83 \end{isamarkuptext}% |
84 \end{isamarkuptext}% |
84 \isacommand{lemmas}\ myrule\ {\isacharequal}\ simple{\isacharbrackleft}THEN\ spec{\isacharcomma}\ THEN\ mp{\isacharcomma}\ THEN\ mp{\isacharbrackright}% |
85 \isacommand{lemmas}\ myrule\ {\isacharequal}\ simple{\isacharbrackleft}THEN\ spec{\isacharcomma}\ THEN\ mp{\isacharcomma}\ THEN\ mp{\isacharbrackright}% |
85 \begin{isamarkuptext}% |
86 \begin{isamarkuptext}% |
86 \noindent |
87 \noindent |
87 or the wholesale stripping of \isa{{\isasymforall}} and |
88 or the wholesale stripping of \isa{{\isasymforall}} and |
88 \isa{{\isasymlongrightarrow}} in the conclusion via \isa{rulify}% |
89 \isa{{\isasymlongrightarrow}} in the conclusion via \isa{rulified}% |
89 \end{isamarkuptext}% |
90 \end{isamarkuptext}% |
90 \isacommand{lemmas}\ myrule\ {\isacharequal}\ simple{\isacharbrackleft}rulify{\isacharbrackright}% |
91 \isacommand{lemmas}\ myrule\ {\isacharequal}\ simple{\isacharbrackleft}rulified{\isacharbrackright}% |
91 \begin{isamarkuptext}% |
92 \begin{isamarkuptext}% |
92 \noindent |
93 \noindent |
93 yielding \isa{{\isasymlbrakk}A\ y{\isacharsemicolon}\ B\ y{\isasymrbrakk}\ {\isasymLongrightarrow}\ B\ y\ {\isasymand}\ A\ y}. |
94 yielding \isa{{\isasymlbrakk}A\ y{\isacharsemicolon}\ B\ y{\isasymrbrakk}\ {\isasymLongrightarrow}\ B\ y\ {\isasymand}\ A\ y}. |
94 You can go one step further and include these derivations already in the |
95 You can go one step further and include these derivations already in the |
95 statement of your original lemma, thus avoiding the intermediate step:% |
96 statement of your original lemma, thus avoiding the intermediate step:% |
96 \end{isamarkuptext}% |
97 \end{isamarkuptext}% |
97 \isacommand{lemma}\ myrule{\isacharbrackleft}rulify{\isacharbrackright}{\isacharcolon}\ \ {\isachardoublequote}{\isasymforall}y{\isachardot}\ A\ y\ {\isasymlongrightarrow}\ B\ y\ {\isasymlongrightarrow}\ B\ y\ {\isacharampersand}\ A\ y{\isachardoublequote}% |
98 \isacommand{lemma}\ myrule{\isacharbrackleft}rulified{\isacharbrackright}{\isacharcolon}\ \ {\isachardoublequote}{\isasymforall}y{\isachardot}\ A\ y\ {\isasymlongrightarrow}\ B\ y\ {\isasymlongrightarrow}\ B\ y\ {\isacharampersand}\ A\ y{\isachardoublequote}% |
98 \begin{isamarkuptext}% |
99 \begin{isamarkuptext}% |
99 \bigskip |
100 \bigskip |
100 |
101 |
101 A second reason why your proposition may not be amenable to induction is that |
102 A second reason why your proposition may not be amenable to induction is that |
102 you want to induct on a whole term, rather than an individual variable. In |
103 you want to induct on a whole term, rather than an individual variable. In |
117 be helpful. We show how to apply such induction schemas by an example. |
118 be helpful. We show how to apply such induction schemas by an example. |
118 |
119 |
119 Structural induction on \isa{nat} is |
120 Structural induction on \isa{nat} is |
120 usually known as ``mathematical induction''. There is also ``complete |
121 usually known as ``mathematical induction''. There is also ``complete |
121 induction'', where you must prove $P(n)$ under the assumption that $P(m)$ |
122 induction'', where you must prove $P(n)$ under the assumption that $P(m)$ |
122 holds for all $m<n$. In Isabelle, this is the theorem \isa{less{\isacharunderscore}induct}: |
123 holds for all $m<n$. In Isabelle, this is the theorem \isa{nat{\isacharunderscore}less{\isacharunderscore}induct}: |
123 % |
|
124 \begin{isabelle}% |
124 \begin{isabelle}% |
125 \ \ \ \ \ {\isacharparenleft}{\isasymAnd}n{\isachardot}\ {\isasymforall}m{\isachardot}\ m\ {\isacharless}\ n\ {\isasymlongrightarrow}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n% |
125 \ \ \ \ \ {\isacharparenleft}{\isasymAnd}n{\isachardot}\ {\isasymforall}m{\isachardot}\ m\ {\isacharless}\ n\ {\isasymlongrightarrow}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n% |
126 \end{isabelle}% |
126 \end{isabelle} |
127 |
|
128 Here is an example of its application.% |
127 Here is an example of its application.% |
129 \end{isamarkuptext}% |
128 \end{isamarkuptext}% |
130 \isacommand{consts}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat\ {\isacharequal}{\isachargreater}\ nat{\isachardoublequote}\isanewline |
129 \isacommand{consts}\ f\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequote}nat\ {\isacharequal}{\isachargreater}\ nat{\isachardoublequote}\isanewline |
131 \isacommand{axioms}\ f{\isacharunderscore}ax{\isacharcolon}\ {\isachardoublequote}f{\isacharparenleft}f{\isacharparenleft}n{\isacharparenright}{\isacharparenright}\ {\isacharless}\ f{\isacharparenleft}Suc{\isacharparenleft}n{\isacharparenright}{\isacharparenright}{\isachardoublequote}% |
130 \isacommand{axioms}\ f{\isacharunderscore}ax{\isacharcolon}\ {\isachardoublequote}f{\isacharparenleft}f{\isacharparenleft}n{\isacharparenright}{\isacharparenright}\ {\isacharless}\ f{\isacharparenleft}Suc{\isacharparenleft}n{\isacharparenright}{\isacharparenright}{\isachardoublequote}% |
132 \begin{isamarkuptext}% |
131 \begin{isamarkuptext}% |
140 above, we have to phrase the proposition as follows to allow induction:% |
139 above, we have to phrase the proposition as follows to allow induction:% |
141 \end{isamarkuptext}% |
140 \end{isamarkuptext}% |
142 \isacommand{lemma}\ f{\isacharunderscore}incr{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i{\isachardot}\ k\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isachardoublequote}% |
141 \isacommand{lemma}\ f{\isacharunderscore}incr{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i{\isachardot}\ k\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isachardoublequote}% |
143 \begin{isamarkuptxt}% |
142 \begin{isamarkuptxt}% |
144 \noindent |
143 \noindent |
145 To perform induction on \isa{k} using \isa{less{\isacharunderscore}induct}, we use the same |
144 To perform induction on \isa{k} using \isa{nat{\isacharunderscore}less{\isacharunderscore}induct}, we use the same |
146 general induction method as for recursion induction (see |
145 general induction method as for recursion induction (see |
147 \S\ref{sec:recdef-induction}):% |
146 \S\ref{sec:recdef-induction}):% |
148 \end{isamarkuptxt}% |
147 \end{isamarkuptxt}% |
149 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ k\ rule{\isacharcolon}less{\isacharunderscore}induct{\isacharparenright}% |
148 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ k\ rule{\isacharcolon}\ nat{\isacharunderscore}less{\isacharunderscore}induct{\isacharparenright}% |
150 \begin{isamarkuptxt}% |
149 \begin{isamarkuptxt}% |
151 \noindent |
150 \noindent |
152 which leaves us with the following proof state: |
151 which leaves us with the following proof state: |
153 \begin{isabelle} |
152 \begin{isabelle} |
154 \ 1.\ {\isasymAnd}\mbox{n}.\ {\isasymforall}\mbox{m}.\ \mbox{m}\ <\ \mbox{n}\ {\isasymlongrightarrow}\ ({\isasymforall}\mbox{i}.\ \mbox{m}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i})\isanewline |
153 \ 1.\ {\isasymAnd}\mbox{n}.\ {\isasymforall}\mbox{m}.\ \mbox{m}\ <\ \mbox{n}\ {\isasymlongrightarrow}\ ({\isasymforall}\mbox{i}.\ \mbox{m}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i})\isanewline |
161 \ 1.\ {\isasymAnd}\mbox{n}\ \mbox{i}\ \mbox{nat}.\isanewline |
160 \ 1.\ {\isasymAnd}\mbox{n}\ \mbox{i}\ \mbox{nat}.\isanewline |
162 \ \ \ \ \ \ \ {\isasymlbrakk}{\isasymforall}\mbox{m}.\ \mbox{m}\ <\ \mbox{n}\ {\isasymlongrightarrow}\ ({\isasymforall}\mbox{i}.\ \mbox{m}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i});\ \mbox{i}\ =\ Suc\ \mbox{nat}{\isasymrbrakk}\isanewline |
161 \ \ \ \ \ \ \ {\isasymlbrakk}{\isasymforall}\mbox{m}.\ \mbox{m}\ <\ \mbox{n}\ {\isasymlongrightarrow}\ ({\isasymforall}\mbox{i}.\ \mbox{m}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i});\ \mbox{i}\ =\ Suc\ \mbox{nat}{\isasymrbrakk}\isanewline |
163 \ \ \ \ \ \ \ {\isasymLongrightarrow}\ \mbox{n}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i} |
162 \ \ \ \ \ \ \ {\isasymLongrightarrow}\ \mbox{n}\ =\ f\ \mbox{i}\ {\isasymlongrightarrow}\ \mbox{i}\ {\isasymle}\ f\ \mbox{i} |
164 \end{isabelle}% |
163 \end{isabelle}% |
165 \end{isamarkuptxt}% |
164 \end{isamarkuptxt}% |
166 \isacommand{by}{\isacharparenleft}blast\ intro{\isacharbang}{\isacharcolon}\ f{\isacharunderscore}ax\ Suc{\isacharunderscore}leI\ intro{\isacharcolon}le{\isacharunderscore}less{\isacharunderscore}trans{\isacharparenright}% |
165 \isacommand{by}{\isacharparenleft}blast\ intro{\isacharbang}{\isacharcolon}\ f{\isacharunderscore}ax\ Suc{\isacharunderscore}leI\ intro{\isacharcolon}\ le{\isacharunderscore}less{\isacharunderscore}trans{\isacharparenright}% |
167 \begin{isamarkuptext}% |
166 \begin{isamarkuptext}% |
168 \noindent |
167 \noindent |
169 It is not surprising if you find the last step puzzling. |
168 It is not surprising if you find the last step puzzling. |
170 The proof goes like this (writing \isa{j} instead of \isa{nat}). |
169 The proof goes like this (writing \isa{j} instead of \isa{nat}). |
171 Since \isa{i\ {\isacharequal}\ Suc\ j} it suffices to show |
170 Since \isa{i\ {\isacharequal}\ Suc\ j} it suffices to show |
184 \S\ref{sec:part2?} introduces a language for writing readable yet concise |
183 \S\ref{sec:part2?} introduces a language for writing readable yet concise |
185 proofs. |
184 proofs. |
186 |
185 |
187 We can now derive the desired \isa{i\ {\isasymle}\ f\ i} from \isa{f{\isacharunderscore}incr}:% |
186 We can now derive the desired \isa{i\ {\isasymle}\ f\ i} from \isa{f{\isacharunderscore}incr}:% |
188 \end{isamarkuptext}% |
187 \end{isamarkuptext}% |
189 \isacommand{lemmas}\ f{\isacharunderscore}incr\ {\isacharequal}\ f{\isacharunderscore}incr{\isacharunderscore}lem{\isacharbrackleft}rulify{\isacharcomma}\ OF\ refl{\isacharbrackright}% |
188 \isacommand{lemmas}\ f{\isacharunderscore}incr\ {\isacharequal}\ f{\isacharunderscore}incr{\isacharunderscore}lem{\isacharbrackleft}rulified{\isacharcomma}\ OF\ refl{\isacharbrackright}% |
190 \begin{isamarkuptext}% |
189 \begin{isamarkuptext}% |
191 \noindent |
190 \noindent |
192 The final \isa{refl} gets rid of the premise \isa{{\isacharquery}k\ {\isacharequal}\ f\ {\isacharquery}i}. Again, |
191 The final \isa{refl} gets rid of the premise \isa{{\isacharquery}k\ {\isacharequal}\ f\ {\isacharquery}i}. Again, |
193 we could have included this derivation in the original statement of the lemma:% |
192 we could have included this derivation in the original statement of the lemma:% |
194 \end{isamarkuptext}% |
193 \end{isamarkuptext}% |
195 \isacommand{lemma}\ f{\isacharunderscore}incr{\isacharbrackleft}rulify{\isacharcomma}\ OF\ refl{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i{\isachardot}\ k\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isachardoublequote}% |
194 \isacommand{lemma}\ f{\isacharunderscore}incr{\isacharbrackleft}rulified{\isacharcomma}\ OF\ refl{\isacharbrackright}{\isacharcolon}\ {\isachardoublequote}{\isasymforall}i{\isachardot}\ k\ {\isacharequal}\ f\ i\ {\isasymlongrightarrow}\ i\ {\isasymle}\ f\ i{\isachardoublequote}% |
196 \begin{isamarkuptext}% |
195 \begin{isamarkuptext}% |
197 \begin{exercise} |
196 \begin{exercise} |
198 From the above axiom and lemma for \isa{f} show that \isa{f} is the |
197 From the above axiom and lemma for \isa{f} show that \isa{f} is the |
199 identity. |
198 identity. |
200 \end{exercise} |
199 \end{exercise} |
218 % |
217 % |
219 \begin{isamarkuptext}% |
218 \begin{isamarkuptext}% |
220 \label{sec:derive-ind} |
219 \label{sec:derive-ind} |
221 Induction schemas are ordinary theorems and you can derive new ones |
220 Induction schemas are ordinary theorems and you can derive new ones |
222 whenever you wish. This section shows you how to, using the example |
221 whenever you wish. This section shows you how to, using the example |
223 of \isa{less{\isacharunderscore}induct}. Assume we only have structural induction |
222 of \isa{nat{\isacharunderscore}less{\isacharunderscore}induct}. Assume we only have structural induction |
224 available for \isa{nat} and want to derive complete induction. This |
223 available for \isa{nat} and want to derive complete induction. This |
225 requires us to generalize the statement first:% |
224 requires us to generalize the statement first:% |
226 \end{isamarkuptext}% |
225 \end{isamarkuptext}% |
227 \isacommand{lemma}\ induct{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m{\isachardoublequote}\isanewline |
226 \isacommand{lemma}\ induct{\isacharunderscore}lem{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m{\isachardoublequote}\isanewline |
228 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ n{\isacharparenright}% |
227 \isacommand{apply}{\isacharparenleft}induct{\isacharunderscore}tac\ n{\isacharparenright}% |
238 \isacommand{sorry}\isanewline |
237 \isacommand{sorry}\isanewline |
239 \isacommand{ML}{\isachardoublequote}reset\ quick{\isacharunderscore}and{\isacharunderscore}dirty{\isachardoublequote}% |
238 \isacommand{ML}{\isachardoublequote}reset\ quick{\isacharunderscore}and{\isacharunderscore}dirty{\isachardoublequote}% |
240 \begin{isamarkuptext}% |
239 \begin{isamarkuptext}% |
241 \noindent |
240 \noindent |
242 The elimination rule \isa{less{\isacharunderscore}SucE} expresses the case distinction: |
241 The elimination rule \isa{less{\isacharunderscore}SucE} expresses the case distinction: |
243 % |
|
244 \begin{isabelle}% |
242 \begin{isabelle}% |
245 \ \ \ \ \ {\isasymlbrakk}m\ {\isacharless}\ Suc\ n{\isacharsemicolon}\ m\ {\isacharless}\ n\ {\isasymLongrightarrow}\ P{\isacharsemicolon}\ m\ {\isacharequal}\ n\ {\isasymLongrightarrow}\ P{\isasymrbrakk}\ {\isasymLongrightarrow}\ P% |
243 \ \ \ \ \ {\isasymlbrakk}m\ {\isacharless}\ Suc\ n{\isacharsemicolon}\ m\ {\isacharless}\ n\ {\isasymLongrightarrow}\ P{\isacharsemicolon}\ m\ {\isacharequal}\ n\ {\isasymLongrightarrow}\ P{\isasymrbrakk}\ {\isasymLongrightarrow}\ P% |
246 \end{isabelle}% |
244 \end{isabelle} |
247 |
|
248 |
245 |
249 Now it is straightforward to derive the original version of |
246 Now it is straightforward to derive the original version of |
250 \isa{less{\isacharunderscore}induct} by manipulting the conclusion of the above lemma: |
247 \isa{nat{\isacharunderscore}less{\isacharunderscore}induct} by manipulting the conclusion of the above lemma: |
251 instantiate \isa{n} by \isa{Suc\ n} and \isa{m} by \isa{n} and |
248 instantiate \isa{n} by \isa{Suc\ n} and \isa{m} by \isa{n} and |
252 remove the trivial condition \isa{n\ {\isacharless}\ Sc\ n}. Fortunately, this |
249 remove the trivial condition \isa{n\ {\isacharless}\ Sc\ n}. Fortunately, this |
253 happens automatically when we add the lemma as a new premise to the |
250 happens automatically when we add the lemma as a new premise to the |
254 desired goal:% |
251 desired goal:% |
255 \end{isamarkuptext}% |
252 \end{isamarkuptext}% |
256 \isacommand{theorem}\ less{\isacharunderscore}induct{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n{\isachardoublequote}\isanewline |
253 \isacommand{theorem}\ nat{\isacharunderscore}less{\isacharunderscore}induct{\isacharcolon}\ {\isachardoublequote}{\isacharparenleft}{\isasymAnd}n{\isacharcolon}{\isacharcolon}nat{\isachardot}\ {\isasymforall}m{\isacharless}n{\isachardot}\ P\ m\ {\isasymLongrightarrow}\ P\ n{\isacharparenright}\ {\isasymLongrightarrow}\ P\ n{\isachardoublequote}\isanewline |
257 \isacommand{by}{\isacharparenleft}insert\ induct{\isacharunderscore}lem{\isacharcomma}\ blast{\isacharparenright}% |
254 \isacommand{by}{\isacharparenleft}insert\ induct{\isacharunderscore}lem{\isacharcomma}\ blast{\isacharparenright}% |
258 \begin{isamarkuptext}% |
255 \begin{isamarkuptext}% |
259 \noindent |
256 \noindent |
260 Finally we should mention that HOL already provides the mother of all |
257 Finally we should mention that HOL already provides the mother of all |
261 inductions, \emph{wellfounded induction} (\isa{wf{\isacharunderscore}induct}): |
258 inductions, \emph{wellfounded induction} (\isa{wf{\isacharunderscore}induct}): |
262 % |
|
263 \begin{isabelle}% |
259 \begin{isabelle}% |
264 \ \ \ \ \ {\isasymlbrakk}wf\ r{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ {\isasymforall}y{\isachardot}\ {\isacharparenleft}y{\isacharcomma}\ x{\isacharparenright}\ {\isasymin}\ r\ {\isasymlongrightarrow}\ P\ y\ {\isasymLongrightarrow}\ P\ x{\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ a% |
260 \ \ \ \ \ {\isasymlbrakk}wf\ r{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ {\isasymforall}y{\isachardot}\ {\isacharparenleft}y{\isacharcomma}\ x{\isacharparenright}\ {\isasymin}\ r\ {\isasymlongrightarrow}\ P\ y\ {\isasymLongrightarrow}\ P\ x{\isasymrbrakk}\ {\isasymLongrightarrow}\ P\ a% |
265 \end{isabelle}% |
261 \end{isabelle} |
266 |
|
267 where \isa{wf\ r} means that the relation \isa{r} is wellfounded. |
262 where \isa{wf\ r} means that the relation \isa{r} is wellfounded. |
268 For example \isa{less{\isacharunderscore}induct} is the special case where \isa{r} is |
263 For example \isa{nat{\isacharunderscore}less{\isacharunderscore}induct} is the special case where \isa{r} is |
269 \isa{{\isacharless}} on \isa{nat}. For details see the library.% |
264 \isa{{\isacharless}} on \isa{nat}. For details see the library.% |
270 \end{isamarkuptext}% |
265 \end{isamarkuptext}% |
271 \end{isabellebody}% |
266 \end{isabellebody}% |
272 %%% Local Variables: |
267 %%% Local Variables: |
273 %%% mode: latex |
268 %%% mode: latex |