isabelle: doc-src/TutorialI/ToyList/document/ToyList.tex@a8cb33f6cf9c (annotated)

9722 a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	1	%
a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	2	\begin{isabellebody}%
9924 3370f6aa3200 updated; wenzelm parents: 9792 diff changeset	3	\def\isabellecontext{ToyList}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	4	\isacommand{theory}\ ToyList\ {\isacharequal}\ PreList{\isacharcolon}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	5	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	6	\noindent
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	7	HOL already has a predefined theory of lists called \isa{List} ---
026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	8	\isa{ToyList} is merely a small fragment of it chosen as an example. In
8749 2665170f104a Adding generated files nipkow parents: diff changeset	9	contrast to what is recommended in \S\ref{sec:Basic:Theories},
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	10	\isa{ToyList} is not based on \isa{Main} but on \isa{PreList}, a
8749 2665170f104a Adding generated files nipkow parents: diff changeset	11	theory that contains pretty much everything but lists, thus avoiding
2665170f104a Adding generated files nipkow parents: diff changeset	12	ambiguities caused by defining lists twice.%
2665170f104a Adding generated files nipkow parents: diff changeset	13	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	14	\isacommand{datatype}\ {\isacharprime}a\ list\ {\isacharequal}\ Nil\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}{\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}{\isacharparenright}\isanewline
10187 0376cccd9118 * empty log message * nipkow parents: 10171 diff changeset	15	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharbar}\ Cons\ {\isacharprime}a\ {\isachardoublequote}{\isacharprime}a\ list{\isachardoublequote}\ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharhash}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	16	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	17	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	18	The datatype\index{*datatype} \isaindexbold{list} introduces two
2665170f104a Adding generated files nipkow parents: diff changeset	19	constructors \isaindexbold{Nil} and \isaindexbold{Cons}, the
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9494 diff changeset	20	empty~list and the operator that adds an element to the front of a list. For
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	21	example, the term \isa{Cons True (Cons False Nil)} is a value of
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	22	type \isa{bool\ list}, namely the list with the elements \isa{True} and
8749 2665170f104a Adding generated files nipkow parents: diff changeset	23	\isa{False}. Because this notation becomes unwieldy very quickly, the
2665170f104a Adding generated files nipkow parents: diff changeset	24	datatype declaration is annotated with an alternative syntax: instead of
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9494 diff changeset	25	\isa{Nil} and \isa{Cons x xs} we can write
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	26	\isa{{\isacharbrackleft}{\isacharbrackright}}\index{$HOL2list@\texttt{[]}\|bold} and
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	27	\isa{x\ {\isacharhash}\ xs}\index{$HOL2list@\texttt{\#}\|bold}. In fact, this
8749 2665170f104a Adding generated files nipkow parents: diff changeset	28	alternative syntax is the standard syntax. Thus the list \isa{Cons True
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	29	(Cons False Nil)} becomes \isa{True\ {\isacharhash}\ False\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}}. The annotation
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	30	\isacommand{infixr}\indexbold{*infixr} means that \isa{{\isacharhash}} associates to
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	31	the right, i.e.\ the term \isa{x\ {\isacharhash}\ y\ {\isacharhash}\ z} is read as \isa{x\ {\isacharhash}\ {\isacharparenleft}y\ {\isacharhash}\ z{\isacharparenright}}
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	32	and not as \isa{{\isacharparenleft}x\ {\isacharhash}\ y{\isacharparenright}\ {\isacharhash}\ z}.
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	33	The \isa{{\isadigit{6}}{\isadigit{5}}} is the priority of the infix \isa{{\isacharhash}}.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	34
2665170f104a Adding generated files nipkow parents: diff changeset	35	\begin{warn}
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	36	Syntax annotations are a powerful but optional feature. You
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	37	could drop them from theory \isa{ToyList} and go back to the identifiers
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	38	\isa{Nil} and \isa{Cons}.
9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	39	We recommend that novices avoid using
9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	40	syntax annotations in their own theories.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	41	\end{warn}
2665170f104a Adding generated files nipkow parents: diff changeset	42	Next, two functions \isa{app} and \isaindexbold{rev} are declared:%
2665170f104a Adding generated files nipkow parents: diff changeset	43	\end{isamarkuptext}%
10187 0376cccd9118 * empty log message * nipkow parents: 10171 diff changeset	44	\isacommand{consts}\ app\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}\ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharat}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}\isanewline
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	45	\ \ \ \ \ \ \ rev\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	46	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	47	\noindent
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	48	In contrast to many functional programming languages,
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	49	Isabelle insists on explicit declarations of all functions
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	50	(keyword \isacommand{consts}). Apart from the declaration-before-use
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	51	restriction, the order of items in a theory file is unconstrained. Function
10790 520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	52	\isa{app} is annotated with concrete syntax too. Instead of the
520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	53	prefix syntax \isa{app\ xs\ ys} the infix
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	54	\isa{xs\ {\isacharat}\ ys}\index{$HOL2list@\texttt{\at}\|bold} becomes the preferred
8749 2665170f104a Adding generated files nipkow parents: diff changeset	55	form. Both functions are defined recursively:%
2665170f104a Adding generated files nipkow parents: diff changeset	56	\end{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	57	\isacommand{primrec}\isanewline
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	58	{\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ ys\ \ \ \ \ \ \ {\isacharequal}\ ys{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	59	{\isachardoublequote}{\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ {\isacharat}\ ys\ {\isacharequal}\ x\ {\isacharhash}\ {\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}{\isachardoublequote}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	60	\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	61	\isacommand{primrec}\isanewline
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	62	{\isachardoublequote}rev\ {\isacharbrackleft}{\isacharbrackright}\ \ \ \ \ \ \ \ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	63	{\isachardoublequote}rev\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ \ {\isacharequal}\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}x\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	64	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	65	\noindent
10790 520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	66	The equations for \isa{app} and \isa{rev} hardly need comments:
520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	67	\isa{app} appends two lists and \isa{rev} reverses a list. The
520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	68	keyword \isacommand{primrec}\index{*primrec} indicates that the recursion is
520dd8696927 * empty log message * nipkow parents: 10654 diff changeset	69	of a particularly primitive kind where each recursive call peels off a datatype
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	70	constructor from one of the arguments. Thus the
10654 458068404143 * empty log message * nipkow parents: 10395 diff changeset	71	recursion always terminates, i.e.\ the function is \textbf{total}.
458068404143 * empty log message * nipkow parents: 10395 diff changeset	72	\index{total function}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	73
2665170f104a Adding generated files nipkow parents: diff changeset	74	The termination requirement is absolutely essential in HOL, a logic of total
2665170f104a Adding generated files nipkow parents: diff changeset	75	functions. If we were to drop it, inconsistencies would quickly arise: the
2665170f104a Adding generated files nipkow parents: diff changeset	76	``definition'' $f(n) = f(n)+1$ immediately leads to $0 = 1$ by subtracting
2665170f104a Adding generated files nipkow parents: diff changeset	77	$f(n)$ on both sides.
2665170f104a Adding generated files nipkow parents: diff changeset	78	% However, this is a subtle issue that we cannot discuss here further.
2665170f104a Adding generated files nipkow parents: diff changeset	79
2665170f104a Adding generated files nipkow parents: diff changeset	80	\begin{warn}
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	81	As we have indicated, the requirement for total functions is not a gratuitous
9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	82	restriction but an essential characteristic of HOL\@. It is only
8749 2665170f104a Adding generated files nipkow parents: diff changeset	83	because of totality that reasoning in HOL is comparatively easy. More
2665170f104a Adding generated files nipkow parents: diff changeset	84	generally, the philosophy in HOL is not to allow arbitrary axioms (such as
2665170f104a Adding generated files nipkow parents: diff changeset	85	function definitions whose totality has not been proved) because they
2665170f104a Adding generated files nipkow parents: diff changeset	86	quickly lead to inconsistencies. Instead, fixed constructs for introducing
2665170f104a Adding generated files nipkow parents: diff changeset	87	types and functions are offered (such as \isacommand{datatype} and
2665170f104a Adding generated files nipkow parents: diff changeset	88	\isacommand{primrec}) which are guaranteed to preserve consistency.
2665170f104a Adding generated files nipkow parents: diff changeset	89	\end{warn}
2665170f104a Adding generated files nipkow parents: diff changeset	90
2665170f104a Adding generated files nipkow parents: diff changeset	91	A remark about syntax. The textual definition of a theory follows a fixed
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	92	syntax with keywords like \isacommand{datatype} and \isacommand{end}.
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	93	% (see Fig.~\ref{fig:keywords} in Appendix~\ref{sec:Appendix} for a full list).
8749 2665170f104a Adding generated files nipkow parents: diff changeset	94	Embedded in this syntax are the types and formulae of HOL, whose syntax is
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	95	extensible (see \S\ref{sec:syntax-anno}), e.g.\ by new user-defined infix operators.
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	96	To distinguish the two levels, everything
8749 2665170f104a Adding generated files nipkow parents: diff changeset	97	HOL-specific (terms and types) should be enclosed in
2665170f104a Adding generated files nipkow parents: diff changeset	98	\texttt{"}\dots\texttt{"}.
2665170f104a Adding generated files nipkow parents: diff changeset	99	To lessen this burden, quotation marks around a single identifier can be
2665170f104a Adding generated files nipkow parents: diff changeset	100	dropped, unless the identifier happens to be a keyword, as in%
2665170f104a Adding generated files nipkow parents: diff changeset	101	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	102	\isacommand{consts}\ {\isachardoublequote}end{\isachardoublequote}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	103	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	104	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	105	When Isabelle prints a syntax error message, it refers to the HOL syntax as
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	106	the \bfindex{inner syntax} and the enclosing theory language as the \bfindex{outer syntax}.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	107
2665170f104a Adding generated files nipkow parents: diff changeset	108
10878 b254d5ad6dd4 auto update paulson parents: 10795 diff changeset	109	\section{An Introductory Proof}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	110	\label{sec:intro-proof}
2665170f104a Adding generated files nipkow parents: diff changeset	111
2665170f104a Adding generated files nipkow parents: diff changeset	112	Assuming you have input the declarations and definitions of \texttt{ToyList}
2665170f104a Adding generated files nipkow parents: diff changeset	113	presented so far, we are ready to prove a few simple theorems. This will
2665170f104a Adding generated files nipkow parents: diff changeset	114	illustrate not just the basic proof commands but also the typical proof
2665170f104a Adding generated files nipkow parents: diff changeset	115	process.
2665170f104a Adding generated files nipkow parents: diff changeset	116
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	117	\subsubsection*{Main goal: \isa{rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}.}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	118
2665170f104a Adding generated files nipkow parents: diff changeset	119	Our goal is to show that reversing a list twice produces the original
2665170f104a Adding generated files nipkow parents: diff changeset	120	list. The input line%
2665170f104a Adding generated files nipkow parents: diff changeset	121	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	122	\isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	123	\begin{isamarkuptxt}%
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	124	\index{theorem\|bold}\index{simp (attribute)\|bold}
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	125	\noindent
9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	126	does several things. It
8749 2665170f104a Adding generated files nipkow parents: diff changeset	127	\begin{itemize}
2665170f104a Adding generated files nipkow parents: diff changeset	128	\item
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	129	establishes a new theorem to be proved, namely \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs},
8749 2665170f104a Adding generated files nipkow parents: diff changeset	130	\item
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	131	gives that theorem the name \isa{rev{\isacharunderscore}rev} by which it can be
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	132	referred to,
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	133	\item
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	134	and tells Isabelle (via \isa{{\isacharbrackleft}simp{\isacharbrackright}}) to use the theorem (once it has been
8749 2665170f104a Adding generated files nipkow parents: diff changeset	135	proved) as a simplification rule, i.e.\ all future proofs involving
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	136	simplification will replace occurrences of \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}} by
8749 2665170f104a Adding generated files nipkow parents: diff changeset	137	\isa{xs}.
2665170f104a Adding generated files nipkow parents: diff changeset	138
2665170f104a Adding generated files nipkow parents: diff changeset	139	The name and the simplification attribute are optional.
2665170f104a Adding generated files nipkow parents: diff changeset	140	\end{itemize}
2665170f104a Adding generated files nipkow parents: diff changeset	141	Isabelle's response is to print
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	142	\begin{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	143	proof(prove):~step~0\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	144	\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	145	goal~(theorem~rev\_rev):\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	146	rev~(rev~xs)~=~xs\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	147	~1.~rev~(rev~xs)~=~xs
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	148	\end{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	149	The first three lines tell us that we are 0 steps into the proof of
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	150	theorem \isa{rev{\isacharunderscore}rev}; for compactness reasons we rarely show these
8749 2665170f104a Adding generated files nipkow parents: diff changeset	151	initial lines in this tutorial. The remaining lines display the current
2665170f104a Adding generated files nipkow parents: diff changeset	152	proof state.
2665170f104a Adding generated files nipkow parents: diff changeset	153	Until we have finished a proof, the proof state always looks like this:
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	154	\begin{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	155	$G$\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	156	~1.~$G\sb{1}$\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	157	~~\vdots~~\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	158	~$n$.~$G\sb{n}$
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	159	\end{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	160	where $G$
2665170f104a Adding generated files nipkow parents: diff changeset	161	is the overall goal that we are trying to prove, and the numbered lines
2665170f104a Adding generated files nipkow parents: diff changeset	162	contain the subgoals $G\sb{1}$, \dots, $G\sb{n}$ that we need to prove to
10187 0376cccd9118 * empty log message * nipkow parents: 10171 diff changeset	163	establish $G$. At \isa{step\ {\isadigit{0}}} there is only one subgoal, which is
8749 2665170f104a Adding generated files nipkow parents: diff changeset	164	identical with the overall goal. Normally $G$ is constant and only serves as
2665170f104a Adding generated files nipkow parents: diff changeset	165	a reminder. Hence we rarely show it in this tutorial.
2665170f104a Adding generated files nipkow parents: diff changeset	166
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	167	Let us now get back to \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}. Properties of recursively
8749 2665170f104a Adding generated files nipkow parents: diff changeset	168	defined functions are best established by induction. In this case there is
2665170f104a Adding generated files nipkow parents: diff changeset	169	not much choice except to induct on \isa{xs}:%
2665170f104a Adding generated files nipkow parents: diff changeset	170	\end{isamarkuptxt}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	171	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	172	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	173	\noindent\index{*induct_tac}%
2665170f104a Adding generated files nipkow parents: diff changeset	174	This tells Isabelle to perform induction on variable \isa{xs}. The suffix
10978 5eebea8f359f * empty log message * nipkow parents: 10971 diff changeset	175	\isa{tac} stands for \bfindex{tactic}, a synonym for ``theorem proving function''.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	176	By default, induction acts on the first subgoal. The new proof state contains
2665170f104a Adding generated files nipkow parents: diff changeset	177	two subgoals, namely the base case (\isa{Nil}) and the induction step
2665170f104a Adding generated files nipkow parents: diff changeset	178	(\isa{Cons}):
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	179	\begin{isabelle}%
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	180	\ {\isadigit{1}}{\isachardot}\ rev\ {\isacharparenleft}rev\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}\isanewline
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	181	\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	182	\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ {\isacharparenleft}a\ {\isacharhash}\ list{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	183	\end{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	184
2665170f104a Adding generated files nipkow parents: diff changeset	185	The induction step is an example of the general format of a subgoal:
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	186	\begin{isabelle}
10328 bf33cbd76c05 * empty log message * nipkow parents: 10299 diff changeset	187	~$i$.~{\isasymAnd}$x\sb{1}$~\dots~$x\sb{n}$.~{\it assumptions}~{\isasymLongrightarrow}~{\it conclusion}
bf33cbd76c05 * empty log message * nipkow parents: 10299 diff changeset	188	\end{isabelle}\index{$IsaAnd@\isasymAnd\|bold}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	189	The prefix of bound variables \isasymAnd$x\sb{1}$~\dots~$x\sb{n}$ can be
2665170f104a Adding generated files nipkow parents: diff changeset	190	ignored most of the time, or simply treated as a list of variables local to
10299 8627da9246da auto gen paulson parents: 10236 diff changeset	191	this subgoal. Their deeper significance is explained in Chapter~\ref{chap:rules}.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	192	The {\it assumptions} are the local assumptions for this subgoal and {\it
2665170f104a Adding generated files nipkow parents: diff changeset	193	conclusion} is the actual proposition to be proved. Typical proof steps
2665170f104a Adding generated files nipkow parents: diff changeset	194	that add new assumptions are induction or case distinction. In our example
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	195	the only assumption is the induction hypothesis \isa{rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list}, where \isa{list} is a variable name chosen by Isabelle. If there
8749 2665170f104a Adding generated files nipkow parents: diff changeset	196	are multiple assumptions, they are enclosed in the bracket pair
2665170f104a Adding generated files nipkow parents: diff changeset	197	\indexboldpos{\isasymlbrakk}{$Isabrl} and
2665170f104a Adding generated files nipkow parents: diff changeset	198	\indexboldpos{\isasymrbrakk}{$Isabrr} and separated by semicolons.
2665170f104a Adding generated files nipkow parents: diff changeset	199
2665170f104a Adding generated files nipkow parents: diff changeset	200	Let us try to solve both goals automatically:%
2665170f104a Adding generated files nipkow parents: diff changeset	201	\end{isamarkuptxt}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	202	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	203	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	204	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	205	This command tells Isabelle to apply a proof strategy called
2665170f104a Adding generated files nipkow parents: diff changeset	206	\isa{auto} to all subgoals. Essentially, \isa{auto} tries to
10978 5eebea8f359f * empty log message * nipkow parents: 10971 diff changeset	207	simplify the subgoals. In our case, subgoal~1 is solved completely (thanks
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	208	to the equation \isa{rev\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}}) and disappears; the simplified version
8749 2665170f104a Adding generated files nipkow parents: diff changeset	209	of subgoal~2 becomes the new subgoal~1:
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	210	\begin{isabelle}%
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	211	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	212	\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	213	\end{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	214	In order to simplify this subgoal further, a lemma suggests itself.%
2665170f104a Adding generated files nipkow parents: diff changeset	215	\end{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	216	%
10878 b254d5ad6dd4 auto update paulson parents: 10795 diff changeset	217	\isamarkupsubsubsection{First Lemma: \isa{rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}}%
10395 7ef380745743 updated; wenzelm parents: 10362 diff changeset	218	}
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	219	%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	220	\begin{isamarkuptext}%
9494 44fefb6e9994 * empty log message * nipkow parents: 9458 diff changeset	221	After abandoning the above proof attempt\indexbold{abandon
44fefb6e9994 * empty log message * nipkow parents: 9458 diff changeset	222	proof}\indexbold{proof!abandon} (at the shell level type
44fefb6e9994 * empty log message * nipkow parents: 9458 diff changeset	223	\isacommand{oops}\indexbold{*oops}) we start a new proof:%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	224	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	225	\isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	226	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	227	\noindent The keywords \isacommand{theorem}\index{*theorem} and
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	228	\isacommand{lemma}\indexbold{*lemma} are interchangeable and merely indicate
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	229	the importance we attach to a proposition. Therefore we use the words
8749 2665170f104a Adding generated files nipkow parents: diff changeset	230	\emph{theorem}\index{theorem} and \emph{lemma}\index{lemma} pretty much
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	231	interchangeably, too.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	232
2665170f104a Adding generated files nipkow parents: diff changeset	233	There are two variables that we could induct on: \isa{xs} and
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	234	\isa{ys}. Because \isa{{\isacharat}} is defined by recursion on
8749 2665170f104a Adding generated files nipkow parents: diff changeset	235	the first argument, \isa{xs} is the correct one:%
2665170f104a Adding generated files nipkow parents: diff changeset	236	\end{isamarkuptxt}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	237	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	238	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	239	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	240	This time not even the base case is solved automatically:%
2665170f104a Adding generated files nipkow parents: diff changeset	241	\end{isamarkuptxt}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	242	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	243	\begin{isamarkuptxt}%
10362 c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	244	\begin{isabelle}%
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	245	\ {\isadigit{1}}{\isachardot}\ rev\ ys\ {\isacharequal}\ rev\ ys\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	246	\end{isabelle}
10362 c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	247	Again, we need to abandon this proof attempt and prove another simple lemma
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	248	first. In the future the step of abandoning an incomplete proof before
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	249	embarking on the proof of a lemma usually remains implicit.%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	250	\end{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	251	%
10878 b254d5ad6dd4 auto update paulson parents: 10795 diff changeset	252	\isamarkupsubsubsection{Second Lemma: \isa{xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs}%
10395 7ef380745743 updated; wenzelm parents: 10362 diff changeset	253	}
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	254	%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	255	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	256	This time the canonical proof procedure%
2665170f104a Adding generated files nipkow parents: diff changeset	257	\end{isamarkuptext}%
10187 0376cccd9118 * empty log message * nipkow parents: 10171 diff changeset	258	\isacommand{lemma}\ app{\isacharunderscore}Nil{\isadigit{2}}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	259	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	260	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	261	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	262	\noindent
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	263	leads to the desired message \isa{No\ subgoals{\isacharbang}}:
10362 c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	264	\begin{isabelle}%
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	265	xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs\isanewline
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	266	No\ subgoals{\isacharbang}%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	267	\end{isabelle}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	268	We still need to confirm that the proof is now finished:%
2665170f104a Adding generated files nipkow parents: diff changeset	269	\end{isamarkuptxt}%
10171 59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	270	\isacommand{done}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	271	\begin{isamarkuptext}%
10171 59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	272	\noindent\indexbold{done}%
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	273	As a result of that final \isacommand{done}, Isabelle associates the lemma just proved
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	274	with its name. In this tutorial, we sometimes omit to show that final \isacommand{done}
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	275	if it is obvious from the context that the proof is finished.
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	276
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	277	% Instead of \isacommand{apply} followed by a dot, you can simply write
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	278	% \isacommand{by}\indexbold{by}, which we do most of the time.
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	279	Notice that in lemma \isa{app{\isacharunderscore}Nil{\isadigit{2}}},
6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	280	as printed out after the final \isacommand{done}, the free variable \isa{xs} has been
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	281	replaced by the unknown \isa{{\isacharquery}xs}, just as explained in
bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	282	\S\ref{sec:variables}.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	283
2665170f104a Adding generated files nipkow parents: diff changeset	284	Going back to the proof of the first lemma%
2665170f104a Adding generated files nipkow parents: diff changeset	285	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	286	\isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	287	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	288	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	289	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	290	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	291	we find that this time \isa{auto} solves the base case, but the
2665170f104a Adding generated files nipkow parents: diff changeset	292	induction step merely simplifies to
10362 c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	293	\begin{isabelle}%
c6b197ccf1f1 * empty log message * nipkow parents: 10328 diff changeset	294	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline
10950 aa788fcb75a5 updated; wenzelm parents: 10878 diff changeset	295	\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}list\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ rev\ ys\ {\isacharat}\ rev\ list\ {\isasymLongrightarrow}\isanewline
aa788fcb75a5 updated; wenzelm parents: 10878 diff changeset	296	\isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }{\isacharparenleft}rev\ ys\ {\isacharat}\ rev\ list{\isacharparenright}\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ rev\ ys\ {\isacharat}\ rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	297	\end{isabelle}
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	298	Now we need to remember that \isa{{\isacharat}} associates to the right, and that
10187 0376cccd9118 * empty log message * nipkow parents: 10171 diff changeset	299	\isa{{\isacharhash}} and \isa{{\isacharat}} have the same priority (namely the \isa{{\isadigit{6}}{\isadigit{5}}}
8749 2665170f104a Adding generated files nipkow parents: diff changeset	300	in their \isacommand{infixr} annotation). Thus the conclusion really is
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	301	\begin{isabelle}
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	302	~~~~~(rev~ys~@~rev~list)~@~(a~\#~[])~=~rev~ys~@~(rev~list~@~(a~\#~[]))
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	303	\end{isabelle}
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	304	and the missing lemma is associativity of \isa{{\isacharat}}.%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	305	\end{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	306	%
10878 b254d5ad6dd4 auto update paulson parents: 10795 diff changeset	307	\isamarkupsubsubsection{Third Lemma: \isa{{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ {\isacharparenleft}ys\ {\isacharat}\ zs{\isacharparenright}}%
10395 7ef380745743 updated; wenzelm parents: 10362 diff changeset	308	}
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	309	%
a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	310	\begin{isamarkuptext}%
a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	311	Abandoning the previous proof, the canonical proof procedure%
a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	312	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	313	\isacommand{lemma}\ app{\isacharunderscore}assoc\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ {\isacharparenleft}ys\ {\isacharat}\ zs{\isacharparenright}{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	314	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
10171 59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	315	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	316	\isacommand{done}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	317	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	318	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	319	succeeds without further ado.
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	320	Now we can prove the first lemma%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	321	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	322	\isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	323	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
10171 59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	324	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	325	\isacommand{done}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	326	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	327	\noindent
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10790 diff changeset	328	and then prove our main theorem:%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	329	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9644 diff changeset	330	\isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline
f789d2490669 updated; wenzelm parents: 9644 diff changeset	331	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline
10171 59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	332	\isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline
59d6633835fa * empty log message * nipkow parents: 9924 diff changeset	333	\isacommand{done}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	334	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	335	\noindent
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	336	The final \isacommand{end} tells Isabelle to close the current theory because
8749 2665170f104a Adding generated files nipkow parents: diff changeset	337	we are finished with its development:%
2665170f104a Adding generated files nipkow parents: diff changeset	338	\end{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	339	\isacommand{end}\isanewline
9722 a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	340	\end{isabellebody}%
9145 9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	341	%%% Local Variables:
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	342	%%% mode: latex
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	343	%%% TeX-master: "root"
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	344	%%% End:

author	nipkow
	Thu, 15 Mar 2001 13:57:10 +0100
changeset 11209	a8cb33f6cf9c
parent 10978	5eebea8f359f
child 11216	279004936bb0
permissions	-rw-r--r--