9722
|
1 |
%
|
|
2 |
\begin{isabellebody}%
|
9924
|
3 |
\def\isabellecontext{Fundata}%
|
10420
|
4 |
\isacommand{datatype}\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}{\isacharprime}i{\isacharparenright}bigtree\ {\isacharequal}\ Tip\ {\isacharbar}\ Br\ {\isacharprime}a\ {\isachardoublequote}{\isacharprime}i\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}{\isacharprime}i{\isacharparenright}bigtree{\isachardoublequote}%
|
8749
|
5 |
\begin{isamarkuptext}%
|
9792
|
6 |
\noindent
|
|
7 |
Parameter \isa{{\isacharprime}a} is the type of values stored in
|
10420
|
8 |
the \isa{Br}anches of the tree, whereas \isa{{\isacharprime}i} is the index
|
9792
|
9 |
type over which the tree branches. If \isa{{\isacharprime}i} is instantiated to
|
8749
|
10 |
\isa{bool}, the result is a binary tree; if it is instantiated to
|
|
11 |
\isa{nat}, we have an infinitely branching tree because each node
|
|
12 |
has as many subtrees as there are natural numbers. How can we possibly
|
9541
|
13 |
write down such a tree? Using functional notation! For example, the term
|
|
14 |
\begin{isabelle}%
|
10420
|
15 |
\ \ \ \ \ Br\ {\isadigit{0}}\ {\isacharparenleft}{\isasymlambda}i{\isachardot}\ Br\ i\ {\isacharparenleft}{\isasymlambda}n{\isachardot}\ Tip{\isacharparenright}{\isacharparenright}%
|
9924
|
16 |
\end{isabelle}
|
9673
|
17 |
of type \isa{{\isacharparenleft}nat{\isacharcomma}\ nat{\isacharparenright}\ bigtree} is the tree whose
|
8771
|
18 |
root is labeled with 0 and whose $i$th subtree is labeled with $i$ and
|
8749
|
19 |
has merely \isa{Tip}s as further subtrees.
|
|
20 |
|
9792
|
21 |
Function \isa{map{\isacharunderscore}bt} applies a function to all labels in a \isa{bigtree}:%
|
8749
|
22 |
\end{isamarkuptext}%
|
9673
|
23 |
\isacommand{consts}\ map{\isacharunderscore}bt\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}b{\isacharparenright}\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a{\isacharcomma}{\isacharprime}i{\isacharparenright}bigtree\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}b{\isacharcomma}{\isacharprime}i{\isacharparenright}bigtree{\isachardoublequote}\isanewline
|
8749
|
24 |
\isacommand{primrec}\isanewline
|
10420
|
25 |
{\isachardoublequote}map{\isacharunderscore}bt\ f\ Tip\ \ \ \ \ \ {\isacharequal}\ Tip{\isachardoublequote}\isanewline
|
|
26 |
{\isachardoublequote}map{\isacharunderscore}bt\ f\ {\isacharparenleft}Br\ a\ F{\isacharparenright}\ {\isacharequal}\ Br\ {\isacharparenleft}f\ a{\isacharparenright}\ {\isacharparenleft}{\isasymlambda}i{\isachardot}\ map{\isacharunderscore}bt\ f\ {\isacharparenleft}F\ i{\isacharparenright}{\isacharparenright}{\isachardoublequote}%
|
8749
|
27 |
\begin{isamarkuptext}%
|
|
28 |
\noindent This is a valid \isacommand{primrec} definition because the
|
9792
|
29 |
recursive calls of \isa{map{\isacharunderscore}bt} involve only subtrees obtained from
|
11458
|
30 |
\isa{F}: the left-hand side. Thus termination is assured. The
|
|
31 |
seasoned functional programmer might try expressing
|
|
32 |
\isa{{\isasymlambda}i{\isachardot}\ map{\isacharunderscore}bt\ f\ {\isacharparenleft}F\ i{\isacharparenright}} as \isa{map{\isacharunderscore}bt\ f\ {\isasymcirc}\ F}, which Isabelle
|
|
33 |
however will reject. Applying \isa{map{\isacharunderscore}bt} to only one of its arguments
|
|
34 |
makes the termination proof less obvious.
|
8749
|
35 |
|
11309
|
36 |
The following lemma has a simple proof by induction:%
|
8749
|
37 |
\end{isamarkuptext}%
|
9673
|
38 |
\isacommand{lemma}\ {\isachardoublequote}map{\isacharunderscore}bt\ {\isacharparenleft}g\ o\ f{\isacharparenright}\ T\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ T{\isacharparenright}{\isachardoublequote}\isanewline
|
10171
|
39 |
\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ T{\isacharcomma}\ simp{\isacharunderscore}all{\isacharparenright}\isanewline
|
|
40 |
\isacommand{done}%
|
10420
|
41 |
\begin{isamarkuptxt}%
|
8749
|
42 |
\noindent
|
11458
|
43 |
Because of the function type, the
|
|
44 |
the proof state after induction looks unusual.
|
10795
|
45 |
Notice the quantified induction hypothesis:
|
10420
|
46 |
\begin{isabelle}%
|
|
47 |
\ {\isadigit{1}}{\isachardot}\ map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ Tip\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ Tip{\isacharparenright}\isanewline
|
10901
|
48 |
\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ F{\isachardot}\ {\isacharparenleft}{\isasymAnd}x{\isachardot}\ map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ {\isacharparenleft}F\ x{\isacharparenright}\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ {\isacharparenleft}F\ x{\isacharparenright}{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\isanewline
|
10950
|
49 |
\isaindent{\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ F{\isachardot}\ }map{\isacharunderscore}bt\ {\isacharparenleft}g\ {\isasymcirc}\ f{\isacharparenright}\ {\isacharparenleft}Br\ a\ F{\isacharparenright}\ {\isacharequal}\ map{\isacharunderscore}bt\ g\ {\isacharparenleft}map{\isacharunderscore}bt\ f\ {\isacharparenleft}Br\ a\ F{\isacharparenright}{\isacharparenright}%
|
9723
|
50 |
\end{isabelle}%
|
10420
|
51 |
\end{isamarkuptxt}%
|
9722
|
52 |
\end{isabellebody}%
|
9145
|
53 |
%%% Local Variables:
|
|
54 |
%%% mode: latex
|
|
55 |
%%% TeX-master: "root"
|
|
56 |
%%% End:
|