isabelle: src/HOL/Proofs/Extraction/Pigeonhole.thy@59b937edcff8 (annotated)

39157 b98909faaea8 more explicit HOL-Proofs sessions, including former ex/Hilbert_Classical.thy which works in parallel mode without the antiquotation option "margin" (which is still critical); wenzelm parents: 37678 diff changeset	1	(* Title: HOL/Proofs/Extraction/Pigeonhole.thy
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	2	Author: Stefan Berghofer, TU Muenchen
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	3	*)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	4
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	5	section \<open>The pigeonhole principle\<close>
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	6
22737 d87ccbcc2702 tuned haftmann parents: 22507 diff changeset	7	theory Pigeonhole
67320 6afba546f0e5 updated dependencies + compile blanchet parents: 66453 diff changeset	8	imports Util "HOL-Library.Realizers" "HOL-Library.Code_Target_Numeral"
22737 d87ccbcc2702 tuned haftmann parents: 22507 diff changeset	9	begin
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	10
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	11	text \<open>
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	12	We formalize two proofs of the pigeonhole principle, which lead
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	13	to extracted programs of quite different complexity. The original
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	14	formalization of these proofs in {\sc Nuprl} is due to
76987 4c275405faae isabelle update -u cite; wenzelm parents: 69604 diff changeset	15	Aleksey Nogin \<^cite>\<open>"Nogin-ENTCS-2000"\<close>.
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	16
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	17	This proof yields a polynomial program.
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	18	\<close>
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	19
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	20	theorem pigeonhole:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	21	"\<And>f. (\<And>i. i \<le> Suc n \<Longrightarrow> f i \<le> n) \<Longrightarrow> \<exists>i j. i \<le> Suc n \<and> j < i \<and> f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	22	proof (induct n)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	23	case 0
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	24	then have "Suc 0 \<le> Suc 0 \<and> 0 < Suc 0 \<and> f (Suc 0) = f 0" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	25	then show ?case by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	26	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	27	case (Suc n)
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	28	have r:
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	29	"k \<le> Suc (Suc n) \<Longrightarrow>
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	30	(\<And>i j. Suc k \<le> i \<Longrightarrow> i \<le> Suc (Suc n) \<Longrightarrow> j < i \<Longrightarrow> f i \<noteq> f j) \<Longrightarrow>
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	31	(\<exists>i j. i \<le> k \<and> j < i \<and> f i = f j)" for k
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	32	proof (induct k)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	33	case 0
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	34	let ?f = "\<lambda>i. if f i = Suc n then f (Suc (Suc n)) else f i"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	35	have "\<not> (\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j)"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	36	proof
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	37	assume "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	38	then obtain i j where i: "i \<le> Suc n" and j: "j < i" and f: "?f i = ?f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	39	by iprover
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	40	from j have i_nz: "Suc 0 \<le> i" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	41	from i have iSSn: "i \<le> Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	42	have S0SSn: "Suc 0 \<le> Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	43	show False
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	44	proof cases
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	45	assume fi: "f i = Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	46	show False
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	47	proof cases
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	48	assume fj: "f j = Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	49	from i_nz and iSSn and j have "f i \<noteq> f j" by (rule 0)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	50	moreover from fi have "f i = f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	51	by (simp add: fj [symmetric])
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	52	ultimately show ?thesis ..
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	53	next
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	54	from i and j have "j < Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	55	with S0SSn and le_refl have "f (Suc (Suc n)) \<noteq> f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	56	by (rule 0)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	57	moreover assume "f j \<noteq> Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	58	with fi and f have "f (Suc (Suc n)) = f j" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	59	ultimately show False ..
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	60	qed
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	61	next
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	62	assume fi: "f i \<noteq> Suc n"
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	63	show False
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	64	proof cases
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	65	from i have "i < Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	66	with S0SSn and le_refl have "f (Suc (Suc n)) \<noteq> f i"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	67	by (rule 0)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	68	moreover assume "f j = Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	69	with fi and f have "f (Suc (Suc n)) = f i" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	70	ultimately show False ..
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	71	next
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	72	from i_nz and iSSn and j
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	73	have "f i \<noteq> f j" by (rule 0)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	74	moreover assume "f j \<noteq> Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	75	with fi and f have "f i = f j" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	76	ultimately show False ..
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	77	qed
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	78	qed
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	79	qed
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	80	moreover have "?f i \<le> n" if "i \<le> Suc n" for i
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	81	proof -
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	82	from that have i: "i < Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	83	have "f (Suc (Suc n)) \<noteq> f i"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	84	by (rule 0) (simp_all add: i)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	85	moreover have "f (Suc (Suc n)) \<le> Suc n"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	86	by (rule Suc) simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	87	moreover from i have "i \<le> Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	88	then have "f i \<le> Suc n" by (rule Suc)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	89	ultimately show ?thesis
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	90	by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	91	qed
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	92	then have "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	93	by (rule Suc)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	94	ultimately show ?case ..
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	95	next
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	96	case (Suc k)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	97	from search [OF nat_eq_dec] show ?case
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	98	proof
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	99	assume "\<exists>j<Suc k. f (Suc k) = f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	100	then show ?case by (iprover intro: le_refl)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	101	next
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	102	assume nex: "\<not> (\<exists>j<Suc k. f (Suc k) = f j)"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	103	have "\<exists>i j. i \<le> k \<and> j < i \<and> f i = f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	104	proof (rule Suc)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	105	from Suc show "k \<le> Suc (Suc n)" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	106	fix i j assume k: "Suc k \<le> i" and i: "i \<le> Suc (Suc n)"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	107	and j: "j < i"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	108	show "f i \<noteq> f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	109	proof cases
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	110	assume eq: "i = Suc k"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	111	show ?thesis
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	112	proof
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	113	assume "f i = f j"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	114	then have "f (Suc k) = f j" by (simp add: eq)
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	115	with nex and j and eq show False by iprover
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	116	qed
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	117	next
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	118	assume "i \<noteq> Suc k"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	119	with k have "Suc (Suc k) \<le> i" by simp
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	120	then show ?thesis using i and j by (rule Suc)
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	121	qed
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	122	qed
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	123	then show ?thesis by (iprover intro: le_SucI)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	124	qed
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	125	qed
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	126	show ?case by (rule r) simp_all
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	127	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	128
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	129	text \<open>
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	130	The following proof, although quite elegant from a mathematical point of view,
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	131	leads to an exponential program:
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	132	\<close>
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	133
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	134	theorem pigeonhole_slow:
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	135	"\<And>f. (\<And>i. i \<le> Suc n \<Longrightarrow> f i \<le> n) \<Longrightarrow> \<exists>i j. i \<le> Suc n \<and> j < i \<and> f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	136	proof (induct n)
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	137	case 0
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	138	have "Suc 0 \<le> Suc 0" ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	139	moreover have "0 < Suc 0" ..
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	140	moreover from 0 have "f (Suc 0) = f 0" by simp
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	141	ultimately show ?case by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	142	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	143	case (Suc n)
25418 d4f80cb18c93 Moved nat_eq_dec and search to Util.thy berghofe parents: 24348 diff changeset	144	from search [OF nat_eq_dec] show ?case
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	145	proof
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	146	assume "\<exists>j < Suc (Suc n). f (Suc (Suc n)) = f j"
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	147	then show ?case by (iprover intro: le_refl)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	148	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	149	assume "\<not> (\<exists>j < Suc (Suc n). f (Suc (Suc n)) = f j)"
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	150	then have nex: "\<forall>j < Suc (Suc n). f (Suc (Suc n)) \<noteq> f j" by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	151	let ?f = "\<lambda>i. if f i = Suc n then f (Suc (Suc n)) else f i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	152	have "\<And>i. i \<le> Suc n \<Longrightarrow> ?f i \<le> n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	153	proof -
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	154	fix i assume i: "i \<le> Suc n"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	155	show "?thesis i"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	156	proof (cases "f i = Suc n")
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	157	case True
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	158	from i and nex have "f (Suc (Suc n)) \<noteq> f i" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	159	with True have "f (Suc (Suc n)) \<noteq> Suc n" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	160	moreover from Suc have "f (Suc (Suc n)) \<le> Suc n" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	161	ultimately have "f (Suc (Suc n)) \<le> n" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	162	with True show ?thesis by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	163	next
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	164	case False
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	165	from Suc and i have "f i \<le> Suc n" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	166	with False show ?thesis by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	167	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	168	qed
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	169	then have "\<exists>i j. i \<le> Suc n \<and> j < i \<and> ?f i = ?f j" by (rule Suc)
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	170	then obtain i j where i: "i \<le> Suc n" and ji: "j < i" and f: "?f i = ?f j"
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	171	by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	172	have "f i = f j"
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	173	proof (cases "f i = Suc n")
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	174	case True
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	175	show ?thesis
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	176	proof (cases "f j = Suc n")
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	177	assume "f j = Suc n"
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	178	with True show ?thesis by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	179	next
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	180	assume "f j \<noteq> Suc n"
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	181	moreover from i ji nex have "f (Suc (Suc n)) \<noteq> f j" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	182	ultimately show ?thesis using True f by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	183	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	184	next
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	185	case False
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	186	show ?thesis
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	187	proof (cases "f j = Suc n")
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	188	assume "f j = Suc n"
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	189	moreover from i nex have "f (Suc (Suc n)) \<noteq> f i" by simp
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	190	ultimately show ?thesis using False f by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	191	next
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	192	assume "f j \<noteq> Suc n"
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 29823 diff changeset	193	with False f show ?thesis by simp
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	194	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	195	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	196	moreover from i have "i \<le> Suc (Suc n)" by simp
17604 5f30179fbf44 rules -> iprover nipkow parents: 17145 diff changeset	197	ultimately show ?thesis using ji by iprover
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	198	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	199	qed
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	200
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	201	extract pigeonhole pigeonhole_slow
ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	202
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	203	text \<open>
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	204	The programs extracted from the above proofs look as follows:
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	205	@{thm [display] pigeonhole_def}
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	206	@{thm [display] pigeonhole_slow_def}
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	207	The program for searching for an element in an array is
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	208	@{thm [display,eta_contract=false] search_def}
69604 d80b2df54d31 isabelle update -u control_cartouches; wenzelm parents: 67320 diff changeset	209	The correctness statement for \<^term>\<open>pigeonhole\<close> is
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	210	@{thm [display] pigeonhole_correctness [no_vars]}
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	211
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	212	In order to analyze the speed of the above programs,
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	213	we generate ML code from them.
61986 2461779da2b8 isabelle update_cartouches -c -t; wenzelm parents: 58889 diff changeset	214	\<close>
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	215
27982 2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	216	instantiation nat :: default
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	217	begin
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	218
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	219	definition "default = (0::nat)"
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	220
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	221	instance ..
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	222
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	223	end
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	224
37678 0040bafffdef "prod" and "sum" replace "" and "+" respectively haftmann* parents: 37287 diff changeset	225	instantiation prod :: (default, default) default
27982 2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	226	begin
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	227
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	228	definition "default = (default, default)"
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	229
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	230	instance ..
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	231
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	232	end
2aaa4a5569a6 default replaces arbitrary haftmann parents: 27436 diff changeset	233
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	234	definition "test n u = pigeonhole (nat_of_integer n) (\<lambda>m. m - 1)"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	235	definition "test' n u = pigeonhole_slow (nat_of_integer n) (\<lambda>m. m - 1)"
d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	236	definition "test'' u = pigeonhole 8 (List.nth [0, 1, 2, 3, 4, 5, 6, 3, 7, 8])"
20837 099877d83d2b added example for code_gen haftmann parents: 20593 diff changeset	237
63361 d10eab0672f9 misc tuning and modernization; wenzelm parents: 61986 diff changeset	238	ML_val "timeit (@{code test} 10)"
51272 9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	239	ML_val "timeit (@{code test'} 10)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	240	ML_val "timeit (@{code test} 20)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	241	ML_val "timeit (@{code test'} 20)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	242	ML_val "timeit (@{code test} 25)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	243	ML_val "timeit (@{code test'} 25)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	244	ML_val "timeit (@{code test} 500)"
9c8d63b4b6be prefer stateless 'ML_val' for tests; wenzelm parents: 51143 diff changeset	245	ML_val "timeit @{code test''}"
37287 9834c21c4ba1 modernized haftmann parents: 32960 diff changeset	246
17024 ae4a8446df16 New case study: pigeonhole principle. berghofe parents: diff changeset	247	end

author	nipkow
	Thu, 26 Jun 2025 17:30:33 +0200
changeset 82772	59b937edcff8
parent 76987	4c275405faae
permissions	-rw-r--r--