22 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
22 \isacommand{apply}{\isacharparenleft}auto{\isacharparenright}\isanewline |
23 \isacommand{done}% |
23 \isacommand{done}% |
24 \begin{isamarkuptext}% |
24 \begin{isamarkuptext}% |
25 \newcommand{\mystar}{*% |
25 \newcommand{\mystar}{*% |
26 } |
26 } |
|
27 \index{arithmetic operations!for \protect\isa{nat}}% |
27 The usual arithmetic operations \ttindexboldpos{+}{$HOL2arithfun}, |
28 The usual arithmetic operations \ttindexboldpos{+}{$HOL2arithfun}, |
28 \ttindexboldpos{-}{$HOL2arithfun}, \ttindexboldpos{\mystar}{$HOL2arithfun}, |
29 \ttindexboldpos{-}{$HOL2arithfun}, \ttindexboldpos{\mystar}{$HOL2arithfun}, |
29 \sdx{div}, \sdx{mod}, \cdx{min} and |
30 \sdx{div}, \sdx{mod}, \cdx{min} and |
30 \cdx{max} are predefined, as are the relations |
31 \cdx{max} are predefined, as are the relations |
31 \indexboldpos{\isasymle}{$HOL2arithrel} and |
32 \indexboldpos{\isasymle}{$HOL2arithrel} and |
32 \ttindexboldpos{<}{$HOL2arithrel}. As usual, \isa{m\ {\isacharminus}\ n\ {\isacharequal}\ {\isadigit{0}}} if |
33 \ttindexboldpos{<}{$HOL2arithrel}. As usual, \isa{m\ {\isacharminus}\ n\ {\isacharequal}\ {\isadigit{0}}} if |
33 \isa{m\ {\isacharless}\ n}. There is even a least number operation |
34 \isa{m\ {\isacharless}\ n}. There is even a least number operation |
34 \sdx{LEAST}\@. For example, \isa{{\isacharparenleft}LEAST\ n{\isachardot}\ {\isadigit{1}}\ {\isacharless}\ n{\isacharparenright}\ {\isacharequal}\ {\isadigit{2}}}, although |
35 \sdx{LEAST}\@. For example, \isa{{\isacharparenleft}LEAST\ n{\isachardot}\ {\isadigit{1}}\ {\isacharless}\ n{\isacharparenright}\ {\isacharequal}\ {\isadigit{2}}}. |
35 Isabelle does not prove this automatically. Note that \isa{{\isadigit{1}}} |
36 \REMARK{Isabelle CAN prove it automatically, using \isa{auto intro: Least_equality}. |
|
37 The following needs changing with our new system of numbers.} |
|
38 Note that \isa{{\isadigit{1}}} |
36 and \isa{{\isadigit{2}}} are available as abbreviations for the corresponding |
39 and \isa{{\isadigit{2}}} are available as abbreviations for the corresponding |
37 \isa{Suc}-expressions. If you need the full set of numerals, |
40 \isa{Suc}-expressions. If you need the full set of numerals, |
38 see~\S\ref{sec:numerals}. |
41 see~\S\ref{sec:numerals}. |
39 |
42 |
40 \begin{warn} |
43 \begin{warn}\index{overloading} |
41 The constant \cdx{0} and the operations |
44 The constant \cdx{0} and the operations |
42 \ttindexboldpos{+}{$HOL2arithfun}, \ttindexboldpos{-}{$HOL2arithfun}, |
45 \ttindexboldpos{+}{$HOL2arithfun}, \ttindexboldpos{-}{$HOL2arithfun}, |
43 \ttindexboldpos{\mystar}{$HOL2arithfun}, \cdx{min}, |
46 \ttindexboldpos{\mystar}{$HOL2arithfun}, \cdx{min}, |
44 \cdx{max}, \indexboldpos{\isasymle}{$HOL2arithrel} and |
47 \cdx{max}, \indexboldpos{\isasymle}{$HOL2arithrel} and |
45 \ttindexboldpos{<}{$HOL2arithrel} are overloaded, i.e.\ they are available |
48 \ttindexboldpos{<}{$HOL2arithrel} are overloaded, i.e.\ they are available |
58 For details see \S\ref{sec:numbers} and \S\ref{sec:overloading}; |
61 For details see \S\ref{sec:numbers} and \S\ref{sec:overloading}; |
59 Table~\ref{tab:overloading} in the appendix shows the most important overloaded |
62 Table~\ref{tab:overloading} in the appendix shows the most important overloaded |
60 operations. |
63 operations. |
61 \end{warn} |
64 \end{warn} |
62 |
65 |
63 Simple arithmetic goals are proved automatically by both \isa{auto} and the |
66 Both \isa{auto} and \isa{simp} |
64 simplification method introduced in \S\ref{sec:Simplification}. For |
67 (a method introduced below, \S\ref{sec:Simplification}) prove |
65 example,% |
68 simple arithmetic goals automatically:% |
66 \end{isamarkuptext}% |
69 \end{isamarkuptext}% |
67 \isacommand{lemma}\ {\isachardoublequote}{\isasymlbrakk}\ {\isasymnot}\ m\ {\isacharless}\ n{\isacharsemicolon}\ m\ {\isacharless}\ n{\isacharplus}{\isadigit{1}}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ m\ {\isacharequal}\ n{\isachardoublequote}% |
70 \isacommand{lemma}\ {\isachardoublequote}{\isasymlbrakk}\ {\isasymnot}\ m\ {\isacharless}\ n{\isacharsemicolon}\ m\ {\isacharless}\ n{\isacharplus}{\isadigit{1}}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ m\ {\isacharequal}\ n{\isachardoublequote}% |
68 \begin{isamarkuptext}% |
71 \begin{isamarkuptext}% |
69 \noindent |
72 \noindent |
70 is proved automatically. The main restriction is that only addition is taken |
73 For efficiency's sake, this built-in prover ignores quantified formulae and all |
71 into account; other arithmetic operations and quantified formulae are ignored. |
74 arithmetic operations apart from addition. |
72 |
75 |
73 For more complex goals, there is the special method \methdx{arith} |
76 The method \methdx{arith} is more general. It attempts to prove |
74 (which attacks the first subgoal). It proves arithmetic goals involving the |
77 the first subgoal provided it is a quantifier free \textbf{linear arithmetic} formula. |
|
78 Such formulas may involve the |
75 usual logical connectives (\isa{{\isasymnot}}, \isa{{\isasymand}}, \isa{{\isasymor}}, |
79 usual logical connectives (\isa{{\isasymnot}}, \isa{{\isasymand}}, \isa{{\isasymor}}, |
76 \isa{{\isasymlongrightarrow}}), the relations \isa{{\isacharequal}}, \isa{{\isasymle}} and \isa{{\isacharless}}, |
80 \isa{{\isasymlongrightarrow}}), the relations \isa{{\isacharequal}}, \isa{{\isasymle}} and \isa{{\isacharless}}, |
77 and the operations |
81 and the operations |
78 \isa{{\isacharplus}}, \isa{{\isacharminus}}, \isa{min} and \isa{max}. Technically, this is |
82 \isa{{\isacharplus}}, \isa{{\isacharminus}}, \isa{min} and \isa{max}. |
79 known as the class of (quantifier free) \textbf{linear arithmetic} formulae. |
|
80 For example,% |
83 For example,% |
81 \end{isamarkuptext}% |
84 \end{isamarkuptext}% |
82 \isacommand{lemma}\ {\isachardoublequote}min\ i\ {\isacharparenleft}max\ j\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ max\ {\isacharparenleft}min\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}\ i{\isacharparenright}\ {\isacharparenleft}min\ i\ {\isacharparenleft}j{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isanewline |
85 \isacommand{lemma}\ {\isachardoublequote}min\ i\ {\isacharparenleft}max\ j\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}{\isacharparenright}\ {\isacharequal}\ max\ {\isacharparenleft}min\ {\isacharparenleft}k{\isacharasterisk}k{\isacharparenright}\ i{\isacharparenright}\ {\isacharparenleft}min\ i\ {\isacharparenleft}j{\isacharcolon}{\isacharcolon}nat{\isacharparenright}{\isacharparenright}{\isachardoublequote}\isanewline |
83 \isacommand{apply}{\isacharparenleft}arith{\isacharparenright}% |
86 \isacommand{apply}{\isacharparenleft}arith{\isacharparenright}% |
84 \begin{isamarkuptext}% |
87 \begin{isamarkuptext}% |
86 succeeds because \isa{k\ {\isacharasterisk}\ k} can be treated as atomic. In contrast,% |
89 succeeds because \isa{k\ {\isacharasterisk}\ k} can be treated as atomic. In contrast,% |
87 \end{isamarkuptext}% |
90 \end{isamarkuptext}% |
88 \isacommand{lemma}\ {\isachardoublequote}n{\isacharasterisk}n\ {\isacharequal}\ n\ {\isasymLongrightarrow}\ n{\isacharequal}{\isadigit{0}}\ {\isasymor}\ n{\isacharequal}{\isadigit{1}}{\isachardoublequote}% |
91 \isacommand{lemma}\ {\isachardoublequote}n{\isacharasterisk}n\ {\isacharequal}\ n\ {\isasymLongrightarrow}\ n{\isacharequal}{\isadigit{0}}\ {\isasymor}\ n{\isacharequal}{\isadigit{1}}{\isachardoublequote}% |
89 \begin{isamarkuptext}% |
92 \begin{isamarkuptext}% |
90 \noindent |
93 \noindent |
91 is not even proved by \isa{arith} because the proof relies essentially |
94 is not proved even by \isa{arith} because the proof relies |
92 on properties of multiplication. |
95 on properties of multiplication. |
93 |
96 |
94 \begin{warn} |
97 \begin{warn} |
95 The running time of \isa{arith} is exponential in the number of occurrences |
98 The running time of \isa{arith} is exponential in the number of occurrences |
96 of \ttindexboldpos{-}{$HOL2arithfun}, \cdx{min} and |
99 of \ttindexboldpos{-}{$HOL2arithfun}, \cdx{min} and |
97 \cdx{max} because they are first eliminated by case distinctions. |
100 \cdx{max} because they are first eliminated by case distinctions. |
98 |
101 |
99 \isa{arith} is incomplete even for the restricted class of |
102 Even for linear arithmetic formulae, \isa{arith} is incomplete. If divisibility plays a |
100 linear arithmetic formulae. If divisibility plays a |
|
101 role, it may fail to prove a valid formula, for example |
103 role, it may fail to prove a valid formula, for example |
102 \isa{m\ {\isacharplus}\ m\ {\isasymnoteq}\ n\ {\isacharplus}\ n\ {\isacharplus}\ {\isadigit{1}}}. Fortunately, such examples are rare in practice. |
104 \isa{m\ {\isacharplus}\ m\ {\isasymnoteq}\ n\ {\isacharplus}\ n\ {\isacharplus}\ {\isadigit{1}}}. Fortunately, such examples are rare. |
103 \end{warn}% |
105 \end{warn}% |
104 \end{isamarkuptext}% |
106 \end{isamarkuptext}% |
105 \end{isabellebody}% |
107 \end{isabellebody}% |
106 %%% Local Variables: |
108 %%% Local Variables: |
107 %%% mode: latex |
109 %%% mode: latex |