isabelle: doc-src/TutorialI/Recdef/document/Induction.tex@5f42dd5e6570 (annotated)

9722 a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	1	%
a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	2	\begin{isabellebody}%
9924 3370f6aa3200 updated; wenzelm parents: 9792 diff changeset	3	\def\isabellecontext{Induction}%
17181 5f42dd5e6570 updated; wenzelm parents: 17175 diff changeset	4	\isamarkupfalse%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	5	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	6	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	7	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	8	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	9	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	10	\isatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	11	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	12	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	13	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	14	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	15	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	16	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	17	\endisadelimtheory
8749 2665170f104a Adding generated files nipkow parents: diff changeset	18	%
2665170f104a Adding generated files nipkow parents: diff changeset	19	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	20	Assuming we have defined our function such that Isabelle could prove
2665170f104a Adding generated files nipkow parents: diff changeset	21	termination and that the recursion equations (or some suitable derived
2665170f104a Adding generated files nipkow parents: diff changeset	22	equations) are simplification rules, we might like to prove something about
2665170f104a Adding generated files nipkow parents: diff changeset	23	our function. Since the function is recursive, the natural proof principle is
2665170f104a Adding generated files nipkow parents: diff changeset	24	again induction. But this time the structural form of induction that comes
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	25	with datatypes is unlikely to work well --- otherwise we could have defined the
8749 2665170f104a Adding generated files nipkow parents: diff changeset	26	function by \isacommand{primrec}. Therefore \isacommand{recdef} automatically
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	27	proves a suitable induction rule $f$\isa{{\isachardot}induct} that follows the
8749 2665170f104a Adding generated files nipkow parents: diff changeset	28	recursion pattern of the particular function $f$. We call this
2665170f104a Adding generated files nipkow parents: diff changeset	29	\textbf{recursion induction}. Roughly speaking, it
2665170f104a Adding generated files nipkow parents: diff changeset	30	requires you to prove for each \isacommand{recdef} equation that the property
2665170f104a Adding generated files nipkow parents: diff changeset	31	you are trying to establish holds for the left-hand side provided it holds
10795 9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10362 diff changeset	32	for all recursive calls on the right-hand side. Here is a simple example
9e888d60d3e5 minor edits to Chapters 1-3 paulson parents: 10362 diff changeset	33	involving the predefined \isa{map} functional on lists:%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	34	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	35	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	36	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	37	\ {\isachardoublequoteopen}map\ f\ {\isacharparenleft}sep{\isacharparenleft}x{\isacharcomma}xs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep{\isacharparenleft}f\ x{\isacharcomma}\ map\ f\ xs{\isacharparenright}{\isachardoublequoteclose}%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	38	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	39	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	40	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	41	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	42	\isatagproof
16069 3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	43	%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	44	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	45	\noindent
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	46	Note that \isa{map\ f\ xs}
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	47	is the result of applying \isa{f} to all elements of \isa{xs}. We prove
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	48	this lemma by recursion induction over \isa{sep}:%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	49	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	50	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	51	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	52	{\isacharparenleft}induct{\isacharunderscore}tac\ x\ xs\ rule{\isacharcolon}\ sep{\isachardot}induct{\isacharparenright}%
16069 3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	53	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	54	\noindent
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	55	The resulting proof state has three subgoals corresponding to the three
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	56	clauses for \isa{sep}:
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	57	\begin{isabelle}%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	58	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}a{\isachardot}\ map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharbrackleft}{\isacharbrackright}{\isacharparenright}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	59	\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}a\ x{\isachardot}\ map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ {\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharbrackleft}x{\isacharbrackright}{\isacharparenright}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	60	\ {\isadigit{3}}{\isachardot}\ {\isasymAnd}a\ x\ y\ zs{\isachardot}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	61	\isaindent{\ {\isadigit{3}}{\isachardot}\ \ \ \ }map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharparenleft}y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isasymLongrightarrow}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	62	\isaindent{\ {\isadigit{3}}{\isachardot}\ \ \ \ }map\ f\ {\isacharparenleft}sep\ {\isacharparenleft}a{\isacharcomma}\ x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep\ {\isacharparenleft}f\ a{\isacharcomma}\ map\ f\ {\isacharparenleft}x\ {\isacharhash}\ y\ {\isacharhash}\ zs{\isacharparenright}{\isacharparenright}%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	63	\end{isabelle}
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	64	The rest is pure simplification:%
3f2a9f400168 * empty log message * nipkow parents: 15481 diff changeset	65	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	66	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	67	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	68	\ simp{\isacharunderscore}all\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	69	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	70	%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	71	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	72	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	73	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	74	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	75	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	76	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11458 diff changeset	77	%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	78	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	79	Try proving the above lemma by structural induction, and you find that you
2665170f104a Adding generated files nipkow parents: diff changeset	80	need an additional case distinction. What is worse, the names of variables
2665170f104a Adding generated files nipkow parents: diff changeset	81	are invented by Isabelle and have nothing to do with the names in the
2665170f104a Adding generated files nipkow parents: diff changeset	82	definition of \isa{sep}.
2665170f104a Adding generated files nipkow parents: diff changeset	83
2665170f104a Adding generated files nipkow parents: diff changeset	84	In general, the format of invoking recursion induction is
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9723 diff changeset	85	\begin{quote}
11159 07b13770c4d6 * empty log message * nipkow parents: 11023 diff changeset	86	\isacommand{apply}\isa{{\isacharparenleft}induct{\isacharunderscore}tac} $x@1 \dots x@n$ \isa{rule{\isacharcolon}} $f$\isa{{\isachardot}induct{\isacharparenright}}
11428 332347b9b942 tidying the index paulson parents: 11159 diff changeset	87	\end{quote}\index{*induct_tac (method)}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	88	where $x@1~\dots~x@n$ is a list of free variables in the subgoal and $f$ the
2665170f104a Adding generated files nipkow parents: diff changeset	89	name of a function that takes an $n$-tuple. Usually the subgoal will
10971 6852682eaf16 * empty log message * nipkow parents: 10950 diff changeset	90	contain the term $f(x@1,\dots,x@n)$ but this need not be the case. The
11458 09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11428 diff changeset	91	induction rules do not mention $f$ at all. Here is \isa{sep{\isachardot}induct}:
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	92	\begin{isabelle}
9689 751fde5307e4 * empty log message * nipkow parents: 9674 diff changeset	93	{\isasymlbrakk}~{\isasymAnd}a.~P~a~[];\isanewline
751fde5307e4 * empty log message * nipkow parents: 9674 diff changeset	94	~~{\isasymAnd}a~x.~P~a~[x];\isanewline
751fde5307e4 * empty log message * nipkow parents: 9674 diff changeset	95	~~{\isasymAnd}a~x~y~zs.~P~a~(y~\#~zs)~{\isasymLongrightarrow}~P~a~(x~\#~y~\#~zs){\isasymrbrakk}\isanewline
751fde5307e4 * empty log message * nipkow parents: 9674 diff changeset	96	{\isasymLongrightarrow}~P~u~v%
9723 a977245dfc8a * empty log message * nipkow parents: 9722 diff changeset	97	\end{isabelle}
11458 09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11428 diff changeset	98	It merely says that in order to prove a property \isa{P} of \isa{u} and
9689 751fde5307e4 * empty log message * nipkow parents: 9674 diff changeset	99	\isa{v} you need to prove it for the three cases where \isa{v} is the
11458 09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11428 diff changeset	100	empty list, the singleton list, and the list with at least two elements.
09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11428 diff changeset	101	The final case has an induction hypothesis: you may assume that \isa{P}
09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11428 diff changeset	102	holds for the tail of that list.%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	103	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	104	\isamarkuptrue%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	105	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	106	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	107	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	108	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	109	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	110	\isatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	111	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	112	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	113	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	114	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	115	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	116	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	117	\endisadelimtheory
9722 a5f86aed785b * empty log message * nipkow parents: 9721 diff changeset	118	\end{isabellebody}%
9145 9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	119	%%% Local Variables:
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	120	%%% mode: latex
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	121	%%% TeX-master: "root"
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	122	%%% End:

author	wenzelm
	Mon, 29 Aug 2005 11:44:23 +0200
changeset 17181	5f42dd5e6570
parent 17175	1eced27ee0e1
child 17187	45bee2f6e61f
permissions	-rw-r--r--