src/HOL/Library/Ramsey.thy
author nipkow
Thu Nov 25 14:35:52 2010 +0100 (2010-11-25)
changeset 40695 1b2573c3b222
parent 40077 c8a9eaaa2f59
child 44890 22f665a2e91c
permissions -rw-r--r--
Added the simplest finite Ramsey theorem
paulson@19944
     1
(*  Title:      HOL/Library/Ramsey.thy
wenzelm@32960
     2
    Author:     Tom Ridge.  Converted to structured Isar by L C Paulson
paulson@19944
     3
*)
paulson@19944
     4
paulson@19944
     5
header "Ramsey's Theorem"
paulson@19944
     6
haftmann@25594
     7
theory Ramsey
haftmann@30738
     8
imports Main Infinite_Set
haftmann@25594
     9
begin
paulson@19944
    10
nipkow@40695
    11
subsection{* Finite Ramsey theorem(s) *}
nipkow@40695
    12
nipkow@40695
    13
text{* To distinguish the finite and infinite ones, lower and upper case
nipkow@40695
    14
names are used.
nipkow@40695
    15
nipkow@40695
    16
This is the most basic version in terms of cliques and independent
nipkow@40695
    17
sets, i.e. the version for graphs and 2 colours. *}
nipkow@40695
    18
nipkow@40695
    19
definition "clique V E = (\<forall>v\<in>V. \<forall>w\<in>V. v\<noteq>w \<longrightarrow> {v,w} : E)"
nipkow@40695
    20
definition "indep V E = (\<forall>v\<in>V. \<forall>w\<in>V. v\<noteq>w \<longrightarrow> \<not> {v,w} : E)"
nipkow@40695
    21
nipkow@40695
    22
lemma ramsey2:
nipkow@40695
    23
  "\<exists>r\<ge>1. \<forall> (V::'a set) (E::'a set set). finite V \<and> card V \<ge> r \<longrightarrow>
nipkow@40695
    24
  (\<exists> R \<subseteq> V. card R = m \<and> clique R E \<or> card R = n \<and> indep R E)"
nipkow@40695
    25
  (is "\<exists>r\<ge>1. ?R m n r")
nipkow@40695
    26
proof(induct k == "m+n" arbitrary: m n)
nipkow@40695
    27
  case 0
nipkow@40695
    28
  show ?case (is "EX r. ?R r")
nipkow@40695
    29
  proof
nipkow@40695
    30
    show "?R 1" using 0
nipkow@40695
    31
      by (clarsimp simp: indep_def)(metis card.empty emptyE empty_subsetI)
nipkow@40695
    32
  qed
nipkow@40695
    33
next
nipkow@40695
    34
  case (Suc k)
nipkow@40695
    35
  { assume "m=0"
nipkow@40695
    36
    have ?case (is "EX r. ?R r")
nipkow@40695
    37
    proof
nipkow@40695
    38
      show "?R 1" using `m=0`
nipkow@40695
    39
        by (simp add:clique_def)(metis card.empty emptyE empty_subsetI)
nipkow@40695
    40
    qed
nipkow@40695
    41
  } moreover
nipkow@40695
    42
  { assume "n=0"
nipkow@40695
    43
    have ?case (is "EX r. ?R r")
nipkow@40695
    44
    proof
nipkow@40695
    45
      show "?R 1" using `n=0`
nipkow@40695
    46
        by (simp add:indep_def)(metis card.empty emptyE empty_subsetI)
nipkow@40695
    47
    qed
nipkow@40695
    48
  } moreover
nipkow@40695
    49
  { assume "m\<noteq>0" "n\<noteq>0"
nipkow@40695
    50
    hence "k = (m - 1) + n" "k = m + (n - 1)" using `Suc k = m+n` by auto
nipkow@40695
    51
    from Suc(1)[OF this(1)] Suc(1)[OF this(2)] 
nipkow@40695
    52
    obtain r1 r2 where "r1\<ge>1" "r2\<ge>1" "?R (m - 1) n r1" "?R m (n - 1) r2"
nipkow@40695
    53
      by auto
nipkow@40695
    54
    hence "r1+r2 \<ge> 1" by arith
nipkow@40695
    55
    moreover
nipkow@40695
    56
    have "?R m n (r1+r2)" (is "ALL V E. _ \<longrightarrow> ?EX V E m n")
nipkow@40695
    57
    proof clarify
nipkow@40695
    58
      fix V :: "'a set" and E :: "'a set set"
nipkow@40695
    59
      assume "finite V" "r1+r2 \<le> card V"
nipkow@40695
    60
      with `r1\<ge>1` have "V \<noteq> {}" by auto
nipkow@40695
    61
      then obtain v where "v : V" by blast
nipkow@40695
    62
      let ?M = "{w : V. w\<noteq>v & {v,w} : E}"
nipkow@40695
    63
      let ?N = "{w : V. w\<noteq>v & {v,w} ~: E}"
nipkow@40695
    64
      have "V = insert v (?M \<union> ?N)" using `v : V` by auto
nipkow@40695
    65
      hence "card V = card(insert v (?M \<union> ?N))" by metis
nipkow@40695
    66
      also have "\<dots> = card ?M + card ?N + 1" using `finite V`
nipkow@40695
    67
        by(fastsimp intro: card_Un_disjoint)
nipkow@40695
    68
      finally have "card V = card ?M + card ?N + 1" .
nipkow@40695
    69
      hence "r1+r2 \<le> card ?M + card ?N + 1" using `r1+r2 \<le> card V` by simp
nipkow@40695
    70
      hence "r1 \<le> card ?M \<or> r2 \<le> card ?N" by arith
nipkow@40695
    71
      moreover
nipkow@40695
    72
      { assume "r1 \<le> card ?M"
nipkow@40695
    73
        moreover have "finite ?M" using `finite V` by auto
nipkow@40695
    74
        ultimately have "?EX ?M E (m - 1) n" using `?R (m - 1) n r1` by blast
nipkow@40695
    75
        then obtain R where "R \<subseteq> ?M" "v ~: R" and
nipkow@40695
    76
          CI: "card R = m - 1 \<and> clique R E \<or>
nipkow@40695
    77
               card R = n \<and> indep R E" (is "?C \<or> ?I")
nipkow@40695
    78
          by blast
nipkow@40695
    79
        have "R <= V" using `R <= ?M` by auto
nipkow@40695
    80
        have "finite R" using `finite V` `R \<subseteq> V` by (metis finite_subset)
nipkow@40695
    81
        { assume "?I"
nipkow@40695
    82
          with `R <= V` have "?EX V E m n" by blast
nipkow@40695
    83
        } moreover
nipkow@40695
    84
        { assume "?C"
nipkow@40695
    85
          hence "clique (insert v R) E" using `R <= ?M`
nipkow@40695
    86
           by(auto simp:clique_def insert_commute)
nipkow@40695
    87
          moreover have "card(insert v R) = m"
nipkow@40695
    88
            using `?C` `finite R` `v ~: R` `m\<noteq>0` by simp
nipkow@40695
    89
          ultimately have "?EX V E m n" using `R <= V` `v : V` by blast
nipkow@40695
    90
        } ultimately have "?EX V E m n" using CI by blast
nipkow@40695
    91
      } moreover
nipkow@40695
    92
      { assume "r2 \<le> card ?N"
nipkow@40695
    93
        moreover have "finite ?N" using `finite V` by auto
nipkow@40695
    94
        ultimately have "?EX ?N E m (n - 1)" using `?R m (n - 1) r2` by blast
nipkow@40695
    95
        then obtain R where "R \<subseteq> ?N" "v ~: R" and
nipkow@40695
    96
          CI: "card R = m \<and> clique R E \<or>
nipkow@40695
    97
               card R = n - 1 \<and> indep R E" (is "?C \<or> ?I")
nipkow@40695
    98
          by blast
nipkow@40695
    99
        have "R <= V" using `R <= ?N` by auto
nipkow@40695
   100
        have "finite R" using `finite V` `R \<subseteq> V` by (metis finite_subset)
nipkow@40695
   101
        { assume "?C"
nipkow@40695
   102
          with `R <= V` have "?EX V E m n" by blast
nipkow@40695
   103
        } moreover
nipkow@40695
   104
        { assume "?I"
nipkow@40695
   105
          hence "indep (insert v R) E" using `R <= ?N`
nipkow@40695
   106
            by(auto simp:indep_def insert_commute)
nipkow@40695
   107
          moreover have "card(insert v R) = n"
nipkow@40695
   108
            using `?I` `finite R` `v ~: R` `n\<noteq>0` by simp
nipkow@40695
   109
          ultimately have "?EX V E m n" using `R <= V` `v : V` by blast
nipkow@40695
   110
        } ultimately have "?EX V E m n" using CI by blast
nipkow@40695
   111
      } ultimately show "?EX V E m n" by blast
nipkow@40695
   112
    qed
nipkow@40695
   113
    ultimately have ?case by blast
nipkow@40695
   114
  } ultimately show ?case by blast
nipkow@40695
   115
qed
nipkow@40695
   116
nipkow@40695
   117
wenzelm@22665
   118
subsection {* Preliminaries *}
paulson@19944
   119
wenzelm@22665
   120
subsubsection {* ``Axiom'' of Dependent Choice *}
paulson@19944
   121
haftmann@34941
   122
primrec choice :: "('a => bool) => ('a * 'a) set => nat => 'a" where
paulson@19944
   123
  --{*An integer-indexed chain of choices*}
haftmann@34941
   124
    choice_0:   "choice P r 0 = (SOME x. P x)"
haftmann@34941
   125
  | choice_Suc: "choice P r (Suc n) = (SOME y. P y & (choice P r n, y) \<in> r)"
paulson@19944
   126
paulson@19944
   127
lemma choice_n: 
paulson@19944
   128
  assumes P0: "P x0"
paulson@19944
   129
      and Pstep: "!!x. P x ==> \<exists>y. P y & (x,y) \<in> r"
paulson@19944
   130
  shows "P (choice P r n)"
wenzelm@19948
   131
proof (induct n)
wenzelm@19948
   132
  case 0 show ?case by (force intro: someI P0) 
wenzelm@19948
   133
next
wenzelm@19948
   134
  case Suc thus ?case by (auto intro: someI2_ex [OF Pstep]) 
wenzelm@19948
   135
qed
paulson@19944
   136
paulson@19944
   137
lemma dependent_choice: 
paulson@19944
   138
  assumes trans: "trans r"
paulson@19944
   139
      and P0: "P x0"
paulson@19944
   140
      and Pstep: "!!x. P x ==> \<exists>y. P y & (x,y) \<in> r"
paulson@19954
   141
  obtains f :: "nat => 'a" where
paulson@19954
   142
    "!!n. P (f n)" and "!!n m. n < m ==> (f n, f m) \<in> r"
paulson@19954
   143
proof
paulson@19954
   144
  fix n
paulson@19954
   145
  show "P (choice P r n)" by (blast intro: choice_n [OF P0 Pstep])
paulson@19944
   146
next
paulson@19944
   147
  have PSuc: "\<forall>n. (choice P r n, choice P r (Suc n)) \<in> r" 
paulson@19944
   148
    using Pstep [OF choice_n [OF P0 Pstep]]
paulson@19944
   149
    by (auto intro: someI2_ex)
paulson@19954
   150
  fix n m :: nat
paulson@19954
   151
  assume less: "n < m"
paulson@19954
   152
  show "(choice P r n, choice P r m) \<in> r" using PSuc
paulson@19954
   153
    by (auto intro: less_Suc_induct [OF less] transD [OF trans])
paulson@19954
   154
qed
paulson@19944
   155
paulson@19944
   156
wenzelm@22665
   157
subsubsection {* Partitions of a Set *}
paulson@19944
   158
wenzelm@19948
   159
definition
wenzelm@19948
   160
  part :: "nat => nat => 'a set => ('a set => nat) => bool"
paulson@19944
   161
  --{*the function @{term f} partitions the @{term r}-subsets of the typically
paulson@19944
   162
       infinite set @{term Y} into @{term s} distinct categories.*}
krauss@21634
   163
where
wenzelm@19948
   164
  "part r s Y f = (\<forall>X. X \<subseteq> Y & finite X & card X = r --> f X < s)"
paulson@19944
   165
paulson@19944
   166
text{*For induction, we decrease the value of @{term r} in partitions.*}
paulson@19944
   167
lemma part_Suc_imp_part:
paulson@19944
   168
     "[| infinite Y; part (Suc r) s Y f; y \<in> Y |] 
paulson@19944
   169
      ==> part r s (Y - {y}) (%u. f (insert y u))"
paulson@19944
   170
  apply(simp add: part_def, clarify)
paulson@19944
   171
  apply(drule_tac x="insert y X" in spec)
nipkow@24853
   172
  apply(force)
paulson@19944
   173
  done
paulson@19944
   174
paulson@19944
   175
lemma part_subset: "part r s YY f ==> Y \<subseteq> YY ==> part r s Y f" 
wenzelm@19948
   176
  unfolding part_def by blast
paulson@19944
   177
  
paulson@19944
   178
wenzelm@22665
   179
subsection {* Ramsey's Theorem: Infinitary Version *}
paulson@19944
   180
paulson@19954
   181
lemma Ramsey_induction: 
paulson@19954
   182
  fixes s and r::nat
paulson@19944
   183
  shows
paulson@19944
   184
  "!!(YY::'a set) (f::'a set => nat). 
paulson@19944
   185
      [|infinite YY; part r s YY f|]
paulson@19944
   186
      ==> \<exists>Y' t'. Y' \<subseteq> YY & infinite Y' & t' < s & 
paulson@19944
   187
                  (\<forall>X. X \<subseteq> Y' & finite X & card X = r --> f X = t')"
paulson@19944
   188
proof (induct r)
paulson@19944
   189
  case 0
nipkow@24853
   190
  thus ?case by (auto simp add: part_def card_eq_0_iff cong: conj_cong)
paulson@19944
   191
next
paulson@19944
   192
  case (Suc r) 
paulson@19944
   193
  show ?case
paulson@19944
   194
  proof -
paulson@19944
   195
    from Suc.prems infinite_imp_nonempty obtain yy where yy: "yy \<in> YY" by blast
paulson@19944
   196
    let ?ramr = "{((y,Y,t),(y',Y',t')). y' \<in> Y & Y' \<subseteq> Y}"
paulson@19944
   197
    let ?propr = "%(y,Y,t).     
wenzelm@32960
   198
                 y \<in> YY & y \<notin> Y & Y \<subseteq> YY & infinite Y & t < s
wenzelm@32960
   199
                 & (\<forall>X. X\<subseteq>Y & finite X & card X = r --> (f o insert y) X = t)"
paulson@19944
   200
    have infYY': "infinite (YY-{yy})" using Suc.prems by auto
paulson@19944
   201
    have partf': "part r s (YY - {yy}) (f \<circ> insert yy)"
paulson@19944
   202
      by (simp add: o_def part_Suc_imp_part yy Suc.prems)
paulson@19944
   203
    have transr: "trans ?ramr" by (force simp add: trans_def) 
paulson@19944
   204
    from Suc.hyps [OF infYY' partf']
paulson@19944
   205
    obtain Y0 and t0
paulson@19944
   206
    where "Y0 \<subseteq> YY - {yy}"  "infinite Y0"  "t0 < s"
paulson@19944
   207
          "\<forall>X. X\<subseteq>Y0 \<and> finite X \<and> card X = r \<longrightarrow> (f \<circ> insert yy) X = t0"
paulson@19944
   208
        by blast 
paulson@19944
   209
    with yy have propr0: "?propr(yy,Y0,t0)" by blast
paulson@19944
   210
    have proprstep: "\<And>x. ?propr x \<Longrightarrow> \<exists>y. ?propr y \<and> (x, y) \<in> ?ramr" 
paulson@19944
   211
    proof -
paulson@19944
   212
      fix x
paulson@19944
   213
      assume px: "?propr x" thus "?thesis x"
paulson@19944
   214
      proof (cases x)
paulson@19944
   215
        case (fields yx Yx tx)
paulson@19944
   216
        then obtain yx' where yx': "yx' \<in> Yx" using px
paulson@19944
   217
               by (blast dest: infinite_imp_nonempty)
paulson@19944
   218
        have infYx': "infinite (Yx-{yx'})" using fields px by auto
paulson@19944
   219
        with fields px yx' Suc.prems
paulson@19944
   220
        have partfx': "part r s (Yx - {yx'}) (f \<circ> insert yx')"
huffman@35175
   221
          by (simp add: o_def part_Suc_imp_part part_subset [where YY=YY and Y=Yx])
wenzelm@32960
   222
        from Suc.hyps [OF infYx' partfx']
wenzelm@32960
   223
        obtain Y' and t'
wenzelm@32960
   224
        where Y': "Y' \<subseteq> Yx - {yx'}"  "infinite Y'"  "t' < s"
wenzelm@32960
   225
               "\<forall>X. X\<subseteq>Y' \<and> finite X \<and> card X = r \<longrightarrow> (f \<circ> insert yx') X = t'"
wenzelm@32960
   226
            by blast 
wenzelm@32960
   227
        show ?thesis
wenzelm@32960
   228
        proof
wenzelm@32960
   229
          show "?propr (yx',Y',t') & (x, (yx',Y',t')) \<in> ?ramr"
wenzelm@32960
   230
            using fields Y' yx' px by blast
wenzelm@32960
   231
        qed
paulson@19944
   232
      qed
paulson@19944
   233
    qed
paulson@19944
   234
    from dependent_choice [OF transr propr0 proprstep]
nipkow@19946
   235
    obtain g where pg: "!!n::nat.  ?propr (g n)"
paulson@19954
   236
      and rg: "!!n m. n<m ==> (g n, g m) \<in> ?ramr" by blast
haftmann@28741
   237
    let ?gy = "fst o g"
haftmann@28741
   238
    let ?gt = "snd o snd o g"
paulson@19944
   239
    have rangeg: "\<exists>k. range ?gt \<subseteq> {..<k}"
paulson@19944
   240
    proof (intro exI subsetI)
paulson@19944
   241
      fix x
paulson@19944
   242
      assume "x \<in> range ?gt"
paulson@19944
   243
      then obtain n where "x = ?gt n" ..
paulson@19944
   244
      with pg [of n] show "x \<in> {..<s}" by (cases "g n") auto
paulson@19944
   245
    qed
wenzelm@20810
   246
    have "finite (range ?gt)"
wenzelm@20810
   247
      by (simp add: finite_nat_iff_bounded rangeg)
paulson@19944
   248
    then obtain s' and n'
wenzelm@20810
   249
      where s': "s' = ?gt n'"
wenzelm@20810
   250
        and infeqs': "infinite {n. ?gt n = s'}"
wenzelm@20810
   251
      by (rule inf_img_fin_domE) (auto simp add: vimage_def intro: nat_infinite)
paulson@19944
   252
    with pg [of n'] have less': "s'<s" by (cases "g n'") auto
paulson@19944
   253
    have inj_gy: "inj ?gy"
paulson@19944
   254
    proof (rule linorder_injI)
wenzelm@19949
   255
      fix m m' :: nat assume less: "m < m'" show "?gy m \<noteq> ?gy m'"
wenzelm@19948
   256
        using rg [OF less] pg [of m] by (cases "g m", cases "g m'") auto
paulson@19944
   257
    qed
paulson@19944
   258
    show ?thesis
paulson@19944
   259
    proof (intro exI conjI)
paulson@19944
   260
      show "?gy ` {n. ?gt n = s'} \<subseteq> YY" using pg
paulson@19944
   261
        by (auto simp add: Let_def split_beta) 
paulson@19944
   262
      show "infinite (?gy ` {n. ?gt n = s'})" using infeqs'
paulson@19944
   263
        by (blast intro: inj_gy [THEN subset_inj_on] dest: finite_imageD) 
paulson@19944
   264
      show "s' < s" by (rule less')
paulson@19944
   265
      show "\<forall>X. X \<subseteq> ?gy ` {n. ?gt n = s'} & finite X & card X = Suc r 
paulson@19944
   266
          --> f X = s'"
paulson@19944
   267
      proof -
paulson@19944
   268
        {fix X 
paulson@19944
   269
         assume "X \<subseteq> ?gy ` {n. ?gt n = s'}"
paulson@19944
   270
            and cardX: "finite X" "card X = Suc r"
paulson@19944
   271
         then obtain AA where AA: "AA \<subseteq> {n. ?gt n = s'}" and Xeq: "X = ?gy`AA" 
paulson@19944
   272
             by (auto simp add: subset_image_iff) 
paulson@19944
   273
         with cardX have "AA\<noteq>{}" by auto
paulson@19944
   274
         hence AAleast: "(LEAST x. x \<in> AA) \<in> AA" by (auto intro: LeastI_ex) 
paulson@19944
   275
         have "f X = s'"
paulson@19944
   276
         proof (cases "g (LEAST x. x \<in> AA)") 
paulson@19944
   277
           case (fields ya Ya ta)
paulson@19944
   278
           with AAleast Xeq 
paulson@19944
   279
           have ya: "ya \<in> X" by (force intro!: rev_image_eqI) 
paulson@19944
   280
           hence "f X = f (insert ya (X - {ya}))" by (simp add: insert_absorb)
paulson@19944
   281
           also have "... = ta" 
paulson@19944
   282
           proof -
paulson@19944
   283
             have "X - {ya} \<subseteq> Ya"
paulson@19944
   284
             proof 
paulson@19954
   285
               fix x assume x: "x \<in> X - {ya}"
paulson@19944
   286
               then obtain a' where xeq: "x = ?gy a'" and a': "a' \<in> AA" 
paulson@19944
   287
                 by (auto simp add: Xeq) 
paulson@19944
   288
               hence "a' \<noteq> (LEAST x. x \<in> AA)" using x fields by auto
paulson@19944
   289
               hence lessa': "(LEAST x. x \<in> AA) < a'"
paulson@19944
   290
                 using Least_le [of "%x. x \<in> AA", OF a'] by arith
paulson@19944
   291
               show "x \<in> Ya" using xeq fields rg [OF lessa'] by auto
paulson@19944
   292
             qed
paulson@19944
   293
             moreover
paulson@19944
   294
             have "card (X - {ya}) = r"
nipkow@24853
   295
               by (simp add: cardX ya)
paulson@19944
   296
             ultimately show ?thesis 
paulson@19944
   297
               using pg [of "LEAST x. x \<in> AA"] fields cardX
wenzelm@32960
   298
               by (clarsimp simp del:insert_Diff_single)
paulson@19944
   299
           qed
paulson@19944
   300
           also have "... = s'" using AA AAleast fields by auto
paulson@19944
   301
           finally show ?thesis .
paulson@19944
   302
         qed}
paulson@19944
   303
        thus ?thesis by blast
paulson@19944
   304
      qed 
paulson@19944
   305
    qed 
paulson@19944
   306
  qed
paulson@19944
   307
qed
paulson@19944
   308
paulson@19944
   309
paulson@19944
   310
theorem Ramsey:
wenzelm@19949
   311
  fixes s r :: nat and Z::"'a set" and f::"'a set => nat"
paulson@19944
   312
  shows
paulson@19944
   313
   "[|infinite Z;
paulson@19944
   314
      \<forall>X. X \<subseteq> Z & finite X & card X = r --> f X < s|]
paulson@19944
   315
  ==> \<exists>Y t. Y \<subseteq> Z & infinite Y & t < s 
paulson@19944
   316
            & (\<forall>X. X \<subseteq> Y & finite X & card X = r --> f X = t)"
paulson@19954
   317
by (blast intro: Ramsey_induction [unfolded part_def])
paulson@19954
   318
paulson@19954
   319
paulson@19954
   320
corollary Ramsey2:
paulson@19954
   321
  fixes s::nat and Z::"'a set" and f::"'a set => nat"
paulson@19954
   322
  assumes infZ: "infinite Z"
paulson@19954
   323
      and part: "\<forall>x\<in>Z. \<forall>y\<in>Z. x\<noteq>y --> f{x,y} < s"
paulson@19954
   324
  shows
paulson@19954
   325
   "\<exists>Y t. Y \<subseteq> Z & infinite Y & t < s & (\<forall>x\<in>Y. \<forall>y\<in>Y. x\<noteq>y --> f{x,y} = t)"
paulson@19954
   326
proof -
paulson@19954
   327
  have part2: "\<forall>X. X \<subseteq> Z & finite X & card X = 2 --> f X < s"
nipkow@40077
   328
    using part by (fastsimp simp add: eval_nat_numeral card_Suc_eq)
paulson@19954
   329
  obtain Y t 
paulson@19954
   330
    where "Y \<subseteq> Z" "infinite Y" "t < s"
paulson@19954
   331
          "(\<forall>X. X \<subseteq> Y & finite X & card X = 2 --> f X = t)"
paulson@19954
   332
    by (insert Ramsey [OF infZ part2]) auto
paulson@19954
   333
  moreover from this have  "\<forall>x\<in>Y. \<forall>y\<in>Y. x \<noteq> y \<longrightarrow> f {x, y} = t" by auto
paulson@19954
   334
  ultimately show ?thesis by iprover
paulson@19954
   335
qed
paulson@19954
   336
paulson@19954
   337
wenzelm@22665
   338
subsection {* Disjunctive Well-Foundedness *}
paulson@19954
   339
wenzelm@22367
   340
text {*
wenzelm@22367
   341
  An application of Ramsey's theorem to program termination. See
wenzelm@22367
   342
  \cite{Podelski-Rybalchenko}.
paulson@19954
   343
*}
paulson@19954
   344
wenzelm@20810
   345
definition
paulson@19954
   346
  disj_wf         :: "('a * 'a)set => bool"
krauss@21634
   347
where
wenzelm@20810
   348
  "disj_wf r = (\<exists>T. \<exists>n::nat. (\<forall>i<n. wf(T i)) & r = (\<Union>i<n. T i))"
paulson@19954
   349
krauss@21634
   350
definition
paulson@19954
   351
  transition_idx :: "[nat => 'a, nat => ('a*'a)set, nat set] => nat"
krauss@21634
   352
where
wenzelm@20810
   353
  "transition_idx s T A =
wenzelm@20810
   354
    (LEAST k. \<exists>i j. A = {i,j} & i<j & (s j, s i) \<in> T k)"
paulson@19954
   355
paulson@19954
   356
paulson@19954
   357
lemma transition_idx_less:
paulson@19954
   358
    "[|i<j; (s j, s i) \<in> T k; k<n|] ==> transition_idx s T {i,j} < n"
paulson@19954
   359
apply (subgoal_tac "transition_idx s T {i, j} \<le> k", simp) 
paulson@19954
   360
apply (simp add: transition_idx_def, blast intro: Least_le) 
paulson@19954
   361
done
paulson@19954
   362
paulson@19954
   363
lemma transition_idx_in:
paulson@19954
   364
    "[|i<j; (s j, s i) \<in> T k|] ==> (s j, s i) \<in> T (transition_idx s T {i,j})"
paulson@19954
   365
apply (simp add: transition_idx_def doubleton_eq_iff conj_disj_distribR 
paulson@19954
   366
            cong: conj_cong) 
paulson@19954
   367
apply (erule LeastI) 
paulson@19954
   368
done
paulson@19954
   369
paulson@19954
   370
text{*To be equal to the union of some well-founded relations is equivalent
paulson@19954
   371
to being the subset of such a union.*}
paulson@19954
   372
lemma disj_wf:
paulson@19954
   373
     "disj_wf(r) = (\<exists>T. \<exists>n::nat. (\<forall>i<n. wf(T i)) & r \<subseteq> (\<Union>i<n. T i))"
paulson@19954
   374
apply (auto simp add: disj_wf_def) 
paulson@19954
   375
apply (rule_tac x="%i. T i Int r" in exI) 
paulson@19954
   376
apply (rule_tac x=n in exI) 
paulson@19954
   377
apply (force simp add: wf_Int1) 
paulson@19954
   378
done
paulson@19954
   379
paulson@19954
   380
theorem trans_disj_wf_implies_wf:
paulson@19954
   381
  assumes transr: "trans r"
paulson@19954
   382
      and dwf:    "disj_wf(r)"
paulson@19954
   383
  shows "wf r"
paulson@19954
   384
proof (simp only: wf_iff_no_infinite_down_chain, rule notI)
paulson@19954
   385
  assume "\<exists>s. \<forall>i. (s (Suc i), s i) \<in> r"
paulson@19954
   386
  then obtain s where sSuc: "\<forall>i. (s (Suc i), s i) \<in> r" ..
paulson@19954
   387
  have s: "!!i j. i < j ==> (s j, s i) \<in> r"
paulson@19954
   388
  proof -
paulson@19954
   389
    fix i and j::nat
paulson@19954
   390
    assume less: "i<j"
paulson@19954
   391
    thus "(s j, s i) \<in> r"
paulson@19954
   392
    proof (rule less_Suc_induct)
paulson@19954
   393
      show "\<And>i. (s (Suc i), s i) \<in> r" by (simp add: sSuc) 
paulson@19954
   394
      show "\<And>i j k. \<lbrakk>(s j, s i) \<in> r; (s k, s j) \<in> r\<rbrakk> \<Longrightarrow> (s k, s i) \<in> r"
paulson@19954
   395
        using transr by (unfold trans_def, blast) 
paulson@19954
   396
    qed
paulson@19954
   397
  qed    
paulson@19954
   398
  from dwf
paulson@19954
   399
  obtain T and n::nat where wfT: "\<forall>k<n. wf(T k)" and r: "r = (\<Union>k<n. T k)"
paulson@19954
   400
    by (auto simp add: disj_wf_def)
paulson@19954
   401
  have s_in_T: "\<And>i j. i<j ==> \<exists>k. (s j, s i) \<in> T k & k<n"
paulson@19954
   402
  proof -
paulson@19954
   403
    fix i and j::nat
paulson@19954
   404
    assume less: "i<j"
paulson@19954
   405
    hence "(s j, s i) \<in> r" by (rule s [of i j]) 
paulson@19954
   406
    thus "\<exists>k. (s j, s i) \<in> T k & k<n" by (auto simp add: r)
paulson@19954
   407
  qed    
paulson@19954
   408
  have trless: "!!i j. i\<noteq>j ==> transition_idx s T {i,j} < n"
paulson@19954
   409
    apply (auto simp add: linorder_neq_iff)
paulson@19954
   410
    apply (blast dest: s_in_T transition_idx_less) 
paulson@19954
   411
    apply (subst insert_commute)   
paulson@19954
   412
    apply (blast dest: s_in_T transition_idx_less) 
paulson@19954
   413
    done
paulson@19954
   414
  have
paulson@19954
   415
   "\<exists>K k. K \<subseteq> UNIV & infinite K & k < n & 
paulson@19954
   416
          (\<forall>i\<in>K. \<forall>j\<in>K. i\<noteq>j --> transition_idx s T {i,j} = k)"
paulson@19954
   417
    by (rule Ramsey2) (auto intro: trless nat_infinite) 
paulson@19954
   418
  then obtain K and k 
paulson@19954
   419
    where infK: "infinite K" and less: "k < n" and
paulson@19954
   420
          allk: "\<forall>i\<in>K. \<forall>j\<in>K. i\<noteq>j --> transition_idx s T {i,j} = k"
paulson@19954
   421
    by auto
paulson@19954
   422
  have "\<forall>m. (s (enumerate K (Suc m)), s(enumerate K m)) \<in> T k"
paulson@19954
   423
  proof
paulson@19954
   424
    fix m::nat
paulson@19954
   425
    let ?j = "enumerate K (Suc m)"
paulson@19954
   426
    let ?i = "enumerate K m"
paulson@19954
   427
    have jK: "?j \<in> K" by (simp add: enumerate_in_set infK) 
paulson@19954
   428
    have iK: "?i \<in> K" by (simp add: enumerate_in_set infK) 
paulson@19954
   429
    have ij: "?i < ?j" by (simp add: enumerate_step infK) 
paulson@19954
   430
    have ijk: "transition_idx s T {?i,?j} = k" using iK jK ij 
paulson@19954
   431
      by (simp add: allk)
paulson@19954
   432
    obtain k' where "(s ?j, s ?i) \<in> T k'" "k'<n" 
paulson@19954
   433
      using s_in_T [OF ij] by blast
paulson@19954
   434
    thus "(s ?j, s ?i) \<in> T k" 
paulson@19954
   435
      by (simp add: ijk [symmetric] transition_idx_in ij) 
paulson@19954
   436
  qed
paulson@19954
   437
  hence "~ wf(T k)" by (force simp add: wf_iff_no_infinite_down_chain) 
paulson@19954
   438
  thus False using wfT less by blast
paulson@19954
   439
qed
paulson@19954
   440
paulson@19944
   441
end