isabelle: doc-src/TutorialI/document/Even.tex@e65385336531 (annotated)

10365 a17cf465d29a auto generated paulson parents: diff changeset	1	%
a17cf465d29a auto generated paulson parents: diff changeset	2	\begin{isabellebody}%
a17cf465d29a auto generated paulson parents: diff changeset	3	\def\isabellecontext{Even}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	4	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	5	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	6	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	7	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	8	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	9	\isatagtheory
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	10	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	11	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	12	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	13	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	14	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	15	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	16	\endisadelimtheory
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	17	%
43564 9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	18	\isadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	19	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	20	\endisadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	21	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	22	\isatagML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	23	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	24	\endisatagML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	25	{\isafoldML}%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	26	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	27	\isadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	28	%
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	29	\endisadelimML
9864182c6bad document antiquotations are managed as theory data, with proper name space and entity markup; wenzelm parents: 40406 diff changeset	30	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	31	\isamarkupsection{The Set of Even Numbers%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	32	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	33	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	34	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	35	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	36	\index{even numbers!defining inductively\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	37	The set of even numbers can be inductively defined as the least set
ca73e86c22bb updated berghofe parents: 23733 diff changeset	38	containing 0 and closed under the operation $+2$. Obviously,
ca73e86c22bb updated berghofe parents: 23733 diff changeset	39	\emph{even} can also be expressed using the divides relation (\isa{dvd}).
ca73e86c22bb updated berghofe parents: 23733 diff changeset	40	We shall prove below that the two formulations coincide. On the way we
ca73e86c22bb updated berghofe parents: 23733 diff changeset	41	shall examine the primary means of reasoning about inductively defined
ca73e86c22bb updated berghofe parents: 23733 diff changeset	42	sets: rule induction.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	43	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	44	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	45	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	46	\isamarkupsubsection{Making an Inductive Definition%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	47	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	48	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	49	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	50	\begin{isamarkuptext}%
23928 efee34ff4764 Protected underscore in inductive_set. berghofe parents: 23848 diff changeset	51	Using \commdx{inductive\protect\_set}, we declare the constant \isa{even} to be
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	52	a set of natural numbers with the desired properties.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	53	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	54	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	55	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}set}\isamarkupfalse%
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	56	\ even\ {\isaliteral{3A}{\isacharcolon}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}nat\ set{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{where}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	57	zero{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\ {\isaliteral{7C}{\isacharbar}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	58	step{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{28}{\isacharparenleft}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}%
10365 a17cf465d29a auto generated paulson parents: diff changeset	59	\begin{isamarkuptext}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	60	An inductive definition consists of introduction rules. The first one
ca73e86c22bb updated berghofe parents: 23733 diff changeset	61	above states that 0 is even; the second states that if $n$ is even, then so
ca73e86c22bb updated berghofe parents: 23733 diff changeset	62	is~$n+2$. Given this declaration, Isabelle generates a fixed point
ca73e86c22bb updated berghofe parents: 23733 diff changeset	63	definition for \isa{even} and proves theorems about it,
ca73e86c22bb updated berghofe parents: 23733 diff changeset	64	thus following the definitional approach (see {\S}\ref{sec:definitional}).
ca73e86c22bb updated berghofe parents: 23733 diff changeset	65	These theorems
ca73e86c22bb updated berghofe parents: 23733 diff changeset	66	include the introduction rules specified in the declaration, an elimination
ca73e86c22bb updated berghofe parents: 23733 diff changeset	67	rule for case analysis and an induction rule. We can refer to these
ca73e86c22bb updated berghofe parents: 23733 diff changeset	68	theorems by automatically-generated names. Here are two examples:
10365 a17cf465d29a auto generated paulson parents: diff changeset	69	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	70	{\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\rulename{even{\isaliteral{2E}{\isachardot}}zero}\par\smallskip%
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	71	n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\rulename{even{\isaliteral{2E}{\isachardot}}step}%
10365 a17cf465d29a auto generated paulson parents: diff changeset	72	\end{isabelle}
a17cf465d29a auto generated paulson parents: diff changeset	73
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	74	The introduction rules can be given attributes. Here
ca73e86c22bb updated berghofe parents: 23733 diff changeset	75	both rules are specified as \isa{intro!},%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	76	\index{intro"!@\isa {intro"!} (attribute)}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	77	directing the classical reasoner to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	78	apply them aggressively. Obviously, regarding 0 as even is safe. The
ca73e86c22bb updated berghofe parents: 23733 diff changeset	79	\isa{step} rule is also safe because $n+2$ is even if and only if $n$ is
ca73e86c22bb updated berghofe parents: 23733 diff changeset	80	even. We prove this equivalence later.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	81	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	82	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	83	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	84	\isamarkupsubsection{Using Introduction Rules%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	85	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	86	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	87	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	88	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	89	Our first lemma states that numbers of the form $2\times k$ are even.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	90	Introduction rules are used to show that specific values belong to the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	91	inductive set. Such proofs typically involve
ca73e86c22bb updated berghofe parents: 23733 diff changeset	92	induction, perhaps over some other inductive set.%
10365 a17cf465d29a auto generated paulson parents: diff changeset	93	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	94	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	95	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	96	\ two{\isaliteral{5F}{\isacharunderscore}}times{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5B}{\isacharbrackleft}}intro{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isadigit{2}}{\isaliteral{2A}{\isacharasterisk}}k\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	97	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	98	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	99	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	100	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	101	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	102	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	103	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	104	\ {\isaliteral{28}{\isacharparenleft}}induct{\isaliteral{5F}{\isacharunderscore}}tac\ k{\isaliteral{29}{\isacharparenright}}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	105	\ \isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	106	\ auto\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	107	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	108	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	109	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	110	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	111	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	112	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	113	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	114	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	115	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	116	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	117	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	118	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	119	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	120	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	121	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	122	\begin{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	123	\noindent
ca73e86c22bb updated berghofe parents: 23733 diff changeset	124	The first step is induction on the natural number \isa{k}, which leaves
ca73e86c22bb updated berghofe parents: 23733 diff changeset	125	two subgoals:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	126	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	127	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ {\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	128	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ Suc\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	129	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	130	Here \isa{auto} simplifies both subgoals so that they match the introduction
ca73e86c22bb updated berghofe parents: 23733 diff changeset	131	rules, which are then applied automatically.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	132
ca73e86c22bb updated berghofe parents: 23733 diff changeset	133	Our ultimate goal is to prove the equivalence between the traditional
ca73e86c22bb updated berghofe parents: 23733 diff changeset	134	definition of \isa{even} (using the divides relation) and our inductive
ca73e86c22bb updated berghofe parents: 23733 diff changeset	135	definition. One direction of this equivalence is immediate by the lemma
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	136	just proved, whose \isa{intro{\isaliteral{21}{\isacharbang}}} attribute ensures it is applied automatically.%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	137	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	138	\isamarkuptrue%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	139	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	140	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	141	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	142	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	143	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	144	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	145	\endisadelimproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	146	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	147	\ dvd{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isadigit{2}}\ dvd\ n\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	148	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	149	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	150	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	151	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	152	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	153	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	154	\isacommand{by}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	155	\ {\isaliteral{28}{\isacharparenleft}}auto\ simp\ add{\isaliteral{3A}{\isacharcolon}}\ dvd{\isaliteral{5F}{\isacharunderscore}}def{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	156	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	157	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	158	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	159	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	160	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	161	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	162	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	163	\isamarkupsubsection{Rule Induction \label{sec:rule-induction}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	164	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	165	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	166	%
10365 a17cf465d29a auto generated paulson parents: diff changeset	167	\begin{isamarkuptext}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	168	\index{rule induction\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	169	From the definition of the set
ca73e86c22bb updated berghofe parents: 23733 diff changeset	170	\isa{even}, Isabelle has
ca73e86c22bb updated berghofe parents: 23733 diff changeset	171	generated an induction rule:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	172	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	173	{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}x\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ P\ {\isadigit{0}}{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	174	\isaindent{\ }{\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ P\ n{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P\ {\isaliteral{28}{\isacharparenleft}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	175	{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P\ x\rulename{even{\isaliteral{2E}{\isachardot}}induct}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	176	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	177	A property \isa{P} holds for every even number provided it
ca73e86c22bb updated berghofe parents: 23733 diff changeset	178	holds for~\isa{{\isadigit{0}}} and is closed under the operation
ca73e86c22bb updated berghofe parents: 23733 diff changeset	179	\isa{Suc(Suc $\cdot$)}. Then \isa{P} is closed under the introduction
ca73e86c22bb updated berghofe parents: 23733 diff changeset	180	rules for \isa{even}, which is the least set closed under those rules.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	181	This type of inductive argument is called \textbf{rule induction}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	182
ca73e86c22bb updated berghofe parents: 23733 diff changeset	183	Apart from the double application of \isa{Suc}, the induction rule above
ca73e86c22bb updated berghofe parents: 23733 diff changeset	184	resembles the familiar mathematical induction, which indeed is an instance
ca73e86c22bb updated berghofe parents: 23733 diff changeset	185	of rule induction; the natural numbers can be defined inductively to be
ca73e86c22bb updated berghofe parents: 23733 diff changeset	186	the least set containing \isa{{\isadigit{0}}} and closed under~\isa{Suc}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	187
ca73e86c22bb updated berghofe parents: 23733 diff changeset	188	Induction is the usual way of proving a property of the elements of an
ca73e86c22bb updated berghofe parents: 23733 diff changeset	189	inductively defined set. Let us prove that all members of the set
ca73e86c22bb updated berghofe parents: 23733 diff changeset	190	\isa{even} are multiples of two.%
10365 a17cf465d29a auto generated paulson parents: diff changeset	191	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	192	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	193	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	194	\ even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}dvd{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isadigit{2}}\ dvd\ n{\isaliteral{22}{\isachardoublequoteclose}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	195	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	196	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	197	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	198	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	199	\isatagproof
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	200	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	201	\begin{isamarkuptxt}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	202	We begin by applying induction. Note that \isa{even{\isaliteral{2E}{\isachardot}}induct} has the form
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	203	of an elimination rule, so we use the method \isa{erule}. We get two
ca73e86c22bb updated berghofe parents: 23733 diff changeset	204	subgoals:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	205	\end{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	206	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	207	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	208	\ {\isaliteral{28}{\isacharparenleft}}erule\ even{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	209	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	210	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	211	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isadigit{2}}\ dvd\ {\isadigit{0}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	212	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ {\isadigit{2}}\ dvd\ n{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isadigit{2}}\ dvd\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	213	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	214	We unfold the definition of \isa{dvd} in both subgoals, proving the first
ca73e86c22bb updated berghofe parents: 23733 diff changeset	215	one and simplifying the second:%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	216	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	217	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	218	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	219	\ {\isaliteral{28}{\isacharparenleft}}simp{\isaliteral{5F}{\isacharunderscore}}all\ add{\isaliteral{3A}{\isacharcolon}}\ dvd{\isaliteral{5F}{\isacharunderscore}}def{\isaliteral{29}{\isacharparenright}}%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	220	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	221	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	222	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ {\isaliteral{5C3C6578697374733E}{\isasymexists}}k{\isaliteral{2E}{\isachardot}}\ n\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ k{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{5C3C6578697374733E}{\isasymexists}}k{\isaliteral{2E}{\isachardot}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ k%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	223	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	224	The next command eliminates the existential quantifier from the assumption
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	225	and replaces \isa{n} by \isa{{\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ k}.%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	226	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	227	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	228	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	229	\ clarify%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	230	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	231	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	232	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}n\ k{\isaliteral{2E}{\isachardot}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ k\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ {\isaliteral{5C3C6578697374733E}{\isasymexists}}ka{\isaliteral{2E}{\isachardot}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ {\isaliteral{28}{\isacharparenleft}}{\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ k{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{2}}\ {\isaliteral{2A}{\isacharasterisk}}\ ka%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	233	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	234	To conclude, we tell Isabelle that the desired value is
ca73e86c22bb updated berghofe parents: 23733 diff changeset	235	\isa{Suc\ k}. With this hint, the subgoal falls to \isa{simp}.%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	236	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	237	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	238	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	239	\ {\isaliteral{28}{\isacharparenleft}}rule{\isaliteral{5F}{\isacharunderscore}}tac\ x\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{22}{\isachardoublequoteopen}}Suc\ k{\isaliteral{22}{\isachardoublequoteclose}}\ \isakeyword{in}\ exI{\isaliteral{2C}{\isacharcomma}}\ simp{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	240	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	241	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	242	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	243	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	244	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	245	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	246	%
10365 a17cf465d29a auto generated paulson parents: diff changeset	247	\begin{isamarkuptext}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	248	Combining the previous two results yields our objective, the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	249	equivalence relating \isa{even} and \isa{dvd}.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	250	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	251	%we don't want [iff]: discuss?%
10365 a17cf465d29a auto generated paulson parents: diff changeset	252	\end{isamarkuptext}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	253	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	254	\isacommand{theorem}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	255	\ even{\isaliteral{5F}{\isacharunderscore}}iff{\isaliteral{5F}{\isacharunderscore}}dvd{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{28}{\isacharparenleft}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{28}{\isacharparenleft}}{\isadigit{2}}\ dvd\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	256	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	257	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	258	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	259	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	260	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	261	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	262	\isacommand{by}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	263	\ {\isaliteral{28}{\isacharparenleft}}blast\ intro{\isaliteral{3A}{\isacharcolon}}\ dvd{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even\ even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}dvd{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	264	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	265	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	266	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	267	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	268	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	269	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	270	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	271	\isamarkupsubsection{Generalization and Rule Induction \label{sec:gen-rule-induction}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	272	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	273	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	274	%
10365 a17cf465d29a auto generated paulson parents: diff changeset	275	\begin{isamarkuptext}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	276	\index{generalizing for induction}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	277	Before applying induction, we typically must generalize
ca73e86c22bb updated berghofe parents: 23733 diff changeset	278	the induction formula. With rule induction, the required generalization
ca73e86c22bb updated berghofe parents: 23733 diff changeset	279	can be hard to find and sometimes requires a complete reformulation of the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	280	problem. In this example, our first attempt uses the obvious statement of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	281	the result. It fails:%
10365 a17cf465d29a auto generated paulson parents: diff changeset	282	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	283	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	284	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	285	\ {\isaliteral{22}{\isachardoublequoteopen}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	286	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	287	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	288	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	289	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	290	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	291	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	292	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	293	\ {\isaliteral{28}{\isacharparenleft}}erule\ even{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	294	\isacommand{oops}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	295	%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	296	\endisatagproof
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	297	{\isafoldproof}%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	298	%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	299	\isadelimproof
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	300	%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	301	\endisadelimproof
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	302	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	303	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	304	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	305	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	306	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	307	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	308	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	309	\begin{isamarkuptxt}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	310	Rule induction finds no occurrences of \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}} in the
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	311	conclusion, which it therefore leaves unchanged. (Look at
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	312	\isa{even{\isaliteral{2E}{\isachardot}}induct} to see why this happens.) We have these subgoals:
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	313	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	314	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	315	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}na{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}na\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	316	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	317	The first one is hopeless. Rule induction on
ca73e86c22bb updated berghofe parents: 23733 diff changeset	318	a non-variable term discards information, and usually fails.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	319	How to deal with such situations
ca73e86c22bb updated berghofe parents: 23733 diff changeset	320	in general is described in {\S}\ref{sec:ind-var-in-prems} below.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	321	In the current case the solution is easy because
ca73e86c22bb updated berghofe parents: 23733 diff changeset	322	we have the necessary inverse, subtraction:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	323	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	324	\isamarkuptrue%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	325	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	326	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	327	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	328	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	329	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	330	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	331	\endisadelimproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	332	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	333	\ even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5F}{\isacharunderscore}}minus{\isaliteral{5F}{\isacharunderscore}}{\isadigit{2}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	334	%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	335	\isadelimproof
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	336	%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	337	\endisadelimproof
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	338	%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	339	\isatagproof
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	340	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	341	\ {\isaliteral{28}{\isacharparenleft}}erule\ even{\isaliteral{2E}{\isachardot}}induct{\isaliteral{29}{\isacharparenright}}\isanewline
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	342	\ \isacommand{apply}\isamarkupfalse%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	343	\ auto\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	344	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	345	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	346	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	347	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	348	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	349	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	350	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	351	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11708 diff changeset	352	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	353	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	354	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	355	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	356	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	357	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	358	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	359	\begin{isamarkuptxt}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	360	This lemma is trivially inductive. Here are the subgoals:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	361	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	362	\ {\isadigit{1}}{\isaliteral{2E}{\isachardot}}\ {\isadigit{0}}\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	363	\ {\isadigit{2}}{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ n\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	364	\end{isabelle}
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	365	The first is trivial because \isa{{\isadigit{0}}\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}} simplifies to \isa{{\isadigit{0}}}, which is
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	366	even. The second is trivial too: \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{2D}{\isacharminus}}\ {\isadigit{2}}} simplifies to
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	367	\isa{n}, matching the assumption.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	368	\index{rule induction\|)} %the sequel isn't really about induction
ca73e86c22bb updated berghofe parents: 23733 diff changeset	369
ca73e86c22bb updated berghofe parents: 23733 diff changeset	370	\medskip
ca73e86c22bb updated berghofe parents: 23733 diff changeset	371	Using our lemma, we can easily prove the result we originally wanted:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	372	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	373	\isamarkuptrue%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	374	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	375	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	376	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	377	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	378	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	379	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	380	\endisadelimproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	381	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	382	\ Suc{\isaliteral{5F}{\isacharunderscore}}Suc{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	383	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	384	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	385	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	386	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	387	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	388	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	389	\isacommand{by}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	390	\ {\isaliteral{28}{\isacharparenleft}}drule\ even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5F}{\isacharunderscore}}minus{\isaliteral{5F}{\isacharunderscore}}{\isadigit{2}}{\isaliteral{2C}{\isacharcomma}}\ simp{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	391	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	392	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	393	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	394	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	395	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	396	\endisadelimproof
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	397	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	398	\begin{isamarkuptext}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	399	We have just proved the converse of the introduction rule \isa{even{\isaliteral{2E}{\isachardot}}step}.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	400	This suggests proving the following equivalence. We give it the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	401	\attrdx{iff} attribute because of its obvious value for simplification.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	402	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	403	\isamarkuptrue%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	404	\isacommand{lemma}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	405	\ {\isaliteral{5B}{\isacharbrackleft}}iff{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}{\isaliteral{28}{\isacharparenleft}}{\isaliteral{28}{\isacharparenleft}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{3D}{\isacharequal}}\ {\isaliteral{28}{\isacharparenleft}}n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{29}{\isacharparenright}}{\isaliteral{22}{\isachardoublequoteclose}}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	406	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	407	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	408	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	409	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	410	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	411	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	412	\isacommand{by}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	413	\ {\isaliteral{28}{\isacharparenleft}}blast\ dest{\isaliteral{3A}{\isacharcolon}}\ Suc{\isaliteral{5F}{\isacharunderscore}}Suc{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{29}{\isacharparenright}}%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	414	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	415	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	416	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	417	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	418	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	419	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	420	%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	421	\isamarkupsubsection{Rule Inversion \label{sec:rule-inversion}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	422	}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	423	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	424	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	425	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	426	\index{rule inversion\|(}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	427	Case analysis on an inductive definition is called \textbf{rule
ca73e86c22bb updated berghofe parents: 23733 diff changeset	428	inversion}. It is frequently used in proofs about operational
ca73e86c22bb updated berghofe parents: 23733 diff changeset	429	semantics. It can be highly effective when it is applied
ca73e86c22bb updated berghofe parents: 23733 diff changeset	430	automatically. Let us look at how rule inversion is done in
ca73e86c22bb updated berghofe parents: 23733 diff changeset	431	Isabelle/HOL\@.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	432
ca73e86c22bb updated berghofe parents: 23733 diff changeset	433	Recall that \isa{even} is the minimal set closed under these two rules:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	434	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	435	{\isadigit{0}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\isasep\isanewline%
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	436	n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	437	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	438	Minimality means that \isa{even} contains only the elements that these
ca73e86c22bb updated berghofe parents: 23733 diff changeset	439	rules force it to contain. If we are told that \isa{a}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	440	belongs to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	441	\isa{even} then there are only two possibilities. Either \isa{a} is \isa{{\isadigit{0}}}
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	442	or else \isa{a} has the form \isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}}, for some suitable \isa{n}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	443	that belongs to
ca73e86c22bb updated berghofe parents: 23733 diff changeset	444	\isa{even}. That is the gist of the \isa{cases} rule, which Isabelle proves
ca73e86c22bb updated berghofe parents: 23733 diff changeset	445	for us when it accepts an inductive definition:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	446	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	447	{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}a\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ a\ {\isaliteral{3D}{\isacharequal}}\ {\isadigit{0}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P{\isaliteral{3B}{\isacharsemicolon}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	448	\isaindent{\ }{\isaliteral{5C3C416E643E}{\isasymAnd}}n{\isaliteral{2E}{\isachardot}}\ {\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}a\ {\isaliteral{3D}{\isacharequal}}\ Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}{\isaliteral{3B}{\isacharsemicolon}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\isanewline
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	449	{\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P\rulename{even{\isaliteral{2E}{\isachardot}}cases}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	450	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	451	This general rule is less useful than instances of it for
ca73e86c22bb updated berghofe parents: 23733 diff changeset	452	specific patterns. For example, if \isa{a} has the form
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	453	\isa{Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}} then the first case becomes irrelevant, while the second
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	454	case tells us that \isa{n} belongs to \isa{even}. Isabelle will generate
ca73e86c22bb updated berghofe parents: 23733 diff changeset	455	this instance for us:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	456	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	457	\isamarkuptrue%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	458	\isacommand{inductive{\isaliteral{5F}{\isacharunderscore}}cases}\isamarkupfalse%
313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	459	\ Suc{\isaliteral{5F}{\isacharunderscore}}Suc{\isaliteral{5F}{\isacharunderscore}}cases\ {\isaliteral{5B}{\isacharbrackleft}}elim{\isaliteral{21}{\isacharbang}}{\isaliteral{5D}{\isacharbrackright}}{\isaliteral{3A}{\isacharcolon}}\ {\isaliteral{22}{\isachardoublequoteopen}}Suc{\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	460	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	461	The \commdx{inductive\protect\_cases} command generates an instance of
ca73e86c22bb updated berghofe parents: 23733 diff changeset	462	the \isa{cases} rule for the supplied pattern and gives it the supplied name:
ca73e86c22bb updated berghofe parents: 23733 diff changeset	463	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	464	{\isaliteral{5C3C6C6272616B6B3E}{\isasymlbrakk}}Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{3B}{\isacharsemicolon}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P{\isaliteral{5C3C726272616B6B3E}{\isasymrbrakk}}\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ P\rulename{Suc{\isaliteral{5F}{\isacharunderscore}}Suc{\isaliteral{5F}{\isacharunderscore}}cases}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	465	\end{isabelle}
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	466	Applying this as an elimination rule yields one case where \isa{even{\isaliteral{2E}{\isachardot}}cases}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	467	would yield two. Rule inversion works well when the conclusions of the
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	468	introduction rules involve datatype constructors like \isa{Suc} and \isa{{\isaliteral{23}{\isacharhash}}}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	469	(list ``cons''); freeness reasoning discards all but one or two cases.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	470
ca73e86c22bb updated berghofe parents: 23733 diff changeset	471	In the \isacommand{inductive\_cases} command we supplied an
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	472	attribute, \isa{elim{\isaliteral{21}{\isacharbang}}},
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	473	\index{elim"!@\isa {elim"!} (attribute)}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	474	indicating that this elimination rule can be
ca73e86c22bb updated berghofe parents: 23733 diff changeset	475	applied aggressively. The original
ca73e86c22bb updated berghofe parents: 23733 diff changeset	476	\isa{cases} rule would loop if used in that manner because the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	477	pattern~\isa{a} matches everything.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	478
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	479	The rule \isa{Suc{\isaliteral{5F}{\isacharunderscore}}Suc{\isaliteral{5F}{\isacharunderscore}}cases} is equivalent to the following implication:
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	480	\begin{isabelle}%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	481	Suc\ {\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even\ {\isaliteral{5C3C4C6F6E6772696768746172726F773E}{\isasymLongrightarrow}}\ n\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	482	\end{isabelle}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	483	Just above we devoted some effort to reaching precisely
ca73e86c22bb updated berghofe parents: 23733 diff changeset	484	this result. Yet we could have obtained it by a one-line declaration,
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	485	dispensing with the lemma \isa{even{\isaliteral{5F}{\isacharunderscore}}imp{\isaliteral{5F}{\isacharunderscore}}even{\isaliteral{5F}{\isacharunderscore}}minus{\isaliteral{5F}{\isacharunderscore}}{\isadigit{2}}}.
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	486	This example also justifies the terminology
ca73e86c22bb updated berghofe parents: 23733 diff changeset	487	\textbf{rule inversion}: the new rule inverts the introduction rule
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	488	\isa{even{\isaliteral{2E}{\isachardot}}step}. In general, a rule can be inverted when the set of elements
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	489	it introduces is disjoint from those of the other introduction rules.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	490
ca73e86c22bb updated berghofe parents: 23733 diff changeset	491	For one-off applications of rule inversion, use the \methdx{ind_cases} method.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	492	Here is an example:%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	493	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	494	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	495	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	496	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	497	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	498	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	499	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	500	\isatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	501	\isacommand{apply}\isamarkupfalse%
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	502	\ {\isaliteral{28}{\isacharparenleft}}ind{\isaliteral{5F}{\isacharunderscore}}cases\ {\isaliteral{22}{\isachardoublequoteopen}}Suc{\isaliteral{28}{\isacharparenleft}}Suc\ n{\isaliteral{29}{\isacharparenright}}\ {\isaliteral{5C3C696E3E}{\isasymin}}\ even{\isaliteral{22}{\isachardoublequoteclose}}{\isaliteral{29}{\isacharparenright}}%
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	503	\endisatagproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	504	{\isafoldproof}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	505	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	506	\isadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	507	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	508	\endisadelimproof
ca73e86c22bb updated berghofe parents: 23733 diff changeset	509	%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	510	\begin{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	511	The specified instance of the \isa{cases} rule is generated, then applied
ca73e86c22bb updated berghofe parents: 23733 diff changeset	512	as an elimination rule.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	513
ca73e86c22bb updated berghofe parents: 23733 diff changeset	514	To summarize, every inductive definition produces a \isa{cases} rule. The
ca73e86c22bb updated berghofe parents: 23733 diff changeset	515	\commdx{inductive\protect\_cases} command stores an instance of the
ca73e86c22bb updated berghofe parents: 23733 diff changeset	516	\isa{cases} rule for a given pattern. Within a proof, the
40406 313a24b66a8d updated generated files; wenzelm parents: 25330 diff changeset	517	\isa{ind{\isaliteral{5F}{\isacharunderscore}}cases} method applies an instance of the \isa{cases}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	518	rule.
ca73e86c22bb updated berghofe parents: 23733 diff changeset	519
ca73e86c22bb updated berghofe parents: 23733 diff changeset	520	The even numbers example has shown how inductive definitions can be
ca73e86c22bb updated berghofe parents: 23733 diff changeset	521	used. Later examples will show that they are actually worth using.%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	522	\index{rule inversion\|)}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	523	\index{even numbers!defining inductively\|)}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	524	\end{isamarkuptext}%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	525	\isamarkuptrue%
ca73e86c22bb updated berghofe parents: 23733 diff changeset	526	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	527	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	528	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	529	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	530	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	531	\isatagtheory
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	532	%
17056 05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	533	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	534	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	535	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	536	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	537	%
05fc32a23b8b updated; wenzelm parents: 16523 diff changeset	538	\endisadelimtheory
10365 a17cf465d29a auto generated paulson parents: diff changeset	539	\end{isabellebody}%
a17cf465d29a auto generated paulson parents: diff changeset	540	%%% Local Variables:
a17cf465d29a auto generated paulson parents: diff changeset	541	%%% mode: latex
a17cf465d29a auto generated paulson parents: diff changeset	542	%%% TeX-master: "root"
a17cf465d29a auto generated paulson parents: diff changeset	543	%%% End:

author	blanchet
	Tue, 14 Aug 2012 12:54:26 +0200
changeset 48797	e65385336531
parent 48519	5deda0549f97
permissions	-rw-r--r--