isabelle: doc-src/IsarOverview/Isar/document/Induction.tex@a49c0f7c9634 (annotated)

13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	1	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	2	\begin{isabellebody}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	3	\def\isabellecontext{Induction}%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	4	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	5	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	6	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	7	\endisadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	8	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	9	\isatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	10	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	11	\endisatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	12	{\isafoldtheory}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	13	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	14	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	15	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	16	\endisadelimtheory
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	17	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	18	\isamarkupsection{Case distinction and induction \label{sec:Induct}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	19	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	20	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	21	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	22	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	23	Computer science applications abound with inductively defined
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	24	structures, which is why we treat them in more detail. HOL already
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	25	comes with a datatype of lists with the two constructors \isa{Nil}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	26	and \isa{Cons}. \isa{Nil} is written \isa{{\isacharbrackleft}{\isacharbrackright}} and \isa{Cons\ x\ xs} is written \isa{x\ {\isacharhash}\ xs}.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	27	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	28	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	29	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	30	\isamarkupsubsection{Case distinction\label{sec:CaseDistinction}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	31	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	32	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	33	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	34	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	35	We have already met the \isa{cases} method for performing
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	36	binary case splits. Here is another example:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	37	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	38	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	39	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	40	\ {\isachardoublequoteopen}{\isasymnot}\ A\ {\isasymor}\ A{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	41	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	42	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	43	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	44	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	45	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	46	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	47	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	48	\ cases\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	49	\ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	50	\ {\isachardoublequoteopen}A{\isachardoublequoteclose}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	51	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	52	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	53	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	54	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	55	\ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	56	\ {\isachardoublequoteopen}{\isasymnot}\ A{\isachardoublequoteclose}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	57	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	58	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	59	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	60	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	61	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	62	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	63	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	64	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	65	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	66	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	67	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	68	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	69	\noindent The two cases must come in this order because \isa{cases} merely abbreviates \isa{{\isacharparenleft}rule\ case{\isacharunderscore}split{\isacharunderscore}thm{\isacharparenright}} where
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	70	\isa{case{\isacharunderscore}split{\isacharunderscore}thm} is \isa{{\isasymlbrakk}{\isacharquery}P\ {\isasymLongrightarrow}\ {\isacharquery}Q{\isacharsemicolon}\ {\isasymnot}\ {\isacharquery}P\ {\isasymLongrightarrow}\ {\isacharquery}Q{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharquery}Q}. If we reverse
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	71	the order of the two cases in the proof, the first case would prove
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	72	\isa{{\isasymnot}\ A\ {\isasymLongrightarrow}\ {\isasymnot}\ A\ {\isasymor}\ A} which would solve the first premise of
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	73	\isa{case{\isacharunderscore}split{\isacharunderscore}thm}, instantiating \isa{{\isacharquery}P} with \isa{{\isasymnot}\ A}, thus making the second premise \isa{{\isasymnot}\ {\isasymnot}\ A\ {\isasymLongrightarrow}\ {\isasymnot}\ A\ {\isasymor}\ A}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	74	Therefore the order of subgoals is not always completely arbitrary.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	75
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	76	The above proof is appropriate if \isa{A} is textually small.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	77	However, if \isa{A} is large, we do not want to repeat it. This can
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	78	be avoided by the following idiom%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	79	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	80	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	81	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	82	\ {\isachardoublequoteopen}{\isasymnot}\ A\ {\isasymor}\ A{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	83	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	84	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	85	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	86	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	87	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	88	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	89	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	90	\ {\isacharparenleft}cases\ {\isachardoublequoteopen}A{\isachardoublequoteclose}{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	91	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	92	\ True\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	93	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	94	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	95	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	96	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	97	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	98	\ False\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	99	\ {\isacharquery}thesis\ \isacommand{{\isachardot}{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	100	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	101	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	102	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	103	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	104	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	105	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	106	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	107	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	108	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	109	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	110	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	111	\noindent which is like the previous proof but instantiates
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	112	\isa{{\isacharquery}P} right away with \isa{A}. Thus we could prove the two
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	113	cases in any order. The phrase `\isakeyword{case}~\isa{True}'
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	114	abbreviates `\isakeyword{assume}~\isa{True{\isacharcolon}\ A}' and analogously for
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	115	\isa{False} and \isa{{\isasymnot}\ A}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	116
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	117	The same game can be played with other datatypes, for example lists,
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	118	where \isa{tl} is the tail of a list, and \isa{length} returns a
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	119	natural number (remember: $0-1=0$):%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	120	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	121	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	122	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	123	\ {\isachardoublequoteopen}length{\isacharparenleft}tl\ xs{\isacharparenright}\ {\isacharequal}\ length\ xs\ {\isacharminus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	124	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	125	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	126	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	127	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	128	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	129	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	130	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	131	\ {\isacharparenleft}cases\ xs{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	132	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	133	\ Nil\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	134	\ {\isacharquery}thesis\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	135	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	136	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	137	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	138	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	139	\ Cons\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	140	\ {\isacharquery}thesis\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	141	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	142	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	143	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	144	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	145	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	146	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	147	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	148	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	149	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	150	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	151	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	152	\noindent Here `\isakeyword{case}~\isa{Nil}' abbreviates
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	153	`\isakeyword{assume}~\isa{Nil{\isacharcolon}}~\isa{xs\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}}' and
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	154	`\isakeyword{case}~\isa{Cons}'
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	155	abbreviates `\isakeyword{fix}~\isa{{\isacharquery}\ {\isacharquery}{\isacharquery}}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	156	\isakeyword{assume}~\isa{Cons{\isacharcolon}}~\isa{xs\ {\isacharequal}\ {\isacharquery}\ {\isacharhash}\ {\isacharquery}{\isacharquery}}'
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	157	where \isa{{\isacharquery}} and \isa{{\isacharquery}{\isacharquery}}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	158	stand for variable names that have been chosen by the system.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	159	Therefore we cannot refer to them.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	160	Luckily, this proof is simple enough we do not need to refer to them.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	161	However, sometimes one may have to. Hence Isar offers a simple scheme for
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	162	naming those variables: replace the anonymous \isa{Cons} by
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	163	\isa{{\isacharparenleft}Cons\ y\ ys{\isacharparenright}}, which abbreviates `\isakeyword{fix}~\isa{y\ ys}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	164	\isakeyword{assume}~\isa{Cons{\isacharcolon}}~\isa{xs\ {\isacharequal}\ y\ {\isacharhash}\ ys}'.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	165	In each \isakeyword{case} the assumption can be
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	166	referred to inside the proof by the name of the constructor. In
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	167	Section~\ref{sec:full-Ind} below we will come across an example
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	168	of this.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	169	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	170	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	171	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	172	\isamarkupsubsection{Structural induction%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	173	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	174	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	175	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	176	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	177	We start with an inductive proof where both cases are proved automatically:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	178	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	179	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	180	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	181	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat{\isasymle}n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	182	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	183	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	184	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	185	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	186	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	187	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	188	\isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	189	\ {\isacharparenleft}induct\ n{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	190	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	191	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	192	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	193	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	194	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	195	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	196	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	197	\begin{isamarkuptext}%
15909 5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	198	\noindent The constraint \isa{{\isacharcolon}{\isacharcolon}nat} is needed because all of
5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	199	the operations involved are overloaded.
5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	200
5f0c8a3f0226 fixed setsum problem nipkow parents: 14617 diff changeset	201	If we want to expose more of the structure of the
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	202	proof, we can use pattern matching to avoid having to repeat the goal
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	203	statement:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	204	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	205	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	206	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	207	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat{\isasymle}n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\ {\isacharparenleft}\isakeyword{is}\ {\isachardoublequoteopen}{\isacharquery}P\ n{\isachardoublequoteclose}{\isacharparenright}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	208	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	209	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	210	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	211	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	212	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	213	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	214	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	215	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	216	\ \ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	217	\ {\isachardoublequoteopen}{\isacharquery}P\ {\isadigit{0}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	218	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	219	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	220	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	221	\ \ \isacommand{fix}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	222	\ n\ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	223	\ {\isachardoublequoteopen}{\isacharquery}P\ n{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	224	\ \ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	225	\ {\isachardoublequoteopen}{\isacharquery}P{\isacharparenleft}Suc\ n{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	226	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	227	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	228	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	229	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	230	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	231	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	232	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	233	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	234	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	235	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	236	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	237	\noindent We could refine this further to show more of the equational
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	238	proof. Instead we explore the same avenue as for case distinctions:
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	239	introducing context via the \isakeyword{case} command:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	240	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	241	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	242	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	243	\ {\isachardoublequoteopen}{\isadigit{2}}\ {\isacharasterisk}\ {\isacharparenleft}{\isasymSum}i{\isacharcolon}{\isacharcolon}nat\ {\isasymle}\ n{\isachardot}\ i{\isacharparenright}\ {\isacharequal}\ n{\isacharasterisk}{\isacharparenleft}n{\isacharplus}{\isadigit{1}}{\isacharparenright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	244	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	245	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	246	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	247	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	248	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	249	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	250	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	251	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	252	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	253	\ {\isadigit{0}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	254	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	255	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	256	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	257	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	258	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	259	\ Suc\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	260	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	261	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	262	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	263	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	264	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	265	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	266	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	267	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	268	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	269	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	270	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	271	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	272	\noindent The implicitly defined \isa{{\isacharquery}case} refers to the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	273	corresponding case to be proved, i.e.\ \isa{{\isacharquery}P\ {\isadigit{0}}} in the first case and
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	274	\isa{{\isacharquery}P{\isacharparenleft}Suc\ n{\isacharparenright}} in the second case. Context \isakeyword{case}~\isa{{\isadigit{0}}} is
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	275	empty whereas \isakeyword{case}~\isa{Suc} assumes \isa{{\isacharquery}P\ n}. Again we
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	276	have the same problem as with case distinctions: we cannot refer to an anonymous \isa{n}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	277	in the induction step because it has not been introduced via \isakeyword{fix}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	278	(in contrast to the previous proof). The solution is the one outlined for
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	279	\isa{Cons} above: replace \isa{Suc} by \isa{{\isacharparenleft}Suc\ i{\isacharparenright}}:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	280	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	281	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	282	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	283	\ \isakeyword{fixes}\ n{\isacharcolon}{\isacharcolon}nat\ \isakeyword{shows}\ {\isachardoublequoteopen}n\ {\isacharless}\ n{\isacharasterisk}n\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	284	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	285	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	286	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	287	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	288	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	289	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	290	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	291	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	292	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	293	\ {\isadigit{0}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	294	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	295	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	296	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	297	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	298	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	299	\ {\isacharparenleft}Suc\ i{\isacharparenright}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	300	\ {\isachardoublequoteopen}Suc\ i\ {\isacharless}\ Suc\ i\ {\isacharasterisk}\ Suc\ i\ {\isacharplus}\ {\isadigit{1}}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	301	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	302	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	303	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	304	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	305	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	306	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	307	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	308	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	309	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	310	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	311	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	312	\noindent Of course we could again have written
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	313	\isakeyword{thus}~\isa{{\isacharquery}case} instead of giving the term explicitly
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	314	but we wanted to use \isa{i} somewhere.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	315	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	316	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	317	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	318	\isamarkupsubsection{Induction formulae involving \isa{{\isasymAnd}} or \isa{{\isasymLongrightarrow}}\label{sec:full-Ind}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	319	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	320	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	321	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	322	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	323	Let us now consider the situation where the goal to be proved contains
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	324	\isa{{\isasymAnd}} or \isa{{\isasymLongrightarrow}}, say \isa{{\isasymAnd}x{\isachardot}\ P\ x\ {\isasymLongrightarrow}\ Q\ x} --- motivation and a
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	325	real example follow shortly. This means that in each case of the induction,
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	326	\isa{{\isacharquery}case} would be of the form \isa{{\isasymAnd}x{\isachardot}\ P{\isacharprime}\ x\ {\isasymLongrightarrow}\ Q{\isacharprime}\ x}. Thus the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	327	first proof steps will be the canonical ones, fixing \isa{x} and assuming
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	328	\isa{P{\isacharprime}\ x}. To avoid this tedium, induction performs these steps
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	329	automatically: for example in case \isa{{\isacharparenleft}Suc\ n{\isacharparenright}}, \isa{{\isacharquery}case} is only
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	330	\isa{Q{\isacharprime}\ x} whereas the assumptions (named \isa{Suc}!) contain both the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	331	usual induction hypothesis \emph{and} \isa{P{\isacharprime}\ x}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	332	It should be clear how this generalises to more complex formulae.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	333
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	334	As an example we will now prove complete induction via
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	335	structural induction.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	336	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	337	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	338	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	339	\ \isakeyword{assumes}\ A{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isasymAnd}n{\isachardot}\ {\isacharparenleft}{\isasymAnd}m{\isachardot}\ m\ {\isacharless}\ n\ {\isasymLongrightarrow}\ P\ m{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	340	\ \ \isakeyword{shows}\ {\isachardoublequoteopen}P{\isacharparenleft}n{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	341	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	342	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	343	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	344	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	345	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	346	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	347	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	348	\ {\isacharparenleft}rule\ A{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	349	\ \ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	350	\ {\isachardoublequoteopen}{\isasymAnd}m{\isachardot}\ m\ {\isacharless}\ n\ {\isasymLongrightarrow}\ P\ m{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	351	\ \ \isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	352	\ {\isacharparenleft}induct\ n{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	353	\ \ \ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	354	\ {\isadigit{0}}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	355	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	356	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	357	\ \ \isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	358	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	359	\ \ \ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	360	\ {\isacharparenleft}Suc\ n{\isacharparenright}\ \ \ %
16459 7efee005e568 updated; wenzelm parents: 16044 diff changeset	361	\isamarkupcmt{\isakeyword{fix} \isa{m} \isakeyword{assume} \isa{Suc}: \isa{{\isachardoublequote}{\isacharquery}m\ {\isacharless}\ n\ {\isasymLongrightarrow}\ P\ {\isacharquery}m{\isachardoublequote}} \isa{{\isachardoublequote}m\ {\isacharless}\ Suc\ n{\isachardoublequote}}%
7efee005e568 updated; wenzelm parents: 16044 diff changeset	362	}
7efee005e568 updated; wenzelm parents: 16044 diff changeset	363	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	364	\ \ \ \ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	365	\ {\isacharquery}case\ \ \ \ %
16459 7efee005e568 updated; wenzelm parents: 16044 diff changeset	366	\isamarkupcmt{\isa{P\ m}%
7efee005e568 updated; wenzelm parents: 16044 diff changeset	367	}
7efee005e568 updated; wenzelm parents: 16044 diff changeset	368	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	369	\ \ \ \ \isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	370	\ cases\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	371	\ \ \ \ \ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	372	\ eq{\isacharcolon}\ {\isachardoublequoteopen}m\ {\isacharequal}\ n{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	373	\ \ \ \ \ \ \isacommand{from}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	374	\ Suc\ \isakeyword{and}\ A\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	375	\ {\isachardoublequoteopen}P\ n{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	376	\ blast\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	377	\ \ \ \ \ \ \isacommand{with}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	378	\ eq\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	379	\ {\isachardoublequoteopen}P\ m{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	380	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	381	\ \ \ \ \isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	382	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	383	\ \ \ \ \ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	384	\ {\isachardoublequoteopen}m\ {\isasymnoteq}\ n{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	385	\ \ \ \ \ \ \isacommand{with}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	386	\ Suc\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	387	\ {\isachardoublequoteopen}m\ {\isacharless}\ n{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	388	\ arith\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	389	\ \ \ \ \ \ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	390	\ {\isachardoublequoteopen}P\ m{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	391	{\isacharparenleft}rule\ Suc{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	392	\ \ \ \ \isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	393	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	394	\ \ \isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	395	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	396	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	397	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	398	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	399	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	400	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	401	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	402	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	403	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	404	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	405	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	406	\noindent Given the explanations above and the comments in the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	407	proof text (only necessary for novices), the proof should be quite
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	408	readable.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	409
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	410	The statement of the lemma is interesting because it deviates from the style in
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	411	the Tutorial~\cite{LNCS2283}, which suggests to introduce \isa{{\isasymforall}} or
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	412	\isa{{\isasymlongrightarrow}} into a theorem to strengthen it for induction. In Isar
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	413	proofs we can use \isa{{\isasymAnd}} and \isa{{\isasymLongrightarrow}} instead. This simplifies the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	414	proof and means we do not have to convert between the two kinds of
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	415	connectives.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	416
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	417	Note that in a nested induction over the same data type, the inner
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	418	case labels hide the outer ones of the same name. If you want to refer
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	419	to the outer ones inside, you need to name them on the outside, e.g.\
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	420	\isakeyword{note}~\isa{outer{\isacharunderscore}IH\ {\isacharequal}\ Suc}.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	421	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	422	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	423	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	424	\isamarkupsubsection{Rule induction%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	425	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	426	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	427	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	428	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	429	HOL also supports inductively defined sets. See \cite{LNCS2283}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	430	for details. As an example we define our own version of the reflexive
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	431	transitive closure of a relation --- HOL provides a predefined one as well.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	432	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	433	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	434	\isacommand{consts}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	435	\ rtc\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharunderscore}{\isacharasterisk}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	436	\isacommand{inductive}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	437	\ {\isachardoublequoteopen}r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	438	\isakeyword{intros}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	439	refl{\isacharcolon}\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	440	step{\isacharcolon}\ \ {\isachardoublequoteopen}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	441	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	442	\noindent
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	443	First the constant is declared as a function on binary
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	444	relations (with concrete syntax \isa{r{\isacharasterisk}} instead of \isa{rtc\ r}), then the defining clauses are given. We will now prove that
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	445	\isa{r{\isacharasterisk}} is indeed transitive:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	446	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	447	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	448	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	449	\ \isakeyword{assumes}\ A{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	450	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	451	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	452	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	453	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	454	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	455	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	456	\isacommand{using}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	457	\ A\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	458	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	459	\ induct\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	460	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	461	\ refl\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	462	\ {\isacharquery}case\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	463	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	464	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	465	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	466	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	467	\ step\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	468	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	469	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isachardot}step{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	470	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	471	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	472	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	473	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	474	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	475	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	476	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	477	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	478	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	479	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	480	\noindent Rule induction is triggered by a fact $(x_1,\dots,x_n)
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	481	\in R$ piped into the proof, here \isakeyword{using}~\isa{A}. The
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	482	proof itself follows the inductive definition very
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	483	closely: there is one case for each rule, and it has the same name as
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	484	the rule, analogous to structural induction.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	485
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	486	However, this proof is rather terse. Here is a more readable version:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	487	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	488	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	489	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	490	\ \isakeyword{assumes}\ A{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{and}\ B{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	491	\ \ \isakeyword{shows}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	492	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	493	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	494	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	495	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	496	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	497	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	498	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	499	\ {\isacharminus}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	500	\ \ \isacommand{from}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	501	\ A\ B\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	502	\ {\isacharquery}thesis\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	503	\ \ \isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	504	\ induct\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	505	\ \ \ \ \isacommand{fix}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	506	\ x\ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	507	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \ %
16459 7efee005e568 updated; wenzelm parents: 16044 diff changeset	508	\isamarkupcmt{\isa{B}[\isa{y} := \isa{x}]%
7efee005e568 updated; wenzelm parents: 16044 diff changeset	509	}
7efee005e568 updated; wenzelm parents: 16044 diff changeset	510	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	511	\ \ \ \ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	512	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	513	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	514	\ \ \isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	515	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	516	\ \ \ \ \isacommand{fix}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	517	\ x{\isacharprime}\ x\ y\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	518	\ \ \ \ \isacommand{assume}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	519	\ {\isadigit{1}}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharprime}{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isachardoublequoteclose}\ \isakeyword{and}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	520	\ \ \ \ \ \ \ \ \ \ \ IH{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isakeyword{and}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	521	\ \ \ \ \ \ \ \ \ \ \ B{\isacharcolon}\ \ {\isachardoublequoteopen}{\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	522	\ \ \ \ \isacommand{from}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	523	\ {\isadigit{1}}\ IH{\isacharbrackleft}OF\ B{\isacharbrackright}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	524	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharprime}{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	525	{\isacharparenleft}rule\ rtc{\isachardot}step{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	526	\ \ \isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	527	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	528	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	529	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	530	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	531	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	532	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	533	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	534	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	535	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	536	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	537	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	538	\noindent We start the proof with \isakeyword{from}~\isa{A\ B}. Only \isa{A} is ``consumed'' by the induction step.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	539	Since \isa{B} is left over we don't just prove \isa{{\isacharquery}thesis} but \isa{B\ {\isasymLongrightarrow}\ {\isacharquery}thesis}, just as in the previous proof. The
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	540	base case is trivial. In the assumptions for the induction step we can
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	541	see very clearly how things fit together and permit ourselves the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	542	obvious forward step \isa{IH{\isacharbrackleft}OF\ B{\isacharbrackright}}.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	543
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	544	The notation `\isakeyword{case}~\isa{(}\emph{constructor} \emph{vars}\isa{)}'
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	545	is also supported for inductive definitions. The \emph{constructor} is (the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	546	name of) the rule and the \emph{vars} fix the free variables in the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	547	rule; the order of the \emph{vars} must correspond to the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	548	\emph{alphabetical order} of the variables as they appear in the rule.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	549	For example, we could start the above detailed proof of the induction
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	550	with \isakeyword{case}~\isa{(step x' x y)}. However, we can then only
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	551	refer to the assumptions named \isa{step} collectively and not
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	552	individually, as the above proof requires.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	553	\end{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	554	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	555	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	556	\isamarkupsubsection{More induction%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	557	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	558	\isamarkuptrue%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	559	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	560	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	561	We close the section by demonstrating how arbitrary induction
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	562	rules are applied. As a simple example we have chosen recursion
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	563	induction, i.e.\ induction based on a recursive function
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	564	definition. However, most of what we show works for induction in
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	565	general.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	566
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	567	The example is an unusual definition of rotation:%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	568	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	569	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	570	\isacommand{consts}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	571	\ rot\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	572	\isacommand{recdef}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	573	\ rot\ {\isachardoublequoteopen}measure\ length{\isachardoublequoteclose}\ \ %
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	574	\isamarkupcmt{for the internal termination proof%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	575	}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	576	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	577	{\isachardoublequoteopen}rot\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	578	{\isachardoublequoteopen}rot\ {\isacharbrackleft}x{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}x{\isacharbrackright}{\isachardoublequoteclose}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	579	{\isachardoublequoteopen}rot\ {\isacharparenleft}x{\isacharhash}y{\isacharhash}zs{\isacharparenright}\ {\isacharequal}\ y\ {\isacharhash}\ rot{\isacharparenleft}x{\isacharhash}zs{\isacharparenright}{\isachardoublequoteclose}%
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	580	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	581	\noindent This yields, among other things, the induction rule
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	582	\isa{rot{\isachardot}induct}: \begin{isabelle}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	583	{\isasymlbrakk}P\ {\isacharbrackleft}{\isacharbrackright}{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ P\ {\isacharbrackleft}x{\isacharbrackright}{\isacharsemicolon}\ {\isasymAnd}x\ y\ zs{\isachardot}\ P\ {\isacharparenleft}x\ {\isacharhash}\ zs{\isacharparenright}\ {\isasymLongrightarrow}\ P\ {\isacharparenleft}x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ x%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	584	\end{isabelle}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	585	In the following proof we rely on a default naming scheme for cases: they are
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	586	called 1, 2, etc, unless they have been named explicitly. The latter happens
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	587	only with datatypes and inductively defined sets, but not with recursive
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	588	functions.%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	589	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	590	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	591	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	592	\ {\isachardoublequoteopen}xs\ {\isasymnoteq}\ {\isacharbrackleft}{\isacharbrackright}\ {\isasymLongrightarrow}\ rot\ xs\ {\isacharequal}\ tl\ xs\ {\isacharat}\ {\isacharbrackleft}hd\ xs{\isacharbrackright}{\isachardoublequoteclose}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	593	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	594	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	595	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	596	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	597	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	598	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	599	\isacommand{proof}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	600	\ {\isacharparenleft}induct\ xs\ rule{\isacharcolon}\ rot{\isachardot}induct{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	601	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	602	\ {\isadigit{1}}\ \isacommand{thus}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	603	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	604	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	605	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	606	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	607	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	608	\ {\isadigit{2}}\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	609	\ {\isacharquery}case\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	610	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	611	\isacommand{next}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	612	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	613	\ \ \isacommand{case}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	614	\ {\isacharparenleft}{\isadigit{3}}\ a\ b\ cs{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	615	\ \ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	616	\ {\isachardoublequoteopen}rot\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharequal}\ b\ {\isacharhash}\ rot{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	617	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	618	\ \ \isacommand{also}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	619	\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	620	\ {\isachardoublequoteopen}{\isasymdots}\ {\isacharequal}\ b\ {\isacharhash}\ tl{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharat}\ {\isacharbrackleft}hd{\isacharparenleft}a\ {\isacharhash}\ cs{\isacharparenright}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	621	{\isacharparenleft}simp\ add{\isacharcolon}{\isadigit{3}}{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	622	\ \ \isacommand{also}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	623	\ \isacommand{have}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	624	\ {\isachardoublequoteopen}{\isasymdots}\ {\isacharequal}\ tl\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}\ {\isacharat}\ {\isacharbrackleft}hd\ {\isacharparenleft}a\ {\isacharhash}\ b\ {\isacharhash}\ cs{\isacharparenright}{\isacharbrackright}{\isachardoublequoteclose}\ \isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	625	\ simp\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	626	\ \ \isacommand{finally}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	627	\ \isacommand{show}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	628	\ {\isacharquery}case\ \isacommand{{\isachardot}}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	629	\isanewline
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	630	\isacommand{qed}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	631	%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	632	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	633	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	634	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	635	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	636	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	637	\endisadelimproof
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	638	%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	639	\begin{isamarkuptext}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	640	\noindent
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	641	The third case is only shown in gory detail (see \cite{BauerW-TPHOLs01}
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	642	for how to reason with chains of equations) to demonstrate that the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	643	`\isakeyword{case}~\isa{(}\emph{constructor} \emph{vars}\isa{)}' notation also
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	644	works for arbitrary induction theorems with numbered cases. The order
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	645	of the \emph{vars} corresponds to the order of the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	646	\isa{{\isasymAnd}}-quantified variables in each case of the induction
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	647	theorem. For induction theorems produced by \isakeyword{recdef} it is
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	648	the order in which the variables appear on the left-hand side of the
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	649	equation.
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	650
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	651	The proof is so simple that it can be condensed to%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	652	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	653	\isamarkuptrue%
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	654	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	655	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	656	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	657	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	658	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	659	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	660	\isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17125 diff changeset	661	\ {\isacharparenleft}induct\ xs\ rule{\isacharcolon}\ rot{\isachardot}induct{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
17125 e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	662	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	663	\endisatagproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	664	{\isafoldproof}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	665	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	666	\isadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	667	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	668	\endisadelimproof
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	669	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	670	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	671	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	672	\endisadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	673	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	674	\isatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	675	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	676	\endisatagtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	677	{\isafoldtheory}%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	678	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	679	\isadelimtheory
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	680	%
e6a82d1a1829 updated; wenzelm parents: 16522 diff changeset	681	\endisadelimtheory
13999 454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	682	\end{isabellebody}%
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	683	%%% Local Variables:
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	684	%%% mode: latex
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	685	%%% TeX-master: "root"
454a2ad0c381 IsarOverview moved one level up kleing parents: diff changeset	686	%%% End:

author	wenzelm
	Tue, 14 Mar 2006 16:29:32 +0100
changeset 19256	a49c0f7c9634
parent 17187	45bee2f6e61f
child 25056	743f3603ba8b
permissions	-rw-r--r--