src/HOL/Import/HOL/HOL4Base.thy
author haftmann
Mon Jan 30 08:20:56 2006 +0100 (2006-01-30)
changeset 18851 9502ce541f01
parent 17727 83d64a461507
child 23290 c358025ad8db
permissions -rw-r--r--
adaptions to codegen_package
     1 (* AUTOMATICALLY GENERATED, DO NOT EDIT! *)
     2 
     3 theory HOL4Base imports "../HOL4Compat" "../HOL4Syntax" begin
     4 
     5 ;setup_theory bool
     6 
     7 constdefs
     8   ARB :: "'a" 
     9   "ARB == SOME x::'a::type. True"
    10 
    11 lemma ARB_DEF: "ARB = (SOME x::'a::type. True)"
    12   by (import bool ARB_DEF)
    13 
    14 constdefs
    15   IN :: "'a => ('a => bool) => bool" 
    16   "IN == %(x::'a::type) f::'a::type => bool. f x"
    17 
    18 lemma IN_DEF: "IN = (%(x::'a::type) f::'a::type => bool. f x)"
    19   by (import bool IN_DEF)
    20 
    21 constdefs
    22   RES_FORALL :: "('a => bool) => ('a => bool) => bool" 
    23   "RES_FORALL ==
    24 %(p::'a::type => bool) m::'a::type => bool. ALL x::'a::type. IN x p --> m x"
    25 
    26 lemma RES_FORALL_DEF: "RES_FORALL =
    27 (%(p::'a::type => bool) m::'a::type => bool.
    28     ALL x::'a::type. IN x p --> m x)"
    29   by (import bool RES_FORALL_DEF)
    30 
    31 constdefs
    32   RES_EXISTS :: "('a => bool) => ('a => bool) => bool" 
    33   "RES_EXISTS ==
    34 %(p::'a::type => bool) m::'a::type => bool. EX x::'a::type. IN x p & m x"
    35 
    36 lemma RES_EXISTS_DEF: "RES_EXISTS =
    37 (%(p::'a::type => bool) m::'a::type => bool. EX x::'a::type. IN x p & m x)"
    38   by (import bool RES_EXISTS_DEF)
    39 
    40 constdefs
    41   RES_EXISTS_UNIQUE :: "('a => bool) => ('a => bool) => bool" 
    42   "RES_EXISTS_UNIQUE ==
    43 %(p::'a::type => bool) m::'a::type => bool.
    44    RES_EXISTS p m &
    45    RES_FORALL p
    46     (%x::'a::type. RES_FORALL p (%y::'a::type. m x & m y --> x = y))"
    47 
    48 lemma RES_EXISTS_UNIQUE_DEF: "RES_EXISTS_UNIQUE =
    49 (%(p::'a::type => bool) m::'a::type => bool.
    50     RES_EXISTS p m &
    51     RES_FORALL p
    52      (%x::'a::type. RES_FORALL p (%y::'a::type. m x & m y --> x = y)))"
    53   by (import bool RES_EXISTS_UNIQUE_DEF)
    54 
    55 constdefs
    56   RES_SELECT :: "('a => bool) => ('a => bool) => 'a" 
    57   "RES_SELECT ==
    58 %(p::'a::type => bool) m::'a::type => bool. SOME x::'a::type. IN x p & m x"
    59 
    60 lemma RES_SELECT_DEF: "RES_SELECT =
    61 (%(p::'a::type => bool) m::'a::type => bool. SOME x::'a::type. IN x p & m x)"
    62   by (import bool RES_SELECT_DEF)
    63 
    64 lemma EXCLUDED_MIDDLE: "ALL t::bool. t | ~ t"
    65   by (import bool EXCLUDED_MIDDLE)
    66 
    67 lemma FORALL_THM: "All (f::'a::type => bool) = All f"
    68   by (import bool FORALL_THM)
    69 
    70 lemma EXISTS_THM: "Ex (f::'a::type => bool) = Ex f"
    71   by (import bool EXISTS_THM)
    72 
    73 lemma F_IMP: "ALL t::bool. ~ t --> t --> False"
    74   by (import bool F_IMP)
    75 
    76 lemma NOT_AND: "~ ((t::bool) & ~ t)"
    77   by (import bool NOT_AND)
    78 
    79 lemma AND_CLAUSES: "ALL t::bool.
    80    (True & t) = t &
    81    (t & True) = t & (False & t) = False & (t & False) = False & (t & t) = t"
    82   by (import bool AND_CLAUSES)
    83 
    84 lemma OR_CLAUSES: "ALL t::bool.
    85    (True | t) = True &
    86    (t | True) = True & (False | t) = t & (t | False) = t & (t | t) = t"
    87   by (import bool OR_CLAUSES)
    88 
    89 lemma IMP_CLAUSES: "ALL t::bool.
    90    (True --> t) = t &
    91    (t --> True) = True &
    92    (False --> t) = True & (t --> t) = True & (t --> False) = (~ t)"
    93   by (import bool IMP_CLAUSES)
    94 
    95 lemma NOT_CLAUSES: "(ALL t::bool. (~ ~ t) = t) & (~ True) = False & (~ False) = True"
    96   by (import bool NOT_CLAUSES)
    97 
    98 lemma BOOL_EQ_DISTINCT: "True ~= False & False ~= True"
    99   by (import bool BOOL_EQ_DISTINCT)
   100 
   101 lemma EQ_CLAUSES: "ALL t::bool.
   102    (True = t) = t &
   103    (t = True) = t & (False = t) = (~ t) & (t = False) = (~ t)"
   104   by (import bool EQ_CLAUSES)
   105 
   106 lemma COND_CLAUSES: "ALL (t1::'a::type) t2::'a::type.
   107    (if True then t1 else t2) = t1 & (if False then t1 else t2) = t2"
   108   by (import bool COND_CLAUSES)
   109 
   110 lemma SELECT_UNIQUE: "ALL (P::'a::type => bool) x::'a::type.
   111    (ALL y::'a::type. P y = (y = x)) --> Eps P = x"
   112   by (import bool SELECT_UNIQUE)
   113 
   114 lemma BOTH_EXISTS_AND_THM: "ALL (P::bool) Q::bool.
   115    (EX x::'a::type. P & Q) = ((EX x::'a::type. P) & (EX x::'a::type. Q))"
   116   by (import bool BOTH_EXISTS_AND_THM)
   117 
   118 lemma BOTH_FORALL_OR_THM: "ALL (P::bool) Q::bool.
   119    (ALL x::'a::type. P | Q) = ((ALL x::'a::type. P) | (ALL x::'a::type. Q))"
   120   by (import bool BOTH_FORALL_OR_THM)
   121 
   122 lemma BOTH_FORALL_IMP_THM: "ALL (P::bool) Q::bool.
   123    (ALL x::'a::type. P --> Q) =
   124    ((EX x::'a::type. P) --> (ALL x::'a::type. Q))"
   125   by (import bool BOTH_FORALL_IMP_THM)
   126 
   127 lemma BOTH_EXISTS_IMP_THM: "ALL (P::bool) Q::bool.
   128    (EX x::'a::type. P --> Q) =
   129    ((ALL x::'a::type. P) --> (EX x::'a::type. Q))"
   130   by (import bool BOTH_EXISTS_IMP_THM)
   131 
   132 lemma OR_IMP_THM: "ALL (A::bool) B::bool. (A = (B | A)) = (B --> A)"
   133   by (import bool OR_IMP_THM)
   134 
   135 lemma DE_MORGAN_THM: "ALL (A::bool) B::bool. (~ (A & B)) = (~ A | ~ B) & (~ (A | B)) = (~ A & ~ B)"
   136   by (import bool DE_MORGAN_THM)
   137 
   138 lemma IMP_F_EQ_F: "ALL t::bool. (t --> False) = (t = False)"
   139   by (import bool IMP_F_EQ_F)
   140 
   141 lemma EQ_EXPAND: "ALL (t1::bool) t2::bool. (t1 = t2) = (t1 & t2 | ~ t1 & ~ t2)"
   142   by (import bool EQ_EXPAND)
   143 
   144 lemma COND_RATOR: "ALL (b::bool) (f::'a::type => 'b::type) (g::'a::type => 'b::type)
   145    x::'a::type. (if b then f else g) x = (if b then f x else g x)"
   146   by (import bool COND_RATOR)
   147 
   148 lemma COND_ABS: "ALL (b::bool) (f::'a::type => 'b::type) g::'a::type => 'b::type.
   149    (%x::'a::type. if b then f x else g x) = (if b then f else g)"
   150   by (import bool COND_ABS)
   151 
   152 lemma COND_EXPAND: "ALL (b::bool) (t1::bool) t2::bool.
   153    (if b then t1 else t2) = ((~ b | t1) & (b | t2))"
   154   by (import bool COND_EXPAND)
   155 
   156 lemma ONE_ONE_THM: "ALL f::'a::type => 'b::type.
   157    inj f = (ALL (x1::'a::type) x2::'a::type. f x1 = f x2 --> x1 = x2)"
   158   by (import bool ONE_ONE_THM)
   159 
   160 lemma ABS_REP_THM: "(All::(('a::type => bool) => bool) => bool)
   161  (%P::'a::type => bool.
   162      (op -->::bool => bool => bool)
   163       ((Ex::(('b::type => 'a::type) => bool) => bool)
   164         ((TYPE_DEFINITION::('a::type => bool)
   165                            => ('b::type => 'a::type) => bool)
   166           P))
   167       ((Ex::(('b::type => 'a::type) => bool) => bool)
   168         (%x::'b::type => 'a::type.
   169             (Ex::(('a::type => 'b::type) => bool) => bool)
   170              (%abs::'a::type => 'b::type.
   171                  (op &::bool => bool => bool)
   172                   ((All::('b::type => bool) => bool)
   173                     (%a::'b::type.
   174                         (op =::'b::type => 'b::type => bool) (abs (x a)) a))
   175                   ((All::('a::type => bool) => bool)
   176                     (%r::'a::type.
   177                         (op =::bool => bool => bool) (P r)
   178                          ((op =::'a::type => 'a::type => bool) (x (abs r))
   179                            r)))))))"
   180   by (import bool ABS_REP_THM)
   181 
   182 lemma LET_RAND: "(P::'b::type => bool) (Let (M::'a::type) (N::'a::type => 'b::type)) =
   183 (let x::'a::type = M in P (N x))"
   184   by (import bool LET_RAND)
   185 
   186 lemma LET_RATOR: "Let (M::'a::type) (N::'a::type => 'b::type => 'c::type) (b::'b::type) =
   187 (let x::'a::type = M in N x b)"
   188   by (import bool LET_RATOR)
   189 
   190 lemma SWAP_FORALL_THM: "ALL P::'a::type => 'b::type => bool.
   191    (ALL x::'a::type. All (P x)) = (ALL (y::'b::type) x::'a::type. P x y)"
   192   by (import bool SWAP_FORALL_THM)
   193 
   194 lemma SWAP_EXISTS_THM: "ALL P::'a::type => 'b::type => bool.
   195    (EX x::'a::type. Ex (P x)) = (EX (y::'b::type) x::'a::type. P x y)"
   196   by (import bool SWAP_EXISTS_THM)
   197 
   198 lemma AND_CONG: "ALL (P::bool) (P'::bool) (Q::bool) Q'::bool.
   199    (Q --> P = P') & (P' --> Q = Q') --> (P & Q) = (P' & Q')"
   200   by (import bool AND_CONG)
   201 
   202 lemma OR_CONG: "ALL (P::bool) (P'::bool) (Q::bool) Q'::bool.
   203    (~ Q --> P = P') & (~ P' --> Q = Q') --> (P | Q) = (P' | Q')"
   204   by (import bool OR_CONG)
   205 
   206 lemma COND_CONG: "ALL (P::bool) (Q::bool) (x::'a::type) (x'::'a::type) (y::'a::type)
   207    y'::'a::type.
   208    P = Q & (Q --> x = x') & (~ Q --> y = y') -->
   209    (if P then x else y) = (if Q then x' else y')"
   210   by (import bool COND_CONG)
   211 
   212 lemma MONO_COND: "((x::bool) --> (y::bool)) -->
   213 ((z::bool) --> (w::bool)) -->
   214 (if b::bool then x else z) --> (if b then y else w)"
   215   by (import bool MONO_COND)
   216 
   217 lemma SKOLEM_THM: "ALL P::'a::type => 'b::type => bool.
   218    (ALL x::'a::type. Ex (P x)) =
   219    (EX f::'a::type => 'b::type. ALL x::'a::type. P x (f x))"
   220   by (import bool SKOLEM_THM)
   221 
   222 lemma bool_case_thm: "(ALL (e0::'a::type) e1::'a::type.
   223     (case True of True => e0 | False => e1) = e0) &
   224 (ALL (e0::'a::type) e1::'a::type.
   225     (case False of True => e0 | False => e1) = e1)"
   226   by (import bool bool_case_thm)
   227 
   228 lemma bool_case_ID: "ALL (x::'a::type) b::bool. (case b of True => x | _ => x) = x"
   229   by (import bool bool_case_ID)
   230 
   231 lemma boolAxiom: "ALL (e0::'a::type) e1::'a::type.
   232    EX x::bool => 'a::type. x True = e0 & x False = e1"
   233   by (import bool boolAxiom)
   234 
   235 lemma UEXISTS_OR_THM: "ALL (P::'a::type => bool) Q::'a::type => bool.
   236    (EX! x::'a::type. P x | Q x) --> Ex1 P | Ex1 Q"
   237   by (import bool UEXISTS_OR_THM)
   238 
   239 lemma UEXISTS_SIMP: "(EX! x::'a::type. (t::bool)) = (t & (ALL x::'a::type. All (op = x)))"
   240   by (import bool UEXISTS_SIMP)
   241 
   242 consts
   243   RES_ABSTRACT :: "('a => bool) => ('a => 'b) => 'a => 'b" 
   244 
   245 specification (RES_ABSTRACT) RES_ABSTRACT_DEF: "(ALL (p::'a::type => bool) (m::'a::type => 'b::type) x::'a::type.
   246     IN x p --> RES_ABSTRACT p m x = m x) &
   247 (ALL (p::'a::type => bool) (m1::'a::type => 'b::type)
   248     m2::'a::type => 'b::type.
   249     (ALL x::'a::type. IN x p --> m1 x = m2 x) -->
   250     RES_ABSTRACT p m1 = RES_ABSTRACT p m2)"
   251   by (import bool RES_ABSTRACT_DEF)
   252 
   253 lemma BOOL_FUN_CASES_THM: "ALL f::bool => bool.
   254    f = (%b::bool. True) |
   255    f = (%b::bool. False) | f = (%b::bool. b) | f = Not"
   256   by (import bool BOOL_FUN_CASES_THM)
   257 
   258 lemma BOOL_FUN_INDUCT: "ALL P::(bool => bool) => bool.
   259    P (%b::bool. True) & P (%b::bool. False) & P (%b::bool. b) & P Not -->
   260    All P"
   261   by (import bool BOOL_FUN_INDUCT)
   262 
   263 ;end_setup
   264 
   265 ;setup_theory combin
   266 
   267 constdefs
   268   K :: "'a => 'b => 'a" 
   269   "K == %(x::'a::type) y::'b::type. x"
   270 
   271 lemma K_DEF: "K = (%(x::'a::type) y::'b::type. x)"
   272   by (import combin K_DEF)
   273 
   274 constdefs
   275   S :: "('a => 'b => 'c) => ('a => 'b) => 'a => 'c" 
   276   "S ==
   277 %(f::'a::type => 'b::type => 'c::type) (g::'a::type => 'b::type)
   278    x::'a::type. f x (g x)"
   279 
   280 lemma S_DEF: "S =
   281 (%(f::'a::type => 'b::type => 'c::type) (g::'a::type => 'b::type)
   282     x::'a::type. f x (g x))"
   283   by (import combin S_DEF)
   284 
   285 constdefs
   286   I :: "'a => 'a" 
   287   "(op ==::('a::type => 'a::type) => ('a::type => 'a::type) => prop)
   288  (I::'a::type => 'a::type)
   289  ((S::('a::type => ('a::type => 'a::type) => 'a::type)
   290       => ('a::type => 'a::type => 'a::type) => 'a::type => 'a::type)
   291    (K::'a::type => ('a::type => 'a::type) => 'a::type)
   292    (K::'a::type => 'a::type => 'a::type))"
   293 
   294 lemma I_DEF: "(op =::('a::type => 'a::type) => ('a::type => 'a::type) => bool)
   295  (I::'a::type => 'a::type)
   296  ((S::('a::type => ('a::type => 'a::type) => 'a::type)
   297       => ('a::type => 'a::type => 'a::type) => 'a::type => 'a::type)
   298    (K::'a::type => ('a::type => 'a::type) => 'a::type)
   299    (K::'a::type => 'a::type => 'a::type))"
   300   by (import combin I_DEF)
   301 
   302 constdefs
   303   C :: "('a => 'b => 'c) => 'b => 'a => 'c" 
   304   "C == %(f::'a::type => 'b::type => 'c::type) (x::'b::type) y::'a::type. f y x"
   305 
   306 lemma C_DEF: "C =
   307 (%(f::'a::type => 'b::type => 'c::type) (x::'b::type) y::'a::type. f y x)"
   308   by (import combin C_DEF)
   309 
   310 constdefs
   311   W :: "('a => 'a => 'b) => 'a => 'b" 
   312   "W == %(f::'a::type => 'a::type => 'b::type) x::'a::type. f x x"
   313 
   314 lemma W_DEF: "W = (%(f::'a::type => 'a::type => 'b::type) x::'a::type. f x x)"
   315   by (import combin W_DEF)
   316 
   317 lemma I_THM: "ALL x::'a::type. I x = x"
   318   by (import combin I_THM)
   319 
   320 lemma I_o_ID: "ALL f::'a::type => 'b::type. I o f = f & f o I = f"
   321   by (import combin I_o_ID)
   322 
   323 ;end_setup
   324 
   325 ;setup_theory sum
   326 
   327 lemma ISL_OR_ISR: "ALL x::'a::type + 'b::type. ISL x | ISR x"
   328   by (import sum ISL_OR_ISR)
   329 
   330 lemma INL: "ALL x::'a::type + 'b::type. ISL x --> Inl (OUTL x) = x"
   331   by (import sum INL)
   332 
   333 lemma INR: "ALL x::'a::type + 'b::type. ISR x --> Inr (OUTR x) = x"
   334   by (import sum INR)
   335 
   336 lemma sum_case_cong: "ALL (M::'b::type + 'c::type) (M'::'b::type + 'c::type)
   337    (f::'b::type => 'a::type) g::'c::type => 'a::type.
   338    M = M' &
   339    (ALL x::'b::type. M' = Inl x --> f x = (f'::'b::type => 'a::type) x) &
   340    (ALL y::'c::type. M' = Inr y --> g y = (g'::'c::type => 'a::type) y) -->
   341    sum_case f g M = sum_case f' g' M'"
   342   by (import sum sum_case_cong)
   343 
   344 ;end_setup
   345 
   346 ;setup_theory one
   347 
   348 ;end_setup
   349 
   350 ;setup_theory option
   351 
   352 lemma option_CLAUSES: "(op &::bool => bool => bool)
   353  ((All::('a::type => bool) => bool)
   354    (%x::'a::type.
   355        (All::('a::type => bool) => bool)
   356         (%y::'a::type.
   357             (op =::bool => bool => bool)
   358              ((op =::'a::type option => 'a::type option => bool)
   359                ((Some::'a::type ~=> 'a::type) x)
   360                ((Some::'a::type ~=> 'a::type) y))
   361              ((op =::'a::type => 'a::type => bool) x y))))
   362  ((op &::bool => bool => bool)
   363    ((All::('a::type => bool) => bool)
   364      (%x::'a::type.
   365          (op =::'a::type => 'a::type => bool)
   366           ((the::'a::type option => 'a::type)
   367             ((Some::'a::type ~=> 'a::type) x))
   368           x))
   369    ((op &::bool => bool => bool)
   370      ((All::('a::type => bool) => bool)
   371        (%x::'a::type.
   372            (Not::bool => bool)
   373             ((op =::'a::type option => 'a::type option => bool)
   374               (None::'a::type option) ((Some::'a::type ~=> 'a::type) x))))
   375      ((op &::bool => bool => bool)
   376        ((All::('a::type => bool) => bool)
   377          (%x::'a::type.
   378              (Not::bool => bool)
   379               ((op =::'a::type option => 'a::type option => bool)
   380                 ((Some::'a::type ~=> 'a::type) x) (None::'a::type option))))
   381        ((op &::bool => bool => bool)
   382          ((All::('a::type => bool) => bool)
   383            (%x::'a::type.
   384                (op =::bool => bool => bool)
   385                 ((IS_SOME::'a::type option => bool)
   386                   ((Some::'a::type ~=> 'a::type) x))
   387                 (True::bool)))
   388          ((op &::bool => bool => bool)
   389            ((op =::bool => bool => bool)
   390              ((IS_SOME::'a::type option => bool) (None::'a::type option))
   391              (False::bool))
   392            ((op &::bool => bool => bool)
   393              ((All::('a::type option => bool) => bool)
   394                (%x::'a::type option.
   395                    (op =::bool => bool => bool)
   396                     ((IS_NONE::'a::type option => bool) x)
   397                     ((op =::'a::type option => 'a::type option => bool) x
   398                       (None::'a::type option))))
   399              ((op &::bool => bool => bool)
   400                ((All::('a::type option => bool) => bool)
   401                  (%x::'a::type option.
   402                      (op =::bool => bool => bool)
   403                       ((Not::bool => bool)
   404                         ((IS_SOME::'a::type option => bool) x))
   405                       ((op =::'a::type option => 'a::type option => bool) x
   406                         (None::'a::type option))))
   407                ((op &::bool => bool => bool)
   408                  ((All::('a::type option => bool) => bool)
   409                    (%x::'a::type option.
   410                        (op -->::bool => bool => bool)
   411                         ((IS_SOME::'a::type option => bool) x)
   412                         ((op =::'a::type option => 'a::type option => bool)
   413                           ((Some::'a::type ~=> 'a::type)
   414                             ((the::'a::type option => 'a::type) x))
   415                           x)))
   416                  ((op &::bool => bool => bool)
   417                    ((All::('a::type option => bool) => bool)
   418                      (%x::'a::type option.
   419                          (op =::'a::type option => 'a::type option => bool)
   420                           ((option_case::'a::type option
   421    => ('a::type ~=> 'a::type) => 'a::type option ~=> 'a::type)
   422                             (None::'a::type option)
   423                             (Some::'a::type ~=> 'a::type) x)
   424                           x))
   425                    ((op &::bool => bool => bool)
   426                      ((All::('a::type option => bool) => bool)
   427                        (%x::'a::type option.
   428                            (op =::'a::type option
   429                                   => 'a::type option => bool)
   430                             ((option_case::'a::type option
   431      => ('a::type ~=> 'a::type) => 'a::type option ~=> 'a::type)
   432                               x (Some::'a::type ~=> 'a::type) x)
   433                             x))
   434                      ((op &::bool => bool => bool)
   435                        ((All::('a::type option => bool) => bool)
   436                          (%x::'a::type option.
   437                              (op -->::bool => bool => bool)
   438                               ((IS_NONE::'a::type option => bool) x)
   439                               ((op =::'b::type => 'b::type => bool)
   440                                 ((option_case::'b::type
   441          => ('a::type => 'b::type) => 'a::type option => 'b::type)
   442                                   (e::'b::type) (f::'a::type => 'b::type) x)
   443                                 e)))
   444                        ((op &::bool => bool => bool)
   445                          ((All::('a::type option => bool) => bool)
   446                            (%x::'a::type option.
   447                                (op -->::bool => bool => bool)
   448                                 ((IS_SOME::'a::type option => bool) x)
   449                                 ((op =::'b::type => 'b::type => bool)
   450                                   ((option_case::'b::type
   451            => ('a::type => 'b::type) => 'a::type option => 'b::type)
   452                                     e f x)
   453                                   (f ((the::'a::type option => 'a::type)
   454  x)))))
   455                          ((op &::bool => bool => bool)
   456                            ((All::('a::type option => bool) => bool)
   457                              (%x::'a::type option.
   458                                  (op -->::bool => bool => bool)
   459                                   ((IS_SOME::'a::type option => bool) x)
   460                                   ((op =::'a::type option
   461     => 'a::type option => bool)
   462                                     ((option_case::'a::type option
   463              => ('a::type ~=> 'a::type) => 'a::type option ~=> 'a::type)
   464 (ea::'a::type option) (Some::'a::type ~=> 'a::type) x)
   465                                     x)))
   466                            ((op &::bool => bool => bool)
   467                              ((All::('b::type => bool) => bool)
   468                                (%u::'b::type.
   469                                    (All::(('a::type => 'b::type) => bool)
   470    => bool)
   471                                     (%f::'a::type => 'b::type.
   472   (op =::'b::type => 'b::type => bool)
   473    ((option_case::'b::type
   474                   => ('a::type => 'b::type) => 'a::type option => 'b::type)
   475      u f (None::'a::type option))
   476    u)))
   477                              ((op &::bool => bool => bool)
   478                                ((All::('b::type => bool) => bool)
   479                                  (%u::'b::type.
   480                                      (All::(('a::type => 'b::type) => bool)
   481      => bool)
   482 (%f::'a::type => 'b::type.
   483     (All::('a::type => bool) => bool)
   484      (%x::'a::type.
   485          (op =::'b::type => 'b::type => bool)
   486           ((option_case::'b::type
   487                          => ('a::type => 'b::type)
   488                             => 'a::type option => 'b::type)
   489             u f ((Some::'a::type ~=> 'a::type) x))
   490           (f x)))))
   491                                ((op &::bool => bool => bool)
   492                                  ((All::(('a::type => 'b::type) => bool)
   493   => bool)
   494                                    (%f::'a::type => 'b::type.
   495  (All::('a::type => bool) => bool)
   496   (%x::'a::type.
   497       (op =::'b::type option => 'b::type option => bool)
   498        ((option_map::('a::type => 'b::type) => 'a::type option ~=> 'b::type)
   499          f ((Some::'a::type ~=> 'a::type) x))
   500        ((Some::'b::type ~=> 'b::type) (f x)))))
   501                                  ((op &::bool => bool => bool)
   502                                    ((All::(('a::type => 'b::type) => bool)
   503     => bool)
   504                                      (%f::'a::type => 'b::type.
   505    (op =::'b::type option => 'b::type option => bool)
   506     ((option_map::('a::type => 'b::type) => 'a::type option ~=> 'b::type) f
   507       (None::'a::type option))
   508     (None::'b::type option)))
   509                                    ((op &::bool => bool => bool)
   510                                      ((op =::'a::type option
   511        => 'a::type option => bool)
   512  ((OPTION_JOIN::'a::type option option ~=> 'a::type)
   513    (None::'a::type option option))
   514  (None::'a::type option))
   515                                      ((All::('a::type option => bool)
   516       => bool)
   517  (%x::'a::type option.
   518      (op =::'a::type option => 'a::type option => bool)
   519       ((OPTION_JOIN::'a::type option option ~=> 'a::type)
   520         ((Some::'a::type option ~=> 'a::type option) x))
   521       x))))))))))))))))))))"
   522   by (import option option_CLAUSES)
   523 
   524 lemma option_case_compute: "option_case (e::'b::type) (f::'a::type => 'b::type) (x::'a::type option) =
   525 (if IS_SOME x then f (the x) else e)"
   526   by (import option option_case_compute)
   527 
   528 lemma OPTION_MAP_EQ_SOME: "ALL (f::'a::type => 'b::type) (x::'a::type option) y::'b::type.
   529    (option_map f x = Some y) = (EX z::'a::type. x = Some z & y = f z)"
   530   by (import option OPTION_MAP_EQ_SOME)
   531 
   532 lemma OPTION_JOIN_EQ_SOME: "ALL (x::'a::type option option) xa::'a::type.
   533    (OPTION_JOIN x = Some xa) = (x = Some (Some xa))"
   534   by (import option OPTION_JOIN_EQ_SOME)
   535 
   536 lemma option_case_cong: "ALL (M::'a::type option) (M'::'a::type option) (u::'b::type)
   537    f::'a::type => 'b::type.
   538    M = M' &
   539    (M' = None --> u = (u'::'b::type)) &
   540    (ALL x::'a::type. M' = Some x --> f x = (f'::'a::type => 'b::type) x) -->
   541    option_case u f M = option_case u' f' M'"
   542   by (import option option_case_cong)
   543 
   544 ;end_setup
   545 
   546 ;setup_theory marker
   547 
   548 consts
   549   stmarker :: "'a => 'a" 
   550 
   551 defs
   552   stmarker_primdef: "stmarker == %x::'a::type. x"
   553 
   554 lemma stmarker_def: "ALL x::'a::type. stmarker x = x"
   555   by (import marker stmarker_def)
   556 
   557 lemma move_left_conj: "ALL (x::bool) (xa::bool) xb::bool.
   558    (x & stmarker xb) = (stmarker xb & x) &
   559    ((stmarker xb & x) & xa) = (stmarker xb & x & xa) &
   560    (x & stmarker xb & xa) = (stmarker xb & x & xa)"
   561   by (import marker move_left_conj)
   562 
   563 lemma move_right_conj: "ALL (x::bool) (xa::bool) xb::bool.
   564    (stmarker xb & x) = (x & stmarker xb) &
   565    (x & xa & stmarker xb) = ((x & xa) & stmarker xb) &
   566    ((x & stmarker xb) & xa) = ((x & xa) & stmarker xb)"
   567   by (import marker move_right_conj)
   568 
   569 lemma move_left_disj: "ALL (x::bool) (xa::bool) xb::bool.
   570    (x | stmarker xb) = (stmarker xb | x) &
   571    ((stmarker xb | x) | xa) = (stmarker xb | x | xa) &
   572    (x | stmarker xb | xa) = (stmarker xb | x | xa)"
   573   by (import marker move_left_disj)
   574 
   575 lemma move_right_disj: "ALL (x::bool) (xa::bool) xb::bool.
   576    (stmarker xb | x) = (x | stmarker xb) &
   577    (x | xa | stmarker xb) = ((x | xa) | stmarker xb) &
   578    ((x | stmarker xb) | xa) = ((x | xa) | stmarker xb)"
   579   by (import marker move_right_disj)
   580 
   581 ;end_setup
   582 
   583 ;setup_theory relation
   584 
   585 constdefs
   586   TC :: "('a => 'a => bool) => 'a => 'a => bool" 
   587   "TC ==
   588 %(R::'a::type => 'a::type => bool) (a::'a::type) b::'a::type.
   589    ALL P::'a::type => 'a::type => bool.
   590       (ALL (x::'a::type) y::'a::type. R x y --> P x y) &
   591       (ALL (x::'a::type) (y::'a::type) z::'a::type.
   592           P x y & P y z --> P x z) -->
   593       P a b"
   594 
   595 lemma TC_DEF: "ALL (R::'a::type => 'a::type => bool) (a::'a::type) b::'a::type.
   596    TC R a b =
   597    (ALL P::'a::type => 'a::type => bool.
   598        (ALL (x::'a::type) y::'a::type. R x y --> P x y) &
   599        (ALL (x::'a::type) (y::'a::type) z::'a::type.
   600            P x y & P y z --> P x z) -->
   601        P a b)"
   602   by (import relation TC_DEF)
   603 
   604 constdefs
   605   RTC :: "('a => 'a => bool) => 'a => 'a => bool" 
   606   "RTC ==
   607 %(R::'a::type => 'a::type => bool) (a::'a::type) b::'a::type.
   608    ALL P::'a::type => 'a::type => bool.
   609       (ALL x::'a::type. P x x) &
   610       (ALL (x::'a::type) (y::'a::type) z::'a::type.
   611           R x y & P y z --> P x z) -->
   612       P a b"
   613 
   614 lemma RTC_DEF: "ALL (R::'a::type => 'a::type => bool) (a::'a::type) b::'a::type.
   615    RTC R a b =
   616    (ALL P::'a::type => 'a::type => bool.
   617        (ALL x::'a::type. P x x) &
   618        (ALL (x::'a::type) (y::'a::type) z::'a::type.
   619            R x y & P y z --> P x z) -->
   620        P a b)"
   621   by (import relation RTC_DEF)
   622 
   623 consts
   624   RC :: "('a => 'a => bool) => 'a => 'a => bool" 
   625 
   626 defs
   627   RC_primdef: "RC ==
   628 %(R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type. x = y | R x y"
   629 
   630 lemma RC_def: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   631    RC R x y = (x = y | R x y)"
   632   by (import relation RC_def)
   633 
   634 consts
   635   transitive :: "('a => 'a => bool) => bool" 
   636 
   637 defs
   638   transitive_primdef: "transitive ==
   639 %R::'a::type => 'a::type => bool.
   640    ALL (x::'a::type) (y::'a::type) z::'a::type. R x y & R y z --> R x z"
   641 
   642 lemma transitive_def: "ALL R::'a::type => 'a::type => bool.
   643    transitive R =
   644    (ALL (x::'a::type) (y::'a::type) z::'a::type. R x y & R y z --> R x z)"
   645   by (import relation transitive_def)
   646 
   647 constdefs
   648   pred_reflexive :: "('a => 'a => bool) => bool" 
   649   "pred_reflexive == %R::'a::type => 'a::type => bool. ALL x::'a::type. R x x"
   650 
   651 lemma reflexive_def: "ALL R::'a::type => 'a::type => bool.
   652    pred_reflexive R = (ALL x::'a::type. R x x)"
   653   by (import relation reflexive_def)
   654 
   655 lemma TC_TRANSITIVE: "ALL x::'a::type => 'a::type => bool. transitive (TC x)"
   656   by (import relation TC_TRANSITIVE)
   657 
   658 lemma RTC_INDUCT: "ALL (x::'a::type => 'a::type => bool) xa::'a::type => 'a::type => bool.
   659    (ALL x::'a::type. xa x x) &
   660    (ALL (xb::'a::type) (y::'a::type) z::'a::type.
   661        x xb y & xa y z --> xa xb z) -->
   662    (ALL (xb::'a::type) xc::'a::type. RTC x xb xc --> xa xb xc)"
   663   by (import relation RTC_INDUCT)
   664 
   665 lemma TC_RULES: "ALL x::'a::type => 'a::type => bool.
   666    (ALL (xa::'a::type) xb::'a::type. x xa xb --> TC x xa xb) &
   667    (ALL (xa::'a::type) (xb::'a::type) xc::'a::type.
   668        TC x xa xb & TC x xb xc --> TC x xa xc)"
   669   by (import relation TC_RULES)
   670 
   671 lemma RTC_RULES: "ALL x::'a::type => 'a::type => bool.
   672    (ALL xa::'a::type. RTC x xa xa) &
   673    (ALL (xa::'a::type) (xb::'a::type) xc::'a::type.
   674        x xa xb & RTC x xb xc --> RTC x xa xc)"
   675   by (import relation RTC_RULES)
   676 
   677 lemma RTC_STRONG_INDUCT: "ALL (R::'a::type => 'a::type => bool) P::'a::type => 'a::type => bool.
   678    (ALL x::'a::type. P x x) &
   679    (ALL (x::'a::type) (y::'a::type) z::'a::type.
   680        R x y & RTC R y z & P y z --> P x z) -->
   681    (ALL (x::'a::type) y::'a::type. RTC R x y --> P x y)"
   682   by (import relation RTC_STRONG_INDUCT)
   683 
   684 lemma RTC_RTC: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   685    RTC R x y --> (ALL z::'a::type. RTC R y z --> RTC R x z)"
   686   by (import relation RTC_RTC)
   687 
   688 lemma RTC_TRANSITIVE: "ALL x::'a::type => 'a::type => bool. transitive (RTC x)"
   689   by (import relation RTC_TRANSITIVE)
   690 
   691 lemma RTC_REFLEXIVE: "ALL R::'a::type => 'a::type => bool. pred_reflexive (RTC R)"
   692   by (import relation RTC_REFLEXIVE)
   693 
   694 lemma RC_REFLEXIVE: "ALL R::'a::type => 'a::type => bool. pred_reflexive (RC R)"
   695   by (import relation RC_REFLEXIVE)
   696 
   697 lemma TC_SUBSET: "ALL (x::'a::type => 'a::type => bool) (xa::'a::type) xb::'a::type.
   698    x xa xb --> TC x xa xb"
   699   by (import relation TC_SUBSET)
   700 
   701 lemma RTC_SUBSET: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   702    R x y --> RTC R x y"
   703   by (import relation RTC_SUBSET)
   704 
   705 lemma RC_SUBSET: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   706    R x y --> RC R x y"
   707   by (import relation RC_SUBSET)
   708 
   709 lemma RC_RTC: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   710    RC R x y --> RTC R x y"
   711   by (import relation RC_RTC)
   712 
   713 lemma TC_INDUCT: "ALL (x::'a::type => 'a::type => bool) xa::'a::type => 'a::type => bool.
   714    (ALL (xb::'a::type) y::'a::type. x xb y --> xa xb y) &
   715    (ALL (x::'a::type) (y::'a::type) z::'a::type.
   716        xa x y & xa y z --> xa x z) -->
   717    (ALL (xb::'a::type) xc::'a::type. TC x xb xc --> xa xb xc)"
   718   by (import relation TC_INDUCT)
   719 
   720 lemma TC_INDUCT_LEFT1: "ALL (x::'a::type => 'a::type => bool) xa::'a::type => 'a::type => bool.
   721    (ALL (xb::'a::type) y::'a::type. x xb y --> xa xb y) &
   722    (ALL (xb::'a::type) (y::'a::type) z::'a::type.
   723        x xb y & xa y z --> xa xb z) -->
   724    (ALL (xb::'a::type) xc::'a::type. TC x xb xc --> xa xb xc)"
   725   by (import relation TC_INDUCT_LEFT1)
   726 
   727 lemma TC_STRONG_INDUCT: "ALL (R::'a::type => 'a::type => bool) P::'a::type => 'a::type => bool.
   728    (ALL (x::'a::type) y::'a::type. R x y --> P x y) &
   729    (ALL (x::'a::type) (y::'a::type) z::'a::type.
   730        P x y & P y z & TC R x y & TC R y z --> P x z) -->
   731    (ALL (u::'a::type) v::'a::type. TC R u v --> P u v)"
   732   by (import relation TC_STRONG_INDUCT)
   733 
   734 lemma TC_STRONG_INDUCT_LEFT1: "ALL (R::'a::type => 'a::type => bool) P::'a::type => 'a::type => bool.
   735    (ALL (x::'a::type) y::'a::type. R x y --> P x y) &
   736    (ALL (x::'a::type) (y::'a::type) z::'a::type.
   737        R x y & P y z & TC R y z --> P x z) -->
   738    (ALL (u::'a::type) v::'a::type. TC R u v --> P u v)"
   739   by (import relation TC_STRONG_INDUCT_LEFT1)
   740 
   741 lemma TC_RTC: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   742    TC R x y --> RTC R x y"
   743   by (import relation TC_RTC)
   744 
   745 lemma RTC_TC_RC: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) y::'a::type.
   746    RTC R x y --> RC R x y | TC R x y"
   747   by (import relation RTC_TC_RC)
   748 
   749 lemma TC_RC_EQNS: "ALL R::'a::type => 'a::type => bool. RC (TC R) = RTC R & TC (RC R) = RTC R"
   750   by (import relation TC_RC_EQNS)
   751 
   752 lemma RC_IDEM: "ALL R::'a::type => 'a::type => bool. RC (RC R) = RC R"
   753   by (import relation RC_IDEM)
   754 
   755 lemma TC_IDEM: "ALL R::'a::type => 'a::type => bool. TC (TC R) = TC R"
   756   by (import relation TC_IDEM)
   757 
   758 lemma RTC_IDEM: "ALL R::'a::type => 'a::type => bool. RTC (RTC R) = RTC R"
   759   by (import relation RTC_IDEM)
   760 
   761 lemma RTC_CASES1: "ALL (x::'a::type => 'a::type => bool) (xa::'a::type) xb::'a::type.
   762    RTC x xa xb = (xa = xb | (EX u::'a::type. x xa u & RTC x u xb))"
   763   by (import relation RTC_CASES1)
   764 
   765 lemma RTC_CASES2: "ALL (x::'a::type => 'a::type => bool) (xa::'a::type) xb::'a::type.
   766    RTC x xa xb = (xa = xb | (EX u::'a::type. RTC x xa u & x u xb))"
   767   by (import relation RTC_CASES2)
   768 
   769 lemma RTC_CASES_RTC_TWICE: "ALL (x::'a::type => 'a::type => bool) (xa::'a::type) xb::'a::type.
   770    RTC x xa xb = (EX u::'a::type. RTC x xa u & RTC x u xb)"
   771   by (import relation RTC_CASES_RTC_TWICE)
   772 
   773 lemma TC_CASES1: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) z::'a::type.
   774    TC R x z --> R x z | (EX y::'a::type. R x y & TC R y z)"
   775   by (import relation TC_CASES1)
   776 
   777 lemma TC_CASES2: "ALL (R::'a::type => 'a::type => bool) (x::'a::type) z::'a::type.
   778    TC R x z --> R x z | (EX y::'a::type. TC R x y & R y z)"
   779   by (import relation TC_CASES2)
   780 
   781 lemma TC_MONOTONE: "ALL (R::'a::type => 'a::type => bool) Q::'a::type => 'a::type => bool.
   782    (ALL (x::'a::type) y::'a::type. R x y --> Q x y) -->
   783    (ALL (x::'a::type) y::'a::type. TC R x y --> TC Q x y)"
   784   by (import relation TC_MONOTONE)
   785 
   786 lemma RTC_MONOTONE: "ALL (R::'a::type => 'a::type => bool) Q::'a::type => 'a::type => bool.
   787    (ALL (x::'a::type) y::'a::type. R x y --> Q x y) -->
   788    (ALL (x::'a::type) y::'a::type. RTC R x y --> RTC Q x y)"
   789   by (import relation RTC_MONOTONE)
   790 
   791 constdefs
   792   WF :: "('a => 'a => bool) => bool" 
   793   "WF ==
   794 %R::'a::type => 'a::type => bool.
   795    ALL B::'a::type => bool.
   796       Ex B -->
   797       (EX min::'a::type. B min & (ALL b::'a::type. R b min --> ~ B b))"
   798 
   799 lemma WF_DEF: "ALL R::'a::type => 'a::type => bool.
   800    WF R =
   801    (ALL B::'a::type => bool.
   802        Ex B -->
   803        (EX min::'a::type. B min & (ALL b::'a::type. R b min --> ~ B b)))"
   804   by (import relation WF_DEF)
   805 
   806 lemma WF_INDUCTION_THM: "ALL R::'a::type => 'a::type => bool.
   807    WF R -->
   808    (ALL P::'a::type => bool.
   809        (ALL x::'a::type. (ALL y::'a::type. R y x --> P y) --> P x) -->
   810        All P)"
   811   by (import relation WF_INDUCTION_THM)
   812 
   813 lemma WF_NOT_REFL: "ALL (x::'a::type => 'a::type => bool) (xa::'a::type) xb::'a::type.
   814    WF x --> x xa xb --> xa ~= xb"
   815   by (import relation WF_NOT_REFL)
   816 
   817 constdefs
   818   EMPTY_REL :: "'a => 'a => bool" 
   819   "EMPTY_REL == %(x::'a::type) y::'a::type. False"
   820 
   821 lemma EMPTY_REL_DEF: "ALL (x::'a::type) y::'a::type. EMPTY_REL x y = False"
   822   by (import relation EMPTY_REL_DEF)
   823 
   824 lemma WF_EMPTY_REL: "WF EMPTY_REL"
   825   by (import relation WF_EMPTY_REL)
   826 
   827 lemma WF_SUBSET: "ALL (x::'a::type => 'a::type => bool) xa::'a::type => 'a::type => bool.
   828    WF x & (ALL (xb::'a::type) y::'a::type. xa xb y --> x xb y) --> WF xa"
   829   by (import relation WF_SUBSET)
   830 
   831 lemma WF_TC: "ALL R::'a::type => 'a::type => bool. WF R --> WF (TC R)"
   832   by (import relation WF_TC)
   833 
   834 consts
   835   inv_image :: "('b => 'b => bool) => ('a => 'b) => 'a => 'a => bool" 
   836 
   837 defs
   838   inv_image_primdef: "relation.inv_image ==
   839 %(R::'b::type => 'b::type => bool) (f::'a::type => 'b::type) (x::'a::type)
   840    y::'a::type. R (f x) (f y)"
   841 
   842 lemma inv_image_def: "ALL (R::'b::type => 'b::type => bool) f::'a::type => 'b::type.
   843    relation.inv_image R f = (%(x::'a::type) y::'a::type. R (f x) (f y))"
   844   by (import relation inv_image_def)
   845 
   846 lemma WF_inv_image: "ALL (R::'b::type => 'b::type => bool) f::'a::type => 'b::type.
   847    WF R --> WF (relation.inv_image R f)"
   848   by (import relation WF_inv_image)
   849 
   850 constdefs
   851   RESTRICT :: "('a => 'b) => ('a => 'a => bool) => 'a => 'a => 'b" 
   852   "RESTRICT ==
   853 %(f::'a::type => 'b::type) (R::'a::type => 'a::type => bool) (x::'a::type)
   854    y::'a::type. if R y x then f y else ARB"
   855 
   856 lemma RESTRICT_DEF: "ALL (f::'a::type => 'b::type) (R::'a::type => 'a::type => bool) x::'a::type.
   857    RESTRICT f R x = (%y::'a::type. if R y x then f y else ARB)"
   858   by (import relation RESTRICT_DEF)
   859 
   860 lemma RESTRICT_LEMMA: "ALL (x::'a::type => 'b::type) (xa::'a::type => 'a::type => bool)
   861    (xb::'a::type) xc::'a::type. xa xb xc --> RESTRICT x xa xc xb = x xb"
   862   by (import relation RESTRICT_LEMMA)
   863 
   864 consts
   865   approx :: "('a => 'a => bool) => (('a => 'b) => 'a => 'b) => 'a => ('a => 'b) => bool" 
   866 
   867 defs
   868   approx_primdef: "approx ==
   869 %(R::'a::type => 'a::type => bool)
   870    (M::('a::type => 'b::type) => 'a::type => 'b::type) (x::'a::type)
   871    f::'a::type => 'b::type.
   872    f = RESTRICT (%y::'a::type. M (RESTRICT f R y) y) R x"
   873 
   874 lemma approx_def: "ALL (R::'a::type => 'a::type => bool)
   875    (M::('a::type => 'b::type) => 'a::type => 'b::type) (x::'a::type)
   876    f::'a::type => 'b::type.
   877    approx R M x f = (f = RESTRICT (%y::'a::type. M (RESTRICT f R y) y) R x)"
   878   by (import relation approx_def)
   879 
   880 consts
   881   the_fun :: "('a => 'a => bool) => (('a => 'b) => 'a => 'b) => 'a => 'a => 'b" 
   882 
   883 defs
   884   the_fun_primdef: "the_fun ==
   885 %(R::'a::type => 'a::type => bool)
   886    (M::('a::type => 'b::type) => 'a::type => 'b::type) x::'a::type.
   887    Eps (approx R M x)"
   888 
   889 lemma the_fun_def: "ALL (R::'a::type => 'a::type => bool)
   890    (M::('a::type => 'b::type) => 'a::type => 'b::type) x::'a::type.
   891    the_fun R M x = Eps (approx R M x)"
   892   by (import relation the_fun_def)
   893 
   894 constdefs
   895   WFREC :: "('a => 'a => bool) => (('a => 'b) => 'a => 'b) => 'a => 'b" 
   896   "WFREC ==
   897 %(R::'a::type => 'a::type => bool)
   898    (M::('a::type => 'b::type) => 'a::type => 'b::type) x::'a::type.
   899    M (RESTRICT
   900        (the_fun (TC R)
   901          (%(f::'a::type => 'b::type) v::'a::type. M (RESTRICT f R v) v) x)
   902        R x)
   903     x"
   904 
   905 lemma WFREC_DEF: "ALL (R::'a::type => 'a::type => bool)
   906    M::('a::type => 'b::type) => 'a::type => 'b::type.
   907    WFREC R M =
   908    (%x::'a::type.
   909        M (RESTRICT
   910            (the_fun (TC R)
   911              (%(f::'a::type => 'b::type) v::'a::type. M (RESTRICT f R v) v)
   912              x)
   913            R x)
   914         x)"
   915   by (import relation WFREC_DEF)
   916 
   917 lemma WFREC_THM: "ALL (R::'a::type => 'a::type => bool)
   918    M::('a::type => 'b::type) => 'a::type => 'b::type.
   919    WF R --> (ALL x::'a::type. WFREC R M x = M (RESTRICT (WFREC R M) R x) x)"
   920   by (import relation WFREC_THM)
   921 
   922 lemma WFREC_COROLLARY: "ALL (M::('a::type => 'b::type) => 'a::type => 'b::type)
   923    (R::'a::type => 'a::type => bool) f::'a::type => 'b::type.
   924    f = WFREC R M --> WF R --> (ALL x::'a::type. f x = M (RESTRICT f R x) x)"
   925   by (import relation WFREC_COROLLARY)
   926 
   927 lemma WF_RECURSION_THM: "ALL R::'a::type => 'a::type => bool.
   928    WF R -->
   929    (ALL M::('a::type => 'b::type) => 'a::type => 'b::type.
   930        EX! f::'a::type => 'b::type.
   931           ALL x::'a::type. f x = M (RESTRICT f R x) x)"
   932   by (import relation WF_RECURSION_THM)
   933 
   934 ;end_setup
   935 
   936 ;setup_theory pair
   937 
   938 lemma CURRY_ONE_ONE_THM: "(curry (f::'a::type * 'b::type => 'c::type) =
   939  curry (g::'a::type * 'b::type => 'c::type)) =
   940 (f = g)"
   941   by (import pair CURRY_ONE_ONE_THM)
   942 
   943 lemma UNCURRY_ONE_ONE_THM: "(op =::bool => bool => bool)
   944  ((op =::('a::type * 'b::type => 'c::type)
   945          => ('a::type * 'b::type => 'c::type) => bool)
   946    ((split::('a::type => 'b::type => 'c::type)
   947             => 'a::type * 'b::type => 'c::type)
   948      (f::'a::type => 'b::type => 'c::type))
   949    ((split::('a::type => 'b::type => 'c::type)
   950             => 'a::type * 'b::type => 'c::type)
   951      (g::'a::type => 'b::type => 'c::type)))
   952  ((op =::('a::type => 'b::type => 'c::type)
   953          => ('a::type => 'b::type => 'c::type) => bool)
   954    f g)"
   955   by (import pair UNCURRY_ONE_ONE_THM)
   956 
   957 lemma pair_Axiom: "ALL f::'a::type => 'b::type => 'c::type.
   958    EX x::'a::type * 'b::type => 'c::type.
   959       ALL (xa::'a::type) y::'b::type. x (xa, y) = f xa y"
   960   by (import pair pair_Axiom)
   961 
   962 lemma UNCURRY_CONG: "ALL (M::'a::type * 'b::type) (M'::'a::type * 'b::type)
   963    f::'a::type => 'b::type => 'c::type.
   964    M = M' &
   965    (ALL (x::'a::type) y::'b::type.
   966        M' = (x, y) -->
   967        f x y = (f'::'a::type => 'b::type => 'c::type) x y) -->
   968    split f M = split f' M'"
   969   by (import pair UNCURRY_CONG)
   970 
   971 lemma ELIM_PEXISTS: "(EX p::'a::type * 'b::type.
   972     (P::'a::type => 'b::type => bool) (fst p) (snd p)) =
   973 (EX p1::'a::type. Ex (P p1))"
   974   by (import pair ELIM_PEXISTS)
   975 
   976 lemma ELIM_PFORALL: "(ALL p::'a::type * 'b::type.
   977     (P::'a::type => 'b::type => bool) (fst p) (snd p)) =
   978 (ALL p1::'a::type. All (P p1))"
   979   by (import pair ELIM_PFORALL)
   980 
   981 lemma PFORALL_THM: "(All::(('a::type => 'b::type => bool) => bool) => bool)
   982  (%x::'a::type => 'b::type => bool.
   983      (op =::bool => bool => bool)
   984       ((All::('a::type => bool) => bool)
   985         (%xa::'a::type. (All::('b::type => bool) => bool) (x xa)))
   986       ((All::('a::type * 'b::type => bool) => bool)
   987         ((split::('a::type => 'b::type => bool)
   988                  => 'a::type * 'b::type => bool)
   989           x)))"
   990   by (import pair PFORALL_THM)
   991 
   992 lemma PEXISTS_THM: "(All::(('a::type => 'b::type => bool) => bool) => bool)
   993  (%x::'a::type => 'b::type => bool.
   994      (op =::bool => bool => bool)
   995       ((Ex::('a::type => bool) => bool)
   996         (%xa::'a::type. (Ex::('b::type => bool) => bool) (x xa)))
   997       ((Ex::('a::type * 'b::type => bool) => bool)
   998         ((split::('a::type => 'b::type => bool)
   999                  => 'a::type * 'b::type => bool)
  1000           x)))"
  1001   by (import pair PEXISTS_THM)
  1002 
  1003 lemma LET2_RAND: "(All::(('c::type => 'd::type) => bool) => bool)
  1004  (%x::'c::type => 'd::type.
  1005      (All::('a::type * 'b::type => bool) => bool)
  1006       (%xa::'a::type * 'b::type.
  1007           (All::(('a::type => 'b::type => 'c::type) => bool) => bool)
  1008            (%xb::'a::type => 'b::type => 'c::type.
  1009                (op =::'d::type => 'd::type => bool)
  1010                 (x ((Let::'a::type * 'b::type
  1011                           => ('a::type * 'b::type => 'c::type) => 'c::type)
  1012                      xa ((split::('a::type => 'b::type => 'c::type)
  1013                                  => 'a::type * 'b::type => 'c::type)
  1014                           xb)))
  1015                 ((Let::'a::type * 'b::type
  1016                        => ('a::type * 'b::type => 'd::type) => 'd::type)
  1017                   xa ((split::('a::type => 'b::type => 'd::type)
  1018                               => 'a::type * 'b::type => 'd::type)
  1019                        (%(xa::'a::type) y::'b::type. x (xb xa y)))))))"
  1020   by (import pair LET2_RAND)
  1021 
  1022 lemma LET2_RATOR: "(All::('a1::type * 'a2::type => bool) => bool)
  1023  (%x::'a1::type * 'a2::type.
  1024      (All::(('a1::type => 'a2::type => 'b::type => 'c::type) => bool)
  1025            => bool)
  1026       (%xa::'a1::type => 'a2::type => 'b::type => 'c::type.
  1027           (All::('b::type => bool) => bool)
  1028            (%xb::'b::type.
  1029                (op =::'c::type => 'c::type => bool)
  1030                 ((Let::'a1::type * 'a2::type
  1031                        => ('a1::type * 'a2::type => 'b::type => 'c::type)
  1032                           => 'b::type => 'c::type)
  1033                   x ((split::('a1::type
  1034                               => 'a2::type => 'b::type => 'c::type)
  1035                              => 'a1::type * 'a2::type
  1036                                 => 'b::type => 'c::type)
  1037                       xa)
  1038                   xb)
  1039                 ((Let::'a1::type * 'a2::type
  1040                        => ('a1::type * 'a2::type => 'c::type) => 'c::type)
  1041                   x ((split::('a1::type => 'a2::type => 'c::type)
  1042                              => 'a1::type * 'a2::type => 'c::type)
  1043                       (%(x::'a1::type) y::'a2::type. xa x y xb))))))"
  1044   by (import pair LET2_RATOR)
  1045 
  1046 lemma pair_case_cong: "ALL (x::'a::type * 'b::type) (xa::'a::type * 'b::type)
  1047    xb::'a::type => 'b::type => 'c::type.
  1048    x = xa &
  1049    (ALL (x::'a::type) y::'b::type.
  1050        xa = (x, y) -->
  1051        xb x y = (f'::'a::type => 'b::type => 'c::type) x y) -->
  1052    split xb x = split f' xa"
  1053   by (import pair pair_case_cong)
  1054 
  1055 constdefs
  1056   LEX :: "('a => 'a => bool) => ('b => 'b => bool) => 'a * 'b => 'a * 'b => bool" 
  1057   "LEX ==
  1058 %(R1::'a::type => 'a::type => bool) (R2::'b::type => 'b::type => bool)
  1059    (s::'a::type, t::'b::type) (u::'a::type, v::'b::type).
  1060    R1 s u | s = u & R2 t v"
  1061 
  1062 lemma LEX_DEF: "ALL (R1::'a::type => 'a::type => bool) R2::'b::type => 'b::type => bool.
  1063    LEX R1 R2 =
  1064    (%(s::'a::type, t::'b::type) (u::'a::type, v::'b::type).
  1065        R1 s u | s = u & R2 t v)"
  1066   by (import pair LEX_DEF)
  1067 
  1068 lemma WF_LEX: "ALL (x::'a::type => 'a::type => bool) xa::'b::type => 'b::type => bool.
  1069    WF x & WF xa --> WF (LEX x xa)"
  1070   by (import pair WF_LEX)
  1071 
  1072 constdefs
  1073   RPROD :: "('a => 'a => bool) => ('b => 'b => bool) => 'a * 'b => 'a * 'b => bool" 
  1074   "RPROD ==
  1075 %(R1::'a::type => 'a::type => bool) (R2::'b::type => 'b::type => bool)
  1076    (s::'a::type, t::'b::type) (u::'a::type, v::'b::type). R1 s u & R2 t v"
  1077 
  1078 lemma RPROD_DEF: "ALL (R1::'a::type => 'a::type => bool) R2::'b::type => 'b::type => bool.
  1079    RPROD R1 R2 =
  1080    (%(s::'a::type, t::'b::type) (u::'a::type, v::'b::type). R1 s u & R2 t v)"
  1081   by (import pair RPROD_DEF)
  1082 
  1083 lemma WF_RPROD: "ALL (R::'a::type => 'a::type => bool) Q::'b::type => 'b::type => bool.
  1084    WF R & WF Q --> WF (RPROD R Q)"
  1085   by (import pair WF_RPROD)
  1086 
  1087 ;end_setup
  1088 
  1089 ;setup_theory num
  1090 
  1091 ;end_setup
  1092 
  1093 ;setup_theory prim_rec
  1094 
  1095 lemma LESS_0_0: "0 < Suc 0"
  1096   by (import prim_rec LESS_0_0)
  1097 
  1098 lemma LESS_LEMMA1: "ALL (x::nat) xa::nat. x < Suc xa --> x = xa | x < xa"
  1099   by (import prim_rec LESS_LEMMA1)
  1100 
  1101 lemma LESS_LEMMA2: "ALL (m::nat) n::nat. m = n | m < n --> m < Suc n"
  1102   by (import prim_rec LESS_LEMMA2)
  1103 
  1104 lemma LESS_THM: "ALL (m::nat) n::nat. (m < Suc n) = (m = n | m < n)"
  1105   by (import prim_rec LESS_THM)
  1106 
  1107 lemma LESS_SUC_IMP: "ALL (x::nat) xa::nat. x < Suc xa --> x ~= xa --> x < xa"
  1108   by (import prim_rec LESS_SUC_IMP)
  1109 
  1110 lemma EQ_LESS: "ALL n::nat. Suc (m::nat) = n --> m < n"
  1111   by (import prim_rec EQ_LESS)
  1112 
  1113 lemma NOT_LESS_EQ: "ALL (m::nat) n::nat. m = n --> ~ m < n"
  1114   by (import prim_rec NOT_LESS_EQ)
  1115 
  1116 constdefs
  1117   SIMP_REC_REL :: "(nat => 'a) => 'a => ('a => 'a) => nat => bool" 
  1118   "(op ==::((nat => 'a::type)
  1119          => 'a::type => ('a::type => 'a::type) => nat => bool)
  1120         => ((nat => 'a::type)
  1121             => 'a::type => ('a::type => 'a::type) => nat => bool)
  1122            => prop)
  1123  (SIMP_REC_REL::(nat => 'a::type)
  1124                 => 'a::type => ('a::type => 'a::type) => nat => bool)
  1125  (%(fun::nat => 'a::type) (x::'a::type) (f::'a::type => 'a::type) n::nat.
  1126      (op &::bool => bool => bool)
  1127       ((op =::'a::type => 'a::type => bool) (fun (0::nat)) x)
  1128       ((All::(nat => bool) => bool)
  1129         (%m::nat.
  1130             (op -->::bool => bool => bool) ((op <::nat => nat => bool) m n)
  1131              ((op =::'a::type => 'a::type => bool)
  1132                (fun ((Suc::nat => nat) m)) (f (fun m))))))"
  1133 
  1134 lemma SIMP_REC_REL: "(All::((nat => 'a::type) => bool) => bool)
  1135  (%fun::nat => 'a::type.
  1136      (All::('a::type => bool) => bool)
  1137       (%x::'a::type.
  1138           (All::(('a::type => 'a::type) => bool) => bool)
  1139            (%f::'a::type => 'a::type.
  1140                (All::(nat => bool) => bool)
  1141                 (%n::nat.
  1142                     (op =::bool => bool => bool)
  1143                      ((SIMP_REC_REL::(nat => 'a::type)
  1144                                      => 'a::type
  1145   => ('a::type => 'a::type) => nat => bool)
  1146                        fun x f n)
  1147                      ((op &::bool => bool => bool)
  1148                        ((op =::'a::type => 'a::type => bool) (fun (0::nat))
  1149                          x)
  1150                        ((All::(nat => bool) => bool)
  1151                          (%m::nat.
  1152                              (op -->::bool => bool => bool)
  1153                               ((op <::nat => nat => bool) m n)
  1154                               ((op =::'a::type => 'a::type => bool)
  1155                                 (fun ((Suc::nat => nat) m))
  1156                                 (f (fun m))))))))))"
  1157   by (import prim_rec SIMP_REC_REL)
  1158 
  1159 lemma SIMP_REC_EXISTS: "ALL (x::'a::type) (f::'a::type => 'a::type) n::nat.
  1160    EX fun::nat => 'a::type. SIMP_REC_REL fun x f n"
  1161   by (import prim_rec SIMP_REC_EXISTS)
  1162 
  1163 lemma SIMP_REC_REL_UNIQUE: "ALL (x::'a::type) (xa::'a::type => 'a::type) (xb::nat => 'a::type)
  1164    (xc::nat => 'a::type) (xd::nat) xe::nat.
  1165    SIMP_REC_REL xb x xa xd & SIMP_REC_REL xc x xa xe -->
  1166    (ALL n::nat. n < xd & n < xe --> xb n = xc n)"
  1167   by (import prim_rec SIMP_REC_REL_UNIQUE)
  1168 
  1169 lemma SIMP_REC_REL_UNIQUE_RESULT: "ALL (x::'a::type) (f::'a::type => 'a::type) n::nat.
  1170    EX! y::'a::type.
  1171       EX g::nat => 'a::type. SIMP_REC_REL g x f (Suc n) & y = g n"
  1172   by (import prim_rec SIMP_REC_REL_UNIQUE_RESULT)
  1173 
  1174 consts
  1175   SIMP_REC :: "'a => ('a => 'a) => nat => 'a" 
  1176 
  1177 specification (SIMP_REC) SIMP_REC: "ALL (x::'a::type) (f'::'a::type => 'a::type) n::nat.
  1178    EX g::nat => 'a::type.
  1179       SIMP_REC_REL g x f' (Suc n) & SIMP_REC x f' n = g n"
  1180   by (import prim_rec SIMP_REC)
  1181 
  1182 lemma LESS_SUC_SUC: "ALL m::nat. m < Suc m & m < Suc (Suc m)"
  1183   by (import prim_rec LESS_SUC_SUC)
  1184 
  1185 lemma SIMP_REC_THM: "ALL (x::'a::type) f::'a::type => 'a::type.
  1186    SIMP_REC x f 0 = x &
  1187    (ALL m::nat. SIMP_REC x f (Suc m) = f (SIMP_REC x f m))"
  1188   by (import prim_rec SIMP_REC_THM)
  1189 
  1190 constdefs
  1191   PRE :: "nat => nat" 
  1192   "PRE == %m::nat. if m = 0 then 0 else SOME n::nat. m = Suc n"
  1193 
  1194 lemma PRE_DEF: "ALL m::nat. PRE m = (if m = 0 then 0 else SOME n::nat. m = Suc n)"
  1195   by (import prim_rec PRE_DEF)
  1196 
  1197 lemma PRE: "PRE 0 = 0 & (ALL m::nat. PRE (Suc m) = m)"
  1198   by (import prim_rec PRE)
  1199 
  1200 constdefs
  1201   PRIM_REC_FUN :: "'a => ('a => nat => 'a) => nat => nat => 'a" 
  1202   "PRIM_REC_FUN ==
  1203 %(x::'a::type) f::'a::type => nat => 'a::type.
  1204    SIMP_REC (%n::nat. x) (%(fun::nat => 'a::type) n::nat. f (fun (PRE n)) n)"
  1205 
  1206 lemma PRIM_REC_FUN: "ALL (x::'a::type) f::'a::type => nat => 'a::type.
  1207    PRIM_REC_FUN x f =
  1208    SIMP_REC (%n::nat. x) (%(fun::nat => 'a::type) n::nat. f (fun (PRE n)) n)"
  1209   by (import prim_rec PRIM_REC_FUN)
  1210 
  1211 lemma PRIM_REC_EQN: "ALL (x::'a::type) f::'a::type => nat => 'a::type.
  1212    (ALL n::nat. PRIM_REC_FUN x f 0 n = x) &
  1213    (ALL (m::nat) n::nat.
  1214        PRIM_REC_FUN x f (Suc m) n = f (PRIM_REC_FUN x f m (PRE n)) n)"
  1215   by (import prim_rec PRIM_REC_EQN)
  1216 
  1217 constdefs
  1218   PRIM_REC :: "'a => ('a => nat => 'a) => nat => 'a" 
  1219   "PRIM_REC ==
  1220 %(x::'a::type) (f::'a::type => nat => 'a::type) m::nat.
  1221    PRIM_REC_FUN x f m (PRE m)"
  1222 
  1223 lemma PRIM_REC: "ALL (x::'a::type) (f::'a::type => nat => 'a::type) m::nat.
  1224    PRIM_REC x f m = PRIM_REC_FUN x f m (PRE m)"
  1225   by (import prim_rec PRIM_REC)
  1226 
  1227 lemma PRIM_REC_THM: "ALL (x::'a::type) f::'a::type => nat => 'a::type.
  1228    PRIM_REC x f 0 = x &
  1229    (ALL m::nat. PRIM_REC x f (Suc m) = f (PRIM_REC x f m) m)"
  1230   by (import prim_rec PRIM_REC_THM)
  1231 
  1232 lemma DC: "ALL (P::'a::type => bool) (R::'a::type => 'a::type => bool) a::'a::type.
  1233    P a & (ALL x::'a::type. P x --> (EX y::'a::type. P y & R x y)) -->
  1234    (EX x::nat => 'a::type.
  1235        x 0 = a & (ALL n::nat. P (x n) & R (x n) (x (Suc n))))"
  1236   by (import prim_rec DC)
  1237 
  1238 lemma num_Axiom_old: "ALL (e::'a::type) f::'a::type => nat => 'a::type.
  1239    EX! fn1::nat => 'a::type.
  1240       fn1 0 = e & (ALL n::nat. fn1 (Suc n) = f (fn1 n) n)"
  1241   by (import prim_rec num_Axiom_old)
  1242 
  1243 lemma num_Axiom: "ALL (e::'a::type) f::nat => 'a::type => 'a::type.
  1244    EX x::nat => 'a::type. x 0 = e & (ALL n::nat. x (Suc n) = f n (x n))"
  1245   by (import prim_rec num_Axiom)
  1246 
  1247 consts
  1248   wellfounded :: "('a => 'a => bool) => bool" 
  1249 
  1250 defs
  1251   wellfounded_primdef: "wellfounded ==
  1252 %R::'a::type => 'a::type => bool.
  1253    ~ (EX f::nat => 'a::type. ALL n::nat. R (f (Suc n)) (f n))"
  1254 
  1255 lemma wellfounded_def: "ALL R::'a::type => 'a::type => bool.
  1256    wellfounded R =
  1257    (~ (EX f::nat => 'a::type. ALL n::nat. R (f (Suc n)) (f n)))"
  1258   by (import prim_rec wellfounded_def)
  1259 
  1260 lemma WF_IFF_WELLFOUNDED: "ALL R::'a::type => 'a::type => bool. WF R = wellfounded R"
  1261   by (import prim_rec WF_IFF_WELLFOUNDED)
  1262 
  1263 lemma WF_PRED: "WF (%(x::nat) y::nat. y = Suc x)"
  1264   by (import prim_rec WF_PRED)
  1265 
  1266 lemma WF_LESS: "(WF::(nat => nat => bool) => bool) (op <::nat => nat => bool)"
  1267   by (import prim_rec WF_LESS)
  1268 
  1269 consts
  1270   measure :: "('a => nat) => 'a => 'a => bool" 
  1271 
  1272 defs
  1273   measure_primdef: "prim_rec.measure == relation.inv_image op <"
  1274 
  1275 lemma measure_def: "prim_rec.measure = relation.inv_image op <"
  1276   by (import prim_rec measure_def)
  1277 
  1278 lemma WF_measure: "ALL x::'a::type => nat. WF (prim_rec.measure x)"
  1279   by (import prim_rec WF_measure)
  1280 
  1281 lemma measure_thm: "ALL (x::'a::type => nat) (xa::'a::type) xb::'a::type.
  1282    prim_rec.measure x xa xb = (x xa < x xb)"
  1283   by (import prim_rec measure_thm)
  1284 
  1285 ;end_setup
  1286 
  1287 ;setup_theory arithmetic
  1288 
  1289 constdefs
  1290   nat_elim__magic :: "nat => nat" 
  1291   "nat_elim__magic == %n::nat. n"
  1292 
  1293 lemma nat_elim__magic: "ALL n::nat. nat_elim__magic n = n"
  1294   by (import arithmetic nat_elim__magic)
  1295 
  1296 consts
  1297   EVEN :: "nat => bool" 
  1298 
  1299 specification (EVEN) EVEN: "EVEN 0 = True & (ALL n::nat. EVEN (Suc n) = (~ EVEN n))"
  1300   by (import arithmetic EVEN)
  1301 
  1302 consts
  1303   ODD :: "nat => bool" 
  1304 
  1305 specification (ODD) ODD: "ODD 0 = False & (ALL n::nat. ODD (Suc n) = (~ ODD n))"
  1306   by (import arithmetic ODD)
  1307 
  1308 lemma TWO: "2 = Suc 1"
  1309   by (import arithmetic TWO)
  1310 
  1311 lemma NORM_0: "(op =::nat => nat => bool) (0::nat) (0::nat)"
  1312   by (import arithmetic NORM_0)
  1313 
  1314 lemma num_case_compute: "ALL n::nat.
  1315    nat_case (f::'a::type) (g::nat => 'a::type) n =
  1316    (if n = 0 then f else g (PRE n))"
  1317   by (import arithmetic num_case_compute)
  1318 
  1319 lemma ADD_CLAUSES: "0 + (m::nat) = m &
  1320 m + 0 = m & Suc m + (n::nat) = Suc (m + n) & m + Suc n = Suc (m + n)"
  1321   by (import arithmetic ADD_CLAUSES)
  1322 
  1323 lemma LESS_ADD: "ALL (m::nat) n::nat. n < m --> (EX p::nat. p + n = m)"
  1324   by (import arithmetic LESS_ADD)
  1325 
  1326 lemma LESS_ANTISYM: "ALL (m::nat) n::nat. ~ (m < n & n < m)"
  1327   by (import arithmetic LESS_ANTISYM)
  1328 
  1329 lemma LESS_LESS_SUC: "ALL (x::nat) xa::nat. ~ (x < xa & xa < Suc x)"
  1330   by (import arithmetic LESS_LESS_SUC)
  1331 
  1332 lemma FUN_EQ_LEMMA: "ALL (f::'a::type => bool) (x1::'a::type) x2::'a::type.
  1333    f x1 & ~ f x2 --> x1 ~= x2"
  1334   by (import arithmetic FUN_EQ_LEMMA)
  1335 
  1336 lemma LESS_NOT_SUC: "ALL (m::nat) n::nat. m < n & n ~= Suc m --> Suc m < n"
  1337   by (import arithmetic LESS_NOT_SUC)
  1338 
  1339 lemma LESS_0_CASES: "ALL m::nat. 0 = m | 0 < m"
  1340   by (import arithmetic LESS_0_CASES)
  1341 
  1342 lemma LESS_CASES_IMP: "ALL (m::nat) n::nat. ~ m < n & m ~= n --> n < m"
  1343   by (import arithmetic LESS_CASES_IMP)
  1344 
  1345 lemma LESS_CASES: "ALL (m::nat) n::nat. m < n | n <= m"
  1346   by (import arithmetic LESS_CASES)
  1347 
  1348 lemma LESS_EQ_SUC_REFL: "ALL m::nat. m <= Suc m"
  1349   by (import arithmetic LESS_EQ_SUC_REFL)
  1350 
  1351 lemma LESS_ADD_NONZERO: "ALL (m::nat) n::nat. n ~= 0 --> m < m + n"
  1352   by (import arithmetic LESS_ADD_NONZERO)
  1353 
  1354 lemma LESS_EQ_ANTISYM: "ALL (x::nat) xa::nat. ~ (x < xa & xa <= x)"
  1355   by (import arithmetic LESS_EQ_ANTISYM)
  1356 
  1357 lemma SUB_0: "ALL m::nat. 0 - m = 0 & m - 0 = m"
  1358   by (import arithmetic SUB_0)
  1359 
  1360 lemma SUC_SUB1: "ALL m::nat. Suc m - 1 = m"
  1361   by (import arithmetic SUC_SUB1)
  1362 
  1363 lemma PRE_SUB1: "ALL m::nat. PRE m = m - 1"
  1364   by (import arithmetic PRE_SUB1)
  1365 
  1366 lemma MULT_CLAUSES: "ALL (x::nat) xa::nat.
  1367    0 * x = 0 &
  1368    x * 0 = 0 &
  1369    1 * x = x &
  1370    x * 1 = x & Suc x * xa = x * xa + xa & x * Suc xa = x + x * xa"
  1371   by (import arithmetic MULT_CLAUSES)
  1372 
  1373 lemma PRE_SUB: "ALL (m::nat) n::nat. PRE (m - n) = PRE m - n"
  1374   by (import arithmetic PRE_SUB)
  1375 
  1376 lemma ADD_EQ_1: "ALL (m::nat) n::nat. (m + n = 1) = (m = 1 & n = 0 | m = 0 & n = 1)"
  1377   by (import arithmetic ADD_EQ_1)
  1378 
  1379 lemma ADD_INV_0_EQ: "ALL (m::nat) n::nat. (m + n = m) = (n = 0)"
  1380   by (import arithmetic ADD_INV_0_EQ)
  1381 
  1382 lemma PRE_SUC_EQ: "ALL (m::nat) n::nat. 0 < n --> (m = PRE n) = (Suc m = n)"
  1383   by (import arithmetic PRE_SUC_EQ)
  1384 
  1385 lemma INV_PRE_EQ: "ALL (m::nat) n::nat. 0 < m & 0 < n --> (PRE m = PRE n) = (m = n)"
  1386   by (import arithmetic INV_PRE_EQ)
  1387 
  1388 lemma LESS_SUC_NOT: "ALL (m::nat) n::nat. m < n --> ~ n < Suc m"
  1389   by (import arithmetic LESS_SUC_NOT)
  1390 
  1391 lemma ADD_EQ_SUB: "ALL (m::nat) (n::nat) p::nat. n <= p --> (m + n = p) = (m = p - n)"
  1392   by (import arithmetic ADD_EQ_SUB)
  1393 
  1394 lemma LESS_ADD_1: "ALL (x::nat) xa::nat. xa < x --> (EX xb::nat. x = xa + (xb + 1))"
  1395   by (import arithmetic LESS_ADD_1)
  1396 
  1397 lemma NOT_ODD_EQ_EVEN: "ALL (n::nat) m::nat. Suc (n + n) ~= m + m"
  1398   by (import arithmetic NOT_ODD_EQ_EVEN)
  1399 
  1400 lemma MULT_SUC_EQ: "ALL (p::nat) (m::nat) n::nat. (n * Suc p = m * Suc p) = (n = m)"
  1401   by (import arithmetic MULT_SUC_EQ)
  1402 
  1403 lemma MULT_EXP_MONO: "ALL (p::nat) (q::nat) (n::nat) m::nat.
  1404    (n * Suc q ^ p = m * Suc q ^ p) = (n = m)"
  1405   by (import arithmetic MULT_EXP_MONO)
  1406 
  1407 lemma LESS_ADD_SUC: "ALL (m::nat) n::nat. m < m + Suc n"
  1408   by (import arithmetic LESS_ADD_SUC)
  1409 
  1410 lemma LESS_OR_EQ_ADD: "ALL (n::nat) m::nat. n < m | (EX p::nat. n = p + m)"
  1411   by (import arithmetic LESS_OR_EQ_ADD)
  1412 
  1413 lemma WOP: "(All::((nat => bool) => bool) => bool)
  1414  (%P::nat => bool.
  1415      (op -->::bool => bool => bool) ((Ex::(nat => bool) => bool) P)
  1416       ((Ex::(nat => bool) => bool)
  1417         (%n::nat.
  1418             (op &::bool => bool => bool) (P n)
  1419              ((All::(nat => bool) => bool)
  1420                (%m::nat.
  1421                    (op -->::bool => bool => bool)
  1422                     ((op <::nat => nat => bool) m n)
  1423                     ((Not::bool => bool) (P m)))))))"
  1424   by (import arithmetic WOP)
  1425 
  1426 lemma INV_PRE_LESS: "ALL m>0. ALL n::nat. (PRE m < PRE n) = (m < n)"
  1427   by (import arithmetic INV_PRE_LESS)
  1428 
  1429 lemma INV_PRE_LESS_EQ: "ALL n>0. ALL m::nat. (PRE m <= PRE n) = (m <= n)"
  1430   by (import arithmetic INV_PRE_LESS_EQ)
  1431 
  1432 lemma SUB_EQ_EQ_0: "ALL (m::nat) n::nat. (m - n = m) = (m = 0 | n = 0)"
  1433   by (import arithmetic SUB_EQ_EQ_0)
  1434 
  1435 lemma SUB_LESS_OR: "ALL (m::nat) n::nat. n < m --> n <= m - 1"
  1436   by (import arithmetic SUB_LESS_OR)
  1437 
  1438 lemma LESS_SUB_ADD_LESS: "ALL (n::nat) (m::nat) i::nat. i < n - m --> i + m < n"
  1439   by (import arithmetic LESS_SUB_ADD_LESS)
  1440 
  1441 lemma LESS_EQ_SUB_LESS: "ALL (x::nat) xa::nat. xa <= x --> (ALL c::nat. (x - xa < c) = (x < xa + c))"
  1442   by (import arithmetic LESS_EQ_SUB_LESS)
  1443 
  1444 lemma NOT_SUC_LESS_EQ: "ALL (x::nat) xa::nat. (~ Suc x <= xa) = (xa <= x)"
  1445   by (import arithmetic NOT_SUC_LESS_EQ)
  1446 
  1447 lemma SUB_LESS_EQ_ADD: "ALL (m::nat) p::nat. m <= p --> (ALL n::nat. (p - m <= n) = (p <= m + n))"
  1448   by (import arithmetic SUB_LESS_EQ_ADD)
  1449 
  1450 lemma SUB_CANCEL: "ALL (x::nat) (xa::nat) xb::nat.
  1451    xa <= x & xb <= x --> (x - xa = x - xb) = (xa = xb)"
  1452   by (import arithmetic SUB_CANCEL)
  1453 
  1454 lemma NOT_EXP_0: "ALL (m::nat) n::nat. Suc n ^ m ~= 0"
  1455   by (import arithmetic NOT_EXP_0)
  1456 
  1457 lemma ZERO_LESS_EXP: "ALL (m::nat) n::nat. 0 < Suc n ^ m"
  1458   by (import arithmetic ZERO_LESS_EXP)
  1459 
  1460 lemma ODD_OR_EVEN: "ALL x::nat. EX xa::nat. x = Suc (Suc 0) * xa | x = Suc (Suc 0) * xa + 1"
  1461   by (import arithmetic ODD_OR_EVEN)
  1462 
  1463 lemma LESS_EXP_SUC_MONO: "ALL (n::nat) m::nat. Suc (Suc m) ^ n < Suc (Suc m) ^ Suc n"
  1464   by (import arithmetic LESS_EXP_SUC_MONO)
  1465 
  1466 lemma LESS_LESS_CASES: "ALL (m::nat) n::nat. m = n | m < n | n < m"
  1467   by (import arithmetic LESS_LESS_CASES)
  1468 
  1469 lemma LESS_EQUAL_ADD: "ALL (m::nat) n::nat. m <= n --> (EX p::nat. n = m + p)"
  1470   by (import arithmetic LESS_EQUAL_ADD)
  1471 
  1472 lemma MULT_EQ_1: "ALL (x::nat) y::nat. (x * y = 1) = (x = 1 & y = 1)"
  1473   by (import arithmetic MULT_EQ_1)
  1474 
  1475 consts
  1476   FACT :: "nat => nat" 
  1477 
  1478 specification (FACT) FACT: "FACT 0 = 1 & (ALL n::nat. FACT (Suc n) = Suc n * FACT n)"
  1479   by (import arithmetic FACT)
  1480 
  1481 lemma FACT_LESS: "ALL n::nat. 0 < FACT n"
  1482   by (import arithmetic FACT_LESS)
  1483 
  1484 lemma EVEN_ODD: "ALL n::nat. EVEN n = (~ ODD n)"
  1485   by (import arithmetic EVEN_ODD)
  1486 
  1487 lemma ODD_EVEN: "ALL x::nat. ODD x = (~ EVEN x)"
  1488   by (import arithmetic ODD_EVEN)
  1489 
  1490 lemma EVEN_OR_ODD: "ALL x::nat. EVEN x | ODD x"
  1491   by (import arithmetic EVEN_OR_ODD)
  1492 
  1493 lemma EVEN_AND_ODD: "ALL x::nat. ~ (EVEN x & ODD x)"
  1494   by (import arithmetic EVEN_AND_ODD)
  1495 
  1496 lemma EVEN_ADD: "ALL (m::nat) n::nat. EVEN (m + n) = (EVEN m = EVEN n)"
  1497   by (import arithmetic EVEN_ADD)
  1498 
  1499 lemma EVEN_MULT: "ALL (m::nat) n::nat. EVEN (m * n) = (EVEN m | EVEN n)"
  1500   by (import arithmetic EVEN_MULT)
  1501 
  1502 lemma ODD_ADD: "ALL (m::nat) n::nat. ODD (m + n) = (ODD m ~= ODD n)"
  1503   by (import arithmetic ODD_ADD)
  1504 
  1505 lemma ODD_MULT: "ALL (m::nat) n::nat. ODD (m * n) = (ODD m & ODD n)"
  1506   by (import arithmetic ODD_MULT)
  1507 
  1508 lemma EVEN_DOUBLE: "ALL n::nat. EVEN (2 * n)"
  1509   by (import arithmetic EVEN_DOUBLE)
  1510 
  1511 lemma ODD_DOUBLE: "ALL x::nat. ODD (Suc (2 * x))"
  1512   by (import arithmetic ODD_DOUBLE)
  1513 
  1514 lemma EVEN_ODD_EXISTS: "ALL x::nat.
  1515    (EVEN x --> (EX m::nat. x = 2 * m)) &
  1516    (ODD x --> (EX m::nat. x = Suc (2 * m)))"
  1517   by (import arithmetic EVEN_ODD_EXISTS)
  1518 
  1519 lemma EVEN_EXISTS: "ALL n::nat. EVEN n = (EX m::nat. n = 2 * m)"
  1520   by (import arithmetic EVEN_EXISTS)
  1521 
  1522 lemma ODD_EXISTS: "ALL n::nat. ODD n = (EX m::nat. n = Suc (2 * m))"
  1523   by (import arithmetic ODD_EXISTS)
  1524 
  1525 lemma NOT_SUC_LESS_EQ_0: "ALL x::nat. ~ Suc x <= 0"
  1526   by (import arithmetic NOT_SUC_LESS_EQ_0)
  1527 
  1528 lemma NOT_LEQ: "ALL (x::nat) xa::nat. (~ x <= xa) = (Suc xa <= x)"
  1529   by (import arithmetic NOT_LEQ)
  1530 
  1531 lemma NOT_NUM_EQ: "ALL (x::nat) xa::nat. (x ~= xa) = (Suc x <= xa | Suc xa <= x)"
  1532   by (import arithmetic NOT_NUM_EQ)
  1533 
  1534 lemma NOT_GREATER_EQ: "ALL (x::nat) xa::nat. (~ xa <= x) = (Suc x <= xa)"
  1535   by (import arithmetic NOT_GREATER_EQ)
  1536 
  1537 lemma SUC_ADD_SYM: "ALL (m::nat) n::nat. Suc (m + n) = Suc n + m"
  1538   by (import arithmetic SUC_ADD_SYM)
  1539 
  1540 lemma NOT_SUC_ADD_LESS_EQ: "ALL (m::nat) n::nat. ~ Suc (m + n) <= m"
  1541   by (import arithmetic NOT_SUC_ADD_LESS_EQ)
  1542 
  1543 lemma SUB_LEFT_ADD: "ALL (m::nat) (n::nat) p::nat.
  1544    m + (n - p) = (if n <= p then m else m + n - p)"
  1545   by (import arithmetic SUB_LEFT_ADD)
  1546 
  1547 lemma SUB_RIGHT_ADD: "ALL (m::nat) (n::nat) p::nat. m - n + p = (if m <= n then p else m + p - n)"
  1548   by (import arithmetic SUB_RIGHT_ADD)
  1549 
  1550 lemma SUB_LEFT_SUB: "ALL (m::nat) (n::nat) p::nat.
  1551    m - (n - p) = (if n <= p then m else m + p - n)"
  1552   by (import arithmetic SUB_LEFT_SUB)
  1553 
  1554 lemma SUB_LEFT_SUC: "ALL (m::nat) n::nat. Suc (m - n) = (if m <= n then Suc 0 else Suc m - n)"
  1555   by (import arithmetic SUB_LEFT_SUC)
  1556 
  1557 lemma SUB_LEFT_LESS_EQ: "ALL (m::nat) (n::nat) p::nat. (m <= n - p) = (m + p <= n | m <= 0)"
  1558   by (import arithmetic SUB_LEFT_LESS_EQ)
  1559 
  1560 lemma SUB_RIGHT_LESS_EQ: "ALL (m::nat) (n::nat) p::nat. (m - n <= p) = (m <= n + p)"
  1561   by (import arithmetic SUB_RIGHT_LESS_EQ)
  1562 
  1563 lemma SUB_RIGHT_LESS: "ALL (m::nat) (n::nat) p::nat. (m - n < p) = (m < n + p & 0 < p)"
  1564   by (import arithmetic SUB_RIGHT_LESS)
  1565 
  1566 lemma SUB_RIGHT_GREATER_EQ: "ALL (m::nat) (n::nat) p::nat. (p <= m - n) = (n + p <= m | p <= 0)"
  1567   by (import arithmetic SUB_RIGHT_GREATER_EQ)
  1568 
  1569 lemma SUB_LEFT_GREATER: "ALL (m::nat) (n::nat) p::nat. (n - p < m) = (n < m + p & 0 < m)"
  1570   by (import arithmetic SUB_LEFT_GREATER)
  1571 
  1572 lemma SUB_RIGHT_GREATER: "ALL (m::nat) (n::nat) p::nat. (p < m - n) = (n + p < m)"
  1573   by (import arithmetic SUB_RIGHT_GREATER)
  1574 
  1575 lemma SUB_LEFT_EQ: "ALL (m::nat) (n::nat) p::nat. (m = n - p) = (m + p = n | m <= 0 & n <= p)"
  1576   by (import arithmetic SUB_LEFT_EQ)
  1577 
  1578 lemma SUB_RIGHT_EQ: "ALL (m::nat) (n::nat) p::nat. (m - n = p) = (m = n + p | m <= n & p <= 0)"
  1579   by (import arithmetic SUB_RIGHT_EQ)
  1580 
  1581 lemma LE: "(ALL n::nat. (n <= 0) = (n = 0)) &
  1582 (ALL (m::nat) n::nat. (m <= Suc n) = (m = Suc n | m <= n))"
  1583   by (import arithmetic LE)
  1584 
  1585 lemma DA: "ALL (k::nat) n::nat. 0 < n --> (EX (x::nat) q::nat. k = q * n + x & x < n)"
  1586   by (import arithmetic DA)
  1587 
  1588 lemma DIV_LESS_EQ: "ALL n>0. ALL k::nat. k div n <= k"
  1589   by (import arithmetic DIV_LESS_EQ)
  1590 
  1591 lemma DIV_UNIQUE: "ALL (n::nat) (k::nat) q::nat.
  1592    (EX r::nat. k = q * n + r & r < n) --> k div n = q"
  1593   by (import arithmetic DIV_UNIQUE)
  1594 
  1595 lemma MOD_UNIQUE: "ALL (n::nat) (k::nat) r::nat.
  1596    (EX q::nat. k = q * n + r & r < n) --> k mod n = r"
  1597   by (import arithmetic MOD_UNIQUE)
  1598 
  1599 lemma DIV_MULT: "ALL (n::nat) r::nat. r < n --> (ALL q::nat. (q * n + r) div n = q)"
  1600   by (import arithmetic DIV_MULT)
  1601 
  1602 lemma MOD_EQ_0: "ALL n>0. ALL k::nat. k * n mod n = 0"
  1603   by (import arithmetic MOD_EQ_0)
  1604 
  1605 lemma ZERO_MOD: "(All::(nat => bool) => bool)
  1606  (%n::nat.
  1607      (op -->::bool => bool => bool) ((op <::nat => nat => bool) (0::nat) n)
  1608       ((op =::nat => nat => bool) ((op mod::nat => nat => nat) (0::nat) n)
  1609         (0::nat)))"
  1610   by (import arithmetic ZERO_MOD)
  1611 
  1612 lemma ZERO_DIV: "(All::(nat => bool) => bool)
  1613  (%n::nat.
  1614      (op -->::bool => bool => bool) ((op <::nat => nat => bool) (0::nat) n)
  1615       ((op =::nat => nat => bool) ((op div::nat => nat => nat) (0::nat) n)
  1616         (0::nat)))"
  1617   by (import arithmetic ZERO_DIV)
  1618 
  1619 lemma MOD_MULT: "ALL (n::nat) r::nat. r < n --> (ALL q::nat. (q * n + r) mod n = r)"
  1620   by (import arithmetic MOD_MULT)
  1621 
  1622 lemma MOD_TIMES: "ALL n>0. ALL (q::nat) r::nat. (q * n + r) mod n = r mod n"
  1623   by (import arithmetic MOD_TIMES)
  1624 
  1625 lemma MOD_PLUS: "ALL n>0. ALL (j::nat) k::nat. (j mod n + k mod n) mod n = (j + k) mod n"
  1626   by (import arithmetic MOD_PLUS)
  1627 
  1628 lemma MOD_MOD: "ALL n>0. ALL k::nat. k mod n mod n = k mod n"
  1629   by (import arithmetic MOD_MOD)
  1630 
  1631 lemma ADD_DIV_ADD_DIV: "ALL x>0. ALL (xa::nat) r::nat. (xa * x + r) div x = xa + r div x"
  1632   by (import arithmetic ADD_DIV_ADD_DIV)
  1633 
  1634 lemma MOD_MULT_MOD: "ALL (m::nat) n::nat.
  1635    0 < n & 0 < m --> (ALL x::nat. x mod (n * m) mod n = x mod n)"
  1636   by (import arithmetic MOD_MULT_MOD)
  1637 
  1638 lemma DIVMOD_ID: "(All::(nat => bool) => bool)
  1639  (%n::nat.
  1640      (op -->::bool => bool => bool) ((op <::nat => nat => bool) (0::nat) n)
  1641       ((op &::bool => bool => bool)
  1642         ((op =::nat => nat => bool) ((op div::nat => nat => nat) n n)
  1643           (1::nat))
  1644         ((op =::nat => nat => bool) ((op mod::nat => nat => nat) n n)
  1645           (0::nat))))"
  1646   by (import arithmetic DIVMOD_ID)
  1647 
  1648 lemma DIV_DIV_DIV_MULT: "ALL (x::nat) xa::nat.
  1649    0 < x & 0 < xa --> (ALL xb::nat. xb div x div xa = xb div (x * xa))"
  1650   by (import arithmetic DIV_DIV_DIV_MULT)
  1651 
  1652 lemma DIV_P: "ALL (P::nat => bool) (p::nat) q::nat.
  1653    0 < q --> P (p div q) = (EX (k::nat) r::nat. p = k * q + r & r < q & P k)"
  1654   by (import arithmetic DIV_P)
  1655 
  1656 lemma MOD_P: "ALL (P::nat => bool) (p::nat) q::nat.
  1657    0 < q --> P (p mod q) = (EX (k::nat) r::nat. p = k * q + r & r < q & P r)"
  1658   by (import arithmetic MOD_P)
  1659 
  1660 lemma MOD_TIMES2: "ALL n>0. ALL (j::nat) k::nat. j mod n * (k mod n) mod n = j * k mod n"
  1661   by (import arithmetic MOD_TIMES2)
  1662 
  1663 lemma MOD_COMMON_FACTOR: "ALL (n::nat) (p::nat) q::nat.
  1664    0 < n & 0 < q --> n * (p mod q) = n * p mod (n * q)"
  1665   by (import arithmetic MOD_COMMON_FACTOR)
  1666 
  1667 lemma num_case_cong: "ALL (M::nat) (M'::nat) (b::'a::type) f::nat => 'a::type.
  1668    M = M' &
  1669    (M' = 0 --> b = (b'::'a::type)) &
  1670    (ALL n::nat. M' = Suc n --> f n = (f'::nat => 'a::type) n) -->
  1671    nat_case b f M = nat_case b' f' M'"
  1672   by (import arithmetic num_case_cong)
  1673 
  1674 lemma SUC_ELIM_THM: "ALL P::nat => nat => bool.
  1675    (ALL n::nat. P (Suc n) n) = (ALL n>0. P n (n - 1))"
  1676   by (import arithmetic SUC_ELIM_THM)
  1677 
  1678 lemma SUB_ELIM_THM: "(P::nat => bool) ((a::nat) - (b::nat)) =
  1679 (ALL x::nat. (b = a + x --> P 0) & (a = b + x --> P x))"
  1680   by (import arithmetic SUB_ELIM_THM)
  1681 
  1682 lemma PRE_ELIM_THM: "(P::nat => bool) (PRE (n::nat)) =
  1683 (ALL m::nat. (n = 0 --> P 0) & (n = Suc m --> P m))"
  1684   by (import arithmetic PRE_ELIM_THM)
  1685 
  1686 lemma MULT_INCREASES: "ALL (m::nat) n::nat. 1 < m & 0 < n --> Suc n <= m * n"
  1687   by (import arithmetic MULT_INCREASES)
  1688 
  1689 lemma EXP_ALWAYS_BIG_ENOUGH: "ALL b>1. ALL n::nat. EX m::nat. n <= b ^ m"
  1690   by (import arithmetic EXP_ALWAYS_BIG_ENOUGH)
  1691 
  1692 lemma EXP_EQ_0: "ALL (n::nat) m::nat. (n ^ m = 0) = (n = 0 & 0 < m)"
  1693   by (import arithmetic EXP_EQ_0)
  1694 
  1695 lemma EXP_1: "(All::(nat => bool) => bool)
  1696  (%x::nat.
  1697      (op &::bool => bool => bool)
  1698       ((op =::nat => nat => bool) ((op ^::nat => nat => nat) (1::nat) x)
  1699         (1::nat))
  1700       ((op =::nat => nat => bool) ((op ^::nat => nat => nat) x (1::nat)) x))"
  1701   by (import arithmetic EXP_1)
  1702 
  1703 lemma EXP_EQ_1: "ALL (n::nat) m::nat. (n ^ m = 1) = (n = 1 | m = 0)"
  1704   by (import arithmetic EXP_EQ_1)
  1705 
  1706 lemma MIN_MAX_EQ: "ALL (x::nat) xa::nat. (min x xa = max x xa) = (x = xa)"
  1707   by (import arithmetic MIN_MAX_EQ)
  1708 
  1709 lemma MIN_MAX_LT: "ALL (x::nat) xa::nat. (min x xa < max x xa) = (x ~= xa)"
  1710   by (import arithmetic MIN_MAX_LT)
  1711 
  1712 lemma MIN_MAX_PRED: "ALL (P::nat => bool) (m::nat) n::nat.
  1713    P m & P n --> P (min m n) & P (max m n)"
  1714   by (import arithmetic MIN_MAX_PRED)
  1715 
  1716 lemma MIN_LT: "ALL (x::nat) xa::nat.
  1717    (min xa x < xa) = (xa ~= x & min xa x = x) &
  1718    (min xa x < x) = (xa ~= x & min xa x = xa) &
  1719    (xa < min xa x) = False & (x < min xa x) = False"
  1720   by (import arithmetic MIN_LT)
  1721 
  1722 lemma MAX_LT: "ALL (x::nat) xa::nat.
  1723    (xa < max xa x) = (xa ~= x & max xa x = x) &
  1724    (x < max xa x) = (xa ~= x & max xa x = xa) &
  1725    (max xa x < xa) = False & (max xa x < x) = False"
  1726   by (import arithmetic MAX_LT)
  1727 
  1728 lemma MIN_LE: "ALL (x::nat) xa::nat. min xa x <= xa & min xa x <= x"
  1729   by (import arithmetic MIN_LE)
  1730 
  1731 lemma MAX_LE: "ALL (x::nat) xa::nat. xa <= max xa x & x <= max xa x"
  1732   by (import arithmetic MAX_LE)
  1733 
  1734 lemma MIN_0: "ALL x::nat. min x 0 = 0 & min 0 x = 0"
  1735   by (import arithmetic MIN_0)
  1736 
  1737 lemma MAX_0: "ALL x::nat. max x 0 = x & max 0 x = x"
  1738   by (import arithmetic MAX_0)
  1739 
  1740 lemma EXISTS_GREATEST: "ALL P::nat => bool.
  1741    (Ex P & (EX x::nat. ALL y::nat. x < y --> ~ P y)) =
  1742    (EX x::nat. P x & (ALL y::nat. x < y --> ~ P y))"
  1743   by (import arithmetic EXISTS_GREATEST)
  1744 
  1745 ;end_setup
  1746 
  1747 ;setup_theory hrat
  1748 
  1749 constdefs
  1750   trat_1 :: "nat * nat" 
  1751   "trat_1 == (0, 0)"
  1752 
  1753 lemma trat_1: "trat_1 = (0, 0)"
  1754   by (import hrat trat_1)
  1755 
  1756 constdefs
  1757   trat_inv :: "nat * nat => nat * nat" 
  1758   "trat_inv == %(x::nat, y::nat). (y, x)"
  1759 
  1760 lemma trat_inv: "ALL (x::nat) y::nat. trat_inv (x, y) = (y, x)"
  1761   by (import hrat trat_inv)
  1762 
  1763 constdefs
  1764   trat_add :: "nat * nat => nat * nat => nat * nat" 
  1765   "trat_add ==
  1766 %(x::nat, y::nat) (x'::nat, y'::nat).
  1767    (PRE (Suc x * Suc y' + Suc x' * Suc y), PRE (Suc y * Suc y'))"
  1768 
  1769 lemma trat_add: "ALL (x::nat) (y::nat) (x'::nat) y'::nat.
  1770    trat_add (x, y) (x', y') =
  1771    (PRE (Suc x * Suc y' + Suc x' * Suc y), PRE (Suc y * Suc y'))"
  1772   by (import hrat trat_add)
  1773 
  1774 constdefs
  1775   trat_mul :: "nat * nat => nat * nat => nat * nat" 
  1776   "trat_mul ==
  1777 %(x::nat, y::nat) (x'::nat, y'::nat).
  1778    (PRE (Suc x * Suc x'), PRE (Suc y * Suc y'))"
  1779 
  1780 lemma trat_mul: "ALL (x::nat) (y::nat) (x'::nat) y'::nat.
  1781    trat_mul (x, y) (x', y') = (PRE (Suc x * Suc x'), PRE (Suc y * Suc y'))"
  1782   by (import hrat trat_mul)
  1783 
  1784 consts
  1785   trat_sucint :: "nat => nat * nat" 
  1786 
  1787 specification (trat_sucint) trat_sucint: "trat_sucint 0 = trat_1 &
  1788 (ALL n::nat. trat_sucint (Suc n) = trat_add (trat_sucint n) trat_1)"
  1789   by (import hrat trat_sucint)
  1790 
  1791 constdefs
  1792   trat_eq :: "nat * nat => nat * nat => bool" 
  1793   "trat_eq ==
  1794 %(x::nat, y::nat) (x'::nat, y'::nat). Suc x * Suc y' = Suc x' * Suc y"
  1795 
  1796 lemma trat_eq: "ALL (x::nat) (y::nat) (x'::nat) y'::nat.
  1797    trat_eq (x, y) (x', y') = (Suc x * Suc y' = Suc x' * Suc y)"
  1798   by (import hrat trat_eq)
  1799 
  1800 lemma TRAT_EQ_REFL: "ALL p::nat * nat. trat_eq p p"
  1801   by (import hrat TRAT_EQ_REFL)
  1802 
  1803 lemma TRAT_EQ_SYM: "ALL (p::nat * nat) q::nat * nat. trat_eq p q = trat_eq q p"
  1804   by (import hrat TRAT_EQ_SYM)
  1805 
  1806 lemma TRAT_EQ_TRANS: "ALL (p::nat * nat) (q::nat * nat) r::nat * nat.
  1807    trat_eq p q & trat_eq q r --> trat_eq p r"
  1808   by (import hrat TRAT_EQ_TRANS)
  1809 
  1810 lemma TRAT_EQ_AP: "ALL (p::nat * nat) q::nat * nat. p = q --> trat_eq p q"
  1811   by (import hrat TRAT_EQ_AP)
  1812 
  1813 lemma TRAT_ADD_SYM_EQ: "ALL (h::nat * nat) i::nat * nat. trat_add h i = trat_add i h"
  1814   by (import hrat TRAT_ADD_SYM_EQ)
  1815 
  1816 lemma TRAT_MUL_SYM_EQ: "ALL (h::nat * nat) i::nat * nat. trat_mul h i = trat_mul i h"
  1817   by (import hrat TRAT_MUL_SYM_EQ)
  1818 
  1819 lemma TRAT_INV_WELLDEFINED: "ALL (p::nat * nat) q::nat * nat.
  1820    trat_eq p q --> trat_eq (trat_inv p) (trat_inv q)"
  1821   by (import hrat TRAT_INV_WELLDEFINED)
  1822 
  1823 lemma TRAT_ADD_WELLDEFINED: "ALL (p::nat * nat) (q::nat * nat) r::nat * nat.
  1824    trat_eq p q --> trat_eq (trat_add p r) (trat_add q r)"
  1825   by (import hrat TRAT_ADD_WELLDEFINED)
  1826 
  1827 lemma TRAT_ADD_WELLDEFINED2: "ALL (p1::nat * nat) (p2::nat * nat) (q1::nat * nat) q2::nat * nat.
  1828    trat_eq p1 p2 & trat_eq q1 q2 -->
  1829    trat_eq (trat_add p1 q1) (trat_add p2 q2)"
  1830   by (import hrat TRAT_ADD_WELLDEFINED2)
  1831 
  1832 lemma TRAT_MUL_WELLDEFINED: "ALL (p::nat * nat) (q::nat * nat) r::nat * nat.
  1833    trat_eq p q --> trat_eq (trat_mul p r) (trat_mul q r)"
  1834   by (import hrat TRAT_MUL_WELLDEFINED)
  1835 
  1836 lemma TRAT_MUL_WELLDEFINED2: "ALL (p1::nat * nat) (p2::nat * nat) (q1::nat * nat) q2::nat * nat.
  1837    trat_eq p1 p2 & trat_eq q1 q2 -->
  1838    trat_eq (trat_mul p1 q1) (trat_mul p2 q2)"
  1839   by (import hrat TRAT_MUL_WELLDEFINED2)
  1840 
  1841 lemma TRAT_ADD_SYM: "ALL (h::nat * nat) i::nat * nat. trat_eq (trat_add h i) (trat_add i h)"
  1842   by (import hrat TRAT_ADD_SYM)
  1843 
  1844 lemma TRAT_ADD_ASSOC: "ALL (h::nat * nat) (i::nat * nat) j::nat * nat.
  1845    trat_eq (trat_add h (trat_add i j)) (trat_add (trat_add h i) j)"
  1846   by (import hrat TRAT_ADD_ASSOC)
  1847 
  1848 lemma TRAT_MUL_SYM: "ALL (h::nat * nat) i::nat * nat. trat_eq (trat_mul h i) (trat_mul i h)"
  1849   by (import hrat TRAT_MUL_SYM)
  1850 
  1851 lemma TRAT_MUL_ASSOC: "ALL (h::nat * nat) (i::nat * nat) j::nat * nat.
  1852    trat_eq (trat_mul h (trat_mul i j)) (trat_mul (trat_mul h i) j)"
  1853   by (import hrat TRAT_MUL_ASSOC)
  1854 
  1855 lemma TRAT_LDISTRIB: "ALL (h::nat * nat) (i::nat * nat) j::nat * nat.
  1856    trat_eq (trat_mul h (trat_add i j))
  1857     (trat_add (trat_mul h i) (trat_mul h j))"
  1858   by (import hrat TRAT_LDISTRIB)
  1859 
  1860 lemma TRAT_MUL_LID: "ALL h::nat * nat. trat_eq (trat_mul trat_1 h) h"
  1861   by (import hrat TRAT_MUL_LID)
  1862 
  1863 lemma TRAT_MUL_LINV: "ALL h::nat * nat. trat_eq (trat_mul (trat_inv h) h) trat_1"
  1864   by (import hrat TRAT_MUL_LINV)
  1865 
  1866 lemma TRAT_NOZERO: "ALL (h::nat * nat) i::nat * nat. ~ trat_eq (trat_add h i) h"
  1867   by (import hrat TRAT_NOZERO)
  1868 
  1869 lemma TRAT_ADD_TOTAL: "ALL (h::nat * nat) i::nat * nat.
  1870    trat_eq h i |
  1871    (EX d::nat * nat. trat_eq h (trat_add i d)) |
  1872    (EX d::nat * nat. trat_eq i (trat_add h d))"
  1873   by (import hrat TRAT_ADD_TOTAL)
  1874 
  1875 lemma TRAT_SUCINT_0: "ALL n::nat. trat_eq (trat_sucint n) (n, 0)"
  1876   by (import hrat TRAT_SUCINT_0)
  1877 
  1878 lemma TRAT_ARCH: "ALL h::nat * nat.
  1879    EX (n::nat) d::nat * nat. trat_eq (trat_sucint n) (trat_add h d)"
  1880   by (import hrat TRAT_ARCH)
  1881 
  1882 lemma TRAT_SUCINT: "trat_eq (trat_sucint 0) trat_1 &
  1883 (ALL n::nat.
  1884     trat_eq (trat_sucint (Suc n)) (trat_add (trat_sucint n) trat_1))"
  1885   by (import hrat TRAT_SUCINT)
  1886 
  1887 lemma TRAT_EQ_EQUIV: "ALL (p::nat * nat) q::nat * nat. trat_eq p q = (trat_eq p = trat_eq q)"
  1888   by (import hrat TRAT_EQ_EQUIV)
  1889 
  1890 typedef (open) hrat = "{x::nat * nat => bool. EX xa::nat * nat. x = trat_eq xa}" 
  1891   by (rule typedef_helper,import hrat hrat_TY_DEF)
  1892 
  1893 lemmas hrat_TY_DEF = typedef_hol2hol4 [OF type_definition_hrat]
  1894 
  1895 consts
  1896   mk_hrat :: "(nat * nat => bool) => hrat" 
  1897   dest_hrat :: "hrat => nat * nat => bool" 
  1898 
  1899 specification (dest_hrat mk_hrat) hrat_tybij: "(ALL a::hrat. mk_hrat (dest_hrat a) = a) &
  1900 (ALL r::nat * nat => bool.
  1901     (EX x::nat * nat. r = trat_eq x) = (dest_hrat (mk_hrat r) = r))"
  1902   by (import hrat hrat_tybij)
  1903 
  1904 constdefs
  1905   hrat_1 :: "hrat" 
  1906   "hrat_1 == mk_hrat (trat_eq trat_1)"
  1907 
  1908 lemma hrat_1: "hrat_1 = mk_hrat (trat_eq trat_1)"
  1909   by (import hrat hrat_1)
  1910 
  1911 constdefs
  1912   hrat_inv :: "hrat => hrat" 
  1913   "hrat_inv == %T1::hrat. mk_hrat (trat_eq (trat_inv (Eps (dest_hrat T1))))"
  1914 
  1915 lemma hrat_inv: "ALL T1::hrat.
  1916    hrat_inv T1 = mk_hrat (trat_eq (trat_inv (Eps (dest_hrat T1))))"
  1917   by (import hrat hrat_inv)
  1918 
  1919 constdefs
  1920   hrat_add :: "hrat => hrat => hrat" 
  1921   "hrat_add ==
  1922 %(T1::hrat) T2::hrat.
  1923    mk_hrat (trat_eq (trat_add (Eps (dest_hrat T1)) (Eps (dest_hrat T2))))"
  1924 
  1925 lemma hrat_add: "ALL (T1::hrat) T2::hrat.
  1926    hrat_add T1 T2 =
  1927    mk_hrat (trat_eq (trat_add (Eps (dest_hrat T1)) (Eps (dest_hrat T2))))"
  1928   by (import hrat hrat_add)
  1929 
  1930 constdefs
  1931   hrat_mul :: "hrat => hrat => hrat" 
  1932   "hrat_mul ==
  1933 %(T1::hrat) T2::hrat.
  1934    mk_hrat (trat_eq (trat_mul (Eps (dest_hrat T1)) (Eps (dest_hrat T2))))"
  1935 
  1936 lemma hrat_mul: "ALL (T1::hrat) T2::hrat.
  1937    hrat_mul T1 T2 =
  1938    mk_hrat (trat_eq (trat_mul (Eps (dest_hrat T1)) (Eps (dest_hrat T2))))"
  1939   by (import hrat hrat_mul)
  1940 
  1941 constdefs
  1942   hrat_sucint :: "nat => hrat" 
  1943   "hrat_sucint == %T1::nat. mk_hrat (trat_eq (trat_sucint T1))"
  1944 
  1945 lemma hrat_sucint: "ALL T1::nat. hrat_sucint T1 = mk_hrat (trat_eq (trat_sucint T1))"
  1946   by (import hrat hrat_sucint)
  1947 
  1948 lemma HRAT_ADD_SYM: "ALL (h::hrat) i::hrat. hrat_add h i = hrat_add i h"
  1949   by (import hrat HRAT_ADD_SYM)
  1950 
  1951 lemma HRAT_ADD_ASSOC: "ALL (h::hrat) (i::hrat) j::hrat.
  1952    hrat_add h (hrat_add i j) = hrat_add (hrat_add h i) j"
  1953   by (import hrat HRAT_ADD_ASSOC)
  1954 
  1955 lemma HRAT_MUL_SYM: "ALL (h::hrat) i::hrat. hrat_mul h i = hrat_mul i h"
  1956   by (import hrat HRAT_MUL_SYM)
  1957 
  1958 lemma HRAT_MUL_ASSOC: "ALL (h::hrat) (i::hrat) j::hrat.
  1959    hrat_mul h (hrat_mul i j) = hrat_mul (hrat_mul h i) j"
  1960   by (import hrat HRAT_MUL_ASSOC)
  1961 
  1962 lemma HRAT_LDISTRIB: "ALL (h::hrat) (i::hrat) j::hrat.
  1963    hrat_mul h (hrat_add i j) = hrat_add (hrat_mul h i) (hrat_mul h j)"
  1964   by (import hrat HRAT_LDISTRIB)
  1965 
  1966 lemma HRAT_MUL_LID: "ALL h::hrat. hrat_mul hrat_1 h = h"
  1967   by (import hrat HRAT_MUL_LID)
  1968 
  1969 lemma HRAT_MUL_LINV: "ALL h::hrat. hrat_mul (hrat_inv h) h = hrat_1"
  1970   by (import hrat HRAT_MUL_LINV)
  1971 
  1972 lemma HRAT_NOZERO: "ALL (h::hrat) i::hrat. hrat_add h i ~= h"
  1973   by (import hrat HRAT_NOZERO)
  1974 
  1975 lemma HRAT_ADD_TOTAL: "ALL (h::hrat) i::hrat.
  1976    h = i | (EX x::hrat. h = hrat_add i x) | (EX x::hrat. i = hrat_add h x)"
  1977   by (import hrat HRAT_ADD_TOTAL)
  1978 
  1979 lemma HRAT_ARCH: "ALL h::hrat. EX (x::nat) xa::hrat. hrat_sucint x = hrat_add h xa"
  1980   by (import hrat HRAT_ARCH)
  1981 
  1982 lemma HRAT_SUCINT: "hrat_sucint 0 = hrat_1 &
  1983 (ALL x::nat. hrat_sucint (Suc x) = hrat_add (hrat_sucint x) hrat_1)"
  1984   by (import hrat HRAT_SUCINT)
  1985 
  1986 ;end_setup
  1987 
  1988 ;setup_theory hreal
  1989 
  1990 constdefs
  1991   hrat_lt :: "hrat => hrat => bool" 
  1992   "hrat_lt == %(x::hrat) y::hrat. EX d::hrat. y = hrat_add x d"
  1993 
  1994 lemma hrat_lt: "ALL (x::hrat) y::hrat. hrat_lt x y = (EX d::hrat. y = hrat_add x d)"
  1995   by (import hreal hrat_lt)
  1996 
  1997 lemma HRAT_LT_REFL: "ALL x::hrat. ~ hrat_lt x x"
  1998   by (import hreal HRAT_LT_REFL)
  1999 
  2000 lemma HRAT_LT_TRANS: "ALL (x::hrat) (y::hrat) z::hrat. hrat_lt x y & hrat_lt y z --> hrat_lt x z"
  2001   by (import hreal HRAT_LT_TRANS)
  2002 
  2003 lemma HRAT_LT_ANTISYM: "ALL (x::hrat) y::hrat. ~ (hrat_lt x y & hrat_lt y x)"
  2004   by (import hreal HRAT_LT_ANTISYM)
  2005 
  2006 lemma HRAT_LT_TOTAL: "ALL (x::hrat) y::hrat. x = y | hrat_lt x y | hrat_lt y x"
  2007   by (import hreal HRAT_LT_TOTAL)
  2008 
  2009 lemma HRAT_MUL_RID: "ALL x::hrat. hrat_mul x hrat_1 = x"
  2010   by (import hreal HRAT_MUL_RID)
  2011 
  2012 lemma HRAT_MUL_RINV: "ALL x::hrat. hrat_mul x (hrat_inv x) = hrat_1"
  2013   by (import hreal HRAT_MUL_RINV)
  2014 
  2015 lemma HRAT_RDISTRIB: "ALL (x::hrat) (y::hrat) z::hrat.
  2016    hrat_mul (hrat_add x y) z = hrat_add (hrat_mul x z) (hrat_mul y z)"
  2017   by (import hreal HRAT_RDISTRIB)
  2018 
  2019 lemma HRAT_LT_ADDL: "ALL (x::hrat) y::hrat. hrat_lt x (hrat_add x y)"
  2020   by (import hreal HRAT_LT_ADDL)
  2021 
  2022 lemma HRAT_LT_ADDR: "ALL (x::hrat) xa::hrat. hrat_lt xa (hrat_add x xa)"
  2023   by (import hreal HRAT_LT_ADDR)
  2024 
  2025 lemma HRAT_LT_GT: "ALL (x::hrat) y::hrat. hrat_lt x y --> ~ hrat_lt y x"
  2026   by (import hreal HRAT_LT_GT)
  2027 
  2028 lemma HRAT_LT_NE: "ALL (x::hrat) y::hrat. hrat_lt x y --> x ~= y"
  2029   by (import hreal HRAT_LT_NE)
  2030 
  2031 lemma HRAT_EQ_LADD: "ALL (x::hrat) (y::hrat) z::hrat. (hrat_add x y = hrat_add x z) = (y = z)"
  2032   by (import hreal HRAT_EQ_LADD)
  2033 
  2034 lemma HRAT_EQ_LMUL: "ALL (x::hrat) (y::hrat) z::hrat. (hrat_mul x y = hrat_mul x z) = (y = z)"
  2035   by (import hreal HRAT_EQ_LMUL)
  2036 
  2037 lemma HRAT_LT_ADD2: "ALL (u::hrat) (v::hrat) (x::hrat) y::hrat.
  2038    hrat_lt u x & hrat_lt v y --> hrat_lt (hrat_add u v) (hrat_add x y)"
  2039   by (import hreal HRAT_LT_ADD2)
  2040 
  2041 lemma HRAT_LT_LADD: "ALL (x::hrat) (y::hrat) z::hrat.
  2042    hrat_lt (hrat_add z x) (hrat_add z y) = hrat_lt x y"
  2043   by (import hreal HRAT_LT_LADD)
  2044 
  2045 lemma HRAT_LT_RADD: "ALL (x::hrat) (y::hrat) z::hrat.
  2046    hrat_lt (hrat_add x z) (hrat_add y z) = hrat_lt x y"
  2047   by (import hreal HRAT_LT_RADD)
  2048 
  2049 lemma HRAT_LT_MUL2: "ALL (u::hrat) (v::hrat) (x::hrat) y::hrat.
  2050    hrat_lt u x & hrat_lt v y --> hrat_lt (hrat_mul u v) (hrat_mul x y)"
  2051   by (import hreal HRAT_LT_MUL2)
  2052 
  2053 lemma HRAT_LT_LMUL: "ALL (x::hrat) (y::hrat) z::hrat.
  2054    hrat_lt (hrat_mul z x) (hrat_mul z y) = hrat_lt x y"
  2055   by (import hreal HRAT_LT_LMUL)
  2056 
  2057 lemma HRAT_LT_RMUL: "ALL (x::hrat) (y::hrat) z::hrat.
  2058    hrat_lt (hrat_mul x z) (hrat_mul y z) = hrat_lt x y"
  2059   by (import hreal HRAT_LT_RMUL)
  2060 
  2061 lemma HRAT_LT_LMUL1: "ALL (x::hrat) y::hrat. hrat_lt (hrat_mul x y) y = hrat_lt x hrat_1"
  2062   by (import hreal HRAT_LT_LMUL1)
  2063 
  2064 lemma HRAT_LT_RMUL1: "ALL (x::hrat) y::hrat. hrat_lt (hrat_mul x y) x = hrat_lt y hrat_1"
  2065   by (import hreal HRAT_LT_RMUL1)
  2066 
  2067 lemma HRAT_GT_LMUL1: "ALL (x::hrat) y::hrat. hrat_lt y (hrat_mul x y) = hrat_lt hrat_1 x"
  2068   by (import hreal HRAT_GT_LMUL1)
  2069 
  2070 lemma HRAT_LT_L1: "ALL (x::hrat) y::hrat.
  2071    hrat_lt (hrat_mul (hrat_inv x) y) hrat_1 = hrat_lt y x"
  2072   by (import hreal HRAT_LT_L1)
  2073 
  2074 lemma HRAT_LT_R1: "ALL (x::hrat) y::hrat.
  2075    hrat_lt (hrat_mul x (hrat_inv y)) hrat_1 = hrat_lt x y"
  2076   by (import hreal HRAT_LT_R1)
  2077 
  2078 lemma HRAT_GT_L1: "ALL (x::hrat) y::hrat.
  2079    hrat_lt hrat_1 (hrat_mul (hrat_inv x) y) = hrat_lt x y"
  2080   by (import hreal HRAT_GT_L1)
  2081 
  2082 lemma HRAT_INV_MUL: "ALL (x::hrat) y::hrat.
  2083    hrat_inv (hrat_mul x y) = hrat_mul (hrat_inv x) (hrat_inv y)"
  2084   by (import hreal HRAT_INV_MUL)
  2085 
  2086 lemma HRAT_UP: "ALL x::hrat. Ex (hrat_lt x)"
  2087   by (import hreal HRAT_UP)
  2088 
  2089 lemma HRAT_DOWN: "ALL x::hrat. EX xa::hrat. hrat_lt xa x"
  2090   by (import hreal HRAT_DOWN)
  2091 
  2092 lemma HRAT_DOWN2: "ALL (x::hrat) y::hrat. EX xa::hrat. hrat_lt xa x & hrat_lt xa y"
  2093   by (import hreal HRAT_DOWN2)
  2094 
  2095 lemma HRAT_MEAN: "ALL (x::hrat) y::hrat.
  2096    hrat_lt x y --> (EX xa::hrat. hrat_lt x xa & hrat_lt xa y)"
  2097   by (import hreal HRAT_MEAN)
  2098 
  2099 constdefs
  2100   isacut :: "(hrat => bool) => bool" 
  2101   "isacut ==
  2102 %C::hrat => bool.
  2103    Ex C &
  2104    (EX x::hrat. ~ C x) &
  2105    (ALL (x::hrat) y::hrat. C x & hrat_lt y x --> C y) &
  2106    (ALL x::hrat. C x --> (EX y::hrat. C y & hrat_lt x y))"
  2107 
  2108 lemma isacut: "ALL C::hrat => bool.
  2109    isacut C =
  2110    (Ex C &
  2111     (EX x::hrat. ~ C x) &
  2112     (ALL (x::hrat) y::hrat. C x & hrat_lt y x --> C y) &
  2113     (ALL x::hrat. C x --> (EX y::hrat. C y & hrat_lt x y)))"
  2114   by (import hreal isacut)
  2115 
  2116 constdefs
  2117   cut_of_hrat :: "hrat => hrat => bool" 
  2118   "cut_of_hrat == %(x::hrat) y::hrat. hrat_lt y x"
  2119 
  2120 lemma cut_of_hrat: "ALL x::hrat. cut_of_hrat x = (%y::hrat. hrat_lt y x)"
  2121   by (import hreal cut_of_hrat)
  2122 
  2123 lemma ISACUT_HRAT: "ALL h::hrat. isacut (cut_of_hrat h)"
  2124   by (import hreal ISACUT_HRAT)
  2125 
  2126 typedef (open) hreal = "Collect isacut" 
  2127   by (rule typedef_helper,import hreal hreal_TY_DEF)
  2128 
  2129 lemmas hreal_TY_DEF = typedef_hol2hol4 [OF type_definition_hreal]
  2130 
  2131 consts
  2132   hreal :: "(hrat => bool) => hreal" 
  2133   cut :: "hreal => hrat => bool" 
  2134 
  2135 specification (cut hreal) hreal_tybij: "(ALL a::hreal. hreal (hreal.cut a) = a) &
  2136 (ALL r::hrat => bool. isacut r = (hreal.cut (hreal r) = r))"
  2137   by (import hreal hreal_tybij)
  2138 
  2139 lemma EQUAL_CUTS: "ALL (X::hreal) Y::hreal. hreal.cut X = hreal.cut Y --> X = Y"
  2140   by (import hreal EQUAL_CUTS)
  2141 
  2142 lemma CUT_ISACUT: "ALL x::hreal. isacut (hreal.cut x)"
  2143   by (import hreal CUT_ISACUT)
  2144 
  2145 lemma CUT_NONEMPTY: "ALL x::hreal. Ex (hreal.cut x)"
  2146   by (import hreal CUT_NONEMPTY)
  2147 
  2148 lemma CUT_BOUNDED: "ALL x::hreal. EX xa::hrat. ~ hreal.cut x xa"
  2149   by (import hreal CUT_BOUNDED)
  2150 
  2151 lemma CUT_DOWN: "ALL (x::hreal) (xa::hrat) xb::hrat.
  2152    hreal.cut x xa & hrat_lt xb xa --> hreal.cut x xb"
  2153   by (import hreal CUT_DOWN)
  2154 
  2155 lemma CUT_UP: "ALL (x::hreal) xa::hrat.
  2156    hreal.cut x xa --> (EX y::hrat. hreal.cut x y & hrat_lt xa y)"
  2157   by (import hreal CUT_UP)
  2158 
  2159 lemma CUT_UBOUND: "ALL (x::hreal) (xa::hrat) xb::hrat.
  2160    ~ hreal.cut x xa & hrat_lt xa xb --> ~ hreal.cut x xb"
  2161   by (import hreal CUT_UBOUND)
  2162 
  2163 lemma CUT_STRADDLE: "ALL (X::hreal) (x::hrat) y::hrat.
  2164    hreal.cut X x & ~ hreal.cut X y --> hrat_lt x y"
  2165   by (import hreal CUT_STRADDLE)
  2166 
  2167 lemma CUT_NEARTOP_ADD: "ALL (X::hreal) e::hrat.
  2168    EX x::hrat. hreal.cut X x & ~ hreal.cut X (hrat_add x e)"
  2169   by (import hreal CUT_NEARTOP_ADD)
  2170 
  2171 lemma CUT_NEARTOP_MUL: "ALL (X::hreal) u::hrat.
  2172    hrat_lt hrat_1 u -->
  2173    (EX x::hrat. hreal.cut X x & ~ hreal.cut X (hrat_mul u x))"
  2174   by (import hreal CUT_NEARTOP_MUL)
  2175 
  2176 constdefs
  2177   hreal_1 :: "hreal" 
  2178   "hreal_1 == hreal (cut_of_hrat hrat_1)"
  2179 
  2180 lemma hreal_1: "hreal_1 = hreal (cut_of_hrat hrat_1)"
  2181   by (import hreal hreal_1)
  2182 
  2183 constdefs
  2184   hreal_add :: "hreal => hreal => hreal" 
  2185   "hreal_add ==
  2186 %(X::hreal) Y::hreal.
  2187    hreal
  2188     (%w::hrat.
  2189         EX (x::hrat) y::hrat.
  2190            w = hrat_add x y & hreal.cut X x & hreal.cut Y y)"
  2191 
  2192 lemma hreal_add: "ALL (X::hreal) Y::hreal.
  2193    hreal_add X Y =
  2194    hreal
  2195     (%w::hrat.
  2196         EX (x::hrat) y::hrat.
  2197            w = hrat_add x y & hreal.cut X x & hreal.cut Y y)"
  2198   by (import hreal hreal_add)
  2199 
  2200 constdefs
  2201   hreal_mul :: "hreal => hreal => hreal" 
  2202   "hreal_mul ==
  2203 %(X::hreal) Y::hreal.
  2204    hreal
  2205     (%w::hrat.
  2206         EX (x::hrat) y::hrat.
  2207            w = hrat_mul x y & hreal.cut X x & hreal.cut Y y)"
  2208 
  2209 lemma hreal_mul: "ALL (X::hreal) Y::hreal.
  2210    hreal_mul X Y =
  2211    hreal
  2212     (%w::hrat.
  2213         EX (x::hrat) y::hrat.
  2214            w = hrat_mul x y & hreal.cut X x & hreal.cut Y y)"
  2215   by (import hreal hreal_mul)
  2216 
  2217 constdefs
  2218   hreal_inv :: "hreal => hreal" 
  2219   "hreal_inv ==
  2220 %X::hreal.
  2221    hreal
  2222     (%w::hrat.
  2223         EX d::hrat.
  2224            hrat_lt d hrat_1 &
  2225            (ALL x::hrat. hreal.cut X x --> hrat_lt (hrat_mul w x) d))"
  2226 
  2227 lemma hreal_inv: "ALL X::hreal.
  2228    hreal_inv X =
  2229    hreal
  2230     (%w::hrat.
  2231         EX d::hrat.
  2232            hrat_lt d hrat_1 &
  2233            (ALL x::hrat. hreal.cut X x --> hrat_lt (hrat_mul w x) d))"
  2234   by (import hreal hreal_inv)
  2235 
  2236 constdefs
  2237   hreal_sup :: "(hreal => bool) => hreal" 
  2238   "hreal_sup ==
  2239 %P::hreal => bool. hreal (%w::hrat. EX X::hreal. P X & hreal.cut X w)"
  2240 
  2241 lemma hreal_sup: "ALL P::hreal => bool.
  2242    hreal_sup P = hreal (%w::hrat. EX X::hreal. P X & hreal.cut X w)"
  2243   by (import hreal hreal_sup)
  2244 
  2245 constdefs
  2246   hreal_lt :: "hreal => hreal => bool" 
  2247   "hreal_lt ==
  2248 %(X::hreal) Y::hreal.
  2249    X ~= Y & (ALL x::hrat. hreal.cut X x --> hreal.cut Y x)"
  2250 
  2251 lemma hreal_lt: "ALL (X::hreal) Y::hreal.
  2252    hreal_lt X Y = (X ~= Y & (ALL x::hrat. hreal.cut X x --> hreal.cut Y x))"
  2253   by (import hreal hreal_lt)
  2254 
  2255 lemma HREAL_INV_ISACUT: "ALL X::hreal.
  2256    isacut
  2257     (%w::hrat.
  2258         EX d::hrat.
  2259            hrat_lt d hrat_1 &
  2260            (ALL x::hrat. hreal.cut X x --> hrat_lt (hrat_mul w x) d))"
  2261   by (import hreal HREAL_INV_ISACUT)
  2262 
  2263 lemma HREAL_ADD_ISACUT: "ALL (X::hreal) Y::hreal.
  2264    isacut
  2265     (%w::hrat.
  2266         EX (x::hrat) y::hrat.
  2267            w = hrat_add x y & hreal.cut X x & hreal.cut Y y)"
  2268   by (import hreal HREAL_ADD_ISACUT)
  2269 
  2270 lemma HREAL_MUL_ISACUT: "ALL (X::hreal) Y::hreal.
  2271    isacut
  2272     (%w::hrat.
  2273         EX (x::hrat) y::hrat.
  2274            w = hrat_mul x y & hreal.cut X x & hreal.cut Y y)"
  2275   by (import hreal HREAL_MUL_ISACUT)
  2276 
  2277 lemma HREAL_ADD_SYM: "ALL (X::hreal) Y::hreal. hreal_add X Y = hreal_add Y X"
  2278   by (import hreal HREAL_ADD_SYM)
  2279 
  2280 lemma HREAL_MUL_SYM: "ALL (X::hreal) Y::hreal. hreal_mul X Y = hreal_mul Y X"
  2281   by (import hreal HREAL_MUL_SYM)
  2282 
  2283 lemma HREAL_ADD_ASSOC: "ALL (X::hreal) (Y::hreal) Z::hreal.
  2284    hreal_add X (hreal_add Y Z) = hreal_add (hreal_add X Y) Z"
  2285   by (import hreal HREAL_ADD_ASSOC)
  2286 
  2287 lemma HREAL_MUL_ASSOC: "ALL (X::hreal) (Y::hreal) Z::hreal.
  2288    hreal_mul X (hreal_mul Y Z) = hreal_mul (hreal_mul X Y) Z"
  2289   by (import hreal HREAL_MUL_ASSOC)
  2290 
  2291 lemma HREAL_LDISTRIB: "ALL (X::hreal) (Y::hreal) Z::hreal.
  2292    hreal_mul X (hreal_add Y Z) = hreal_add (hreal_mul X Y) (hreal_mul X Z)"
  2293   by (import hreal HREAL_LDISTRIB)
  2294 
  2295 lemma HREAL_MUL_LID: "ALL X::hreal. hreal_mul hreal_1 X = X"
  2296   by (import hreal HREAL_MUL_LID)
  2297 
  2298 lemma HREAL_MUL_LINV: "ALL X::hreal. hreal_mul (hreal_inv X) X = hreal_1"
  2299   by (import hreal HREAL_MUL_LINV)
  2300 
  2301 lemma HREAL_NOZERO: "ALL (X::hreal) Y::hreal. hreal_add X Y ~= X"
  2302   by (import hreal HREAL_NOZERO)
  2303 
  2304 constdefs
  2305   hreal_sub :: "hreal => hreal => hreal" 
  2306   "hreal_sub ==
  2307 %(Y::hreal) X::hreal.
  2308    hreal
  2309     (%w::hrat. EX x::hrat. ~ hreal.cut X x & hreal.cut Y (hrat_add x w))"
  2310 
  2311 lemma hreal_sub: "ALL (Y::hreal) X::hreal.
  2312    hreal_sub Y X =
  2313    hreal
  2314     (%w::hrat. EX x::hrat. ~ hreal.cut X x & hreal.cut Y (hrat_add x w))"
  2315   by (import hreal hreal_sub)
  2316 
  2317 lemma HREAL_LT_LEMMA: "ALL (X::hreal) Y::hreal.
  2318    hreal_lt X Y --> (EX x::hrat. ~ hreal.cut X x & hreal.cut Y x)"
  2319   by (import hreal HREAL_LT_LEMMA)
  2320 
  2321 lemma HREAL_SUB_ISACUT: "ALL (X::hreal) Y::hreal.
  2322    hreal_lt X Y -->
  2323    isacut
  2324     (%w::hrat. EX x::hrat. ~ hreal.cut X x & hreal.cut Y (hrat_add x w))"
  2325   by (import hreal HREAL_SUB_ISACUT)
  2326 
  2327 lemma HREAL_SUB_ADD: "ALL (X::hreal) Y::hreal. hreal_lt X Y --> hreal_add (hreal_sub Y X) X = Y"
  2328   by (import hreal HREAL_SUB_ADD)
  2329 
  2330 lemma HREAL_LT_TOTAL: "ALL (X::hreal) Y::hreal. X = Y | hreal_lt X Y | hreal_lt Y X"
  2331   by (import hreal HREAL_LT_TOTAL)
  2332 
  2333 lemma HREAL_LT: "ALL (X::hreal) Y::hreal. hreal_lt X Y = (EX D::hreal. Y = hreal_add X D)"
  2334   by (import hreal HREAL_LT)
  2335 
  2336 lemma HREAL_ADD_TOTAL: "ALL (X::hreal) Y::hreal.
  2337    X = Y |
  2338    (EX D::hreal. Y = hreal_add X D) | (EX D::hreal. X = hreal_add Y D)"
  2339   by (import hreal HREAL_ADD_TOTAL)
  2340 
  2341 lemma HREAL_SUP_ISACUT: "ALL P::hreal => bool.
  2342    Ex P & (EX Y::hreal. ALL X::hreal. P X --> hreal_lt X Y) -->
  2343    isacut (%w::hrat. EX X::hreal. P X & hreal.cut X w)"
  2344   by (import hreal HREAL_SUP_ISACUT)
  2345 
  2346 lemma HREAL_SUP: "ALL P::hreal => bool.
  2347    Ex P & (EX Y::hreal. ALL X::hreal. P X --> hreal_lt X Y) -->
  2348    (ALL Y::hreal.
  2349        (EX X::hreal. P X & hreal_lt Y X) = hreal_lt Y (hreal_sup P))"
  2350   by (import hreal HREAL_SUP)
  2351 
  2352 ;end_setup
  2353 
  2354 ;setup_theory numeral
  2355 
  2356 lemma numeral_suc: "Suc ALT_ZERO = NUMERAL_BIT1 ALT_ZERO &
  2357 (ALL x::nat. Suc (NUMERAL_BIT1 x) = NUMERAL_BIT2 x) &
  2358 (ALL x::nat. Suc (NUMERAL_BIT2 x) = NUMERAL_BIT1 (Suc x))"
  2359   by (import numeral numeral_suc)
  2360 
  2361 constdefs
  2362   iZ :: "nat => nat" 
  2363   "iZ == %x::nat. x"
  2364 
  2365 lemma iZ: "ALL x::nat. iZ x = x"
  2366   by (import numeral iZ)
  2367 
  2368 constdefs
  2369   iiSUC :: "nat => nat" 
  2370   "iiSUC == %n::nat. Suc (Suc n)"
  2371 
  2372 lemma iiSUC: "ALL n::nat. iiSUC n = Suc (Suc n)"
  2373   by (import numeral iiSUC)
  2374 
  2375 lemma numeral_distrib: "(op &::bool => bool => bool)
  2376  ((All::(nat => bool) => bool)
  2377    (%x::nat.
  2378        (op =::nat => nat => bool) ((op +::nat => nat => nat) (0::nat) x) x))
  2379  ((op &::bool => bool => bool)
  2380    ((All::(nat => bool) => bool)
  2381      (%x::nat.
  2382          (op =::nat => nat => bool) ((op +::nat => nat => nat) x (0::nat))
  2383           x))
  2384    ((op &::bool => bool => bool)
  2385      ((All::(nat => bool) => bool)
  2386        (%x::nat.
  2387            (All::(nat => bool) => bool)
  2388             (%xa::nat.
  2389                 (op =::nat => nat => bool)
  2390                  ((op +::nat => nat => nat) ((NUMERAL::nat => nat) x)
  2391                    ((NUMERAL::nat => nat) xa))
  2392                  ((NUMERAL::nat => nat)
  2393                    ((iZ::nat => nat) ((op +::nat => nat => nat) x xa))))))
  2394      ((op &::bool => bool => bool)
  2395        ((All::(nat => bool) => bool)
  2396          (%x::nat.
  2397              (op =::nat => nat => bool)
  2398               ((op *::nat => nat => nat) (0::nat) x) (0::nat)))
  2399        ((op &::bool => bool => bool)
  2400          ((All::(nat => bool) => bool)
  2401            (%x::nat.
  2402                (op =::nat => nat => bool)
  2403                 ((op *::nat => nat => nat) x (0::nat)) (0::nat)))
  2404          ((op &::bool => bool => bool)
  2405            ((All::(nat => bool) => bool)
  2406              (%x::nat.
  2407                  (All::(nat => bool) => bool)
  2408                   (%xa::nat.
  2409                       (op =::nat => nat => bool)
  2410                        ((op *::nat => nat => nat) ((NUMERAL::nat => nat) x)
  2411                          ((NUMERAL::nat => nat) xa))
  2412                        ((NUMERAL::nat => nat)
  2413                          ((op *::nat => nat => nat) x xa)))))
  2414            ((op &::bool => bool => bool)
  2415              ((All::(nat => bool) => bool)
  2416                (%x::nat.
  2417                    (op =::nat => nat => bool)
  2418                     ((op -::nat => nat => nat) (0::nat) x) (0::nat)))
  2419              ((op &::bool => bool => bool)
  2420                ((All::(nat => bool) => bool)
  2421                  (%x::nat.
  2422                      (op =::nat => nat => bool)
  2423                       ((op -::nat => nat => nat) x (0::nat)) x))
  2424                ((op &::bool => bool => bool)
  2425                  ((All::(nat => bool) => bool)
  2426                    (%x::nat.
  2427                        (All::(nat => bool) => bool)
  2428                         (%xa::nat.
  2429                             (op =::nat => nat => bool)
  2430                              ((op -::nat => nat => nat)
  2431                                ((NUMERAL::nat => nat) x)
  2432                                ((NUMERAL::nat => nat) xa))
  2433                              ((NUMERAL::nat => nat)
  2434                                ((op -::nat => nat => nat) x xa)))))
  2435                  ((op &::bool => bool => bool)
  2436                    ((All::(nat => bool) => bool)
  2437                      (%x::nat.
  2438                          (op =::nat => nat => bool)
  2439                           ((op ^::nat => nat => nat) (0::nat)
  2440                             ((NUMERAL::nat => nat)
  2441                               ((NUMERAL_BIT1::nat => nat) x)))
  2442                           (0::nat)))
  2443                    ((op &::bool => bool => bool)
  2444                      ((All::(nat => bool) => bool)
  2445                        (%x::nat.
  2446                            (op =::nat => nat => bool)
  2447                             ((op ^::nat => nat => nat) (0::nat)
  2448                               ((NUMERAL::nat => nat)
  2449                                 ((NUMERAL_BIT2::nat => nat) x)))
  2450                             (0::nat)))
  2451                      ((op &::bool => bool => bool)
  2452                        ((All::(nat => bool) => bool)
  2453                          (%x::nat.
  2454                              (op =::nat => nat => bool)
  2455                               ((op ^::nat => nat => nat) x (0::nat))
  2456                               (1::nat)))
  2457                        ((op &::bool => bool => bool)
  2458                          ((All::(nat => bool) => bool)
  2459                            (%x::nat.
  2460                                (All::(nat => bool) => bool)
  2461                                 (%xa::nat.
  2462                                     (op =::nat => nat => bool)
  2463                                      ((op ^::nat => nat => nat)
  2464  ((NUMERAL::nat => nat) x) ((NUMERAL::nat => nat) xa))
  2465                                      ((NUMERAL::nat => nat)
  2466  ((op ^::nat => nat => nat) x xa)))))
  2467                          ((op &::bool => bool => bool)
  2468                            ((op =::nat => nat => bool)
  2469                              ((Suc::nat => nat) (0::nat)) (1::nat))
  2470                            ((op &::bool => bool => bool)
  2471                              ((All::(nat => bool) => bool)
  2472                                (%x::nat.
  2473                                    (op =::nat => nat => bool)
  2474                                     ((Suc::nat => nat)
  2475 ((NUMERAL::nat => nat) x))
  2476                                     ((NUMERAL::nat => nat)
  2477 ((Suc::nat => nat) x))))
  2478                              ((op &::bool => bool => bool)
  2479                                ((op =::nat => nat => bool)
  2480                                  ((PRE::nat => nat) (0::nat)) (0::nat))
  2481                                ((op &::bool => bool => bool)
  2482                                  ((All::(nat => bool) => bool)
  2483                                    (%x::nat.
  2484  (op =::nat => nat => bool) ((PRE::nat => nat) ((NUMERAL::nat => nat) x))
  2485   ((NUMERAL::nat => nat) ((PRE::nat => nat) x))))
  2486                                  ((op &::bool => bool => bool)
  2487                                    ((All::(nat => bool) => bool)
  2488                                      (%x::nat.
  2489    (op =::bool => bool => bool)
  2490     ((op =::nat => nat => bool) ((NUMERAL::nat => nat) x) (0::nat))
  2491     ((op =::nat => nat => bool) x (ALT_ZERO::nat))))
  2492                                    ((op &::bool => bool => bool)
  2493                                      ((All::(nat => bool) => bool)
  2494  (%x::nat.
  2495      (op =::bool => bool => bool)
  2496       ((op =::nat => nat => bool) (0::nat) ((NUMERAL::nat => nat) x))
  2497       ((op =::nat => nat => bool) x (ALT_ZERO::nat))))
  2498                                      ((op &::bool => bool => bool)
  2499  ((All::(nat => bool) => bool)
  2500    (%x::nat.
  2501        (All::(nat => bool) => bool)
  2502         (%xa::nat.
  2503             (op =::bool => bool => bool)
  2504              ((op =::nat => nat => bool) ((NUMERAL::nat => nat) x)
  2505                ((NUMERAL::nat => nat) xa))
  2506              ((op =::nat => nat => bool) x xa))))
  2507  ((op &::bool => bool => bool)
  2508    ((All::(nat => bool) => bool)
  2509      (%x::nat.
  2510          (op =::bool => bool => bool)
  2511           ((op <::nat => nat => bool) x (0::nat)) (False::bool)))
  2512    ((op &::bool => bool => bool)
  2513      ((All::(nat => bool) => bool)
  2514        (%x::nat.
  2515            (op =::bool => bool => bool)
  2516             ((op <::nat => nat => bool) (0::nat) ((NUMERAL::nat => nat) x))
  2517             ((op <::nat => nat => bool) (ALT_ZERO::nat) x)))
  2518      ((op &::bool => bool => bool)
  2519        ((All::(nat => bool) => bool)
  2520          (%x::nat.
  2521              (All::(nat => bool) => bool)
  2522               (%xa::nat.
  2523                   (op =::bool => bool => bool)
  2524                    ((op <::nat => nat => bool) ((NUMERAL::nat => nat) x)
  2525                      ((NUMERAL::nat => nat) xa))
  2526                    ((op <::nat => nat => bool) x xa))))
  2527        ((op &::bool => bool => bool)
  2528          ((All::(nat => bool) => bool)
  2529            (%x::nat.
  2530                (op =::bool => bool => bool)
  2531                 ((op <::nat => nat => bool) x (0::nat)) (False::bool)))
  2532          ((op &::bool => bool => bool)
  2533            ((All::(nat => bool) => bool)
  2534              (%x::nat.
  2535                  (op =::bool => bool => bool)
  2536                   ((op <::nat => nat => bool) (0::nat)
  2537                     ((NUMERAL::nat => nat) x))
  2538                   ((op <::nat => nat => bool) (ALT_ZERO::nat) x)))
  2539            ((op &::bool => bool => bool)
  2540              ((All::(nat => bool) => bool)
  2541                (%x::nat.
  2542                    (All::(nat => bool) => bool)
  2543                     (%xa::nat.
  2544                         (op =::bool => bool => bool)
  2545                          ((op <::nat => nat => bool)
  2546                            ((NUMERAL::nat => nat) xa)
  2547                            ((NUMERAL::nat => nat) x))
  2548                          ((op <::nat => nat => bool) xa x))))
  2549              ((op &::bool => bool => bool)
  2550                ((All::(nat => bool) => bool)
  2551                  (%x::nat.
  2552                      (op =::bool => bool => bool)
  2553                       ((op <=::nat => nat => bool) (0::nat) x)
  2554                       (True::bool)))
  2555                ((op &::bool => bool => bool)
  2556                  ((All::(nat => bool) => bool)
  2557                    (%x::nat.
  2558                        (op =::bool => bool => bool)
  2559                         ((op <=::nat => nat => bool)
  2560                           ((NUMERAL::nat => nat) x) (0::nat))
  2561                         ((op <=::nat => nat => bool) x (ALT_ZERO::nat))))
  2562                  ((op &::bool => bool => bool)
  2563                    ((All::(nat => bool) => bool)
  2564                      (%x::nat.
  2565                          (All::(nat => bool) => bool)
  2566                           (%xa::nat.
  2567                               (op =::bool => bool => bool)
  2568                                ((op <=::nat => nat => bool)
  2569                                  ((NUMERAL::nat => nat) x)
  2570                                  ((NUMERAL::nat => nat) xa))
  2571                                ((op <=::nat => nat => bool) x xa))))
  2572                    ((op &::bool => bool => bool)
  2573                      ((All::(nat => bool) => bool)
  2574                        (%x::nat.
  2575                            (op =::bool => bool => bool)
  2576                             ((op <=::nat => nat => bool) (0::nat) x)
  2577                             (True::bool)))
  2578                      ((op &::bool => bool => bool)
  2579                        ((All::(nat => bool) => bool)
  2580                          (%x::nat.
  2581                              (op =::bool => bool => bool)
  2582                               ((op <=::nat => nat => bool) x (0::nat))
  2583                               ((op =::nat => nat => bool) x (0::nat))))
  2584                        ((op &::bool => bool => bool)
  2585                          ((All::(nat => bool) => bool)
  2586                            (%x::nat.
  2587                                (All::(nat => bool) => bool)
  2588                                 (%xa::nat.
  2589                                     (op =::bool => bool => bool)
  2590                                      ((op <=::nat => nat => bool)
  2591  ((NUMERAL::nat => nat) xa) ((NUMERAL::nat => nat) x))
  2592                                      ((op <=::nat => nat => bool) xa x))))
  2593                          ((op &::bool => bool => bool)
  2594                            ((All::(nat => bool) => bool)
  2595                              (%x::nat.
  2596                                  (op =::bool => bool => bool)
  2597                                   ((ODD::nat => bool)
  2598                                     ((NUMERAL::nat => nat) x))
  2599                                   ((ODD::nat => bool) x)))
  2600                            ((op &::bool => bool => bool)
  2601                              ((All::(nat => bool) => bool)
  2602                                (%x::nat.
  2603                                    (op =::bool => bool => bool)
  2604                                     ((EVEN::nat => bool)
  2605 ((NUMERAL::nat => nat) x))
  2606                                     ((EVEN::nat => bool) x)))
  2607                              ((op &::bool => bool => bool)
  2608                                ((Not::bool => bool)
  2609                                  ((ODD::nat => bool) (0::nat)))
  2610                                ((EVEN::nat => bool)
  2611                                  (0::nat))))))))))))))))))))))))))))))))))))"
  2612   by (import numeral numeral_distrib)
  2613 
  2614 lemma numeral_iisuc: "iiSUC ALT_ZERO = NUMERAL_BIT2 ALT_ZERO &
  2615 iiSUC (NUMERAL_BIT1 (n::nat)) = NUMERAL_BIT1 (Suc n) &
  2616 iiSUC (NUMERAL_BIT2 n) = NUMERAL_BIT2 (Suc n)"
  2617   by (import numeral numeral_iisuc)
  2618 
  2619 lemma numeral_add: "ALL (x::nat) xa::nat.
  2620    iZ (ALT_ZERO + x) = x &
  2621    iZ (x + ALT_ZERO) = x &
  2622    iZ (NUMERAL_BIT1 x + NUMERAL_BIT1 xa) = NUMERAL_BIT2 (iZ (x + xa)) &
  2623    iZ (NUMERAL_BIT1 x + NUMERAL_BIT2 xa) = NUMERAL_BIT1 (Suc (x + xa)) &
  2624    iZ (NUMERAL_BIT2 x + NUMERAL_BIT1 xa) = NUMERAL_BIT1 (Suc (x + xa)) &
  2625    iZ (NUMERAL_BIT2 x + NUMERAL_BIT2 xa) = NUMERAL_BIT2 (Suc (x + xa)) &
  2626    Suc (ALT_ZERO + x) = Suc x &
  2627    Suc (x + ALT_ZERO) = Suc x &
  2628    Suc (NUMERAL_BIT1 x + NUMERAL_BIT1 xa) = NUMERAL_BIT1 (Suc (x + xa)) &
  2629    Suc (NUMERAL_BIT1 x + NUMERAL_BIT2 xa) = NUMERAL_BIT2 (Suc (x + xa)) &
  2630    Suc (NUMERAL_BIT2 x + NUMERAL_BIT1 xa) = NUMERAL_BIT2 (Suc (x + xa)) &
  2631    Suc (NUMERAL_BIT2 x + NUMERAL_BIT2 xa) = NUMERAL_BIT1 (iiSUC (x + xa)) &
  2632    iiSUC (ALT_ZERO + x) = iiSUC x &
  2633    iiSUC (x + ALT_ZERO) = iiSUC x &
  2634    iiSUC (NUMERAL_BIT1 x + NUMERAL_BIT1 xa) = NUMERAL_BIT2 (Suc (x + xa)) &
  2635    iiSUC (NUMERAL_BIT1 x + NUMERAL_BIT2 xa) =
  2636    NUMERAL_BIT1 (iiSUC (x + xa)) &
  2637    iiSUC (NUMERAL_BIT2 x + NUMERAL_BIT1 xa) =
  2638    NUMERAL_BIT1 (iiSUC (x + xa)) &
  2639    iiSUC (NUMERAL_BIT2 x + NUMERAL_BIT2 xa) = NUMERAL_BIT2 (iiSUC (x + xa))"
  2640   by (import numeral numeral_add)
  2641 
  2642 lemma numeral_eq: "ALL (x::nat) xa::nat.
  2643    (ALT_ZERO = NUMERAL_BIT1 x) = False &
  2644    (NUMERAL_BIT1 x = ALT_ZERO) = False &
  2645    (ALT_ZERO = NUMERAL_BIT2 x) = False &
  2646    (NUMERAL_BIT2 x = ALT_ZERO) = False &
  2647    (NUMERAL_BIT1 x = NUMERAL_BIT2 xa) = False &
  2648    (NUMERAL_BIT2 x = NUMERAL_BIT1 xa) = False &
  2649    (NUMERAL_BIT1 x = NUMERAL_BIT1 xa) = (x = xa) &
  2650    (NUMERAL_BIT2 x = NUMERAL_BIT2 xa) = (x = xa)"
  2651   by (import numeral numeral_eq)
  2652 
  2653 lemma numeral_lt: "ALL (x::nat) xa::nat.
  2654    (ALT_ZERO < NUMERAL_BIT1 x) = True &
  2655    (ALT_ZERO < NUMERAL_BIT2 x) = True &
  2656    (x < ALT_ZERO) = False &
  2657    (NUMERAL_BIT1 x < NUMERAL_BIT1 xa) = (x < xa) &
  2658    (NUMERAL_BIT2 x < NUMERAL_BIT2 xa) = (x < xa) &
  2659    (NUMERAL_BIT1 x < NUMERAL_BIT2 xa) = (~ xa < x) &
  2660    (NUMERAL_BIT2 x < NUMERAL_BIT1 xa) = (x < xa)"
  2661   by (import numeral numeral_lt)
  2662 
  2663 lemma numeral_lte: "ALL (x::nat) xa::nat.
  2664    (ALT_ZERO <= x) = True &
  2665    (NUMERAL_BIT1 x <= ALT_ZERO) = False &
  2666    (NUMERAL_BIT2 x <= ALT_ZERO) = False &
  2667    (NUMERAL_BIT1 x <= NUMERAL_BIT1 xa) = (x <= xa) &
  2668    (NUMERAL_BIT1 x <= NUMERAL_BIT2 xa) = (x <= xa) &
  2669    (NUMERAL_BIT2 x <= NUMERAL_BIT1 xa) = (~ xa <= x) &
  2670    (NUMERAL_BIT2 x <= NUMERAL_BIT2 xa) = (x <= xa)"
  2671   by (import numeral numeral_lte)
  2672 
  2673 lemma numeral_pre: "PRE ALT_ZERO = ALT_ZERO &
  2674 PRE (NUMERAL_BIT1 ALT_ZERO) = ALT_ZERO &
  2675 (ALL x::nat.
  2676     PRE (NUMERAL_BIT1 (NUMERAL_BIT1 x)) =
  2677     NUMERAL_BIT2 (PRE (NUMERAL_BIT1 x))) &
  2678 (ALL x::nat.
  2679     PRE (NUMERAL_BIT1 (NUMERAL_BIT2 x)) = NUMERAL_BIT2 (NUMERAL_BIT1 x)) &
  2680 (ALL x::nat. PRE (NUMERAL_BIT2 x) = NUMERAL_BIT1 x)"
  2681   by (import numeral numeral_pre)
  2682 
  2683 lemma bit_initiality: "ALL (zf::'a::type) (b1f::nat => 'a::type => 'a::type)
  2684    b2f::nat => 'a::type => 'a::type.
  2685    EX x::nat => 'a::type.
  2686       x ALT_ZERO = zf &
  2687       (ALL n::nat. x (NUMERAL_BIT1 n) = b1f n (x n)) &
  2688       (ALL n::nat. x (NUMERAL_BIT2 n) = b2f n (x n))"
  2689   by (import numeral bit_initiality)
  2690 
  2691 consts
  2692   iBIT_cases :: "nat => 'a => (nat => 'a) => (nat => 'a) => 'a" 
  2693 
  2694 specification (iBIT_cases) iBIT_cases: "(ALL (zf::'a::type) (bf1::nat => 'a::type) bf2::nat => 'a::type.
  2695     iBIT_cases ALT_ZERO zf bf1 bf2 = zf) &
  2696 (ALL (n::nat) (zf::'a::type) (bf1::nat => 'a::type) bf2::nat => 'a::type.
  2697     iBIT_cases (NUMERAL_BIT1 n) zf bf1 bf2 = bf1 n) &
  2698 (ALL (n::nat) (zf::'a::type) (bf1::nat => 'a::type) bf2::nat => 'a::type.
  2699     iBIT_cases (NUMERAL_BIT2 n) zf bf1 bf2 = bf2 n)"
  2700   by (import numeral iBIT_cases)
  2701 
  2702 constdefs
  2703   iDUB :: "nat => nat" 
  2704   "iDUB == %x::nat. x + x"
  2705 
  2706 lemma iDUB: "ALL x::nat. iDUB x = x + x"
  2707   by (import numeral iDUB)
  2708 
  2709 consts
  2710   iSUB :: "bool => nat => nat => nat" 
  2711 
  2712 specification (iSUB) iSUB_DEF: "(ALL (b::bool) x::nat. iSUB b ALT_ZERO x = ALT_ZERO) &
  2713 (ALL (b::bool) (n::nat) x::nat.
  2714     iSUB b (NUMERAL_BIT1 n) x =
  2715     (if b
  2716      then iBIT_cases x (NUMERAL_BIT1 n) (%m::nat. iDUB (iSUB True n m))
  2717            (%m::nat. NUMERAL_BIT1 (iSUB False n m))
  2718      else iBIT_cases x (iDUB n) (%m::nat. NUMERAL_BIT1 (iSUB False n m))
  2719            (%m::nat. iDUB (iSUB False n m)))) &
  2720 (ALL (b::bool) (n::nat) x::nat.
  2721     iSUB b (NUMERAL_BIT2 n) x =
  2722     (if b
  2723      then iBIT_cases x (NUMERAL_BIT2 n)
  2724            (%m::nat. NUMERAL_BIT1 (iSUB True n m))
  2725            (%m::nat. iDUB (iSUB True n m))
  2726      else iBIT_cases x (NUMERAL_BIT1 n) (%m::nat. iDUB (iSUB True n m))
  2727            (%m::nat. NUMERAL_BIT1 (iSUB False n m))))"
  2728   by (import numeral iSUB_DEF)
  2729 
  2730 lemma bit_induction: "ALL P::nat => bool.
  2731    P ALT_ZERO &
  2732    (ALL n::nat. P n --> P (NUMERAL_BIT1 n)) &
  2733    (ALL n::nat. P n --> P (NUMERAL_BIT2 n)) -->
  2734    All P"
  2735   by (import numeral bit_induction)
  2736 
  2737 lemma iSUB_THM: "ALL (xa::bool) (xb::nat) xc::nat.
  2738    iSUB xa ALT_ZERO (x::nat) = ALT_ZERO &
  2739    iSUB True xb ALT_ZERO = xb &
  2740    iSUB False (NUMERAL_BIT1 xb) ALT_ZERO = iDUB xb &
  2741    iSUB True (NUMERAL_BIT1 xb) (NUMERAL_BIT1 xc) = iDUB (iSUB True xb xc) &
  2742    iSUB False (NUMERAL_BIT1 xb) (NUMERAL_BIT1 xc) =
  2743    NUMERAL_BIT1 (iSUB False xb xc) &
  2744    iSUB True (NUMERAL_BIT1 xb) (NUMERAL_BIT2 xc) =
  2745    NUMERAL_BIT1 (iSUB False xb xc) &
  2746    iSUB False (NUMERAL_BIT1 xb) (NUMERAL_BIT2 xc) =
  2747    iDUB (iSUB False xb xc) &
  2748    iSUB False (NUMERAL_BIT2 xb) ALT_ZERO = NUMERAL_BIT1 xb &
  2749    iSUB True (NUMERAL_BIT2 xb) (NUMERAL_BIT1 xc) =
  2750    NUMERAL_BIT1 (iSUB True xb xc) &
  2751    iSUB False (NUMERAL_BIT2 xb) (NUMERAL_BIT1 xc) = iDUB (iSUB True xb xc) &
  2752    iSUB True (NUMERAL_BIT2 xb) (NUMERAL_BIT2 xc) = iDUB (iSUB True xb xc) &
  2753    iSUB False (NUMERAL_BIT2 xb) (NUMERAL_BIT2 xc) =
  2754    NUMERAL_BIT1 (iSUB False xb xc)"
  2755   by (import numeral iSUB_THM)
  2756 
  2757 lemma numeral_sub: "ALL (x::nat) xa::nat.
  2758    NUMERAL (x - xa) = (if xa < x then NUMERAL (iSUB True x xa) else 0)"
  2759   by (import numeral numeral_sub)
  2760 
  2761 lemma iDUB_removal: "ALL x::nat.
  2762    iDUB (NUMERAL_BIT1 x) = NUMERAL_BIT2 (iDUB x) &
  2763    iDUB (NUMERAL_BIT2 x) = NUMERAL_BIT2 (NUMERAL_BIT1 x) &
  2764    iDUB ALT_ZERO = ALT_ZERO"
  2765   by (import numeral iDUB_removal)
  2766 
  2767 lemma numeral_mult: "ALL (x::nat) xa::nat.
  2768    ALT_ZERO * x = ALT_ZERO &
  2769    x * ALT_ZERO = ALT_ZERO &
  2770    NUMERAL_BIT1 x * xa = iZ (iDUB (x * xa) + xa) &
  2771    NUMERAL_BIT2 x * xa = iDUB (iZ (x * xa + xa))"
  2772   by (import numeral numeral_mult)
  2773 
  2774 constdefs
  2775   iSQR :: "nat => nat" 
  2776   "iSQR == %x::nat. x * x"
  2777 
  2778 lemma iSQR: "ALL x::nat. iSQR x = x * x"
  2779   by (import numeral iSQR)
  2780 
  2781 lemma numeral_exp: "(ALL x::nat. x ^ ALT_ZERO = NUMERAL_BIT1 ALT_ZERO) &
  2782 (ALL (x::nat) xa::nat. x ^ NUMERAL_BIT1 xa = x * iSQR (x ^ xa)) &
  2783 (ALL (x::nat) xa::nat. x ^ NUMERAL_BIT2 xa = iSQR x * iSQR (x ^ xa))"
  2784   by (import numeral numeral_exp)
  2785 
  2786 lemma numeral_evenodd: "ALL x::nat.
  2787    EVEN ALT_ZERO &
  2788    EVEN (NUMERAL_BIT2 x) &
  2789    ~ EVEN (NUMERAL_BIT1 x) &
  2790    ~ ODD ALT_ZERO & ~ ODD (NUMERAL_BIT2 x) & ODD (NUMERAL_BIT1 x)"
  2791   by (import numeral numeral_evenodd)
  2792 
  2793 lemma numeral_fact: "ALL n::nat. FACT n = (if n = 0 then 1 else n * FACT (PRE n))"
  2794   by (import numeral numeral_fact)
  2795 
  2796 lemma numeral_funpow: "ALL n::nat.
  2797    ((f::'a::type => 'a::type) ^ n) (x::'a::type) =
  2798    (if n = 0 then x else (f ^ (n - 1)) (f x))"
  2799   by (import numeral numeral_funpow)
  2800 
  2801 ;end_setup
  2802 
  2803 ;setup_theory ind_type
  2804 
  2805 lemma INJ_INVERSE2: "ALL P::'A::type => 'B::type => 'C::type.
  2806    (ALL (x1::'A::type) (y1::'B::type) (x2::'A::type) y2::'B::type.
  2807        (P x1 y1 = P x2 y2) = (x1 = x2 & y1 = y2)) -->
  2808    (EX (x::'C::type => 'A::type) Y::'C::type => 'B::type.
  2809        ALL (xa::'A::type) y::'B::type. x (P xa y) = xa & Y (P xa y) = y)"
  2810   by (import ind_type INJ_INVERSE2)
  2811 
  2812 constdefs
  2813   NUMPAIR :: "nat => nat => nat" 
  2814   "NUMPAIR == %(x::nat) y::nat. 2 ^ x * (2 * y + 1)"
  2815 
  2816 lemma NUMPAIR: "ALL (x::nat) y::nat. NUMPAIR x y = 2 ^ x * (2 * y + 1)"
  2817   by (import ind_type NUMPAIR)
  2818 
  2819 lemma NUMPAIR_INJ_LEMMA: "ALL (x::nat) (xa::nat) (xb::nat) xc::nat.
  2820    NUMPAIR x xa = NUMPAIR xb xc --> x = xb"
  2821   by (import ind_type NUMPAIR_INJ_LEMMA)
  2822 
  2823 lemma NUMPAIR_INJ: "ALL (x1::nat) (y1::nat) (x2::nat) y2::nat.
  2824    (NUMPAIR x1 y1 = NUMPAIR x2 y2) = (x1 = x2 & y1 = y2)"
  2825   by (import ind_type NUMPAIR_INJ)
  2826 
  2827 consts
  2828   NUMSND :: "nat => nat" 
  2829   NUMFST :: "nat => nat" 
  2830 
  2831 specification (NUMFST NUMSND) NUMPAIR_DEST: "ALL (x::nat) y::nat. NUMFST (NUMPAIR x y) = x & NUMSND (NUMPAIR x y) = y"
  2832   by (import ind_type NUMPAIR_DEST)
  2833 
  2834 constdefs
  2835   NUMSUM :: "bool => nat => nat" 
  2836   "NUMSUM == %(b::bool) x::nat. if b then Suc (2 * x) else 2 * x"
  2837 
  2838 lemma NUMSUM: "ALL (b::bool) x::nat. NUMSUM b x = (if b then Suc (2 * x) else 2 * x)"
  2839   by (import ind_type NUMSUM)
  2840 
  2841 lemma NUMSUM_INJ: "ALL (b1::bool) (x1::nat) (b2::bool) x2::nat.
  2842    (NUMSUM b1 x1 = NUMSUM b2 x2) = (b1 = b2 & x1 = x2)"
  2843   by (import ind_type NUMSUM_INJ)
  2844 
  2845 consts
  2846   NUMRIGHT :: "nat => nat" 
  2847   NUMLEFT :: "nat => bool" 
  2848 
  2849 specification (NUMLEFT NUMRIGHT) NUMSUM_DEST: "ALL (x::bool) y::nat. NUMLEFT (NUMSUM x y) = x & NUMRIGHT (NUMSUM x y) = y"
  2850   by (import ind_type NUMSUM_DEST)
  2851 
  2852 constdefs
  2853   INJN :: "nat => nat => 'a => bool" 
  2854   "INJN == %(m::nat) (n::nat) a::'a::type. n = m"
  2855 
  2856 lemma INJN: "ALL m::nat. INJN m = (%(n::nat) a::'a::type. n = m)"
  2857   by (import ind_type INJN)
  2858 
  2859 lemma INJN_INJ: "ALL (n1::nat) n2::nat. (INJN n1 = INJN n2) = (n1 = n2)"
  2860   by (import ind_type INJN_INJ)
  2861 
  2862 constdefs
  2863   INJA :: "'a => nat => 'a => bool" 
  2864   "INJA == %(a::'a::type) (n::nat) b::'a::type. b = a"
  2865 
  2866 lemma INJA: "ALL a::'a::type. INJA a = (%(n::nat) b::'a::type. b = a)"
  2867   by (import ind_type INJA)
  2868 
  2869 lemma INJA_INJ: "ALL (a1::'a::type) a2::'a::type. (INJA a1 = INJA a2) = (a1 = a2)"
  2870   by (import ind_type INJA_INJ)
  2871 
  2872 constdefs
  2873   INJF :: "(nat => nat => 'a => bool) => nat => 'a => bool" 
  2874   "INJF == %(f::nat => nat => 'a::type => bool) n::nat. f (NUMFST n) (NUMSND n)"
  2875 
  2876 lemma INJF: "ALL f::nat => nat => 'a::type => bool.
  2877    INJF f = (%n::nat. f (NUMFST n) (NUMSND n))"
  2878   by (import ind_type INJF)
  2879 
  2880 lemma INJF_INJ: "ALL (f1::nat => nat => 'a::type => bool) f2::nat => nat => 'a::type => bool.
  2881    (INJF f1 = INJF f2) = (f1 = f2)"
  2882   by (import ind_type INJF_INJ)
  2883 
  2884 constdefs
  2885   INJP :: "(nat => 'a => bool) => (nat => 'a => bool) => nat => 'a => bool" 
  2886   "INJP ==
  2887 %(f1::nat => 'a::type => bool) (f2::nat => 'a::type => bool) (n::nat)
  2888    a::'a::type. if NUMLEFT n then f1 (NUMRIGHT n) a else f2 (NUMRIGHT n) a"
  2889 
  2890 lemma INJP: "ALL (f1::nat => 'a::type => bool) f2::nat => 'a::type => bool.
  2891    INJP f1 f2 =
  2892    (%(n::nat) a::'a::type.
  2893        if NUMLEFT n then f1 (NUMRIGHT n) a else f2 (NUMRIGHT n) a)"
  2894   by (import ind_type INJP)
  2895 
  2896 lemma INJP_INJ: "ALL (f1::nat => 'a::type => bool) (f1'::nat => 'a::type => bool)
  2897    (f2::nat => 'a::type => bool) f2'::nat => 'a::type => bool.
  2898    (INJP f1 f2 = INJP f1' f2') = (f1 = f1' & f2 = f2')"
  2899   by (import ind_type INJP_INJ)
  2900 
  2901 constdefs
  2902   ZCONSTR :: "nat => 'a => (nat => nat => 'a => bool) => nat => 'a => bool" 
  2903   "ZCONSTR ==
  2904 %(c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2905    INJP (INJN (Suc c)) (INJP (INJA i) (INJF r))"
  2906 
  2907 lemma ZCONSTR: "ALL (c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2908    ZCONSTR c i r = INJP (INJN (Suc c)) (INJP (INJA i) (INJF r))"
  2909   by (import ind_type ZCONSTR)
  2910 
  2911 constdefs
  2912   ZBOT :: "nat => 'a => bool" 
  2913   "ZBOT == INJP (INJN 0) (SOME z::nat => 'a::type => bool. True)"
  2914 
  2915 lemma ZBOT: "ZBOT = INJP (INJN 0) (SOME z::nat => 'a::type => bool. True)"
  2916   by (import ind_type ZBOT)
  2917 
  2918 lemma ZCONSTR_ZBOT: "ALL (x::nat) (xa::'a::type) xb::nat => nat => 'a::type => bool.
  2919    ZCONSTR x xa xb ~= ZBOT"
  2920   by (import ind_type ZCONSTR_ZBOT)
  2921 
  2922 constdefs
  2923   ZRECSPACE :: "(nat => 'a => bool) => bool" 
  2924   "ZRECSPACE ==
  2925 %a0::nat => 'a::type => bool.
  2926    ALL ZRECSPACE'::(nat => 'a::type => bool) => bool.
  2927       (ALL a0::nat => 'a::type => bool.
  2928           a0 = ZBOT |
  2929           (EX (c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2930               a0 = ZCONSTR c i r & (ALL n::nat. ZRECSPACE' (r n))) -->
  2931           ZRECSPACE' a0) -->
  2932       ZRECSPACE' a0"
  2933 
  2934 lemma ZRECSPACE: "ZRECSPACE =
  2935 (%a0::nat => 'a::type => bool.
  2936     ALL ZRECSPACE'::(nat => 'a::type => bool) => bool.
  2937        (ALL a0::nat => 'a::type => bool.
  2938            a0 = ZBOT |
  2939            (EX (c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2940                a0 = ZCONSTR c i r & (ALL n::nat. ZRECSPACE' (r n))) -->
  2941            ZRECSPACE' a0) -->
  2942        ZRECSPACE' a0)"
  2943   by (import ind_type ZRECSPACE)
  2944 
  2945 lemma ZRECSPACE_rules: "(op &::bool => bool => bool)
  2946  ((ZRECSPACE::(nat => 'a::type => bool) => bool)
  2947    (ZBOT::nat => 'a::type => bool))
  2948  ((All::(nat => bool) => bool)
  2949    (%c::nat.
  2950        (All::('a::type => bool) => bool)
  2951         (%i::'a::type.
  2952             (All::((nat => nat => 'a::type => bool) => bool) => bool)
  2953              (%r::nat => nat => 'a::type => bool.
  2954                  (op -->::bool => bool => bool)
  2955                   ((All::(nat => bool) => bool)
  2956                     (%n::nat.
  2957                         (ZRECSPACE::(nat => 'a::type => bool) => bool)
  2958                          (r n)))
  2959                   ((ZRECSPACE::(nat => 'a::type => bool) => bool)
  2960                     ((ZCONSTR::nat
  2961                                => 'a::type
  2962                                   => (nat => nat => 'a::type => bool)
  2963                                      => nat => 'a::type => bool)
  2964                       c i r))))))"
  2965   by (import ind_type ZRECSPACE_rules)
  2966 
  2967 lemma ZRECSPACE_ind: "ALL x::(nat => 'a::type => bool) => bool.
  2968    x ZBOT &
  2969    (ALL (c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2970        (ALL n::nat. x (r n)) --> x (ZCONSTR c i r)) -->
  2971    (ALL a0::nat => 'a::type => bool. ZRECSPACE a0 --> x a0)"
  2972   by (import ind_type ZRECSPACE_ind)
  2973 
  2974 lemma ZRECSPACE_cases: "ALL a0::nat => 'a::type => bool.
  2975    ZRECSPACE a0 =
  2976    (a0 = ZBOT |
  2977     (EX (c::nat) (i::'a::type) r::nat => nat => 'a::type => bool.
  2978         a0 = ZCONSTR c i r & (ALL n::nat. ZRECSPACE (r n))))"
  2979   by (import ind_type ZRECSPACE_cases)
  2980 
  2981 typedef (open) ('a) recspace = "(Collect::((nat => 'a::type => bool) => bool)
  2982           => (nat => 'a::type => bool) set)
  2983  (ZRECSPACE::(nat => 'a::type => bool) => bool)" 
  2984   by (rule typedef_helper,import ind_type recspace_TY_DEF)
  2985 
  2986 lemmas recspace_TY_DEF = typedef_hol2hol4 [OF type_definition_recspace]
  2987 
  2988 consts
  2989   mk_rec :: "(nat => 'a => bool) => 'a recspace" 
  2990   dest_rec :: "'a recspace => nat => 'a => bool" 
  2991 
  2992 specification (dest_rec mk_rec) recspace_repfns: "(ALL a::'a::type recspace. mk_rec (dest_rec a) = a) &
  2993 (ALL r::nat => 'a::type => bool. ZRECSPACE r = (dest_rec (mk_rec r) = r))"
  2994   by (import ind_type recspace_repfns)
  2995 
  2996 constdefs
  2997   BOTTOM :: "'a recspace" 
  2998   "BOTTOM == mk_rec ZBOT"
  2999 
  3000 lemma BOTTOM: "BOTTOM = mk_rec ZBOT"
  3001   by (import ind_type BOTTOM)
  3002 
  3003 constdefs
  3004   CONSTR :: "nat => 'a => (nat => 'a recspace) => 'a recspace" 
  3005   "CONSTR ==
  3006 %(c::nat) (i::'a::type) r::nat => 'a::type recspace.
  3007    mk_rec (ZCONSTR c i (%n::nat. dest_rec (r n)))"
  3008 
  3009 lemma CONSTR: "ALL (c::nat) (i::'a::type) r::nat => 'a::type recspace.
  3010    CONSTR c i r = mk_rec (ZCONSTR c i (%n::nat. dest_rec (r n)))"
  3011   by (import ind_type CONSTR)
  3012 
  3013 lemma MK_REC_INJ: "ALL (x::nat => 'a::type => bool) y::nat => 'a::type => bool.
  3014    mk_rec x = mk_rec y --> ZRECSPACE x & ZRECSPACE y --> x = y"
  3015   by (import ind_type MK_REC_INJ)
  3016 
  3017 lemma DEST_REC_INJ: "ALL (x::'a::type recspace) y::'a::type recspace.
  3018    (dest_rec x = dest_rec y) = (x = y)"
  3019   by (import ind_type DEST_REC_INJ)
  3020 
  3021 lemma CONSTR_BOT: "ALL (c::nat) (i::'a::type) r::nat => 'a::type recspace.
  3022    CONSTR c i r ~= BOTTOM"
  3023   by (import ind_type CONSTR_BOT)
  3024 
  3025 lemma CONSTR_INJ: "ALL (c1::nat) (i1::'a::type) (r1::nat => 'a::type recspace) (c2::nat)
  3026    (i2::'a::type) r2::nat => 'a::type recspace.
  3027    (CONSTR c1 i1 r1 = CONSTR c2 i2 r2) = (c1 = c2 & i1 = i2 & r1 = r2)"
  3028   by (import ind_type CONSTR_INJ)
  3029 
  3030 lemma CONSTR_IND: "ALL P::'a::type recspace => bool.
  3031    P BOTTOM &
  3032    (ALL (c::nat) (i::'a::type) r::nat => 'a::type recspace.
  3033        (ALL n::nat. P (r n)) --> P (CONSTR c i r)) -->
  3034    All P"
  3035   by (import ind_type CONSTR_IND)
  3036 
  3037 lemma CONSTR_REC: "ALL Fn::nat
  3038         => 'a::type
  3039            => (nat => 'a::type recspace) => (nat => 'b::type) => 'b::type.
  3040    EX f::'a::type recspace => 'b::type.
  3041       ALL (c::nat) (i::'a::type) r::nat => 'a::type recspace.
  3042          f (CONSTR c i r) = Fn c i r (%n::nat. f (r n))"
  3043   by (import ind_type CONSTR_REC)
  3044 
  3045 consts
  3046   FCONS :: "'a => (nat => 'a) => nat => 'a" 
  3047 
  3048 specification (FCONS) FCONS: "(ALL (a::'a::type) f::nat => 'a::type. FCONS a f 0 = a) &
  3049 (ALL (a::'a::type) (f::nat => 'a::type) n::nat. FCONS a f (Suc n) = f n)"
  3050   by (import ind_type FCONS)
  3051 
  3052 constdefs
  3053   FNIL :: "nat => 'a" 
  3054   "FNIL == %n::nat. SOME x::'a::type. True"
  3055 
  3056 lemma FNIL: "ALL n::nat. FNIL n = (SOME x::'a::type. True)"
  3057   by (import ind_type FNIL)
  3058 
  3059 constdefs
  3060   ISO :: "('a => 'b) => ('b => 'a) => bool" 
  3061   "ISO ==
  3062 %(f::'a::type => 'b::type) g::'b::type => 'a::type.
  3063    (ALL x::'b::type. f (g x) = x) & (ALL y::'a::type. g (f y) = y)"
  3064 
  3065 lemma ISO: "ALL (f::'a::type => 'b::type) g::'b::type => 'a::type.
  3066    ISO f g =
  3067    ((ALL x::'b::type. f (g x) = x) & (ALL y::'a::type. g (f y) = y))"
  3068   by (import ind_type ISO)
  3069 
  3070 lemma ISO_REFL: "ISO (%x::'a::type. x) (%x::'a::type. x)"
  3071   by (import ind_type ISO_REFL)
  3072 
  3073 lemma ISO_FUN: "ISO (f::'a::type => 'c::type) (f'::'c::type => 'a::type) &
  3074 ISO (g::'b::type => 'd::type) (g'::'d::type => 'b::type) -->
  3075 ISO (%(h::'a::type => 'b::type) a'::'c::type. g (h (f' a')))
  3076  (%(h::'c::type => 'd::type) a::'a::type. g' (h (f a)))"
  3077   by (import ind_type ISO_FUN)
  3078 
  3079 lemma ISO_USAGE: "ISO (f::'a::type => 'b::type) (g::'b::type => 'a::type) -->
  3080 (ALL P::'a::type => bool. All P = (ALL x::'b::type. P (g x))) &
  3081 (ALL P::'a::type => bool. Ex P = (EX x::'b::type. P (g x))) &
  3082 (ALL (a::'a::type) b::'b::type. (a = g b) = (f a = b))"
  3083   by (import ind_type ISO_USAGE)
  3084 
  3085 ;end_setup
  3086 
  3087 ;setup_theory divides
  3088 
  3089 lemma ONE_DIVIDES_ALL: "(All::(nat => bool) => bool) ((op dvd::nat => nat => bool) (1::nat))"
  3090   by (import divides ONE_DIVIDES_ALL)
  3091 
  3092 lemma DIVIDES_ADD_2: "ALL (a::nat) (b::nat) c::nat. a dvd b & a dvd b + c --> a dvd c"
  3093   by (import divides DIVIDES_ADD_2)
  3094 
  3095 lemma DIVIDES_FACT: "ALL b>0. b dvd FACT b"
  3096   by (import divides DIVIDES_FACT)
  3097 
  3098 lemma DIVIDES_MULT_LEFT: "ALL (x::nat) xa::nat. (x * xa dvd xa) = (xa = 0 | x = 1)"
  3099   by (import divides DIVIDES_MULT_LEFT)
  3100 
  3101 ;end_setup
  3102 
  3103 ;setup_theory prime
  3104 
  3105 consts
  3106   prime :: "nat => bool" 
  3107 
  3108 defs
  3109   prime_primdef: "prime.prime == %a::nat. a ~= 1 & (ALL b::nat. b dvd a --> b = a | b = 1)"
  3110 
  3111 lemma prime_def: "ALL a::nat.
  3112    prime.prime a = (a ~= 1 & (ALL b::nat. b dvd a --> b = a | b = 1))"
  3113   by (import prime prime_def)
  3114 
  3115 lemma NOT_PRIME_0: "~ prime.prime 0"
  3116   by (import prime NOT_PRIME_0)
  3117 
  3118 lemma NOT_PRIME_1: "~ prime.prime 1"
  3119   by (import prime NOT_PRIME_1)
  3120 
  3121 ;end_setup
  3122 
  3123 ;setup_theory list
  3124 
  3125 consts
  3126   EL :: "nat => 'a list => 'a" 
  3127 
  3128 specification (EL) EL: "(ALL l::'a::type list. EL 0 l = hd l) &
  3129 (ALL (l::'a::type list) n::nat. EL (Suc n) l = EL n (tl l))"
  3130   by (import list EL)
  3131 
  3132 lemma NULL: "(op &::bool => bool => bool)
  3133  ((null::'a::type list => bool) ([]::'a::type list))
  3134  ((All::('a::type => bool) => bool)
  3135    (%x::'a::type.
  3136        (All::('a::type list => bool) => bool)
  3137         (%xa::'a::type list.
  3138             (Not::bool => bool)
  3139              ((null::'a::type list => bool)
  3140                ((op #::'a::type => 'a::type list => 'a::type list) x xa)))))"
  3141   by (import list NULL)
  3142 
  3143 lemma list_case_compute: "ALL l::'a::type list.
  3144    list_case (b::'b::type) (f::'a::type => 'a::type list => 'b::type) l =
  3145    (if null l then b else f (hd l) (tl l))"
  3146   by (import list list_case_compute)
  3147 
  3148 lemma LIST_NOT_EQ: "ALL (l1::'a::type list) l2::'a::type list.
  3149    l1 ~= l2 --> (ALL (x::'a::type) xa::'a::type. x # l1 ~= xa # l2)"
  3150   by (import list LIST_NOT_EQ)
  3151 
  3152 lemma NOT_EQ_LIST: "ALL (h1::'a::type) h2::'a::type.
  3153    h1 ~= h2 -->
  3154    (ALL (x::'a::type list) xa::'a::type list. h1 # x ~= h2 # xa)"
  3155   by (import list NOT_EQ_LIST)
  3156 
  3157 lemma EQ_LIST: "ALL (h1::'a::type) h2::'a::type.
  3158    h1 = h2 -->
  3159    (ALL (l1::'a::type list) l2::'a::type list.
  3160        l1 = l2 --> h1 # l1 = h2 # l2)"
  3161   by (import list EQ_LIST)
  3162 
  3163 lemma CONS: "ALL l::'a::type list. ~ null l --> hd l # tl l = l"
  3164   by (import list CONS)
  3165 
  3166 lemma MAP_EQ_NIL: "ALL (l::'a::type list) f::'a::type => 'b::type.
  3167    (map f l = []) = (l = []) & ([] = map f l) = (l = [])"
  3168   by (import list MAP_EQ_NIL)
  3169 
  3170 lemma EVERY_EL: "(All::('a::type list => bool) => bool)
  3171  (%l::'a::type list.
  3172      (All::(('a::type => bool) => bool) => bool)
  3173       (%P::'a::type => bool.
  3174           (op =::bool => bool => bool)
  3175            ((list_all::('a::type => bool) => 'a::type list => bool) P l)
  3176            ((All::(nat => bool) => bool)
  3177              (%n::nat.
  3178                  (op -->::bool => bool => bool)
  3179                   ((op <::nat => nat => bool) n
  3180                     ((size::'a::type list => nat) l))
  3181                   (P ((EL::nat => 'a::type list => 'a::type) n l))))))"
  3182   by (import list EVERY_EL)
  3183 
  3184 lemma EVERY_CONJ: "ALL l::'a::type list.
  3185    list_all
  3186     (%x::'a::type. (P::'a::type => bool) x & (Q::'a::type => bool) x) l =
  3187    (list_all P l & list_all Q l)"
  3188   by (import list EVERY_CONJ)
  3189 
  3190 lemma EVERY_MEM: "ALL (P::'a::type => bool) l::'a::type list.
  3191    list_all P l = (ALL e::'a::type. e mem l --> P e)"
  3192   by (import list EVERY_MEM)
  3193 
  3194 lemma EXISTS_MEM: "ALL (P::'a::type => bool) l::'a::type list.
  3195    list_exists P l = (EX e::'a::type. e mem l & P e)"
  3196   by (import list EXISTS_MEM)
  3197 
  3198 lemma MEM_APPEND: "ALL (e::'a::type) (l1::'a::type list) l2::'a::type list.
  3199    e mem l1 @ l2 = (e mem l1 | e mem l2)"
  3200   by (import list MEM_APPEND)
  3201 
  3202 lemma EXISTS_APPEND: "ALL (P::'a::type => bool) (l1::'a::type list) l2::'a::type list.
  3203    list_exists P (l1 @ l2) = (list_exists P l1 | list_exists P l2)"
  3204   by (import list EXISTS_APPEND)
  3205 
  3206 lemma NOT_EVERY: "ALL (P::'a::type => bool) l::'a::type list.
  3207    (~ list_all P l) = list_exists (Not o P) l"
  3208   by (import list NOT_EVERY)
  3209 
  3210 lemma NOT_EXISTS: "ALL (P::'a::type => bool) l::'a::type list.
  3211    (~ list_exists P l) = list_all (Not o P) l"
  3212   by (import list NOT_EXISTS)
  3213 
  3214 lemma MEM_MAP: "ALL (l::'a::type list) (f::'a::type => 'b::type) x::'b::type.
  3215    x mem map f l = (EX y::'a::type. x = f y & y mem l)"
  3216   by (import list MEM_MAP)
  3217 
  3218 lemma LENGTH_CONS: "ALL (l::'a::type list) n::nat.
  3219    (length l = Suc n) =
  3220    (EX (h::'a::type) l'::'a::type list. length l' = n & l = h # l')"
  3221   by (import list LENGTH_CONS)
  3222 
  3223 lemma LENGTH_EQ_CONS: "ALL (P::'a::type list => bool) n::nat.
  3224    (ALL l::'a::type list. length l = Suc n --> P l) =
  3225    (ALL l::'a::type list. length l = n --> (ALL x::'a::type. P (x # l)))"
  3226   by (import list LENGTH_EQ_CONS)
  3227 
  3228 lemma LENGTH_EQ_NIL: "ALL P::'a::type list => bool.
  3229    (ALL l::'a::type list. length l = 0 --> P l) = P []"
  3230   by (import list LENGTH_EQ_NIL)
  3231 
  3232 lemma CONS_ACYCLIC: "ALL (l::'a::type list) x::'a::type. l ~= x # l & x # l ~= l"
  3233   by (import list CONS_ACYCLIC)
  3234 
  3235 lemma APPEND_eq_NIL: "(ALL (l1::'a::type list) l2::'a::type list.
  3236     ([] = l1 @ l2) = (l1 = [] & l2 = [])) &
  3237 (ALL (l1::'a::type list) l2::'a::type list.
  3238     (l1 @ l2 = []) = (l1 = [] & l2 = []))"
  3239   by (import list APPEND_eq_NIL)
  3240 
  3241 lemma APPEND_11: "(ALL (l1::'a::type list) (l2::'a::type list) l3::'a::type list.
  3242     (l1 @ l2 = l1 @ l3) = (l2 = l3)) &
  3243 (ALL (l1::'a::type list) (l2::'a::type list) l3::'a::type list.
  3244     (l2 @ l1 = l3 @ l1) = (l2 = l3))"
  3245   by (import list APPEND_11)
  3246 
  3247 lemma EL_compute: "ALL n::nat.
  3248    EL n (l::'a::type list) = (if n = 0 then hd l else EL (PRE n) (tl l))"
  3249   by (import list EL_compute)
  3250 
  3251 lemma WF_LIST_PRED: "WF (%(L1::'a::type list) L2::'a::type list. EX h::'a::type. L2 = h # L1)"
  3252   by (import list WF_LIST_PRED)
  3253 
  3254 lemma list_size_cong: "ALL (M::'a::type list) (N::'a::type list) (f::'a::type => nat)
  3255    f'::'a::type => nat.
  3256    M = N & (ALL x::'a::type. x mem N --> f x = f' x) -->
  3257    list_size f M = list_size f' N"
  3258   by (import list list_size_cong)
  3259 
  3260 lemma FOLDR_CONG: "ALL (l::'a::type list) (l'::'a::type list) (b::'b::type) (b'::'b::type)
  3261    (f::'a::type => 'b::type => 'b::type)
  3262    f'::'a::type => 'b::type => 'b::type.
  3263    l = l' &
  3264    b = b' & (ALL (x::'a::type) a::'b::type. x mem l' --> f x a = f' x a) -->
  3265    foldr f l b = foldr f' l' b'"
  3266   by (import list FOLDR_CONG)
  3267 
  3268 lemma FOLDL_CONG: "ALL (l::'a::type list) (l'::'a::type list) (b::'b::type) (b'::'b::type)
  3269    (f::'b::type => 'a::type => 'b::type)
  3270    f'::'b::type => 'a::type => 'b::type.
  3271    l = l' &
  3272    b = b' & (ALL (x::'a::type) a::'b::type. x mem l' --> f a x = f' a x) -->
  3273    foldl f b l = foldl f' b' l'"
  3274   by (import list FOLDL_CONG)
  3275 
  3276 lemma MAP_CONG: "ALL (l1::'a::type list) (l2::'a::type list) (f::'a::type => 'b::type)
  3277    f'::'a::type => 'b::type.
  3278    l1 = l2 & (ALL x::'a::type. x mem l2 --> f x = f' x) -->
  3279    map f l1 = map f' l2"
  3280   by (import list MAP_CONG)
  3281 
  3282 lemma EXISTS_CONG: "ALL (l1::'a::type list) (l2::'a::type list) (P::'a::type => bool)
  3283    P'::'a::type => bool.
  3284    l1 = l2 & (ALL x::'a::type. x mem l2 --> P x = P' x) -->
  3285    list_exists P l1 = list_exists P' l2"
  3286   by (import list EXISTS_CONG)
  3287 
  3288 lemma EVERY_CONG: "ALL (l1::'a::type list) (l2::'a::type list) (P::'a::type => bool)
  3289    P'::'a::type => bool.
  3290    l1 = l2 & (ALL x::'a::type. x mem l2 --> P x = P' x) -->
  3291    list_all P l1 = list_all P' l2"
  3292   by (import list EVERY_CONG)
  3293 
  3294 lemma EVERY_MONOTONIC: "ALL (P::'a::type => bool) Q::'a::type => bool.
  3295    (ALL x::'a::type. P x --> Q x) -->
  3296    (ALL l::'a::type list. list_all P l --> list_all Q l)"
  3297   by (import list EVERY_MONOTONIC)
  3298 
  3299 lemma LENGTH_ZIP: "ALL (l1::'a::type list) l2::'b::type list.
  3300    length l1 = length l2 -->
  3301    length (zip l1 l2) = length l1 & length (zip l1 l2) = length l2"
  3302   by (import list LENGTH_ZIP)
  3303 
  3304 lemma LENGTH_UNZIP: "ALL pl::('a::type * 'b::type) list.
  3305    length (fst (unzip pl)) = length pl & length (snd (unzip pl)) = length pl"
  3306   by (import list LENGTH_UNZIP)
  3307 
  3308 lemma ZIP_UNZIP: "ALL l::('a::type * 'b::type) list. ZIP (unzip l) = l"
  3309   by (import list ZIP_UNZIP)
  3310 
  3311 lemma UNZIP_ZIP: "ALL (l1::'a::type list) l2::'b::type list.
  3312    length l1 = length l2 --> unzip (zip l1 l2) = (l1, l2)"
  3313   by (import list UNZIP_ZIP)
  3314 
  3315 lemma ZIP_MAP: "ALL (l1::'a::type list) (l2::'b::type list) (f1::'a::type => 'c::type)
  3316    f2::'b::type => 'd::type.
  3317    length l1 = length l2 -->
  3318    zip (map f1 l1) l2 =
  3319    map (%p::'a::type * 'b::type. (f1 (fst p), snd p)) (zip l1 l2) &
  3320    zip l1 (map f2 l2) =
  3321    map (%p::'a::type * 'b::type. (fst p, f2 (snd p))) (zip l1 l2)"
  3322   by (import list ZIP_MAP)
  3323 
  3324 lemma MEM_ZIP: "(All::('a::type list => bool) => bool)
  3325  (%l1::'a::type list.
  3326      (All::('b::type list => bool) => bool)
  3327       (%l2::'b::type list.
  3328           (All::('a::type * 'b::type => bool) => bool)
  3329            (%p::'a::type * 'b::type.
  3330                (op -->::bool => bool => bool)
  3331                 ((op =::nat => nat => bool)
  3332                   ((size::'a::type list => nat) l1)
  3333                   ((size::'b::type list => nat) l2))
  3334                 ((op =::bool => bool => bool)
  3335                   ((op mem::'a::type * 'b::type
  3336                             => ('a::type * 'b::type) list => bool)
  3337                     p ((zip::'a::type list
  3338                              => 'b::type list => ('a::type * 'b::type) list)
  3339                         l1 l2))
  3340                   ((Ex::(nat => bool) => bool)
  3341                     (%n::nat.
  3342                         (op &::bool => bool => bool)
  3343                          ((op <::nat => nat => bool) n
  3344                            ((size::'a::type list => nat) l1))
  3345                          ((op =::'a::type * 'b::type
  3346                                  => 'a::type * 'b::type => bool)
  3347                            p ((Pair::'a::type
  3348                                      => 'b::type => 'a::type * 'b::type)
  3349                                ((EL::nat => 'a::type list => 'a::type) n l1)
  3350                                ((EL::nat => 'b::type list => 'b::type) n
  3351                                  l2)))))))))"
  3352   by (import list MEM_ZIP)
  3353 
  3354 lemma EL_ZIP: "ALL (l1::'a::type list) (l2::'b::type list) n::nat.
  3355    length l1 = length l2 & n < length l1 -->
  3356    EL n (zip l1 l2) = (EL n l1, EL n l2)"
  3357   by (import list EL_ZIP)
  3358 
  3359 lemma MAP2_ZIP: "(All::('a::type list => bool) => bool)
  3360  (%l1::'a::type list.
  3361      (All::('b::type list => bool) => bool)
  3362       (%l2::'b::type list.
  3363           (op -->::bool => bool => bool)
  3364            ((op =::nat => nat => bool) ((size::'a::type list => nat) l1)
  3365              ((size::'b::type list => nat) l2))
  3366            ((All::(('a::type => 'b::type => 'c::type) => bool) => bool)
  3367              (%f::'a::type => 'b::type => 'c::type.
  3368                  (op =::'c::type list => 'c::type list => bool)
  3369                   ((map2::('a::type => 'b::type => 'c::type)
  3370                           => 'a::type list
  3371                              => 'b::type list => 'c::type list)
  3372                     f l1 l2)
  3373                   ((map::('a::type * 'b::type => 'c::type)
  3374                          => ('a::type * 'b::type) list => 'c::type list)
  3375                     ((split::('a::type => 'b::type => 'c::type)
  3376                              => 'a::type * 'b::type => 'c::type)
  3377                       f)
  3378                     ((zip::'a::type list
  3379                            => 'b::type list => ('a::type * 'b::type) list)
  3380                       l1 l2))))))"
  3381   by (import list MAP2_ZIP)
  3382 
  3383 lemma MEM_EL: "(All::('a::type list => bool) => bool)
  3384  (%l::'a::type list.
  3385      (All::('a::type => bool) => bool)
  3386       (%x::'a::type.
  3387           (op =::bool => bool => bool)
  3388            ((op mem::'a::type => 'a::type list => bool) x l)
  3389            ((Ex::(nat => bool) => bool)
  3390              (%n::nat.
  3391                  (op &::bool => bool => bool)
  3392                   ((op <::nat => nat => bool) n
  3393                     ((size::'a::type list => nat) l))
  3394                   ((op =::'a::type => 'a::type => bool) x
  3395                     ((EL::nat => 'a::type list => 'a::type) n l))))))"
  3396   by (import list MEM_EL)
  3397 
  3398 lemma LAST_CONS: "(ALL x::'a::type. last [x] = x) &
  3399 (ALL (x::'a::type) (xa::'a::type) xb::'a::type list.
  3400     last (x # xa # xb) = last (xa # xb))"
  3401   by (import list LAST_CONS)
  3402 
  3403 lemma FRONT_CONS: "(ALL x::'a::type. butlast [x] = []) &
  3404 (ALL (x::'a::type) (xa::'a::type) xb::'a::type list.
  3405     butlast (x # xa # xb) = x # butlast (xa # xb))"
  3406   by (import list FRONT_CONS)
  3407 
  3408 ;end_setup
  3409 
  3410 ;setup_theory pred_set
  3411 
  3412 lemma EXTENSION: "ALL (s::'a::type => bool) t::'a::type => bool.
  3413    (s = t) = (ALL x::'a::type. IN x s = IN x t)"
  3414   by (import pred_set EXTENSION)
  3415 
  3416 lemma NOT_EQUAL_SETS: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3417    (x ~= xa) = (EX xb::'a::type. IN xb xa = (~ IN xb x))"
  3418   by (import pred_set NOT_EQUAL_SETS)
  3419 
  3420 lemma NUM_SET_WOP: "ALL s::nat => bool.
  3421    (EX n::nat. IN n s) =
  3422    (EX n::nat. IN n s & (ALL m::nat. IN m s --> n <= m))"
  3423   by (import pred_set NUM_SET_WOP)
  3424 
  3425 consts
  3426   GSPEC :: "('b => 'a * bool) => 'a => bool" 
  3427 
  3428 specification (GSPEC) GSPECIFICATION: "ALL (f::'b::type => 'a::type * bool) v::'a::type.
  3429    IN v (GSPEC f) = (EX x::'b::type. (v, True) = f x)"
  3430   by (import pred_set GSPECIFICATION)
  3431 
  3432 lemma SET_MINIMUM: "ALL (s::'a::type => bool) M::'a::type => nat.
  3433    (EX x::'a::type. IN x s) =
  3434    (EX x::'a::type. IN x s & (ALL y::'a::type. IN y s --> M x <= M y))"
  3435   by (import pred_set SET_MINIMUM)
  3436 
  3437 constdefs
  3438   EMPTY :: "'a => bool" 
  3439   "EMPTY == %x::'a::type. False"
  3440 
  3441 lemma EMPTY_DEF: "EMPTY = (%x::'a::type. False)"
  3442   by (import pred_set EMPTY_DEF)
  3443 
  3444 lemma NOT_IN_EMPTY: "ALL x::'a::type. ~ IN x EMPTY"
  3445   by (import pred_set NOT_IN_EMPTY)
  3446 
  3447 lemma MEMBER_NOT_EMPTY: "ALL x::'a::type => bool. (EX xa::'a::type. IN xa x) = (x ~= EMPTY)"
  3448   by (import pred_set MEMBER_NOT_EMPTY)
  3449 
  3450 consts
  3451   UNIV :: "'a => bool" 
  3452 
  3453 defs
  3454   UNIV_def: "pred_set.UNIV == %x::'a::type. True"
  3455 
  3456 lemma UNIV_DEF: "pred_set.UNIV = (%x::'a::type. True)"
  3457   by (import pred_set UNIV_DEF)
  3458 
  3459 lemma IN_UNIV: "ALL x::'a::type. IN x pred_set.UNIV"
  3460   by (import pred_set IN_UNIV)
  3461 
  3462 lemma UNIV_NOT_EMPTY: "pred_set.UNIV ~= EMPTY"
  3463   by (import pred_set UNIV_NOT_EMPTY)
  3464 
  3465 lemma EMPTY_NOT_UNIV: "EMPTY ~= pred_set.UNIV"
  3466   by (import pred_set EMPTY_NOT_UNIV)
  3467 
  3468 lemma EQ_UNIV: "(ALL x::'a::type. IN x (s::'a::type => bool)) = (s = pred_set.UNIV)"
  3469   by (import pred_set EQ_UNIV)
  3470 
  3471 constdefs
  3472   SUBSET :: "('a => bool) => ('a => bool) => bool" 
  3473   "SUBSET ==
  3474 %(s::'a::type => bool) t::'a::type => bool.
  3475    ALL x::'a::type. IN x s --> IN x t"
  3476 
  3477 lemma SUBSET_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3478    SUBSET s t = (ALL x::'a::type. IN x s --> IN x t)"
  3479   by (import pred_set SUBSET_DEF)
  3480 
  3481 lemma SUBSET_TRANS: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3482    SUBSET x xa & SUBSET xa xb --> SUBSET x xb"
  3483   by (import pred_set SUBSET_TRANS)
  3484 
  3485 lemma SUBSET_REFL: "ALL x::'a::type => bool. SUBSET x x"
  3486   by (import pred_set SUBSET_REFL)
  3487 
  3488 lemma SUBSET_ANTISYM: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3489    SUBSET x xa & SUBSET xa x --> x = xa"
  3490   by (import pred_set SUBSET_ANTISYM)
  3491 
  3492 lemma EMPTY_SUBSET: "All (SUBSET EMPTY)"
  3493   by (import pred_set EMPTY_SUBSET)
  3494 
  3495 lemma SUBSET_EMPTY: "ALL x::'a::type => bool. SUBSET x EMPTY = (x = EMPTY)"
  3496   by (import pred_set SUBSET_EMPTY)
  3497 
  3498 lemma SUBSET_UNIV: "ALL x::'a::type => bool. SUBSET x pred_set.UNIV"
  3499   by (import pred_set SUBSET_UNIV)
  3500 
  3501 lemma UNIV_SUBSET: "ALL x::'a::type => bool. SUBSET pred_set.UNIV x = (x = pred_set.UNIV)"
  3502   by (import pred_set UNIV_SUBSET)
  3503 
  3504 constdefs
  3505   PSUBSET :: "('a => bool) => ('a => bool) => bool" 
  3506   "PSUBSET == %(s::'a::type => bool) t::'a::type => bool. SUBSET s t & s ~= t"
  3507 
  3508 lemma PSUBSET_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3509    PSUBSET s t = (SUBSET s t & s ~= t)"
  3510   by (import pred_set PSUBSET_DEF)
  3511 
  3512 lemma PSUBSET_TRANS: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3513    PSUBSET x xa & PSUBSET xa xb --> PSUBSET x xb"
  3514   by (import pred_set PSUBSET_TRANS)
  3515 
  3516 lemma PSUBSET_IRREFL: "ALL x::'a::type => bool. ~ PSUBSET x x"
  3517   by (import pred_set PSUBSET_IRREFL)
  3518 
  3519 lemma NOT_PSUBSET_EMPTY: "ALL x::'a::type => bool. ~ PSUBSET x EMPTY"
  3520   by (import pred_set NOT_PSUBSET_EMPTY)
  3521 
  3522 lemma NOT_UNIV_PSUBSET: "ALL x::'a::type => bool. ~ PSUBSET pred_set.UNIV x"
  3523   by (import pred_set NOT_UNIV_PSUBSET)
  3524 
  3525 lemma PSUBSET_UNIV: "ALL x::'a::type => bool.
  3526    PSUBSET x pred_set.UNIV = (EX xa::'a::type. ~ IN xa x)"
  3527   by (import pred_set PSUBSET_UNIV)
  3528 
  3529 consts
  3530   UNION :: "('a => bool) => ('a => bool) => 'a => bool" 
  3531 
  3532 defs
  3533   UNION_def: "pred_set.UNION ==
  3534 %(s::'a::type => bool) t::'a::type => bool.
  3535    GSPEC (%x::'a::type. (x, IN x s | IN x t))"
  3536 
  3537 lemma UNION_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3538    pred_set.UNION s t = GSPEC (%x::'a::type. (x, IN x s | IN x t))"
  3539   by (import pred_set UNION_DEF)
  3540 
  3541 lemma IN_UNION: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type.
  3542    IN xb (pred_set.UNION x xa) = (IN xb x | IN xb xa)"
  3543   by (import pred_set IN_UNION)
  3544 
  3545 lemma UNION_ASSOC: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3546    pred_set.UNION x (pred_set.UNION xa xb) =
  3547    pred_set.UNION (pred_set.UNION x xa) xb"
  3548   by (import pred_set UNION_ASSOC)
  3549 
  3550 lemma UNION_IDEMPOT: "ALL x::'a::type => bool. pred_set.UNION x x = x"
  3551   by (import pred_set UNION_IDEMPOT)
  3552 
  3553 lemma UNION_COMM: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3554    pred_set.UNION x xa = pred_set.UNION xa x"
  3555   by (import pred_set UNION_COMM)
  3556 
  3557 lemma SUBSET_UNION: "(ALL (x::'a::type => bool) xa::'a::type => bool.
  3558     SUBSET x (pred_set.UNION x xa)) &
  3559 (ALL (x::'a::type => bool) xa::'a::type => bool.
  3560     SUBSET x (pred_set.UNION xa x))"
  3561   by (import pred_set SUBSET_UNION)
  3562 
  3563 lemma UNION_SUBSET: "ALL (s::'a::type => bool) (t::'a::type => bool) u::'a::type => bool.
  3564    SUBSET (pred_set.UNION s t) u = (SUBSET s u & SUBSET t u)"
  3565   by (import pred_set UNION_SUBSET)
  3566 
  3567 lemma SUBSET_UNION_ABSORPTION: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3568    SUBSET x xa = (pred_set.UNION x xa = xa)"
  3569   by (import pred_set SUBSET_UNION_ABSORPTION)
  3570 
  3571 lemma UNION_EMPTY: "(ALL x::'a::type => bool. pred_set.UNION EMPTY x = x) &
  3572 (ALL x::'a::type => bool. pred_set.UNION x EMPTY = x)"
  3573   by (import pred_set UNION_EMPTY)
  3574 
  3575 lemma UNION_UNIV: "(ALL x::'a::type => bool. pred_set.UNION pred_set.UNIV x = pred_set.UNIV) &
  3576 (ALL x::'a::type => bool. pred_set.UNION x pred_set.UNIV = pred_set.UNIV)"
  3577   by (import pred_set UNION_UNIV)
  3578 
  3579 lemma EMPTY_UNION: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3580    (pred_set.UNION x xa = EMPTY) = (x = EMPTY & xa = EMPTY)"
  3581   by (import pred_set EMPTY_UNION)
  3582 
  3583 consts
  3584   INTER :: "('a => bool) => ('a => bool) => 'a => bool" 
  3585 
  3586 defs
  3587   INTER_def: "pred_set.INTER ==
  3588 %(s::'a::type => bool) t::'a::type => bool.
  3589    GSPEC (%x::'a::type. (x, IN x s & IN x t))"
  3590 
  3591 lemma INTER_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3592    pred_set.INTER s t = GSPEC (%x::'a::type. (x, IN x s & IN x t))"
  3593   by (import pred_set INTER_DEF)
  3594 
  3595 lemma IN_INTER: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type.
  3596    IN xb (pred_set.INTER x xa) = (IN xb x & IN xb xa)"
  3597   by (import pred_set IN_INTER)
  3598 
  3599 lemma INTER_ASSOC: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3600    pred_set.INTER x (pred_set.INTER xa xb) =
  3601    pred_set.INTER (pred_set.INTER x xa) xb"
  3602   by (import pred_set INTER_ASSOC)
  3603 
  3604 lemma INTER_IDEMPOT: "ALL x::'a::type => bool. pred_set.INTER x x = x"
  3605   by (import pred_set INTER_IDEMPOT)
  3606 
  3607 lemma INTER_COMM: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3608    pred_set.INTER x xa = pred_set.INTER xa x"
  3609   by (import pred_set INTER_COMM)
  3610 
  3611 lemma INTER_SUBSET: "(ALL (x::'a::type => bool) xa::'a::type => bool.
  3612     SUBSET (pred_set.INTER x xa) x) &
  3613 (ALL (x::'a::type => bool) xa::'a::type => bool.
  3614     SUBSET (pred_set.INTER xa x) x)"
  3615   by (import pred_set INTER_SUBSET)
  3616 
  3617 lemma SUBSET_INTER: "ALL (s::'a::type => bool) (t::'a::type => bool) u::'a::type => bool.
  3618    SUBSET s (pred_set.INTER t u) = (SUBSET s t & SUBSET s u)"
  3619   by (import pred_set SUBSET_INTER)
  3620 
  3621 lemma SUBSET_INTER_ABSORPTION: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3622    SUBSET x xa = (pred_set.INTER x xa = x)"
  3623   by (import pred_set SUBSET_INTER_ABSORPTION)
  3624 
  3625 lemma INTER_EMPTY: "(ALL x::'a::type => bool. pred_set.INTER EMPTY x = EMPTY) &
  3626 (ALL x::'a::type => bool. pred_set.INTER x EMPTY = EMPTY)"
  3627   by (import pred_set INTER_EMPTY)
  3628 
  3629 lemma INTER_UNIV: "(ALL x::'a::type => bool. pred_set.INTER pred_set.UNIV x = x) &
  3630 (ALL x::'a::type => bool. pred_set.INTER x pred_set.UNIV = x)"
  3631   by (import pred_set INTER_UNIV)
  3632 
  3633 lemma UNION_OVER_INTER: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3634    pred_set.INTER x (pred_set.UNION xa xb) =
  3635    pred_set.UNION (pred_set.INTER x xa) (pred_set.INTER x xb)"
  3636   by (import pred_set UNION_OVER_INTER)
  3637 
  3638 lemma INTER_OVER_UNION: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3639    pred_set.UNION x (pred_set.INTER xa xb) =
  3640    pred_set.INTER (pred_set.UNION x xa) (pred_set.UNION x xb)"
  3641   by (import pred_set INTER_OVER_UNION)
  3642 
  3643 constdefs
  3644   DISJOINT :: "('a => bool) => ('a => bool) => bool" 
  3645   "DISJOINT ==
  3646 %(s::'a::type => bool) t::'a::type => bool. pred_set.INTER s t = EMPTY"
  3647 
  3648 lemma DISJOINT_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3649    DISJOINT s t = (pred_set.INTER s t = EMPTY)"
  3650   by (import pred_set DISJOINT_DEF)
  3651 
  3652 lemma IN_DISJOINT: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3653    DISJOINT x xa = (~ (EX xb::'a::type. IN xb x & IN xb xa))"
  3654   by (import pred_set IN_DISJOINT)
  3655 
  3656 lemma DISJOINT_SYM: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3657    DISJOINT x xa = DISJOINT xa x"
  3658   by (import pred_set DISJOINT_SYM)
  3659 
  3660 lemma DISJOINT_EMPTY: "ALL x::'a::type => bool. DISJOINT EMPTY x & DISJOINT x EMPTY"
  3661   by (import pred_set DISJOINT_EMPTY)
  3662 
  3663 lemma DISJOINT_EMPTY_REFL: "ALL x::'a::type => bool. (x = EMPTY) = DISJOINT x x"
  3664   by (import pred_set DISJOINT_EMPTY_REFL)
  3665 
  3666 lemma DISJOINT_UNION: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type => bool.
  3667    DISJOINT (pred_set.UNION x xa) xb = (DISJOINT x xb & DISJOINT xa xb)"
  3668   by (import pred_set DISJOINT_UNION)
  3669 
  3670 lemma DISJOINT_UNION_BOTH: "ALL (s::'a::type => bool) (t::'a::type => bool) u::'a::type => bool.
  3671    DISJOINT (pred_set.UNION s t) u = (DISJOINT s u & DISJOINT t u) &
  3672    DISJOINT u (pred_set.UNION s t) = (DISJOINT s u & DISJOINT t u)"
  3673   by (import pred_set DISJOINT_UNION_BOTH)
  3674 
  3675 constdefs
  3676   DIFF :: "('a => bool) => ('a => bool) => 'a => bool" 
  3677   "DIFF ==
  3678 %(s::'a::type => bool) t::'a::type => bool.
  3679    GSPEC (%x::'a::type. (x, IN x s & ~ IN x t))"
  3680 
  3681 lemma DIFF_DEF: "ALL (s::'a::type => bool) t::'a::type => bool.
  3682    DIFF s t = GSPEC (%x::'a::type. (x, IN x s & ~ IN x t))"
  3683   by (import pred_set DIFF_DEF)
  3684 
  3685 lemma IN_DIFF: "ALL (s::'a::type => bool) (t::'a::type => bool) x::'a::type.
  3686    IN x (DIFF s t) = (IN x s & ~ IN x t)"
  3687   by (import pred_set IN_DIFF)
  3688 
  3689 lemma DIFF_EMPTY: "ALL s::'a::type => bool. DIFF s EMPTY = s"
  3690   by (import pred_set DIFF_EMPTY)
  3691 
  3692 lemma EMPTY_DIFF: "ALL s::'a::type => bool. DIFF EMPTY s = EMPTY"
  3693   by (import pred_set EMPTY_DIFF)
  3694 
  3695 lemma DIFF_UNIV: "ALL s::'a::type => bool. DIFF s pred_set.UNIV = EMPTY"
  3696   by (import pred_set DIFF_UNIV)
  3697 
  3698 lemma DIFF_DIFF: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3699    DIFF (DIFF x xa) xa = DIFF x xa"
  3700   by (import pred_set DIFF_DIFF)
  3701 
  3702 lemma DIFF_EQ_EMPTY: "ALL x::'a::type => bool. DIFF x x = EMPTY"
  3703   by (import pred_set DIFF_EQ_EMPTY)
  3704 
  3705 constdefs
  3706   INSERT :: "'a => ('a => bool) => 'a => bool" 
  3707   "INSERT ==
  3708 %(x::'a::type) s::'a::type => bool.
  3709    GSPEC (%y::'a::type. (y, y = x | IN y s))"
  3710 
  3711 lemma INSERT_DEF: "ALL (x::'a::type) s::'a::type => bool.
  3712    INSERT x s = GSPEC (%y::'a::type. (y, y = x | IN y s))"
  3713   by (import pred_set INSERT_DEF)
  3714 
  3715 lemma IN_INSERT: "ALL (x::'a::type) (xa::'a::type) xb::'a::type => bool.
  3716    IN x (INSERT xa xb) = (x = xa | IN x xb)"
  3717   by (import pred_set IN_INSERT)
  3718 
  3719 lemma COMPONENT: "ALL (x::'a::type) xa::'a::type => bool. IN x (INSERT x xa)"
  3720   by (import pred_set COMPONENT)
  3721 
  3722 lemma SET_CASES: "ALL x::'a::type => bool.
  3723    x = EMPTY |
  3724    (EX (xa::'a::type) xb::'a::type => bool. x = INSERT xa xb & ~ IN xa xb)"
  3725   by (import pred_set SET_CASES)
  3726 
  3727 lemma DECOMPOSITION: "ALL (s::'a::type => bool) x::'a::type.
  3728    IN x s = (EX t::'a::type => bool. s = INSERT x t & ~ IN x t)"
  3729   by (import pred_set DECOMPOSITION)
  3730 
  3731 lemma ABSORPTION: "ALL (x::'a::type) xa::'a::type => bool. IN x xa = (INSERT x xa = xa)"
  3732   by (import pred_set ABSORPTION)
  3733 
  3734 lemma INSERT_INSERT: "ALL (x::'a::type) xa::'a::type => bool. INSERT x (INSERT x xa) = INSERT x xa"
  3735   by (import pred_set INSERT_INSERT)
  3736 
  3737 lemma INSERT_COMM: "ALL (x::'a::type) (xa::'a::type) xb::'a::type => bool.
  3738    INSERT x (INSERT xa xb) = INSERT xa (INSERT x xb)"
  3739   by (import pred_set INSERT_COMM)
  3740 
  3741 lemma INSERT_UNIV: "ALL x::'a::type. INSERT x pred_set.UNIV = pred_set.UNIV"
  3742   by (import pred_set INSERT_UNIV)
  3743 
  3744 lemma NOT_INSERT_EMPTY: "ALL (x::'a::type) xa::'a::type => bool. INSERT x xa ~= EMPTY"
  3745   by (import pred_set NOT_INSERT_EMPTY)
  3746 
  3747 lemma NOT_EMPTY_INSERT: "ALL (x::'a::type) xa::'a::type => bool. EMPTY ~= INSERT x xa"
  3748   by (import pred_set NOT_EMPTY_INSERT)
  3749 
  3750 lemma INSERT_UNION: "ALL (x::'a::type) (s::'a::type => bool) t::'a::type => bool.
  3751    pred_set.UNION (INSERT x s) t =
  3752    (if IN x t then pred_set.UNION s t else INSERT x (pred_set.UNION s t))"
  3753   by (import pred_set INSERT_UNION)
  3754 
  3755 lemma INSERT_UNION_EQ: "ALL (x::'a::type) (s::'a::type => bool) t::'a::type => bool.
  3756    pred_set.UNION (INSERT x s) t = INSERT x (pred_set.UNION s t)"
  3757   by (import pred_set INSERT_UNION_EQ)
  3758 
  3759 lemma INSERT_INTER: "ALL (x::'a::type) (s::'a::type => bool) t::'a::type => bool.
  3760    pred_set.INTER (INSERT x s) t =
  3761    (if IN x t then INSERT x (pred_set.INTER s t) else pred_set.INTER s t)"
  3762   by (import pred_set INSERT_INTER)
  3763 
  3764 lemma DISJOINT_INSERT: "ALL (x::'a::type) (xa::'a::type => bool) xb::'a::type => bool.
  3765    DISJOINT (INSERT x xa) xb = (DISJOINT xa xb & ~ IN x xb)"
  3766   by (import pred_set DISJOINT_INSERT)
  3767 
  3768 lemma INSERT_SUBSET: "ALL (x::'a::type) (xa::'a::type => bool) xb::'a::type => bool.
  3769    SUBSET (INSERT x xa) xb = (IN x xb & SUBSET xa xb)"
  3770   by (import pred_set INSERT_SUBSET)
  3771 
  3772 lemma SUBSET_INSERT: "ALL (x::'a::type) xa::'a::type => bool.
  3773    ~ IN x xa -->
  3774    (ALL xb::'a::type => bool. SUBSET xa (INSERT x xb) = SUBSET xa xb)"
  3775   by (import pred_set SUBSET_INSERT)
  3776 
  3777 lemma INSERT_DIFF: "ALL (s::'a::type => bool) (t::'a::type => bool) x::'a::type.
  3778    DIFF (INSERT x s) t = (if IN x t then DIFF s t else INSERT x (DIFF s t))"
  3779   by (import pred_set INSERT_DIFF)
  3780 
  3781 constdefs
  3782   DELETE :: "('a => bool) => 'a => 'a => bool" 
  3783   "DELETE == %(s::'a::type => bool) x::'a::type. DIFF s (INSERT x EMPTY)"
  3784 
  3785 lemma DELETE_DEF: "ALL (s::'a::type => bool) x::'a::type. DELETE s x = DIFF s (INSERT x EMPTY)"
  3786   by (import pred_set DELETE_DEF)
  3787 
  3788 lemma IN_DELETE: "ALL (x::'a::type => bool) (xa::'a::type) xb::'a::type.
  3789    IN xa (DELETE x xb) = (IN xa x & xa ~= xb)"
  3790   by (import pred_set IN_DELETE)
  3791 
  3792 lemma DELETE_NON_ELEMENT: "ALL (x::'a::type) xa::'a::type => bool. (~ IN x xa) = (DELETE xa x = xa)"
  3793   by (import pred_set DELETE_NON_ELEMENT)
  3794 
  3795 lemma IN_DELETE_EQ: "ALL (s::'a::type => bool) (x::'a::type) x'::'a::type.
  3796    (IN x s = IN x' s) = (IN x (DELETE s x') = IN x' (DELETE s x))"
  3797   by (import pred_set IN_DELETE_EQ)
  3798 
  3799 lemma EMPTY_DELETE: "ALL x::'a::type. DELETE EMPTY x = EMPTY"
  3800   by (import pred_set EMPTY_DELETE)
  3801 
  3802 lemma DELETE_DELETE: "ALL (x::'a::type) xa::'a::type => bool. DELETE (DELETE xa x) x = DELETE xa x"
  3803   by (import pred_set DELETE_DELETE)
  3804 
  3805 lemma DELETE_COMM: "ALL (x::'a::type) (xa::'a::type) xb::'a::type => bool.
  3806    DELETE (DELETE xb x) xa = DELETE (DELETE xb xa) x"
  3807   by (import pred_set DELETE_COMM)
  3808 
  3809 lemma DELETE_SUBSET: "ALL (x::'a::type) xa::'a::type => bool. SUBSET (DELETE xa x) xa"
  3810   by (import pred_set DELETE_SUBSET)
  3811 
  3812 lemma SUBSET_DELETE: "ALL (x::'a::type) (xa::'a::type => bool) xb::'a::type => bool.
  3813    SUBSET xa (DELETE xb x) = (~ IN x xa & SUBSET xa xb)"
  3814   by (import pred_set SUBSET_DELETE)
  3815 
  3816 lemma SUBSET_INSERT_DELETE: "ALL (x::'a::type) (s::'a::type => bool) t::'a::type => bool.
  3817    SUBSET s (INSERT x t) = SUBSET (DELETE s x) t"
  3818   by (import pred_set SUBSET_INSERT_DELETE)
  3819 
  3820 lemma DIFF_INSERT: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type.
  3821    DIFF x (INSERT xb xa) = DIFF (DELETE x xb) xa"
  3822   by (import pred_set DIFF_INSERT)
  3823 
  3824 lemma PSUBSET_INSERT_SUBSET: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3825    PSUBSET x xa = (EX xb::'a::type. ~ IN xb x & SUBSET (INSERT xb x) xa)"
  3826   by (import pred_set PSUBSET_INSERT_SUBSET)
  3827 
  3828 lemma PSUBSET_MEMBER: "ALL (s::'a::type => bool) t::'a::type => bool.
  3829    PSUBSET s t = (SUBSET s t & (EX y::'a::type. IN y t & ~ IN y s))"
  3830   by (import pred_set PSUBSET_MEMBER)
  3831 
  3832 lemma DELETE_INSERT: "ALL (x::'a::type) (xa::'a::type) xb::'a::type => bool.
  3833    DELETE (INSERT x xb) xa =
  3834    (if x = xa then DELETE xb xa else INSERT x (DELETE xb xa))"
  3835   by (import pred_set DELETE_INSERT)
  3836 
  3837 lemma INSERT_DELETE: "ALL (x::'a::type) xa::'a::type => bool.
  3838    IN x xa --> INSERT x (DELETE xa x) = xa"
  3839   by (import pred_set INSERT_DELETE)
  3840 
  3841 lemma DELETE_INTER: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type.
  3842    pred_set.INTER (DELETE x xb) xa = DELETE (pred_set.INTER x xa) xb"
  3843   by (import pred_set DELETE_INTER)
  3844 
  3845 lemma DISJOINT_DELETE_SYM: "ALL (x::'a::type => bool) (xa::'a::type => bool) xb::'a::type.
  3846    DISJOINT (DELETE x xb) xa = DISJOINT (DELETE xa xb) x"
  3847   by (import pred_set DISJOINT_DELETE_SYM)
  3848 
  3849 consts
  3850   CHOICE :: "('a => bool) => 'a" 
  3851 
  3852 specification (CHOICE) CHOICE_DEF: "ALL x::'a::type => bool. x ~= EMPTY --> IN (CHOICE x) x"
  3853   by (import pred_set CHOICE_DEF)
  3854 
  3855 constdefs
  3856   REST :: "('a => bool) => 'a => bool" 
  3857   "REST == %s::'a::type => bool. DELETE s (CHOICE s)"
  3858 
  3859 lemma REST_DEF: "ALL s::'a::type => bool. REST s = DELETE s (CHOICE s)"
  3860   by (import pred_set REST_DEF)
  3861 
  3862 lemma CHOICE_NOT_IN_REST: "ALL x::'a::type => bool. ~ IN (CHOICE x) (REST x)"
  3863   by (import pred_set CHOICE_NOT_IN_REST)
  3864 
  3865 lemma CHOICE_INSERT_REST: "ALL s::'a::type => bool. s ~= EMPTY --> INSERT (CHOICE s) (REST s) = s"
  3866   by (import pred_set CHOICE_INSERT_REST)
  3867 
  3868 lemma REST_SUBSET: "ALL x::'a::type => bool. SUBSET (REST x) x"
  3869   by (import pred_set REST_SUBSET)
  3870 
  3871 lemma REST_PSUBSET: "ALL x::'a::type => bool. x ~= EMPTY --> PSUBSET (REST x) x"
  3872   by (import pred_set REST_PSUBSET)
  3873 
  3874 constdefs
  3875   SING :: "('a => bool) => bool" 
  3876   "SING == %s::'a::type => bool. EX x::'a::type. s = INSERT x EMPTY"
  3877 
  3878 lemma SING_DEF: "ALL s::'a::type => bool. SING s = (EX x::'a::type. s = INSERT x EMPTY)"
  3879   by (import pred_set SING_DEF)
  3880 
  3881 lemma SING: "ALL x::'a::type. SING (INSERT x EMPTY)"
  3882   by (import pred_set SING)
  3883 
  3884 lemma IN_SING: "ALL (x::'a::type) xa::'a::type. IN x (INSERT xa EMPTY) = (x = xa)"
  3885   by (import pred_set IN_SING)
  3886 
  3887 lemma NOT_SING_EMPTY: "ALL x::'a::type. INSERT x EMPTY ~= EMPTY"
  3888   by (import pred_set NOT_SING_EMPTY)
  3889 
  3890 lemma NOT_EMPTY_SING: "ALL x::'a::type. EMPTY ~= INSERT x EMPTY"
  3891   by (import pred_set NOT_EMPTY_SING)
  3892 
  3893 lemma EQUAL_SING: "ALL (x::'a::type) xa::'a::type.
  3894    (INSERT x EMPTY = INSERT xa EMPTY) = (x = xa)"
  3895   by (import pred_set EQUAL_SING)
  3896 
  3897 lemma DISJOINT_SING_EMPTY: "ALL x::'a::type. DISJOINT (INSERT x EMPTY) EMPTY"
  3898   by (import pred_set DISJOINT_SING_EMPTY)
  3899 
  3900 lemma INSERT_SING_UNION: "ALL (x::'a::type => bool) xa::'a::type.
  3901    INSERT xa x = pred_set.UNION (INSERT xa EMPTY) x"
  3902   by (import pred_set INSERT_SING_UNION)
  3903 
  3904 lemma SING_DELETE: "ALL x::'a::type. DELETE (INSERT x EMPTY) x = EMPTY"
  3905   by (import pred_set SING_DELETE)
  3906 
  3907 lemma DELETE_EQ_SING: "ALL (x::'a::type => bool) xa::'a::type.
  3908    IN xa x --> (DELETE x xa = EMPTY) = (x = INSERT xa EMPTY)"
  3909   by (import pred_set DELETE_EQ_SING)
  3910 
  3911 lemma CHOICE_SING: "ALL x::'a::type. CHOICE (INSERT x EMPTY) = x"
  3912   by (import pred_set CHOICE_SING)
  3913 
  3914 lemma REST_SING: "ALL x::'a::type. REST (INSERT x EMPTY) = EMPTY"
  3915   by (import pred_set REST_SING)
  3916 
  3917 lemma SING_IFF_EMPTY_REST: "ALL x::'a::type => bool. SING x = (x ~= EMPTY & REST x = EMPTY)"
  3918   by (import pred_set SING_IFF_EMPTY_REST)
  3919 
  3920 constdefs
  3921   IMAGE :: "('a => 'b) => ('a => bool) => 'b => bool" 
  3922   "IMAGE ==
  3923 %(f::'a::type => 'b::type) s::'a::type => bool.
  3924    GSPEC (%x::'a::type. (f x, IN x s))"
  3925 
  3926 lemma IMAGE_DEF: "ALL (f::'a::type => 'b::type) s::'a::type => bool.
  3927    IMAGE f s = GSPEC (%x::'a::type. (f x, IN x s))"
  3928   by (import pred_set IMAGE_DEF)
  3929 
  3930 lemma IN_IMAGE: "ALL (x::'b::type) (xa::'a::type => bool) xb::'a::type => 'b::type.
  3931    IN x (IMAGE xb xa) = (EX xc::'a::type. x = xb xc & IN xc xa)"
  3932   by (import pred_set IN_IMAGE)
  3933 
  3934 lemma IMAGE_IN: "ALL (x::'a::type) xa::'a::type => bool.
  3935    IN x xa --> (ALL xb::'a::type => 'b::type. IN (xb x) (IMAGE xb xa))"
  3936   by (import pred_set IMAGE_IN)
  3937 
  3938 lemma IMAGE_EMPTY: "ALL x::'a::type => 'b::type. IMAGE x EMPTY = EMPTY"
  3939   by (import pred_set IMAGE_EMPTY)
  3940 
  3941 lemma IMAGE_ID: "ALL x::'a::type => bool. IMAGE (%x::'a::type. x) x = x"
  3942   by (import pred_set IMAGE_ID)
  3943 
  3944 lemma IMAGE_COMPOSE: "ALL (x::'b::type => 'c::type) (xa::'a::type => 'b::type)
  3945    xb::'a::type => bool. IMAGE (x o xa) xb = IMAGE x (IMAGE xa xb)"
  3946   by (import pred_set IMAGE_COMPOSE)
  3947 
  3948 lemma IMAGE_INSERT: "ALL (x::'a::type => 'b::type) (xa::'a::type) xb::'a::type => bool.
  3949    IMAGE x (INSERT xa xb) = INSERT (x xa) (IMAGE x xb)"
  3950   by (import pred_set IMAGE_INSERT)
  3951 
  3952 lemma IMAGE_EQ_EMPTY: "ALL (s::'a::type => bool) x::'a::type => 'b::type.
  3953    (IMAGE x s = EMPTY) = (s = EMPTY)"
  3954   by (import pred_set IMAGE_EQ_EMPTY)
  3955 
  3956 lemma IMAGE_DELETE: "ALL (f::'a::type => 'b::type) (x::'a::type) s::'a::type => bool.
  3957    ~ IN x s --> IMAGE f (DELETE s x) = IMAGE f s"
  3958   by (import pred_set IMAGE_DELETE)
  3959 
  3960 lemma IMAGE_UNION: "ALL (x::'a::type => 'b::type) (xa::'a::type => bool) xb::'a::type => bool.
  3961    IMAGE x (pred_set.UNION xa xb) = pred_set.UNION (IMAGE x xa) (IMAGE x xb)"
  3962   by (import pred_set IMAGE_UNION)
  3963 
  3964 lemma IMAGE_SUBSET: "ALL (x::'a::type => bool) xa::'a::type => bool.
  3965    SUBSET x xa -->
  3966    (ALL xb::'a::type => 'b::type. SUBSET (IMAGE xb x) (IMAGE xb xa))"
  3967   by (import pred_set IMAGE_SUBSET)
  3968 
  3969 lemma IMAGE_INTER: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'a::type => bool.
  3970    SUBSET (IMAGE f (pred_set.INTER s t))
  3971     (pred_set.INTER (IMAGE f s) (IMAGE f t))"
  3972   by (import pred_set IMAGE_INTER)
  3973 
  3974 constdefs
  3975   INJ :: "('a => 'b) => ('a => bool) => ('b => bool) => bool" 
  3976   "INJ ==
  3977 %(f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  3978    (ALL x::'a::type. IN x s --> IN (f x) t) &
  3979    (ALL (x::'a::type) y::'a::type. IN x s & IN y s --> f x = f y --> x = y)"
  3980 
  3981 lemma INJ_DEF: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  3982    INJ f s t =
  3983    ((ALL x::'a::type. IN x s --> IN (f x) t) &
  3984     (ALL (x::'a::type) y::'a::type.
  3985         IN x s & IN y s --> f x = f y --> x = y))"
  3986   by (import pred_set INJ_DEF)
  3987 
  3988 lemma INJ_ID: "ALL x::'a::type => bool. INJ (%x::'a::type. x) x x"
  3989   by (import pred_set INJ_ID)
  3990 
  3991 lemma INJ_COMPOSE: "ALL (x::'a::type => 'b::type) (xa::'b::type => 'c::type)
  3992    (xb::'a::type => bool) (xc::'b::type => bool) xd::'c::type => bool.
  3993    INJ x xb xc & INJ xa xc xd --> INJ (xa o x) xb xd"
  3994   by (import pred_set INJ_COMPOSE)
  3995 
  3996 lemma INJ_EMPTY: "ALL x::'a::type => 'b::type.
  3997    All (INJ x EMPTY) &
  3998    (ALL xa::'a::type => bool. INJ x xa EMPTY = (xa = EMPTY))"
  3999   by (import pred_set INJ_EMPTY)
  4000 
  4001 constdefs
  4002   SURJ :: "('a => 'b) => ('a => bool) => ('b => bool) => bool" 
  4003   "SURJ ==
  4004 %(f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4005    (ALL x::'a::type. IN x s --> IN (f x) t) &
  4006    (ALL x::'b::type. IN x t --> (EX y::'a::type. IN y s & f y = x))"
  4007 
  4008 lemma SURJ_DEF: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4009    SURJ f s t =
  4010    ((ALL x::'a::type. IN x s --> IN (f x) t) &
  4011     (ALL x::'b::type. IN x t --> (EX y::'a::type. IN y s & f y = x)))"
  4012   by (import pred_set SURJ_DEF)
  4013 
  4014 lemma SURJ_ID: "ALL x::'a::type => bool. SURJ (%x::'a::type. x) x x"
  4015   by (import pred_set SURJ_ID)
  4016 
  4017 lemma SURJ_COMPOSE: "ALL (x::'a::type => 'b::type) (xa::'b::type => 'c::type)
  4018    (xb::'a::type => bool) (xc::'b::type => bool) xd::'c::type => bool.
  4019    SURJ x xb xc & SURJ xa xc xd --> SURJ (xa o x) xb xd"
  4020   by (import pred_set SURJ_COMPOSE)
  4021 
  4022 lemma SURJ_EMPTY: "ALL x::'a::type => 'b::type.
  4023    (ALL xa::'b::type => bool. SURJ x EMPTY xa = (xa = EMPTY)) &
  4024    (ALL xa::'a::type => bool. SURJ x xa EMPTY = (xa = EMPTY))"
  4025   by (import pred_set SURJ_EMPTY)
  4026 
  4027 lemma IMAGE_SURJ: "ALL (x::'a::type => 'b::type) (xa::'a::type => bool) xb::'b::type => bool.
  4028    SURJ x xa xb = (IMAGE x xa = xb)"
  4029   by (import pred_set IMAGE_SURJ)
  4030 
  4031 constdefs
  4032   BIJ :: "('a => 'b) => ('a => bool) => ('b => bool) => bool" 
  4033   "BIJ ==
  4034 %(f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4035    INJ f s t & SURJ f s t"
  4036 
  4037 lemma BIJ_DEF: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4038    BIJ f s t = (INJ f s t & SURJ f s t)"
  4039   by (import pred_set BIJ_DEF)
  4040 
  4041 lemma BIJ_ID: "ALL x::'a::type => bool. BIJ (%x::'a::type. x) x x"
  4042   by (import pred_set BIJ_ID)
  4043 
  4044 lemma BIJ_EMPTY: "ALL x::'a::type => 'b::type.
  4045    (ALL xa::'b::type => bool. BIJ x EMPTY xa = (xa = EMPTY)) &
  4046    (ALL xa::'a::type => bool. BIJ x xa EMPTY = (xa = EMPTY))"
  4047   by (import pred_set BIJ_EMPTY)
  4048 
  4049 lemma BIJ_COMPOSE: "ALL (x::'a::type => 'b::type) (xa::'b::type => 'c::type)
  4050    (xb::'a::type => bool) (xc::'b::type => bool) xd::'c::type => bool.
  4051    BIJ x xb xc & BIJ xa xc xd --> BIJ (xa o x) xb xd"
  4052   by (import pred_set BIJ_COMPOSE)
  4053 
  4054 consts
  4055   LINV :: "('a => 'b) => ('a => bool) => 'b => 'a" 
  4056 
  4057 specification (LINV) LINV_DEF: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4058    INJ f s t --> (ALL x::'a::type. IN x s --> LINV f s (f x) = x)"
  4059   by (import pred_set LINV_DEF)
  4060 
  4061 consts
  4062   RINV :: "('a => 'b) => ('a => bool) => 'b => 'a" 
  4063 
  4064 specification (RINV) RINV_DEF: "ALL (f::'a::type => 'b::type) (s::'a::type => bool) t::'b::type => bool.
  4065    SURJ f s t --> (ALL x::'b::type. IN x t --> f (RINV f s x) = x)"
  4066   by (import pred_set RINV_DEF)
  4067 
  4068 constdefs
  4069   FINITE :: "('a => bool) => bool" 
  4070   "FINITE ==
  4071 %s::'a::type => bool.
  4072    ALL P::('a::type => bool) => bool.
  4073       P EMPTY &
  4074       (ALL s::'a::type => bool.
  4075           P s --> (ALL e::'a::type. P (INSERT e s))) -->
  4076       P s"
  4077 
  4078 lemma FINITE_DEF: "ALL s::'a::type => bool.
  4079    FINITE s =
  4080    (ALL P::('a::type => bool) => bool.
  4081        P EMPTY &
  4082        (ALL s::'a::type => bool.
  4083            P s --> (ALL e::'a::type. P (INSERT e s))) -->
  4084        P s)"
  4085   by (import pred_set FINITE_DEF)
  4086 
  4087 lemma FINITE_EMPTY: "FINITE EMPTY"
  4088   by (import pred_set FINITE_EMPTY)
  4089 
  4090 lemma FINITE_INDUCT: "ALL P::('a::type => bool) => bool.
  4091    P EMPTY &
  4092    (ALL s::'a::type => bool.
  4093        FINITE s & P s -->
  4094        (ALL e::'a::type. ~ IN e s --> P (INSERT e s))) -->
  4095    (ALL s::'a::type => bool. FINITE s --> P s)"
  4096   by (import pred_set FINITE_INDUCT)
  4097 
  4098 lemma FINITE_INSERT: "ALL (x::'a::type) s::'a::type => bool. FINITE (INSERT x s) = FINITE s"
  4099   by (import pred_set FINITE_INSERT)
  4100 
  4101 lemma FINITE_DELETE: "ALL (x::'a::type) s::'a::type => bool. FINITE (DELETE s x) = FINITE s"
  4102   by (import pred_set FINITE_DELETE)
  4103 
  4104 lemma FINITE_UNION: "ALL (s::'a::type => bool) t::'a::type => bool.
  4105    FINITE (pred_set.UNION s t) = (FINITE s & FINITE t)"
  4106   by (import pred_set FINITE_UNION)
  4107 
  4108 lemma INTER_FINITE: "ALL s::'a::type => bool.
  4109    FINITE s --> (ALL t::'a::type => bool. FINITE (pred_set.INTER s t))"
  4110   by (import pred_set INTER_FINITE)
  4111 
  4112 lemma SUBSET_FINITE: "ALL s::'a::type => bool.
  4113    FINITE s --> (ALL t::'a::type => bool. SUBSET t s --> FINITE t)"
  4114   by (import pred_set SUBSET_FINITE)
  4115 
  4116 lemma PSUBSET_FINITE: "ALL x::'a::type => bool.
  4117    FINITE x --> (ALL xa::'a::type => bool. PSUBSET xa x --> FINITE xa)"
  4118   by (import pred_set PSUBSET_FINITE)
  4119 
  4120 lemma FINITE_DIFF: "ALL s::'a::type => bool.
  4121    FINITE s --> (ALL t::'a::type => bool. FINITE (DIFF s t))"
  4122   by (import pred_set FINITE_DIFF)
  4123 
  4124 lemma FINITE_SING: "ALL x::'a::type. FINITE (INSERT x EMPTY)"
  4125   by (import pred_set FINITE_SING)
  4126 
  4127 lemma SING_FINITE: "ALL x::'a::type => bool. SING x --> FINITE x"
  4128   by (import pred_set SING_FINITE)
  4129 
  4130 lemma IMAGE_FINITE: "ALL s::'a::type => bool.
  4131    FINITE s --> (ALL f::'a::type => 'b::type. FINITE (IMAGE f s))"
  4132   by (import pred_set IMAGE_FINITE)
  4133 
  4134 consts
  4135   CARD :: "('a => bool) => nat" 
  4136 
  4137 specification (CARD) CARD_DEF: "(op &::bool => bool => bool)
  4138  ((op =::nat => nat => bool)
  4139    ((CARD::('a::type => bool) => nat) (EMPTY::'a::type => bool)) (0::nat))
  4140  ((All::(('a::type => bool) => bool) => bool)
  4141    (%s::'a::type => bool.
  4142        (op -->::bool => bool => bool)
  4143         ((FINITE::('a::type => bool) => bool) s)
  4144         ((All::('a::type => bool) => bool)
  4145           (%x::'a::type.
  4146               (op =::nat => nat => bool)
  4147                ((CARD::('a::type => bool) => nat)
  4148                  ((INSERT::'a::type
  4149                            => ('a::type => bool) => 'a::type => bool)
  4150                    x s))
  4151                ((If::bool => nat => nat => nat)
  4152                  ((IN::'a::type => ('a::type => bool) => bool) x s)
  4153                  ((CARD::('a::type => bool) => nat) s)
  4154                  ((Suc::nat => nat)
  4155                    ((CARD::('a::type => bool) => nat) s)))))))"
  4156   by (import pred_set CARD_DEF)
  4157 
  4158 lemma CARD_EMPTY: "CARD EMPTY = 0"
  4159   by (import pred_set CARD_EMPTY)
  4160 
  4161 lemma CARD_INSERT: "ALL s::'a::type => bool.
  4162    FINITE s -->
  4163    (ALL x::'a::type.
  4164        CARD (INSERT x s) = (if IN x s then CARD s else Suc (CARD s)))"
  4165   by (import pred_set CARD_INSERT)
  4166 
  4167 lemma CARD_EQ_0: "ALL s::'a::type => bool. FINITE s --> (CARD s = 0) = (s = EMPTY)"
  4168   by (import pred_set CARD_EQ_0)
  4169 
  4170 lemma CARD_DELETE: "ALL s::'a::type => bool.
  4171    FINITE s -->
  4172    (ALL x::'a::type.
  4173        CARD (DELETE s x) = (if IN x s then CARD s - 1 else CARD s))"
  4174   by (import pred_set CARD_DELETE)
  4175 
  4176 lemma CARD_INTER_LESS_EQ: "ALL s::'a::type => bool.
  4177    FINITE s -->
  4178    (ALL t::'a::type => bool. CARD (pred_set.INTER s t) <= CARD s)"
  4179   by (import pred_set CARD_INTER_LESS_EQ)
  4180 
  4181 lemma CARD_UNION: "ALL s::'a::type => bool.
  4182    FINITE s -->
  4183    (ALL t::'a::type => bool.
  4184        FINITE t -->
  4185        CARD (pred_set.UNION s t) + CARD (pred_set.INTER s t) =
  4186        CARD s + CARD t)"
  4187   by (import pred_set CARD_UNION)
  4188 
  4189 lemma CARD_SUBSET: "ALL s::'a::type => bool.
  4190    FINITE s --> (ALL t::'a::type => bool. SUBSET t s --> CARD t <= CARD s)"
  4191   by (import pred_set CARD_SUBSET)
  4192 
  4193 lemma CARD_PSUBSET: "ALL s::'a::type => bool.
  4194    FINITE s --> (ALL t::'a::type => bool. PSUBSET t s --> CARD t < CARD s)"
  4195   by (import pred_set CARD_PSUBSET)
  4196 
  4197 lemma CARD_SING: "ALL x::'a::type. CARD (INSERT x EMPTY) = 1"
  4198   by (import pred_set CARD_SING)
  4199 
  4200 lemma SING_IFF_CARD1: "ALL x::'a::type => bool. SING x = (CARD x = 1 & FINITE x)"
  4201   by (import pred_set SING_IFF_CARD1)
  4202 
  4203 lemma CARD_DIFF: "ALL t::'a::type => bool.
  4204    FINITE t -->
  4205    (ALL s::'a::type => bool.
  4206        FINITE s --> CARD (DIFF s t) = CARD s - CARD (pred_set.INTER s t))"
  4207   by (import pred_set CARD_DIFF)
  4208 
  4209 lemma LESS_CARD_DIFF: "ALL t::'a::type => bool.
  4210    FINITE t -->
  4211    (ALL s::'a::type => bool.
  4212        FINITE s --> CARD t < CARD s --> 0 < CARD (DIFF s t))"
  4213   by (import pred_set LESS_CARD_DIFF)
  4214 
  4215 lemma FINITE_COMPLETE_INDUCTION: "ALL P::('a::type => bool) => bool.
  4216    (ALL x::'a::type => bool.
  4217        (ALL y::'a::type => bool. PSUBSET y x --> P y) -->
  4218        FINITE x --> P x) -->
  4219    (ALL x::'a::type => bool. FINITE x --> P x)"
  4220   by (import pred_set FINITE_COMPLETE_INDUCTION)
  4221 
  4222 constdefs
  4223   INFINITE :: "('a => bool) => bool" 
  4224   "INFINITE == %s::'a::type => bool. ~ FINITE s"
  4225 
  4226 lemma INFINITE_DEF: "ALL s::'a::type => bool. INFINITE s = (~ FINITE s)"
  4227   by (import pred_set INFINITE_DEF)
  4228 
  4229 lemma NOT_IN_FINITE: "(op =::bool => bool => bool)
  4230  ((INFINITE::('a::type => bool) => bool) (pred_set.UNIV::'a::type => bool))
  4231  ((All::(('a::type => bool) => bool) => bool)
  4232    (%s::'a::type => bool.
  4233        (op -->::bool => bool => bool)
  4234         ((FINITE::('a::type => bool) => bool) s)
  4235         ((Ex::('a::type => bool) => bool)
  4236           (%x::'a::type.
  4237               (Not::bool => bool)
  4238                ((IN::'a::type => ('a::type => bool) => bool) x s)))))"
  4239   by (import pred_set NOT_IN_FINITE)
  4240 
  4241 lemma INFINITE_INHAB: "ALL x::'a::type => bool. INFINITE x --> (EX xa::'a::type. IN xa x)"
  4242   by (import pred_set INFINITE_INHAB)
  4243 
  4244 lemma IMAGE_11_INFINITE: "ALL f::'a::type => 'b::type.
  4245    (ALL (x::'a::type) y::'a::type. f x = f y --> x = y) -->
  4246    (ALL s::'a::type => bool. INFINITE s --> INFINITE (IMAGE f s))"
  4247   by (import pred_set IMAGE_11_INFINITE)
  4248 
  4249 lemma INFINITE_SUBSET: "ALL x::'a::type => bool.
  4250    INFINITE x --> (ALL xa::'a::type => bool. SUBSET x xa --> INFINITE xa)"
  4251   by (import pred_set INFINITE_SUBSET)
  4252 
  4253 lemma IN_INFINITE_NOT_FINITE: "ALL (x::'a::type => bool) xa::'a::type => bool.
  4254    INFINITE x & FINITE xa --> (EX xb::'a::type. IN xb x & ~ IN xb xa)"
  4255   by (import pred_set IN_INFINITE_NOT_FINITE)
  4256 
  4257 lemma INFINITE_UNIV: "(op =::bool => bool => bool)
  4258  ((INFINITE::('a::type => bool) => bool) (pred_set.UNIV::'a::type => bool))
  4259  ((Ex::(('a::type => 'a::type) => bool) => bool)
  4260    (%f::'a::type => 'a::type.
  4261        (op &::bool => bool => bool)
  4262         ((All::('a::type => bool) => bool)
  4263           (%x::'a::type.
  4264               (All::('a::type => bool) => bool)
  4265                (%y::'a::type.
  4266                    (op -->::bool => bool => bool)
  4267                     ((op =::'a::type => 'a::type => bool) (f x) (f y))
  4268                     ((op =::'a::type => 'a::type => bool) x y))))
  4269         ((Ex::('a::type => bool) => bool)
  4270           (%y::'a::type.
  4271               (All::('a::type => bool) => bool)
  4272                (%x::'a::type.
  4273                    (Not::bool => bool)
  4274                     ((op =::'a::type => 'a::type => bool) (f x) y))))))"
  4275   by (import pred_set INFINITE_UNIV)
  4276 
  4277 lemma FINITE_PSUBSET_INFINITE: "ALL x::'a::type => bool.
  4278    INFINITE x =
  4279    (ALL xa::'a::type => bool. FINITE xa --> SUBSET xa x --> PSUBSET xa x)"
  4280   by (import pred_set FINITE_PSUBSET_INFINITE)
  4281 
  4282 lemma FINITE_PSUBSET_UNIV: "(op =::bool => bool => bool)
  4283  ((INFINITE::('a::type => bool) => bool) (pred_set.UNIV::'a::type => bool))
  4284  ((All::(('a::type => bool) => bool) => bool)
  4285    (%s::'a::type => bool.
  4286        (op -->::bool => bool => bool)
  4287         ((FINITE::('a::type => bool) => bool) s)
  4288         ((PSUBSET::('a::type => bool) => ('a::type => bool) => bool) s
  4289           (pred_set.UNIV::'a::type => bool))))"
  4290   by (import pred_set FINITE_PSUBSET_UNIV)
  4291 
  4292 lemma INFINITE_DIFF_FINITE: "ALL (s::'a::type => bool) t::'a::type => bool.
  4293    INFINITE s & FINITE t --> DIFF s t ~= EMPTY"
  4294   by (import pred_set INFINITE_DIFF_FINITE)
  4295 
  4296 lemma FINITE_ISO_NUM: "ALL s::'a::type => bool.
  4297    FINITE s -->
  4298    (EX f::nat => 'a::type.
  4299        (ALL (n::nat) m::nat.
  4300            n < CARD s & m < CARD s --> f n = f m --> n = m) &
  4301        s = GSPEC (%n::nat. (f n, n < CARD s)))"
  4302   by (import pred_set FINITE_ISO_NUM)
  4303 
  4304 lemma FINITE_WEAK_ENUMERATE: "(All::(('a::type => bool) => bool) => bool)
  4305  (%x::'a::type => bool.
  4306      (op =::bool => bool => bool) ((FINITE::('a::type => bool) => bool) x)
  4307       ((Ex::((nat => 'a::type) => bool) => bool)
  4308         (%f::nat => 'a::type.
  4309             (Ex::(nat => bool) => bool)
  4310              (%b::nat.
  4311                  (All::('a::type => bool) => bool)
  4312                   (%e::'a::type.
  4313                       (op =::bool => bool => bool)
  4314                        ((IN::'a::type => ('a::type => bool) => bool) e x)
  4315                        ((Ex::(nat => bool) => bool)
  4316                          (%n::nat.
  4317                              (op &::bool => bool => bool)
  4318                               ((op <::nat => nat => bool) n b)
  4319                               ((op =::'a::type => 'a::type => bool) e
  4320                                 (f n)))))))))"
  4321   by (import pred_set FINITE_WEAK_ENUMERATE)
  4322 
  4323 constdefs
  4324   BIGUNION :: "(('a => bool) => bool) => 'a => bool" 
  4325   "BIGUNION ==
  4326 %P::('a::type => bool) => bool.
  4327    GSPEC (%x::'a::type. (x, EX p::'a::type => bool. IN p P & IN x p))"
  4328 
  4329 lemma BIGUNION: "ALL P::('a::type => bool) => bool.
  4330    BIGUNION P =
  4331    GSPEC (%x::'a::type. (x, EX p::'a::type => bool. IN p P & IN x p))"
  4332   by (import pred_set BIGUNION)
  4333 
  4334 lemma IN_BIGUNION: "ALL (x::'a::type) xa::('a::type => bool) => bool.
  4335    IN x (BIGUNION xa) = (EX s::'a::type => bool. IN x s & IN s xa)"
  4336   by (import pred_set IN_BIGUNION)
  4337 
  4338 lemma BIGUNION_EMPTY: "BIGUNION EMPTY = EMPTY"
  4339   by (import pred_set BIGUNION_EMPTY)
  4340 
  4341 lemma BIGUNION_SING: "ALL x::'a::type => bool. BIGUNION (INSERT x EMPTY) = x"
  4342   by (import pred_set BIGUNION_SING)
  4343 
  4344 lemma BIGUNION_UNION: "ALL (x::('a::type => bool) => bool) xa::('a::type => bool) => bool.
  4345    BIGUNION (pred_set.UNION x xa) =
  4346    pred_set.UNION (BIGUNION x) (BIGUNION xa)"
  4347   by (import pred_set BIGUNION_UNION)
  4348 
  4349 lemma DISJOINT_BIGUNION: "(ALL (s::('a::type => bool) => bool) t::'a::type => bool.
  4350     DISJOINT (BIGUNION s) t =
  4351     (ALL s'::'a::type => bool. IN s' s --> DISJOINT s' t)) &
  4352 (ALL (x::('a::type => bool) => bool) xa::'a::type => bool.
  4353     DISJOINT xa (BIGUNION x) =
  4354     (ALL xb::'a::type => bool. IN xb x --> DISJOINT xa xb))"
  4355   by (import pred_set DISJOINT_BIGUNION)
  4356 
  4357 lemma BIGUNION_INSERT: "ALL (x::'a::type => bool) xa::('a::type => bool) => bool.
  4358    BIGUNION (INSERT x xa) = pred_set.UNION x (BIGUNION xa)"
  4359   by (import pred_set BIGUNION_INSERT)
  4360 
  4361 lemma BIGUNION_SUBSET: "ALL (X::'a::type => bool) P::('a::type => bool) => bool.
  4362    SUBSET (BIGUNION P) X = (ALL Y::'a::type => bool. IN Y P --> SUBSET Y X)"
  4363   by (import pred_set BIGUNION_SUBSET)
  4364 
  4365 lemma FINITE_BIGUNION: "ALL x::('a::type => bool) => bool.
  4366    FINITE x & (ALL s::'a::type => bool. IN s x --> FINITE s) -->
  4367    FINITE (BIGUNION x)"
  4368   by (import pred_set FINITE_BIGUNION)
  4369 
  4370 constdefs
  4371   BIGINTER :: "(('a => bool) => bool) => 'a => bool" 
  4372   "BIGINTER ==
  4373 %B::('a::type => bool) => bool.
  4374    GSPEC (%x::'a::type. (x, ALL P::'a::type => bool. IN P B --> IN x P))"
  4375 
  4376 lemma BIGINTER: "ALL B::('a::type => bool) => bool.
  4377    BIGINTER B =
  4378    GSPEC (%x::'a::type. (x, ALL P::'a::type => bool. IN P B --> IN x P))"
  4379   by (import pred_set BIGINTER)
  4380 
  4381 lemma IN_BIGINTER: "IN (x::'a::type) (BIGINTER (B::('a::type => bool) => bool)) =
  4382 (ALL P::'a::type => bool. IN P B --> IN x P)"
  4383   by (import pred_set IN_BIGINTER)
  4384 
  4385 lemma BIGINTER_INSERT: "ALL (P::'a::type => bool) B::('a::type => bool) => bool.
  4386    BIGINTER (INSERT P B) = pred_set.INTER P (BIGINTER B)"
  4387   by (import pred_set BIGINTER_INSERT)
  4388 
  4389 lemma BIGINTER_EMPTY: "BIGINTER EMPTY = pred_set.UNIV"
  4390   by (import pred_set BIGINTER_EMPTY)
  4391 
  4392 lemma BIGINTER_INTER: "ALL (x::'a::type => bool) xa::'a::type => bool.
  4393    BIGINTER (INSERT x (INSERT xa EMPTY)) = pred_set.INTER x xa"
  4394   by (import pred_set BIGINTER_INTER)
  4395 
  4396 lemma BIGINTER_SING: "ALL x::'a::type => bool. BIGINTER (INSERT x EMPTY) = x"
  4397   by (import pred_set BIGINTER_SING)
  4398 
  4399 lemma SUBSET_BIGINTER: "ALL (X::'a::type => bool) P::('a::type => bool) => bool.
  4400    SUBSET X (BIGINTER P) = (ALL x::'a::type => bool. IN x P --> SUBSET X x)"
  4401   by (import pred_set SUBSET_BIGINTER)
  4402 
  4403 lemma DISJOINT_BIGINTER: "ALL (x::'a::type => bool) (xa::'a::type => bool)
  4404    xb::('a::type => bool) => bool.
  4405    IN xa xb & DISJOINT xa x -->
  4406    DISJOINT x (BIGINTER xb) & DISJOINT (BIGINTER xb) x"
  4407   by (import pred_set DISJOINT_BIGINTER)
  4408 
  4409 constdefs
  4410   CROSS :: "('a => bool) => ('b => bool) => 'a * 'b => bool" 
  4411   "CROSS ==
  4412 %(P::'a::type => bool) Q::'b::type => bool.
  4413    GSPEC (%p::'a::type * 'b::type. (p, IN (fst p) P & IN (snd p) Q))"
  4414 
  4415 lemma CROSS_DEF: "ALL (P::'a::type => bool) Q::'b::type => bool.
  4416    CROSS P Q =
  4417    GSPEC (%p::'a::type * 'b::type. (p, IN (fst p) P & IN (snd p) Q))"
  4418   by (import pred_set CROSS_DEF)
  4419 
  4420 lemma IN_CROSS: "ALL (x::'a::type => bool) (xa::'b::type => bool) xb::'a::type * 'b::type.
  4421    IN xb (CROSS x xa) = (IN (fst xb) x & IN (snd xb) xa)"
  4422   by (import pred_set IN_CROSS)
  4423 
  4424 lemma CROSS_EMPTY: "ALL x::'a::type => bool. CROSS x EMPTY = EMPTY & CROSS EMPTY x = EMPTY"
  4425   by (import pred_set CROSS_EMPTY)
  4426 
  4427 lemma CROSS_INSERT_LEFT: "ALL (x::'a::type => bool) (xa::'b::type => bool) xb::'a::type.
  4428    CROSS (INSERT xb x) xa =
  4429    pred_set.UNION (CROSS (INSERT xb EMPTY) xa) (CROSS x xa)"
  4430   by (import pred_set CROSS_INSERT_LEFT)
  4431 
  4432 lemma CROSS_INSERT_RIGHT: "ALL (x::'a::type => bool) (xa::'b::type => bool) xb::'b::type.
  4433    CROSS x (INSERT xb xa) =
  4434    pred_set.UNION (CROSS x (INSERT xb EMPTY)) (CROSS x xa)"
  4435   by (import pred_set CROSS_INSERT_RIGHT)
  4436 
  4437 lemma FINITE_CROSS: "ALL (x::'a::type => bool) xa::'b::type => bool.
  4438    FINITE x & FINITE xa --> FINITE (CROSS x xa)"
  4439   by (import pred_set FINITE_CROSS)
  4440 
  4441 lemma CROSS_SINGS: "ALL (x::'a::type) xa::'b::type.
  4442    CROSS (INSERT x EMPTY) (INSERT xa EMPTY) = INSERT (x, xa) EMPTY"
  4443   by (import pred_set CROSS_SINGS)
  4444 
  4445 lemma CARD_SING_CROSS: "ALL (x::'a::type) s::'b::type => bool.
  4446    FINITE s --> CARD (CROSS (INSERT x EMPTY) s) = CARD s"
  4447   by (import pred_set CARD_SING_CROSS)
  4448 
  4449 lemma CARD_CROSS: "ALL (x::'a::type => bool) xa::'b::type => bool.
  4450    FINITE x & FINITE xa --> CARD (CROSS x xa) = CARD x * CARD xa"
  4451   by (import pred_set CARD_CROSS)
  4452 
  4453 lemma CROSS_SUBSET: "ALL (x::'a::type => bool) (xa::'b::type => bool) (xb::'a::type => bool)
  4454    xc::'b::type => bool.
  4455    SUBSET (CROSS xb xc) (CROSS x xa) =
  4456    (xb = EMPTY | xc = EMPTY | SUBSET xb x & SUBSET xc xa)"
  4457   by (import pred_set CROSS_SUBSET)
  4458 
  4459 lemma FINITE_CROSS_EQ: "ALL (P::'a::type => bool) Q::'b::type => bool.
  4460    FINITE (CROSS P Q) = (P = EMPTY | Q = EMPTY | FINITE P & FINITE Q)"
  4461   by (import pred_set FINITE_CROSS_EQ)
  4462 
  4463 constdefs
  4464   COMPL :: "('a => bool) => 'a => bool" 
  4465   "COMPL == DIFF pred_set.UNIV"
  4466 
  4467 lemma COMPL_DEF: "ALL P::'a::type => bool. COMPL P = DIFF pred_set.UNIV P"
  4468   by (import pred_set COMPL_DEF)
  4469 
  4470 lemma IN_COMPL: "ALL (x::'a::type) xa::'a::type => bool. IN x (COMPL xa) = (~ IN x xa)"
  4471   by (import pred_set IN_COMPL)
  4472 
  4473 lemma COMPL_COMPL: "ALL x::'a::type => bool. COMPL (COMPL x) = x"
  4474   by (import pred_set COMPL_COMPL)
  4475 
  4476 lemma COMPL_CLAUSES: "ALL x::'a::type => bool.
  4477    pred_set.INTER (COMPL x) x = EMPTY &
  4478    pred_set.UNION (COMPL x) x = pred_set.UNIV"
  4479   by (import pred_set COMPL_CLAUSES)
  4480 
  4481 lemma COMPL_SPLITS: "ALL (x::'a::type => bool) xa::'a::type => bool.
  4482    pred_set.UNION (pred_set.INTER x xa) (pred_set.INTER (COMPL x) xa) = xa"
  4483   by (import pred_set COMPL_SPLITS)
  4484 
  4485 lemma INTER_UNION_COMPL: "ALL (x::'a::type => bool) xa::'a::type => bool.
  4486    pred_set.INTER x xa = COMPL (pred_set.UNION (COMPL x) (COMPL xa))"
  4487   by (import pred_set INTER_UNION_COMPL)
  4488 
  4489 lemma COMPL_EMPTY: "COMPL EMPTY = pred_set.UNIV"
  4490   by (import pred_set COMPL_EMPTY)
  4491 
  4492 consts
  4493   count :: "nat => nat => bool" 
  4494 
  4495 defs
  4496   count_primdef: "count == %n::nat. GSPEC (%m::nat. (m, m < n))"
  4497 
  4498 lemma count_def: "ALL n::nat. count n = GSPEC (%m::nat. (m, m < n))"
  4499   by (import pred_set count_def)
  4500 
  4501 lemma IN_COUNT: "ALL (m::nat) n::nat. IN m (count n) = (m < n)"
  4502   by (import pred_set IN_COUNT)
  4503 
  4504 lemma COUNT_ZERO: "count 0 = EMPTY"
  4505   by (import pred_set COUNT_ZERO)
  4506 
  4507 lemma COUNT_SUC: "ALL n::nat. count (Suc n) = INSERT n (count n)"
  4508   by (import pred_set COUNT_SUC)
  4509 
  4510 lemma FINITE_COUNT: "ALL n::nat. FINITE (count n)"
  4511   by (import pred_set FINITE_COUNT)
  4512 
  4513 lemma CARD_COUNT: "ALL n::nat. CARD (count n) = n"
  4514   by (import pred_set CARD_COUNT)
  4515 
  4516 constdefs
  4517   ITSET_tupled :: "('a => 'b => 'b) => ('a => bool) * 'b => 'b" 
  4518   "ITSET_tupled ==
  4519 %f::'a::type => 'b::type => 'b::type.
  4520    WFREC
  4521     (SOME R::('a::type => bool) * 'b::type
  4522              => ('a::type => bool) * 'b::type => bool.
  4523         WF R &
  4524         (ALL (b::'b::type) s::'a::type => bool.
  4525             FINITE s & s ~= EMPTY --> R (REST s, f (CHOICE s) b) (s, b)))
  4526     (%(ITSET_tupled::('a::type => bool) * 'b::type => 'b::type)
  4527         (v::'a::type => bool, v1::'b::type).
  4528         if FINITE v
  4529         then if v = EMPTY then v1
  4530              else ITSET_tupled (REST v, f (CHOICE v) v1)
  4531         else ARB)"
  4532 
  4533 lemma ITSET_tupled_primitive_def: "ALL f::'a::type => 'b::type => 'b::type.
  4534    ITSET_tupled f =
  4535    WFREC
  4536     (SOME R::('a::type => bool) * 'b::type
  4537              => ('a::type => bool) * 'b::type => bool.
  4538         WF R &
  4539         (ALL (b::'b::type) s::'a::type => bool.
  4540             FINITE s & s ~= EMPTY --> R (REST s, f (CHOICE s) b) (s, b)))
  4541     (%(ITSET_tupled::('a::type => bool) * 'b::type => 'b::type)
  4542         (v::'a::type => bool, v1::'b::type).
  4543         if FINITE v
  4544         then if v = EMPTY then v1
  4545              else ITSET_tupled (REST v, f (CHOICE v) v1)
  4546         else ARB)"
  4547   by (import pred_set ITSET_tupled_primitive_def)
  4548 
  4549 constdefs
  4550   ITSET :: "('a => 'b => 'b) => ('a => bool) => 'b => 'b" 
  4551   "ITSET ==
  4552 %(f::'a::type => 'b::type => 'b::type) (x::'a::type => bool) x1::'b::type.
  4553    ITSET_tupled f (x, x1)"
  4554 
  4555 lemma ITSET_curried_def: "ALL (f::'a::type => 'b::type => 'b::type) (x::'a::type => bool)
  4556    x1::'b::type. ITSET f x x1 = ITSET_tupled f (x, x1)"
  4557   by (import pred_set ITSET_curried_def)
  4558 
  4559 lemma ITSET_IND: "ALL P::('a::type => bool) => 'b::type => bool.
  4560    (ALL (s::'a::type => bool) b::'b::type.
  4561        (FINITE s & s ~= EMPTY -->
  4562         P (REST s) ((f::'a::type => 'b::type => 'b::type) (CHOICE s) b)) -->
  4563        P s b) -->
  4564    (ALL v::'a::type => bool. All (P v))"
  4565   by (import pred_set ITSET_IND)
  4566 
  4567 lemma ITSET_THM: "ALL (s::'a::type => bool) (f::'a::type => 'b::type => 'b::type) b::'b::type.
  4568    FINITE s -->
  4569    ITSET f s b =
  4570    (if s = EMPTY then b else ITSET f (REST s) (f (CHOICE s) b))"
  4571   by (import pred_set ITSET_THM)
  4572 
  4573 lemma ITSET_EMPTY: "ALL (x::'a::type => 'b::type => 'b::type) xa::'b::type.
  4574    ITSET x EMPTY xa = xa"
  4575   by (import pred_set ITSET_EMPTY)
  4576 
  4577 ;end_setup
  4578 
  4579 ;setup_theory operator
  4580 
  4581 constdefs
  4582   ASSOC :: "('a => 'a => 'a) => bool" 
  4583   "ASSOC ==
  4584 %f::'a::type => 'a::type => 'a::type.
  4585    ALL (x::'a::type) (y::'a::type) z::'a::type. f x (f y z) = f (f x y) z"
  4586 
  4587 lemma ASSOC_DEF: "ALL f::'a::type => 'a::type => 'a::type.
  4588    ASSOC f =
  4589    (ALL (x::'a::type) (y::'a::type) z::'a::type. f x (f y z) = f (f x y) z)"
  4590   by (import operator ASSOC_DEF)
  4591 
  4592 constdefs
  4593   COMM :: "('a => 'a => 'b) => bool" 
  4594   "COMM ==
  4595 %f::'a::type => 'a::type => 'b::type.
  4596    ALL (x::'a::type) y::'a::type. f x y = f y x"
  4597 
  4598 lemma COMM_DEF: "ALL f::'a::type => 'a::type => 'b::type.
  4599    COMM f = (ALL (x::'a::type) y::'a::type. f x y = f y x)"
  4600   by (import operator COMM_DEF)
  4601 
  4602 constdefs
  4603   FCOMM :: "('a => 'b => 'a) => ('c => 'a => 'a) => bool" 
  4604   "FCOMM ==
  4605 %(f::'a::type => 'b::type => 'a::type) g::'c::type => 'a::type => 'a::type.
  4606    ALL (x::'c::type) (y::'a::type) z::'b::type. g x (f y z) = f (g x y) z"
  4607 
  4608 lemma FCOMM_DEF: "ALL (f::'a::type => 'b::type => 'a::type)
  4609    g::'c::type => 'a::type => 'a::type.
  4610    FCOMM f g =
  4611    (ALL (x::'c::type) (y::'a::type) z::'b::type. g x (f y z) = f (g x y) z)"
  4612   by (import operator FCOMM_DEF)
  4613 
  4614 constdefs
  4615   RIGHT_ID :: "('a => 'b => 'a) => 'b => bool" 
  4616   "RIGHT_ID ==
  4617 %(f::'a::type => 'b::type => 'a::type) e::'b::type.
  4618    ALL x::'a::type. f x e = x"
  4619 
  4620 lemma RIGHT_ID_DEF: "ALL (f::'a::type => 'b::type => 'a::type) e::'b::type.
  4621    RIGHT_ID f e = (ALL x::'a::type. f x e = x)"
  4622   by (import operator RIGHT_ID_DEF)
  4623 
  4624 constdefs
  4625   LEFT_ID :: "('a => 'b => 'b) => 'a => bool" 
  4626   "LEFT_ID ==
  4627 %(f::'a::type => 'b::type => 'b::type) e::'a::type.
  4628    ALL x::'b::type. f e x = x"
  4629 
  4630 lemma LEFT_ID_DEF: "ALL (f::'a::type => 'b::type => 'b::type) e::'a::type.
  4631    LEFT_ID f e = (ALL x::'b::type. f e x = x)"
  4632   by (import operator LEFT_ID_DEF)
  4633 
  4634 constdefs
  4635   MONOID :: "('a => 'a => 'a) => 'a => bool" 
  4636   "MONOID ==
  4637 %(f::'a::type => 'a::type => 'a::type) e::'a::type.
  4638    ASSOC f & RIGHT_ID f e & LEFT_ID f e"
  4639 
  4640 lemma MONOID_DEF: "ALL (f::'a::type => 'a::type => 'a::type) e::'a::type.
  4641    MONOID f e = (ASSOC f & RIGHT_ID f e & LEFT_ID f e)"
  4642   by (import operator MONOID_DEF)
  4643 
  4644 lemma ASSOC_CONJ: "ASSOC op &"
  4645   by (import operator ASSOC_CONJ)
  4646 
  4647 lemma ASSOC_DISJ: "ASSOC op |"
  4648   by (import operator ASSOC_DISJ)
  4649 
  4650 lemma FCOMM_ASSOC: "ALL x::'a::type => 'a::type => 'a::type. FCOMM x x = ASSOC x"
  4651   by (import operator FCOMM_ASSOC)
  4652 
  4653 lemma MONOID_CONJ_T: "MONOID op & True"
  4654   by (import operator MONOID_CONJ_T)
  4655 
  4656 lemma MONOID_DISJ_F: "MONOID op | False"
  4657   by (import operator MONOID_DISJ_F)
  4658 
  4659 ;end_setup
  4660 
  4661 ;setup_theory rich_list
  4662 
  4663 consts
  4664   SNOC :: "'a => 'a list => 'a list" 
  4665 
  4666 specification (SNOC) SNOC: "(ALL x::'a::type. SNOC x [] = [x]) &
  4667 (ALL (x::'a::type) (x'::'a::type) l::'a::type list.
  4668     SNOC x (x' # l) = x' # SNOC x l)"
  4669   by (import rich_list SNOC)
  4670 
  4671 consts
  4672   SCANL :: "('b => 'a => 'b) => 'b => 'a list => 'b list" 
  4673 
  4674 specification (SCANL) SCANL: "(ALL (f::'b::type => 'a::type => 'b::type) e::'b::type.
  4675     SCANL f e [] = [e]) &
  4676 (ALL (f::'b::type => 'a::type => 'b::type) (e::'b::type) (x::'a::type)
  4677     l::'a::type list. SCANL f e (x # l) = e # SCANL f (f e x) l)"
  4678   by (import rich_list SCANL)
  4679 
  4680 consts
  4681   SCANR :: "('a => 'b => 'b) => 'b => 'a list => 'b list" 
  4682 
  4683 specification (SCANR) SCANR: "(ALL (f::'a::type => 'b::type => 'b::type) e::'b::type.
  4684     SCANR f e [] = [e]) &
  4685 (ALL (f::'a::type => 'b::type => 'b::type) (e::'b::type) (x::'a::type)
  4686     l::'a::type list.
  4687     SCANR f e (x # l) = f x (hd (SCANR f e l)) # SCANR f e l)"
  4688   by (import rich_list SCANR)
  4689 
  4690 lemma IS_EL_DEF: "ALL (x::'a::type) l::'a::type list. x mem l = list_exists (op = x) l"
  4691   by (import rich_list IS_EL_DEF)
  4692 
  4693 constdefs
  4694   AND_EL :: "bool list => bool" 
  4695   "AND_EL == list_all I"
  4696 
  4697 lemma AND_EL_DEF: "AND_EL = list_all I"
  4698   by (import rich_list AND_EL_DEF)
  4699 
  4700 constdefs
  4701   OR_EL :: "bool list => bool" 
  4702   "OR_EL == list_exists I"
  4703 
  4704 lemma OR_EL_DEF: "OR_EL = list_exists I"
  4705   by (import rich_list OR_EL_DEF)
  4706 
  4707 consts
  4708   FIRSTN :: "nat => 'a list => 'a list" 
  4709 
  4710 specification (FIRSTN) FIRSTN: "(ALL l::'a::type list. FIRSTN 0 l = []) &
  4711 (ALL (n::nat) (x::'a::type) l::'a::type list.
  4712     FIRSTN (Suc n) (x # l) = x # FIRSTN n l)"
  4713   by (import rich_list FIRSTN)
  4714 
  4715 consts
  4716   BUTFIRSTN :: "nat => 'a list => 'a list" 
  4717 
  4718 specification (BUTFIRSTN) BUTFIRSTN: "(ALL l::'a::type list. BUTFIRSTN 0 l = l) &
  4719 (ALL (n::nat) (x::'a::type) l::'a::type list.
  4720     BUTFIRSTN (Suc n) (x # l) = BUTFIRSTN n l)"
  4721   by (import rich_list BUTFIRSTN)
  4722 
  4723 consts
  4724   SEG :: "nat => nat => 'a list => 'a list" 
  4725 
  4726 specification (SEG) SEG: "(ALL (k::nat) l::'a::type list. SEG 0 k l = []) &
  4727 (ALL (m::nat) (x::'a::type) l::'a::type list.
  4728     SEG (Suc m) 0 (x # l) = x # SEG m 0 l) &
  4729 (ALL (m::nat) (k::nat) (x::'a::type) l::'a::type list.
  4730     SEG (Suc m) (Suc k) (x # l) = SEG (Suc m) k l)"
  4731   by (import rich_list SEG)
  4732 
  4733 lemma LAST: "ALL (x::'a::type) l::'a::type list. last (SNOC x l) = x"
  4734   by (import rich_list LAST)
  4735 
  4736 lemma BUTLAST: "ALL (x::'a::type) l::'a::type list. butlast (SNOC x l) = l"
  4737   by (import rich_list BUTLAST)
  4738 
  4739 consts
  4740   LASTN :: "nat => 'a list => 'a list" 
  4741 
  4742 specification (LASTN) LASTN: "(ALL l::'a::type list. LASTN 0 l = []) &
  4743 (ALL (n::nat) (x::'a::type) l::'a::type list.
  4744     LASTN (Suc n) (SNOC x l) = SNOC x (LASTN n l))"
  4745   by (import rich_list LASTN)
  4746 
  4747 consts
  4748   BUTLASTN :: "nat => 'a list => 'a list" 
  4749 
  4750 specification (BUTLASTN) BUTLASTN: "(ALL l::'a::type list. BUTLASTN 0 l = l) &
  4751 (ALL (n::nat) (x::'a::type) l::'a::type list.
  4752     BUTLASTN (Suc n) (SNOC x l) = BUTLASTN n l)"
  4753   by (import rich_list BUTLASTN)
  4754 
  4755 lemma EL: "(ALL x::'a::type list. EL 0 x = hd x) &
  4756 (ALL (x::nat) xa::'a::type list. EL (Suc x) xa = EL x (tl xa))"
  4757   by (import rich_list EL)
  4758 
  4759 consts
  4760   ELL :: "nat => 'a list => 'a" 
  4761 
  4762 specification (ELL) ELL: "(ALL l::'a::type list. ELL 0 l = last l) &
  4763 (ALL (n::nat) l::'a::type list. ELL (Suc n) l = ELL n (butlast l))"
  4764   by (import rich_list ELL)
  4765 
  4766 consts
  4767   IS_PREFIX :: "'a list => 'a list => bool" 
  4768 
  4769 specification (IS_PREFIX) IS_PREFIX: "(ALL l::'a::type list. IS_PREFIX l [] = True) &
  4770 (ALL (x::'a::type) l::'a::type list. IS_PREFIX [] (x # l) = False) &
  4771 (ALL (x1::'a::type) (l1::'a::type list) (x2::'a::type) l2::'a::type list.
  4772     IS_PREFIX (x1 # l1) (x2 # l2) = (x1 = x2 & IS_PREFIX l1 l2))"
  4773   by (import rich_list IS_PREFIX)
  4774 
  4775 lemma SNOC_APPEND: "ALL (x::'a::type) l::'a::type list. SNOC x l = l @ [x]"
  4776   by (import rich_list SNOC_APPEND)
  4777 
  4778 lemma REVERSE: "rev [] = [] &
  4779 (ALL (x::'a::type) xa::'a::type list. rev (x # xa) = SNOC x (rev xa))"
  4780   by (import rich_list REVERSE)
  4781 
  4782 lemma REVERSE_SNOC: "ALL (x::'a::type) l::'a::type list. rev (SNOC x l) = x # rev l"
  4783   by (import rich_list REVERSE_SNOC)
  4784 
  4785 lemma SNOC_Axiom: "ALL (e::'b::type) f::'a::type => 'a::type list => 'b::type => 'b::type.
  4786    EX x::'a::type list => 'b::type.
  4787       x [] = e &
  4788       (ALL (xa::'a::type) l::'a::type list. x (SNOC xa l) = f xa l (x l))"
  4789   by (import rich_list SNOC_Axiom)
  4790 
  4791 consts
  4792   IS_SUFFIX :: "'a list => 'a list => bool" 
  4793 
  4794 specification (IS_SUFFIX) IS_SUFFIX: "(ALL l::'a::type list. IS_SUFFIX l [] = True) &
  4795 (ALL (x::'a::type) l::'a::type list. IS_SUFFIX [] (SNOC x l) = False) &
  4796 (ALL (x1::'a::type) (l1::'a::type list) (x2::'a::type) l2::'a::type list.
  4797     IS_SUFFIX (SNOC x1 l1) (SNOC x2 l2) = (x1 = x2 & IS_SUFFIX l1 l2))"
  4798   by (import rich_list IS_SUFFIX)
  4799 
  4800 consts
  4801   IS_SUBLIST :: "'a list => 'a list => bool" 
  4802 
  4803 specification (IS_SUBLIST) IS_SUBLIST: "(ALL l::'a::type list. IS_SUBLIST l [] = True) &
  4804 (ALL (x::'a::type) l::'a::type list. IS_SUBLIST [] (x # l) = False) &
  4805 (ALL (x1::'a::type) (l1::'a::type list) (x2::'a::type) l2::'a::type list.
  4806     IS_SUBLIST (x1 # l1) (x2 # l2) =
  4807     (x1 = x2 & IS_PREFIX l1 l2 | IS_SUBLIST l1 (x2 # l2)))"
  4808   by (import rich_list IS_SUBLIST)
  4809 
  4810 consts
  4811   SPLITP :: "('a => bool) => 'a list => 'a list * 'a list" 
  4812 
  4813 specification (SPLITP) SPLITP: "(ALL P::'a::type => bool. SPLITP P [] = ([], [])) &
  4814 (ALL (P::'a::type => bool) (x::'a::type) l::'a::type list.
  4815     SPLITP P (x # l) =
  4816     (if P x then ([], x # l) else (x # fst (SPLITP P l), snd (SPLITP P l))))"
  4817   by (import rich_list SPLITP)
  4818 
  4819 constdefs
  4820   PREFIX :: "('a => bool) => 'a list => 'a list" 
  4821   "PREFIX == %(P::'a::type => bool) l::'a::type list. fst (SPLITP (Not o P) l)"
  4822 
  4823 lemma PREFIX_DEF: "ALL (P::'a::type => bool) l::'a::type list.
  4824    PREFIX P l = fst (SPLITP (Not o P) l)"
  4825   by (import rich_list PREFIX_DEF)
  4826 
  4827 constdefs
  4828   SUFFIX :: "('a => bool) => 'a list => 'a list" 
  4829   "SUFFIX ==
  4830 %P::'a::type => bool.
  4831    foldl (%(l'::'a::type list) x::'a::type. if P x then SNOC x l' else [])
  4832     []"
  4833 
  4834 lemma SUFFIX_DEF: "ALL (P::'a::type => bool) l::'a::type list.
  4835    SUFFIX P l =
  4836    foldl (%(l'::'a::type list) x::'a::type. if P x then SNOC x l' else [])
  4837     [] l"
  4838   by (import rich_list SUFFIX_DEF)
  4839 
  4840 constdefs
  4841   UNZIP_FST :: "('a * 'b) list => 'a list" 
  4842   "UNZIP_FST == %l::('a::type * 'b::type) list. fst (unzip l)"
  4843 
  4844 lemma UNZIP_FST_DEF: "ALL l::('a::type * 'b::type) list. UNZIP_FST l = fst (unzip l)"
  4845   by (import rich_list UNZIP_FST_DEF)
  4846 
  4847 constdefs
  4848   UNZIP_SND :: "('a * 'b) list => 'b list" 
  4849   "UNZIP_SND == %l::('a::type * 'b::type) list. snd (unzip l)"
  4850 
  4851 lemma UNZIP_SND_DEF: "ALL l::('a::type * 'b::type) list. UNZIP_SND l = snd (unzip l)"
  4852   by (import rich_list UNZIP_SND_DEF)
  4853 
  4854 consts
  4855   GENLIST :: "(nat => 'a) => nat => 'a list" 
  4856 
  4857 specification (GENLIST) GENLIST: "(ALL f::nat => 'a::type. GENLIST f 0 = []) &
  4858 (ALL (f::nat => 'a::type) n::nat.
  4859     GENLIST f (Suc n) = SNOC (f n) (GENLIST f n))"
  4860   by (import rich_list GENLIST)
  4861 
  4862 consts
  4863   REPLICATE :: "nat => 'a => 'a list" 
  4864 
  4865 specification (REPLICATE) REPLICATE: "(ALL x::'a::type. REPLICATE 0 x = []) &
  4866 (ALL (n::nat) x::'a::type. REPLICATE (Suc n) x = x # REPLICATE n x)"
  4867   by (import rich_list REPLICATE)
  4868 
  4869 lemma LENGTH_MAP2: "ALL (l1::'a::type list) l2::'b::type list.
  4870    length l1 = length l2 -->
  4871    (ALL f::'a::type => 'b::type => 'c::type.
  4872        length (map2 f l1 l2) = length l1 &
  4873        length (map2 f l1 l2) = length l2)"
  4874   by (import rich_list LENGTH_MAP2)
  4875 
  4876 lemma NULL_EQ_NIL: "ALL l::'a::type list. null l = (l = [])"
  4877   by (import rich_list NULL_EQ_NIL)
  4878 
  4879 lemma LENGTH_EQ: "ALL (x::'a::type list) y::'a::type list. x = y --> length x = length y"
  4880   by (import rich_list LENGTH_EQ)
  4881 
  4882 lemma LENGTH_NOT_NULL: "ALL l::'a::type list. (0 < length l) = (~ null l)"
  4883   by (import rich_list LENGTH_NOT_NULL)
  4884 
  4885 lemma SNOC_INDUCT: "ALL P::'a::type list => bool.
  4886    P [] &
  4887    (ALL l::'a::type list. P l --> (ALL x::'a::type. P (SNOC x l))) -->
  4888    All P"
  4889   by (import rich_list SNOC_INDUCT)
  4890 
  4891 lemma SNOC_CASES: "ALL x'::'a::type list.
  4892    x' = [] | (EX (x::'a::type) l::'a::type list. x' = SNOC x l)"
  4893   by (import rich_list SNOC_CASES)
  4894 
  4895 lemma LENGTH_SNOC: "ALL (x::'a::type) l::'a::type list. length (SNOC x l) = Suc (length l)"
  4896   by (import rich_list LENGTH_SNOC)
  4897 
  4898 lemma NOT_NIL_SNOC: "ALL (x::'a::type) xa::'a::type list. [] ~= SNOC x xa"
  4899   by (import rich_list NOT_NIL_SNOC)
  4900 
  4901 lemma NOT_SNOC_NIL: "ALL (x::'a::type) xa::'a::type list. SNOC x xa ~= []"
  4902   by (import rich_list NOT_SNOC_NIL)
  4903 
  4904 lemma SNOC_11: "ALL (x::'a::type) (l::'a::type list) (x'::'a::type) l'::'a::type list.
  4905    (SNOC x l = SNOC x' l') = (x = x' & l = l')"
  4906   by (import rich_list SNOC_11)
  4907 
  4908 lemma SNOC_EQ_LENGTH_EQ: "ALL (x1::'a::type) (l1::'a::type list) (x2::'a::type) l2::'a::type list.
  4909    SNOC x1 l1 = SNOC x2 l2 --> length l1 = length l2"
  4910   by (import rich_list SNOC_EQ_LENGTH_EQ)
  4911 
  4912 lemma SNOC_REVERSE_CONS: "ALL (x::'a::type) xa::'a::type list. SNOC x xa = rev (x # rev xa)"
  4913   by (import rich_list SNOC_REVERSE_CONS)
  4914 
  4915 lemma MAP_SNOC: "ALL (x::'a::type => 'b::type) (xa::'a::type) xb::'a::type list.
  4916    map x (SNOC xa xb) = SNOC (x xa) (map x xb)"
  4917   by (import rich_list MAP_SNOC)
  4918 
  4919 lemma FOLDR_SNOC: "ALL (f::'a::type => 'b::type => 'b::type) (e::'b::type) (x::'a::type)
  4920    l::'a::type list. foldr f (SNOC x l) e = foldr f l (f x e)"
  4921   by (import rich_list FOLDR_SNOC)
  4922 
  4923 lemma FOLDL_SNOC: "ALL (f::'b::type => 'a::type => 'b::type) (e::'b::type) (x::'a::type)
  4924    l::'a::type list. foldl f e (SNOC x l) = f (foldl f e l) x"
  4925   by (import rich_list FOLDL_SNOC)
  4926 
  4927 lemma FOLDR_FOLDL: "ALL (f::'a::type => 'a::type => 'a::type) e::'a::type.
  4928    MONOID f e --> (ALL l::'a::type list. foldr f l e = foldl f e l)"
  4929   by (import rich_list FOLDR_FOLDL)
  4930 
  4931 lemma LENGTH_FOLDR: "ALL l::'a::type list. length l = foldr (%x::'a::type. Suc) l 0"
  4932   by (import rich_list LENGTH_FOLDR)
  4933 
  4934 lemma LENGTH_FOLDL: "ALL l::'a::type list. length l = foldl (%(l'::nat) x::'a::type. Suc l') 0 l"
  4935   by (import rich_list LENGTH_FOLDL)
  4936 
  4937 lemma MAP_FOLDR: "ALL (f::'a::type => 'b::type) l::'a::type list.
  4938    map f l = foldr (%x::'a::type. op # (f x)) l []"
  4939   by (import rich_list MAP_FOLDR)
  4940 
  4941 lemma MAP_FOLDL: "ALL (f::'a::type => 'b::type) l::'a::type list.
  4942    map f l = foldl (%(l'::'b::type list) x::'a::type. SNOC (f x) l') [] l"
  4943   by (import rich_list MAP_FOLDL)
  4944 
  4945 lemma MAP_o: "ALL (f::'b::type => 'c::type) g::'a::type => 'b::type.
  4946    map (f o g) = map f o map g"
  4947   by (import rich_list MAP_o)
  4948 
  4949 lemma FILTER_FOLDR: "ALL (P::'a::type => bool) l::'a::type list.
  4950    filter P l =
  4951    foldr (%(x::'a::type) l'::'a::type list. if P x then x # l' else l') l []"
  4952   by (import rich_list FILTER_FOLDR)
  4953 
  4954 lemma FILTER_SNOC: "ALL (P::'a::type => bool) (x::'a::type) l::'a::type list.
  4955    filter P (SNOC x l) = (if P x then SNOC x (filter P l) else filter P l)"
  4956   by (import rich_list FILTER_SNOC)
  4957 
  4958 lemma FILTER_FOLDL: "ALL (P::'a::type => bool) l::'a::type list.
  4959    filter P l =
  4960    foldl (%(l'::'a::type list) x::'a::type. if P x then SNOC x l' else l')
  4961     [] l"
  4962   by (import rich_list FILTER_FOLDL)
  4963 
  4964 lemma FILTER_COMM: "ALL (f1::'a::type => bool) (f2::'a::type => bool) l::'a::type list.
  4965    filter f1 (filter f2 l) = filter f2 (filter f1 l)"
  4966   by (import rich_list FILTER_COMM)
  4967 
  4968 lemma FILTER_IDEM: "ALL (f::'a::type => bool) l::'a::type list.
  4969    filter f (filter f l) = filter f l"
  4970   by (import rich_list FILTER_IDEM)
  4971 
  4972 lemma LENGTH_SEG: "ALL (n::nat) (k::nat) l::'a::type list.
  4973    n + k <= length l --> length (SEG n k l) = n"
  4974   by (import rich_list LENGTH_SEG)
  4975 
  4976 lemma APPEND_NIL: "(ALL l::'a::type list. l @ [] = l) & (ALL x::'a::type list. [] @ x = x)"
  4977   by (import rich_list APPEND_NIL)
  4978 
  4979 lemma APPEND_SNOC: "ALL (l1::'a::type list) (x::'a::type) l2::'a::type list.
  4980    l1 @ SNOC x l2 = SNOC x (l1 @ l2)"
  4981   by (import rich_list APPEND_SNOC)
  4982 
  4983 lemma APPEND_FOLDR: "ALL (l1::'a::type list) l2::'a::type list. l1 @ l2 = foldr op # l1 l2"
  4984   by (import rich_list APPEND_FOLDR)
  4985 
  4986 lemma APPEND_FOLDL: "ALL (l1::'a::type list) l2::'a::type list.
  4987    l1 @ l2 = foldl (%(l'::'a::type list) x::'a::type. SNOC x l') l1 l2"
  4988   by (import rich_list APPEND_FOLDL)
  4989 
  4990 lemma CONS_APPEND: "ALL (x::'a::type) l::'a::type list. x # l = [x] @ l"
  4991   by (import rich_list CONS_APPEND)
  4992 
  4993 lemma ASSOC_APPEND: "ASSOC op @"
  4994   by (import rich_list ASSOC_APPEND)
  4995 
  4996 lemma MONOID_APPEND_NIL: "MONOID op @ []"
  4997   by (import rich_list MONOID_APPEND_NIL)
  4998 
  4999 lemma APPEND_LENGTH_EQ: "ALL (l1::'a::type list) l1'::'a::type list.
  5000    length l1 = length l1' -->
  5001    (ALL (l2::'a::type list) l2'::'a::type list.
  5002        length l2 = length l2' -->
  5003        (l1 @ l2 = l1' @ l2') = (l1 = l1' & l2 = l2'))"
  5004   by (import rich_list APPEND_LENGTH_EQ)
  5005 
  5006 lemma FLAT_SNOC: "ALL (x::'a::type list) l::'a::type list list.
  5007    concat (SNOC x l) = concat l @ x"
  5008   by (import rich_list FLAT_SNOC)
  5009 
  5010 lemma FLAT_FOLDR: "ALL l::'a::type list list. concat l = foldr op @ l []"
  5011   by (import rich_list FLAT_FOLDR)
  5012 
  5013 lemma FLAT_FOLDL: "ALL l::'a::type list list. concat l = foldl op @ [] l"
  5014   by (import rich_list FLAT_FOLDL)
  5015 
  5016 lemma LENGTH_FLAT: "ALL l::'a::type list list. length (concat l) = sum (map size l)"
  5017   by (import rich_list LENGTH_FLAT)
  5018 
  5019 lemma REVERSE_FOLDR: "ALL l::'a::type list. rev l = foldr SNOC l []"
  5020   by (import rich_list REVERSE_FOLDR)
  5021 
  5022 lemma REVERSE_FOLDL: "ALL l::'a::type list.
  5023    rev l = foldl (%(l'::'a::type list) x::'a::type. x # l') [] l"
  5024   by (import rich_list REVERSE_FOLDL)
  5025 
  5026 lemma ALL_EL_SNOC: "ALL (P::'a::type => bool) (x::'a::type) l::'a::type list.
  5027    list_all P (SNOC x l) = (list_all P l & P x)"
  5028   by (import rich_list ALL_EL_SNOC)
  5029 
  5030 lemma ALL_EL_MAP: "ALL (P::'b::type => bool) (f::'a::type => 'b::type) l::'a::type list.
  5031    list_all P (map f l) = list_all (P o f) l"
  5032   by (import rich_list ALL_EL_MAP)
  5033 
  5034 lemma SOME_EL_SNOC: "ALL (P::'a::type => bool) (x::'a::type) l::'a::type list.
  5035    list_exists P (SNOC x l) = (P x | list_exists P l)"
  5036   by (import rich_list SOME_EL_SNOC)
  5037 
  5038 lemma IS_EL_SNOC: "ALL (y::'a::type) (x::'a::type) l::'a::type list.
  5039    y mem SNOC x l = (y = x | y mem l)"
  5040   by (import rich_list IS_EL_SNOC)
  5041 
  5042 lemma SUM_SNOC: "ALL (x::nat) l::nat list. sum (SNOC x l) = sum l + x"
  5043   by (import rich_list SUM_SNOC)
  5044 
  5045 lemma SUM_FOLDL: "ALL l::nat list. sum l = foldl op + 0 l"
  5046   by (import rich_list SUM_FOLDL)
  5047 
  5048 lemma IS_PREFIX_APPEND: "ALL (l1::'a::type list) l2::'a::type list.
  5049    IS_PREFIX l1 l2 = (EX l::'a::type list. l1 = l2 @ l)"
  5050   by (import rich_list IS_PREFIX_APPEND)
  5051 
  5052 lemma IS_SUFFIX_APPEND: "ALL (l1::'a::type list) l2::'a::type list.
  5053    IS_SUFFIX l1 l2 = (EX l::'a::type list. l1 = l @ l2)"
  5054   by (import rich_list IS_SUFFIX_APPEND)
  5055 
  5056 lemma IS_SUBLIST_APPEND: "ALL (l1::'a::type list) l2::'a::type list.
  5057    IS_SUBLIST l1 l2 =
  5058    (EX (l::'a::type list) l'::'a::type list. l1 = l @ l2 @ l')"
  5059   by (import rich_list IS_SUBLIST_APPEND)
  5060 
  5061 lemma IS_PREFIX_IS_SUBLIST: "ALL (l1::'a::type list) l2::'a::type list.
  5062    IS_PREFIX l1 l2 --> IS_SUBLIST l1 l2"
  5063   by (import rich_list IS_PREFIX_IS_SUBLIST)
  5064 
  5065 lemma IS_SUFFIX_IS_SUBLIST: "ALL (l1::'a::type list) l2::'a::type list.
  5066    IS_SUFFIX l1 l2 --> IS_SUBLIST l1 l2"
  5067   by (import rich_list IS_SUFFIX_IS_SUBLIST)
  5068 
  5069 lemma IS_PREFIX_REVERSE: "ALL (l1::'a::type list) l2::'a::type list.
  5070    IS_PREFIX (rev l1) (rev l2) = IS_SUFFIX l1 l2"
  5071   by (import rich_list IS_PREFIX_REVERSE)
  5072 
  5073 lemma IS_SUFFIX_REVERSE: "ALL (l2::'a::type list) l1::'a::type list.
  5074    IS_SUFFIX (rev l1) (rev l2) = IS_PREFIX l1 l2"
  5075   by (import rich_list IS_SUFFIX_REVERSE)
  5076 
  5077 lemma IS_SUBLIST_REVERSE: "ALL (l1::'a::type list) l2::'a::type list.
  5078    IS_SUBLIST (rev l1) (rev l2) = IS_SUBLIST l1 l2"
  5079   by (import rich_list IS_SUBLIST_REVERSE)
  5080 
  5081 lemma PREFIX_FOLDR: "ALL (P::'a::type => bool) x::'a::type list.
  5082    PREFIX P x =
  5083    foldr (%(x::'a::type) l'::'a::type list. if P x then x # l' else []) x []"
  5084   by (import rich_list PREFIX_FOLDR)
  5085 
  5086 lemma PREFIX: "(ALL x::'a::type => bool. PREFIX x [] = []) &
  5087 (ALL (x::'a::type => bool) (xa::'a::type) xb::'a::type list.
  5088     PREFIX x (xa # xb) = (if x xa then xa # PREFIX x xb else []))"
  5089   by (import rich_list PREFIX)
  5090 
  5091 lemma IS_PREFIX_PREFIX: "ALL (P::'a::type => bool) l::'a::type list. IS_PREFIX l (PREFIX P l)"
  5092   by (import rich_list IS_PREFIX_PREFIX)
  5093 
  5094 lemma LENGTH_SCANL: "ALL (f::'b::type => 'a::type => 'b::type) (e::'b::type) l::'a::type list.
  5095    length (SCANL f e l) = Suc (length l)"
  5096   by (import rich_list LENGTH_SCANL)
  5097 
  5098 lemma LENGTH_SCANR: "ALL (f::'a::type => 'b::type => 'b::type) (e::'b::type) l::'a::type list.
  5099    length (SCANR f e l) = Suc (length l)"
  5100   by (import rich_list LENGTH_SCANR)
  5101 
  5102 lemma COMM_MONOID_FOLDL: "ALL x::'a::type => 'a::type => 'a::type.
  5103    COMM x -->
  5104    (ALL xa::'a::type.
  5105        MONOID x xa -->
  5106        (ALL (e::'a::type) l::'a::type list.
  5107            foldl x e l = x e (foldl x xa l)))"
  5108   by (import rich_list COMM_MONOID_FOLDL)
  5109 
  5110 lemma COMM_MONOID_FOLDR: "ALL x::'a::type => 'a::type => 'a::type.
  5111    COMM x -->
  5112    (ALL xa::'a::type.
  5113        MONOID x xa -->
  5114        (ALL (e::'a::type) l::'a::type list.
  5115            foldr x l e = x e (foldr x l xa)))"
  5116   by (import rich_list COMM_MONOID_FOLDR)
  5117 
  5118 lemma FCOMM_FOLDR_APPEND: "ALL (x::'a::type => 'a::type => 'a::type)
  5119    xa::'b::type => 'a::type => 'a::type.
  5120    FCOMM x xa -->
  5121    (ALL xb::'a::type.
  5122        LEFT_ID x xb -->
  5123        (ALL (l1::'b::type list) l2::'b::type list.
  5124            foldr xa (l1 @ l2) xb = x (foldr xa l1 xb) (foldr xa l2 xb)))"
  5125   by (import rich_list FCOMM_FOLDR_APPEND)
  5126 
  5127 lemma FCOMM_FOLDL_APPEND: "ALL (x::'a::type => 'b::type => 'a::type)
  5128    xa::'a::type => 'a::type => 'a::type.
  5129    FCOMM x xa -->
  5130    (ALL xb::'a::type.
  5131        RIGHT_ID xa xb -->
  5132        (ALL (l1::'b::type list) l2::'b::type list.
  5133            foldl x xb (l1 @ l2) = xa (foldl x xb l1) (foldl x xb l2)))"
  5134   by (import rich_list FCOMM_FOLDL_APPEND)
  5135 
  5136 lemma FOLDL_SINGLE: "ALL (x::'a::type => 'b::type => 'a::type) (xa::'a::type) xb::'b::type.
  5137    foldl x xa [xb] = x xa xb"
  5138   by (import rich_list FOLDL_SINGLE)
  5139 
  5140 lemma FOLDR_SINGLE: "ALL (x::'a::type => 'b::type => 'b::type) (xa::'b::type) xb::'a::type.
  5141    foldr x [xb] xa = x xb xa"
  5142   by (import rich_list FOLDR_SINGLE)
  5143 
  5144 lemma FOLDR_CONS_NIL: "ALL l::'a::type list. foldr op # l [] = l"
  5145   by (import rich_list FOLDR_CONS_NIL)
  5146 
  5147 lemma FOLDL_SNOC_NIL: "ALL l::'a::type list.
  5148    foldl (%(xs::'a::type list) x::'a::type. SNOC x xs) [] l = l"
  5149   by (import rich_list FOLDL_SNOC_NIL)
  5150 
  5151 lemma FOLDR_REVERSE: "ALL (x::'a::type => 'b::type => 'b::type) (xa::'b::type) xb::'a::type list.
  5152    foldr x (rev xb) xa = foldl (%(xa::'b::type) y::'a::type. x y xa) xa xb"
  5153   by (import rich_list FOLDR_REVERSE)
  5154 
  5155 lemma FOLDL_REVERSE: "ALL (x::'a::type => 'b::type => 'a::type) (xa::'a::type) xb::'b::type list.
  5156    foldl x xa (rev xb) = foldr (%(xa::'b::type) y::'a::type. x y xa) xb xa"
  5157   by (import rich_list FOLDL_REVERSE)
  5158 
  5159 lemma FOLDR_MAP: "ALL (f::'a::type => 'a::type => 'a::type) (e::'a::type)
  5160    (g::'b::type => 'a::type) l::'b::type list.
  5161    foldr f (map g l) e = foldr (%x::'b::type. f (g x)) l e"
  5162   by (import rich_list FOLDR_MAP)
  5163 
  5164 lemma FOLDL_MAP: "ALL (f::'a::type => 'a::type => 'a::type) (e::'a::type)
  5165    (g::'b::type => 'a::type) l::'b::type list.
  5166    foldl f e (map g l) = foldl (%(x::'a::type) y::'b::type. f x (g y)) e l"
  5167   by (import rich_list FOLDL_MAP)
  5168 
  5169 lemma ALL_EL_FOLDR: "ALL (P::'a::type => bool) l::'a::type list.
  5170    list_all P l = foldr (%x::'a::type. op & (P x)) l True"
  5171   by (import rich_list ALL_EL_FOLDR)
  5172 
  5173 lemma ALL_EL_FOLDL: "ALL (P::'a::type => bool) l::'a::type list.
  5174    list_all P l = foldl (%(l'::bool) x::'a::type. l' & P x) True l"
  5175   by (import rich_list ALL_EL_FOLDL)
  5176 
  5177 lemma SOME_EL_FOLDR: "ALL (P::'a::type => bool) l::'a::type list.
  5178    list_exists P l = foldr (%x::'a::type. op | (P x)) l False"
  5179   by (import rich_list SOME_EL_FOLDR)
  5180 
  5181 lemma SOME_EL_FOLDL: "ALL (P::'a::type => bool) l::'a::type list.
  5182    list_exists P l = foldl (%(l'::bool) x::'a::type. l' | P x) False l"
  5183   by (import rich_list SOME_EL_FOLDL)
  5184 
  5185 lemma ALL_EL_FOLDR_MAP: "ALL (x::'a::type => bool) xa::'a::type list.
  5186    list_all x xa = foldr op & (map x xa) True"
  5187   by (import rich_list ALL_EL_FOLDR_MAP)
  5188 
  5189 lemma ALL_EL_FOLDL_MAP: "ALL (x::'a::type => bool) xa::'a::type list.
  5190    list_all x xa = foldl op & True (map x xa)"
  5191   by (import rich_list ALL_EL_FOLDL_MAP)
  5192 
  5193 lemma SOME_EL_FOLDR_MAP: "ALL (x::'a::type => bool) xa::'a::type list.
  5194    list_exists x xa = foldr op | (map x xa) False"
  5195   by (import rich_list SOME_EL_FOLDR_MAP)
  5196 
  5197 lemma SOME_EL_FOLDL_MAP: "ALL (x::'a::type => bool) xa::'a::type list.
  5198    list_exists x xa = foldl op | False (map x xa)"
  5199   by (import rich_list SOME_EL_FOLDL_MAP)
  5200 
  5201 lemma FOLDR_FILTER: "ALL (f::'a::type => 'a::type => 'a::type) (e::'a::type)
  5202    (P::'a::type => bool) l::'a::type list.
  5203    foldr f (filter P l) e =
  5204    foldr (%(x::'a::type) y::'a::type. if P x then f x y else y) l e"
  5205   by (import rich_list FOLDR_FILTER)
  5206 
  5207 lemma FOLDL_FILTER: "ALL (f::'a::type => 'a::type => 'a::type) (e::'a::type)
  5208    (P::'a::type => bool) l::'a::type list.
  5209    foldl f e (filter P l) =
  5210    foldl (%(x::'a::type) y::'a::type. if P y then f x y else x) e l"
  5211   by (import rich_list FOLDL_FILTER)
  5212 
  5213 lemma ASSOC_FOLDR_FLAT: "ALL f::'a::type => 'a::type => 'a::type.
  5214    ASSOC f -->
  5215    (ALL e::'a::type.
  5216        LEFT_ID f e -->
  5217        (ALL l::'a::type list list.
  5218            foldr f (concat l) e = foldr f (map (FOLDR f e) l) e))"
  5219   by (import rich_list ASSOC_FOLDR_FLAT)
  5220 
  5221 lemma ASSOC_FOLDL_FLAT: "ALL f::'a::type => 'a::type => 'a::type.
  5222    ASSOC f -->
  5223    (ALL e::'a::type.
  5224        RIGHT_ID f e -->
  5225        (ALL l::'a::type list list.
  5226            foldl f e (concat l) = foldl f e (map (foldl f e) l)))"
  5227   by (import rich_list ASSOC_FOLDL_FLAT)
  5228 
  5229 lemma SOME_EL_MAP: "ALL (P::'b::type => bool) (f::'a::type => 'b::type) l::'a::type list.
  5230    list_exists P (map f l) = list_exists (P o f) l"
  5231   by (import rich_list SOME_EL_MAP)
  5232 
  5233 lemma SOME_EL_DISJ: "ALL (P::'a::type => bool) (Q::'a::type => bool) l::'a::type list.
  5234    list_exists (%x::'a::type. P x | Q x) l =
  5235    (list_exists P l | list_exists Q l)"
  5236   by (import rich_list SOME_EL_DISJ)
  5237 
  5238 lemma IS_EL_FOLDR: "ALL (x::'a::type) xa::'a::type list.
  5239    x mem xa = foldr (%xa::'a::type. op | (x = xa)) xa False"
  5240   by (import rich_list IS_EL_FOLDR)
  5241 
  5242 lemma IS_EL_FOLDL: "ALL (x::'a::type) xa::'a::type list.
  5243    x mem xa = foldl (%(l'::bool) xa::'a::type. l' | x = xa) False xa"
  5244   by (import rich_list IS_EL_FOLDL)
  5245 
  5246 lemma NULL_FOLDR: "ALL l::'a::type list. null l = foldr (%(x::'a::type) l'::bool. False) l True"
  5247   by (import rich_list NULL_FOLDR)
  5248 
  5249 lemma NULL_FOLDL: "ALL l::'a::type list. null l = foldl (%(x::bool) l'::'a::type. False) True l"
  5250   by (import rich_list NULL_FOLDL)
  5251 
  5252 lemma SEG_LENGTH_ID: "ALL l::'a::type list. SEG (length l) 0 l = l"
  5253   by (import rich_list SEG_LENGTH_ID)
  5254 
  5255 lemma SEG_SUC_CONS: "ALL (m::nat) (n::nat) (l::'a::type list) x::'a::type.
  5256    SEG m (Suc n) (x # l) = SEG m n l"
  5257   by (import rich_list SEG_SUC_CONS)
  5258 
  5259 lemma SEG_0_SNOC: "ALL (m::nat) (l::'a::type list) x::'a::type.
  5260    m <= length l --> SEG m 0 (SNOC x l) = SEG m 0 l"
  5261   by (import rich_list SEG_0_SNOC)
  5262 
  5263 lemma BUTLASTN_SEG: "ALL (n::nat) l::'a::type list.
  5264    n <= length l --> BUTLASTN n l = SEG (length l - n) 0 l"
  5265   by (import rich_list BUTLASTN_SEG)
  5266 
  5267 lemma LASTN_CONS: "ALL (n::nat) l::'a::type list.
  5268    n <= length l --> (ALL x::'a::type. LASTN n (x # l) = LASTN n l)"
  5269   by (import rich_list LASTN_CONS)
  5270 
  5271 lemma LENGTH_LASTN: "ALL (n::nat) l::'a::type list. n <= length l --> length (LASTN n l) = n"
  5272   by (import rich_list LENGTH_LASTN)
  5273 
  5274 lemma LASTN_LENGTH_ID: "ALL l::'a::type list. LASTN (length l) l = l"
  5275   by (import rich_list LASTN_LENGTH_ID)
  5276 
  5277 lemma LASTN_LASTN: "ALL (l::'a::type list) (n::nat) m::nat.
  5278    m <= length l --> n <= m --> LASTN n (LASTN m l) = LASTN n l"
  5279   by (import rich_list LASTN_LASTN)
  5280 
  5281 lemma FIRSTN_LENGTH_ID: "ALL l::'a::type list. FIRSTN (length l) l = l"
  5282   by (import rich_list FIRSTN_LENGTH_ID)
  5283 
  5284 lemma FIRSTN_SNOC: "ALL (n::nat) l::'a::type list.
  5285    n <= length l --> (ALL x::'a::type. FIRSTN n (SNOC x l) = FIRSTN n l)"
  5286   by (import rich_list FIRSTN_SNOC)
  5287 
  5288 lemma BUTLASTN_LENGTH_NIL: "ALL l::'a::type list. BUTLASTN (length l) l = []"
  5289   by (import rich_list BUTLASTN_LENGTH_NIL)
  5290 
  5291 lemma BUTLASTN_SUC_BUTLAST: "ALL (n::nat) l::'a::type list.
  5292    n < length l --> BUTLASTN (Suc n) l = BUTLASTN n (butlast l)"
  5293   by (import rich_list BUTLASTN_SUC_BUTLAST)
  5294 
  5295 lemma BUTLASTN_BUTLAST: "ALL (n::nat) l::'a::type list.
  5296    n < length l --> BUTLASTN n (butlast l) = butlast (BUTLASTN n l)"
  5297   by (import rich_list BUTLASTN_BUTLAST)
  5298 
  5299 lemma LENGTH_BUTLASTN: "ALL (n::nat) l::'a::type list.
  5300    n <= length l --> length (BUTLASTN n l) = length l - n"
  5301   by (import rich_list LENGTH_BUTLASTN)
  5302 
  5303 lemma BUTLASTN_BUTLASTN: "ALL (m::nat) (n::nat) l::'a::type list.
  5304    n + m <= length l --> BUTLASTN n (BUTLASTN m l) = BUTLASTN (n + m) l"
  5305   by (import rich_list BUTLASTN_BUTLASTN)
  5306 
  5307 lemma APPEND_BUTLASTN_LASTN: "ALL (n::nat) l::'a::type list.
  5308    n <= length l --> BUTLASTN n l @ LASTN n l = l"
  5309   by (import rich_list APPEND_BUTLASTN_LASTN)
  5310 
  5311 lemma APPEND_FIRSTN_LASTN: "ALL (m::nat) (n::nat) l::'a::type list.
  5312    m + n = length l --> FIRSTN n l @ LASTN m l = l"
  5313   by (import rich_list APPEND_FIRSTN_LASTN)
  5314 
  5315 lemma BUTLASTN_APPEND2: "ALL (n::nat) (l1::'a::type list) l2::'a::type list.
  5316    n <= length l2 --> BUTLASTN n (l1 @ l2) = l1 @ BUTLASTN n l2"
  5317   by (import rich_list BUTLASTN_APPEND2)
  5318 
  5319 lemma BUTLASTN_LENGTH_APPEND: "ALL (l2::'a::type list) l1::'a::type list.
  5320    BUTLASTN (length l2) (l1 @ l2) = l1"
  5321   by (import rich_list BUTLASTN_LENGTH_APPEND)
  5322 
  5323 lemma LASTN_LENGTH_APPEND: "ALL (l2::'a::type list) l1::'a::type list. LASTN (length l2) (l1 @ l2) = l2"
  5324   by (import rich_list LASTN_LENGTH_APPEND)
  5325 
  5326 lemma BUTLASTN_CONS: "ALL (n::nat) l::'a::type list.
  5327    n <= length l -->
  5328    (ALL x::'a::type. BUTLASTN n (x # l) = x # BUTLASTN n l)"
  5329   by (import rich_list BUTLASTN_CONS)
  5330 
  5331 lemma BUTLASTN_LENGTH_CONS: "ALL (l::'a::type list) x::'a::type. BUTLASTN (length l) (x # l) = [x]"
  5332   by (import rich_list BUTLASTN_LENGTH_CONS)
  5333 
  5334 lemma LAST_LASTN_LAST: "ALL (n::nat) l::'a::type list.
  5335    n <= length l --> 0 < n --> last (LASTN n l) = last l"
  5336   by (import rich_list LAST_LASTN_LAST)
  5337 
  5338 lemma BUTLASTN_LASTN_NIL: "ALL (n::nat) l::'a::type list. n <= length l --> BUTLASTN n (LASTN n l) = []"
  5339   by (import rich_list BUTLASTN_LASTN_NIL)
  5340 
  5341 lemma LASTN_BUTLASTN: "ALL (n::nat) (m::nat) l::'a::type list.
  5342    n + m <= length l -->
  5343    LASTN n (BUTLASTN m l) = BUTLASTN m (LASTN (n + m) l)"
  5344   by (import rich_list LASTN_BUTLASTN)
  5345 
  5346 lemma BUTLASTN_LASTN: "ALL (m::nat) (n::nat) l::'a::type list.
  5347    m <= n & n <= length l -->
  5348    BUTLASTN m (LASTN n l) = LASTN (n - m) (BUTLASTN m l)"
  5349   by (import rich_list BUTLASTN_LASTN)
  5350 
  5351 lemma LASTN_1: "ALL l::'a::type list. l ~= [] --> LASTN 1 l = [last l]"
  5352   by (import rich_list LASTN_1)
  5353 
  5354 lemma BUTLASTN_1: "ALL l::'a::type list. l ~= [] --> BUTLASTN 1 l = butlast l"
  5355   by (import rich_list BUTLASTN_1)
  5356 
  5357 lemma BUTLASTN_APPEND1: "ALL (l2::'a::type list) n::nat.
  5358    length l2 <= n -->
  5359    (ALL l1::'a::type list.
  5360        BUTLASTN n (l1 @ l2) = BUTLASTN (n - length l2) l1)"
  5361   by (import rich_list BUTLASTN_APPEND1)
  5362 
  5363 lemma LASTN_APPEND2: "ALL (n::nat) l2::'a::type list.
  5364    n <= length l2 -->
  5365    (ALL l1::'a::type list. LASTN n (l1 @ l2) = LASTN n l2)"
  5366   by (import rich_list LASTN_APPEND2)
  5367 
  5368 lemma LASTN_APPEND1: "ALL (l2::'a::type list) n::nat.
  5369    length l2 <= n -->
  5370    (ALL l1::'a::type list.
  5371        LASTN n (l1 @ l2) = LASTN (n - length l2) l1 @ l2)"
  5372   by (import rich_list LASTN_APPEND1)
  5373 
  5374 lemma LASTN_MAP: "ALL (n::nat) l::'a::type list.
  5375    n <= length l -->
  5376    (ALL f::'a::type => 'b::type. LASTN n (map f l) = map f (LASTN n l))"
  5377   by (import rich_list LASTN_MAP)
  5378 
  5379 lemma BUTLASTN_MAP: "ALL (n::nat) l::'a::type list.
  5380    n <= length l -->
  5381    (ALL f::'a::type => 'b::type.
  5382        BUTLASTN n (map f l) = map f (BUTLASTN n l))"
  5383   by (import rich_list BUTLASTN_MAP)
  5384 
  5385 lemma ALL_EL_LASTN: "(All::(('a::type => bool) => bool) => bool)
  5386  (%P::'a::type => bool.
  5387      (All::('a::type list => bool) => bool)
  5388       (%l::'a::type list.
  5389           (op -->::bool => bool => bool)
  5390            ((list_all::('a::type => bool) => 'a::type list => bool) P l)
  5391            ((All::(nat => bool) => bool)
  5392              (%m::nat.
  5393                  (op -->::bool => bool => bool)
  5394                   ((op <=::nat => nat => bool) m
  5395                     ((size::'a::type list => nat) l))
  5396                   ((list_all::('a::type => bool) => 'a::type list => bool) P
  5397                     ((LASTN::nat => 'a::type list => 'a::type list) m
  5398                       l))))))"
  5399   by (import rich_list ALL_EL_LASTN)
  5400 
  5401 lemma ALL_EL_BUTLASTN: "(All::(('a::type => bool) => bool) => bool)
  5402  (%P::'a::type => bool.
  5403      (All::('a::type list => bool) => bool)
  5404       (%l::'a::type list.
  5405           (op -->::bool => bool => bool)
  5406            ((list_all::('a::type => bool) => 'a::type list => bool) P l)
  5407            ((All::(nat => bool) => bool)
  5408              (%m::nat.
  5409                  (op -->::bool => bool => bool)
  5410                   ((op <=::nat => nat => bool) m
  5411                     ((size::'a::type list => nat) l))
  5412                   ((list_all::('a::type => bool) => 'a::type list => bool) P
  5413                     ((BUTLASTN::nat => 'a::type list => 'a::type list) m
  5414                       l))))))"
  5415   by (import rich_list ALL_EL_BUTLASTN)
  5416 
  5417 lemma LENGTH_FIRSTN: "ALL (n::nat) l::'a::type list. n <= length l --> length (FIRSTN n l) = n"
  5418   by (import rich_list LENGTH_FIRSTN)
  5419 
  5420 lemma FIRSTN_FIRSTN: "(All::(nat => bool) => bool)
  5421  (%m::nat.
  5422      (All::('a::type list => bool) => bool)
  5423       (%l::'a::type list.
  5424           (op -->::bool => bool => bool)
  5425            ((op <=::nat => nat => bool) m ((size::'a::type list => nat) l))
  5426            ((All::(nat => bool) => bool)
  5427              (%n::nat.
  5428                  (op -->::bool => bool => bool)
  5429                   ((op <=::nat => nat => bool) n m)
  5430                   ((op =::'a::type list => 'a::type list => bool)
  5431                     ((FIRSTN::nat => 'a::type list => 'a::type list) n
  5432                       ((FIRSTN::nat => 'a::type list => 'a::type list) m l))
  5433                     ((FIRSTN::nat => 'a::type list => 'a::type list) n
  5434                       l))))))"
  5435   by (import rich_list FIRSTN_FIRSTN)
  5436 
  5437 lemma LENGTH_BUTFIRSTN: "ALL (n::nat) l::'a::type list.
  5438    n <= length l --> length (BUTFIRSTN n l) = length l - n"
  5439   by (import rich_list LENGTH_BUTFIRSTN)
  5440 
  5441 lemma BUTFIRSTN_LENGTH_NIL: "ALL l::'a::type list. BUTFIRSTN (length l) l = []"
  5442   by (import rich_list BUTFIRSTN_LENGTH_NIL)
  5443 
  5444 lemma BUTFIRSTN_APPEND1: "ALL (n::nat) l1::'a::type list.
  5445    n <= length l1 -->
  5446    (ALL l2::'a::type list. BUTFIRSTN n (l1 @ l2) = BUTFIRSTN n l1 @ l2)"
  5447   by (import rich_list BUTFIRSTN_APPEND1)
  5448 
  5449 lemma BUTFIRSTN_APPEND2: "ALL (l1::'a::type list) n::nat.
  5450    length l1 <= n -->
  5451    (ALL l2::'a::type list.
  5452        BUTFIRSTN n (l1 @ l2) = BUTFIRSTN (n - length l1) l2)"
  5453   by (import rich_list BUTFIRSTN_APPEND2)
  5454 
  5455 lemma BUTFIRSTN_BUTFIRSTN: "ALL (n::nat) (m::nat) l::'a::type list.
  5456    n + m <= length l --> BUTFIRSTN n (BUTFIRSTN m l) = BUTFIRSTN (n + m) l"
  5457   by (import rich_list BUTFIRSTN_BUTFIRSTN)
  5458 
  5459 lemma APPEND_FIRSTN_BUTFIRSTN: "ALL (n::nat) l::'a::type list.
  5460    n <= length l --> FIRSTN n l @ BUTFIRSTN n l = l"
  5461   by (import rich_list APPEND_FIRSTN_BUTFIRSTN)
  5462 
  5463 lemma LASTN_SEG: "ALL (n::nat) l::'a::type list.
  5464    n <= length l --> LASTN n l = SEG n (length l - n) l"
  5465   by (import rich_list LASTN_SEG)
  5466 
  5467 lemma FIRSTN_SEG: "ALL (n::nat) l::'a::type list. n <= length l --> FIRSTN n l = SEG n 0 l"
  5468   by (import rich_list FIRSTN_SEG)
  5469 
  5470 lemma BUTFIRSTN_SEG: "ALL (n::nat) l::'a::type list.
  5471    n <= length l --> BUTFIRSTN n l = SEG (length l - n) n l"
  5472   by (import rich_list BUTFIRSTN_SEG)
  5473 
  5474 lemma BUTFIRSTN_SNOC: "ALL (n::nat) l::'a::type list.
  5475    n <= length l -->
  5476    (ALL x::'a::type. BUTFIRSTN n (SNOC x l) = SNOC x (BUTFIRSTN n l))"
  5477   by (import rich_list BUTFIRSTN_SNOC)
  5478 
  5479 lemma APPEND_BUTLASTN_BUTFIRSTN: "ALL (m::nat) (n::nat) l::'a::type list.
  5480    m + n = length l --> BUTLASTN m l @ BUTFIRSTN n l = l"
  5481   by (import rich_list APPEND_BUTLASTN_BUTFIRSTN)
  5482 
  5483 lemma SEG_SEG: "ALL (n1::nat) (m1::nat) (n2::nat) (m2::nat) l::'a::type list.
  5484    n1 + m1 <= length l & n2 + m2 <= n1 -->
  5485    SEG n2 m2 (SEG n1 m1 l) = SEG n2 (m1 + m2) l"
  5486   by (import rich_list SEG_SEG)
  5487 
  5488 lemma SEG_APPEND1: "ALL (n::nat) (m::nat) l1::'a::type list.
  5489    n + m <= length l1 -->
  5490    (ALL l2::'a::type list. SEG n m (l1 @ l2) = SEG n m l1)"
  5491   by (import rich_list SEG_APPEND1)
  5492 
  5493 lemma SEG_APPEND2: "ALL (l1::'a::type list) (m::nat) (n::nat) l2::'a::type list.
  5494    length l1 <= m & n <= length l2 -->
  5495    SEG n m (l1 @ l2) = SEG n (m - length l1) l2"
  5496   by (import rich_list SEG_APPEND2)
  5497 
  5498 lemma SEG_FIRSTN_BUTFISTN: "ALL (n::nat) (m::nat) l::'a::type list.
  5499    n + m <= length l --> SEG n m l = FIRSTN n (BUTFIRSTN m l)"
  5500   by (import rich_list SEG_FIRSTN_BUTFISTN)
  5501 
  5502 lemma SEG_APPEND: "ALL (m::nat) (l1::'a::type list) (n::nat) l2::'a::type list.
  5503    m < length l1 & length l1 <= n + m & n + m <= length l1 + length l2 -->
  5504    SEG n m (l1 @ l2) =
  5505    SEG (length l1 - m) m l1 @ SEG (n + m - length l1) 0 l2"
  5506   by (import rich_list SEG_APPEND)
  5507 
  5508 lemma SEG_LENGTH_SNOC: "ALL (x::'a::type list) xa::'a::type. SEG 1 (length x) (SNOC xa x) = [xa]"
  5509   by (import rich_list SEG_LENGTH_SNOC)
  5510 
  5511 lemma SEG_SNOC: "ALL (n::nat) (m::nat) l::'a::type list.
  5512    n + m <= length l --> (ALL x::'a::type. SEG n m (SNOC x l) = SEG n m l)"
  5513   by (import rich_list SEG_SNOC)
  5514 
  5515 lemma ELL_SEG: "ALL (n::nat) l::'a::type list.
  5516    n < length l --> ELL n l = hd (SEG 1 (PRE (length l - n)) l)"
  5517   by (import rich_list ELL_SEG)
  5518 
  5519 lemma SNOC_FOLDR: "ALL (x::'a::type) l::'a::type list. SNOC x l = foldr op # l [x]"
  5520   by (import rich_list SNOC_FOLDR)
  5521 
  5522 lemma IS_EL_FOLDR_MAP: "ALL (x::'a::type) xa::'a::type list.
  5523    x mem xa = foldr op | (map (op = x) xa) False"
  5524   by (import rich_list IS_EL_FOLDR_MAP)
  5525 
  5526 lemma IS_EL_FOLDL_MAP: "ALL (x::'a::type) xa::'a::type list.
  5527    x mem xa = foldl op | False (map (op = x) xa)"
  5528   by (import rich_list IS_EL_FOLDL_MAP)
  5529 
  5530 lemma FILTER_FILTER: "ALL (P::'a::type => bool) (Q::'a::type => bool) l::'a::type list.
  5531    filter P (filter Q l) = [x::'a::type:l. P x & Q x]"
  5532   by (import rich_list FILTER_FILTER)
  5533 
  5534 lemma FCOMM_FOLDR_FLAT: "ALL (g::'a::type => 'a::type => 'a::type)
  5535    f::'b::type => 'a::type => 'a::type.
  5536    FCOMM g f -->
  5537    (ALL e::'a::type.
  5538        LEFT_ID g e -->
  5539        (ALL l::'b::type list list.
  5540            foldr f (concat l) e = foldr g (map (FOLDR f e) l) e))"
  5541   by (import rich_list FCOMM_FOLDR_FLAT)
  5542 
  5543 lemma FCOMM_FOLDL_FLAT: "ALL (f::'a::type => 'b::type => 'a::type)
  5544    g::'a::type => 'a::type => 'a::type.
  5545    FCOMM f g -->
  5546    (ALL e::'a::type.
  5547        RIGHT_ID g e -->
  5548        (ALL l::'b::type list list.
  5549            foldl f e (concat l) = foldl g e (map (foldl f e) l)))"
  5550   by (import rich_list FCOMM_FOLDL_FLAT)
  5551 
  5552 lemma FOLDR_MAP_REVERSE: "ALL f::'a::type => 'a::type => 'a::type.
  5553    (ALL (a::'a::type) (b::'a::type) c::'a::type.
  5554        f a (f b c) = f b (f a c)) -->
  5555    (ALL (e::'a::type) (g::'b::type => 'a::type) l::'b::type list.
  5556        foldr f (map g (rev l)) e = foldr f (map g l) e)"
  5557   by (import rich_list FOLDR_MAP_REVERSE)
  5558 
  5559 lemma FOLDR_FILTER_REVERSE: "ALL f::'a::type => 'a::type => 'a::type.
  5560    (ALL (a::'a::type) (b::'a::type) c::'a::type.
  5561        f a (f b c) = f b (f a c)) -->
  5562    (ALL (e::'a::type) (P::'a::type => bool) l::'a::type list.
  5563        foldr f (filter P (rev l)) e = foldr f (filter P l) e)"
  5564   by (import rich_list FOLDR_FILTER_REVERSE)
  5565 
  5566 lemma COMM_ASSOC_FOLDR_REVERSE: "ALL f::'a::type => 'a::type => 'a::type.
  5567    COMM f -->
  5568    ASSOC f -->
  5569    (ALL (e::'a::type) l::'a::type list. foldr f (rev l) e = foldr f l e)"
  5570   by (import rich_list COMM_ASSOC_FOLDR_REVERSE)
  5571 
  5572 lemma COMM_ASSOC_FOLDL_REVERSE: "ALL f::'a::type => 'a::type => 'a::type.
  5573    COMM f -->
  5574    ASSOC f -->
  5575    (ALL (e::'a::type) l::'a::type list. foldl f e (rev l) = foldl f e l)"
  5576   by (import rich_list COMM_ASSOC_FOLDL_REVERSE)
  5577 
  5578 lemma ELL_LAST: "ALL l::'a::type list. ~ null l --> ELL 0 l = last l"
  5579   by (import rich_list ELL_LAST)
  5580 
  5581 lemma ELL_0_SNOC: "ALL (l::'a::type list) x::'a::type. ELL 0 (SNOC x l) = x"
  5582   by (import rich_list ELL_0_SNOC)
  5583 
  5584 lemma ELL_SNOC: "ALL n>0.
  5585    ALL (x::'a::type) l::'a::type list. ELL n (SNOC x l) = ELL (PRE n) l"
  5586   by (import rich_list ELL_SNOC)
  5587 
  5588 lemma ELL_SUC_SNOC: "ALL (n::nat) (x::'a::type) xa::'a::type list.
  5589    ELL (Suc n) (SNOC x xa) = ELL n xa"
  5590   by (import rich_list ELL_SUC_SNOC)
  5591 
  5592 lemma ELL_CONS: "ALL (n::nat) l::'a::type list.
  5593    n < length l --> (ALL x::'a::type. ELL n (x # l) = ELL n l)"
  5594   by (import rich_list ELL_CONS)
  5595 
  5596 lemma ELL_LENGTH_CONS: "ALL (l::'a::type list) x::'a::type. ELL (length l) (x # l) = x"
  5597   by (import rich_list ELL_LENGTH_CONS)
  5598 
  5599 lemma ELL_LENGTH_SNOC: "ALL (l::'a::type list) x::'a::type.
  5600    ELL (length l) (SNOC x l) = (if null l then x else hd l)"
  5601   by (import rich_list ELL_LENGTH_SNOC)
  5602 
  5603 lemma ELL_APPEND2: "ALL (n::nat) l2::'a::type list.
  5604    n < length l2 --> (ALL l1::'a::type list. ELL n (l1 @ l2) = ELL n l2)"
  5605   by (import rich_list ELL_APPEND2)
  5606 
  5607 lemma ELL_APPEND1: "ALL (l2::'a::type list) n::nat.
  5608    length l2 <= n -->
  5609    (ALL l1::'a::type list. ELL n (l1 @ l2) = ELL (n - length l2) l1)"
  5610   by (import rich_list ELL_APPEND1)
  5611 
  5612 lemma ELL_PRE_LENGTH: "ALL l::'a::type list. l ~= [] --> ELL (PRE (length l)) l = hd l"
  5613   by (import rich_list ELL_PRE_LENGTH)
  5614 
  5615 lemma EL_LENGTH_SNOC: "ALL (l::'a::type list) x::'a::type. EL (length l) (SNOC x l) = x"
  5616   by (import rich_list EL_LENGTH_SNOC)
  5617 
  5618 lemma EL_PRE_LENGTH: "ALL l::'a::type list. l ~= [] --> EL (PRE (length l)) l = last l"
  5619   by (import rich_list EL_PRE_LENGTH)
  5620 
  5621 lemma EL_SNOC: "ALL (n::nat) l::'a::type list.
  5622    n < length l --> (ALL x::'a::type. EL n (SNOC x l) = EL n l)"
  5623   by (import rich_list EL_SNOC)
  5624 
  5625 lemma EL_ELL: "ALL (n::nat) l::'a::type list.
  5626    n < length l --> EL n l = ELL (PRE (length l - n)) l"
  5627   by (import rich_list EL_ELL)
  5628 
  5629 lemma EL_LENGTH_APPEND: "ALL (l2::'a::type list) l1::'a::type list.
  5630    ~ null l2 --> EL (length l1) (l1 @ l2) = hd l2"
  5631   by (import rich_list EL_LENGTH_APPEND)
  5632 
  5633 lemma ELL_EL: "ALL (n::nat) l::'a::type list.
  5634    n < length l --> ELL n l = EL (PRE (length l - n)) l"
  5635   by (import rich_list ELL_EL)
  5636 
  5637 lemma ELL_MAP: "ALL (n::nat) (l::'a::type list) f::'a::type => 'b::type.
  5638    n < length l --> ELL n (map f l) = f (ELL n l)"
  5639   by (import rich_list ELL_MAP)
  5640 
  5641 lemma LENGTH_BUTLAST: "ALL l::'a::type list. l ~= [] --> length (butlast l) = PRE (length l)"
  5642   by (import rich_list LENGTH_BUTLAST)
  5643 
  5644 lemma BUTFIRSTN_LENGTH_APPEND: "ALL (l1::'a::type list) l2::'a::type list.
  5645    BUTFIRSTN (length l1) (l1 @ l2) = l2"
  5646   by (import rich_list BUTFIRSTN_LENGTH_APPEND)
  5647 
  5648 lemma FIRSTN_APPEND1: "ALL (n::nat) l1::'a::type list.
  5649    n <= length l1 -->
  5650    (ALL l2::'a::type list. FIRSTN n (l1 @ l2) = FIRSTN n l1)"
  5651   by (import rich_list FIRSTN_APPEND1)
  5652 
  5653 lemma FIRSTN_APPEND2: "ALL (l1::'a::type list) n::nat.
  5654    length l1 <= n -->
  5655    (ALL l2::'a::type list.
  5656        FIRSTN n (l1 @ l2) = l1 @ FIRSTN (n - length l1) l2)"
  5657   by (import rich_list FIRSTN_APPEND2)
  5658 
  5659 lemma FIRSTN_LENGTH_APPEND: "ALL (l1::'a::type list) l2::'a::type list. FIRSTN (length l1) (l1 @ l2) = l1"
  5660   by (import rich_list FIRSTN_LENGTH_APPEND)
  5661 
  5662 lemma REVERSE_FLAT: "ALL l::'a::type list list. rev (concat l) = concat (rev (map rev l))"
  5663   by (import rich_list REVERSE_FLAT)
  5664 
  5665 lemma MAP_FILTER: "ALL (f::'a::type => 'a::type) (P::'a::type => bool) l::'a::type list.
  5666    (ALL x::'a::type. P (f x) = P x) -->
  5667    map f (filter P l) = filter P (map f l)"
  5668   by (import rich_list MAP_FILTER)
  5669 
  5670 lemma FLAT_REVERSE: "ALL l::'a::type list list. concat (rev l) = rev (concat (map rev l))"
  5671   by (import rich_list FLAT_REVERSE)
  5672 
  5673 lemma FLAT_FLAT: "ALL l::'a::type list list list. concat (concat l) = concat (map concat l)"
  5674   by (import rich_list FLAT_FLAT)
  5675 
  5676 lemma SOME_EL_REVERSE: "ALL (P::'a::type => bool) l::'a::type list.
  5677    list_exists P (rev l) = list_exists P l"
  5678   by (import rich_list SOME_EL_REVERSE)
  5679 
  5680 lemma ALL_EL_SEG: "ALL (P::'a::type => bool) l::'a::type list.
  5681    list_all P l -->
  5682    (ALL (m::nat) k::nat. m + k <= length l --> list_all P (SEG m k l))"
  5683   by (import rich_list ALL_EL_SEG)
  5684 
  5685 lemma ALL_EL_FIRSTN: "(All::(('a::type => bool) => bool) => bool)
  5686  (%P::'a::type => bool.
  5687      (All::('a::type list => bool) => bool)
  5688       (%l::'a::type list.
  5689           (op -->::bool => bool => bool)
  5690            ((list_all::('a::type => bool) => 'a::type list => bool) P l)
  5691            ((All::(nat => bool) => bool)
  5692              (%m::nat.
  5693                  (op -->::bool => bool => bool)
  5694                   ((op <=::nat => nat => bool) m
  5695                     ((size::'a::type list => nat) l))
  5696                   ((list_all::('a::type => bool) => 'a::type list => bool) P
  5697                     ((FIRSTN::nat => 'a::type list => 'a::type list) m
  5698                       l))))))"
  5699   by (import rich_list ALL_EL_FIRSTN)
  5700 
  5701 lemma ALL_EL_BUTFIRSTN: "(All::(('a::type => bool) => bool) => bool)
  5702  (%P::'a::type => bool.
  5703      (All::('a::type list => bool) => bool)
  5704       (%l::'a::type list.
  5705           (op -->::bool => bool => bool)
  5706            ((list_all::('a::type => bool) => 'a::type list => bool) P l)
  5707            ((All::(nat => bool) => bool)
  5708              (%m::nat.
  5709                  (op -->::bool => bool => bool)
  5710                   ((op <=::nat => nat => bool) m
  5711                     ((size::'a::type list => nat) l))
  5712                   ((list_all::('a::type => bool) => 'a::type list => bool) P
  5713                     ((BUTFIRSTN::nat => 'a::type list => 'a::type list) m
  5714                       l))))))"
  5715   by (import rich_list ALL_EL_BUTFIRSTN)
  5716 
  5717 lemma SOME_EL_SEG: "ALL (m::nat) (k::nat) l::'a::type list.
  5718    m + k <= length l -->
  5719    (ALL P::'a::type => bool. list_exists P (SEG m k l) --> list_exists P l)"
  5720   by (import rich_list SOME_EL_SEG)
  5721 
  5722 lemma SOME_EL_FIRSTN: "ALL (m::nat) l::'a::type list.
  5723    m <= length l -->
  5724    (ALL P::'a::type => bool. list_exists P (FIRSTN m l) --> list_exists P l)"
  5725   by (import rich_list SOME_EL_FIRSTN)
  5726 
  5727 lemma SOME_EL_BUTFIRSTN: "ALL (m::nat) l::'a::type list.
  5728    m <= length l -->
  5729    (ALL P::'a::type => bool.
  5730        list_exists P (BUTFIRSTN m l) --> list_exists P l)"
  5731   by (import rich_list SOME_EL_BUTFIRSTN)
  5732 
  5733 lemma SOME_EL_LASTN: "ALL (m::nat) l::'a::type list.
  5734    m <= length l -->
  5735    (ALL P::'a::type => bool. list_exists P (LASTN m l) --> list_exists P l)"
  5736   by (import rich_list SOME_EL_LASTN)
  5737 
  5738 lemma SOME_EL_BUTLASTN: "ALL (m::nat) l::'a::type list.
  5739    m <= length l -->
  5740    (ALL P::'a::type => bool.
  5741        list_exists P (BUTLASTN m l) --> list_exists P l)"
  5742   by (import rich_list SOME_EL_BUTLASTN)
  5743 
  5744 lemma IS_EL_REVERSE: "ALL (x::'a::type) l::'a::type list. x mem rev l = x mem l"
  5745   by (import rich_list IS_EL_REVERSE)
  5746 
  5747 lemma IS_EL_FILTER: "ALL (P::'a::type => bool) x::'a::type.
  5748    P x --> (ALL l::'a::type list. x mem filter P l = x mem l)"
  5749   by (import rich_list IS_EL_FILTER)
  5750 
  5751 lemma IS_EL_SEG: "ALL (n::nat) (m::nat) l::'a::type list.
  5752    n + m <= length l --> (ALL x::'a::type. x mem SEG n m l --> x mem l)"
  5753   by (import rich_list IS_EL_SEG)
  5754 
  5755 lemma IS_EL_SOME_EL: "ALL (x::'a::type) l::'a::type list. x mem l = list_exists (op = x) l"
  5756   by (import rich_list IS_EL_SOME_EL)
  5757 
  5758 lemma IS_EL_FIRSTN: "ALL (x::nat) xa::'a::type list.
  5759    x <= length xa --> (ALL xb::'a::type. xb mem FIRSTN x xa --> xb mem xa)"
  5760   by (import rich_list IS_EL_FIRSTN)
  5761 
  5762 lemma IS_EL_BUTFIRSTN: "ALL (x::nat) xa::'a::type list.
  5763    x <= length xa -->
  5764    (ALL xb::'a::type. xb mem BUTFIRSTN x xa --> xb mem xa)"
  5765   by (import rich_list IS_EL_BUTFIRSTN)
  5766 
  5767 lemma IS_EL_BUTLASTN: "ALL (x::nat) xa::'a::type list.
  5768    x <= length xa --> (ALL xb::'a::type. xb mem BUTLASTN x xa --> xb mem xa)"
  5769   by (import rich_list IS_EL_BUTLASTN)
  5770 
  5771 lemma IS_EL_LASTN: "ALL (x::nat) xa::'a::type list.
  5772    x <= length xa --> (ALL xb::'a::type. xb mem LASTN x xa --> xb mem xa)"
  5773   by (import rich_list IS_EL_LASTN)
  5774 
  5775 lemma ZIP_SNOC: "ALL (l1::'a::type list) l2::'b::type list.
  5776    length l1 = length l2 -->
  5777    (ALL (x1::'a::type) x2::'b::type.
  5778        zip (SNOC x1 l1) (SNOC x2 l2) = SNOC (x1, x2) (zip l1 l2))"
  5779   by (import rich_list ZIP_SNOC)
  5780 
  5781 lemma UNZIP_SNOC: "ALL (x::'a::type * 'b::type) l::('a::type * 'b::type) list.
  5782    unzip (SNOC x l) =
  5783    (SNOC (fst x) (fst (unzip l)), SNOC (snd x) (snd (unzip l)))"
  5784   by (import rich_list UNZIP_SNOC)
  5785 
  5786 lemma LENGTH_UNZIP_FST: "ALL x::('a::type * 'b::type) list. length (UNZIP_FST x) = length x"
  5787   by (import rich_list LENGTH_UNZIP_FST)
  5788 
  5789 lemma LENGTH_UNZIP_SND: "ALL x::('a::type * 'b::type) list. length (UNZIP_SND x) = length x"
  5790   by (import rich_list LENGTH_UNZIP_SND)
  5791 
  5792 lemma SUM_APPEND: "ALL (l1::nat list) l2::nat list. sum (l1 @ l2) = sum l1 + sum l2"
  5793   by (import rich_list SUM_APPEND)
  5794 
  5795 lemma SUM_REVERSE: "ALL l::nat list. sum (rev l) = sum l"
  5796   by (import rich_list SUM_REVERSE)
  5797 
  5798 lemma SUM_FLAT: "ALL l::nat list list. sum (concat l) = sum (map sum l)"
  5799   by (import rich_list SUM_FLAT)
  5800 
  5801 lemma EL_APPEND1: "ALL (n::nat) (l1::'a::type list) l2::'a::type list.
  5802    n < length l1 --> EL n (l1 @ l2) = EL n l1"
  5803   by (import rich_list EL_APPEND1)
  5804 
  5805 lemma EL_APPEND2: "ALL (l1::'a::type list) n::nat.
  5806    length l1 <= n -->
  5807    (ALL l2::'a::type list. EL n (l1 @ l2) = EL (n - length l1) l2)"
  5808   by (import rich_list EL_APPEND2)
  5809 
  5810 lemma EL_MAP: "ALL (n::nat) l::'a::type list.
  5811    n < length l -->
  5812    (ALL f::'a::type => 'b::type. EL n (map f l) = f (EL n l))"
  5813   by (import rich_list EL_MAP)
  5814 
  5815 lemma EL_CONS: "ALL n>0. ALL (x::'a::type) l::'a::type list. EL n (x # l) = EL (PRE n) l"
  5816   by (import rich_list EL_CONS)
  5817 
  5818 lemma EL_SEG: "ALL (n::nat) l::'a::type list. n < length l --> EL n l = hd (SEG 1 n l)"
  5819   by (import rich_list EL_SEG)
  5820 
  5821 lemma EL_IS_EL: "ALL (n::nat) l::'a::type list. n < length l --> EL n l mem l"
  5822   by (import rich_list EL_IS_EL)
  5823 
  5824 lemma TL_SNOC: "ALL (x::'a::type) l::'a::type list.
  5825    tl (SNOC x l) = (if null l then [] else SNOC x (tl l))"
  5826   by (import rich_list TL_SNOC)
  5827 
  5828 lemma EL_REVERSE: "ALL (n::nat) l::'a::type list.
  5829    n < length l --> EL n (rev l) = EL (PRE (length l - n)) l"
  5830   by (import rich_list EL_REVERSE)
  5831 
  5832 lemma EL_REVERSE_ELL: "ALL (n::nat) l::'a::type list. n < length l --> EL n (rev l) = ELL n l"
  5833   by (import rich_list EL_REVERSE_ELL)
  5834 
  5835 lemma ELL_LENGTH_APPEND: "ALL (l1::'a::type list) l2::'a::type list.
  5836    ~ null l1 --> ELL (length l2) (l1 @ l2) = last l1"
  5837   by (import rich_list ELL_LENGTH_APPEND)
  5838 
  5839 lemma ELL_IS_EL: "ALL (n::nat) l::'a::type list. n < length l --> ELL n l mem l"
  5840   by (import rich_list ELL_IS_EL)
  5841 
  5842 lemma ELL_REVERSE: "ALL (n::nat) l::'a::type list.
  5843    n < length l --> ELL n (rev l) = ELL (PRE (length l - n)) l"
  5844   by (import rich_list ELL_REVERSE)
  5845 
  5846 lemma ELL_REVERSE_EL: "ALL (n::nat) l::'a::type list. n < length l --> ELL n (rev l) = EL n l"
  5847   by (import rich_list ELL_REVERSE_EL)
  5848 
  5849 lemma FIRSTN_BUTLASTN: "ALL (n::nat) l::'a::type list.
  5850    n <= length l --> FIRSTN n l = BUTLASTN (length l - n) l"
  5851   by (import rich_list FIRSTN_BUTLASTN)
  5852 
  5853 lemma BUTLASTN_FIRSTN: "ALL (n::nat) l::'a::type list.
  5854    n <= length l --> BUTLASTN n l = FIRSTN (length l - n) l"
  5855   by (import rich_list BUTLASTN_FIRSTN)
  5856 
  5857 lemma LASTN_BUTFIRSTN: "ALL (n::nat) l::'a::type list.
  5858    n <= length l --> LASTN n l = BUTFIRSTN (length l - n) l"
  5859   by (import rich_list LASTN_BUTFIRSTN)
  5860 
  5861 lemma BUTFIRSTN_LASTN: "ALL (n::nat) l::'a::type list.
  5862    n <= length l --> BUTFIRSTN n l = LASTN (length l - n) l"
  5863   by (import rich_list BUTFIRSTN_LASTN)
  5864 
  5865 lemma SEG_LASTN_BUTLASTN: "ALL (n::nat) (m::nat) l::'a::type list.
  5866    n + m <= length l -->
  5867    SEG n m l = LASTN n (BUTLASTN (length l - (n + m)) l)"
  5868   by (import rich_list SEG_LASTN_BUTLASTN)
  5869 
  5870 lemma BUTFIRSTN_REVERSE: "ALL (n::nat) l::'a::type list.
  5871    n <= length l --> BUTFIRSTN n (rev l) = rev (BUTLASTN n l)"
  5872   by (import rich_list BUTFIRSTN_REVERSE)
  5873 
  5874 lemma BUTLASTN_REVERSE: "ALL (n::nat) l::'a::type list.
  5875    n <= length l --> BUTLASTN n (rev l) = rev (BUTFIRSTN n l)"
  5876   by (import rich_list BUTLASTN_REVERSE)
  5877 
  5878 lemma LASTN_REVERSE: "ALL (n::nat) l::'a::type list.
  5879    n <= length l --> LASTN n (rev l) = rev (FIRSTN n l)"
  5880   by (import rich_list LASTN_REVERSE)
  5881 
  5882 lemma FIRSTN_REVERSE: "ALL (n::nat) l::'a::type list.
  5883    n <= length l --> FIRSTN n (rev l) = rev (LASTN n l)"
  5884   by (import rich_list FIRSTN_REVERSE)
  5885 
  5886 lemma SEG_REVERSE: "ALL (n::nat) (m::nat) l::'a::type list.
  5887    n + m <= length l -->
  5888    SEG n m (rev l) = rev (SEG n (length l - (n + m)) l)"
  5889   by (import rich_list SEG_REVERSE)
  5890 
  5891 lemma LENGTH_GENLIST: "ALL (f::nat => 'a::type) n::nat. length (GENLIST f n) = n"
  5892   by (import rich_list LENGTH_GENLIST)
  5893 
  5894 lemma LENGTH_REPLICATE: "ALL (n::nat) x::'a::type. length (REPLICATE n x) = n"
  5895   by (import rich_list LENGTH_REPLICATE)
  5896 
  5897 lemma IS_EL_REPLICATE: "ALL n>0. ALL x::'a::type. x mem REPLICATE n x"
  5898   by (import rich_list IS_EL_REPLICATE)
  5899 
  5900 lemma ALL_EL_REPLICATE: "ALL (x::'a::type) n::nat. list_all (op = x) (REPLICATE n x)"
  5901   by (import rich_list ALL_EL_REPLICATE)
  5902 
  5903 lemma AND_EL_FOLDL: "ALL l::bool list. AND_EL l = foldl op & True l"
  5904   by (import rich_list AND_EL_FOLDL)
  5905 
  5906 lemma AND_EL_FOLDR: "ALL l::bool list. AND_EL l = foldr op & l True"
  5907   by (import rich_list AND_EL_FOLDR)
  5908 
  5909 lemma OR_EL_FOLDL: "ALL l::bool list. OR_EL l = foldl op | False l"
  5910   by (import rich_list OR_EL_FOLDL)
  5911 
  5912 lemma OR_EL_FOLDR: "ALL l::bool list. OR_EL l = foldr op | l False"
  5913   by (import rich_list OR_EL_FOLDR)
  5914 
  5915 ;end_setup
  5916 
  5917 ;setup_theory state_transformer
  5918 
  5919 constdefs
  5920   UNIT :: "'b => 'a => 'b * 'a" 
  5921   "(op ==::('b::type => 'a::type => 'b::type * 'a::type)
  5922         => ('b::type => 'a::type => 'b::type * 'a::type) => prop)
  5923  (UNIT::'b::type => 'a::type => 'b::type * 'a::type)
  5924  (Pair::'b::type => 'a::type => 'b::type * 'a::type)"
  5925 
  5926 lemma UNIT_DEF: "ALL x::'b::type. UNIT x = Pair x"
  5927   by (import state_transformer UNIT_DEF)
  5928 
  5929 constdefs
  5930   BIND :: "('a => 'b * 'a) => ('b => 'a => 'c * 'a) => 'a => 'c * 'a" 
  5931   "(op ==::(('a::type => 'b::type * 'a::type)
  5932          => ('b::type => 'a::type => 'c::type * 'a::type)
  5933             => 'a::type => 'c::type * 'a::type)
  5934         => (('a::type => 'b::type * 'a::type)
  5935             => ('b::type => 'a::type => 'c::type * 'a::type)
  5936                => 'a::type => 'c::type * 'a::type)
  5937            => prop)
  5938  (BIND::('a::type => 'b::type * 'a::type)
  5939         => ('b::type => 'a::type => 'c::type * 'a::type)
  5940            => 'a::type => 'c::type * 'a::type)
  5941  (%(g::'a::type => 'b::type * 'a::type)
  5942      f::'b::type => 'a::type => 'c::type * 'a::type.
  5943      (op o::('b::type * 'a::type => 'c::type * 'a::type)
  5944             => ('a::type => 'b::type * 'a::type)
  5945                => 'a::type => 'c::type * 'a::type)
  5946       ((split::('b::type => 'a::type => 'c::type * 'a::type)
  5947                => 'b::type * 'a::type => 'c::type * 'a::type)
  5948         f)
  5949       g)"
  5950 
  5951 lemma BIND_DEF: "(All::(('a::type => 'b::type * 'a::type) => bool) => bool)
  5952  (%g::'a::type => 'b::type * 'a::type.
  5953      (All::(('b::type => 'a::type => 'c::type * 'a::type) => bool) => bool)
  5954       (%f::'b::type => 'a::type => 'c::type * 'a::type.
  5955           (op =::('a::type => 'c::type * 'a::type)
  5956                  => ('a::type => 'c::type * 'a::type) => bool)
  5957            ((BIND::('a::type => 'b::type * 'a::type)
  5958                    => ('b::type => 'a::type => 'c::type * 'a::type)
  5959                       => 'a::type => 'c::type * 'a::type)
  5960              g f)
  5961            ((op o::('b::type * 'a::type => 'c::type * 'a::type)
  5962                    => ('a::type => 'b::type * 'a::type)
  5963                       => 'a::type => 'c::type * 'a::type)
  5964              ((split::('b::type => 'a::type => 'c::type * 'a::type)
  5965                       => 'b::type * 'a::type => 'c::type * 'a::type)
  5966                f)
  5967              g)))"
  5968   by (import state_transformer BIND_DEF)
  5969 
  5970 constdefs
  5971   MMAP :: "('c => 'b) => ('a => 'c * 'a) => 'a => 'b * 'a" 
  5972   "MMAP ==
  5973 %(f::'c::type => 'b::type) m::'a::type => 'c::type * 'a::type.
  5974    BIND m (UNIT o f)"
  5975 
  5976 lemma MMAP_DEF: "ALL (f::'c::type => 'b::type) m::'a::type => 'c::type * 'a::type.
  5977    MMAP f m = BIND m (UNIT o f)"
  5978   by (import state_transformer MMAP_DEF)
  5979 
  5980 constdefs
  5981   JOIN :: "('a => ('a => 'b * 'a) * 'a) => 'a => 'b * 'a" 
  5982   "JOIN ==
  5983 %z::'a::type => ('a::type => 'b::type * 'a::type) * 'a::type. BIND z I"
  5984 
  5985 lemma JOIN_DEF: "ALL z::'a::type => ('a::type => 'b::type * 'a::type) * 'a::type.
  5986    JOIN z = BIND z I"
  5987   by (import state_transformer JOIN_DEF)
  5988 
  5989 lemma BIND_LEFT_UNIT: "ALL (k::'a::type => 'b::type => 'c::type * 'b::type) x::'a::type.
  5990    BIND (UNIT x) k = k x"
  5991   by (import state_transformer BIND_LEFT_UNIT)
  5992 
  5993 lemma UNIT_UNCURRY: "ALL x::'a::type * 'b::type. split UNIT x = x"
  5994   by (import state_transformer UNIT_UNCURRY)
  5995 
  5996 lemma BIND_RIGHT_UNIT: "ALL k::'a::type => 'b::type * 'a::type. BIND k UNIT = k"
  5997   by (import state_transformer BIND_RIGHT_UNIT)
  5998 
  5999 lemma BIND_ASSOC: "ALL (x::'a::type => 'b::type * 'a::type)
  6000    (xa::'b::type => 'a::type => 'c::type * 'a::type)
  6001    xb::'c::type => 'a::type => 'd::type * 'a::type.
  6002    BIND x (%a::'b::type. BIND (xa a) xb) = BIND (BIND x xa) xb"
  6003   by (import state_transformer BIND_ASSOC)
  6004 
  6005 lemma MMAP_ID: "MMAP I = I"
  6006   by (import state_transformer MMAP_ID)
  6007 
  6008 lemma MMAP_COMP: "ALL (f::'c::type => 'd::type) g::'b::type => 'c::type.
  6009    MMAP (f o g) = MMAP f o MMAP g"
  6010   by (import state_transformer MMAP_COMP)
  6011 
  6012 lemma MMAP_UNIT: "ALL f::'b::type => 'c::type. MMAP f o UNIT = UNIT o f"
  6013   by (import state_transformer MMAP_UNIT)
  6014 
  6015 lemma MMAP_JOIN: "ALL f::'b::type => 'c::type. MMAP f o JOIN = JOIN o MMAP (MMAP f)"
  6016   by (import state_transformer MMAP_JOIN)
  6017 
  6018 lemma JOIN_UNIT: "JOIN o UNIT = I"
  6019   by (import state_transformer JOIN_UNIT)
  6020 
  6021 lemma JOIN_MMAP_UNIT: "JOIN o MMAP UNIT = I"
  6022   by (import state_transformer JOIN_MMAP_UNIT)
  6023 
  6024 lemma JOIN_MAP_JOIN: "JOIN o MMAP JOIN = JOIN o JOIN"
  6025   by (import state_transformer JOIN_MAP_JOIN)
  6026 
  6027 lemma JOIN_MAP: "ALL (x::'a::type => 'b::type * 'a::type)
  6028    xa::'b::type => 'a::type => 'c::type * 'a::type.
  6029    BIND x xa = JOIN (MMAP xa x)"
  6030   by (import state_transformer JOIN_MAP)
  6031 
  6032 lemma FST_o_UNIT: "ALL x::'a::type. fst o UNIT x = K x"
  6033   by (import state_transformer FST_o_UNIT)
  6034 
  6035 lemma SND_o_UNIT: "ALL x::'a::type. snd o UNIT x = I"
  6036   by (import state_transformer SND_o_UNIT)
  6037 
  6038 lemma FST_o_MMAP: "ALL (x::'a::type => 'b::type) xa::'c::type => 'a::type * 'c::type.
  6039    fst o MMAP x xa = x o (fst o xa)"
  6040   by (import state_transformer FST_o_MMAP)
  6041 
  6042 ;end_setup
  6043 
  6044 end
  6045