isabelle: doc-src/TutorialI/Recdef/document/Induction.tex@f789d2490669 (annotated)

8749 2665170f104a Adding generated files nipkow parents: diff changeset	1	\begin{isabelle}%
2665170f104a Adding generated files nipkow parents: diff changeset	2	%
2665170f104a Adding generated files nipkow parents: diff changeset	3	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	4	Assuming we have defined our function such that Isabelle could prove
2665170f104a Adding generated files nipkow parents: diff changeset	5	termination and that the recursion equations (or some suitable derived
2665170f104a Adding generated files nipkow parents: diff changeset	6	equations) are simplification rules, we might like to prove something about
2665170f104a Adding generated files nipkow parents: diff changeset	7	our function. Since the function is recursive, the natural proof principle is
2665170f104a Adding generated files nipkow parents: diff changeset	8	again induction. But this time the structural form of induction that comes
2665170f104a Adding generated files nipkow parents: diff changeset	9	with datatypes is unlikely to work well---otherwise we could have defined the
2665170f104a Adding generated files nipkow parents: diff changeset	10	function by \isacommand{primrec}. Therefore \isacommand{recdef} automatically
2665170f104a Adding generated files nipkow parents: diff changeset	11	proves a suitable induction rule $f$\isa{.induct} that follows the
2665170f104a Adding generated files nipkow parents: diff changeset	12	recursion pattern of the particular function $f$. We call this
2665170f104a Adding generated files nipkow parents: diff changeset	13	\textbf{recursion induction}. Roughly speaking, it
2665170f104a Adding generated files nipkow parents: diff changeset	14	requires you to prove for each \isacommand{recdef} equation that the property
2665170f104a Adding generated files nipkow parents: diff changeset	15	you are trying to establish holds for the left-hand side provided it holds
8771 026f37a86ea7 * empty log message * nipkow parents: 8749 diff changeset	16	for all recursive calls on the right-hand side. Here is a simple example%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	17	\end{isamarkuptext}%
9674 f789d2490669 updated; wenzelm parents: 9541 diff changeset	18	\isacommand{lemma}\ {\isachardoublequote}map\ f\ {\isacharparenleft}sep{\isacharparenleft}x{\isacharcomma}xs{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ sep{\isacharparenleft}f\ x{\isacharcomma}\ map\ f\ xs{\isacharparenright}{\isachardoublequote}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	19	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	20	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	21	involving the predefined \isa{map} functional on lists: \isa{map f xs}
2665170f104a Adding generated files nipkow parents: diff changeset	22	is the result of applying \isa{f} to all elements of \isa{xs}. We prove
2665170f104a Adding generated files nipkow parents: diff changeset	23	this lemma by recursion induction w.r.t. \isa{sep}:%
2665170f104a Adding generated files nipkow parents: diff changeset	24	\end{isamarkuptxt}%
9674 f789d2490669 updated; wenzelm parents: 9541 diff changeset	25	\isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ x\ xs\ rule{\isacharcolon}\ sep{\isachardot}induct{\isacharparenright}%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	26	\begin{isamarkuptxt}%
2665170f104a Adding generated files nipkow parents: diff changeset	27	\noindent
2665170f104a Adding generated files nipkow parents: diff changeset	28	The resulting proof state has three subgoals corresponding to the three
2665170f104a Adding generated files nipkow parents: diff changeset	29	clauses for \isa{sep}:
2665170f104a Adding generated files nipkow parents: diff changeset	30	\begin{isabellepar}%
2665170f104a Adding generated files nipkow parents: diff changeset	31	~1.~{\isasymAnd}a.~map~f~(sep~(a,~[]))~=~sep~(f~a,~map~f~[])\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	32	~2.~{\isasymAnd}a~x.~map~f~(sep~(a,~[x]))~=~sep~(f~a,~map~f~[x])\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	33	~3.~{\isasymAnd}a~x~y~zs.\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	34	~~~~~~~map~f~(sep~(a,~y~\#~zs))~=~sep~(f~a,~map~f~(y~\#~zs))~{\isasymLongrightarrow}\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	35	~~~~~~~map~f~(sep~(a,~x~\#~y~\#~zs))~=~sep~(f~a,~map~f~(x~\#~y~\#~zs))%
2665170f104a Adding generated files nipkow parents: diff changeset	36	\end{isabellepar}%
2665170f104a Adding generated files nipkow parents: diff changeset	37	The rest is pure simplification:%
2665170f104a Adding generated files nipkow parents: diff changeset	38	\end{isamarkuptxt}%
9541 d17c0b34d5c8 * empty log message * nipkow parents: 9458 diff changeset	39	\isacommand{by}\ auto%
8749 2665170f104a Adding generated files nipkow parents: diff changeset	40	\begin{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	41	Try proving the above lemma by structural induction, and you find that you
2665170f104a Adding generated files nipkow parents: diff changeset	42	need an additional case distinction. What is worse, the names of variables
2665170f104a Adding generated files nipkow parents: diff changeset	43	are invented by Isabelle and have nothing to do with the names in the
2665170f104a Adding generated files nipkow parents: diff changeset	44	definition of \isa{sep}.
2665170f104a Adding generated files nipkow parents: diff changeset	45
2665170f104a Adding generated files nipkow parents: diff changeset	46	In general, the format of invoking recursion induction is
2665170f104a Adding generated files nipkow parents: diff changeset	47	\begin{ttbox}
2665170f104a Adding generated files nipkow parents: diff changeset	48	apply(induct_tac $x@1 \dots x@n$ rule: $f$.induct)
2665170f104a Adding generated files nipkow parents: diff changeset	49	\end{ttbox}\index{*induct_tac}%
2665170f104a Adding generated files nipkow parents: diff changeset	50	where $x@1~\dots~x@n$ is a list of free variables in the subgoal and $f$ the
2665170f104a Adding generated files nipkow parents: diff changeset	51	name of a function that takes an $n$-tuple. Usually the subgoal will
2665170f104a Adding generated files nipkow parents: diff changeset	52	contain the term $f~x@1~\dots~x@n$ but this need not be the case. The
2665170f104a Adding generated files nipkow parents: diff changeset	53	induction rules do not mention $f$ at all. For example \isa{sep.induct}
2665170f104a Adding generated files nipkow parents: diff changeset	54	\begin{isabellepar}%
2665170f104a Adding generated files nipkow parents: diff changeset	55	{\isasymlbrakk}~{\isasymAnd}a.~?P~a~[];\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	56	~~{\isasymAnd}a~x.~?P~a~[x];\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	57	~~{\isasymAnd}a~x~y~zs.~?P~a~(y~\#~zs)~{\isasymLongrightarrow}~?P~a~(x~\#~y~\#~zs){\isasymrbrakk}\isanewline
2665170f104a Adding generated files nipkow parents: diff changeset	58	{\isasymLongrightarrow}~?P~?u~?v%
2665170f104a Adding generated files nipkow parents: diff changeset	59	\end{isabellepar}%
2665170f104a Adding generated files nipkow parents: diff changeset	60	merely says that in order to prove a property \isa{?P} of \isa{?u} and
2665170f104a Adding generated files nipkow parents: diff changeset	61	\isa{?v} you need to prove it for the three cases where \isa{?v} is the
2665170f104a Adding generated files nipkow parents: diff changeset	62	empty list, the singleton list, and the list with at least two elements
2665170f104a Adding generated files nipkow parents: diff changeset	63	(in which case you may assume it holds for the tail of that list).%
2665170f104a Adding generated files nipkow parents: diff changeset	64	\end{isamarkuptext}%
2665170f104a Adding generated files nipkow parents: diff changeset	65	\end{isabelle}%
9145 9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	66	%%% Local Variables:
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	67	%%% mode: latex
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	68	%%% TeX-master: "root"
9f7b8de5bfaf updated; wenzelm parents: 8771 diff changeset	69	%%% End:

author	wenzelm
	Mon, 21 Aug 2000 19:29:27 +0200
changeset 9674	f789d2490669
parent 9541	d17c0b34d5c8
child 9689	751fde5307e4
permissions	-rw-r--r--