src/ZF/Constructible/Reflection.thy
author wenzelm
Mon Dec 04 22:54:31 2017 +0100 (21 months ago)
changeset 67131 85d10959c2e4
parent 61980 6b780867d426
child 67443 3abf6a722518
permissions -rw-r--r--
tuned signature;
paulson@13505
     1
(*  Title:      ZF/Constructible/Reflection.thy
paulson@13505
     2
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@13505
     3
*)
paulson@13505
     4
wenzelm@60770
     5
section \<open>The Reflection Theorem\<close>
paulson@13223
     6
haftmann@16417
     7
theory Reflection imports Normal begin
paulson@13223
     8
wenzelm@58860
     9
lemma all_iff_not_ex_not: "(\<forall>x. P(x)) \<longleftrightarrow> (~ (\<exists>x. ~ P(x)))"
paulson@13223
    10
by blast
paulson@13223
    11
wenzelm@58860
    12
lemma ball_iff_not_bex_not: "(\<forall>x\<in>A. P(x)) \<longleftrightarrow> (~ (\<exists>x\<in>A. ~ P(x)))"
paulson@13223
    13
by blast
paulson@13223
    14
wenzelm@60770
    15
text\<open>From the notes of A. S. Kechris, page 6, and from
paulson@13223
    16
      Andrzej Mostowski, \emph{Constructible Sets with Applications},
wenzelm@60770
    17
      North-Holland, 1969, page 23.\<close>
paulson@13223
    18
paulson@13223
    19
wenzelm@60770
    20
subsection\<open>Basic Definitions\<close>
paulson@13223
    21
wenzelm@61798
    22
text\<open>First part: the cumulative hierarchy defining the class \<open>M\<close>.
wenzelm@61798
    23
To avoid handling multiple arguments, we assume that \<open>Mset(l)\<close> is
wenzelm@61798
    24
closed under ordered pairing provided \<open>l\<close> is limit.  Possibly this
paulson@46823
    25
could be avoided: the induction hypothesis @{term Cl_reflects}
wenzelm@61798
    26
(in locale \<open>ex_reflection\<close>) could be weakened to
paulson@46823
    27
@{term "\<forall>y\<in>Mset(a). \<forall>z\<in>Mset(a). P(<y,z>) \<longleftrightarrow> Q(a,<y,z>)"}, removing most
paulson@46823
    28
uses of @{term Pair_in_Mset}.  But there isn't much point in doing so, since
wenzelm@61798
    29
ultimately the \<open>ex_reflection\<close> proof is packaged up using the
wenzelm@61798
    30
predicate \<open>Reflects\<close>.
wenzelm@60770
    31
\<close>
wenzelm@13428
    32
locale reflection =
paulson@13223
    33
  fixes Mset and M and Reflects
paulson@13223
    34
  assumes Mset_mono_le : "mono_le_subset(Mset)"
paulson@13223
    35
      and Mset_cont    : "cont_Ord(Mset)"
paulson@46823
    36
      and Pair_in_Mset : "[| x \<in> Mset(a); y \<in> Mset(a); Limit(a) |]
paulson@13223
    37
                          ==> <x,y> \<in> Mset(a)"
paulson@13563
    38
  defines "M(x) == \<exists>a. Ord(a) & x \<in> Mset(a)"
paulson@13563
    39
      and "Reflects(Cl,P,Q) == Closed_Unbounded(Cl) &
paulson@46823
    40
                              (\<forall>a. Cl(a) \<longrightarrow> (\<forall>x\<in>Mset(a). P(x) \<longleftrightarrow> Q(a,x)))"
wenzelm@61798
    41
  fixes F0 \<comment>\<open>ordinal for a specific value @{term y}\<close>
wenzelm@61798
    42
  fixes FF \<comment>\<open>sup over the whole level, @{term "y\<in>Mset(a)"}\<close>
wenzelm@61798
    43
  fixes ClEx \<comment>\<open>Reflecting ordinals for the formula @{term "\<exists>z. P"}\<close>
paulson@46823
    44
  defines "F0(P,y) == \<mu> b. (\<exists>z. M(z) & P(<y,z>)) \<longrightarrow>
paulson@13223
    45
                               (\<exists>z\<in>Mset(b). P(<y,z>))"
paulson@13223
    46
      and "FF(P)   == \<lambda>a. \<Union>y\<in>Mset(a). F0(P,y)"
paulson@13563
    47
      and "ClEx(P,a) == Limit(a) & normalize(FF(P),a) = a"
paulson@13223
    48
paulson@46823
    49
lemma (in reflection) Mset_mono: "i\<le>j ==> Mset(i) \<subseteq> Mset(j)"
paulson@46823
    50
apply (insert Mset_mono_le)
paulson@46823
    51
apply (simp add: mono_le_subset_def leI)
paulson@13223
    52
done
paulson@13223
    53
wenzelm@61798
    54
text\<open>Awkward: we need a version of \<open>ClEx_def\<close> as an equality
wenzelm@60770
    55
      at the level of classes, which do not really exist\<close>
paulson@13434
    56
lemma (in reflection) ClEx_eq:
paulson@13563
    57
     "ClEx(P) == \<lambda>a. Limit(a) & normalize(FF(P),a) = a"
paulson@46823
    58
by (simp add: ClEx_def [symmetric])
paulson@13434
    59
paulson@13434
    60
wenzelm@60770
    61
subsection\<open>Easy Cases of the Reflection Theorem\<close>
paulson@13223
    62
paulson@13223
    63
theorem (in reflection) Triv_reflection [intro]:
paulson@13223
    64
     "Reflects(Ord, P, \<lambda>a x. P(x))"
paulson@13223
    65
by (simp add: Reflects_def)
paulson@13223
    66
paulson@13223
    67
theorem (in reflection) Not_reflection [intro]:
paulson@13223
    68
     "Reflects(Cl,P,Q) ==> Reflects(Cl, \<lambda>x. ~P(x), \<lambda>a x. ~Q(a,x))"
paulson@46823
    69
by (simp add: Reflects_def)
paulson@13223
    70
paulson@13223
    71
theorem (in reflection) And_reflection [intro]:
paulson@46823
    72
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |]
paulson@46823
    73
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), \<lambda>x. P(x) & P'(x),
paulson@13563
    74
                                      \<lambda>a x. Q(a,x) & Q'(a,x))"
paulson@13223
    75
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    76
paulson@13223
    77
theorem (in reflection) Or_reflection [intro]:
paulson@46823
    78
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |]
paulson@46823
    79
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), \<lambda>x. P(x) | P'(x),
paulson@13563
    80
                                      \<lambda>a x. Q(a,x) | Q'(a,x))"
paulson@13223
    81
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    82
paulson@13223
    83
theorem (in reflection) Imp_reflection [intro]:
paulson@46823
    84
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |]
paulson@46823
    85
      ==> Reflects(\<lambda>a. Cl(a) & C'(a),
paulson@46823
    86
                   \<lambda>x. P(x) \<longrightarrow> P'(x),
paulson@46823
    87
                   \<lambda>a x. Q(a,x) \<longrightarrow> Q'(a,x))"
paulson@13223
    88
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    89
paulson@13223
    90
theorem (in reflection) Iff_reflection [intro]:
paulson@46823
    91
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |]
paulson@46823
    92
      ==> Reflects(\<lambda>a. Cl(a) & C'(a),
paulson@46823
    93
                   \<lambda>x. P(x) \<longleftrightarrow> P'(x),
paulson@46823
    94
                   \<lambda>a x. Q(a,x) \<longleftrightarrow> Q'(a,x))"
paulson@46823
    95
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    96
wenzelm@60770
    97
subsection\<open>Reflection for Existential Quantifiers\<close>
paulson@13223
    98
paulson@13223
    99
lemma (in reflection) F0_works:
paulson@13223
   100
     "[| y\<in>Mset(a); Ord(a); M(z); P(<y,z>) |] ==> \<exists>z\<in>Mset(F0(P,y)). P(<y,z>)"
paulson@13223
   101
apply (unfold F0_def M_def, clarify)
paulson@13223
   102
apply (rule LeastI2)
paulson@13223
   103
  apply (blast intro: Mset_mono [THEN subsetD])
paulson@13223
   104
 apply (blast intro: lt_Ord2, blast)
paulson@13223
   105
done
paulson@13223
   106
paulson@13223
   107
lemma (in reflection) Ord_F0 [intro,simp]: "Ord(F0(P,y))"
paulson@13223
   108
by (simp add: F0_def)
paulson@13223
   109
paulson@13223
   110
lemma (in reflection) Ord_FF [intro,simp]: "Ord(FF(P,y))"
paulson@13223
   111
by (simp add: FF_def)
paulson@13223
   112
paulson@13223
   113
lemma (in reflection) cont_Ord_FF: "cont_Ord(FF(P))"
paulson@13223
   114
apply (insert Mset_cont)
paulson@13223
   115
apply (simp add: cont_Ord_def FF_def, blast)
paulson@13223
   116
done
paulson@13223
   117
wenzelm@60770
   118
text\<open>Recall that @{term F0} depends upon @{term "y\<in>Mset(a)"},
wenzelm@60770
   119
while @{term FF} depends only upon @{term a}.\<close>
paulson@13223
   120
lemma (in reflection) FF_works:
paulson@13223
   121
     "[| M(z); y\<in>Mset(a); P(<y,z>); Ord(a) |] ==> \<exists>z\<in>Mset(FF(P,a)). P(<y,z>)"
paulson@13223
   122
apply (simp add: FF_def)
paulson@46823
   123
apply (simp_all add: cont_Ord_Union [of concl: Mset]
paulson@13223
   124
                     Mset_cont Mset_mono_le not_emptyI Ord_F0)
paulson@46823
   125
apply (blast intro: F0_works)
paulson@13223
   126
done
paulson@13223
   127
paulson@13223
   128
lemma (in reflection) FFN_works:
paulson@46823
   129
     "[| M(z); y\<in>Mset(a); P(<y,z>); Ord(a) |]
paulson@13223
   130
      ==> \<exists>z\<in>Mset(normalize(FF(P),a)). P(<y,z>)"
paulson@46823
   131
apply (drule FF_works [of concl: P], assumption+)
paulson@13223
   132
apply (blast intro: cont_Ord_FF le_normalize [THEN Mset_mono, THEN subsetD])
paulson@13223
   133
done
paulson@13223
   134
paulson@13223
   135
wenzelm@60770
   136
text\<open>Locale for the induction hypothesis\<close>
paulson@13223
   137
wenzelm@13428
   138
locale ex_reflection = reflection +
wenzelm@61798
   139
  fixes P  \<comment>"the original formula"
wenzelm@61798
   140
  fixes Q  \<comment>"the reflected formula"
wenzelm@61798
   141
  fixes Cl \<comment>"the class of reflecting ordinals"
paulson@46823
   142
  assumes Cl_reflects: "[| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) \<longleftrightarrow> Q(a,x)"
paulson@13223
   143
paulson@13223
   144
lemma (in ex_reflection) ClEx_downward:
paulson@46823
   145
     "[| M(z); y\<in>Mset(a); P(<y,z>); Cl(a); ClEx(P,a) |]
paulson@13223
   146
      ==> \<exists>z\<in>Mset(a). Q(a,<y,z>)"
paulson@46823
   147
apply (simp add: ClEx_def, clarify)
paulson@46823
   148
apply (frule Limit_is_Ord)
paulson@46823
   149
apply (frule FFN_works [of concl: P], assumption+)
paulson@46823
   150
apply (drule Cl_reflects, assumption+)
paulson@13223
   151
apply (auto simp add: Limit_is_Ord Pair_in_Mset)
paulson@13223
   152
done
paulson@13223
   153
paulson@13223
   154
lemma (in ex_reflection) ClEx_upward:
paulson@46823
   155
     "[| z\<in>Mset(a); y\<in>Mset(a); Q(a,<y,z>); Cl(a); ClEx(P,a) |]
paulson@13563
   156
      ==> \<exists>z. M(z) & P(<y,z>)"
paulson@13223
   157
apply (simp add: ClEx_def M_def)
paulson@13223
   158
apply (blast dest: Cl_reflects
wenzelm@32960
   159
             intro: Limit_is_Ord Pair_in_Mset)
paulson@13223
   160
done
paulson@13223
   161
wenzelm@61798
   162
text\<open>Class \<open>ClEx\<close> indeed consists of reflecting ordinals...\<close>
paulson@13223
   163
lemma (in ex_reflection) ZF_ClEx_iff:
paulson@46823
   164
     "[| y\<in>Mset(a); Cl(a); ClEx(P,a) |]
paulson@46823
   165
      ==> (\<exists>z. M(z) & P(<y,z>)) \<longleftrightarrow> (\<exists>z\<in>Mset(a). Q(a,<y,z>))"
paulson@46823
   166
by (blast intro: dest: ClEx_downward ClEx_upward)
paulson@13223
   167
wenzelm@60770
   168
text\<open>...and it is closed and unbounded\<close>
paulson@13223
   169
lemma (in ex_reflection) ZF_Closed_Unbounded_ClEx:
paulson@13223
   170
     "Closed_Unbounded(ClEx(P))"
paulson@13434
   171
apply (simp add: ClEx_eq)
paulson@13223
   172
apply (fast intro: Closed_Unbounded_Int Normal_imp_fp_Closed_Unbounded
paulson@13223
   173
                   Closed_Unbounded_Limit Normal_normalize)
paulson@13223
   174
done
paulson@13223
   175
wenzelm@61798
   176
text\<open>The same two theorems, exported to locale \<open>reflection\<close>.\<close>
paulson@13223
   177
wenzelm@61798
   178
text\<open>Class \<open>ClEx\<close> indeed consists of reflecting ordinals...\<close>
paulson@13223
   179
lemma (in reflection) ClEx_iff:
paulson@13223
   180
     "[| y\<in>Mset(a); Cl(a); ClEx(P,a);
paulson@46823
   181
        !!a. [| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) \<longleftrightarrow> Q(a,x) |]
paulson@46823
   182
      ==> (\<exists>z. M(z) & P(<y,z>)) \<longleftrightarrow> (\<exists>z\<in>Mset(a). Q(a,<y,z>))"
paulson@13223
   183
apply (unfold ClEx_def FF_def F0_def M_def)
wenzelm@13428
   184
apply (rule ex_reflection.ZF_ClEx_iff
wenzelm@13428
   185
  [OF ex_reflection.intro, OF reflection.intro ex_reflection_axioms.intro,
wenzelm@13428
   186
    of Mset Cl])
wenzelm@13428
   187
apply (simp_all add: Mset_mono_le Mset_cont Pair_in_Mset)
paulson@13223
   188
done
paulson@13223
   189
paulson@13434
   190
(*Alternative proof, less unfolding:
paulson@13434
   191
apply (rule Reflection.ZF_ClEx_iff [of Mset _ _ Cl, folded M_def])
paulson@13434
   192
apply (fold ClEx_def FF_def F0_def)
paulson@13434
   193
apply (rule ex_reflection.intro, assumption)
paulson@13434
   194
apply (simp add: ex_reflection_axioms.intro, assumption+)
paulson@13434
   195
*)
paulson@13434
   196
paulson@13223
   197
lemma (in reflection) Closed_Unbounded_ClEx:
paulson@46823
   198
     "(!!a. [| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) \<longleftrightarrow> Q(a,x))
paulson@13223
   199
      ==> Closed_Unbounded(ClEx(P))"
paulson@46823
   200
apply (unfold ClEx_eq FF_def F0_def M_def)
wenzelm@21232
   201
apply (rule ex_reflection.ZF_Closed_Unbounded_ClEx [of Mset _ _ Cl])
wenzelm@23464
   202
apply (rule ex_reflection.intro, rule reflection_axioms)
paulson@13434
   203
apply (blast intro: ex_reflection_axioms.intro)
paulson@13223
   204
done
paulson@13223
   205
wenzelm@60770
   206
subsection\<open>Packaging the Quantifier Reflection Rules\<close>
paulson@13292
   207
paulson@13223
   208
lemma (in reflection) Ex_reflection_0:
paulson@46823
   209
     "Reflects(Cl,P0,Q0)
paulson@46823
   210
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(P0,a),
paulson@46823
   211
                   \<lambda>x. \<exists>z. M(z) & P0(<x,z>),
paulson@46823
   212
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q0(a,<x,z>))"
paulson@46823
   213
apply (simp add: Reflects_def)
paulson@13223
   214
apply (intro conjI Closed_Unbounded_Int)
paulson@46823
   215
  apply blast
paulson@46823
   216
 apply (rule Closed_Unbounded_ClEx [of Cl P0 Q0], blast, clarify)
paulson@46823
   217
apply (rule_tac Cl=Cl in  ClEx_iff, assumption+, blast)
paulson@13223
   218
done
paulson@13223
   219
paulson@13223
   220
lemma (in reflection) All_reflection_0:
paulson@46823
   221
     "Reflects(Cl,P0,Q0)
paulson@46823
   222
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x.~P0(x), a),
paulson@46823
   223
                   \<lambda>x. \<forall>z. M(z) \<longrightarrow> P0(<x,z>),
paulson@46823
   224
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q0(a,<x,z>))"
paulson@46823
   225
apply (simp only: all_iff_not_ex_not ball_iff_not_bex_not)
paulson@46823
   226
apply (rule Not_reflection, drule Not_reflection, simp)
paulson@13223
   227
apply (erule Ex_reflection_0)
paulson@13223
   228
done
paulson@13223
   229
paulson@13223
   230
theorem (in reflection) Ex_reflection [intro]:
paulson@46823
   231
     "Reflects(Cl, \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@46823
   232
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. P(fst(x),snd(x)), a),
paulson@46823
   233
                   \<lambda>x. \<exists>z. M(z) & P(x,z),
paulson@13223
   234
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q(a,x,z))"
paulson@46823
   235
by (rule Ex_reflection_0 [of _ " \<lambda>x. P(fst(x),snd(x))"
paulson@13223
   236
                               "\<lambda>a x. Q(a,fst(x),snd(x))", simplified])
paulson@13223
   237
paulson@13223
   238
theorem (in reflection) All_reflection [intro]:
paulson@13223
   239
     "Reflects(Cl,  \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@46823
   240
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. ~P(fst(x),snd(x)), a),
paulson@46823
   241
                   \<lambda>x. \<forall>z. M(z) \<longrightarrow> P(x,z),
paulson@46823
   242
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q(a,x,z))"
paulson@46823
   243
by (rule All_reflection_0 [of _ "\<lambda>x. P(fst(x),snd(x))"
paulson@13223
   244
                                "\<lambda>a x. Q(a,fst(x),snd(x))", simplified])
paulson@13223
   245
wenzelm@60770
   246
text\<open>And again, this time using class-bounded quantifiers\<close>
paulson@13292
   247
paulson@13292
   248
theorem (in reflection) Rex_reflection [intro]:
paulson@46823
   249
     "Reflects(Cl, \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@46823
   250
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. P(fst(x),snd(x)), a),
paulson@46823
   251
                   \<lambda>x. \<exists>z[M]. P(x,z),
paulson@13292
   252
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q(a,x,z))"
paulson@46823
   253
by (unfold rex_def, blast)
paulson@13292
   254
paulson@13292
   255
theorem (in reflection) Rall_reflection [intro]:
paulson@13292
   256
     "Reflects(Cl,  \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@46823
   257
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. ~P(fst(x),snd(x)), a),
paulson@46823
   258
                   \<lambda>x. \<forall>z[M]. P(x,z),
paulson@46823
   259
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q(a,x,z))"
paulson@46823
   260
by (unfold rall_def, blast)
paulson@13292
   261
paulson@13292
   262
wenzelm@60770
   263
text\<open>No point considering bounded quantifiers, where reflection is trivial.\<close>
paulson@13223
   264
paulson@13223
   265
wenzelm@60770
   266
subsection\<open>Simple Examples of Reflection\<close>
paulson@13223
   267
wenzelm@60770
   268
text\<open>Example 1: reflecting a simple formula.  The reflecting class is first
wenzelm@61798
   269
given as the variable \<open>?Cl\<close> and later retrieved from the final
wenzelm@60770
   270
proof state.\<close>
wenzelm@61337
   271
schematic_goal (in reflection)
paulson@13223
   272
     "Reflects(?Cl,
paulson@46823
   273
               \<lambda>x. \<exists>y. M(y) & x \<in> y,
paulson@13223
   274
               \<lambda>a x. \<exists>y\<in>Mset(a). x \<in> y)"
paulson@13223
   275
by fast
paulson@13223
   276
wenzelm@60770
   277
text\<open>Problem here: there needs to be a conjunction (class intersection)
paulson@13223
   278
in the class of reflecting ordinals.  The @{term "Ord(a)"} is redundant,
wenzelm@60770
   279
though harmless.\<close>
paulson@46823
   280
lemma (in reflection)
paulson@46823
   281
     "Reflects(\<lambda>a. Ord(a) & ClEx(\<lambda>x. fst(x) \<in> snd(x), a),
paulson@46823
   282
               \<lambda>x. \<exists>y. M(y) & x \<in> y,
paulson@46823
   283
               \<lambda>a x. \<exists>y\<in>Mset(a). x \<in> y)"
paulson@13223
   284
by fast
paulson@13223
   285
paulson@13223
   286
wenzelm@60770
   287
text\<open>Example 2\<close>
wenzelm@61337
   288
schematic_goal (in reflection)
paulson@13223
   289
     "Reflects(?Cl,
paulson@46823
   290
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) \<longrightarrow> z \<subseteq> x \<longrightarrow> z \<in> y),
paulson@46823
   291
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x \<longrightarrow> z \<in> y)"
paulson@13223
   292
by fast
paulson@13223
   293
wenzelm@60770
   294
text\<open>Example 2'.  We give the reflecting class explicitly.\<close>
paulson@46823
   295
lemma (in reflection)
paulson@13223
   296
  "Reflects
paulson@13563
   297
    (\<lambda>a. (Ord(a) &
paulson@46823
   298
          ClEx(\<lambda>x. ~ (snd(x) \<subseteq> fst(fst(x)) \<longrightarrow> snd(x) \<in> snd(fst(x))), a)) &
paulson@46823
   299
          ClEx(\<lambda>x. \<forall>z. M(z) \<longrightarrow> z \<subseteq> fst(x) \<longrightarrow> z \<in> snd(x), a),
paulson@46823
   300
            \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) \<longrightarrow> z \<subseteq> x \<longrightarrow> z \<in> y),
paulson@46823
   301
            \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x \<longrightarrow> z \<in> y)"
paulson@13223
   302
by fast
paulson@13223
   303
wenzelm@60770
   304
text\<open>Example 2''.  We expand the subset relation.\<close>
wenzelm@61337
   305
schematic_goal (in reflection)
paulson@13223
   306
  "Reflects(?Cl,
paulson@46823
   307
        \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) \<longrightarrow> (\<forall>w. M(w) \<longrightarrow> w\<in>z \<longrightarrow> w\<in>x) \<longrightarrow> z\<in>y),
paulson@46823
   308
        \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). (\<forall>w\<in>Mset(a). w\<in>z \<longrightarrow> w\<in>x) \<longrightarrow> z\<in>y)"
paulson@13223
   309
by fast
paulson@13223
   310
wenzelm@60770
   311
text\<open>Example 2'''.  Single-step version, to reveal the reflecting class.\<close>
wenzelm@61337
   312
schematic_goal (in reflection)
paulson@13223
   313
     "Reflects(?Cl,
paulson@46823
   314
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) \<longrightarrow> z \<subseteq> x \<longrightarrow> z \<in> y),
paulson@46823
   315
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x \<longrightarrow> z \<in> y)"
paulson@46823
   316
apply (rule Ex_reflection)
wenzelm@60770
   317
txt\<open>
paulson@13223
   318
@{goals[display,indent=0,margin=60]}
wenzelm@60770
   319
\<close>
paulson@46823
   320
apply (rule All_reflection)
wenzelm@60770
   321
txt\<open>
paulson@13223
   322
@{goals[display,indent=0,margin=60]}
wenzelm@60770
   323
\<close>
paulson@46823
   324
apply (rule Triv_reflection)
wenzelm@60770
   325
txt\<open>
paulson@13223
   326
@{goals[display,indent=0,margin=60]}
wenzelm@60770
   327
\<close>
paulson@13223
   328
done
paulson@13223
   329
wenzelm@60770
   330
text\<open>Example 3.  Warning: the following examples make sense only
wenzelm@60770
   331
if @{term P} is quantifier-free, since it is not being relativized.\<close>
wenzelm@61337
   332
schematic_goal (in reflection)
paulson@13223
   333
     "Reflects(?Cl,
paulson@46823
   334
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) \<longrightarrow> z \<in> y \<longleftrightarrow> z \<in> x & P(z)),
paulson@46823
   335
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<in> y \<longleftrightarrow> z \<in> x & P(z))"
paulson@13223
   336
by fast
paulson@13223
   337
wenzelm@60770
   338
text\<open>Example 3'\<close>
wenzelm@61337
   339
schematic_goal (in reflection)
paulson@13223
   340
     "Reflects(?Cl,
paulson@13563
   341
               \<lambda>x. \<exists>y. M(y) & y = Collect(x,P),
wenzelm@58860
   342
               \<lambda>a x. \<exists>y\<in>Mset(a). y = Collect(x,P))"
paulson@13223
   343
by fast
paulson@13223
   344
wenzelm@60770
   345
text\<open>Example 3''\<close>
wenzelm@61337
   346
schematic_goal (in reflection)
paulson@13223
   347
     "Reflects(?Cl,
paulson@13563
   348
               \<lambda>x. \<exists>y. M(y) & y = Replace(x,P),
wenzelm@58860
   349
               \<lambda>a x. \<exists>y\<in>Mset(a). y = Replace(x,P))"
paulson@13223
   350
by fast
paulson@13223
   351
wenzelm@61798
   352
text\<open>Example 4: Axiom of Choice.  Possibly wrong, since \<open>\<Pi>\<close> needs
wenzelm@60770
   353
to be relativized.\<close>
wenzelm@61337
   354
schematic_goal (in reflection)
paulson@13223
   355
     "Reflects(?Cl,
wenzelm@61980
   356
               \<lambda>A. 0\<notin>A \<longrightarrow> (\<exists>f. M(f) & f \<in> (\<Prod>X \<in> A. X)),
wenzelm@61980
   357
               \<lambda>a A. 0\<notin>A \<longrightarrow> (\<exists>f\<in>Mset(a). f \<in> (\<Prod>X \<in> A. X)))"
paulson@13223
   358
by fast
paulson@13223
   359
paulson@13223
   360
end
paulson@13223
   361