src/HOL/ex/Primrec.thy
author wenzelm
Mon Aug 31 21:28:08 2015 +0200 (2015-08-31)
changeset 61070 b72a990adfe2
parent 58889 5b7a9633cfa8
child 61343 5b5656a63bd6
permissions -rw-r--r--
prefer symbols;
wenzelm@11024
     1
(*  Title:      HOL/ex/Primrec.thy
paulson@3335
     2
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@3335
     3
    Copyright   1997  University of Cambridge
paulson@3335
     4
nipkow@27626
     5
Ackermann's Function and the
nipkow@27626
     6
Primitive Recursive Functions.
paulson@3335
     7
*)
paulson@3335
     8
wenzelm@58889
     9
section {* Primitive Recursive Functions *}
wenzelm@11024
    10
haftmann@16417
    11
theory Primrec imports Main begin
wenzelm@11024
    12
wenzelm@11024
    13
text {*
wenzelm@11024
    14
  Proof adopted from
wenzelm@11024
    15
wenzelm@11024
    16
  Nora Szasz, A Machine Checked Proof that Ackermann's Function is not
wenzelm@11024
    17
  Primitive Recursive, In: Huet \& Plotkin, eds., Logical Environments
wenzelm@11024
    18
  (CUP, 1993), 317-338.
wenzelm@11024
    19
wenzelm@11024
    20
  See also E. Mendelson, Introduction to Mathematical Logic.  (Van
wenzelm@11024
    21
  Nostrand, 1964), page 250, exercise 11.
wenzelm@11024
    22
  \medskip
wenzelm@11024
    23
*}
wenzelm@11024
    24
wenzelm@11024
    25
nipkow@27626
    26
subsection{* Ackermann's Function *}
wenzelm@11024
    27
nipkow@27626
    28
fun ack :: "nat => nat => nat" where
nipkow@27626
    29
"ack 0 n =  Suc n" |
nipkow@27626
    30
"ack (Suc m) 0 = ack m 1" |
nipkow@27626
    31
"ack (Suc m) (Suc n) = ack m (ack (Suc m) n)"
wenzelm@11024
    32
wenzelm@11024
    33
wenzelm@11024
    34
text {* PROPERTY A 4 *}
wenzelm@11024
    35
nipkow@27626
    36
lemma less_ack2 [iff]: "j < ack i j"
nipkow@27626
    37
by (induct i j rule: ack.induct) simp_all
wenzelm@11024
    38
wenzelm@11024
    39
wenzelm@11024
    40
text {* PROPERTY A 5-, the single-step lemma *}
wenzelm@11024
    41
nipkow@27626
    42
lemma ack_less_ack_Suc2 [iff]: "ack i j < ack i (Suc j)"
nipkow@27626
    43
by (induct i j rule: ack.induct) simp_all
wenzelm@11024
    44
wenzelm@11024
    45
wenzelm@11024
    46
text {* PROPERTY A 5, monotonicity for @{text "<"} *}
wenzelm@11024
    47
nipkow@27626
    48
lemma ack_less_mono2: "j < k ==> ack i j < ack i k"
nipkow@27626
    49
using lift_Suc_mono_less[where f = "ack i"]
nipkow@27626
    50
by (metis ack_less_ack_Suc2)
wenzelm@11024
    51
wenzelm@11024
    52
wenzelm@11024
    53
text {* PROPERTY A 5', monotonicity for @{text \<le>} *}
wenzelm@11024
    54
nipkow@27626
    55
lemma ack_le_mono2: "j \<le> k ==> ack i j \<le> ack i k"
nipkow@27626
    56
apply (simp add: order_le_less)
nipkow@27626
    57
apply (blast intro: ack_less_mono2)
nipkow@27626
    58
done
paulson@3335
    59
wenzelm@11024
    60
wenzelm@11024
    61
text {* PROPERTY A 6 *}
wenzelm@11024
    62
nipkow@27626
    63
lemma ack2_le_ack1 [iff]: "ack i (Suc j) \<le> ack (Suc i) j"
haftmann@26072
    64
proof (induct j)
haftmann@26072
    65
  case 0 show ?case by simp
haftmann@26072
    66
next
haftmann@26072
    67
  case (Suc j) show ?case 
haftmann@26072
    68
    by (auto intro!: ack_le_mono2)
haftmann@26072
    69
      (metis Suc Suc_leI Suc_lessI less_ack2 linorder_not_less)
haftmann@26072
    70
qed
wenzelm@11024
    71
wenzelm@11024
    72
wenzelm@11024
    73
text {* PROPERTY A 7-, the single-step lemma *}
wenzelm@11024
    74
nipkow@27626
    75
lemma ack_less_ack_Suc1 [iff]: "ack i j < ack (Suc i) j"
nipkow@27626
    76
by (blast intro: ack_less_mono2 less_le_trans)
wenzelm@11024
    77
wenzelm@11024
    78
wenzelm@19676
    79
text {* PROPERTY A 4'? Extra lemma needed for @{term CONSTANT} case, constant functions *}
wenzelm@11024
    80
nipkow@27626
    81
lemma less_ack1 [iff]: "i < ack i j"
nipkow@27626
    82
apply (induct i)
nipkow@27626
    83
 apply simp_all
nipkow@27626
    84
apply (blast intro: Suc_leI le_less_trans)
nipkow@27626
    85
done
wenzelm@11024
    86
wenzelm@11024
    87
wenzelm@11024
    88
text {* PROPERTY A 8 *}
wenzelm@11024
    89
nipkow@27626
    90
lemma ack_1 [simp]: "ack (Suc 0) j = j + 2"
nipkow@27626
    91
by (induct j) simp_all
wenzelm@11024
    92
wenzelm@11024
    93
wenzelm@11701
    94
text {* PROPERTY A 9.  The unary @{text 1} and @{text 2} in @{term
wenzelm@11024
    95
  ack} is essential for the rewriting. *}
wenzelm@11024
    96
nipkow@27626
    97
lemma ack_2 [simp]: "ack (Suc (Suc 0)) j = 2 * j + 3"
nipkow@27626
    98
by (induct j) simp_all
paulson@3335
    99
paulson@3335
   100
wenzelm@11024
   101
text {* PROPERTY A 7, monotonicity for @{text "<"} [not clear why
wenzelm@11024
   102
  @{thm [source] ack_1} is now needed first!] *}
wenzelm@11024
   103
nipkow@27626
   104
lemma ack_less_mono1_aux: "ack i k < ack (Suc (i +i')) k"
paulson@34055
   105
proof (induct i k rule: ack.induct)
paulson@34055
   106
  case (1 n) show ?case
paulson@34055
   107
    by (simp, metis ack_less_ack_Suc1 less_ack2 less_trans_Suc) 
paulson@34055
   108
next
paulson@34055
   109
  case (2 m) thus ?case by simp
paulson@34055
   110
next
paulson@34055
   111
  case (3 m n) thus ?case
paulson@34055
   112
    by (simp, blast intro: less_trans ack_less_mono2)
paulson@34055
   113
qed
wenzelm@11024
   114
nipkow@27626
   115
lemma ack_less_mono1: "i < j ==> ack i k < ack j k"
nipkow@27626
   116
apply (drule less_imp_Suc_add)
nipkow@27626
   117
apply (blast intro!: ack_less_mono1_aux)
nipkow@27626
   118
done
wenzelm@11024
   119
wenzelm@11024
   120
wenzelm@11024
   121
text {* PROPERTY A 7', monotonicity for @{text "\<le>"} *}
wenzelm@11024
   122
nipkow@27626
   123
lemma ack_le_mono1: "i \<le> j ==> ack i k \<le> ack j k"
nipkow@27626
   124
apply (simp add: order_le_less)
nipkow@27626
   125
apply (blast intro: ack_less_mono1)
nipkow@27626
   126
done
wenzelm@11024
   127
wenzelm@11024
   128
wenzelm@11024
   129
text {* PROPERTY A 10 *}
wenzelm@11024
   130
nipkow@27626
   131
lemma ack_nest_bound: "ack i1 (ack i2 j) < ack (2 + (i1 + i2)) j"
nipkow@27626
   132
apply (simp add: numerals)
nipkow@27626
   133
apply (rule ack2_le_ack1 [THEN [2] less_le_trans])
nipkow@27626
   134
apply simp
nipkow@27626
   135
apply (rule le_add1 [THEN ack_le_mono1, THEN le_less_trans])
nipkow@27626
   136
apply (rule ack_less_mono1 [THEN ack_less_mono2])
nipkow@27626
   137
apply (simp add: le_imp_less_Suc le_add2)
nipkow@27626
   138
done
wenzelm@11024
   139
paulson@3335
   140
wenzelm@11024
   141
text {* PROPERTY A 11 *}
paulson@3335
   142
nipkow@27626
   143
lemma ack_add_bound: "ack i1 j + ack i2 j < ack (4 + (i1 + i2)) j"
nipkow@27626
   144
apply (rule less_trans [of _ "ack (Suc (Suc 0)) (ack (i1 + i2) j)"])
nipkow@27626
   145
 prefer 2
nipkow@27626
   146
 apply (rule ack_nest_bound [THEN less_le_trans])
nipkow@27626
   147
 apply (simp add: Suc3_eq_add_3)
nipkow@27626
   148
apply simp
nipkow@27626
   149
apply (cut_tac i = i1 and m1 = i2 and k = j in le_add1 [THEN ack_le_mono1])
nipkow@27626
   150
apply (cut_tac i = "i2" and m1 = i1 and k = j in le_add2 [THEN ack_le_mono1])
nipkow@27626
   151
apply auto
nipkow@27626
   152
done
wenzelm@11024
   153
wenzelm@11024
   154
wenzelm@11024
   155
text {* PROPERTY A 12.  Article uses existential quantifier but the ALF proof
wenzelm@11024
   156
  used @{text "k + 4"}.  Quantified version must be nested @{text
wenzelm@11024
   157
  "\<exists>k'. \<forall>i j. ..."} *}
paulson@3335
   158
nipkow@27626
   159
lemma ack_add_bound2: "i < ack k j ==> i + j < ack (4 + k) j"
nipkow@27626
   160
apply (rule less_trans [of _ "ack k j + ack 0 j"])
haftmann@46546
   161
 apply (blast intro: add_less_mono) 
nipkow@27626
   162
apply (rule ack_add_bound [THEN less_le_trans])
nipkow@27626
   163
apply simp
nipkow@27626
   164
done
nipkow@27626
   165
nipkow@27626
   166
nipkow@27626
   167
subsection{*Primitive Recursive Functions*}
nipkow@27626
   168
nipkow@27626
   169
primrec hd0 :: "nat list => nat" where
nipkow@27626
   170
"hd0 [] = 0" |
nipkow@27626
   171
"hd0 (m # ms) = m"
wenzelm@11024
   172
wenzelm@11024
   173
nipkow@27626
   174
text {* Inductive definition of the set of primitive recursive functions of type @{typ "nat list => nat"}. *}
wenzelm@11024
   175
nipkow@27626
   176
definition SC :: "nat list => nat" where
nipkow@27626
   177
"SC l = Suc (hd0 l)"
nipkow@27626
   178
nipkow@27626
   179
definition CONSTANT :: "nat => nat list => nat" where
nipkow@27626
   180
"CONSTANT k l = k"
nipkow@27626
   181
nipkow@27626
   182
definition PROJ :: "nat => nat list => nat" where
nipkow@27626
   183
"PROJ i l = hd0 (drop i l)"
nipkow@27626
   184
nipkow@27626
   185
definition
nipkow@27626
   186
COMP :: "(nat list => nat) => (nat list => nat) list => nat list => nat"
nipkow@27626
   187
where "COMP g fs l = g (map (\<lambda>f. f l) fs)"
nipkow@27626
   188
nipkow@27626
   189
definition PREC :: "(nat list => nat) => (nat list => nat) => nat list => nat"
nipkow@27626
   190
where
nipkow@27626
   191
  "PREC f g l =
nipkow@27626
   192
    (case l of
nipkow@27626
   193
      [] => 0
blanchet@55415
   194
    | x # l' => rec_nat (f l') (\<lambda>y r. g (r # y # l')) x)"
nipkow@27626
   195
  -- {* Note that @{term g} is applied first to @{term "PREC f g y"} and then to @{term y}! *}
nipkow@27626
   196
nipkow@27626
   197
inductive PRIMREC :: "(nat list => nat) => bool" where
nipkow@27626
   198
SC: "PRIMREC SC" |
nipkow@27626
   199
CONSTANT: "PRIMREC (CONSTANT k)" |
nipkow@27626
   200
PROJ: "PRIMREC (PROJ i)" |
nipkow@27626
   201
COMP: "PRIMREC g ==> \<forall>f \<in> set fs. PRIMREC f ==> PRIMREC (COMP g fs)" |
nipkow@27626
   202
PREC: "PRIMREC f ==> PRIMREC g ==> PRIMREC (PREC f g)"
nipkow@27626
   203
nipkow@27626
   204
nipkow@27626
   205
text {* Useful special cases of evaluation *}
nipkow@27626
   206
nipkow@27626
   207
lemma SC [simp]: "SC (x # l) = Suc x"
nipkow@27626
   208
by (simp add: SC_def)
nipkow@27626
   209
nipkow@27626
   210
lemma CONSTANT [simp]: "CONSTANT k l = k"
nipkow@27626
   211
by (simp add: CONSTANT_def)
nipkow@27626
   212
nipkow@27626
   213
lemma PROJ_0 [simp]: "PROJ 0 (x # l) = x"
nipkow@27626
   214
by (simp add: PROJ_def)
nipkow@27626
   215
nipkow@27626
   216
lemma COMP_1 [simp]: "COMP g [f] l = g [f l]"
nipkow@27626
   217
by (simp add: COMP_def)
nipkow@27626
   218
nipkow@27626
   219
lemma PREC_0 [simp]: "PREC f g (0 # l) = f l"
nipkow@27626
   220
by (simp add: PREC_def)
nipkow@27626
   221
nipkow@27626
   222
lemma PREC_Suc [simp]: "PREC f g (Suc x # l) = g (PREC f g (x # l) # x # l)"
nipkow@27626
   223
by (simp add: PREC_def)
nipkow@27626
   224
paulson@3335
   225
wenzelm@11024
   226
text {* MAIN RESULT *}
wenzelm@11024
   227
nipkow@27626
   228
lemma SC_case: "SC l < ack 1 (listsum l)"
nipkow@27626
   229
apply (unfold SC_def)
nipkow@27626
   230
apply (induct l)
nipkow@27626
   231
apply (simp_all add: le_add1 le_imp_less_Suc)
nipkow@27626
   232
done
wenzelm@11024
   233
nipkow@27626
   234
lemma CONSTANT_case: "CONSTANT k l < ack k (listsum l)"
nipkow@27626
   235
by simp
paulson@3335
   236
nipkow@27626
   237
lemma PROJ_case: "PROJ i l < ack 0 (listsum l)"
nipkow@27626
   238
apply (simp add: PROJ_def)
nipkow@27626
   239
apply (induct l arbitrary:i)
nipkow@27626
   240
 apply (auto simp add: drop_Cons split: nat.split)
nipkow@27626
   241
apply (blast intro: less_le_trans le_add2)
nipkow@27626
   242
done
wenzelm@11024
   243
wenzelm@11024
   244
wenzelm@11024
   245
text {* @{term COMP} case *}
paulson@3335
   246
nipkow@27626
   247
lemma COMP_map_aux: "\<forall>f \<in> set fs. PRIMREC f \<and> (\<exists>kf. \<forall>l. f l < ack kf (listsum l))
nipkow@27626
   248
  ==> \<exists>k. \<forall>l. listsum (map (\<lambda>f. f l) fs) < ack k (listsum l)"
nipkow@27626
   249
apply (induct fs)
nipkow@27626
   250
 apply (rule_tac x = 0 in exI)
nipkow@27626
   251
 apply simp
nipkow@27626
   252
apply simp
nipkow@27626
   253
apply (blast intro: add_less_mono ack_add_bound less_trans)
nipkow@27626
   254
done
wenzelm@11024
   255
wenzelm@11024
   256
lemma COMP_case:
nipkow@27626
   257
  "\<forall>l. g l < ack kg (listsum l) ==>
nipkow@27626
   258
  \<forall>f \<in> set fs. PRIMREC f \<and> (\<exists>kf. \<forall>l. f l < ack kf (listsum l))
nipkow@27626
   259
  ==> \<exists>k. \<forall>l. COMP g fs  l < ack k (listsum l)"
nipkow@27626
   260
apply (unfold COMP_def)
paulson@34055
   261
apply (drule COMP_map_aux)
paulson@34055
   262
apply (meson ack_less_mono2 ack_nest_bound less_trans)
nipkow@27626
   263
done
wenzelm@11024
   264
wenzelm@11024
   265
wenzelm@11024
   266
text {* @{term PREC} case *}
paulson@3335
   267
wenzelm@11024
   268
lemma PREC_case_aux:
nipkow@27626
   269
  "\<forall>l. f l + listsum l < ack kf (listsum l) ==>
nipkow@27626
   270
    \<forall>l. g l + listsum l < ack kg (listsum l) ==>
nipkow@27626
   271
    PREC f g l + listsum l < ack (Suc (kf + kg)) (listsum l)"
nipkow@27626
   272
apply (unfold PREC_def)
nipkow@27626
   273
apply (case_tac l)
nipkow@27626
   274
 apply simp_all
nipkow@27626
   275
 apply (blast intro: less_trans)
nipkow@27626
   276
apply (erule ssubst) -- {* get rid of the needless assumption *}
nipkow@27626
   277
apply (induct_tac a)
nipkow@27626
   278
 apply simp_all
nipkow@27626
   279
 txt {* base case *}
nipkow@27626
   280
 apply (blast intro: le_add1 [THEN le_imp_less_Suc, THEN ack_less_mono1] less_trans)
nipkow@27626
   281
txt {* induction step *}
nipkow@27626
   282
apply (rule Suc_leI [THEN le_less_trans])
nipkow@27626
   283
 apply (rule le_refl [THEN add_le_mono, THEN le_less_trans])
nipkow@27626
   284
  prefer 2
nipkow@27626
   285
  apply (erule spec)
nipkow@27626
   286
 apply (simp add: le_add2)
nipkow@27626
   287
txt {* final part of the simplification *}
nipkow@27626
   288
apply simp
nipkow@27626
   289
apply (rule le_add2 [THEN ack_le_mono1, THEN le_less_trans])
nipkow@27626
   290
apply (erule ack_less_mono2)
nipkow@27626
   291
done
wenzelm@11024
   292
wenzelm@11024
   293
lemma PREC_case:
nipkow@27626
   294
  "\<forall>l. f l < ack kf (listsum l) ==>
nipkow@27626
   295
    \<forall>l. g l < ack kg (listsum l) ==>
nipkow@27626
   296
    \<exists>k. \<forall>l. PREC f g l < ack k (listsum l)"
nipkow@27626
   297
by (metis le_less_trans [OF le_add1 PREC_case_aux] ack_add_bound2)
wenzelm@11024
   298
nipkow@27626
   299
lemma ack_bounds_PRIMREC: "PRIMREC f ==> \<exists>k. \<forall>l. f l < ack k (listsum l)"
nipkow@27626
   300
apply (erule PRIMREC.induct)
nipkow@27626
   301
    apply (blast intro: SC_case CONSTANT_case PROJ_case COMP_case PREC_case)+
nipkow@27626
   302
done
wenzelm@11024
   303
nipkow@27626
   304
theorem ack_not_PRIMREC:
nipkow@27626
   305
  "\<not> PRIMREC (\<lambda>l. case l of [] => 0 | x # l' => ack x x)"
nipkow@27626
   306
apply (rule notI)
nipkow@27626
   307
apply (erule ack_bounds_PRIMREC [THEN exE])
nipkow@27626
   308
apply (rule less_irrefl [THEN notE])
nipkow@27626
   309
apply (drule_tac x = "[x]" in spec)
nipkow@27626
   310
apply simp
nipkow@27626
   311
done
paulson@3335
   312
paulson@3335
   313
end