equal
deleted
inserted
replaced
47 |
47 |
48 text{* |
48 text{* |
49 \index{recursion!guarded}% |
49 \index{recursion!guarded}% |
50 Neither \isacommand{primrec} nor \isacommand{recdef} allow to |
50 Neither \isacommand{primrec} nor \isacommand{recdef} allow to |
51 prefix an equation with a condition in the way ordinary definitions do |
51 prefix an equation with a condition in the way ordinary definitions do |
52 (see @{term minus} above). Instead we have to move the condition over |
52 (see @{const minus} above). Instead we have to move the condition over |
53 to the right-hand side of the equation. Given a partial function $f$ |
53 to the right-hand side of the equation. Given a partial function $f$ |
54 that should satisfy the recursion equation $f(x) = t$ over its domain |
54 that should satisfy the recursion equation $f(x) = t$ over its domain |
55 $dom(f)$, we turn this into the \isacommand{recdef} |
55 $dom(f)$, we turn this into the \isacommand{recdef} |
56 @{prop[display]"f(x) = (if x \<in> dom(f) then t else arbitrary)"} |
56 @{prop[display]"f(x) = (if x \<in> dom(f) then t else arbitrary)"} |
57 where @{term arbitrary} is a predeclared constant of type @{typ 'a} |
57 where @{term arbitrary} is a predeclared constant of type @{typ 'a} |
115 @{thm[display]wf_same_fst[no_vars]} |
115 @{thm[display]wf_same_fst[no_vars]} |
116 is known to the well-foundedness prover of \isacommand{recdef}. Thus |
116 is known to the well-foundedness prover of \isacommand{recdef}. Thus |
117 well-foundedness of the relation given to \isacommand{recdef} is immediate. |
117 well-foundedness of the relation given to \isacommand{recdef} is immediate. |
118 Furthermore, each recursive call descends along that relation: the first |
118 Furthermore, each recursive call descends along that relation: the first |
119 argument stays unchanged and the second one descends along @{term"step1 |
119 argument stays unchanged and the second one descends along @{term"step1 |
120 f"}. The proof requires unfolding the definition of @{term step1}, |
120 f"}. The proof requires unfolding the definition of @{const step1}, |
121 as specified in the \isacommand{hints} above. |
121 as specified in the \isacommand{hints} above. |
122 |
122 |
123 Normally you will then derive the following conditional variant from |
123 Normally you will then derive the following conditional variant from |
124 the recursion equation: |
124 the recursion equation: |
125 *} |
125 *} |
155 That is, @{term"while b c s"} is equivalent to the imperative program |
155 That is, @{term"while b c s"} is equivalent to the imperative program |
156 \begin{verbatim} |
156 \begin{verbatim} |
157 x := s; while b(x) do x := c(x); return x |
157 x := s; while b(x) do x := c(x); return x |
158 \end{verbatim} |
158 \end{verbatim} |
159 In general, @{term s} will be a tuple or record. As an example |
159 In general, @{term s} will be a tuple or record. As an example |
160 consider the following definition of function @{term find}: |
160 consider the following definition of function @{const find}: |
161 *} |
161 *} |
162 |
162 |
163 constdefs find2 :: "('a \<Rightarrow> 'a) \<Rightarrow> 'a \<Rightarrow> 'a" |
163 constdefs find2 :: "('a \<Rightarrow> 'a) \<Rightarrow> 'a \<Rightarrow> 'a" |
164 "find2 f x \<equiv> |
164 "find2 f x \<equiv> |
165 fst(while (\<lambda>(x,x'). x' \<noteq> x) (\<lambda>(x,x'). (x',f x')) (x,f x))" |
165 fst(while (\<lambda>(x,x'). x' \<noteq> x) (\<lambda>(x,x'). (x',f x')) (x,f x))" |
179 the initial state @{term s} and invariant under @{term c} (premises 1 |
179 the initial state @{term s} and invariant under @{term c} (premises 1 |
180 and~2). The post-condition @{term Q} must become true when leaving the loop |
180 and~2). The post-condition @{term Q} must become true when leaving the loop |
181 (premise~3). And each loop iteration must descend along a well-founded |
181 (premise~3). And each loop iteration must descend along a well-founded |
182 relation @{term r} (premises 4 and~5). |
182 relation @{term r} (premises 4 and~5). |
183 |
183 |
184 Let us now prove that @{term find2} does indeed find a fixed point. Instead |
184 Let us now prove that @{const find2} does indeed find a fixed point. Instead |
185 of induction we apply the above while rule, suitably instantiated. |
185 of induction we apply the above while rule, suitably instantiated. |
186 Only the final premise of @{thm[source]while_rule} is left unproved |
186 Only the final premise of @{thm[source]while_rule} is left unproved |
187 by @{text auto} but falls to @{text simp}: |
187 by @{text auto} but falls to @{text simp}: |
188 *} |
188 *} |
189 |
189 |