isabelle: doc-src/TutorialI/Inductive/document/Star.tex@ea10a8c3e9cf (annotated)

10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	1	%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	2	\begin{isabellebody}%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	3	\def\isabellecontext{Star}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	4	\isamarkupfalse%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	5	%
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	6	\isamarkupsection{The Reflexive Transitive Closure%
10395 7ef380745743 updated; wenzelm parents: 10363 diff changeset	7	}
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	8	\isamarkuptrue%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	9	%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	10	\begin{isamarkuptext}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	11	\label{sec:rtc}
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	12	\index{reflexive transitive closure!defining inductively\|(}%
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	13	An inductive definition may accept parameters, so it can express
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	14	functions that yield sets.
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	15	Relations too can be defined inductively, since they are just sets of pairs.
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	16	A perfect example is the function that maps a relation to its
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	17	reflexive transitive closure. This concept was already
11147 d848c6693185 * empty log message * nipkow parents: 10950 diff changeset	18	introduced in \S\ref{sec:Relations}, where the operator \isa{\isactrlsup {\isacharasterisk}} was
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	19	defined as a least fixed point because inductive definitions were not yet
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	20	available. But now they are:%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	21	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	22	\isamarkuptrue%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	23	\isacommand{consts}\ rtc\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequote}\ \ \ {\isacharparenleft}{\isachardoublequote}{\isacharunderscore}{\isacharasterisk}{\isachardoublequote}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	24	\isamarkupfalse%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	25	\isacommand{inductive}\ {\isachardoublequote}r{\isacharasterisk}{\isachardoublequote}\isanewline
b9fd52525b69 * empty log message * nipkow parents: diff changeset	26	\isakeyword{intros}\isanewline
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	27	rtc{\isacharunderscore}refl{\isacharbrackleft}iff{\isacharbrackright}{\isacharcolon}\ \ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	28	rtc{\isacharunderscore}step{\isacharcolon}\ \ \ \ \ \ \ {\isachardoublequote}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	29	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	30	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	31	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	32	The function \isa{rtc} is annotated with concrete syntax: instead of
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	33	\isa{rtc\ r} we can write \isa{r{\isacharasterisk}}. The actual definition
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	34	consists of two rules. Reflexivity is obvious and is immediately given the
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	35	\isa{iff} attribute to increase automation. The
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	36	second rule, \isa{rtc{\isacharunderscore}step}, says that we can always add one more
6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	37	\isa{r}-step to the left. Although we could make \isa{rtc{\isacharunderscore}step} an
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	38	introduction rule, this is dangerous: the recursion in the second premise
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	39	slows down and may even kill the automatic tactics.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	40
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	41	The above definition of the concept of reflexive transitive closure may
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	42	be sufficiently intuitive but it is certainly not the only possible one:
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	43	for a start, it does not even mention transitivity.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	44	The rest of this section is devoted to proving that it is equivalent to
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	45	the standard definition. We start with a simple lemma:%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	46	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	47	\isamarkuptrue%
11308 b28bbb153603 * empty log message * nipkow parents: 11257 diff changeset	48	\isacommand{lemma}\ {\isacharbrackleft}intro{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	49	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	50	\isacommand{by}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	51	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	52	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	53	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	54	Although the lemma itself is an unremarkable consequence of the basic rules,
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	55	it has the advantage that it can be declared an introduction rule without the
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	56	danger of killing the automatic tactics because \isa{r{\isacharasterisk}} occurs only in
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	57	the conclusion and not in the premise. Thus some proofs that would otherwise
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	58	need \isa{rtc{\isacharunderscore}step} can now be found automatically. The proof also
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	59	shows that \isa{blast} is able to handle \isa{rtc{\isacharunderscore}step}. But
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	60	some of the other automatic tactics are more sensitive, and even \isa{blast} can be lead astray in the presence of large numbers of rules.
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	61
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	62	To prove transitivity, we need rule induction, i.e.\ theorem
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	63	\isa{rtc{\isachardot}induct}:
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	64	\begin{isabelle}%
10696 76d7f6c9a14c * empty log message * nipkow parents: 10668 diff changeset	65	\ \ \ \ \ {\isasymlbrakk}{\isacharparenleft}{\isacharquery}xb{\isacharcomma}\ {\isacharquery}xa{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ {\isacharquery}P\ x\ x{\isacharsemicolon}\isanewline
14379 ea10a8c3e9cf updated links to the old ftp site paulson parents: 13778 diff changeset	66	\isaindent{\ \ \ \ \ \ }{\isasymAnd}x\ y\ z{\isachardot}\ {\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}{\isacharsemicolon}\ {\isacharquery}P\ y\ z{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharquery}P\ x\ z{\isasymrbrakk}\isanewline
10950 aa788fcb75a5 updated; wenzelm parents: 10878 diff changeset	67	\isaindent{\ \ \ \ \ }{\isasymLongrightarrow}\ {\isacharquery}P\ {\isacharquery}xb\ {\isacharquery}xa%
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	68	\end{isabelle}
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	69	It says that \isa{{\isacharquery}P} holds for an arbitrary pair \isa{{\isacharparenleft}{\isacharquery}xb{\isacharcomma}{\isacharquery}xa{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}} if \isa{{\isacharquery}P} is preserved by all rules of the inductive definition,
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	70	i.e.\ if \isa{{\isacharquery}P} holds for the conclusion provided it holds for the
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	71	premises. In general, rule induction for an $n$-ary inductive relation $R$
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	72	expects a premise of the form $(x@1,\dots,x@n) \in R$.
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	73
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	74	Now we turn to the inductive proof of transitivity:%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	75	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	76	\isamarkuptrue%
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	77	\isacommand{lemma}\ rtc{\isacharunderscore}trans{\isacharcolon}\ {\isachardoublequote}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	78	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	79	\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	80	%
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	81	\begin{isamarkuptxt}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	82	\noindent
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	83	Unfortunately, even the base case is a problem:
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	84	\begin{isabelle}%
6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	85	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	86	\end{isabelle}
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	87	We have to abandon this proof attempt.
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	88	To understand what is going on, let us look again at \isa{rtc{\isachardot}induct}.
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	89	In the above application of \isa{erule}, the first premise of
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	90	\isa{rtc{\isachardot}induct} is unified with the first suitable assumption, which
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	91	is \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} rather than \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}. Although that
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	92	is what we want, it is merely due to the order in which the assumptions occur
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	93	in the subgoal, which it is not good practice to rely on. As a result,
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	94	\isa{{\isacharquery}xb} becomes \isa{x}, \isa{{\isacharquery}xa} becomes
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	95	\isa{y} and \isa{{\isacharquery}P} becomes \isa{{\isasymlambda}u\ v{\isachardot}\ {\isacharparenleft}u{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}, thus
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	96	yielding the above subgoal. So what went wrong?
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	97
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	98	When looking at the instantiation of \isa{{\isacharquery}P} we see that it does not
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	99	depend on its second parameter at all. The reason is that in our original
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	100	goal, of the pair \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}} only \isa{x} appears also in the
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	101	conclusion, but not \isa{y}. Thus our induction statement is too
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	102	weak. Fortunately, it can easily be strengthened:
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	103	transfer the additional premise \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} into the conclusion:%
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	104	\end{isamarkuptxt}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	105	\isamarkuptrue%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	106	\isamarkupfalse%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	107	\isacommand{lemma}\ rtc{\isacharunderscore}trans{\isacharbrackleft}rule{\isacharunderscore}format{\isacharbrackright}{\isacharcolon}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	108	\ \ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	109	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	110	\begin{isamarkuptxt}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	111	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	112	This is not an obscure trick but a generally applicable heuristic:
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	113	\begin{quote}\em
11257 622331bbdb7f * empty log message * nipkow parents: 11147 diff changeset	114	When proving a statement by rule induction on $(x@1,\dots,x@n) \in R$,
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	115	pull all other premises containing any of the $x@i$ into the conclusion
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	116	using $\longrightarrow$.
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	117	\end{quote}
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	118	A similar heuristic for other kinds of inductions is formulated in
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	119	\S\ref{sec:ind-var-in-prems}. The \isa{rule{\isacharunderscore}format} directive turns
11147 d848c6693185 * empty log message * nipkow parents: 10950 diff changeset	120	\isa{{\isasymlongrightarrow}} back into \isa{{\isasymLongrightarrow}}: in the end we obtain the original
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	121	statement of our lemma.%
6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	122	\end{isamarkuptxt}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	123	\isamarkuptrue%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	124	\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	125	%
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	126	\begin{isamarkuptxt}%
6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	127	\noindent
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	128	Now induction produces two subgoals which are both proved automatically:
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	129	\begin{isabelle}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	130	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\isanewline
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	131	\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}x\ y\ za{\isachardot}\isanewline
10950 aa788fcb75a5 updated; wenzelm parents: 10878 diff changeset	132	\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ za{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isasymrbrakk}\isanewline
aa788fcb75a5 updated; wenzelm parents: 10878 diff changeset	133	\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	134	\end{isabelle}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	135	\end{isamarkuptxt}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	136	\ \isamarkuptrue%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	137	\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	138	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	139	\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	140	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	141	\isacommand{done}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	142	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	143	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	144	Let us now prove that \isa{r{\isacharasterisk}} is really the reflexive transitive closure
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	145	of \isa{r}, i.e.\ the least reflexive and transitive
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	146	relation containing \isa{r}. The latter is easily formalized%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	147	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	148	\isamarkuptrue%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	149	\isacommand{consts}\ rtc{\isadigit{2}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	150	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	151	\isacommand{inductive}\ {\isachardoublequote}rtc{\isadigit{2}}\ r{\isachardoublequote}\isanewline
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	152	\isakeyword{intros}\isanewline
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	153	{\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequote}\isanewline
875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	154	{\isachardoublequote}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	155	{\isachardoublequote}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequote}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	156	%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	157	\begin{isamarkuptext}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	158	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	159	and the equivalence of the two definitions is easily shown by the obvious rule
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	160	inductions:%
875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	161	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	162	\isamarkuptrue%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	163	\isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	164	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	165	\isacommand{apply}{\isacharparenleft}erule\ rtc{\isadigit{2}}{\isachardot}induct{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	166	\ \ \isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	167	\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	168	\ \isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	169	\isacommand{apply}{\isacharparenleft}blast{\isacharparenright}\isanewline
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	170	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	171	\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}trans{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	172	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	173	\isacommand{done}\isanewline
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	174	\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	175	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	176	\isacommand{lemma}\ {\isachardoublequote}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequote}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	177	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	178	\isacommand{apply}{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	179	\ \isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	180	\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	181	\isamarkupfalse%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	182	\isacommand{apply}{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	183	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	184	\isacommand{done}\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	185	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	186	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	187	So why did we start with the first definition? Because it is simpler. It
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	188	contains only two rules, and the single step rule is simpler than
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	189	transitivity. As a consequence, \isa{rtc{\isachardot}induct} is simpler than
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	190	\isa{rtc{\isadigit{2}}{\isachardot}induct}. Since inductive proofs are hard enough
11147 d848c6693185 * empty log message * nipkow parents: 10950 diff changeset	191	anyway, we should always pick the simplest induction schema available.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	192	Hence \isa{rtc} is the definition of choice.
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	193	\index{reflexive transitive closure!defining inductively\|)}
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	194
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	195	\begin{exercise}\label{ex:converse-rtc-step}
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	196	Show that the converse of \isa{rtc{\isacharunderscore}step} also holds:
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	197	\begin{isabelle}%
10696 76d7f6c9a14c * empty log message * nipkow parents: 10668 diff changeset	198	\ \ \ \ \ {\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	199	\end{isabelle}
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	200	\end{exercise}
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	201	\begin{exercise}
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	202	Repeat the development of this section, but starting with a definition of
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	203	\isa{rtc} where \isa{rtc{\isacharunderscore}step} is replaced by its converse as shown
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	204	in exercise~\ref{ex:converse-rtc-step}.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	205	\end{exercise}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	206	\end{isamarkuptext}%
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	207	\isamarkuptrue%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	208	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	209	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	210	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	211	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	212	\isamarkupfalse%
fbd097aec213 updated; wenzelm parents: 11494 diff changeset	213	\isamarkupfalse%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	214	\end{isabellebody}%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	215	%%% Local Variables:
b9fd52525b69 * empty log message * nipkow parents: diff changeset	216	%%% mode: latex
b9fd52525b69 * empty log message * nipkow parents: diff changeset	217	%%% TeX-master: "root"
b9fd52525b69 * empty log message * nipkow parents: diff changeset	218	%%% End:

author	paulson
	Tue, 10 Feb 2004 12:17:04 +0100
changeset 14379	ea10a8c3e9cf
parent 13778	61272514e3b5
child 15481	fc075ae929e4
permissions	-rw-r--r--