src/HOL/SetInterval.thy
 author urbanc Tue Jun 05 09:56:19 2007 +0200 (2007-06-05) changeset 23243 a37d3e6e8323 parent 22713 3ea6c1cb3dab child 23277 aa158e145ea3 permissions -rw-r--r--
included Class.thy in the compiling process for Nominal/Examples
     1 (*  Title:      HOL/SetInterval.thy

     2     ID:         $Id$

     3     Author:     Tobias Nipkow and Clemens Ballarin

     4                 Additions by Jeremy Avigad in March 2004

     5     Copyright   2000  TU Muenchen

     6

     7 lessThan, greaterThan, atLeast, atMost and two-sided intervals

     8 *)

     9

    10 header {* Set intervals *}

    11

    12 theory SetInterval

    13 imports IntArith

    14 begin

    15

    16 constdefs

    17   lessThan    :: "('a::ord) => 'a set"	("(1{..<_})")

    18   "{..<u} == {x. x<u}"

    19

    20   atMost      :: "('a::ord) => 'a set"	("(1{.._})")

    21   "{..u} == {x. x<=u}"

    22

    23   greaterThan :: "('a::ord) => 'a set"	("(1{_<..})")

    24   "{l<..} == {x. l<x}"

    25

    26   atLeast     :: "('a::ord) => 'a set"	("(1{_..})")

    27   "{l..} == {x. l<=x}"

    28

    29   greaterThanLessThan :: "['a::ord, 'a] => 'a set"  ("(1{_<..<_})")

    30   "{l<..<u} == {l<..} Int {..<u}"

    31

    32   atLeastLessThan :: "['a::ord, 'a] => 'a set"      ("(1{_..<_})")

    33   "{l..<u} == {l..} Int {..<u}"

    34

    35   greaterThanAtMost :: "['a::ord, 'a] => 'a set"    ("(1{_<.._})")

    36   "{l<..u} == {l<..} Int {..u}"

    37

    38   atLeastAtMost :: "['a::ord, 'a] => 'a set"        ("(1{_.._})")

    39   "{l..u} == {l..} Int {..u}"

    40

    41 text{* A note of warning when using @{term"{..<n}"} on type @{typ

    42 nat}: it is equivalent to @{term"{0::nat..<n}"} but some lemmas involving

    43 @{term"{m..<n}"} may not exist in @{term"{..<n}"}-form as well. *}

    44

    45 syntax

    46   "@UNION_le"   :: "nat => nat => 'b set => 'b set"       ("(3UN _<=_./ _)" 10)

    47   "@UNION_less" :: "nat => nat => 'b set => 'b set"       ("(3UN _<_./ _)" 10)

    48   "@INTER_le"   :: "nat => nat => 'b set => 'b set"       ("(3INT _<=_./ _)" 10)

    49   "@INTER_less" :: "nat => nat => 'b set => 'b set"       ("(3INT _<_./ _)" 10)

    50

    51 syntax (input)

    52   "@UNION_le"   :: "nat => nat => 'b set => 'b set"       ("(3\<Union> _\<le>_./ _)" 10)

    53   "@UNION_less" :: "nat => nat => 'b set => 'b set"       ("(3\<Union> _<_./ _)" 10)

    54   "@INTER_le"   :: "nat => nat => 'b set => 'b set"       ("(3\<Inter> _\<le>_./ _)" 10)

    55   "@INTER_less" :: "nat => nat => 'b set => 'b set"       ("(3\<Inter> _<_./ _)" 10)

    56

    57 syntax (xsymbols)

    58   "@UNION_le"   :: "nat \<Rightarrow> nat => 'b set => 'b set"       ("(3\<Union>(00\<^bsub>_ \<le> _\<^esub>)/ _)" 10)

    59   "@UNION_less" :: "nat \<Rightarrow> nat => 'b set => 'b set"       ("(3\<Union>(00\<^bsub>_ < _\<^esub>)/ _)" 10)

    60   "@INTER_le"   :: "nat \<Rightarrow> nat => 'b set => 'b set"       ("(3\<Inter>(00\<^bsub>_ \<le> _\<^esub>)/ _)" 10)

    61   "@INTER_less" :: "nat \<Rightarrow> nat => 'b set => 'b set"       ("(3\<Inter>(00\<^bsub>_ < _\<^esub>)/ _)" 10)

    62

    63 translations

    64   "UN i<=n. A"  == "UN i:{..n}. A"

    65   "UN i<n. A"   == "UN i:{..<n}. A"

    66   "INT i<=n. A" == "INT i:{..n}. A"

    67   "INT i<n. A"  == "INT i:{..<n}. A"

    68

    69

    70 subsection {* Various equivalences *}

    71

    72 lemma lessThan_iff [iff]: "(i: lessThan k) = (i<k)"

    73 by (simp add: lessThan_def)

    74

    75 lemma Compl_lessThan [simp]:

    76     "!!k:: 'a::linorder. -lessThan k = atLeast k"

    77 apply (auto simp add: lessThan_def atLeast_def)

    78 done

    79

    80 lemma single_Diff_lessThan [simp]: "!!k:: 'a::order. {k} - lessThan k = {k}"

    81 by auto

    82

    83 lemma greaterThan_iff [iff]: "(i: greaterThan k) = (k<i)"

    84 by (simp add: greaterThan_def)

    85

    86 lemma Compl_greaterThan [simp]:

    87     "!!k:: 'a::linorder. -greaterThan k = atMost k"

    88 apply (simp add: greaterThan_def atMost_def le_def, auto)

    89 done

    90

    91 lemma Compl_atMost [simp]: "!!k:: 'a::linorder. -atMost k = greaterThan k"

    92 apply (subst Compl_greaterThan [symmetric])

    93 apply (rule double_complement)

    94 done

    95

    96 lemma atLeast_iff [iff]: "(i: atLeast k) = (k<=i)"

    97 by (simp add: atLeast_def)

    98

    99 lemma Compl_atLeast [simp]:

   100     "!!k:: 'a::linorder. -atLeast k = lessThan k"

   101 apply (simp add: lessThan_def atLeast_def le_def, auto)

   102 done

   103

   104 lemma atMost_iff [iff]: "(i: atMost k) = (i<=k)"

   105 by (simp add: atMost_def)

   106

   107 lemma atMost_Int_atLeast: "!!n:: 'a::order. atMost n Int atLeast n = {n}"

   108 by (blast intro: order_antisym)

   109

   110

   111 subsection {* Logical Equivalences for Set Inclusion and Equality *}

   112

   113 lemma atLeast_subset_iff [iff]:

   114      "(atLeast x \<subseteq> atLeast y) = (y \<le> (x::'a::order))"

   115 by (blast intro: order_trans)

   116

   117 lemma atLeast_eq_iff [iff]:

   118      "(atLeast x = atLeast y) = (x = (y::'a::linorder))"

   119 by (blast intro: order_antisym order_trans)

   120

   121 lemma greaterThan_subset_iff [iff]:

   122      "(greaterThan x \<subseteq> greaterThan y) = (y \<le> (x::'a::linorder))"

   123 apply (auto simp add: greaterThan_def)

   124  apply (subst linorder_not_less [symmetric], blast)

   125 done

   126

   127 lemma greaterThan_eq_iff [iff]:

   128      "(greaterThan x = greaterThan y) = (x = (y::'a::linorder))"

   129 apply (rule iffI)

   130  apply (erule equalityE)

   131  apply (simp_all add: greaterThan_subset_iff)

   132 done

   133

   134 lemma atMost_subset_iff [iff]: "(atMost x \<subseteq> atMost y) = (x \<le> (y::'a::order))"

   135 by (blast intro: order_trans)

   136

   137 lemma atMost_eq_iff [iff]: "(atMost x = atMost y) = (x = (y::'a::linorder))"

   138 by (blast intro: order_antisym order_trans)

   139

   140 lemma lessThan_subset_iff [iff]:

   141      "(lessThan x \<subseteq> lessThan y) = (x \<le> (y::'a::linorder))"

   142 apply (auto simp add: lessThan_def)

   143  apply (subst linorder_not_less [symmetric], blast)

   144 done

   145

   146 lemma lessThan_eq_iff [iff]:

   147      "(lessThan x = lessThan y) = (x = (y::'a::linorder))"

   148 apply (rule iffI)

   149  apply (erule equalityE)

   150  apply (simp_all add: lessThan_subset_iff)

   151 done

   152

   153

   154 subsection {*Two-sided intervals*}

   155

   156 lemma greaterThanLessThan_iff [simp]:

   157   "(i : {l<..<u}) = (l < i & i < u)"

   158 by (simp add: greaterThanLessThan_def)

   159

   160 lemma atLeastLessThan_iff [simp]:

   161   "(i : {l..<u}) = (l <= i & i < u)"

   162 by (simp add: atLeastLessThan_def)

   163

   164 lemma greaterThanAtMost_iff [simp]:

   165   "(i : {l<..u}) = (l < i & i <= u)"

   166 by (simp add: greaterThanAtMost_def)

   167

   168 lemma atLeastAtMost_iff [simp]:

   169   "(i : {l..u}) = (l <= i & i <= u)"

   170 by (simp add: atLeastAtMost_def)

   171

   172 text {* The above four lemmas could be declared as iffs.

   173   If we do so, a call to blast in Hyperreal/Star.ML, lemma @{text STAR_Int}

   174   seems to take forever (more than one hour). *}

   175

   176 subsubsection{* Emptyness and singletons *}

   177

   178 lemma atLeastAtMost_empty [simp]: "n < m ==> {m::'a::order..n} = {}";

   179   by (auto simp add: atLeastAtMost_def atMost_def atLeast_def);

   180

   181 lemma atLeastLessThan_empty[simp]: "n \<le> m ==> {m..<n::'a::order} = {}"

   182 by (auto simp add: atLeastLessThan_def)

   183

   184 lemma greaterThanAtMost_empty[simp]:"l \<le> k ==> {k<..(l::'a::order)} = {}"

   185 by(auto simp:greaterThanAtMost_def greaterThan_def atMost_def)

   186

   187 lemma greaterThanLessThan_empty[simp]:"l \<le> k ==> {k<..(l::'a::order)} = {}"

   188 by(auto simp:greaterThanLessThan_def greaterThan_def lessThan_def)

   189

   190 lemma atLeastAtMost_singleton [simp]: "{a::'a::order..a} = {a}";

   191 by (auto simp add: atLeastAtMost_def atMost_def atLeast_def);

   192

   193 subsection {* Intervals of natural numbers *}

   194

   195 subsubsection {* The Constant @{term lessThan} *}

   196

   197 lemma lessThan_0 [simp]: "lessThan (0::nat) = {}"

   198 by (simp add: lessThan_def)

   199

   200 lemma lessThan_Suc: "lessThan (Suc k) = insert k (lessThan k)"

   201 by (simp add: lessThan_def less_Suc_eq, blast)

   202

   203 lemma lessThan_Suc_atMost: "lessThan (Suc k) = atMost k"

   204 by (simp add: lessThan_def atMost_def less_Suc_eq_le)

   205

   206 lemma UN_lessThan_UNIV: "(UN m::nat. lessThan m) = UNIV"

   207 by blast

   208

   209 subsubsection {* The Constant @{term greaterThan} *}

   210

   211 lemma greaterThan_0 [simp]: "greaterThan 0 = range Suc"

   212 apply (simp add: greaterThan_def)

   213 apply (blast dest: gr0_conv_Suc [THEN iffD1])

   214 done

   215

   216 lemma greaterThan_Suc: "greaterThan (Suc k) = greaterThan k - {Suc k}"

   217 apply (simp add: greaterThan_def)

   218 apply (auto elim: linorder_neqE)

   219 done

   220

   221 lemma INT_greaterThan_UNIV: "(INT m::nat. greaterThan m) = {}"

   222 by blast

   223

   224 subsubsection {* The Constant @{term atLeast} *}

   225

   226 lemma atLeast_0 [simp]: "atLeast (0::nat) = UNIV"

   227 by (unfold atLeast_def UNIV_def, simp)

   228

   229 lemma atLeast_Suc: "atLeast (Suc k) = atLeast k - {k}"

   230 apply (simp add: atLeast_def)

   231 apply (simp add: Suc_le_eq)

   232 apply (simp add: order_le_less, blast)

   233 done

   234

   235 lemma atLeast_Suc_greaterThan: "atLeast (Suc k) = greaterThan k"

   236   by (auto simp add: greaterThan_def atLeast_def less_Suc_eq_le)

   237

   238 lemma UN_atLeast_UNIV: "(UN m::nat. atLeast m) = UNIV"

   239 by blast

   240

   241 subsubsection {* The Constant @{term atMost} *}

   242

   243 lemma atMost_0 [simp]: "atMost (0::nat) = {0}"

   244 by (simp add: atMost_def)

   245

   246 lemma atMost_Suc: "atMost (Suc k) = insert (Suc k) (atMost k)"

   247 apply (simp add: atMost_def)

   248 apply (simp add: less_Suc_eq order_le_less, blast)

   249 done

   250

   251 lemma UN_atMost_UNIV: "(UN m::nat. atMost m) = UNIV"

   252 by blast

   253

   254 subsubsection {* The Constant @{term atLeastLessThan} *}

   255

   256 text{*But not a simprule because some concepts are better left in terms

   257   of @{term atLeastLessThan}*}

   258 lemma atLeast0LessThan: "{0::nat..<n} = {..<n}"

   259 by(simp add:lessThan_def atLeastLessThan_def)

   260 (*

   261 lemma atLeastLessThan0 [simp]: "{m..<0::nat} = {}"

   262 by (simp add: atLeastLessThan_def)

   263 *)

   264 subsubsection {* Intervals of nats with @{term Suc} *}

   265

   266 text{*Not a simprule because the RHS is too messy.*}

   267 lemma atLeastLessThanSuc:

   268     "{m..<Suc n} = (if m \<le> n then insert n {m..<n} else {})"

   269 by (auto simp add: atLeastLessThan_def)

   270

   271 lemma atLeastLessThan_singleton [simp]: "{m..<Suc m} = {m}"

   272 by (auto simp add: atLeastLessThan_def)

   273 (*

   274 lemma atLeast_sum_LessThan [simp]: "{m + k..<k::nat} = {}"

   275 by (induct k, simp_all add: atLeastLessThanSuc)

   276

   277 lemma atLeastSucLessThan [simp]: "{Suc n..<n} = {}"

   278 by (auto simp add: atLeastLessThan_def)

   279 *)

   280 lemma atLeastLessThanSuc_atLeastAtMost: "{l..<Suc u} = {l..u}"

   281   by (simp add: lessThan_Suc_atMost atLeastAtMost_def atLeastLessThan_def)

   282

   283 lemma atLeastSucAtMost_greaterThanAtMost: "{Suc l..u} = {l<..u}"

   284   by (simp add: atLeast_Suc_greaterThan atLeastAtMost_def

   285     greaterThanAtMost_def)

   286

   287 lemma atLeastSucLessThan_greaterThanLessThan: "{Suc l..<u} = {l<..<u}"

   288   by (simp add: atLeast_Suc_greaterThan atLeastLessThan_def

   289     greaterThanLessThan_def)

   290

   291 lemma atLeastAtMostSuc_conv: "m \<le> Suc n \<Longrightarrow> {m..Suc n} = insert (Suc n) {m..n}"

   292 by (auto simp add: atLeastAtMost_def)

   293

   294 subsubsection {* Image *}

   295

   296 lemma image_add_atLeastAtMost:

   297   "(%n::nat. n+k)  {i..j} = {i+k..j+k}" (is "?A = ?B")

   298 proof

   299   show "?A \<subseteq> ?B" by auto

   300 next

   301   show "?B \<subseteq> ?A"

   302   proof

   303     fix n assume a: "n : ?B"

   304     hence "n - k : {i..j}" by auto

   305     moreover have "n = (n - k) + k" using a by auto

   306     ultimately show "n : ?A" by blast

   307   qed

   308 qed

   309

   310 lemma image_add_atLeastLessThan:

   311   "(%n::nat. n+k)  {i..<j} = {i+k..<j+k}" (is "?A = ?B")

   312 proof

   313   show "?A \<subseteq> ?B" by auto

   314 next

   315   show "?B \<subseteq> ?A"

   316   proof

   317     fix n assume a: "n : ?B"

   318     hence "n - k : {i..<j}" by auto

   319     moreover have "n = (n - k) + k" using a by auto

   320     ultimately show "n : ?A" by blast

   321   qed

   322 qed

   323

   324 corollary image_Suc_atLeastAtMost[simp]:

   325   "Suc  {i..j} = {Suc i..Suc j}"

   326 using image_add_atLeastAtMost[where k=1] by simp

   327

   328 corollary image_Suc_atLeastLessThan[simp]:

   329   "Suc  {i..<j} = {Suc i..<Suc j}"

   330 using image_add_atLeastLessThan[where k=1] by simp

   331

   332 lemma image_add_int_atLeastLessThan:

   333     "(%x. x + (l::int))  {0..<u-l} = {l..<u}"

   334   apply (auto simp add: image_def)

   335   apply (rule_tac x = "x - l" in bexI)

   336   apply auto

   337   done

   338

   339

   340 subsubsection {* Finiteness *}

   341

   342 lemma finite_lessThan [iff]: fixes k :: nat shows "finite {..<k}"

   343   by (induct k) (simp_all add: lessThan_Suc)

   344

   345 lemma finite_atMost [iff]: fixes k :: nat shows "finite {..k}"

   346   by (induct k) (simp_all add: atMost_Suc)

   347

   348 lemma finite_greaterThanLessThan [iff]:

   349   fixes l :: nat shows "finite {l<..<u}"

   350 by (simp add: greaterThanLessThan_def)

   351

   352 lemma finite_atLeastLessThan [iff]:

   353   fixes l :: nat shows "finite {l..<u}"

   354 by (simp add: atLeastLessThan_def)

   355

   356 lemma finite_greaterThanAtMost [iff]:

   357   fixes l :: nat shows "finite {l<..u}"

   358 by (simp add: greaterThanAtMost_def)

   359

   360 lemma finite_atLeastAtMost [iff]:

   361   fixes l :: nat shows "finite {l..u}"

   362 by (simp add: atLeastAtMost_def)

   363

   364 lemma bounded_nat_set_is_finite:

   365     "(ALL i:N. i < (n::nat)) ==> finite N"

   366   -- {* A bounded set of natural numbers is finite. *}

   367   apply (rule finite_subset)

   368    apply (rule_tac [2] finite_lessThan, auto)

   369   done

   370

   371 subsubsection {* Cardinality *}

   372

   373 lemma card_lessThan [simp]: "card {..<u} = u"

   374   by (induct u, simp_all add: lessThan_Suc)

   375

   376 lemma card_atMost [simp]: "card {..u} = Suc u"

   377   by (simp add: lessThan_Suc_atMost [THEN sym])

   378

   379 lemma card_atLeastLessThan [simp]: "card {l..<u} = u - l"

   380   apply (subgoal_tac "card {l..<u} = card {..<u-l}")

   381   apply (erule ssubst, rule card_lessThan)

   382   apply (subgoal_tac "(%x. x + l)  {..<u-l} = {l..<u}")

   383   apply (erule subst)

   384   apply (rule card_image)

   385   apply (simp add: inj_on_def)

   386   apply (auto simp add: image_def atLeastLessThan_def lessThan_def)

   387   apply (rule_tac x = "x - l" in exI)

   388   apply arith

   389   done

   390

   391 lemma card_atLeastAtMost [simp]: "card {l..u} = Suc u - l"

   392   by (subst atLeastLessThanSuc_atLeastAtMost [THEN sym], simp)

   393

   394 lemma card_greaterThanAtMost [simp]: "card {l<..u} = u - l"

   395   by (subst atLeastSucAtMost_greaterThanAtMost [THEN sym], simp)

   396

   397 lemma card_greaterThanLessThan [simp]: "card {l<..<u} = u - Suc l"

   398   by (subst atLeastSucLessThan_greaterThanLessThan [THEN sym], simp)

   399

   400 subsection {* Intervals of integers *}

   401

   402 lemma atLeastLessThanPlusOne_atLeastAtMost_int: "{l..<u+1} = {l..(u::int)}"

   403   by (auto simp add: atLeastAtMost_def atLeastLessThan_def)

   404

   405 lemma atLeastPlusOneAtMost_greaterThanAtMost_int: "{l+1..u} = {l<..(u::int)}"

   406   by (auto simp add: atLeastAtMost_def greaterThanAtMost_def)

   407

   408 lemma atLeastPlusOneLessThan_greaterThanLessThan_int:

   409     "{l+1..<u} = {l<..<u::int}"

   410   by (auto simp add: atLeastLessThan_def greaterThanLessThan_def)

   411

   412 subsubsection {* Finiteness *}

   413

   414 lemma image_atLeastZeroLessThan_int: "0 \<le> u ==>

   415     {(0::int)..<u} = int  {..<nat u}"

   416   apply (unfold image_def lessThan_def)

   417   apply auto

   418   apply (rule_tac x = "nat x" in exI)

   419   apply (auto simp add: zless_nat_conj zless_nat_eq_int_zless [THEN sym])

   420   done

   421

   422 lemma finite_atLeastZeroLessThan_int: "finite {(0::int)..<u}"

   423   apply (case_tac "0 \<le> u")

   424   apply (subst image_atLeastZeroLessThan_int, assumption)

   425   apply (rule finite_imageI)

   426   apply auto

   427   done

   428

   429 lemma finite_atLeastLessThan_int [iff]: "finite {l..<u::int}"

   430   apply (subgoal_tac "(%x. x + l)  {0..<u-l} = {l..<u}")

   431   apply (erule subst)

   432   apply (rule finite_imageI)

   433   apply (rule finite_atLeastZeroLessThan_int)

   434   apply (rule image_add_int_atLeastLessThan)

   435   done

   436

   437 lemma finite_atLeastAtMost_int [iff]: "finite {l..(u::int)}"

   438   by (subst atLeastLessThanPlusOne_atLeastAtMost_int [THEN sym], simp)

   439

   440 lemma finite_greaterThanAtMost_int [iff]: "finite {l<..(u::int)}"

   441   by (subst atLeastPlusOneAtMost_greaterThanAtMost_int [THEN sym], simp)

   442

   443 lemma finite_greaterThanLessThan_int [iff]: "finite {l<..<u::int}"

   444   by (subst atLeastPlusOneLessThan_greaterThanLessThan_int [THEN sym], simp)

   445

   446 subsubsection {* Cardinality *}

   447

   448 lemma card_atLeastZeroLessThan_int: "card {(0::int)..<u} = nat u"

   449   apply (case_tac "0 \<le> u")

   450   apply (subst image_atLeastZeroLessThan_int, assumption)

   451   apply (subst card_image)

   452   apply (auto simp add: inj_on_def)

   453   done

   454

   455 lemma card_atLeastLessThan_int [simp]: "card {l..<u} = nat (u - l)"

   456   apply (subgoal_tac "card {l..<u} = card {0..<u-l}")

   457   apply (erule ssubst, rule card_atLeastZeroLessThan_int)

   458   apply (subgoal_tac "(%x. x + l)  {0..<u-l} = {l..<u}")

   459   apply (erule subst)

   460   apply (rule card_image)

   461   apply (simp add: inj_on_def)

   462   apply (rule image_add_int_atLeastLessThan)

   463   done

   464

   465 lemma card_atLeastAtMost_int [simp]: "card {l..u} = nat (u - l + 1)"

   466   apply (subst atLeastLessThanPlusOne_atLeastAtMost_int [THEN sym])

   467   apply (auto simp add: compare_rls)

   468   done

   469

   470 lemma card_greaterThanAtMost_int [simp]: "card {l<..u} = nat (u - l)"

   471   by (subst atLeastPlusOneAtMost_greaterThanAtMost_int [THEN sym], simp)

   472

   473 lemma card_greaterThanLessThan_int [simp]: "card {l<..<u} = nat (u - (l + 1))"

   474   by (subst atLeastPlusOneLessThan_greaterThanLessThan_int [THEN sym], simp)

   475

   476

   477 subsection {*Lemmas useful with the summation operator setsum*}

   478

   479 text {* For examples, see Algebra/poly/UnivPoly2.thy *}

   480

   481 subsubsection {* Disjoint Unions *}

   482

   483 text {* Singletons and open intervals *}

   484

   485 lemma ivl_disj_un_singleton:

   486   "{l::'a::linorder} Un {l<..} = {l..}"

   487   "{..<u} Un {u::'a::linorder} = {..u}"

   488   "(l::'a::linorder) < u ==> {l} Un {l<..<u} = {l..<u}"

   489   "(l::'a::linorder) < u ==> {l<..<u} Un {u} = {l<..u}"

   490   "(l::'a::linorder) <= u ==> {l} Un {l<..u} = {l..u}"

   491   "(l::'a::linorder) <= u ==> {l..<u} Un {u} = {l..u}"

   492 by auto

   493

   494 text {* One- and two-sided intervals *}

   495

   496 lemma ivl_disj_un_one:

   497   "(l::'a::linorder) < u ==> {..l} Un {l<..<u} = {..<u}"

   498   "(l::'a::linorder) <= u ==> {..<l} Un {l..<u} = {..<u}"

   499   "(l::'a::linorder) <= u ==> {..l} Un {l<..u} = {..u}"

   500   "(l::'a::linorder) <= u ==> {..<l} Un {l..u} = {..u}"

   501   "(l::'a::linorder) <= u ==> {l<..u} Un {u<..} = {l<..}"

   502   "(l::'a::linorder) < u ==> {l<..<u} Un {u..} = {l<..}"

   503   "(l::'a::linorder) <= u ==> {l..u} Un {u<..} = {l..}"

   504   "(l::'a::linorder) <= u ==> {l..<u} Un {u..} = {l..}"

   505 by auto

   506

   507 text {* Two- and two-sided intervals *}

   508

   509 lemma ivl_disj_un_two:

   510   "[| (l::'a::linorder) < m; m <= u |] ==> {l<..<m} Un {m..<u} = {l<..<u}"

   511   "[| (l::'a::linorder) <= m; m < u |] ==> {l<..m} Un {m<..<u} = {l<..<u}"

   512   "[| (l::'a::linorder) <= m; m <= u |] ==> {l..<m} Un {m..<u} = {l..<u}"

   513   "[| (l::'a::linorder) <= m; m < u |] ==> {l..m} Un {m<..<u} = {l..<u}"

   514   "[| (l::'a::linorder) < m; m <= u |] ==> {l<..<m} Un {m..u} = {l<..u}"

   515   "[| (l::'a::linorder) <= m; m <= u |] ==> {l<..m} Un {m<..u} = {l<..u}"

   516   "[| (l::'a::linorder) <= m; m <= u |] ==> {l..<m} Un {m..u} = {l..u}"

   517   "[| (l::'a::linorder) <= m; m <= u |] ==> {l..m} Un {m<..u} = {l..u}"

   518 by auto

   519

   520 lemmas ivl_disj_un = ivl_disj_un_singleton ivl_disj_un_one ivl_disj_un_two

   521

   522 subsubsection {* Disjoint Intersections *}

   523

   524 text {* Singletons and open intervals *}

   525

   526 lemma ivl_disj_int_singleton:

   527   "{l::'a::order} Int {l<..} = {}"

   528   "{..<u} Int {u} = {}"

   529   "{l} Int {l<..<u} = {}"

   530   "{l<..<u} Int {u} = {}"

   531   "{l} Int {l<..u} = {}"

   532   "{l..<u} Int {u} = {}"

   533   by simp+

   534

   535 text {* One- and two-sided intervals *}

   536

   537 lemma ivl_disj_int_one:

   538   "{..l::'a::order} Int {l<..<u} = {}"

   539   "{..<l} Int {l..<u} = {}"

   540   "{..l} Int {l<..u} = {}"

   541   "{..<l} Int {l..u} = {}"

   542   "{l<..u} Int {u<..} = {}"

   543   "{l<..<u} Int {u..} = {}"

   544   "{l..u} Int {u<..} = {}"

   545   "{l..<u} Int {u..} = {}"

   546   by auto

   547

   548 text {* Two- and two-sided intervals *}

   549

   550 lemma ivl_disj_int_two:

   551   "{l::'a::order<..<m} Int {m..<u} = {}"

   552   "{l<..m} Int {m<..<u} = {}"

   553   "{l..<m} Int {m..<u} = {}"

   554   "{l..m} Int {m<..<u} = {}"

   555   "{l<..<m} Int {m..u} = {}"

   556   "{l<..m} Int {m<..u} = {}"

   557   "{l..<m} Int {m..u} = {}"

   558   "{l..m} Int {m<..u} = {}"

   559   by auto

   560

   561 lemmas ivl_disj_int = ivl_disj_int_singleton ivl_disj_int_one ivl_disj_int_two

   562

   563 subsubsection {* Some Differences *}

   564

   565 lemma ivl_diff[simp]:

   566  "i \<le> n \<Longrightarrow> {i..<m} - {i..<n} = {n..<(m::'a::linorder)}"

   567 by(auto)

   568

   569

   570 subsubsection {* Some Subset Conditions *}

   571

   572 lemma ivl_subset[simp]:

   573  "({i..<j} \<subseteq> {m..<n}) = (j \<le> i | m \<le> i & j \<le> (n::'a::linorder))"

   574 apply(auto simp:linorder_not_le)

   575 apply(rule ccontr)

   576 apply(insert linorder_le_less_linear[of i n])

   577 apply(clarsimp simp:linorder_not_le)

   578 apply(fastsimp)

   579 done

   580

   581

   582 subsection {* Summation indexed over intervals *}

   583

   584 syntax

   585   "_from_to_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(SUM _ = _.._./ _)" [0,0,0,10] 10)

   586   "_from_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(SUM _ = _..<_./ _)" [0,0,0,10] 10)

   587   "_upt_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(SUM _<_./ _)" [0,0,10] 10)

   588   "_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(SUM _<=_./ _)" [0,0,10] 10)

   589 syntax (xsymbols)

   590   "_from_to_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_ = _.._./ _)" [0,0,0,10] 10)

   591   "_from_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_ = _..<_./ _)" [0,0,0,10] 10)

   592   "_upt_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_<_./ _)" [0,0,10] 10)

   593   "_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_\<le>_./ _)" [0,0,10] 10)

   594 syntax (HTML output)

   595   "_from_to_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_ = _.._./ _)" [0,0,0,10] 10)

   596   "_from_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_ = _..<_./ _)" [0,0,0,10] 10)

   597   "_upt_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_<_./ _)" [0,0,10] 10)

   598   "_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b" ("(3\<Sum>_\<le>_./ _)" [0,0,10] 10)

   599 syntax (latex_sum output)

   600   "_from_to_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b"

   601  ("(3\<^raw:$\sum_{>_ = _\<^raw:}^{>_\<^raw:}$> _)" [0,0,0,10] 10)

   602   "_from_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b"

   603  ("(3\<^raw:$\sum_{>_ = _\<^raw:}^{<>_\<^raw:}$> _)" [0,0,0,10] 10)

   604   "_upt_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b"

   605  ("(3\<^raw:$\sum_{>_ < _\<^raw:}$> _)" [0,0,10] 10)

   606   "_upto_setsum" :: "idt \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> 'b"

   607  ("(3\<^raw:$\sum_{>_ \<le> _\<^raw:}$> _)" [0,0,10] 10)

   608

   609 translations

   610   "\<Sum>x=a..b. t" == "setsum (%x. t) {a..b}"

   611   "\<Sum>x=a..<b. t" == "setsum (%x. t) {a..<b}"

   612   "\<Sum>i\<le>n. t" == "setsum (\<lambda>i. t) {..n}"

   613   "\<Sum>i<n. t" == "setsum (\<lambda>i. t) {..<n}"

   614

   615 text{* The above introduces some pretty alternative syntaxes for

   616 summation over intervals:

   617 \begin{center}

   618 \begin{tabular}{lll}

   619 Old & New & \LaTeX\\

   620 @{term[source]"\<Sum>x\<in>{a..b}. e"} & @{term"\<Sum>x=a..b. e"} & @{term[mode=latex_sum]"\<Sum>x=a..b. e"}\\

   621 @{term[source]"\<Sum>x\<in>{a..<b}. e"} & @{term"\<Sum>x=a..<b. e"} & @{term[mode=latex_sum]"\<Sum>x=a..<b. e"}\\

   622 @{term[source]"\<Sum>x\<in>{..b}. e"} & @{term"\<Sum>x\<le>b. e"} & @{term[mode=latex_sum]"\<Sum>x\<le>b. e"}\\

   623 @{term[source]"\<Sum>x\<in>{..<b}. e"} & @{term"\<Sum>x<b. e"} & @{term[mode=latex_sum]"\<Sum>x<b. e"}

   624 \end{tabular}

   625 \end{center}

   626 The left column shows the term before introduction of the new syntax,

   627 the middle column shows the new (default) syntax, and the right column

   628 shows a special syntax. The latter is only meaningful for latex output

   629 and has to be activated explicitly by setting the print mode to

   630 @{text latex_sum} (e.g.\ via @{text "mode = latex_sum"} in

   631 antiquotations). It is not the default \LaTeX\ output because it only

   632 works well with italic-style formulae, not tt-style.

   633

   634 Note that for uniformity on @{typ nat} it is better to use

   635 @{term"\<Sum>x::nat=0..<n. e"} rather than @{text"\<Sum>x<n. e"}: @{text setsum} may

   636 not provide all lemmas available for @{term"{m..<n}"} also in the

   637 special form for @{term"{..<n}"}. *}

   638

   639 text{* This congruence rule should be used for sums over intervals as

   640 the standard theorem @{text[source]setsum_cong} does not work well

   641 with the simplifier who adds the unsimplified premise @{term"x:B"} to

   642 the context. *}

   643

   644 lemma setsum_ivl_cong:

   645  "\<lbrakk>a = c; b = d; !!x. \<lbrakk> c \<le> x; x < d \<rbrakk> \<Longrightarrow> f x = g x \<rbrakk> \<Longrightarrow>

   646  setsum f {a..<b} = setsum g {c..<d}"

   647 by(rule setsum_cong, simp_all)

   648

   649 (* FIXME why are the following simp rules but the corresponding eqns

   650 on intervals are not? *)

   651

   652 lemma setsum_atMost_Suc[simp]: "(\<Sum>i \<le> Suc n. f i) = (\<Sum>i \<le> n. f i) + f(Suc n)"

   653 by (simp add:atMost_Suc add_ac)

   654

   655 lemma setsum_lessThan_Suc[simp]: "(\<Sum>i < Suc n. f i) = (\<Sum>i < n. f i) + f n"

   656 by (simp add:lessThan_Suc add_ac)

   657

   658 lemma setsum_cl_ivl_Suc[simp]:

   659   "setsum f {m..Suc n} = (if Suc n < m then 0 else setsum f {m..n} + f(Suc n))"

   660 by (auto simp:add_ac atLeastAtMostSuc_conv)

   661

   662 lemma setsum_op_ivl_Suc[simp]:

   663   "setsum f {m..<Suc n} = (if n < m then 0 else setsum f {m..<n} + f(n))"

   664 by (auto simp:add_ac atLeastLessThanSuc)

   665 (*

   666 lemma setsum_cl_ivl_add_one_nat: "(n::nat) <= m + 1 ==>

   667     (\<Sum>i=n..m+1. f i) = (\<Sum>i=n..m. f i) + f(m + 1)"

   668 by (auto simp:add_ac atLeastAtMostSuc_conv)

   669 *)

   670 lemma setsum_add_nat_ivl: "\<lbrakk> m \<le> n; n \<le> p \<rbrakk> \<Longrightarrow>

   671   setsum f {m..<n} + setsum f {n..<p} = setsum f {m..<p::nat}"

   672 by (simp add:setsum_Un_disjoint[symmetric] ivl_disj_int ivl_disj_un)

   673

   674 lemma setsum_diff_nat_ivl:

   675 fixes f :: "nat \<Rightarrow> 'a::ab_group_add"

   676 shows "\<lbrakk> m \<le> n; n \<le> p \<rbrakk> \<Longrightarrow>

   677   setsum f {m..<p} - setsum f {m..<n} = setsum f {n..<p}"

   678 using setsum_add_nat_ivl [of m n p f,symmetric]

   679 apply (simp add: add_ac)

   680 done

   681

   682 subsection{* Shifting bounds *}

   683

   684 lemma setsum_shift_bounds_nat_ivl:

   685   "setsum f {m+k..<n+k} = setsum (%i. f(i + k)){m..<n::nat}"

   686 by (induct "n", auto simp:atLeastLessThanSuc)

   687

   688 lemma setsum_shift_bounds_cl_nat_ivl:

   689   "setsum f {m+k..n+k} = setsum (%i. f(i + k)){m..n::nat}"

   690 apply (insert setsum_reindex[OF inj_on_add_nat, where h=f and B = "{m..n}"])

   691 apply (simp add:image_add_atLeastAtMost o_def)

   692 done

   693

   694 corollary setsum_shift_bounds_cl_Suc_ivl:

   695   "setsum f {Suc m..Suc n} = setsum (%i. f(Suc i)){m..n}"

   696 by (simp add:setsum_shift_bounds_cl_nat_ivl[where k=1,simplified])

   697

   698 corollary setsum_shift_bounds_Suc_ivl:

   699   "setsum f {Suc m..<Suc n} = setsum (%i. f(Suc i)){m..<n}"

   700 by (simp add:setsum_shift_bounds_nat_ivl[where k=1,simplified])

   701

   702 lemma setsum_head:

   703   fixes n :: nat

   704   assumes mn: "m <= n"

   705   shows "(\<Sum>x\<in>{m..n}. P x) = P m + (\<Sum>x\<in>{m<..n}. P x)" (is "?lhs = ?rhs")

   706 proof -

   707   from mn

   708   have "{m..n} = {m} \<union> {m<..n}"

   709     by (auto intro: ivl_disj_un_singleton)

   710   hence "?lhs = (\<Sum>x\<in>{m} \<union> {m<..n}. P x)"

   711     by (simp add: atLeast0LessThan)

   712   also have "\<dots> = ?rhs" by simp

   713   finally show ?thesis .

   714 qed

   715

   716 lemma setsum_head_upt:

   717   fixes m::nat

   718   assumes m: "0 < m"

   719   shows "(\<Sum>x<m. P x) = P 0 + (\<Sum>x\<in>{1..<m}. P x)"

   720 proof -

   721   have "(\<Sum>x<m. P x) = (\<Sum>x\<in>{0..<m}. P x)"

   722     by (simp add: atLeast0LessThan)

   723   also

   724   from m

   725   have "\<dots> = (\<Sum>x\<in>{0..m - 1}. P x)"

   726     by (cases m) (auto simp add: atLeastLessThanSuc_atLeastAtMost)

   727   also

   728   have "\<dots> = P 0 + (\<Sum>x\<in>{0<..m - 1}. P x)"

   729     by (simp add: setsum_head)

   730   also

   731   from m

   732   have "{0<..m - 1} = {1..<m}"

   733     by (cases m) (auto simp add: atLeastLessThanSuc_atLeastAtMost)

   734   finally show ?thesis .

   735 qed

   736

   737 subsection {* The formula for geometric sums *}

   738

   739 lemma geometric_sum:

   740   "x ~= 1 ==> (\<Sum>i=0..<n. x ^ i) =

   741   (x ^ n - 1) / (x - 1::'a::{field, recpower})"

   742   apply (induct "n", auto)

   743   apply (rule_tac c = "x - 1" in field_mult_cancel_right_lemma)

   744   apply (auto simp add: mult_assoc left_distrib)

   745   apply (simp add: times_divide_eq_right [symmetric] divide_self)

   746   apply (simp add: right_distrib diff_minus mult_commute power_Suc)

   747   done

   748

   749

   750 subsection {* The formula for arithmetic sums *}

   751

   752 lemma gauss_sum:

   753   "((1::'a::comm_semiring_1_cancel) + 1)*(\<Sum>i\<in>{1..n}. of_nat i) =

   754    of_nat n*((of_nat n)+1)"

   755 proof (induct n)

   756   case 0

   757   show ?case by simp

   758 next

   759   case (Suc n)

   760   then show ?case by (simp add: right_distrib add_assoc mult_ac)

   761 qed

   762

   763 theorem arith_series_general:

   764   "((1::'a::comm_semiring_1_cancel) + 1) * (\<Sum>i\<in>{..<n}. a + of_nat i * d) =

   765   of_nat n * (a + (a + of_nat(n - 1)*d))"

   766 proof cases

   767   assume ngt1: "n > 1"

   768   let ?I = "\<lambda>i. of_nat i" and ?n = "of_nat n"

   769   have

   770     "(\<Sum>i\<in>{..<n}. a+?I i*d) =

   771      ((\<Sum>i\<in>{..<n}. a) + (\<Sum>i\<in>{..<n}. ?I i*d))"

   772     by (rule setsum_addf)

   773   also from ngt1 have "\<dots> = ?n*a + (\<Sum>i\<in>{..<n}. ?I i*d)" by simp

   774   also from ngt1 have "\<dots> = (?n*a + d*(\<Sum>i\<in>{1..<n}. ?I i))"

   775     by (simp add: setsum_right_distrib setsum_head_upt mult_ac)

   776   also have "(1+1)*\<dots> = (1+1)*?n*a + d*(1+1)*(\<Sum>i\<in>{1..<n}. ?I i)"

   777     by (simp add: left_distrib right_distrib)

   778   also from ngt1 have "{1..<n} = {1..n - 1}"

   779     by (cases n) (auto simp: atLeastLessThanSuc_atLeastAtMost)

   780   also from ngt1

   781   have "(1+1)*?n*a + d*(1+1)*(\<Sum>i\<in>{1..n - 1}. ?I i) = ((1+1)*?n*a + d*?I (n - 1)*?I n)"

   782     by (simp only: mult_ac gauss_sum [of "n - 1"])

   783        (simp add:  mult_ac of_nat_Suc [symmetric])

   784   finally show ?thesis by (simp add: mult_ac add_ac right_distrib)

   785 next

   786   assume "\<not>(n > 1)"

   787   hence "n = 1 \<or> n = 0" by auto

   788   thus ?thesis by (auto simp: mult_ac right_distrib)

   789 qed

   790

   791 lemma arith_series_nat:

   792   "Suc (Suc 0) * (\<Sum>i\<in>{..<n}. a+i*d) = n * (a + (a+(n - 1)*d))"

   793 proof -

   794   have

   795     "((1::nat) + 1) * (\<Sum>i\<in>{..<n::nat}. a + of_nat(i)*d) =

   796     of_nat(n) * (a + (a + of_nat(n - 1)*d))"

   797     by (rule arith_series_general)

   798   thus ?thesis by (auto simp add: of_nat_id)

   799 qed

   800

   801 lemma arith_series_int:

   802   "(2::int) * (\<Sum>i\<in>{..<n}. a + of_nat i * d) =

   803   of_nat n * (a + (a + of_nat(n - 1)*d))"

   804 proof -

   805   have

   806     "((1::int) + 1) * (\<Sum>i\<in>{..<n}. a + of_nat i * d) =

   807     of_nat(n) * (a + (a + of_nat(n - 1)*d))"

   808     by (rule arith_series_general)

   809   thus ?thesis by simp

   810 qed

   811

   812 lemma sum_diff_distrib:

   813   fixes P::"nat\<Rightarrow>nat"

   814   shows

   815   "\<forall>x. Q x \<le> P x  \<Longrightarrow>

   816   (\<Sum>x<n. P x) - (\<Sum>x<n. Q x) = (\<Sum>x<n. P x - Q x)"

   817 proof (induct n)

   818   case 0 show ?case by simp

   819 next

   820   case (Suc n)

   821

   822   let ?lhs = "(\<Sum>x<n. P x) - (\<Sum>x<n. Q x)"

   823   let ?rhs = "\<Sum>x<n. P x - Q x"

   824

   825   from Suc have "?lhs = ?rhs" by simp

   826   moreover

   827   from Suc have "?lhs + P n - Q n = ?rhs + (P n - Q n)" by simp

   828   moreover

   829   from Suc have

   830     "(\<Sum>x<n. P x) + P n - ((\<Sum>x<n. Q x) + Q n) = ?rhs + (P n - Q n)"

   831     by (subst diff_diff_left[symmetric],

   832         subst diff_add_assoc2)

   833        (auto simp: diff_add_assoc2 intro: setsum_mono)

   834   ultimately

   835   show ?case by simp

   836 qed

   837

   838

   839 ML

   840 {*

   841 val Compl_atLeast = thm "Compl_atLeast";

   842 val Compl_atMost = thm "Compl_atMost";

   843 val Compl_greaterThan = thm "Compl_greaterThan";

   844 val Compl_lessThan = thm "Compl_lessThan";

   845 val INT_greaterThan_UNIV = thm "INT_greaterThan_UNIV";

   846 val UN_atLeast_UNIV = thm "UN_atLeast_UNIV";

   847 val UN_atMost_UNIV = thm "UN_atMost_UNIV";

   848 val UN_lessThan_UNIV = thm "UN_lessThan_UNIV";

   849 val atLeastAtMost_def = thm "atLeastAtMost_def";

   850 val atLeastAtMost_iff = thm "atLeastAtMost_iff";

   851 val atLeastLessThan_def  = thm "atLeastLessThan_def";

   852 val atLeastLessThan_iff = thm "atLeastLessThan_iff";

   853 val atLeast_0 = thm "atLeast_0";

   854 val atLeast_Suc = thm "atLeast_Suc";

   855 val atLeast_def      = thm "atLeast_def";

   856 val atLeast_iff = thm "atLeast_iff";

   857 val atMost_0 = thm "atMost_0";

   858 val atMost_Int_atLeast = thm "atMost_Int_atLeast";

   859 val atMost_Suc = thm "atMost_Suc";

   860 val atMost_def       = thm "atMost_def";

   861 val atMost_iff = thm "atMost_iff";

   862 val greaterThanAtMost_def  = thm "greaterThanAtMost_def";

   863 val greaterThanAtMost_iff = thm "greaterThanAtMost_iff";

   864 val greaterThanLessThan_def  = thm "greaterThanLessThan_def";

   865 val greaterThanLessThan_iff = thm "greaterThanLessThan_iff";

   866 val greaterThan_0 = thm "greaterThan_0";

   867 val greaterThan_Suc = thm "greaterThan_Suc";

   868 val greaterThan_def  = thm "greaterThan_def";

   869 val greaterThan_iff = thm "greaterThan_iff";

   870 val ivl_disj_int = thms "ivl_disj_int";

   871 val ivl_disj_int_one = thms "ivl_disj_int_one";

   872 val ivl_disj_int_singleton = thms "ivl_disj_int_singleton";

   873 val ivl_disj_int_two = thms "ivl_disj_int_two";

   874 val ivl_disj_un = thms "ivl_disj_un";

   875 val ivl_disj_un_one = thms "ivl_disj_un_one";

   876 val ivl_disj_un_singleton = thms "ivl_disj_un_singleton";

   877 val ivl_disj_un_two = thms "ivl_disj_un_two";

   878 val lessThan_0 = thm "lessThan_0";

   879 val lessThan_Suc = thm "lessThan_Suc";

   880 val lessThan_Suc_atMost = thm "lessThan_Suc_atMost";

   881 val lessThan_def     = thm "lessThan_def";

   882 val lessThan_iff = thm "lessThan_iff";

   883 val single_Diff_lessThan = thm "single_Diff_lessThan";

   884

   885 val bounded_nat_set_is_finite = thm "bounded_nat_set_is_finite";

   886 val finite_atMost = thm "finite_atMost";

   887 val finite_lessThan = thm "finite_lessThan";

   888 *}

   889

   890 end
`