# Theory Infinite_Set

Up to index of Isabelle/HOL/HOL-NSA

theory Infinite_Set
imports Main
(*  Title:      HOL/Library/Infinite_Set.thy
Author: Stephan Merz
*)

header {* Infinite Sets and Related Concepts *}

theory Infinite_Set
imports Main
begin

subsection "Infinite Sets"

text {*
Some elementary facts about infinite sets, mostly by Stefan Merz.
Beware! Because "infinite" merely abbreviates a negation, these
lemmas may not work well with @{text "blast"}.
*}

abbreviation
infinite :: "'a set => bool" where
"infinite S == ¬ finite S"

text {*
Infinite sets are non-empty, and if we remove some elements from an
infinite set, the result is still infinite.
*}

lemma infinite_imp_nonempty: "infinite S ==> S ≠ {}"
by auto

lemma infinite_remove:
"infinite S ==> infinite (S - {a})"
by simp

lemma Diff_infinite_finite:
assumes T: "finite T" and S: "infinite S"
shows "infinite (S - T)"
using T
proof induct
from S
show "infinite (S - {})" by auto
next
fix T x
assume ih: "infinite (S - T)"
have "S - (insert x T) = (S - T) - {x}"
by (rule Diff_insert)
with ih
show "infinite (S - (insert x T))"
qed

lemma Un_infinite: "infinite S ==> infinite (S ∪ T)"
by simp

lemma infinite_Un: "infinite (S ∪ T) <-> infinite S ∨ infinite T"
by simp

lemma infinite_super:
assumes T: "S ⊆ T" and S: "infinite S"
shows "infinite T"
proof
assume "finite T"
with T have "finite S" by (simp add: finite_subset)
with S show False by simp
qed

text {*
As a concrete example, we prove that the set of natural numbers is
infinite.
*}

lemma finite_nat_bounded:
assumes S: "finite (S::nat set)"
shows "∃k. S ⊆ {..<k}" (is "∃k. ?bounded S k")
using S
proof induct
have "?bounded {} 0" by simp
then show "∃k. ?bounded {} k" ..
next
fix S x
assume "∃k. ?bounded S k"
then obtain k where k: "?bounded S k" ..
show "∃k. ?bounded (insert x S) k"
proof (cases "x < k")
case True
with k show ?thesis by auto
next
case False
with k have "?bounded S (Suc x)" by auto
then show ?thesis by auto
qed
qed

lemma finite_nat_iff_bounded:
"finite (S::nat set) = (∃k. S ⊆ {..<k})" (is "?lhs = ?rhs")
proof
assume ?lhs
then show ?rhs by (rule finite_nat_bounded)
next
assume ?rhs
then obtain k where "S ⊆ {..<k}" ..
then show "finite S"
by (rule finite_subset) simp
qed

lemma finite_nat_iff_bounded_le:
"finite (S::nat set) = (∃k. S ⊆ {..k})" (is "?lhs = ?rhs")
proof
assume ?lhs
then obtain k where "S ⊆ {..<k}"
by (blast dest: finite_nat_bounded)
then have "S ⊆ {..k}" by auto
then show ?rhs ..
next
assume ?rhs
then obtain k where "S ⊆ {..k}" ..
then show "finite S"
by (rule finite_subset) simp
qed

lemma infinite_nat_iff_unbounded:
"infinite (S::nat set) = (∀m. ∃n. m<n ∧ n∈S)"
(is "?lhs = ?rhs")
proof
assume ?lhs
show ?rhs
proof (rule ccontr)
assume "¬ ?rhs"
then obtain m where m: "∀n. m<n --> n∉S" by blast
then have "S ⊆ {..m}"
by (auto simp add: sym [OF linorder_not_less])
with `?lhs` show False
qed
next
assume ?rhs
show ?lhs
proof
assume "finite S"
then obtain m where "S ⊆ {..m}"
then have "∀n. m<n --> n∉S" by auto
with `?rhs` show False by blast
qed
qed

lemma infinite_nat_iff_unbounded_le:
"infinite (S::nat set) = (∀m. ∃n. m≤n ∧ n∈S)"
(is "?lhs = ?rhs")
proof
assume ?lhs
show ?rhs
proof
fix m
from `?lhs` obtain n where "m<n ∧ n∈S"
then have "m≤n ∧ n∈S" by simp
then show "∃n. m ≤ n ∧ n ∈ S" ..
qed
next
assume ?rhs
show ?lhs
fix m
from `?rhs` obtain n where "Suc m ≤ n ∧ n∈S"
by blast
then have "m<n ∧ n∈S" by simp
then show "∃n. m < n ∧ n ∈ S" ..
qed
qed

text {*
For a set of natural numbers to be infinite, it is enough to know
that for any number larger than some @{text k}, there is some larger
number that is an element of the set.
*}

lemma unbounded_k_infinite:
assumes k: "∀m. k<m --> (∃n. m<n ∧ n∈S)"
shows "infinite (S::nat set)"
proof -
{
fix m have "∃n. m<n ∧ n∈S"
proof (cases "k<m")
case True
with k show ?thesis by blast
next
case False
from k obtain n where "Suc k < n ∧ n∈S" by auto
with False have "m<n ∧ n∈S" by auto
then show ?thesis ..
qed
}
then show ?thesis
qed

(* duplicates Finite_Set.infinite_UNIV_nat *)
lemma nat_infinite: "infinite (UNIV :: nat set)"

lemma nat_not_finite: "finite (UNIV::nat set) ==> R"
by simp

text {*
Every infinite set contains a countable subset. More precisely we
show that a set @{text S} is infinite if and only if there exists an
injective function from the naturals into @{text S}.
*}

lemma range_inj_infinite:
"inj (f::nat => 'a) ==> infinite (range f)"
proof
assume "finite (range f)" and "inj f"
then have "finite (UNIV::nat set)"
by (rule finite_imageD)
then show False by simp
qed

lemma int_infinite [simp]:
shows "infinite (UNIV::int set)"
proof -
from inj_int have "infinite (range int)" by (rule range_inj_infinite)
moreover
have "range int ⊆ (UNIV::int set)" by simp
ultimately show "infinite (UNIV::int set)" by (simp add: infinite_super)
qed

text {*
The ``only if'' direction is harder because it requires the
construction of a sequence of pairwise different elements of an
infinite set @{text S}. The idea is to construct a sequence of
non-empty and infinite subsets of @{text S} obtained by successively
removing elements of @{text S}.
*}

lemma linorder_injI:
assumes hyp: "!!x y. x < (y::'a::linorder) ==> f x ≠ f y"
shows "inj f"
proof (rule inj_onI)
fix x y
assume f_eq: "f x = f y"
show "x = y"
proof (rule linorder_cases)
assume "x < y"
with hyp have "f x ≠ f y" by blast
with f_eq show ?thesis by simp
next
assume "x = y"
then show ?thesis .
next
assume "y < x"
with hyp have "f y ≠ f x" by blast
with f_eq show ?thesis by simp
qed
qed

lemma infinite_countable_subset:
assumes inf: "infinite (S::'a set)"
shows "∃f. inj (f::nat => 'a) ∧ range f ⊆ S"
proof -
def Sseq "nat_rec S (λn T. T - {SOME e. e ∈ T})"
def pick "λn. (SOME e. e ∈ Sseq n)"
have Sseq_inf: "!!n. infinite (Sseq n)"
proof -
fix n
show "infinite (Sseq n)"
proof (induct n)
from inf show "infinite (Sseq 0)"
next
fix n
assume "infinite (Sseq n)" then show "infinite (Sseq (Suc n))"
qed
qed
have Sseq_S: "!!n. Sseq n ⊆ S"
proof -
fix n
show "Sseq n ⊆ S"
by (induct n) (auto simp add: Sseq_def)
qed
have Sseq_pick: "!!n. pick n ∈ Sseq n"
proof -
fix n
show "pick n ∈ Sseq n"
proof (unfold pick_def, rule someI_ex)
from Sseq_inf have "infinite (Sseq n)" .
then have "Sseq n ≠ {}" by auto
then show "∃x. x ∈ Sseq n" by auto
qed
qed
with Sseq_S have rng: "range pick ⊆ S"
by auto
have pick_Sseq_gt: "!!n m. pick n ∉ Sseq (n + Suc m)"
proof -
fix n m
show "pick n ∉ Sseq (n + Suc m)"
by (induct m) (auto simp add: Sseq_def pick_def)
qed
have pick_pick: "!!n m. pick n ≠ pick (n + Suc m)"
proof -
fix n m
from Sseq_pick have "pick (n + Suc m) ∈ Sseq (n + Suc m)" .
moreover from pick_Sseq_gt
have "pick n ∉ Sseq (n + Suc m)" .
ultimately show "pick n ≠ pick (n + Suc m)"
by auto
qed
have inj: "inj pick"
proof (rule linorder_injI)
fix i j :: nat
assume "i < j"
show "pick i ≠ pick j"
proof
assume eq: "pick i = pick j"
from `i < j` obtain k where "j = i + Suc k"
with pick_pick have "pick i ≠ pick j" by simp
with eq show False by simp
qed
qed
from rng inj show ?thesis by auto
qed

lemma infinite_iff_countable_subset:
"infinite S = (∃f. inj (f::nat => 'a) ∧ range f ⊆ S)"
by (auto simp add: infinite_countable_subset range_inj_infinite infinite_super)

text {*
For any function with infinite domain and finite range there is some
element that is the image of infinitely many domain elements. In
particular, any infinite sequence of elements from a finite set
contains some element that occurs infinitely often.
*}

lemma inf_img_fin_dom:
assumes img: "finite (f`A)" and dom: "infinite A"
shows "∃y ∈ f`A. infinite (f -` {y})"
proof (rule ccontr)
assume "¬ ?thesis"
with img have "finite (UN y:f`A. f -` {y})" by blast
moreover have "A ⊆ (UN y:f`A. f -` {y})" by auto
moreover note dom
ultimately show False by (simp add: infinite_super)
qed

lemma inf_img_fin_domE:
assumes "finite (f`A)" and "infinite A"
obtains y where "y ∈ f`A" and "infinite (f -` {y})"
using assms by (blast dest: inf_img_fin_dom)

subsection "Infinitely Many and Almost All"

text {*
We often need to reason about the existence of infinitely many
(resp., all but finitely many) objects satisfying some predicate, so
we introduce corresponding binders and their proof rules.
*}

definition
Inf_many :: "('a => bool) => bool" (binder "INFM " 10) where
"Inf_many P = infinite {x. P x}"

definition
Alm_all :: "('a => bool) => bool" (binder "MOST " 10) where
"Alm_all P = (¬ (INFM x. ¬ P x))"

notation (xsymbols)
Inf_many (binder "∃" 10) and
Alm_all (binder "∀" 10)

notation (HTML output)
Inf_many (binder "∃" 10) and
Alm_all (binder "∀" 10)

lemma INFM_iff_infinite: "(INFM x. P x) <-> infinite {x. P x}"
unfolding Inf_many_def ..

lemma MOST_iff_cofinite: "(MOST x. P x) <-> finite {x. ¬ P x}"
unfolding Alm_all_def Inf_many_def by simp

(* legacy name *)
lemmas MOST_iff_finiteNeg = MOST_iff_cofinite

lemma not_INFM [simp]: "¬ (INFM x. P x) <-> (MOST x. ¬ P x)"
unfolding Alm_all_def not_not ..

lemma not_MOST [simp]: "¬ (MOST x. P x) <-> (INFM x. ¬ P x)"
unfolding Alm_all_def not_not ..

lemma INFM_const [simp]: "(INFM x::'a. P) <-> P ∧ infinite (UNIV::'a set)"
unfolding Inf_many_def by simp

lemma MOST_const [simp]: "(MOST x::'a. P) <-> P ∨ finite (UNIV::'a set)"
unfolding Alm_all_def by simp

lemma INFM_EX: "(∃x. P x) ==> (∃x. P x)"
by (erule contrapos_pp, simp)

lemma ALL_MOST: "∀x. P x ==> ∀x. P x"
by simp

lemma INFM_E: assumes "INFM x. P x" obtains x where "P x"
using INFM_EX [OF assms] by (rule exE)

lemma MOST_I: assumes "!!x. P x" shows "MOST x. P x"
using assms by simp

lemma INFM_mono:
assumes inf: "∃x. P x" and q: "!!x. P x ==> Q x"
shows "∃x. Q x"
proof -
from inf have "infinite {x. P x}" unfolding Inf_many_def .
moreover from q have "{x. P x} ⊆ {x. Q x}" by auto
ultimately show ?thesis
qed

lemma MOST_mono: "∀x. P x ==> (!!x. P x ==> Q x) ==> ∀x. Q x"
unfolding Alm_all_def by (blast intro: INFM_mono)

lemma INFM_disj_distrib:
"(∃x. P x ∨ Q x) <-> (∃x. P x) ∨ (∃x. Q x)"
unfolding Inf_many_def by (simp add: Collect_disj_eq)

lemma INFM_imp_distrib:
"(INFM x. P x --> Q x) <-> ((MOST x. P x) --> (INFM x. Q x))"
by (simp only: imp_conv_disj INFM_disj_distrib not_MOST)

lemma MOST_conj_distrib:
"(∀x. P x ∧ Q x) <-> (∀x. P x) ∧ (∀x. Q x)"
unfolding Alm_all_def by (simp add: INFM_disj_distrib del: disj_not1)

lemma MOST_conjI:
"MOST x. P x ==> MOST x. Q x ==> MOST x. P x ∧ Q x"

lemma INFM_conjI:
"INFM x. P x ==> MOST x. Q x ==> INFM x. P x ∧ Q x"
unfolding MOST_iff_cofinite INFM_iff_infinite
apply (drule (1) Diff_infinite_finite)
done

lemma MOST_rev_mp:
assumes "∀x. P x" and "∀x. P x --> Q x"
shows "∀x. Q x"
proof -
have "∀x. P x ∧ (P x --> Q x)"
using assms by (rule MOST_conjI)
thus ?thesis by (rule MOST_mono) simp
qed

lemma MOST_imp_iff:
assumes "MOST x. P x"
shows "(MOST x. P x --> Q x) <-> (MOST x. Q x)"
proof
assume "MOST x. P x --> Q x"
with assms show "MOST x. Q x" by (rule MOST_rev_mp)
next
assume "MOST x. Q x"
then show "MOST x. P x --> Q x" by (rule MOST_mono) simp
qed

lemma INFM_MOST_simps [simp]:
"!!P Q. (INFM x. P x ∧ Q) <-> (INFM x. P x) ∧ Q"
"!!P Q. (INFM x. P ∧ Q x) <-> P ∧ (INFM x. Q x)"
"!!P Q. (MOST x. P x ∨ Q) <-> (MOST x. P x) ∨ Q"
"!!P Q. (MOST x. P ∨ Q x) <-> P ∨ (MOST x. Q x)"
"!!P Q. (MOST x. P x --> Q) <-> ((INFM x. P x) --> Q)"
"!!P Q. (MOST x. P --> Q x) <-> (P --> (MOST x. Q x))"
unfolding Alm_all_def Inf_many_def

text {* Properties of quantifiers with injective functions. *}

lemma INFM_inj:
"INFM x. P (f x) ==> inj f ==> INFM x. P x"
unfolding INFM_iff_infinite
by (clarify, drule (1) finite_vimageI, simp)

lemma MOST_inj:
"MOST x. P x ==> inj f ==> MOST x. P (f x)"
unfolding MOST_iff_cofinite
by (drule (1) finite_vimageI, simp)

text {* Properties of quantifiers with singletons. *}

lemma not_INFM_eq [simp]:
"¬ (INFM x. x = a)"
"¬ (INFM x. a = x)"
unfolding INFM_iff_infinite by simp_all

lemma MOST_neq [simp]:
"MOST x. x ≠ a"
"MOST x. a ≠ x"
unfolding MOST_iff_cofinite by simp_all

lemma INFM_neq [simp]:
"(INFM x::'a. x ≠ a) <-> infinite (UNIV::'a set)"
"(INFM x::'a. a ≠ x) <-> infinite (UNIV::'a set)"
unfolding INFM_iff_infinite by simp_all

lemma MOST_eq [simp]:
"(MOST x::'a. x = a) <-> finite (UNIV::'a set)"
"(MOST x::'a. a = x) <-> finite (UNIV::'a set)"
unfolding MOST_iff_cofinite by simp_all

lemma MOST_eq_imp:
"MOST x. x = a --> P x"
"MOST x. a = x --> P x"
unfolding MOST_iff_cofinite by simp_all

text {* Properties of quantifiers over the naturals. *}

lemma INFM_nat: "(∃n. P (n::nat)) = (∀m. ∃n. m<n ∧ P n)"

lemma INFM_nat_le: "(∃n. P (n::nat)) = (∀m. ∃n. m≤n ∧ P n)"

lemma MOST_nat: "(∀n. P (n::nat)) = (∃m. ∀n. m<n --> P n)"

lemma MOST_nat_le: "(∀n. P (n::nat)) = (∃m. ∀n. m≤n --> P n)"

subsection "Enumeration of an Infinite Set"

text {*
The set's element type must be wellordered (e.g. the natural numbers).
*}

primrec (in wellorder) enumerate :: "'a set => nat => 'a" where
enumerate_0: "enumerate S 0 = (LEAST n. n ∈ S)"
| enumerate_Suc: "enumerate S (Suc n) = enumerate (S - {LEAST n. n ∈ S}) n"

lemma enumerate_Suc':
"enumerate S (Suc n) = enumerate (S - {enumerate S 0}) n"
by simp

lemma enumerate_in_set: "infinite S ==> enumerate S n : S"
apply (induct n arbitrary: S)
apply (fastforce intro: LeastI dest!: infinite_imp_nonempty)
apply simp
apply (metis DiffE infinite_remove)
done

declare enumerate_0 [simp del] enumerate_Suc [simp del]

lemma enumerate_step: "infinite S ==> enumerate S n < enumerate S (Suc n)"
apply (induct n arbitrary: S)
apply (rule order_le_neq_trans)
apply (simp add: enumerate_0 Least_le enumerate_in_set)
apply (simp only: enumerate_Suc')
apply (subgoal_tac "enumerate (S - {enumerate S 0}) 0 : S - {enumerate S 0}")
apply (blast intro: sym)
apply (simp add: enumerate_in_set del: Diff_iff)
done

lemma enumerate_mono: "m<n ==> infinite S ==> enumerate S m < enumerate S n"
apply (erule less_Suc_induct)
apply (auto intro: enumerate_step)
done

lemma le_enumerate:
assumes S: "infinite S"
shows "n ≤ enumerate S n"
using S
proof (induct n)
case (Suc n)
then have "n ≤ enumerate S n" by simp
also note enumerate_mono[of n "Suc n", OF _ `infinite S`]
finally show ?case by simp
qed simp

lemma enumerate_Suc'':
fixes S :: "'a::wellorder set"
shows "infinite S ==> enumerate S (Suc n) = (LEAST s. s ∈ S ∧ enumerate S n < s)"
proof (induct n arbitrary: S)
case 0
then have "∀s∈S. enumerate S 0 ≤ s"
by (auto simp: enumerate.simps intro: Least_le)
then show ?case
unfolding enumerate_Suc' enumerate_0[of "S - {enumerate S 0}"]
by (intro arg_cong[where f=Least] ext) auto
next
case (Suc n S)
show ?case
using enumerate_mono[OF zero_less_Suc `infinite S`, of n] `infinite S`
apply (subst (1 2) enumerate_Suc')
apply (subst Suc)
apply (insert `infinite S`, simp)
by (intro arg_cong[where f=Least] ext)
(auto simp: enumerate_Suc'[symmetric])
qed

lemma enumerate_Ex:
assumes S: "infinite (S::nat set)"
shows "s ∈ S ==> ∃n. enumerate S n = s"
proof (induct s rule: less_induct)
case (less s)
show ?case
proof cases
let ?y = "Max {s'∈S. s' < s}"
assume "∃y∈S. y < s"
then have y: "!!x. ?y < x <-> (∀s'∈S. s' < s --> s' < x)" by (subst Max_less_iff) auto
then have y_in: "?y ∈ {s'∈S. s' < s}" by (intro Max_in) auto
with less.hyps[of ?y] obtain n where "enumerate S n = ?y" by auto
with S have "enumerate S (Suc n) = s"
by (auto simp: y less enumerate_Suc'' intro!: Least_equality)
then show ?case by auto
next
assume *: "¬ (∃y∈S. y < s)"
then have "∀t∈S. s ≤ t" by auto
with `s ∈ S` show ?thesis
by (auto intro!: exI[of _ 0] Least_equality simp: enumerate_0)
qed
qed

lemma bij_enumerate:
fixes S :: "nat set"
assumes S: "infinite S"
shows "bij_betw (enumerate S) UNIV S"
proof -
have "!!n m. n ≠ m ==> enumerate S n ≠ enumerate S m"
using enumerate_mono[OF _ `infinite S`] by (auto simp: neq_iff)
then have "inj (enumerate S)"
by (auto simp: inj_on_def)
moreover have "∀s∈S. ∃i. enumerate S i = s"
using enumerate_Ex[OF S] by auto
moreover note `infinite S`
ultimately show ?thesis
unfolding bij_betw_def by (auto intro: enumerate_in_set)
qed

subsection "Miscellaneous"

text {*
A few trivial lemmas about sets that contain at most one element.
These simplify the reasoning about deterministic automata.
*}

definition
atmost_one :: "'a set => bool" where
"atmost_one S = (∀x y. x∈S ∧ y∈S --> x=y)"

lemma atmost_one_empty: "S = {} ==> atmost_one S"