isabelle: doc-src/ProgProve/Thys/document/Bool_nat_list.tex@c1cca2a052e4 (annotated)

47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	1	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	2	\begin{isabellebody}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	3	\def\isabellecontext{Bool{\isaliteral{5F}{\isacharunderscore}}nat{\isaliteral{5F}{\isacharunderscore}}list}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	4	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	5	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	6	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	7	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	8	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	9	\isatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	10	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	11	\endisatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	12	{\isafoldtheory}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	13	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	14	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	15	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	16	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	17	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	18	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	19	\vspace{-4ex}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	20	\section{\texorpdfstring{Types \isa{bool}, \isa{nat} and \isa{list}}{Types bool, nat and list}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	21
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	22	These are the most important predefined types. We go through them one by one.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	23	Based on examples we learn how to define (possibly recursive) functions and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	24	prove theorems about them by induction and simplification.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	25
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	26	\subsection{Type \isa{bool}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	27
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	28	The type of boolean values is a predefined datatype
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	29	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	30	\isacommand{datatype}\ bool\ {\isaliteral{3D}{\isacharequal}}\ True\ {\isaliteral{7C}{\isacharbar}}\ False%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	31	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	32	with the two values \isa{True} and \isa{False} and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	33	with many predefined functions: \isa{{\isaliteral{5C3C6E6F743E}{\isasymnot}}}, \isa{{\isaliteral{5C3C616E643E}{\isasymand}}}, \isa{{\isaliteral{5C3C6F723E}{\isasymor}}}, \isa{{\isaliteral{5C3C6C6F6E6772696768746172726F773E}{\isasymlongrightarrow}}} etc. Here is how conjunction could be defined by pattern matching:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	34	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	35	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	36	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	37	\ conj\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}bool\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ bool\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ bool{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	38	{\isaliteral{22}{\isachardoublequoteopen}}conj\ True\ True\ {\isaliteral{3D}{\isacharequal}}\ True{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	39	{\isaliteral{22}{\isachardoublequoteopen}}conj\ {\isaliteral{5F}{\isacharunderscore}}\ {\isaliteral{5F}{\isacharunderscore}}\ {\isaliteral{3D}{\isacharequal}}\ False{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	40	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	41	Both the datatype and function definitions roughly follow the syntax
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	42	of functional programming languages.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	43
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	44	\subsection{Type \isa{nat}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	45
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	46	Natural numbers are another predefined datatype:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	47	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	48	\isacommand{datatype}\ nat\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}\ {\isaliteral{7C}{\isacharbar}}\ Suc\ nat%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	49	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	50	All values of type \isa{nat} are generated by the constructors
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	51	\isa{{\isadigit{0}}} and \isa{Suc}. Thus the values of type \isa{nat} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	52	\isa{{\isadigit{0}}}, \isa{Suc\ {\isadigit{0}}}, \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}} etc.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	53	There are many predefined functions: \isa{{\isaliteral{2B}{\isacharplus}}}, \isa{{\isaliteral{2A}{\isacharasterisk}}}, \isa{{\isaliteral{5C3C6C653E}{\isasymle}}}, etc. Here is how you could define your own addition:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	54	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	55	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	56	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	57	\ add\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}nat\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	58	{\isaliteral{22}{\isachardoublequoteopen}}add\ {\isadigit{0}}\ n\ {\isaliteral{3D}{\isacharequal}}\ n{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	59	{\isaliteral{22}{\isachardoublequoteopen}}add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ n\ {\isaliteral{3D}{\isacharequal}}\ Suc{\isaliteral{28}{\isacharparenleft}}add\ m\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	60	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	61	And here is a proof of the fact that \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	62	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	63	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	64	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	65	\ add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	66	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	67	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	68	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	69	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	70	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	71	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	72	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	73	{\isaliteral{28}{\isacharparenleft}}induction\ m{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	74	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	75	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	76	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	77	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	78	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	79	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	80	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	81	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	82	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	83	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	84	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	85	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	86	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	87	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	88	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	89	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	90	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	91	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	92	The \isacom{lemma} command starts the proof and gives the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	93	a name, \isa{add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}}. Properties of recursively defined functions
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	94	need to be established by induction in most cases.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	95	Command \isacom{apply}\isa{{\isaliteral{28}{\isacharparenleft}}induction\ m{\isaliteral{29}{\isacharparenright}}} instructs Isabelle to
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	96	start a proof by induction on \isa{m}. In response, it will show the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	97	following proof state:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	98	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	99	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	100	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}m{\isaliteral{2E}{\isachardot}}\ add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	101	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	102	The numbered lines are known as \emph{subgoals}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	103	The first subgoal is the base case, the second one the induction step.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	104	The prefix \isa{{\isaliteral{5C3C416E643E}{\isasymAnd}}m{\isaliteral{2E}{\isachardot}}} is Isabelle's way of saying ``for an arbitrary but fixed \isa{m}''. The \isa{{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}} separates assumptions from the conclusion.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	105	The command \isacom{apply}\isa{{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}} instructs Isabelle to try
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	106	and prove all subgoals automatically, essentially by simplifying them.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	107	Because both subgoals are easy, Isabelle can do it.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	108	The base case \isa{add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}} holds by definition of \isa{add},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	109	and the induction step is almost as simple:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	110	\isa{add~{\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc{\isaliteral{28}{\isacharparenleft}}add\ m\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	111	using first the definition of \isa{add} and then the induction hypothesis.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	112	In summary, both subproofs rely on simplification with function definitions and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	113	the induction hypothesis.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	114	As a result of that final \isacom{done}, Isabelle associates the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	115	just proved with its name. You can now inspect the lemma with the command%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	116	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	117	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	118	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	119	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	120	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	121	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	122	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	123	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	124	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	125	\isacommand{thm}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	126	\ add{\isaliteral{5F}{\isacharunderscore}}{\isadigit{0}}{\isadigit{2}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	127	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	128	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	129	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	130	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	131	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	132	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	133	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	134	which displays \begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	135	add\ {\isaliteral{3F}{\isacharquery}}m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{3F}{\isacharquery}}m%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	136	\end{isabelle} The free
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	137	variable \isa{m} has been replaced by the \concept{unknown}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	138	\isa{{\isaliteral{3F}{\isacharquery}}m}. There is no logical difference between the two but an
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	139	operational one: unknowns can be instantiated, which is what you want after
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	140	some lemma has been proved.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	141
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	142	Note that there is also a proof method \isa{induct}, which behaves almost
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	143	like \isa{induction}; the difference is explained in \autoref{ch:Isar}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	144
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	145	\begin{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	146	Terminology: We use \concept{lemma}, \concept{theorem} and \concept{rule}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	147	interchangeably for propositions that have been proved.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	148	\end{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	149	\begin{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	150	Numerals (\isa{{\isadigit{0}}}, \isa{{\isadigit{1}}}, \isa{{\isadigit{2}}}, \dots) and most of the standard
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	151	arithmetic operations (\isa{{\isaliteral{2B}{\isacharplus}}}, \isa{{\isaliteral{2D}{\isacharminus}}}, \isa{{\isaliteral{2A}{\isacharasterisk}}}, \isa{{\isaliteral{5C3C6C653E}{\isasymle}}},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	152	\isa{{\isaliteral{3C}{\isacharless}}} etc) are overloaded: they are available
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	153	not just for natural numbers but for other types as well.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	154	For example, given the goal \isa{x\ {\isaliteral{2B}{\isacharplus}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ x}, there is nothing to indicate
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	155	that you are talking about natural numbers. Hence Isabelle can only infer
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	156	that \isa{x} is of some arbitrary type where \isa{{\isadigit{0}}} and \isa{{\isaliteral{2B}{\isacharplus}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	157	exist. As a consequence, you will be unable to prove the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	158	goal. To alert you to such pitfalls, Isabelle flags numerals without a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	159	fixed type in its output: \isa{x\ {\isaliteral{2B}{\isacharplus}}\ {\isaliteral{28}{\isacharparenleft}}{\isadigit{0}}{\isaliteral{5C3C436F6C6F6E3E}{\isasymColon}}{\isaliteral{27}{\isacharprime}}a{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ x}. In this particular example,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	160	you need to include
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	161	an explicit type constraint, for example \isa{x{\isaliteral{2B}{\isacharplus}}{\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{28}{\isacharparenleft}}x{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}nat{\isaliteral{29}{\isacharparenright}}}. If there
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	162	is enough contextual information this may not be necessary: \isa{Suc\ x\ {\isaliteral{3D}{\isacharequal}}\ x} automatically implies \isa{x{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}nat} because \isa{Suc} is not
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	163	overloaded.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	164	\end{warn}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	165
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	166	\subsubsection{An informal proof}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	167
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	168	Above we gave some terse informal explanation of the proof of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	169	\isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}. A more detailed informal exposition of the lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	170	might look like this:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	171	\bigskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	172
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	173	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	174	\textbf{Lemma} \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	175
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	176	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	177	\textbf{Proof} by induction on \isa{m}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	178	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	179	\item Case \isa{{\isadigit{0}}} (the base case): \isa{add\ {\isadigit{0}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	180	holds by definition of \isa{add}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	181	\item Case \isa{Suc\ m} (the induction step):
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	182	We assume \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ m}, the induction hypothesis (IH),
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	183	and we need to show \isa{add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ Suc\ m}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	184	The proof is as follows:\smallskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	185
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	186	\begin{tabular}{@ {}rcl@ {\quad}l@ {}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	187	\isa{add\ {\isaliteral{28}{\isacharparenleft}}Suc\ m{\isaliteral{29}{\isacharparenright}}\ {\isadigit{0}}} &\isa{{\isaliteral{3D}{\isacharequal}}}& \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}add\ m\ {\isadigit{0}}{\isaliteral{29}{\isacharparenright}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	188	& by definition of \isa{add}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	189	&\isa{{\isaliteral{3D}{\isacharequal}}}& \isa{Suc\ m} & by IH
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	190	\end{tabular}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	191	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	192	Throughout this book, \concept{IH} will stand for ``induction hypothesis''.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	193
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	194	We have now seen three proofs of \isa{add\ m\ {\isadigit{0}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}}: the Isabelle one, the
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	195	terse four lines explaining the base case and the induction step, and just now a
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	196	model of a traditional inductive proof. The three proofs differ in the level
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	197	of detail given and the intended reader: the Isabelle proof is for the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	198	machine, the informal proofs are for humans. Although this book concentrates
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	199	on Isabelle proofs, it is important to be able to rephrase those proofs
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	200	as informal text comprehensible to a reader familiar with traditional
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	201	mathematical proofs. Later on we will introduce an Isabelle proof language
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	202	that is closer to traditional informal mathematical language and is often
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	203	directly readable.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	204
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	205	\subsection{Type \isa{list}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	206
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	207	Although lists are already predefined, we define our own copy just for
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	208	demonstration purposes:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	209	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	210	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	211	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	212	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	213	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	214	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	215	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	216	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	217	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	218	\isacommand{datatype}\isamarkupfalse%
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	219	\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{3D}{\isacharequal}}\ Nil\ {\isaliteral{7C}{\isacharbar}}\ Cons\ {\isaliteral{27}{\isacharprime}}a\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}%
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	220	\begin{isamarkuptext}%
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	221	\begin{itemize}
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	222	\item Type \isa{{\isaliteral{27}{\isacharprime}}a\ list} is the type of lists over elements of type \isa{{\isaliteral{27}{\isacharprime}}a}. Because \isa{{\isaliteral{27}{\isacharprime}}a} is a type variable, lists are in fact \concept{polymorphic}: the elements of a list can be of arbitrary type (but must all be of the same type).
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	223	\item Lists have two constructors: \isa{Nil}, the empty list, and \isa{Cons}, which puts an element (of type \isa{{\isaliteral{27}{\isacharprime}}a}) in front of a list (of type \isa{{\isaliteral{27}{\isacharprime}}a\ list}).
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	224	Hence all lists are of the form \isa{Nil}, or \isa{Cons\ x\ Nil},
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	225	or \isa{Cons\ x\ {\isaliteral{28}{\isacharparenleft}}Cons\ y\ Nil{\isaliteral{29}{\isacharparenright}}} etc.
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	226	\item \isacom{datatype} requires no quotation marks on the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	227	left-hand side, but on the right-hand side each of the argument
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	228	types of a constructor needs to be enclosed in quotation marks, unless
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	229	it is just an identifier (e.g.\ \isa{nat} or \isa{{\isaliteral{27}{\isacharprime}}a}).
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	230	\end{itemize}
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	231	We also define two standard functions, append and reverse:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	232	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	233	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	234	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	235	\ app\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	236	{\isaliteral{22}{\isachardoublequoteopen}}app\ Nil\ ys\ {\isaliteral{3D}{\isacharequal}}\ ys{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	237	{\isaliteral{22}{\isachardoublequoteopen}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys\ {\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	238	\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	239	\isacommand{fun}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	240	\ rev\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	241	{\isaliteral{22}{\isachardoublequoteopen}}rev\ Nil\ {\isaliteral{3D}{\isacharequal}}\ Nil{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	242	{\isaliteral{22}{\isachardoublequoteopen}}rev\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	243	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	244	By default, variables \isa{xs}, \isa{ys} and \isa{zs} are of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	245	\isa{list} type.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	246
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	247	Command \isacom{value} evaluates a term. For example,%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	248	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	249	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	250	\isacommand{value}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	251	\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}Cons\ True\ {\isaliteral{28}{\isacharparenleft}}Cons\ False\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	252	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	253	yields the result \isa{Cons\ False\ {\isaliteral{28}{\isacharparenleft}}Cons\ True\ Nil{\isaliteral{29}{\isacharparenright}}}. This works symbolically, too:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	254	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	255	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	256	\isacommand{value}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	257	\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}Cons\ a\ {\isaliteral{28}{\isacharparenleft}}Cons\ b\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	258	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	259	yields \isa{Cons\ b\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	260	\medskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	261
47302 70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	262	Figure~\ref{fig:MyList} shows the theory created so far.
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	263	% Notice where the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	264	%quotations marks are needed that we mostly sweep under the carpet. In
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	265	%particular, notice that \isacom{datatype} requires no quotation marks on the
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	266	%left-hand side, but that on the right-hand side each of the argument
70239da25ef6 towards showing " in the tutorial nipkow parents: 47269 diff changeset	267	%types of a constructor needs to be enclosed in quotation marks.
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	268
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	269	\begin{figure}[htbp]
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	270	\begin{alltt}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	271	\input{Thys/MyList.thy}\end{alltt}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	272	\caption{A Theory of Lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	273	\label{fig:MyList}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	274	\end{figure}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	275
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	276	\subsubsection{Structural Induction for Lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	277
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	278	Just as for natural numbers, there is a proof principle of induction for
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	279	lists. Induction over a list is essentially induction over the length of
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	280	the list, although the length remains implicit. To prove that some property
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	281	\isa{P} holds for all lists \isa{xs}, i.e.\ \mbox{\isa{P\ xs}},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	282	you need to prove
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	283	\begin{enumerate}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	284	\item the base case \isa{P\ Nil} and
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	285	\item the inductive case \isa{P\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}} under the assumption \isa{P\ xs}, for some arbitrary but fixed \isa{x} and \isa{xs}.
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	286	\end{enumerate}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	287	This is often called \concept{structural induction}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	288
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	289	\subsection{The Proof Process}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	290
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	291	We will now demonstrate the typical proof process, which involves
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	292	the formulation and proof of auxiliary lemmas.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	293	Our goal is to show that reversing a list twice produces the original
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	294	list.%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	295	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	296	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	297	\isacommand{theorem}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	298	\ rev{\isaliteral{5F}{\isacharunderscore}}rev\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	299	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	300	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	301	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	302	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	303	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	304	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	305	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	306	Commands \isacom{theorem} and \isacom{lemma} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	307	interchangeable and merely indicate the importance we attach to a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	308	proposition. Via the bracketed attribute \isa{simp} we also tell Isabelle
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	309	to make the eventual theorem a \concept{simplification rule}: future proofs
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	310	involving simplification will replace occurrences of \isa{rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}} by
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	311	\isa{xs}. The proof is by induction:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	312	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	313	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	314	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	315	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	316	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	317	As explained above, we obtain two subgoals, namely the base case (\isa{Nil}) and the induction step (\isa{Cons}):
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	318	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	319	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ Nil{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Nil\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	320	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ rev\ {\isaliteral{28}{\isacharparenleft}}rev\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Cons\ a\ xs%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	321	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	322	Let us try to solve both goals automatically:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	323	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	324	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	325	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	326	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	327	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	328	Subgoal~1 is proved, and disappears; the simplified version
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	329	of subgoal~2 becomes the new subgoal~1:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	330	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	331	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	332	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	333	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ Cons\ a\ xs%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	334	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	335	In order to simplify this subgoal further, a lemma suggests itself.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	336
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	337	\subsubsection{A First Lemma}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	338
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	339	We insert the following lemma in front of the main theorem:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	340	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	341	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	342	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	343	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	344	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	345	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	346	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	347	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	348	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	349	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	350	\ rev{\isaliteral{5F}{\isacharunderscore}}app\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	351	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	352	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	353	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	354	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	355	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	356	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	357	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	358	There are two variables that we could induct on: \isa{xs} and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	359	\isa{ys}. Because \isa{app} is defined by recursion on
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	360	the first argument, \isa{xs} is the correct one:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	361	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	362	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	363	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	364	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	365	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	366	This time not even the base case is solved automatically:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	367	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	368	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	369	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	370	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	371	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	372	\vspace{-5ex}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	373	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	374	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ rev\ ys\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ Nil%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	375	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	376	Again, we need to abandon this proof attempt and prove another simple lemma
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	377	first.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	378
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	379	\subsubsection{A Second Lemma}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	380
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	381	We again try the canonical proof procedure:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	382	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	383	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	384	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	385	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	386	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	387	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	388	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	389	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	390	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	391	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	392	\ app{\isaliteral{5F}{\isacharunderscore}}Nil{\isadigit{2}}\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}app\ xs\ Nil\ {\isaliteral{3D}{\isacharequal}}\ xs{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	393	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	394	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	395	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	396	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	397	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	398	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	399	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	400	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	401	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	402	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	403	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	404	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	405	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	406	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	407	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	408	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	409	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	410	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	411	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	412	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	413	Thankfully, this worked.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	414	Now we can continue with our stuck proof attempt of the first lemma:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	415	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	416	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	417	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	418	\ rev{\isaliteral{5F}{\isacharunderscore}}app\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}rev{\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	419	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	420	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	421	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	422	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	423	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	424	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	425	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	426	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	427	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	428	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	429	\begin{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	430	We find that this time \isa{auto} solves the base case, but the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	431	induction step merely simplifies to
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	432	\begin{isabelle}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	433	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}a\ xs{\isaliteral{2E}{\isachardot}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	434	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }rev\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	435	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	436	\isaindent{\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ \ \ \ }app\ {\isaliteral{28}{\isacharparenleft}}rev\ ys{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}rev\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}Cons\ a\ Nil{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	437	\end{isabelle}
47711 c1cca2a052e4 doc update nipkow parents: 47306 diff changeset	438	The missing lemma is associativity of \isa{app},
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	439	which we insert in front of the failed lemma \isa{rev{\isaliteral{5F}{\isacharunderscore}}app}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	440
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	441	\subsubsection{Associativity of \isa{app}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	442
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	443	The canonical proof procedure succeeds without further ado:%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	444	\end{isamarkuptxt}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	445	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	446	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	447	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	448	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	449	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	450	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	451	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	452	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	453	\isacommand{lemma}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	454	\ app{\isaliteral{5F}{\isacharunderscore}}assoc\ {\isaliteral{5B}{\isacharbrackleft}}simp{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	455	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	456	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	457	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	458	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	459	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	460	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	461	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	462	{\isaliteral{28}{\isacharparenleft}}induction\ xs{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	463	\isacommand{apply}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	464	{\isaliteral{28}{\isacharparenleft}}auto{\isaliteral{29}{\isacharparenright}}\isanewline
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	465	\isacommand{done}\isamarkupfalse%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	466	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	467	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	468	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	469	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	470	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	471	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	472	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	473	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	474	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	475	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	476	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	477	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	478	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	479	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	480	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	481	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	482	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	483	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	484	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	485	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	486	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	487	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	488	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	489	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	490	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	491	\isatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	492	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	493	\endisatagproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	494	{\isafoldproof}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	495	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	496	\isadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	497	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	498	\endisadelimproof
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	499	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	500	\begin{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	501	Finally the proofs of \isa{rev{\isaliteral{5F}{\isacharunderscore}}app} and \isa{rev{\isaliteral{5F}{\isacharunderscore}}rev}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	502	succeed, too.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	503
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	504	\subsubsection{Another informal proof}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	505
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	506	Here is the informal proof of associativity of \isa{app}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	507	corresponding to the Isabelle proof above.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	508	\bigskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	509
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	510	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	511	\textbf{Lemma} \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	512
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	513	\noindent
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	514	\textbf{Proof} by induction on \isa{xs}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	515	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	516	\item Case \isa{Nil}: \ \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ Nil\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ ys\ zs} \isa{{\isaliteral{3D}{\isacharequal}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	517	\mbox{\isa{app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}} \ holds by definition of \isa{app}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	518	\item Case \isa{Cons\ x\ xs}: We assume
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	519	\begin{center} \hfill \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs} \isa{{\isaliteral{3D}{\isacharequal}}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	520	\isa{app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}} \hfill (IH) \end{center}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	521	and we need to show
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	522	\begin{center} \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys{\isaliteral{29}{\isacharparenright}}\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}.\end{center}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	523	The proof is as follows:\smallskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	524
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	525	\begin{tabular}{@ {}l@ {\quad}l@ {}}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	526	\isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ ys{\isaliteral{29}{\isacharparenright}}\ zs}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	527	\isa{{\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ zs} & by definition of \isa{app}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	528	\isa{{\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ ys{\isaliteral{29}{\isacharparenright}}\ zs{\isaliteral{29}{\isacharparenright}}} & by definition of \isa{app}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	529	\isa{{\isaliteral{3D}{\isacharequal}}\ Cons\ x\ {\isaliteral{28}{\isacharparenleft}}app\ xs\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}} & by IH\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	530	\isa{{\isaliteral{3D}{\isacharequal}}\ app\ {\isaliteral{28}{\isacharparenleft}}Cons\ x\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}} & by definition of \isa{app}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	531	\end{tabular}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	532	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	533	\medskip
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	534
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	535	\noindent Didn't we say earlier that all proofs are by simplification? But
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	536	in both cases, going from left to right, the last equality step is not a
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	537	simplification at all! In the base case it is \isa{app\ ys\ zs\ {\isaliteral{3D}{\isacharequal}}\ app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}. It appears almost mysterious because we suddenly complicate the
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	538	term by appending \isa{Nil} on the left. What is really going on is this:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	539	when proving some equality \mbox{\isa{s\ {\isaliteral{3D}{\isacharequal}}\ t}}, both \isa{s} and \isa{t} are
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	540	simplified to some common term \isa{u}. This heuristic for equality proofs
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	541	works well for a functional programming context like ours. In the base case
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	542	\isa{s} is \isa{app\ {\isaliteral{28}{\isacharparenleft}}app\ Nil\ ys{\isaliteral{29}{\isacharparenright}}\ zs}, \isa{t} is \isa{app\ Nil\ {\isaliteral{28}{\isacharparenleft}}app\ ys\ zs{\isaliteral{29}{\isacharparenright}}}, and \isa{u} is \isa{app\ ys\ zs}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	543
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	544	\subsection{Predefined lists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	545	\label{sec:predeflists}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	546
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	547	Isabelle's predefined lists are the same as the ones above, but with
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	548	more syntactic sugar:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	549	\begin{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	550	\item \isa{{\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is \isa{Nil},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	551	\item \isa{x\ {\isaliteral{23}{\isacharhash}}\ xs} is \isa{Cons\ x\ xs},
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	552	\item \isa{{\isaliteral{5B}{\isacharbrackleft}}x\isaliteral{5C3C5E697375623E}{}\isactrlisub {\isadigit{1}}{\isaliteral{2C}{\isacharcomma}}\ {\isaliteral{5C3C646F74733E}{\isasymdots}}{\isaliteral{2C}{\isacharcomma}}\ x\isaliteral{5C3C5E697375623E}{}\isactrlisub n{\isaliteral{5D}{\isacharbrackright}}} is \isa{x\isaliteral{5C3C5E697375623E}{}\isactrlisub {\isadigit{1}}\ {\isaliteral{23}{\isacharhash}}\ {\isaliteral{5C3C646F74733E}{\isasymdots}}\ {\isaliteral{23}{\isacharhash}}\ x\isaliteral{5C3C5E697375623E}{}\isactrlisub n\ {\isaliteral{23}{\isacharhash}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}}, and
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	553	\item \isa{xs\ {\isaliteral{40}{\isacharat}}\ ys} is \isa{app\ xs\ ys}.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	554	\end{itemize}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	555	There is also a large library of predefined functions.
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	556	The most important ones are the length function
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	557	\isa{length\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ nat} (with the obvious definition),
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	558	and the map function that applies a function to all elements of a list:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	559	\begin{isabelle}
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	560	\isacom{fun} \isa{map} \isa{{\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}} \isa{{\isaliteral{22}{\isachardoublequote}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{27}{\isacharprime}}a\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}b{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}b\ list{\isaliteral{22}{\isachardoublequote}}}\\
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	561	\isa{{\isaliteral{22}{\isachardoublequote}}}\isa{map\ f\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}}\isa{{\isaliteral{22}{\isachardoublequote}}\ {\isaliteral{7C}{\isacharbar}}}\\
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	562	\isa{{\isaliteral{22}{\isachardoublequote}}}\isa{map\ f\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ f\ x\ {\isaliteral{23}{\isacharhash}}\ map\ f\ xs}\isa{{\isaliteral{22}{\isachardoublequote}}}
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	563	\end{isabelle}
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	564	\sem
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	565	Also useful are the \concept{head} of a list, its first element,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	566	and the \concept{tail}, the rest of the list:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	567	\begin{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	568	\isacom{fun} \isa{hd\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	569	\isa{hd\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ x}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	570	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	571	\begin{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	572	\isacom{fun} \isa{tl\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{27}{\isacharprime}}a\ list\ {\isaliteral{5C3C52696768746172726F773E}{\isasymRightarrow}}\ {\isaliteral{27}{\isacharprime}}a\ list}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	573	\isa{tl\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} \isa{{\isaliteral{7C}{\isacharbar}}}\\
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	574	\isa{tl\ {\isaliteral{28}{\isacharparenleft}}x\ {\isaliteral{23}{\isacharhash}}\ xs{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ xs}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	575	\end{isabelle}
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	576	Note that since HOL is a logic of total functions, \isa{hd\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is defined,
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	577	but we do now know what the result is. That is, \isa{hd\ {\isaliteral{5B}{\isacharbrackleft}}{\isaliteral{5D}{\isacharbrackright}}} is not undefined
47306 56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	578	but underdefined.
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	579	\endsem
56d72c923281 made sure that " is shown in tutorial text nipkow parents: 47302 diff changeset	580	%%
47269 29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	581	\end{isamarkuptext}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	582	\isamarkuptrue%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	583	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	584	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	585	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	586	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	587	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	588	\isatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	589	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	590	\endisatagtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	591	{\isafoldtheory}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	592	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	593	\isadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	594	%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	595	\endisadelimtheory
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	596	\end{isabellebody}%
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	597	%%% Local Variables:
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	598	%%% mode: latex
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	599	%%% TeX-master: "root"
29aa0c071875 New manual Programming and Proving in Isabelle/HOL nipkow parents: diff changeset	600	%%% End:

author	nipkow
	Tue, 24 Apr 2012 09:09:55 +0200
changeset 47711	c1cca2a052e4
parent 47306	56d72c923281
child 47719	8aac84627b84
permissions	-rw-r--r--