src/HOL/Lattices.thy
author hoelzl
Thu Jan 31 11:31:27 2013 +0100 (2013-01-31)
changeset 50999 3de230ed0547
parent 50615 965d4c108584
child 51387 dbc4a77488b2
permissions -rw-r--r--
introduce order topology
     1 (*  Title:      HOL/Lattices.thy
     2     Author:     Tobias Nipkow
     3 *)
     4 
     5 header {* Abstract lattices *}
     6 
     7 theory Lattices
     8 imports Orderings Groups
     9 begin
    10 
    11 subsection {* Abstract semilattice *}
    12 
    13 text {*
    14   This locales provide a basic structure for interpretation into
    15   bigger structures;  extensions require careful thinking, otherwise
    16   undesired effects may occur due to interpretation.
    17 *}
    18 
    19 locale semilattice = abel_semigroup +
    20   assumes idem [simp]: "f a a = a"
    21 begin
    22 
    23 lemma left_idem [simp]: "f a (f a b) = f a b"
    24 by (simp add: assoc [symmetric])
    25 
    26 lemma right_idem [simp]: "f (f a b) b = f a b"
    27 by (simp add: assoc)
    28 
    29 end
    30 
    31 
    32 subsection {* Idempotent semigroup *}
    33 
    34 class ab_semigroup_idem_mult = ab_semigroup_mult +
    35   assumes mult_idem: "x * x = x"
    36 
    37 sublocale ab_semigroup_idem_mult < times!: semilattice times proof
    38 qed (fact mult_idem)
    39 
    40 context ab_semigroup_idem_mult
    41 begin
    42 
    43 lemmas mult_left_idem = times.left_idem
    44 
    45 end
    46 
    47 
    48 subsection {* Syntactic infimum and supremum operations *}
    49 
    50 class inf =
    51   fixes inf :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<sqinter>" 70)
    52 
    53 class sup = 
    54   fixes sup :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "\<squnion>" 65)
    55 
    56 
    57 subsection {* Concrete lattices *}
    58 
    59 notation
    60   less_eq  (infix "\<sqsubseteq>" 50) and
    61   less  (infix "\<sqsubset>" 50)
    62 
    63 class semilattice_inf =  order + inf +
    64   assumes inf_le1 [simp]: "x \<sqinter> y \<sqsubseteq> x"
    65   and inf_le2 [simp]: "x \<sqinter> y \<sqsubseteq> y"
    66   and inf_greatest: "x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<sqinter> z"
    67 
    68 class semilattice_sup = order + sup +
    69   assumes sup_ge1 [simp]: "x \<sqsubseteq> x \<squnion> y"
    70   and sup_ge2 [simp]: "y \<sqsubseteq> x \<squnion> y"
    71   and sup_least: "y \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> x \<Longrightarrow> y \<squnion> z \<sqsubseteq> x"
    72 begin
    73 
    74 text {* Dual lattice *}
    75 
    76 lemma dual_semilattice:
    77   "class.semilattice_inf sup greater_eq greater"
    78 by (rule class.semilattice_inf.intro, rule dual_order)
    79   (unfold_locales, simp_all add: sup_least)
    80 
    81 end
    82 
    83 class lattice = semilattice_inf + semilattice_sup
    84 
    85 
    86 subsubsection {* Intro and elim rules*}
    87 
    88 context semilattice_inf
    89 begin
    90 
    91 lemma le_infI1:
    92   "a \<sqsubseteq> x \<Longrightarrow> a \<sqinter> b \<sqsubseteq> x"
    93   by (rule order_trans) auto
    94 
    95 lemma le_infI2:
    96   "b \<sqsubseteq> x \<Longrightarrow> a \<sqinter> b \<sqsubseteq> x"
    97   by (rule order_trans) auto
    98 
    99 lemma le_infI: "x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> b \<Longrightarrow> x \<sqsubseteq> a \<sqinter> b"
   100   by (rule inf_greatest) (* FIXME: duplicate lemma *)
   101 
   102 lemma le_infE: "x \<sqsubseteq> a \<sqinter> b \<Longrightarrow> (x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> b \<Longrightarrow> P) \<Longrightarrow> P"
   103   by (blast intro: order_trans inf_le1 inf_le2)
   104 
   105 lemma le_inf_iff [simp]:
   106   "x \<sqsubseteq> y \<sqinter> z \<longleftrightarrow> x \<sqsubseteq> y \<and> x \<sqsubseteq> z"
   107   by (blast intro: le_infI elim: le_infE)
   108 
   109 lemma le_iff_inf:
   110   "x \<sqsubseteq> y \<longleftrightarrow> x \<sqinter> y = x"
   111   by (auto intro: le_infI1 antisym dest: eq_iff [THEN iffD1])
   112 
   113 lemma inf_mono: "a \<sqsubseteq> c \<Longrightarrow> b \<sqsubseteq> d \<Longrightarrow> a \<sqinter> b \<sqsubseteq> c \<sqinter> d"
   114   by (fast intro: inf_greatest le_infI1 le_infI2)
   115 
   116 lemma mono_inf:
   117   fixes f :: "'a \<Rightarrow> 'b\<Colon>semilattice_inf"
   118   shows "mono f \<Longrightarrow> f (A \<sqinter> B) \<sqsubseteq> f A \<sqinter> f B"
   119   by (auto simp add: mono_def intro: Lattices.inf_greatest)
   120 
   121 end
   122 
   123 context semilattice_sup
   124 begin
   125 
   126 lemma le_supI1:
   127   "x \<sqsubseteq> a \<Longrightarrow> x \<sqsubseteq> a \<squnion> b"
   128   by (rule order_trans) auto
   129 
   130 lemma le_supI2:
   131   "x \<sqsubseteq> b \<Longrightarrow> x \<sqsubseteq> a \<squnion> b"
   132   by (rule order_trans) auto 
   133 
   134 lemma le_supI:
   135   "a \<sqsubseteq> x \<Longrightarrow> b \<sqsubseteq> x \<Longrightarrow> a \<squnion> b \<sqsubseteq> x"
   136   by (rule sup_least) (* FIXME: duplicate lemma *)
   137 
   138 lemma le_supE:
   139   "a \<squnion> b \<sqsubseteq> x \<Longrightarrow> (a \<sqsubseteq> x \<Longrightarrow> b \<sqsubseteq> x \<Longrightarrow> P) \<Longrightarrow> P"
   140   by (blast intro: order_trans sup_ge1 sup_ge2)
   141 
   142 lemma le_sup_iff [simp]:
   143   "x \<squnion> y \<sqsubseteq> z \<longleftrightarrow> x \<sqsubseteq> z \<and> y \<sqsubseteq> z"
   144   by (blast intro: le_supI elim: le_supE)
   145 
   146 lemma le_iff_sup:
   147   "x \<sqsubseteq> y \<longleftrightarrow> x \<squnion> y = y"
   148   by (auto intro: le_supI2 antisym dest: eq_iff [THEN iffD1])
   149 
   150 lemma sup_mono: "a \<sqsubseteq> c \<Longrightarrow> b \<sqsubseteq> d \<Longrightarrow> a \<squnion> b \<sqsubseteq> c \<squnion> d"
   151   by (fast intro: sup_least le_supI1 le_supI2)
   152 
   153 lemma mono_sup:
   154   fixes f :: "'a \<Rightarrow> 'b\<Colon>semilattice_sup"
   155   shows "mono f \<Longrightarrow> f A \<squnion> f B \<sqsubseteq> f (A \<squnion> B)"
   156   by (auto simp add: mono_def intro: Lattices.sup_least)
   157 
   158 end
   159 
   160 
   161 subsubsection {* Equational laws *}
   162 
   163 sublocale semilattice_inf < inf!: semilattice inf
   164 proof
   165   fix a b c
   166   show "(a \<sqinter> b) \<sqinter> c = a \<sqinter> (b \<sqinter> c)"
   167     by (rule antisym) (auto intro: le_infI1 le_infI2)
   168   show "a \<sqinter> b = b \<sqinter> a"
   169     by (rule antisym) auto
   170   show "a \<sqinter> a = a"
   171     by (rule antisym) auto
   172 qed
   173 
   174 context semilattice_inf
   175 begin
   176 
   177 lemma inf_assoc: "(x \<sqinter> y) \<sqinter> z = x \<sqinter> (y \<sqinter> z)"
   178   by (fact inf.assoc)
   179 
   180 lemma inf_commute: "(x \<sqinter> y) = (y \<sqinter> x)"
   181   by (fact inf.commute)
   182 
   183 lemma inf_left_commute: "x \<sqinter> (y \<sqinter> z) = y \<sqinter> (x \<sqinter> z)"
   184   by (fact inf.left_commute)
   185 
   186 lemma inf_idem: "x \<sqinter> x = x"
   187   by (fact inf.idem) (* already simp *)
   188 
   189 lemma inf_left_idem: "x \<sqinter> (x \<sqinter> y) = x \<sqinter> y"
   190   by (fact inf.left_idem) (* already simp *)
   191 
   192 lemma inf_right_idem: "(x \<sqinter> y) \<sqinter> y = x \<sqinter> y"
   193   by (fact inf.right_idem) (* already simp *)
   194 
   195 lemma inf_absorb1: "x \<sqsubseteq> y \<Longrightarrow> x \<sqinter> y = x"
   196   by (rule antisym) auto
   197 
   198 lemma inf_absorb2: "y \<sqsubseteq> x \<Longrightarrow> x \<sqinter> y = y"
   199   by (rule antisym) auto
   200  
   201 lemmas inf_aci = inf_commute inf_assoc inf_left_commute inf_left_idem
   202 
   203 end
   204 
   205 sublocale semilattice_sup < sup!: semilattice sup
   206 proof
   207   fix a b c
   208   show "(a \<squnion> b) \<squnion> c = a \<squnion> (b \<squnion> c)"
   209     by (rule antisym) (auto intro: le_supI1 le_supI2)
   210   show "a \<squnion> b = b \<squnion> a"
   211     by (rule antisym) auto
   212   show "a \<squnion> a = a"
   213     by (rule antisym) auto
   214 qed
   215 
   216 context semilattice_sup
   217 begin
   218 
   219 lemma sup_assoc: "(x \<squnion> y) \<squnion> z = x \<squnion> (y \<squnion> z)"
   220   by (fact sup.assoc)
   221 
   222 lemma sup_commute: "(x \<squnion> y) = (y \<squnion> x)"
   223   by (fact sup.commute)
   224 
   225 lemma sup_left_commute: "x \<squnion> (y \<squnion> z) = y \<squnion> (x \<squnion> z)"
   226   by (fact sup.left_commute)
   227 
   228 lemma sup_idem: "x \<squnion> x = x"
   229   by (fact sup.idem) (* already simp *)
   230 
   231 lemma sup_left_idem [simp]: "x \<squnion> (x \<squnion> y) = x \<squnion> y"
   232   by (fact sup.left_idem)
   233 
   234 lemma sup_absorb1: "y \<sqsubseteq> x \<Longrightarrow> x \<squnion> y = x"
   235   by (rule antisym) auto
   236 
   237 lemma sup_absorb2: "x \<sqsubseteq> y \<Longrightarrow> x \<squnion> y = y"
   238   by (rule antisym) auto
   239 
   240 lemmas sup_aci = sup_commute sup_assoc sup_left_commute sup_left_idem
   241 
   242 end
   243 
   244 context lattice
   245 begin
   246 
   247 lemma dual_lattice:
   248   "class.lattice sup (op \<ge>) (op >) inf"
   249   by (rule class.lattice.intro, rule dual_semilattice, rule class.semilattice_sup.intro, rule dual_order)
   250     (unfold_locales, auto)
   251 
   252 lemma inf_sup_absorb [simp]: "x \<sqinter> (x \<squnion> y) = x"
   253   by (blast intro: antisym inf_le1 inf_greatest sup_ge1)
   254 
   255 lemma sup_inf_absorb [simp]: "x \<squnion> (x \<sqinter> y) = x"
   256   by (blast intro: antisym sup_ge1 sup_least inf_le1)
   257 
   258 lemmas inf_sup_aci = inf_aci sup_aci
   259 
   260 lemmas inf_sup_ord = inf_le1 inf_le2 sup_ge1 sup_ge2
   261 
   262 text{* Towards distributivity *}
   263 
   264 lemma distrib_sup_le: "x \<squnion> (y \<sqinter> z) \<sqsubseteq> (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   265   by (auto intro: le_infI1 le_infI2 le_supI1 le_supI2)
   266 
   267 lemma distrib_inf_le: "(x \<sqinter> y) \<squnion> (x \<sqinter> z) \<sqsubseteq> x \<sqinter> (y \<squnion> z)"
   268   by (auto intro: le_infI1 le_infI2 le_supI1 le_supI2)
   269 
   270 text{* If you have one of them, you have them all. *}
   271 
   272 lemma distrib_imp1:
   273 assumes D: "!!x y z. x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   274 shows "x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   275 proof-
   276   have "x \<squnion> (y \<sqinter> z) = (x \<squnion> (x \<sqinter> z)) \<squnion> (y \<sqinter> z)" by simp
   277   also have "\<dots> = x \<squnion> (z \<sqinter> (x \<squnion> y))"
   278     by (simp add: D inf_commute sup_assoc del: sup_inf_absorb)
   279   also have "\<dots> = ((x \<squnion> y) \<sqinter> x) \<squnion> ((x \<squnion> y) \<sqinter> z)"
   280     by(simp add: inf_commute)
   281   also have "\<dots> = (x \<squnion> y) \<sqinter> (x \<squnion> z)" by(simp add:D)
   282   finally show ?thesis .
   283 qed
   284 
   285 lemma distrib_imp2:
   286 assumes D: "!!x y z. x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   287 shows "x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   288 proof-
   289   have "x \<sqinter> (y \<squnion> z) = (x \<sqinter> (x \<squnion> z)) \<sqinter> (y \<squnion> z)" by simp
   290   also have "\<dots> = x \<sqinter> (z \<squnion> (x \<sqinter> y))"
   291     by (simp add: D sup_commute inf_assoc del: inf_sup_absorb)
   292   also have "\<dots> = ((x \<sqinter> y) \<squnion> x) \<sqinter> ((x \<sqinter> y) \<squnion> z)"
   293     by(simp add: sup_commute)
   294   also have "\<dots> = (x \<sqinter> y) \<squnion> (x \<sqinter> z)" by(simp add:D)
   295   finally show ?thesis .
   296 qed
   297 
   298 end
   299 
   300 subsubsection {* Strict order *}
   301 
   302 context semilattice_inf
   303 begin
   304 
   305 lemma less_infI1:
   306   "a \<sqsubset> x \<Longrightarrow> a \<sqinter> b \<sqsubset> x"
   307   by (auto simp add: less_le inf_absorb1 intro: le_infI1)
   308 
   309 lemma less_infI2:
   310   "b \<sqsubset> x \<Longrightarrow> a \<sqinter> b \<sqsubset> x"
   311   by (auto simp add: less_le inf_absorb2 intro: le_infI2)
   312 
   313 end
   314 
   315 context semilattice_sup
   316 begin
   317 
   318 lemma less_supI1:
   319   "x \<sqsubset> a \<Longrightarrow> x \<sqsubset> a \<squnion> b"
   320   using dual_semilattice
   321   by (rule semilattice_inf.less_infI1)
   322 
   323 lemma less_supI2:
   324   "x \<sqsubset> b \<Longrightarrow> x \<sqsubset> a \<squnion> b"
   325   using dual_semilattice
   326   by (rule semilattice_inf.less_infI2)
   327 
   328 end
   329 
   330 
   331 subsection {* Distributive lattices *}
   332 
   333 class distrib_lattice = lattice +
   334   assumes sup_inf_distrib1: "x \<squnion> (y \<sqinter> z) = (x \<squnion> y) \<sqinter> (x \<squnion> z)"
   335 
   336 context distrib_lattice
   337 begin
   338 
   339 lemma sup_inf_distrib2:
   340   "(y \<sqinter> z) \<squnion> x = (y \<squnion> x) \<sqinter> (z \<squnion> x)"
   341   by (simp add: sup_commute sup_inf_distrib1)
   342 
   343 lemma inf_sup_distrib1:
   344   "x \<sqinter> (y \<squnion> z) = (x \<sqinter> y) \<squnion> (x \<sqinter> z)"
   345   by (rule distrib_imp2 [OF sup_inf_distrib1])
   346 
   347 lemma inf_sup_distrib2:
   348   "(y \<squnion> z) \<sqinter> x = (y \<sqinter> x) \<squnion> (z \<sqinter> x)"
   349   by (simp add: inf_commute inf_sup_distrib1)
   350 
   351 lemma dual_distrib_lattice:
   352   "class.distrib_lattice sup (op \<ge>) (op >) inf"
   353   by (rule class.distrib_lattice.intro, rule dual_lattice)
   354     (unfold_locales, fact inf_sup_distrib1)
   355 
   356 lemmas sup_inf_distrib =
   357   sup_inf_distrib1 sup_inf_distrib2
   358 
   359 lemmas inf_sup_distrib =
   360   inf_sup_distrib1 inf_sup_distrib2
   361 
   362 lemmas distrib =
   363   sup_inf_distrib1 sup_inf_distrib2 inf_sup_distrib1 inf_sup_distrib2
   364 
   365 end
   366 
   367 
   368 subsection {* Bounded lattices and boolean algebras *}
   369 
   370 class bounded_lattice_bot = lattice + bot
   371 begin
   372 
   373 lemma inf_bot_left [simp]:
   374   "\<bottom> \<sqinter> x = \<bottom>"
   375   by (rule inf_absorb1) simp
   376 
   377 lemma inf_bot_right [simp]:
   378   "x \<sqinter> \<bottom> = \<bottom>"
   379   by (rule inf_absorb2) simp
   380 
   381 lemma sup_bot_left [simp]:
   382   "\<bottom> \<squnion> x = x"
   383   by (rule sup_absorb2) simp
   384 
   385 lemma sup_bot_right [simp]:
   386   "x \<squnion> \<bottom> = x"
   387   by (rule sup_absorb1) simp
   388 
   389 lemma sup_eq_bot_iff [simp]:
   390   "x \<squnion> y = \<bottom> \<longleftrightarrow> x = \<bottom> \<and> y = \<bottom>"
   391   by (simp add: eq_iff)
   392 
   393 end
   394 
   395 class bounded_lattice_top = lattice + top
   396 begin
   397 
   398 lemma sup_top_left [simp]:
   399   "\<top> \<squnion> x = \<top>"
   400   by (rule sup_absorb1) simp
   401 
   402 lemma sup_top_right [simp]:
   403   "x \<squnion> \<top> = \<top>"
   404   by (rule sup_absorb2) simp
   405 
   406 lemma inf_top_left [simp]:
   407   "\<top> \<sqinter> x = x"
   408   by (rule inf_absorb2) simp
   409 
   410 lemma inf_top_right [simp]:
   411   "x \<sqinter> \<top> = x"
   412   by (rule inf_absorb1) simp
   413 
   414 lemma inf_eq_top_iff [simp]:
   415   "x \<sqinter> y = \<top> \<longleftrightarrow> x = \<top> \<and> y = \<top>"
   416   by (simp add: eq_iff)
   417 
   418 end
   419 
   420 class bounded_lattice = bounded_lattice_bot + bounded_lattice_top
   421 begin
   422 
   423 lemma dual_bounded_lattice:
   424   "class.bounded_lattice sup greater_eq greater inf \<top> \<bottom>"
   425   by unfold_locales (auto simp add: less_le_not_le)
   426 
   427 end
   428 
   429 class boolean_algebra = distrib_lattice + bounded_lattice + minus + uminus +
   430   assumes inf_compl_bot: "x \<sqinter> - x = \<bottom>"
   431     and sup_compl_top: "x \<squnion> - x = \<top>"
   432   assumes diff_eq: "x - y = x \<sqinter> - y"
   433 begin
   434 
   435 lemma dual_boolean_algebra:
   436   "class.boolean_algebra (\<lambda>x y. x \<squnion> - y) uminus sup greater_eq greater inf \<top> \<bottom>"
   437   by (rule class.boolean_algebra.intro, rule dual_bounded_lattice, rule dual_distrib_lattice)
   438     (unfold_locales, auto simp add: inf_compl_bot sup_compl_top diff_eq)
   439 
   440 lemma compl_inf_bot [simp]:
   441   "- x \<sqinter> x = \<bottom>"
   442   by (simp add: inf_commute inf_compl_bot)
   443 
   444 lemma compl_sup_top [simp]:
   445   "- x \<squnion> x = \<top>"
   446   by (simp add: sup_commute sup_compl_top)
   447 
   448 lemma compl_unique:
   449   assumes "x \<sqinter> y = \<bottom>"
   450     and "x \<squnion> y = \<top>"
   451   shows "- x = y"
   452 proof -
   453   have "(x \<sqinter> - x) \<squnion> (- x \<sqinter> y) = (x \<sqinter> y) \<squnion> (- x \<sqinter> y)"
   454     using inf_compl_bot assms(1) by simp
   455   then have "(- x \<sqinter> x) \<squnion> (- x \<sqinter> y) = (y \<sqinter> x) \<squnion> (y \<sqinter> - x)"
   456     by (simp add: inf_commute)
   457   then have "- x \<sqinter> (x \<squnion> y) = y \<sqinter> (x \<squnion> - x)"
   458     by (simp add: inf_sup_distrib1)
   459   then have "- x \<sqinter> \<top> = y \<sqinter> \<top>"
   460     using sup_compl_top assms(2) by simp
   461   then show "- x = y" by simp
   462 qed
   463 
   464 lemma double_compl [simp]:
   465   "- (- x) = x"
   466   using compl_inf_bot compl_sup_top by (rule compl_unique)
   467 
   468 lemma compl_eq_compl_iff [simp]:
   469   "- x = - y \<longleftrightarrow> x = y"
   470 proof
   471   assume "- x = - y"
   472   then have "- (- x) = - (- y)" by (rule arg_cong)
   473   then show "x = y" by simp
   474 next
   475   assume "x = y"
   476   then show "- x = - y" by simp
   477 qed
   478 
   479 lemma compl_bot_eq [simp]:
   480   "- \<bottom> = \<top>"
   481 proof -
   482   from sup_compl_top have "\<bottom> \<squnion> - \<bottom> = \<top>" .
   483   then show ?thesis by simp
   484 qed
   485 
   486 lemma compl_top_eq [simp]:
   487   "- \<top> = \<bottom>"
   488 proof -
   489   from inf_compl_bot have "\<top> \<sqinter> - \<top> = \<bottom>" .
   490   then show ?thesis by simp
   491 qed
   492 
   493 lemma compl_inf [simp]:
   494   "- (x \<sqinter> y) = - x \<squnion> - y"
   495 proof (rule compl_unique)
   496   have "(x \<sqinter> y) \<sqinter> (- x \<squnion> - y) = (y \<sqinter> (x \<sqinter> - x)) \<squnion> (x \<sqinter> (y \<sqinter> - y))"
   497     by (simp only: inf_sup_distrib inf_aci)
   498   then show "(x \<sqinter> y) \<sqinter> (- x \<squnion> - y) = \<bottom>"
   499     by (simp add: inf_compl_bot)
   500 next
   501   have "(x \<sqinter> y) \<squnion> (- x \<squnion> - y) = (- y \<squnion> (x \<squnion> - x)) \<sqinter> (- x \<squnion> (y \<squnion> - y))"
   502     by (simp only: sup_inf_distrib sup_aci)
   503   then show "(x \<sqinter> y) \<squnion> (- x \<squnion> - y) = \<top>"
   504     by (simp add: sup_compl_top)
   505 qed
   506 
   507 lemma compl_sup [simp]:
   508   "- (x \<squnion> y) = - x \<sqinter> - y"
   509   using dual_boolean_algebra
   510   by (rule boolean_algebra.compl_inf)
   511 
   512 lemma compl_mono:
   513   "x \<sqsubseteq> y \<Longrightarrow> - y \<sqsubseteq> - x"
   514 proof -
   515   assume "x \<sqsubseteq> y"
   516   then have "x \<squnion> y = y" by (simp only: le_iff_sup)
   517   then have "- (x \<squnion> y) = - y" by simp
   518   then have "- x \<sqinter> - y = - y" by simp
   519   then have "- y \<sqinter> - x = - y" by (simp only: inf_commute)
   520   then show "- y \<sqsubseteq> - x" by (simp only: le_iff_inf)
   521 qed
   522 
   523 lemma compl_le_compl_iff [simp]:
   524   "- x \<sqsubseteq> - y \<longleftrightarrow> y \<sqsubseteq> x"
   525   by (auto dest: compl_mono)
   526 
   527 lemma compl_le_swap1:
   528   assumes "y \<sqsubseteq> - x" shows "x \<sqsubseteq> -y"
   529 proof -
   530   from assms have "- (- x) \<sqsubseteq> - y" by (simp only: compl_le_compl_iff)
   531   then show ?thesis by simp
   532 qed
   533 
   534 lemma compl_le_swap2:
   535   assumes "- y \<sqsubseteq> x" shows "- x \<sqsubseteq> y"
   536 proof -
   537   from assms have "- x \<sqsubseteq> - (- y)" by (simp only: compl_le_compl_iff)
   538   then show ?thesis by simp
   539 qed
   540 
   541 lemma compl_less_compl_iff: (* TODO: declare [simp] ? *)
   542   "- x \<sqsubset> - y \<longleftrightarrow> y \<sqsubset> x"
   543   by (auto simp add: less_le)
   544 
   545 lemma compl_less_swap1:
   546   assumes "y \<sqsubset> - x" shows "x \<sqsubset> - y"
   547 proof -
   548   from assms have "- (- x) \<sqsubset> - y" by (simp only: compl_less_compl_iff)
   549   then show ?thesis by simp
   550 qed
   551 
   552 lemma compl_less_swap2:
   553   assumes "- y \<sqsubset> x" shows "- x \<sqsubset> y"
   554 proof -
   555   from assms have "- x \<sqsubset> - (- y)" by (simp only: compl_less_compl_iff)
   556   then show ?thesis by simp
   557 qed
   558 
   559 end
   560 
   561 
   562 subsection {* Uniqueness of inf and sup *}
   563 
   564 lemma (in semilattice_inf) inf_unique:
   565   fixes f (infixl "\<triangle>" 70)
   566   assumes le1: "\<And>x y. x \<triangle> y \<sqsubseteq> x" and le2: "\<And>x y. x \<triangle> y \<sqsubseteq> y"
   567   and greatest: "\<And>x y z. x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<triangle> z"
   568   shows "x \<sqinter> y = x \<triangle> y"
   569 proof (rule antisym)
   570   show "x \<triangle> y \<sqsubseteq> x \<sqinter> y" by (rule le_infI) (rule le1, rule le2)
   571 next
   572   have leI: "\<And>x y z. x \<sqsubseteq> y \<Longrightarrow> x \<sqsubseteq> z \<Longrightarrow> x \<sqsubseteq> y \<triangle> z" by (blast intro: greatest)
   573   show "x \<sqinter> y \<sqsubseteq> x \<triangle> y" by (rule leI) simp_all
   574 qed
   575 
   576 lemma (in semilattice_sup) sup_unique:
   577   fixes f (infixl "\<nabla>" 70)
   578   assumes ge1 [simp]: "\<And>x y. x \<sqsubseteq> x \<nabla> y" and ge2: "\<And>x y. y \<sqsubseteq> x \<nabla> y"
   579   and least: "\<And>x y z. y \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> x \<Longrightarrow> y \<nabla> z \<sqsubseteq> x"
   580   shows "x \<squnion> y = x \<nabla> y"
   581 proof (rule antisym)
   582   show "x \<squnion> y \<sqsubseteq> x \<nabla> y" by (rule le_supI) (rule ge1, rule ge2)
   583 next
   584   have leI: "\<And>x y z. x \<sqsubseteq> z \<Longrightarrow> y \<sqsubseteq> z \<Longrightarrow> x \<nabla> y \<sqsubseteq> z" by (blast intro: least)
   585   show "x \<nabla> y \<sqsubseteq> x \<squnion> y" by (rule leI) simp_all
   586 qed
   587 
   588 
   589 subsection {* @{const min}/@{const max} on linear orders as
   590   special case of @{const inf}/@{const sup} *}
   591 
   592 sublocale linorder < min_max!: distrib_lattice min less_eq less max
   593 proof
   594   fix x y z
   595   show "max x (min y z) = min (max x y) (max x z)"
   596     by (auto simp add: min_def max_def)
   597 qed (auto simp add: min_def max_def not_le less_imp_le)
   598 
   599 lemma inf_min: "inf = (min \<Colon> 'a\<Colon>{semilattice_inf, linorder} \<Rightarrow> 'a \<Rightarrow> 'a)"
   600   by (rule ext)+ (auto intro: antisym)
   601 
   602 lemma sup_max: "sup = (max \<Colon> 'a\<Colon>{semilattice_sup, linorder} \<Rightarrow> 'a \<Rightarrow> 'a)"
   603   by (rule ext)+ (auto intro: antisym)
   604 
   605 lemmas le_maxI1 = min_max.sup_ge1
   606 lemmas le_maxI2 = min_max.sup_ge2
   607  
   608 lemmas min_ac = min_max.inf_assoc min_max.inf_commute
   609   min_max.inf.left_commute
   610 
   611 lemmas max_ac = min_max.sup_assoc min_max.sup_commute
   612   min_max.sup.left_commute
   613 
   614 
   615 subsection {* Lattice on @{typ bool} *}
   616 
   617 instantiation bool :: boolean_algebra
   618 begin
   619 
   620 definition
   621   bool_Compl_def [simp]: "uminus = Not"
   622 
   623 definition
   624   bool_diff_def [simp]: "A - B \<longleftrightarrow> A \<and> \<not> B"
   625 
   626 definition
   627   [simp]: "P \<sqinter> Q \<longleftrightarrow> P \<and> Q"
   628 
   629 definition
   630   [simp]: "P \<squnion> Q \<longleftrightarrow> P \<or> Q"
   631 
   632 instance proof
   633 qed auto
   634 
   635 end
   636 
   637 lemma sup_boolI1:
   638   "P \<Longrightarrow> P \<squnion> Q"
   639   by simp
   640 
   641 lemma sup_boolI2:
   642   "Q \<Longrightarrow> P \<squnion> Q"
   643   by simp
   644 
   645 lemma sup_boolE:
   646   "P \<squnion> Q \<Longrightarrow> (P \<Longrightarrow> R) \<Longrightarrow> (Q \<Longrightarrow> R) \<Longrightarrow> R"
   647   by auto
   648 
   649 
   650 subsection {* Lattice on @{typ "_ \<Rightarrow> _"} *}
   651 
   652 instantiation "fun" :: (type, lattice) lattice
   653 begin
   654 
   655 definition
   656   "f \<sqinter> g = (\<lambda>x. f x \<sqinter> g x)"
   657 
   658 lemma inf_apply [simp, code]:
   659   "(f \<sqinter> g) x = f x \<sqinter> g x"
   660   by (simp add: inf_fun_def)
   661 
   662 definition
   663   "f \<squnion> g = (\<lambda>x. f x \<squnion> g x)"
   664 
   665 lemma sup_apply [simp, code]:
   666   "(f \<squnion> g) x = f x \<squnion> g x"
   667   by (simp add: sup_fun_def)
   668 
   669 instance proof
   670 qed (simp_all add: le_fun_def)
   671 
   672 end
   673 
   674 instance "fun" :: (type, distrib_lattice) distrib_lattice proof
   675 qed (rule ext, simp add: sup_inf_distrib1)
   676 
   677 instance "fun" :: (type, bounded_lattice) bounded_lattice ..
   678 
   679 instantiation "fun" :: (type, uminus) uminus
   680 begin
   681 
   682 definition
   683   fun_Compl_def: "- A = (\<lambda>x. - A x)"
   684 
   685 lemma uminus_apply [simp, code]:
   686   "(- A) x = - (A x)"
   687   by (simp add: fun_Compl_def)
   688 
   689 instance ..
   690 
   691 end
   692 
   693 instantiation "fun" :: (type, minus) minus
   694 begin
   695 
   696 definition
   697   fun_diff_def: "A - B = (\<lambda>x. A x - B x)"
   698 
   699 lemma minus_apply [simp, code]:
   700   "(A - B) x = A x - B x"
   701   by (simp add: fun_diff_def)
   702 
   703 instance ..
   704 
   705 end
   706 
   707 instance "fun" :: (type, boolean_algebra) boolean_algebra proof
   708 qed (rule ext, simp_all add: inf_compl_bot sup_compl_top diff_eq)+
   709 
   710 
   711 subsection {* Lattice on unary and binary predicates *}
   712 
   713 lemma inf1I: "A x \<Longrightarrow> B x \<Longrightarrow> (A \<sqinter> B) x"
   714   by (simp add: inf_fun_def)
   715 
   716 lemma inf2I: "A x y \<Longrightarrow> B x y \<Longrightarrow> (A \<sqinter> B) x y"
   717   by (simp add: inf_fun_def)
   718 
   719 lemma inf1E: "(A \<sqinter> B) x \<Longrightarrow> (A x \<Longrightarrow> B x \<Longrightarrow> P) \<Longrightarrow> P"
   720   by (simp add: inf_fun_def)
   721 
   722 lemma inf2E: "(A \<sqinter> B) x y \<Longrightarrow> (A x y \<Longrightarrow> B x y \<Longrightarrow> P) \<Longrightarrow> P"
   723   by (simp add: inf_fun_def)
   724 
   725 lemma inf1D1: "(A \<sqinter> B) x \<Longrightarrow> A x"
   726   by (simp add: inf_fun_def)
   727 
   728 lemma inf2D1: "(A \<sqinter> B) x y \<Longrightarrow> A x y"
   729   by (simp add: inf_fun_def)
   730 
   731 lemma inf1D2: "(A \<sqinter> B) x \<Longrightarrow> B x"
   732   by (simp add: inf_fun_def)
   733 
   734 lemma inf2D2: "(A \<sqinter> B) x y \<Longrightarrow> B x y"
   735   by (simp add: inf_fun_def)
   736 
   737 lemma sup1I1: "A x \<Longrightarrow> (A \<squnion> B) x"
   738   by (simp add: sup_fun_def)
   739 
   740 lemma sup2I1: "A x y \<Longrightarrow> (A \<squnion> B) x y"
   741   by (simp add: sup_fun_def)
   742 
   743 lemma sup1I2: "B x \<Longrightarrow> (A \<squnion> B) x"
   744   by (simp add: sup_fun_def)
   745 
   746 lemma sup2I2: "B x y \<Longrightarrow> (A \<squnion> B) x y"
   747   by (simp add: sup_fun_def)
   748 
   749 lemma sup1E: "(A \<squnion> B) x \<Longrightarrow> (A x \<Longrightarrow> P) \<Longrightarrow> (B x \<Longrightarrow> P) \<Longrightarrow> P"
   750   by (simp add: sup_fun_def) iprover
   751 
   752 lemma sup2E: "(A \<squnion> B) x y \<Longrightarrow> (A x y \<Longrightarrow> P) \<Longrightarrow> (B x y \<Longrightarrow> P) \<Longrightarrow> P"
   753   by (simp add: sup_fun_def) iprover
   754 
   755 text {*
   756   \medskip Classical introduction rule: no commitment to @{text A} vs
   757   @{text B}.
   758 *}
   759 
   760 lemma sup1CI: "(\<not> B x \<Longrightarrow> A x) \<Longrightarrow> (A \<squnion> B) x"
   761   by (auto simp add: sup_fun_def)
   762 
   763 lemma sup2CI: "(\<not> B x y \<Longrightarrow> A x y) \<Longrightarrow> (A \<squnion> B) x y"
   764   by (auto simp add: sup_fun_def)
   765 
   766 
   767 no_notation
   768   less_eq (infix "\<sqsubseteq>" 50) and
   769   less (infix "\<sqsubset>" 50)
   770 
   771 end
   772