807 |
807 |
808 inductive ev :: "nat \<Rightarrow> bool" where |
808 inductive ev :: "nat \<Rightarrow> bool" where |
809 ev0: "ev 0" | |
809 ev0: "ev 0" | |
810 evSS: "ev n \<Longrightarrow> ev(Suc(Suc n))" |
810 evSS: "ev n \<Longrightarrow> ev(Suc(Suc n))" |
811 |
811 |
812 fun even :: "nat \<Rightarrow> bool" where |
812 fun evn :: "nat \<Rightarrow> bool" where |
813 "even 0 = True" | |
813 "evn 0 = True" | |
814 "even (Suc 0) = False" | |
814 "evn (Suc 0) = False" | |
815 "even (Suc(Suc n)) = even n" |
815 "evn (Suc(Suc n)) = evn n" |
816 |
816 |
817 text{* We recast the proof of @{prop"ev n \<Longrightarrow> even n"} in Isar. The |
817 text{* We recast the proof of @{prop"ev n \<Longrightarrow> evn n"} in Isar. The |
818 left column shows the actual proof text, the right column shows |
818 left column shows the actual proof text, the right column shows |
819 the implicit effect of the two \isacom{case} commands:*}text_raw{* |
819 the implicit effect of the two \isacom{case} commands:*}text_raw{* |
820 \begin{tabular}{@ {}l@ {\qquad}l@ {}} |
820 \begin{tabular}{@ {}l@ {\qquad}l@ {}} |
821 \begin{minipage}[t]{.5\textwidth} |
821 \begin{minipage}[t]{.5\textwidth} |
822 \isa{% |
822 \isa{% |
823 *} |
823 *} |
824 |
824 |
825 lemma "ev n \<Longrightarrow> even n" |
825 lemma "ev n \<Longrightarrow> evn n" |
826 proof(induction rule: ev.induct) |
826 proof(induction rule: ev.induct) |
827 case ev0 |
827 case ev0 |
828 show ?case by simp |
828 show ?case by simp |
829 next |
829 next |
830 case evSS |
830 case evSS |
838 \end{minipage} |
838 \end{minipage} |
839 & |
839 & |
840 \begin{minipage}[t]{.5\textwidth} |
840 \begin{minipage}[t]{.5\textwidth} |
841 ~\\ |
841 ~\\ |
842 ~\\ |
842 ~\\ |
843 \isacom{let} @{text"?case = \"even 0\""}\\ |
843 \isacom{let} @{text"?case = \"evn 0\""}\\ |
844 ~\\ |
844 ~\\ |
845 ~\\ |
845 ~\\ |
846 \isacom{fix} @{text n}\\ |
846 \isacom{fix} @{text n}\\ |
847 \isacom{assume} @{text"evSS:"} |
847 \isacom{assume} @{text"evSS:"} |
848 \begin{tabular}[t]{l} @{text"\"ev n\""}\\@{text"\"even n\""}\end{tabular}\\ |
848 \begin{tabular}[t]{l} @{text"\"ev n\""}\\@{text"\"evn n\""}\end{tabular}\\ |
849 \isacom{let} @{text"?case = \"even(Suc(Suc n))\""}\\ |
849 \isacom{let} @{text"?case = \"evn(Suc(Suc n))\""}\\ |
850 \end{minipage} |
850 \end{minipage} |
851 \end{tabular} |
851 \end{tabular} |
852 \medskip |
852 \medskip |
853 *} |
853 *} |
854 text{* |
854 text{* |
855 The proof resembles structural induction, but the induction rule is given |
855 The proof resembles structural induction, but the induction rule is given |
856 explicitly and the names of the cases are the names of the rules in the |
856 explicitly and the names of the cases are the names of the rules in the |
857 inductive definition. |
857 inductive definition. |
858 Let us examine the two assumptions named @{thm[source]evSS}: |
858 Let us examine the two assumptions named @{thm[source]evSS}: |
859 @{prop "ev n"} is the premise of rule @{thm[source]evSS}, which we may assume |
859 @{prop "ev n"} is the premise of rule @{thm[source]evSS}, which we may assume |
860 because we are in the case where that rule was used; @{prop"even n"} |
860 because we are in the case where that rule was used; @{prop"evn n"} |
861 is the induction hypothesis. |
861 is the induction hypothesis. |
862 \begin{warn} |
862 \begin{warn} |
863 Because each \isacom{case} command introduces a list of assumptions |
863 Because each \isacom{case} command introduces a list of assumptions |
864 named like the case name, which is the name of a rule of the inductive |
864 named like the case name, which is the name of a rule of the inductive |
865 definition, those rules now need to be accessed with a qualified name, here |
865 definition, those rules now need to be accessed with a qualified name, here |
879 case @{thm[source] evSS} is derived from a renamed version of |
879 case @{thm[source] evSS} is derived from a renamed version of |
880 rule @{thm[source] evSS}: @{text"ev m \<Longrightarrow> ev(Suc(Suc m))"}. |
880 rule @{thm[source] evSS}: @{text"ev m \<Longrightarrow> ev(Suc(Suc m))"}. |
881 Here is an example with a (contrived) intermediate step that refers to @{text m}: |
881 Here is an example with a (contrived) intermediate step that refers to @{text m}: |
882 *} |
882 *} |
883 |
883 |
884 lemma "ev n \<Longrightarrow> even n" |
884 lemma "ev n \<Longrightarrow> evn n" |
885 proof(induction rule: ev.induct) |
885 proof(induction rule: ev.induct) |
886 case ev0 show ?case by simp |
886 case ev0 show ?case by simp |
887 next |
887 next |
888 case (evSS m) |
888 case (evSS m) |
889 have "even(Suc(Suc m)) = even m" by simp |
889 have "evn(Suc(Suc m)) = evn m" by simp |
890 thus ?case using `even m` by blast |
890 thus ?case using `evn m` by blast |
891 qed |
891 qed |
892 |
892 |
893 text{* |
893 text{* |
894 \indent |
894 \indent |
895 In general, let @{text I} be a (for simplicity unary) inductively defined |
895 In general, let @{text I} be a (for simplicity unary) inductively defined |