src/HOL/Lattices.thy
author huffman
Sun Apr 01 16:09:58 2012 +0200 (2012-04-01)
changeset 47255 30a1692557b0
parent 46884 154dc6ec0041
child 49769 c7c2152322f2
permissions -rw-r--r--
removed Nat_Numeral.thy, moving all theorems elsewhere
     1 (*  Title:      HOL/Lattices.thy
     2     Author:     Tobias Nipkow
     3 *)
     4 
     5 header {* Abstract lattices *}
     6 
     7 theory Lattices
     8 imports Orderings Groups
     9 begin
    10 
    11 subsection {* Abstract semilattice *}
    12 
    13 text {*
    14   This locales provide a basic structure for interpretation into
    15   bigger structures;  extensions require careful thinking, otherwise
    16   undesired effects may occur due to interpretation.
    17 *}
    18 
    19 locale semilattice = abel_semigroup +
    20   assumes idem [simp]: "f a a = a"
    21 begin
    22 
    23 lemma left_idem [simp]:
    24   "f a (f a b) = f a b"
    25   by (simp add: assoc [symmetric])
    26 
    27 end
    28 
    29 
    30 subsection {* Idempotent semigroup *}
    31 
    32 class ab_semigroup_idem_mult = ab_semigroup_mult +
    33   assumes mult_idem: "x * x = x"
    34 
    35 sublocale ab_semigroup_idem_mult < times!: semilattice times proof
    36 qed (fact mult_idem)
    37 
    38 context ab_semigroup_idem_mult
    39 begin
    40 
    41 lemmas mult_left_idem = times.left_idem
    42 
    43 end
    44 
    45 
    46 subsection {* Syntactic infimum and supremum operations *}
    47 
    48 class inf =
    49   fixes inf :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<sqinter>" 70)
    50 
    51 class sup = 
    52   fixes sup :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<squnion>" 65)
    53 
    54 
    55 subsection {* Concrete lattices *}
    56 
    57 notation
    58   less_eq  (infix "\<sqsubseteq>" 50) and
    59   less  (infix "\<sqsubset>" 50)
    60 
    61 class semilattice_inf =  order + inf +
    62   assumes inf_le1 [simp]: "x \<sqinter> y \<sqsubseteq> x"
    63   and inf_le2 [simp]: "x \<sqinter> y \<sqsubseteq> y"
    64   and inf_greatest: "x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<sqinter> z"
    65 
    66 class semilattice_sup = order + sup +
    67   assumes sup_ge1 [simp]: "x \<sqsubseteq> x \<squnion> y"
    68   and sup_ge2 [simp]: "y \<sqsubseteq> x \<squnion> y"
    69   and sup_least: "y \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> x \<Longrightarrow> y \<squnion> z \<sqsubseteq> x"
    70 begin
    71 
    72 text {* Dual lattice *}
    73 
    74 lemma dual_semilattice:
    75   "class.semilattice_inf sup greater_eq greater"
    76 by (rule class.semilattice_inf.intro, rule dual_order)
    77   (unfold_locales, simp_all add: sup_least)
    78 
    79 end
    80 
    81 class lattice = semilattice_inf + semilattice_sup
    82 
    83 
    84 subsubsection {* Intro and elim rules*}
    85 
    86 context semilattice_inf
    87 begin
    88 
    89 lemma le_infI1:
    90   "a \<sqsubseteq> x \<Longrightarrow> a \<sqinter> b \<sqsubseteq> x"
    91   by (rule order_trans) auto
    92 
    93 lemma le_infI2:
    94   "b \<sqsubseteq> x \<Longrightarrow> a \<sqinter> b \<sqsubseteq> x"
    95   by (rule order_trans) auto
    96 
    97 lemma le_infI: "x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> b \<Longrightarrow> x \<sqsubseteq> a \<sqinter> b"
    98   by (rule inf_greatest) (* FIXME: duplicate lemma *)
    99 
   100 lemma le_infE: "x \<sqsubseteq> a \<sqinter> b \<Longrightarrow> (x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> b \<Longrightarrow> P) \<Longrightarrow> P"
   101   by (blast intro: order_trans inf_le1 inf_le2)
   102 
   103 lemma le_inf_iff [simp]:
   104   "x \<sqsubseteq> y \<sqinter> z \<longleftrightarrow> x \<sqsubseteq> y \<and> x \<sqsubseteq> z"
   105   by (blast intro: le_infI elim: le_infE)
   106 
   107 lemma le_iff_inf:
   108   "x \<sqsubseteq> y \<longleftrightarrow> x \<sqinter> y = x"
   109   by (auto intro: le_infI1 antisym dest: eq_iff [THEN iffD1])
   110 
   111 lemma inf_mono: "a \<sqsubseteq> c \<Longrightarrow> b \<sqsubseteq> d \<Longrightarrow> a \<sqinter> b \<sqsubseteq> c \<sqinter> d"
   112   by (fast intro: inf_greatest le_infI1 le_infI2)
   113 
   114 lemma mono_inf:
   115   fixes f :: "'a \<Rightarrow> 'b\<Colon>semilattice_inf"
   116   shows "mono f \<Longrightarrow> f (A \<sqinter> B) \<sqsubseteq> f A \<sqinter> f B"
   117   by (auto simp add: mono_def intro: Lattices.inf_greatest)
   118 
   119 end
   120 
   121 context semilattice_sup
   122 begin
   123 
   124 lemma le_supI1:
   125   "x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> a \<squnion> b"
   126   by (rule order_trans) auto
   127 
   128 lemma le_supI2:
   129   "x \<sqsubseteq> b \<Longrightarrow> x \<sqsubseteq> a \<squnion> b"
   130   by (rule order_trans) auto 
   131 
   132 lemma le_supI:
   133   "a \<sqsubseteq> x \<Longrightarrow> b \<sqsubseteq> x \<Longrightarrow> a \<squnion> b \<sqsubseteq> x"
   134   by (rule sup_least) (* FIXME: duplicate lemma *)
   135 
   136 lemma le_supE:
   137   "a \<squnion> b \<sqsubseteq> x \<Longrightarrow> (a \<sqsubseteq> x \<Longrightarrow> b \<sqsubseteq> x \<Longrightarrow> P) \<Longrightarrow> P"
   138   by (blast intro: order_trans sup_ge1 sup_ge2)
   139 
   140 lemma le_sup_iff [simp]:
   141   "x \<squnion> y \<sqsubseteq> z \<longleftrightarrow> x \<sqsubseteq> z \<and> y \<sqsubseteq> z"
   142   by (blast intro: le_supI elim: le_supE)
   143 
   144 lemma le_iff_sup:
   145   "x \<sqsubseteq> y \<longleftrightarrow> x \<squnion> y = y"
   146   by (auto intro: le_supI2 antisym dest: eq_iff [THEN iffD1])
   147 
   148 lemma sup_mono: "a \<sqsubseteq> c \<Longrightarrow> b \<sqsubseteq> d \<Longrightarrow> a \<squnion> b \<sqsubseteq> c \<squnion> d"
   149   by (fast intro: sup_least le_supI1 le_supI2)
   150 
   151 lemma mono_sup:
   152   fixes f :: "'a \<Rightarrow> 'b\<Colon>semilattice_sup"
   153   shows "mono f \<Longrightarrow> f A \<squnion> f B \<sqsubseteq> f (A \<squnion> B)"
   154   by (auto simp add: mono_def intro: Lattices.sup_least)
   155 
   156 end
   157 
   158 
   159 subsubsection {* Equational laws *}
   160 
   161 sublocale semilattice_inf < inf!: semilattice inf
   162 proof
   163   fix a b c
   164   show "(a \<sqinter> b) \<sqinter> c = a \<sqinter> (b \<sqinter> c)"
   165     by (rule antisym) (auto intro: le_infI1 le_infI2)
   166   show "a \<sqinter> b = b \<sqinter> a"
   167     by (rule antisym) auto
   168   show "a \<sqinter> a = a"
   169     by (rule antisym) auto
   170 qed
   171 
   172 context semilattice_inf
   173 begin
   174 
   175 lemma inf_assoc: "(x \<sqinter> y) \<sqinter> z = x \<sqinter> (y \<sqinter> z)"
   176   by (fact inf.assoc)
   177 
   178 lemma inf_commute: "(x \<sqinter> y) = (y \<sqinter> x)"
   179   by (fact inf.commute)
   180 
   181 lemma inf_left_commute: "x \<sqinter> (y \<sqinter> z) = y \<sqinter> (x \<sqinter> z)"
   182   by (fact inf.left_commute)
   183 
   184 lemma inf_idem: "x \<sqinter> x = x"
   185   by (fact inf.idem) (* already simp *)
   186 
   187 lemma inf_left_idem [simp]: "x \<sqinter> (x \<sqinter> y) = x \<sqinter> y"
   188   by (fact inf.left_idem)
   189 
   190 lemma inf_absorb1: "x \<sqsubseteq> y \<Longrightarrow> x \<sqinter> y = x"
   191   by (rule antisym) auto
   192 
   193 lemma inf_absorb2: "y \<sqsubseteq> x \<Longrightarrow> x \<sqinter> y = y"
   194   by (rule antisym) auto
   195  
   196 lemmas inf_aci = inf_commute inf_assoc inf_left_commute inf_left_idem
   197 
   198 end
   199 
   200 sublocale semilattice_sup < sup!: semilattice sup
   201 proof
   202   fix a b c
   203   show "(a \<squnion> b) \<squnion> c = a \<squnion> (b \<squnion> c)"
   204     by (rule antisym) (auto intro: le_supI1 le_supI2)
   205   show "a \<squnion> b = b \<squnion> a"
   206     by (rule antisym) auto
   207   show "a \<squnion> a = a"
   208     by (rule antisym) auto
   209 qed
   210 
   211 context semilattice_sup
   212 begin
   213 
   214 lemma sup_assoc: "(x \<squnion> y) \<squnion> z = x \<squnion> (y \<squnion> z)"
   215   by (fact sup.assoc)
   216 
   217 lemma sup_commute: "(x \<squnion> y) = (y \<squnion> x)"
   218   by (fact sup.commute)
   219 
   220 lemma sup_left_commute: "x \<squnion> (y \<squnion> z) = y \<squnion> (x \<squnion> z)"
   221   by (fact sup.left_commute)
   222 
   223 lemma sup_idem: "x \<squnion> x = x"
   224   by (fact sup.idem) (* already simp *)
   225 
   226 lemma sup_left_idem [simp]: "x \<squnion> (x \<squnion> y) = x \<squnion> y"
   227   by (fact sup.left_idem)
   228 
   229 lemma sup_absorb1: "y \<sqsubseteq> x \<Longrightarrow> x \<squnion> y = x"
   230   by (rule antisym) auto
   231 
   232 lemma sup_absorb2: "x \<sqsubseteq> y \<Longrightarrow> x \<squnion> y = y"
   233   by (rule antisym) auto
   234 
   235 lemmas sup_aci = sup_commute sup_assoc sup_left_commute sup_left_idem
   236 
   237 end
   238 
   239 context lattice
   240 begin
   241 
   242 lemma dual_lattice:
   243   "class.lattice sup (op \<ge>) (op >) inf"
   244   by (rule class.lattice.intro, rule dual_semilattice, rule class.semilattice_sup.intro, rule dual_order)
   245     (unfold_locales, auto)
   246 
   247 lemma inf_sup_absorb [simp]: "x \<sqinter> (x \<squnion> y) = x"
   248   by (blast intro: antisym inf_le1 inf_greatest sup_ge1)
   249 
   250 lemma sup_inf_absorb [simp]: "x \<squnion> (x \<sqinter> y) = x"
   251   by (blast intro: antisym sup_ge1 sup_least inf_le1)
   252 
   253 lemmas inf_sup_aci = inf_aci sup_aci
   254 
   255 lemmas inf_sup_ord = inf_le1 inf_le2 sup_ge1 sup_ge2
   256 
   257 text{* Towards distributivity *}
   258 
   259 lemma distrib_sup_le: "x \<squnion> (y \<sqinter> z) \<sqsubseteq> (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   260   by (auto intro: le_infI1 le_infI2 le_supI1 le_supI2)
   261 
   262 lemma distrib_inf_le: "(x \<sqinter> y) \<squnion> (x \<sqinter> z) \<sqsubseteq> x \<sqinter> (y \<squnion> z)"
   263   by (auto intro: le_infI1 le_infI2 le_supI1 le_supI2)
   264 
   265 text{* If you have one of them, you have them all. *}
   266 
   267 lemma distrib_imp1:
   268 assumes D: "!!x y z. x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   269 shows "x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   270 proof-
   271   have "x \<squnion> (y \<sqinter> z) = (x \<squnion> (x \<sqinter> z)) \<squnion> (y \<sqinter> z)" by simp
   272   also have "\<dots> = x \<squnion> (z \<sqinter> (x \<squnion> y))"
   273     by (simp add: D inf_commute sup_assoc del: sup_inf_absorb)
   274   also have "\<dots> = ((x \<squnion> y) \<sqinter> x) \<squnion> ((x \<squnion> y) \<sqinter> z)"
   275     by(simp add: inf_commute)
   276   also have "\<dots> = (x \<squnion> y) \<sqinter> (x \<squnion> z)" by(simp add:D)
   277   finally show ?thesis .
   278 qed
   279 
   280 lemma distrib_imp2:
   281 assumes D: "!!x y z. x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   282 shows "x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   283 proof-
   284   have "x \<sqinter> (y \<squnion> z) = (x \<sqinter> (x \<squnion> z)) \<sqinter> (y \<squnion> z)" by simp
   285   also have "\<dots> = x \<sqinter> (z \<squnion> (x \<sqinter> y))"
   286     by (simp add: D sup_commute inf_assoc del: inf_sup_absorb)
   287   also have "\<dots> = ((x \<sqinter> y) \<squnion> x) \<sqinter> ((x \<sqinter> y) \<squnion> z)"
   288     by(simp add: sup_commute)
   289   also have "\<dots> = (x \<sqinter> y) \<squnion> (x \<sqinter> z)" by(simp add:D)
   290   finally show ?thesis .
   291 qed
   292 
   293 end
   294 
   295 subsubsection {* Strict order *}
   296 
   297 context semilattice_inf
   298 begin
   299 
   300 lemma less_infI1:
   301   "a \<sqsubset> x \<Longrightarrow> a \<sqinter> b \<sqsubset> x"
   302   by (auto simp add: less_le inf_absorb1 intro: le_infI1)
   303 
   304 lemma less_infI2:
   305   "b \<sqsubset> x \<Longrightarrow> a \<sqinter> b \<sqsubset> x"
   306   by (auto simp add: less_le inf_absorb2 intro: le_infI2)
   307 
   308 end
   309 
   310 context semilattice_sup
   311 begin
   312 
   313 lemma less_supI1:
   314   "x \<sqsubset> a \<Longrightarrow> x \<sqsubset> a \<squnion> b"
   315   using dual_semilattice
   316   by (rule semilattice_inf.less_infI1)
   317 
   318 lemma less_supI2:
   319   "x \<sqsubset> b \<Longrightarrow> x \<sqsubset> a \<squnion> b"
   320   using dual_semilattice
   321   by (rule semilattice_inf.less_infI2)
   322 
   323 end
   324 
   325 
   326 subsection {* Distributive lattices *}
   327 
   328 class distrib_lattice = lattice +
   329   assumes sup_inf_distrib1: "x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   330 
   331 context distrib_lattice
   332 begin
   333 
   334 lemma sup_inf_distrib2:
   335   "(y \<sqinter> z) \<squnion> x = (y \<squnion> x) \<sqinter> (z \<squnion> x)"
   336   by (simp add: sup_commute sup_inf_distrib1)
   337 
   338 lemma inf_sup_distrib1:
   339   "x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   340   by (rule distrib_imp2 [OF sup_inf_distrib1])
   341 
   342 lemma inf_sup_distrib2:
   343   "(y \<squnion> z) \<sqinter> x = (y \<sqinter> x) \<squnion> (z \<sqinter> x)"
   344   by (simp add: inf_commute inf_sup_distrib1)
   345 
   346 lemma dual_distrib_lattice:
   347   "class.distrib_lattice sup (op \<ge>) (op >) inf"
   348   by (rule class.distrib_lattice.intro, rule dual_lattice)
   349     (unfold_locales, fact inf_sup_distrib1)
   350 
   351 lemmas sup_inf_distrib =
   352   sup_inf_distrib1 sup_inf_distrib2
   353 
   354 lemmas inf_sup_distrib =
   355   inf_sup_distrib1 inf_sup_distrib2
   356 
   357 lemmas distrib =
   358   sup_inf_distrib1 sup_inf_distrib2 inf_sup_distrib1 inf_sup_distrib2
   359 
   360 end
   361 
   362 
   363 subsection {* Bounded lattices and boolean algebras *}
   364 
   365 class bounded_lattice_bot = lattice + bot
   366 begin
   367 
   368 lemma inf_bot_left [simp]:
   369   "\<bottom> \<sqinter> x = \<bottom>"
   370   by (rule inf_absorb1) simp
   371 
   372 lemma inf_bot_right [simp]:
   373   "x \<sqinter> \<bottom> = \<bottom>"
   374   by (rule inf_absorb2) simp
   375 
   376 lemma sup_bot_left [simp]:
   377   "\<bottom> \<squnion> x = x"
   378   by (rule sup_absorb2) simp
   379 
   380 lemma sup_bot_right [simp]:
   381   "x \<squnion> \<bottom> = x"
   382   by (rule sup_absorb1) simp
   383 
   384 lemma sup_eq_bot_iff [simp]:
   385   "x \<squnion> y = \<bottom> \<longleftrightarrow> x = \<bottom> \<and> y = \<bottom>"
   386   by (simp add: eq_iff)
   387 
   388 end
   389 
   390 class bounded_lattice_top = lattice + top
   391 begin
   392 
   393 lemma sup_top_left [simp]:
   394   "\<top> \<squnion> x = \<top>"
   395   by (rule sup_absorb1) simp
   396 
   397 lemma sup_top_right [simp]:
   398   "x \<squnion> \<top> = \<top>"
   399   by (rule sup_absorb2) simp
   400 
   401 lemma inf_top_left [simp]:
   402   "\<top> \<sqinter> x = x"
   403   by (rule inf_absorb2) simp
   404 
   405 lemma inf_top_right [simp]:
   406   "x \<sqinter> \<top> = x"
   407   by (rule inf_absorb1) simp
   408 
   409 lemma inf_eq_top_iff [simp]:
   410   "x \<sqinter> y = \<top> \<longleftrightarrow> x = \<top> \<and> y = \<top>"
   411   by (simp add: eq_iff)
   412 
   413 end
   414 
   415 class bounded_lattice = bounded_lattice_bot + bounded_lattice_top
   416 begin
   417 
   418 lemma dual_bounded_lattice:
   419   "class.bounded_lattice sup greater_eq greater inf \<top> \<bottom>"
   420   by unfold_locales (auto simp add: less_le_not_le)
   421 
   422 end
   423 
   424 class boolean_algebra = distrib_lattice + bounded_lattice + minus + uminus +
   425   assumes inf_compl_bot: "x \<sqinter> - x = \<bottom>"
   426     and sup_compl_top: "x \<squnion> - x = \<top>"
   427   assumes diff_eq: "x - y = x \<sqinter> - y"
   428 begin
   429 
   430 lemma dual_boolean_algebra:
   431   "class.boolean_algebra (\<lambda>x y. x \<squnion> - y) uminus sup greater_eq greater inf \<top> \<bottom>"
   432   by (rule class.boolean_algebra.intro, rule dual_bounded_lattice, rule dual_distrib_lattice)
   433     (unfold_locales, auto simp add: inf_compl_bot sup_compl_top diff_eq)
   434 
   435 lemma compl_inf_bot [simp]:
   436   "- x \<sqinter> x = \<bottom>"
   437   by (simp add: inf_commute inf_compl_bot)
   438 
   439 lemma compl_sup_top [simp]:
   440   "- x \<squnion> x = \<top>"
   441   by (simp add: sup_commute sup_compl_top)
   442 
   443 lemma compl_unique:
   444   assumes "x \<sqinter> y = \<bottom>"
   445     and "x \<squnion> y = \<top>"
   446   shows "- x = y"
   447 proof -
   448   have "(x \<sqinter> - x) \<squnion> (- x \<sqinter> y) = (x \<sqinter> y) \<squnion> (- x \<sqinter> y)"
   449     using inf_compl_bot assms(1) by simp
   450   then have "(- x \<sqinter> x) \<squnion> (- x \<sqinter> y) = (y \<sqinter> x) \<squnion> (y \<sqinter> - x)"
   451     by (simp add: inf_commute)
   452   then have "- x \<sqinter> (x \<squnion> y) = y \<sqinter> (x \<squnion> - x)"
   453     by (simp add: inf_sup_distrib1)
   454   then have "- x \<sqinter> \<top> = y \<sqinter> \<top>"
   455     using sup_compl_top assms(2) by simp
   456   then show "- x = y" by simp
   457 qed
   458 
   459 lemma double_compl [simp]:
   460   "- (- x) = x"
   461   using compl_inf_bot compl_sup_top by (rule compl_unique)
   462 
   463 lemma compl_eq_compl_iff [simp]:
   464   "- x = - y \<longleftrightarrow> x = y"
   465 proof
   466   assume "- x = - y"
   467   then have "- (- x) = - (- y)" by (rule arg_cong)
   468   then show "x = y" by simp
   469 next
   470   assume "x = y"
   471   then show "- x = - y" by simp
   472 qed
   473 
   474 lemma compl_bot_eq [simp]:
   475   "- \<bottom> = \<top>"
   476 proof -
   477   from sup_compl_top have "\<bottom> \<squnion> - \<bottom> = \<top>" .
   478   then show ?thesis by simp
   479 qed
   480 
   481 lemma compl_top_eq [simp]:
   482   "- \<top> = \<bottom>"
   483 proof -
   484   from inf_compl_bot have "\<top> \<sqinter> - \<top> = \<bottom>" .
   485   then show ?thesis by simp
   486 qed
   487 
   488 lemma compl_inf [simp]:
   489   "- (x \<sqinter> y) = - x \<squnion> - y"
   490 proof (rule compl_unique)
   491   have "(x \<sqinter> y) \<sqinter> (- x \<squnion> - y) = (y \<sqinter> (x \<sqinter> - x)) \<squnion> (x \<sqinter> (y \<sqinter> - y))"
   492     by (simp only: inf_sup_distrib inf_aci)
   493   then show "(x \<sqinter> y) \<sqinter> (- x \<squnion> - y) = \<bottom>"
   494     by (simp add: inf_compl_bot)
   495 next
   496   have "(x \<sqinter> y) \<squnion> (- x \<squnion> - y) = (- y \<squnion> (x \<squnion> - x)) \<sqinter> (- x \<squnion> (y \<squnion> - y))"
   497     by (simp only: sup_inf_distrib sup_aci)
   498   then show "(x \<sqinter> y) \<squnion> (- x \<squnion> - y) = \<top>"
   499     by (simp add: sup_compl_top)
   500 qed
   501 
   502 lemma compl_sup [simp]:
   503   "- (x \<squnion> y) = - x \<sqinter> - y"
   504   using dual_boolean_algebra
   505   by (rule boolean_algebra.compl_inf)
   506 
   507 lemma compl_mono:
   508   "x \<sqsubseteq> y \<Longrightarrow> - y \<sqsubseteq> - x"
   509 proof -
   510   assume "x \<sqsubseteq> y"
   511   then have "x \<squnion> y = y" by (simp only: le_iff_sup)
   512   then have "- (x \<squnion> y) = - y" by simp
   513   then have "- x \<sqinter> - y = - y" by simp
   514   then have "- y \<sqinter> - x = - y" by (simp only: inf_commute)
   515   then show "- y \<sqsubseteq> - x" by (simp only: le_iff_inf)
   516 qed
   517 
   518 lemma compl_le_compl_iff [simp]:
   519   "- x \<sqsubseteq> - y \<longleftrightarrow> y \<sqsubseteq> x"
   520   by (auto dest: compl_mono)
   521 
   522 lemma compl_le_swap1:
   523   assumes "y \<sqsubseteq> - x" shows "x \<sqsubseteq> -y"
   524 proof -
   525   from assms have "- (- x) \<sqsubseteq> - y" by (simp only: compl_le_compl_iff)
   526   then show ?thesis by simp
   527 qed
   528 
   529 lemma compl_le_swap2:
   530   assumes "- y \<sqsubseteq> x" shows "- x \<sqsubseteq> y"
   531 proof -
   532   from assms have "- x \<sqsubseteq> - (- y)" by (simp only: compl_le_compl_iff)
   533   then show ?thesis by simp
   534 qed
   535 
   536 lemma compl_less_compl_iff: (* TODO: declare [simp] ? *)
   537   "- x \<sqsubset> - y \<longleftrightarrow> y \<sqsubset> x"
   538   by (auto simp add: less_le)
   539 
   540 lemma compl_less_swap1:
   541   assumes "y \<sqsubset> - x" shows "x \<sqsubset> - y"
   542 proof -
   543   from assms have "- (- x) \<sqsubset> - y" by (simp only: compl_less_compl_iff)
   544   then show ?thesis by simp
   545 qed
   546 
   547 lemma compl_less_swap2:
   548   assumes "- y \<sqsubset> x" shows "- x \<sqsubset> y"
   549 proof -
   550   from assms have "- x \<sqsubset> - (- y)" by (simp only: compl_less_compl_iff)
   551   then show ?thesis by simp
   552 qed
   553 
   554 end
   555 
   556 
   557 subsection {* Uniqueness of inf and sup *}
   558 
   559 lemma (in semilattice_inf) inf_unique:
   560   fixes f (infixl "\<triangle>" 70)
   561   assumes le1: "\<And>x y. x \<triangle> y \<sqsubseteq> x" and le2: "\<And>x y. x \<triangle> y \<sqsubseteq> y"
   562   and greatest: "\<And>x y z. x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<triangle> z"
   563   shows "x \<sqinter> y = x \<triangle> y"
   564 proof (rule antisym)
   565   show "x \<triangle> y \<sqsubseteq> x \<sqinter> y" by (rule le_infI) (rule le1, rule le2)
   566 next
   567   have leI: "\<And>x y z. x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<triangle> z" by (blast intro: greatest)
   568   show "x \<sqinter> y \<sqsubseteq> x \<triangle> y" by (rule leI) simp_all
   569 qed
   570 
   571 lemma (in semilattice_sup) sup_unique:
   572   fixes f (infixl "\<nabla>" 70)
   573   assumes ge1 [simp]: "\<And>x y. x \<sqsubseteq> x \<nabla> y" and ge2: "\<And>x y. y \<sqsubseteq> x \<nabla> y"
   574   and least: "\<And>x y z. y \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> x \<Longrightarrow> y \<nabla> z \<sqsubseteq> x"
   575   shows "x \<squnion> y = x \<nabla> y"
   576 proof (rule antisym)
   577   show "x \<squnion> y \<sqsubseteq> x \<nabla> y" by (rule le_supI) (rule ge1, rule ge2)
   578 next
   579   have leI: "\<And>x y z. x \<sqsubseteq> z \<Longrightarrow> y \<sqsubseteq> z \<Longrightarrow> x \<nabla> y \<sqsubseteq> z" by (blast intro: least)
   580   show "x \<nabla> y \<sqsubseteq> x \<squnion> y" by (rule leI) simp_all
   581 qed
   582 
   583 
   584 subsection {* @{const min}/@{const max} on linear orders as
   585   special case of @{const inf}/@{const sup} *}
   586 
   587 sublocale linorder < min_max!: distrib_lattice min less_eq less max
   588 proof
   589   fix x y z
   590   show "max x (min y z) = min (max x y) (max x z)"
   591     by (auto simp add: min_def max_def)
   592 qed (auto simp add: min_def max_def not_le less_imp_le)
   593 
   594 lemma inf_min: "inf = (min \<Colon> 'a\<Colon>{semilattice_inf, linorder} \<Rightarrow> 'a \<Rightarrow> 'a)"
   595   by (rule ext)+ (auto intro: antisym)
   596 
   597 lemma sup_max: "sup = (max \<Colon> 'a\<Colon>{semilattice_sup, linorder} \<Rightarrow> 'a \<Rightarrow> 'a)"
   598   by (rule ext)+ (auto intro: antisym)
   599 
   600 lemmas le_maxI1 = min_max.sup_ge1
   601 lemmas le_maxI2 = min_max.sup_ge2
   602  
   603 lemmas min_ac = min_max.inf_assoc min_max.inf_commute
   604   min_max.inf.left_commute
   605 
   606 lemmas max_ac = min_max.sup_assoc min_max.sup_commute
   607   min_max.sup.left_commute
   608 
   609 
   610 subsection {* Lattice on @{typ bool} *}
   611 
   612 instantiation bool :: boolean_algebra
   613 begin
   614 
   615 definition
   616   bool_Compl_def [simp]: "uminus = Not"
   617 
   618 definition
   619   bool_diff_def [simp]: "A - B \<longleftrightarrow> A \<and> \<not> B"
   620 
   621 definition
   622   [simp]: "P \<sqinter> Q \<longleftrightarrow> P \<and> Q"
   623 
   624 definition
   625   [simp]: "P \<squnion> Q \<longleftrightarrow> P \<or> Q"
   626 
   627 instance proof
   628 qed auto
   629 
   630 end
   631 
   632 lemma sup_boolI1:
   633   "P \<Longrightarrow> P \<squnion> Q"
   634   by simp
   635 
   636 lemma sup_boolI2:
   637   "Q \<Longrightarrow> P \<squnion> Q"
   638   by simp
   639 
   640 lemma sup_boolE:
   641   "P \<squnion> Q \<Longrightarrow> (P \<Longrightarrow> R) \<Longrightarrow> (Q \<Longrightarrow> R) \<Longrightarrow> R"
   642   by auto
   643 
   644 
   645 subsection {* Lattice on @{typ "_ \<Rightarrow> _"} *}
   646 
   647 instantiation "fun" :: (type, lattice) lattice
   648 begin
   649 
   650 definition
   651   "f \<sqinter> g = (\<lambda>x. f x \<sqinter> g x)"
   652 
   653 lemma inf_apply [simp] (* CANDIDATE [code] *):
   654   "(f \<sqinter> g) x = f x \<sqinter> g x"
   655   by (simp add: inf_fun_def)
   656 
   657 definition
   658   "f \<squnion> g = (\<lambda>x. f x \<squnion> g x)"
   659 
   660 lemma sup_apply [simp] (* CANDIDATE [code] *):
   661   "(f \<squnion> g) x = f x \<squnion> g x"
   662   by (simp add: sup_fun_def)
   663 
   664 instance proof
   665 qed (simp_all add: le_fun_def)
   666 
   667 end
   668 
   669 instance "fun" :: (type, distrib_lattice) distrib_lattice proof
   670 qed (rule ext, simp add: sup_inf_distrib1)
   671 
   672 instance "fun" :: (type, bounded_lattice) bounded_lattice ..
   673 
   674 instantiation "fun" :: (type, uminus) uminus
   675 begin
   676 
   677 definition
   678   fun_Compl_def: "- A = (\<lambda>x. - A x)"
   679 
   680 lemma uminus_apply [simp] (* CANDIDATE [code] *):
   681   "(- A) x = - (A x)"
   682   by (simp add: fun_Compl_def)
   683 
   684 instance ..
   685 
   686 end
   687 
   688 instantiation "fun" :: (type, minus) minus
   689 begin
   690 
   691 definition
   692   fun_diff_def: "A - B = (\<lambda>x. A x - B x)"
   693 
   694 lemma minus_apply [simp] (* CANDIDATE [code] *):
   695   "(A - B) x = A x - B x"
   696   by (simp add: fun_diff_def)
   697 
   698 instance ..
   699 
   700 end
   701 
   702 instance "fun" :: (type, boolean_algebra) boolean_algebra proof
   703 qed (rule ext, simp_all add: inf_compl_bot sup_compl_top diff_eq)+
   704 
   705 
   706 subsection {* Lattice on unary and binary predicates *}
   707 
   708 lemma inf1I: "A x \<Longrightarrow> B x \<Longrightarrow> (A \<sqinter> B) x"
   709   by (simp add: inf_fun_def)
   710 
   711 lemma inf2I: "A x y \<Longrightarrow> B x y \<Longrightarrow> (A \<sqinter> B) x y"
   712   by (simp add: inf_fun_def)
   713 
   714 lemma inf1E: "(A \<sqinter> B) x \<Longrightarrow> (A x \<Longrightarrow> B x \<Longrightarrow> P) \<Longrightarrow> P"
   715   by (simp add: inf_fun_def)
   716 
   717 lemma inf2E: "(A \<sqinter> B) x y \<Longrightarrow> (A x y \<Longrightarrow> B x y \<Longrightarrow> P) \<Longrightarrow> P"
   718   by (simp add: inf_fun_def)
   719 
   720 lemma inf1D1: "(A \<sqinter> B) x \<Longrightarrow> A x"
   721   by (simp add: inf_fun_def)
   722 
   723 lemma inf2D1: "(A \<sqinter> B) x y \<Longrightarrow> A x y"
   724   by (simp add: inf_fun_def)
   725 
   726 lemma inf1D2: "(A \<sqinter> B) x \<Longrightarrow> B x"
   727   by (simp add: inf_fun_def)
   728 
   729 lemma inf2D2: "(A \<sqinter> B) x y \<Longrightarrow> B x y"
   730   by (simp add: inf_fun_def)
   731 
   732 lemma sup1I1: "A x \<Longrightarrow> (A \<squnion> B) x"
   733   by (simp add: sup_fun_def)
   734 
   735 lemma sup2I1: "A x y \<Longrightarrow> (A \<squnion> B) x y"
   736   by (simp add: sup_fun_def)
   737 
   738 lemma sup1I2: "B x \<Longrightarrow> (A \<squnion> B) x"
   739   by (simp add: sup_fun_def)
   740 
   741 lemma sup2I2: "B x y \<Longrightarrow> (A \<squnion> B) x y"
   742   by (simp add: sup_fun_def)
   743 
   744 lemma sup1E: "(A \<squnion> B) x \<Longrightarrow> (A x \<Longrightarrow> P) \<Longrightarrow> (B x \<Longrightarrow> P) \<Longrightarrow> P"
   745   by (simp add: sup_fun_def) iprover
   746 
   747 lemma sup2E: "(A \<squnion> B) x y \<Longrightarrow> (A x y \<Longrightarrow> P) \<Longrightarrow> (B x y \<Longrightarrow> P) \<Longrightarrow> P"
   748   by (simp add: sup_fun_def) iprover
   749 
   750 text {*
   751   \medskip Classical introduction rule: no commitment to @{text A} vs
   752   @{text B}.
   753 *}
   754 
   755 lemma sup1CI: "(\<not> B x \<Longrightarrow> A x) \<Longrightarrow> (A \<squnion> B) x"
   756   by (auto simp add: sup_fun_def)
   757 
   758 lemma sup2CI: "(\<not> B x y \<Longrightarrow> A x y) \<Longrightarrow> (A \<squnion> B) x y"
   759   by (auto simp add: sup_fun_def)
   760 
   761 
   762 no_notation
   763   less_eq (infix "\<sqsubseteq>" 50) and
   764   less (infix "\<sqsubset>" 50)
   765 
   766 end
   767