src/HOL/Import/HOLLight/HOLLight.thy
author Cezary Kaliszyk <kaliszyk@in.tum.de>
Sat Jul 16 00:01:17 2011 +0200 (2011-07-16)
changeset 43843 16f2fd9103bd
parent 43786 fea3ed6951e3
child 44633 8a2fd7418435
permissions -rw-r--r--
HOL/Import: Fix errors with _mk_list
     1 (* AUTOMATICALLY GENERATED, DO NOT EDIT! *)
     2 
     3 theory HOLLight imports "../HOLLightCompat" "../HOL4Syntax" begin 
     4 
     5 ;setup_theory hollight
     6 
     7 consts
     8   "_FALSITY_" :: "bool" ("'_FALSITY'_")
     9 
    10 defs
    11   "_FALSITY__def": "_FALSITY_ == False"
    12 
    13 lemma DEF__FALSITY_: "_FALSITY_ = False"
    14   by (import hollight DEF__FALSITY_)
    15 
    16 lemma CONJ_ACI: "(p & q) = (q & p) &
    17 ((p & q) & r) = (p & q & r) &
    18 (p & q & r) = (q & p & r) & (p & p) = p & (p & p & q) = (p & q)"
    19   by (import hollight CONJ_ACI)
    20 
    21 lemma DISJ_ACI: "(p | q) = (q | p) &
    22 ((p | q) | r) = (p | q | r) &
    23 (p | q | r) = (q | p | r) & (p | p) = p & (p | p | q) = (p | q)"
    24   by (import hollight DISJ_ACI)
    25 
    26 lemma IMP_CONJ_ALT: "(p & q --> r) = (q --> p --> r)"
    27   by (import hollight IMP_CONJ_ALT)
    28 
    29 lemma EQ_CLAUSES: "(True = t) = t & (t = True) = t & (False = t) = (~ t) & (t = False) = (~ t)"
    30   by (import hollight EQ_CLAUSES)
    31 
    32 lemma NOT_CLAUSES_WEAK: "(~ True) = False & (~ False) = True"
    33   by (import hollight NOT_CLAUSES_WEAK)
    34 
    35 lemma AND_CLAUSES: "(True & t) = t &
    36 (t & True) = t & (False & t) = False & (t & False) = False & (t & t) = t"
    37   by (import hollight AND_CLAUSES)
    38 
    39 lemma OR_CLAUSES: "(True | t) = True &
    40 (t | True) = True & (False | t) = t & (t | False) = t & (t | t) = t"
    41   by (import hollight OR_CLAUSES)
    42 
    43 lemma IMP_CLAUSES: "(True --> t) = t &
    44 (t --> True) = True &
    45 (False --> t) = True & (t --> t) = True & (t --> False) = (~ t)"
    46   by (import hollight IMP_CLAUSES)
    47 
    48 lemma IMP_EQ_CLAUSE: "((x::'q_851) = x --> (p::bool)) = p"
    49   by (import hollight IMP_EQ_CLAUSE)
    50 
    51 lemma TRIV_EXISTS_AND_THM: "(EX x::'A. (P::bool) & (Q::bool)) = ((EX x::'A. P) & (EX x::'A. Q))"
    52   by (import hollight TRIV_EXISTS_AND_THM)
    53 
    54 lemma TRIV_AND_EXISTS_THM: "((EX x::'A. (P::bool)) & (EX x::'A. (Q::bool))) = (EX x::'A. P & Q)"
    55   by (import hollight TRIV_AND_EXISTS_THM)
    56 
    57 lemma TRIV_FORALL_OR_THM: "(ALL x::'A. (P::bool) | (Q::bool)) = ((ALL x::'A. P) | (ALL x::'A. Q))"
    58   by (import hollight TRIV_FORALL_OR_THM)
    59 
    60 lemma TRIV_OR_FORALL_THM: "((ALL x::'A. (P::bool)) | (ALL x::'A. (Q::bool))) = (ALL x::'A. P | Q)"
    61   by (import hollight TRIV_OR_FORALL_THM)
    62 
    63 lemma TRIV_FORALL_IMP_THM: "(ALL x::'A. (P::bool) --> (Q::bool)) = ((EX x::'A. P) --> (ALL x::'A. Q))"
    64   by (import hollight TRIV_FORALL_IMP_THM)
    65 
    66 lemma TRIV_EXISTS_IMP_THM: "(EX x::'A. (P::bool) --> (Q::bool)) = ((ALL x::'A. P) --> (EX x::'A. Q))"
    67   by (import hollight TRIV_EXISTS_IMP_THM)
    68 
    69 lemma EXISTS_UNIQUE_ALT: "Ex1 (P::'A => bool) = (EX x::'A. ALL y::'A. P y = (x = y))"
    70   by (import hollight EXISTS_UNIQUE_ALT)
    71 
    72 lemma SELECT_UNIQUE: "(!!y::'A. (P::'A => bool) y = (y = (x::'A))) ==> Eps P = x"
    73   by (import hollight SELECT_UNIQUE)
    74 
    75 lemma EXCLUDED_MIDDLE: "t | ~ t"
    76   by (import hollight EXCLUDED_MIDDLE)
    77 
    78 lemma COND_CLAUSES: "(if True then x::'A else (xa::'A)) = x & (if False then x else xa) = xa"
    79   by (import hollight COND_CLAUSES)
    80 
    81 lemma COND_EXPAND: "(if b then t1 else t2) = ((~ b | t1) & (b | t2))"
    82   by (import hollight COND_EXPAND)
    83 
    84 lemma COND_RATOR: "(if b::bool then f::'A => 'B else (g::'A => 'B)) (x::'A) =
    85 (if b then f x else g x)"
    86   by (import hollight COND_RATOR)
    87 
    88 lemma COND_ABS: "(%x::'A. if b::bool then (f::'A => 'B) x else (g::'A => 'B) x) =
    89 (if b then f else g)"
    90   by (import hollight COND_ABS)
    91 
    92 lemma MONO_COND: "[| (A --> B) & (C --> D); if b then A else C |] ==> if b then B else D"
    93   by (import hollight MONO_COND)
    94 
    95 lemma SKOLEM_THM: "(ALL x::'A. Ex ((P::'A => 'B => bool) x)) =
    96 (EX x::'A => 'B. ALL xa::'A. P xa (x xa))"
    97   by (import hollight SKOLEM_THM)
    98 
    99 lemma UNIQUE_SKOLEM_ALT: "(ALL x::'A. Ex1 ((P::'A => 'B => bool) x)) =
   100 (EX f::'A => 'B. ALL (x::'A) y::'B. P x y = (f x = y))"
   101   by (import hollight UNIQUE_SKOLEM_ALT)
   102 
   103 lemma COND_EQ_CLAUSE: "(if (x::'q_2963) = x then y::'q_2956 else (z::'q_2956)) = y"
   104   by (import hollight COND_EQ_CLAUSE)
   105 
   106 lemma bool_RECURSION: "EX x::bool => 'A. x False = (a::'A) & x True = (b::'A)"
   107   by (import hollight bool_RECURSION)
   108 
   109 lemma o_ASSOC: "(f::'C => 'D) o ((g::'B => 'C) o (h::'A => 'B)) = f o g o h"
   110   by (import hollight o_ASSOC)
   111 
   112 lemma I_O_ID: "id o (f::'A => 'B) = f & f o id = f"
   113   by (import hollight I_O_ID)
   114 
   115 lemma EXISTS_ONE_REP: "EX x. x"
   116   by (import hollight EXISTS_ONE_REP)
   117 
   118 lemma one_axiom: "(f::'A => unit) = (x::'A => unit)"
   119   by (import hollight one_axiom)
   120 
   121 lemma one_RECURSION: "EX x::unit => 'A. x () = (e::'A)"
   122   by (import hollight one_RECURSION)
   123 
   124 lemma one_Axiom: "EX! fn::unit => 'A. fn () = (e::'A)"
   125   by (import hollight one_Axiom)
   126 
   127 lemma th_cond: "(b = False --> x = x0) & (b = True --> x = x1) ==> x = (b & x1 | ~ b & x0)"
   128   by (import hollight th_cond)
   129 
   130 definition
   131   LET_END :: "'A => 'A"  where
   132   "LET_END == %t::'A. t"
   133 
   134 lemma DEF_LET_END: "LET_END = (%t::'A. t)"
   135   by (import hollight DEF_LET_END)
   136 
   137 consts
   138   "_SEQPATTERN" :: "('q_4007 => 'q_4004 => bool)
   139 => ('q_4007 => 'q_4004 => bool) => 'q_4007 => 'q_4004 => bool" ("'_SEQPATTERN")
   140 
   141 defs
   142   "_SEQPATTERN_def": "_SEQPATTERN ==
   143 %(r::'q_4007 => 'q_4004 => bool) (s::'q_4007 => 'q_4004 => bool) x::'q_4007.
   144    if Ex (r x) then r x else s x"
   145 
   146 lemma DEF__SEQPATTERN: "_SEQPATTERN =
   147 (%(r::'q_4007 => 'q_4004 => bool) (s::'q_4007 => 'q_4004 => bool)
   148     x::'q_4007. if Ex (r x) then r x else s x)"
   149   by (import hollight DEF__SEQPATTERN)
   150 
   151 consts
   152   "_UNGUARDED_PATTERN" :: "bool => bool => bool" ("'_UNGUARDED'_PATTERN")
   153 
   154 defs
   155   "_UNGUARDED_PATTERN_def": "_UNGUARDED_PATTERN == op &"
   156 
   157 lemma DEF__UNGUARDED_PATTERN: "_UNGUARDED_PATTERN = op &"
   158   by (import hollight DEF__UNGUARDED_PATTERN)
   159 
   160 consts
   161   "_GUARDED_PATTERN" :: "bool => bool => bool => bool" ("'_GUARDED'_PATTERN")
   162 
   163 defs
   164   "_GUARDED_PATTERN_def": "_GUARDED_PATTERN == %p g r. p & g & r"
   165 
   166 lemma DEF__GUARDED_PATTERN: "_GUARDED_PATTERN = (%p g r. p & g & r)"
   167   by (import hollight DEF__GUARDED_PATTERN)
   168 
   169 consts
   170   "_MATCH" :: "'q_4049 => ('q_4049 => 'q_4053 => bool) => 'q_4053" ("'_MATCH")
   171 
   172 defs
   173   "_MATCH_def": "_MATCH ==
   174 %(e::'q_4049) r::'q_4049 => 'q_4053 => bool.
   175    if Ex1 (r e) then Eps (r e) else SOME z::'q_4053. False"
   176 
   177 lemma DEF__MATCH: "_MATCH =
   178 (%(e::'q_4049) r::'q_4049 => 'q_4053 => bool.
   179     if Ex1 (r e) then Eps (r e) else SOME z::'q_4053. False)"
   180   by (import hollight DEF__MATCH)
   181 
   182 consts
   183   "_FUNCTION" :: "('q_4071 => 'q_4075 => bool) => 'q_4071 => 'q_4075" ("'_FUNCTION")
   184 
   185 defs
   186   "_FUNCTION_def": "_FUNCTION ==
   187 %(r::'q_4071 => 'q_4075 => bool) x::'q_4071.
   188    if Ex1 (r x) then Eps (r x) else SOME z::'q_4075. False"
   189 
   190 lemma DEF__FUNCTION: "_FUNCTION =
   191 (%(r::'q_4071 => 'q_4075 => bool) x::'q_4071.
   192     if Ex1 (r x) then Eps (r x) else SOME z::'q_4075. False)"
   193   by (import hollight DEF__FUNCTION)
   194 
   195 lemma PAIR_EXISTS_THM: "EX (x::'A => 'B => bool) (a::'A) b::'B. x = Pair_Rep a b"
   196   by (import hollight PAIR_EXISTS_THM)
   197 
   198 lemma pair_RECURSION: "EX x::'A * 'B => 'C.
   199    ALL (a0::'A) a1::'B. x (a0, a1) = (PAIR'::'A => 'B => 'C) a0 a1"
   200   by (import hollight pair_RECURSION)
   201 
   202 definition
   203   UNCURRY :: "('A => 'B => 'C) => 'A * 'B => 'C"  where
   204   "UNCURRY == %(u::'A => 'B => 'C) ua::'A * 'B. u (fst ua) (snd ua)"
   205 
   206 lemma DEF_UNCURRY: "UNCURRY = (%(u::'A => 'B => 'C) ua::'A * 'B. u (fst ua) (snd ua))"
   207   by (import hollight DEF_UNCURRY)
   208 
   209 definition
   210   PASSOC :: "(('A * 'B) * 'C => 'D) => 'A * 'B * 'C => 'D"  where
   211   "PASSOC ==
   212 %(u::('A * 'B) * 'C => 'D) ua::'A * 'B * 'C.
   213    u ((fst ua, fst (snd ua)), snd (snd ua))"
   214 
   215 lemma DEF_PASSOC: "PASSOC =
   216 (%(u::('A * 'B) * 'C => 'D) ua::'A * 'B * 'C.
   217     u ((fst ua, fst (snd ua)), snd (snd ua)))"
   218   by (import hollight DEF_PASSOC)
   219 
   220 lemma LAMBDA_PAIR_THM: "(x::'q_4547 * 'q_4546 => 'q_4539) =
   221 (SOME f::'q_4547 * 'q_4546 => 'q_4539.
   222     ALL (xa::'q_4547) y::'q_4546. f (xa, y) = x (xa, y))"
   223   by (import hollight LAMBDA_PAIR_THM)
   224 
   225 lemma FORALL_PAIRED_THM: "All (SOME f::'q_4576 * 'q_4575 => bool.
   226         ALL (x::'q_4576) y::'q_4575.
   227            f (x, y) = (P::'q_4576 => 'q_4575 => bool) x y) =
   228 (ALL x::'q_4576. All (P x))"
   229   by (import hollight FORALL_PAIRED_THM)
   230 
   231 lemma EXISTS_PAIRED_THM: "Ex (SOME f::'q_4612 * 'q_4611 => bool.
   232        ALL (x::'q_4612) y::'q_4611.
   233           f (x, y) = (P::'q_4612 => 'q_4611 => bool) x y) =
   234 (EX x::'q_4612. Ex (P x))"
   235   by (import hollight EXISTS_PAIRED_THM)
   236 
   237 lemma FORALL_TRIPLED_THM: "All (SOME f::'q_4649 * 'q_4648 * 'q_4647 => bool.
   238         ALL (x::'q_4649) (y::'q_4648) z::'q_4647.
   239            f (x, y, z) = (P::'q_4649 => 'q_4648 => 'q_4647 => bool) x y z) =
   240 (ALL (x::'q_4649) y::'q_4648. All (P x y))"
   241   by (import hollight FORALL_TRIPLED_THM)
   242 
   243 lemma EXISTS_TRIPLED_THM: "Ex (SOME f::'q_4695 * 'q_4694 * 'q_4693 => bool.
   244        ALL (x::'q_4695) (y::'q_4694) z::'q_4693.
   245           f (x, y, z) = (P::'q_4695 => 'q_4694 => 'q_4693 => bool) x y z) =
   246 (EX (x::'q_4695) y::'q_4694. Ex (P x y))"
   247   by (import hollight EXISTS_TRIPLED_THM)
   248 
   249 lemma IND_SUC_0_EXISTS: "EX (x::ind => ind) z::ind.
   250    (ALL (x1::ind) x2::ind. (x x1 = x x2) = (x1 = x2)) &
   251    (ALL xa::ind. x xa ~= z)"
   252   by (import hollight IND_SUC_0_EXISTS)
   253 
   254 definition
   255   IND_SUC :: "ind => ind"  where
   256   "IND_SUC ==
   257 SOME f. EX z. (ALL x1 x2. (f x1 = f x2) = (x1 = x2)) & (ALL x. f x ~= z)"
   258 
   259 lemma DEF_IND_SUC: "IND_SUC =
   260 (SOME f. EX z. (ALL x1 x2. (f x1 = f x2) = (x1 = x2)) & (ALL x. f x ~= z))"
   261   by (import hollight DEF_IND_SUC)
   262 
   263 definition
   264   IND_0 :: "ind"  where
   265   "IND_0 ==
   266 SOME z.
   267    (ALL x1 x2. (IND_SUC x1 = IND_SUC x2) = (x1 = x2)) &
   268    (ALL x. IND_SUC x ~= z)"
   269 
   270 lemma DEF_IND_0: "IND_0 =
   271 (SOME z.
   272     (ALL x1 x2. (IND_SUC x1 = IND_SUC x2) = (x1 = x2)) &
   273     (ALL x. IND_SUC x ~= z))"
   274   by (import hollight DEF_IND_0)
   275 
   276 definition
   277   NUM_REP :: "ind => bool"  where
   278   "NUM_REP ==
   279 %a. ALL NUM_REP'.
   280        (ALL a.
   281            a = IND_0 | (EX i. a = IND_SUC i & NUM_REP' i) -->
   282            NUM_REP' a) -->
   283        NUM_REP' a"
   284 
   285 lemma DEF_NUM_REP: "NUM_REP =
   286 (%a. ALL NUM_REP'.
   287         (ALL a.
   288             a = IND_0 | (EX i. a = IND_SUC i & NUM_REP' i) -->
   289             NUM_REP' a) -->
   290         NUM_REP' a)"
   291   by (import hollight DEF_NUM_REP)
   292 
   293 lemma num_RECURSION_STD: "EX fn::nat => 'Z.
   294    fn (0::nat) = (e::'Z) &
   295    (ALL n::nat. fn (Suc n) = (f::nat => 'Z => 'Z) n (fn n))"
   296   by (import hollight num_RECURSION_STD)
   297 
   298 lemma ADD_CLAUSES: "(ALL x::nat. (0::nat) + x = x) &
   299 (ALL x::nat. x + (0::nat) = x) &
   300 (ALL (x::nat) xa::nat. Suc x + xa = Suc (x + xa)) &
   301 (ALL (x::nat) xa::nat. x + Suc xa = Suc (x + xa))"
   302   by (import hollight ADD_CLAUSES)
   303 
   304 lemma ADD_AC: "(m::nat) + (n::nat) = n + m &
   305 m + n + (p::nat) = m + (n + p) & m + (n + p) = n + (m + p)"
   306   by (import hollight ADD_AC)
   307 
   308 lemma EQ_ADD_LCANCEL_0: "((m::nat) + (n::nat) = m) = (n = (0::nat))"
   309   by (import hollight EQ_ADD_LCANCEL_0)
   310 
   311 lemma EQ_ADD_RCANCEL_0: "((x::nat) + (xa::nat) = xa) = (x = (0::nat))"
   312   by (import hollight EQ_ADD_RCANCEL_0)
   313 
   314 lemma BIT1: "2 * x + 1 = Suc (x + x)"
   315   by (import hollight BIT1)
   316 
   317 lemma BIT1_THM: "2 * x + 1 = Suc (x + x)"
   318   by (import hollight BIT1_THM)
   319 
   320 lemma TWO: "2 = Suc 1"
   321   by (import hollight TWO)
   322 
   323 lemma MULT_CLAUSES: "(ALL x::nat. (0::nat) * x = (0::nat)) &
   324 (ALL x::nat. x * (0::nat) = (0::nat)) &
   325 (ALL x::nat. (1::nat) * x = x) &
   326 (ALL x::nat. x * (1::nat) = x) &
   327 (ALL (x::nat) xa::nat. Suc x * xa = x * xa + xa) &
   328 (ALL (x::nat) xa::nat. x * Suc xa = x + x * xa)"
   329   by (import hollight MULT_CLAUSES)
   330 
   331 lemma MULT_AC: "(m::nat) * (n::nat) = n * m &
   332 m * n * (p::nat) = m * (n * p) & m * (n * p) = n * (m * p)"
   333   by (import hollight MULT_AC)
   334 
   335 lemma EXP_EQ_1: "((x::nat) ^ (n::nat) = (1::nat)) = (x = (1::nat) | n = (0::nat))"
   336   by (import hollight EXP_EQ_1)
   337 
   338 lemma LT_ANTISYM: "~ ((m::nat) < (n::nat) & n < m)"
   339   by (import hollight LT_ANTISYM)
   340 
   341 lemma LET_ANTISYM: "~ ((m::nat) <= (n::nat) & n < m)"
   342   by (import hollight LET_ANTISYM)
   343 
   344 lemma LTE_ANTISYM: "~ ((x::nat) < (xa::nat) & xa <= x)"
   345   by (import hollight LTE_ANTISYM)
   346 
   347 lemma LT_CASES: "(m::nat) < (n::nat) | n < m | m = n"
   348   by (import hollight LT_CASES)
   349 
   350 lemma LTE_CASES: "(x::nat) < (xa::nat) | xa <= x"
   351   by (import hollight LTE_CASES)
   352 
   353 lemma LE_1: "(ALL x::nat. x ~= (0::nat) --> (0::nat) < x) &
   354 (ALL x::nat. x ~= (0::nat) --> (1::nat) <= x) &
   355 (ALL x>0::nat. x ~= (0::nat)) &
   356 (ALL x>0::nat. (1::nat) <= x) &
   357 (ALL x>=1::nat. (0::nat) < x) & (ALL x>=1::nat. x ~= (0::nat))"
   358   by (import hollight LE_1)
   359 
   360 lemma LT_EXISTS: "(m < n) = (EX d. n = m + Suc d)"
   361   by (import hollight LT_EXISTS)
   362 
   363 lemma LT_ADD: "((m::nat) < m + (n::nat)) = ((0::nat) < n)"
   364   by (import hollight LT_ADD)
   365 
   366 lemma LT_ADDR: "((xa::nat) < (x::nat) + xa) = ((0::nat) < x)"
   367   by (import hollight LT_ADDR)
   368 
   369 lemma LT_LMULT: "(m::nat) ~= (0::nat) & (n::nat) < (p::nat) ==> m * n < m * p"
   370   by (import hollight LT_LMULT)
   371 
   372 lemma LE_MULT_LCANCEL: "((m::nat) * (n::nat) <= m * (p::nat)) = (m = (0::nat) | n <= p)"
   373   by (import hollight LE_MULT_LCANCEL)
   374 
   375 lemma LE_MULT_RCANCEL: "((x::nat) * (xb::nat) <= (xa::nat) * xb) = (x <= xa | xb = (0::nat))"
   376   by (import hollight LE_MULT_RCANCEL)
   377 
   378 lemma LT_MULT_LCANCEL: "((m::nat) * (n::nat) < m * (p::nat)) = (m ~= (0::nat) & n < p)"
   379   by (import hollight LT_MULT_LCANCEL)
   380 
   381 lemma LT_MULT_RCANCEL: "((x::nat) * (xb::nat) < (xa::nat) * xb) = (x < xa & xb ~= (0::nat))"
   382   by (import hollight LT_MULT_RCANCEL)
   383 
   384 lemma LT_MULT2: "(m::nat) < (n::nat) & (p::nat) < (q::nat) ==> m * p < n * q"
   385   by (import hollight LT_MULT2)
   386 
   387 lemma WLOG_LE: "(ALL (m::nat) n::nat. (P::nat => nat => bool) m n = P n m) &
   388 (ALL (m::nat) n::nat. m <= n --> P m n)
   389 ==> P (m::nat) (x::nat)"
   390   by (import hollight WLOG_LE)
   391 
   392 lemma WLOG_LT: "(ALL m::nat. (P::nat => nat => bool) m m) &
   393 (ALL (m::nat) n::nat. P m n = P n m) &
   394 (ALL (m::nat) n::nat. m < n --> P m n)
   395 ==> P (m::nat) (x::nat)"
   396   by (import hollight WLOG_LT)
   397 
   398 lemma num_WOP: "Ex (P::nat => bool) = (EX n::nat. P n & (ALL m<n. ~ P m))"
   399   by (import hollight num_WOP)
   400 
   401 lemma num_MAX: "(Ex (P::nat => bool) & (EX M::nat. ALL x::nat. P x --> x <= M)) =
   402 (EX m::nat. P m & (ALL x::nat. P x --> x <= m))"
   403   by (import hollight num_MAX)
   404 
   405 lemma NOT_EVEN: "odd (n::nat) = odd n"
   406   by (import hollight NOT_EVEN)
   407 
   408 lemma NOT_ODD: "(~ odd (n::nat)) = even n"
   409   by (import hollight NOT_ODD)
   410 
   411 lemma EVEN_OR_ODD: "even (n::nat) | odd n"
   412   by (import hollight EVEN_OR_ODD)
   413 
   414 lemma EVEN_AND_ODD: "~ (even (x::nat) & odd x)"
   415   by (import hollight EVEN_AND_ODD)
   416 
   417 lemma EVEN_EXP: "even ((m::nat) ^ (n::nat)) = (even m & n ~= (0::nat))"
   418   by (import hollight EVEN_EXP)
   419 
   420 lemma ODD_MULT: "odd ((m::nat) * (n::nat)) = (odd m & odd n)"
   421   by (import hollight ODD_MULT)
   422 
   423 lemma ODD_EXP: "odd ((m::nat) ^ (n::nat)) = (odd m | n = (0::nat))"
   424   by (import hollight ODD_EXP)
   425 
   426 lemma EVEN_DOUBLE: "even ((2::nat) * (n::nat))"
   427   by (import hollight EVEN_DOUBLE)
   428 
   429 lemma ODD_DOUBLE: "odd (Suc (2 * x))"
   430   by (import hollight ODD_DOUBLE)
   431 
   432 lemma EVEN_EXISTS_LEMMA: "(even n --> (EX m. n = 2 * m)) & (odd n --> (EX m. n = Suc (2 * m)))"
   433   by (import hollight EVEN_EXISTS_LEMMA)
   434 
   435 lemma EVEN_ODD_DECOMPOSITION: "(EX (k::nat) m::nat. odd m & (n::nat) = (2::nat) ^ k * m) = (n ~= (0::nat))"
   436   by (import hollight EVEN_ODD_DECOMPOSITION)
   437 
   438 lemma SUB_0: "(0::nat) - (x::nat) = (0::nat) & x - (0::nat) = x"
   439   by (import hollight SUB_0)
   440 
   441 lemma SUB_PRESUC: "Suc m - n - Suc 0 = m - n"
   442   by (import hollight SUB_PRESUC)
   443 
   444 lemma ADD_SUBR: "(xa::nat) - ((x::nat) + xa) = (0::nat)"
   445   by (import hollight ADD_SUBR)
   446 
   447 lemma EVEN_SUB: "even ((m::nat) - (n::nat)) = (m <= n | even m = even n)"
   448   by (import hollight EVEN_SUB)
   449 
   450 lemma ODD_SUB: "odd ((x::nat) - (xa::nat)) = (xa < x & odd x ~= odd xa)"
   451   by (import hollight ODD_SUB)
   452 
   453 lemma EXP_LT_0: "((0::nat) < (xa::nat) ^ (x::nat)) = (xa ~= (0::nat) | x = (0::nat))"
   454   by (import hollight EXP_LT_0)
   455 
   456 lemma LT_EXP: "((x::nat) ^ (m::nat) < x ^ (n::nat)) =
   457 ((2::nat) <= x & m < n | x = (0::nat) & m ~= (0::nat) & n = (0::nat))"
   458   by (import hollight LT_EXP)
   459 
   460 lemma LE_EXP: "((x::nat) ^ (m::nat) <= x ^ (n::nat)) =
   461 (if x = (0::nat) then m = (0::nat) --> n = (0::nat)
   462  else x = (1::nat) | m <= n)"
   463   by (import hollight LE_EXP)
   464 
   465 lemma EQ_EXP: "((x::nat) ^ (m::nat) = x ^ (n::nat)) =
   466 (if x = (0::nat) then (m = (0::nat)) = (n = (0::nat))
   467  else x = (1::nat) | m = n)"
   468   by (import hollight EQ_EXP)
   469 
   470 lemma EXP_MONO_LE_IMP: "(x::nat) <= (xa::nat) ==> x ^ (xb::nat) <= xa ^ xb"
   471   by (import hollight EXP_MONO_LE_IMP)
   472 
   473 lemma EXP_MONO_LT_IMP: "(x::nat) < (y::nat) & (n::nat) ~= (0::nat) ==> x ^ n < y ^ n"
   474   by (import hollight EXP_MONO_LT_IMP)
   475 
   476 lemma EXP_MONO_LE: "((x::nat) ^ (n::nat) <= (y::nat) ^ n) = (x <= y | n = (0::nat))"
   477   by (import hollight EXP_MONO_LE)
   478 
   479 lemma EXP_MONO_LT: "((x::nat) ^ (xb::nat) < (xa::nat) ^ xb) = (x < xa & xb ~= (0::nat))"
   480   by (import hollight EXP_MONO_LT)
   481 
   482 lemma EXP_MONO_EQ: "((x::nat) ^ (xb::nat) = (xa::nat) ^ xb) = (x = xa | xb = (0::nat))"
   483   by (import hollight EXP_MONO_EQ)
   484 
   485 lemma DIVMOD_EXIST: "(n::nat) ~= (0::nat) ==> EX (q::nat) r::nat. (m::nat) = q * n + r & r < n"
   486   by (import hollight DIVMOD_EXIST)
   487 
   488 lemma DIVMOD_EXIST_0: "EX (x::nat) xa::nat.
   489    if (n::nat) = (0::nat) then x = (0::nat) & xa = (m::nat)
   490    else m = x * n + xa & xa < n"
   491   by (import hollight DIVMOD_EXIST_0)
   492 
   493 lemma DIVISION: "(n::nat) ~= (0::nat) ==> (m::nat) = m div n * n + m mod n & m mod n < n"
   494   by (import hollight DIVISION)
   495 
   496 lemma DIVMOD_UNIQ_LEMMA: "((m::nat) = (q1::nat) * (n::nat) + (r1::nat) & r1 < n) &
   497 m = (q2::nat) * n + (r2::nat) & r2 < n
   498 ==> q1 = q2 & r1 = r2"
   499   by (import hollight DIVMOD_UNIQ_LEMMA)
   500 
   501 lemma DIVMOD_UNIQ: "(m::nat) = (q::nat) * (n::nat) + (r::nat) & r < n
   502 ==> m div n = q & m mod n = r"
   503   by (import hollight DIVMOD_UNIQ)
   504 
   505 lemma MOD_UNIQ: "(m::nat) = (q::nat) * (n::nat) + (r::nat) & r < n ==> m mod n = r"
   506   by (import hollight MOD_UNIQ)
   507 
   508 lemma DIV_UNIQ: "(m::nat) = (q::nat) * (n::nat) + (r::nat) & r < n ==> m div n = q"
   509   by (import hollight DIV_UNIQ)
   510 
   511 lemma MOD_EQ: "(m::nat) = (n::nat) + (q::nat) * (p::nat) ==> m mod p = n mod p"
   512   by (import hollight MOD_EQ)
   513 
   514 lemma DIV_LE: "(n::nat) ~= (0::nat) ==> (m::nat) div n <= m"
   515   by (import hollight DIV_LE)
   516 
   517 lemma DIV_MUL_LE: "(n::nat) * ((m::nat) div n) <= m"
   518   by (import hollight DIV_MUL_LE)
   519 
   520 lemma MOD_MOD: "(n::nat) * (p::nat) ~= (0::nat) ==> (m::nat) mod (n * p) mod n = m mod n"
   521   by (import hollight MOD_MOD)
   522 
   523 lemma MOD_MOD_REFL: "(n::nat) ~= (0::nat) ==> (m::nat) mod n mod n = m mod n"
   524   by (import hollight MOD_MOD_REFL)
   525 
   526 lemma DIV_MULT2: "(x::nat) * (xb::nat) ~= (0::nat) ==> x * (xa::nat) div (x * xb) = xa div xb"
   527   by (import hollight DIV_MULT2)
   528 
   529 lemma MOD_MULT2: "(x::nat) * (xb::nat) ~= (0::nat)
   530 ==> x * (xa::nat) mod (x * xb) = x * (xa mod xb)"
   531   by (import hollight MOD_MULT2)
   532 
   533 lemma MOD_EXISTS: "(EX q::nat. (m::nat) = (n::nat) * q) =
   534 (if n = (0::nat) then m = (0::nat) else m mod n = (0::nat))"
   535   by (import hollight MOD_EXISTS)
   536 
   537 lemma LE_RDIV_EQ: "(a::nat) ~= (0::nat) ==> ((n::nat) <= (b::nat) div a) = (a * n <= b)"
   538   by (import hollight LE_RDIV_EQ)
   539 
   540 lemma LE_LDIV_EQ: "(a::nat) ~= (0::nat)
   541 ==> ((b::nat) div a <= (n::nat)) = (b < a * (n + (1::nat)))"
   542   by (import hollight LE_LDIV_EQ)
   543 
   544 lemma LE_LDIV: "(x::nat) ~= (0::nat) & (xa::nat) <= x * (xb::nat) ==> xa div x <= xb"
   545   by (import hollight LE_LDIV)
   546 
   547 lemma DIV_MONO: "(p::nat) ~= (0::nat) & (m::nat) <= (n::nat) ==> m div p <= n div p"
   548   by (import hollight DIV_MONO)
   549 
   550 lemma DIV_MONO_LT: "(p::nat) ~= (0::nat) & (m::nat) + p <= (n::nat) ==> m div p < n div p"
   551   by (import hollight DIV_MONO_LT)
   552 
   553 lemma DIV_EQ_0: "(n::nat) ~= (0::nat) ==> ((m::nat) div n = (0::nat)) = (m < n)"
   554   by (import hollight DIV_EQ_0)
   555 
   556 lemma MOD_EQ_0: "(n::nat) ~= (0::nat)
   557 ==> ((m::nat) mod n = (0::nat)) = (EX q::nat. m = q * n)"
   558   by (import hollight MOD_EQ_0)
   559 
   560 lemma EVEN_MOD: "even (n::nat) = (n mod (2::nat) = (0::nat))"
   561   by (import hollight EVEN_MOD)
   562 
   563 lemma ODD_MOD: "odd (n::nat) = (n mod (2::nat) = (1::nat))"
   564   by (import hollight ODD_MOD)
   565 
   566 lemma MOD_MULT_RMOD: "(n::nat) ~= (0::nat) ==> (m::nat) * ((p::nat) mod n) mod n = m * p mod n"
   567   by (import hollight MOD_MULT_RMOD)
   568 
   569 lemma MOD_MULT_LMOD: "(xa::nat) ~= (0::nat) ==> (x::nat) mod xa * (xb::nat) mod xa = x * xb mod xa"
   570   by (import hollight MOD_MULT_LMOD)
   571 
   572 lemma MOD_MULT_MOD2: "(xa::nat) ~= (0::nat)
   573 ==> (x::nat) mod xa * ((xb::nat) mod xa) mod xa = x * xb mod xa"
   574   by (import hollight MOD_MULT_MOD2)
   575 
   576 lemma MOD_EXP_MOD: "(n::nat) ~= (0::nat) ==> ((m::nat) mod n) ^ (p::nat) mod n = m ^ p mod n"
   577   by (import hollight MOD_EXP_MOD)
   578 
   579 lemma MOD_ADD_MOD: "(n::nat) ~= (0::nat)
   580 ==> ((a::nat) mod n + (b::nat) mod n) mod n = (a + b) mod n"
   581   by (import hollight MOD_ADD_MOD)
   582 
   583 lemma DIV_ADD_MOD: "(n::nat) ~= (0::nat)
   584 ==> (((a::nat) + (b::nat)) mod n = a mod n + b mod n) =
   585     ((a + b) div n = a div n + b div n)"
   586   by (import hollight DIV_ADD_MOD)
   587 
   588 lemma MOD_LE: "(n::nat) ~= (0::nat) ==> (m::nat) mod n <= m"
   589   by (import hollight MOD_LE)
   590 
   591 lemma DIV_MONO2: "(p::nat) ~= (0::nat) & p <= (m::nat) ==> (n::nat) div m <= n div p"
   592   by (import hollight DIV_MONO2)
   593 
   594 lemma DIV_LE_EXCLUSION: "(b::nat) ~= (0::nat) & b * (c::nat) < ((a::nat) + (1::nat)) * (d::nat)
   595 ==> c div d <= a div b"
   596   by (import hollight DIV_LE_EXCLUSION)
   597 
   598 lemma DIV_EQ_EXCLUSION: "(b::nat) * (c::nat) < ((a::nat) + (1::nat)) * (d::nat) &
   599 a * d < (c + (1::nat)) * b
   600 ==> a div b = c div d"
   601   by (import hollight DIV_EQ_EXCLUSION)
   602 
   603 lemma MULT_DIV_LE: "(p::nat) ~= (0::nat) ==> (m::nat) * ((n::nat) div p) <= m * n div p"
   604   by (import hollight MULT_DIV_LE)
   605 
   606 lemma DIV_DIV: "(xa::nat) * (xb::nat) ~= (0::nat)
   607 ==> (x::nat) div xa div xb = x div (xa * xb)"
   608   by (import hollight DIV_DIV)
   609 
   610 lemma DIV_MOD: "(xa::nat) * (xb::nat) ~= (0::nat)
   611 ==> (x::nat) div xa mod xb = x mod (xa * xb) div xa"
   612   by (import hollight DIV_MOD)
   613 
   614 lemma PRE_ELIM_THM: "P (n - Suc 0) = (ALL m. n = Suc m | m = 0 & n = 0 --> P m)"
   615   by (import hollight PRE_ELIM_THM)
   616 
   617 lemma SUB_ELIM_THM: "(P::nat => bool) ((a::nat) - (b::nat)) =
   618 (ALL d::nat. a = b + d | a < b & d = (0::nat) --> P d)"
   619   by (import hollight SUB_ELIM_THM)
   620 
   621 lemma DIVMOD_ELIM_THM: "(P::nat => nat => bool) ((m::nat) div (n::nat)) (m mod n) =
   622 (ALL (x::nat) xa::nat.
   623     n = (0::nat) & x = (0::nat) & xa = m | m = x * n + xa & xa < n -->
   624     P x xa)"
   625   by (import hollight DIVMOD_ELIM_THM)
   626 
   627 definition
   628   minimal :: "(nat => bool) => nat"  where
   629   "minimal == %u. SOME n. u n & (ALL m<n. ~ u m)"
   630 
   631 lemma DEF_minimal: "minimal = (%u. SOME n. u n & (ALL m<n. ~ u m))"
   632   by (import hollight DEF_minimal)
   633 
   634 lemma MINIMAL: "Ex P = (P (minimal P) & (ALL x<minimal P. ~ P x))"
   635   by (import hollight MINIMAL)
   636 
   637 lemma TRANSITIVE_STEPWISE_LT_EQ: "(!!x y z. R x y & R y z ==> R x z)
   638 ==> (ALL m n. m < n --> R m n) = (ALL n. R n (Suc n))"
   639   by (import hollight TRANSITIVE_STEPWISE_LT_EQ)
   640 
   641 lemma TRANSITIVE_STEPWISE_LT: "[| (ALL x y z. R x y & R y z --> R x z) & (ALL n. R n (Suc n)); m < n |]
   642 ==> R m n"
   643   by (import hollight TRANSITIVE_STEPWISE_LT)
   644 
   645 lemma TRANSITIVE_STEPWISE_LE_EQ: "(ALL x. R x x) & (ALL x y z. R x y & R y z --> R x z)
   646 ==> (ALL m n. m <= n --> R m n) = (ALL n. R n (Suc n))"
   647   by (import hollight TRANSITIVE_STEPWISE_LE_EQ)
   648 
   649 lemma TRANSITIVE_STEPWISE_LE: "[| (ALL x. R x x) &
   650    (ALL x y z. R x y & R y z --> R x z) & (ALL n. R n (Suc n));
   651    m <= n |]
   652 ==> R m n"
   653   by (import hollight TRANSITIVE_STEPWISE_LE)
   654 
   655 lemma WF_EQ: "wfP (u_556::'A => 'A => bool) =
   656 (ALL P::'A => bool.
   657     Ex P = (EX x::'A. P x & (ALL y::'A. u_556 y x --> ~ P y)))"
   658   by (import hollight WF_EQ)
   659 
   660 lemma WF_IND: "wfP (u_556::'A => 'A => bool) =
   661 (ALL P::'A => bool.
   662     (ALL x::'A. (ALL y::'A. u_556 y x --> P y) --> P x) --> All P)"
   663   by (import hollight WF_IND)
   664 
   665 lemma WF_DCHAIN: "wfP (u_556::'A => 'A => bool) =
   666 (~ (EX s::nat => 'A. ALL n::nat. u_556 (s (Suc n)) (s n)))"
   667   by (import hollight WF_DCHAIN)
   668 
   669 lemma WF_UREC: "[| wfP (u_556::'A => 'A => bool);
   670    !!(f::'A => 'B) (g::'A => 'B) x::'A.
   671       (!!z::'A. u_556 z x ==> f z = g z)
   672       ==> (H::('A => 'B) => 'A => 'B) f x = H g x;
   673    (ALL x::'A. (f::'A => 'B) x = H f x) &
   674    (ALL x::'A. (g::'A => 'B) x = H g x) |]
   675 ==> f = g"
   676   by (import hollight WF_UREC)
   677 
   678 lemma WF_UREC_WF: "(!!(H::('A => bool) => 'A => bool) (f::'A => bool) g::'A => bool.
   679     [| !!(f::'A => bool) (g::'A => bool) x::'A.
   680           (!!z::'A. (u_556::'A => 'A => bool) z x ==> f z = g z)
   681           ==> H f x = H g x;
   682        (ALL x::'A. f x = H f x) & (ALL x::'A. g x = H g x) |]
   683     ==> f = g)
   684 ==> wfP u_556"
   685   by (import hollight WF_UREC_WF)
   686 
   687 lemma WF_REC_INVARIANT: "[| wfP (u_556::'A => 'A => bool);
   688    !!(f::'A => 'B) (g::'A => 'B) x::'A.
   689       (!!z::'A. u_556 z x ==> f z = g z & (S::'A => 'B => bool) z (f z))
   690       ==> (H::('A => 'B) => 'A => 'B) f x = H g x & S x (H f x) |]
   691 ==> EX f::'A => 'B. ALL x::'A. f x = H f x"
   692   by (import hollight WF_REC_INVARIANT)
   693 
   694 lemma WF_REC: "[| wfP (u_556::'A => 'A => bool);
   695    !!(f::'A => 'B) (g::'A => 'B) x::'A.
   696       (!!z::'A. u_556 z x ==> f z = g z)
   697       ==> (H::('A => 'B) => 'A => 'B) f x = H g x |]
   698 ==> EX f::'A => 'B. ALL x::'A. f x = H f x"
   699   by (import hollight WF_REC)
   700 
   701 lemma WF_REC_WF: "(!!H::('A => nat) => 'A => nat.
   702     (!!(f::'A => nat) (g::'A => nat) x::'A.
   703         (!!z::'A. (u_556::'A => 'A => bool) z x ==> f z = g z)
   704         ==> H f x = H g x)
   705     ==> EX f::'A => nat. ALL x::'A. f x = H f x)
   706 ==> wfP u_556"
   707   by (import hollight WF_REC_WF)
   708 
   709 lemma WF_EREC: "[| wfP (u_556::'A => 'A => bool);
   710    !!(f::'A => 'B) (g::'A => 'B) x::'A.
   711       (!!z::'A. u_556 z x ==> f z = g z)
   712       ==> (H::('A => 'B) => 'A => 'B) f x = H g x |]
   713 ==> EX! f::'A => 'B. ALL x::'A. f x = H f x"
   714   by (import hollight WF_EREC)
   715 
   716 lemma WF_SUBSET: "(ALL (x::'A) y::'A.
   717     (u_556::'A => 'A => bool) x y --> (u_670::'A => 'A => bool) x y) &
   718 wfP u_670
   719 ==> wfP u_556"
   720   by (import hollight WF_SUBSET)
   721 
   722 lemma WF_MEASURE_GEN: "wfP (u_556::'B => 'B => bool)
   723 ==> wfP (%(x::'A) x'::'A. u_556 ((m::'A => 'B) x) (m x'))"
   724   by (import hollight WF_MEASURE_GEN)
   725 
   726 lemma WF_LEX_DEPENDENT: "wfP (R::'A => 'A => bool) & (ALL x::'A. wfP ((S::'A => 'B => 'B => bool) x))
   727 ==> wfP (SOME f::'A * 'B => 'A * 'B => bool.
   728             ALL (r1::'A) s1::'B.
   729                f (r1, s1) =
   730                (SOME f::'A * 'B => bool.
   731                    ALL (r2::'A) s2::'B.
   732                       f (r2, s2) = (R r1 r2 | r1 = r2 & S r1 s1 s2)))"
   733   by (import hollight WF_LEX_DEPENDENT)
   734 
   735 lemma WF_LEX: "wfP (x::'A => 'A => bool) & wfP (xa::'B => 'B => bool)
   736 ==> wfP (SOME f::'A * 'B => 'A * 'B => bool.
   737             ALL (r1::'A) s1::'B.
   738                f (r1, s1) =
   739                (SOME f::'A * 'B => bool.
   740                    ALL (r2::'A) s2::'B.
   741                       f (r2, s2) = (x r1 r2 | r1 = r2 & xa s1 s2)))"
   742   by (import hollight WF_LEX)
   743 
   744 lemma WF_POINTWISE: "wfP (u_556::'A => 'A => bool) & wfP (u_670::'B => 'B => bool)
   745 ==> wfP (SOME f::'A * 'B => 'A * 'B => bool.
   746             ALL (x1::'A) y1::'B.
   747                f (x1, y1) =
   748                (SOME f::'A * 'B => bool.
   749                    ALL (x2::'A) y2::'B.
   750                       f (x2, y2) = (u_556 x1 x2 & u_670 y1 y2)))"
   751   by (import hollight WF_POINTWISE)
   752 
   753 lemma WF_num: "(wfP::(nat => nat => bool) => bool) (op <::nat => nat => bool)"
   754   by (import hollight WF_num)
   755 
   756 lemma WF_REC_num: "(!!(f::nat => 'A) (g::nat => 'A) x::nat.
   757     (!!z::nat. z < x ==> f z = g z)
   758     ==> (H::(nat => 'A) => nat => 'A) f x = H g x)
   759 ==> EX f::nat => 'A. ALL x::nat. f x = H f x"
   760   by (import hollight WF_REC_num)
   761 
   762 lemma WF_MEASURE: "wfP (%(a::'A) b::'A. measure (m::'A => nat) (a, b))"
   763   by (import hollight WF_MEASURE)
   764 
   765 lemma MEASURE_LE: "(ALL x::'q_12099.
   766     measure (m::'q_12099 => nat) (x, a::'q_12099) -->
   767     measure m (x, b::'q_12099)) =
   768 (m a <= m b)"
   769   by (import hollight MEASURE_LE)
   770 
   771 lemma WF_REFL: "wfP (u_556::'A => 'A => bool) ==> ~ u_556 (x::'A) x"
   772   by (import hollight WF_REFL)
   773 
   774 lemma WF_REC_TAIL: "EX f::'A => 'B.
   775    ALL x::'A.
   776       f x =
   777       (if (P::'A => bool) x then f ((g::'A => 'A) x) else (h::'A => 'B) x)"
   778   by (import hollight WF_REC_TAIL)
   779 
   780 lemma WF_REC_TAIL_GENERAL: "wfP (u_556::'A => 'A => bool) &
   781 (ALL (f::'A => 'B) (g::'A => 'B) x::'A.
   782     (ALL z::'A. u_556 z x --> f z = g z) -->
   783     (P::('A => 'B) => 'A => bool) f x = P g x &
   784     (G::('A => 'B) => 'A => 'A) f x = G g x &
   785     (H::('A => 'B) => 'A => 'B) f x = H g x) &
   786 (ALL (f::'A => 'B) (g::'A => 'B) x::'A.
   787     (ALL z::'A. u_556 z x --> f z = g z) --> H f x = H g x) &
   788 (ALL (f::'A => 'B) (x::'A) y::'A. P f x & u_556 y (G f x) --> u_556 y x)
   789 ==> EX f::'A => 'B. ALL x::'A. f x = (if P f x then f (G f x) else H f x)"
   790   by (import hollight WF_REC_TAIL_GENERAL)
   791 
   792 lemma ARITH_ZERO: "(0::nat) = (0::nat) & (0::nat) = (0::nat)"
   793   by (import hollight ARITH_ZERO)
   794 
   795 lemma ARITH_SUC: "(ALL x. Suc x = Suc x) &
   796 Suc 0 = 1 &
   797 (ALL x. Suc (2 * x) = 2 * x + 1) & (ALL x. Suc (2 * x + 1) = 2 * Suc x)"
   798   by (import hollight ARITH_SUC)
   799 
   800 lemma ARITH_PRE: "(ALL x. x - Suc 0 = x - Suc 0) &
   801 0 - Suc 0 = 0 &
   802 (ALL x. 2 * x - Suc 0 = (if x = 0 then 0 else 2 * (x - Suc 0) + 1)) &
   803 (ALL x. 2 * x + 1 - Suc 0 = 2 * x)"
   804   by (import hollight ARITH_PRE)
   805 
   806 lemma ARITH_ADD: "(ALL (x::nat) xa::nat. x + xa = x + xa) &
   807 (0::nat) + (0::nat) = (0::nat) &
   808 (ALL x::nat. (0::nat) + (2::nat) * x = (2::nat) * x) &
   809 (ALL x::nat.
   810     (0::nat) + ((2::nat) * x + (1::nat)) = (2::nat) * x + (1::nat)) &
   811 (ALL x::nat. (2::nat) * x + (0::nat) = (2::nat) * x) &
   812 (ALL x::nat. (2::nat) * x + (1::nat) + (0::nat) = (2::nat) * x + (1::nat)) &
   813 (ALL (x::nat) xa::nat. (2::nat) * x + (2::nat) * xa = (2::nat) * (x + xa)) &
   814 (ALL (x::nat) xa::nat.
   815     (2::nat) * x + ((2::nat) * xa + (1::nat)) =
   816     (2::nat) * (x + xa) + (1::nat)) &
   817 (ALL (x::nat) xa::nat.
   818     (2::nat) * x + (1::nat) + (2::nat) * xa =
   819     (2::nat) * (x + xa) + (1::nat)) &
   820 (ALL (x::nat) xa::nat.
   821     (2::nat) * x + (1::nat) + ((2::nat) * xa + (1::nat)) =
   822     (2::nat) * Suc (x + xa))"
   823   by (import hollight ARITH_ADD)
   824 
   825 lemma ARITH_MULT: "(ALL (x::nat) xa::nat. x * xa = x * xa) &
   826 (0::nat) * (0::nat) = (0::nat) &
   827 (ALL x::nat. (0::nat) * ((2::nat) * x) = (0::nat)) &
   828 (ALL x::nat. (0::nat) * ((2::nat) * x + (1::nat)) = (0::nat)) &
   829 (ALL x::nat. (2::nat) * x * (0::nat) = (0::nat)) &
   830 (ALL x::nat. ((2::nat) * x + (1::nat)) * (0::nat) = (0::nat)) &
   831 (ALL (x::nat) xa::nat.
   832     (2::nat) * x * ((2::nat) * xa) = (2::nat) * ((2::nat) * (x * xa))) &
   833 (ALL (x::nat) xa::nat.
   834     (2::nat) * x * ((2::nat) * xa + (1::nat)) =
   835     (2::nat) * x + (2::nat) * ((2::nat) * (x * xa))) &
   836 (ALL (x::nat) xa::nat.
   837     ((2::nat) * x + (1::nat)) * ((2::nat) * xa) =
   838     (2::nat) * xa + (2::nat) * ((2::nat) * (x * xa))) &
   839 (ALL (x::nat) xa::nat.
   840     ((2::nat) * x + (1::nat)) * ((2::nat) * xa + (1::nat)) =
   841     (2::nat) * x + (1::nat) +
   842     ((2::nat) * xa + (2::nat) * ((2::nat) * (x * xa))))"
   843   by (import hollight ARITH_MULT)
   844 
   845 lemma ARITH_EXP: "(ALL (x::nat) xa::nat. x ^ xa = x ^ xa) &
   846 (0::nat) ^ (0::nat) = (1::nat) &
   847 (ALL m::nat. ((2::nat) * m) ^ (0::nat) = (1::nat)) &
   848 (ALL m::nat. ((2::nat) * m + (1::nat)) ^ (0::nat) = (1::nat)) &
   849 (ALL n::nat. (0::nat) ^ ((2::nat) * n) = (0::nat) ^ n * (0::nat) ^ n) &
   850 (ALL (m::nat) n::nat.
   851     ((2::nat) * m) ^ ((2::nat) * n) =
   852     ((2::nat) * m) ^ n * ((2::nat) * m) ^ n) &
   853 (ALL (m::nat) n::nat.
   854     ((2::nat) * m + (1::nat)) ^ ((2::nat) * n) =
   855     ((2::nat) * m + (1::nat)) ^ n * ((2::nat) * m + (1::nat)) ^ n) &
   856 (ALL n::nat. (0::nat) ^ ((2::nat) * n + (1::nat)) = (0::nat)) &
   857 (ALL (m::nat) n::nat.
   858     ((2::nat) * m) ^ ((2::nat) * n + (1::nat)) =
   859     (2::nat) * m * (((2::nat) * m) ^ n * ((2::nat) * m) ^ n)) &
   860 (ALL (m::nat) n::nat.
   861     ((2::nat) * m + (1::nat)) ^ ((2::nat) * n + (1::nat)) =
   862     ((2::nat) * m + (1::nat)) *
   863     (((2::nat) * m + (1::nat)) ^ n * ((2::nat) * m + (1::nat)) ^ n))"
   864   by (import hollight ARITH_EXP)
   865 
   866 lemma ARITH_EVEN: "(ALL x::nat. even x = even x) &
   867 even (0::nat) = True &
   868 (ALL x::nat. even ((2::nat) * x) = True) &
   869 (ALL x::nat. even ((2::nat) * x + (1::nat)) = False)"
   870   by (import hollight ARITH_EVEN)
   871 
   872 lemma ARITH_ODD: "(ALL x::nat. odd x = odd x) &
   873 odd (0::nat) = False &
   874 (ALL x::nat. odd ((2::nat) * x) = False) &
   875 (ALL x::nat. odd ((2::nat) * x + (1::nat)) = True)"
   876   by (import hollight ARITH_ODD)
   877 
   878 lemma ARITH_LE: "(ALL (x::nat) xa::nat. (x <= xa) = (x <= xa)) &
   879 ((0::nat) <= (0::nat)) = True &
   880 (ALL x::nat. ((2::nat) * x <= (0::nat)) = (x <= (0::nat))) &
   881 (ALL x::nat. ((2::nat) * x + (1::nat) <= (0::nat)) = False) &
   882 (ALL x::nat. ((0::nat) <= (2::nat) * x) = True) &
   883 (ALL x::nat. ((0::nat) <= (2::nat) * x + (1::nat)) = True) &
   884 (ALL (x::nat) xa::nat. ((2::nat) * x <= (2::nat) * xa) = (x <= xa)) &
   885 (ALL (x::nat) xa::nat.
   886     ((2::nat) * x <= (2::nat) * xa + (1::nat)) = (x <= xa)) &
   887 (ALL (x::nat) xa::nat.
   888     ((2::nat) * x + (1::nat) <= (2::nat) * xa) = (x < xa)) &
   889 (ALL (x::nat) xa::nat.
   890     ((2::nat) * x + (1::nat) <= (2::nat) * xa + (1::nat)) = (x <= xa))"
   891   by (import hollight ARITH_LE)
   892 
   893 lemma ARITH_LT: "(ALL (x::nat) xa::nat. (x < xa) = (x < xa)) &
   894 ((0::nat) < (0::nat)) = False &
   895 (ALL x::nat. ((2::nat) * x < (0::nat)) = False) &
   896 (ALL x::nat. ((2::nat) * x + (1::nat) < (0::nat)) = False) &
   897 (ALL x::nat. ((0::nat) < (2::nat) * x) = ((0::nat) < x)) &
   898 (ALL x::nat. ((0::nat) < (2::nat) * x + (1::nat)) = True) &
   899 (ALL (x::nat) xa::nat. ((2::nat) * x < (2::nat) * xa) = (x < xa)) &
   900 (ALL (x::nat) xa::nat.
   901     ((2::nat) * x < (2::nat) * xa + (1::nat)) = (x <= xa)) &
   902 (ALL (x::nat) xa::nat.
   903     ((2::nat) * x + (1::nat) < (2::nat) * xa) = (x < xa)) &
   904 (ALL (x::nat) xa::nat.
   905     ((2::nat) * x + (1::nat) < (2::nat) * xa + (1::nat)) = (x < xa))"
   906   by (import hollight ARITH_LT)
   907 
   908 lemma ARITH_EQ: "(ALL (x::nat) xa::nat. (x = xa) = (x = xa)) &
   909 ((0::nat) = (0::nat)) = True &
   910 (ALL x::nat. ((2::nat) * x = (0::nat)) = (x = (0::nat))) &
   911 (ALL x::nat. ((2::nat) * x + (1::nat) = (0::nat)) = False) &
   912 (ALL x::nat. ((0::nat) = (2::nat) * x) = ((0::nat) = x)) &
   913 (ALL x::nat. ((0::nat) = (2::nat) * x + (1::nat)) = False) &
   914 (ALL (x::nat) xa::nat. ((2::nat) * x = (2::nat) * xa) = (x = xa)) &
   915 (ALL (x::nat) xa::nat. ((2::nat) * x = (2::nat) * xa + (1::nat)) = False) &
   916 (ALL (x::nat) xa::nat. ((2::nat) * x + (1::nat) = (2::nat) * xa) = False) &
   917 (ALL (x::nat) xa::nat.
   918     ((2::nat) * x + (1::nat) = (2::nat) * xa + (1::nat)) = (x = xa))"
   919   by (import hollight ARITH_EQ)
   920 
   921 lemma ARITH_SUB: "(ALL (x::nat) xa::nat. x - xa = x - xa) &
   922 (0::nat) - (0::nat) = (0::nat) &
   923 (ALL x::nat. (0::nat) - (2::nat) * x = (0::nat)) &
   924 (ALL x::nat. (0::nat) - ((2::nat) * x + (1::nat)) = (0::nat)) &
   925 (ALL x::nat. (2::nat) * x - (0::nat) = (2::nat) * x) &
   926 (ALL x::nat. (2::nat) * x + (1::nat) - (0::nat) = (2::nat) * x + (1::nat)) &
   927 (ALL (m::nat) n::nat. (2::nat) * m - (2::nat) * n = (2::nat) * (m - n)) &
   928 (ALL (m::nat) n::nat.
   929     (2::nat) * m - ((2::nat) * n + (1::nat)) =
   930     (2::nat) * (m - n) - Suc (0::nat)) &
   931 (ALL (m::nat) n::nat.
   932     (2::nat) * m + (1::nat) - (2::nat) * n =
   933     (if n <= m then (2::nat) * (m - n) + (1::nat) else (0::nat))) &
   934 (ALL (m::nat) n::nat.
   935     (2::nat) * m + (1::nat) - ((2::nat) * n + (1::nat)) =
   936     (2::nat) * (m - n))"
   937   by (import hollight ARITH_SUB)
   938 
   939 lemma right_th: "(s::nat) * ((2::nat) * (x::nat) + (1::nat)) = s + (2::nat) * (s * x)"
   940   by (import hollight right_th)
   941 
   942 lemma SEMIRING_PTHS: "(ALL (x::'A) (y::'A) z::'A.
   943     (add::'A => 'A => 'A) x (add y z) = add (add x y) z) &
   944 (ALL (x::'A) y::'A. add x y = add y x) &
   945 (ALL x::'A. add (r0::'A) x = x) &
   946 (ALL (x::'A) (y::'A) z::'A.
   947     (mul::'A => 'A => 'A) x (mul y z) = mul (mul x y) z) &
   948 (ALL (x::'A) y::'A. mul x y = mul y x) &
   949 (ALL x::'A. mul (r1::'A) x = x) &
   950 (ALL x::'A. mul r0 x = r0) &
   951 (ALL (x::'A) (y::'A) z::'A. mul x (add y z) = add (mul x y) (mul x z)) &
   952 (ALL x::'A. (pwr::'A => nat => 'A) x (0::nat) = r1) &
   953 (ALL (x::'A) n::nat. pwr x (Suc n) = mul x (pwr x n))
   954 ==> mul r1 (x::'A) = x &
   955     add (mul (a::'A) (m::'A)) (mul (b::'A) m) = mul (add a b) m &
   956     add (mul a m) m = mul (add a r1) m &
   957     add m (mul a m) = mul (add a r1) m &
   958     add m m = mul (add r1 r1) m &
   959     mul r0 m = r0 &
   960     add r0 a = a &
   961     add a r0 = a &
   962     mul a b = mul b a &
   963     mul (add a b) (c::'A) = add (mul a c) (mul b c) &
   964     mul r0 a = r0 &
   965     mul a r0 = r0 &
   966     mul r1 a = a &
   967     mul a r1 = a &
   968     mul (mul (lx::'A) (ly::'A)) (mul (rx::'A) (ry::'A)) =
   969     mul (mul lx rx) (mul ly ry) &
   970     mul (mul lx ly) (mul rx ry) = mul lx (mul ly (mul rx ry)) &
   971     mul (mul lx ly) (mul rx ry) = mul rx (mul (mul lx ly) ry) &
   972     mul (mul lx ly) rx = mul (mul lx rx) ly &
   973     mul (mul lx ly) rx = mul lx (mul ly rx) &
   974     mul lx rx = mul rx lx &
   975     mul lx (mul rx ry) = mul (mul lx rx) ry &
   976     mul lx (mul rx ry) = mul rx (mul lx ry) &
   977     add (add a b) (add c (d::'A)) = add (add a c) (add b d) &
   978     add (add a b) c = add a (add b c) &
   979     add a (add c d) = add c (add a d) &
   980     add (add a b) c = add (add a c) b &
   981     add a c = add c a &
   982     add a (add c d) = add (add a c) d &
   983     mul (pwr x (p::nat)) (pwr x (q::nat)) = pwr x (p + q) &
   984     mul x (pwr x q) = pwr x (Suc q) &
   985     mul (pwr x q) x = pwr x (Suc q) &
   986     mul x x = pwr x (2::nat) &
   987     pwr (mul x (y::'A)) q = mul (pwr x q) (pwr y q) &
   988     pwr (pwr x p) q = pwr x (p * q) &
   989     pwr x (0::nat) = r1 &
   990     pwr x (1::nat) = x &
   991     mul x (add y (z::'A)) = add (mul x y) (mul x z) &
   992     pwr x (Suc q) = mul x (pwr x q)"
   993   by (import hollight SEMIRING_PTHS)
   994 
   995 lemma NUM_INTEGRAL_LEMMA: "(w::nat) = (x::nat) + (d::nat) & (y::nat) = (z::nat) + (e::nat)
   996 ==> (w * y + x * z = w * z + x * y) = (w = x | y = z)"
   997   by (import hollight NUM_INTEGRAL_LEMMA)
   998 
   999 lemma NUM_INTEGRAL: "(ALL x::nat. (0::nat) * x = (0::nat)) &
  1000 (ALL (x::nat) (xa::nat) xb::nat. (x + xa = x + xb) = (xa = xb)) &
  1001 (ALL (w::nat) (x::nat) (y::nat) z::nat.
  1002     (w * y + x * z = w * z + x * y) = (w = x | y = z))"
  1003   by (import hollight NUM_INTEGRAL)
  1004 
  1005 lemma INJ_INVERSE2: "(!!(x1::'A) (y1::'B) (x2::'A) y2::'B.
  1006     ((P::'A => 'B => 'C) x1 y1 = P x2 y2) = (x1 = x2 & y1 = y2))
  1007 ==> EX (x::'C => 'A) Y::'C => 'B.
  1008        ALL (xa::'A) y::'B. x (P xa y) = xa & Y (P xa y) = y"
  1009   by (import hollight INJ_INVERSE2)
  1010 
  1011 definition
  1012   NUMPAIR :: "nat => nat => nat"  where
  1013   "NUMPAIR == %u ua. 2 ^ u * (2 * ua + 1)"
  1014 
  1015 lemma DEF_NUMPAIR: "NUMPAIR = (%u ua. 2 ^ u * (2 * ua + 1))"
  1016   by (import hollight DEF_NUMPAIR)
  1017 
  1018 lemma NUMPAIR_INJ_LEMMA: "NUMPAIR x xa = NUMPAIR xb xc ==> x = xb"
  1019   by (import hollight NUMPAIR_INJ_LEMMA)
  1020 
  1021 lemma NUMPAIR_INJ: "(NUMPAIR x1 y1 = NUMPAIR x2 y2) = (x1 = x2 & y1 = y2)"
  1022   by (import hollight NUMPAIR_INJ)
  1023 
  1024 definition
  1025   NUMFST :: "nat => nat"  where
  1026   "NUMFST == SOME X. EX Y. ALL x y. X (NUMPAIR x y) = x & Y (NUMPAIR x y) = y"
  1027 
  1028 lemma DEF_NUMFST: "NUMFST = (SOME X. EX Y. ALL x y. X (NUMPAIR x y) = x & Y (NUMPAIR x y) = y)"
  1029   by (import hollight DEF_NUMFST)
  1030 
  1031 definition
  1032   NUMSND :: "nat => nat"  where
  1033   "NUMSND == SOME Y. ALL x y. NUMFST (NUMPAIR x y) = x & Y (NUMPAIR x y) = y"
  1034 
  1035 lemma DEF_NUMSND: "NUMSND = (SOME Y. ALL x y. NUMFST (NUMPAIR x y) = x & Y (NUMPAIR x y) = y)"
  1036   by (import hollight DEF_NUMSND)
  1037 
  1038 definition
  1039   NUMSUM :: "bool => nat => nat"  where
  1040   "NUMSUM == %u ua. if u then Suc (2 * ua) else 2 * ua"
  1041 
  1042 lemma DEF_NUMSUM: "NUMSUM = (%u ua. if u then Suc (2 * ua) else 2 * ua)"
  1043   by (import hollight DEF_NUMSUM)
  1044 
  1045 lemma NUMSUM_INJ: "(NUMSUM b1 x1 = NUMSUM b2 x2) = (b1 = b2 & x1 = x2)"
  1046   by (import hollight NUMSUM_INJ)
  1047 
  1048 definition
  1049   NUMLEFT :: "nat => bool"  where
  1050   "NUMLEFT == SOME X. EX Y. ALL x y. X (NUMSUM x y) = x & Y (NUMSUM x y) = y"
  1051 
  1052 lemma DEF_NUMLEFT: "NUMLEFT = (SOME X. EX Y. ALL x y. X (NUMSUM x y) = x & Y (NUMSUM x y) = y)"
  1053   by (import hollight DEF_NUMLEFT)
  1054 
  1055 definition
  1056   NUMRIGHT :: "nat => nat"  where
  1057   "NUMRIGHT == SOME Y. ALL x y. NUMLEFT (NUMSUM x y) = x & Y (NUMSUM x y) = y"
  1058 
  1059 lemma DEF_NUMRIGHT: "NUMRIGHT = (SOME Y. ALL x y. NUMLEFT (NUMSUM x y) = x & Y (NUMSUM x y) = y)"
  1060   by (import hollight DEF_NUMRIGHT)
  1061 
  1062 definition
  1063   INJN :: "nat => nat => 'A => bool"  where
  1064   "INJN == %(u::nat) (n::nat) a::'A. n = u"
  1065 
  1066 lemma DEF_INJN: "INJN = (%(u::nat) (n::nat) a::'A. n = u)"
  1067   by (import hollight DEF_INJN)
  1068 
  1069 lemma INJN_INJ: "(op =::bool => bool => bool)
  1070  ((op =::(nat => 'A::type => bool) => (nat => 'A::type => bool) => bool)
  1071    ((INJN::nat => nat => 'A::type => bool) (n1::nat))
  1072    ((INJN::nat => nat => 'A::type => bool) (n2::nat)))
  1073  ((op =::nat => nat => bool) n1 n2)"
  1074   by (import hollight INJN_INJ)
  1075 
  1076 definition
  1077   INJA :: "'A => nat => 'A => bool"  where
  1078   "INJA == %(u::'A) (n::nat) b::'A. b = u"
  1079 
  1080 lemma DEF_INJA: "INJA = (%(u::'A) (n::nat) b::'A. b = u)"
  1081   by (import hollight DEF_INJA)
  1082 
  1083 lemma INJA_INJ: "(INJA (a1::'A) = INJA (a2::'A)) = (a1 = a2)"
  1084   by (import hollight INJA_INJ)
  1085 
  1086 definition
  1087   INJF :: "(nat => nat => 'A => bool) => nat => 'A => bool"  where
  1088   "INJF == %(u::nat => nat => 'A => bool) n::nat. u (NUMFST n) (NUMSND n)"
  1089 
  1090 lemma DEF_INJF: "INJF = (%(u::nat => nat => 'A => bool) n::nat. u (NUMFST n) (NUMSND n))"
  1091   by (import hollight DEF_INJF)
  1092 
  1093 lemma INJF_INJ: "(INJF (f1::nat => nat => 'A => bool) =
  1094  INJF (f2::nat => nat => 'A => bool)) =
  1095 (f1 = f2)"
  1096   by (import hollight INJF_INJ)
  1097 
  1098 definition
  1099   INJP :: "(nat => 'A => bool) => (nat => 'A => bool) => nat => 'A => bool"  where
  1100   "INJP ==
  1101 %(u::nat => 'A => bool) (ua::nat => 'A => bool) (n::nat) a::'A.
  1102    if NUMLEFT n then u (NUMRIGHT n) a else ua (NUMRIGHT n) a"
  1103 
  1104 lemma DEF_INJP: "INJP =
  1105 (%(u::nat => 'A => bool) (ua::nat => 'A => bool) (n::nat) a::'A.
  1106     if NUMLEFT n then u (NUMRIGHT n) a else ua (NUMRIGHT n) a)"
  1107   by (import hollight DEF_INJP)
  1108 
  1109 lemma INJP_INJ: "(INJP (f1::nat => 'A => bool) (f2::nat => 'A => bool) =
  1110  INJP (f1'::nat => 'A => bool) (f2'::nat => 'A => bool)) =
  1111 (f1 = f1' & f2 = f2')"
  1112   by (import hollight INJP_INJ)
  1113 
  1114 definition
  1115   ZCONSTR :: "nat => 'A => (nat => nat => 'A => bool) => nat => 'A => bool"  where
  1116   "ZCONSTR ==
  1117 %(u::nat) (ua::'A) ub::nat => nat => 'A => bool.
  1118    INJP (INJN (Suc u)) (INJP (INJA ua) (INJF ub))"
  1119 
  1120 lemma DEF_ZCONSTR: "ZCONSTR =
  1121 (%(u::nat) (ua::'A) ub::nat => nat => 'A => bool.
  1122     INJP (INJN (Suc u)) (INJP (INJA ua) (INJF ub)))"
  1123   by (import hollight DEF_ZCONSTR)
  1124 
  1125 definition
  1126   ZBOT :: "nat => 'A => bool"  where
  1127   "ZBOT == INJP (INJN (0::nat)) (SOME z::nat => 'A => bool. True)"
  1128 
  1129 lemma DEF_ZBOT: "ZBOT = INJP (INJN (0::nat)) (SOME z::nat => 'A => bool. True)"
  1130   by (import hollight DEF_ZBOT)
  1131 
  1132 lemma ZCONSTR_ZBOT: "ZCONSTR (x::nat) (xa::'A) (xb::nat => nat => 'A => bool) ~= ZBOT"
  1133   by (import hollight ZCONSTR_ZBOT)
  1134 
  1135 definition
  1136   ZRECSPACE :: "(nat => 'A => bool) => bool"  where
  1137   "ZRECSPACE ==
  1138 %a::nat => 'A => bool.
  1139    ALL ZRECSPACE'::(nat => 'A => bool) => bool.
  1140       (ALL a::nat => 'A => bool.
  1141           a = ZBOT |
  1142           (EX (c::nat) (i::'A) r::nat => nat => 'A => bool.
  1143               a = ZCONSTR c i r & (ALL n::nat. ZRECSPACE' (r n))) -->
  1144           ZRECSPACE' a) -->
  1145       ZRECSPACE' a"
  1146 
  1147 lemma DEF_ZRECSPACE: "ZRECSPACE =
  1148 (%a::nat => 'A => bool.
  1149     ALL ZRECSPACE'::(nat => 'A => bool) => bool.
  1150        (ALL a::nat => 'A => bool.
  1151            a = ZBOT |
  1152            (EX (c::nat) (i::'A) r::nat => nat => 'A => bool.
  1153                a = ZCONSTR c i r & (ALL n::nat. ZRECSPACE' (r n))) -->
  1154            ZRECSPACE' a) -->
  1155        ZRECSPACE' a)"
  1156   by (import hollight DEF_ZRECSPACE)
  1157 
  1158 typedef (open) ('A) recspace = "Collect ZRECSPACE"  morphisms "_dest_rec" "_mk_rec"
  1159   apply (rule light_ex_imp_nonempty[where t="ZBOT"])
  1160   by (import hollight TYDEF_recspace)
  1161 
  1162 syntax
  1163   "_dest_rec" :: _ ("'_dest'_rec")
  1164 
  1165 syntax
  1166   "_mk_rec" :: _ ("'_mk'_rec")
  1167 
  1168 lemmas "TYDEF_recspace_@intern" = typedef_hol2hollight 
  1169   [where a="a :: 'A recspace" and r=r ,
  1170    OF type_definition_recspace]
  1171 
  1172 definition
  1173   BOTTOM :: "'A recspace"  where
  1174   "BOTTOM == _mk_rec ZBOT"
  1175 
  1176 lemma DEF_BOTTOM: "BOTTOM = _mk_rec ZBOT"
  1177   by (import hollight DEF_BOTTOM)
  1178 
  1179 definition
  1180   CONSTR :: "nat => 'A => (nat => 'A recspace) => 'A recspace"  where
  1181   "CONSTR ==
  1182 %(u::nat) (ua::'A::type) ub::nat => 'A::type recspace.
  1183    _mk_rec (ZCONSTR u ua (%n::nat. _dest_rec (ub n)))"
  1184 
  1185 lemma DEF_CONSTR: "CONSTR =
  1186 (%(u::nat) (ua::'A::type) ub::nat => 'A::type recspace.
  1187     _mk_rec (ZCONSTR u ua (%n::nat. _dest_rec (ub n))))"
  1188   by (import hollight DEF_CONSTR)
  1189 
  1190 lemma MK_REC_INJ: "[| _mk_rec (x::nat => 'A::type => bool) =
  1191    _mk_rec (y::nat => 'A::type => bool);
  1192    ZRECSPACE x & ZRECSPACE y |]
  1193 ==> x = y"
  1194   by (import hollight MK_REC_INJ)
  1195 
  1196 lemma CONSTR_BOT: "CONSTR (c::nat) (i::'A) (r::nat => 'A recspace) ~= BOTTOM"
  1197   by (import hollight CONSTR_BOT)
  1198 
  1199 lemma CONSTR_INJ: "(CONSTR (c1::nat) (i1::'A) (r1::nat => 'A recspace) =
  1200  CONSTR (c2::nat) (i2::'A) (r2::nat => 'A recspace)) =
  1201 (c1 = c2 & i1 = i2 & r1 = r2)"
  1202   by (import hollight CONSTR_INJ)
  1203 
  1204 lemma CONSTR_IND: "(P::'A recspace => bool) BOTTOM &
  1205 (ALL (c::nat) (i::'A) r::nat => 'A recspace.
  1206     (ALL n::nat. P (r n)) --> P (CONSTR c i r))
  1207 ==> P (x::'A recspace)"
  1208   by (import hollight CONSTR_IND)
  1209 
  1210 lemma CONSTR_REC: "EX f::'A recspace => 'B.
  1211    ALL (c::nat) (i::'A) r::nat => 'A recspace.
  1212       f (CONSTR c i r) =
  1213       (Fn::nat => 'A => (nat => 'A recspace) => (nat => 'B) => 'B) c i r
  1214        (%n::nat. f (r n))"
  1215   by (import hollight CONSTR_REC)
  1216 
  1217 definition
  1218   FCONS :: "'A => (nat => 'A) => nat => 'A"  where
  1219   "FCONS ==
  1220 SOME FCONS::'A => (nat => 'A) => nat => 'A.
  1221    (ALL (a::'A) f::nat => 'A. FCONS a f (0::nat) = a) &
  1222    (ALL (a::'A) (f::nat => 'A) n::nat. FCONS a f (Suc n) = f n)"
  1223 
  1224 lemma DEF_FCONS: "FCONS =
  1225 (SOME FCONS::'A => (nat => 'A) => nat => 'A.
  1226     (ALL (a::'A) f::nat => 'A. FCONS a f (0::nat) = a) &
  1227     (ALL (a::'A) (f::nat => 'A) n::nat. FCONS a f (Suc n) = f n))"
  1228   by (import hollight DEF_FCONS)
  1229 
  1230 lemma FCONS_UNDO: "(f::nat => 'A) = FCONS (f (0::nat)) (f o Suc)"
  1231   by (import hollight FCONS_UNDO)
  1232 
  1233 definition
  1234   FNIL :: "nat => 'A"  where
  1235   "FNIL == %u::nat. SOME x::'A. True"
  1236 
  1237 lemma DEF_FNIL: "FNIL = (%u::nat. SOME x::'A. True)"
  1238   by (import hollight DEF_FNIL)
  1239 
  1240 definition
  1241   ISO :: "('A => 'B) => ('B => 'A) => bool"  where
  1242   "ISO ==
  1243 %(u::'A => 'B) ua::'B => 'A.
  1244    (ALL x::'B. u (ua x) = x) & (ALL y::'A. ua (u y) = y)"
  1245 
  1246 lemma DEF_ISO: "ISO =
  1247 (%(u::'A => 'B) ua::'B => 'A.
  1248     (ALL x::'B. u (ua x) = x) & (ALL y::'A. ua (u y) = y))"
  1249   by (import hollight DEF_ISO)
  1250 
  1251 lemma ISO_REFL: "ISO (%x::'A. x) (%x::'A. x)"
  1252   by (import hollight ISO_REFL)
  1253 
  1254 lemma ISO_FUN: "ISO (f::'A => 'A') (f'::'A' => 'A) & ISO (g::'B => 'B') (g'::'B' => 'B)
  1255 ==> ISO (%(h::'A => 'B) a'::'A'. g (h (f' a')))
  1256      (%(h::'A' => 'B') a::'A. g' (h (f a)))"
  1257   by (import hollight ISO_FUN)
  1258 
  1259 lemma ISO_USAGE: "ISO (f::'q_17485 => 'q_17482) (g::'q_17482 => 'q_17485)
  1260 ==> (ALL P::'q_17485 => bool. All P = (ALL x::'q_17482. P (g x))) &
  1261     (ALL P::'q_17485 => bool. Ex P = (EX x::'q_17482. P (g x))) &
  1262     (ALL (a::'q_17485) b::'q_17482. (a = g b) = (f a = b))"
  1263   by (import hollight ISO_USAGE)
  1264 
  1265 typedef (open) char = "{a. ALL char'.
  1266        (ALL a.
  1267            (EX a0 a1 a2 a3 a4 a5 a6 a7.
  1268                a =
  1269                CONSTR (NUMERAL 0) (a0, a1, a2, a3, a4, a5, a6, a7)
  1270                 (%n. BOTTOM)) -->
  1271            char' a) -->
  1272        char' a}"  morphisms "_dest_char" "_mk_char"
  1273   apply (rule light_ex_imp_nonempty[where t="CONSTR (NUMERAL 0) (a0, a1, a2, a3, a4, a5, a6, a7) (%n. BOTTOM)"])
  1274   by (import hollight TYDEF_char)
  1275 
  1276 syntax
  1277   "_dest_char" :: _ ("'_dest'_char")
  1278 
  1279 syntax
  1280   "_mk_char" :: _ ("'_mk'_char")
  1281 
  1282 lemmas "TYDEF_char_@intern" = typedef_hol2hollight 
  1283   [where a="a :: hollight.char" and r=r ,
  1284    OF type_definition_char]
  1285 
  1286 consts
  1287   "_11937" :: "bool
  1288 => bool => bool => bool => bool => bool => bool => bool => hollight.char" ("'_11937")
  1289 
  1290 defs
  1291   "_11937_def": "_11937 ==
  1292 %(a0::bool) (a1::bool) (a2::bool) (a3::bool) (a4::bool) (a5::bool)
  1293    (a6::bool) a7::bool.
  1294    _mk_char
  1295     (CONSTR (0::nat) (a0, a1, a2, a3, a4, a5, a6, a7) (%n::nat. BOTTOM))"
  1296 
  1297 lemma DEF__11937: "_11937 =
  1298 (%(a0::bool) (a1::bool) (a2::bool) (a3::bool) (a4::bool) (a5::bool)
  1299     (a6::bool) a7::bool.
  1300     _mk_char
  1301      (CONSTR (0::nat) (a0, a1, a2, a3, a4, a5, a6, a7) (%n::nat. BOTTOM)))"
  1302   by (import hollight DEF__11937)
  1303 
  1304 definition
  1305   ASCII :: "bool
  1306 => bool => bool => bool => bool => bool => bool => bool => hollight.char"  where
  1307   "ASCII == _11937"
  1308 
  1309 lemma DEF_ASCII: "ASCII = _11937"
  1310   by (import hollight DEF_ASCII)
  1311 
  1312 consts
  1313   dist :: "nat * nat => nat" 
  1314 
  1315 defs
  1316   dist_def: "hollight.dist == %u. fst u - snd u + (snd u - fst u)"
  1317 
  1318 lemma DEF_dist: "hollight.dist = (%u. fst u - snd u + (snd u - fst u))"
  1319   by (import hollight DEF_dist)
  1320 
  1321 lemma DIST_REFL: "hollight.dist (x, x) = 0"
  1322   by (import hollight DIST_REFL)
  1323 
  1324 lemma DIST_LZERO: "hollight.dist (0, x) = x"
  1325   by (import hollight DIST_LZERO)
  1326 
  1327 lemma DIST_RZERO: "hollight.dist (x, 0) = x"
  1328   by (import hollight DIST_RZERO)
  1329 
  1330 lemma DIST_SYM: "hollight.dist (x, xa) = hollight.dist (xa, x)"
  1331   by (import hollight DIST_SYM)
  1332 
  1333 lemma DIST_LADD: "hollight.dist (x + xb, x + xa) = hollight.dist (xb, xa)"
  1334   by (import hollight DIST_LADD)
  1335 
  1336 lemma DIST_RADD: "hollight.dist (x + xa, xb + xa) = hollight.dist (x, xb)"
  1337   by (import hollight DIST_RADD)
  1338 
  1339 lemma DIST_LADD_0: "hollight.dist (x + xa, x) = xa"
  1340   by (import hollight DIST_LADD_0)
  1341 
  1342 lemma DIST_RADD_0: "hollight.dist (x, x + xa) = xa"
  1343   by (import hollight DIST_RADD_0)
  1344 
  1345 lemma DIST_LMUL: "x * hollight.dist (xa, xb) = hollight.dist (x * xa, x * xb)"
  1346   by (import hollight DIST_LMUL)
  1347 
  1348 lemma DIST_RMUL: "hollight.dist (x, xa) * xb = hollight.dist (x * xb, xa * xb)"
  1349   by (import hollight DIST_RMUL)
  1350 
  1351 lemma DIST_EQ_0: "(hollight.dist (x, xa) = 0) = (x = xa)"
  1352   by (import hollight DIST_EQ_0)
  1353 
  1354 lemma DIST_ELIM_THM: "P (hollight.dist (x, y)) =
  1355 (ALL d. (x = y + d --> P d) & (y = x + d --> P d))"
  1356   by (import hollight DIST_ELIM_THM)
  1357 
  1358 lemma DIST_LE_CASES: "(hollight.dist (m, n) <= p) = (m <= n + p & n <= m + p)"
  1359   by (import hollight DIST_LE_CASES)
  1360 
  1361 lemma DIST_TRIANGLE_LE: "hollight.dist (m, n) + hollight.dist (n, p) <= q
  1362 ==> hollight.dist (m, p) <= q"
  1363   by (import hollight DIST_TRIANGLE_LE)
  1364 
  1365 lemma DIST_TRIANGLES_LE: "hollight.dist (m, n) <= r & hollight.dist (p, q) <= s
  1366 ==> hollight.dist (m, p) <= hollight.dist (n, q) + (r + s)"
  1367   by (import hollight DIST_TRIANGLES_LE)
  1368 
  1369 lemma BOUNDS_LINEAR: "(ALL n::nat. (A::nat) * n <= (B::nat) * n + (C::nat)) = (A <= B)"
  1370   by (import hollight BOUNDS_LINEAR)
  1371 
  1372 lemma BOUNDS_LINEAR_0: "(ALL n::nat. (A::nat) * n <= (B::nat)) = (A = (0::nat))"
  1373   by (import hollight BOUNDS_LINEAR_0)
  1374 
  1375 lemma BOUNDS_DIVIDED: "(EX B::nat. ALL n::nat. (P::nat => nat) n <= B) =
  1376 (EX (x::nat) B::nat. ALL n::nat. n * P n <= x * n + B)"
  1377   by (import hollight BOUNDS_DIVIDED)
  1378 
  1379 lemma BOUNDS_NOTZERO: "(P::nat => nat => nat) (0::nat) (0::nat) = (0::nat) &
  1380 (ALL (m::nat) n::nat. P m n <= (A::nat) * (m + n) + (B::nat))
  1381 ==> EX x::nat. ALL (m::nat) n::nat. P m n <= x * (m + n)"
  1382   by (import hollight BOUNDS_NOTZERO)
  1383 
  1384 lemma BOUNDS_IGNORE: "(EX B::nat. ALL i::nat. (P::nat => nat) i <= (Q::nat => nat) i + B) =
  1385 (EX (x::nat) N::nat. ALL i>=N. P i <= Q i + x)"
  1386   by (import hollight BOUNDS_IGNORE)
  1387 
  1388 definition
  1389   is_nadd :: "(nat => nat) => bool"  where
  1390   "is_nadd ==
  1391 %u. EX B. ALL m n. hollight.dist (m * u n, n * u m) <= B * (m + n)"
  1392 
  1393 lemma DEF_is_nadd: "is_nadd =
  1394 (%u. EX B. ALL m n. hollight.dist (m * u n, n * u m) <= B * (m + n))"
  1395   by (import hollight DEF_is_nadd)
  1396 
  1397 lemma is_nadd_0: "is_nadd (%n. 0)"
  1398   by (import hollight is_nadd_0)
  1399 
  1400 typedef (open) nadd = "Collect is_nadd"  morphisms "dest_nadd" "mk_nadd"
  1401   apply (rule light_ex_imp_nonempty[where t="%n. NUMERAL 0"])
  1402   by (import hollight TYDEF_nadd)
  1403 
  1404 syntax
  1405   dest_nadd :: _ 
  1406 
  1407 syntax
  1408   mk_nadd :: _ 
  1409 
  1410 lemmas "TYDEF_nadd_@intern" = typedef_hol2hollight 
  1411   [where a="a :: nadd" and r=r ,
  1412    OF type_definition_nadd]
  1413 
  1414 lemma NADD_CAUCHY: "EX xa.
  1415    ALL xb xc.
  1416       hollight.dist (xb * dest_nadd x xc, xc * dest_nadd x xb)
  1417       <= xa * (xb + xc)"
  1418   by (import hollight NADD_CAUCHY)
  1419 
  1420 lemma NADD_BOUND: "EX xa B. ALL n. dest_nadd x n <= xa * n + B"
  1421   by (import hollight NADD_BOUND)
  1422 
  1423 lemma NADD_MULTIPLICATIVE: "EX xa.
  1424    ALL m n.
  1425       hollight.dist (dest_nadd x (m * n), m * dest_nadd x n) <= xa * m + xa"
  1426   by (import hollight NADD_MULTIPLICATIVE)
  1427 
  1428 lemma NADD_ADDITIVE: "EX xa.
  1429    ALL m n.
  1430       hollight.dist (dest_nadd x (m + n), dest_nadd x m + dest_nadd x n)
  1431       <= xa"
  1432   by (import hollight NADD_ADDITIVE)
  1433 
  1434 lemma NADD_SUC: "EX xa. ALL n. hollight.dist (dest_nadd x (Suc n), dest_nadd x n) <= xa"
  1435   by (import hollight NADD_SUC)
  1436 
  1437 lemma NADD_DIST_LEMMA: "EX xa. ALL m n. hollight.dist (dest_nadd x (m + n), dest_nadd x m) <= xa * n"
  1438   by (import hollight NADD_DIST_LEMMA)
  1439 
  1440 lemma NADD_DIST: "EX xa.
  1441    ALL m n.
  1442       hollight.dist (dest_nadd x m, dest_nadd x n)
  1443       <= xa * hollight.dist (m, n)"
  1444   by (import hollight NADD_DIST)
  1445 
  1446 lemma NADD_ALTMUL: "EX A B.
  1447    ALL n.
  1448       hollight.dist
  1449        (n * dest_nadd x (dest_nadd y n), dest_nadd x n * dest_nadd y n)
  1450       <= A * n + B"
  1451   by (import hollight NADD_ALTMUL)
  1452 
  1453 definition
  1454   nadd_eq :: "nadd => nadd => bool"  where
  1455   "nadd_eq ==
  1456 %u ua. EX B. ALL n. hollight.dist (dest_nadd u n, dest_nadd ua n) <= B"
  1457 
  1458 lemma DEF_nadd_eq: "nadd_eq =
  1459 (%u ua. EX B. ALL n. hollight.dist (dest_nadd u n, dest_nadd ua n) <= B)"
  1460   by (import hollight DEF_nadd_eq)
  1461 
  1462 lemma NADD_EQ_REFL: "nadd_eq x x"
  1463   by (import hollight NADD_EQ_REFL)
  1464 
  1465 lemma NADD_EQ_SYM: "nadd_eq x y = nadd_eq y x"
  1466   by (import hollight NADD_EQ_SYM)
  1467 
  1468 lemma NADD_EQ_TRANS: "nadd_eq x y & nadd_eq y z ==> nadd_eq x z"
  1469   by (import hollight NADD_EQ_TRANS)
  1470 
  1471 definition
  1472   nadd_of_num :: "nat => nadd"  where
  1473   "nadd_of_num == %u. mk_nadd (op * u)"
  1474 
  1475 lemma DEF_nadd_of_num: "nadd_of_num = (%u. mk_nadd (op * u))"
  1476   by (import hollight DEF_nadd_of_num)
  1477 
  1478 lemma NADD_OF_NUM: "dest_nadd (nadd_of_num x) = op * x"
  1479   by (import hollight NADD_OF_NUM)
  1480 
  1481 lemma NADD_OF_NUM_WELLDEF: "m = n ==> nadd_eq (nadd_of_num m) (nadd_of_num n)"
  1482   by (import hollight NADD_OF_NUM_WELLDEF)
  1483 
  1484 lemma NADD_OF_NUM_EQ: "nadd_eq (nadd_of_num m) (nadd_of_num n) = (m = n)"
  1485   by (import hollight NADD_OF_NUM_EQ)
  1486 
  1487 definition
  1488   nadd_le :: "nadd => nadd => bool"  where
  1489   "nadd_le == %u ua. EX B. ALL n. dest_nadd u n <= dest_nadd ua n + B"
  1490 
  1491 lemma DEF_nadd_le: "nadd_le = (%u ua. EX B. ALL n. dest_nadd u n <= dest_nadd ua n + B)"
  1492   by (import hollight DEF_nadd_le)
  1493 
  1494 lemma NADD_LE_WELLDEF_LEMMA: "nadd_eq x x' & nadd_eq y y' & nadd_le x y ==> nadd_le x' y'"
  1495   by (import hollight NADD_LE_WELLDEF_LEMMA)
  1496 
  1497 lemma NADD_LE_WELLDEF: "nadd_eq x x' & nadd_eq y y' ==> nadd_le x y = nadd_le x' y'"
  1498   by (import hollight NADD_LE_WELLDEF)
  1499 
  1500 lemma NADD_LE_REFL: "nadd_le x x"
  1501   by (import hollight NADD_LE_REFL)
  1502 
  1503 lemma NADD_LE_TRANS: "nadd_le x y & nadd_le y z ==> nadd_le x z"
  1504   by (import hollight NADD_LE_TRANS)
  1505 
  1506 lemma NADD_LE_ANTISYM: "(nadd_le x y & nadd_le y x) = nadd_eq x y"
  1507   by (import hollight NADD_LE_ANTISYM)
  1508 
  1509 lemma NADD_LE_TOTAL_LEMMA: "~ nadd_le x y ==> EX n. n ~= 0 & dest_nadd y n + B < dest_nadd x n"
  1510   by (import hollight NADD_LE_TOTAL_LEMMA)
  1511 
  1512 lemma NADD_LE_TOTAL: "nadd_le x y | nadd_le y x"
  1513   by (import hollight NADD_LE_TOTAL)
  1514 
  1515 lemma NADD_ARCH: "EX xa. nadd_le x (nadd_of_num xa)"
  1516   by (import hollight NADD_ARCH)
  1517 
  1518 lemma NADD_OF_NUM_LE: "nadd_le (nadd_of_num m) (nadd_of_num n) = (m <= n)"
  1519   by (import hollight NADD_OF_NUM_LE)
  1520 
  1521 definition
  1522   nadd_add :: "nadd => nadd => nadd"  where
  1523   "nadd_add == %u ua. mk_nadd (%n. dest_nadd u n + dest_nadd ua n)"
  1524 
  1525 lemma DEF_nadd_add: "nadd_add = (%u ua. mk_nadd (%n. dest_nadd u n + dest_nadd ua n))"
  1526   by (import hollight DEF_nadd_add)
  1527 
  1528 lemma NADD_ADD: "dest_nadd (nadd_add x y) = (%n. dest_nadd x n + dest_nadd y n)"
  1529   by (import hollight NADD_ADD)
  1530 
  1531 lemma NADD_ADD_WELLDEF: "nadd_eq x x' & nadd_eq y y' ==> nadd_eq (nadd_add x y) (nadd_add x' y')"
  1532   by (import hollight NADD_ADD_WELLDEF)
  1533 
  1534 lemma NADD_ADD_SYM: "nadd_eq (nadd_add x y) (nadd_add y x)"
  1535   by (import hollight NADD_ADD_SYM)
  1536 
  1537 lemma NADD_ADD_ASSOC: "nadd_eq (nadd_add x (nadd_add y z)) (nadd_add (nadd_add x y) z)"
  1538   by (import hollight NADD_ADD_ASSOC)
  1539 
  1540 lemma NADD_ADD_LID: "nadd_eq (nadd_add (nadd_of_num 0) x) x"
  1541   by (import hollight NADD_ADD_LID)
  1542 
  1543 lemma NADD_ADD_LCANCEL: "nadd_eq (nadd_add x y) (nadd_add x z) ==> nadd_eq y z"
  1544   by (import hollight NADD_ADD_LCANCEL)
  1545 
  1546 lemma NADD_LE_ADD: "nadd_le x (nadd_add x y)"
  1547   by (import hollight NADD_LE_ADD)
  1548 
  1549 lemma NADD_LE_EXISTS: "nadd_le x y ==> EX d. nadd_eq y (nadd_add x d)"
  1550   by (import hollight NADD_LE_EXISTS)
  1551 
  1552 lemma NADD_OF_NUM_ADD: "nadd_eq (nadd_add (nadd_of_num x) (nadd_of_num xa)) (nadd_of_num (x + xa))"
  1553   by (import hollight NADD_OF_NUM_ADD)
  1554 
  1555 definition
  1556   nadd_mul :: "nadd => nadd => nadd"  where
  1557   "nadd_mul == %u ua. mk_nadd (%n. dest_nadd u (dest_nadd ua n))"
  1558 
  1559 lemma DEF_nadd_mul: "nadd_mul = (%u ua. mk_nadd (%n. dest_nadd u (dest_nadd ua n)))"
  1560   by (import hollight DEF_nadd_mul)
  1561 
  1562 lemma NADD_MUL: "dest_nadd (nadd_mul x y) = (%n. dest_nadd x (dest_nadd y n))"
  1563   by (import hollight NADD_MUL)
  1564 
  1565 lemma NADD_MUL_SYM: "nadd_eq (nadd_mul x y) (nadd_mul y x)"
  1566   by (import hollight NADD_MUL_SYM)
  1567 
  1568 lemma NADD_MUL_ASSOC: "nadd_eq (nadd_mul x (nadd_mul y z)) (nadd_mul (nadd_mul x y) z)"
  1569   by (import hollight NADD_MUL_ASSOC)
  1570 
  1571 lemma NADD_MUL_LID: "nadd_eq (nadd_mul (nadd_of_num 1) x) x"
  1572   by (import hollight NADD_MUL_LID)
  1573 
  1574 lemma NADD_LDISTRIB: "nadd_eq (nadd_mul x (nadd_add y z)) (nadd_add (nadd_mul x y) (nadd_mul x z))"
  1575   by (import hollight NADD_LDISTRIB)
  1576 
  1577 lemma NADD_MUL_WELLDEF_LEMMA: "nadd_eq y y' ==> nadd_eq (nadd_mul x y) (nadd_mul x y')"
  1578   by (import hollight NADD_MUL_WELLDEF_LEMMA)
  1579 
  1580 lemma NADD_MUL_WELLDEF: "nadd_eq x x' & nadd_eq y y' ==> nadd_eq (nadd_mul x y) (nadd_mul x' y')"
  1581   by (import hollight NADD_MUL_WELLDEF)
  1582 
  1583 lemma NADD_OF_NUM_MUL: "nadd_eq (nadd_mul (nadd_of_num x) (nadd_of_num xa)) (nadd_of_num (x * xa))"
  1584   by (import hollight NADD_OF_NUM_MUL)
  1585 
  1586 lemma NADD_LE_0: "nadd_le (nadd_of_num 0) x"
  1587   by (import hollight NADD_LE_0)
  1588 
  1589 lemma NADD_EQ_IMP_LE: "nadd_eq x y ==> nadd_le x y"
  1590   by (import hollight NADD_EQ_IMP_LE)
  1591 
  1592 lemma NADD_LE_LMUL: "nadd_le y z ==> nadd_le (nadd_mul x y) (nadd_mul x z)"
  1593   by (import hollight NADD_LE_LMUL)
  1594 
  1595 lemma NADD_LE_RMUL: "nadd_le x y ==> nadd_le (nadd_mul x z) (nadd_mul y z)"
  1596   by (import hollight NADD_LE_RMUL)
  1597 
  1598 lemma NADD_LE_RADD: "nadd_le (nadd_add x z) (nadd_add y z) = nadd_le x y"
  1599   by (import hollight NADD_LE_RADD)
  1600 
  1601 lemma NADD_LE_LADD: "nadd_le (nadd_add x y) (nadd_add x z) = nadd_le y z"
  1602   by (import hollight NADD_LE_LADD)
  1603 
  1604 lemma NADD_RDISTRIB: "nadd_eq (nadd_mul (nadd_add x y) z) (nadd_add (nadd_mul x z) (nadd_mul y z))"
  1605   by (import hollight NADD_RDISTRIB)
  1606 
  1607 lemma NADD_ARCH_MULT: "~ nadd_eq x (nadd_of_num 0)
  1608 ==> EX xa. nadd_le (nadd_of_num k) (nadd_mul (nadd_of_num xa) x)"
  1609   by (import hollight NADD_ARCH_MULT)
  1610 
  1611 lemma NADD_ARCH_ZERO: "(!!n. nadd_le (nadd_mul (nadd_of_num n) x) k) ==> nadd_eq x (nadd_of_num 0)"
  1612   by (import hollight NADD_ARCH_ZERO)
  1613 
  1614 lemma NADD_ARCH_LEMMA: "(!!n. nadd_le (nadd_mul (nadd_of_num n) x)
  1615        (nadd_add (nadd_mul (nadd_of_num n) y) z))
  1616 ==> nadd_le x y"
  1617   by (import hollight NADD_ARCH_LEMMA)
  1618 
  1619 lemma NADD_COMPLETE: "Ex P & (EX M. ALL x. P x --> nadd_le x M)
  1620 ==> EX M. (ALL x. P x --> nadd_le x M) &
  1621           (ALL M'. (ALL x. P x --> nadd_le x M') --> nadd_le M M')"
  1622   by (import hollight NADD_COMPLETE)
  1623 
  1624 lemma NADD_UBOUND: "EX xa N. ALL n>=N. dest_nadd x n <= xa * n"
  1625   by (import hollight NADD_UBOUND)
  1626 
  1627 lemma NADD_NONZERO: "~ nadd_eq x (nadd_of_num 0) ==> EX N. ALL n>=N. dest_nadd x n ~= 0"
  1628   by (import hollight NADD_NONZERO)
  1629 
  1630 lemma NADD_LBOUND: "~ nadd_eq x (nadd_of_num 0) ==> EX A N. ALL n>=N. n <= A * dest_nadd x n"
  1631   by (import hollight NADD_LBOUND)
  1632 
  1633 definition
  1634   nadd_rinv :: "nadd => nat => nat"  where
  1635   "nadd_rinv == %u n. n * n div dest_nadd u n"
  1636 
  1637 lemma DEF_nadd_rinv: "nadd_rinv = (%u n. n * n div dest_nadd u n)"
  1638   by (import hollight DEF_nadd_rinv)
  1639 
  1640 lemma NADD_MUL_LINV_LEMMA0: "~ nadd_eq x (nadd_of_num 0) ==> EX xa B. ALL i. nadd_rinv x i <= xa * i + B"
  1641   by (import hollight NADD_MUL_LINV_LEMMA0)
  1642 
  1643 lemma NADD_MUL_LINV_LEMMA1: "dest_nadd x n ~= 0
  1644 ==> hollight.dist (dest_nadd x n * nadd_rinv x n, n * n) <= dest_nadd x n"
  1645   by (import hollight NADD_MUL_LINV_LEMMA1)
  1646 
  1647 lemma NADD_MUL_LINV_LEMMA2: "~ nadd_eq x (nadd_of_num 0)
  1648 ==> EX N. ALL n>=N.
  1649              hollight.dist (dest_nadd x n * nadd_rinv x n, n * n)
  1650              <= dest_nadd x n"
  1651   by (import hollight NADD_MUL_LINV_LEMMA2)
  1652 
  1653 lemma NADD_MUL_LINV_LEMMA3: "~ nadd_eq x (nadd_of_num 0)
  1654 ==> EX N. ALL m n.
  1655              N <= n -->
  1656              hollight.dist
  1657               (m * (dest_nadd x m * (dest_nadd x n * nadd_rinv x n)),
  1658                m * (dest_nadd x m * (n * n)))
  1659              <= m * (dest_nadd x m * dest_nadd x n)"
  1660   by (import hollight NADD_MUL_LINV_LEMMA3)
  1661 
  1662 lemma NADD_MUL_LINV_LEMMA4: "~ nadd_eq x (nadd_of_num 0)
  1663 ==> EX N. ALL m n.
  1664              N <= m & N <= n -->
  1665              dest_nadd x m * dest_nadd x n *
  1666              hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m)
  1667              <= m * n *
  1668                 hollight.dist (m * dest_nadd x n, n * dest_nadd x m) +
  1669                 dest_nadd x m * dest_nadd x n * (m + n)"
  1670   by (import hollight NADD_MUL_LINV_LEMMA4)
  1671 
  1672 lemma NADD_MUL_LINV_LEMMA5: "~ nadd_eq x (nadd_of_num 0)
  1673 ==> EX B N.
  1674        ALL m n.
  1675           N <= m & N <= n -->
  1676           dest_nadd x m * dest_nadd x n *
  1677           hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m)
  1678           <= B * (m * n * (m + n))"
  1679   by (import hollight NADD_MUL_LINV_LEMMA5)
  1680 
  1681 lemma NADD_MUL_LINV_LEMMA6: "~ nadd_eq x (nadd_of_num 0)
  1682 ==> EX B N.
  1683        ALL m n.
  1684           N <= m & N <= n -->
  1685           m * n * hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m)
  1686           <= B * (m * n * (m + n))"
  1687   by (import hollight NADD_MUL_LINV_LEMMA6)
  1688 
  1689 lemma NADD_MUL_LINV_LEMMA7: "~ nadd_eq x (nadd_of_num 0)
  1690 ==> EX B N.
  1691        ALL m n.
  1692           N <= m & N <= n -->
  1693           hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m)
  1694           <= B * (m + n)"
  1695   by (import hollight NADD_MUL_LINV_LEMMA7)
  1696 
  1697 lemma NADD_MUL_LINV_LEMMA7a: "~ nadd_eq x (nadd_of_num 0)
  1698 ==> EX A B.
  1699        ALL m n.
  1700           m <= N -->
  1701           hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m) <= A * n + B"
  1702   by (import hollight NADD_MUL_LINV_LEMMA7a)
  1703 
  1704 lemma NADD_MUL_LINV_LEMMA8: "~ nadd_eq x (nadd_of_num 0)
  1705 ==> EX B. ALL m n.
  1706              hollight.dist (m * nadd_rinv x n, n * nadd_rinv x m)
  1707              <= B * (m + n)"
  1708   by (import hollight NADD_MUL_LINV_LEMMA8)
  1709 
  1710 definition
  1711   nadd_inv :: "nadd => nadd"  where
  1712   "nadd_inv ==
  1713 %u. if nadd_eq u (nadd_of_num 0) then nadd_of_num 0
  1714     else mk_nadd (nadd_rinv u)"
  1715 
  1716 lemma DEF_nadd_inv: "nadd_inv =
  1717 (%u. if nadd_eq u (nadd_of_num 0) then nadd_of_num 0
  1718      else mk_nadd (nadd_rinv u))"
  1719   by (import hollight DEF_nadd_inv)
  1720 
  1721 lemma NADD_INV: "dest_nadd (nadd_inv x) =
  1722 (if nadd_eq x (nadd_of_num 0) then %n. 0 else nadd_rinv x)"
  1723   by (import hollight NADD_INV)
  1724 
  1725 lemma NADD_MUL_LINV: "~ nadd_eq x (nadd_of_num 0)
  1726 ==> nadd_eq (nadd_mul (nadd_inv x) x) (nadd_of_num 1)"
  1727   by (import hollight NADD_MUL_LINV)
  1728 
  1729 lemma NADD_INV_0: "nadd_eq (nadd_inv (nadd_of_num 0)) (nadd_of_num 0)"
  1730   by (import hollight NADD_INV_0)
  1731 
  1732 lemma NADD_INV_WELLDEF: "nadd_eq x y ==> nadd_eq (nadd_inv x) (nadd_inv y)"
  1733   by (import hollight NADD_INV_WELLDEF)
  1734 
  1735 typedef (open) hreal = "{s. EX x. s = nadd_eq x}"  morphisms "dest_hreal" "mk_hreal"
  1736   apply (rule light_ex_imp_nonempty[where t="nadd_eq x"])
  1737   by (import hollight TYDEF_hreal)
  1738 
  1739 syntax
  1740   dest_hreal :: _ 
  1741 
  1742 syntax
  1743   mk_hreal :: _ 
  1744 
  1745 lemmas "TYDEF_hreal_@intern" = typedef_hol2hollight 
  1746   [where a="a :: hreal" and r=r ,
  1747    OF type_definition_hreal]
  1748 
  1749 definition
  1750   hreal_of_num :: "nat => hreal"  where
  1751   "hreal_of_num == %m. mk_hreal (nadd_eq (nadd_of_num m))"
  1752 
  1753 lemma DEF_hreal_of_num: "hreal_of_num = (%m. mk_hreal (nadd_eq (nadd_of_num m)))"
  1754   by (import hollight DEF_hreal_of_num)
  1755 
  1756 definition
  1757   hreal_add :: "hreal => hreal => hreal"  where
  1758   "hreal_add ==
  1759 %x y. mk_hreal
  1760        (%u. EX xa ya.
  1761                nadd_eq (nadd_add xa ya) u &
  1762                dest_hreal x xa & dest_hreal y ya)"
  1763 
  1764 lemma DEF_hreal_add: "hreal_add =
  1765 (%x y. mk_hreal
  1766         (%u. EX xa ya.
  1767                 nadd_eq (nadd_add xa ya) u &
  1768                 dest_hreal x xa & dest_hreal y ya))"
  1769   by (import hollight DEF_hreal_add)
  1770 
  1771 definition
  1772   hreal_mul :: "hreal => hreal => hreal"  where
  1773   "hreal_mul ==
  1774 %x y. mk_hreal
  1775        (%u. EX xa ya.
  1776                nadd_eq (nadd_mul xa ya) u &
  1777                dest_hreal x xa & dest_hreal y ya)"
  1778 
  1779 lemma DEF_hreal_mul: "hreal_mul =
  1780 (%x y. mk_hreal
  1781         (%u. EX xa ya.
  1782                 nadd_eq (nadd_mul xa ya) u &
  1783                 dest_hreal x xa & dest_hreal y ya))"
  1784   by (import hollight DEF_hreal_mul)
  1785 
  1786 definition
  1787   hreal_le :: "hreal => hreal => bool"  where
  1788   "hreal_le ==
  1789 %x y. SOME u.
  1790          EX xa ya. nadd_le xa ya = u & dest_hreal x xa & dest_hreal y ya"
  1791 
  1792 lemma DEF_hreal_le: "hreal_le =
  1793 (%x y. SOME u.
  1794           EX xa ya. nadd_le xa ya = u & dest_hreal x xa & dest_hreal y ya)"
  1795   by (import hollight DEF_hreal_le)
  1796 
  1797 definition
  1798   hreal_inv :: "hreal => hreal"  where
  1799   "hreal_inv ==
  1800 %x. mk_hreal (%u. EX xa. nadd_eq (nadd_inv xa) u & dest_hreal x xa)"
  1801 
  1802 lemma DEF_hreal_inv: "hreal_inv =
  1803 (%x. mk_hreal (%u. EX xa. nadd_eq (nadd_inv xa) u & dest_hreal x xa))"
  1804   by (import hollight DEF_hreal_inv)
  1805 
  1806 lemma HREAL_LE_EXISTS_DEF: "hreal_le m n = (EX d. n = hreal_add m d)"
  1807   by (import hollight HREAL_LE_EXISTS_DEF)
  1808 
  1809 lemma HREAL_EQ_ADD_LCANCEL: "(hreal_add m n = hreal_add m p) = (n = p)"
  1810   by (import hollight HREAL_EQ_ADD_LCANCEL)
  1811 
  1812 lemma HREAL_EQ_ADD_RCANCEL: "(hreal_add x xb = hreal_add xa xb) = (x = xa)"
  1813   by (import hollight HREAL_EQ_ADD_RCANCEL)
  1814 
  1815 lemma HREAL_LE_ADD_LCANCEL: "hreal_le (hreal_add x xa) (hreal_add x xb) = hreal_le xa xb"
  1816   by (import hollight HREAL_LE_ADD_LCANCEL)
  1817 
  1818 lemma HREAL_LE_ADD_RCANCEL: "hreal_le (hreal_add x xb) (hreal_add xa xb) = hreal_le x xa"
  1819   by (import hollight HREAL_LE_ADD_RCANCEL)
  1820 
  1821 lemma HREAL_ADD_RID: "hreal_add x (hreal_of_num 0) = x"
  1822   by (import hollight HREAL_ADD_RID)
  1823 
  1824 lemma HREAL_ADD_RDISTRIB: "hreal_mul (hreal_add x xa) xb = hreal_add (hreal_mul x xb) (hreal_mul xa xb)"
  1825   by (import hollight HREAL_ADD_RDISTRIB)
  1826 
  1827 lemma HREAL_MUL_LZERO: "hreal_mul (hreal_of_num 0) m = hreal_of_num 0"
  1828   by (import hollight HREAL_MUL_LZERO)
  1829 
  1830 lemma HREAL_MUL_RZERO: "hreal_mul x (hreal_of_num 0) = hreal_of_num 0"
  1831   by (import hollight HREAL_MUL_RZERO)
  1832 
  1833 lemma HREAL_ADD_AC: "hreal_add m n = hreal_add n m &
  1834 hreal_add (hreal_add m n) p = hreal_add m (hreal_add n p) &
  1835 hreal_add m (hreal_add n p) = hreal_add n (hreal_add m p)"
  1836   by (import hollight HREAL_ADD_AC)
  1837 
  1838 lemma HREAL_LE_ADD2: "hreal_le a b & hreal_le c d ==> hreal_le (hreal_add a c) (hreal_add b d)"
  1839   by (import hollight HREAL_LE_ADD2)
  1840 
  1841 lemma HREAL_LE_MUL_RCANCEL_IMP: "hreal_le a b ==> hreal_le (hreal_mul a c) (hreal_mul b c)"
  1842   by (import hollight HREAL_LE_MUL_RCANCEL_IMP)
  1843 
  1844 definition
  1845   treal_of_num :: "nat => hreal * hreal"  where
  1846   "treal_of_num == %u. (hreal_of_num u, hreal_of_num 0)"
  1847 
  1848 lemma DEF_treal_of_num: "treal_of_num = (%u. (hreal_of_num u, hreal_of_num 0))"
  1849   by (import hollight DEF_treal_of_num)
  1850 
  1851 definition
  1852   treal_neg :: "hreal * hreal => hreal * hreal"  where
  1853   "treal_neg == %u. (snd u, fst u)"
  1854 
  1855 lemma DEF_treal_neg: "treal_neg = (%u. (snd u, fst u))"
  1856   by (import hollight DEF_treal_neg)
  1857 
  1858 definition
  1859   treal_add :: "hreal * hreal => hreal * hreal => hreal * hreal"  where
  1860   "treal_add == %u ua. (hreal_add (fst u) (fst ua), hreal_add (snd u) (snd ua))"
  1861 
  1862 lemma DEF_treal_add: "treal_add =
  1863 (%u ua. (hreal_add (fst u) (fst ua), hreal_add (snd u) (snd ua)))"
  1864   by (import hollight DEF_treal_add)
  1865 
  1866 definition
  1867   treal_mul :: "hreal * hreal => hreal * hreal => hreal * hreal"  where
  1868   "treal_mul ==
  1869 %u ua.
  1870    (hreal_add (hreal_mul (fst u) (fst ua)) (hreal_mul (snd u) (snd ua)),
  1871     hreal_add (hreal_mul (fst u) (snd ua)) (hreal_mul (snd u) (fst ua)))"
  1872 
  1873 lemma DEF_treal_mul: "treal_mul =
  1874 (%u ua.
  1875     (hreal_add (hreal_mul (fst u) (fst ua)) (hreal_mul (snd u) (snd ua)),
  1876      hreal_add (hreal_mul (fst u) (snd ua)) (hreal_mul (snd u) (fst ua))))"
  1877   by (import hollight DEF_treal_mul)
  1878 
  1879 definition
  1880   treal_le :: "hreal * hreal => hreal * hreal => bool"  where
  1881   "treal_le ==
  1882 %u ua. hreal_le (hreal_add (fst u) (snd ua)) (hreal_add (fst ua) (snd u))"
  1883 
  1884 lemma DEF_treal_le: "treal_le =
  1885 (%u ua. hreal_le (hreal_add (fst u) (snd ua)) (hreal_add (fst ua) (snd u)))"
  1886   by (import hollight DEF_treal_le)
  1887 
  1888 definition
  1889   treal_inv :: "hreal * hreal => hreal * hreal"  where
  1890   "treal_inv ==
  1891 %u. if fst u = snd u then (hreal_of_num 0, hreal_of_num 0)
  1892     else if hreal_le (snd u) (fst u)
  1893          then (hreal_inv (SOME d. fst u = hreal_add (snd u) d),
  1894                hreal_of_num 0)
  1895          else (hreal_of_num 0,
  1896                hreal_inv (SOME d. snd u = hreal_add (fst u) d))"
  1897 
  1898 lemma DEF_treal_inv: "treal_inv =
  1899 (%u. if fst u = snd u then (hreal_of_num 0, hreal_of_num 0)
  1900      else if hreal_le (snd u) (fst u)
  1901           then (hreal_inv (SOME d. fst u = hreal_add (snd u) d),
  1902                 hreal_of_num 0)
  1903           else (hreal_of_num 0,
  1904                 hreal_inv (SOME d. snd u = hreal_add (fst u) d)))"
  1905   by (import hollight DEF_treal_inv)
  1906 
  1907 definition
  1908   treal_eq :: "hreal * hreal => hreal * hreal => bool"  where
  1909   "treal_eq == %u ua. hreal_add (fst u) (snd ua) = hreal_add (fst ua) (snd u)"
  1910 
  1911 lemma DEF_treal_eq: "treal_eq = (%u ua. hreal_add (fst u) (snd ua) = hreal_add (fst ua) (snd u))"
  1912   by (import hollight DEF_treal_eq)
  1913 
  1914 lemma TREAL_EQ_REFL: "treal_eq x x"
  1915   by (import hollight TREAL_EQ_REFL)
  1916 
  1917 lemma TREAL_EQ_SYM: "treal_eq x y = treal_eq y x"
  1918   by (import hollight TREAL_EQ_SYM)
  1919 
  1920 lemma TREAL_EQ_TRANS: "treal_eq x y & treal_eq y z ==> treal_eq x z"
  1921   by (import hollight TREAL_EQ_TRANS)
  1922 
  1923 lemma TREAL_EQ_AP: "x = xa ==> treal_eq x xa"
  1924   by (import hollight TREAL_EQ_AP)
  1925 
  1926 lemma TREAL_OF_NUM_EQ: "treal_eq (treal_of_num x) (treal_of_num xa) = (x = xa)"
  1927   by (import hollight TREAL_OF_NUM_EQ)
  1928 
  1929 lemma TREAL_OF_NUM_LE: "treal_le (treal_of_num x) (treal_of_num xa) = (x <= xa)"
  1930   by (import hollight TREAL_OF_NUM_LE)
  1931 
  1932 lemma TREAL_OF_NUM_ADD: "treal_eq (treal_add (treal_of_num x) (treal_of_num xa))
  1933  (treal_of_num (x + xa))"
  1934   by (import hollight TREAL_OF_NUM_ADD)
  1935 
  1936 lemma TREAL_OF_NUM_MUL: "treal_eq (treal_mul (treal_of_num x) (treal_of_num xa))
  1937  (treal_of_num (x * xa))"
  1938   by (import hollight TREAL_OF_NUM_MUL)
  1939 
  1940 lemma TREAL_ADD_SYM_EQ: "treal_add x y = treal_add y x"
  1941   by (import hollight TREAL_ADD_SYM_EQ)
  1942 
  1943 lemma TREAL_MUL_SYM_EQ: "treal_mul x y = treal_mul y x"
  1944   by (import hollight TREAL_MUL_SYM_EQ)
  1945 
  1946 lemma TREAL_ADD_SYM: "treal_eq (treal_add x y) (treal_add y x)"
  1947   by (import hollight TREAL_ADD_SYM)
  1948 
  1949 lemma TREAL_ADD_ASSOC: "treal_eq (treal_add x (treal_add y z)) (treal_add (treal_add x y) z)"
  1950   by (import hollight TREAL_ADD_ASSOC)
  1951 
  1952 lemma TREAL_ADD_LID: "treal_eq (treal_add (treal_of_num 0) x) x"
  1953   by (import hollight TREAL_ADD_LID)
  1954 
  1955 lemma TREAL_ADD_LINV: "treal_eq (treal_add (treal_neg x) x) (treal_of_num 0)"
  1956   by (import hollight TREAL_ADD_LINV)
  1957 
  1958 lemma TREAL_MUL_SYM: "treal_eq (treal_mul x xa) (treal_mul xa x)"
  1959   by (import hollight TREAL_MUL_SYM)
  1960 
  1961 lemma TREAL_MUL_ASSOC: "treal_eq (treal_mul x (treal_mul y z)) (treal_mul (treal_mul x y) z)"
  1962   by (import hollight TREAL_MUL_ASSOC)
  1963 
  1964 lemma TREAL_MUL_LID: "treal_eq (treal_mul (treal_of_num 1) x) x"
  1965   by (import hollight TREAL_MUL_LID)
  1966 
  1967 lemma TREAL_ADD_LDISTRIB: "treal_eq (treal_mul x (treal_add y z))
  1968  (treal_add (treal_mul x y) (treal_mul x z))"
  1969   by (import hollight TREAL_ADD_LDISTRIB)
  1970 
  1971 lemma TREAL_LE_REFL: "treal_le x x"
  1972   by (import hollight TREAL_LE_REFL)
  1973 
  1974 lemma TREAL_LE_ANTISYM: "(treal_le x y & treal_le y x) = treal_eq x y"
  1975   by (import hollight TREAL_LE_ANTISYM)
  1976 
  1977 lemma TREAL_LE_TRANS: "treal_le x y & treal_le y z ==> treal_le x z"
  1978   by (import hollight TREAL_LE_TRANS)
  1979 
  1980 lemma TREAL_LE_TOTAL: "treal_le x y | treal_le y x"
  1981   by (import hollight TREAL_LE_TOTAL)
  1982 
  1983 lemma TREAL_LE_LADD_IMP: "treal_le y z ==> treal_le (treal_add x y) (treal_add x z)"
  1984   by (import hollight TREAL_LE_LADD_IMP)
  1985 
  1986 lemma TREAL_LE_MUL: "treal_le (treal_of_num 0) x & treal_le (treal_of_num 0) y
  1987 ==> treal_le (treal_of_num 0) (treal_mul x y)"
  1988   by (import hollight TREAL_LE_MUL)
  1989 
  1990 lemma TREAL_INV_0: "treal_eq (treal_inv (treal_of_num 0)) (treal_of_num 0)"
  1991   by (import hollight TREAL_INV_0)
  1992 
  1993 lemma TREAL_MUL_LINV: "~ treal_eq x (treal_of_num 0)
  1994 ==> treal_eq (treal_mul (treal_inv x) x) (treal_of_num 1)"
  1995   by (import hollight TREAL_MUL_LINV)
  1996 
  1997 lemma TREAL_OF_NUM_WELLDEF: "m = n ==> treal_eq (treal_of_num m) (treal_of_num n)"
  1998   by (import hollight TREAL_OF_NUM_WELLDEF)
  1999 
  2000 lemma TREAL_NEG_WELLDEF: "treal_eq x1 x2 ==> treal_eq (treal_neg x1) (treal_neg x2)"
  2001   by (import hollight TREAL_NEG_WELLDEF)
  2002 
  2003 lemma TREAL_ADD_WELLDEFR: "treal_eq x1 x2 ==> treal_eq (treal_add x1 y) (treal_add x2 y)"
  2004   by (import hollight TREAL_ADD_WELLDEFR)
  2005 
  2006 lemma TREAL_ADD_WELLDEF: "treal_eq x1 x2 & treal_eq y1 y2
  2007 ==> treal_eq (treal_add x1 y1) (treal_add x2 y2)"
  2008   by (import hollight TREAL_ADD_WELLDEF)
  2009 
  2010 lemma TREAL_MUL_WELLDEFR: "treal_eq x1 x2 ==> treal_eq (treal_mul x1 y) (treal_mul x2 y)"
  2011   by (import hollight TREAL_MUL_WELLDEFR)
  2012 
  2013 lemma TREAL_MUL_WELLDEF: "treal_eq x1 x2 & treal_eq y1 y2
  2014 ==> treal_eq (treal_mul x1 y1) (treal_mul x2 y2)"
  2015   by (import hollight TREAL_MUL_WELLDEF)
  2016 
  2017 lemma TREAL_EQ_IMP_LE: "treal_eq x y ==> treal_le x y"
  2018   by (import hollight TREAL_EQ_IMP_LE)
  2019 
  2020 lemma TREAL_LE_WELLDEF: "treal_eq x1 x2 & treal_eq y1 y2 ==> treal_le x1 y1 = treal_le x2 y2"
  2021   by (import hollight TREAL_LE_WELLDEF)
  2022 
  2023 lemma TREAL_INV_WELLDEF: "treal_eq x y ==> treal_eq (treal_inv x) (treal_inv y)"
  2024   by (import hollight TREAL_INV_WELLDEF)
  2025 
  2026 typedef (open) real = "{s. EX x. s = treal_eq x}"  morphisms "dest_real" "mk_real"
  2027   apply (rule light_ex_imp_nonempty[where t="treal_eq x"])
  2028   by (import hollight TYDEF_real)
  2029 
  2030 syntax
  2031   dest_real :: _ 
  2032 
  2033 syntax
  2034   mk_real :: _ 
  2035 
  2036 lemmas "TYDEF_real_@intern" = typedef_hol2hollight 
  2037   [where a="a :: hollight.real" and r=r ,
  2038    OF type_definition_real]
  2039 
  2040 definition
  2041   real_of_num :: "nat => hollight.real"  where
  2042   "real_of_num == %m. mk_real (treal_eq (treal_of_num m))"
  2043 
  2044 lemma DEF_real_of_num: "real_of_num = (%m. mk_real (treal_eq (treal_of_num m)))"
  2045   by (import hollight DEF_real_of_num)
  2046 
  2047 definition
  2048   real_neg :: "hollight.real => hollight.real"  where
  2049   "real_neg ==
  2050 %x1. mk_real (%u. EX x1a. treal_eq (treal_neg x1a) u & dest_real x1 x1a)"
  2051 
  2052 lemma DEF_real_neg: "real_neg =
  2053 (%x1. mk_real (%u. EX x1a. treal_eq (treal_neg x1a) u & dest_real x1 x1a))"
  2054   by (import hollight DEF_real_neg)
  2055 
  2056 definition
  2057   real_add :: "hollight.real => hollight.real => hollight.real"  where
  2058   "real_add ==
  2059 %x1 y1.
  2060    mk_real
  2061     (%u. EX x1a y1a.
  2062             treal_eq (treal_add x1a y1a) u &
  2063             dest_real x1 x1a & dest_real y1 y1a)"
  2064 
  2065 lemma DEF_real_add: "real_add =
  2066 (%x1 y1.
  2067     mk_real
  2068      (%u. EX x1a y1a.
  2069              treal_eq (treal_add x1a y1a) u &
  2070              dest_real x1 x1a & dest_real y1 y1a))"
  2071   by (import hollight DEF_real_add)
  2072 
  2073 definition
  2074   real_mul :: "hollight.real => hollight.real => hollight.real"  where
  2075   "real_mul ==
  2076 %x1 y1.
  2077    mk_real
  2078     (%u. EX x1a y1a.
  2079             treal_eq (treal_mul x1a y1a) u &
  2080             dest_real x1 x1a & dest_real y1 y1a)"
  2081 
  2082 lemma DEF_real_mul: "real_mul =
  2083 (%x1 y1.
  2084     mk_real
  2085      (%u. EX x1a y1a.
  2086              treal_eq (treal_mul x1a y1a) u &
  2087              dest_real x1 x1a & dest_real y1 y1a))"
  2088   by (import hollight DEF_real_mul)
  2089 
  2090 definition
  2091   real_le :: "hollight.real => hollight.real => bool"  where
  2092   "real_le ==
  2093 %x1 y1.
  2094    SOME u.
  2095       EX x1a y1a. treal_le x1a y1a = u & dest_real x1 x1a & dest_real y1 y1a"
  2096 
  2097 lemma DEF_real_le: "real_le =
  2098 (%x1 y1.
  2099     SOME u.
  2100        EX x1a y1a.
  2101           treal_le x1a y1a = u & dest_real x1 x1a & dest_real y1 y1a)"
  2102   by (import hollight DEF_real_le)
  2103 
  2104 definition
  2105   real_inv :: "hollight.real => hollight.real"  where
  2106   "real_inv ==
  2107 %x. mk_real (%u. EX xa. treal_eq (treal_inv xa) u & dest_real x xa)"
  2108 
  2109 lemma DEF_real_inv: "real_inv =
  2110 (%x. mk_real (%u. EX xa. treal_eq (treal_inv xa) u & dest_real x xa))"
  2111   by (import hollight DEF_real_inv)
  2112 
  2113 definition
  2114   real_sub :: "hollight.real => hollight.real => hollight.real"  where
  2115   "real_sub == %u ua. real_add u (real_neg ua)"
  2116 
  2117 lemma DEF_real_sub: "real_sub = (%u ua. real_add u (real_neg ua))"
  2118   by (import hollight DEF_real_sub)
  2119 
  2120 definition
  2121   real_lt :: "hollight.real => hollight.real => bool"  where
  2122   "real_lt == %u ua. ~ real_le ua u"
  2123 
  2124 lemma DEF_real_lt: "real_lt = (%u ua. ~ real_le ua u)"
  2125   by (import hollight DEF_real_lt)
  2126 
  2127 definition
  2128   real_ge :: "hollight.real => hollight.real => bool"  where
  2129   "real_ge == %u ua. real_le ua u"
  2130 
  2131 lemma DEF_real_ge: "real_ge = (%u ua. real_le ua u)"
  2132   by (import hollight DEF_real_ge)
  2133 
  2134 definition
  2135   real_gt :: "hollight.real => hollight.real => bool"  where
  2136   "real_gt == %u ua. real_lt ua u"
  2137 
  2138 lemma DEF_real_gt: "real_gt = (%u ua. real_lt ua u)"
  2139   by (import hollight DEF_real_gt)
  2140 
  2141 definition
  2142   real_abs :: "hollight.real => hollight.real"  where
  2143   "real_abs == %u. if real_le (real_of_num 0) u then u else real_neg u"
  2144 
  2145 lemma DEF_real_abs: "real_abs = (%u. if real_le (real_of_num 0) u then u else real_neg u)"
  2146   by (import hollight DEF_real_abs)
  2147 
  2148 definition
  2149   real_pow :: "hollight.real => nat => hollight.real"  where
  2150   "real_pow ==
  2151 SOME real_pow.
  2152    (ALL x. real_pow x 0 = real_of_num 1) &
  2153    (ALL x n. real_pow x (Suc n) = real_mul x (real_pow x n))"
  2154 
  2155 lemma DEF_real_pow: "real_pow =
  2156 (SOME real_pow.
  2157     (ALL x. real_pow x 0 = real_of_num 1) &
  2158     (ALL x n. real_pow x (Suc n) = real_mul x (real_pow x n)))"
  2159   by (import hollight DEF_real_pow)
  2160 
  2161 definition
  2162   real_div :: "hollight.real => hollight.real => hollight.real"  where
  2163   "real_div == %u ua. real_mul u (real_inv ua)"
  2164 
  2165 lemma DEF_real_div: "real_div = (%u ua. real_mul u (real_inv ua))"
  2166   by (import hollight DEF_real_div)
  2167 
  2168 definition
  2169   real_max :: "hollight.real => hollight.real => hollight.real"  where
  2170   "real_max == %u ua. if real_le u ua then ua else u"
  2171 
  2172 lemma DEF_real_max: "real_max = (%u ua. if real_le u ua then ua else u)"
  2173   by (import hollight DEF_real_max)
  2174 
  2175 definition
  2176   real_min :: "hollight.real => hollight.real => hollight.real"  where
  2177   "real_min == %u ua. if real_le u ua then u else ua"
  2178 
  2179 lemma DEF_real_min: "real_min = (%u ua. if real_le u ua then u else ua)"
  2180   by (import hollight DEF_real_min)
  2181 
  2182 lemma REAL_HREAL_LEMMA1: "EX x. (ALL xa. real_le (real_of_num 0) xa = (EX y. xa = x y)) &
  2183       (ALL y z. hreal_le y z = real_le (x y) (x z))"
  2184   by (import hollight REAL_HREAL_LEMMA1)
  2185 
  2186 lemma REAL_HREAL_LEMMA2: "EX x r.
  2187    (ALL xa. x (r xa) = xa) &
  2188    (ALL xa. real_le (real_of_num 0) xa --> r (x xa) = xa) &
  2189    (ALL x. real_le (real_of_num 0) (r x)) &
  2190    (ALL x y. hreal_le x y = real_le (r x) (r y))"
  2191   by (import hollight REAL_HREAL_LEMMA2)
  2192 
  2193 lemma REAL_COMPLETE_SOMEPOS: "(EX x. P x & real_le (real_of_num 0) x) & (EX M. ALL x. P x --> real_le x M)
  2194 ==> EX M. (ALL x. P x --> real_le x M) &
  2195           (ALL M'. (ALL x. P x --> real_le x M') --> real_le M M')"
  2196   by (import hollight REAL_COMPLETE_SOMEPOS)
  2197 
  2198 lemma REAL_COMPLETE: "Ex P & (EX M. ALL x. P x --> real_le x M)
  2199 ==> EX M. (ALL x. P x --> real_le x M) &
  2200           (ALL M'. (ALL x. P x --> real_le x M') --> real_le M M')"
  2201   by (import hollight REAL_COMPLETE)
  2202 
  2203 lemma REAL_ADD_AC: "real_add m n = real_add n m &
  2204 real_add (real_add m n) p = real_add m (real_add n p) &
  2205 real_add m (real_add n p) = real_add n (real_add m p)"
  2206   by (import hollight REAL_ADD_AC)
  2207 
  2208 lemma REAL_ADD_RINV: "real_add x (real_neg x) = real_of_num 0"
  2209   by (import hollight REAL_ADD_RINV)
  2210 
  2211 lemma REAL_EQ_ADD_LCANCEL: "(real_add x y = real_add x z) = (y = z)"
  2212   by (import hollight REAL_EQ_ADD_LCANCEL)
  2213 
  2214 lemma REAL_EQ_ADD_RCANCEL: "(real_add x z = real_add y z) = (x = y)"
  2215   by (import hollight REAL_EQ_ADD_RCANCEL)
  2216 
  2217 lemma REAL_MUL_RZERO: "real_mul x (real_of_num 0) = real_of_num 0"
  2218   by (import hollight REAL_MUL_RZERO)
  2219 
  2220 lemma REAL_MUL_LZERO: "real_mul (real_of_num 0) x = real_of_num 0"
  2221   by (import hollight REAL_MUL_LZERO)
  2222 
  2223 lemma REAL_NEG_NEG: "real_neg (real_neg x) = x"
  2224   by (import hollight REAL_NEG_NEG)
  2225 
  2226 lemma REAL_MUL_RNEG: "real_mul x (real_neg y) = real_neg (real_mul x y)"
  2227   by (import hollight REAL_MUL_RNEG)
  2228 
  2229 lemma REAL_MUL_LNEG: "real_mul (real_neg x) y = real_neg (real_mul x y)"
  2230   by (import hollight REAL_MUL_LNEG)
  2231 
  2232 lemma REAL_NEG_ADD: "real_neg (real_add x y) = real_add (real_neg x) (real_neg y)"
  2233   by (import hollight REAL_NEG_ADD)
  2234 
  2235 lemma REAL_ADD_RID: "real_add x (real_of_num 0) = x"
  2236   by (import hollight REAL_ADD_RID)
  2237 
  2238 lemma REAL_NEG_0: "real_neg (real_of_num 0) = real_of_num 0"
  2239   by (import hollight REAL_NEG_0)
  2240 
  2241 lemma REAL_LE_LNEG: "real_le (real_neg x) y = real_le (real_of_num 0) (real_add x y)"
  2242   by (import hollight REAL_LE_LNEG)
  2243 
  2244 lemma REAL_LE_NEG2: "real_le (real_neg x) (real_neg y) = real_le y x"
  2245   by (import hollight REAL_LE_NEG2)
  2246 
  2247 lemma REAL_LE_RNEG: "real_le x (real_neg y) = real_le (real_add x y) (real_of_num 0)"
  2248   by (import hollight REAL_LE_RNEG)
  2249 
  2250 lemma REAL_OF_NUM_POW: "real_pow (real_of_num x) n = real_of_num (x ^ n)"
  2251   by (import hollight REAL_OF_NUM_POW)
  2252 
  2253 lemma REAL_POW_NEG: "real_pow (real_neg x) n =
  2254 (if even n then real_pow x n else real_neg (real_pow x n))"
  2255   by (import hollight REAL_POW_NEG)
  2256 
  2257 lemma REAL_ABS_NUM: "real_abs (real_of_num x) = real_of_num x"
  2258   by (import hollight REAL_ABS_NUM)
  2259 
  2260 lemma REAL_ABS_NEG: "real_abs (real_neg x) = real_abs x"
  2261   by (import hollight REAL_ABS_NEG)
  2262 
  2263 lemma REAL_LTE_TOTAL: "real_lt x xa | real_le xa x"
  2264   by (import hollight REAL_LTE_TOTAL)
  2265 
  2266 lemma REAL_LET_TOTAL: "real_le x xa | real_lt xa x"
  2267   by (import hollight REAL_LET_TOTAL)
  2268 
  2269 lemma REAL_LT_IMP_LE: "real_lt x y ==> real_le x y"
  2270   by (import hollight REAL_LT_IMP_LE)
  2271 
  2272 lemma REAL_LTE_TRANS: "real_lt x y & real_le y z ==> real_lt x z"
  2273   by (import hollight REAL_LTE_TRANS)
  2274 
  2275 lemma REAL_LET_TRANS: "real_le x y & real_lt y z ==> real_lt x z"
  2276   by (import hollight REAL_LET_TRANS)
  2277 
  2278 lemma REAL_LT_TRANS: "real_lt x y & real_lt y z ==> real_lt x z"
  2279   by (import hollight REAL_LT_TRANS)
  2280 
  2281 lemma REAL_LE_ADD: "real_le (real_of_num 0) x & real_le (real_of_num 0) y
  2282 ==> real_le (real_of_num 0) (real_add x y)"
  2283   by (import hollight REAL_LE_ADD)
  2284 
  2285 lemma REAL_LTE_ANTISYM: "~ (real_lt x y & real_le y x)"
  2286   by (import hollight REAL_LTE_ANTISYM)
  2287 
  2288 lemma REAL_SUB_LE: "real_le (real_of_num 0) (real_sub x xa) = real_le xa x"
  2289   by (import hollight REAL_SUB_LE)
  2290 
  2291 lemma REAL_NEG_SUB: "real_neg (real_sub x xa) = real_sub xa x"
  2292   by (import hollight REAL_NEG_SUB)
  2293 
  2294 lemma REAL_LE_LT: "real_le x xa = (real_lt x xa | x = xa)"
  2295   by (import hollight REAL_LE_LT)
  2296 
  2297 lemma REAL_SUB_LT: "real_lt (real_of_num 0) (real_sub x xa) = real_lt xa x"
  2298   by (import hollight REAL_SUB_LT)
  2299 
  2300 lemma REAL_NOT_LT: "(~ real_lt x xa) = real_le xa x"
  2301   by (import hollight REAL_NOT_LT)
  2302 
  2303 lemma REAL_SUB_0: "(real_sub x y = real_of_num 0) = (x = y)"
  2304   by (import hollight REAL_SUB_0)
  2305 
  2306 lemma REAL_LT_LE: "real_lt x y = (real_le x y & x ~= y)"
  2307   by (import hollight REAL_LT_LE)
  2308 
  2309 lemma REAL_LT_REFL: "~ real_lt x x"
  2310   by (import hollight REAL_LT_REFL)
  2311 
  2312 lemma REAL_LTE_ADD: "real_lt (real_of_num 0) x & real_le (real_of_num 0) y
  2313 ==> real_lt (real_of_num 0) (real_add x y)"
  2314   by (import hollight REAL_LTE_ADD)
  2315 
  2316 lemma REAL_LET_ADD: "real_le (real_of_num 0) x & real_lt (real_of_num 0) y
  2317 ==> real_lt (real_of_num 0) (real_add x y)"
  2318   by (import hollight REAL_LET_ADD)
  2319 
  2320 lemma REAL_LT_ADD: "real_lt (real_of_num 0) x & real_lt (real_of_num 0) y
  2321 ==> real_lt (real_of_num 0) (real_add x y)"
  2322   by (import hollight REAL_LT_ADD)
  2323 
  2324 lemma REAL_ENTIRE: "(real_mul x y = real_of_num 0) = (x = real_of_num 0 | y = real_of_num 0)"
  2325   by (import hollight REAL_ENTIRE)
  2326 
  2327 lemma REAL_LE_NEGTOTAL: "real_le (real_of_num 0) x | real_le (real_of_num 0) (real_neg x)"
  2328   by (import hollight REAL_LE_NEGTOTAL)
  2329 
  2330 lemma REAL_LE_SQUARE: "real_le (real_of_num 0) (real_mul x x)"
  2331   by (import hollight REAL_LE_SQUARE)
  2332 
  2333 lemma REAL_MUL_RID: "real_mul x (real_of_num 1) = x"
  2334   by (import hollight REAL_MUL_RID)
  2335 
  2336 lemma REAL_POW_2: "real_pow x 2 = real_mul x x"
  2337   by (import hollight REAL_POW_2)
  2338 
  2339 lemma REAL_POLY_CLAUSES: "(ALL x y z. real_add x (real_add y z) = real_add (real_add x y) z) &
  2340 (ALL x y. real_add x y = real_add y x) &
  2341 (ALL x. real_add (real_of_num 0) x = x) &
  2342 (ALL x y z. real_mul x (real_mul y z) = real_mul (real_mul x y) z) &
  2343 (ALL x y. real_mul x y = real_mul y x) &
  2344 (ALL x. real_mul (real_of_num 1) x = x) &
  2345 (ALL x. real_mul (real_of_num 0) x = real_of_num 0) &
  2346 (ALL x xa xb.
  2347     real_mul x (real_add xa xb) =
  2348     real_add (real_mul x xa) (real_mul x xb)) &
  2349 (ALL x. real_pow x 0 = real_of_num 1) &
  2350 (ALL x xa. real_pow x (Suc xa) = real_mul x (real_pow x xa))"
  2351   by (import hollight REAL_POLY_CLAUSES)
  2352 
  2353 lemma REAL_POLY_NEG_CLAUSES: "(ALL x. real_neg x = real_mul (real_neg (real_of_num 1)) x) &
  2354 (ALL x xa.
  2355     real_sub x xa = real_add x (real_mul (real_neg (real_of_num 1)) xa))"
  2356   by (import hollight REAL_POLY_NEG_CLAUSES)
  2357 
  2358 lemma REAL_POS: "real_le (real_of_num 0) (real_of_num x)"
  2359   by (import hollight REAL_POS)
  2360 
  2361 lemma REAL_OF_NUM_LT: "real_lt (real_of_num x) (real_of_num xa) = (x < xa)"
  2362   by (import hollight REAL_OF_NUM_LT)
  2363 
  2364 lemma REAL_OF_NUM_GE: "real_ge (real_of_num x) (real_of_num xa) = (xa <= x)"
  2365   by (import hollight REAL_OF_NUM_GE)
  2366 
  2367 lemma REAL_OF_NUM_GT: "real_gt (real_of_num x) (real_of_num xa) = (xa < x)"
  2368   by (import hollight REAL_OF_NUM_GT)
  2369 
  2370 lemma REAL_OF_NUM_MAX: "real_max (real_of_num x) (real_of_num xa) = real_of_num (max x xa)"
  2371   by (import hollight REAL_OF_NUM_MAX)
  2372 
  2373 lemma REAL_OF_NUM_MIN: "real_min (real_of_num x) (real_of_num xa) = real_of_num (min x xa)"
  2374   by (import hollight REAL_OF_NUM_MIN)
  2375 
  2376 lemma REAL_OF_NUM_SUC: "real_add (real_of_num x) (real_of_num 1) = real_of_num (Suc x)"
  2377   by (import hollight REAL_OF_NUM_SUC)
  2378 
  2379 lemma REAL_OF_NUM_SUB: "m <= n ==> real_sub (real_of_num n) (real_of_num m) = real_of_num (n - m)"
  2380   by (import hollight REAL_OF_NUM_SUB)
  2381 
  2382 lemma REAL_MUL_AC: "real_mul m n = real_mul n m &
  2383 real_mul (real_mul m n) p = real_mul m (real_mul n p) &
  2384 real_mul m (real_mul n p) = real_mul n (real_mul m p)"
  2385   by (import hollight REAL_MUL_AC)
  2386 
  2387 lemma REAL_ADD_RDISTRIB: "real_mul (real_add x y) z = real_add (real_mul x z) (real_mul y z)"
  2388   by (import hollight REAL_ADD_RDISTRIB)
  2389 
  2390 lemma REAL_LT_LADD_IMP: "real_lt y z ==> real_lt (real_add x y) (real_add x z)"
  2391   by (import hollight REAL_LT_LADD_IMP)
  2392 
  2393 lemma REAL_LT_MUL: "real_lt (real_of_num 0) x & real_lt (real_of_num 0) y
  2394 ==> real_lt (real_of_num 0) (real_mul x y)"
  2395   by (import hollight REAL_LT_MUL)
  2396 
  2397 lemma REAL_EQ_ADD_LCANCEL_0: "(real_add x y = x) = (y = real_of_num 0)"
  2398   by (import hollight REAL_EQ_ADD_LCANCEL_0)
  2399 
  2400 lemma REAL_EQ_ADD_RCANCEL_0: "(real_add x y = y) = (x = real_of_num 0)"
  2401   by (import hollight REAL_EQ_ADD_RCANCEL_0)
  2402 
  2403 lemma REAL_LNEG_UNIQ: "(real_add x y = real_of_num 0) = (x = real_neg y)"
  2404   by (import hollight REAL_LNEG_UNIQ)
  2405 
  2406 lemma REAL_RNEG_UNIQ: "(real_add x y = real_of_num 0) = (y = real_neg x)"
  2407   by (import hollight REAL_RNEG_UNIQ)
  2408 
  2409 lemma REAL_NEG_LMUL: "real_neg (real_mul x y) = real_mul (real_neg x) y"
  2410   by (import hollight REAL_NEG_LMUL)
  2411 
  2412 lemma REAL_NEG_RMUL: "real_neg (real_mul x y) = real_mul x (real_neg y)"
  2413   by (import hollight REAL_NEG_RMUL)
  2414 
  2415 lemma REAL_NEGNEG: "real_neg (real_neg x) = x"
  2416   by (import hollight REAL_NEGNEG)
  2417 
  2418 lemma REAL_NEG_MUL2: "real_mul (real_neg x) (real_neg y) = real_mul x y"
  2419   by (import hollight REAL_NEG_MUL2)
  2420 
  2421 lemma REAL_LT_LADD: "real_lt (real_add x y) (real_add x z) = real_lt y z"
  2422   by (import hollight REAL_LT_LADD)
  2423 
  2424 lemma REAL_LT_RADD: "real_lt (real_add x z) (real_add y z) = real_lt x y"
  2425   by (import hollight REAL_LT_RADD)
  2426 
  2427 lemma REAL_LT_ANTISYM: "~ (real_lt x y & real_lt y x)"
  2428   by (import hollight REAL_LT_ANTISYM)
  2429 
  2430 lemma REAL_LT_GT: "real_lt x y ==> ~ real_lt y x"
  2431   by (import hollight REAL_LT_GT)
  2432 
  2433 lemma REAL_NOT_EQ: "(x ~= y) = (real_lt x y | real_lt y x)"
  2434   by (import hollight REAL_NOT_EQ)
  2435 
  2436 lemma REAL_LET_ANTISYM: "~ (real_le x y & real_lt y x)"
  2437   by (import hollight REAL_LET_ANTISYM)
  2438 
  2439 lemma REAL_NEG_LT0: "real_lt (real_neg x) (real_of_num 0) = real_lt (real_of_num 0) x"
  2440   by (import hollight REAL_NEG_LT0)
  2441 
  2442 lemma REAL_NEG_GT0: "real_lt (real_of_num 0) (real_neg x) = real_lt x (real_of_num 0)"
  2443   by (import hollight REAL_NEG_GT0)
  2444 
  2445 lemma REAL_NEG_LE0: "real_le (real_neg x) (real_of_num 0) = real_le (real_of_num 0) x"
  2446   by (import hollight REAL_NEG_LE0)
  2447 
  2448 lemma REAL_NEG_GE0: "real_le (real_of_num 0) (real_neg x) = real_le x (real_of_num 0)"
  2449   by (import hollight REAL_NEG_GE0)
  2450 
  2451 lemma REAL_LT_TOTAL: "x = y | real_lt x y | real_lt y x"
  2452   by (import hollight REAL_LT_TOTAL)
  2453 
  2454 lemma REAL_LT_NEGTOTAL: "x = real_of_num 0 |
  2455 real_lt (real_of_num 0) x | real_lt (real_of_num 0) (real_neg x)"
  2456   by (import hollight REAL_LT_NEGTOTAL)
  2457 
  2458 lemma REAL_LE_01: "real_le (real_of_num 0) (real_of_num 1)"
  2459   by (import hollight REAL_LE_01)
  2460 
  2461 lemma REAL_LT_01: "real_lt (real_of_num 0) (real_of_num 1)"
  2462   by (import hollight REAL_LT_01)
  2463 
  2464 lemma REAL_LE_LADD: "real_le (real_add x y) (real_add x z) = real_le y z"
  2465   by (import hollight REAL_LE_LADD)
  2466 
  2467 lemma REAL_LE_RADD: "real_le (real_add x z) (real_add y z) = real_le x y"
  2468   by (import hollight REAL_LE_RADD)
  2469 
  2470 lemma REAL_LT_ADD2: "real_lt w x & real_lt y z ==> real_lt (real_add w y) (real_add x z)"
  2471   by (import hollight REAL_LT_ADD2)
  2472 
  2473 lemma REAL_LE_ADD2: "real_le w x & real_le y z ==> real_le (real_add w y) (real_add x z)"
  2474   by (import hollight REAL_LE_ADD2)
  2475 
  2476 lemma REAL_LT_LNEG: "real_lt (real_neg x) xa = real_lt (real_of_num 0) (real_add x xa)"
  2477   by (import hollight REAL_LT_LNEG)
  2478 
  2479 lemma REAL_LT_RNEG: "real_lt x (real_neg xa) = real_lt (real_add x xa) (real_of_num 0)"
  2480   by (import hollight REAL_LT_RNEG)
  2481 
  2482 lemma REAL_LT_ADDNEG: "real_lt y (real_add x (real_neg z)) = real_lt (real_add y z) x"
  2483   by (import hollight REAL_LT_ADDNEG)
  2484 
  2485 lemma REAL_LT_ADDNEG2: "real_lt (real_add x (real_neg y)) z = real_lt x (real_add z y)"
  2486   by (import hollight REAL_LT_ADDNEG2)
  2487 
  2488 lemma REAL_LT_ADD1: "real_le x y ==> real_lt x (real_add y (real_of_num 1))"
  2489   by (import hollight REAL_LT_ADD1)
  2490 
  2491 lemma REAL_SUB_ADD: "real_add (real_sub x y) y = x"
  2492   by (import hollight REAL_SUB_ADD)
  2493 
  2494 lemma REAL_SUB_ADD2: "real_add y (real_sub x y) = x"
  2495   by (import hollight REAL_SUB_ADD2)
  2496 
  2497 lemma REAL_SUB_REFL: "real_sub x x = real_of_num 0"
  2498   by (import hollight REAL_SUB_REFL)
  2499 
  2500 lemma REAL_LE_DOUBLE: "real_le (real_of_num 0) (real_add x x) = real_le (real_of_num 0) x"
  2501   by (import hollight REAL_LE_DOUBLE)
  2502 
  2503 lemma REAL_LE_NEGL: "real_le (real_neg x) x = real_le (real_of_num 0) x"
  2504   by (import hollight REAL_LE_NEGL)
  2505 
  2506 lemma REAL_LE_NEGR: "real_le x (real_neg x) = real_le x (real_of_num 0)"
  2507   by (import hollight REAL_LE_NEGR)
  2508 
  2509 lemma REAL_NEG_EQ_0: "(real_neg x = real_of_num 0) = (x = real_of_num 0)"
  2510   by (import hollight REAL_NEG_EQ_0)
  2511 
  2512 lemma REAL_ADD_SUB: "real_sub (real_add x y) x = y"
  2513   by (import hollight REAL_ADD_SUB)
  2514 
  2515 lemma REAL_NEG_EQ: "(real_neg x = y) = (x = real_neg y)"
  2516   by (import hollight REAL_NEG_EQ)
  2517 
  2518 lemma REAL_NEG_MINUS1: "real_neg x = real_mul (real_neg (real_of_num 1)) x"
  2519   by (import hollight REAL_NEG_MINUS1)
  2520 
  2521 lemma REAL_LT_IMP_NE: "real_lt x y ==> x ~= y"
  2522   by (import hollight REAL_LT_IMP_NE)
  2523 
  2524 lemma REAL_LE_ADDR: "real_le x (real_add x y) = real_le (real_of_num 0) y"
  2525   by (import hollight REAL_LE_ADDR)
  2526 
  2527 lemma REAL_LE_ADDL: "real_le y (real_add x y) = real_le (real_of_num 0) x"
  2528   by (import hollight REAL_LE_ADDL)
  2529 
  2530 lemma REAL_LT_ADDR: "real_lt x (real_add x y) = real_lt (real_of_num 0) y"
  2531   by (import hollight REAL_LT_ADDR)
  2532 
  2533 lemma REAL_LT_ADDL: "real_lt y (real_add x y) = real_lt (real_of_num 0) x"
  2534   by (import hollight REAL_LT_ADDL)
  2535 
  2536 lemma REAL_SUB_SUB: "real_sub (real_sub x y) x = real_neg y"
  2537   by (import hollight REAL_SUB_SUB)
  2538 
  2539 lemma REAL_LT_ADD_SUB: "real_lt (real_add x y) z = real_lt x (real_sub z y)"
  2540   by (import hollight REAL_LT_ADD_SUB)
  2541 
  2542 lemma REAL_LT_SUB_RADD: "real_lt (real_sub x y) z = real_lt x (real_add z y)"
  2543   by (import hollight REAL_LT_SUB_RADD)
  2544 
  2545 lemma REAL_LT_SUB_LADD: "real_lt x (real_sub y z) = real_lt (real_add x z) y"
  2546   by (import hollight REAL_LT_SUB_LADD)
  2547 
  2548 lemma REAL_LE_SUB_LADD: "real_le x (real_sub y z) = real_le (real_add x z) y"
  2549   by (import hollight REAL_LE_SUB_LADD)
  2550 
  2551 lemma REAL_LE_SUB_RADD: "real_le (real_sub x y) z = real_le x (real_add z y)"
  2552   by (import hollight REAL_LE_SUB_RADD)
  2553 
  2554 lemma REAL_LT_NEG: "real_lt (real_neg x) (real_neg y) = real_lt y x"
  2555   by (import hollight REAL_LT_NEG)
  2556 
  2557 lemma REAL_LE_NEG: "real_le (real_neg x) (real_neg y) = real_le y x"
  2558   by (import hollight REAL_LE_NEG)
  2559 
  2560 lemma REAL_ADD2_SUB2: "real_sub (real_add a b) (real_add c d) =
  2561 real_add (real_sub a c) (real_sub b d)"
  2562   by (import hollight REAL_ADD2_SUB2)
  2563 
  2564 lemma REAL_SUB_LZERO: "real_sub (real_of_num 0) x = real_neg x"
  2565   by (import hollight REAL_SUB_LZERO)
  2566 
  2567 lemma REAL_SUB_RZERO: "real_sub x (real_of_num 0) = x"
  2568   by (import hollight REAL_SUB_RZERO)
  2569 
  2570 lemma REAL_LET_ADD2: "real_le w x & real_lt y z ==> real_lt (real_add w y) (real_add x z)"
  2571   by (import hollight REAL_LET_ADD2)
  2572 
  2573 lemma REAL_LTE_ADD2: "real_lt w x & real_le y z ==> real_lt (real_add w y) (real_add x z)"
  2574   by (import hollight REAL_LTE_ADD2)
  2575 
  2576 lemma REAL_SUB_LNEG: "real_sub (real_neg x) y = real_neg (real_add x y)"
  2577   by (import hollight REAL_SUB_LNEG)
  2578 
  2579 lemma REAL_SUB_RNEG: "real_sub x (real_neg y) = real_add x y"
  2580   by (import hollight REAL_SUB_RNEG)
  2581 
  2582 lemma REAL_SUB_NEG2: "real_sub (real_neg x) (real_neg y) = real_sub y x"
  2583   by (import hollight REAL_SUB_NEG2)
  2584 
  2585 lemma REAL_SUB_TRIANGLE: "real_add (real_sub a b) (real_sub b c) = real_sub a c"
  2586   by (import hollight REAL_SUB_TRIANGLE)
  2587 
  2588 lemma REAL_EQ_SUB_LADD: "(x = real_sub y z) = (real_add x z = y)"
  2589   by (import hollight REAL_EQ_SUB_LADD)
  2590 
  2591 lemma REAL_EQ_SUB_RADD: "(real_sub x y = z) = (x = real_add z y)"
  2592   by (import hollight REAL_EQ_SUB_RADD)
  2593 
  2594 lemma REAL_SUB_SUB2: "real_sub x (real_sub x y) = y"
  2595   by (import hollight REAL_SUB_SUB2)
  2596 
  2597 lemma REAL_ADD_SUB2: "real_sub x (real_add x y) = real_neg y"
  2598   by (import hollight REAL_ADD_SUB2)
  2599 
  2600 lemma REAL_EQ_IMP_LE: "x = y ==> real_le x y"
  2601   by (import hollight REAL_EQ_IMP_LE)
  2602 
  2603 lemma REAL_POS_NZ: "real_lt (real_of_num 0) x ==> x ~= real_of_num 0"
  2604   by (import hollight REAL_POS_NZ)
  2605 
  2606 lemma REAL_DIFFSQ: "real_mul (real_add x y) (real_sub x y) =
  2607 real_sub (real_mul x x) (real_mul y y)"
  2608   by (import hollight REAL_DIFFSQ)
  2609 
  2610 lemma REAL_EQ_NEG2: "(real_neg x = real_neg y) = (x = y)"
  2611   by (import hollight REAL_EQ_NEG2)
  2612 
  2613 lemma REAL_LT_NEG2: "real_lt (real_neg x) (real_neg y) = real_lt y x"
  2614   by (import hollight REAL_LT_NEG2)
  2615 
  2616 lemma REAL_SUB_LDISTRIB: "real_mul x (real_sub y z) = real_sub (real_mul x y) (real_mul x z)"
  2617   by (import hollight REAL_SUB_LDISTRIB)
  2618 
  2619 lemma REAL_SUB_RDISTRIB: "real_mul (real_sub x y) z = real_sub (real_mul x z) (real_mul y z)"
  2620   by (import hollight REAL_SUB_RDISTRIB)
  2621 
  2622 lemma REAL_ABS_ZERO: "(real_abs x = real_of_num 0) = (x = real_of_num 0)"
  2623   by (import hollight REAL_ABS_ZERO)
  2624 
  2625 lemma REAL_ABS_0: "real_abs (real_of_num 0) = real_of_num 0"
  2626   by (import hollight REAL_ABS_0)
  2627 
  2628 lemma REAL_ABS_1: "real_abs (real_of_num 1) = real_of_num 1"
  2629   by (import hollight REAL_ABS_1)
  2630 
  2631 lemma REAL_ABS_TRIANGLE: "real_le (real_abs (real_add x y)) (real_add (real_abs x) (real_abs y))"
  2632   by (import hollight REAL_ABS_TRIANGLE)
  2633 
  2634 lemma REAL_ABS_TRIANGLE_LE: "real_le (real_add (real_abs x) (real_abs (real_sub y x))) z
  2635 ==> real_le (real_abs y) z"
  2636   by (import hollight REAL_ABS_TRIANGLE_LE)
  2637 
  2638 lemma REAL_ABS_TRIANGLE_LT: "real_lt (real_add (real_abs x) (real_abs (real_sub y x))) z
  2639 ==> real_lt (real_abs y) z"
  2640   by (import hollight REAL_ABS_TRIANGLE_LT)
  2641 
  2642 lemma REAL_ABS_POS: "real_le (real_of_num 0) (real_abs x)"
  2643   by (import hollight REAL_ABS_POS)
  2644 
  2645 lemma REAL_ABS_SUB: "real_abs (real_sub x y) = real_abs (real_sub y x)"
  2646   by (import hollight REAL_ABS_SUB)
  2647 
  2648 lemma REAL_ABS_NZ: "(x ~= real_of_num 0) = real_lt (real_of_num 0) (real_abs x)"
  2649   by (import hollight REAL_ABS_NZ)
  2650 
  2651 lemma REAL_ABS_ABS: "real_abs (real_abs x) = real_abs x"
  2652   by (import hollight REAL_ABS_ABS)
  2653 
  2654 lemma REAL_ABS_LE: "real_le x (real_abs x)"
  2655   by (import hollight REAL_ABS_LE)
  2656 
  2657 lemma REAL_ABS_REFL: "(real_abs x = x) = real_le (real_of_num 0) x"
  2658   by (import hollight REAL_ABS_REFL)
  2659 
  2660 lemma REAL_ABS_BETWEEN: "(real_lt (real_of_num 0) d &
  2661  real_lt (real_sub x d) y & real_lt y (real_add x d)) =
  2662 real_lt (real_abs (real_sub y x)) d"
  2663   by (import hollight REAL_ABS_BETWEEN)
  2664 
  2665 lemma REAL_ABS_BOUND: "real_lt (real_abs (real_sub x y)) d ==> real_lt y (real_add x d)"
  2666   by (import hollight REAL_ABS_BOUND)
  2667 
  2668 lemma REAL_ABS_STILLNZ: "real_lt (real_abs (real_sub x y)) (real_abs y) ==> x ~= real_of_num 0"
  2669   by (import hollight REAL_ABS_STILLNZ)
  2670 
  2671 lemma REAL_ABS_CASES: "x = real_of_num 0 | real_lt (real_of_num 0) (real_abs x)"
  2672   by (import hollight REAL_ABS_CASES)
  2673 
  2674 lemma REAL_ABS_BETWEEN1: "real_lt x z & real_lt (real_abs (real_sub y x)) (real_sub z x)
  2675 ==> real_lt y z"
  2676   by (import hollight REAL_ABS_BETWEEN1)
  2677 
  2678 lemma REAL_ABS_SIGN: "real_lt (real_abs (real_sub x y)) y ==> real_lt (real_of_num 0) x"
  2679   by (import hollight REAL_ABS_SIGN)
  2680 
  2681 lemma REAL_ABS_SIGN2: "real_lt (real_abs (real_sub x y)) (real_neg y) ==> real_lt x (real_of_num 0)"
  2682   by (import hollight REAL_ABS_SIGN2)
  2683 
  2684 lemma REAL_ABS_CIRCLE: "real_lt (real_abs h) (real_sub (real_abs y) (real_abs x))
  2685 ==> real_lt (real_abs (real_add x h)) (real_abs y)"
  2686   by (import hollight REAL_ABS_CIRCLE)
  2687 
  2688 lemma REAL_SUB_ABS: "real_le (real_sub (real_abs x) (real_abs y)) (real_abs (real_sub x y))"
  2689   by (import hollight REAL_SUB_ABS)
  2690 
  2691 lemma REAL_ABS_SUB_ABS: "real_le (real_abs (real_sub (real_abs x) (real_abs y)))
  2692  (real_abs (real_sub x y))"
  2693   by (import hollight REAL_ABS_SUB_ABS)
  2694 
  2695 lemma REAL_ABS_BETWEEN2: "real_lt x0 y0 &
  2696 real_lt (real_mul (real_of_num 2) (real_abs (real_sub x x0)))
  2697  (real_sub y0 x0) &
  2698 real_lt (real_mul (real_of_num 2) (real_abs (real_sub y y0)))
  2699  (real_sub y0 x0)
  2700 ==> real_lt x y"
  2701   by (import hollight REAL_ABS_BETWEEN2)
  2702 
  2703 lemma REAL_ABS_BOUNDS: "real_le (real_abs x) k = (real_le (real_neg k) x & real_le x k)"
  2704   by (import hollight REAL_ABS_BOUNDS)
  2705 
  2706 lemma REAL_BOUNDS_LE: "(real_le (real_neg k) x & real_le x k) = real_le (real_abs x) k"
  2707   by (import hollight REAL_BOUNDS_LE)
  2708 
  2709 lemma REAL_BOUNDS_LT: "(real_lt (real_neg k) x & real_lt x k) = real_lt (real_abs x) k"
  2710   by (import hollight REAL_BOUNDS_LT)
  2711 
  2712 lemma REAL_MIN_MAX: "real_min x y = real_neg (real_max (real_neg x) (real_neg y))"
  2713   by (import hollight REAL_MIN_MAX)
  2714 
  2715 lemma REAL_MAX_MIN: "real_max x y = real_neg (real_min (real_neg x) (real_neg y))"
  2716   by (import hollight REAL_MAX_MIN)
  2717 
  2718 lemma REAL_MAX_MAX: "real_le x (real_max x y) & real_le y (real_max x y)"
  2719   by (import hollight REAL_MAX_MAX)
  2720 
  2721 lemma REAL_MIN_MIN: "real_le (real_min x y) x & real_le (real_min x y) y"
  2722   by (import hollight REAL_MIN_MIN)
  2723 
  2724 lemma REAL_MAX_SYM: "real_max x y = real_max y x"
  2725   by (import hollight REAL_MAX_SYM)
  2726 
  2727 lemma REAL_MIN_SYM: "real_min x y = real_min y x"
  2728   by (import hollight REAL_MIN_SYM)
  2729 
  2730 lemma REAL_LE_MAX: "real_le z (real_max x y) = (real_le z x | real_le z y)"
  2731   by (import hollight REAL_LE_MAX)
  2732 
  2733 lemma REAL_LE_MIN: "real_le z (real_min x y) = (real_le z x & real_le z y)"
  2734   by (import hollight REAL_LE_MIN)
  2735 
  2736 lemma REAL_LT_MAX: "real_lt z (real_max x y) = (real_lt z x | real_lt z y)"
  2737   by (import hollight REAL_LT_MAX)
  2738 
  2739 lemma REAL_LT_MIN: "real_lt z (real_min x y) = (real_lt z x & real_lt z y)"
  2740   by (import hollight REAL_LT_MIN)
  2741 
  2742 lemma REAL_MAX_LE: "real_le (real_max x y) z = (real_le x z & real_le y z)"
  2743   by (import hollight REAL_MAX_LE)
  2744 
  2745 lemma REAL_MIN_LE: "real_le (real_min x y) z = (real_le x z | real_le y z)"
  2746   by (import hollight REAL_MIN_LE)
  2747 
  2748 lemma REAL_MAX_LT: "real_lt (real_max x y) z = (real_lt x z & real_lt y z)"
  2749   by (import hollight REAL_MAX_LT)
  2750 
  2751 lemma REAL_MIN_LT: "real_lt (real_min x y) z = (real_lt x z | real_lt y z)"
  2752   by (import hollight REAL_MIN_LT)
  2753 
  2754 lemma REAL_MAX_ASSOC: "real_max x (real_max y z) = real_max (real_max x y) z"
  2755   by (import hollight REAL_MAX_ASSOC)
  2756 
  2757 lemma REAL_MIN_ASSOC: "real_min x (real_min y z) = real_min (real_min x y) z"
  2758   by (import hollight REAL_MIN_ASSOC)
  2759 
  2760 lemma REAL_MAX_ACI: "real_max x y = real_max y x &
  2761 real_max (real_max x y) z = real_max x (real_max y z) &
  2762 real_max x (real_max y z) = real_max y (real_max x z) &
  2763 real_max x x = x & real_max x (real_max x y) = real_max x y"
  2764   by (import hollight REAL_MAX_ACI)
  2765 
  2766 lemma REAL_MIN_ACI: "real_min x y = real_min y x &
  2767 real_min (real_min x y) z = real_min x (real_min y z) &
  2768 real_min x (real_min y z) = real_min y (real_min x z) &
  2769 real_min x x = x & real_min x (real_min x y) = real_min x y"
  2770   by (import hollight REAL_MIN_ACI)
  2771 
  2772 lemma REAL_ABS_MUL: "real_abs (real_mul x y) = real_mul (real_abs x) (real_abs y)"
  2773   by (import hollight REAL_ABS_MUL)
  2774 
  2775 lemma REAL_POW_LE: "real_le (real_of_num 0) x ==> real_le (real_of_num 0) (real_pow x n)"
  2776   by (import hollight REAL_POW_LE)
  2777 
  2778 lemma REAL_POW_LT: "real_lt (real_of_num 0) x ==> real_lt (real_of_num 0) (real_pow x n)"
  2779   by (import hollight REAL_POW_LT)
  2780 
  2781 lemma REAL_ABS_POW: "real_abs (real_pow x n) = real_pow (real_abs x) n"
  2782   by (import hollight REAL_ABS_POW)
  2783 
  2784 lemma REAL_LE_LMUL: "real_le (real_of_num 0) x & real_le xa xb
  2785 ==> real_le (real_mul x xa) (real_mul x xb)"
  2786   by (import hollight REAL_LE_LMUL)
  2787 
  2788 lemma REAL_LE_RMUL: "real_le x y & real_le (real_of_num 0) z
  2789 ==> real_le (real_mul x z) (real_mul y z)"
  2790   by (import hollight REAL_LE_RMUL)
  2791 
  2792 lemma REAL_LT_LMUL: "real_lt (real_of_num 0) x & real_lt xa xb
  2793 ==> real_lt (real_mul x xa) (real_mul x xb)"
  2794   by (import hollight REAL_LT_LMUL)
  2795 
  2796 lemma REAL_LT_RMUL: "real_lt x y & real_lt (real_of_num 0) z
  2797 ==> real_lt (real_mul x z) (real_mul y z)"
  2798   by (import hollight REAL_LT_RMUL)
  2799 
  2800 lemma REAL_EQ_MUL_LCANCEL: "(real_mul x y = real_mul x z) = (x = real_of_num 0 | y = z)"
  2801   by (import hollight REAL_EQ_MUL_LCANCEL)
  2802 
  2803 lemma REAL_EQ_MUL_RCANCEL: "(real_mul x xb = real_mul xa xb) = (x = xa | xb = real_of_num 0)"
  2804   by (import hollight REAL_EQ_MUL_RCANCEL)
  2805 
  2806 lemma REAL_MUL_LINV_UNIQ: "real_mul x y = real_of_num 1 ==> real_inv y = x"
  2807   by (import hollight REAL_MUL_LINV_UNIQ)
  2808 
  2809 lemma REAL_MUL_RINV_UNIQ: "real_mul x xa = real_of_num 1 ==> real_inv x = xa"
  2810   by (import hollight REAL_MUL_RINV_UNIQ)
  2811 
  2812 lemma REAL_INV_INV: "real_inv (real_inv x) = x"
  2813   by (import hollight REAL_INV_INV)
  2814 
  2815 lemma REAL_EQ_INV2: "(real_inv x = real_inv y) = (x = y)"
  2816   by (import hollight REAL_EQ_INV2)
  2817 
  2818 lemma REAL_INV_EQ_0: "(real_inv x = real_of_num 0) = (x = real_of_num 0)"
  2819   by (import hollight REAL_INV_EQ_0)
  2820 
  2821 lemma REAL_LT_INV: "real_lt (real_of_num 0) x ==> real_lt (real_of_num 0) (real_inv x)"
  2822   by (import hollight REAL_LT_INV)
  2823 
  2824 lemma REAL_LT_INV_EQ: "real_lt (real_of_num 0) (real_inv x) = real_lt (real_of_num 0) x"
  2825   by (import hollight REAL_LT_INV_EQ)
  2826 
  2827 lemma REAL_INV_NEG: "real_inv (real_neg x) = real_neg (real_inv x)"
  2828   by (import hollight REAL_INV_NEG)
  2829 
  2830 lemma REAL_LE_INV_EQ: "real_le (real_of_num 0) (real_inv x) = real_le (real_of_num 0) x"
  2831   by (import hollight REAL_LE_INV_EQ)
  2832 
  2833 lemma REAL_LE_INV: "real_le (real_of_num 0) x ==> real_le (real_of_num 0) (real_inv x)"
  2834   by (import hollight REAL_LE_INV)
  2835 
  2836 lemma REAL_MUL_RINV: "x ~= real_of_num 0 ==> real_mul x (real_inv x) = real_of_num 1"
  2837   by (import hollight REAL_MUL_RINV)
  2838 
  2839 lemma REAL_INV_1: "real_inv (real_of_num 1) = real_of_num 1"
  2840   by (import hollight REAL_INV_1)
  2841 
  2842 lemma REAL_INV_EQ_1: "(real_inv x = real_of_num 1) = (x = real_of_num 1)"
  2843   by (import hollight REAL_INV_EQ_1)
  2844 
  2845 lemma REAL_DIV_1: "real_div x (real_of_num 1) = x"
  2846   by (import hollight REAL_DIV_1)
  2847 
  2848 lemma REAL_DIV_REFL: "x ~= real_of_num 0 ==> real_div x x = real_of_num 1"
  2849   by (import hollight REAL_DIV_REFL)
  2850 
  2851 lemma REAL_DIV_RMUL: "xa ~= real_of_num 0 ==> real_mul (real_div x xa) xa = x"
  2852   by (import hollight REAL_DIV_RMUL)
  2853 
  2854 lemma REAL_DIV_LMUL: "xa ~= real_of_num 0 ==> real_mul xa (real_div x xa) = x"
  2855   by (import hollight REAL_DIV_LMUL)
  2856 
  2857 lemma REAL_ABS_INV: "real_abs (real_inv x) = real_inv (real_abs x)"
  2858   by (import hollight REAL_ABS_INV)
  2859 
  2860 lemma REAL_ABS_DIV: "real_abs (real_div x xa) = real_div (real_abs x) (real_abs xa)"
  2861   by (import hollight REAL_ABS_DIV)
  2862 
  2863 lemma REAL_INV_MUL: "real_inv (real_mul x y) = real_mul (real_inv x) (real_inv y)"
  2864   by (import hollight REAL_INV_MUL)
  2865 
  2866 lemma REAL_INV_DIV: "real_inv (real_div x xa) = real_div xa x"
  2867   by (import hollight REAL_INV_DIV)
  2868 
  2869 lemma REAL_POW_MUL: "real_pow (real_mul x y) n = real_mul (real_pow x n) (real_pow y n)"
  2870   by (import hollight REAL_POW_MUL)
  2871 
  2872 lemma REAL_POW_INV: "real_pow (real_inv x) n = real_inv (real_pow x n)"
  2873   by (import hollight REAL_POW_INV)
  2874 
  2875 lemma REAL_INV_POW: "real_inv (real_pow x xa) = real_pow (real_inv x) xa"
  2876   by (import hollight REAL_INV_POW)
  2877 
  2878 lemma REAL_POW_DIV: "real_pow (real_div x xa) xb = real_div (real_pow x xb) (real_pow xa xb)"
  2879   by (import hollight REAL_POW_DIV)
  2880 
  2881 lemma REAL_POW_ADD: "real_pow x (m + n) = real_mul (real_pow x m) (real_pow x n)"
  2882   by (import hollight REAL_POW_ADD)
  2883 
  2884 lemma REAL_POW_NZ: "x ~= real_of_num 0 ==> real_pow x n ~= real_of_num 0"
  2885   by (import hollight REAL_POW_NZ)
  2886 
  2887 lemma REAL_POW_SUB: "x ~= real_of_num 0 & m <= n
  2888 ==> real_pow x (n - m) = real_div (real_pow x n) (real_pow x m)"
  2889   by (import hollight REAL_POW_SUB)
  2890 
  2891 lemma REAL_LT_IMP_NZ: "real_lt (real_of_num 0) x ==> x ~= real_of_num 0"
  2892   by (import hollight REAL_LT_IMP_NZ)
  2893 
  2894 lemma REAL_LT_LCANCEL_IMP: "real_lt (real_of_num 0) x & real_lt (real_mul x y) (real_mul x z)
  2895 ==> real_lt y z"
  2896   by (import hollight REAL_LT_LCANCEL_IMP)
  2897 
  2898 lemma REAL_LT_RCANCEL_IMP: "real_lt (real_of_num 0) xb & real_lt (real_mul x xb) (real_mul xa xb)
  2899 ==> real_lt x xa"
  2900   by (import hollight REAL_LT_RCANCEL_IMP)
  2901 
  2902 lemma REAL_LE_LCANCEL_IMP: "real_lt (real_of_num 0) x & real_le (real_mul x y) (real_mul x z)
  2903 ==> real_le y z"
  2904   by (import hollight REAL_LE_LCANCEL_IMP)
  2905 
  2906 lemma REAL_LE_RCANCEL_IMP: "real_lt (real_of_num 0) xb & real_le (real_mul x xb) (real_mul xa xb)
  2907 ==> real_le x xa"
  2908   by (import hollight REAL_LE_RCANCEL_IMP)
  2909 
  2910 lemma REAL_LE_RMUL_EQ: "real_lt (real_of_num 0) z
  2911 ==> real_le (real_mul x z) (real_mul y z) = real_le x y"
  2912   by (import hollight REAL_LE_RMUL_EQ)
  2913 
  2914 lemma REAL_LE_LMUL_EQ: "real_lt (real_of_num 0) z
  2915 ==> real_le (real_mul z x) (real_mul z y) = real_le x y"
  2916   by (import hollight REAL_LE_LMUL_EQ)
  2917 
  2918 lemma REAL_LT_RMUL_EQ: "real_lt (real_of_num 0) xb
  2919 ==> real_lt (real_mul x xb) (real_mul xa xb) = real_lt x xa"
  2920   by (import hollight REAL_LT_RMUL_EQ)
  2921 
  2922 lemma REAL_LT_LMUL_EQ: "real_lt (real_of_num 0) xb
  2923 ==> real_lt (real_mul xb x) (real_mul xb xa) = real_lt x xa"
  2924   by (import hollight REAL_LT_LMUL_EQ)
  2925 
  2926 lemma REAL_LE_MUL_EQ: "(ALL x y.
  2927     real_lt (real_of_num 0) x -->
  2928     real_le (real_of_num 0) (real_mul x y) = real_le (real_of_num 0) y) &
  2929 (ALL x y.
  2930     real_lt (real_of_num 0) y -->
  2931     real_le (real_of_num 0) (real_mul x y) = real_le (real_of_num 0) x)"
  2932   by (import hollight REAL_LE_MUL_EQ)
  2933 
  2934 lemma REAL_LT_MUL_EQ: "(ALL x y.
  2935     real_lt (real_of_num 0) x -->
  2936     real_lt (real_of_num 0) (real_mul x y) = real_lt (real_of_num 0) y) &
  2937 (ALL x y.
  2938     real_lt (real_of_num 0) y -->
  2939     real_lt (real_of_num 0) (real_mul x y) = real_lt (real_of_num 0) x)"
  2940   by (import hollight REAL_LT_MUL_EQ)
  2941 
  2942 lemma REAL_MUL_POS_LT: "real_lt (real_of_num 0) (real_mul x y) =
  2943 (real_lt (real_of_num 0) x & real_lt (real_of_num 0) y |
  2944  real_lt x (real_of_num 0) & real_lt y (real_of_num 0))"
  2945   by (import hollight REAL_MUL_POS_LT)
  2946 
  2947 lemma REAL_MUL_POS_LE: "real_le (real_of_num 0) (real_mul x xa) =
  2948 (x = real_of_num 0 |
  2949  xa = real_of_num 0 |
  2950  real_lt (real_of_num 0) x & real_lt (real_of_num 0) xa |
  2951  real_lt x (real_of_num 0) & real_lt xa (real_of_num 0))"
  2952   by (import hollight REAL_MUL_POS_LE)
  2953 
  2954 lemma REAL_LE_RDIV_EQ: "real_lt (real_of_num 0) z
  2955 ==> real_le x (real_div y z) = real_le (real_mul x z) y"
  2956   by (import hollight REAL_LE_RDIV_EQ)
  2957 
  2958 lemma REAL_LE_LDIV_EQ: "real_lt (real_of_num 0) z
  2959 ==> real_le (real_div x z) y = real_le x (real_mul y z)"
  2960   by (import hollight REAL_LE_LDIV_EQ)
  2961 
  2962 lemma REAL_LT_RDIV_EQ: "real_lt (real_of_num 0) xb
  2963 ==> real_lt x (real_div xa xb) = real_lt (real_mul x xb) xa"
  2964   by (import hollight REAL_LT_RDIV_EQ)
  2965 
  2966 lemma REAL_LT_LDIV_EQ: "real_lt (real_of_num 0) xb
  2967 ==> real_lt (real_div x xb) xa = real_lt x (real_mul xa xb)"
  2968   by (import hollight REAL_LT_LDIV_EQ)
  2969 
  2970 lemma REAL_EQ_RDIV_EQ: "real_lt (real_of_num 0) xb ==> (x = real_div xa xb) = (real_mul x xb = xa)"
  2971   by (import hollight REAL_EQ_RDIV_EQ)
  2972 
  2973 lemma REAL_EQ_LDIV_EQ: "real_lt (real_of_num 0) xb ==> (real_div x xb = xa) = (x = real_mul xa xb)"
  2974   by (import hollight REAL_EQ_LDIV_EQ)
  2975 
  2976 lemma REAL_LT_DIV2_EQ: "real_lt (real_of_num 0) xb
  2977 ==> real_lt (real_div x xb) (real_div xa xb) = real_lt x xa"
  2978   by (import hollight REAL_LT_DIV2_EQ)
  2979 
  2980 lemma REAL_LE_DIV2_EQ: "real_lt (real_of_num 0) xb
  2981 ==> real_le (real_div x xb) (real_div xa xb) = real_le x xa"
  2982   by (import hollight REAL_LE_DIV2_EQ)
  2983 
  2984 lemma REAL_MUL_2: "real_mul (real_of_num 2) x = real_add x x"
  2985   by (import hollight REAL_MUL_2)
  2986 
  2987 lemma REAL_POW_EQ_0: "(real_pow x n = real_of_num 0) = (x = real_of_num 0 & n ~= 0)"
  2988   by (import hollight REAL_POW_EQ_0)
  2989 
  2990 lemma REAL_LE_MUL2: "real_le (real_of_num 0) w &
  2991 real_le w x & real_le (real_of_num 0) y & real_le y z
  2992 ==> real_le (real_mul w y) (real_mul x z)"
  2993   by (import hollight REAL_LE_MUL2)
  2994 
  2995 lemma REAL_LT_MUL2: "real_le (real_of_num 0) w &
  2996 real_lt w x & real_le (real_of_num 0) y & real_lt y z
  2997 ==> real_lt (real_mul w y) (real_mul x z)"
  2998   by (import hollight REAL_LT_MUL2)
  2999 
  3000 lemma REAL_LT_SQUARE: "real_lt (real_of_num 0) (real_mul x x) = (x ~= real_of_num 0)"
  3001   by (import hollight REAL_LT_SQUARE)
  3002 
  3003 lemma REAL_POW_1: "real_pow x 1 = x"
  3004   by (import hollight REAL_POW_1)
  3005 
  3006 lemma REAL_POW_ONE: "real_pow (real_of_num 1) n = real_of_num 1"
  3007   by (import hollight REAL_POW_ONE)
  3008 
  3009 lemma REAL_LT_INV2: "real_lt (real_of_num 0) x & real_lt x y
  3010 ==> real_lt (real_inv y) (real_inv x)"
  3011   by (import hollight REAL_LT_INV2)
  3012 
  3013 lemma REAL_LE_INV2: "real_lt (real_of_num 0) x & real_le x y
  3014 ==> real_le (real_inv y) (real_inv x)"
  3015   by (import hollight REAL_LE_INV2)
  3016 
  3017 lemma REAL_LT_LINV: "real_lt (real_of_num 0) y & real_lt (real_inv y) x
  3018 ==> real_lt (real_inv x) y"
  3019   by (import hollight REAL_LT_LINV)
  3020 
  3021 lemma REAL_LT_RINV: "real_lt (real_of_num 0) x & real_lt x (real_inv y)
  3022 ==> real_lt y (real_inv x)"
  3023   by (import hollight REAL_LT_RINV)
  3024 
  3025 lemma REAL_LE_LINV: "real_lt (real_of_num 0) y & real_le (real_inv y) x
  3026 ==> real_le (real_inv x) y"
  3027   by (import hollight REAL_LE_LINV)
  3028 
  3029 lemma REAL_LE_RINV: "real_lt (real_of_num 0) x & real_le x (real_inv y)
  3030 ==> real_le y (real_inv x)"
  3031   by (import hollight REAL_LE_RINV)
  3032 
  3033 lemma REAL_INV_LE_1: "real_le (real_of_num 1) x ==> real_le (real_inv x) (real_of_num 1)"
  3034   by (import hollight REAL_INV_LE_1)
  3035 
  3036 lemma REAL_INV_1_LE: "real_lt (real_of_num 0) x & real_le x (real_of_num 1)
  3037 ==> real_le (real_of_num 1) (real_inv x)"
  3038   by (import hollight REAL_INV_1_LE)
  3039 
  3040 lemma REAL_INV_LT_1: "real_lt (real_of_num 1) x ==> real_lt (real_inv x) (real_of_num 1)"
  3041   by (import hollight REAL_INV_LT_1)
  3042 
  3043 lemma REAL_INV_1_LT: "real_lt (real_of_num 0) x & real_lt x (real_of_num 1)
  3044 ==> real_lt (real_of_num 1) (real_inv x)"
  3045   by (import hollight REAL_INV_1_LT)
  3046 
  3047 lemma REAL_SUB_INV: "x ~= real_of_num 0 & xa ~= real_of_num 0
  3048 ==> real_sub (real_inv x) (real_inv xa) =
  3049     real_div (real_sub xa x) (real_mul x xa)"
  3050   by (import hollight REAL_SUB_INV)
  3051 
  3052 lemma REAL_DOWN: "real_lt (real_of_num 0) d ==> EX x. real_lt (real_of_num 0) x & real_lt x d"
  3053   by (import hollight REAL_DOWN)
  3054 
  3055 lemma REAL_DOWN2: "real_lt (real_of_num 0) d1 & real_lt (real_of_num 0) d2
  3056 ==> EX e. real_lt (real_of_num 0) e & real_lt e d1 & real_lt e d2"
  3057   by (import hollight REAL_DOWN2)
  3058 
  3059 lemma REAL_POW_LE2: "real_le (real_of_num 0) x & real_le x y
  3060 ==> real_le (real_pow x n) (real_pow y n)"
  3061   by (import hollight REAL_POW_LE2)
  3062 
  3063 lemma REAL_POW_LE_1: "real_le (real_of_num 1) x ==> real_le (real_of_num 1) (real_pow x n)"
  3064   by (import hollight REAL_POW_LE_1)
  3065 
  3066 lemma REAL_POW_1_LE: "real_le (real_of_num 0) x & real_le x (real_of_num 1)
  3067 ==> real_le (real_pow x n) (real_of_num 1)"
  3068   by (import hollight REAL_POW_1_LE)
  3069 
  3070 lemma REAL_POW_MONO: "real_le (real_of_num 1) x & m <= n ==> real_le (real_pow x m) (real_pow x n)"
  3071   by (import hollight REAL_POW_MONO)
  3072 
  3073 lemma REAL_POW_LT2: "n ~= 0 & real_le (real_of_num 0) x & real_lt x y
  3074 ==> real_lt (real_pow x n) (real_pow y n)"
  3075   by (import hollight REAL_POW_LT2)
  3076 
  3077 lemma REAL_POW_LT_1: "n ~= 0 & real_lt (real_of_num 1) x
  3078 ==> real_lt (real_of_num 1) (real_pow x n)"
  3079   by (import hollight REAL_POW_LT_1)
  3080 
  3081 lemma REAL_POW_1_LT: "n ~= 0 & real_le (real_of_num 0) x & real_lt x (real_of_num 1)
  3082 ==> real_lt (real_pow x n) (real_of_num 1)"
  3083   by (import hollight REAL_POW_1_LT)
  3084 
  3085 lemma REAL_POW_MONO_LT: "real_lt (real_of_num 1) x & m < n ==> real_lt (real_pow x m) (real_pow x n)"
  3086   by (import hollight REAL_POW_MONO_LT)
  3087 
  3088 lemma REAL_POW_POW: "real_pow (real_pow x m) n = real_pow x (m * n)"
  3089   by (import hollight REAL_POW_POW)
  3090 
  3091 lemma REAL_EQ_RCANCEL_IMP: "z ~= real_of_num 0 & real_mul x z = real_mul y z ==> x = y"
  3092   by (import hollight REAL_EQ_RCANCEL_IMP)
  3093 
  3094 lemma REAL_EQ_LCANCEL_IMP: "xb ~= real_of_num 0 & real_mul xb x = real_mul xb xa ==> x = xa"
  3095   by (import hollight REAL_EQ_LCANCEL_IMP)
  3096 
  3097 lemma REAL_LT_DIV: "real_lt (real_of_num 0) x & real_lt (real_of_num 0) xa
  3098 ==> real_lt (real_of_num 0) (real_div x xa)"
  3099   by (import hollight REAL_LT_DIV)
  3100 
  3101 lemma REAL_LE_DIV: "real_le (real_of_num 0) x & real_le (real_of_num 0) xa
  3102 ==> real_le (real_of_num 0) (real_div x xa)"
  3103   by (import hollight REAL_LE_DIV)
  3104 
  3105 lemma REAL_DIV_POW2: "x ~= real_of_num 0
  3106 ==> real_div (real_pow x m) (real_pow x n) =
  3107     (if n <= m then real_pow x (m - n) else real_inv (real_pow x (n - m)))"
  3108   by (import hollight REAL_DIV_POW2)
  3109 
  3110 lemma REAL_DIV_POW2_ALT: "x ~= real_of_num 0
  3111 ==> real_div (real_pow x m) (real_pow x n) =
  3112     (if n < m then real_pow x (m - n) else real_inv (real_pow x (n - m)))"
  3113   by (import hollight REAL_DIV_POW2_ALT)
  3114 
  3115 lemma REAL_LT_POW2: "real_lt (real_of_num 0) (real_pow (real_of_num 2) x)"
  3116   by (import hollight REAL_LT_POW2)
  3117 
  3118 lemma REAL_LE_POW2: "real_le (real_of_num 1) (real_pow (real_of_num 2) n)"
  3119   by (import hollight REAL_LE_POW2)
  3120 
  3121 lemma REAL_POW2_ABS: "real_pow (real_abs x) 2 = real_pow x 2"
  3122   by (import hollight REAL_POW2_ABS)
  3123 
  3124 lemma REAL_LE_SQUARE_ABS: "real_le (real_abs x) (real_abs y) = real_le (real_pow x 2) (real_pow y 2)"
  3125   by (import hollight REAL_LE_SQUARE_ABS)
  3126 
  3127 lemma REAL_LT_SQUARE_ABS: "real_lt (real_abs x) (real_abs xa) = real_lt (real_pow x 2) (real_pow xa 2)"
  3128   by (import hollight REAL_LT_SQUARE_ABS)
  3129 
  3130 lemma REAL_EQ_SQUARE_ABS: "(real_abs x = real_abs xa) = (real_pow x 2 = real_pow xa 2)"
  3131   by (import hollight REAL_EQ_SQUARE_ABS)
  3132 
  3133 lemma REAL_LE_POW_2: "real_le (real_of_num 0) (real_pow x 2)"
  3134   by (import hollight REAL_LE_POW_2)
  3135 
  3136 lemma REAL_SOS_EQ_0: "(real_add (real_pow x 2) (real_pow y 2) = real_of_num 0) =
  3137 (x = real_of_num 0 & y = real_of_num 0)"
  3138   by (import hollight REAL_SOS_EQ_0)
  3139 
  3140 lemma REAL_POW_ZERO: "real_pow (real_of_num 0) n =
  3141 (if n = 0 then real_of_num 1 else real_of_num 0)"
  3142   by (import hollight REAL_POW_ZERO)
  3143 
  3144 lemma REAL_POW_MONO_INV: "real_le (real_of_num 0) x & real_le x (real_of_num 1) & n <= m
  3145 ==> real_le (real_pow x m) (real_pow x n)"
  3146   by (import hollight REAL_POW_MONO_INV)
  3147 
  3148 lemma REAL_POW_LE2_REV: "n ~= 0 & real_le (real_of_num 0) y & real_le (real_pow x n) (real_pow y n)
  3149 ==> real_le x y"
  3150   by (import hollight REAL_POW_LE2_REV)
  3151 
  3152 lemma REAL_POW_LT2_REV: "real_le (real_of_num 0) y & real_lt (real_pow x n) (real_pow y n)
  3153 ==> real_lt x y"
  3154   by (import hollight REAL_POW_LT2_REV)
  3155 
  3156 lemma REAL_POW_EQ: "x ~= 0 &
  3157 real_le (real_of_num 0) xa &
  3158 real_le (real_of_num 0) xb & real_pow xa x = real_pow xb x
  3159 ==> xa = xb"
  3160   by (import hollight REAL_POW_EQ)
  3161 
  3162 lemma REAL_POW_EQ_ABS: "n ~= 0 & real_pow x n = real_pow y n ==> real_abs x = real_abs y"
  3163   by (import hollight REAL_POW_EQ_ABS)
  3164 
  3165 lemma REAL_POW_EQ_1_IMP: "n ~= 0 & real_pow x n = real_of_num 1 ==> real_abs x = real_of_num 1"
  3166   by (import hollight REAL_POW_EQ_1_IMP)
  3167 
  3168 lemma REAL_POW_EQ_1: "(real_pow x n = real_of_num 1) =
  3169 (real_abs x = real_of_num 1 & (real_lt x (real_of_num 0) --> even n) |
  3170  n = 0)"
  3171   by (import hollight REAL_POW_EQ_1)
  3172 
  3173 lemma REAL_POW_LT2_ODD: "real_lt x y & odd n ==> real_lt (real_pow x n) (real_pow y n)"
  3174   by (import hollight REAL_POW_LT2_ODD)
  3175 
  3176 lemma REAL_POW_LE2_ODD: "real_le xa xb & odd x ==> real_le (real_pow xa x) (real_pow xb x)"
  3177   by (import hollight REAL_POW_LE2_ODD)
  3178 
  3179 lemma REAL_POW_LT2_ODD_EQ: "odd n ==> real_lt (real_pow x n) (real_pow y n) = real_lt x y"
  3180   by (import hollight REAL_POW_LT2_ODD_EQ)
  3181 
  3182 lemma REAL_POW_LE2_ODD_EQ: "odd n ==> real_le (real_pow x n) (real_pow y n) = real_le x y"
  3183   by (import hollight REAL_POW_LE2_ODD_EQ)
  3184 
  3185 lemma REAL_POW_EQ_ODD_EQ: "odd x ==> (real_pow xa x = real_pow xb x) = (xa = xb)"
  3186   by (import hollight REAL_POW_EQ_ODD_EQ)
  3187 
  3188 lemma REAL_POW_EQ_ODD: "odd n & real_pow x n = real_pow y n ==> x = y"
  3189   by (import hollight REAL_POW_EQ_ODD)
  3190 
  3191 lemma REAL_POW_EQ_EQ: "(real_pow x n = real_pow y n) =
  3192 (if even n then n = 0 | real_abs x = real_abs y else x = y)"
  3193   by (import hollight REAL_POW_EQ_EQ)
  3194 
  3195 definition
  3196   real_sgn :: "hollight.real => hollight.real"  where
  3197   "real_sgn ==
  3198 %u. if real_lt (real_of_num 0) u then real_of_num 1
  3199     else if real_lt u (real_of_num 0) then real_neg (real_of_num 1)
  3200          else real_of_num 0"
  3201 
  3202 lemma DEF_real_sgn: "real_sgn =
  3203 (%u. if real_lt (real_of_num 0) u then real_of_num 1
  3204      else if real_lt u (real_of_num 0) then real_neg (real_of_num 1)
  3205           else real_of_num 0)"
  3206   by (import hollight DEF_real_sgn)
  3207 
  3208 lemma REAL_SGN_0: "real_sgn (real_of_num 0) = real_of_num 0"
  3209   by (import hollight REAL_SGN_0)
  3210 
  3211 lemma REAL_SGN_NEG: "real_sgn (real_neg x) = real_neg (real_sgn x)"
  3212   by (import hollight REAL_SGN_NEG)
  3213 
  3214 lemma REAL_SGN_ABS: "real_mul (real_sgn x) (real_abs x) = x"
  3215   by (import hollight REAL_SGN_ABS)
  3216 
  3217 lemma REAL_ABS_SGN: "real_abs (real_sgn x) = real_sgn (real_abs x)"
  3218   by (import hollight REAL_ABS_SGN)
  3219 
  3220 lemma REAL_SGN: "real_sgn x = real_div x (real_abs x)"
  3221   by (import hollight REAL_SGN)
  3222 
  3223 lemma REAL_SGN_MUL: "real_sgn (real_mul x xa) = real_mul (real_sgn x) (real_sgn xa)"
  3224   by (import hollight REAL_SGN_MUL)
  3225 
  3226 lemma REAL_SGN_INV: "real_sgn (real_inv x) = real_sgn x"
  3227   by (import hollight REAL_SGN_INV)
  3228 
  3229 lemma REAL_SGN_DIV: "real_sgn (real_div x xa) = real_div (real_sgn x) (real_sgn xa)"
  3230   by (import hollight REAL_SGN_DIV)
  3231 
  3232 lemma REAL_WLOG_LE: "(ALL x y. P x y = P y x) & (ALL x y. real_le x y --> P x y) ==> P x xa"
  3233   by (import hollight REAL_WLOG_LE)
  3234 
  3235 lemma REAL_WLOG_LT: "(ALL x. P x x) & (ALL x y. P x y = P y x) & (ALL x y. real_lt x y --> P x y)
  3236 ==> P x xa"
  3237   by (import hollight REAL_WLOG_LT)
  3238 
  3239 definition
  3240   DECIMAL :: "nat => nat => hollight.real"  where
  3241   "DECIMAL == %u ua. real_div (real_of_num u) (real_of_num ua)"
  3242 
  3243 lemma DEF_DECIMAL: "DECIMAL = (%u ua. real_div (real_of_num u) (real_of_num ua))"
  3244   by (import hollight DEF_DECIMAL)
  3245 
  3246 lemma RAT_LEMMA1: "y1 ~= real_of_num 0 & y2 ~= real_of_num 0
  3247 ==> real_add (real_div x1 y1) (real_div x2 y2) =
  3248     real_mul (real_add (real_mul x1 y2) (real_mul x2 y1))
  3249      (real_mul (real_inv y1) (real_inv y2))"
  3250   by (import hollight RAT_LEMMA1)
  3251 
  3252 lemma RAT_LEMMA2: "real_lt (real_of_num 0) y1 & real_lt (real_of_num 0) y2
  3253 ==> real_add (real_div x1 y1) (real_div x2 y2) =
  3254     real_mul (real_add (real_mul x1 y2) (real_mul x2 y1))
  3255      (real_mul (real_inv y1) (real_inv y2))"
  3256   by (import hollight RAT_LEMMA2)
  3257 
  3258 lemma RAT_LEMMA3: "real_lt (real_of_num 0) y1 & real_lt (real_of_num 0) y2
  3259 ==> real_sub (real_div x1 y1) (real_div x2 y2) =
  3260     real_mul (real_sub (real_mul x1 y2) (real_mul x2 y1))
  3261      (real_mul (real_inv y1) (real_inv y2))"
  3262   by (import hollight RAT_LEMMA3)
  3263 
  3264 lemma RAT_LEMMA4: "real_lt (real_of_num 0) y1 & real_lt (real_of_num 0) y2
  3265 ==> real_le (real_div x1 y1) (real_div x2 y2) =
  3266     real_le (real_mul x1 y2) (real_mul x2 y1)"
  3267   by (import hollight RAT_LEMMA4)
  3268 
  3269 lemma RAT_LEMMA5: "real_lt (real_of_num 0) y1 & real_lt (real_of_num 0) y2
  3270 ==> (real_div x1 y1 = real_div x2 y2) = (real_mul x1 y2 = real_mul x2 y1)"
  3271   by (import hollight RAT_LEMMA5)
  3272 
  3273 lemma REAL_INTEGRAL: "(ALL x. real_mul (real_of_num 0) x = real_of_num 0) &
  3274 (ALL x y z. (real_add x y = real_add x z) = (y = z)) &
  3275 (ALL w x y z.
  3276     (real_add (real_mul w y) (real_mul x z) =
  3277      real_add (real_mul w z) (real_mul x y)) =
  3278     (w = x | y = z))"
  3279   by (import hollight REAL_INTEGRAL)
  3280 
  3281 definition
  3282   integer :: "hollight.real => bool"  where
  3283   "integer == %u. EX n. real_abs u = real_of_num n"
  3284 
  3285 lemma DEF_integer: "integer = (%u. EX n. real_abs u = real_of_num n)"
  3286   by (import hollight DEF_integer)
  3287 
  3288 lemma is_int: "integer x = (EX n. x = real_of_num n | x = real_neg (real_of_num n))"
  3289   by (import hollight is_int)
  3290 
  3291 typedef (open) int = "Collect integer"  morphisms "real_of_int" "int_of_real"
  3292   apply (rule light_ex_imp_nonempty[where t="Eps integer"])
  3293   by (import hollight TYDEF_int)
  3294 
  3295 syntax
  3296   real_of_int :: _ 
  3297 
  3298 syntax
  3299   int_of_real :: _ 
  3300 
  3301 lemmas "TYDEF_int_@intern" = typedef_hol2hollight 
  3302   [where a="a :: hollight.int" and r=r ,
  3303    OF type_definition_int]
  3304 
  3305 lemma dest_int_rep: "EX n. hollight.real_of_int x = real_of_num n |
  3306       hollight.real_of_int x = real_neg (real_of_num n)"
  3307   by (import hollight dest_int_rep)
  3308 
  3309 definition
  3310   int_le :: "hollight.int => hollight.int => bool"  where
  3311   "int_le == %u ua. real_le (hollight.real_of_int u) (hollight.real_of_int ua)"
  3312 
  3313 lemma DEF_int_le: "int_le = (%u ua. real_le (hollight.real_of_int u) (hollight.real_of_int ua))"
  3314   by (import hollight DEF_int_le)
  3315 
  3316 definition
  3317   int_lt :: "hollight.int => hollight.int => bool"  where
  3318   "int_lt == %u ua. real_lt (hollight.real_of_int u) (hollight.real_of_int ua)"
  3319 
  3320 lemma DEF_int_lt: "int_lt = (%u ua. real_lt (hollight.real_of_int u) (hollight.real_of_int ua))"
  3321   by (import hollight DEF_int_lt)
  3322 
  3323 definition
  3324   int_ge :: "hollight.int => hollight.int => bool"  where
  3325   "int_ge == %u ua. real_ge (hollight.real_of_int u) (hollight.real_of_int ua)"
  3326 
  3327 lemma DEF_int_ge: "int_ge = (%u ua. real_ge (hollight.real_of_int u) (hollight.real_of_int ua))"
  3328   by (import hollight DEF_int_ge)
  3329 
  3330 definition
  3331   int_gt :: "hollight.int => hollight.int => bool"  where
  3332   "int_gt == %u ua. real_gt (hollight.real_of_int u) (hollight.real_of_int ua)"
  3333 
  3334 lemma DEF_int_gt: "int_gt = (%u ua. real_gt (hollight.real_of_int u) (hollight.real_of_int ua))"
  3335   by (import hollight DEF_int_gt)
  3336 
  3337 definition
  3338   int_of_num :: "nat => hollight.int"  where
  3339   "int_of_num == %u. int_of_real (real_of_num u)"
  3340 
  3341 lemma DEF_int_of_num: "int_of_num = (%u. int_of_real (real_of_num u))"
  3342   by (import hollight DEF_int_of_num)
  3343 
  3344 lemma int_of_num_th: "hollight.real_of_int (int_of_num x) = real_of_num x"
  3345   by (import hollight int_of_num_th)
  3346 
  3347 definition
  3348   int_neg :: "hollight.int => hollight.int"  where
  3349   "int_neg == %u. int_of_real (real_neg (hollight.real_of_int u))"
  3350 
  3351 lemma DEF_int_neg: "int_neg = (%u. int_of_real (real_neg (hollight.real_of_int u)))"
  3352   by (import hollight DEF_int_neg)
  3353 
  3354 lemma int_neg_th: "hollight.real_of_int (int_neg x) = real_neg (hollight.real_of_int x)"
  3355   by (import hollight int_neg_th)
  3356 
  3357 definition
  3358   int_add :: "hollight.int => hollight.int => hollight.int"  where
  3359   "int_add ==
  3360 %u ua.
  3361    int_of_real (real_add (hollight.real_of_int u) (hollight.real_of_int ua))"
  3362 
  3363 lemma DEF_int_add: "int_add =
  3364 (%u ua.
  3365     int_of_real
  3366      (real_add (hollight.real_of_int u) (hollight.real_of_int ua)))"
  3367   by (import hollight DEF_int_add)
  3368 
  3369 lemma int_add_th: "hollight.real_of_int (int_add x xa) =
  3370 real_add (hollight.real_of_int x) (hollight.real_of_int xa)"
  3371   by (import hollight int_add_th)
  3372 
  3373 definition
  3374   int_sub :: "hollight.int => hollight.int => hollight.int"  where
  3375   "int_sub ==
  3376 %u ua.
  3377    int_of_real (real_sub (hollight.real_of_int u) (hollight.real_of_int ua))"
  3378 
  3379 lemma DEF_int_sub: "int_sub =
  3380 (%u ua.
  3381     int_of_real
  3382      (real_sub (hollight.real_of_int u) (hollight.real_of_int ua)))"
  3383   by (import hollight DEF_int_sub)
  3384 
  3385 lemma int_sub_th: "hollight.real_of_int (int_sub x xa) =
  3386 real_sub (hollight.real_of_int x) (hollight.real_of_int xa)"
  3387   by (import hollight int_sub_th)
  3388 
  3389 definition
  3390   int_mul :: "hollight.int => hollight.int => hollight.int"  where
  3391   "int_mul ==
  3392 %u ua.
  3393    int_of_real (real_mul (hollight.real_of_int u) (hollight.real_of_int ua))"
  3394 
  3395 lemma DEF_int_mul: "int_mul =
  3396 (%u ua.
  3397     int_of_real
  3398      (real_mul (hollight.real_of_int u) (hollight.real_of_int ua)))"
  3399   by (import hollight DEF_int_mul)
  3400 
  3401 lemma int_mul_th: "hollight.real_of_int (int_mul x y) =
  3402 real_mul (hollight.real_of_int x) (hollight.real_of_int y)"
  3403   by (import hollight int_mul_th)
  3404 
  3405 definition
  3406   int_abs :: "hollight.int => hollight.int"  where
  3407   "int_abs == %u. int_of_real (real_abs (hollight.real_of_int u))"
  3408 
  3409 lemma DEF_int_abs: "int_abs = (%u. int_of_real (real_abs (hollight.real_of_int u)))"
  3410   by (import hollight DEF_int_abs)
  3411 
  3412 lemma int_abs_th: "hollight.real_of_int (int_abs x) = real_abs (hollight.real_of_int x)"
  3413   by (import hollight int_abs_th)
  3414 
  3415 definition
  3416   int_sgn :: "hollight.int => hollight.int"  where
  3417   "int_sgn == %u. int_of_real (real_sgn (hollight.real_of_int u))"
  3418 
  3419 lemma DEF_int_sgn: "int_sgn = (%u. int_of_real (real_sgn (hollight.real_of_int u)))"
  3420   by (import hollight DEF_int_sgn)
  3421 
  3422 lemma int_sgn_th: "hollight.real_of_int (int_sgn x) = real_sgn (hollight.real_of_int x)"
  3423   by (import hollight int_sgn_th)
  3424 
  3425 definition
  3426   int_max :: "hollight.int => hollight.int => hollight.int"  where
  3427   "int_max ==
  3428 %u ua.
  3429    int_of_real (real_max (hollight.real_of_int u) (hollight.real_of_int ua))"
  3430 
  3431 lemma DEF_int_max: "int_max =
  3432 (%u ua.
  3433     int_of_real
  3434      (real_max (hollight.real_of_int u) (hollight.real_of_int ua)))"
  3435   by (import hollight DEF_int_max)
  3436 
  3437 lemma int_max_th: "hollight.real_of_int (int_max x y) =
  3438 real_max (hollight.real_of_int x) (hollight.real_of_int y)"
  3439   by (import hollight int_max_th)
  3440 
  3441 definition
  3442   int_min :: "hollight.int => hollight.int => hollight.int"  where
  3443   "int_min ==
  3444 %u ua.
  3445    int_of_real (real_min (hollight.real_of_int u) (hollight.real_of_int ua))"
  3446 
  3447 lemma DEF_int_min: "int_min =
  3448 (%u ua.
  3449     int_of_real
  3450      (real_min (hollight.real_of_int u) (hollight.real_of_int ua)))"
  3451   by (import hollight DEF_int_min)
  3452 
  3453 lemma int_min_th: "hollight.real_of_int (int_min x y) =
  3454 real_min (hollight.real_of_int x) (hollight.real_of_int y)"
  3455   by (import hollight int_min_th)
  3456 
  3457 definition
  3458   int_pow :: "hollight.int => nat => hollight.int"  where
  3459   "int_pow == %u ua. int_of_real (real_pow (hollight.real_of_int u) ua)"
  3460 
  3461 lemma DEF_int_pow: "int_pow = (%u ua. int_of_real (real_pow (hollight.real_of_int u) ua))"
  3462   by (import hollight DEF_int_pow)
  3463 
  3464 lemma int_pow_th: "hollight.real_of_int (int_pow x xa) = real_pow (hollight.real_of_int x) xa"
  3465   by (import hollight int_pow_th)
  3466 
  3467 lemma INT_IMAGE: "(EX n. x = int_of_num n) | (EX n. x = int_neg (int_of_num n))"
  3468   by (import hollight INT_IMAGE)
  3469 
  3470 lemma INT_LT_DISCRETE: "int_lt x y = int_le (int_add x (int_of_num 1)) y"
  3471   by (import hollight INT_LT_DISCRETE)
  3472 
  3473 lemma INT_GT_DISCRETE: "int_gt x xa = int_ge x (int_add xa (int_of_num 1))"
  3474   by (import hollight INT_GT_DISCRETE)
  3475 
  3476 lemma INT_FORALL_POS: "(ALL n. P (int_of_num n)) = (ALL i. int_le (int_of_num 0) i --> P i)"
  3477   by (import hollight INT_FORALL_POS)
  3478 
  3479 lemma INT_EXISTS_POS: "(EX n. P (int_of_num n)) = (EX i. int_le (int_of_num 0) i & P i)"
  3480   by (import hollight INT_EXISTS_POS)
  3481 
  3482 lemma INT_FORALL_ABS: "(ALL n. x (int_of_num n)) = (ALL xa. x (int_abs xa))"
  3483   by (import hollight INT_FORALL_ABS)
  3484 
  3485 lemma INT_EXISTS_ABS: "(EX n. P (int_of_num n)) = (EX x. P (int_abs x))"
  3486   by (import hollight INT_EXISTS_ABS)
  3487 
  3488 lemma INT_ABS_MUL_1: "(int_abs (int_mul x y) = int_of_num 1) =
  3489 (int_abs x = int_of_num 1 & int_abs y = int_of_num 1)"
  3490   by (import hollight INT_ABS_MUL_1)
  3491 
  3492 lemma INT_WOP: "(EX x. int_le (int_of_num 0) x & P x) =
  3493 (EX x. int_le (int_of_num 0) x &
  3494        P x & (ALL y. int_le (int_of_num 0) y & P y --> int_le x y))"
  3495   by (import hollight INT_WOP)
  3496 
  3497 lemma INT_POW: "int_pow x 0 = int_of_num 1 &
  3498 (ALL xa. int_pow x (Suc xa) = int_mul x (int_pow x xa))"
  3499   by (import hollight INT_POW)
  3500 
  3501 lemma INT_ABS: "int_abs x = (if int_le (int_of_num 0) x then x else int_neg x)"
  3502   by (import hollight INT_ABS)
  3503 
  3504 lemma INT_GE: "int_ge x xa = int_le xa x"
  3505   by (import hollight INT_GE)
  3506 
  3507 lemma INT_GT: "int_gt x xa = int_lt xa x"
  3508   by (import hollight INT_GT)
  3509 
  3510 lemma INT_LT: "int_lt x xa = (~ int_le xa x)"
  3511   by (import hollight INT_LT)
  3512 
  3513 lemma INT_ARCH: "d ~= int_of_num 0 ==> EX c. int_lt x (int_mul c d)"
  3514   by (import hollight INT_ARCH)
  3515 
  3516 lemma INT_DIVMOD_EXIST_0: "EX x xa.
  3517    if n = int_of_num 0 then x = int_of_num 0 & xa = m
  3518    else int_le (int_of_num 0) xa &
  3519         int_lt xa (int_abs n) & m = int_add (int_mul x n) xa"
  3520   by (import hollight INT_DIVMOD_EXIST_0)
  3521 
  3522 consts
  3523   div :: "hollight.int => hollight.int => hollight.int" ("div")
  3524 
  3525 defs
  3526   div_def: "div ==
  3527 SOME q.
  3528    EX r. ALL m n.
  3529             if n = int_of_num 0 then q m n = int_of_num 0 & r m n = m
  3530             else int_le (int_of_num 0) (r m n) &
  3531                  int_lt (r m n) (int_abs n) &
  3532                  m = int_add (int_mul (q m n) n) (r m n)"
  3533 
  3534 lemma DEF_div: "div =
  3535 (SOME q.
  3536     EX r. ALL m n.
  3537              if n = int_of_num 0 then q m n = int_of_num 0 & r m n = m
  3538              else int_le (int_of_num 0) (r m n) &
  3539                   int_lt (r m n) (int_abs n) &
  3540                   m = int_add (int_mul (q m n) n) (r m n))"
  3541   by (import hollight DEF_div)
  3542 
  3543 definition
  3544   rem :: "hollight.int => hollight.int => hollight.int"  where
  3545   "rem ==
  3546 SOME r.
  3547    ALL m n.
  3548       if n = int_of_num 0 then div m n = int_of_num 0 & r m n = m
  3549       else int_le (int_of_num 0) (r m n) &
  3550            int_lt (r m n) (int_abs n) &
  3551            m = int_add (int_mul (div m n) n) (r m n)"
  3552 
  3553 lemma DEF_rem: "rem =
  3554 (SOME r.
  3555     ALL m n.
  3556        if n = int_of_num 0 then div m n = int_of_num 0 & r m n = m
  3557        else int_le (int_of_num 0) (r m n) &
  3558             int_lt (r m n) (int_abs n) &
  3559             m = int_add (int_mul (div m n) n) (r m n))"
  3560   by (import hollight DEF_rem)
  3561 
  3562 lemma INT_DIVISION: "n ~= int_of_num 0
  3563 ==> m = int_add (int_mul (div m n) n) (rem m n) &
  3564     int_le (int_of_num 0) (rem m n) & int_lt (rem m n) (int_abs n)"
  3565   by (import hollight INT_DIVISION)
  3566 
  3567 lemma sth: "(ALL x y z. int_add x (int_add y z) = int_add (int_add x y) z) &
  3568 (ALL x y. int_add x y = int_add y x) &
  3569 (ALL x. int_add (int_of_num 0) x = x) &
  3570 (ALL x y z. int_mul x (int_mul y z) = int_mul (int_mul x y) z) &
  3571 (ALL x y. int_mul x y = int_mul y x) &
  3572 (ALL x. int_mul (int_of_num 1) x = x) &
  3573 (ALL x. int_mul (int_of_num 0) x = int_of_num 0) &
  3574 (ALL x y z. int_mul x (int_add y z) = int_add (int_mul x y) (int_mul x z)) &
  3575 (ALL x. int_pow x 0 = int_of_num 1) &
  3576 (ALL x xa. int_pow x (Suc xa) = int_mul x (int_pow x xa))"
  3577   by (import hollight sth)
  3578 
  3579 lemma INT_INTEGRAL: "(ALL x. int_mul (int_of_num 0) x = int_of_num 0) &
  3580 (ALL x y z. (int_add x y = int_add x z) = (y = z)) &
  3581 (ALL w x y z.
  3582     (int_add (int_mul w y) (int_mul x z) =
  3583      int_add (int_mul w z) (int_mul x y)) =
  3584     (w = x | y = z))"
  3585   by (import hollight INT_INTEGRAL)
  3586 
  3587 lemma INT_DIVMOD_UNIQ: "m = int_add (int_mul q n) r & int_le (int_of_num 0) r & int_lt r (int_abs n)
  3588 ==> div m n = q & rem m n = r"
  3589   by (import hollight INT_DIVMOD_UNIQ)
  3590 
  3591 consts
  3592   eqeq :: "'A => 'A => ('A => 'A => bool) => bool" 
  3593 
  3594 defs
  3595   eqeq_def: "hollight.eqeq == %(u::'A) (ua::'A) ub::'A => 'A => bool. ub u ua"
  3596 
  3597 lemma DEF__equal__equal_: "hollight.eqeq = (%(u::'A) (ua::'A) ub::'A => 'A => bool. ub u ua)"
  3598   by (import hollight DEF__equal__equal_)
  3599 
  3600 definition
  3601   real_mod :: "hollight.real => hollight.real => hollight.real => bool"  where
  3602   "real_mod == %u ua ub. EX q. integer q & real_sub ua ub = real_mul q u"
  3603 
  3604 lemma DEF_real_mod: "real_mod = (%u ua ub. EX q. integer q & real_sub ua ub = real_mul q u)"
  3605   by (import hollight DEF_real_mod)
  3606 
  3607 definition
  3608   int_divides :: "hollight.int => hollight.int => bool"  where
  3609   "int_divides == %u ua. EX x. ua = int_mul u x"
  3610 
  3611 lemma DEF_int_divides: "int_divides = (%u ua. EX x. ua = int_mul u x)"
  3612   by (import hollight DEF_int_divides)
  3613 
  3614 consts
  3615   int_mod :: "hollight.int => hollight.int => hollight.int => bool" 
  3616 
  3617 defs
  3618   int_mod_def: "hollight.int_mod == %u ua ub. int_divides u (int_sub ua ub)"
  3619 
  3620 lemma DEF_int_mod: "hollight.int_mod = (%u ua ub. int_divides u (int_sub ua ub))"
  3621   by (import hollight DEF_int_mod)
  3622 
  3623 lemma int_congruent: "hollight.eqeq x xa (hollight.int_mod xb) =
  3624 (EX d. int_sub x xa = int_mul xb d)"
  3625   by (import hollight int_congruent)
  3626 
  3627 consts
  3628   int_coprime :: "hollight.int * hollight.int => bool" 
  3629 
  3630 defs
  3631   int_coprime_def: "hollight.int_coprime ==
  3632 %u. EX x y. int_add (int_mul (fst u) x) (int_mul (snd u) y) = int_of_num 1"
  3633 
  3634 lemma DEF_int_coprime: "hollight.int_coprime =
  3635 (%u. EX x y. int_add (int_mul (fst u) x) (int_mul (snd u) y) = int_of_num 1)"
  3636   by (import hollight DEF_int_coprime)
  3637 
  3638 lemma FORALL_UNCURRY: "All (P::('A => 'B => 'C) => bool) =
  3639 (ALL f::'A * 'B => 'C. P (%(a::'A) b::'B. f (a, b)))"
  3640   by (import hollight FORALL_UNCURRY)
  3641 
  3642 lemma EXISTS_UNCURRY: "Ex (x::('A => 'B => 'C) => bool) =
  3643 (EX f::'A * 'B => 'C. x (%(a::'A) b::'B. f (a, b)))"
  3644   by (import hollight EXISTS_UNCURRY)
  3645 
  3646 lemma WF_INT_MEASURE: "(ALL x::'A. int_le (int_of_num (0::nat)) ((m::'A => hollight.int) x)) &
  3647 (ALL x::'A. (ALL y::'A. int_lt (m y) (m x) --> (P::'A => bool) y) --> P x)
  3648 ==> P (x::'A)"
  3649   by (import hollight WF_INT_MEASURE)
  3650 
  3651 lemma WF_INT_MEASURE_2: "(ALL (x::'A) y::'B.
  3652     int_le (int_of_num (0::nat)) ((m::'A => 'B => hollight.int) x y)) &
  3653 (ALL (x::'A) y::'B.
  3654     (ALL (x'::'A) y'::'B.
  3655         int_lt (m x' y') (m x y) --> (P::'A => 'B => bool) x' y') -->
  3656     P x y)
  3657 ==> P (x::'A) (xa::'B)"
  3658   by (import hollight WF_INT_MEASURE_2)
  3659 
  3660 lemma INT_GCD_EXISTS: "EX d. int_divides d a &
  3661       int_divides d b & (EX x y. d = int_add (int_mul a x) (int_mul b y))"
  3662   by (import hollight INT_GCD_EXISTS)
  3663 
  3664 lemma INT_GCD_EXISTS_POS: "EX d. int_le (int_of_num 0) d &
  3665       int_divides d a &
  3666       int_divides d b & (EX x y. d = int_add (int_mul a x) (int_mul b y))"
  3667   by (import hollight INT_GCD_EXISTS_POS)
  3668 
  3669 consts
  3670   int_gcd :: "hollight.int * hollight.int => hollight.int" 
  3671 
  3672 defs
  3673   int_gcd_def: "hollight.int_gcd ==
  3674 SOME d.
  3675    ALL a b.
  3676       int_le (int_of_num 0) (d (a, b)) &
  3677       int_divides (d (a, b)) a &
  3678       int_divides (d (a, b)) b &
  3679       (EX x y. d (a, b) = int_add (int_mul a x) (int_mul b y))"
  3680 
  3681 lemma DEF_int_gcd: "hollight.int_gcd =
  3682 (SOME d.
  3683     ALL a b.
  3684        int_le (int_of_num 0) (d (a, b)) &
  3685        int_divides (d (a, b)) a &
  3686        int_divides (d (a, b)) b &
  3687        (EX x y. d (a, b) = int_add (int_mul a x) (int_mul b y)))"
  3688   by (import hollight DEF_int_gcd)
  3689 
  3690 definition
  3691   num_of_int :: "hollight.int => nat"  where
  3692   "num_of_int == %u. SOME n. int_of_num n = u"
  3693 
  3694 lemma DEF_num_of_int: "num_of_int = (%u. SOME n. int_of_num n = u)"
  3695   by (import hollight DEF_num_of_int)
  3696 
  3697 lemma NUM_OF_INT_OF_NUM: "num_of_int (int_of_num x) = x"
  3698   by (import hollight NUM_OF_INT_OF_NUM)
  3699 
  3700 lemma INT_OF_NUM_OF_INT: "int_le (int_of_num 0) x ==> int_of_num (num_of_int x) = x"
  3701   by (import hollight INT_OF_NUM_OF_INT)
  3702 
  3703 lemma NUM_OF_INT: "int_le (int_of_num 0) x = (int_of_num (num_of_int x) = x)"
  3704   by (import hollight NUM_OF_INT)
  3705 
  3706 definition
  3707   num_divides :: "nat => nat => bool"  where
  3708   "num_divides == %u ua. int_divides (int_of_num u) (int_of_num ua)"
  3709 
  3710 lemma DEF_num_divides: "num_divides = (%u ua. int_divides (int_of_num u) (int_of_num ua))"
  3711   by (import hollight DEF_num_divides)
  3712 
  3713 definition
  3714   num_mod :: "nat => nat => nat => bool"  where
  3715   "num_mod ==
  3716 %u ua ub. hollight.int_mod (int_of_num u) (int_of_num ua) (int_of_num ub)"
  3717 
  3718 lemma DEF_num_mod: "num_mod =
  3719 (%u ua ub. hollight.int_mod (int_of_num u) (int_of_num ua) (int_of_num ub))"
  3720   by (import hollight DEF_num_mod)
  3721 
  3722 lemma num_congruent: "hollight.eqeq x xa (num_mod xb) =
  3723 hollight.eqeq (int_of_num x) (int_of_num xa)
  3724  (hollight.int_mod (int_of_num xb))"
  3725   by (import hollight num_congruent)
  3726 
  3727 definition
  3728   num_coprime :: "nat * nat => bool"  where
  3729   "num_coprime ==
  3730 %u. hollight.int_coprime (int_of_num (fst u), int_of_num (snd u))"
  3731 
  3732 lemma DEF_num_coprime: "num_coprime =
  3733 (%u. hollight.int_coprime (int_of_num (fst u), int_of_num (snd u)))"
  3734   by (import hollight DEF_num_coprime)
  3735 
  3736 definition
  3737   num_gcd :: "nat * nat => nat"  where
  3738   "num_gcd ==
  3739 %u. num_of_int (hollight.int_gcd (int_of_num (fst u), int_of_num (snd u)))"
  3740 
  3741 lemma DEF_num_gcd: "num_gcd =
  3742 (%u. num_of_int (hollight.int_gcd (int_of_num (fst u), int_of_num (snd u))))"
  3743   by (import hollight DEF_num_gcd)
  3744 
  3745 lemma NUM_GCD: "int_of_num (num_gcd (x, xa)) =
  3746 hollight.int_gcd (int_of_num x, int_of_num xa)"
  3747   by (import hollight NUM_GCD)
  3748 
  3749 lemma IN_ELIM_THM: "(ALL (P::(bool => 'q_43295 => bool) => bool) x::'q_43295.
  3750     (x : {v::'q_43295. P (SETSPEC v)}) =
  3751     P (%(p::bool) t::'q_43295. p & x = t)) &
  3752 (ALL (p::'q_43326 => bool) x::'q_43326.
  3753     (x : {v::'q_43326. EX y::'q_43326. p y & v = y}) = p x) &
  3754 (ALL (P::(bool => 'q_43354 => bool) => bool) x::'q_43354.
  3755     {v::'q_43354. P (SETSPEC v)} x =
  3756     P (%(p::bool) t::'q_43354. p & x = t)) &
  3757 (ALL (p::'q_43383 => bool) x::'q_43383.
  3758     {v::'q_43383. EX y::'q_43383. p y & v = y} x = p x) &
  3759 (ALL (p::'q_43400 => bool) x::'q_43400. (x : p) = p x)"
  3760   by (import hollight IN_ELIM_THM)
  3761 
  3762 lemma INSERT: "insert (x::'A) (s::'A => bool) = {u::'A. EX y::'A. (y : s | y = x) & u = y}"
  3763   by (import hollight INSERT)
  3764 
  3765 definition
  3766   SING :: "('A => bool) => bool"  where
  3767   "SING == %u::'A => bool. EX x::'A. u = {x}"
  3768 
  3769 lemma DEF_SING: "SING = (%u::'A => bool. EX x::'A. u = {x})"
  3770   by (import hollight DEF_SING)
  3771 
  3772 definition
  3773   INJ :: "('A => 'B) => ('A => bool) => ('B => bool) => bool"  where
  3774   "INJ ==
  3775 %(u::'A => 'B) (ua::'A => bool) ub::'B => bool.
  3776    (ALL x::'A. x : ua --> u x : ub) &
  3777    (ALL (x::'A) y::'A. x : ua & y : ua & u x = u y --> x = y)"
  3778 
  3779 lemma DEF_INJ: "INJ =
  3780 (%(u::'A => 'B) (ua::'A => bool) ub::'B => bool.
  3781     (ALL x::'A. x : ua --> u x : ub) &
  3782     (ALL (x::'A) y::'A. x : ua & y : ua & u x = u y --> x = y))"
  3783   by (import hollight DEF_INJ)
  3784 
  3785 definition
  3786   SURJ :: "('A => 'B) => ('A => bool) => ('B => bool) => bool"  where
  3787   "SURJ ==
  3788 %(u::'A => 'B) (ua::'A => bool) ub::'B => bool.
  3789    (ALL x::'A. x : ua --> u x : ub) &
  3790    (ALL x::'B. x : ub --> (EX y::'A. y : ua & u y = x))"
  3791 
  3792 lemma DEF_SURJ: "SURJ =
  3793 (%(u::'A => 'B) (ua::'A => bool) ub::'B => bool.
  3794     (ALL x::'A. x : ua --> u x : ub) &
  3795     (ALL x::'B. x : ub --> (EX y::'A. y : ua & u y = x)))"
  3796   by (import hollight DEF_SURJ)
  3797 
  3798 definition
  3799   BIJ :: "('A => 'B) => ('A => bool) => ('B => bool) => bool"  where
  3800   "BIJ ==
  3801 %(u::'A => 'B) (ua::'A => bool) ub::'B => bool. INJ u ua ub & SURJ u ua ub"
  3802 
  3803 lemma DEF_BIJ: "BIJ =
  3804 (%(u::'A => 'B) (ua::'A => bool) ub::'B => bool. INJ u ua ub & SURJ u ua ub)"
  3805   by (import hollight DEF_BIJ)
  3806 
  3807 definition
  3808   REST :: "('A => bool) => 'A => bool"  where
  3809   "REST == %u::'A => bool. u - {Eps u}"
  3810 
  3811 lemma DEF_REST: "REST = (%u::'A => bool. u - {Eps u})"
  3812   by (import hollight DEF_REST)
  3813 
  3814 lemma NOT_IN_EMPTY: "(x::'A) ~: {}"
  3815   by (import hollight NOT_IN_EMPTY)
  3816 
  3817 lemma IN_UNIONS: "((xa::'A) : Union (x::('A => bool) => bool)) =
  3818 (EX t::'A => bool. t : x & xa : t)"
  3819   by (import hollight IN_UNIONS)
  3820 
  3821 lemma IN_INTERS: "((xa::'A) : Inter (x::('A => bool) => bool)) =
  3822 (ALL t::'A => bool. t : x --> xa : t)"
  3823   by (import hollight IN_INTERS)
  3824 
  3825 lemma IN_DELETE: "((xa::'A) : (x::'A => bool) - {xb::'A}) = (xa : x & xa ~= xb)"
  3826   by (import hollight IN_DELETE)
  3827 
  3828 lemma IN_IMAGE: "((x::'B) : (xb::'A => 'B) ` (xa::'A => bool)) =
  3829 (EX xc::'A. x = xb xc & xc : xa)"
  3830   by (import hollight IN_IMAGE)
  3831 
  3832 lemma IN_REST: "((x::'A) : REST (xa::'A => bool)) = (x : xa & x ~= Eps xa)"
  3833   by (import hollight IN_REST)
  3834 
  3835 lemma FORALL_IN_INSERT: "(ALL xc::'q_44214.
  3836     xc : insert (xa::'q_44214) (xb::'q_44214 => bool) -->
  3837     (x::'q_44214 => bool) xc) =
  3838 (x xa & (ALL xa::'q_44214. xa : xb --> x xa))"
  3839   by (import hollight FORALL_IN_INSERT)
  3840 
  3841 lemma EXISTS_IN_INSERT: "(EX xc::'q_44255.
  3842     xc : insert (xa::'q_44255) (xb::'q_44255 => bool) &
  3843     (x::'q_44255 => bool) xc) =
  3844 (x xa | (EX xa::'q_44255. xa : xb & x xa))"
  3845   by (import hollight EXISTS_IN_INSERT)
  3846 
  3847 lemma CHOICE_DEF: "(x::'A => bool) ~= {} ==> Eps x : x"
  3848   by (import hollight CHOICE_DEF)
  3849 
  3850 lemma NOT_EQUAL_SETS: "((x::'A => bool) ~= (xa::'A => bool)) = (EX xb::'A. (xb : xa) = (xb ~: x))"
  3851   by (import hollight NOT_EQUAL_SETS)
  3852 
  3853 lemma EMPTY_NOT_UNIV: "(op ~=::('A::type => bool) => ('A::type => bool) => bool)
  3854  ({}::'A::type => bool) (UNIV::'A::type => bool)"
  3855   by (import hollight EMPTY_NOT_UNIV)
  3856 
  3857 lemma EQ_UNIV: "(ALL x::'A. x : (s::'A => bool)) = (s = UNIV)"
  3858   by (import hollight EQ_UNIV)
  3859 
  3860 lemma SING_SUBSET: "({xa::'q_44493} <= (x::'q_44493 => bool)) = (xa : x)"
  3861   by (import hollight SING_SUBSET)
  3862 
  3863 lemma PSUBSET_UNIV: "((x::'A => bool) < UNIV) = (EX xa::'A. xa ~: x)"
  3864   by (import hollight PSUBSET_UNIV)
  3865 
  3866 lemma PSUBSET_ALT: "((x::'A => bool) < (xa::'A => bool)) =
  3867 (x <= xa & (EX a::'A. a : xa & a ~: x))"
  3868   by (import hollight PSUBSET_ALT)
  3869 
  3870 lemma SUBSET_UNION: "(ALL (x::'A => bool) xa::'A => bool. x <= x Un xa) &
  3871 (ALL (x::'A => bool) xa::'A => bool. x <= xa Un x)"
  3872   by (import hollight SUBSET_UNION)
  3873 
  3874 lemma UNION_EMPTY: "(ALL x::'A => bool. {} Un x = x) & (ALL x::'A => bool. x Un {} = x)"
  3875   by (import hollight UNION_EMPTY)
  3876 
  3877 lemma UNION_UNIV: "(ALL x::'A => bool. UNIV Un x = UNIV) &
  3878 (ALL x::'A => bool. x Un UNIV = UNIV)"
  3879   by (import hollight UNION_UNIV)
  3880 
  3881 lemma INTER_SUBSET: "(ALL (x::'A => bool) xa::'A => bool. x Int xa <= x) &
  3882 (ALL (x::'A => bool) xa::'A => bool. xa Int x <= x)"
  3883   by (import hollight INTER_SUBSET)
  3884 
  3885 lemma INTER_EMPTY: "(ALL x::'A => bool. {} Int x = {}) & (ALL x::'A => bool. x Int {} = {})"
  3886   by (import hollight INTER_EMPTY)
  3887 
  3888 lemma INTER_UNIV: "(ALL x::'A => bool. UNIV Int x = x) & (ALL x::'A => bool. x Int UNIV = x)"
  3889   by (import hollight INTER_UNIV)
  3890 
  3891 lemma IN_DISJOINT: "((x::'A => bool) Int (xa::'A => bool) = {}) =
  3892 (~ (EX xb::'A. xb : x & xb : xa))"
  3893   by (import hollight IN_DISJOINT)
  3894 
  3895 lemma DISJOINT_SYM: "((x::'A => bool) Int (xa::'A => bool) = {}) = (xa Int x = {})"
  3896   by (import hollight DISJOINT_SYM)
  3897 
  3898 lemma DISJOINT_EMPTY: "{} Int (x::'A => bool) = {} & x Int {} = {}"
  3899   by (import hollight DISJOINT_EMPTY)
  3900 
  3901 lemma DISJOINT_EMPTY_REFL: "((x::'A => bool) = {}) = (x Int x = {})"
  3902   by (import hollight DISJOINT_EMPTY_REFL)
  3903 
  3904 lemma DISJOINT_UNION: "(((x::'A => bool) Un (xa::'A => bool)) Int (xb::'A => bool) = {}) =
  3905 (x Int xb = {} & xa Int xb = {})"
  3906   by (import hollight DISJOINT_UNION)
  3907 
  3908 lemma DECOMPOSITION: "((x::'A) : (s::'A => bool)) = (EX t::'A => bool. s = insert x t & x ~: t)"
  3909   by (import hollight DECOMPOSITION)
  3910 
  3911 lemma SET_CASES: "(s::'A => bool) = {} | (EX (x::'A) t::'A => bool. s = insert x t & x ~: t)"
  3912   by (import hollight SET_CASES)
  3913 
  3914 lemma ABSORPTION: "((x::'A) : (xa::'A => bool)) = (insert x xa = xa)"
  3915   by (import hollight ABSORPTION)
  3916 
  3917 lemma INSERT_UNIV: "insert (x::'A) UNIV = UNIV"
  3918   by (import hollight INSERT_UNIV)
  3919 
  3920 lemma INSERT_UNION: "insert (x::'A) (s::'A => bool) Un (t::'A => bool) =
  3921 (if x : t then s Un t else insert x (s Un t))"
  3922   by (import hollight INSERT_UNION)
  3923 
  3924 lemma DISJOINT_INSERT: "(insert (x::'A) (xa::'A => bool) Int (xb::'A => bool) = {}) =
  3925 (xa Int xb = {} & x ~: xb)"
  3926   by (import hollight DISJOINT_INSERT)
  3927 
  3928 lemma INSERT_AC: "insert (x::'q_45764) (insert (y::'q_45764) (s::'q_45764 => bool)) =
  3929 insert y (insert x s) &
  3930 insert x (insert x s) = insert x s"
  3931   by (import hollight INSERT_AC)
  3932 
  3933 lemma INTER_ACI: "(p::'q_45831 => bool) Int (q::'q_45831 => bool) = q Int p &
  3934 p Int q Int (r::'q_45831 => bool) = p Int (q Int r) &
  3935 p Int (q Int r) = q Int (p Int r) & p Int p = p & p Int (p Int q) = p Int q"
  3936   by (import hollight INTER_ACI)
  3937 
  3938 lemma UNION_ACI: "(p::'q_45897 => bool) Un (q::'q_45897 => bool) = q Un p &
  3939 p Un q Un (r::'q_45897 => bool) = p Un (q Un r) &
  3940 p Un (q Un r) = q Un (p Un r) & p Un p = p & p Un (p Un q) = p Un q"
  3941   by (import hollight UNION_ACI)
  3942 
  3943 lemma DELETE_NON_ELEMENT: "((x::'A) ~: (xa::'A => bool)) = (xa - {x} = xa)"
  3944   by (import hollight DELETE_NON_ELEMENT)
  3945 
  3946 lemma IN_DELETE_EQ: "(((x::'A) : (s::'A => bool)) = ((x'::'A) : s)) =
  3947 ((x : s - {x'}) = (x' : s - {x}))"
  3948   by (import hollight IN_DELETE_EQ)
  3949 
  3950 lemma EMPTY_DELETE: "{} - {x::'A} = {}"
  3951   by (import hollight EMPTY_DELETE)
  3952 
  3953 lemma DELETE_DELETE: "(xa::'A => bool) - {x::'A} - {x} = xa - {x}"
  3954   by (import hollight DELETE_DELETE)
  3955 
  3956 lemma DELETE_COMM: "(xb::'A => bool) - {x::'A} - {xa::'A} = xb - {xa} - {x}"
  3957   by (import hollight DELETE_COMM)
  3958 
  3959 lemma DELETE_SUBSET: "(xa::'A => bool) - {x::'A} <= xa"
  3960   by (import hollight DELETE_SUBSET)
  3961 
  3962 lemma SUBSET_DELETE: "((xa::'A => bool) <= (xb::'A => bool) - {x::'A}) = (x ~: xa & xa <= xb)"
  3963   by (import hollight SUBSET_DELETE)
  3964 
  3965 lemma SUBSET_INSERT_DELETE: "((xa::'A => bool) <= insert (x::'A) (xb::'A => bool)) = (xa - {x} <= xb)"
  3966   by (import hollight SUBSET_INSERT_DELETE)
  3967 
  3968 lemma PSUBSET_INSERT_SUBSET: "((x::'A => bool) < (xa::'A => bool)) =
  3969 (EX xb::'A. xb ~: x & insert xb x <= xa)"
  3970   by (import hollight PSUBSET_INSERT_SUBSET)
  3971 
  3972 lemma PSUBSET_MEMBER: "((x::'A => bool) < (xa::'A => bool)) =
  3973 (x <= xa & (EX y::'A. y : xa & y ~: x))"
  3974   by (import hollight PSUBSET_MEMBER)
  3975 
  3976 lemma DELETE_INSERT: "insert (x::'A) (s::'A => bool) - {y::'A} =
  3977 (if x = y then s - {y} else insert x (s - {y}))"
  3978   by (import hollight DELETE_INSERT)
  3979 
  3980 lemma DELETE_INTER: "((x::'A => bool) - {xb::'A}) Int (xa::'A => bool) = x Int xa - {xb}"
  3981   by (import hollight DELETE_INTER)
  3982 
  3983 lemma DISJOINT_DELETE_SYM: "(((x::'A => bool) - {xb::'A}) Int (xa::'A => bool) = {}) =
  3984 ((xa - {xb}) Int x = {})"
  3985   by (import hollight DISJOINT_DELETE_SYM)
  3986 
  3987 lemma FORALL_IN_UNIONS: "(ALL x::'q_46386.
  3988     x : Union (s::('q_46386 => bool) => bool) --> (P::'q_46386 => bool) x) =
  3989 (ALL (t::'q_46386 => bool) x::'q_46386. t : s & x : t --> P x)"
  3990   by (import hollight FORALL_IN_UNIONS)
  3991 
  3992 lemma EXISTS_IN_UNIONS: "(EX x::'q_46428.
  3993     x : Union (s::('q_46428 => bool) => bool) & (P::'q_46428 => bool) x) =
  3994 (EX (t::'q_46428 => bool) x::'q_46428. t : s & x : t & P x)"
  3995   by (import hollight EXISTS_IN_UNIONS)
  3996 
  3997 lemma EMPTY_UNIONS: "(Union (x::('q_46454 => bool) => bool) = {}) =
  3998 (ALL xa::'q_46454 => bool. xa : x --> xa = {})"
  3999   by (import hollight EMPTY_UNIONS)
  4000 
  4001 lemma INTER_UNIONS: "(ALL (x::('q_46493 => bool) => bool) xa::'q_46493 => bool.
  4002     Union x Int xa =
  4003     Union
  4004      {u::'q_46493 => bool.
  4005       EX xb::'q_46493 => bool. xb : x & u = xb Int xa}) &
  4006 (ALL (x::('q_46529 => bool) => bool) xa::'q_46529 => bool.
  4007     xa Int Union x =
  4008     Union
  4009      {u::'q_46529 => bool. EX xb::'q_46529 => bool. xb : x & u = xa Int xb})"
  4010   by (import hollight INTER_UNIONS)
  4011 
  4012 lemma UNIONS_SUBSET: "(Union (x::('q_46545 => bool) => bool) <= (xa::'q_46545 => bool)) =
  4013 (ALL xb::'q_46545 => bool. xb : x --> xb <= xa)"
  4014   by (import hollight UNIONS_SUBSET)
  4015 
  4016 lemma IMAGE_CLAUSES: "(f::'q_46676 => 'q_46680) ` {} = {} &
  4017 f ` insert (x::'q_46676) (s::'q_46676 => bool) = insert (f x) (f ` s)"
  4018   by (import hollight IMAGE_CLAUSES)
  4019 
  4020 lemma IMAGE_INTER_INJ: "(!!(xa::'q_46846) y::'q_46846.
  4021     (x::'q_46846 => 'q_46857) xa = x y ==> xa = y)
  4022 ==> x ` ((xa::'q_46846 => bool) Int (xb::'q_46846 => bool)) =
  4023     x ` xa Int x ` xb"
  4024   by (import hollight IMAGE_INTER_INJ)
  4025 
  4026 lemma IMAGE_DIFF_INJ: "(!!(xa::'q_46900) y::'q_46900.
  4027     (x::'q_46900 => 'q_46911) xa = x y ==> xa = y)
  4028 ==> x ` ((xa::'q_46900 => bool) - (xb::'q_46900 => bool)) = x ` xa - x ` xb"
  4029   by (import hollight IMAGE_DIFF_INJ)
  4030 
  4031 lemma IMAGE_DELETE_INJ: "(!!xa::'q_46958.
  4032     (x::'q_46958 => 'q_46957) xa = x (xb::'q_46958) ==> xa = xb)
  4033 ==> x ` ((xa::'q_46958 => bool) - {xb}) = x ` xa - {x xb}"
  4034   by (import hollight IMAGE_DELETE_INJ)
  4035 
  4036 lemma FORALL_IN_IMAGE: "(ALL xb::'q_47016.
  4037     xb : (x::'q_47017 => 'q_47016) ` (xa::'q_47017 => bool) -->
  4038     (P::'q_47016 => bool) xb) =
  4039 (ALL xb::'q_47017. xb : xa --> P (x xb))"
  4040   by (import hollight FORALL_IN_IMAGE)
  4041 
  4042 lemma EXISTS_IN_IMAGE: "(EX xb::'q_47052.
  4043     xb : (x::'q_47053 => 'q_47052) ` (xa::'q_47053 => bool) &
  4044     (P::'q_47052 => bool) xb) =
  4045 (EX xb::'q_47053. xb : xa & P (x xb))"
  4046   by (import hollight EXISTS_IN_IMAGE)
  4047 
  4048 lemma FORALL_SUBSET_IMAGE: "(ALL xc<=(xa::'q_47140 => 'q_47156) ` (xb::'q_47140 => bool).
  4049     (x::('q_47156 => bool) => bool) xc) =
  4050 (ALL t<=xb. x (xa ` t))"
  4051   by (import hollight FORALL_SUBSET_IMAGE)
  4052 
  4053 lemma EXISTS_SUBSET_IMAGE: "(EX xc<=(xa::'q_47183 => 'q_47199) ` (xb::'q_47183 => bool).
  4054     (x::('q_47199 => bool) => bool) xc) =
  4055 (EX t<=xb. x (xa ` t))"
  4056   by (import hollight EXISTS_SUBSET_IMAGE)
  4057 
  4058 lemma SIMPLE_IMAGE: "{u::'q_47262.
  4059  EX xb::'q_47258.
  4060     xb : (xa::'q_47258 => bool) & u = (x::'q_47258 => 'q_47262) xb} =
  4061 x ` xa"
  4062   by (import hollight SIMPLE_IMAGE)
  4063 
  4064 lemma SIMPLE_IMAGE_GEN: "{u::'q_47292.
  4065  EX xa::'q_47305.
  4066     (P::'q_47305 => bool) xa & u = (x::'q_47305 => 'q_47292) xa} =
  4067 x ` {u::'q_47305. EX x::'q_47305. P x & u = x}"
  4068   by (import hollight SIMPLE_IMAGE_GEN)
  4069 
  4070 lemma IMAGE_UNIONS: "(x::'q_47323 => 'q_47332) ` Union (xa::('q_47323 => bool) => bool) =
  4071 Union (op ` x ` xa)"
  4072   by (import hollight IMAGE_UNIONS)
  4073 
  4074 lemma SURJECTIVE_IMAGE_EQ: "(ALL y::'q_47396.
  4075     y : (xa::'q_47396 => bool) -->
  4076     (EX x::'q_47400. (f::'q_47400 => 'q_47396) x = y)) &
  4077 (ALL xb::'q_47400. (f xb : xa) = (xb : (x::'q_47400 => bool)))
  4078 ==> f ` x = xa"
  4079   by (import hollight SURJECTIVE_IMAGE_EQ)
  4080 
  4081 lemma EMPTY_GSPEC: "{u::'q_47425. Ex (SETSPEC u False)} = {}"
  4082   by (import hollight EMPTY_GSPEC)
  4083 
  4084 lemma SING_GSPEC: "(ALL x::'q_47454. {u::'q_47454. EX xa::'q_47454. xa = x & u = xa} = {x}) &
  4085 (ALL x::'q_47480. {u::'q_47480. EX xa::'q_47480. x = xa & u = xa} = {x})"
  4086   by (import hollight SING_GSPEC)
  4087 
  4088 lemma IN_ELIM_PAIR_THM: "((xa::'q_47526, xb::'q_47525)
  4089  : {xa::'q_47526 * 'q_47525.
  4090     EX (xb::'q_47526) y::'q_47525.
  4091        (x::'q_47526 => 'q_47525 => bool) xb y & xa = (xb, y)}) =
  4092 x xa xb"
  4093   by (import hollight IN_ELIM_PAIR_THM)
  4094 
  4095 lemma SET_PAIR_THM: "{u::'q_47570 * 'q_47569.
  4096  EX p::'q_47570 * 'q_47569. (x::'q_47570 * 'q_47569 => bool) p & u = p} =
  4097 {u::'q_47570 * 'q_47569.
  4098  EX (a::'q_47570) b::'q_47569. x (a, b) & u = (a, b)}"
  4099   by (import hollight SET_PAIR_THM)
  4100 
  4101 lemma FORALL_IN_GSPEC: "(ALL (P::'q_47618 => bool) f::'q_47618 => 'q_47739.
  4102     (ALL z::'q_47739.
  4103         z : {u::'q_47739. EX x::'q_47618. P x & u = f x} -->
  4104         (Q::'q_47739 => bool) z) =
  4105     (ALL x::'q_47618. P x --> Q (f x))) &
  4106 (ALL (P::'q_47675 => 'q_47674 => bool) f::'q_47675 => 'q_47674 => 'q_47739.
  4107     (ALL z::'q_47739.
  4108         z : {u::'q_47739.
  4109              EX (x::'q_47675) y::'q_47674. P x y & u = f x y} -->
  4110         Q z) =
  4111     (ALL (x::'q_47675) y::'q_47674. P x y --> Q (f x y))) &
  4112 (ALL (P::'q_47742 => 'q_47741 => 'q_47740 => bool)
  4113     f::'q_47742 => 'q_47741 => 'q_47740 => 'q_47739.
  4114     (ALL z::'q_47739.
  4115         z : {u::'q_47739.
  4116              EX (w::'q_47742) (x::'q_47741) y::'q_47740.
  4117                 P w x y & u = f w x y} -->
  4118         Q z) =
  4119     (ALL (w::'q_47742) (x::'q_47741) y::'q_47740. P w x y --> Q (f w x y)))"
  4120   by (import hollight FORALL_IN_GSPEC)
  4121 
  4122 lemma EXISTS_IN_GSPEC: "(ALL (P::'q_47788 => bool) f::'q_47788 => 'q_47909.
  4123     (EX z::'q_47909.
  4124         z : {u::'q_47909. EX x::'q_47788. P x & u = f x} &
  4125         (Q::'q_47909 => bool) z) =
  4126     (EX x::'q_47788. P x & Q (f x))) &
  4127 (ALL (P::'q_47845 => 'q_47844 => bool) f::'q_47845 => 'q_47844 => 'q_47909.
  4128     (EX z::'q_47909.
  4129         z : {u::'q_47909. EX (x::'q_47845) y::'q_47844. P x y & u = f x y} &
  4130         Q z) =
  4131     (EX (x::'q_47845) y::'q_47844. P x y & Q (f x y))) &
  4132 (ALL (P::'q_47912 => 'q_47911 => 'q_47910 => bool)
  4133     f::'q_47912 => 'q_47911 => 'q_47910 => 'q_47909.
  4134     (EX z::'q_47909.
  4135         z : {u::'q_47909.
  4136              EX (w::'q_47912) (x::'q_47911) y::'q_47910.
  4137                 P w x y & u = f w x y} &
  4138         Q z) =
  4139     (EX (w::'q_47912) (x::'q_47911) y::'q_47910. P w x y & Q (f w x y)))"
  4140   by (import hollight EXISTS_IN_GSPEC)
  4141 
  4142 lemma SET_PROVE_CASES: "(P::('A => bool) => bool) {} &
  4143 (ALL (a::'A) s::'A => bool. a ~: s --> P (insert a s))
  4144 ==> P (x::'A => bool)"
  4145   by (import hollight SET_PROVE_CASES)
  4146 
  4147 lemma UNIONS_IMAGE: "Union ((f::'q_47989 => 'q_47973 => bool) ` (s::'q_47989 => bool)) =
  4148 {u::'q_47973. EX y::'q_47973. (EX x::'q_47989. x : s & y : f x) & u = y}"
  4149   by (import hollight UNIONS_IMAGE)
  4150 
  4151 lemma INTERS_IMAGE: "Inter ((f::'q_48032 => 'q_48016 => bool) ` (s::'q_48032 => bool)) =
  4152 {u::'q_48016. EX y::'q_48016. (ALL x::'q_48032. x : s --> y : f x) & u = y}"
  4153   by (import hollight INTERS_IMAGE)
  4154 
  4155 lemma UNIONS_GSPEC: "(ALL (P::'q_48085 => bool) f::'q_48085 => 'q_48071 => bool.
  4156     Union {u::'q_48071 => bool. EX x::'q_48085. P x & u = f x} =
  4157     {u::'q_48071.
  4158      EX a::'q_48071. (EX x::'q_48085. P x & a : f x) & u = a}) &
  4159 (ALL (P::'q_48149 => 'q_48148 => bool)
  4160     f::'q_48149 => 'q_48148 => 'q_48129 => bool.
  4161     Union
  4162      {u::'q_48129 => bool.
  4163       EX (x::'q_48149) y::'q_48148. P x y & u = f x y} =
  4164     {u::'q_48129.
  4165      EX a::'q_48129.
  4166         (EX (x::'q_48149) y::'q_48148. P x y & a : f x y) & u = a}) &
  4167 (ALL (P::'q_48223 => 'q_48222 => 'q_48221 => bool)
  4168     f::'q_48223 => 'q_48222 => 'q_48221 => 'q_48197 => bool.
  4169     Union
  4170      {u::'q_48197 => bool.
  4171       EX (x::'q_48223) (y::'q_48222) z::'q_48221. P x y z & u = f x y z} =
  4172     {u::'q_48197.
  4173      EX a::'q_48197.
  4174         (EX (x::'q_48223) (y::'q_48222) z::'q_48221.
  4175             P x y z & a : f x y z) &
  4176         u = a})"
  4177   by (import hollight UNIONS_GSPEC)
  4178 
  4179 lemma INTERS_GSPEC: "(ALL (P::'q_48276 => bool) f::'q_48276 => 'q_48262 => bool.
  4180     Inter {u::'q_48262 => bool. EX x::'q_48276. P x & u = f x} =
  4181     {u::'q_48262.
  4182      EX a::'q_48262. (ALL x::'q_48276. P x --> a : f x) & u = a}) &
  4183 (ALL (P::'q_48340 => 'q_48339 => bool)
  4184     f::'q_48340 => 'q_48339 => 'q_48320 => bool.
  4185     Inter
  4186      {u::'q_48320 => bool.
  4187       EX (x::'q_48340) y::'q_48339. P x y & u = f x y} =
  4188     {u::'q_48320.
  4189      EX a::'q_48320.
  4190         (ALL (x::'q_48340) y::'q_48339. P x y --> a : f x y) & u = a}) &
  4191 (ALL (P::'q_48414 => 'q_48413 => 'q_48412 => bool)
  4192     f::'q_48414 => 'q_48413 => 'q_48412 => 'q_48388 => bool.
  4193     Inter
  4194      {u::'q_48388 => bool.
  4195       EX (x::'q_48414) (y::'q_48413) z::'q_48412. P x y z & u = f x y z} =
  4196     {u::'q_48388.
  4197      EX a::'q_48388.
  4198         (ALL (x::'q_48414) (y::'q_48413) z::'q_48412.
  4199             P x y z --> a : f x y z) &
  4200         u = a})"
  4201   by (import hollight INTERS_GSPEC)
  4202 
  4203 lemma DIFF_INTERS: "(x::'q_48451 => bool) - Inter (xa::('q_48451 => bool) => bool) =
  4204 Union {u::'q_48451 => bool. EX xb::'q_48451 => bool. xb : xa & u = x - xb}"
  4205   by (import hollight DIFF_INTERS)
  4206 
  4207 lemma INTERS_UNIONS: "Inter (x::('q_48486 => bool) => bool) =
  4208 UNIV -
  4209 Union {u::'q_48486 => bool. EX t::'q_48486 => bool. t : x & u = UNIV - t}"
  4210   by (import hollight INTERS_UNIONS)
  4211 
  4212 lemma UNIONS_INTERS: "Union (s::('q_48521 => bool) => bool) =
  4213 UNIV -
  4214 Inter {u::'q_48521 => bool. EX t::'q_48521 => bool. t : s & u = UNIV - t}"
  4215   by (import hollight UNIONS_INTERS)
  4216 
  4217 lemma FINITE_SING: "finite {x::'q_48799}"
  4218   by (import hollight FINITE_SING)
  4219 
  4220 lemma FINITE_DELETE_IMP: "finite (s::'A => bool) ==> finite (s - {x::'A})"
  4221   by (import hollight FINITE_DELETE_IMP)
  4222 
  4223 lemma FINITE_DELETE: "finite ((s::'A => bool) - {x::'A}) = finite s"
  4224   by (import hollight FINITE_DELETE)
  4225 
  4226 lemma FINITE_FINITE_UNIONS: "finite (s::('q_48871 => bool) => bool)
  4227 ==> finite (Union s) = (ALL t::'q_48871 => bool. t : s --> finite t)"
  4228   by (import hollight FINITE_FINITE_UNIONS)
  4229 
  4230 lemma FINITE_IMAGE_EXPAND: "finite (s::'A => bool)
  4231 ==> finite
  4232      {u::'B. EX y::'B. (EX x::'A. x : s & y = (f::'A => 'B) x) & u = y}"
  4233   by (import hollight FINITE_IMAGE_EXPAND)
  4234 
  4235 lemma FINITE_IMAGE_INJ_GENERAL: "(ALL (x::'A) y::'A.
  4236     x : (s::'A => bool) & y : s & (f::'A => 'B) x = f y --> x = y) &
  4237 finite (x::'B => bool)
  4238 ==> finite {u::'A. EX xa::'A. (xa : s & f xa : x) & u = xa}"
  4239   by (import hollight FINITE_IMAGE_INJ_GENERAL)
  4240 
  4241 lemma FINITE_FINITE_PREIMAGE_GENERAL: "finite (t::'B => bool) &
  4242 (ALL y::'B.
  4243     y : t -->
  4244     finite
  4245      {u::'A. EX x::'A. (x : (s::'A => bool) & (f::'A => 'B) x = y) & u = x})
  4246 ==> finite {u::'A. EX x::'A. (x : s & f x : t) & u = x}"
  4247   by (import hollight FINITE_FINITE_PREIMAGE_GENERAL)
  4248 
  4249 lemma FINITE_FINITE_PREIMAGE: "finite (t::'B => bool) &
  4250 (ALL y::'B. y : t --> finite {u::'A. EX x::'A. (f::'A => 'B) x = y & u = x})
  4251 ==> finite {u::'A. EX x::'A. f x : t & u = x}"
  4252   by (import hollight FINITE_FINITE_PREIMAGE)
  4253 
  4254 lemma FINITE_IMAGE_INJ_EQ: "(!!(x::'A) y::'A.
  4255     x : (s::'A => bool) & y : s & (f::'A => 'B) x = f y ==> x = y)
  4256 ==> finite (f ` s) = finite s"
  4257   by (import hollight FINITE_IMAGE_INJ_EQ)
  4258 
  4259 lemma FINITE_IMAGE_INJ: "(ALL (x::'A) y::'A. (f::'A => 'B) x = f y --> x = y) &
  4260 finite (A::'B => bool)
  4261 ==> finite {u::'A. EX x::'A. f x : A & u = x}"
  4262   by (import hollight FINITE_IMAGE_INJ)
  4263 
  4264 lemma INFINITE_IMAGE_INJ: "[| !!(x::'A) y::'A. (f::'A => 'B) x = f y ==> x = y;
  4265    infinite (s::'A => bool) |]
  4266 ==> infinite (f ` s)"
  4267   by (import hollight INFINITE_IMAGE_INJ)
  4268 
  4269 lemma FINITE_SUBSET_IMAGE: "(finite (t::'B => bool) & t <= (f::'A => 'B) ` (s::'A => bool)) =
  4270 (EX x::'A => bool. finite x & x <= s & t = f ` x)"
  4271   by (import hollight FINITE_SUBSET_IMAGE)
  4272 
  4273 lemma EXISTS_FINITE_SUBSET_IMAGE: "(EX xc::'q_49755 => bool.
  4274     finite xc &
  4275     xc <= (xa::'q_49735 => 'q_49755) ` (xb::'q_49735 => bool) &
  4276     (x::('q_49755 => bool) => bool) xc) =
  4277 (EX xc::'q_49735 => bool. finite xc & xc <= xb & x (xa ` xc))"
  4278   by (import hollight EXISTS_FINITE_SUBSET_IMAGE)
  4279 
  4280 lemma FINITE_SUBSET_IMAGE_IMP: "finite (t::'B => bool) & t <= (f::'A => 'B) ` (s::'A => bool)
  4281 ==> EX s'::'A => bool. finite s' & s' <= s & t <= f ` s'"
  4282   by (import hollight FINITE_SUBSET_IMAGE_IMP)
  4283 
  4284 definition
  4285   FINREC :: "('A => 'B => 'B) => 'B => ('A => bool) => 'B => nat => bool"  where
  4286   "FINREC ==
  4287 SOME FINREC::('A => 'B => 'B) => 'B => ('A => bool) => 'B => nat => bool.
  4288    (ALL (f::'A => 'B => 'B) (s::'A => bool) (a::'B) b::'B.
  4289        FINREC f b s a (0::nat) = (s = {} & a = b)) &
  4290    (ALL (b::'B) (s::'A => bool) (n::nat) (a::'B) f::'A => 'B => 'B.
  4291        FINREC f b s a (Suc n) =
  4292        (EX (x::'A) c::'B. x : s & FINREC f b (s - {x}) c n & a = f x c))"
  4293 
  4294 lemma DEF_FINREC: "FINREC =
  4295 (SOME FINREC::('A => 'B => 'B) => 'B => ('A => bool) => 'B => nat => bool.
  4296     (ALL (f::'A => 'B => 'B) (s::'A => bool) (a::'B) b::'B.
  4297         FINREC f b s a (0::nat) = (s = {} & a = b)) &
  4298     (ALL (b::'B) (s::'A => bool) (n::nat) (a::'B) f::'A => 'B => 'B.
  4299         FINREC f b s a (Suc n) =
  4300         (EX (x::'A) c::'B. x : s & FINREC f b (s - {x}) c n & a = f x c)))"
  4301   by (import hollight DEF_FINREC)
  4302 
  4303 lemma FINREC_1_LEMMA: "FINREC (x::'q_49919 => 'q_49918 => 'q_49918) (xa::'q_49918)
  4304  (xb::'q_49919 => bool) (xc::'q_49918) (Suc (0::nat)) =
  4305 (EX xd::'q_49919. xb = {xd} & xc = x xd xa)"
  4306   by (import hollight FINREC_1_LEMMA)
  4307 
  4308 lemma FINREC_SUC_LEMMA: "[| !!(x::'A) (y::'A) s::'B.
  4309       x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s);
  4310    FINREC f (b::'B) (s::'A => bool) (z::'B) (Suc (n::nat)); (x::'A) : s |]
  4311 ==> EX w::'B. FINREC f b (s - {x}) w n & z = f x w"
  4312   by (import hollight FINREC_SUC_LEMMA)
  4313 
  4314 lemma FINREC_UNIQUE_LEMMA: "[| !!(x::'A) (y::'A) s::'B.
  4315       x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s);
  4316    FINREC f (b::'B) (s::'A => bool) (a1::'B) (n1::nat) &
  4317    FINREC f b s (a2::'B) (n2::nat) |]
  4318 ==> a1 = a2 & n1 = n2"
  4319   by (import hollight FINREC_UNIQUE_LEMMA)
  4320 
  4321 lemma FINREC_EXISTS_LEMMA: "finite (s::'A => bool)
  4322 ==> EX a::'B. Ex (FINREC (f::'A => 'B => 'B) (b::'B) s a)"
  4323   by (import hollight FINREC_EXISTS_LEMMA)
  4324 
  4325 lemma FINREC_FUN_LEMMA: "(ALL s::'A.
  4326     (P::'A => bool) s -->
  4327     (EX a::'B. Ex ((R::'A => 'B => 'C => bool) s a))) &
  4328 (ALL (n1::'C) (n2::'C) (s::'A) (a1::'B) a2::'B.
  4329     R s a1 n1 & R s a2 n2 --> a1 = a2 & n1 = n2)
  4330 ==> EX x::'A => 'B. ALL (s::'A) a::'B. P s --> Ex (R s a) = (x s = a)"
  4331   by (import hollight FINREC_FUN_LEMMA)
  4332 
  4333 lemma FINREC_FUN: "(!!(x::'A) (y::'A) s::'B.
  4334     x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s))
  4335 ==> EX g::('A => bool) => 'B.
  4336        g {} = (b::'B) &
  4337        (ALL (s::'A => bool) x::'A.
  4338            finite s & x : s --> g s = f x (g (s - {x})))"
  4339   by (import hollight FINREC_FUN)
  4340 
  4341 lemma SET_RECURSION_LEMMA: "(!!(x::'A) (y::'A) s::'B.
  4342     x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s))
  4343 ==> EX g::('A => bool) => 'B.
  4344        g {} = (b::'B) &
  4345        (ALL (x::'A) s::'A => bool.
  4346            finite s --> g (insert x s) = (if x : s then g s else f x (g s)))"
  4347   by (import hollight SET_RECURSION_LEMMA)
  4348 
  4349 definition
  4350   ITSET :: "('q_50575 => 'q_50574 => 'q_50574)
  4351 => ('q_50575 => bool) => 'q_50574 => 'q_50574"  where
  4352   "ITSET ==
  4353 %(u::'q_50575 => 'q_50574 => 'q_50574) (ua::'q_50575 => bool) ub::'q_50574.
  4354    (SOME g::('q_50575 => bool) => 'q_50574.
  4355        g {} = ub &
  4356        (ALL (x::'q_50575) s::'q_50575 => bool.
  4357            finite s -->
  4358            g (insert x s) = (if x : s then g s else u x (g s))))
  4359     ua"
  4360 
  4361 lemma DEF_ITSET: "ITSET =
  4362 (%(u::'q_50575 => 'q_50574 => 'q_50574) (ua::'q_50575 => bool) ub::'q_50574.
  4363     (SOME g::('q_50575 => bool) => 'q_50574.
  4364         g {} = ub &
  4365         (ALL (x::'q_50575) s::'q_50575 => bool.
  4366             finite s -->
  4367             g (insert x s) = (if x : s then g s else u x (g s))))
  4368      ua)"
  4369   by (import hollight DEF_ITSET)
  4370 
  4371 lemma FINITE_RECURSION: "(!!(x::'A) (y::'A) s::'B.
  4372     x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s))
  4373 ==> ITSET f {} (b::'B) = b &
  4374     (ALL (x::'A) xa::'A => bool.
  4375         finite xa -->
  4376         ITSET f (insert x xa) b =
  4377         (if x : xa then ITSET f xa b else f x (ITSET f xa b)))"
  4378   by (import hollight FINITE_RECURSION)
  4379 
  4380 lemma FINITE_RECURSION_DELETE: "(!!(x::'A) (y::'A) s::'B.
  4381     x ~= y ==> (f::'A => 'B => 'B) x (f y s) = f y (f x s))
  4382 ==> ITSET f {} (b::'B) = b &
  4383     (ALL (x::'A) s::'A => bool.
  4384         finite s -->
  4385         ITSET f s b =
  4386         (if x : s then f x (ITSET f (s - {x}) b) else ITSET f (s - {x}) b))"
  4387   by (import hollight FINITE_RECURSION_DELETE)
  4388 
  4389 lemma ITSET_EQ: "finite (x::'q_50880 => bool) &
  4390 (ALL xc::'q_50880.
  4391     xc : x -->
  4392     (xa::'q_50880 => 'q_50881 => 'q_50881) xc =
  4393     (xb::'q_50880 => 'q_50881 => 'q_50881) xc) &
  4394 (ALL (x::'q_50880) (y::'q_50880) s::'q_50881.
  4395     x ~= y --> xa x (xa y s) = xa y (xa x s)) &
  4396 (ALL (x::'q_50880) (y::'q_50880) s::'q_50881.
  4397     x ~= y --> xb x (xb y s) = xb y (xb x s))
  4398 ==> ITSET xa x (xc::'q_50881) = ITSET xb x xc"
  4399   by (import hollight ITSET_EQ)
  4400 
  4401 lemma SUBSET_RESTRICT: "{u::'q_50914.
  4402  EX xb::'q_50914.
  4403     (xb : (x::'q_50914 => bool) & (xa::'q_50914 => bool) xb) & u = xb}
  4404 <= x"
  4405   by (import hollight SUBSET_RESTRICT)
  4406 
  4407 lemma FINITE_RESTRICT: "finite (s::'A => bool)
  4408 ==> finite {u::'A. EX x::'A. (x : s & (P::'A => bool) x) & u = x}"
  4409   by (import hollight FINITE_RESTRICT)
  4410 
  4411 definition
  4412   CARD :: "('q_50968 => bool) => nat"  where
  4413   "CARD == %u::'q_50968 => bool. ITSET (%x::'q_50968. Suc) u (0::nat)"
  4414 
  4415 lemma DEF_CARD: "CARD = (%u::'q_50968 => bool. ITSET (%x::'q_50968. Suc) u (0::nat))"
  4416   by (import hollight DEF_CARD)
  4417 
  4418 lemma CARD_CLAUSES: "CARD {} = (0::nat) &
  4419 (ALL (x::'A::type) s::'A::type => bool.
  4420     finite s -->
  4421     CARD (insert x s) = (if x : s then CARD s else Suc (CARD s)))"
  4422   by (import hollight CARD_CLAUSES)
  4423 
  4424 lemma CARD_UNION: "finite (x::'A => bool) & finite (xa::'A => bool) & x Int xa = {}
  4425 ==> CARD (x Un xa) = CARD x + CARD xa"
  4426   by (import hollight CARD_UNION)
  4427 
  4428 lemma CARD_DELETE: "finite (s::'A => bool)
  4429 ==> CARD (s - {x::'A}) = (if x : s then CARD s - (1::nat) else CARD s)"
  4430   by (import hollight CARD_DELETE)
  4431 
  4432 lemma CARD_UNION_EQ: "finite (u::'q_51213 => bool) &
  4433 (s::'q_51213 => bool) Int (t::'q_51213 => bool) = {} & s Un t = u
  4434 ==> CARD s + CARD t = CARD u"
  4435   by (import hollight CARD_UNION_EQ)
  4436 
  4437 lemma CARD_DIFF: "finite (s::'q_51270 => bool) & (t::'q_51270 => bool) <= s
  4438 ==> CARD (s - t) = CARD s - CARD t"
  4439   by (import hollight CARD_DIFF)
  4440 
  4441 lemma CARD_EQ_0: "finite (s::'q_51308 => bool) ==> (CARD s = (0::nat)) = (s = {})"
  4442   by (import hollight CARD_EQ_0)
  4443 
  4444 lemma FINITE_INDUCT_DELETE: "[| (P::('A => bool) => bool) {} &
  4445    (ALL s::'A => bool.
  4446        finite s & s ~= {} --> (EX x::'A. x : s & (P (s - {x}) --> P s)));
  4447    finite (s::'A => bool) |]
  4448 ==> P s"
  4449   by (import hollight FINITE_INDUCT_DELETE)
  4450 
  4451 definition
  4452   HAS_SIZE :: "('q_51427 => bool) => nat => bool"  where
  4453   "HAS_SIZE == %(u::'q_51427 => bool) ua::nat. finite u & CARD u = ua"
  4454 
  4455 lemma DEF_HAS_SIZE: "HAS_SIZE = (%(u::'q_51427 => bool) ua::nat. finite u & CARD u = ua)"
  4456   by (import hollight DEF_HAS_SIZE)
  4457 
  4458 lemma HAS_SIZE_CARD: "HAS_SIZE (x::'q_51446 => bool) (xa::nat) ==> CARD x = xa"
  4459   by (import hollight HAS_SIZE_CARD)
  4460 
  4461 lemma HAS_SIZE_0: "HAS_SIZE (s::'A => bool) (0::nat) = (s = {})"
  4462   by (import hollight HAS_SIZE_0)
  4463 
  4464 lemma HAS_SIZE_SUC: "HAS_SIZE (s::'A => bool) (Suc (n::nat)) =
  4465 (s ~= {} & (ALL x::'A. x : s --> HAS_SIZE (s - {x}) n))"
  4466   by (import hollight HAS_SIZE_SUC)
  4467 
  4468 lemma HAS_SIZE_UNION: "HAS_SIZE (x::'q_51584 => bool) (xb::nat) &
  4469 HAS_SIZE (xa::'q_51584 => bool) (xc::nat) & x Int xa = {}
  4470 ==> HAS_SIZE (x Un xa) (xb + xc)"
  4471   by (import hollight HAS_SIZE_UNION)
  4472 
  4473 lemma HAS_SIZE_DIFF: "HAS_SIZE (x::'q_51620 => bool) (xb::nat) &
  4474 HAS_SIZE (xa::'q_51620 => bool) (xc::nat) & xa <= x
  4475 ==> HAS_SIZE (x - xa) (xb - xc)"
  4476   by (import hollight HAS_SIZE_DIFF)
  4477 
  4478 lemma HAS_SIZE_UNIONS: "HAS_SIZE (x::'A => bool) (xb::nat) &
  4479 (ALL xb::'A. xb : x --> HAS_SIZE ((xa::'A => 'B => bool) xb) (xc::nat)) &
  4480 (ALL (xb::'A) y::'A. xb : x & y : x & xb ~= y --> xa xb Int xa y = {})
  4481 ==> HAS_SIZE (Union {u::'B => bool. EX xb::'A. xb : x & u = xa xb})
  4482      (xb * xc)"
  4483   by (import hollight HAS_SIZE_UNIONS)
  4484 
  4485 lemma FINITE_HAS_SIZE: "finite (x::'q_51824 => bool) = HAS_SIZE x (CARD x)"
  4486   by (import hollight FINITE_HAS_SIZE)
  4487 
  4488 lemma HAS_SIZE_CLAUSES: "HAS_SIZE (s::'q_51886 => bool) (0::nat) = (s = {}) &
  4489 HAS_SIZE s (Suc (n::nat)) =
  4490 (EX (a::'q_51886) t::'q_51886 => bool.
  4491     HAS_SIZE t n & a ~: t & s = insert a t)"
  4492   by (import hollight HAS_SIZE_CLAUSES)
  4493 
  4494 lemma CARD_SUBSET_EQ: "finite (b::'A => bool) & (a::'A => bool) <= b & CARD a = CARD b ==> a = b"
  4495   by (import hollight CARD_SUBSET_EQ)
  4496 
  4497 lemma CARD_SUBSET: "(a::'A => bool) <= (b::'A => bool) & finite b ==> CARD a <= CARD b"
  4498   by (import hollight CARD_SUBSET)
  4499 
  4500 lemma CARD_SUBSET_LE: "finite (b::'A => bool) & (a::'A => bool) <= b & CARD b <= CARD a ==> a = b"
  4501   by (import hollight CARD_SUBSET_LE)
  4502 
  4503 lemma SUBSET_CARD_EQ: "finite (t::'q_52197 => bool) & (s::'q_52197 => bool) <= t
  4504 ==> (CARD s = CARD t) = (s = t)"
  4505   by (import hollight SUBSET_CARD_EQ)
  4506 
  4507 lemma CARD_PSUBSET: "(a::'A => bool) < (b::'A => bool) & finite b ==> CARD a < CARD b"
  4508   by (import hollight CARD_PSUBSET)
  4509 
  4510 lemma CARD_UNION_LE: "finite (s::'A => bool) & finite (t::'A => bool)
  4511 ==> CARD (s Un t) <= CARD s + CARD t"
  4512   by (import hollight CARD_UNION_LE)
  4513 
  4514 lemma CARD_UNIONS_LE: "HAS_SIZE (x::'A => bool) (xb::nat) &
  4515 (ALL xb::'A.
  4516     xb : x -->
  4517     finite ((xa::'A => 'B => bool) xb) & CARD (xa xb) <= (xc::nat))
  4518 ==> CARD (Union {u::'B => bool. EX xb::'A. xb : x & u = xa xb}) <= xb * xc"
  4519   by (import hollight CARD_UNIONS_LE)
  4520 
  4521 lemma CARD_UNION_GEN: "finite (s::'q_52620 => bool) & finite (t::'q_52620 => bool)
  4522 ==> CARD (s Un t) = CARD s + CARD t - CARD (s Int t)"
  4523   by (import hollight CARD_UNION_GEN)
  4524 
  4525 lemma CARD_UNION_OVERLAP_EQ: "finite (s::'q_52701 => bool) & finite (t::'q_52701 => bool)
  4526 ==> (CARD (s Un t) = CARD s + CARD t) = (s Int t = {})"
  4527   by (import hollight CARD_UNION_OVERLAP_EQ)
  4528 
  4529 lemma CARD_UNION_OVERLAP: "finite (x::'q_52743 => bool) &
  4530 finite (xa::'q_52743 => bool) & CARD (x Un xa) < CARD x + CARD xa
  4531 ==> x Int xa ~= {}"
  4532   by (import hollight CARD_UNION_OVERLAP)
  4533 
  4534 lemma CARD_IMAGE_INJ: "(ALL (xa::'A) y::'A.
  4535     xa : (x::'A => bool) & y : x & (f::'A => 'B) xa = f y --> xa = y) &
  4536 finite x
  4537 ==> CARD (f ` x) = CARD x"
  4538   by (import hollight CARD_IMAGE_INJ)
  4539 
  4540 lemma HAS_SIZE_IMAGE_INJ: "(ALL (xb::'A) y::'A.
  4541     xb : (xa::'A => bool) & y : xa & (x::'A => 'B) xb = x y --> xb = y) &
  4542 HAS_SIZE xa (xb::nat)
  4543 ==> HAS_SIZE (x ` xa) xb"
  4544   by (import hollight HAS_SIZE_IMAGE_INJ)
  4545 
  4546 lemma CARD_IMAGE_LE: "finite (s::'A => bool) ==> CARD ((f::'A => 'B) ` s) <= CARD s"
  4547   by (import hollight CARD_IMAGE_LE)
  4548 
  4549 lemma CARD_IMAGE_INJ_EQ: "finite (s::'A => bool) &
  4550 (ALL x::'A. x : s --> (f::'A => 'B) x : (t::'B => bool)) &
  4551 (ALL y::'B. y : t --> (EX! x::'A. x : s & f x = y))
  4552 ==> CARD t = CARD s"
  4553   by (import hollight CARD_IMAGE_INJ_EQ)
  4554 
  4555 lemma CARD_SUBSET_IMAGE: "finite (t::'q_52977 => bool) &
  4556 (s::'q_52984 => bool) <= (f::'q_52977 => 'q_52984) ` t
  4557 ==> CARD s <= CARD t"
  4558   by (import hollight CARD_SUBSET_IMAGE)
  4559 
  4560 lemma HAS_SIZE_IMAGE_INJ_EQ: "(!!(x::'q_53049) y::'q_53049.
  4561     x : (s::'q_53049 => bool) & y : s & (f::'q_53049 => 'q_53044) x = f y
  4562     ==> x = y)
  4563 ==> HAS_SIZE (f ` s) (n::nat) = HAS_SIZE s n"
  4564   by (import hollight HAS_SIZE_IMAGE_INJ_EQ)
  4565 
  4566 lemma CHOOSE_SUBSET_STRONG: "(finite (s::'A => bool) ==> (n::nat) <= CARD s) ==> EX t<=s. HAS_SIZE t n"
  4567   by (import hollight CHOOSE_SUBSET_STRONG)
  4568 
  4569 lemma CHOOSE_SUBSET: "[| finite (s::'A => bool); (n::nat) <= CARD s |] ==> EX t<=s. HAS_SIZE t n"
  4570   by (import hollight CHOOSE_SUBSET)
  4571 
  4572 lemma HAS_SIZE_PRODUCT_DEPENDENT: "HAS_SIZE (x::'A => bool) (xa::nat) &
  4573 (ALL xa::'A. xa : x --> HAS_SIZE ((xb::'A => 'B => bool) xa) (xc::nat))
  4574 ==> HAS_SIZE
  4575      {u::'A * 'B. EX (xa::'A) y::'B. (xa : x & y : xb xa) & u = (xa, y)}
  4576      (xa * xc)"
  4577   by (import hollight HAS_SIZE_PRODUCT_DEPENDENT)
  4578 
  4579 lemma FINITE_PRODUCT_DEPENDENT: "finite (s::'A => bool) &
  4580 (ALL x::'A. x : s --> finite ((t::'A => 'B => bool) x))
  4581 ==> finite
  4582      {u::'C.
  4583       EX (x::'A) y::'B. (x : s & y : t x) & u = (f::'A => 'B => 'C) x y}"
  4584   by (import hollight FINITE_PRODUCT_DEPENDENT)
  4585 
  4586 lemma FINITE_PRODUCT: "finite (x::'A => bool) & finite (xa::'B => bool)
  4587 ==> finite {u::'A * 'B. EX (xb::'A) y::'B. (xb : x & y : xa) & u = (xb, y)}"
  4588   by (import hollight FINITE_PRODUCT)
  4589 
  4590 lemma CARD_PRODUCT: "finite (s::'A => bool) & finite (t::'B => bool)
  4591 ==> CARD {u::'A * 'B. EX (x::'A) y::'B. (x : s & y : t) & u = (x, y)} =
  4592     CARD s * CARD t"
  4593   by (import hollight CARD_PRODUCT)
  4594 
  4595 lemma HAS_SIZE_PRODUCT: "HAS_SIZE (x::'A => bool) (xa::nat) & HAS_SIZE (xb::'B => bool) (xc::nat)
  4596 ==> HAS_SIZE
  4597      {u::'A * 'B. EX (xa::'A) y::'B. (xa : x & y : xb) & u = (xa, y)}
  4598      (xa * xc)"
  4599   by (import hollight HAS_SIZE_PRODUCT)
  4600 
  4601 definition
  4602   CROSS :: "('q_53759 => bool) => ('q_53758 => bool) => 'q_53759 * 'q_53758 => bool"  where
  4603   "CROSS ==
  4604 %(u::'q_53759 => bool) ua::'q_53758 => bool.
  4605    {ub::'q_53759 * 'q_53758.
  4606     EX (x::'q_53759) y::'q_53758. (x : u & y : ua) & ub = (x, y)}"
  4607 
  4608 lemma DEF_CROSS: "CROSS =
  4609 (%(u::'q_53759 => bool) ua::'q_53758 => bool.
  4610     {ub::'q_53759 * 'q_53758.
  4611      EX (x::'q_53759) y::'q_53758. (x : u & y : ua) & ub = (x, y)})"
  4612   by (import hollight DEF_CROSS)
  4613 
  4614 lemma IN_CROSS: "((x::'q_53795, xa::'q_53798)
  4615  : CROSS (xb::'q_53795 => bool) (xc::'q_53798 => bool)) =
  4616 (x : xb & xa : xc)"
  4617   by (import hollight IN_CROSS)
  4618 
  4619 lemma HAS_SIZE_CROSS: "HAS_SIZE (x::'q_53823 => bool) (xb::nat) &
  4620 HAS_SIZE (xa::'q_53826 => bool) (xc::nat)
  4621 ==> HAS_SIZE (CROSS x xa) (xb * xc)"
  4622   by (import hollight HAS_SIZE_CROSS)
  4623 
  4624 lemma FINITE_CROSS: "finite (x::'q_53851 => bool) & finite (xa::'q_53853 => bool)
  4625 ==> finite (CROSS x xa)"
  4626   by (import hollight FINITE_CROSS)
  4627 
  4628 lemma CARD_CROSS: "finite (x::'q_53874 => bool) & finite (xa::'q_53876 => bool)
  4629 ==> CARD (CROSS x xa) = CARD x * CARD xa"
  4630   by (import hollight CARD_CROSS)
  4631 
  4632 lemma CROSS_EQ_EMPTY: "(CROSS (x::'q_53917 => bool) (xa::'q_53921 => bool) = {}) =
  4633 (x = {} | xa = {})"
  4634   by (import hollight CROSS_EQ_EMPTY)
  4635 
  4636 lemma HAS_SIZE_FUNSPACE: "HAS_SIZE (s::'A => bool) (m::nat) & HAS_SIZE (t::'B => bool) (n::nat)
  4637 ==> HAS_SIZE
  4638      {u::'A => 'B.
  4639       EX f::'A => 'B.
  4640          ((ALL x::'A. x : s --> f x : t) &
  4641           (ALL x::'A. x ~: s --> f x = (d::'B))) &
  4642          u = f}
  4643      (n ^ m)"
  4644   by (import hollight HAS_SIZE_FUNSPACE)
  4645 
  4646 lemma CARD_FUNSPACE: "finite (s::'q_54227 => bool) & finite (t::'q_54224 => bool)
  4647 ==> CARD
  4648      {u::'q_54227 => 'q_54224.
  4649       EX f::'q_54227 => 'q_54224.
  4650          ((ALL x::'q_54227. x : s --> f x : t) &
  4651           (ALL x::'q_54227. x ~: s --> f x = (d::'q_54224))) &
  4652          u = f} =
  4653     CARD t ^ CARD s"
  4654   by (import hollight CARD_FUNSPACE)
  4655 
  4656 lemma FINITE_FUNSPACE: "finite (s::'q_54293 => bool) & finite (t::'q_54290 => bool)
  4657 ==> finite
  4658      {u::'q_54293 => 'q_54290.
  4659       EX f::'q_54293 => 'q_54290.
  4660          ((ALL x::'q_54293. x : s --> f x : t) &
  4661           (ALL x::'q_54293. x ~: s --> f x = (d::'q_54290))) &
  4662          u = f}"
  4663   by (import hollight FINITE_FUNSPACE)
  4664 
  4665 lemma HAS_SIZE_POWERSET: "HAS_SIZE (s::'A => bool) (n::nat)
  4666 ==> HAS_SIZE {u::'A => bool. EX t<=s. u = t} ((2::nat) ^ n)"
  4667   by (import hollight HAS_SIZE_POWERSET)
  4668 
  4669 lemma CARD_POWERSET: "finite (s::'A => bool)
  4670 ==> CARD {u::'A => bool. EX t<=s. u = t} = (2::nat) ^ CARD s"
  4671   by (import hollight CARD_POWERSET)
  4672 
  4673 lemma FINITE_POWERSET: "finite (s::'A => bool) ==> finite {u::'A => bool. EX t<=s. u = t}"
  4674   by (import hollight FINITE_POWERSET)
  4675 
  4676 lemma FINITE_UNIONS: "finite (Union (s::('A => bool) => bool)) =
  4677 (finite s & (ALL t::'A => bool. t : s --> finite t))"
  4678   by (import hollight FINITE_UNIONS)
  4679 
  4680 lemma POWERSET_CLAUSES: "{x::'q_54515 => bool. EX xa<={}. x = xa} = {{}} &
  4681 (ALL (x::'A) xa::'A => bool.
  4682     {xb::'A => bool. EX xc<=insert x xa. xb = xc} =
  4683     {u::'A => bool. EX s<=xa. u = s} Un
  4684     insert x ` {u::'A => bool. EX s<=xa. u = s})"
  4685   by (import hollight POWERSET_CLAUSES)
  4686 
  4687 lemma HAS_SIZE_NUMSEG_LT: "HAS_SIZE {u. EX m<n. u = m} n"
  4688   by (import hollight HAS_SIZE_NUMSEG_LT)
  4689 
  4690 lemma CARD_NUMSEG_LT: "CARD {u. EX m<x. u = m} = x"
  4691   by (import hollight CARD_NUMSEG_LT)
  4692 
  4693 lemma FINITE_NUMSEG_LT: "finite {u::nat. EX m<x::nat. u = m}"
  4694   by (import hollight FINITE_NUMSEG_LT)
  4695 
  4696 lemma HAS_SIZE_NUMSEG_LE: "HAS_SIZE {xa. EX xb<=x. xa = xb} (x + 1)"
  4697   by (import hollight HAS_SIZE_NUMSEG_LE)
  4698 
  4699 lemma FINITE_NUMSEG_LE: "finite {u::nat. EX m<=x::nat. u = m}"
  4700   by (import hollight FINITE_NUMSEG_LE)
  4701 
  4702 lemma CARD_NUMSEG_LE: "CARD {u. EX m<=x. u = m} = x + 1"
  4703   by (import hollight CARD_NUMSEG_LE)
  4704 
  4705 lemma num_FINITE: "finite (s::nat => bool) = (EX a::nat. ALL x::nat. x : s --> x <= a)"
  4706   by (import hollight num_FINITE)
  4707 
  4708 lemma num_FINITE_AVOID: "finite (s::nat => bool) ==> EX a::nat. a ~: s"
  4709   by (import hollight num_FINITE_AVOID)
  4710 
  4711 lemma FINITE_REAL_INTERVAL: "(ALL a. infinite {u. EX x. real_lt a x & u = x}) &
  4712 (ALL a. infinite {u. EX x. real_le a x & u = x}) &
  4713 (ALL b. infinite {u. EX x. real_lt x b & u = x}) &
  4714 (ALL b. infinite {u. EX x. real_le x b & u = x}) &
  4715 (ALL x xa.
  4716     finite {u. EX xb. (real_lt x xb & real_lt xb xa) & u = xb} =
  4717     real_le xa x) &
  4718 (ALL a b.
  4719     finite {u. EX x. (real_le a x & real_lt x b) & u = x} = real_le b a) &
  4720 (ALL a b.
  4721     finite {u. EX x. (real_lt a x & real_le x b) & u = x} = real_le b a) &
  4722 (ALL a b.
  4723     finite {u. EX x. (real_le a x & real_le x b) & u = x} = real_le b a)"
  4724   by (import hollight FINITE_REAL_INTERVAL)
  4725 
  4726 lemma real_INFINITE: "(infinite::(hollight.real => bool) => bool) (UNIV::hollight.real => bool)"
  4727   by (import hollight real_INFINITE)
  4728 
  4729 lemma HAS_SIZE_INDEX: "HAS_SIZE (x::'A => bool) (n::nat)
  4730 ==> EX f::nat => 'A.
  4731        (ALL m<n. f m : x) &
  4732        (ALL xa::'A. xa : x --> (EX! m::nat. m < n & f m = xa))"
  4733   by (import hollight HAS_SIZE_INDEX)
  4734 
  4735 definition
  4736   pairwise :: "('q_55938 => 'q_55938 => bool) => ('q_55938 => bool) => bool"  where
  4737   "pairwise ==
  4738 %(u::'q_55938 => 'q_55938 => bool) ua::'q_55938 => bool.
  4739    ALL (x::'q_55938) y::'q_55938. x : ua & y : ua & x ~= y --> u x y"
  4740 
  4741 lemma DEF_pairwise: "pairwise =
  4742 (%(u::'q_55938 => 'q_55938 => bool) ua::'q_55938 => bool.
  4743     ALL (x::'q_55938) y::'q_55938. x : ua & y : ua & x ~= y --> u x y)"
  4744   by (import hollight DEF_pairwise)
  4745 
  4746 definition
  4747   PAIRWISE :: "('A => 'A => bool) => 'A list => bool"  where
  4748   "PAIRWISE ==
  4749 SOME PAIRWISE::('A => 'A => bool) => 'A list => bool.
  4750    (ALL r::'A => 'A => bool. PAIRWISE r [] = True) &
  4751    (ALL (h::'A) (r::'A => 'A => bool) t::'A list.
  4752        PAIRWISE r (h # t) = (list_all (r h) t & PAIRWISE r t))"
  4753 
  4754 lemma DEF_PAIRWISE: "PAIRWISE =
  4755 (SOME PAIRWISE::('A => 'A => bool) => 'A list => bool.
  4756     (ALL r::'A => 'A => bool. PAIRWISE r [] = True) &
  4757     (ALL (h::'A) (r::'A => 'A => bool) t::'A list.
  4758         PAIRWISE r (h # t) = (list_all (r h) t & PAIRWISE r t)))"
  4759   by (import hollight DEF_PAIRWISE)
  4760 
  4761 lemma PAIRWISE_EMPTY: "pairwise (x::'q_55973 => 'q_55973 => bool) {} = True"
  4762   by (import hollight PAIRWISE_EMPTY)
  4763 
  4764 lemma PAIRWISE_SING: "pairwise (x::'q_55991 => 'q_55991 => bool) {xa::'q_55991} = True"
  4765   by (import hollight PAIRWISE_SING)
  4766 
  4767 lemma PAIRWISE_MONO: "pairwise (x::'q_56011 => 'q_56011 => bool) (xa::'q_56011 => bool) &
  4768 (xb::'q_56011 => bool) <= xa
  4769 ==> pairwise x xb"
  4770   by (import hollight PAIRWISE_MONO)
  4771 
  4772 lemma SURJECTIVE_IFF_INJECTIVE_GEN: "finite (s::'A => bool) &
  4773 finite (t::'B => bool) & CARD s = CARD t & (f::'A => 'B) ` s <= t
  4774 ==> (ALL y::'B. y : t --> (EX x::'A. x : s & f x = y)) =
  4775     (ALL (x::'A) y::'A. x : s & y : s & f x = f y --> x = y)"
  4776   by (import hollight SURJECTIVE_IFF_INJECTIVE_GEN)
  4777 
  4778 lemma SURJECTIVE_IFF_INJECTIVE: "finite (x::'A => bool) & (xa::'A => 'A) ` x <= x
  4779 ==> (ALL y::'A. y : x --> (EX xb::'A. xb : x & xa xb = y)) =
  4780     (ALL (xb::'A) y::'A. xb : x & y : x & xa xb = xa y --> xb = y)"
  4781   by (import hollight SURJECTIVE_IFF_INJECTIVE)
  4782 
  4783 lemma IMAGE_IMP_INJECTIVE_GEN: "[| finite (s::'A => bool) &
  4784    CARD s = CARD (t::'B => bool) & (f::'A => 'B) ` s = t;
  4785    (x::'A) : s & (y::'A) : s & f x = f y |]
  4786 ==> x = y"
  4787   by (import hollight IMAGE_IMP_INJECTIVE_GEN)
  4788 
  4789 lemma IMAGE_IMP_INJECTIVE: "[| finite (s::'q_56387 => bool) & (f::'q_56387 => 'q_56387) ` s = s;
  4790    (x::'q_56387) : s & (y::'q_56387) : s & f x = f y |]
  4791 ==> x = y"
  4792   by (import hollight IMAGE_IMP_INJECTIVE)
  4793 
  4794 lemma CARD_LE_INJ: "finite (x::'A => bool) & finite (xa::'B => bool) & CARD x <= CARD xa
  4795 ==> EX f::'A => 'B.
  4796        f ` x <= xa &
  4797        (ALL (xa::'A) y::'A. xa : x & y : x & f xa = f y --> xa = y)"
  4798   by (import hollight CARD_LE_INJ)
  4799 
  4800 lemma FORALL_IN_CLAUSES: "(ALL x::'q_56493 => bool. (ALL xa::'q_56493. xa : {} --> x xa) = True) &
  4801 (ALL (x::'q_56533 => bool) (xa::'q_56533) xb::'q_56533 => bool.
  4802     (ALL xc::'q_56533. xc : insert xa xb --> x xc) =
  4803     (x xa & (ALL xa::'q_56533. xa : xb --> x xa)))"
  4804   by (import hollight FORALL_IN_CLAUSES)
  4805 
  4806 lemma EXISTS_IN_CLAUSES: "(ALL x::'q_56553 => bool. (EX xa::'q_56553. xa : {} & x xa) = False) &
  4807 (ALL (x::'q_56593 => bool) (xa::'q_56593) xb::'q_56593 => bool.
  4808     (EX xc::'q_56593. xc : insert xa xb & x xc) =
  4809     (x xa | (EX xa::'q_56593. xa : xb & x xa)))"
  4810   by (import hollight EXISTS_IN_CLAUSES)
  4811 
  4812 lemma SURJECTIVE_ON_RIGHT_INVERSE: "(ALL xb::'q_56650.
  4813     xb : (xa::'q_56650 => bool) -->
  4814     (EX xa::'q_56649.
  4815         xa : (s::'q_56649 => bool) & (x::'q_56649 => 'q_56650) xa = xb)) =
  4816 (EX g::'q_56650 => 'q_56649.
  4817     ALL y::'q_56650. y : xa --> g y : s & x (g y) = y)"
  4818   by (import hollight SURJECTIVE_ON_RIGHT_INVERSE)
  4819 
  4820 lemma INJECTIVE_ON_LEFT_INVERSE: "(ALL (xb::'q_56743) y::'q_56743.
  4821     xb : (xa::'q_56743 => bool) &
  4822     y : xa & (x::'q_56743 => 'q_56746) xb = x y -->
  4823     xb = y) =
  4824 (EX xb::'q_56746 => 'q_56743. ALL xc::'q_56743. xc : xa --> xb (x xc) = xc)"
  4825   by (import hollight INJECTIVE_ON_LEFT_INVERSE)
  4826 
  4827 lemma BIJECTIVE_ON_LEFT_RIGHT_INVERSE: "(!!x::'q_56878.
  4828     x : (s::'q_56878 => bool)
  4829     ==> (f::'q_56878 => 'q_56877) x : (t::'q_56877 => bool))
  4830 ==> ((ALL (x::'q_56878) y::'q_56878. x : s & y : s & f x = f y --> x = y) &
  4831      (ALL x::'q_56877. x : t --> (EX xa::'q_56878. xa : s & f xa = x))) =
  4832     (EX g::'q_56877 => 'q_56878.
  4833         (ALL y::'q_56877. y : t --> g y : s) &
  4834         (ALL y::'q_56877. y : t --> f (g y) = y) &
  4835         (ALL x::'q_56878. x : s --> g (f x) = x))"
  4836   by (import hollight BIJECTIVE_ON_LEFT_RIGHT_INVERSE)
  4837 
  4838 lemma SURJECTIVE_RIGHT_INVERSE: "(ALL y::'q_56902. EX x::'q_56905. (f::'q_56905 => 'q_56902) x = y) =
  4839 (EX g::'q_56902 => 'q_56905. ALL y::'q_56902. f (g y) = y)"
  4840   by (import hollight SURJECTIVE_RIGHT_INVERSE)
  4841 
  4842 lemma INJECTIVE_LEFT_INVERSE: "(ALL (x::'q_56939) xa::'q_56939.
  4843     (f::'q_56939 => 'q_56942) x = f xa --> x = xa) =
  4844 (EX g::'q_56942 => 'q_56939. ALL x::'q_56939. g (f x) = x)"
  4845   by (import hollight INJECTIVE_LEFT_INVERSE)
  4846 
  4847 lemma BIJECTIVE_LEFT_RIGHT_INVERSE: "((ALL (x::'A) y::'A. (f::'A => 'B) x = f y --> x = y) &
  4848  (ALL y::'B. EX x::'A. f x = y)) =
  4849 (EX g::'B => 'A. (ALL y::'B. f (g y) = y) & (ALL x::'A. g (f x) = x))"
  4850   by (import hollight BIJECTIVE_LEFT_RIGHT_INVERSE)
  4851 
  4852 lemma FUNCTION_FACTORS_RIGHT: "(ALL xb::'q_57046.
  4853     EX y::'q_57034.
  4854        (xa::'q_57034 => 'q_57047) y = (x::'q_57046 => 'q_57047) xb) =
  4855 (EX xb::'q_57046 => 'q_57034. x = xa o xb)"
  4856   by (import hollight FUNCTION_FACTORS_RIGHT)
  4857 
  4858 lemma FUNCTION_FACTORS_LEFT: "(ALL (xb::'q_57119) y::'q_57119.
  4859     (xa::'q_57119 => 'q_57099) xb = xa y -->
  4860     (x::'q_57119 => 'q_57120) xb = x y) =
  4861 (EX xb::'q_57099 => 'q_57120. x = xb o xa)"
  4862   by (import hollight FUNCTION_FACTORS_LEFT)
  4863 
  4864 lemma SURJECTIVE_FORALL_THM: "(ALL y::'B. EX x::'A. (f::'A => 'B) x = y) =
  4865 (ALL P::'B => bool. (ALL x::'A. P (f x)) = All P)"
  4866   by (import hollight SURJECTIVE_FORALL_THM)
  4867 
  4868 lemma SURJECTIVE_EXISTS_THM: "(ALL y::'B. EX x::'A. (f::'A => 'B) x = y) =
  4869 (ALL P::'B => bool. (EX x::'A. P (f x)) = Ex P)"
  4870   by (import hollight SURJECTIVE_EXISTS_THM)
  4871 
  4872 lemma SURJECTIVE_IMAGE_THM: "(ALL y::'B. EX x::'A. (f::'A => 'B) x = y) =
  4873 (ALL x::'B => bool.
  4874     f ` {u::'A. EX xa::'A. x (f xa) & u = xa} =
  4875     {u::'B. EX xa::'B. x xa & u = xa})"
  4876   by (import hollight SURJECTIVE_IMAGE_THM)
  4877 
  4878 lemma IMAGE_INJECTIVE_IMAGE_OF_SUBSET: "EX x<=s::'A => bool.
  4879    (f::'A => 'B) ` s = f ` x &
  4880    (ALL (xa::'A) y::'A. xa : x & y : x & f xa = f y --> xa = y)"
  4881   by (import hollight IMAGE_INJECTIVE_IMAGE_OF_SUBSET)
  4882 
  4883 lemma INJECTIVE_ON_IMAGE: "(ALL (s::'A => bool) t::'A => bool.
  4884     s <= (u::'A => bool) & t <= u & (f::'A => 'B) ` s = f ` t --> s = t) =
  4885 (ALL (x::'A) y::'A. x : u & y : u & f x = f y --> x = y)"
  4886   by (import hollight INJECTIVE_ON_IMAGE)
  4887 
  4888 lemma INJECTIVE_IMAGE: "(ALL (s::'A => bool) t::'A => bool. (f::'A => 'B) ` s = f ` t --> s = t) =
  4889 (ALL (x::'A) y::'A. f x = f y --> x = y)"
  4890   by (import hollight INJECTIVE_IMAGE)
  4891 
  4892 lemma SURJECTIVE_ON_IMAGE: "(ALL t<=v::'B => bool. EX s<=u::'A => bool. (f::'A => 'B) ` s = t) =
  4893 (ALL y::'B. y : v --> (EX x::'A. x : u & f x = y))"
  4894   by (import hollight SURJECTIVE_ON_IMAGE)
  4895 
  4896 lemma SURJECTIVE_IMAGE: "(ALL t::'B => bool. EX s::'A => bool. (f::'A => 'B) ` s = t) =
  4897 (ALL y::'B. EX x::'A. f x = y)"
  4898   by (import hollight SURJECTIVE_IMAGE)
  4899 
  4900 lemma CARD_EQ_BIJECTION: "finite (s::'A => bool) & finite (t::'B => bool) & CARD s = CARD t
  4901 ==> EX f::'A => 'B.
  4902        (ALL x::'A. x : s --> f x : t) &
  4903        (ALL y::'B. y : t --> (EX x::'A. x : s & f x = y)) &
  4904        (ALL (x::'A) y::'A. x : s & y : s & f x = f y --> x = y)"
  4905   by (import hollight CARD_EQ_BIJECTION)
  4906 
  4907 lemma CARD_EQ_BIJECTIONS: "finite (s::'A => bool) & finite (t::'B => bool) & CARD s = CARD t
  4908 ==> EX (f::'A => 'B) g::'B => 'A.
  4909        (ALL x::'A. x : s --> f x : t & g (f x) = x) &
  4910        (ALL y::'B. y : t --> g y : s & f (g y) = y)"
  4911   by (import hollight CARD_EQ_BIJECTIONS)
  4912 
  4913 lemma BIJECTIONS_HAS_SIZE: "(ALL x::'A.
  4914     x : (s::'A => bool) -->
  4915     (f::'A => 'B) x : (t::'B => bool) & (g::'B => 'A) (f x) = x) &
  4916 (ALL y::'B. y : t --> g y : s & f (g y) = y) & HAS_SIZE s (n::nat)
  4917 ==> HAS_SIZE t n"
  4918   by (import hollight BIJECTIONS_HAS_SIZE)
  4919 
  4920 lemma BIJECTIONS_HAS_SIZE_EQ: "(ALL x::'A.
  4921     x : (s::'A => bool) -->
  4922     (f::'A => 'B) x : (t::'B => bool) & (g::'B => 'A) (f x) = x) &
  4923 (ALL y::'B. y : t --> g y : s & f (g y) = y)
  4924 ==> HAS_SIZE s (n::nat) = HAS_SIZE t n"
  4925   by (import hollight BIJECTIONS_HAS_SIZE_EQ)
  4926 
  4927 lemma BIJECTIONS_CARD_EQ: "(finite (s::'A => bool) | finite (t::'B => bool)) &
  4928 (ALL x::'A. x : s --> (f::'A => 'B) x : t & (g::'B => 'A) (f x) = x) &
  4929 (ALL y::'B. y : t --> g y : s & f (g y) = y)
  4930 ==> CARD s = CARD t"
  4931   by (import hollight BIJECTIONS_CARD_EQ)
  4932 
  4933 lemma WF_FINITE: "(ALL x::'A. ~ (u_556::'A => 'A => bool) x x) &
  4934 (ALL (x::'A) (y::'A) z::'A. u_556 x y & u_556 y z --> u_556 x z) &
  4935 (ALL x::'A. finite {u::'A. EX y::'A. u_556 y x & u = y})
  4936 ==> wfP u_556"
  4937   by (import hollight WF_FINITE)
  4938 
  4939 consts
  4940   "<=_c" :: "('q_58200 => bool) => ('q_58195 => bool) => bool" ("<='_c")
  4941 
  4942 defs
  4943   "<=_c_def": "<=_c ==
  4944 %(u::'q_58200 => bool) ua::'q_58195 => bool.
  4945    EX f::'q_58200 => 'q_58195.
  4946       (ALL x::'q_58200. x : u --> f x : ua) &
  4947       (ALL (x::'q_58200) y::'q_58200. x : u & y : u & f x = f y --> x = y)"
  4948 
  4949 lemma DEF__lessthan__equal__c: "<=_c =
  4950 (%(u::'q_58200 => bool) ua::'q_58195 => bool.
  4951     EX f::'q_58200 => 'q_58195.
  4952        (ALL x::'q_58200. x : u --> f x : ua) &
  4953        (ALL (x::'q_58200) y::'q_58200. x : u & y : u & f x = f y --> x = y))"
  4954   by (import hollight DEF__lessthan__equal__c)
  4955 
  4956 consts
  4957   "<_c" :: "('q_58212 => bool) => ('q_58213 => bool) => bool" ("<'_c")
  4958 
  4959 defs
  4960   "<_c_def": "<_c == %(u::'q_58212 => bool) ua::'q_58213 => bool. <=_c u ua & ~ <=_c ua u"
  4961 
  4962 lemma DEF__lessthan__c: "<_c = (%(u::'q_58212 => bool) ua::'q_58213 => bool. <=_c u ua & ~ <=_c ua u)"
  4963   by (import hollight DEF__lessthan__c)
  4964 
  4965 consts
  4966   "=_c" :: "('q_58264 => bool) => ('q_58261 => bool) => bool" ("='_c")
  4967 
  4968 defs
  4969   "=_c_def": "=_c ==
  4970 %(u::'q_58264 => bool) ua::'q_58261 => bool.
  4971    EX f::'q_58264 => 'q_58261.
  4972       (ALL x::'q_58264. x : u --> f x : ua) &
  4973       (ALL y::'q_58261. y : ua --> (EX! x::'q_58264. x : u & f x = y))"
  4974 
  4975 lemma DEF__equal__c: "=_c =
  4976 (%(u::'q_58264 => bool) ua::'q_58261 => bool.
  4977     EX f::'q_58264 => 'q_58261.
  4978        (ALL x::'q_58264. x : u --> f x : ua) &
  4979        (ALL y::'q_58261. y : ua --> (EX! x::'q_58264. x : u & f x = y)))"
  4980   by (import hollight DEF__equal__c)
  4981 
  4982 consts
  4983   ">=_c" :: "('q_58273 => bool) => ('q_58272 => bool) => bool" (">='_c")
  4984 
  4985 defs
  4986   ">=_c_def": ">=_c == %(u::'q_58273 => bool) ua::'q_58272 => bool. <=_c ua u"
  4987 
  4988 lemma DEF__greaterthan__equal__c: ">=_c = (%(u::'q_58273 => bool) ua::'q_58272 => bool. <=_c ua u)"
  4989   by (import hollight DEF__greaterthan__equal__c)
  4990 
  4991 consts
  4992   ">_c" :: "('q_58282 => bool) => ('q_58281 => bool) => bool" (">'_c")
  4993 
  4994 defs
  4995   ">_c_def": ">_c == %(u::'q_58282 => bool) ua::'q_58281 => bool. <_c ua u"
  4996 
  4997 lemma DEF__greaterthan__c: ">_c = (%(u::'q_58282 => bool) ua::'q_58281 => bool. <_c ua u)"
  4998   by (import hollight DEF__greaterthan__c)
  4999 
  5000 lemma LE_C: "<=_c (x::'q_58320 => bool) (xa::'q_58323 => bool) =
  5001 (EX xb::'q_58323 => 'q_58320.
  5002     ALL xc::'q_58320. xc : x --> (EX x::'q_58323. x : xa & xb x = xc))"
  5003   by (import hollight LE_C)
  5004 
  5005 lemma GE_C: ">=_c (x::'q_58364 => bool) (xa::'q_58361 => bool) =
  5006 (EX f::'q_58364 => 'q_58361.
  5007     ALL y::'q_58361. y : xa --> (EX xa::'q_58364. xa : x & y = f xa))"
  5008   by (import hollight GE_C)
  5009 
  5010 definition
  5011   COUNTABLE :: "('q_58372 => bool) => bool"  where
  5012   "(op ==::(('q_58372::type => bool) => bool)
  5013         => (('q_58372::type => bool) => bool) => prop)
  5014  (COUNTABLE::('q_58372::type => bool) => bool)
  5015  ((>=_c::(nat => bool) => ('q_58372::type => bool) => bool)
  5016    (UNIV::nat => bool))"
  5017 
  5018 lemma DEF_COUNTABLE: "(op =::(('q_58372::type => bool) => bool)
  5019        => (('q_58372::type => bool) => bool) => bool)
  5020  (COUNTABLE::('q_58372::type => bool) => bool)
  5021  ((>=_c::(nat => bool) => ('q_58372::type => bool) => bool)
  5022    (UNIV::nat => bool))"
  5023   by (import hollight DEF_COUNTABLE)
  5024 
  5025 lemma NUMSEG_COMBINE_R: "(x::nat) <= (xa::nat) + (1::nat) & xa <= (xb::nat)
  5026 ==> {x..xa} Un {xa + (1::nat)..xb} = {x..xb}"
  5027   by (import hollight NUMSEG_COMBINE_R)
  5028 
  5029 lemma NUMSEG_COMBINE_L: "(x::nat) <= (xa::nat) & xa <= (xb::nat) + (1::nat)
  5030 ==> {x..xa - (1::nat)} Un {xa..xb} = {x..xb}"
  5031   by (import hollight NUMSEG_COMBINE_L)
  5032 
  5033 lemma NUMSEG_LREC: "(x::nat) <= (xa::nat) ==> insert x {x + (1::nat)..xa} = {x..xa}"
  5034   by (import hollight NUMSEG_LREC)
  5035 
  5036 lemma NUMSEG_RREC: "(x::nat) <= (xa::nat) ==> insert xa {x..xa - (1::nat)} = {x..xa}"
  5037   by (import hollight NUMSEG_RREC)
  5038 
  5039 lemma IN_NUMSEG_0: "((x::nat) : {0::nat..xa::nat}) = (x <= xa)"
  5040   by (import hollight IN_NUMSEG_0)
  5041 
  5042 lemma NUMSEG_EMPTY: "({x::nat..xa::nat} = {}) = (xa < x)"
  5043   by (import hollight NUMSEG_EMPTY)
  5044 
  5045 lemma CARD_NUMSEG_LEMMA: "CARD {m..m + d} = d + 1"
  5046   by (import hollight CARD_NUMSEG_LEMMA)
  5047 
  5048 lemma CARD_NUMSEG: "CARD {m..n} = n + 1 - m"
  5049   by (import hollight CARD_NUMSEG)
  5050 
  5051 lemma HAS_SIZE_NUMSEG: "HAS_SIZE {x..xa} (xa + 1 - x)"
  5052   by (import hollight HAS_SIZE_NUMSEG)
  5053 
  5054 lemma CARD_NUMSEG_1: "CARD {1..x} = x"
  5055   by (import hollight CARD_NUMSEG_1)
  5056 
  5057 lemma HAS_SIZE_NUMSEG_1: "HAS_SIZE {1..x} x"
  5058   by (import hollight HAS_SIZE_NUMSEG_1)
  5059 
  5060 lemma NUMSEG_CLAUSES: "(ALL m::nat. {m..0::nat} = (if m = (0::nat) then {0::nat} else {})) &
  5061 (ALL (m::nat) n::nat.
  5062     {m..Suc n} = (if m <= Suc n then insert (Suc n) {m..n} else {m..n}))"
  5063   by (import hollight NUMSEG_CLAUSES)
  5064 
  5065 lemma FINITE_INDEX_NUMSEG: "finite (s::'A => bool) =
  5066 (EX f::nat => 'A.
  5067     (ALL (i::nat) j::nat.
  5068         i : {1::nat..CARD s} & j : {1::nat..CARD s} & f i = f j --> i = j) &
  5069     s = f ` {1::nat..CARD s})"
  5070   by (import hollight FINITE_INDEX_NUMSEG)
  5071 
  5072 lemma FINITE_INDEX_NUMBERS: "finite (s::'A => bool) =
  5073 (EX (k::nat => bool) f::nat => 'A.
  5074     (ALL (i::nat) j::nat. i : k & j : k & f i = f j --> i = j) &
  5075     finite k & s = f ` k)"
  5076   by (import hollight FINITE_INDEX_NUMBERS)
  5077 
  5078 lemma DISJOINT_NUMSEG: "({x::nat..xa::nat} Int {xb::nat..xc::nat} = {}) =
  5079 (xa < xb | xc < x | xa < x | xc < xb)"
  5080   by (import hollight DISJOINT_NUMSEG)
  5081 
  5082 lemma NUMSEG_ADD_SPLIT: "(x::nat) <= (xa::nat) + (1::nat)
  5083 ==> {x..xa + (xb::nat)} = {x..xa} Un {xa + (1::nat)..xa + xb}"
  5084   by (import hollight NUMSEG_ADD_SPLIT)
  5085 
  5086 lemma SUBSET_NUMSEG: "({m::nat..n::nat} <= {p::nat..q::nat}) = (n < m | p <= m & n <= q)"
  5087   by (import hollight SUBSET_NUMSEG)
  5088 
  5089 lemma NUMSEG_LE: "{u::nat. EX xa<=x::nat. u = xa} = {0::nat..x}"
  5090   by (import hollight NUMSEG_LE)
  5091 
  5092 lemma NUMSEG_LT: "{u::nat. EX x<n::nat. u = x} =
  5093 (if n = (0::nat) then {} else {0::nat..n - (1::nat)})"
  5094   by (import hollight NUMSEG_LT)
  5095 
  5096 lemma TOPOLOGICAL_SORT: "[| (ALL (x::'A) y::'A.
  5097        (u_556::'A => 'A => bool) x y & u_556 y x --> x = y) &
  5098    (ALL (x::'A) (y::'A) z::'A. u_556 x y & u_556 y z --> u_556 x z);
  5099    HAS_SIZE (s::'A => bool) (n::nat) |]
  5100 ==> EX f::nat => 'A.
  5101        s = f ` {1::nat..n} &
  5102        (ALL (j::nat) k::nat.
  5103            j : {1::nat..n} & k : {1::nat..n} & j < k -->
  5104            ~ u_556 (f k) (f j))"
  5105   by (import hollight TOPOLOGICAL_SORT)
  5106 
  5107 lemma FINITE_INTSEG: "(ALL l r. finite {u. EX x. (int_le l x & int_le x r) & u = x}) &
  5108 (ALL l r. finite {u. EX x. (int_le l x & int_lt x r) & u = x}) &
  5109 (ALL l r. finite {u. EX x. (int_lt l x & int_le x r) & u = x}) &
  5110 (ALL l r. finite {u. EX x. (int_lt l x & int_lt x r) & u = x})"
  5111   by (import hollight FINITE_INTSEG)
  5112 
  5113 definition
  5114   neutral :: "('q_59899 => 'q_59899 => 'q_59899) => 'q_59899"  where
  5115   "neutral ==
  5116 %u::'q_59899 => 'q_59899 => 'q_59899.
  5117    SOME x::'q_59899. ALL y::'q_59899. u x y = y & u y x = y"
  5118 
  5119 lemma DEF_neutral: "neutral =
  5120 (%u::'q_59899 => 'q_59899 => 'q_59899.
  5121     SOME x::'q_59899. ALL y::'q_59899. u x y = y & u y x = y)"
  5122   by (import hollight DEF_neutral)
  5123 
  5124 definition
  5125   monoidal :: "('A => 'A => 'A) => bool"  where
  5126   "monoidal ==
  5127 %u::'A => 'A => 'A.
  5128    (ALL (x::'A) y::'A. u x y = u y x) &
  5129    (ALL (x::'A) (y::'A) z::'A. u x (u y z) = u (u x y) z) &
  5130    (ALL x::'A. u (neutral u) x = x)"
  5131 
  5132 lemma DEF_monoidal: "monoidal =
  5133 (%u::'A => 'A => 'A.
  5134     (ALL (x::'A) y::'A. u x y = u y x) &
  5135     (ALL (x::'A) (y::'A) z::'A. u x (u y z) = u (u x y) z) &
  5136     (ALL x::'A. u (neutral u) x = x))"
  5137   by (import hollight DEF_monoidal)
  5138 
  5139 lemma MONOIDAL_AC: "monoidal (x::'q_60055 => 'q_60055 => 'q_60055)
  5140 ==> (ALL a::'q_60055. x (neutral x) a = a) &
  5141     (ALL a::'q_60055. x a (neutral x) = a) &
  5142     (ALL (a::'q_60055) b::'q_60055. x a b = x b a) &
  5143     (ALL (a::'q_60055) (b::'q_60055) c::'q_60055.
  5144         x (x a b) c = x a (x b c)) &
  5145     (ALL (a::'q_60055) (b::'q_60055) c::'q_60055. x a (x b c) = x b (x a c))"
  5146   by (import hollight MONOIDAL_AC)
  5147 
  5148 definition
  5149   support :: "('B => 'B => 'B) => ('A => 'B) => ('A => bool) => 'A => bool"  where
  5150   "support ==
  5151 %(u::'B => 'B => 'B) (ua::'A => 'B) ub::'A => bool.
  5152    {uc::'A. EX x::'A. (x : ub & ua x ~= neutral u) & uc = x}"
  5153 
  5154 lemma DEF_support: "support =
  5155 (%(u::'B => 'B => 'B) (ua::'A => 'B) ub::'A => bool.
  5156     {uc::'A. EX x::'A. (x : ub & ua x ~= neutral u) & uc = x})"
  5157   by (import hollight DEF_support)
  5158 
  5159 definition
  5160   iterate :: "('q_60113 => 'q_60113 => 'q_60113)
  5161 => ('A => bool) => ('A => 'q_60113) => 'q_60113"  where
  5162   "iterate ==
  5163 %(u::'q_60113 => 'q_60113 => 'q_60113) (ua::'A => bool) ub::'A => 'q_60113.
  5164    if finite (support u ub ua)
  5165    then ITSET (%x::'A. u (ub x)) (support u ub ua) (neutral u)
  5166    else neutral u"
  5167 
  5168 lemma DEF_iterate: "iterate =
  5169 (%(u::'q_60113 => 'q_60113 => 'q_60113) (ua::'A => bool) ub::'A => 'q_60113.
  5170     if finite (support u ub ua)
  5171     then ITSET (%x::'A. u (ub x)) (support u ub ua) (neutral u)
  5172     else neutral u)"
  5173   by (import hollight DEF_iterate)
  5174 
  5175 lemma IN_SUPPORT: "((xb::'q_60163)
  5176  : support (x::'q_60160 => 'q_60160 => 'q_60160) (xa::'q_60163 => 'q_60160)
  5177     (xc::'q_60163 => bool)) =
  5178 (xb : xc & xa xb ~= neutral x)"
  5179   by (import hollight IN_SUPPORT)
  5180 
  5181 lemma SUPPORT_SUPPORT: "support (x::'q_60185 => 'q_60185 => 'q_60185) (xa::'q_60196 => 'q_60185)
  5182  (support x xa (xb::'q_60196 => bool)) =
  5183 support x xa xb"
  5184   by (import hollight SUPPORT_SUPPORT)
  5185 
  5186 lemma SUPPORT_EMPTY: "(ALL xc::'q_60235.
  5187     xc : (xb::'q_60235 => bool) -->
  5188     (xa::'q_60235 => 'q_60221) xc =
  5189     neutral (x::'q_60221 => 'q_60221 => 'q_60221)) =
  5190 (support x xa xb = {})"
  5191   by (import hollight SUPPORT_EMPTY)
  5192 
  5193 lemma SUPPORT_SUBSET: "support (x::'q_60255 => 'q_60255 => 'q_60255) (xa::'q_60256 => 'q_60255)
  5194  (xb::'q_60256 => bool)
  5195 <= xb"
  5196   by (import hollight SUPPORT_SUBSET)
  5197 
  5198 lemma FINITE_SUPPORT: "finite (s::'q_60273 => bool)
  5199 ==> finite
  5200      (support (u::'q_60279 => 'q_60279 => 'q_60279)
  5201        (f::'q_60273 => 'q_60279) s)"
  5202   by (import hollight FINITE_SUPPORT)
  5203 
  5204 lemma SUPPORT_CLAUSES: "(ALL x::'q_60297 => 'q_60530.
  5205     support (u_4371::'q_60530 => 'q_60530 => 'q_60530) x {} = {}) &
  5206 (ALL (x::'q_60345 => 'q_60530) (xa::'q_60345) xb::'q_60345 => bool.
  5207     support u_4371 x (insert xa xb) =
  5208     (if x xa = neutral u_4371 then support u_4371 x xb
  5209      else insert xa (support u_4371 x xb))) &
  5210 (ALL (x::'q_60378 => 'q_60530) (xa::'q_60378) xb::'q_60378 => bool.
  5211     support u_4371 x (xb - {xa}) = support u_4371 x xb - {xa}) &
  5212 (ALL (x::'q_60416 => 'q_60530) (xa::'q_60416 => bool) xb::'q_60416 => bool.
  5213     support u_4371 x (xa Un xb) =
  5214     support u_4371 x xa Un support u_4371 x xb) &
  5215 (ALL (x::'q_60454 => 'q_60530) (xa::'q_60454 => bool) xb::'q_60454 => bool.
  5216     support u_4371 x (xa Int xb) =
  5217     support u_4371 x xa Int support u_4371 x xb) &
  5218 (ALL (x::'q_60492 => 'q_60530) (xa::'q_60492 => bool) xb::'q_60492 => bool.
  5219     support u_4371 x (xa - xb) =
  5220     support u_4371 x xa - support u_4371 x xb) &
  5221 (ALL (x::'q_60529 => 'q_60520) (xa::'q_60520 => 'q_60530)
  5222     xb::'q_60529 => bool.
  5223     support u_4371 xa (x ` xb) = x ` support u_4371 (xa o x) xb)"
  5224   by (import hollight SUPPORT_CLAUSES)
  5225 
  5226 lemma SUPPORT_DELTA: "support (x::'q_60556 => 'q_60556 => 'q_60556)
  5227  (%xa::'q_60584.
  5228      if xa = (xc::'q_60584) then (xb::'q_60584 => 'q_60556) xa
  5229      else neutral x)
  5230  (xa::'q_60584 => bool) =
  5231 (if xc : xa then support x xb {xc} else {})"
  5232   by (import hollight SUPPORT_DELTA)
  5233 
  5234 lemma FINITE_SUPPORT_DELTA: "finite
  5235  (support (x::'q_60605 => 'q_60605 => 'q_60605)
  5236    (%xc::'q_60614.
  5237        if xc = (xb::'q_60614) then (xa::'q_60614 => 'q_60605) xc
  5238        else neutral x)
  5239    (s::'q_60614 => bool))"
  5240   by (import hollight FINITE_SUPPORT_DELTA)
  5241 
  5242 lemma ITERATE_SUPPORT: "iterate (x::'q_60630 => 'q_60630 => 'q_60630)
  5243  (support x (xa::'q_60642 => 'q_60630) (xb::'q_60642 => bool)) xa =
  5244 iterate x xb xa"
  5245   by (import hollight ITERATE_SUPPORT)
  5246 
  5247 lemma ITERATE_EXPAND_CASES: "iterate (x::'q_60661 => 'q_60661 => 'q_60661) (xb::'q_60667 => bool)
  5248  (xa::'q_60667 => 'q_60661) =
  5249 (if finite (support x xa xb) then iterate x (support x xa xb) xa
  5250  else neutral x)"
  5251   by (import hollight ITERATE_EXPAND_CASES)
  5252 
  5253 lemma ITERATE_CLAUSES_GEN: "monoidal (u_4371::'B => 'B => 'B)
  5254 ==> (ALL f::'A => 'B. iterate u_4371 {} f = neutral u_4371) &
  5255     (ALL (f::'A => 'B) (x::'A) s::'A => bool.
  5256         monoidal u_4371 & finite (support u_4371 f s) -->
  5257         iterate u_4371 (insert x s) f =
  5258         (if x : s then iterate u_4371 s f
  5259          else u_4371 (f x) (iterate u_4371 s f)))"
  5260   by (import hollight ITERATE_CLAUSES_GEN)
  5261 
  5262 lemma ITERATE_CLAUSES: "monoidal (x::'q_60857 => 'q_60857 => 'q_60857)
  5263 ==> (ALL f::'q_60815 => 'q_60857. iterate x {} f = neutral x) &
  5264     (ALL (f::'q_60859 => 'q_60857) (xa::'q_60859) s::'q_60859 => bool.
  5265         finite s -->
  5266         iterate x (insert xa s) f =
  5267         (if xa : s then iterate x s f else x (f xa) (iterate x s f)))"
  5268   by (import hollight ITERATE_CLAUSES)
  5269 
  5270 lemma ITERATE_UNION: "[| monoidal (u_4371::'q_60945 => 'q_60945 => 'q_60945);
  5271    finite (s::'q_60930 => bool) &
  5272    finite (x::'q_60930 => bool) & s Int x = {} |]
  5273 ==> iterate u_4371 (s Un x) (f::'q_60930 => 'q_60945) =
  5274     u_4371 (iterate u_4371 s f) (iterate u_4371 x f)"
  5275   by (import hollight ITERATE_UNION)
  5276 
  5277 lemma ITERATE_UNION_GEN: "[| monoidal (x::'B => 'B => 'B);
  5278    finite (support x (xa::'A => 'B) (xb::'A => bool)) &
  5279    finite (support x xa (xc::'A => bool)) &
  5280    support x xa xb Int support x xa xc = {} |]
  5281 ==> iterate x (xb Un xc) xa = x (iterate x xb xa) (iterate x xc xa)"
  5282   by (import hollight ITERATE_UNION_GEN)
  5283 
  5284 lemma ITERATE_DIFF: "[| monoidal (u::'q_61087 => 'q_61087 => 'q_61087);
  5285    finite (s::'q_61083 => bool) & (t::'q_61083 => bool) <= s |]
  5286 ==> u (iterate u (s - t) (f::'q_61083 => 'q_61087)) (iterate u t f) =
  5287     iterate u s f"
  5288   by (import hollight ITERATE_DIFF)
  5289 
  5290 lemma ITERATE_DIFF_GEN: "[| monoidal (x::'B => 'B => 'B);
  5291    finite (support x (xa::'A => 'B) (xb::'A => bool)) &
  5292    support x xa (xc::'A => bool) <= support x xa xb |]
  5293 ==> x (iterate x (xb - xc) xa) (iterate x xc xa) = iterate x xb xa"
  5294   by (import hollight ITERATE_DIFF_GEN)
  5295 
  5296 lemma ITERATE_INCL_EXCL: "[| monoidal (u_4371::'q_61316 => 'q_61316 => 'q_61316);
  5297    finite (s::'q_61298 => bool) & finite (t::'q_61298 => bool) |]
  5298 ==> u_4371 (iterate u_4371 s (f::'q_61298 => 'q_61316))
  5299      (iterate u_4371 t f) =
  5300     u_4371 (iterate u_4371 (s Un t) f) (iterate u_4371 (s Int t) f)"
  5301   by (import hollight ITERATE_INCL_EXCL)
  5302 
  5303 lemma ITERATE_CLOSED: "[| monoidal (u_4371::'B => 'B => 'B);
  5304    (P::'B => bool) (neutral u_4371) &
  5305    (ALL (x::'B) y::'B. P x & P y --> P (u_4371 x y));
  5306    !!x::'A.
  5307       x : (s::'A => bool) & (f::'A => 'B) x ~= neutral u_4371 ==> P (f x) |]
  5308 ==> P (iterate u_4371 s f)"
  5309   by (import hollight ITERATE_CLOSED)
  5310 
  5311 lemma ITERATE_RELATED: "[| monoidal (u_4371::'B => 'B => 'B);
  5312    (R::'B => 'B => bool) (neutral u_4371) (neutral u_4371) &
  5313    (ALL (x1::'B) (y1::'B) (x2::'B) y2::'B.
  5314        R x1 x2 & R y1 y2 --> R (u_4371 x1 y1) (u_4371 x2 y2));
  5315    finite (x::'A => bool) &
  5316    (ALL xa::'A. xa : x --> R ((f::'A => 'B) xa) ((g::'A => 'B) xa)) |]
  5317 ==> R (iterate u_4371 x f) (iterate u_4371 x g)"
  5318   by (import hollight ITERATE_RELATED)
  5319 
  5320 lemma ITERATE_EQ_NEUTRAL: "[| monoidal (u_4371::'B => 'B => 'B);
  5321    !!x::'A. x : (s::'A => bool) ==> (f::'A => 'B) x = neutral u_4371 |]
  5322 ==> iterate u_4371 s f = neutral u_4371"
  5323   by (import hollight ITERATE_EQ_NEUTRAL)
  5324 
  5325 lemma ITERATE_SING: "monoidal (x::'B => 'B => 'B) ==> iterate x {xa::'A} (f::'A => 'B) = f xa"
  5326   by (import hollight ITERATE_SING)
  5327 
  5328 lemma ITERATE_DELETE: "[| monoidal (u::'B => 'B => 'B); finite (s::'A => bool) & (a::'A) : s |]
  5329 ==> u ((f::'A => 'B) a) (iterate u (s - {a}) f) = iterate u s f"
  5330   by (import hollight ITERATE_DELETE)
  5331 
  5332 lemma ITERATE_DELTA: "monoidal (u_4371::'q_61672 => 'q_61672 => 'q_61672)
  5333 ==> iterate u_4371 (xb::'q_61691 => bool)
  5334      (%xb::'q_61691.
  5335          if xb = (xa::'q_61691) then (x::'q_61691 => 'q_61672) xb
  5336          else neutral u_4371) =
  5337     (if xa : xb then x xa else neutral u_4371)"
  5338   by (import hollight ITERATE_DELTA)
  5339 
  5340 lemma ITERATE_IMAGE: "[| monoidal (u_4371::'C => 'C => 'C);
  5341    !!(x::'A) y::'A.
  5342       x : (s::'A => bool) & y : s & (f::'A => 'B) x = f y ==> x = y |]
  5343 ==> iterate u_4371 (f ` s) (g::'B => 'C) = iterate u_4371 s (g o f)"
  5344   by (import hollight ITERATE_IMAGE)
  5345 
  5346 lemma ITERATE_BIJECTION: "[| monoidal (u_4371::'B => 'B => 'B);
  5347    (ALL x::'A. x : (s::'A => bool) --> (p::'A => 'A) x : s) &
  5348    (ALL y::'A. y : s --> (EX! x::'A. x : s & p x = y)) |]
  5349 ==> iterate u_4371 s (f::'A => 'B) = iterate u_4371 s (f o p)"
  5350   by (import hollight ITERATE_BIJECTION)
  5351 
  5352 lemma ITERATE_ITERATE_PRODUCT: "[| monoidal (u_4371::'C => 'C => 'C);
  5353    finite (x::'A => bool) &
  5354    (ALL i::'A. i : x --> finite ((xa::'A => 'B => bool) i)) |]
  5355 ==> iterate u_4371 x
  5356      (%i::'A. iterate u_4371 (xa i) ((xb::'A => 'B => 'C) i)) =
  5357     iterate u_4371
  5358      {u::'A * 'B. EX (i::'A) j::'B. (i : x & j : xa i) & u = (i, j)}
  5359      (SOME f::'A * 'B => 'C. ALL (i::'A) j::'B. f (i, j) = xb i j)"
  5360   by (import hollight ITERATE_ITERATE_PRODUCT)
  5361 
  5362 lemma ITERATE_EQ: "[| monoidal (u_4371::'B => 'B => 'B);
  5363    !!x::'A. x : (s::'A => bool) ==> (f::'A => 'B) x = (g::'A => 'B) x |]
  5364 ==> iterate u_4371 s f = iterate u_4371 s g"
  5365   by (import hollight ITERATE_EQ)
  5366 
  5367 lemma ITERATE_EQ_GENERAL: "[| monoidal (u_4371::'C => 'C => 'C);
  5368    (ALL y::'B.
  5369        y : (t::'B => bool) -->
  5370        (EX! x::'A. x : (s::'A => bool) & (h::'A => 'B) x = y)) &
  5371    (ALL x::'A. x : s --> h x : t & (g::'B => 'C) (h x) = (f::'A => 'C) x) |]
  5372 ==> iterate u_4371 s f = iterate u_4371 t g"
  5373   by (import hollight ITERATE_EQ_GENERAL)
  5374 
  5375 lemma ITERATE_EQ_GENERAL_INVERSES: "[| monoidal (u_4371::'C => 'C => 'C);
  5376    (ALL y::'B.
  5377        y : (t::'B => bool) -->
  5378        (k::'B => 'A) y : (s::'A => bool) & (h::'A => 'B) (k y) = y) &
  5379    (ALL x::'A.
  5380        x : s -->
  5381        h x : t & k (h x) = x & (g::'B => 'C) (h x) = (f::'A => 'C) x) |]
  5382 ==> iterate u_4371 s f = iterate u_4371 t g"
  5383   by (import hollight ITERATE_EQ_GENERAL_INVERSES)
  5384 
  5385 lemma ITERATE_INJECTION: "[| monoidal (u_4371::'B => 'B => 'B);
  5386    finite (s::'A => bool) &
  5387    (ALL x::'A. x : s --> (p::'A => 'A) x : s) &
  5388    (ALL (x::'A) y::'A. x : s & y : s & p x = p y --> x = y) |]
  5389 ==> iterate u_4371 s ((f::'A => 'B) o p) = iterate u_4371 s f"
  5390   by (import hollight ITERATE_INJECTION)
  5391 
  5392 lemma ITERATE_UNION_NONZERO: "[| monoidal (u_4371::'B => 'B => 'B);
  5393    finite (s::'A => bool) &
  5394    finite (t::'A => bool) &
  5395    (ALL x::'A. x : s Int t --> (f::'A => 'B) x = neutral u_4371) |]
  5396 ==> iterate u_4371 (s Un t) f =
  5397     u_4371 (iterate u_4371 s f) (iterate u_4371 t f)"
  5398   by (import hollight ITERATE_UNION_NONZERO)
  5399 
  5400 lemma ITERATE_OP: "[| monoidal (u_4371::'q_62649 => 'q_62649 => 'q_62649);
  5401    finite (s::'q_62648 => bool) |]
  5402 ==> iterate u_4371 s
  5403      (%x::'q_62648.
  5404          u_4371 ((f::'q_62648 => 'q_62649) x)
  5405           ((g::'q_62648 => 'q_62649) x)) =
  5406     u_4371 (iterate u_4371 s f) (iterate u_4371 s g)"
  5407   by (import hollight ITERATE_OP)
  5408 
  5409 lemma ITERATE_SUPERSET: "[| monoidal (u_4371::'B => 'B => 'B);
  5410    (u::'A => bool) <= (v::'A => bool) &
  5411    (ALL x::'A. x : v & x ~: u --> (f::'A => 'B) x = neutral u_4371) |]
  5412 ==> iterate u_4371 v f = iterate u_4371 u f"
  5413   by (import hollight ITERATE_SUPERSET)
  5414 
  5415 lemma ITERATE_IMAGE_NONZERO: "[| monoidal (u_4371::'C => 'C => 'C);
  5416    finite (x::'A => bool) &
  5417    (ALL (xa::'A) y::'A.
  5418        xa : x & y : x & xa ~= y & (f::'A => 'B) xa = f y -->
  5419        (g::'B => 'C) (f xa) = neutral u_4371) |]
  5420 ==> iterate u_4371 (f ` x) g = iterate u_4371 x (g o f)"
  5421   by (import hollight ITERATE_IMAGE_NONZERO)
  5422 
  5423 lemma ITERATE_CASES: "[| monoidal (u_4371::'B => 'B => 'B); finite (s::'A => bool) |]
  5424 ==> iterate u_4371 s
  5425      (%x::'A.
  5426          if (P::'A => bool) x then (f::'A => 'B) x else (g::'A => 'B) x) =
  5427     u_4371 (iterate u_4371 {u::'A. EX x::'A. (x : s & P x) & u = x} f)
  5428      (iterate u_4371 {u::'A. EX x::'A. (x : s & ~ P x) & u = x} g)"
  5429   by (import hollight ITERATE_CASES)
  5430 
  5431 lemma ITERATE_OP_GEN: "[| monoidal (u_4371::'B => 'B => 'B);
  5432    finite (support u_4371 (f::'A => 'B) (s::'A => bool)) &
  5433    finite (support u_4371 (g::'A => 'B) s) |]
  5434 ==> iterate u_4371 s (%x::'A. u_4371 (f x) (g x)) =
  5435     u_4371 (iterate u_4371 s f) (iterate u_4371 s g)"
  5436   by (import hollight ITERATE_OP_GEN)
  5437 
  5438 lemma ITERATE_CLAUSES_NUMSEG: "monoidal (x::'q_63246 => 'q_63246 => 'q_63246)
  5439 ==> (ALL xa::nat.
  5440         iterate x {xa..0::nat} (f::nat => 'q_63246) =
  5441         (if xa = (0::nat) then f (0::nat) else neutral x)) &
  5442     (ALL (xa::nat) xb::nat.
  5443         iterate x {xa..Suc xb} f =
  5444         (if xa <= Suc xb then x (iterate x {xa..xb} f) (f (Suc xb))
  5445          else iterate x {xa..xb} f))"
  5446   by (import hollight ITERATE_CLAUSES_NUMSEG)
  5447 
  5448 lemma ITERATE_PAIR: "monoidal (u_4371::'q_63421 => 'q_63421 => 'q_63421)
  5449 ==> iterate u_4371 {(2::nat) * (m::nat)..(2::nat) * (n::nat) + (1::nat)}
  5450      (f::nat => 'q_63421) =
  5451     iterate u_4371 {m..n}
  5452      (%i::nat. u_4371 (f ((2::nat) * i)) (f ((2::nat) * i + (1::nat))))"
  5453   by (import hollight ITERATE_PAIR)
  5454 
  5455 definition
  5456   nsum :: "('q_63439 => bool) => ('q_63439 => nat) => nat"  where
  5457   "(op ==::(('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5458         => (('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5459            => prop)
  5460  (nsum::('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5461  ((iterate::(nat => nat => nat)
  5462             => ('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5463    (op +::nat => nat => nat))"
  5464 
  5465 lemma DEF_nsum: "(op =::(('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5466        => (('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5467           => bool)
  5468  (nsum::('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5469  ((iterate::(nat => nat => nat)
  5470             => ('q_63439::type => bool) => ('q_63439::type => nat) => nat)
  5471    (op +::nat => nat => nat))"
  5472   by (import hollight DEF_nsum)
  5473 
  5474 lemma NEUTRAL_ADD: "neutral op + = (0::nat)"
  5475   by (import hollight NEUTRAL_ADD)
  5476 
  5477 lemma NEUTRAL_MUL: "neutral op * = (1::nat)"
  5478   by (import hollight NEUTRAL_MUL)
  5479 
  5480 lemma MONOIDAL_ADD: "(monoidal::(nat => nat => nat) => bool) (op +::nat => nat => nat)"
  5481   by (import hollight MONOIDAL_ADD)
  5482 
  5483 lemma MONOIDAL_MUL: "(monoidal::(nat => nat => nat) => bool) (op *::nat => nat => nat)"
  5484   by (import hollight MONOIDAL_MUL)
  5485 
  5486 lemma NSUM_CLAUSES: "(ALL x::'q_63477 => nat. nsum {} x = (0::nat)) &
  5487 (ALL (x::'q_63516) (xa::'q_63516 => nat) xb::'q_63516 => bool.
  5488     finite xb -->
  5489     nsum (insert x xb) xa =
  5490     (if x : xb then nsum xb xa else xa x + nsum xb xa))"
  5491   by (import hollight NSUM_CLAUSES)
  5492 
  5493 lemma NSUM_UNION: "finite (xa::'q_63542 => bool) &
  5494 finite (xb::'q_63542 => bool) & xa Int xb = {}
  5495 ==> nsum (xa Un xb) (x::'q_63542 => nat) = nsum xa x + nsum xb x"
  5496   by (import hollight NSUM_UNION)
  5497 
  5498 lemma NSUM_DIFF: "finite (s::'q_63597 => bool) & (t::'q_63597 => bool) <= s
  5499 ==> nsum (s - t) (f::'q_63597 => nat) = nsum s f - nsum t f"
  5500   by (import hollight NSUM_DIFF)
  5501 
  5502 lemma NSUM_INCL_EXCL: "finite (x::'A => bool) & finite (xa::'A => bool)
  5503 ==> nsum x (xb::'A => nat) + nsum xa xb =
  5504     nsum (x Un xa) xb + nsum (x Int xa) xb"
  5505   by (import hollight NSUM_INCL_EXCL)
  5506 
  5507 lemma NSUM_SUPPORT: "nsum (support op + (x::'q_63686 => nat) (xa::'q_63686 => bool)) x =
  5508 nsum xa x"
  5509   by (import hollight NSUM_SUPPORT)
  5510 
  5511 lemma NSUM_ADD: "finite (xb::'q_63720 => bool)
  5512 ==> nsum xb
  5513      (%xb::'q_63720. (x::'q_63720 => nat) xb + (xa::'q_63720 => nat) xb) =
  5514     nsum xb x + nsum xb xa"
  5515   by (import hollight NSUM_ADD)
  5516 
  5517 lemma NSUM_ADD_GEN: "finite
  5518  {xa::'q_63807.
  5519   EX xc::'q_63807.
  5520      (xc : (xb::'q_63807 => bool) & (x::'q_63807 => nat) xc ~= (0::nat)) &
  5521      xa = xc} &
  5522 finite
  5523  {x::'q_63807.
  5524   EX xc::'q_63807.
  5525      (xc : xb & (xa::'q_63807 => nat) xc ~= (0::nat)) & x = xc}
  5526 ==> nsum xb (%xb::'q_63807. x xb + xa xb) = nsum xb x + nsum xb xa"
  5527   by (import hollight NSUM_ADD_GEN)
  5528 
  5529 lemma NSUM_EQ_0: "(!!xb::'A. xb : (xa::'A => bool) ==> (x::'A => nat) xb = (0::nat))
  5530 ==> nsum xa x = (0::nat)"
  5531   by (import hollight NSUM_EQ_0)
  5532 
  5533 lemma NSUM_0: "nsum (x::'A => bool) (%n::'A. 0::nat) = (0::nat)"
  5534   by (import hollight NSUM_0)
  5535 
  5536 lemma NSUM_LMUL: "nsum (s::'A => bool) (%x::'A. (c::nat) * (f::'A => nat) x) = c * nsum s f"
  5537   by (import hollight NSUM_LMUL)
  5538 
  5539 lemma NSUM_RMUL: "nsum (xb::'A => bool) (%xb::'A. (x::'A => nat) xb * (xa::nat)) =
  5540 nsum xb x * xa"
  5541   by (import hollight NSUM_RMUL)
  5542 
  5543 lemma NSUM_LE: "finite (xb::'q_63997 => bool) &
  5544 (ALL xc::'q_63997.
  5545     xc : xb --> (x::'q_63997 => nat) xc <= (xa::'q_63997 => nat) xc)
  5546 ==> nsum xb x <= nsum xb xa"
  5547   by (import hollight NSUM_LE)
  5548 
  5549 lemma NSUM_LT: "finite (s::'A => bool) &
  5550 (ALL x::'A. x : s --> (f::'A => nat) x <= (g::'A => nat) x) &
  5551 (EX x::'A. x : s & f x < g x)
  5552 ==> nsum s f < nsum s g"
  5553   by (import hollight NSUM_LT)
  5554 
  5555 lemma NSUM_LT_ALL: "finite (s::'q_64119 => bool) &
  5556 s ~= {} &
  5557 (ALL x::'q_64119. x : s --> (f::'q_64119 => nat) x < (g::'q_64119 => nat) x)
  5558 ==> nsum s f < nsum s g"
  5559   by (import hollight NSUM_LT_ALL)
  5560 
  5561 lemma NSUM_EQ: "(!!xc::'q_64157.
  5562     xc : (xb::'q_64157 => bool)
  5563     ==> (x::'q_64157 => nat) xc = (xa::'q_64157 => nat) xc)
  5564 ==> nsum xb x = nsum xb xa"
  5565   by (import hollight NSUM_EQ)
  5566 
  5567 lemma NSUM_CONST: "finite (s::'q_64187 => bool) ==> nsum s (%n::'q_64187. c::nat) = CARD s * c"
  5568   by (import hollight NSUM_CONST)
  5569 
  5570 lemma NSUM_POS_BOUND: "[| finite (x::'A => bool) & nsum x (f::'A => nat) <= (b::nat);
  5571    (xa::'A) : x |]
  5572 ==> f xa <= b"
  5573   by (import hollight NSUM_POS_BOUND)
  5574 
  5575 lemma NSUM_EQ_0_IFF: "finite (s::'q_64296 => bool)
  5576 ==> (nsum s (f::'q_64296 => nat) = (0::nat)) =
  5577     (ALL x::'q_64296. x : s --> f x = (0::nat))"
  5578   by (import hollight NSUM_EQ_0_IFF)
  5579 
  5580 lemma NSUM_DELETE: "finite (xa::'q_64325 => bool) & (xb::'q_64325) : xa
  5581 ==> (x::'q_64325 => nat) xb + nsum (xa - {xb}) x = nsum xa x"
  5582   by (import hollight NSUM_DELETE)
  5583 
  5584 lemma NSUM_SING: "nsum {xa::'q_64354} (x::'q_64354 => nat) = x xa"
  5585   by (import hollight NSUM_SING)
  5586 
  5587 lemma NSUM_DELTA: "nsum (x::'A => bool) (%x::'A. if x = (xa::'A) then b::nat else (0::nat)) =
  5588 (if xa : x then b else (0::nat))"
  5589   by (import hollight NSUM_DELTA)
  5590 
  5591 lemma NSUM_SWAP: "finite (x::'A => bool) & finite (xa::'B => bool)
  5592 ==> nsum x (%i::'A. nsum xa ((f::'A => 'B => nat) i)) =
  5593     nsum xa (%j::'B. nsum x (%i::'A. f i j))"
  5594   by (import hollight NSUM_SWAP)
  5595 
  5596 lemma NSUM_IMAGE: "(!!(xa::'q_64490) y::'q_64490.
  5597     xa : (xb::'q_64490 => bool) &
  5598     y : xb & (x::'q_64490 => 'q_64466) xa = x y
  5599     ==> xa = y)
  5600 ==> nsum (x ` xb) (xa::'q_64466 => nat) = nsum xb (xa o x)"
  5601   by (import hollight NSUM_IMAGE)
  5602 
  5603 lemma NSUM_SUPERSET: "(xa::'A => bool) <= (xb::'A => bool) &
  5604 (ALL xc::'A. xc : xb & xc ~: xa --> (x::'A => nat) xc = (0::nat))
  5605 ==> nsum xb x = nsum xa x"
  5606   by (import hollight NSUM_SUPERSET)
  5607 
  5608 lemma NSUM_UNION_RZERO: "finite (u::'A => bool) &
  5609 (ALL x::'A. x : (v::'A => bool) & x ~: u --> (f::'A => nat) x = (0::nat))
  5610 ==> nsum (u Un v) f = nsum u f"
  5611   by (import hollight NSUM_UNION_RZERO)
  5612 
  5613 lemma NSUM_UNION_LZERO: "finite (v::'A => bool) &
  5614 (ALL x::'A. x : (u::'A => bool) & x ~: v --> (f::'A => nat) x = (0::nat))
  5615 ==> nsum (u Un v) f = nsum v f"
  5616   by (import hollight NSUM_UNION_LZERO)
  5617 
  5618 lemma NSUM_RESTRICT: "finite (s::'q_64681 => bool)
  5619 ==> nsum s
  5620      (%x::'q_64681. if x : s then (f::'q_64681 => nat) x else (0::nat)) =
  5621     nsum s f"
  5622   by (import hollight NSUM_RESTRICT)
  5623 
  5624 lemma NSUM_BOUND: "finite (x::'A => bool) &
  5625 (ALL xc::'A. xc : x --> (xa::'A => nat) xc <= (xb::nat))
  5626 ==> nsum x xa <= CARD x * xb"
  5627   by (import hollight NSUM_BOUND)
  5628 
  5629 lemma NSUM_BOUND_GEN: "finite (x::'A => bool) &
  5630 x ~= {} & (ALL xa::'A. xa : x --> (f::'A => nat) xa <= (b::nat) div CARD x)
  5631 ==> nsum x f <= b"
  5632   by (import hollight NSUM_BOUND_GEN)
  5633 
  5634 lemma NSUM_BOUND_LT: "finite (s::'A => bool) &
  5635 (ALL x::'A. x : s --> (f::'A => nat) x <= (b::nat)) &
  5636 (EX x::'A. x : s & f x < b)
  5637 ==> nsum s f < CARD s * b"
  5638   by (import hollight NSUM_BOUND_LT)
  5639 
  5640 lemma NSUM_BOUND_LT_ALL: "finite (s::'q_64899 => bool) &
  5641 s ~= {} & (ALL x::'q_64899. x : s --> (f::'q_64899 => nat) x < (b::nat))
  5642 ==> nsum s f < CARD s * b"
  5643   by (import hollight NSUM_BOUND_LT_ALL)
  5644 
  5645 lemma NSUM_BOUND_LT_GEN: "finite (s::'A => bool) &
  5646 s ~= {} & (ALL x::'A. x : s --> (f::'A => nat) x < (b::nat) div CARD s)
  5647 ==> nsum s f < b"
  5648   by (import hollight NSUM_BOUND_LT_GEN)
  5649 
  5650 lemma NSUM_UNION_EQ: "finite (u::'q_65000 => bool) &
  5651 (s::'q_65000 => bool) Int (t::'q_65000 => bool) = {} & s Un t = u
  5652 ==> nsum s (f::'q_65000 => nat) + nsum t f = nsum u f"
  5653   by (import hollight NSUM_UNION_EQ)
  5654 
  5655 lemma NSUM_EQ_SUPERSET: "finite (t::'A => bool) &
  5656 t <= (s::'A => bool) &
  5657 (ALL x::'A. x : t --> (f::'A => nat) x = (g::'A => nat) x) &
  5658 (ALL x::'A. x : s & x ~: t --> f x = (0::nat))
  5659 ==> nsum s f = nsum t g"
  5660   by (import hollight NSUM_EQ_SUPERSET)
  5661 
  5662 lemma NSUM_RESTRICT_SET: "nsum
  5663  {u::'A. EX xb::'A. (xb : (xa::'A => bool) & (x::'A => bool) xb) & u = xb}
  5664  (xb::'A => nat) =
  5665 nsum xa (%xa::'A. if x xa then xb xa else (0::nat))"
  5666   by (import hollight NSUM_RESTRICT_SET)
  5667 
  5668 lemma NSUM_NSUM_RESTRICT: "finite (s::'q_65257 => bool) & finite (t::'q_65256 => bool)
  5669 ==> nsum s
  5670      (%x::'q_65257.
  5671          nsum
  5672           {u::'q_65256.
  5673            EX y::'q_65256.
  5674               (y : t & (R::'q_65257 => 'q_65256 => bool) x y) & u = y}
  5675           ((f::'q_65257 => 'q_65256 => nat) x)) =
  5676     nsum t
  5677      (%y::'q_65256.
  5678          nsum {u::'q_65257. EX x::'q_65257. (x : s & R x y) & u = x}
  5679           (%x::'q_65257. f x y))"
  5680   by (import hollight NSUM_NSUM_RESTRICT)
  5681 
  5682 lemma CARD_EQ_NSUM: "finite (x::'q_65276 => bool) ==> CARD x = nsum x (%x::'q_65276. 1::nat)"
  5683   by (import hollight CARD_EQ_NSUM)
  5684 
  5685 lemma NSUM_MULTICOUNT_GEN: "finite (s::'A => bool) &
  5686 finite (t::'B => bool) &
  5687 (ALL j::'B.
  5688     j : t -->
  5689     CARD {u::'A. EX i::'A. (i : s & (R::'A => 'B => bool) i j) & u = i} =
  5690     (k::'B => nat) j)
  5691 ==> nsum s (%i::'A. CARD {u::'B. EX j::'B. (j : t & R i j) & u = j}) =
  5692     nsum t k"
  5693   by (import hollight NSUM_MULTICOUNT_GEN)
  5694 
  5695 lemma NSUM_MULTICOUNT: "finite (s::'A => bool) &
  5696 finite (t::'B => bool) &
  5697 (ALL j::'B.
  5698     j : t -->
  5699     CARD {u::'A. EX i::'A. (i : s & (R::'A => 'B => bool) i j) & u = i} =
  5700     (k::nat))
  5701 ==> nsum s (%i::'A. CARD {u::'B. EX j::'B. (j : t & R i j) & u = j}) =
  5702     k * CARD t"
  5703   by (import hollight NSUM_MULTICOUNT)
  5704 
  5705 lemma NSUM_IMAGE_GEN: "finite (s::'A => bool)
  5706 ==> nsum s (g::'A => nat) =
  5707     nsum ((f::'A => 'B) ` s)
  5708      (%y::'B. nsum {u::'A. EX x::'A. (x : s & f x = y) & u = x} g)"
  5709   by (import hollight NSUM_IMAGE_GEN)
  5710 
  5711 lemma NSUM_GROUP: "finite (s::'A => bool) & (f::'A => 'B) ` s <= (t::'B => bool)
  5712 ==> nsum t
  5713      (%y::'B.
  5714          nsum {u::'A. EX x::'A. (x : s & f x = y) & u = x} (g::'A => nat)) =
  5715     nsum s g"
  5716   by (import hollight NSUM_GROUP)
  5717 
  5718 lemma NSUM_SUBSET: "finite (u::'A => bool) &
  5719 finite (v::'A => bool) &
  5720 (ALL x::'A. x : u - v --> (f::'A => nat) x = (0::nat))
  5721 ==> nsum u f <= nsum v f"
  5722   by (import hollight NSUM_SUBSET)
  5723 
  5724 lemma NSUM_SUBSET_SIMPLE: "finite (v::'q_65804 => bool) & (u::'q_65804 => bool) <= v
  5725 ==> nsum u (f::'q_65804 => nat) <= nsum v f"
  5726   by (import hollight NSUM_SUBSET_SIMPLE)
  5727 
  5728 lemma NSUM_IMAGE_NONZERO: "finite (xb::'A => bool) &
  5729 (ALL (xc::'A) xd::'A.
  5730     xc : xb & xd : xb & xc ~= xd & (xa::'A => 'B) xc = xa xd -->
  5731     (x::'B => nat) (xa xc) = (0::nat))
  5732 ==> nsum (xa ` xb) x = nsum xb (x o xa)"
  5733   by (import hollight NSUM_IMAGE_NONZERO)
  5734 
  5735 lemma NSUM_BIJECTION: "(ALL x::'A. x : (xb::'A => bool) --> (xa::'A => 'A) x : xb) &
  5736 (ALL y::'A. y : xb --> (EX! x::'A. x : xb & xa x = y))
  5737 ==> nsum xb (x::'A => nat) = nsum xb (x o xa)"
  5738   by (import hollight NSUM_BIJECTION)
  5739 
  5740 lemma NSUM_NSUM_PRODUCT: "finite (x::'A => bool) &
  5741 (ALL i::'A. i : x --> finite ((xa::'A => 'B => bool) i))
  5742 ==> nsum x (%x::'A. nsum (xa x) ((xb::'A => 'B => nat) x)) =
  5743     nsum {u::'A * 'B. EX (i::'A) j::'B. (i : x & j : xa i) & u = (i, j)}
  5744      (SOME f::'A * 'B => nat. ALL (i::'A) j::'B. f (i, j) = xb i j)"
  5745   by (import hollight NSUM_NSUM_PRODUCT)
  5746 
  5747 lemma NSUM_EQ_GENERAL: "(ALL y::'B.
  5748     y : (xa::'B => bool) -->
  5749     (EX! xa::'A. xa : (x::'A => bool) & (xd::'A => 'B) xa = y)) &
  5750 (ALL xe::'A.
  5751     xe : x --> xd xe : xa & (xc::'B => nat) (xd xe) = (xb::'A => nat) xe)
  5752 ==> nsum x xb = nsum xa xc"
  5753   by (import hollight NSUM_EQ_GENERAL)
  5754 
  5755 lemma NSUM_EQ_GENERAL_INVERSES: "(ALL y::'B.
  5756     y : (xa::'B => bool) -->
  5757     (xe::'B => 'A) y : (x::'A => bool) & (xd::'A => 'B) (xe y) = y) &
  5758 (ALL xf::'A.
  5759     xf : x -->
  5760     xd xf : xa &
  5761     xe (xd xf) = xf & (xc::'B => nat) (xd xf) = (xb::'A => nat) xf)
  5762 ==> nsum x xb = nsum xa xc"
  5763   by (import hollight NSUM_EQ_GENERAL_INVERSES)
  5764 
  5765 lemma NSUM_INJECTION: "finite (xb::'q_66274 => bool) &
  5766 (ALL x::'q_66274. x : xb --> (xa::'q_66274 => 'q_66274) x : xb) &
  5767 (ALL (x::'q_66274) y::'q_66274. x : xb & y : xb & xa x = xa y --> x = y)
  5768 ==> nsum xb ((x::'q_66274 => nat) o xa) = nsum xb x"
  5769   by (import hollight NSUM_INJECTION)
  5770 
  5771 lemma NSUM_UNION_NONZERO: "finite (xa::'q_66317 => bool) &
  5772 finite (xb::'q_66317 => bool) &
  5773 (ALL xc::'q_66317. xc : xa Int xb --> (x::'q_66317 => nat) xc = (0::nat))
  5774 ==> nsum (xa Un xb) x = nsum xa x + nsum xb x"
  5775   by (import hollight NSUM_UNION_NONZERO)
  5776 
  5777 lemma NSUM_UNIONS_NONZERO: "finite (x::('A => bool) => bool) &
  5778 (ALL t::'A => bool. t : x --> finite t) &
  5779 (ALL (t1::'A => bool) (t2::'A => bool) xa::'A.
  5780     t1 : x & t2 : x & t1 ~= t2 & xa : t1 & xa : t2 -->
  5781     (f::'A => nat) xa = (0::nat))
  5782 ==> nsum (Union x) f = nsum x (%t::'A => bool. nsum t f)"
  5783   by (import hollight NSUM_UNIONS_NONZERO)
  5784 
  5785 lemma NSUM_CASES: "finite (x::'A => bool)
  5786 ==> nsum x
  5787      (%x::'A.
  5788          if (xa::'A => bool) x then (xb::'A => nat) x
  5789          else (xc::'A => nat) x) =
  5790     nsum {u::'A. EX xb::'A. (xb : x & xa xb) & u = xb} xb +
  5791     nsum {u::'A. EX xb::'A. (xb : x & ~ xa xb) & u = xb} xc"
  5792   by (import hollight NSUM_CASES)
  5793 
  5794 lemma NSUM_CLOSED: "(P::nat => bool) (0::nat) &
  5795 (ALL (x::nat) y::nat. P x & P y --> P (x + y)) &
  5796 (ALL a::'A. a : (s::'A => bool) --> P ((f::'A => nat) a))
  5797 ==> P (nsum s f)"
  5798   by (import hollight NSUM_CLOSED)
  5799 
  5800 lemma NSUM_ADD_NUMSEG: "nsum {xb::nat..xc::nat} (%i::nat. (x::nat => nat) i + (xa::nat => nat) i) =
  5801 nsum {xb..xc} x + nsum {xb..xc} xa"
  5802   by (import hollight NSUM_ADD_NUMSEG)
  5803 
  5804 lemma NSUM_LE_NUMSEG: "(!!i::nat.
  5805     (xb::nat) <= i & i <= (xc::nat)
  5806     ==> (x::nat => nat) i <= (xa::nat => nat) i)
  5807 ==> nsum {xb..xc} x <= nsum {xb..xc} xa"
  5808   by (import hollight NSUM_LE_NUMSEG)
  5809 
  5810 lemma NSUM_EQ_NUMSEG: "(!!i::nat.
  5811     (m::nat) <= i & i <= (n::nat) ==> (f::nat => nat) i = (g::nat => nat) i)
  5812 ==> nsum {m..n} f = nsum {m..n} g"
  5813   by (import hollight NSUM_EQ_NUMSEG)
  5814 
  5815 lemma NSUM_CONST_NUMSEG: "nsum {xa..xb} (%n. x) = (xb + 1 - xa) * x"
  5816   by (import hollight NSUM_CONST_NUMSEG)
  5817 
  5818 lemma NSUM_EQ_0_NUMSEG: "(!!i::nat. (m::nat) <= i & i <= (n::nat) ==> (x::nat => nat) i = (0::nat))
  5819 ==> nsum {m..n} x = (0::nat)"
  5820   by (import hollight NSUM_EQ_0_NUMSEG)
  5821 
  5822 lemma NSUM_EQ_0_IFF_NUMSEG: "(nsum {xa::nat..xb::nat} (x::nat => nat) = (0::nat)) =
  5823 (ALL i::nat. xa <= i & i <= xb --> x i = (0::nat))"
  5824   by (import hollight NSUM_EQ_0_IFF_NUMSEG)
  5825 
  5826 lemma NSUM_TRIV_NUMSEG: "(n::nat) < (m::nat) ==> nsum {m..n} (f::nat => nat) = (0::nat)"
  5827   by (import hollight NSUM_TRIV_NUMSEG)
  5828 
  5829 lemma NSUM_SING_NUMSEG: "nsum {xa::nat..xa} (x::nat => nat) = x xa"
  5830   by (import hollight NSUM_SING_NUMSEG)
  5831 
  5832 lemma NSUM_CLAUSES_NUMSEG: "(ALL m. nsum {m..0} f = (if m = 0 then f 0 else 0)) &
  5833 (ALL m n.
  5834     nsum {m..Suc n} f =
  5835     (if m <= Suc n then nsum {m..n} f + f (Suc n) else nsum {m..n} f))"
  5836   by (import hollight NSUM_CLAUSES_NUMSEG)
  5837 
  5838 lemma NSUM_SWAP_NUMSEG: "nsum {a::nat..b::nat}
  5839  (%i::nat. nsum {c::nat..d::nat} ((f::nat => nat => nat) i)) =
  5840 nsum {c..d} (%j::nat. nsum {a..b} (%i::nat. f i j))"
  5841   by (import hollight NSUM_SWAP_NUMSEG)
  5842 
  5843 lemma NSUM_ADD_SPLIT: "(xa::nat) <= (xb::nat) + (1::nat)
  5844 ==> nsum {xa..xb + (xc::nat)} (x::nat => nat) =
  5845     nsum {xa..xb} x + nsum {xb + (1::nat)..xb + xc} x"
  5846   by (import hollight NSUM_ADD_SPLIT)
  5847 
  5848 lemma NSUM_OFFSET: "nsum {(xb::nat) + (x::nat)..(xc::nat) + x} (xa::nat => nat) =
  5849 nsum {xb..xc} (%i::nat. xa (i + x))"
  5850   by (import hollight NSUM_OFFSET)
  5851 
  5852 lemma NSUM_OFFSET_0: "(xa::nat) <= (xb::nat)
  5853 ==> nsum {xa..xb} (x::nat => nat) =
  5854     nsum {0::nat..xb - xa} (%i::nat. x (i + xa))"
  5855   by (import hollight NSUM_OFFSET_0)
  5856 
  5857 lemma NSUM_CLAUSES_LEFT: "(xa::nat) <= (xb::nat)
  5858 ==> nsum {xa..xb} (x::nat => nat) = x xa + nsum {xa + (1::nat)..xb} x"
  5859   by (import hollight NSUM_CLAUSES_LEFT)
  5860 
  5861 lemma NSUM_CLAUSES_RIGHT: "(0::nat) < (n::nat) & (m::nat) <= n
  5862 ==> nsum {m..n} (f::nat => nat) = nsum {m..n - (1::nat)} f + f n"
  5863   by (import hollight NSUM_CLAUSES_RIGHT)
  5864 
  5865 lemma NSUM_PAIR: "nsum {(2::nat) * (m::nat)..(2::nat) * (n::nat) + (1::nat)} (f::nat => nat) =
  5866 nsum {m..n} (%i::nat. f ((2::nat) * i) + f ((2::nat) * i + (1::nat)))"
  5867   by (import hollight NSUM_PAIR)
  5868 
  5869 lemma CARD_UNIONS: "finite (x::('A => bool) => bool) &
  5870 (ALL t::'A => bool. t : x --> finite t) &
  5871 (ALL (t::'A => bool) u::'A => bool. t : x & u : x & t ~= u --> t Int u = {})
  5872 ==> CARD (Union x) = nsum x CARD"
  5873   by (import hollight CARD_UNIONS)
  5874 
  5875 consts
  5876   sum :: "('q_67488 => bool) => ('q_67488 => hollight.real) => hollight.real" 
  5877 
  5878 defs
  5879   sum_def: "(op ==::(('q_67488::type => bool)
  5880          => ('q_67488::type => hollight.real) => hollight.real)
  5881         => (('q_67488::type => bool)
  5882             => ('q_67488::type => hollight.real) => hollight.real)
  5883            => prop)
  5884  (hollight.sum::('q_67488::type => bool)
  5885                 => ('q_67488::type => hollight.real) => hollight.real)
  5886  ((iterate::(hollight.real => hollight.real => hollight.real)
  5887             => ('q_67488::type => bool)
  5888                => ('q_67488::type => hollight.real) => hollight.real)
  5889    (real_add::hollight.real => hollight.real => hollight.real))"
  5890 
  5891 lemma DEF_sum: "(op =::(('q_67488::type => bool)
  5892         => ('q_67488::type => hollight.real) => hollight.real)
  5893        => (('q_67488::type => bool)
  5894            => ('q_67488::type => hollight.real) => hollight.real)
  5895           => bool)
  5896  (hollight.sum::('q_67488::type => bool)
  5897                 => ('q_67488::type => hollight.real) => hollight.real)
  5898  ((iterate::(hollight.real => hollight.real => hollight.real)
  5899             => ('q_67488::type => bool)
  5900                => ('q_67488::type => hollight.real) => hollight.real)
  5901    (real_add::hollight.real => hollight.real => hollight.real))"
  5902   by (import hollight DEF_sum)
  5903 
  5904 lemma NEUTRAL_REAL_ADD: "neutral real_add = real_of_num 0"
  5905   by (import hollight NEUTRAL_REAL_ADD)
  5906 
  5907 lemma NEUTRAL_REAL_MUL: "neutral real_mul = real_of_num 1"
  5908   by (import hollight NEUTRAL_REAL_MUL)
  5909 
  5910 lemma MONOIDAL_REAL_ADD: "monoidal real_add"
  5911   by (import hollight MONOIDAL_REAL_ADD)
  5912 
  5913 lemma MONOIDAL_REAL_MUL: "monoidal real_mul"
  5914   by (import hollight MONOIDAL_REAL_MUL)
  5915 
  5916 lemma SUM_CLAUSES: "(ALL x::'q_67530 => hollight.real.
  5917     hollight.sum {} x = real_of_num (0::nat)) &
  5918 (ALL (x::'q_67571) (xa::'q_67571 => hollight.real) xb::'q_67571 => bool.
  5919     finite xb -->
  5920     hollight.sum (insert x xb) xa =
  5921     (if x : xb then hollight.sum xb xa
  5922      else real_add (xa x) (hollight.sum xb xa)))"
  5923   by (import hollight SUM_CLAUSES)
  5924 
  5925 lemma SUM_UNION: "finite (xa::'q_67597 => bool) &
  5926 finite (xb::'q_67597 => bool) & xa Int xb = {}
  5927 ==> hollight.sum (xa Un xb) (x::'q_67597 => hollight.real) =
  5928     real_add (hollight.sum xa x) (hollight.sum xb x)"
  5929   by (import hollight SUM_UNION)
  5930 
  5931 lemma SUM_DIFF: "finite (xa::'q_67637 => bool) & (xb::'q_67637 => bool) <= xa
  5932 ==> hollight.sum (xa - xb) (x::'q_67637 => hollight.real) =
  5933     real_sub (hollight.sum xa x) (hollight.sum xb x)"
  5934   by (import hollight SUM_DIFF)
  5935 
  5936 lemma SUM_INCL_EXCL: "finite (x::'A => bool) & finite (xa::'A => bool)
  5937 ==> real_add (hollight.sum x (xb::'A => hollight.real))
  5938      (hollight.sum xa xb) =
  5939     real_add (hollight.sum (x Un xa) xb) (hollight.sum (x Int xa) xb)"
  5940   by (import hollight SUM_INCL_EXCL)
  5941 
  5942 lemma SUM_SUPPORT: "hollight.sum
  5943  (support real_add (x::'q_67726 => hollight.real) (xa::'q_67726 => bool))
  5944  x =
  5945 hollight.sum xa x"
  5946   by (import hollight SUM_SUPPORT)
  5947 
  5948 lemma SUM_ADD: "finite (xb::'q_67760 => bool)
  5949 ==> hollight.sum xb
  5950      (%xb::'q_67760.
  5951          real_add ((x::'q_67760 => hollight.real) xb)
  5952           ((xa::'q_67760 => hollight.real) xb)) =
  5953     real_add (hollight.sum xb x) (hollight.sum xb xa)"
  5954   by (import hollight SUM_ADD)
  5955 
  5956 lemma SUM_ADD_GEN: "finite
  5957  {xa::'q_67851.
  5958   EX xc::'q_67851.
  5959      (xc : (xb::'q_67851 => bool) &
  5960       (x::'q_67851 => hollight.real) xc ~= real_of_num (0::nat)) &
  5961      xa = xc} &
  5962 finite
  5963  {x::'q_67851.
  5964   EX xc::'q_67851.
  5965      (xc : xb &
  5966       (xa::'q_67851 => hollight.real) xc ~= real_of_num (0::nat)) &
  5967      x = xc}
  5968 ==> hollight.sum xb (%xb::'q_67851. real_add (x xb) (xa xb)) =
  5969     real_add (hollight.sum xb x) (hollight.sum xb xa)"
  5970   by (import hollight SUM_ADD_GEN)
  5971 
  5972 lemma SUM_EQ_0: "(!!xb::'A.
  5973     xb : (xa::'A => bool)
  5974     ==> (x::'A => hollight.real) xb = real_of_num (0::nat))
  5975 ==> hollight.sum xa x = real_of_num (0::nat)"
  5976   by (import hollight SUM_EQ_0)
  5977 
  5978 lemma SUM_0: "hollight.sum (x::'A => bool) (%n::'A. real_of_num (0::nat)) =
  5979 real_of_num (0::nat)"
  5980   by (import hollight SUM_0)
  5981 
  5982 lemma SUM_LMUL: "hollight.sum (s::'A => bool)
  5983  (%x::'A. real_mul (c::hollight.real) ((f::'A => hollight.real) x)) =
  5984 real_mul c (hollight.sum s f)"
  5985   by (import hollight SUM_LMUL)
  5986 
  5987 lemma SUM_RMUL: "hollight.sum (xb::'A => bool)
  5988  (%xb::'A. real_mul ((x::'A => hollight.real) xb) (xa::hollight.real)) =
  5989 real_mul (hollight.sum xb x) xa"
  5990   by (import hollight SUM_RMUL)
  5991 
  5992 lemma SUM_NEG: "hollight.sum (xa::'q_68051 => bool)
  5993  (%xa::'q_68051. real_neg ((x::'q_68051 => hollight.real) xa)) =
  5994 real_neg (hollight.sum xa x)"
  5995   by (import hollight SUM_NEG)
  5996 
  5997 lemma SUM_SUB: "finite (xb::'q_68086 => bool)
  5998 ==> hollight.sum xb
  5999      (%xb::'q_68086.
  6000          real_sub ((x::'q_68086 => hollight.real) xb)
  6001           ((xa::'q_68086 => hollight.real) xb)) =
  6002     real_sub (hollight.sum xb x) (hollight.sum xb xa)"
  6003   by (import hollight SUM_SUB)
  6004 
  6005 lemma SUM_LE: "finite (xb::'q_68128 => bool) &
  6006 (ALL xc::'q_68128.
  6007     xc : xb -->
  6008     real_le ((x::'q_68128 => hollight.real) xc)
  6009      ((xa::'q_68128 => hollight.real) xc))
  6010 ==> real_le (hollight.sum xb x) (hollight.sum xb xa)"
  6011   by (import hollight SUM_LE)
  6012 
  6013 lemma SUM_LT: "finite (s::'A => bool) &
  6014 (ALL x::'A.
  6015     x : s -->
  6016     real_le ((f::'A => hollight.real) x) ((g::'A => hollight.real) x)) &
  6017 (EX x::'A. x : s & real_lt (f x) (g x))
  6018 ==> real_lt (hollight.sum s f) (hollight.sum s g)"
  6019   by (import hollight SUM_LT)
  6020 
  6021 lemma SUM_LT_ALL: "finite (s::'q_68250 => bool) &
  6022 s ~= {} &
  6023 (ALL x::'q_68250.
  6024     x : s -->
  6025     real_lt ((f::'q_68250 => hollight.real) x)
  6026      ((g::'q_68250 => hollight.real) x))
  6027 ==> real_lt (hollight.sum s f) (hollight.sum s g)"
  6028   by (import hollight SUM_LT_ALL)
  6029 
  6030 lemma SUM_EQ: "(!!xc::'q_68288.
  6031     xc : (xb::'q_68288 => bool)
  6032     ==> (x::'q_68288 => hollight.real) xc =
  6033         (xa::'q_68288 => hollight.real) xc)
  6034 ==> hollight.sum xb x = hollight.sum xb xa"
  6035   by (import hollight SUM_EQ)
  6036 
  6037 lemma SUM_ABS: "finite (s::'q_68347 => bool)
  6038 ==> real_le (real_abs (hollight.sum s (f::'q_68347 => hollight.real)))
  6039      (hollight.sum s (%x::'q_68347. real_abs (f x)))"
  6040   by (import hollight SUM_ABS)
  6041 
  6042 lemma SUM_ABS_LE: "finite (s::'A => bool) &
  6043 (ALL x::'A.
  6044     x : s -->
  6045     real_le (real_abs ((f::'A => hollight.real) x))
  6046      ((g::'A => hollight.real) x))
  6047 ==> real_le (real_abs (hollight.sum s f)) (hollight.sum s g)"
  6048   by (import hollight SUM_ABS_LE)
  6049 
  6050 lemma SUM_CONST: "finite (s::'q_68423 => bool)
  6051 ==> hollight.sum s (%n::'q_68423. c::hollight.real) =
  6052     real_mul (real_of_num (CARD s)) c"
  6053   by (import hollight SUM_CONST)
  6054 
  6055 lemma SUM_POS_LE: "finite (xa::'q_68465 => bool) &
  6056 (ALL xb::'q_68465.
  6057     xb : xa -->
  6058     real_le (real_of_num (0::nat)) ((x::'q_68465 => hollight.real) xb))
  6059 ==> real_le (real_of_num (0::nat)) (hollight.sum xa x)"
  6060   by (import hollight SUM_POS_LE)
  6061 
  6062 lemma SUM_POS_BOUND: "[| finite (x::'A => bool) &
  6063    (ALL xa::'A.
  6064        xa : x -->
  6065        real_le (real_of_num (0::nat)) ((f::'A => hollight.real) xa)) &
  6066    real_le (hollight.sum x f) (b::hollight.real);
  6067    (xa::'A) : x |]
  6068 ==> real_le (f xa) b"
  6069   by (import hollight SUM_POS_BOUND)
  6070 
  6071 lemma SUM_POS_EQ_0: "[| finite (xa::'q_68612 => bool) &
  6072    (ALL xb::'q_68612.
  6073        xb : xa -->
  6074        real_le (real_of_num (0::nat)) ((x::'q_68612 => hollight.real) xb)) &
  6075    hollight.sum xa x = real_of_num (0::nat);
  6076    (xb::'q_68612) : xa |]
  6077 ==> x xb = real_of_num (0::nat)"
  6078   by (import hollight SUM_POS_EQ_0)
  6079 
  6080 lemma SUM_ZERO_EXISTS: "finite (s::'A => bool) &
  6081 hollight.sum s (u::'A => hollight.real) = real_of_num (0::nat)
  6082 ==> (ALL i::'A. i : s --> u i = real_of_num (0::nat)) |
  6083     (EX (j::'A) k::'A.
  6084         j : s &
  6085         real_lt (u j) (real_of_num (0::nat)) &
  6086         k : s & real_gt (u k) (real_of_num (0::nat)))"
  6087   by (import hollight SUM_ZERO_EXISTS)
  6088 
  6089 lemma SUM_DELETE: "finite (xa::'q_68854 => bool) & (xb::'q_68854) : xa
  6090 ==> hollight.sum (xa - {xb}) (x::'q_68854 => hollight.real) =
  6091     real_sub (hollight.sum xa x) (x xb)"
  6092   by (import hollight SUM_DELETE)
  6093 
  6094 lemma SUM_DELETE_CASES: "finite (s::'q_68907 => bool)
  6095 ==> hollight.sum (s - {a::'q_68907}) (f::'q_68907 => hollight.real) =
  6096     (if a : s then real_sub (hollight.sum s f) (f a) else hollight.sum s f)"
  6097   by (import hollight SUM_DELETE_CASES)
  6098 
  6099 lemma SUM_SING: "hollight.sum {xa::'q_68930} (x::'q_68930 => hollight.real) = x xa"
  6100   by (import hollight SUM_SING)
  6101 
  6102 lemma SUM_DELTA: "hollight.sum (x::'A => bool)
  6103  (%x::'A. if x = (xa::'A) then b::hollight.real else real_of_num (0::nat)) =
  6104 (if xa : x then b else real_of_num (0::nat))"
  6105   by (import hollight SUM_DELTA)
  6106 
  6107 lemma SUM_SWAP: "finite (x::'A => bool) & finite (xa::'B => bool)
  6108 ==> hollight.sum x
  6109      (%i::'A. hollight.sum xa ((f::'A => 'B => hollight.real) i)) =
  6110     hollight.sum xa (%j::'B. hollight.sum x (%i::'A. f i j))"
  6111   by (import hollight SUM_SWAP)
  6112 
  6113 lemma SUM_IMAGE: "(!!(xa::'q_69070) y::'q_69070.
  6114     xa : (xb::'q_69070 => bool) &
  6115     y : xb & (x::'q_69070 => 'q_69046) xa = x y
  6116     ==> xa = y)
  6117 ==> hollight.sum (x ` xb) (xa::'q_69046 => hollight.real) =
  6118     hollight.sum xb (xa o x)"
  6119   by (import hollight SUM_IMAGE)
  6120 
  6121 lemma SUM_SUPERSET: "(xa::'A => bool) <= (xb::'A => bool) &
  6122 (ALL xc::'A.
  6123     xc : xb & xc ~: xa -->
  6124     (x::'A => hollight.real) xc = real_of_num (0::nat))
  6125 ==> hollight.sum xb x = hollight.sum xa x"
  6126   by (import hollight SUM_SUPERSET)
  6127 
  6128 lemma SUM_UNION_RZERO: "finite (u::'A => bool) &
  6129 (ALL x::'A.
  6130     x : (v::'A => bool) & x ~: u -->
  6131     (f::'A => hollight.real) x = real_of_num (0::nat))
  6132 ==> hollight.sum (u Un v) f = hollight.sum u f"
  6133   by (import hollight SUM_UNION_RZERO)
  6134 
  6135 lemma SUM_UNION_LZERO: "finite (v::'A => bool) &
  6136 (ALL x::'A.
  6137     x : (u::'A => bool) & x ~: v -->
  6138     (f::'A => hollight.real) x = real_of_num (0::nat))
  6139 ==> hollight.sum (u Un v) f = hollight.sum v f"
  6140   by (import hollight SUM_UNION_LZERO)
  6141 
  6142 lemma SUM_RESTRICT: "finite (s::'q_69267 => bool)
  6143 ==> hollight.sum s
  6144      (%x::'q_69267.
  6145          if x : s then (f::'q_69267 => hollight.real) x
  6146          else real_of_num (0::nat)) =
  6147     hollight.sum s f"
  6148   by (import hollight SUM_RESTRICT)
  6149 
  6150 lemma SUM_BOUND: "finite (x::'A => bool) &
  6151 (ALL xc::'A.
  6152     xc : x --> real_le ((xa::'A => hollight.real) xc) (xb::hollight.real))
  6153 ==> real_le (hollight.sum x xa) (real_mul (real_of_num (CARD x)) xb)"
  6154   by (import hollight SUM_BOUND)
  6155 
  6156 lemma SUM_BOUND_GEN: "finite (s::'A => bool) &
  6157 s ~= {} &
  6158 (ALL x::'A.
  6159     x : s -->
  6160     real_le ((f::'A => hollight.real) x)
  6161      (real_div (b::hollight.real) (real_of_num (CARD s))))
  6162 ==> real_le (hollight.sum s f) b"
  6163   by (import hollight SUM_BOUND_GEN)
  6164 
  6165 lemma SUM_ABS_BOUND: "finite (s::'A => bool) &
  6166 (ALL x::'A.
  6167     x : s -->
  6168     real_le (real_abs ((f::'A => hollight.real) x)) (b::hollight.real))
  6169 ==> real_le (real_abs (hollight.sum s f))
  6170      (real_mul (real_of_num (CARD s)) b)"
  6171   by (import hollight SUM_ABS_BOUND)
  6172 
  6173 lemma SUM_BOUND_LT: "finite (s::'A => bool) &
  6174 (ALL x::'A.
  6175     x : s --> real_le ((f::'A => hollight.real) x) (b::hollight.real)) &
  6176 (EX x::'A. x : s & real_lt (f x) b)
  6177 ==> real_lt (hollight.sum s f) (real_mul (real_of_num (CARD s)) b)"
  6178   by (import hollight SUM_BOUND_LT)
  6179 
  6180 lemma SUM_BOUND_LT_ALL: "finite (s::'q_69531 => bool) &
  6181 s ~= {} &
  6182 (ALL x::'q_69531.
  6183     x : s --> real_lt ((f::'q_69531 => hollight.real) x) (b::hollight.real))
  6184 ==> real_lt (hollight.sum s f) (real_mul (real_of_num (CARD s)) b)"
  6185   by (import hollight SUM_BOUND_LT_ALL)
  6186 
  6187 lemma SUM_BOUND_LT_GEN: "finite (s::'A => bool) &
  6188 s ~= {} &
  6189 (ALL x::'A.
  6190     x : s -->
  6191     real_lt ((f::'A => hollight.real) x)
  6192      (real_div (b::hollight.real) (real_of_num (CARD s))))
  6193 ==> real_lt (hollight.sum s f) b"
  6194   by (import hollight SUM_BOUND_LT_GEN)
  6195 
  6196 lemma SUM_UNION_EQ: "finite (u::'q_69614 => bool) &
  6197 (s::'q_69614 => bool) Int (t::'q_69614 => bool) = {} & s Un t = u
  6198 ==> real_add (hollight.sum s (f::'q_69614 => hollight.real))
  6199      (hollight.sum t f) =
  6200     hollight.sum u f"
  6201   by (import hollight SUM_UNION_EQ)
  6202 
  6203 lemma SUM_EQ_SUPERSET: "finite (t::'A => bool) &
  6204 t <= (s::'A => bool) &
  6205 (ALL x::'A.
  6206     x : t --> (f::'A => hollight.real) x = (g::'A => hollight.real) x) &
  6207 (ALL x::'A. x : s & x ~: t --> f x = real_of_num (0::nat))
  6208 ==> hollight.sum s f = hollight.sum t g"
  6209   by (import hollight SUM_EQ_SUPERSET)
  6210 
  6211 lemma SUM_RESTRICT_SET: "hollight.sum
  6212  {u::'q_69783.
  6213   EX xb::'q_69783.
  6214      (xb : (xa::'q_69783 => bool) & (x::'q_69783 => bool) xb) & u = xb}
  6215  (xb::'q_69783 => hollight.real) =
  6216 hollight.sum xa
  6217  (%xa::'q_69783. if x xa then xb xa else real_of_num (0::nat))"
  6218   by (import hollight SUM_RESTRICT_SET)
  6219 
  6220 lemma SUM_SUM_RESTRICT: "finite (s::'q_69875 => bool) & finite (t::'q_69874 => bool)
  6221 ==> hollight.sum s
  6222      (%x::'q_69875.
  6223          hollight.sum
  6224           {u::'q_69874.
  6225            EX y::'q_69874.
  6226               (y : t & (R::'q_69875 => 'q_69874 => bool) x y) & u = y}
  6227           ((f::'q_69875 => 'q_69874 => hollight.real) x)) =
  6228     hollight.sum t
  6229      (%y::'q_69874.
  6230          hollight.sum {u::'q_69875. EX x::'q_69875. (x : s & R x y) & u = x}
  6231           (%x::'q_69875. f x y))"
  6232   by (import hollight SUM_SUM_RESTRICT)
  6233 
  6234 lemma CARD_EQ_SUM: "finite (x::'q_69896 => bool)
  6235 ==> real_of_num (CARD x) =
  6236     hollight.sum x (%x::'q_69896. real_of_num (1::nat))"
  6237   by (import hollight CARD_EQ_SUM)
  6238 
  6239 lemma SUM_MULTICOUNT_GEN: "finite (s::'A => bool) &
  6240 finite (t::'B => bool) &
  6241 (ALL j::'B.
  6242     j : t -->
  6243     CARD {u::'A. EX i::'A. (i : s & (R::'A => 'B => bool) i j) & u = i} =
  6244     (k::'B => nat) j)
  6245 ==> hollight.sum s
  6246      (%i::'A.
  6247          real_of_num (CARD {u::'B. EX j::'B. (j : t & R i j) & u = j})) =
  6248     hollight.sum t (%i::'B. real_of_num (k i))"
  6249   by (import hollight SUM_MULTICOUNT_GEN)
  6250 
  6251 lemma SUM_MULTICOUNT: "finite (s::'A => bool) &
  6252 finite (t::'B => bool) &
  6253 (ALL j::'B.
  6254     j : t -->
  6255     CARD {u::'A. EX i::'A. (i : s & (R::'A => 'B => bool) i j) & u = i} =
  6256     (k::nat))
  6257 ==> hollight.sum s
  6258      (%i::'A.
  6259          real_of_num (CARD {u::'B. EX j::'B. (j : t & R i j) & u = j})) =
  6260     real_of_num (k * CARD t)"
  6261   by (import hollight SUM_MULTICOUNT)
  6262 
  6263 lemma SUM_IMAGE_GEN: "finite (s::'A => bool)
  6264 ==> hollight.sum s (g::'A => hollight.real) =
  6265     hollight.sum ((f::'A => 'B) ` s)
  6266      (%y::'B. hollight.sum {u::'A. EX x::'A. (x : s & f x = y) & u = x} g)"
  6267   by (import hollight SUM_IMAGE_GEN)
  6268 
  6269 lemma SUM_GROUP: "finite (s::'A => bool) & (f::'A => 'B) ` s <= (t::'B => bool)
  6270 ==> hollight.sum t
  6271      (%y::'B.
  6272          hollight.sum {u::'A. EX x::'A. (x : s & f x = y) & u = x}
  6273           (g::'A => hollight.real)) =
  6274     hollight.sum s g"
  6275   by (import hollight SUM_GROUP)
  6276 
  6277 lemma REAL_OF_NUM_SUM: "finite (s::'q_70361 => bool)
  6278 ==> real_of_num (nsum s (f::'q_70361 => nat)) =
  6279     hollight.sum s (%x::'q_70361. real_of_num (f x))"
  6280   by (import hollight REAL_OF_NUM_SUM)
  6281 
  6282 lemma SUM_SUBSET: "finite (u::'A => bool) &
  6283 finite (v::'A => bool) &
  6284 (ALL x::'A.
  6285     x : u - v -->
  6286     real_le ((f::'A => hollight.real) x) (real_of_num (0::nat))) &