src/ZF/Nat_ZF.thy
author wenzelm
Thu Dec 14 11:24:26 2017 +0100 (20 months ago)
changeset 67198 694f29a5433b
parent 60770 240563fbf41d
permissions -rw-r--r--
merged
wenzelm@32960
     1
(*  Title:      ZF/Nat_ZF.thy
krauss@26056
     2
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
krauss@26056
     3
    Copyright   1994  University of Cambridge
krauss@26056
     4
*)
krauss@26056
     5
wenzelm@60770
     6
section\<open>The Natural numbers As a Least Fixed Point\<close>
krauss@26056
     7
krauss@26056
     8
theory Nat_ZF imports OrdQuant Bool begin
krauss@26056
     9
krauss@26056
    10
definition
krauss@26056
    11
  nat :: i  where
paulson@46953
    12
    "nat == lfp(Inf, %X. {0} \<union> {succ(i). i \<in> X})"
krauss@26056
    13
krauss@26056
    14
definition
krauss@26056
    15
  quasinat :: "i => o"  where
krauss@26056
    16
    "quasinat(n) == n=0 | (\<exists>m. n = succ(m))"
krauss@26056
    17
krauss@26056
    18
definition
krauss@26056
    19
  (*Has an unconditional succ case, which is used in "recursor" below.*)
krauss@26056
    20
  nat_case :: "[i, i=>i, i]=>i"  where
paulson@46820
    21
    "nat_case(a,b,k) == THE y. k=0 & y=a | (\<exists>x. k=succ(x) & y=b(x))"
krauss@26056
    22
krauss@26056
    23
definition
krauss@26056
    24
  nat_rec :: "[i, i, [i,i]=>i]=>i"  where
paulson@46820
    25
    "nat_rec(k,a,b) ==
krauss@26056
    26
          wfrec(Memrel(nat), k, %n f. nat_case(a, %m. b(m, f`m), n))"
krauss@26056
    27
krauss@26056
    28
  (*Internalized relations on the naturals*)
paulson@46820
    29
krauss@26056
    30
definition
krauss@26056
    31
  Le :: i  where
paulson@46820
    32
    "Le == {<x,y>:nat*nat. x \<le> y}"
krauss@26056
    33
krauss@26056
    34
definition
krauss@26056
    35
  Lt :: i  where
krauss@26056
    36
    "Lt == {<x, y>:nat*nat. x < y}"
paulson@46820
    37
krauss@26056
    38
definition
krauss@26056
    39
  Ge :: i  where
paulson@46820
    40
    "Ge == {<x,y>:nat*nat. y \<le> x}"
krauss@26056
    41
krauss@26056
    42
definition
krauss@26056
    43
  Gt :: i  where
krauss@26056
    44
    "Gt == {<x,y>:nat*nat. y < x}"
krauss@26056
    45
krauss@26056
    46
definition
krauss@26056
    47
  greater_than :: "i=>i"  where
paulson@46953
    48
    "greater_than(n) == {i \<in> nat. n < i}"
krauss@26056
    49
wenzelm@60770
    50
text\<open>No need for a less-than operator: a natural number is its list of
wenzelm@60770
    51
predecessors!\<close>
krauss@26056
    52
krauss@26056
    53
paulson@46953
    54
lemma nat_bnd_mono: "bnd_mono(Inf, %X. {0} \<union> {succ(i). i \<in> X})"
krauss@26056
    55
apply (rule bnd_monoI)
paulson@46820
    56
apply (cut_tac infinity, blast, blast)
krauss@26056
    57
done
krauss@26056
    58
paulson@46953
    59
(* @{term"nat = {0} \<union> {succ(x). x \<in> nat}"} *)
wenzelm@45602
    60
lemmas nat_unfold = nat_bnd_mono [THEN nat_def [THEN def_lfp_unfold]]
krauss@26056
    61
krauss@26056
    62
(** Type checking of 0 and successor **)
krauss@26056
    63
paulson@46820
    64
lemma nat_0I [iff,TC]: "0 \<in> nat"
krauss@26056
    65
apply (subst nat_unfold)
krauss@26056
    66
apply (rule singletonI [THEN UnI1])
krauss@26056
    67
done
krauss@26056
    68
paulson@46820
    69
lemma nat_succI [intro!,TC]: "n \<in> nat ==> succ(n) \<in> nat"
krauss@26056
    70
apply (subst nat_unfold)
krauss@26056
    71
apply (erule RepFunI [THEN UnI2])
krauss@26056
    72
done
krauss@26056
    73
paulson@46820
    74
lemma nat_1I [iff,TC]: "1 \<in> nat"
krauss@26056
    75
by (rule nat_0I [THEN nat_succI])
krauss@26056
    76
paulson@46820
    77
lemma nat_2I [iff,TC]: "2 \<in> nat"
krauss@26056
    78
by (rule nat_1I [THEN nat_succI])
krauss@26056
    79
paulson@46820
    80
lemma bool_subset_nat: "bool \<subseteq> nat"
krauss@26056
    81
by (blast elim!: boolE)
krauss@26056
    82
wenzelm@45602
    83
lemmas bool_into_nat = bool_subset_nat [THEN subsetD]
krauss@26056
    84
krauss@26056
    85
wenzelm@60770
    86
subsection\<open>Injectivity Properties and Induction\<close>
krauss@26056
    87
krauss@26056
    88
(*Mathematical induction*)
krauss@26056
    89
lemma nat_induct [case_names 0 succ, induct set: nat]:
paulson@46953
    90
    "[| n \<in> nat;  P(0);  !!x. [| x \<in> nat;  P(x) |] ==> P(succ(x)) |] ==> P(n)"
krauss@26056
    91
by (erule def_induct [OF nat_def nat_bnd_mono], blast)
krauss@26056
    92
krauss@26056
    93
lemma natE:
paulson@46935
    94
 assumes "n \<in> nat"
paulson@46954
    95
 obtains ("0") "n=0" | (succ) x where "x \<in> nat" "n=succ(x)"
paulson@46935
    96
using assms
paulson@46935
    97
by (rule nat_unfold [THEN equalityD1, THEN subsetD, THEN UnE]) auto
krauss@26056
    98
paulson@46935
    99
lemma nat_into_Ord [simp]: "n \<in> nat ==> Ord(n)"
krauss@26056
   100
by (erule nat_induct, auto)
krauss@26056
   101
paulson@46953
   102
(* @{term"i \<in> nat ==> 0 \<le> i"}; same thing as @{term"0<succ(i)"}  *)
wenzelm@45602
   103
lemmas nat_0_le = nat_into_Ord [THEN Ord_0_le]
krauss@26056
   104
paulson@46953
   105
(* @{term"i \<in> nat ==> i \<le> i"}; same thing as @{term"i<succ(i)"}  *)
wenzelm@45602
   106
lemmas nat_le_refl = nat_into_Ord [THEN le_refl]
krauss@26056
   107
krauss@26056
   108
lemma Ord_nat [iff]: "Ord(nat)"
krauss@26056
   109
apply (rule OrdI)
krauss@26056
   110
apply (erule_tac [2] nat_into_Ord [THEN Ord_is_Transset])
krauss@26056
   111
apply (unfold Transset_def)
krauss@26056
   112
apply (rule ballI)
paulson@46820
   113
apply (erule nat_induct, auto)
krauss@26056
   114
done
krauss@26056
   115
krauss@26056
   116
lemma Limit_nat [iff]: "Limit(nat)"
krauss@26056
   117
apply (unfold Limit_def)
krauss@26056
   118
apply (safe intro!: ltI Ord_nat)
krauss@26056
   119
apply (erule ltD)
krauss@26056
   120
done
krauss@26056
   121
krauss@26056
   122
lemma naturals_not_limit: "a \<in> nat ==> ~ Limit(a)"
krauss@26056
   123
by (induct a rule: nat_induct, auto)
krauss@26056
   124
paulson@46953
   125
lemma succ_natD: "succ(i): nat ==> i \<in> nat"
krauss@26056
   126
by (rule Ord_trans [OF succI1], auto)
krauss@26056
   127
paulson@46935
   128
lemma nat_succ_iff [iff]: "succ(n): nat \<longleftrightarrow> n \<in> nat"
krauss@26056
   129
by (blast dest!: succ_natD)
krauss@26056
   130
paulson@46820
   131
lemma nat_le_Limit: "Limit(i) ==> nat \<le> i"
krauss@26056
   132
apply (rule subset_imp_le)
paulson@46820
   133
apply (simp_all add: Limit_is_Ord)
krauss@26056
   134
apply (rule subsetI)
krauss@26056
   135
apply (erule nat_induct)
paulson@46820
   136
 apply (erule Limit_has_0 [THEN ltD])
krauss@26056
   137
apply (blast intro: Limit_has_succ [THEN ltD] ltI Limit_is_Ord)
krauss@26056
   138
done
krauss@26056
   139
paulson@46953
   140
(* [| succ(i): k;  k \<in> nat |] ==> i \<in> k *)
krauss@26056
   141
lemmas succ_in_naturalD = Ord_trans [OF succI1 _ nat_into_Ord]
krauss@26056
   142
paulson@46953
   143
lemma lt_nat_in_nat: "[| m<n;  n \<in> nat |] ==> m \<in> nat"
krauss@26056
   144
apply (erule ltE)
paulson@46820
   145
apply (erule Ord_trans, assumption, simp)
krauss@26056
   146
done
krauss@26056
   147
paulson@46953
   148
lemma le_in_nat: "[| m \<le> n; n \<in> nat |] ==> m \<in> nat"
krauss@26056
   149
by (blast dest!: lt_nat_in_nat)
krauss@26056
   150
krauss@26056
   151
wenzelm@60770
   152
subsection\<open>Variations on Mathematical Induction\<close>
krauss@26056
   153
krauss@26056
   154
(*complete induction*)
krauss@26056
   155
krauss@26056
   156
lemmas complete_induct = Ord_induct [OF _ Ord_nat, case_names less, consumes 1]
krauss@26056
   157
paulson@46820
   158
lemmas complete_induct_rule =
wenzelm@32960
   159
        complete_induct [rule_format, case_names less, consumes 1]
krauss@26056
   160
krauss@26056
   161
paulson@46820
   162
lemma nat_induct_from_lemma [rule_format]:
paulson@46953
   163
    "[| n \<in> nat;  m \<in> nat;
paulson@46953
   164
        !!x. [| x \<in> nat;  m \<le> x;  P(x) |] ==> P(succ(x)) |]
paulson@46820
   165
     ==> m \<le> n \<longrightarrow> P(m) \<longrightarrow> P(n)"
paulson@46820
   166
apply (erule nat_induct)
krauss@26056
   167
apply (simp_all add: distrib_simps le0_iff le_succ_iff)
krauss@26056
   168
done
krauss@26056
   169
krauss@26056
   170
(*Induction starting from m rather than 0*)
paulson@46820
   171
lemma nat_induct_from:
paulson@46953
   172
    "[| m \<le> n;  m \<in> nat;  n \<in> nat;
paulson@46820
   173
        P(m);
paulson@46953
   174
        !!x. [| x \<in> nat;  m \<le> x;  P(x) |] ==> P(succ(x)) |]
krauss@26056
   175
     ==> P(n)"
krauss@26056
   176
apply (blast intro: nat_induct_from_lemma)
krauss@26056
   177
done
krauss@26056
   178
krauss@26056
   179
(*Induction suitable for subtraction and less-than*)
krauss@26056
   180
lemma diff_induct [case_names 0 0_succ succ_succ, consumes 2]:
paulson@46953
   181
    "[| m \<in> nat;  n \<in> nat;
paulson@46953
   182
        !!x. x \<in> nat ==> P(x,0);
paulson@46953
   183
        !!y. y \<in> nat ==> P(0,succ(y));
paulson@46953
   184
        !!x y. [| x \<in> nat;  y \<in> nat;  P(x,y) |] ==> P(succ(x),succ(y)) |]
krauss@26056
   185
     ==> P(m,n)"
krauss@26056
   186
apply (erule_tac x = m in rev_bspec)
paulson@46820
   187
apply (erule nat_induct, simp)
krauss@26056
   188
apply (rule ballI)
krauss@26056
   189
apply (rename_tac i j)
paulson@46820
   190
apply (erule_tac n=j in nat_induct, auto)
krauss@26056
   191
done
krauss@26056
   192
krauss@26056
   193
krauss@26056
   194
(** Induction principle analogous to trancl_induct **)
krauss@26056
   195
krauss@26056
   196
lemma succ_lt_induct_lemma [rule_format]:
paulson@46953
   197
     "m \<in> nat ==> P(m,succ(m)) \<longrightarrow> (\<forall>x\<in>nat. P(m,x) \<longrightarrow> P(m,succ(x))) \<longrightarrow>
paulson@46820
   198
                 (\<forall>n\<in>nat. m<n \<longrightarrow> P(m,n))"
krauss@26056
   199
apply (erule nat_induct)
krauss@26056
   200
 apply (intro impI, rule nat_induct [THEN ballI])
krauss@26056
   201
   prefer 4 apply (intro impI, rule nat_induct [THEN ballI])
paulson@46820
   202
apply (auto simp add: le_iff)
krauss@26056
   203
done
krauss@26056
   204
krauss@26056
   205
lemma succ_lt_induct:
paulson@46935
   206
    "[| m<n;  n \<in> nat;
paulson@46820
   207
        P(m,succ(m));
paulson@46953
   208
        !!x. [| x \<in> nat;  P(m,x) |] ==> P(m,succ(x)) |]
krauss@26056
   209
     ==> P(m,n)"
paulson@46820
   210
by (blast intro: succ_lt_induct_lemma lt_nat_in_nat)
krauss@26056
   211
wenzelm@60770
   212
subsection\<open>quasinat: to allow a case-split rule for @{term nat_case}\<close>
krauss@26056
   213
wenzelm@60770
   214
text\<open>True if the argument is zero or any successor\<close>
krauss@26056
   215
lemma [iff]: "quasinat(0)"
krauss@26056
   216
by (simp add: quasinat_def)
krauss@26056
   217
krauss@26056
   218
lemma [iff]: "quasinat(succ(x))"
krauss@26056
   219
by (simp add: quasinat_def)
krauss@26056
   220
krauss@26056
   221
lemma nat_imp_quasinat: "n \<in> nat ==> quasinat(n)"
krauss@26056
   222
by (erule natE, simp_all)
krauss@26056
   223
paulson@46820
   224
lemma non_nat_case: "~ quasinat(x) ==> nat_case(a,b,x) = 0"
paulson@46820
   225
by (simp add: quasinat_def nat_case_def)
krauss@26056
   226
krauss@26056
   227
lemma nat_cases_disj: "k=0 | (\<exists>y. k = succ(y)) | ~ quasinat(k)"
paulson@46820
   228
apply (case_tac "k=0", simp)
paulson@46820
   229
apply (case_tac "\<exists>m. k = succ(m)")
paulson@46820
   230
apply (simp_all add: quasinat_def)
krauss@26056
   231
done
krauss@26056
   232
krauss@26056
   233
lemma nat_cases:
krauss@26056
   234
     "[|k=0 ==> P;  !!y. k = succ(y) ==> P; ~ quasinat(k) ==> P|] ==> P"
paulson@46820
   235
by (insert nat_cases_disj [of k], blast)
krauss@26056
   236
krauss@26056
   237
(** nat_case **)
krauss@26056
   238
krauss@26056
   239
lemma nat_case_0 [simp]: "nat_case(a,b,0) = a"
krauss@26056
   240
by (simp add: nat_case_def)
krauss@26056
   241
paulson@46820
   242
lemma nat_case_succ [simp]: "nat_case(a,b,succ(n)) = b(n)"
krauss@26056
   243
by (simp add: nat_case_def)
krauss@26056
   244
krauss@26056
   245
lemma nat_case_type [TC]:
paulson@46953
   246
    "[| n \<in> nat;  a \<in> C(0);  !!m. m \<in> nat ==> b(m): C(succ(m)) |]
wenzelm@58860
   247
     ==> nat_case(a,b,n) \<in> C(n)"
paulson@46820
   248
by (erule nat_induct, auto)
krauss@26056
   249
krauss@26056
   250
lemma split_nat_case:
paulson@46821
   251
  "P(nat_case(a,b,k)) \<longleftrightarrow>
paulson@46820
   252
   ((k=0 \<longrightarrow> P(a)) & (\<forall>x. k=succ(x) \<longrightarrow> P(b(x))) & (~ quasinat(k) \<longrightarrow> P(0)))"
paulson@46820
   253
apply (rule nat_cases [of k])
krauss@26056
   254
apply (auto simp add: non_nat_case)
krauss@26056
   255
done
krauss@26056
   256
krauss@26056
   257
wenzelm@60770
   258
subsection\<open>Recursion on the Natural Numbers\<close>
krauss@26056
   259
krauss@26056
   260
(** nat_rec is used to define eclose and transrec, then becomes obsolete.
krauss@26056
   261
    The operator rec, from arith.thy, has fewer typing conditions **)
krauss@26056
   262
krauss@26056
   263
lemma nat_rec_0: "nat_rec(0,a,b) = a"
krauss@26056
   264
apply (rule nat_rec_def [THEN def_wfrec, THEN trans])
paulson@46820
   265
 apply (rule wf_Memrel)
krauss@26056
   266
apply (rule nat_case_0)
krauss@26056
   267
done
krauss@26056
   268
paulson@46953
   269
lemma nat_rec_succ: "m \<in> nat ==> nat_rec(succ(m),a,b) = b(m, nat_rec(m,a,b))"
krauss@26056
   270
apply (rule nat_rec_def [THEN def_wfrec, THEN trans])
paulson@46820
   271
 apply (rule wf_Memrel)
krauss@26056
   272
apply (simp add: vimage_singleton_iff)
krauss@26056
   273
done
krauss@26056
   274
krauss@26056
   275
(** The union of two natural numbers is a natural number -- their maximum **)
krauss@26056
   276
paulson@46953
   277
lemma Un_nat_type [TC]: "[| i \<in> nat; j \<in> nat |] ==> i \<union> j \<in> nat"
krauss@26056
   278
apply (rule Un_least_lt [THEN ltD])
paulson@46820
   279
apply (simp_all add: lt_def)
krauss@26056
   280
done
krauss@26056
   281
paulson@46953
   282
lemma Int_nat_type [TC]: "[| i \<in> nat; j \<in> nat |] ==> i \<inter> j \<in> nat"
krauss@26056
   283
apply (rule Int_greatest_lt [THEN ltD])
paulson@46820
   284
apply (simp_all add: lt_def)
krauss@26056
   285
done
krauss@26056
   286
krauss@26056
   287
(*needed to simplify unions over nat*)
paulson@46820
   288
lemma nat_nonempty [simp]: "nat \<noteq> 0"
krauss@26056
   289
by blast
krauss@26056
   290
wenzelm@60770
   291
text\<open>A natural number is the set of its predecessors\<close>
krauss@26056
   292
lemma nat_eq_Collect_lt: "i \<in> nat ==> {j\<in>nat. j<i} = i"
krauss@26056
   293
apply (rule equalityI)
paulson@46820
   294
apply (blast dest: ltD)
krauss@26056
   295
apply (auto simp add: Ord_mem_iff_lt)
paulson@46820
   296
apply (blast intro: lt_trans)
krauss@26056
   297
done
krauss@26056
   298
paulson@46821
   299
lemma Le_iff [iff]: "<x,y> \<in> Le \<longleftrightarrow> x \<le> y & x \<in> nat & y \<in> nat"
krauss@26056
   300
by (force simp add: Le_def)
krauss@26056
   301
krauss@26056
   302
end