Email Gateway (Aug 19 2022 at 14:52): Email Gateway (Aug 19 2022 at 14:52):From: Eddy Westbrook <westbrook@kestrel.edu>
Hi,
I was wondering if someone could help me figure out an easy way to prove termination for functions over ordinal-like datatypes. What I mean by this is datatypes T where one of the constructors for T takes a function that returns type T. The classic one is the ordinals:
datatype ord
= Zero
| Succ ord
| Limit "(nat => ord)”
My question is, what is the easiest and best way to write termination proofs for recursive functions over the type ord? Are there some mechanisms already available, or do I have to define my own inductive proposition or something similar? It looks like all the default mechanisms for proving termination rely on types that satisfy “size”, which ord does not because of the Limit constructor.
For example, I want to define functions like these, which should be terminating:
function ord_plus :: "ord => ord => ord"
where
"ord_plus x Zero = x"
| "ord_plus x (Succ y) = Succ (ord_plus x y)"
| "ord_plus x (Limit f) = Limit (\<lambda> n . ord_plus x (f n))"
by pat_completeness auto
function ord_leq :: "ord ⇒ ord ⇒ bool"
where
"ord_leq Zero x = True"
| "ord_leq (Succ x) Zero = False"
| "ord_leq (Succ x) (Succ y) = ord_leq x y"
| "ord_leq (Succ x) (Limit f) = (\<exists> n. ord_leq (Succ x) (f n))"
| "ord_leq (Limit f) y = (\<forall>n . ord_leq (f n) y)"
by pat_completeness auto
Thanks very much for any help or suggestions.
-Eddy
Email Gateway (Aug 19 2022 at 14:52):From: René Thiemann <rene.thiemann@uibk.ac.at>
Dear Eddy,
In your case (recursion via "nat => _") it might be best to use primrec instead of fun/function:
primrec ord_plus :: "ord => ord => ord"
where
"ord_plus x Zero = x"
| "ord_plus x (Succ y) = Succ (ord_plus x y)"
| "ord_plus x (Limit f) = Limit (λ n . ord_plus x (f n))"
is accepted without having to prove anything.
Hope this helps,
René
Email Gateway (Aug 19 2022 at 14:52):From: Dmitriy Traytel <traytel@in.tum.de>
Hi Eddy,
as René said, I also would use primrec wherever possible. However, if
you are bound to function you can prove termination by defining a
subterm relation and prove that it is wellfounded:
definition "sub ≡ {(x, Succ x) | x. True} ∪ {(f n, Limit f) | n f. True}"
lemma subI[intro]:
"(x, Succ x) ∈ sub"
"(f n, Limit f) ∈ sub"
unfolding sub_def by blast+
lemma wf_sub[simp]: "wf sub"
proof (rule wfUNIVI)
fix P x
assume "∀x. (∀y. (y, x) ∈ sub ⟶ P y) ⟶ P x"
then show "P x" unfolding sub_def by (induct x) blast+
qed
Both of your functions can be then proved terminating via
termination by (relation "sub <lex> sub") auto
Dmitriy
Email Gateway (Aug 19 2022 at 14:52):From: Eddy Westbrook <westbrook@kestrel.edu>
Thanks so much for the replies; both were very helpful!
-Eddy
Last updated: Apr 19 2024 at 04:17 UTC