(* Title: HOL/Induct/Common_Patterns.thy 
Author: Makarius 

*) 

5 
header {* Common patterns of induction *} 

7 
theory Common_Patterns 

imports Main 

begin 

11 
text {* 

The subsequent Isar proof schemes illustrate common proof patterns 

supported by the generic @{text "induct"} method. 

15 
To demonstrate variations on statement (goal) structure we refer to 

the induction rule of Peano natural numbers: @{thm nat.induct 

[no_vars]}, which is the simplest case of datatype induction. We 

shall also see more complex (mutual) datatype inductions involving 

several rules. Working with inductive predicates is similar, but 

involves explicit facts about membership, instead of implicit 

syntactic typing. 

*} 

25 
subsection {* Variations on statement structure *} 

27 
subsubsection {* Local facts and parameters *} 

29 
text {* 

Augmenting a problem by additional facts and locally fixed variables 

is a breadandbutter method in many applications. This is where 

unwieldy objectlevel @{text "\<forall>"} and @{text "\<longrightarrow>"} used to occur in 

the past. The @{text "induct"} method works with primary means of 

the proof language instead. 

*} 

37 
lemma 

fixes n :: nat 

and x :: 'a 

assumes "A n x" 

shows "P n x" using `A n x` 

proof (induct n arbitrary: x) 

case 0 

note prem = `A 0 x` 

show "P 0 x" sorry 

next 

case (Suc n) 

note hyp = `\<And>x. A n x \<Longrightarrow> P n x` 

and prem = `A (Suc n) x` 

show "P (Suc n) x" sorry 

qed 

54 
subsubsection {* Local definitions *} 

56 
text {* 

Here the idea is to turn subexpressions of the problem into a 

defined induction variable. This is often accompanied with fixing 

of auxiliary parameters in the original expression, otherwise the 

induction step would refer invariably to particular entities. This 

combination essentially expresses a partially abstracted 

representation of inductive expressions. 

*} 

65 
lemma 

fixes a :: "'a \<Rightarrow> nat" 

assumes "A (a x)" 

shows "P (a x)" using `A (a x)` 

proof (induct n \<equiv> "a x" arbitrary: x) 

case 0 

note prem = `A (a x)` 

and defn = `0 = a x` 

show "P (a x)" sorry 

next 

case (Suc n) 

note hyp = `\<And>x. n = a x \<Longrightarrow> A (a x) \<Longrightarrow> P (a x)` 
and prem = `A (a x)` 
and defn = `Suc n = a x` 

show "P (a x)" sorry 

qed 

text {* 

83 
84 
85 
86 
*} 

88 

subsubsection {* Simple simultaneous goals *} 

91 
text {* 

The most basic simultaneous induction operates on several goals 

onebyone, where each case refers to induction hypotheses that are 

duplicated according to the number of conclusions. 

*} 

97 
98 
99 
shows "P n" and "Q n" 

proof (induct n) 

case 0 case 1 

show "P 0" sorry 

next 

case 0 case 2 

show "Q 0" sorry 

106 
107 
108 
109 
110 
next 

111 
case (Suc n) case 2 

112 
note hyps = `P n` `Q n` 

113 
show "Q (Suc n)" sorry 

114 
qed 

116 
text {* 

The split into subcases may be deferred as follows  this is 

particularly relevant for goal statements with local premises. 

*} 

121 
lemma 

fixes n :: nat 

shows "A n \<Longrightarrow> P n" 

and "B n \<Longrightarrow> Q n" 

proof (induct n) 

case 0 

{ 

case 1 

note `A 0` 

show "P 0" sorry 

next 

case 2 

note `B 0` 

show "Q 0" sorry 

} 

next 

case (Suc n) 

note `A n \<Longrightarrow> P n` 

and `B n \<Longrightarrow> Q n` 

{ 

case 1 

note `A (Suc n)` 

show "P (Suc n)" sorry 

next 

case 2 

note `B (Suc n)` 

show "Q (Suc n)" sorry 

} 

qed 

150 

152 
153 

text {* 

The following pattern illustrates the slightly more complex 

situation of simultaneous goals with individual local assumptions. 

In compound simultaneous statements like this, local assumptions 

need to be included into each goal, using @{text "\<Longrightarrow>"} of the Pure 

framework. In contrast, local parameters do not require separate 

@{text "\<And>"} prefixes here, but may be moved into the common context 

of the whole statement. 

*} 

164 
lemma 

fixes n :: nat 

and x :: 'a 

and y :: 'b 

shows "A n x \<Longrightarrow> P n x" 

and "B n y \<Longrightarrow> Q n y" 

proof (induct n arbitrary: x y) 

case 0 

{ 

case 1 

note prem = `A 0 x` 

show "P 0 x" sorry 

} 

{ 

case 2 

note prem = `B 0 y` 

show "Q 0 y" sorry 

} 

next 

case (Suc n) 

note hyps = `\<And>x. A n x \<Longrightarrow> P n x` `\<And>y. B n y \<Longrightarrow> Q n y` 

then have some_intermediate_result sorry 

{ 

case 1 

note prem = `A (Suc n) x` 

show "P (Suc n) x" sorry 

} 

{ 

case 2 

note prem = `B (Suc n) y` 

show "Q (Suc n) y" sorry 

} 

qed 

198 
199 
200 
201 
202 
203 
each conclusion separately. 

*} 

206 

subsection {* Multiple rules *} 

209 
210 
211 
212 
213 
214 
216 
The goal statement essentially follows the same arrangement, 

217 
although it might be subdivided into simultaneous subproblems as 

218 
before! 

219 
*} 

220 

221 
datatype foo = Foo1 nat  Foo2 bar 

222 
and bar = Bar1 bool  Bar2 bazar 

223 
and bazar = Bazar foo 

225 
text {* 

226 
The pack of induction rules for this datatype is: @{thm [display] 

227 
foo_bar_bazar.inducts [no_vars]} 

229 
This corresponds to the following basic proof pattern: 

230 
*} 

232 
lemma 

fixes foo :: foo 

and bar :: bar 

and bazar :: bazar 

shows "P foo" 

and "Q bar" 

and "R bazar" 

proof (induct foo and bar and bazar) 

case (Foo1 n) 

show "P (Foo1 n)" sorry 

next 

case (Foo2 bar) 

note `Q bar` 

show "P (Foo2 bar)" sorry 

next 

case (Bar1 b) 

show "Q (Bar1 b)" sorry 

next 

case (Bar2 bazar) 

note `R bazar` 

show "Q (Bar2 bazar)" sorry 

next 

case (Bazar foo) 

note `P foo` 

show "R (Bazar foo)" sorry 

qed 

text {* 

260 
261 
262 
*} 

264 
lemma 

fixes x :: 'a and y :: 'b and z :: 'c 

and foo :: foo 

and bar :: bar 

and bazar :: bazar 

shows 

"A x foo \<Longrightarrow> P x foo" 

and 

"B1 y bar \<Longrightarrow> Q1 y bar" 

"B2 y bar \<Longrightarrow> Q2 y bar" 

and 

"C1 z bazar \<Longrightarrow> R1 z bazar" 

"C2 z bazar \<Longrightarrow> R2 z bazar" 

"C3 z bazar \<Longrightarrow> R3 z bazar" 

proof (induct foo and bar and bazar arbitrary: x and y and z) 

oops 

282 
subsection {* Inductive predicates *} 

284 
text {* 

285 
286 
287 
*} 

289 
inductive Even :: "nat \<Rightarrow> bool" where 

zero: "Even 0" 

 double: "Even n \<Longrightarrow> Even (2 * n)" 

293 
lemma 

assumes "Even n" 

shows "P n" 

using assms 

proof induct 

case zero 

show "P 0" sorry 

next 

case (double n) 

note `Even n` and `P n` 

show "P (2 * n)" sorry 

qed 

306 
text {* 

307 
308 
309 
*} 

311 
lemma "Even n \<Longrightarrow> P n" 

proof (induct rule: Even.induct) 

oops 

315 
text {* 

316 
317 
*} 

319 
lemma 

320 
321 
322 
323 
324 
325 
326 
327 
328 
329 
330 
331 
332 
333 
334 
335 
336 
337 
338 
339 
340 
341 
342 
344 
text {* 

345 
346 
347 
348 
*} 

350 
inductive Evn :: "nat \<Rightarrow> bool" and Odd :: "nat \<Rightarrow> bool" 

where 

zero: "Evn 0" 

 succ_Evn: "Evn n \<Longrightarrow> Odd (Suc n)" 

 succ_Odd: "Odd n \<Longrightarrow> Evn (Suc n)" 

lemma 
"Evn n \<Longrightarrow> P1 n" 

"Evn n \<Longrightarrow> P2 n" 

"Evn n \<Longrightarrow> P3 n" 

and 

"Odd n \<Longrightarrow> Q1 n" 

"Odd n \<Longrightarrow> Q2 n" 

proof (induct rule: Evn_Odd.inducts) 
case zero 

{ case 1 show "P1 0" sorry } 
{ case 2 show "P2 0" sorry } 

{ case 3 show "P3 0" sorry } 

next 
case (succ_Evn n) 

note `Evn n` and `P1 n` `P2 n` `P3 n` 
{ case 1 show "Q1 (Suc n)" sorry } 

{ case 2 show "Q2 (Suc n)" sorry } 

next 
case (succ_Odd n) 

note `Odd n` and `Q1 n` `Q2 n` 
{ case 1 show "P1 (Suc n)" sorry } 

{ case 2 show "P2 (Suc n)" sorry } 

{ case 3 show "P3 (Suc n)" sorry } 

qed 
text {* 
Cases and hypotheses in each case can be named explicitly. 
*} 
inductive star :: "('a \<Rightarrow> 'a \<Rightarrow> bool) \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> bool" for r 
where 
refl: "star r x x" 
 step: "r x y \<Longrightarrow> star r y z \<Longrightarrow> star r x z" 
text{* Underscores are replaced by the default name hyps: *} 
lemmas star_induct = star.induct[case_names base step[r _ IH]] 
lemma "star r x y \<Longrightarrow> star r y z \<Longrightarrow> star r x z" 
proof(induct rule: star_induct) 
print_cases 
case base thus ?case . 
next 
case (step a b c) 
from step.prems have "star r b z" by(rule step.IH) 
from step.r this show ?case by(rule star.step) 
qed 
end 