(*<*) theory natsum imports Main begin (*>*) text‹\noindent In particular, there are ‹case›-e
@{term[display]"case n of 0 => 0 | Suc m => m"}
primitive recursion, for example ›
primrec sum :: "nat ==> nat"where "sum 0 = 0" | "sum (Suc n) = Suc n + sum n"
text‹\noindent and induction, for example ›
lemma"sum n + sum n = n*(Suc n)" apply(induct_tac n) apply(auto) done
text‹\newcommand{\mystar}{*% } \index{arithmetic operations!for \protect\isa{nat}}% The arithmetic operations \isadxboldpos{+}{$HOL2arithfun}, \isadxboldpos{-}{$HOL2arithfun}, \isadxboldpos{\mystar}{$HOL2arithfun}, \sdx{div}, \sdx{mod}, \cdx{min} and \cdx{max} are predefined, as are the relations \isadxboldpos{\isasymle}{$HOL2arithrel} and \isadxboldpos{🚫$HOL2arithrel}. As usual, 🍋‹m-n = (0::nat)› i 🍋‹m🚫›. There is even a least number operation \sdx{LEAST}\@. For example, 🍋‹(LEAST n. 0 🚫) = Suc 0›. \begin{warn}\index{overloading}
The constants \cdx{0} and\cdx{1} and the operations \isadxboldpos{+}{$HOL2arithfun}, \isadxboldpos{-}{$HOL2arithfun}, \isadxboldpos{\mystar}{$HOL2arithfun}, \cdx{min}, \cdx{max}, \isadxboldpos{\isasymle}{$HOL2arithrel} and \isadxboldpos{<}{$HOL2arithrel} are overloaded: they are available
not just for natural numbers but for other types as well. For example, given the goal ‹x + 0 = x›, there is nothing to indicate
that you are talking about natural numbers. Hence Isabelle can only infer
that 🍋‹x›is of some arbitrary type where‹0›and‹+› are
declared. As a consequence, you will be unable to prove the
goal. To alert you to such pitfalls, Isabelle flags numerals without a
fixed type in its output: 🍋‹x+0 = x›. (In the absence of a numeral,
it may take you some time to realize what has happened if\pgmenu{Show Types} is not set). In this particular example, you need to include
an explicit type constraint, for example ‹x+0 = (x::nat)›. If there is enough contextual information this may not be necessary: 🍋‹Suc x = x› overloaded.
For details on overloading see \S\ref{sec:overloading}.
Table~\ref{tab:overloading} in the appendix shows the most important overloaded operations. \end{warn} \begin{warn}
The symbols \isadxboldpos{>}{$HOL2arithrel} and \isadxboldpos{\isasymge}{$HOL2arithrel} are merely syntax: ‹x > y›
stands for🍋‹y 🚫›and similary for‹≥›and ‹≤›. \end{warn} \begin{warn}
Constant ‹1::nat›is defined to equal 🍋‹Suc 0›. This definition
(see \S\ref{sec:ConstDefinitions}) is unfolded automatically by some
tactics (like ‹auto›, ‹simp›and‹arith›) but not by
others (especially the single step tactics inChapter~\ref{chap:rules}). If you need the full set of numerals, see~\S\ref{sec:numerals}. \emph{Novices are advised to stick to🍋‹0::nat›and🍋‹Suc›.} \end{warn}
Both ‹auto›and‹simp›
(a method introduced below, \S\ref{sec:Simplification}) prove
simple arithmetic goals automatically: ›
lemma"[¬ m < n; m < n + (1::nat) ]==> m = n" (*<*)by(auto)(*>*)
text‹\noindent For efficiency's sake, this built-in prover ignores quantified formulae, many logical connectives, and all arithmetic operations apart from addition. In consequence, ‹auto› a ›
lemma"m ≠ (n::nat) ==> m < n ∨ n < m" (*<*)by(arith)(*>*)
text‹\noindent The method \methdx{arith} is more general. It attempts to prove the first subgoal provided it is a \textbf{linear arithmetic} formula. Such formulas may involve the usual logical connectives (‹¬›, ‹∧›, ‹∨›, ‹⟶›, ‹=›, ‹∀›, ‹∃›), the relations ‹=›, ‹≤›and‹🚫close>, and the operations ‹+›, ‹-›, 🍋‹min›and🍋‹max›. For example,›
lemma"min i (max j (k*k)) = max (min (k*k) i) (min i (j::nat))" apply(arith) (*<*)done(*>*)
text‹\noindent succeeds because 🍋‹k*k› c ›
lemma"n*n = n+1 ==> n=0" (*<*)oops(*>*)
text‹\noindent is not proved by ‹arith› b
on properties of multiplication. Only multiplication by numerals (which is
the same as iterated addition) is taken into account.
\begin{warn} The running time of ‹arith›is exponential in the number
of occurrences of \ttindexboldpos{-}{$HOL2arithfun}, \cdx{min} and \cdx{max} because they are first eliminated bycase distinctions.
If‹k›is a numeral, \sdx{div}~‹k›, \sdx{mod}~‹k›and ‹k›~\sdx{dvd} are also supported, where the former two are eliminated bycase distinctions, again blowing up the running time.
If the formula involves quantifiers, ‹arith› may take
super-exponential time and space. \end{warn} ›
(*<*) end (*>*)
Messung V0.5 in Prozent
¤ Dauer der Verarbeitung: 0.20 Sekunden
(vorverarbeitet am 2026-05-03)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
