ cases\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	49	\ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	50	\ {\isachardoublequoteopen}A{\isachardoublequoteclose}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	51	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	52	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	53	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	54	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	55	\ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	56	\ {\isachardoublequoteopen}{\isasymnot}\ A{\isachardoublequoteclose}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	57	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	58	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	59	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	60	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	61	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	62	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	63	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	64	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	65	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	66	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	67	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	68	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	69	\noindent The two cases must come in this order because \isa{cases} merely abbreviates \isa{{\isacharparenleft}rule\ case{\isacharunderscore}split{\isacharunderscore}thm{\isacharparenright}} where
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	70	\isa{case{\isacharunderscore}split{\isacharunderscore}thm} is \isa{{\isasymlbrakk}{\isacharquery}P\ {\isasymLongrightarrow}\ {\isacharquery}Q{\isacharsemicolon}\ {\isasymnot}\ {\isacharquery}P\ {\isasymLongrightarrow}\ {\isacharquery}Q{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharquery}Q}. If we reverse
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	71	the order of the two cases in the proof, the first case would prove
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	72	\isa{{\isasymnot}\ A\ {\isasymLongrightarrow}\ {\isasymnot}\ A\ {\isasymor}\ A} which would solve the first premise of
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	73	\isa{case{\isacharunderscore}split{\isacharunderscore}thm}, instantiating \isa{{\isacharquery}P} with \isa{{\isasymnot}\ A}, thus making the second premise \isa{{\isasymnot}\ {\isasymnot}\ A\ {\isasymLongrightarrow}\ {\isasymnot}\ A\ {\isasymor}\ A}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	74	Therefore the order of subgoals is not always completely arbitrary.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	75
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	76	The above proof is appropriate if \isa{A} is textually small.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	77	However, if \isa{A} is large, we do not want to repeat it. This can
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	78	be avoided by the following idiom%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	79	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	80	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	81	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	82	\ {\isachardoublequoteopen}{\isasymnot}\ A\ {\isasymor}\ A{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	83	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	84	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	85	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	86	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	87	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	88	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	89	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	90	\ {\isacharparenleft}cases\ {\isachardoublequoteopen}A{\isachardoublequoteclose}{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	91	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	92	\ True\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	93	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	94	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	95	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	96	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	97	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	98	\ False\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	99	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	100	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	101	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	102	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	103	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	104	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	105	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	106	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	107	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	108	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	109	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	110	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	111	\noindent which is like the previous proof but instantiates
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	112	\isa{{\isacharquery}P} right away with \isa{A}. Thus we could prove the two
25412 6f56f0350f6c updates nipkow parents: 25403 diff changeset	113	cases in any order. The phrase \isakeyword{case}~\isa{True}
6f56f0350f6c updates nipkow parents: 25403 diff changeset	114	abbreviates \isakeyword{assume}~\isa{True{\isacharcolon}\ A} and analogously for
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	115	\isa{False} and \isa{{\isasymnot}\ A}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	116
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	117	The same game can be played with other datatypes, for example lists,
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	118	where \isa{tl} is the tail of a list, and \isa{length} returns a
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	119	natural number (remember: $0-1=0$):%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	120	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	121	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	122	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	123	\ {\isachardoublequoteopen}length{\isacharparenleft}tl\ xs{\isacharparenright}\ {\isacharequal}\ length\ xs\ {\isacharminus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	124	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	125	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	126	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	127	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	128	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	129	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	130	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	131	\ {\isacharparenleft}cases\ xs{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	132	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	133	\ Nil\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	134	\ {\isacharquery}thesis\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	135	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	136	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	137	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	138	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	139	\ Cons\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	140	\ {\isacharquery}thesis\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	141	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	142	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	143	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	144	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	145	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	146	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	147	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	148	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	149	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	150	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	151	\begin{isamarkuptext}%
25412 6f56f0350f6c updates nipkow parents: 25403 diff changeset	152	\noindent Here \isakeyword{case}~\isa{Nil} abbreviates
6f56f0350f6c updates nipkow parents: 25403 diff changeset	153	\isakeyword{assume}~\isa{Nil{\isacharcolon}}~\isa{xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}} and
6f56f0350f6c updates nipkow parents: 25403 diff changeset	154	\isakeyword{case}~\isa{Cons} abbreviates \isakeyword{fix}~\isa{{\isacharquery}\ {\isacharquery}{\isacharquery}}
6f56f0350f6c updates nipkow parents: 25403 diff changeset	155	\isakeyword{assume}~\isa{Cons{\isacharcolon}}~\isa{xs\ {\isacharequal}\ {\isacharquery}\ {\isacharhash}\ {\isacharquery}{\isacharquery}},
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	156	where \isa{{\isacharquery}} and \isa{{\isacharquery}{\isacharquery}}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	157	stand for variable names that have been chosen by the system.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	158	Therefore we cannot refer to them.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	159	Luckily, this proof is simple enough we do not need to refer to them.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	160	However, sometimes one may have to. Hence Isar offers a simple scheme for
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	161	naming those variables: replace the anonymous \isa{Cons} by
25412 6f56f0350f6c updates nipkow parents: 25403 diff changeset	162	\isa{{\isacharparenleft}Cons\ y\ ys{\isacharparenright}}, which abbreviates \isakeyword{fix}~\isa{y\ ys}
6f56f0350f6c updates nipkow parents: 25403 diff changeset	163	\isakeyword{assume}~\isa{Cons{\isacharcolon}}~\isa{xs\ {\isacharequal}\ y\ {\isacharhash}\ ys}.
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	164	In each \isakeyword{case} the assumption can be
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	165	referred to inside the proof by the name of the constructor. In
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	166	Section~\ref{sec:full-Ind} below we will come across an example
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	167	of this.
359b179fc963 updates nipkow parents: 25056 diff changeset	168
359b179fc963 updates nipkow parents: 25056 diff changeset	169	\subsection{Structural induction}
359b179fc963 updates nipkow parents: 25056 diff changeset	170
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	171	We start with an inductive proof where both cases are proved automatically:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	172	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	173	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	174	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	175	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat{\isasymle}n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	176	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	177	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	178	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	179	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	180	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	181	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	182	\isacommand{by}\isamarkupfalse%
25427 8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	183	\ {\isacharparenleft}induct\ n{\isacharparenright}\ simp{\isacharunderscore}all%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	184	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	185	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	186	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	187	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	188	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	189	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	190	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	191	\begin{isamarkuptext}%
15909 5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	192	\noindent The constraint \isa{{\isacharcolon}{\isacharcolon}nat} is needed because all of
5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	193	the operations involved are overloaded.
25427 8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	194	This proof also demonstrates that \isakeyword{by} can take two arguments,
8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	195	one to start and one to finish the proof --- the latter is optional.
15909 5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	196
5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	197	If we want to expose more of the structure of the
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	198	proof, we can use pattern matching to avoid having to repeat the goal
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	199	statement:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	200	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	201	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	202	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	203	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat{\isasymle}n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\ {\isacharparenleft}\isakeyword{is}\ {\isachardoublequoteopen}{\isacharquery}P\ n{\isachardoublequoteclose}{\isacharparenright}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	204	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	205	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	206	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	207	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	208	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	209	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	210	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	211	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	212	\ \ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	213	\ {\isachardoublequoteopen}{\isacharquery}P\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	214	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	215	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	216	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	217	\ \ \isacommand{fix}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	218	\ n\ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	219	\ {\isachardoublequoteopen}{\isacharquery}P\ n{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	220	\ \ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	221	\ {\isachardoublequoteopen}{\isacharquery}P{\isacharparenleft}Suc\ n{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	222	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	223	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	224	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	225	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	226	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	227	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	228	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	229	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	230	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	231	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	232	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	233	\noindent We could refine this further to show more of the equational
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	234	proof. Instead we explore the same avenue as for case distinctions:
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	235	introducing context via the \isakeyword{case} command:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	236	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	237	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	238	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	239	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat\ {\isasymle}\ n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	240	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	241	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	242	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	243	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	244	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	245	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	246	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	247	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	248	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	249	\ {\isadigit{0}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	250	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	251	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	252	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	253	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	254	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	255	\ Suc\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	256	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	257	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	258	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	259	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	260	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	261	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	262	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	263	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	264	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	265	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	266	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	267	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	268	\noindent The implicitly defined \isa{{\isacharquery}case} refers to the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	269	corresponding case to be proved, i.e.\ \isa{{\isacharquery}P\ {\isadigit{0}}} in the first case and
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	270	\isa{{\isacharquery}P{\isacharparenleft}Suc\ n{\isacharparenright}} in the second case. Context \isakeyword{case}~\isa{{\isadigit{0}}} is
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	271	empty whereas \isakeyword{case}~\isa{Suc} assumes \isa{{\isacharquery}P\ n}. Again we
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	272	have the same problem as with case distinctions: we cannot refer to an anonymous \isa{n}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	273	in the induction step because it has not been introduced via \isakeyword{fix}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	274	(in contrast to the previous proof). The solution is the one outlined for
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	275	\isa{Cons} above: replace \isa{Suc} by \isa{{\isacharparenleft}Suc\ i{\isacharparenright}}:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	276	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	277	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	278	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	279	\ \isakeyword{fixes}\ n{\isacharcolon}{\isacharcolon}nat\ \isakeyword{shows}\ {\isachardoublequoteopen}n\ {\isacharless}\ n{\isacharasterisk}n\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	280	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	281	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	282	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	283	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	284	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	285	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	286	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	287	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	288	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	289	\ {\isadigit{0}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	290	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	291	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	292	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	293	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	294	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	295	\ {\isacharparenleft}Suc\ i{\isacharparenright}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	296	\ {\isachardoublequoteopen}Suc\ i\ {\isacharless}\ Suc\ i\ {\isacharasterisk}\ Suc\ i\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	297	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	298	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	299	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	300	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	301	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	302	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	303	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	304	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	305	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	306	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	307	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	308	\noindent Of course we could again have written
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	309	\isakeyword{thus}~\isa{{\isacharquery}case} instead of giving the term explicitly
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	310	but we wanted to use \isa{i} somewhere.
359b179fc963 updates nipkow parents: 25056 diff changeset	311
359b179fc963 updates nipkow parents: 25056 diff changeset	312	\subsection{Generalization via \isa{arbitrary}}
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	313
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	314	It is frequently necessary to generalize a claim before it becomes
359b179fc963 updates nipkow parents: 25056 diff changeset	315	provable by induction. The tutorial~\cite{LNCS2283} demonstrates this
359b179fc963 updates nipkow parents: 25056 diff changeset	316	with \isa{itrev\ xs\ ys\ {\isacharequal}\ rev\ xs\ {\isacharat}\ ys}, where \isa{ys}
359b179fc963 updates nipkow parents: 25056 diff changeset	317	needs to be universally quantified before induction succeeds.\footnote{\isa{rev\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}},\quad \isa{rev\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ {\isacharequal}\ rev\ xs\ {\isacharat}\ {\isacharbrackleft}x{\isacharbrackright}},\\ \isa{itrev\ {\isacharbrackleft}{\isacharbrackright}\ ys\ {\isacharequal}\ ys},\quad \isa{itrev\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ ys\ {\isacharequal}\ itrev\ xs\ {\isacharparenleft}x\ {\isacharhash}\ ys{\isacharparenright}}} But
359b179fc963 updates nipkow parents: 25056 diff changeset	318	strictly speaking, this quantification step is already part of the
359b179fc963 updates nipkow parents: 25056 diff changeset	319	proof and the quantifiers should not clutter the original claim. This
359b179fc963 updates nipkow parents: 25056 diff changeset	320	is how the quantification step can be combined with induction:%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	321	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	322	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	323	\isacommand{lemma}\isamarkupfalse%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	324	\ {\isachardoublequoteopen}itrev\ xs\ ys\ {\isacharequal}\ rev\ xs\ {\isacharat}\ ys{\isachardoublequoteclose}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	325	%
359b179fc963 updates nipkow parents: 25056 diff changeset	326	\isadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	327	%
359b179fc963 updates nipkow parents: 25056 diff changeset	328	\endisadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	329	%
359b179fc963 updates nipkow parents: 25056 diff changeset	330	\isatagproof
359b179fc963 updates nipkow parents: 25056 diff changeset	331	\isacommand{by}\isamarkupfalse%
25427 8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	332	\ {\isacharparenleft}induct\ xs\ arbitrary{\isacharcolon}\ ys{\isacharparenright}\ simp{\isacharunderscore}all%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	333	\endisatagproof
359b179fc963 updates nipkow parents: 25056 diff changeset	334	{\isafoldproof}%
359b179fc963 updates nipkow parents: 25056 diff changeset	335	%
359b179fc963 updates nipkow parents: 25056 diff changeset	336	\isadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	337	%
359b179fc963 updates nipkow parents: 25056 diff changeset	338	\endisadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	339	%
359b179fc963 updates nipkow parents: 25056 diff changeset	340	\begin{isamarkuptext}%
359b179fc963 updates nipkow parents: 25056 diff changeset	341	\noindent The annotation \isa{arbitrary{\isacharcolon}}~\emph{vars}
359b179fc963 updates nipkow parents: 25056 diff changeset	342	universally quantifies all \emph{vars} before the induction. Hence
359b179fc963 updates nipkow parents: 25056 diff changeset	343	they can be replaced by \emph{arbitrary} values in the proof.
359b179fc963 updates nipkow parents: 25056 diff changeset	344
359b179fc963 updates nipkow parents: 25056 diff changeset	345	The nice thing about generalization via \isa{arbitrary{\isacharcolon}} is that in
359b179fc963 updates nipkow parents: 25056 diff changeset	346	the induction step the claim is available in unquantified form but
359b179fc963 updates nipkow parents: 25056 diff changeset	347	with the generalized variables replaced by \isa{{\isacharquery}}-variables, ready
359b179fc963 updates nipkow parents: 25056 diff changeset	348	for instantiation. In the above example the
359b179fc963 updates nipkow parents: 25056 diff changeset	349	induction hypothesis is \isa{itrev\ xs\ {\isacharquery}ys\ {\isacharequal}\ rev\ xs\ {\isacharat}\ {\isacharquery}ys}.
359b179fc963 updates nipkow parents: 25056 diff changeset	350
359b179fc963 updates nipkow parents: 25056 diff changeset	351	For the curious: \isa{arbitrary{\isacharcolon}} introduces \isa{{\isasymAnd}}
359b179fc963 updates nipkow parents: 25056 diff changeset	352	behind the scenes.
359b179fc963 updates nipkow parents: 25056 diff changeset	353
359b179fc963 updates nipkow parents: 25056 diff changeset	354	\subsection{Inductive proofs of conditional formulae}
25412 6f56f0350f6c updates nipkow parents: 25403 diff changeset	355	\label{sec:full-Ind}
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	356
359b179fc963 updates nipkow parents: 25056 diff changeset	357	Induction also copes well with formulae involving \isa{{\isasymLongrightarrow}}, for example%
359b179fc963 updates nipkow parents: 25056 diff changeset	358	\end{isamarkuptext}%
359b179fc963 updates nipkow parents: 25056 diff changeset	359	\isamarkuptrue%
359b179fc963 updates nipkow parents: 25056 diff changeset	360	\isacommand{lemma}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	361	\ {\isachardoublequoteopen}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ hd{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ last\ xs{\isachardoublequoteclose}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	362	%
359b179fc963 updates nipkow parents: 25056 diff changeset	363	\isadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	364	%
359b179fc963 updates nipkow parents: 25056 diff changeset	365	\endisadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	366	%
359b179fc963 updates nipkow parents: 25056 diff changeset	367	\isatagproof
359b179fc963 updates nipkow parents: 25056 diff changeset	368	\isacommand{by}\isamarkupfalse%
25427 8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	369	\ {\isacharparenleft}induct\ xs{\isacharparenright}\ simp{\isacharunderscore}all%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	370	\endisatagproof
359b179fc963 updates nipkow parents: 25056 diff changeset	371	{\isafoldproof}%
359b179fc963 updates nipkow parents: 25056 diff changeset	372	%
359b179fc963 updates nipkow parents: 25056 diff changeset	373	\isadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	374	%
359b179fc963 updates nipkow parents: 25056 diff changeset	375	\endisadelimproof
359b179fc963 updates nipkow parents: 25056 diff changeset	376	%
359b179fc963 updates nipkow parents: 25056 diff changeset	377	\begin{isamarkuptext}%
359b179fc963 updates nipkow parents: 25056 diff changeset	378	\noindent This is an improvement over that style the
359b179fc963 updates nipkow parents: 25056 diff changeset	379	tutorial~\cite{LNCS2283} advises, which requires \isa{{\isasymlongrightarrow}}.
359b179fc963 updates nipkow parents: 25056 diff changeset	380	A further improvement is shown in the following proof:%
359b179fc963 updates nipkow parents: 25056 diff changeset	381	\end{isamarkuptext}%
359b179fc963 updates nipkow parents: 25056 diff changeset	382	\isamarkuptrue%
359b179fc963 updates nipkow parents: 25056 diff changeset	383	\isacommand{lemma}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	384	\ \ {\isachardoublequoteopen}map\ f\ xs\ {\isacharequal}\ map\ f\ ys\ {\isasymLongrightarrow}\ length\ xs\ {\isacharequal}\ length\ ys{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	385	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	386	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	387	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	388	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	389	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	390	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	391	\isacommand{proof}\isamarkupfalse%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	392	\ {\isacharparenleft}induct\ ys\ arbitrary{\isacharcolon}\ xs{\isacharparenright}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	393	\ \ \isacommand{case}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	394	\ Nil\ \isacommand{thus}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	395	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	396	\ simp\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	397	\isacommand{next}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	398	\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	399	\ \ \isacommand{case}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	400	\ {\isacharparenleft}Cons\ y\ ys{\isacharparenright}\ \ \isacommand{note}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	401	\ Asm\ {\isacharequal}\ Cons\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	402	\ \ \isacommand{show}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	403	\ {\isacharquery}case\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	404	\ \ \isacommand{proof}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	405	\ {\isacharparenleft}cases\ xs{\isacharparenright}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	406	\ \ \ \ \isacommand{case}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	407	\ Nil\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	408	\ \ \ \ \isacommand{hence}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	409	\ False\ \isacommand{using}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	410	\ Asm{\isacharparenleft}{\isadigit{2}}{\isacharparenright}\ \isacommand{by}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	411	\ simp\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	412	\ \ \ \ \isacommand{thus}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	413	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	414	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	415	\ \ \isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	416	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	417	\ \ \ \ \isacommand{case}\isamarkupfalse%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	418	\ {\isacharparenleft}Cons\ x\ xs{\isacharprime}{\isacharparenright}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	419	\ \ \ \ \isacommand{with}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	420	\ Asm{\isacharparenleft}{\isadigit{2}}{\isacharparenright}\ \isacommand{have}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	421	\ {\isachardoublequoteopen}map\ f\ xs{\isacharprime}\ {\isacharequal}\ map\ f\ ys{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
25427 8ba39d2d9d0b updated nipkow parents: 25412 diff changeset	422	\ simp\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	423	\ \ \ \ \isacommand{from}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	424	\ Asm{\isacharparenleft}{\isadigit{1}}{\isacharparenright}{\isacharbrackleft}OF\ this{\isacharbrackright}\ {\isacharbackquoteopen}xs\ {\isacharequal}\ x{\isacharhash}xs{\isacharprime}{\isacharbackquoteclose}\ \isacommand{show}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	425	\ {\isacharquery}thesis\ \isacommand{by}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	426	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	427	\ \ \isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	428	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	429	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	430	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	431	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	432	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	433	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	434	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	435	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	436	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	437	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	438	\begin{isamarkuptext}%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	439	\noindent
359b179fc963 updates nipkow parents: 25056 diff changeset	440	The base case is trivial. In the step case Isar assumes
359b179fc963 updates nipkow parents: 25056 diff changeset	441	(under the name \isa{Cons}) two propositions:
359b179fc963 updates nipkow parents: 25056 diff changeset	442	\begin{center}
359b179fc963 updates nipkow parents: 25056 diff changeset	443	\begin{tabular}{l}
359b179fc963 updates nipkow parents: 25056 diff changeset	444	\isa{map\ f\ {\isacharquery}xs\ {\isacharequal}\ map\ f\ ys\ {\isasymLongrightarrow}\ length\ {\isacharquery}xs\ {\isacharequal}\ length\ ys}\\
359b179fc963 updates nipkow parents: 25056 diff changeset	445	\isa{map\ f\ xs\ {\isacharequal}\ map\ f\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}}
359b179fc963 updates nipkow parents: 25056 diff changeset	446	\end{tabular}
359b179fc963 updates nipkow parents: 25056 diff changeset	447	\end{center}
359b179fc963 updates nipkow parents: 25056 diff changeset	448	The first is the induction hypothesis, the second, and this is new,
359b179fc963 updates nipkow parents: 25056 diff changeset	449	is the premise of the induction step. The actual goal at this point is merely
359b179fc963 updates nipkow parents: 25056 diff changeset	450	\isa{length\ xs\ {\isacharequal}\ length\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}}. The assumptions are given the new name
359b179fc963 updates nipkow parents: 25056 diff changeset	451	\isa{Asm} to avoid a name clash further down. The proof procedes with a case distinction on \isa{xs}. In the case \isa{xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}}, the second of our two
359b179fc963 updates nipkow parents: 25056 diff changeset	452	assumptions (\isa{Asm{\isacharparenleft}{\isadigit{2}}{\isacharparenright}}) implies the contradiction \isa{{\isadigit{0}}\ {\isacharequal}\ Suc{\isacharparenleft}{\isasymdots}{\isacharparenright}}.
359b179fc963 updates nipkow parents: 25056 diff changeset	453	In the case \isa{xs\ {\isacharequal}\ x\ {\isacharhash}\ xs{\isacharprime}}, we first obtain
359b179fc963 updates nipkow parents: 25056 diff changeset	454	\isa{map\ f\ xs{\isacharprime}\ {\isacharequal}\ map\ f\ ys}, from which a forward step with the first assumption (\isa{Asm{\isacharparenleft}{\isadigit{1}}{\isacharparenright}{\isacharbrackleft}OF\ this{\isacharbrackright}}) yields \isa{length\ xs{\isacharprime}\ {\isacharequal}\ length\ ys}. Together
359b179fc963 updates nipkow parents: 25056 diff changeset	455	with \isa{xs\ {\isacharequal}\ x\ {\isacharhash}\ xs} this yields the goal
359b179fc963 updates nipkow parents: 25056 diff changeset	456	\isa{length\ xs\ {\isacharequal}\ length\ {\isacharparenleft}y\ {\isacharhash}\ ys{\isacharparenright}}.
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	457
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	458
359b179fc963 updates nipkow parents: 25056 diff changeset	459	\subsection{Induction formulae involving \isa{{\isasymAnd}} or \isa{{\isasymLongrightarrow}}}
359b179fc963 updates nipkow parents: 25056 diff changeset	460
359b179fc963 updates nipkow parents: 25056 diff changeset	461	Let us now consider abstractly the situation where the goal to be proved
359b179fc963 updates nipkow parents: 25056 diff changeset	462	contains both \isa{{\isasymAnd}} and \isa{{\isasymLongrightarrow}}, say \isa{{\isasymAnd}x{\isachardot}\ P\ x\ {\isasymLongrightarrow}\ Q\ x}.
359b179fc963 updates nipkow parents: 25056 diff changeset	463	This means that in each case of the induction,
359b179fc963 updates nipkow parents: 25056 diff changeset	464	\isa{{\isacharquery}case} would be of the form \isa{{\isasymAnd}x{\isachardot}\ P{\isacharprime}\ x\ {\isasymLongrightarrow}\ Q{\isacharprime}\ x}. Thus the
359b179fc963 updates nipkow parents: 25056 diff changeset	465	first proof steps will be the canonical ones, fixing \isa{x} and assuming
359b179fc963 updates nipkow parents: 25056 diff changeset	466	\isa{P{\isacharprime}\ x}. To avoid this tedium, induction performs the canonical steps
359b179fc963 updates nipkow parents: 25056 diff changeset	467	automatically: in each step case, the assumptions contain both the
359b179fc963 updates nipkow parents: 25056 diff changeset	468	usual induction hypothesis and \isa{P{\isacharprime}\ x}, whereas \isa{{\isacharquery}case} is only
359b179fc963 updates nipkow parents: 25056 diff changeset	469	\isa{Q{\isacharprime}\ x}.
359b179fc963 updates nipkow parents: 25056 diff changeset	470
359b179fc963 updates nipkow parents: 25056 diff changeset	471	\subsection{Rule induction}
359b179fc963 updates nipkow parents: 25056 diff changeset	472
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	473	HOL also supports inductively defined sets. See \cite{LNCS2283}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	474	for details. As an example we define our own version of the reflexive
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	475	transitive closure of a relation --- HOL provides a predefined one as well.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	476	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	477	\isamarkuptrue%
25056 743f3603ba8b updated; wenzelm parents: 17187 diff changeset	478	\isacommand{inductive{\isacharunderscore}set}\isamarkupfalse%
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	479	\isanewline
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	480	\ \ rtc\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharunderscore}{\isacharasterisk}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	481	\ \ \isakeyword{for}\ r\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\isanewline
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	482	\isakeyword{where}\isanewline
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	483	\ \ refl{\isacharcolon}\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
743f3603ba8b updated; wenzelm parents: 17187 diff changeset	484	{\isacharbar}\ step{\isacharcolon}\ \ {\isachardoublequoteopen}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	485	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	486	\noindent
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	487	First the constant is declared as a function on binary
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	488	relations (with concrete syntax \isa{r{\isacharasterisk}} instead of \isa{rtc\ r}), then the defining clauses are given. We will now prove that
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	489	\isa{r{\isacharasterisk}} is indeed transitive:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	490	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	491	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	492	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	493	\ \isakeyword{assumes}\ A{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	494	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	495	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	496	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	497	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	498	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	499	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	500	\isacommand{using}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	501	\ A\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	502	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	503	\ induct\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	504	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	505	\ refl\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	506	\ {\isacharquery}case\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	507	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	508	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	509	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	510	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	511	\ step\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	512	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	513	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isachardot}step{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	514	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	515	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	516	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	517	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	518	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	519	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	520	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	521	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	522	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	523	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	524	\noindent Rule induction is triggered by a fact $(x_1,\dots,x_n)
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	525	\in R$ piped into the proof, here \isakeyword{using}~\isa{A}. The
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	526	proof itself follows the inductive definition very
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	527	closely: there is one case for each rule, and it has the same name as
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	528	the rule, analogous to structural induction.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	529
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	530	However, this proof is rather terse. Here is a more readable version:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	531	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	532	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	533	\isacommand{lemma}\isamarkupfalse%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	534	\ \isakeyword{assumes}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{and}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	535	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	536	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	537	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	538	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	539	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	540	\isatagproof
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	541	\isacommand{using}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	542	\ assms\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	543	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	544	\ induct\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	545	\ \ \isacommand{fix}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	546	\ x\ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	547	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \ %
16459 7efee005e568 updated; wenzelm parents: 16044 diff changeset	548	\isamarkupcmt{\isa{B}[\isa{y} := \isa{x}]%
7efee005e568 updated; wenzelm parents: 16044 diff changeset	549	}
7efee005e568 updated; wenzelm parents: 16044 diff changeset	550	\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	551	\ \ \isacommand{thus}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	552	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	553	\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	554	\isacommand{next}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	555	\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	556	\ \ \isacommand{fix}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	557	\ x{\isacharprime}\ x\ y\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	558	\ \ \isacommand{assume}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	559	\ {\isadigit{1}}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharprime}{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isachardoublequoteclose}\ \isakeyword{and}\isanewline
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	560	\ \ \ \ \ \ \ \ \ IH{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{and}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	561	\ \ \ \ \ \ \ \ \ B{\isacharcolon}\ \ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	562	\ \ \isacommand{from}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	563	\ {\isadigit{1}}\ IH{\isacharbrackleft}OF\ B{\isacharbrackright}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	564	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharprime}{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	565	{\isacharparenleft}rule\ rtc{\isachardot}step{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	566	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	567	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	568	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	569	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	570	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	571	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	572	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	573	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	574	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	575	\begin{isamarkuptext}%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	576	\noindent
359b179fc963 updates nipkow parents: 25056 diff changeset	577	This time, merely for a change, we start the proof with by feeding both
359b179fc963 updates nipkow parents: 25056 diff changeset	578	assumptions into the inductive proof. Only the first assumption is
359b179fc963 updates nipkow parents: 25056 diff changeset	579	``consumed'' by the induction.
359b179fc963 updates nipkow parents: 25056 diff changeset	580	Since the second one is left over we don't just prove \isa{{\isacharquery}thesis} but
359b179fc963 updates nipkow parents: 25056 diff changeset	581	\isa{{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharquery}thesis}, just as in the previous proof.
359b179fc963 updates nipkow parents: 25056 diff changeset	582	The base case is trivial. In the assumptions for the induction step we can
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	583	see very clearly how things fit together and permit ourselves the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	584	obvious forward step \isa{IH{\isacharbrackleft}OF\ B{\isacharbrackright}}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	585
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	586	The notation \isakeyword{case}~\isa{(}\emph{constructor} \emph{vars}\isa{)}
359b179fc963 updates nipkow parents: 25056 diff changeset	587	is also supported for inductive definitions. The \emph{constructor} is the
359b179fc963 updates nipkow parents: 25056 diff changeset	588	name of the rule and the \emph{vars} fix the free variables in the
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	589	rule; the order of the \emph{vars} must correspond to the
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	590	left-to-right order of the variables as they appear in the rule.
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	591	For example, we could start the above detailed proof of the induction
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	592	with \isakeyword{case}~\isa{(step x' x y)}. In that case we don't need
359b179fc963 updates nipkow parents: 25056 diff changeset	593	to spell out the assumptions but can refer to them by \isa{step{\isacharparenleft}{\isachardot}{\isacharparenright}},
359b179fc963 updates nipkow parents: 25056 diff changeset	594	although the resulting text will be quite cryptic.
359b179fc963 updates nipkow parents: 25056 diff changeset	595
359b179fc963 updates nipkow parents: 25056 diff changeset	596	\subsection{More induction}
359b179fc963 updates nipkow parents: 25056 diff changeset	597
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	598	We close the section by demonstrating how arbitrary induction
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	599	rules are applied. As a simple example we have chosen recursion
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	600	induction, i.e.\ induction based on a recursive function
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	601	definition. However, most of what we show works for induction in
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	602	general.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	603
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	604	The example is an unusual definition of rotation:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	605	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	606	\isamarkuptrue%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	607	\isacommand{fun}\isamarkupfalse%
359b179fc963 updates nipkow parents: 25056 diff changeset	608	\ rot\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequoteclose}\ \isakeyword{where}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	609	{\isachardoublequoteopen}rot\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\ {\isacharbar}\isanewline
359b179fc963 updates nipkow parents: 25056 diff changeset	610	{\isachardoublequoteopen}rot\ {\isacharbrackleft}x{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}x{\isacharbrackright}{\isachardoublequoteclose}\ {\isacharbar}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	611	{\isachardoublequoteopen}rot\ {\isacharparenleft}x{\isacharhash}y{\isacharhash}zs{\isacharparenright}\ {\isacharequal}\ y\ {\isacharhash}\ rot{\isacharparenleft}x{\isacharhash}zs{\isacharparenright}{\isachardoublequoteclose}%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	612	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	613	\noindent This yields, among other things, the induction rule
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	614	\isa{rot{\isachardot}induct}: \begin{isabelle}%
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	615	{\isasymlbrakk}P\ {\isacharbrackleft}{\isacharbrackright}{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ P\ {\isacharbrackleft}x{\isacharbrackright}{\isacharsemicolon}\ {\isasymAnd}x\ y\ zs{\isachardot}\ P\ {\isacharparenleft}x\ {\isacharhash}\ zs{\isacharparenright}\ {\isasymLongrightarrow}\ P\ {\isacharparenleft}x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ a{\isadigit{0}}%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	616	\end{isabelle}
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	617	The following proof relies on a default naming scheme for cases: they are
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	618	called 1, 2, etc, unless they have been named explicitly. The latter happens
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	619	only with datatypes and inductively defined sets, but (usually)
359b179fc963 updates nipkow parents: 25056 diff changeset	620	not with recursive functions.%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	621	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	622	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	623	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	624	\ {\isachardoublequoteopen}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ rot\ xs\ {\isacharequal}\ tl\ xs\ {\isacharat}\ {\isacharbrackleft}hd\ xs{\isacharbrackright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	625	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	626	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	627	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	628	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	629	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	630	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	631	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	632	\ {\isacharparenleft}induct\ xs\ rule{\isacharcolon}\ rot{\isachardot}induct{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	633	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	634	\ {\isadigit{1}}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	635	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	636	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	637	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	638	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	639	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	640	\ {\isadigit{2}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	641	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	642	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	643	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	644	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	645	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	646	\ {\isacharparenleft}{\isadigit{3}}\ a\ b\ cs{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	647	\ \ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	648	\ {\isachardoublequoteopen}rot\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharequal}\ b\ {\isacharhash}\ rot{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	649	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	650	\ \ \isacommand{also}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	651	\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	652	\ {\isachardoublequoteopen}{\isasymdots}\ {\isacharequal}\ b\ {\isacharhash}\ tl{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharat}\ {\isacharbrackleft}hd{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	653	{\isacharparenleft}simp\ add{\isacharcolon}{\isadigit{3}}{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	654	\ \ \isacommand{also}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	655	\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	656	\ {\isachardoublequoteopen}{\isasymdots}\ {\isacharequal}\ tl\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharat}\ {\isacharbrackleft}hd\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	657	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	658	\ \ \isacommand{finally}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	659	\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	660	\ {\isacharquery}case\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	661	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	662	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	663	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	664	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	665	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	666	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	667	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	668	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	669	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	670	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	671	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	672	\noindent
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	673	The third case is only shown in gory detail (see \cite{BauerW-TPHOLs01}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	674	for how to reason with chains of equations) to demonstrate that the
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	675	\isakeyword{case}~\isa{(}\emph{constructor} \emph{vars}\isa{)} notation also
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	676	works for arbitrary induction theorems with numbered cases. The order
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	677	of the \emph{vars} corresponds to the order of the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	678	\isa{{\isasymAnd}}-quantified variables in each case of the induction
25403 359b179fc963 updates nipkow parents: 25056 diff changeset	679	theorem. For induction theorems produced by \isakeyword{fun} it is
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	680	the order in which the variables appear on the left-hand side of the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	681	equation.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	682
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	683	The proof is so simple that it can be condensed to%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	684	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	685	\isamarkuptrue%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	686	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	687	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	688	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	689	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	690	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	691	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	692	\isacommand{by}\isamarkupfalse%
25412 6f56f0350f6c updates nipkow parents: 25403 diff changeset	693	\ {\isacharparenleft}induct\ xs\ rule{\isacharcolon}\ rot{\isachardot}induct{\isacharparenright}\ simp{\isacharunderscore}all\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	694	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	695	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	696	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	697	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	698	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	699	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	700	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	701	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	702	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	703	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	704	\endisadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	705	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	706	\isatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	707	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	708	\endisatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	709	{\isafoldtheory}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	710	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	711	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	712	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	713	\endisadelimtheory
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	714	\end{isabellebody}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	715	%%% Local Variables:
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	716	%%% mode: latex
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	717	%%% TeX-master: "root"
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	718	%%% End:

author	nipkow
	Tue, 13 Nov 2007 13:51:12 +0100
changeset 25427	8ba39d2d9d0b
parent 25412	6f56f0350f6c
child 27171	6477705ae3ad
permissions	-rw-r--r--