isabelle: src/HOL/Extraction/Pigeonhole.thy@20b42397e293 (annotated)

17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	1	(* Title: HOL/Extraction/Pigeonhole.thy
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	2	ID: $Id$
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	3	Author: Stefan Berghofer, TU Muenchen
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	4	*)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	5
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	6	header {* The pigeonhole principle *}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	7
22737 d87ccbcc2702 tuned haftmann parents: 22507 diff changeset	8	theory Pigeonhole
25418 d4f80cb18c93 Moved nat_eq_dec and search to Util.thy berghofe parents: 24348 diff changeset	9	imports Util Efficient_Nat
22737 d87ccbcc2702 tuned haftmann parents: 22507 diff changeset	10	begin
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	11
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	12	text {*
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	13	We formalize two proofs of the pigeonhole principle, which lead
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	14	to extracted programs of quite different complexity. The original
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	15	formalization of these proofs in {\sc Nuprl} is due to
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	16	Aleksey Nogin \cite{Nogin-ENTCS-2000}.
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	17
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	18	This proof yields a polynomial program.
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	19	*}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	20
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	21	theorem pigeonhole:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	22	"\<And>f. (\<And>i. i \<le> Suc n \<Longrightarrow> f i \<le> n) \<Longrightarrow> \<exists>i j. i \<le> Suc n \<and> j < i \<and> f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	23	proof (induct n)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	24	case 0
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	25	hence "Suc 0 \<le> Suc 0 \<and> 0 < Suc 0 \<and> f (Suc 0) = f 0" by simp
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	26	thus ?case by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	27	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	28	case (Suc n)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	29	{
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	30	fix k
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	31	have
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	32	"k \<le> Suc (Suc n) \<Longrightarrow>
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	33	(\<And>i j. Suc k \<le> i \<Longrightarrow> i \<le> Suc (Suc n) \<Longrightarrow> j < i \<Longrightarrow> f i \<noteq> f j) \<Longrightarrow>
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	34	(\<exists>i j. i \<le> k \<and> j < i \<and> f i = f j)"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	35	proof (induct k)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	36	case 0
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	37	let ?f = "\<lambda>i. if f i = Suc n then f (Suc (Suc n)) else f i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	38	have "\<not> (\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j)"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	39	proof
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	40	assume "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	41	then obtain i j where i: "i \<le> Suc n" and j: "j < i"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	42	and f: "?f i = ?f j" by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	43	from j have i_nz: "Suc 0 \<le> i" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	44	from i have iSSn: "i \<le> Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	45	have S0SSn: "Suc 0 \<le> Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	46	show False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	47	proof cases
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	48	assume fi: "f i = Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	49	show False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	50	proof cases
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	51	assume fj: "f j = Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	52	from i_nz and iSSn and j have "f i \<noteq> f j" by (rule 0)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	53	moreover from fi have "f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	54	by (simp add: fj [symmetric])
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	55	ultimately show ?thesis ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	56	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	57	from i and j have "j < Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	58	with S0SSn and le_refl have "f (Suc (Suc n)) \<noteq> f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	59	by (rule 0)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	60	moreover assume "f j \<noteq> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	61	with fi and f have "f (Suc (Suc n)) = f j" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	62	ultimately show False ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	63	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	64	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	65	assume fi: "f i \<noteq> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	66	show False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	67	proof cases
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	68	from i have "i < Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	69	with S0SSn and le_refl have "f (Suc (Suc n)) \<noteq> f i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	70	by (rule 0)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	71	moreover assume "f j = Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	72	with fi and f have "f (Suc (Suc n)) = f i" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	73	ultimately show False ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	74	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	75	from i_nz and iSSn and j
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	76	have "f i \<noteq> f j" by (rule 0)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	77	moreover assume "f j \<noteq> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	78	with fi and f have "f i = f j" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	79	ultimately show False ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	80	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	81	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	82	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	83	moreover have "\<And>i. i \<le> Suc n \<Longrightarrow> ?f i \<le> n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	84	proof -
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	85	fix i assume "i \<le> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	86	hence i: "i < Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	87	have "f (Suc (Suc n)) \<noteq> f i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	88	by (rule 0) (simp_all add: i)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	89	moreover have "f (Suc (Suc n)) \<le> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	90	by (rule Suc) simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	91	moreover from i have "i \<le> Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	92	hence "f i \<le> Suc n" by (rule Suc)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	93	ultimately show "?thesis i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	94	by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	95	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	96	hence "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	97	by (rule Suc)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	98	ultimately show ?case ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	99	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	100	case (Suc k)
25418 d4f80cb18c93 Moved nat_eq_dec and search to Util.thy berghofe parents: 24348 diff changeset	101	from search [OF nat_eq_dec] show ?case
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	102	proof
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	103	assume "\<exists>j<Suc k. f (Suc k) = f j"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	104	thus ?case by (iprover intro: le_refl)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	105	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	106	assume nex: "\<not> (\<exists>j<Suc k. f (Suc k) = f j)"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	107	have "\<exists>i j. i \<le> k \<and> j < i \<and> f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	108	proof (rule Suc)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	109	from Suc show "k \<le> Suc (Suc n)" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	110	fix i j assume k: "Suc k \<le> i" and i: "i \<le> Suc (Suc n)"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	111	and j: "j < i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	112	show "f i \<noteq> f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	113	proof cases
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	114	assume eq: "i = Suc k"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	115	show ?thesis
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	116	proof
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	117	assume "f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	118	hence "f (Suc k) = f j" by (simp add: eq)
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	119	with nex and j and eq show False by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	120	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	121	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	122	assume "i \<noteq> Suc k"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	123	with k have "Suc (Suc k) \<le> i" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	124	thus ?thesis using i and j by (rule Suc)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	125	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	126	qed
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	127	thus ?thesis by (iprover intro: le_SucI)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	128	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	129	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	130	}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	131	note r = this
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	132	show ?case by (rule r) simp_all
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	133	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	134
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	135	text {*
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	136	The following proof, although quite elegant from a mathematical point of view,
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	137	leads to an exponential program:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	138	*}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	139
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	140	theorem pigeonhole_slow:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	141	"\<And>f. (\<And>i. i \<le> Suc n \<Longrightarrow> f i \<le> n) \<Longrightarrow> \<exists>i j. i \<le> Suc n \<and> j < i \<and> f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	142	proof (induct n)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	143	case 0
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	144	have "Suc 0 \<le> Suc 0" ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	145	moreover have "0 < Suc 0" ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	146	moreover from 0 have "f (Suc 0) = f 0" by simp
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	147	ultimately show ?case by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	148	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	149	case (Suc n)
25418 d4f80cb18c93 Moved nat_eq_dec and search to Util.thy berghofe parents: 24348 diff changeset	150	from search [OF nat_eq_dec] show ?case
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	151	proof
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	152	assume "\<exists>j < Suc (Suc n). f (Suc (Suc n)) = f j"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	153	thus ?case by (iprover intro: le_refl)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	154	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	155	assume "\<not> (\<exists>j < Suc (Suc n). f (Suc (Suc n)) = f j)"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	156	hence nex: "\<forall>j < Suc (Suc n). f (Suc (Suc n)) \<noteq> f j" by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	157	let ?f = "\<lambda>i. if f i = Suc n then f (Suc (Suc n)) else f i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	158	have "\<And>i. i \<le> Suc n \<Longrightarrow> ?f i \<le> n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	159	proof -
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	160	fix i assume i: "i \<le> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	161	show "?thesis i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	162	proof (cases "f i = Suc n")
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	163	case True
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	164	from i and nex have "f (Suc (Suc n)) \<noteq> f i" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	165	with True have "f (Suc (Suc n)) \<noteq> Suc n" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	166	moreover from Suc have "f (Suc (Suc n)) \<le> Suc n" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	167	ultimately have "f (Suc (Suc n)) \<le> n" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	168	with True show ?thesis by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	169	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	170	case False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	171	from Suc and i have "f i \<le> Suc n" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	172	with False show ?thesis by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	173	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	174	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	175	hence "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j" by (rule Suc)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	176	then obtain i j where i: "i \<le> Suc n" and ji: "j < i" and f: "?f i = ?f j"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	177	by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	178	have "f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	179	proof (cases "f i = Suc n")
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	180	case True
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	181	show ?thesis
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	182	proof (cases "f j = Suc n")
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	183	assume "f j = Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	184	with True show ?thesis by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	185	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	186	assume "f j \<noteq> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	187	moreover from i ji nex have "f (Suc (Suc n)) \<noteq> f j" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	188	ultimately show ?thesis using True f by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	189	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	190	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	191	case False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	192	show ?thesis
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	193	proof (cases "f j = Suc n")
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	194	assume "f j = Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	195	moreover from i nex have "f (Suc (Suc n)) \<noteq> f i" by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	196	ultimately show ?thesis using False f by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	197	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	198	assume "f j \<noteq> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	199	with False f show ?thesis by simp
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	200	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	201	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	202	moreover from i have "i \<le> Suc (Suc n)" by simp
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	203	ultimately show ?thesis using ji by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	204	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	205	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	206
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	207	extract pigeonhole pigeonhole_slow
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	208
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	209	text {*
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	210	The programs extracted from the above proofs look as follows:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	211	@{thm [display] pigeonhole_def}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	212	@{thm [display] pigeonhole_slow_def}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	213	The program for searching for an element in an array is
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	214	@{thm [display,eta_contract=false] search_def}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	215	The correctness statement for @{term "pigeonhole"} is
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	216	@{thm [display] pigeonhole_correctness [no_vars]}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	217
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	218	In order to analyze the speed of the above programs,
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	219	we generate ML code from them.
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	220	*}
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	221
27982 2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	222	instantiation nat :: default
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	223	begin
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	224
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	225	definition "default = (0::nat)"
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	226
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	227	instance ..
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	228
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	229	end
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	230
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	231	instantiation * :: (default, default) default
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	232	begin
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	233
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	234	definition "default = (default, default)"
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	235
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	236	instance ..
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	237
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	238	end
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	239
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	240	consts_code
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	241	"default :: nat" ("{* 0::nat *}")
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	242	"default :: nat \<times> nat" ("{* (0::nat, 0::nat) *}")
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	243
20837 099877d83d2b added example for code_gen haftmann parents: 20593 diff changeset	244	definition
23810 f5e6932d0500 dropped outer ROOT structure for generated code haftmann parents: 22921 diff changeset	245	"test n u = pigeonhole n (\<lambda>m. m - 1)"
21404 eb85850d3eb7 more robust syntax for definition/abbreviation/notation; wenzelm parents: 21127 diff changeset	246	definition
23810 f5e6932d0500 dropped outer ROOT structure for generated code haftmann parents: 22921 diff changeset	247	"test' n u = pigeonhole_slow n (\<lambda>m. m - 1)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	248	definition
3572bc633d9a tuned haftmann parents: 21545 diff changeset	249	"test'' u = pigeonhole 8 (op ! [0, 1, 2, 3, 4, 5, 6, 3, 7, 8])"
20837 099877d83d2b added example for code_gen haftmann parents: 20593 diff changeset	250
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	251	code_module PH
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	252	contains
3572bc633d9a tuned haftmann parents: 21545 diff changeset	253	test = test
3572bc633d9a tuned haftmann parents: 21545 diff changeset	254	test' = test'
3572bc633d9a tuned haftmann parents: 21545 diff changeset	255	test'' = test''
3572bc633d9a tuned haftmann parents: 21545 diff changeset	256
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	257	ML "timeit (PH.test 10)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	258	ML "timeit (@{code test} 10)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	259
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	260	ML "timeit (PH.test' 10)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	261	ML "timeit (@{code test'} 10)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	262
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	263	ML "timeit (PH.test 20)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	264	ML "timeit (@{code test} 20)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	265
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	266	ML "timeit (PH.test' 20)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	267	ML "timeit (@{code test'} 20)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	268
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	269	ML "timeit (PH.test 25)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	270	ML "timeit (@{code test} 25)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	271
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	272	ML "timeit (PH.test' 25)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	273	ML "timeit (@{code test'} 25)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	274
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	275	ML "timeit (PH.test 500)"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	276	ML "timeit (@{code test} 500)"
22507 3572bc633d9a tuned haftmann parents: 21545 diff changeset	277
27436 9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	278	ML "timeit PH.test''"
9581777503e9 code antiquotation roaring ahead haftmann parents: 25418 diff changeset	279	ML "timeit @{code test''}"
20837 099877d83d2b added example for code_gen haftmann parents: 20593 diff changeset	280
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	281	end

author	haftmann
	Wed, 17 Dec 2008 12:10:40 +0100
changeset 29135	20b42397e293
parent 27982	2aaa4a5569a6
child 29823	0ab754d13ccd
permissions	-rw-r--r--