1 % |
1 % |
2 \begin{isabellebody}% |
2 \begin{isabellebody}% |
3 \def\isabellecontext{ToyList}% |
3 \def\isabellecontext{ToyList}% |
4 \isacommand{theory}\ ToyList\ {\isacharequal}\ PreList{\isacharcolon}% |
4 \isacommand{theory}\ ToyList\ {\isacharequal}\ PreList{\isacharcolon}\isamarkupfalse% |
|
5 % |
5 \begin{isamarkuptext}% |
6 \begin{isamarkuptext}% |
6 \noindent |
7 \noindent |
7 HOL already has a predefined theory of lists called \isa{List} --- |
8 HOL already has a predefined theory of lists called \isa{List} --- |
8 \isa{ToyList} is merely a small fragment of it chosen as an example. In |
9 \isa{ToyList} is merely a small fragment of it chosen as an example. In |
9 contrast to what is recommended in \S\ref{sec:Basic:Theories}, |
10 contrast to what is recommended in \S\ref{sec:Basic:Theories}, |
10 \isa{ToyList} is not based on \isa{Main} but on \isa{PreList}, a |
11 \isa{ToyList} is not based on \isa{Main} but on \isa{PreList}, a |
11 theory that contains pretty much everything but lists, thus avoiding |
12 theory that contains pretty much everything but lists, thus avoiding |
12 ambiguities caused by defining lists twice.% |
13 ambiguities caused by defining lists twice.% |
13 \end{isamarkuptext}% |
14 \end{isamarkuptext}% |
|
15 \isamarkuptrue% |
14 \isacommand{datatype}\ {\isacharprime}a\ list\ {\isacharequal}\ Nil\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}{\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}{\isacharparenright}\isanewline |
16 \isacommand{datatype}\ {\isacharprime}a\ list\ {\isacharequal}\ Nil\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}{\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}{\isacharparenright}\isanewline |
15 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharbar}\ Cons\ {\isacharprime}a\ {\isachardoublequote}{\isacharprime}a\ list{\isachardoublequote}\ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharhash}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}% |
17 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ {\isacharbar}\ Cons\ {\isacharprime}a\ {\isachardoublequote}{\isacharprime}a\ list{\isachardoublequote}\ \ \ \ \ \ \ \ \ \ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharhash}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}\isamarkupfalse% |
|
18 % |
16 \begin{isamarkuptext}% |
19 \begin{isamarkuptext}% |
17 \noindent |
20 \noindent |
18 \index{datatype@\isacommand {datatype} (command)} |
21 \index{datatype@\isacommand {datatype} (command)} |
19 The datatype \tydx{list} introduces two |
22 The datatype \tydx{list} introduces two |
20 constructors \cdx{Nil} and \cdx{Cons}, the |
23 constructors \cdx{Nil} and \cdx{Cons}, the |
42 Novices should avoid using |
45 Novices should avoid using |
43 syntax annotations in their own theories. |
46 syntax annotations in their own theories. |
44 \end{warn} |
47 \end{warn} |
45 Next, two functions \isa{app} and \cdx{rev} are declared:% |
48 Next, two functions \isa{app} and \cdx{rev} are declared:% |
46 \end{isamarkuptext}% |
49 \end{isamarkuptext}% |
|
50 \isamarkuptrue% |
47 \isacommand{consts}\ app\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}\ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharat}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}\isanewline |
51 \isacommand{consts}\ app\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}\ \ \ {\isacharparenleft}\isakeyword{infixr}\ {\isachardoublequote}{\isacharat}{\isachardoublequote}\ {\isadigit{6}}{\isadigit{5}}{\isacharparenright}\isanewline |
48 \ \ \ \ \ \ \ rev\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}% |
52 \ \ \ \ \ \ \ rev\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a\ list{\isachardoublequote}\isamarkupfalse% |
|
53 % |
49 \begin{isamarkuptext}% |
54 \begin{isamarkuptext}% |
50 \noindent |
55 \noindent |
51 In contrast to many functional programming languages, |
56 In contrast to many functional programming languages, |
52 Isabelle insists on explicit declarations of all functions |
57 Isabelle insists on explicit declarations of all functions |
53 (keyword \commdx{consts}). Apart from the declaration-before-use |
58 (keyword \commdx{consts}). Apart from the declaration-before-use |
55 \isa{app} is annotated with concrete syntax too. Instead of the |
60 \isa{app} is annotated with concrete syntax too. Instead of the |
56 prefix syntax \isa{app\ xs\ ys} the infix |
61 prefix syntax \isa{app\ xs\ ys} the infix |
57 \isa{xs\ {\isacharat}\ ys}\index{$HOL2list@\texttt{\at}|bold} becomes the preferred |
62 \isa{xs\ {\isacharat}\ ys}\index{$HOL2list@\texttt{\at}|bold} becomes the preferred |
58 form. Both functions are defined recursively:% |
63 form. Both functions are defined recursively:% |
59 \end{isamarkuptext}% |
64 \end{isamarkuptext}% |
|
65 \isamarkuptrue% |
60 \isacommand{primrec}\isanewline |
66 \isacommand{primrec}\isanewline |
61 {\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ ys\ \ \ \ \ \ \ {\isacharequal}\ ys{\isachardoublequote}\isanewline |
67 {\isachardoublequote}{\isacharbrackleft}{\isacharbrackright}\ {\isacharat}\ ys\ \ \ \ \ \ \ {\isacharequal}\ ys{\isachardoublequote}\isanewline |
62 {\isachardoublequote}{\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ {\isacharat}\ ys\ {\isacharequal}\ x\ {\isacharhash}\ {\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}{\isachardoublequote}\isanewline |
68 {\isachardoublequote}{\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ {\isacharat}\ ys\ {\isacharequal}\ x\ {\isacharhash}\ {\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}{\isachardoublequote}\isanewline |
63 \isanewline |
69 \isanewline |
|
70 \isamarkupfalse% |
64 \isacommand{primrec}\isanewline |
71 \isacommand{primrec}\isanewline |
65 {\isachardoublequote}rev\ {\isacharbrackleft}{\isacharbrackright}\ \ \ \ \ \ \ \ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isanewline |
72 {\isachardoublequote}rev\ {\isacharbrackleft}{\isacharbrackright}\ \ \ \ \ \ \ \ {\isacharequal}\ {\isacharbrackleft}{\isacharbrackright}{\isachardoublequote}\isanewline |
66 {\isachardoublequote}rev\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ \ {\isacharequal}\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}x\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isachardoublequote}% |
73 {\isachardoublequote}rev\ {\isacharparenleft}x\ {\isacharhash}\ xs{\isacharparenright}\ \ {\isacharequal}\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}x\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isachardoublequote}\isamarkupfalse% |
|
74 % |
67 \begin{isamarkuptext}% |
75 \begin{isamarkuptext}% |
68 \noindent\index{*rev (constant)|(}\index{append function|(} |
76 \noindent\index{*rev (constant)|(}\index{append function|(} |
69 The equations for \isa{app} and \isa{rev} hardly need comments: |
77 The equations for \isa{app} and \isa{rev} hardly need comments: |
70 \isa{app} appends two lists and \isa{rev} reverses a list. The |
78 \isa{app} appends two lists and \isa{rev} reverses a list. The |
71 keyword \commdx{primrec} indicates that the recursion is |
79 keyword \commdx{primrec} indicates that the recursion is |
100 HOL-specific (terms and types) should be enclosed in |
108 HOL-specific (terms and types) should be enclosed in |
101 \texttt{"}\dots\texttt{"}. |
109 \texttt{"}\dots\texttt{"}. |
102 To lessen this burden, quotation marks around a single identifier can be |
110 To lessen this burden, quotation marks around a single identifier can be |
103 dropped, unless the identifier happens to be a keyword, as in% |
111 dropped, unless the identifier happens to be a keyword, as in% |
104 \end{isamarkuptext}% |
112 \end{isamarkuptext}% |
105 \isacommand{consts}\ {\isachardoublequote}end{\isachardoublequote}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequote}% |
113 \isamarkuptrue% |
|
114 \isacommand{consts}\ {\isachardoublequote}end{\isachardoublequote}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharprime}a\ list\ {\isasymRightarrow}\ {\isacharprime}a{\isachardoublequote}\isamarkupfalse% |
|
115 % |
106 \begin{isamarkuptext}% |
116 \begin{isamarkuptext}% |
107 \noindent |
117 \noindent |
108 When Isabelle prints a syntax error message, it refers to the HOL syntax as |
118 When Isabelle prints a syntax error message, it refers to the HOL syntax as |
109 the \textbf{inner syntax} and the enclosing theory language as the \textbf{outer syntax}. |
119 the \textbf{inner syntax} and the enclosing theory language as the \textbf{outer syntax}. |
110 |
120 |
167 |
179 |
168 Let us now get back to \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}. Properties of recursively |
180 Let us now get back to \isa{rev\ {\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs}. Properties of recursively |
169 defined functions are best established by induction. In this case there is |
181 defined functions are best established by induction. In this case there is |
170 nothing obvious except induction on \isa{xs}:% |
182 nothing obvious except induction on \isa{xs}:% |
171 \end{isamarkuptxt}% |
183 \end{isamarkuptxt}% |
172 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}% |
184 \isamarkuptrue% |
|
185 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse% |
|
186 % |
173 \begin{isamarkuptxt}% |
187 \begin{isamarkuptxt}% |
174 \noindent\index{*induct_tac (method)}% |
188 \noindent\index{*induct_tac (method)}% |
175 This tells Isabelle to perform induction on variable \isa{xs}. The suffix |
189 This tells Isabelle to perform induction on variable \isa{xs}. The suffix |
176 \isa{tac} stands for \textbf{tactic},\index{tactics} |
190 \isa{tac} stands for \textbf{tactic},\index{tactics} |
177 a synonym for ``theorem proving function''. |
191 a synonym for ``theorem proving function''. |
215 \ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline |
231 \ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a\ list{\isachardot}\isanewline |
216 \isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list% |
232 \isaindent{\ {\isadigit{1}}{\isachardot}\ \ \ \ }rev\ {\isacharparenleft}rev\ list{\isacharparenright}\ {\isacharequal}\ list\ {\isasymLongrightarrow}\ rev\ {\isacharparenleft}rev\ list\ {\isacharat}\ a\ {\isacharhash}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\ {\isacharequal}\ a\ {\isacharhash}\ list% |
217 \end{isabelle} |
233 \end{isabelle} |
218 In order to simplify this subgoal further, a lemma suggests itself.% |
234 In order to simplify this subgoal further, a lemma suggests itself.% |
219 \end{isamarkuptxt}% |
235 \end{isamarkuptxt}% |
|
236 \isamarkuptrue% |
|
237 \isamarkupfalse% |
220 % |
238 % |
221 \isamarkupsubsubsection{First Lemma% |
239 \isamarkupsubsubsection{First Lemma% |
222 } |
240 } |
|
241 \isamarkuptrue% |
223 % |
242 % |
224 \begin{isamarkuptext}% |
243 \begin{isamarkuptext}% |
225 \indexbold{abandoning a proof}\indexbold{proofs!abandoning} |
244 \indexbold{abandoning a proof}\indexbold{proofs!abandoning} |
226 After abandoning the above proof attempt (at the shell level type |
245 After abandoning the above proof attempt (at the shell level type |
227 \commdx{oops}) we start a new proof:% |
246 \commdx{oops}) we start a new proof:% |
228 \end{isamarkuptext}% |
247 \end{isamarkuptext}% |
229 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}% |
248 \isamarkuptrue% |
|
249 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isamarkupfalse% |
|
250 % |
230 \begin{isamarkuptxt}% |
251 \begin{isamarkuptxt}% |
231 \noindent The keywords \commdx{theorem} and |
252 \noindent The keywords \commdx{theorem} and |
232 \commdx{lemma} are interchangeable and merely indicate |
253 \commdx{lemma} are interchangeable and merely indicate |
233 the importance we attach to a proposition. Therefore we use the words |
254 the importance we attach to a proposition. Therefore we use the words |
234 \emph{theorem} and \emph{lemma} pretty much interchangeably, too. |
255 \emph{theorem} and \emph{lemma} pretty much interchangeably, too. |
235 |
256 |
236 There are two variables that we could induct on: \isa{xs} and |
257 There are two variables that we could induct on: \isa{xs} and |
237 \isa{ys}. Because \isa{{\isacharat}} is defined by recursion on |
258 \isa{ys}. Because \isa{{\isacharat}} is defined by recursion on |
238 the first argument, \isa{xs} is the correct one:% |
259 the first argument, \isa{xs} is the correct one:% |
239 \end{isamarkuptxt}% |
260 \end{isamarkuptxt}% |
240 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}% |
261 \isamarkuptrue% |
|
262 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isamarkupfalse% |
|
263 % |
241 \begin{isamarkuptxt}% |
264 \begin{isamarkuptxt}% |
242 \noindent |
265 \noindent |
243 This time not even the base case is solved automatically:% |
266 This time not even the base case is solved automatically:% |
244 \end{isamarkuptxt}% |
267 \end{isamarkuptxt}% |
245 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}% |
268 \isamarkuptrue% |
|
269 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse% |
|
270 % |
246 \begin{isamarkuptxt}% |
271 \begin{isamarkuptxt}% |
247 \begin{isabelle}% |
272 \begin{isabelle}% |
248 \ {\isadigit{1}}{\isachardot}\ rev\ ys\ {\isacharequal}\ rev\ ys\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}% |
273 \ {\isadigit{1}}{\isachardot}\ rev\ ys\ {\isacharequal}\ rev\ ys\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}% |
249 \end{isabelle} |
274 \end{isabelle} |
250 Again, we need to abandon this proof attempt and prove another simple lemma |
275 Again, we need to abandon this proof attempt and prove another simple lemma |
251 first. In the future the step of abandoning an incomplete proof before |
276 first. In the future the step of abandoning an incomplete proof before |
252 embarking on the proof of a lemma usually remains implicit.% |
277 embarking on the proof of a lemma usually remains implicit.% |
253 \end{isamarkuptxt}% |
278 \end{isamarkuptxt}% |
|
279 \isamarkuptrue% |
|
280 \isamarkupfalse% |
254 % |
281 % |
255 \isamarkupsubsubsection{Second Lemma% |
282 \isamarkupsubsubsection{Second Lemma% |
256 } |
283 } |
|
284 \isamarkuptrue% |
257 % |
285 % |
258 \begin{isamarkuptext}% |
286 \begin{isamarkuptext}% |
259 We again try the canonical proof procedure:% |
287 We again try the canonical proof procedure:% |
260 \end{isamarkuptext}% |
288 \end{isamarkuptext}% |
|
289 \isamarkuptrue% |
261 \isacommand{lemma}\ app{\isacharunderscore}Nil{\isadigit{2}}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline |
290 \isacommand{lemma}\ app{\isacharunderscore}Nil{\isadigit{2}}\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline |
|
291 \isamarkupfalse% |
262 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
292 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
263 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}% |
293 \isamarkupfalse% |
|
294 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse% |
|
295 % |
264 \begin{isamarkuptxt}% |
296 \begin{isamarkuptxt}% |
265 \noindent |
297 \noindent |
266 It works, yielding the desired message \isa{No\ subgoals{\isacharbang}}: |
298 It works, yielding the desired message \isa{No\ subgoals{\isacharbang}}: |
267 \begin{isabelle}% |
299 \begin{isabelle}% |
268 xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs\isanewline |
300 xs\ {\isacharat}\ {\isacharbrackleft}{\isacharbrackright}\ {\isacharequal}\ xs\isanewline |
269 No\ subgoals{\isacharbang}% |
301 No\ subgoals{\isacharbang}% |
270 \end{isabelle} |
302 \end{isabelle} |
271 We still need to confirm that the proof is now finished:% |
303 We still need to confirm that the proof is now finished:% |
272 \end{isamarkuptxt}% |
304 \end{isamarkuptxt}% |
273 \isacommand{done}% |
305 \isamarkuptrue% |
|
306 \isacommand{done}\isamarkupfalse% |
|
307 % |
274 \begin{isamarkuptext}% |
308 \begin{isamarkuptext}% |
275 \noindent |
309 \noindent |
276 As a result of that final \commdx{done}, Isabelle associates the lemma just proved |
310 As a result of that final \commdx{done}, Isabelle associates the lemma just proved |
277 with its name. In this tutorial, we sometimes omit to show that final \isacommand{done} |
311 with its name. In this tutorial, we sometimes omit to show that final \isacommand{done} |
278 if it is obvious from the context that the proof is finished. |
312 if it is obvious from the context that the proof is finished. |
284 replaced by the unknown \isa{{\isacharquery}xs}, just as explained in |
318 replaced by the unknown \isa{{\isacharquery}xs}, just as explained in |
285 \S\ref{sec:variables}. |
319 \S\ref{sec:variables}. |
286 |
320 |
287 Going back to the proof of the first lemma% |
321 Going back to the proof of the first lemma% |
288 \end{isamarkuptext}% |
322 \end{isamarkuptext}% |
|
323 \isamarkuptrue% |
289 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline |
324 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline |
|
325 \isamarkupfalse% |
290 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
326 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
291 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}% |
327 \isamarkupfalse% |
|
328 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isamarkupfalse% |
|
329 % |
292 \begin{isamarkuptxt}% |
330 \begin{isamarkuptxt}% |
293 \noindent |
331 \noindent |
294 we find that this time \isa{auto} solves the base case, but the |
332 we find that this time \isa{auto} solves the base case, but the |
295 induction step merely simplifies to |
333 induction step merely simplifies to |
296 \begin{isabelle}% |
334 \begin{isabelle}% |
304 \begin{isabelle} |
342 \begin{isabelle} |
305 ~~~~~(rev~ys~@~rev~list)~@~(a~\#~[])~=~rev~ys~@~(rev~list~@~(a~\#~[])) |
343 ~~~~~(rev~ys~@~rev~list)~@~(a~\#~[])~=~rev~ys~@~(rev~list~@~(a~\#~[])) |
306 \end{isabelle} |
344 \end{isabelle} |
307 and the missing lemma is associativity of \isa{{\isacharat}}.% |
345 and the missing lemma is associativity of \isa{{\isacharat}}.% |
308 \end{isamarkuptxt}% |
346 \end{isamarkuptxt}% |
|
347 \isamarkuptrue% |
|
348 \isamarkupfalse% |
309 % |
349 % |
310 \isamarkupsubsubsection{Third Lemma% |
350 \isamarkupsubsubsection{Third Lemma% |
311 } |
351 } |
|
352 \isamarkuptrue% |
312 % |
353 % |
313 \begin{isamarkuptext}% |
354 \begin{isamarkuptext}% |
314 Abandoning the previous attempt, the canonical proof procedure |
355 Abandoning the previous attempt, the canonical proof procedure |
315 succeeds without further ado.% |
356 succeeds without further ado.% |
316 \end{isamarkuptext}% |
357 \end{isamarkuptext}% |
|
358 \isamarkuptrue% |
317 \isacommand{lemma}\ app{\isacharunderscore}assoc\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ {\isacharparenleft}ys\ {\isacharat}\ zs{\isacharparenright}{\isachardoublequote}\isanewline |
359 \isacommand{lemma}\ app{\isacharunderscore}assoc\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharat}\ zs\ {\isacharequal}\ xs\ {\isacharat}\ {\isacharparenleft}ys\ {\isacharat}\ zs{\isacharparenright}{\isachardoublequote}\isanewline |
|
360 \isamarkupfalse% |
318 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
361 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
|
362 \isamarkupfalse% |
319 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
363 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
320 \isacommand{done}% |
364 \isamarkupfalse% |
|
365 \isacommand{done}\isamarkupfalse% |
|
366 % |
321 \begin{isamarkuptext}% |
367 \begin{isamarkuptext}% |
322 \noindent |
368 \noindent |
323 Now we can prove the first lemma:% |
369 Now we can prove the first lemma:% |
324 \end{isamarkuptext}% |
370 \end{isamarkuptext}% |
|
371 \isamarkuptrue% |
325 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline |
372 \isacommand{lemma}\ rev{\isacharunderscore}app\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}xs\ {\isacharat}\ ys{\isacharparenright}\ {\isacharequal}\ {\isacharparenleft}rev\ ys{\isacharparenright}\ {\isacharat}\ {\isacharparenleft}rev\ xs{\isacharparenright}{\isachardoublequote}\isanewline |
|
373 \isamarkupfalse% |
326 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
374 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
|
375 \isamarkupfalse% |
327 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
376 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
328 \isacommand{done}% |
377 \isamarkupfalse% |
|
378 \isacommand{done}\isamarkupfalse% |
|
379 % |
329 \begin{isamarkuptext}% |
380 \begin{isamarkuptext}% |
330 \noindent |
381 \noindent |
331 Finally, we prove our main theorem:% |
382 Finally, we prove our main theorem:% |
332 \end{isamarkuptext}% |
383 \end{isamarkuptext}% |
|
384 \isamarkuptrue% |
333 \isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline |
385 \isacommand{theorem}\ rev{\isacharunderscore}rev\ {\isacharbrackleft}simp{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}rev{\isacharparenleft}rev\ xs{\isacharparenright}\ {\isacharequal}\ xs{\isachardoublequote}\isanewline |
|
386 \isamarkupfalse% |
334 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
387 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ xs{\isacharparenright}\isanewline |
|
388 \isamarkupfalse% |
335 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
389 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
336 \isacommand{done}% |
390 \isamarkupfalse% |
|
391 \isacommand{done}\isamarkupfalse% |
|
392 % |
337 \begin{isamarkuptext}% |
393 \begin{isamarkuptext}% |
338 \noindent |
394 \noindent |
339 The final \commdx{end} tells Isabelle to close the current theory because |
395 The final \commdx{end} tells Isabelle to close the current theory because |
340 we are finished with its development:% |
396 we are finished with its development:% |
341 \index{*rev (constant)|)}\index{append function|)}% |
397 \index{*rev (constant)|)}\index{append function|)}% |
342 \end{isamarkuptext}% |
398 \end{isamarkuptext}% |
|
399 \isamarkuptrue% |
343 \isacommand{end}\isanewline |
400 \isacommand{end}\isanewline |
|
401 \isamarkupfalse% |
344 \end{isabellebody}% |
402 \end{isabellebody}% |
345 %%% Local Variables: |
403 %%% Local Variables: |
346 %%% mode: latex |
404 %%% mode: latex |
347 %%% TeX-master: "root" |
405 %%% TeX-master: "root" |
348 %%% End: |
406 %%% End: |