isabelle: doc-src/TutorialI/Recdef/Nested2.thy@3c1787d46935 (annotated)

9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	1	(<)
16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 13111 diff changeset	2	theory Nested2 imports Nested0 begin
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	3	(>)
50f22b1b136a * empty log message * nipkow parents: diff changeset	4
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	5	lemma [simp]: "t \<in> set ts \<longrightarrow> size t < Suc(term_list_size ts)"
bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	6	by(induct_tac ts, auto)
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	7	(<)
50f22b1b136a * empty log message * nipkow parents: diff changeset	8	recdef trev "measure size"
50f22b1b136a * empty log message * nipkow parents: diff changeset	9	"trev (Var x) = Var x"
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	10	"trev (App f ts) = App f (rev(map trev ts))"
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	11	(>)
50f22b1b136a * empty log message * nipkow parents: diff changeset	12	text{*\noindent
50f22b1b136a * empty log message * nipkow parents: diff changeset	13	By making this theorem a simplification rule, \isacommand{recdef}
10885 90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	14	applies it automatically and the definition of @{term"trev"}
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	15	succeeds now. As a reward for our effort, we can now prove the desired
10885 90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	16	lemma directly. We no longer need the verbose
90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	17	induction schema for type @{text"term"} and can use the simpler one arising from
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	18	@{term"trev"}:
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	19	*}
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	20
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	21	lemma "trev(trev t) = t"
12815 1f073030b97a tuned; wenzelm parents: 12491 diff changeset	22	apply(induct_tac t rule: trev.induct)
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	23	txt{*
bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	24	@{subgoals[display,indent=0]}
bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	25	Both the base case and the induction step fall to simplification:
bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	26	*}
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	27
12815 1f073030b97a tuned; wenzelm parents: 12491 diff changeset	28	by(simp_all add: rev_map sym[OF map_compose] cong: map_cong)
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	29
50f22b1b136a * empty log message * nipkow parents: diff changeset	30	text{*\noindent
10885 90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	31	If the proof of the induction step mystifies you, we recommend that you go through
9754 a123a64cadeb * empty log message * nipkow parents: 9721 diff changeset	32	the chain of simplification steps in detail; you will probably need the help of
40878 7695e4de4d86 renamed trace_simp to simp_trace, and debug_simp to simp_debug; wenzelm parents: 16417 diff changeset	33	@{text"simp_trace"}. Theorem @{thm[source]map_cong} is discussed below.
9721 7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	34	%\begin{quote}
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	35	%{term[display]"trev(trev(App f ts))"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	36	%{term[display]"App f (rev(map trev (rev(map trev ts))))"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	37	%{term[display]"App f (map trev (rev(rev(map trev ts))))"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	38	%{term[display]"App f (map trev (map trev ts))"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	39	%{term[display]"App f (map (trev o trev) ts)"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	40	%{term[display]"App f (map (%x. x) ts)"}\\
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	41	%{term[display]"App f ts"}
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	42	%\end{quote}
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	43
10885 90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	44	The definition of @{term"trev"} above is superior to the one in
90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	45	\S\ref{sec:nested-datatype} because it uses @{term"rev"}
90695f46440b lcp's pass over the book, chapters 1-8 paulson parents: 10654 diff changeset	46	and lets us use existing facts such as \hbox{@{prop"rev(rev xs) = xs"}}.
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	47	Thus this proof is a good example of an important principle:
50f22b1b136a * empty log message * nipkow parents: diff changeset	48	\begin{quote}
50f22b1b136a * empty log message * nipkow parents: diff changeset	49	\emph{Chose your definitions carefully\\
50f22b1b136a * empty log message * nipkow parents: diff changeset	50	because they determine the complexity of your proofs.}
50f22b1b136a * empty log message * nipkow parents: diff changeset	51	\end{quote}
50f22b1b136a * empty log message * nipkow parents: diff changeset	52
9721 7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	53	Let us now return to the question of how \isacommand{recdef} can come up with
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	54	sensible termination conditions in the presence of higher-order functions
11494 23a118849801 revisions and indexing paulson parents: 11428 diff changeset	55	like @{term"map"}. For a start, if nothing were known about @{term"map"}, then
9721 7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	56	@{term"map trev ts"} might apply @{term"trev"} to arbitrary terms, and thus
7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	57	\isacommand{recdef} would try to prove the unprovable @{term"size t < Suc
9754 a123a64cadeb * empty log message * nipkow parents: 9721 diff changeset	58	(term_list_size ts)"}, without any assumption about @{term"t"}. Therefore
9721 7e51c9f3d5a0 * empty log message * nipkow parents: 9690 diff changeset	59	\isacommand{recdef} has been supplied with the congruence theorem
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9754 diff changeset	60	@{thm[source]map_cong}:
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	61	@{thm[display,margin=50]"map_cong"[no_vars]}
11494 23a118849801 revisions and indexing paulson parents: 11428 diff changeset	62	Its second premise expresses that in @{term"map f xs"},
23a118849801 revisions and indexing paulson parents: 11428 diff changeset	63	function @{term"f"} is only applied to elements of list @{term"xs"}. Congruence
23a118849801 revisions and indexing paulson parents: 11428 diff changeset	64	rules for other higher-order functions on lists are similar. If you get
10212 33fe2d701ddd * empty log message * nipkow parents: 10186 diff changeset	65	into a situation where you need to supply \isacommand{recdef} with new
11494 23a118849801 revisions and indexing paulson parents: 11428 diff changeset	66	congruence rules, you can append a hint after the end of
13111 2d6782e71702 * empty log message * nipkow parents: 12815 diff changeset	67	the recursion equations:\cmmdx{hints}
9940 102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	68	*}
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	69	(<)
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	70	consts dummy :: "nat => nat"
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	71	recdef dummy "{}"
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	72	"dummy n = n"
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	73	(>)
10171 59d6633835fa * empty log message * nipkow parents: 9940 diff changeset	74	(hints recdef_cong: map_cong)
9690 50f22b1b136a * empty log message * nipkow parents: diff changeset	75
9940 102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	76	text{*\noindent
11494 23a118849801 revisions and indexing paulson parents: 11428 diff changeset	77	Or you can declare them globally
23a118849801 revisions and indexing paulson parents: 11428 diff changeset	78	by giving them the \attrdx{recdef_cong} attribute:
9940 102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	79	*}
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	80
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	81	declare map_cong[recdef_cong]
9940 102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	82
102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	83	text{*
11494 23a118849801 revisions and indexing paulson parents: 11428 diff changeset	84	The @{text cong} and @{text recdef_cong} attributes are
9940 102f2430cef9 * empty log message * nipkow parents: 9933 diff changeset	85	intentionally kept apart because they control different activities, namely
10171 59d6633835fa * empty log message * nipkow parents: 9940 diff changeset	86	simplification and making recursive definitions.
9933 9feb1e0c4cb3 * empty log message * nipkow parents: 9834 diff changeset	87	%The simplifier's congruence rules cannot be used by recdef.
9feb1e0c4cb3 * empty log message * nipkow parents: 9834 diff changeset	88	%For example the weak congruence rules for if and case would prevent
9feb1e0c4cb3 * empty log message * nipkow parents: 9834 diff changeset	89	%recdef from generating sensible termination conditions.
11196 bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	90	*}
bb4ede27fcb7 * empty log message * nipkow parents: 10885 diff changeset	91	(<)end(>)

author	wenzelm
	Tue, 13 Mar 2012 17:04:00 +0100
changeset 46906	3c1787d46935
parent 40878	7695e4de4d86
permissions	-rw-r--r--