isabelle: doc-src/ProgProve/Thys/document/Bool_nat_list.tex@21c42b095c84 (annotated)

47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	1	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	2	\begin{isabellebody}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	3	\def\isabellecontext{Bool{\isaliteral{5F}{\isacharunderscore}}nat{\isaliteral{5F}{\isacharunderscore}}list}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	4	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	5	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	6	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	7	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	8	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	9	\isatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	10	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	11	\endisatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	12	{\isafoldtheory}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	13	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	14	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	15	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	16	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	17	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	18	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	19	\vspace{-4ex}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	20	\section{\texorpdfstring{Types \isa{bool}, \isa{nat} and \isa{list}}{Types bool, nat and list}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	21
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	22	These are the most important predefined types. We go through them one by one.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	23	Based on examples we learn how to define (possibly recursive) functions and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	24	prove theorems about them by induction and simplification.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	25
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	26	\subsection{Type \isa{bool}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	27
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	28	The type of boolean values is a predefined datatype
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	29	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	30	\isacommand{datatype}\ bool\ {\isaliteral{3D}{\isacharequal}}\ True\ {\isaliteral{7C}{\isacharbar}}\ False%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	31	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	32	with the two values \isa{True} and \isa{False} and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	33	with many predefined functions: \isa{{\isaliteral{5C3C6E6F743E}{\isasymnot}}}, \isa{{\isaliteral{5C3C616E643E}{\isasymand}}}, \isa{{\isaliteral{5C3C6F723E}{\isasymor}}}, \isa{{\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}} etc. Here is how conjunction could be defined by pattern matching:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	34	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	35	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	36	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	37	\ conj\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}bool\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ bool\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ bool{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	38	{\isaliteral{22}{\isachardoublequoteopen}}conj\ True\ True\ {\isaliteral{3D}{\isacharequal}}\ True{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	39	{\isaliteral{22}{\isachardoublequoteopen}}conj\ {\isaliteral{5F}{\isacharunderscore}}\ {\isaliteral{5F}{\isacharunderscore}}\ {\isaliteral{3D}{\isacharequal}}\ False{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	40	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	41	Both the datatype and function definitions roughly follow the syntax
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	42	of functional programming languages.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	43
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	44	\subsection{Type \isa{nat}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	45
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	46	Natural numbers are another predefined datatype:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	47	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	48	\isacommand{datatype}\ nat\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}\ {\isaliteral{7C}{\isacharbar}}\ Suc\ nat%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	49	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	50	All values of type \isa{nat} are generated by the constructors
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	51	\isa{{\isadigit{0}}} and \isa{Suc}. Thus the values of type \isa{nat} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	52	\isa{{\isadigit{0}}}, \isa{Suc\ {\isadigit{0}}}, \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}} etc.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	53	There are many predefined functions: \isa{{\isaliteral{2B}{\isacharplus}}}, \isa{{\isaliteral{2A}{\isacharasterisk}}}, \isa{{\isaliteral{5C3C6C653E}{\isasymle}}}, etc. Here is how you could define your own addition:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	54	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	55	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	56	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	57	\ add\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}nat\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	58	{\isaliteral{22}{\isachardoublequoteopen}}add\ {\isadigit{0}}\ n\ {\isaliteral{3D}{\isacharequal}}\ n{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	59	{\isaliteral{22}{\isachardoublequoteopen}}add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ n\ {\isaliteral{3D}{\isacharequal}}\ Suc{\isaliteral{28}{\isacharparenleft}}add\ m\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	60	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	61	And here is a proof of the fact that \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	62	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	63	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	64	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	65	\ add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	66	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	67	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	68	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	69	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	70	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	71	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	72	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	73	{\isaliteral{28}{\isacharparenleft}}induction\ m{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	74	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	75	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	76	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	77	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	78	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	79	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	80	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	81	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	82	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	83	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	84	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	85	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	86	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	87	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	88	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	89	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	90	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	91	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	92	The \isacom{lemma} command starts the proof and gives the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	93	a name, \isa{add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}}. Properties of recursively defined functions
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	94	need to be established by induction in most cases.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	95	Command \isacom{apply}\isa{{\isaliteral{28}{\isacharparenleft}}induction\ m{\isaliteral{29}{\isacharparenright}}} instructs Isabelle to
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	96	start a proof by induction on \isa{m}. In response, it will show the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	97	following proof state:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	98	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	99	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	100	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}m{\isaliteral{2E}{\isachardot}}\ add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	101	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	102	The numbered lines are known as \emph{subgoals}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	103	The first subgoal is the base case, the second one the induction step.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	104	The prefix \isa{{\isaliteral{5C3C416E643E}{\isasymAnd}}m{\isaliteral{2E}{\isachardot}}} is Isabelle's way of saying ``for an arbitrary but fixed \isa{m}''. The \isa{{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}} separates assumptions from the conclusion.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	105	The command \isacom{apply}\isa{{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}} instructs Isabelle to try
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	106	and prove all subgoals automatically, essentially by simplifying them.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	107	Because both subgoals are easy, Isabelle can do it.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	108	The base case \isa{add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}} holds by definition of \isa{add},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	109	and the induction step is almost as simple:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	110	\isa{add~{\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc{\isaliteral{28}{\isacharparenleft}}add\ m\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	111	using first the definition of \isa{add} and then the induction hypothesis.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	112	In summary, both subproofs rely on simplification with function definitions and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	113	the induction hypothesis.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	114	As a result of that final \isacom{done}, Isabelle associates the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	115	just proved with its name. You can now inspect the lemma with the command%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	116	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	117	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	118	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	119	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	120	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	121	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	122	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	123	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	124	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	125	\isacommand{thm}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	126	\ add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	127	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	128	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	129	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	130	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	131	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	132	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	133	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	134	which displays \begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	135	add\ {\isaliteral{3F}{\isacharquery}}m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{3F}{\isacharquery}}m%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	136	\end{isabelle} The free
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	137	variable \isa{m} has been replaced by the \concept{unknown}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	138	\isa{{\isaliteral{3F}{\isacharquery}}m}. There is no logical difference between the two but an
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	139	operational one: unknowns can be instantiated, which is what you want after
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	140	some lemma has been proved.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	141
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	142	Note that there is also a proof method \isa{induct}, which behaves almost
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	143	like \isa{induction}; the difference is explained in \autoref{ch:Isar}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	144
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	145	\begin{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	146	Terminology: We use \concept{lemma}, \concept{theorem} and \concept{rule}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	147	interchangeably for propositions that have been proved.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	148	\end{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	149	\begin{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	150	Numerals (\isa{{\isadigit{0}}}, \isa{{\isadigit{1}}}, \isa{{\isadigit{2}}}, \dots) and most of the standard
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	151	arithmetic operations (\isa{{\isaliteral{2B}{\isacharplus}}}, \isa{{\isaliteral{2D}{\isacharminus}}}, \isa{{\isaliteral{2A}{\isacharasterisk}}}, \isa{{\isaliteral{5C3C6C653E}{\isasymle}}},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	152	\isa{{\isaliteral{3C}{\isacharless}}} etc) are overloaded: they are available
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	153	not just for natural numbers but for other types as well.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	154	For example, given the goal \isa{x\ {\isaliteral{2B}{\isacharplus}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ x}, there is nothing to indicate
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	155	that you are talking about natural numbers. Hence Isabelle can only infer
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	156	that \isa{x} is of some arbitrary type where \isa{{\isadigit{0}}} and \isa{{\isaliteral{2B}{\isacharplus}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	157	exist. As a consequence, you will be unable to prove the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	158	goal. To alert you to such pitfalls, Isabelle flags numerals without a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	159	fixed type in its output: \isa{x\ {\isaliteral{2B}{\isacharplus}}\ {\isaliteral{28}{\isacharparenleft}}{\isadigit{0}}{\isaliteral{5C3C436F6C6F6E3E}{\isasymColon}}{\isaliteral{27}{\isacharprime}}a{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ x}. In this particular example,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	160	you need to include
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	161	an explicit type constraint, for example \isa{x{\isaliteral{2B}{\isacharplus}}{\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{28}{\isacharparenleft}}x{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}nat{\isaliteral{29}{\isacharparenright}}}. If there
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	162	is enough contextual information this may not be necessary: \isa{Suc\ x\ {\isaliteral{3D}{\isacharequal}}\ x} automatically implies \isa{x{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}nat} because \isa{Suc} is not
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	163	overloaded.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	164	\end{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	165
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	166	\subsubsection{An informal proof}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	167
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	168	Above we gave some terse informal explanation of the proof of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	169	\isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}. A more detailed informal exposition of the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	170	might look like this:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	171	\bigskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	172
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	173	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	174	\textbf{Lemma} \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	175
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	176	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	177	\textbf{Proof} by induction on \isa{m}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	178	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	179	\item Case \isa{{\isadigit{0}}} (the base case): \isa{add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	180	holds by definition of \isa{add}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	181	\item Case \isa{Suc\ m} (the induction step):
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	182	We assume \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}, the induction hypothesis (IH),
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	183	and we need to show \isa{add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	184	The proof is as follows:\smallskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	185
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	186	\begin{tabular}{@ {}rcl@ {\quad}l@ {}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	187	\isa{add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}} &\isa{{\isaliteral{3D}{\isacharequal}}}& \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}add\ m\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	188	& by definition of \isa{add}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	189	&\isa{{\isaliteral{3D}{\isacharequal}}}& \isa{Suc\ m} & by IH
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	190	\end{tabular}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	191	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	192	Throughout this book, \concept{IH} will stand for ``induction hypothesis''.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	193
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	194	We have now seen three proofs of \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}}: the Isabelle one, the
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	195	terse four lines explaining the base case and the induction step, and just now a
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	196	model of a traditional inductive proof. The three proofs differ in the level
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	197	of detail given and the intended reader: the Isabelle proof is for the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	198	machine, the informal proofs are for humans. Although this book concentrates
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	199	on Isabelle proofs, it is important to be able to rephrase those proofs
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	200	as informal text comprehensible to a reader familiar with traditional
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	201	mathematical proofs. Later on we will introduce an Isabelle proof language
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	202	that is closer to traditional informal mathematical language and is often
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	203	directly readable.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	204
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	205	\subsection{Type \isa{list}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	206
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	207	Although lists are already predefined, we define our own copy just for
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	208	demonstration purposes:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	209	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	210	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	211	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	212	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	213	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	214	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	215	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	216	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	217	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	218	\isacommand{datatype}\isamarkupfalse%
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	219	\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{3D}{\isacharequal}}\ Nil\ {\isaliteral{7C}{\isacharbar}}\ Cons\ {\isaliteral{27}{\isacharprime}}a\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}%
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	220	\begin{isamarkuptext}%
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	221	\begin{itemize}
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	222	\item Type \isa{{\isaliteral{27}{\isacharprime}}a\ list} is the type of lists over elements of type \isa{{\isaliteral{27}{\isacharprime}}a}. Because \isa{{\isaliteral{27}{\isacharprime}}a} is a type variable, lists are in fact \concept{polymorphic}: the elements of a list can be of arbitrary type (but must all be of the same type).
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	223	\item Lists have two constructors: \isa{Nil}, the empty list, and \isa{Cons}, which puts an element (of type \isa{{\isaliteral{27}{\isacharprime}}a}) in front of a list (of type \isa{{\isaliteral{27}{\isacharprime}}a\ list}).
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	224	Hence all lists are of the form \isa{Nil}, or \isa{Cons\ x\ Nil},
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	225	or \isa{Cons\ x\ {\isaliteral{28}{\isacharparenleft}}Cons\ y\ Nil{\isaliteral{29}{\isacharparenright}}} etc.
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	226	\item \isacom{datatype} requires no quotation marks on the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	227	left-hand side, but on the right-hand side each of the argument
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	228	types of a constructor needs to be enclosed in quotation marks, unless
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	229	it is just an identifier (e.g.\ \isa{nat} or \isa{{\isaliteral{27}{\isacharprime}}a}).
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	230	\end{itemize}
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	231	We also define two standard functions, append and reverse:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	232	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	233	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	234	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	235	\ app\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	236	{\isaliteral{22}{\isachardoublequoteopen}}app\ Nil\ ys\ {\isaliteral{3D}{\isacharequal}}\ ys{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	237	{\isaliteral{22}{\isachardoublequoteopen}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys\ {\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	238	\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	239	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	240	\ rev\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	241	{\isaliteral{22}{\isachardoublequoteopen}}rev\ Nil\ {\isaliteral{3D}{\isacharequal}}\ Nil{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	242	{\isaliteral{22}{\isachardoublequoteopen}}rev\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	243	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	244	By default, variables \isa{xs}, \isa{ys} and \isa{zs} are of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	245	\isa{list} type.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	246
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	247	Command \isacom{value} evaluates a term. For example,%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	248	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	249	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	250	\isacommand{value}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	251	\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}Cons\ True\ {\isaliteral{28}{\isacharparenleft}}Cons\ False\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	252	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	253	yields the result \isa{Cons\ False\ {\isaliteral{28}{\isacharparenleft}}Cons\ True\ Nil{\isaliteral{29}{\isacharparenright}}}. This works symbolically, too:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	254	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	255	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	256	\isacommand{value}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	257	\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}Cons\ a\ {\isaliteral{28}{\isacharparenleft}}Cons\ b\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	258	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	259	yields \isa{Cons\ b\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	260	\medskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	261
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	262	Figure~\ref{fig:MyList} shows the theory created so far.
47719 8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	263	Because \isa{list}, \isa{Nil}, \isa{Cons} etc are already predefined,
8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	264	Isabelle prints qualified (long) names when executing this theory, for example, \isa{MyList{\isaliteral{2E}{\isachardot}}Nil}
8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	265	instead of \isa{Nil}.
8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	266	To suppress the qualified names you can insert the command
8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	267	\texttt{declare [[names\_short]]}.
8aac84627b84 the perennial doc problem of how to define lists a second time nipkow parents: 47711 diff changeset	268	This is not recommended in general but just for this unusual example.
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	269	% Notice where the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	270	%quotations marks are needed that we mostly sweep under the carpet. In
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	271	%particular, notice that \isacom{datatype} requires no quotation marks on the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	272	%left-hand side, but that on the right-hand side each of the argument
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	273	%types of a constructor needs to be enclosed in quotation marks.
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	274
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	275	\begin{figure}[htbp]
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	276	\begin{alltt}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	277	\input{Thys/MyList.thy}\end{alltt}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	278	\caption{A Theory of Lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	279	\label{fig:MyList}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	280	\end{figure}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	281
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	282	\subsubsection{Structural Induction for Lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	283
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	284	Just as for natural numbers, there is a proof principle of induction for
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	285	lists. Induction over a list is essentially induction over the length of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	286	the list, although the length remains implicit. To prove that some property
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	287	\isa{P} holds for all lists \isa{xs}, i.e.\ \mbox{\isa{P\ xs}},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	288	you need to prove
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	289	\begin{enumerate}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	290	\item the base case \isa{P\ Nil} and
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	291	\item the inductive case \isa{P\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}} under the assumption \isa{P\ xs}, for some arbitrary but fixed \isa{x} and \isa{xs}.
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	292	\end{enumerate}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	293	This is often called \concept{structural induction}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	294
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	295	\subsection{The Proof Process}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	296
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	297	We will now demonstrate the typical proof process, which involves
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	298	the formulation and proof of auxiliary lemmas.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	299	Our goal is to show that reversing a list twice produces the original
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	300	list.%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	301	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	302	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	303	\isacommand{theorem}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	304	\ rev{\isaliteral{5F}{\isacharunderscore}}rev\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	305	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	306	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	307	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	308	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	309	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	310	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	311	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	312	Commands \isacom{theorem} and \isacom{lemma} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	313	interchangeable and merely indicate the importance we attach to a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	314	proposition. Via the bracketed attribute \isa{simp} we also tell Isabelle
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	315	to make the eventual theorem a \concept{simplification rule}: future proofs
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	316	involving simplification will replace occurrences of \isa{rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}} by
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	317	\isa{xs}. The proof is by induction:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	318	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	319	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	320	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	321	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	322	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	323	As explained above, we obtain two subgoals, namely the base case (\isa{Nil}) and the induction step (\isa{Cons}):
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	324	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	325	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ Nil{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Nil\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	326	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Cons\ a\ xs%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	327	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	328	Let us try to solve both goals automatically:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	329	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	330	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	331	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	332	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	333	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	334	Subgoal~1 is proved, and disappears; the simplified version
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	335	of subgoal~2 becomes the new subgoal~1:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	336	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	337	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	338	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	339	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Cons\ a\ xs%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	340	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	341	In order to simplify this subgoal further, a lemma suggests itself.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	342
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	343	\subsubsection{A First Lemma}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	344
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	345	We insert the following lemma in front of the main theorem:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	346	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	347	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	348	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	349	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	350	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	351	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	352	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	353	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	354	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	355	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	356	\ rev{\isaliteral{5F}{\isacharunderscore}}app\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	357	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	358	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	359	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	360	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	361	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	362	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	363	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	364	There are two variables that we could induct on: \isa{xs} and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	365	\isa{ys}. Because \isa{app} is defined by recursion on
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	366	the first argument, \isa{xs} is the correct one:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	367	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	368	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	369	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	370	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	371	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	372	This time not even the base case is solved automatically:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	373	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	374	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	375	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	376	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	377	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	378	\vspace{-5ex}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	379	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	380	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ rev\ ys\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ Nil%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	381	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	382	Again, we need to abandon this proof attempt and prove another simple lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	383	first.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	384
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	385	\subsubsection{A Second Lemma}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	386
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	387	We again try the canonical proof procedure:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	388	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	389	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	390	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	391	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	392	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	393	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	394	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	395	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	396	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	397	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	398	\ app{\isaliteral{5F}{\isacharunderscore}}Nil{\isadigit{2}}\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}app\ xs\ Nil\ {\isaliteral{3D}{\isacharequal}}\ xs{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	399	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	400	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	401	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	402	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	403	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	404	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	405	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	406	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	407	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	408	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	409	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	410	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	411	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	412	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	413	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	414	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	415	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	416	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	417	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	418	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	419	Thankfully, this worked.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	420	Now we can continue with our stuck proof attempt of the first lemma:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	421	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	422	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	423	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	424	\ rev{\isaliteral{5F}{\isacharunderscore}}app\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	425	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	426	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	427	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	428	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	429	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	430	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	431	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	432	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	433	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	434	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	435	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	436	We find that this time \isa{auto} solves the base case, but the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	437	induction step merely simplifies to
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	438	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	439	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	440	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	441	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	442	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	443	\end{isabelle}
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	444	The missing lemma is associativity of \isa{app},
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	445	which we insert in front of the failed lemma \isa{rev{\isaliteral{5F}{\isacharunderscore}}app}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	446
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	447	\subsubsection{Associativity of \isa{app}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	448
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	449	The canonical proof procedure succeeds without further ado:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	450	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	451	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	452	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	453	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	454	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	455	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	456	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	457	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	458	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	459	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	460	\ app{\isaliteral{5F}{\isacharunderscore}}assoc\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	461	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	462	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	463	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	464	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	465	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	466	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	467	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	468	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	469	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	470	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	471	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	472	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	473	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	474	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	475	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	476	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	477	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	478	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	479	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	480	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	481	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	482	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	483	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	484	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	485	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	486	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	487	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	488	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	489	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	490	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	491	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	492	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	493	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	494	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	495	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	496	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	497	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	498	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	499	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	500	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	501	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	502	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	503	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	504	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	505	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	506	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	507	Finally the proofs of \isa{rev{\isaliteral{5F}{\isacharunderscore}}app} and \isa{rev{\isaliteral{5F}{\isacharunderscore}}rev}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	508	succeed, too.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	509
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	510	\subsubsection{Another informal proof}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	511
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	512	Here is the informal proof of associativity of \isa{app}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	513	corresponding to the Isabelle proof above.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	514	\bigskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	515
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	516	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	517	\textbf{Lemma} \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	518
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	519	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	520	\textbf{Proof} by induction on \isa{xs}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	521	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	522	\item Case \isa{Nil}: \ \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ Nil\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ ys\ zs} \isa{{\isaliteral{3D}{\isacharequal}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	523	\mbox{\isa{app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}} \ holds by definition of \isa{app}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	524	\item Case \isa{Cons\ x\ xs}: We assume
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	525	\begin{center} \hfill \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs} \isa{{\isaliteral{3D}{\isacharequal}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	526	\isa{app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}} \hfill (IH) \end{center}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	527	and we need to show
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	528	\begin{center} \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}.\end{center}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	529	The proof is as follows:\smallskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	530
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	531	\begin{tabular}{@ {}l@ {\quad}l@ {}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	532	\isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys{\isaliteral{29}{\isacharparenright}}\ zs}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	533	\isa{{\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ zs} & by definition of \isa{app}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	534	\isa{{\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs{\isaliteral{29}{\isacharparenright}}} & by definition of \isa{app}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	535	\isa{{\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}} & by IH\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	536	\isa{{\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}} & by definition of \isa{app}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	537	\end{tabular}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	538	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	539	\medskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	540
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	541	\noindent Didn't we say earlier that all proofs are by simplification? But
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	542	in both cases, going from left to right, the last equality step is not a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	543	simplification at all! In the base case it is \isa{app\ ys\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}. It appears almost mysterious because we suddenly complicate the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	544	term by appending \isa{Nil} on the left. What is really going on is this:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	545	when proving some equality \mbox{\isa{s\ {\isaliteral{3D}{\isacharequal}}\ t}}, both \isa{s} and \isa{t} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	546	simplified to some common term \isa{u}. This heuristic for equality proofs
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	547	works well for a functional programming context like ours. In the base case
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	548	\isa{s} is \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ Nil\ ys{\isaliteral{29}{\isacharparenright}}\ zs}, \isa{t} is \isa{app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}, and \isa{u} is \isa{app\ ys\ zs}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	549
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	550	\subsection{Predefined lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	551	\label{sec:predeflists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	552
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	553	Isabelle's predefined lists are the same as the ones above, but with
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	554	more syntactic sugar:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	555	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	556	\item \isa{{\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is \isa{Nil},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	557	\item \isa{x\ {\isaliteral{23}{\isacharhash}}\ xs} is \isa{Cons\ x\ xs},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	558	\item \isa{{\isaliteral{5B}{\isacharbrackleft}}x\isaliteral{5C3C5E697375623E}{}\isactrlisub {\isadigit{1}}{\isaliteral{2C}{\isacharcomma}}\ {\isaliteral{5C3C646F74733E}{\isasymdots}}{\isaliteral{2C}{\isacharcomma}}\ x\isaliteral{5C3C5E697375623E}{}\isactrlisub n{\isaliteral{5D}{\isacharbrackright}}} is \isa{x\isaliteral{5C3C5E697375623E}{}\isactrlisub {\isadigit{1}}\ {\isaliteral{23}{\isacharhash}}\ {\isaliteral{5C3C646F74733E}{\isasymdots}}\ {\isaliteral{23}{\isacharhash}}\ x\isaliteral{5C3C5E697375623E}{}\isactrlisub n\ {\isaliteral{23}{\isacharhash}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}}, and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	559	\item \isa{xs\ {\isaliteral{40}{\isacharat}}\ ys} is \isa{app\ xs\ ys}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	560	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	561	There is also a large library of predefined functions.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	562	The most important ones are the length function
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	563	\isa{length\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat} (with the obvious definition),
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	564	and the map function that applies a function to all elements of a list:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	565	\begin{isabelle}
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	566	\isacom{fun} \isa{map} \isa{{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}} \isa{{\isaliteral{22}{\isachardoublequote}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}a\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}b{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}b\ list{\isaliteral{22}{\isachardoublequote}}}\\
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	567	\isa{{\isaliteral{22}{\isachardoublequote}}}\isa{map\ f\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}}\isa{{\isaliteral{22}{\isachardoublequote}}\ {\isaliteral{7C}{\isacharbar}}}\\
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	568	\isa{{\isaliteral{22}{\isachardoublequote}}}\isa{map\ f\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ f\ x\ {\isaliteral{23}{\isacharhash}}\ map\ f\ xs}\isa{{\isaliteral{22}{\isachardoublequote}}}
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	569	\end{isabelle}
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	570	\sem
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	571	Also useful are the \concept{head} of a list, its first element,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	572	and the \concept{tail}, the rest of the list:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	573	\begin{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	574	\isacom{fun} \isa{hd\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	575	\isa{hd\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ x}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	576	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	577	\begin{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	578	\isacom{fun} \isa{tl\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	579	\isa{tl\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} \isa{{\isaliteral{7C}{\isacharbar}}}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	580	\isa{tl\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	581	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	582	Note that since HOL is a logic of total functions, \isa{hd\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is defined,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	583	but we do now know what the result is. That is, \isa{hd\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is not undefined
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	584	but underdefined.
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	585	\endsem
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	586	%%
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	587	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	588	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	589	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	590	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	591	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	592	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	593	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	594	\isatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	595	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	596	\endisatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	597	{\isafoldtheory}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	598	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	599	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	600	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	601	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	602	\end{isabellebody}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	603	%%% Local Variables:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	604	%%% mode: latex
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	605	%%% TeX-master: "root"
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	606	%%% End:

author	wenzelm
	Sun, 20 May 2012 11:34:33 +0200
changeset 47884	21c42b095c84
parent 47719	8aac84627b84
permissions	-rw-r--r--