src/HOL/Library/Nat_Bijection.thy
author wenzelm
Wed Jun 17 11:03:05 2015 +0200 (2015-06-17)
changeset 60500 903bb1495239
parent 60352 d46de31a50c4
child 62046 2c9f68fbf047
permissions -rw-r--r--
isabelle update_cartouches;
wenzelm@41959
     1
(*  Title:      HOL/Library/Nat_Bijection.thy
huffman@35700
     2
    Author:     Brian Huffman
huffman@35700
     3
    Author:     Florian Haftmann
huffman@35700
     4
    Author:     Stefan Richter
huffman@35700
     5
    Author:     Tobias Nipkow
huffman@35700
     6
    Author:     Alexander Krauss
huffman@35700
     7
*)
huffman@35700
     8
wenzelm@60500
     9
section \<open>Bijections between natural numbers and other types\<close>
huffman@35700
    10
huffman@35700
    11
theory Nat_Bijection
haftmann@58770
    12
imports Main
huffman@35700
    13
begin
huffman@35700
    14
wenzelm@60500
    15
subsection \<open>Type @{typ "nat \<times> nat"}\<close>
huffman@35700
    16
huffman@35700
    17
text "Triangle numbers: 0, 1, 3, 6, 10, 15, ..."
huffman@35700
    18
huffman@35700
    19
definition
huffman@35700
    20
  triangle :: "nat \<Rightarrow> nat"
huffman@35700
    21
where
huffman@35700
    22
  "triangle n = n * Suc n div 2"
huffman@35700
    23
huffman@35700
    24
lemma triangle_0 [simp]: "triangle 0 = 0"
huffman@35700
    25
unfolding triangle_def by simp
huffman@35700
    26
huffman@35700
    27
lemma triangle_Suc [simp]: "triangle (Suc n) = triangle n + Suc n"
huffman@35700
    28
unfolding triangle_def by simp
huffman@35700
    29
huffman@35700
    30
definition
huffman@35700
    31
  prod_encode :: "nat \<times> nat \<Rightarrow> nat"
huffman@35700
    32
where
huffman@35700
    33
  "prod_encode = (\<lambda>(m, n). triangle (m + n) + m)"
huffman@35700
    34
wenzelm@60500
    35
text \<open>In this auxiliary function, @{term "triangle k + m"} is an invariant.\<close>
huffman@35700
    36
huffman@35700
    37
fun
huffman@35700
    38
  prod_decode_aux :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat"
huffman@35700
    39
where
huffman@35700
    40
  "prod_decode_aux k m =
huffman@35700
    41
    (if m \<le> k then (m, k - m) else prod_decode_aux (Suc k) (m - Suc k))"
huffman@35700
    42
huffman@35700
    43
declare prod_decode_aux.simps [simp del]
huffman@35700
    44
huffman@35700
    45
definition
huffman@35700
    46
  prod_decode :: "nat \<Rightarrow> nat \<times> nat"
huffman@35700
    47
where
huffman@35700
    48
  "prod_decode = prod_decode_aux 0"
huffman@35700
    49
huffman@35700
    50
lemma prod_encode_prod_decode_aux:
huffman@35700
    51
  "prod_encode (prod_decode_aux k m) = triangle k + m"
huffman@35700
    52
apply (induct k m rule: prod_decode_aux.induct)
huffman@35700
    53
apply (subst prod_decode_aux.simps)
huffman@35700
    54
apply (simp add: prod_encode_def)
huffman@35700
    55
done
huffman@35700
    56
huffman@35700
    57
lemma prod_decode_inverse [simp]: "prod_encode (prod_decode n) = n"
huffman@35700
    58
unfolding prod_decode_def by (simp add: prod_encode_prod_decode_aux)
huffman@35700
    59
huffman@35700
    60
lemma prod_decode_triangle_add:
huffman@35700
    61
  "prod_decode (triangle k + m) = prod_decode_aux k m"
huffman@35700
    62
apply (induct k arbitrary: m)
huffman@35700
    63
apply (simp add: prod_decode_def)
haftmann@57512
    64
apply (simp only: triangle_Suc add.assoc)
huffman@35700
    65
apply (subst prod_decode_aux.simps, simp)
huffman@35700
    66
done
huffman@35700
    67
huffman@35700
    68
lemma prod_encode_inverse [simp]: "prod_decode (prod_encode x) = x"
huffman@35700
    69
unfolding prod_encode_def
huffman@35700
    70
apply (induct x)
huffman@35700
    71
apply (simp add: prod_decode_triangle_add)
huffman@35700
    72
apply (subst prod_decode_aux.simps, simp)
huffman@35700
    73
done
huffman@35700
    74
huffman@35700
    75
lemma inj_prod_encode: "inj_on prod_encode A"
huffman@35700
    76
by (rule inj_on_inverseI, rule prod_encode_inverse)
huffman@35700
    77
huffman@35700
    78
lemma inj_prod_decode: "inj_on prod_decode A"
huffman@35700
    79
by (rule inj_on_inverseI, rule prod_decode_inverse)
huffman@35700
    80
huffman@35700
    81
lemma surj_prod_encode: "surj prod_encode"
huffman@35700
    82
by (rule surjI, rule prod_decode_inverse)
huffman@35700
    83
huffman@35700
    84
lemma surj_prod_decode: "surj prod_decode"
huffman@35700
    85
by (rule surjI, rule prod_encode_inverse)
huffman@35700
    86
huffman@35700
    87
lemma bij_prod_encode: "bij prod_encode"
huffman@35700
    88
by (rule bijI [OF inj_prod_encode surj_prod_encode])
huffman@35700
    89
huffman@35700
    90
lemma bij_prod_decode: "bij prod_decode"
huffman@35700
    91
by (rule bijI [OF inj_prod_decode surj_prod_decode])
huffman@35700
    92
huffman@35700
    93
lemma prod_encode_eq: "prod_encode x = prod_encode y \<longleftrightarrow> x = y"
huffman@35700
    94
by (rule inj_prod_encode [THEN inj_eq])
huffman@35700
    95
huffman@35700
    96
lemma prod_decode_eq: "prod_decode x = prod_decode y \<longleftrightarrow> x = y"
huffman@35700
    97
by (rule inj_prod_decode [THEN inj_eq])
huffman@35700
    98
wenzelm@60500
    99
text \<open>Ordering properties\<close>
huffman@35700
   100
huffman@35700
   101
lemma le_prod_encode_1: "a \<le> prod_encode (a, b)"
huffman@35700
   102
unfolding prod_encode_def by simp
huffman@35700
   103
huffman@35700
   104
lemma le_prod_encode_2: "b \<le> prod_encode (a, b)"
huffman@35700
   105
unfolding prod_encode_def by (induct b, simp_all)
huffman@35700
   106
huffman@35700
   107
wenzelm@60500
   108
subsection \<open>Type @{typ "nat + nat"}\<close>
huffman@35700
   109
huffman@35700
   110
definition
huffman@35700
   111
  sum_encode  :: "nat + nat \<Rightarrow> nat"
huffman@35700
   112
where
huffman@35700
   113
  "sum_encode x = (case x of Inl a \<Rightarrow> 2 * a | Inr b \<Rightarrow> Suc (2 * b))"
huffman@35700
   114
huffman@35700
   115
definition
huffman@35700
   116
  sum_decode  :: "nat \<Rightarrow> nat + nat"
huffman@35700
   117
where
huffman@35700
   118
  "sum_decode n = (if even n then Inl (n div 2) else Inr (n div 2))"
huffman@35700
   119
huffman@35700
   120
lemma sum_encode_inverse [simp]: "sum_decode (sum_encode x) = x"
huffman@35700
   121
unfolding sum_decode_def sum_encode_def
huffman@35700
   122
by (induct x) simp_all
huffman@35700
   123
huffman@35700
   124
lemma sum_decode_inverse [simp]: "sum_encode (sum_decode n) = n"
haftmann@58834
   125
  by (simp add: even_two_times_div_two sum_decode_def sum_encode_def)
huffman@35700
   126
huffman@35700
   127
lemma inj_sum_encode: "inj_on sum_encode A"
huffman@35700
   128
by (rule inj_on_inverseI, rule sum_encode_inverse)
huffman@35700
   129
huffman@35700
   130
lemma inj_sum_decode: "inj_on sum_decode A"
huffman@35700
   131
by (rule inj_on_inverseI, rule sum_decode_inverse)
huffman@35700
   132
huffman@35700
   133
lemma surj_sum_encode: "surj sum_encode"
huffman@35700
   134
by (rule surjI, rule sum_decode_inverse)
huffman@35700
   135
huffman@35700
   136
lemma surj_sum_decode: "surj sum_decode"
huffman@35700
   137
by (rule surjI, rule sum_encode_inverse)
huffman@35700
   138
huffman@35700
   139
lemma bij_sum_encode: "bij sum_encode"
huffman@35700
   140
by (rule bijI [OF inj_sum_encode surj_sum_encode])
huffman@35700
   141
huffman@35700
   142
lemma bij_sum_decode: "bij sum_decode"
huffman@35700
   143
by (rule bijI [OF inj_sum_decode surj_sum_decode])
huffman@35700
   144
huffman@35700
   145
lemma sum_encode_eq: "sum_encode x = sum_encode y \<longleftrightarrow> x = y"
huffman@35700
   146
by (rule inj_sum_encode [THEN inj_eq])
huffman@35700
   147
huffman@35700
   148
lemma sum_decode_eq: "sum_decode x = sum_decode y \<longleftrightarrow> x = y"
huffman@35700
   149
by (rule inj_sum_decode [THEN inj_eq])
huffman@35700
   150
huffman@35700
   151
wenzelm@60500
   152
subsection \<open>Type @{typ "int"}\<close>
huffman@35700
   153
huffman@35700
   154
definition
huffman@35700
   155
  int_encode :: "int \<Rightarrow> nat"
huffman@35700
   156
where
huffman@35700
   157
  "int_encode i = sum_encode (if 0 \<le> i then Inl (nat i) else Inr (nat (- i - 1)))"
huffman@35700
   158
huffman@35700
   159
definition
huffman@35700
   160
  int_decode :: "nat \<Rightarrow> int"
huffman@35700
   161
where
huffman@35700
   162
  "int_decode n = (case sum_decode n of Inl a \<Rightarrow> int a | Inr b \<Rightarrow> - int b - 1)"
huffman@35700
   163
huffman@35700
   164
lemma int_encode_inverse [simp]: "int_decode (int_encode x) = x"
huffman@35700
   165
unfolding int_decode_def int_encode_def by simp
huffman@35700
   166
huffman@35700
   167
lemma int_decode_inverse [simp]: "int_encode (int_decode n) = n"
huffman@35700
   168
unfolding int_decode_def int_encode_def using sum_decode_inverse [of n]
huffman@35700
   169
by (cases "sum_decode n", simp_all)
huffman@35700
   170
huffman@35700
   171
lemma inj_int_encode: "inj_on int_encode A"
huffman@35700
   172
by (rule inj_on_inverseI, rule int_encode_inverse)
huffman@35700
   173
huffman@35700
   174
lemma inj_int_decode: "inj_on int_decode A"
huffman@35700
   175
by (rule inj_on_inverseI, rule int_decode_inverse)
huffman@35700
   176
huffman@35700
   177
lemma surj_int_encode: "surj int_encode"
huffman@35700
   178
by (rule surjI, rule int_decode_inverse)
huffman@35700
   179
huffman@35700
   180
lemma surj_int_decode: "surj int_decode"
huffman@35700
   181
by (rule surjI, rule int_encode_inverse)
huffman@35700
   182
huffman@35700
   183
lemma bij_int_encode: "bij int_encode"
huffman@35700
   184
by (rule bijI [OF inj_int_encode surj_int_encode])
huffman@35700
   185
huffman@35700
   186
lemma bij_int_decode: "bij int_decode"
huffman@35700
   187
by (rule bijI [OF inj_int_decode surj_int_decode])
huffman@35700
   188
huffman@35700
   189
lemma int_encode_eq: "int_encode x = int_encode y \<longleftrightarrow> x = y"
huffman@35700
   190
by (rule inj_int_encode [THEN inj_eq])
huffman@35700
   191
huffman@35700
   192
lemma int_decode_eq: "int_decode x = int_decode y \<longleftrightarrow> x = y"
huffman@35700
   193
by (rule inj_int_decode [THEN inj_eq])
huffman@35700
   194
huffman@35700
   195
wenzelm@60500
   196
subsection \<open>Type @{typ "nat list"}\<close>
huffman@35700
   197
huffman@35700
   198
fun
huffman@35700
   199
  list_encode :: "nat list \<Rightarrow> nat"
huffman@35700
   200
where
huffman@35700
   201
  "list_encode [] = 0"
huffman@35700
   202
| "list_encode (x # xs) = Suc (prod_encode (x, list_encode xs))"
huffman@35700
   203
huffman@35700
   204
function
huffman@35700
   205
  list_decode :: "nat \<Rightarrow> nat list"
huffman@35700
   206
where
huffman@35700
   207
  "list_decode 0 = []"
huffman@35700
   208
| "list_decode (Suc n) = (case prod_decode n of (x, y) \<Rightarrow> x # list_decode y)"
huffman@35700
   209
by pat_completeness auto
huffman@35700
   210
huffman@35700
   211
termination list_decode
huffman@35700
   212
apply (relation "measure id", simp_all)
huffman@35700
   213
apply (drule arg_cong [where f="prod_encode"])
haftmann@37591
   214
apply (drule sym)
huffman@35700
   215
apply (simp add: le_imp_less_Suc le_prod_encode_2)
huffman@35700
   216
done
huffman@35700
   217
huffman@35700
   218
lemma list_encode_inverse [simp]: "list_decode (list_encode x) = x"
huffman@35700
   219
by (induct x rule: list_encode.induct) simp_all
huffman@35700
   220
huffman@35700
   221
lemma list_decode_inverse [simp]: "list_encode (list_decode n) = n"
huffman@35700
   222
apply (induct n rule: list_decode.induct, simp)
huffman@35700
   223
apply (simp split: prod.split)
huffman@35700
   224
apply (simp add: prod_decode_eq [symmetric])
huffman@35700
   225
done
huffman@35700
   226
huffman@35700
   227
lemma inj_list_encode: "inj_on list_encode A"
huffman@35700
   228
by (rule inj_on_inverseI, rule list_encode_inverse)
huffman@35700
   229
huffman@35700
   230
lemma inj_list_decode: "inj_on list_decode A"
huffman@35700
   231
by (rule inj_on_inverseI, rule list_decode_inverse)
huffman@35700
   232
huffman@35700
   233
lemma surj_list_encode: "surj list_encode"
huffman@35700
   234
by (rule surjI, rule list_decode_inverse)
huffman@35700
   235
huffman@35700
   236
lemma surj_list_decode: "surj list_decode"
huffman@35700
   237
by (rule surjI, rule list_encode_inverse)
huffman@35700
   238
huffman@35700
   239
lemma bij_list_encode: "bij list_encode"
huffman@35700
   240
by (rule bijI [OF inj_list_encode surj_list_encode])
huffman@35700
   241
huffman@35700
   242
lemma bij_list_decode: "bij list_decode"
huffman@35700
   243
by (rule bijI [OF inj_list_decode surj_list_decode])
huffman@35700
   244
huffman@35700
   245
lemma list_encode_eq: "list_encode x = list_encode y \<longleftrightarrow> x = y"
huffman@35700
   246
by (rule inj_list_encode [THEN inj_eq])
huffman@35700
   247
huffman@35700
   248
lemma list_decode_eq: "list_decode x = list_decode y \<longleftrightarrow> x = y"
huffman@35700
   249
by (rule inj_list_decode [THEN inj_eq])
huffman@35700
   250
huffman@35700
   251
wenzelm@60500
   252
subsection \<open>Finite sets of naturals\<close>
huffman@35700
   253
wenzelm@60500
   254
subsubsection \<open>Preliminaries\<close>
huffman@35700
   255
huffman@35700
   256
lemma finite_vimage_Suc_iff: "finite (Suc -` F) \<longleftrightarrow> finite F"
huffman@35700
   257
apply (safe intro!: finite_vimageI inj_Suc)
huffman@35700
   258
apply (rule finite_subset [where B="insert 0 (Suc ` Suc -` F)"])
huffman@35700
   259
apply (rule subsetI, case_tac x, simp, simp)
huffman@35700
   260
apply (rule finite_insert [THEN iffD2])
huffman@35700
   261
apply (erule finite_imageI)
huffman@35700
   262
done
huffman@35700
   263
huffman@35700
   264
lemma vimage_Suc_insert_0: "Suc -` insert 0 A = Suc -` A"
huffman@35700
   265
by auto
huffman@35700
   266
huffman@35700
   267
lemma vimage_Suc_insert_Suc:
huffman@35700
   268
  "Suc -` insert (Suc n) A = insert n (Suc -` A)"
huffman@35700
   269
by auto
huffman@35700
   270
huffman@35700
   271
lemma div2_even_ext_nat:
haftmann@58834
   272
  fixes x y :: nat
haftmann@58834
   273
  assumes "x div 2 = y div 2"
haftmann@58834
   274
  and "even x \<longleftrightarrow> even y"
haftmann@58834
   275
  shows "x = y"
haftmann@58834
   276
proof -
wenzelm@60500
   277
  from \<open>even x \<longleftrightarrow> even y\<close> have "x mod 2 = y mod 2"
haftmann@58834
   278
    by (simp only: even_iff_mod_2_eq_zero) auto
haftmann@58834
   279
  with assms have "x div 2 * 2 + x mod 2 = y div 2 * 2 + y mod 2"
haftmann@58834
   280
    by simp
haftmann@58834
   281
  then show ?thesis
haftmann@58834
   282
    by simp
haftmann@58834
   283
qed
huffman@35700
   284
haftmann@58710
   285
wenzelm@60500
   286
subsubsection \<open>From sets to naturals\<close>
huffman@35700
   287
huffman@35700
   288
definition
huffman@35700
   289
  set_encode :: "nat set \<Rightarrow> nat"
huffman@35700
   290
where
huffman@35700
   291
  "set_encode = setsum (op ^ 2)"
huffman@35700
   292
huffman@35700
   293
lemma set_encode_empty [simp]: "set_encode {} = 0"
huffman@35700
   294
by (simp add: set_encode_def)
huffman@35700
   295
lp15@59506
   296
lemma set_encode_inf: "~ finite A \<Longrightarrow> set_encode A = 0"
lp15@59506
   297
  by (simp add: set_encode_def)
lp15@59506
   298
huffman@35700
   299
lemma set_encode_insert [simp]:
huffman@35700
   300
  "\<lbrakk>finite A; n \<notin> A\<rbrakk> \<Longrightarrow> set_encode (insert n A) = 2^n + set_encode A"
huffman@35700
   301
by (simp add: set_encode_def)
huffman@35700
   302
huffman@35700
   303
lemma even_set_encode_iff: "finite A \<Longrightarrow> even (set_encode A) \<longleftrightarrow> 0 \<notin> A"
huffman@35700
   304
unfolding set_encode_def by (induct set: finite, auto)
huffman@35700
   305
huffman@35700
   306
lemma set_encode_vimage_Suc: "set_encode (Suc -` A) = set_encode A div 2"
huffman@35700
   307
apply (cases "finite A")
huffman@35700
   308
apply (erule finite_induct, simp)
huffman@35700
   309
apply (case_tac x)
haftmann@58710
   310
apply (simp add: even_set_encode_iff vimage_Suc_insert_0)
haftmann@57512
   311
apply (simp add: finite_vimageI add.commute vimage_Suc_insert_Suc)
huffman@35700
   312
apply (simp add: set_encode_def finite_vimage_Suc_iff)
huffman@35700
   313
done
huffman@35700
   314
huffman@35700
   315
lemmas set_encode_div_2 = set_encode_vimage_Suc [symmetric]
huffman@35700
   316
wenzelm@60500
   317
subsubsection \<open>From naturals to sets\<close>
huffman@35700
   318
huffman@35700
   319
definition
huffman@35700
   320
  set_decode :: "nat \<Rightarrow> nat set"
huffman@35700
   321
where
huffman@35700
   322
  "set_decode x = {n. odd (x div 2 ^ n)}"
huffman@35700
   323
huffman@35700
   324
lemma set_decode_0 [simp]: "0 \<in> set_decode x \<longleftrightarrow> odd x"
huffman@35700
   325
by (simp add: set_decode_def)
huffman@35700
   326
huffman@35700
   327
lemma set_decode_Suc [simp]:
huffman@35700
   328
  "Suc n \<in> set_decode x \<longleftrightarrow> n \<in> set_decode (x div 2)"
huffman@35700
   329
by (simp add: set_decode_def div_mult2_eq)
huffman@35700
   330
huffman@35700
   331
lemma set_decode_zero [simp]: "set_decode 0 = {}"
huffman@35700
   332
by (simp add: set_decode_def)
huffman@35700
   333
huffman@35700
   334
lemma set_decode_div_2: "set_decode (x div 2) = Suc -` set_decode x"
huffman@35700
   335
by auto
huffman@35700
   336
huffman@35700
   337
lemma set_decode_plus_power_2:
huffman@35700
   338
  "n \<notin> set_decode z \<Longrightarrow> set_decode (2 ^ n + z) = insert n (set_decode z)"
haftmann@60352
   339
proof (induct n arbitrary: z)
haftmann@60352
   340
  case 0 show ?case
haftmann@60352
   341
  proof (rule set_eqI)
haftmann@60352
   342
    fix q show "q \<in> set_decode (2 ^ 0 + z) \<longleftrightarrow> q \<in> insert 0 (set_decode z)"
haftmann@60352
   343
      by (induct q) (insert 0, simp_all)
haftmann@60352
   344
  qed
haftmann@60352
   345
next
haftmann@60352
   346
  case (Suc n) show ?case
haftmann@60352
   347
  proof (rule set_eqI)
haftmann@60352
   348
    fix q show "q \<in> set_decode (2 ^ Suc n + z) \<longleftrightarrow> q \<in> insert (Suc n) (set_decode z)"
haftmann@60352
   349
      by (induct q) (insert Suc, simp_all)
haftmann@60352
   350
  qed
haftmann@60352
   351
qed
huffman@35700
   352
huffman@35700
   353
lemma finite_set_decode [simp]: "finite (set_decode n)"
huffman@35700
   354
apply (induct n rule: nat_less_induct)
huffman@35700
   355
apply (case_tac "n = 0", simp)
huffman@35700
   356
apply (drule_tac x="n div 2" in spec, simp)
huffman@35700
   357
apply (simp add: set_decode_div_2)
huffman@35700
   358
apply (simp add: finite_vimage_Suc_iff)
huffman@35700
   359
done
huffman@35700
   360
wenzelm@60500
   361
subsubsection \<open>Proof of isomorphism\<close>
huffman@35700
   362
huffman@35700
   363
lemma set_decode_inverse [simp]: "set_encode (set_decode n) = n"
huffman@35700
   364
apply (induct n rule: nat_less_induct)
huffman@35700
   365
apply (case_tac "n = 0", simp)
huffman@35700
   366
apply (drule_tac x="n div 2" in spec, simp)
huffman@35700
   367
apply (simp add: set_decode_div_2 set_encode_vimage_Suc)
huffman@35700
   368
apply (erule div2_even_ext_nat)
huffman@35700
   369
apply (simp add: even_set_encode_iff)
huffman@35700
   370
done
huffman@35700
   371
huffman@35700
   372
lemma set_encode_inverse [simp]: "finite A \<Longrightarrow> set_decode (set_encode A) = A"
huffman@35700
   373
apply (erule finite_induct, simp_all)
huffman@35700
   374
apply (simp add: set_decode_plus_power_2)
huffman@35700
   375
done
huffman@35700
   376
huffman@35700
   377
lemma inj_on_set_encode: "inj_on set_encode (Collect finite)"
huffman@35700
   378
by (rule inj_on_inverseI [where g="set_decode"], simp)
huffman@35700
   379
huffman@35700
   380
lemma set_encode_eq:
huffman@35700
   381
  "\<lbrakk>finite A; finite B\<rbrakk> \<Longrightarrow> set_encode A = set_encode B \<longleftrightarrow> A = B"
huffman@35700
   382
by (rule iffI, simp add: inj_onD [OF inj_on_set_encode], simp)
huffman@35700
   383
paulson@51414
   384
lemma subset_decode_imp_le: assumes "set_decode m \<subseteq> set_decode n" shows "m \<le> n"
paulson@51414
   385
proof -
paulson@51414
   386
  have "n = m + set_encode (set_decode n - set_decode m)"
paulson@51414
   387
  proof -
paulson@51414
   388
    obtain A B where "m = set_encode A" "finite A" 
paulson@51414
   389
                     "n = set_encode B" "finite B"
paulson@51414
   390
      by (metis finite_set_decode set_decode_inverse)
paulson@51414
   391
  thus ?thesis using assms
paulson@51414
   392
    apply auto
haftmann@57512
   393
    apply (simp add: set_encode_def add.commute setsum.subset_diff)
paulson@51414
   394
    done
paulson@51414
   395
  qed
paulson@51414
   396
  thus ?thesis
paulson@51414
   397
    by (metis le_add1)
paulson@51414
   398
qed
paulson@51414
   399
huffman@35700
   400
end