src/HOL/Library/Extended_Nat.thy
 author hoelzl Thu Nov 13 17:19:52 2014 +0100 (2014-11-13) changeset 59000 6eb0725503fc parent 58881 b9556a055632 child 59106 af691e67f71f permissions -rw-r--r--
import general theorems from AFP/Markov_Models
```     1 (*  Title:      HOL/Library/Extended_Nat.thy
```
```     2     Author:     David von Oheimb, TU Muenchen;  Florian Haftmann, TU Muenchen
```
```     3     Contributions: David Trachtenherz, TU Muenchen
```
```     4 *)
```
```     5
```
```     6 section {* Extended natural numbers (i.e. with infinity) *}
```
```     7
```
```     8 theory Extended_Nat
```
```     9 imports Main Countable
```
```    10 begin
```
```    11
```
```    12 class infinity =
```
```    13   fixes infinity :: "'a"
```
```    14
```
```    15 notation (xsymbols)
```
```    16   infinity  ("\<infinity>")
```
```    17
```
```    18 notation (HTML output)
```
```    19   infinity  ("\<infinity>")
```
```    20
```
```    21 subsection {* Type definition *}
```
```    22
```
```    23 text {*
```
```    24   We extend the standard natural numbers by a special value indicating
```
```    25   infinity.
```
```    26 *}
```
```    27
```
```    28 typedef enat = "UNIV :: nat option set" ..
```
```    29
```
```    30 text {* TODO: introduce enat as coinductive datatype, enat is just @{const of_nat} *}
```
```    31
```
```    32 definition enat :: "nat \<Rightarrow> enat" where
```
```    33   "enat n = Abs_enat (Some n)"
```
```    34
```
```    35 instantiation enat :: infinity
```
```    36 begin
```
```    37   definition "\<infinity> = Abs_enat None"
```
```    38   instance proof qed
```
```    39 end
```
```    40
```
```    41 instance enat :: countable
```
```    42 proof
```
```    43   show "\<exists>to_nat::enat \<Rightarrow> nat. inj to_nat"
```
```    44     by (rule exI[of _ "to_nat \<circ> Rep_enat"]) (simp add: inj_on_def Rep_enat_inject)
```
```    45 qed
```
```    46
```
```    47 old_rep_datatype enat "\<infinity> :: enat"
```
```    48 proof -
```
```    49   fix P i assume "\<And>j. P (enat j)" "P \<infinity>"
```
```    50   then show "P i"
```
```    51   proof induct
```
```    52     case (Abs_enat y) then show ?case
```
```    53       by (cases y rule: option.exhaust)
```
```    54          (auto simp: enat_def infinity_enat_def)
```
```    55   qed
```
```    56 qed (auto simp add: enat_def infinity_enat_def Abs_enat_inject)
```
```    57
```
```    58 declare [[coercion "enat::nat\<Rightarrow>enat"]]
```
```    59
```
```    60 lemmas enat2_cases = enat.exhaust[case_product enat.exhaust]
```
```    61 lemmas enat3_cases = enat.exhaust[case_product enat.exhaust enat.exhaust]
```
```    62
```
```    63 lemma not_infinity_eq [iff]: "(x \<noteq> \<infinity>) = (\<exists>i. x = enat i)"
```
```    64   by (cases x) auto
```
```    65
```
```    66 lemma not_enat_eq [iff]: "(\<forall>y. x \<noteq> enat y) = (x = \<infinity>)"
```
```    67   by (cases x) auto
```
```    68
```
```    69 primrec the_enat :: "enat \<Rightarrow> nat"
```
```    70   where "the_enat (enat n) = n"
```
```    71
```
```    72
```
```    73 subsection {* Constructors and numbers *}
```
```    74
```
```    75 instantiation enat :: "{zero, one}"
```
```    76 begin
```
```    77
```
```    78 definition
```
```    79   "0 = enat 0"
```
```    80
```
```    81 definition
```
```    82   "1 = enat 1"
```
```    83
```
```    84 instance ..
```
```    85
```
```    86 end
```
```    87
```
```    88 definition eSuc :: "enat \<Rightarrow> enat" where
```
```    89   "eSuc i = (case i of enat n \<Rightarrow> enat (Suc n) | \<infinity> \<Rightarrow> \<infinity>)"
```
```    90
```
```    91 lemma enat_0 [code_post]: "enat 0 = 0"
```
```    92   by (simp add: zero_enat_def)
```
```    93
```
```    94 lemma enat_1 [code_post]: "enat 1 = 1"
```
```    95   by (simp add: one_enat_def)
```
```    96
```
```    97 lemma enat_0_iff: "enat x = 0 \<longleftrightarrow> x = 0" "0 = enat x \<longleftrightarrow> x = 0"
```
```    98   by (auto simp add: zero_enat_def)
```
```    99
```
```   100 lemma enat_1_iff: "enat x = 1 \<longleftrightarrow> x = 1" "1 = enat x \<longleftrightarrow> x = 1"
```
```   101   by (auto simp add: one_enat_def)
```
```   102
```
```   103 lemma one_eSuc: "1 = eSuc 0"
```
```   104   by (simp add: zero_enat_def one_enat_def eSuc_def)
```
```   105
```
```   106 lemma infinity_ne_i0 [simp]: "(\<infinity>::enat) \<noteq> 0"
```
```   107   by (simp add: zero_enat_def)
```
```   108
```
```   109 lemma i0_ne_infinity [simp]: "0 \<noteq> (\<infinity>::enat)"
```
```   110   by (simp add: zero_enat_def)
```
```   111
```
```   112 lemma zero_one_enat_neq [simp]:
```
```   113   "\<not> 0 = (1\<Colon>enat)"
```
```   114   "\<not> 1 = (0\<Colon>enat)"
```
```   115   unfolding zero_enat_def one_enat_def by simp_all
```
```   116
```
```   117 lemma infinity_ne_i1 [simp]: "(\<infinity>::enat) \<noteq> 1"
```
```   118   by (simp add: one_enat_def)
```
```   119
```
```   120 lemma i1_ne_infinity [simp]: "1 \<noteq> (\<infinity>::enat)"
```
```   121   by (simp add: one_enat_def)
```
```   122
```
```   123 lemma eSuc_enat: "eSuc (enat n) = enat (Suc n)"
```
```   124   by (simp add: eSuc_def)
```
```   125
```
```   126 lemma eSuc_infinity [simp]: "eSuc \<infinity> = \<infinity>"
```
```   127   by (simp add: eSuc_def)
```
```   128
```
```   129 lemma eSuc_ne_0 [simp]: "eSuc n \<noteq> 0"
```
```   130   by (simp add: eSuc_def zero_enat_def split: enat.splits)
```
```   131
```
```   132 lemma zero_ne_eSuc [simp]: "0 \<noteq> eSuc n"
```
```   133   by (rule eSuc_ne_0 [symmetric])
```
```   134
```
```   135 lemma eSuc_inject [simp]: "eSuc m = eSuc n \<longleftrightarrow> m = n"
```
```   136   by (simp add: eSuc_def split: enat.splits)
```
```   137
```
```   138 lemma eSuc_enat_iff: "eSuc x = enat y \<longleftrightarrow> (\<exists>n. y = Suc n \<and> x = enat n)"
```
```   139   by (cases y) (auto simp: enat_0 eSuc_enat[symmetric])
```
```   140
```
```   141 lemma enat_eSuc_iff: "enat y = eSuc x \<longleftrightarrow> (\<exists>n. y = Suc n \<and> enat n = x)"
```
```   142   by (cases y) (auto simp: enat_0 eSuc_enat[symmetric])
```
```   143
```
```   144 subsection {* Addition *}
```
```   145
```
```   146 instantiation enat :: comm_monoid_add
```
```   147 begin
```
```   148
```
```   149 definition [nitpick_simp]:
```
```   150   "m + n = (case m of \<infinity> \<Rightarrow> \<infinity> | enat m \<Rightarrow> (case n of \<infinity> \<Rightarrow> \<infinity> | enat n \<Rightarrow> enat (m + n)))"
```
```   151
```
```   152 lemma plus_enat_simps [simp, code]:
```
```   153   fixes q :: enat
```
```   154   shows "enat m + enat n = enat (m + n)"
```
```   155     and "\<infinity> + q = \<infinity>"
```
```   156     and "q + \<infinity> = \<infinity>"
```
```   157   by (simp_all add: plus_enat_def split: enat.splits)
```
```   158
```
```   159 instance proof
```
```   160   fix n m q :: enat
```
```   161   show "n + m + q = n + (m + q)"
```
```   162     by (cases n m q rule: enat3_cases) auto
```
```   163   show "n + m = m + n"
```
```   164     by (cases n m rule: enat2_cases) auto
```
```   165   show "0 + n = n"
```
```   166     by (cases n) (simp_all add: zero_enat_def)
```
```   167 qed
```
```   168
```
```   169 end
```
```   170
```
```   171 lemma eSuc_plus_1:
```
```   172   "eSuc n = n + 1"
```
```   173   by (cases n) (simp_all add: eSuc_enat one_enat_def)
```
```   174
```
```   175 lemma plus_1_eSuc:
```
```   176   "1 + q = eSuc q"
```
```   177   "q + 1 = eSuc q"
```
```   178   by (simp_all add: eSuc_plus_1 ac_simps)
```
```   179
```
```   180 lemma iadd_Suc: "eSuc m + n = eSuc (m + n)"
```
```   181   by (simp_all add: eSuc_plus_1 ac_simps)
```
```   182
```
```   183 lemma iadd_Suc_right: "m + eSuc n = eSuc (m + n)"
```
```   184   by (simp only: add.commute[of m] iadd_Suc)
```
```   185
```
```   186 lemma iadd_is_0: "(m + n = (0::enat)) = (m = 0 \<and> n = 0)"
```
```   187   by (cases m, cases n, simp_all add: zero_enat_def)
```
```   188
```
```   189 subsection {* Multiplication *}
```
```   190
```
```   191 instantiation enat :: comm_semiring_1
```
```   192 begin
```
```   193
```
```   194 definition times_enat_def [nitpick_simp]:
```
```   195   "m * n = (case m of \<infinity> \<Rightarrow> if n = 0 then 0 else \<infinity> | enat m \<Rightarrow>
```
```   196     (case n of \<infinity> \<Rightarrow> if m = 0 then 0 else \<infinity> | enat n \<Rightarrow> enat (m * n)))"
```
```   197
```
```   198 lemma times_enat_simps [simp, code]:
```
```   199   "enat m * enat n = enat (m * n)"
```
```   200   "\<infinity> * \<infinity> = (\<infinity>::enat)"
```
```   201   "\<infinity> * enat n = (if n = 0 then 0 else \<infinity>)"
```
```   202   "enat m * \<infinity> = (if m = 0 then 0 else \<infinity>)"
```
```   203   unfolding times_enat_def zero_enat_def
```
```   204   by (simp_all split: enat.split)
```
```   205
```
```   206 instance proof
```
```   207   fix a b c :: enat
```
```   208   show "(a * b) * c = a * (b * c)"
```
```   209     unfolding times_enat_def zero_enat_def
```
```   210     by (simp split: enat.split)
```
```   211   show "a * b = b * a"
```
```   212     unfolding times_enat_def zero_enat_def
```
```   213     by (simp split: enat.split)
```
```   214   show "1 * a = a"
```
```   215     unfolding times_enat_def zero_enat_def one_enat_def
```
```   216     by (simp split: enat.split)
```
```   217   show "(a + b) * c = a * c + b * c"
```
```   218     unfolding times_enat_def zero_enat_def
```
```   219     by (simp split: enat.split add: distrib_right)
```
```   220   show "0 * a = 0"
```
```   221     unfolding times_enat_def zero_enat_def
```
```   222     by (simp split: enat.split)
```
```   223   show "a * 0 = 0"
```
```   224     unfolding times_enat_def zero_enat_def
```
```   225     by (simp split: enat.split)
```
```   226   show "(0::enat) \<noteq> 1"
```
```   227     unfolding zero_enat_def one_enat_def
```
```   228     by simp
```
```   229 qed
```
```   230
```
```   231 end
```
```   232
```
```   233 lemma mult_eSuc: "eSuc m * n = n + m * n"
```
```   234   unfolding eSuc_plus_1 by (simp add: algebra_simps)
```
```   235
```
```   236 lemma mult_eSuc_right: "m * eSuc n = m + m * n"
```
```   237   unfolding eSuc_plus_1 by (simp add: algebra_simps)
```
```   238
```
```   239 lemma of_nat_eq_enat: "of_nat n = enat n"
```
```   240   apply (induct n)
```
```   241   apply (simp add: enat_0)
```
```   242   apply (simp add: plus_1_eSuc eSuc_enat)
```
```   243   done
```
```   244
```
```   245 instance enat :: semiring_char_0 proof
```
```   246   have "inj enat" by (rule injI) simp
```
```   247   then show "inj (\<lambda>n. of_nat n :: enat)" by (simp add: of_nat_eq_enat)
```
```   248 qed
```
```   249
```
```   250 lemma imult_is_0 [simp]: "((m::enat) * n = 0) = (m = 0 \<or> n = 0)"
```
```   251   by (auto simp add: times_enat_def zero_enat_def split: enat.split)
```
```   252
```
```   253 lemma imult_is_infinity: "((a::enat) * b = \<infinity>) = (a = \<infinity> \<and> b \<noteq> 0 \<or> b = \<infinity> \<and> a \<noteq> 0)"
```
```   254   by (auto simp add: times_enat_def zero_enat_def split: enat.split)
```
```   255
```
```   256
```
```   257 subsection {* Numerals *}
```
```   258
```
```   259 lemma numeral_eq_enat:
```
```   260   "numeral k = enat (numeral k)"
```
```   261   using of_nat_eq_enat [of "numeral k"] by simp
```
```   262
```
```   263 lemma enat_numeral [code_abbrev]:
```
```   264   "enat (numeral k) = numeral k"
```
```   265   using numeral_eq_enat ..
```
```   266
```
```   267 lemma infinity_ne_numeral [simp]: "(\<infinity>::enat) \<noteq> numeral k"
```
```   268   by (simp add: numeral_eq_enat)
```
```   269
```
```   270 lemma numeral_ne_infinity [simp]: "numeral k \<noteq> (\<infinity>::enat)"
```
```   271   by (simp add: numeral_eq_enat)
```
```   272
```
```   273 lemma eSuc_numeral [simp]: "eSuc (numeral k) = numeral (k + Num.One)"
```
```   274   by (simp only: eSuc_plus_1 numeral_plus_one)
```
```   275
```
```   276 subsection {* Subtraction *}
```
```   277
```
```   278 instantiation enat :: minus
```
```   279 begin
```
```   280
```
```   281 definition diff_enat_def:
```
```   282 "a - b = (case a of (enat x) \<Rightarrow> (case b of (enat y) \<Rightarrow> enat (x - y) | \<infinity> \<Rightarrow> 0)
```
```   283           | \<infinity> \<Rightarrow> \<infinity>)"
```
```   284
```
```   285 instance ..
```
```   286
```
```   287 end
```
```   288
```
```   289 lemma idiff_enat_enat [simp, code]: "enat a - enat b = enat (a - b)"
```
```   290   by (simp add: diff_enat_def)
```
```   291
```
```   292 lemma idiff_infinity [simp, code]: "\<infinity> - n = (\<infinity>::enat)"
```
```   293   by (simp add: diff_enat_def)
```
```   294
```
```   295 lemma idiff_infinity_right [simp, code]: "enat a - \<infinity> = 0"
```
```   296   by (simp add: diff_enat_def)
```
```   297
```
```   298 lemma idiff_0 [simp]: "(0::enat) - n = 0"
```
```   299   by (cases n, simp_all add: zero_enat_def)
```
```   300
```
```   301 lemmas idiff_enat_0 [simp] = idiff_0 [unfolded zero_enat_def]
```
```   302
```
```   303 lemma idiff_0_right [simp]: "(n::enat) - 0 = n"
```
```   304   by (cases n) (simp_all add: zero_enat_def)
```
```   305
```
```   306 lemmas idiff_enat_0_right [simp] = idiff_0_right [unfolded zero_enat_def]
```
```   307
```
```   308 lemma idiff_self [simp]: "n \<noteq> \<infinity> \<Longrightarrow> (n::enat) - n = 0"
```
```   309   by (auto simp: zero_enat_def)
```
```   310
```
```   311 lemma eSuc_minus_eSuc [simp]: "eSuc n - eSuc m = n - m"
```
```   312   by (simp add: eSuc_def split: enat.split)
```
```   313
```
```   314 lemma eSuc_minus_1 [simp]: "eSuc n - 1 = n"
```
```   315   by (simp add: one_enat_def eSuc_enat[symmetric] zero_enat_def[symmetric])
```
```   316
```
```   317 (*lemmas idiff_self_eq_0_enat = idiff_self_eq_0[unfolded zero_enat_def]*)
```
```   318
```
```   319 subsection {* Ordering *}
```
```   320
```
```   321 instantiation enat :: linordered_ab_semigroup_add
```
```   322 begin
```
```   323
```
```   324 definition [nitpick_simp]:
```
```   325   "m \<le> n = (case n of enat n1 \<Rightarrow> (case m of enat m1 \<Rightarrow> m1 \<le> n1 | \<infinity> \<Rightarrow> False)
```
```   326     | \<infinity> \<Rightarrow> True)"
```
```   327
```
```   328 definition [nitpick_simp]:
```
```   329   "m < n = (case m of enat m1 \<Rightarrow> (case n of enat n1 \<Rightarrow> m1 < n1 | \<infinity> \<Rightarrow> True)
```
```   330     | \<infinity> \<Rightarrow> False)"
```
```   331
```
```   332 lemma enat_ord_simps [simp]:
```
```   333   "enat m \<le> enat n \<longleftrightarrow> m \<le> n"
```
```   334   "enat m < enat n \<longleftrightarrow> m < n"
```
```   335   "q \<le> (\<infinity>::enat)"
```
```   336   "q < (\<infinity>::enat) \<longleftrightarrow> q \<noteq> \<infinity>"
```
```   337   "(\<infinity>::enat) \<le> q \<longleftrightarrow> q = \<infinity>"
```
```   338   "(\<infinity>::enat) < q \<longleftrightarrow> False"
```
```   339   by (simp_all add: less_eq_enat_def less_enat_def split: enat.splits)
```
```   340
```
```   341 lemma numeral_le_enat_iff[simp]:
```
```   342   shows "numeral m \<le> enat n \<longleftrightarrow> numeral m \<le> n"
```
```   343 by (auto simp: numeral_eq_enat)
```
```   344
```
```   345 lemma numeral_less_enat_iff[simp]:
```
```   346   shows "numeral m < enat n \<longleftrightarrow> numeral m < n"
```
```   347 by (auto simp: numeral_eq_enat)
```
```   348
```
```   349 lemma enat_ord_code [code]:
```
```   350   "enat m \<le> enat n \<longleftrightarrow> m \<le> n"
```
```   351   "enat m < enat n \<longleftrightarrow> m < n"
```
```   352   "q \<le> (\<infinity>::enat) \<longleftrightarrow> True"
```
```   353   "enat m < \<infinity> \<longleftrightarrow> True"
```
```   354   "\<infinity> \<le> enat n \<longleftrightarrow> False"
```
```   355   "(\<infinity>::enat) < q \<longleftrightarrow> False"
```
```   356   by simp_all
```
```   357
```
```   358 instance by default
```
```   359   (auto simp add: less_eq_enat_def less_enat_def plus_enat_def split: enat.splits)
```
```   360
```
```   361 end
```
```   362
```
```   363 instance enat :: ordered_comm_semiring
```
```   364 proof
```
```   365   fix a b c :: enat
```
```   366   assume "a \<le> b" and "0 \<le> c"
```
```   367   thus "c * a \<le> c * b"
```
```   368     unfolding times_enat_def less_eq_enat_def zero_enat_def
```
```   369     by (simp split: enat.splits)
```
```   370 qed
```
```   371
```
```   372 (* BH: These equations are already proven generally for any type in
```
```   373 class linordered_semidom. However, enat is not in that class because
```
```   374 it does not have the cancellation property. Would it be worthwhile to
```
```   375 a generalize linordered_semidom to a new class that includes enat? *)
```
```   376
```
```   377 lemma enat_ord_number [simp]:
```
```   378   "(numeral m \<Colon> enat) \<le> numeral n \<longleftrightarrow> (numeral m \<Colon> nat) \<le> numeral n"
```
```   379   "(numeral m \<Colon> enat) < numeral n \<longleftrightarrow> (numeral m \<Colon> nat) < numeral n"
```
```   380   by (simp_all add: numeral_eq_enat)
```
```   381
```
```   382 lemma i0_lb [simp]: "(0\<Colon>enat) \<le> n"
```
```   383   by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   384
```
```   385 lemma ile0_eq [simp]: "n \<le> (0\<Colon>enat) \<longleftrightarrow> n = 0"
```
```   386   by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   387
```
```   388 lemma infinity_ileE [elim!]: "\<infinity> \<le> enat m \<Longrightarrow> R"
```
```   389   by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   390
```
```   391 lemma infinity_ilessE [elim!]: "\<infinity> < enat m \<Longrightarrow> R"
```
```   392   by simp
```
```   393
```
```   394 lemma not_iless0 [simp]: "\<not> n < (0\<Colon>enat)"
```
```   395   by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   396
```
```   397 lemma i0_less [simp]: "(0\<Colon>enat) < n \<longleftrightarrow> n \<noteq> 0"
```
```   398   by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   399
```
```   400 lemma eSuc_ile_mono [simp]: "eSuc n \<le> eSuc m \<longleftrightarrow> n \<le> m"
```
```   401   by (simp add: eSuc_def less_eq_enat_def split: enat.splits)
```
```   402
```
```   403 lemma eSuc_mono [simp]: "eSuc n < eSuc m \<longleftrightarrow> n < m"
```
```   404   by (simp add: eSuc_def less_enat_def split: enat.splits)
```
```   405
```
```   406 lemma ile_eSuc [simp]: "n \<le> eSuc n"
```
```   407   by (simp add: eSuc_def less_eq_enat_def split: enat.splits)
```
```   408
```
```   409 lemma not_eSuc_ilei0 [simp]: "\<not> eSuc n \<le> 0"
```
```   410   by (simp add: zero_enat_def eSuc_def less_eq_enat_def split: enat.splits)
```
```   411
```
```   412 lemma i0_iless_eSuc [simp]: "0 < eSuc n"
```
```   413   by (simp add: zero_enat_def eSuc_def less_enat_def split: enat.splits)
```
```   414
```
```   415 lemma iless_eSuc0[simp]: "(n < eSuc 0) = (n = 0)"
```
```   416   by (simp add: zero_enat_def eSuc_def less_enat_def split: enat.split)
```
```   417
```
```   418 lemma ileI1: "m < n \<Longrightarrow> eSuc m \<le> n"
```
```   419   by (simp add: eSuc_def less_eq_enat_def less_enat_def split: enat.splits)
```
```   420
```
```   421 lemma Suc_ile_eq: "enat (Suc m) \<le> n \<longleftrightarrow> enat m < n"
```
```   422   by (cases n) auto
```
```   423
```
```   424 lemma iless_Suc_eq [simp]: "enat m < eSuc n \<longleftrightarrow> enat m \<le> n"
```
```   425   by (auto simp add: eSuc_def less_enat_def split: enat.splits)
```
```   426
```
```   427 lemma imult_infinity: "(0::enat) < n \<Longrightarrow> \<infinity> * n = \<infinity>"
```
```   428   by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   429
```
```   430 lemma imult_infinity_right: "(0::enat) < n \<Longrightarrow> n * \<infinity> = \<infinity>"
```
```   431   by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   432
```
```   433 lemma enat_0_less_mult_iff: "(0 < (m::enat) * n) = (0 < m \<and> 0 < n)"
```
```   434   by (simp only: i0_less imult_is_0, simp)
```
```   435
```
```   436 lemma mono_eSuc: "mono eSuc"
```
```   437   by (simp add: mono_def)
```
```   438
```
```   439
```
```   440 lemma min_enat_simps [simp]:
```
```   441   "min (enat m) (enat n) = enat (min m n)"
```
```   442   "min q 0 = 0"
```
```   443   "min 0 q = 0"
```
```   444   "min q (\<infinity>::enat) = q"
```
```   445   "min (\<infinity>::enat) q = q"
```
```   446   by (auto simp add: min_def)
```
```   447
```
```   448 lemma max_enat_simps [simp]:
```
```   449   "max (enat m) (enat n) = enat (max m n)"
```
```   450   "max q 0 = q"
```
```   451   "max 0 q = q"
```
```   452   "max q \<infinity> = (\<infinity>::enat)"
```
```   453   "max \<infinity> q = (\<infinity>::enat)"
```
```   454   by (simp_all add: max_def)
```
```   455
```
```   456 lemma enat_ile: "n \<le> enat m \<Longrightarrow> \<exists>k. n = enat k"
```
```   457   by (cases n) simp_all
```
```   458
```
```   459 lemma enat_iless: "n < enat m \<Longrightarrow> \<exists>k. n = enat k"
```
```   460   by (cases n) simp_all
```
```   461
```
```   462 lemma chain_incr: "\<forall>i. \<exists>j. Y i < Y j ==> \<exists>j. enat k < Y j"
```
```   463 apply (induct_tac k)
```
```   464  apply (simp (no_asm) only: enat_0)
```
```   465  apply (fast intro: le_less_trans [OF i0_lb])
```
```   466 apply (erule exE)
```
```   467 apply (drule spec)
```
```   468 apply (erule exE)
```
```   469 apply (drule ileI1)
```
```   470 apply (rule eSuc_enat [THEN subst])
```
```   471 apply (rule exI)
```
```   472 apply (erule (1) le_less_trans)
```
```   473 done
```
```   474
```
```   475 instantiation enat :: "{order_bot, order_top}"
```
```   476 begin
```
```   477
```
```   478 definition bot_enat :: enat where
```
```   479   "bot_enat = 0"
```
```   480
```
```   481 definition top_enat :: enat where
```
```   482   "top_enat = \<infinity>"
```
```   483
```
```   484 instance proof
```
```   485 qed (simp_all add: bot_enat_def top_enat_def)
```
```   486
```
```   487 end
```
```   488
```
```   489 lemma finite_enat_bounded:
```
```   490   assumes le_fin: "\<And>y. y \<in> A \<Longrightarrow> y \<le> enat n"
```
```   491   shows "finite A"
```
```   492 proof (rule finite_subset)
```
```   493   show "finite (enat ` {..n})" by blast
```
```   494
```
```   495   have "A \<subseteq> {..enat n}" using le_fin by fastforce
```
```   496   also have "\<dots> \<subseteq> enat ` {..n}"
```
```   497     by (rule subsetI) (case_tac x, auto)
```
```   498   finally show "A \<subseteq> enat ` {..n}" .
```
```   499 qed
```
```   500
```
```   501
```
```   502 subsection {* Cancellation simprocs *}
```
```   503
```
```   504 lemma enat_add_left_cancel: "a + b = a + c \<longleftrightarrow> a = (\<infinity>::enat) \<or> b = c"
```
```   505   unfolding plus_enat_def by (simp split: enat.split)
```
```   506
```
```   507 lemma enat_add_left_cancel_le: "a + b \<le> a + c \<longleftrightarrow> a = (\<infinity>::enat) \<or> b \<le> c"
```
```   508   unfolding plus_enat_def by (simp split: enat.split)
```
```   509
```
```   510 lemma enat_add_left_cancel_less: "a + b < a + c \<longleftrightarrow> a \<noteq> (\<infinity>::enat) \<and> b < c"
```
```   511   unfolding plus_enat_def by (simp split: enat.split)
```
```   512
```
```   513 ML {*
```
```   514 structure Cancel_Enat_Common =
```
```   515 struct
```
```   516   (* copied from src/HOL/Tools/nat_numeral_simprocs.ML *)
```
```   517   fun find_first_t _    _ []         = raise TERM("find_first_t", [])
```
```   518     | find_first_t past u (t::terms) =
```
```   519           if u aconv t then (rev past @ terms)
```
```   520           else find_first_t (t::past) u terms
```
```   521
```
```   522   fun dest_summing (Const (@{const_name Groups.plus}, _) \$ t \$ u, ts) =
```
```   523         dest_summing (t, dest_summing (u, ts))
```
```   524     | dest_summing (t, ts) = t :: ts
```
```   525
```
```   526   val mk_sum = Arith_Data.long_mk_sum
```
```   527   fun dest_sum t = dest_summing (t, [])
```
```   528   val find_first = find_first_t []
```
```   529   val trans_tac = Numeral_Simprocs.trans_tac
```
```   530   val norm_ss =
```
```   531     simpset_of (put_simpset HOL_basic_ss @{context}
```
```   532       addsimps @{thms ac_simps add_0_left add_0_right})
```
```   533   fun norm_tac ctxt = ALLGOALS (simp_tac (put_simpset norm_ss ctxt))
```
```   534   fun simplify_meta_eq ctxt cancel_th th =
```
```   535     Arith_Data.simplify_meta_eq [] ctxt
```
```   536       ([th, cancel_th] MRS trans)
```
```   537   fun mk_eq (a, b) = HOLogic.mk_Trueprop (HOLogic.mk_eq (a, b))
```
```   538 end
```
```   539
```
```   540 structure Eq_Enat_Cancel = ExtractCommonTermFun
```
```   541 (open Cancel_Enat_Common
```
```   542   val mk_bal = HOLogic.mk_eq
```
```   543   val dest_bal = HOLogic.dest_bin @{const_name HOL.eq} @{typ enat}
```
```   544   fun simp_conv _ _ = SOME @{thm enat_add_left_cancel}
```
```   545 )
```
```   546
```
```   547 structure Le_Enat_Cancel = ExtractCommonTermFun
```
```   548 (open Cancel_Enat_Common
```
```   549   val mk_bal = HOLogic.mk_binrel @{const_name Orderings.less_eq}
```
```   550   val dest_bal = HOLogic.dest_bin @{const_name Orderings.less_eq} @{typ enat}
```
```   551   fun simp_conv _ _ = SOME @{thm enat_add_left_cancel_le}
```
```   552 )
```
```   553
```
```   554 structure Less_Enat_Cancel = ExtractCommonTermFun
```
```   555 (open Cancel_Enat_Common
```
```   556   val mk_bal = HOLogic.mk_binrel @{const_name Orderings.less}
```
```   557   val dest_bal = HOLogic.dest_bin @{const_name Orderings.less} @{typ enat}
```
```   558   fun simp_conv _ _ = SOME @{thm enat_add_left_cancel_less}
```
```   559 )
```
```   560 *}
```
```   561
```
```   562 simproc_setup enat_eq_cancel
```
```   563   ("(l::enat) + m = n" | "(l::enat) = m + n") =
```
```   564   {* fn phi => fn ctxt => fn ct => Eq_Enat_Cancel.proc ctxt (term_of ct) *}
```
```   565
```
```   566 simproc_setup enat_le_cancel
```
```   567   ("(l::enat) + m \<le> n" | "(l::enat) \<le> m + n") =
```
```   568   {* fn phi => fn ctxt => fn ct => Le_Enat_Cancel.proc ctxt (term_of ct) *}
```
```   569
```
```   570 simproc_setup enat_less_cancel
```
```   571   ("(l::enat) + m < n" | "(l::enat) < m + n") =
```
```   572   {* fn phi => fn ctxt => fn ct => Less_Enat_Cancel.proc ctxt (term_of ct) *}
```
```   573
```
```   574 text {* TODO: add regression tests for these simprocs *}
```
```   575
```
```   576 text {* TODO: add simprocs for combining and cancelling numerals *}
```
```   577
```
```   578 subsection {* Well-ordering *}
```
```   579
```
```   580 lemma less_enatE:
```
```   581   "[| n < enat m; !!k. n = enat k ==> k < m ==> P |] ==> P"
```
```   582 by (induct n) auto
```
```   583
```
```   584 lemma less_infinityE:
```
```   585   "[| n < \<infinity>; !!k. n = enat k ==> P |] ==> P"
```
```   586 by (induct n) auto
```
```   587
```
```   588 lemma enat_less_induct:
```
```   589   assumes prem: "!!n. \<forall>m::enat. m < n --> P m ==> P n" shows "P n"
```
```   590 proof -
```
```   591   have P_enat: "!!k. P (enat k)"
```
```   592     apply (rule nat_less_induct)
```
```   593     apply (rule prem, clarify)
```
```   594     apply (erule less_enatE, simp)
```
```   595     done
```
```   596   show ?thesis
```
```   597   proof (induct n)
```
```   598     fix nat
```
```   599     show "P (enat nat)" by (rule P_enat)
```
```   600   next
```
```   601     show "P \<infinity>"
```
```   602       apply (rule prem, clarify)
```
```   603       apply (erule less_infinityE)
```
```   604       apply (simp add: P_enat)
```
```   605       done
```
```   606   qed
```
```   607 qed
```
```   608
```
```   609 instance enat :: wellorder
```
```   610 proof
```
```   611   fix P and n
```
```   612   assume hyp: "(\<And>n\<Colon>enat. (\<And>m\<Colon>enat. m < n \<Longrightarrow> P m) \<Longrightarrow> P n)"
```
```   613   show "P n" by (blast intro: enat_less_induct hyp)
```
```   614 qed
```
```   615
```
```   616 subsection {* Complete Lattice *}
```
```   617
```
```   618 text {* TODO: enat as order topology? *}
```
```   619
```
```   620 instantiation enat :: complete_lattice
```
```   621 begin
```
```   622
```
```   623 definition inf_enat :: "enat \<Rightarrow> enat \<Rightarrow> enat" where
```
```   624   "inf_enat = min"
```
```   625
```
```   626 definition sup_enat :: "enat \<Rightarrow> enat \<Rightarrow> enat" where
```
```   627   "sup_enat = max"
```
```   628
```
```   629 definition Inf_enat :: "enat set \<Rightarrow> enat" where
```
```   630   "Inf_enat A = (if A = {} then \<infinity> else (LEAST x. x \<in> A))"
```
```   631
```
```   632 definition Sup_enat :: "enat set \<Rightarrow> enat" where
```
```   633   "Sup_enat A = (if A = {} then 0 else if finite A then Max A else \<infinity>)"
```
```   634 instance
```
```   635 proof
```
```   636   fix x :: "enat" and A :: "enat set"
```
```   637   { assume "x \<in> A" then show "Inf A \<le> x"
```
```   638       unfolding Inf_enat_def by (auto intro: Least_le) }
```
```   639   { assume "\<And>y. y \<in> A \<Longrightarrow> x \<le> y" then show "x \<le> Inf A"
```
```   640       unfolding Inf_enat_def
```
```   641       by (cases "A = {}") (auto intro: LeastI2_ex) }
```
```   642   { assume "x \<in> A" then show "x \<le> Sup A"
```
```   643       unfolding Sup_enat_def by (cases "finite A") auto }
```
```   644   { assume "\<And>y. y \<in> A \<Longrightarrow> y \<le> x" then show "Sup A \<le> x"
```
```   645       unfolding Sup_enat_def using finite_enat_bounded by auto }
```
```   646 qed (simp_all add:
```
```   647  inf_enat_def sup_enat_def bot_enat_def top_enat_def Inf_enat_def Sup_enat_def)
```
```   648 end
```
```   649
```
```   650 instance enat :: complete_linorder ..
```
```   651
```
```   652 subsection {* Traditional theorem names *}
```
```   653
```
```   654 lemmas enat_defs = zero_enat_def one_enat_def eSuc_def
```
```   655   plus_enat_def less_eq_enat_def less_enat_def
```
```   656
```
```   657 end
```