src/HOL/ex/Primrec.thy
author paulson
Thu Dec 10 17:34:18 2009 +0000 (2009-12-10)
changeset 34055 fdf294ee08b2
parent 28480 7aef230bd145
child 41460 ea56b98aee83
permissions -rw-r--r--
streamlined proofs
wenzelm@11024
     1
(*  Title:      HOL/ex/Primrec.thy
paulson@3335
     2
    ID:         $Id$
paulson@3335
     3
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@3335
     4
    Copyright   1997  University of Cambridge
paulson@3335
     5
nipkow@27626
     6
Ackermann's Function and the
nipkow@27626
     7
Primitive Recursive Functions.
paulson@3335
     8
*)
paulson@3335
     9
wenzelm@11024
    10
header {* Primitive Recursive Functions *}
wenzelm@11024
    11
haftmann@16417
    12
theory Primrec imports Main begin
wenzelm@11024
    13
wenzelm@11024
    14
text {*
wenzelm@11024
    15
  Proof adopted from
wenzelm@11024
    16
wenzelm@11024
    17
  Nora Szasz, A Machine Checked Proof that Ackermann's Function is not
wenzelm@11024
    18
  Primitive Recursive, In: Huet \& Plotkin, eds., Logical Environments
wenzelm@11024
    19
  (CUP, 1993), 317-338.
wenzelm@11024
    20
wenzelm@11024
    21
  See also E. Mendelson, Introduction to Mathematical Logic.  (Van
wenzelm@11024
    22
  Nostrand, 1964), page 250, exercise 11.
wenzelm@11024
    23
  \medskip
wenzelm@11024
    24
*}
wenzelm@11024
    25
wenzelm@11024
    26
nipkow@27626
    27
subsection{* Ackermann's Function *}
wenzelm@11024
    28
nipkow@27626
    29
fun ack :: "nat => nat => nat" where
nipkow@27626
    30
"ack 0 n =  Suc n" |
nipkow@27626
    31
"ack (Suc m) 0 = ack m 1" |
nipkow@27626
    32
"ack (Suc m) (Suc n) = ack m (ack (Suc m) n)"
wenzelm@11024
    33
wenzelm@11024
    34
wenzelm@11024
    35
text {* PROPERTY A 4 *}
wenzelm@11024
    36
nipkow@27626
    37
lemma less_ack2 [iff]: "j < ack i j"
nipkow@27626
    38
by (induct i j rule: ack.induct) simp_all
wenzelm@11024
    39
wenzelm@11024
    40
wenzelm@11024
    41
text {* PROPERTY A 5-, the single-step lemma *}
wenzelm@11024
    42
nipkow@27626
    43
lemma ack_less_ack_Suc2 [iff]: "ack i j < ack i (Suc j)"
nipkow@27626
    44
by (induct i j rule: ack.induct) simp_all
wenzelm@11024
    45
wenzelm@11024
    46
wenzelm@11024
    47
text {* PROPERTY A 5, monotonicity for @{text "<"} *}
wenzelm@11024
    48
nipkow@27626
    49
lemma ack_less_mono2: "j < k ==> ack i j < ack i k"
nipkow@27626
    50
using lift_Suc_mono_less[where f = "ack i"]
nipkow@27626
    51
by (metis ack_less_ack_Suc2)
wenzelm@11024
    52
wenzelm@11024
    53
wenzelm@11024
    54
text {* PROPERTY A 5', monotonicity for @{text \<le>} *}
wenzelm@11024
    55
nipkow@27626
    56
lemma ack_le_mono2: "j \<le> k ==> ack i j \<le> ack i k"
nipkow@27626
    57
apply (simp add: order_le_less)
nipkow@27626
    58
apply (blast intro: ack_less_mono2)
nipkow@27626
    59
done
paulson@3335
    60
wenzelm@11024
    61
wenzelm@11024
    62
text {* PROPERTY A 6 *}
wenzelm@11024
    63
nipkow@27626
    64
lemma ack2_le_ack1 [iff]: "ack i (Suc j) \<le> ack (Suc i) j"
haftmann@26072
    65
proof (induct j)
haftmann@26072
    66
  case 0 show ?case by simp
haftmann@26072
    67
next
haftmann@26072
    68
  case (Suc j) show ?case 
haftmann@26072
    69
    by (auto intro!: ack_le_mono2)
haftmann@26072
    70
      (metis Suc Suc_leI Suc_lessI less_ack2 linorder_not_less)
haftmann@26072
    71
qed
wenzelm@11024
    72
wenzelm@11024
    73
wenzelm@11024
    74
text {* PROPERTY A 7-, the single-step lemma *}
wenzelm@11024
    75
nipkow@27626
    76
lemma ack_less_ack_Suc1 [iff]: "ack i j < ack (Suc i) j"
nipkow@27626
    77
by (blast intro: ack_less_mono2 less_le_trans)
wenzelm@11024
    78
wenzelm@11024
    79
wenzelm@19676
    80
text {* PROPERTY A 4'? Extra lemma needed for @{term CONSTANT} case, constant functions *}
wenzelm@11024
    81
nipkow@27626
    82
lemma less_ack1 [iff]: "i < ack i j"
nipkow@27626
    83
apply (induct i)
nipkow@27626
    84
 apply simp_all
nipkow@27626
    85
apply (blast intro: Suc_leI le_less_trans)
nipkow@27626
    86
done
wenzelm@11024
    87
wenzelm@11024
    88
wenzelm@11024
    89
text {* PROPERTY A 8 *}
wenzelm@11024
    90
nipkow@27626
    91
lemma ack_1 [simp]: "ack (Suc 0) j = j + 2"
nipkow@27626
    92
by (induct j) simp_all
wenzelm@11024
    93
wenzelm@11024
    94
wenzelm@11701
    95
text {* PROPERTY A 9.  The unary @{text 1} and @{text 2} in @{term
wenzelm@11024
    96
  ack} is essential for the rewriting. *}
wenzelm@11024
    97
nipkow@27626
    98
lemma ack_2 [simp]: "ack (Suc (Suc 0)) j = 2 * j + 3"
nipkow@27626
    99
by (induct j) simp_all
paulson@3335
   100
paulson@3335
   101
wenzelm@11024
   102
text {* PROPERTY A 7, monotonicity for @{text "<"} [not clear why
wenzelm@11024
   103
  @{thm [source] ack_1} is now needed first!] *}
wenzelm@11024
   104
nipkow@27626
   105
lemma ack_less_mono1_aux: "ack i k < ack (Suc (i +i')) k"
paulson@34055
   106
proof (induct i k rule: ack.induct)
paulson@34055
   107
  case (1 n) show ?case
paulson@34055
   108
    by (simp, metis ack_less_ack_Suc1 less_ack2 less_trans_Suc) 
paulson@34055
   109
next
paulson@34055
   110
  case (2 m) thus ?case by simp
paulson@34055
   111
next
paulson@34055
   112
  case (3 m n) thus ?case
paulson@34055
   113
    by (simp, blast intro: less_trans ack_less_mono2)
paulson@34055
   114
qed
wenzelm@11024
   115
nipkow@27626
   116
lemma ack_less_mono1: "i < j ==> ack i k < ack j k"
nipkow@27626
   117
apply (drule less_imp_Suc_add)
nipkow@27626
   118
apply (blast intro!: ack_less_mono1_aux)
nipkow@27626
   119
done
wenzelm@11024
   120
wenzelm@11024
   121
wenzelm@11024
   122
text {* PROPERTY A 7', monotonicity for @{text "\<le>"} *}
wenzelm@11024
   123
nipkow@27626
   124
lemma ack_le_mono1: "i \<le> j ==> ack i k \<le> ack j k"
nipkow@27626
   125
apply (simp add: order_le_less)
nipkow@27626
   126
apply (blast intro: ack_less_mono1)
nipkow@27626
   127
done
wenzelm@11024
   128
wenzelm@11024
   129
wenzelm@11024
   130
text {* PROPERTY A 10 *}
wenzelm@11024
   131
nipkow@27626
   132
lemma ack_nest_bound: "ack i1 (ack i2 j) < ack (2 + (i1 + i2)) j"
nipkow@27626
   133
apply (simp add: numerals)
nipkow@27626
   134
apply (rule ack2_le_ack1 [THEN [2] less_le_trans])
nipkow@27626
   135
apply simp
nipkow@27626
   136
apply (rule le_add1 [THEN ack_le_mono1, THEN le_less_trans])
nipkow@27626
   137
apply (rule ack_less_mono1 [THEN ack_less_mono2])
nipkow@27626
   138
apply (simp add: le_imp_less_Suc le_add2)
nipkow@27626
   139
done
wenzelm@11024
   140
paulson@3335
   141
wenzelm@11024
   142
text {* PROPERTY A 11 *}
paulson@3335
   143
nipkow@27626
   144
lemma ack_add_bound: "ack i1 j + ack i2 j < ack (4 + (i1 + i2)) j"
nipkow@27626
   145
apply (rule less_trans [of _ "ack (Suc (Suc 0)) (ack (i1 + i2) j)"])
nipkow@27626
   146
 prefer 2
nipkow@27626
   147
 apply (rule ack_nest_bound [THEN less_le_trans])
nipkow@27626
   148
 apply (simp add: Suc3_eq_add_3)
nipkow@27626
   149
apply simp
nipkow@27626
   150
apply (cut_tac i = i1 and m1 = i2 and k = j in le_add1 [THEN ack_le_mono1])
nipkow@27626
   151
apply (cut_tac i = "i2" and m1 = i1 and k = j in le_add2 [THEN ack_le_mono1])
nipkow@27626
   152
apply auto
nipkow@27626
   153
done
wenzelm@11024
   154
wenzelm@11024
   155
wenzelm@11024
   156
text {* PROPERTY A 12.  Article uses existential quantifier but the ALF proof
wenzelm@11024
   157
  used @{text "k + 4"}.  Quantified version must be nested @{text
wenzelm@11024
   158
  "\<exists>k'. \<forall>i j. ..."} *}
paulson@3335
   159
nipkow@27626
   160
lemma ack_add_bound2: "i < ack k j ==> i + j < ack (4 + k) j"
nipkow@27626
   161
apply (rule less_trans [of _ "ack k j + ack 0 j"])
nipkow@27626
   162
 apply (blast intro: add_less_mono less_ack2) 
nipkow@27626
   163
apply (rule ack_add_bound [THEN less_le_trans])
nipkow@27626
   164
apply simp
nipkow@27626
   165
done
nipkow@27626
   166
nipkow@27626
   167
nipkow@27626
   168
subsection{*Primitive Recursive Functions*}
nipkow@27626
   169
nipkow@27626
   170
primrec hd0 :: "nat list => nat" where
nipkow@27626
   171
"hd0 [] = 0" |
nipkow@27626
   172
"hd0 (m # ms) = m"
wenzelm@11024
   173
wenzelm@11024
   174
nipkow@27626
   175
text {* Inductive definition of the set of primitive recursive functions of type @{typ "nat list => nat"}. *}
wenzelm@11024
   176
nipkow@27626
   177
definition SC :: "nat list => nat" where
nipkow@27626
   178
"SC l = Suc (hd0 l)"
nipkow@27626
   179
nipkow@27626
   180
definition CONSTANT :: "nat => nat list => nat" where
nipkow@27626
   181
"CONSTANT k l = k"
nipkow@27626
   182
nipkow@27626
   183
definition PROJ :: "nat => nat list => nat" where
nipkow@27626
   184
"PROJ i l = hd0 (drop i l)"
nipkow@27626
   185
nipkow@27626
   186
definition
nipkow@27626
   187
COMP :: "(nat list => nat) => (nat list => nat) list => nat list => nat"
nipkow@27626
   188
where "COMP g fs l = g (map (\<lambda>f. f l) fs)"
nipkow@27626
   189
nipkow@27626
   190
definition PREC :: "(nat list => nat) => (nat list => nat) => nat list => nat"
nipkow@27626
   191
where
nipkow@27626
   192
  "PREC f g l =
nipkow@27626
   193
    (case l of
nipkow@27626
   194
      [] => 0
nipkow@27626
   195
    | x # l' => nat_rec (f l') (\<lambda>y r. g (r # y # l')) x)"
nipkow@27626
   196
  -- {* Note that @{term g} is applied first to @{term "PREC f g y"} and then to @{term y}! *}
nipkow@27626
   197
nipkow@27626
   198
inductive PRIMREC :: "(nat list => nat) => bool" where
nipkow@27626
   199
SC: "PRIMREC SC" |
nipkow@27626
   200
CONSTANT: "PRIMREC (CONSTANT k)" |
nipkow@27626
   201
PROJ: "PRIMREC (PROJ i)" |
nipkow@27626
   202
COMP: "PRIMREC g ==> \<forall>f \<in> set fs. PRIMREC f ==> PRIMREC (COMP g fs)" |
nipkow@27626
   203
PREC: "PRIMREC f ==> PRIMREC g ==> PRIMREC (PREC f g)"
nipkow@27626
   204
nipkow@27626
   205
nipkow@27626
   206
text {* Useful special cases of evaluation *}
nipkow@27626
   207
nipkow@27626
   208
lemma SC [simp]: "SC (x # l) = Suc x"
nipkow@27626
   209
by (simp add: SC_def)
nipkow@27626
   210
nipkow@27626
   211
lemma CONSTANT [simp]: "CONSTANT k l = k"
nipkow@27626
   212
by (simp add: CONSTANT_def)
nipkow@27626
   213
nipkow@27626
   214
lemma PROJ_0 [simp]: "PROJ 0 (x # l) = x"
nipkow@27626
   215
by (simp add: PROJ_def)
nipkow@27626
   216
nipkow@27626
   217
lemma COMP_1 [simp]: "COMP g [f] l = g [f l]"
nipkow@27626
   218
by (simp add: COMP_def)
nipkow@27626
   219
nipkow@27626
   220
lemma PREC_0 [simp]: "PREC f g (0 # l) = f l"
nipkow@27626
   221
by (simp add: PREC_def)
nipkow@27626
   222
nipkow@27626
   223
lemma PREC_Suc [simp]: "PREC f g (Suc x # l) = g (PREC f g (x # l) # x # l)"
nipkow@27626
   224
by (simp add: PREC_def)
nipkow@27626
   225
paulson@3335
   226
wenzelm@11024
   227
text {* MAIN RESULT *}
wenzelm@11024
   228
nipkow@27626
   229
lemma SC_case: "SC l < ack 1 (listsum l)"
nipkow@27626
   230
apply (unfold SC_def)
nipkow@27626
   231
apply (induct l)
nipkow@27626
   232
apply (simp_all add: le_add1 le_imp_less_Suc)
nipkow@27626
   233
done
wenzelm@11024
   234
nipkow@27626
   235
lemma CONSTANT_case: "CONSTANT k l < ack k (listsum l)"
nipkow@27626
   236
by simp
paulson@3335
   237
nipkow@27626
   238
lemma PROJ_case: "PROJ i l < ack 0 (listsum l)"
nipkow@27626
   239
apply (simp add: PROJ_def)
nipkow@27626
   240
apply (induct l arbitrary:i)
nipkow@27626
   241
 apply (auto simp add: drop_Cons split: nat.split)
nipkow@27626
   242
apply (blast intro: less_le_trans le_add2)
nipkow@27626
   243
done
wenzelm@11024
   244
wenzelm@11024
   245
wenzelm@11024
   246
text {* @{term COMP} case *}
paulson@3335
   247
nipkow@27626
   248
lemma COMP_map_aux: "\<forall>f \<in> set fs. PRIMREC f \<and> (\<exists>kf. \<forall>l. f l < ack kf (listsum l))
nipkow@27626
   249
  ==> \<exists>k. \<forall>l. listsum (map (\<lambda>f. f l) fs) < ack k (listsum l)"
nipkow@27626
   250
apply (induct fs)
nipkow@27626
   251
 apply (rule_tac x = 0 in exI)
nipkow@27626
   252
 apply simp
nipkow@27626
   253
apply simp
nipkow@27626
   254
apply (blast intro: add_less_mono ack_add_bound less_trans)
nipkow@27626
   255
done
wenzelm@11024
   256
wenzelm@11024
   257
lemma COMP_case:
nipkow@27626
   258
  "\<forall>l. g l < ack kg (listsum l) ==>
nipkow@27626
   259
  \<forall>f \<in> set fs. PRIMREC f \<and> (\<exists>kf. \<forall>l. f l < ack kf (listsum l))
nipkow@27626
   260
  ==> \<exists>k. \<forall>l. COMP g fs  l < ack k (listsum l)"
nipkow@27626
   261
apply (unfold COMP_def)
paulson@34055
   262
apply (drule COMP_map_aux)
paulson@34055
   263
apply (meson ack_less_mono2 ack_nest_bound less_trans)
nipkow@27626
   264
done
wenzelm@11024
   265
wenzelm@11024
   266
wenzelm@11024
   267
text {* @{term PREC} case *}
paulson@3335
   268
wenzelm@11024
   269
lemma PREC_case_aux:
nipkow@27626
   270
  "\<forall>l. f l + listsum l < ack kf (listsum l) ==>
nipkow@27626
   271
    \<forall>l. g l + listsum l < ack kg (listsum l) ==>
nipkow@27626
   272
    PREC f g l + listsum l < ack (Suc (kf + kg)) (listsum l)"
nipkow@27626
   273
apply (unfold PREC_def)
nipkow@27626
   274
apply (case_tac l)
nipkow@27626
   275
 apply simp_all
nipkow@27626
   276
 apply (blast intro: less_trans)
nipkow@27626
   277
apply (erule ssubst) -- {* get rid of the needless assumption *}
nipkow@27626
   278
apply (induct_tac a)
nipkow@27626
   279
 apply simp_all
nipkow@27626
   280
 txt {* base case *}
nipkow@27626
   281
 apply (blast intro: le_add1 [THEN le_imp_less_Suc, THEN ack_less_mono1] less_trans)
nipkow@27626
   282
txt {* induction step *}
nipkow@27626
   283
apply (rule Suc_leI [THEN le_less_trans])
nipkow@27626
   284
 apply (rule le_refl [THEN add_le_mono, THEN le_less_trans])
nipkow@27626
   285
  prefer 2
nipkow@27626
   286
  apply (erule spec)
nipkow@27626
   287
 apply (simp add: le_add2)
nipkow@27626
   288
txt {* final part of the simplification *}
nipkow@27626
   289
apply simp
nipkow@27626
   290
apply (rule le_add2 [THEN ack_le_mono1, THEN le_less_trans])
nipkow@27626
   291
apply (erule ack_less_mono2)
nipkow@27626
   292
done
wenzelm@11024
   293
wenzelm@11024
   294
lemma PREC_case:
nipkow@27626
   295
  "\<forall>l. f l < ack kf (listsum l) ==>
nipkow@27626
   296
    \<forall>l. g l < ack kg (listsum l) ==>
nipkow@27626
   297
    \<exists>k. \<forall>l. PREC f g l < ack k (listsum l)"
nipkow@27626
   298
by (metis le_less_trans [OF le_add1 PREC_case_aux] ack_add_bound2)
wenzelm@11024
   299
nipkow@27626
   300
lemma ack_bounds_PRIMREC: "PRIMREC f ==> \<exists>k. \<forall>l. f l < ack k (listsum l)"
nipkow@27626
   301
apply (erule PRIMREC.induct)
nipkow@27626
   302
    apply (blast intro: SC_case CONSTANT_case PROJ_case COMP_case PREC_case)+
nipkow@27626
   303
done
wenzelm@11024
   304
nipkow@27626
   305
theorem ack_not_PRIMREC:
nipkow@27626
   306
  "\<not> PRIMREC (\<lambda>l. case l of [] => 0 | x # l' => ack x x)"
nipkow@27626
   307
apply (rule notI)
nipkow@27626
   308
apply (erule ack_bounds_PRIMREC [THEN exE])
nipkow@27626
   309
apply (rule less_irrefl [THEN notE])
nipkow@27626
   310
apply (drule_tac x = "[x]" in spec)
nipkow@27626
   311
apply simp
nipkow@27626
   312
done
paulson@3335
   313
paulson@3335
   314
end