|
10187
|
1 |
%
|
|
|
2 |
\begin{isabellebody}%
|
|
|
3 |
\def\isabellecontext{WFrec}%
|
|
|
4 |
%
|
|
|
5 |
\begin{isamarkuptext}%
|
|
|
6 |
\noindent
|
|
|
7 |
So far, all recursive definitions where shown to terminate via measure
|
|
|
8 |
functions. Sometimes this can be quite inconvenient or even
|
|
|
9 |
impossible. Fortunately, \isacommand{recdef} supports much more
|
|
|
10 |
general definitions. For example, termination of Ackermann's function
|
|
|
11 |
can be shown by means of the lexicographic product \isa{{\isacharless}{\isacharasterisk}lex{\isacharasterisk}{\isachargreater}}:%
|
|
|
12 |
\end{isamarkuptext}%
|
|
|
13 |
\isacommand{consts}\ ack\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat{\isasymtimes}nat\ {\isasymRightarrow}\ nat{\isachardoublequote}\isanewline
|
|
|
14 |
\isacommand{recdef}\ ack\ {\isachardoublequote}measure{\isacharparenleft}{\isasymlambda}m{\isachardot}\ m{\isacharparenright}\ {\isacharless}{\isacharasterisk}lex{\isacharasterisk}{\isachargreater}\ measure{\isacharparenleft}{\isasymlambda}n{\isachardot}\ n{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
15 |
\ \ {\isachardoublequote}ack{\isacharparenleft}{\isadigit{0}}{\isacharcomma}n{\isacharparenright}\ \ \ \ \ \ \ \ \ {\isacharequal}\ Suc\ n{\isachardoublequote}\isanewline
|
|
|
16 |
\ \ {\isachardoublequote}ack{\isacharparenleft}Suc\ m{\isacharcomma}{\isadigit{0}}{\isacharparenright}\ \ \ \ \ {\isacharequal}\ ack{\isacharparenleft}m{\isacharcomma}\ {\isadigit{1}}{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
17 |
\ \ {\isachardoublequote}ack{\isacharparenleft}Suc\ m{\isacharcomma}Suc\ n{\isacharparenright}\ {\isacharequal}\ ack{\isacharparenleft}m{\isacharcomma}ack{\isacharparenleft}Suc\ m{\isacharcomma}n{\isacharparenright}{\isacharparenright}{\isachardoublequote}%
|
|
|
18 |
\begin{isamarkuptext}%
|
|
|
19 |
\noindent
|
|
|
20 |
The lexicographic product decreases if either its first component
|
|
|
21 |
decreases (as in the second equation and in the outer call in the
|
|
|
22 |
third equation) or its first component stays the same and the second
|
|
|
23 |
component decreases (as in the inner call in the third equation).
|
|
|
24 |
|
|
|
25 |
In general, \isacommand{recdef} supports termination proofs based on
|
|
|
26 |
arbitrary \emph{wellfounded relations}, i.e.\ \emph{wellfounded
|
|
|
27 |
recursion}\indexbold{recursion!wellfounded}\index{wellfounded
|
|
|
28 |
recursion|see{recursion, wellfounded}}. A relation $<$ is
|
|
|
29 |
\bfindex{wellfounded} if it has no infinite descending chain $\cdots <
|
|
|
30 |
a@2 < a@1 < a@0$. Clearly, a function definition is total iff the set
|
|
10189
|
31 |
of all pairs $(r,l)$, where $l$ is the argument on the left-hand side
|
|
|
32 |
of an equation and $r$ the argument of some recursive call on the
|
|
|
33 |
corresponding right-hand side, induces a wellfounded relation. For a
|
|
|
34 |
systematic account of termination proofs via wellfounded relations
|
|
|
35 |
see, for example, \cite{Baader-Nipkow}. The HOL library formalizes
|
|
|
36 |
some of the theory of wellfounded relations. For example
|
|
|
37 |
\isa{wf\ r}\index{*wf|bold} means that relation \isa{r{\isasymColon}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}\ set} is
|
|
|
38 |
wellfounded.
|
|
10187
|
39 |
|
|
|
40 |
Each \isacommand{recdef} definition should be accompanied (after the
|
|
|
41 |
name of the function) by a wellfounded relation on the argument type
|
|
10190
|
42 |
of the function. For example, \isaindexbold{measure} is defined by
|
|
10187
|
43 |
\begin{isabelle}%
|
|
|
44 |
\ \ \ \ \ measure\ f\ {\isasymequiv}\ {\isacharbraceleft}{\isacharparenleft}y{\isacharcomma}\ x{\isacharparenright}{\isachardot}\ f\ y\ {\isacharless}\ f\ x{\isacharbraceright}%
|
|
|
45 |
\end{isabelle}
|
|
|
46 |
and it has been proved that \isa{measure\ f} is always wellfounded.
|
|
|
47 |
|
|
|
48 |
In addition to \isa{measure}, the library provides
|
|
|
49 |
a number of further constructions for obtaining wellfounded relations.
|
|
10189
|
50 |
Above we have already met \isa{{\isacharless}{\isacharasterisk}lex{\isacharasterisk}{\isachargreater}} of type
|
|
|
51 |
\begin{isabelle}%
|
|
|
52 |
\ \ \ \ \ {\isachardoublequote}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}b\ {\isasymtimes}\ {\isacharprime}b{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b{\isacharparenright}\ {\isasymtimes}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}b{\isacharparenright}{\isacharparenright}set{\isachardoublequote}%
|
|
|
53 |
\end{isabelle}
|
|
|
54 |
Of course the lexicographic product can also be interated, as in the following
|
|
|
55 |
function definition:%
|
|
|
56 |
\end{isamarkuptext}%
|
|
|
57 |
\isacommand{consts}\ contrived\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat\ {\isasymtimes}\ nat\ {\isasymtimes}\ nat\ {\isasymRightarrow}\ nat{\isachardoublequote}\isanewline
|
|
|
58 |
\isacommand{recdef}\ contrived\isanewline
|
|
|
59 |
\ \ {\isachardoublequote}measure{\isacharparenleft}{\isasymlambda}i{\isachardot}\ i{\isacharparenright}\ {\isacharless}{\isacharasterisk}lex{\isacharasterisk}{\isachargreater}\ measure{\isacharparenleft}{\isasymlambda}j{\isachardot}\ j{\isacharparenright}\ {\isacharless}{\isacharasterisk}lex{\isacharasterisk}{\isachargreater}\ measure{\isacharparenleft}{\isasymlambda}k{\isachardot}\ k{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
60 |
{\isachardoublequote}contrived{\isacharparenleft}i{\isacharcomma}j{\isacharcomma}Suc\ k{\isacharparenright}\ {\isacharequal}\ contrived{\isacharparenleft}i{\isacharcomma}j{\isacharcomma}k{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
61 |
{\isachardoublequote}contrived{\isacharparenleft}i{\isacharcomma}Suc\ j{\isacharcomma}{\isadigit{0}}{\isacharparenright}\ {\isacharequal}\ contrived{\isacharparenleft}i{\isacharcomma}j{\isacharcomma}j{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
62 |
{\isachardoublequote}contrived{\isacharparenleft}Suc\ i{\isacharcomma}{\isadigit{0}}{\isacharcomma}{\isadigit{0}}{\isacharparenright}\ {\isacharequal}\ contrived{\isacharparenleft}i{\isacharcomma}i{\isacharcomma}i{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
63 |
{\isachardoublequote}contrived{\isacharparenleft}{\isadigit{0}}{\isacharcomma}{\isadigit{0}}{\isacharcomma}{\isadigit{0}}{\isacharparenright}\ \ \ \ \ {\isacharequal}\ {\isadigit{0}}{\isachardoublequote}%
|
|
|
64 |
\begin{isamarkuptext}%
|
|
|
65 |
Lexicographic products of measure functions already go a long way. A
|
|
|
66 |
further useful construction is the embedding of some type in an
|
|
|
67 |
existing wellfounded relation via the inverse image of a function:
|
|
|
68 |
\begin{isabelle}%
|
|
|
69 |
\ \ \ \ \ inv{\isacharunderscore}image\ {\isacharparenleft}r{\isasymColon}{\isacharparenleft}{\isacharprime}b\ {\isasymtimes}\ {\isacharprime}b{\isacharparenright}\ set{\isacharparenright}\ {\isacharparenleft}f{\isasymColon}{\isacharprime}a\ {\isasymRightarrow}\ {\isacharprime}b{\isacharparenright}\ {\isasymequiv}\isanewline
|
|
|
70 |
\ \ \ \ \ {\isacharbraceleft}{\isacharparenleft}x{\isasymColon}{\isacharprime}a{\isacharcomma}\ y{\isasymColon}{\isacharprime}a{\isacharparenright}{\isachardot}\ {\isacharparenleft}f\ x{\isacharcomma}\ f\ y{\isacharparenright}\ {\isasymin}\ r{\isacharbraceright}%
|
|
|
71 |
\end{isabelle}
|
|
|
72 |
\begin{sloppypar}
|
|
|
73 |
\noindent
|
|
|
74 |
For example, \isa{measure} is actually defined as \isa{inv{\isacharunderscore}mage\ less{\isacharunderscore}than}, where
|
|
|
75 |
\isa{less{\isacharunderscore}than} of type \isa{{\isacharparenleft}nat\ {\isasymtimes}\ nat{\isacharparenright}\ set} is the less-than relation on type \isa{nat}
|
|
|
76 |
(as opposed to \isa{op\ {\isacharless}}, which is of type \isa{{\isacharbrackleft}nat{\isacharcomma}\ nat{\isacharbrackright}\ {\isasymRightarrow}\ bool}).
|
|
|
77 |
\end{sloppypar}
|
|
10187
|
78 |
|
|
10189
|
79 |
%Finally there is also {finite_psubset} the proper subset relation on finite sets
|
|
|
80 |
|
|
|
81 |
All the above constructions are known to \isacommand{recdef}. Thus you
|
|
|
82 |
will never have to prove wellfoundedness of any relation composed
|
|
|
83 |
solely of these building blocks. But of course the proof of
|
|
|
84 |
termination of your function definition, i.e.\ that the arguments
|
|
|
85 |
decrease with every recursive call, may still require you to provide
|
|
|
86 |
additional lemmas.
|
|
|
87 |
|
|
|
88 |
It is also possible to use your own wellfounded relations with \isacommand{recdef}.
|
|
|
89 |
Here is a simplistic example:%
|
|
10187
|
90 |
\end{isamarkuptext}%
|
|
10189
|
91 |
\isacommand{consts}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat\ {\isasymRightarrow}\ nat{\isachardoublequote}\isanewline
|
|
|
92 |
\isacommand{recdef}\ f\ {\isachardoublequote}id{\isacharparenleft}less{\isacharunderscore}than{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
93 |
{\isachardoublequote}f\ {\isadigit{0}}\ {\isacharequal}\ {\isadigit{0}}{\isachardoublequote}\isanewline
|
|
|
94 |
{\isachardoublequote}f\ {\isacharparenleft}Suc\ n{\isacharparenright}\ {\isacharequal}\ f\ n{\isachardoublequote}%
|
|
|
95 |
\begin{isamarkuptext}%
|
|
|
96 |
Since \isacommand{recdef} is not prepared for \isa{id}, the identity
|
|
|
97 |
function, this leads to the complaint that it could not prove
|
|
|
98 |
\isa{wf\ {\isacharparenleft}id\ less{\isacharunderscore}than{\isacharparenright}}, the wellfoundedness of \isa{id\ less{\isacharunderscore}than}. We should first have proved that \isa{id} preserves wellfoundedness%
|
|
|
99 |
\end{isamarkuptext}%
|
|
|
100 |
\isacommand{lemma}\ wf{\isacharunderscore}id{\isacharcolon}\ {\isachardoublequote}wf\ r\ {\isasymLongrightarrow}\ wf{\isacharparenleft}id\ r{\isacharparenright}{\isachardoublequote}\isanewline
|
|
|
101 |
\isacommand{by}\ simp%
|
|
|
102 |
\begin{isamarkuptext}%
|
|
|
103 |
\noindent
|
|
|
104 |
and should have added the following hint to our above definition:%
|
|
|
105 |
\end{isamarkuptext}%
|
|
|
106 |
{\isacharparenleft}\isakeyword{hints}\ recdef{\isacharunderscore}wf\ add{\isacharcolon}\ wf{\isacharunderscore}id{\isacharparenright}\end{isabellebody}%
|
|
10187
|
107 |
%%% Local Variables:
|
|
|
108 |
%%% mode: latex
|
|
|
109 |
%%% TeX-master: "root"
|
|
|
110 |
%%% End:
|