isabelle: doc-src/IsarRef/hol.tex@fd242f857508 (annotated)

7046 9f755ff43cff skeleton only; wenzelm parents: diff changeset	1
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	2	\chapter{Isabelle/HOL Tools and Packages}\label{ch:hol-tools}
7135 8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	3
10240 9ac0fe356ea7 tuned; wenzelm parents: 9949 diff changeset	4	\section{Miscellaneous attributes}\label{sec:rule-format}
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	5
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	6	\indexisaratt{rule-format}\indexisaratt{split-format}
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	7	\begin{matharray}{rcl}
9941 fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	8	rule_format & : & \isaratt \\
11051 00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	9	split_format^* & : & \isaratt \\
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	10	\end{matharray}
0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	11
9941 fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	12	\railalias{ruleformat}{rule\_format}
fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	13	\railterm{ruleformat}
fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	14
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	15	\railalias{splitformat}{split\_format}
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	16	\railterm{splitformat}
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	17	\railterm{complete}
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	18
9905 14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	19	\begin{rail}
9941 fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	20	ruleformat ('(' noasm ')')?
9905 14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	21	;
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	22	splitformat (((name * ) + 'and') \| ('(' complete ')'))
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	23	;
9905 14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	24	\end{rail}
14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	25
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	26	\begin{descr}
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	27
9941 fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	28	\item [$rule_format$] causes a theorem to be put into standard object-rule
fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	29	form, replacing implication and (bounded) universal quantification of HOL by
fe05af7ec816 renamed atts: rulify to rule_format, elimify to elim_format; wenzelm parents: 9935 diff changeset	30	the corresponding meta-logical connectives. By default, the result is fully
9905 14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	31	normalized, including assumptions and conclusions at any depth. The
14a71104a498 improved att names; wenzelm parents: 9848 diff changeset	32	$no_asm$ option restricts the transformation to the conclusion of a rule.
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	33
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	34	\item [$split_format~\vec p@1 \dots \vec p@n$] puts tuple objects into
55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	35	canonical form as specified by the arguments given; $\vec p@i$ refers to
11051 00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	36	occurrences in premise $i$ of the rule. The $split_format~(complete)$ form
00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	37	causes \emph{all} arguments in function applications to be represented
00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	38	canonically according to their tuple type structure.
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	39
11051 00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	40	Note that these operations tend to invent funny names for new local
00b70f3196c2 updated split_format; wenzelm parents: 11039 diff changeset	41	parameters to be introduced.
11039 55de839f4850 'split_format' attribute; wenzelm parents: 10802 diff changeset	42
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	43	\end{descr}
0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	44
0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	45
7135 8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	46	\section{Primitive types}
8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	47
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	48	\indexisarcmd{typedecl}\indexisarcmd{typedef}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	49	\begin{matharray}{rcl}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	50	\isarcmd{typedecl} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	51	\isarcmd{typedef} & : & \isartrans{theory}{proof(prove)} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	52	\end{matharray}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	53
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	54	\begin{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	55	'typedecl' typespec infix? comment?
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	56	;
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	57	'typedef' parname? typespec infix? \\ '=' term comment?
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	58	;
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	59	\end{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	60
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	61	\begin{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	62	\item [$\isarkeyword{typedecl}~(\vec\alpha)t$] is similar to the original
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	63	$\isarkeyword{typedecl}$ of Isabelle/Pure (see \S\ref{sec:types-pure}), but
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	64	also declares type arity $t :: (term, \dots, term) term$, making $t$ an
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	65	actual HOL type constructor.
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	66	\item [$\isarkeyword{typedef}~(\vec\alpha)t = A$] sets up a goal stating
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	67	non-emptiness of the set $A$. After finishing the proof, the theory will be
7175 8263d0b50e12 tuned; wenzelm parents: 7167 diff changeset	68	augmented by a Gordon/HOL-style type definition. See \cite{isabelle-HOL}
7335 abba35b98892 draft release; wenzelm parents: 7319 diff changeset	69	for more information. Note that user-level theories usually do not directly
abba35b98892 draft release; wenzelm parents: 7319 diff changeset	70	refer to the HOL $\isarkeyword{typedef}$ primitive, but use more advanced
abba35b98892 draft release; wenzelm parents: 7319 diff changeset	71	packages such as $\isarkeyword{record}$ (see \S\ref{sec:record}) and
7175 8263d0b50e12 tuned; wenzelm parents: 7167 diff changeset	72	$\isarkeyword{datatype}$ (see \S\ref{sec:datatype}).
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	73	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	74
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	75
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	76	\section{Records}\label{sec:record}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	77
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	78	\indexisarcmd{record}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	79	\begin{matharray}{rcl}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	80	\isarcmd{record} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	81	\end{matharray}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	82
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	83	\begin{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	84	'record' typespec '=' (type '+')? (field +)
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	85	;
7135 8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	86
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	87	field: name '::' type comment?
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	88	;
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	89	\end{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	90
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	91	\begin{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	92	\item [$\isarkeyword{record}~(\vec\alpha)t = \tau + \vec c :: \vec\sigma$]
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	93	defines extensible record type $(\vec\alpha)t$, derived from the optional
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	94	parent record $\tau$ by adding new field components $\vec c :: \vec\sigma$.
11498 681aa3dfab4b tuned; wenzelm parents: 11051 diff changeset	95	See \cite{isabelle-HOL,NaraschewskiW-TPHOLs98} for more information on
7335 abba35b98892 draft release; wenzelm parents: 7319 diff changeset	96	simply-typed extensible records.
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	97	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	98
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	99
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	100	\section{Datatypes}\label{sec:datatype}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	101
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	102	\indexisarcmd{datatype}\indexisarcmd{rep-datatype}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	103	\begin{matharray}{rcl}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	104	\isarcmd{datatype} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	105	\isarcmd{rep_datatype} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	106	\end{matharray}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	107
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	108	\railalias{repdatatype}{rep\_datatype}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	109	\railterm{repdatatype}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	110
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	111	\begin{rail}
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	112	'datatype' (dtspec + 'and')
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	113	;
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	114	repdatatype (name * ) dtrules
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	115	;
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	116
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	117	dtspec: parname? typespec infix? '=' (cons + '\|')
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	118	;
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	119	cons: name (type * ) mixfix? comment?
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	120	;
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	121	dtrules: 'distinct' thmrefs 'inject' thmrefs 'induction' thmrefs
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	122	\end{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	123
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	124	\begin{descr}
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	125	\item [$\isarkeyword{datatype}$] defines inductive datatypes in HOL.
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	126	\item [$\isarkeyword{rep_datatype}$] represents existing types as inductive
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	127	ones, generating the standard infrastructure of derived concepts (primitive
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	128	recursion etc.).
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	129	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	130
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	131	The induction and exhaustion theorems generated provide case names according
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	132	to the constructors involved, while parameters are named after the types (see
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	133	also \S\ref{sec:induct-method}).
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	134
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	135	See \cite{isabelle-HOL} for more details on datatypes. Note that the theory
7335 abba35b98892 draft release; wenzelm parents: 7319 diff changeset	136	syntax above has been slightly simplified over the old version, usually
8531 54acec31dcac case_tac, induct_tac; wenzelm parents: 8506 diff changeset	137	requiring more quotes and less parentheses. Apart from proper proof methods
54acec31dcac case_tac, induct_tac; wenzelm parents: 8506 diff changeset	138	for case-analysis and induction, there are also emulations of ML tactics
8945 17365afd9502 fixed index; wenzelm parents: 8811 diff changeset	139	\texttt{case_tac} and \texttt{induct_tac} available, see
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	140	\S\ref{sec:induct_tac}.
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	141
7135 8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	142
8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	143	\section{Recursive functions}
8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	144
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	145	\indexisarcmd{primrec}\indexisarcmd{recdef}\indexisarcmd{recdef-tc}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	146	\begin{matharray}{rcl}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	147	\isarcmd{primrec} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	148	\isarcmd{recdef} & : & \isartrans{theory}{theory} \\
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	149	\isarcmd{recdef_tc}^* & : & \isartrans{theory}{proof(prove)} \\
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	150	%FIXME
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	151	% \isarcmd{defer_recdef} & : & \isartrans{theory}{theory} \\
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	152	\end{matharray}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	153
9949 1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	154	\railalias{recdefsimp}{recdef\_simp}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	155	\railterm{recdefsimp}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	156
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	157	\railalias{recdefcong}{recdef\_cong}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	158	\railterm{recdefcong}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	159
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	160	\railalias{recdefwf}{recdef\_wf}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	161	\railterm{recdefwf}
1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	162
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	163	\railalias{recdeftc}{recdef\_tc}
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	164	\railterm{recdeftc}
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	165
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	166	\begin{rail}
8657 b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	167	'primrec' parname? (equation + )
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	168	;
11634 cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	169	'recdef' ('(' 'permissive' ')')? \\ name term (eqn + ) hints?
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	170	;
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	171	recdeftc thmdecl? tc comment?
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	172	;
8657 b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	173
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	174	equation: thmdecl? eqn
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	175	;
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	176	eqn: prop comment?
8657 b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	177	;
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	178	hints: '(' 'hints' (recdefmod * ) ')'
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	179	;
9949 1741a61d4b33 tuned recdef hints; wenzelm parents: 9941 diff changeset	180	recdefmod: ((recdefsimp \| recdefcong \| recdefwf) (() \| 'add' \| 'del') ':' thmrefs) \| clasimpmod
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	181	;
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	182	tc: nameref ('(' nat ')')?
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	183	;
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	184	\end{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	185
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	186	\begin{descr}
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	187	\item [$\isarkeyword{primrec}$] defines primitive recursive functions over
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	188	datatypes, see also \cite{isabelle-HOL}.
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	189	\item [$\isarkeyword{recdef}$] defines general well-founded recursive
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	190	functions (using the TFL package), see also \cite{isabelle-HOL}. The
11634 cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	191	$(permissive)$ option tells TFL to recover from failed proof attempts,
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	192	returning unfinished results. The $recdef_simp$, $recdef_cong$, and
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	193	$recdef_wf$ hints refer to auxiliary rules to be used in the internal
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	194	automated proof process of TFL. Additional $clasimpmod$ declarations (cf.\
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	195	\S\ref{sec:clasimp}) may be given to tune the context of the Simplifier
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	196	(cf.\ \S\ref{sec:simplifier}) and Classical reasoner (cf.\
cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	197	\S\ref{sec:classical}).
10771 662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	198	\item [$\isarkeyword{recdef_tc}~c~(i)$] recommences the proof for leftover
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	199	termination condition number $i$ (default $1$) as generated by a
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	200	$\isarkeyword{recdef}$ definition of constant $c$.
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	201
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	202	Note that in most cases, $\isarkeyword{recdef}$ is able to finish its
662727d4ecac added 'recdef_tc' command; wenzelm parents: 10549 diff changeset	203	internal proofs without manual intervention.
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	204	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	205
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	206	Both kinds of recursive definitions accommodate reasoning by induction (cf.\
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	207	\S\ref{sec:induct-method}): rule $c\mathord{.}induct$ (where $c$ is the name
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	208	of the function definition) refers to a specific induction rule, with
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	209	parameters named according to the user-specified equations. Case names of
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	210	$\isarkeyword{primrec}$ are that of the datatypes involved, while those of
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	211	$\isarkeyword{recdef}$ are numbered (starting from $1$).
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	212
8657 b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	213	The equations provided by these packages may be referred later as theorem list
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	214	$f\mathord.simps$, where $f$ is the (collective) name of the functions
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	215	defined. Individual equations may be named explicitly as well; note that for
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	216	$\isarkeyword{recdef}$ each specification given by the user may result in
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	217	several theorems.
b9475dad85ed recdef: admit names/atts; wenzelm parents: 8547 diff changeset	218
9935 a87965201c34 tuned; wenzelm parents: 9905 diff changeset	219	\medskip Hints for $\isarkeyword{recdef}$ may be also declared globally, using
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	220	the following attributes.
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	221
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	222	\indexisaratt{recdef-simp}\indexisaratt{recdef-cong}\indexisaratt{recdef-wf}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	223	\begin{matharray}{rcl}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	224	recdef_simp & : & \isaratt \\
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	225	recdef_cong & : & \isaratt \\
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	226	recdef_wf & : & \isaratt \\
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	227	\end{matharray}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	228
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	229	\railalias{recdefsimp}{recdef\_simp}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	230	\railterm{recdefsimp}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	231
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	232	\railalias{recdefcong}{recdef\_cong}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	233	\railterm{recdefcong}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	234
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	235	\railalias{recdefwf}{recdef\_wf}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	236	\railterm{recdefwf}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	237
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	238	\begin{rail}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	239	(recdefsimp \| recdefcong \| recdefwf) (() \| 'add' \| 'del')
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	240	;
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	241	\end{rail}
a87965201c34 tuned; wenzelm parents: 9905 diff changeset	242
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	243
10549 5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	244	\section{(Co)Inductive sets}\label{sec:inductive}
7135 8eabfd7e6b9b more; wenzelm parents: 7134 diff changeset	245
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	246	\indexisarcmd{inductive}\indexisarcmd{coinductive}\indexisaratt{mono}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	247	\begin{matharray}{rcl}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	248	\isarcmd{inductive} & : & \isartrans{theory}{theory} \\
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	249	\isarcmd{coinductive} & : & \isartrans{theory}{theory} \\
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	250	mono & : & \isaratt \\
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	251	\end{matharray}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	252
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	253	\railalias{condefs}{con\_defs}
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	254	\railterm{condefs}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	255
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	256	\begin{rail}
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	257	('inductive' \| 'coinductive') sets intros monos?
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	258	;
7990 0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	259	'mono' (() \| 'add' \| 'del')
0a604b2fc2b1 updated; wenzelm parents: 7987 diff changeset	260	;
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	261
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	262	sets: (term comment? +)
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	263	;
11634 cddf6441a14a recdef (permissive); wenzelm parents: 11498 diff changeset	264	intros: 'intros' (thmdecl? prop comment? +)
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	265	;
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	266	monos: 'monos' thmrefs comment?
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	267	;
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	268	\end{rail}
a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	269
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	270	\begin{descr}
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	271	\item [$\isarkeyword{inductive}$ and $\isarkeyword{coinductive}$] define
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	272	(co)inductive sets from the given introduction rules.
8547 93b8685d004b tuned; wenzelm parents: 8531 diff changeset	273	\item [$mono$] declares monotonicity rules. These rule are involved in the
93b8685d004b tuned; wenzelm parents: 8531 diff changeset	274	automated monotonicity proof of $\isarkeyword{inductive}$.
7167 0b2e3ef1d8f4 tuned; wenzelm parents: 7141 diff changeset	275	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	276
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	277	See \cite{isabelle-HOL} for further information on inductive definitions in
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	278	HOL.
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	279
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	280
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	281	\section{Proof by cases and induction}\label{sec:induct-method}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	282
8666 6c21e6f91804 case_tac / induct_tac: optional rule; wenzelm parents: 8665 diff changeset	283	\subsection{Proof methods}\label{sec:induct-method-proper}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	284
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	285	\indexisarmeth{cases}\indexisarmeth{induct}
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	286	\begin{matharray}{rcl}
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	287	cases & : & \isarmeth \\
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	288	induct & : & \isarmeth \\
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	289	\end{matharray}
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	290
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	291	The $cases$ and $induct$ methods provide a uniform interface to case analysis
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	292	and induction over datatypes, inductive sets, and recursive functions. The
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	293	corresponding rules may be specified and instantiated in a casual manner.
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	294	Furthermore, these methods provide named local contexts that may be invoked
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	295	via the $\CASENAME$ proof command within the subsequent proof text (cf.\
8484 70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	296	\S\ref{sec:cases}). This accommodates compact proof texts even when reasoning
70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	297	about large specifications.
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	298
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	299	\begin{rail}
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	300	'cases' ('(' 'simplified' ')')? spec
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	301	;
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	302	'induct' ('(' 'stripped' ')')? spec
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	303	;
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	304
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	305	spec: open? args rule? params?
9848 afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	306	;
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	307	open: '(' 'open' ')'
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	308	;
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	309	args: (insts * 'and')
afc54ca6dc6f recdef hints (attributes and modifiers); wenzelm parents: 9800 diff changeset	310	;
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	311	rule: ('type' \| 'set') ':' nameref \| 'rule' ':' thmref
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	312	;
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	313	params: 'of' ':' insts
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	314	;
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	315	\end{rail}
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	316
3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	317	\begin{descr}
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	318	\item [$cases~insts~R~ps$] applies method $rule$ with an appropriate case
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	319	distinction theorem, instantiated to the subjects $insts$. Symbolic case
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	320	names are bound according to the rule's local contexts.
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	321
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	322	The rule is determined as follows, according to the facts and arguments
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	323	passed to the $cases$ method:
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	324	\begin{matharray}{llll}
9695 ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	325	\Text{facts} & & \Text{arguments} & \Text{rule} \\\hline
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	326	& cases & & \Text{classical case split} \\
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	327	& cases & t & \Text{datatype exhaustion (type of $t$)} \\
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	328	\edrv a \in A & cases & \dots & \Text{inductive set elimination (of $A$)} \\
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	329	\dots & cases & \dots ~ R & \Text{explicit rule $R$} \\
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	330	\end{matharray}
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	331
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	332	Several instantiations may be given, referring to the \emph{suffix} of
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	333	premises of the case rule; within each premise, the \emph{prefix} of
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	334	variables is instantiated. In most situations, only a single term needs to
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	335	be specified; this refers to the first variable of the last premise (it is
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	336	usually the same for all cases).
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	337
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	338	Additional parameters may be specified as $ps$; these are applied after the
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	339	primary instantiation in the same manner as by the $of$ attribute (cf.\
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	340	\S\ref{sec:pure-meth-att}). This feature is rarely needed in practice; a
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	341	typical application would be to specify additional arguments for rules
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	342	stemming from parameterized inductive definitions (see also
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	343	\S\ref{sec:inductive}).
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	344
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	345	The $simplified$ option causes ``obvious cases'' of the rule to be solved
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	346	beforehand, while the others are left unscathed.
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	347
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	348	The $open$ option causes the parameters of the new local contexts to be
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	349	exposed to the current proof context. Thus local variables stemming from
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	350	distant parts of the theory development may be introduced in an implicit
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	351	manner, which can be quite confusing to the reader. Furthermore, this
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	352	option may cause unwanted hiding of existing local variables, resulting in
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	353	less robust proof texts.
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	354
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	355	\item [$induct~insts~R~ps$] is analogous to the $cases$ method, but refers to
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	356	induction rules, which are determined as follows:
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	357	\begin{matharray}{llll}
9695 ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	358	\Text{facts} & & \Text{arguments} & \Text{rule} \\\hline
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	359	& induct & P ~ x ~ \dots & \Text{datatype induction (type of $x$)} \\
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	360	\edrv x \in A & induct & \dots & \Text{set induction (of $A$)} \\
ec7d7f877712 proper setup of iman.sty/extra.sty/ttbox.sty; wenzelm parents: 9642 diff changeset	361	\dots & induct & \dots ~ R & \Text{explicit rule $R$} \\
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	362	\end{matharray}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	363
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	364	Several instantiations may be given, each referring to some part of a mutual
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	365	inductive definition or datatype --- only related partial induction rules
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	366	may be used together, though. Any of the lists of terms $P, x, \dots$
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	367	refers to the \emph{suffix} of variables present in the induction rule.
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	368	This enables the writer to specify only induction variables, or both
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	369	predicates and variables, for example.
7507 e70255cb1035 induct method: rule option; wenzelm parents: 7466 diff changeset	370
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	371	Additional parameters may be given in the same way as for $cases$.
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	372
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	373	The $stripped$ option causes implications and (bounded) universal
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	374	quantifiers to be removed from each new subgoal emerging from the
10456 166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	375	application of the induction rule. This accommodates special applications
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	376	of ``strengthened induction predicates''. This option is rarely needed, the
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	377	$induct$ method already handles proper rules appropriately by default.
9307 5613e184b8b3 method cases/induct: (opaque) option; wenzelm parents: 8980 diff changeset	378
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	379	The $open$ option has the same effect as for the $cases$ method, see above.
7319 3907d597cae6 tuned; wenzelm parents: 7175 diff changeset	380	\end{descr}
7141 a67dde8820c0 even more stuff; wenzelm parents: 7135 diff changeset	381
8484 70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	382	Above methods produce named local contexts (cf.\ \S\ref{sec:cases}), as
70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	383	determined by the instantiated rule \emph{before} it has been applied to the
70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	384	internal proof state.\footnote{As a general principle, Isar proof text may
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	385	never refer to parts of proof states directly.} Thus proper use of symbolic
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	386	cases usually require the rule to be instantiated fully, as far as the
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	387	emerging local contexts and subgoals are concerned. In particular, for
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	388	induction both the predicates and variables have to be specified. Otherwise
8547 93b8685d004b tuned; wenzelm parents: 8531 diff changeset	389	the $\CASENAME$ command would refuse to invoke cases containing schematic
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	390	variables. Furthermore the resulting local goal statement is bound to the
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	391	term variable $\Var{case}$\indexisarvar{case} --- for each case where it is
7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	392	fully specified.
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	393
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	394	The $\isarkeyword{print_cases}$ command (\S\ref{sec:cases}) prints all named
8547 93b8685d004b tuned; wenzelm parents: 8531 diff changeset	395	cases present in the current proof state.
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	396
10456 166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	397	\medskip
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	398
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	399	It is important to note that there is a fundamental difference of the $cases$
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	400	and $induct$ methods in handling of non-atomic goal statements: $cases$ just
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	401	applies a certain rule in backward fashion, splitting the result into new
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	402	goals with the local contexts being augmented in a purely monotonic manner.
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	403
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	404	In contrast, $induct$ passes the full goal statement through the ``recursive''
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	405	course involved in the induction. Thus the original statement is basically
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	406	replaced by separate copies, corresponding to the induction hypotheses and
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	407	conclusion; the original goal context is no longer available. This behavior
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	408	allows \emph{strengthened induction predicates} to be expressed concisely as
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	409	meta-level rule statements, i.e.\ $\All{\vec x} \vec\phi \Imp \psi$ to
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	410	indicate ``variable'' parameters $\vec x$ and ``recursive'' assumptions
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	411	$\vec\phi$. Also note that local definitions may be expressed as $\All{\vec
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	412	x} n \equiv t[\vec x] \Imp \phi[n]$, with induction over $n$.
166fc12ce153 "induct" method: handle proper rules; wenzelm parents: 10240 diff changeset	413
10549 5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	414	\medskip
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	415
10549 5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	416	Facts presented to either method are consumed according to the number of
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	417	``major premises'' of the rule involved (see also \S\ref{sec:induct-att} and
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	418	\S\ref{sec:cases}), which is usually $0$ for plain cases and induction rules
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	419	of datatypes etc.\ and $1$ for rules of inductive sets and the like. The
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	420	remaining facts are inserted into the goal verbatim before the actual $cases$
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	421	or $induct$ rule is applied (thus facts may be even passed through an
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	422	induction).
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	423
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	424	Note that whenever facts are present, the default rule selection scheme would
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	425	provide a ``set'' rule only, with the first fact consumed and the rest
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	426	inserted into the goal. In order to pass all facts into a ``type'' rule
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	427	instead, one would have to specify this explicitly, e.g.\ by appending
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	428	``$type: name$'' to the method argument.
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	429
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	430
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	431	\subsection{Declaring rules}\label{sec:induct-att}
8449 f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	432
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	433	\indexisaratt{cases}\indexisaratt{induct}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	434	\begin{matharray}{rcl}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	435	cases & : & \isaratt \\
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	436	induct & : & \isaratt \\
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	437	\end{matharray}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	438
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	439	\begin{rail}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	440	'cases' spec
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	441	;
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	442	'induct' spec
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	443	;
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	444
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	445	spec: ('type' \| 'set') ':' nameref
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	446	;
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	447	\end{rail}
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	448
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	449	The $cases$ and $induct$ attributes augment the corresponding context of rules
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	450	for reasoning about inductive sets and types. The standard rules are already
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	451	declared by HOL definitional packages. For special applications, these may be
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	452	replaced manually by variant versions.
f8ff23736465 'cases' and 'induct' methods; wenzelm parents: 7990 diff changeset	453
10802 7fa042e28c43 'cases' / 'induct' method: ?case binding, 'of:' spec; wenzelm parents: 10771 diff changeset	454	Refer to the $case_names$ and $ps$ attributes (see \S\ref{sec:cases}) to
8484 70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	455	adjust names of cases and parameters of a rule.
70fd0b59b0e1 tuned; wenzelm parents: 8449 diff changeset	456
10549 5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	457	The $consumes$ declaration (cf.\ \S\ref{sec:cases}) is taken care of
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	458	automatically (if none had been given already): $consumes~0$ is specified for
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	459	``type'' rules and $consumes~1$ for ``set'' rules.
5e19ae8d9582 cases/induct: tuned handling of facts ('consumes'); wenzelm parents: 10456 diff changeset	460
7046 9f755ff43cff skeleton only; wenzelm parents: diff changeset	461
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	462	\subsection{Emulating tactic scripts}\label{sec:induct_tac}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	463
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	464	\indexisarmeth{case-tac}\indexisarmeth{induct-tac}
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	465	\indexisarmeth{ind-cases}\indexisarcmd{inductive-cases}
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	466	\begin{matharray}{rcl}
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	467	case_tac^* & : & \isarmeth \\
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	468	induct_tac^* & : & \isarmeth \\
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	469	ind_cases^* & : & \isarmeth \\
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	470	\isarcmd{inductive_cases} & : & \isartrans{theory}{theory} \\
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	471	\end{matharray}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	472
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	473	\railalias{casetac}{case\_tac}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	474	\railterm{casetac}
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	475
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	476	\railalias{inducttac}{induct\_tac}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	477	\railterm{inducttac}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	478
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	479	\railalias{indcases}{ind\_cases}
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	480	\railterm{indcases}
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	481
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	482	\railalias{inductivecases}{inductive\_cases}
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	483	\railterm{inductivecases}
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	484
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	485	\begin{rail}
8666 6c21e6f91804 case_tac / induct_tac: optional rule; wenzelm parents: 8665 diff changeset	486	casetac goalspec? term rule?
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	487	;
8692 ef6badee7dd6 improved 'induct(_tac)' syntax; wenzelm parents: 8666 diff changeset	488	inducttac goalspec? (insts * 'and') rule?
8666 6c21e6f91804 case_tac / induct_tac: optional rule; wenzelm parents: 8665 diff changeset	489	;
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	490	indcases (prop +)
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	491	;
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	492	inductivecases thmdecl? (prop +) comment?
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	493	;
8666 6c21e6f91804 case_tac / induct_tac: optional rule; wenzelm parents: 8665 diff changeset	494
6c21e6f91804 case_tac / induct_tac: optional rule; wenzelm parents: 8665 diff changeset	495	rule: ('rule' ':' thmref)
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	496	;
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	497	\end{rail}
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	498
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	499	\begin{descr}
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	500	\item [$case_tac$ and $induct_tac$] admit to reason about inductive datatypes
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	501	only (unless an alternative rule is given explicitly). Furthermore,
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	502	$case_tac$ does a classical case split on booleans; $induct_tac$ allows only
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	503	variables to be given as instantiation. These tactic emulations feature
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	504	both goal addressing and dynamic instantiation. Note that named local
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	505	contexts (see \S\ref{sec:cases}) are \emph{not} provided as would be by the
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	506	proper $induct$ and $cases$ proof methods (see
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	507	\S\ref{sec:induct-method-proper}).
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	508
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	509	\item [$ind_cases$ and $\isarkeyword{inductive_cases}$] provide an interface
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	510	to the \texttt{mk_cases} operation. Rules are simplified in an unrestricted
b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	511	forward manner, unlike the proper $cases$ method (see
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	512	\S\ref{sec:induct-method-proper}) which requires simplified cases to be
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	513	solved completely.
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	514
9616 b80ea2b32f8e cases/induct method: 'opaque' by default; added 'open' option; wenzelm parents: 9602 diff changeset	515	While $ind_cases$ is a proof method to apply the result immediately as
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	516	elimination rules, $\isarkeyword{inductive_cases}$ provides case split
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	517	theorems at the theory level for later use,
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	518	\end{descr}
8665 403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	519
403c2985e65e case_tac, induct_tac; wenzelm parents: 8657 diff changeset	520
7390 f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	521	\section{Arithmetic}
f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	522
9642 d8d1f70024bd fixed indexing; wenzelm parents: 9616 diff changeset	523	\indexisarmeth{arith}\indexisaratt{arith-split}
7390 f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	524	\begin{matharray}{rcl}
f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	525	arith & : & \isarmeth \\
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	526	arith_split & : & \isaratt \\
7390 f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	527	\end{matharray}
f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	528
8506 e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	529	\begin{rail}
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	530	'arith' '!'?
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	531	;
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	532	\end{rail}
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	533
7390 f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	534	The $arith$ method decides linear arithmetic problems (on types $nat$, $int$,
8506 e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	535	$real$). Any current facts are inserted into the goal before running the
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	536	procedure. The ``!''~argument causes the full context of assumptions to be
9602 900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	537	included. The $arith_split$ attribute declares case split rules to be
900df8e67fcf renamed 'intrs' to 'intros'; wenzelm parents: 9307 diff changeset	538	expanded before the arithmetic procedure is invoked.
8506 e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	539
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	540	Note that a simpler (but faster) version of arithmetic reasoning is already
e2204e3df61b arith: "!" arg; wenzelm parents: 8484 diff changeset	541	performed by the Simplifier.
7390 f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	542
f819265e267c 'arith' method; wenzelm parents: 7335 diff changeset	543
7046 9f755ff43cff skeleton only; wenzelm parents: diff changeset	544	%%% Local Variables:
9f755ff43cff skeleton only; wenzelm parents: diff changeset	545	%%% mode: latex
9f755ff43cff skeleton only; wenzelm parents: diff changeset	546	%%% TeX-master: "isar-ref"
9f755ff43cff skeleton only; wenzelm parents: diff changeset	547	%%% End:

author	wenzelm
	Fri, 28 Sep 2001 20:08:05 +0200
changeset 11635	fd242f857508
parent 11634	cddf6441a14a
child 11662	744399c9dd6a
permissions	-rw-r--r--