isabelle: doc-src/TutorialI/Recdef/termination.thy@d319e39a2e0e (annotated)

8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	1	(<)
19593 c52a4360a41d quoted 'termination' command; wenzelm parents: 16417 diff changeset	2	theory "termination" imports examples begin
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	3	(>)
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	4
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	5	text{*
11309 d666f11ca2d4 minor suggestions by Tanja Vos paulson parents: 10971 diff changeset	6	When a function~$f$ is defined via \isacommand{recdef}, Isabelle tries to prove
d666f11ca2d4 minor suggestions by Tanja Vos paulson parents: 10971 diff changeset	7	its termination with the help of the user-supplied measure. Each of the examples
d666f11ca2d4 minor suggestions by Tanja Vos paulson parents: 10971 diff changeset	8	above is simple enough that Isabelle can automatically prove that the
d666f11ca2d4 minor suggestions by Tanja Vos paulson parents: 10971 diff changeset	9	argument's measure decreases in each recursive call. As a result,
9792 bbefb6ce5cb2 * empty log message * nipkow parents: 9458 diff changeset	10	$f$@{text".simps"} will contain the defining equations (or variants derived
bbefb6ce5cb2 * empty log message * nipkow parents: 9458 diff changeset	11	from them) as theorems. For example, look (via \isacommand{thm}) at
bbefb6ce5cb2 * empty log message * nipkow parents: 9458 diff changeset	12	@{thm[source]sep.simps} and @{thm[source]sep1.simps} to see that they define
bbefb6ce5cb2 * empty log message * nipkow parents: 9458 diff changeset	13	the same function. What is more, those equations are automatically declared as
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	14	simplification rules.
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	15
11458 09a6c44a48ea numerous stylistic changes and indexing paulson parents: 11429 diff changeset	16	Isabelle may fail to prove the termination condition for some
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	17	recursive call. Let us try to define Quicksort:*}
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	18
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	19	consts qs :: "nat list \<Rightarrow> nat list"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	20	recdef(<)(permissive)(>) qs "measure length"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	21	"qs [] = []"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	22	"qs(x#xs) = qs(filter (\<lambda>y. y\<le>x) xs) @ [x] @ qs(filter (\<lambda>y. x<y) xs)"
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	23
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	24	text{*\noindent where @{term filter} is predefined and @{term"filter P xs"}
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	25	is the list of elements of @{term xs} satisfying @{term P}.
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	26	This definition of @{term qs} fails, and Isabelle prints an error message
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	27	showing you what it was unable to prove:
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	28	@{text[display]"length (filter ... xs) < Suc (length xs)"}
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	29	We can either prove this as a separate lemma, or try to figure out which
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	30	existing lemmas may help. We opt for the second alternative. The theory of
15270 8b3f707a78a7 fixed reference to renamed theorem paulson parents: 13111 diff changeset	31	lists contains the simplification rule @{thm length_filter_le[no_vars]},
8b3f707a78a7 fixed reference to renamed theorem paulson parents: 13111 diff changeset	32	which is what we need, provided we turn \mbox{@{text"< Suc"}}
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	33	into
15270 8b3f707a78a7 fixed reference to renamed theorem paulson parents: 13111 diff changeset	34	@{text"\<le>"} so that the rule applies. Lemma
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	35	@{thm[source]less_Suc_eq_le} does just that: @{thm less_Suc_eq_le[no_vars]}.
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	36
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	37	Now we retry the above definition but supply the lemma(s) just found (or
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	38	proved). Because \isacommand{recdef}'s termination prover involves
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	39	simplification, we include in our second attempt a hint: the
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	40	\attrdx{recdef_simp} attribute says to use @{thm[source]less_Suc_eq_le} as a
13111 2d6782e71702 * empty log message * nipkow parents: 12489 diff changeset	41	simplification rule.\cmmdx{hints} *}
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	42
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	43	(<)global consts qs :: "nat list \<Rightarrow> nat list" (>)
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	44	recdef qs "measure length"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	45	"qs [] = []"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	46	"qs(x#xs) = qs(filter (\<lambda>y. y\<le>x) xs) @ [x] @ qs(filter (\<lambda>y. x<y) xs)"
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	47	(hints recdef_simp: less_Suc_eq_le)
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	48	(<)local(>)
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	49	text{*\noindent
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	50	This time everything works fine. Now @{thm[source]qs.simps} contains precisely
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	51	the stated recursion equations for @{text qs} and they have become
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	52	simplification rules.
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	53	Thus we can automatically prove results such as this one:
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	54	*}
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	55
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	56	theorem "qs[2,3,0] = qs[3,0,2]"
11626 0dbfb578bf75 recdef (permissive); wenzelm parents: 11458 diff changeset	57	apply(simp)
10171 59d6633835fa * empty log message * nipkow parents: 9992 diff changeset	58	done
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	59
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	60	text{*\noindent
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	61	More exciting theorems require induction, which is discussed below.
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	62
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	63	If the termination proof requires a lemma that is of general use, you can
9933 9feb1e0c4cb3 * empty log message * nipkow parents: 9792 diff changeset	64	turn it permanently into a simplification rule, in which case the above
12489 c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	65	\isacommand{hint} is not necessary. But in the case of
c92e38c3cbaa * empty log message * nipkow parents: 12473 diff changeset	66	@{thm[source]less_Suc_eq_le} this would be of dubious value.
8745 13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	67	*}
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	68	(<)
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	69	end
13b32661dde4 I wonder which files i forgot. nipkow parents: diff changeset	70	(>)

author	urbanc
	Mon, 12 Jun 2006 20:32:33 +0200
changeset 19858	d319e39a2e0e
parent 19593	c52a4360a41d
permissions	-rw-r--r--