isabelle: doc-src/TutorialI/Ifexpr/document/Ifexpr.tex@d17c0b34d5c8 (annotated)

8749 2665170f104a Adding generated files nipkow parents: diff changeset	1	\begin{isabelle}%
2665170f104a Adding generated files nipkow parents: diff changeset	2	%
2665170f104a Adding generated files nipkow parents: diff changeset	3	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	4	\subsubsection{How can we model boolean expressions?}
2665170f104a Adding generated files nipkow parents: diff changeset	5
2665170f104a Adding generated files nipkow parents: diff changeset	6	We want to represent boolean expressions built up from variables and
2665170f104a Adding generated files nipkow parents: diff changeset	7	constants by negation and conjunction. The following datatype serves exactly
2665170f104a Adding generated files nipkow parents: diff changeset	8	that purpose:%
2665170f104a Adding generated files nipkow parents: diff changeset	9	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	10	\isacommand{datatype}\ boolex\ =\ Const\ bool\ \|\ Var\ nat\ \|\ Neg\ boolex\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	11	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \|\ And\ boolex\ boolex%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	12	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	13	\noindent
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	14	The two constants are represented by \isa{Const\ True} and
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	15	\isa{Const\ False}. Variables are represented by terms of the form
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	16	\isa{Var\ n}, where \isa{n} is a natural number (type \isa{nat}).
8749 2665170f104a Adding generated files nipkow parents: diff changeset	17	For example, the formula $P@0 \land \neg P@1$ is represented by the term
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	18	\isa{And\ (Var\ 0)\ (Neg\ (Var\ 1))}.
8749 2665170f104a Adding generated files nipkow parents: diff changeset	19
2665170f104a Adding generated files nipkow parents: diff changeset	20	\subsubsection{What is the value of a boolean expression?}
2665170f104a Adding generated files nipkow parents: diff changeset	21
2665170f104a Adding generated files nipkow parents: diff changeset	22	The value of a boolean expression depends on the value of its variables.
2665170f104a Adding generated files nipkow parents: diff changeset	23	Hence the function \isa{value} takes an additional parameter, an {\em
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	24	environment} of type \isa{nat\ {\isasymRightarrow}\ bool}, which maps variables to
8749 2665170f104a Adding generated files nipkow parents: diff changeset	25	their values:%
2665170f104a Adding generated files nipkow parents: diff changeset	26	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	27	\isacommand{consts}\ value\ ::\ {"}boolex\ {\isasymRightarrow}\ (nat\ {\isasymRightarrow}\ bool)\ {\isasymRightarrow}\ bool{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	28	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	29	{"}value\ (Const\ b)\ env\ =\ b{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	30	{"}value\ (Var\ x)\ \ \ env\ =\ env\ x{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	31	{"}value\ (Neg\ b)\ \ \ env\ =\ ({\isasymnot}\ value\ b\ env){"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	32	{"}value\ (And\ b\ c)\ env\ =\ (value\ b\ env\ {\isasymand}\ value\ c\ env){"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	33	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	34	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	35	\subsubsection{If-expressions}
2665170f104a Adding generated files nipkow parents: diff changeset	36
2665170f104a Adding generated files nipkow parents: diff changeset	37	An alternative and often more efficient (because in a certain sense
2665170f104a Adding generated files nipkow parents: diff changeset	38	canonical) representation are so-called \emph{If-expressions} built up
2665170f104a Adding generated files nipkow parents: diff changeset	39	from constants (\isa{CIF}), variables (\isa{VIF}) and conditionals
2665170f104a Adding generated files nipkow parents: diff changeset	40	(\isa{IF}):%
2665170f104a Adding generated files nipkow parents: diff changeset	41	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	42	\isacommand{datatype}\ ifex\ =\ CIF\ bool\ \|\ VIF\ nat\ \|\ IF\ ifex\ ifex\ ifex%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	43	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	44	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	45	The evaluation if If-expressions proceeds as for \isa{boolex}:%
2665170f104a Adding generated files nipkow parents: diff changeset	46	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	47	\isacommand{consts}\ valif\ ::\ {"}ifex\ {\isasymRightarrow}\ (nat\ {\isasymRightarrow}\ bool)\ {\isasymRightarrow}\ bool{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	48	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	49	{"}valif\ (CIF\ b)\ \ \ \ env\ =\ b{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	50	{"}valif\ (VIF\ x)\ \ \ \ env\ =\ env\ x{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	51	{"}valif\ (IF\ b\ t\ e)\ env\ =\ (if\ valif\ b\ env\ then\ valif\ t\ env\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	52	\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ else\ valif\ e\ env){"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	53	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	54	\subsubsection{Transformation into and of If-expressions}
2665170f104a Adding generated files nipkow parents: diff changeset	55
2665170f104a Adding generated files nipkow parents: diff changeset	56	The type \isa{boolex} is close to the customary representation of logical
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	57	formulae, whereas \isa{ifex} is designed for efficiency. It is easy to
8749 2665170f104a Adding generated files nipkow parents: diff changeset	58	translate from \isa{boolex} into \isa{ifex}:%
2665170f104a Adding generated files nipkow parents: diff changeset	59	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	60	\isacommand{consts}\ bool2if\ ::\ {"}boolex\ {\isasymRightarrow}\ ifex{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	61	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	62	{"}bool2if\ (Const\ b)\ =\ CIF\ b{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	63	{"}bool2if\ (Var\ x)\ \ \ =\ VIF\ x{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	64	{"}bool2if\ (Neg\ b)\ \ \ =\ IF\ (bool2if\ b)\ (CIF\ False)\ (CIF\ True){"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	65	{"}bool2if\ (And\ b\ c)\ =\ IF\ (bool2if\ b)\ (bool2if\ c)\ (CIF\ False){"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	66	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	67	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	68	At last, we have something we can verify: that \isa{bool2if} preserves the
2665170f104a Adding generated files nipkow parents: diff changeset	69	value of its argument:%
2665170f104a Adding generated files nipkow parents: diff changeset	70	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	71	\isacommand{lemma}\ {"}valif\ (bool2if\ b)\ env\ =\ value\ b\ env{"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	72	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	73	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	74	The proof is canonical:%
2665170f104a Adding generated files nipkow parents: diff changeset	75	\end{isamarkuptxt}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	76	\isacommand{apply}(induct\_tac\ b)\isanewline
9458 c613cd06d5cf apply. -> by nipkow parents: 9145 diff changeset	77	\isacommand{by}(auto)%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	78	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	79	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	80	In fact, all proofs in this case study look exactly like this. Hence we do
2665170f104a Adding generated files nipkow parents: diff changeset	81	not show them below.
2665170f104a Adding generated files nipkow parents: diff changeset	82
2665170f104a Adding generated files nipkow parents: diff changeset	83	More interesting is the transformation of If-expressions into a normal form
2665170f104a Adding generated files nipkow parents: diff changeset	84	where the first argument of \isa{IF} cannot be another \isa{IF} but
2665170f104a Adding generated files nipkow parents: diff changeset	85	must be a constant or variable. Such a normal form can be computed by
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	86	repeatedly replacing a subterm of the form \isa{IF\ (IF\ b\ x\ y)\ z\ u} by
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	87	\isa{IF\ b\ (IF\ x\ z\ u)\ (IF\ y\ z\ u)}, which has the same value. The following
8749 2665170f104a Adding generated files nipkow parents: diff changeset	88	primitive recursive functions perform this task:%
2665170f104a Adding generated files nipkow parents: diff changeset	89	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	90	\isacommand{consts}\ normif\ ::\ {"}ifex\ {\isasymRightarrow}\ ifex\ {\isasymRightarrow}\ ifex\ {\isasymRightarrow}\ ifex{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	91	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	92	{"}normif\ (CIF\ b)\ \ \ \ t\ e\ =\ IF\ (CIF\ b)\ t\ e{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	93	{"}normif\ (VIF\ x)\ \ \ \ t\ e\ =\ IF\ (VIF\ x)\ t\ e{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	94	{"}normif\ (IF\ b\ t\ e)\ u\ f\ =\ normif\ b\ (normif\ t\ u\ f)\ (normif\ e\ u\ f){"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	95	\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	96	\isacommand{consts}\ norm\ ::\ {"}ifex\ {\isasymRightarrow}\ ifex{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	97	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	98	{"}norm\ (CIF\ b)\ \ \ \ =\ CIF\ b{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	99	{"}norm\ (VIF\ x)\ \ \ \ =\ VIF\ x{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	100	{"}norm\ (IF\ b\ t\ e)\ =\ normif\ b\ (norm\ t)\ (norm\ e){"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	101	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	102	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	103	Their interplay is a bit tricky, and we leave it to the reader to develop an
2665170f104a Adding generated files nipkow parents: diff changeset	104	intuitive understanding. Fortunately, Isabelle can help us to verify that the
2665170f104a Adding generated files nipkow parents: diff changeset	105	transformation preserves the value of the expression:%
2665170f104a Adding generated files nipkow parents: diff changeset	106	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	107	\isacommand{theorem}\ {"}valif\ (norm\ b)\ env\ =\ valif\ b\ env{"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	108	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	109	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	110	The proof is canonical, provided we first show the following simplification
2665170f104a Adding generated files nipkow parents: diff changeset	111	lemma (which also helps to understand what \isa{normif} does):%
2665170f104a Adding generated files nipkow parents: diff changeset	112	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	113	\isacommand{lemma}\ [simp]:\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	114	\ \ {"}{\isasymforall}t\ e.\ valif\ (normif\ b\ t\ e)\ env\ =\ valif\ (IF\ b\ t\ e)\ env{"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	115	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	116	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	117	Note that the lemma does not have a name, but is implicitly used in the proof
2665170f104a Adding generated files nipkow parents: diff changeset	118	of the theorem shown above because of the \isa{[simp]} attribute.
2665170f104a Adding generated files nipkow parents: diff changeset	119
2665170f104a Adding generated files nipkow parents: diff changeset	120	But how can we be sure that \isa{norm} really produces a normal form in
2665170f104a Adding generated files nipkow parents: diff changeset	121	the above sense? We define a function that tests If-expressions for normality%
2665170f104a Adding generated files nipkow parents: diff changeset	122	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	123	\isacommand{consts}\ normal\ ::\ {"}ifex\ {\isasymRightarrow}\ bool{"}\isanewline
8749 2665170f104a Adding generated files nipkow parents: diff changeset	124	\isacommand{primrec}\isanewline
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	125	{"}normal(CIF\ b)\ =\ True{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	126	{"}normal(VIF\ x)\ =\ True{"}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	127	{"}normal(IF\ b\ t\ e)\ =\ (normal\ t\ {\isasymand}\ normal\ e\ {\isasymand}\isanewline
d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	128	\ \ \ \ \ (case\ b\ of\ CIF\ b\ {\isasymRightarrow}\ True\ \|\ VIF\ x\ {\isasymRightarrow}\ True\ \|\ IF\ x\ y\ z\ {\isasymRightarrow}\ False)){"}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	129	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	130	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	131	and prove \isa{normal(norm b)}. Of course, this requires a lemma about
2665170f104a Adding generated files nipkow parents: diff changeset	132	normality of \isa{normif}:%
2665170f104a Adding generated files nipkow parents: diff changeset	133	\end{isamarkuptext}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	134	\isacommand{lemma}[simp]:\ {"}{\isasymforall}t\ e.\ normal(normif\ b\ t\ e)\ =\ (normal\ t\ {\isasymand}\ normal\ e){"}\end{isabelle}%
9145 9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	135	%%% Local Variables:
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	136	%%% mode: latex
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	137	%%% TeX-master: "root"
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	138	%%% End:

author	nipkow
	Sun, 06 Aug 2000 15:26:53 +0200
changeset 9541	d17c0b34d5c8
parent 9458	c613cd06d5cf
child 9644	6b0b6b471855
permissions	-rw-r--r--