src/HOL/Library/Extended_Nat.thy
 author hoelzl Tue Jul 19 14:35:44 2011 +0200 (2011-07-19) changeset 43919 a7e4fb1a0502 parent 43532 src/HOL/Library/Nat_Infinity.thy@d32d72ea3215 child 43921 e8511be08ddd permissions -rw-r--r--
rename Nat_Infinity (inat) to Extended_Nat (enat)
```     1 (*  Title:      HOL/Library/Extended_Nat.thy
```
```     2     Author:     David von Oheimb, TU Muenchen;  Florian Haftmann, TU Muenchen
```
```     3     Contributions: David Trachtenherz, TU Muenchen
```
```     4 *)
```
```     5
```
```     6 header {* Extended natural numbers (i.e. with infinity) *}
```
```     7
```
```     8 theory Extended_Nat
```
```     9 imports Main
```
```    10 begin
```
```    11
```
```    12 subsection {* Type definition *}
```
```    13
```
```    14 text {*
```
```    15   We extend the standard natural numbers by a special value indicating
```
```    16   infinity.
```
```    17 *}
```
```    18
```
```    19 datatype enat = Fin nat | Infty
```
```    20
```
```    21 notation (xsymbols)
```
```    22   Infty  ("\<infinity>")
```
```    23
```
```    24 notation (HTML output)
```
```    25   Infty  ("\<infinity>")
```
```    26
```
```    27
```
```    28 lemma not_Infty_eq[iff]: "(x ~= Infty) = (EX i. x = Fin i)"
```
```    29 by (cases x) auto
```
```    30
```
```    31 lemma not_Fin_eq [iff]: "(ALL y. x ~= Fin y) = (x = Infty)"
```
```    32 by (cases x) auto
```
```    33
```
```    34
```
```    35 primrec the_Fin :: "enat \<Rightarrow> nat"
```
```    36 where "the_Fin (Fin n) = n"
```
```    37
```
```    38
```
```    39 subsection {* Constructors and numbers *}
```
```    40
```
```    41 instantiation enat :: "{zero, one, number}"
```
```    42 begin
```
```    43
```
```    44 definition
```
```    45   "0 = Fin 0"
```
```    46
```
```    47 definition
```
```    48   [code_unfold]: "1 = Fin 1"
```
```    49
```
```    50 definition
```
```    51   [code_unfold, code del]: "number_of k = Fin (number_of k)"
```
```    52
```
```    53 instance ..
```
```    54
```
```    55 end
```
```    56
```
```    57 definition iSuc :: "enat \<Rightarrow> enat" where
```
```    58   "iSuc i = (case i of Fin n \<Rightarrow> Fin (Suc n) | \<infinity> \<Rightarrow> \<infinity>)"
```
```    59
```
```    60 lemma Fin_0: "Fin 0 = 0"
```
```    61   by (simp add: zero_enat_def)
```
```    62
```
```    63 lemma Fin_1: "Fin 1 = 1"
```
```    64   by (simp add: one_enat_def)
```
```    65
```
```    66 lemma Fin_number: "Fin (number_of k) = number_of k"
```
```    67   by (simp add: number_of_enat_def)
```
```    68
```
```    69 lemma one_iSuc: "1 = iSuc 0"
```
```    70   by (simp add: zero_enat_def one_enat_def iSuc_def)
```
```    71
```
```    72 lemma Infty_ne_i0 [simp]: "\<infinity> \<noteq> 0"
```
```    73   by (simp add: zero_enat_def)
```
```    74
```
```    75 lemma i0_ne_Infty [simp]: "0 \<noteq> \<infinity>"
```
```    76   by (simp add: zero_enat_def)
```
```    77
```
```    78 lemma zero_enat_eq [simp]:
```
```    79   "number_of k = (0\<Colon>enat) \<longleftrightarrow> number_of k = (0\<Colon>nat)"
```
```    80   "(0\<Colon>enat) = number_of k \<longleftrightarrow> number_of k = (0\<Colon>nat)"
```
```    81   unfolding zero_enat_def number_of_enat_def by simp_all
```
```    82
```
```    83 lemma one_enat_eq [simp]:
```
```    84   "number_of k = (1\<Colon>enat) \<longleftrightarrow> number_of k = (1\<Colon>nat)"
```
```    85   "(1\<Colon>enat) = number_of k \<longleftrightarrow> number_of k = (1\<Colon>nat)"
```
```    86   unfolding one_enat_def number_of_enat_def by simp_all
```
```    87
```
```    88 lemma zero_one_enat_neq [simp]:
```
```    89   "\<not> 0 = (1\<Colon>enat)"
```
```    90   "\<not> 1 = (0\<Colon>enat)"
```
```    91   unfolding zero_enat_def one_enat_def by simp_all
```
```    92
```
```    93 lemma Infty_ne_i1 [simp]: "\<infinity> \<noteq> 1"
```
```    94   by (simp add: one_enat_def)
```
```    95
```
```    96 lemma i1_ne_Infty [simp]: "1 \<noteq> \<infinity>"
```
```    97   by (simp add: one_enat_def)
```
```    98
```
```    99 lemma Infty_ne_number [simp]: "\<infinity> \<noteq> number_of k"
```
```   100   by (simp add: number_of_enat_def)
```
```   101
```
```   102 lemma number_ne_Infty [simp]: "number_of k \<noteq> \<infinity>"
```
```   103   by (simp add: number_of_enat_def)
```
```   104
```
```   105 lemma iSuc_Fin: "iSuc (Fin n) = Fin (Suc n)"
```
```   106   by (simp add: iSuc_def)
```
```   107
```
```   108 lemma iSuc_number_of: "iSuc (number_of k) = Fin (Suc (number_of k))"
```
```   109   by (simp add: iSuc_Fin number_of_enat_def)
```
```   110
```
```   111 lemma iSuc_Infty [simp]: "iSuc \<infinity> = \<infinity>"
```
```   112   by (simp add: iSuc_def)
```
```   113
```
```   114 lemma iSuc_ne_0 [simp]: "iSuc n \<noteq> 0"
```
```   115   by (simp add: iSuc_def zero_enat_def split: enat.splits)
```
```   116
```
```   117 lemma zero_ne_iSuc [simp]: "0 \<noteq> iSuc n"
```
```   118   by (rule iSuc_ne_0 [symmetric])
```
```   119
```
```   120 lemma iSuc_inject [simp]: "iSuc m = iSuc n \<longleftrightarrow> m = n"
```
```   121   by (simp add: iSuc_def split: enat.splits)
```
```   122
```
```   123 lemma number_of_enat_inject [simp]:
```
```   124   "(number_of k \<Colon> enat) = number_of l \<longleftrightarrow> (number_of k \<Colon> nat) = number_of l"
```
```   125   by (simp add: number_of_enat_def)
```
```   126
```
```   127
```
```   128 subsection {* Addition *}
```
```   129
```
```   130 instantiation enat :: comm_monoid_add
```
```   131 begin
```
```   132
```
```   133 definition [nitpick_simp]:
```
```   134   "m + n = (case m of \<infinity> \<Rightarrow> \<infinity> | Fin m \<Rightarrow> (case n of \<infinity> \<Rightarrow> \<infinity> | Fin n \<Rightarrow> Fin (m + n)))"
```
```   135
```
```   136 lemma plus_enat_simps [simp, code]:
```
```   137   "Fin m + Fin n = Fin (m + n)"
```
```   138   "\<infinity> + q = \<infinity>"
```
```   139   "q + \<infinity> = \<infinity>"
```
```   140   by (simp_all add: plus_enat_def split: enat.splits)
```
```   141
```
```   142 instance proof
```
```   143   fix n m q :: enat
```
```   144   show "n + m + q = n + (m + q)"
```
```   145     by (cases n, auto, cases m, auto, cases q, auto)
```
```   146   show "n + m = m + n"
```
```   147     by (cases n, auto, cases m, auto)
```
```   148   show "0 + n = n"
```
```   149     by (cases n) (simp_all add: zero_enat_def)
```
```   150 qed
```
```   151
```
```   152 end
```
```   153
```
```   154 lemma plus_enat_0 [simp]:
```
```   155   "0 + (q\<Colon>enat) = q"
```
```   156   "(q\<Colon>enat) + 0 = q"
```
```   157   by (simp_all add: plus_enat_def zero_enat_def split: enat.splits)
```
```   158
```
```   159 lemma plus_enat_number [simp]:
```
```   160   "(number_of k \<Colon> enat) + number_of l = (if k < Int.Pls then number_of l
```
```   161     else if l < Int.Pls then number_of k else number_of (k + l))"
```
```   162   unfolding number_of_enat_def plus_enat_simps nat_arith(1) if_distrib [symmetric, of _ Fin] ..
```
```   163
```
```   164 lemma iSuc_number [simp]:
```
```   165   "iSuc (number_of k) = (if neg (number_of k \<Colon> int) then 1 else number_of (Int.succ k))"
```
```   166   unfolding iSuc_number_of
```
```   167   unfolding one_enat_def number_of_enat_def Suc_nat_number_of if_distrib [symmetric] ..
```
```   168
```
```   169 lemma iSuc_plus_1:
```
```   170   "iSuc n = n + 1"
```
```   171   by (cases n) (simp_all add: iSuc_Fin one_enat_def)
```
```   172
```
```   173 lemma plus_1_iSuc:
```
```   174   "1 + q = iSuc q"
```
```   175   "q + 1 = iSuc q"
```
```   176 by (simp_all add: iSuc_plus_1 add_ac)
```
```   177
```
```   178 lemma iadd_Suc: "iSuc m + n = iSuc (m + n)"
```
```   179 by (simp_all add: iSuc_plus_1 add_ac)
```
```   180
```
```   181 lemma iadd_Suc_right: "m + iSuc n = iSuc (m + n)"
```
```   182 by (simp only: add_commute[of m] iadd_Suc)
```
```   183
```
```   184 lemma iadd_is_0: "(m + n = (0::enat)) = (m = 0 \<and> n = 0)"
```
```   185 by (cases m, cases n, simp_all add: zero_enat_def)
```
```   186
```
```   187 subsection {* Multiplication *}
```
```   188
```
```   189 instantiation enat :: comm_semiring_1
```
```   190 begin
```
```   191
```
```   192 definition times_enat_def [nitpick_simp]:
```
```   193   "m * n = (case m of \<infinity> \<Rightarrow> if n = 0 then 0 else \<infinity> | Fin m \<Rightarrow>
```
```   194     (case n of \<infinity> \<Rightarrow> if m = 0 then 0 else \<infinity> | Fin n \<Rightarrow> Fin (m * n)))"
```
```   195
```
```   196 lemma times_enat_simps [simp, code]:
```
```   197   "Fin m * Fin n = Fin (m * n)"
```
```   198   "\<infinity> * \<infinity> = \<infinity>"
```
```   199   "\<infinity> * Fin n = (if n = 0 then 0 else \<infinity>)"
```
```   200   "Fin m * \<infinity> = (if m = 0 then 0 else \<infinity>)"
```
```   201   unfolding times_enat_def zero_enat_def
```
```   202   by (simp_all split: enat.split)
```
```   203
```
```   204 instance proof
```
```   205   fix a b c :: enat
```
```   206   show "(a * b) * c = a * (b * c)"
```
```   207     unfolding times_enat_def zero_enat_def
```
```   208     by (simp split: enat.split)
```
```   209   show "a * b = b * a"
```
```   210     unfolding times_enat_def zero_enat_def
```
```   211     by (simp split: enat.split)
```
```   212   show "1 * a = a"
```
```   213     unfolding times_enat_def zero_enat_def one_enat_def
```
```   214     by (simp split: enat.split)
```
```   215   show "(a + b) * c = a * c + b * c"
```
```   216     unfolding times_enat_def zero_enat_def
```
```   217     by (simp split: enat.split add: left_distrib)
```
```   218   show "0 * a = 0"
```
```   219     unfolding times_enat_def zero_enat_def
```
```   220     by (simp split: enat.split)
```
```   221   show "a * 0 = 0"
```
```   222     unfolding times_enat_def zero_enat_def
```
```   223     by (simp split: enat.split)
```
```   224   show "(0::enat) \<noteq> 1"
```
```   225     unfolding zero_enat_def one_enat_def
```
```   226     by simp
```
```   227 qed
```
```   228
```
```   229 end
```
```   230
```
```   231 lemma mult_iSuc: "iSuc m * n = n + m * n"
```
```   232   unfolding iSuc_plus_1 by (simp add: algebra_simps)
```
```   233
```
```   234 lemma mult_iSuc_right: "m * iSuc n = m + m * n"
```
```   235   unfolding iSuc_plus_1 by (simp add: algebra_simps)
```
```   236
```
```   237 lemma of_nat_eq_Fin: "of_nat n = Fin n"
```
```   238   apply (induct n)
```
```   239   apply (simp add: Fin_0)
```
```   240   apply (simp add: plus_1_iSuc iSuc_Fin)
```
```   241   done
```
```   242
```
```   243 instance enat :: number_semiring
```
```   244 proof
```
```   245   fix n show "number_of (int n) = (of_nat n :: enat)"
```
```   246     unfolding number_of_enat_def number_of_int of_nat_id of_nat_eq_Fin ..
```
```   247 qed
```
```   248
```
```   249 instance enat :: semiring_char_0 proof
```
```   250   have "inj Fin" by (rule injI) simp
```
```   251   then show "inj (\<lambda>n. of_nat n :: enat)" by (simp add: of_nat_eq_Fin)
```
```   252 qed
```
```   253
```
```   254 lemma imult_is_0[simp]: "((m::enat) * n = 0) = (m = 0 \<or> n = 0)"
```
```   255 by(auto simp add: times_enat_def zero_enat_def split: enat.split)
```
```   256
```
```   257 lemma imult_is_Infty: "((a::enat) * b = \<infinity>) = (a = \<infinity> \<and> b \<noteq> 0 \<or> b = \<infinity> \<and> a \<noteq> 0)"
```
```   258 by(auto simp add: times_enat_def zero_enat_def split: enat.split)
```
```   259
```
```   260
```
```   261 subsection {* Subtraction *}
```
```   262
```
```   263 instantiation enat :: minus
```
```   264 begin
```
```   265
```
```   266 definition diff_enat_def:
```
```   267 "a - b = (case a of (Fin x) \<Rightarrow> (case b of (Fin y) \<Rightarrow> Fin (x - y) | \<infinity> \<Rightarrow> 0)
```
```   268           | \<infinity> \<Rightarrow> \<infinity>)"
```
```   269
```
```   270 instance ..
```
```   271
```
```   272 end
```
```   273
```
```   274 lemma idiff_Fin_Fin[simp,code]: "Fin a - Fin b = Fin (a - b)"
```
```   275 by(simp add: diff_enat_def)
```
```   276
```
```   277 lemma idiff_Infty[simp,code]: "\<infinity> - n = \<infinity>"
```
```   278 by(simp add: diff_enat_def)
```
```   279
```
```   280 lemma idiff_Infty_right[simp,code]: "Fin a - \<infinity> = 0"
```
```   281 by(simp add: diff_enat_def)
```
```   282
```
```   283 lemma idiff_0[simp]: "(0::enat) - n = 0"
```
```   284 by (cases n, simp_all add: zero_enat_def)
```
```   285
```
```   286 lemmas idiff_Fin_0[simp] = idiff_0[unfolded zero_enat_def]
```
```   287
```
```   288 lemma idiff_0_right[simp]: "(n::enat) - 0 = n"
```
```   289 by (cases n) (simp_all add: zero_enat_def)
```
```   290
```
```   291 lemmas idiff_Fin_0_right[simp] = idiff_0_right[unfolded zero_enat_def]
```
```   292
```
```   293 lemma idiff_self[simp]: "n \<noteq> \<infinity> \<Longrightarrow> (n::enat) - n = 0"
```
```   294 by(auto simp: zero_enat_def)
```
```   295
```
```   296 lemma iSuc_minus_iSuc [simp]: "iSuc n - iSuc m = n - m"
```
```   297 by(simp add: iSuc_def split: enat.split)
```
```   298
```
```   299 lemma iSuc_minus_1 [simp]: "iSuc n - 1 = n"
```
```   300 by(simp add: one_enat_def iSuc_Fin[symmetric] zero_enat_def[symmetric])
```
```   301
```
```   302 (*lemmas idiff_self_eq_0_Fin = idiff_self_eq_0[unfolded zero_enat_def]*)
```
```   303
```
```   304
```
```   305 subsection {* Ordering *}
```
```   306
```
```   307 instantiation enat :: linordered_ab_semigroup_add
```
```   308 begin
```
```   309
```
```   310 definition [nitpick_simp]:
```
```   311   "m \<le> n = (case n of Fin n1 \<Rightarrow> (case m of Fin m1 \<Rightarrow> m1 \<le> n1 | \<infinity> \<Rightarrow> False)
```
```   312     | \<infinity> \<Rightarrow> True)"
```
```   313
```
```   314 definition [nitpick_simp]:
```
```   315   "m < n = (case m of Fin m1 \<Rightarrow> (case n of Fin n1 \<Rightarrow> m1 < n1 | \<infinity> \<Rightarrow> True)
```
```   316     | \<infinity> \<Rightarrow> False)"
```
```   317
```
```   318 lemma enat_ord_simps [simp]:
```
```   319   "Fin m \<le> Fin n \<longleftrightarrow> m \<le> n"
```
```   320   "Fin m < Fin n \<longleftrightarrow> m < n"
```
```   321   "q \<le> \<infinity>"
```
```   322   "q < \<infinity> \<longleftrightarrow> q \<noteq> \<infinity>"
```
```   323   "\<infinity> \<le> q \<longleftrightarrow> q = \<infinity>"
```
```   324   "\<infinity> < q \<longleftrightarrow> False"
```
```   325   by (simp_all add: less_eq_enat_def less_enat_def split: enat.splits)
```
```   326
```
```   327 lemma enat_ord_code [code]:
```
```   328   "Fin m \<le> Fin n \<longleftrightarrow> m \<le> n"
```
```   329   "Fin m < Fin n \<longleftrightarrow> m < n"
```
```   330   "q \<le> \<infinity> \<longleftrightarrow> True"
```
```   331   "Fin m < \<infinity> \<longleftrightarrow> True"
```
```   332   "\<infinity> \<le> Fin n \<longleftrightarrow> False"
```
```   333   "\<infinity> < q \<longleftrightarrow> False"
```
```   334   by simp_all
```
```   335
```
```   336 instance by default
```
```   337   (auto simp add: less_eq_enat_def less_enat_def plus_enat_def split: enat.splits)
```
```   338
```
```   339 end
```
```   340
```
```   341 instance enat :: ordered_comm_semiring
```
```   342 proof
```
```   343   fix a b c :: enat
```
```   344   assume "a \<le> b" and "0 \<le> c"
```
```   345   thus "c * a \<le> c * b"
```
```   346     unfolding times_enat_def less_eq_enat_def zero_enat_def
```
```   347     by (simp split: enat.splits)
```
```   348 qed
```
```   349
```
```   350 lemma enat_ord_number [simp]:
```
```   351   "(number_of m \<Colon> enat) \<le> number_of n \<longleftrightarrow> (number_of m \<Colon> nat) \<le> number_of n"
```
```   352   "(number_of m \<Colon> enat) < number_of n \<longleftrightarrow> (number_of m \<Colon> nat) < number_of n"
```
```   353   by (simp_all add: number_of_enat_def)
```
```   354
```
```   355 lemma i0_lb [simp]: "(0\<Colon>enat) \<le> n"
```
```   356   by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   357
```
```   358 lemma ile0_eq [simp]: "n \<le> (0\<Colon>enat) \<longleftrightarrow> n = 0"
```
```   359 by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   360
```
```   361 lemma Infty_ileE [elim!]: "\<infinity> \<le> Fin m \<Longrightarrow> R"
```
```   362   by (simp add: zero_enat_def less_eq_enat_def split: enat.splits)
```
```   363
```
```   364 lemma Infty_ilessE [elim!]: "\<infinity> < Fin m \<Longrightarrow> R"
```
```   365   by simp
```
```   366
```
```   367 lemma not_iless0 [simp]: "\<not> n < (0\<Colon>enat)"
```
```   368   by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   369
```
```   370 lemma i0_less [simp]: "(0\<Colon>enat) < n \<longleftrightarrow> n \<noteq> 0"
```
```   371 by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   372
```
```   373 lemma iSuc_ile_mono [simp]: "iSuc n \<le> iSuc m \<longleftrightarrow> n \<le> m"
```
```   374   by (simp add: iSuc_def less_eq_enat_def split: enat.splits)
```
```   375
```
```   376 lemma iSuc_mono [simp]: "iSuc n < iSuc m \<longleftrightarrow> n < m"
```
```   377   by (simp add: iSuc_def less_enat_def split: enat.splits)
```
```   378
```
```   379 lemma ile_iSuc [simp]: "n \<le> iSuc n"
```
```   380   by (simp add: iSuc_def less_eq_enat_def split: enat.splits)
```
```   381
```
```   382 lemma not_iSuc_ilei0 [simp]: "\<not> iSuc n \<le> 0"
```
```   383   by (simp add: zero_enat_def iSuc_def less_eq_enat_def split: enat.splits)
```
```   384
```
```   385 lemma i0_iless_iSuc [simp]: "0 < iSuc n"
```
```   386   by (simp add: zero_enat_def iSuc_def less_enat_def split: enat.splits)
```
```   387
```
```   388 lemma iless_iSuc0[simp]: "(n < iSuc 0) = (n = 0)"
```
```   389 by (simp add: zero_enat_def iSuc_def less_enat_def split: enat.split)
```
```   390
```
```   391 lemma ileI1: "m < n \<Longrightarrow> iSuc m \<le> n"
```
```   392   by (simp add: iSuc_def less_eq_enat_def less_enat_def split: enat.splits)
```
```   393
```
```   394 lemma Suc_ile_eq: "Fin (Suc m) \<le> n \<longleftrightarrow> Fin m < n"
```
```   395   by (cases n) auto
```
```   396
```
```   397 lemma iless_Suc_eq [simp]: "Fin m < iSuc n \<longleftrightarrow> Fin m \<le> n"
```
```   398   by (auto simp add: iSuc_def less_enat_def split: enat.splits)
```
```   399
```
```   400 lemma imult_Infty: "(0::enat) < n \<Longrightarrow> \<infinity> * n = \<infinity>"
```
```   401 by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   402
```
```   403 lemma imult_Infty_right: "(0::enat) < n \<Longrightarrow> n * \<infinity> = \<infinity>"
```
```   404 by (simp add: zero_enat_def less_enat_def split: enat.splits)
```
```   405
```
```   406 lemma enat_0_less_mult_iff: "(0 < (m::enat) * n) = (0 < m \<and> 0 < n)"
```
```   407 by (simp only: i0_less imult_is_0, simp)
```
```   408
```
```   409 lemma mono_iSuc: "mono iSuc"
```
```   410 by(simp add: mono_def)
```
```   411
```
```   412
```
```   413 lemma min_enat_simps [simp]:
```
```   414   "min (Fin m) (Fin n) = Fin (min m n)"
```
```   415   "min q 0 = 0"
```
```   416   "min 0 q = 0"
```
```   417   "min q \<infinity> = q"
```
```   418   "min \<infinity> q = q"
```
```   419   by (auto simp add: min_def)
```
```   420
```
```   421 lemma max_enat_simps [simp]:
```
```   422   "max (Fin m) (Fin n) = Fin (max m n)"
```
```   423   "max q 0 = q"
```
```   424   "max 0 q = q"
```
```   425   "max q \<infinity> = \<infinity>"
```
```   426   "max \<infinity> q = \<infinity>"
```
```   427   by (simp_all add: max_def)
```
```   428
```
```   429 lemma Fin_ile: "n \<le> Fin m \<Longrightarrow> \<exists>k. n = Fin k"
```
```   430   by (cases n) simp_all
```
```   431
```
```   432 lemma Fin_iless: "n < Fin m \<Longrightarrow> \<exists>k. n = Fin k"
```
```   433   by (cases n) simp_all
```
```   434
```
```   435 lemma chain_incr: "\<forall>i. \<exists>j. Y i < Y j ==> \<exists>j. Fin k < Y j"
```
```   436 apply (induct_tac k)
```
```   437  apply (simp (no_asm) only: Fin_0)
```
```   438  apply (fast intro: le_less_trans [OF i0_lb])
```
```   439 apply (erule exE)
```
```   440 apply (drule spec)
```
```   441 apply (erule exE)
```
```   442 apply (drule ileI1)
```
```   443 apply (rule iSuc_Fin [THEN subst])
```
```   444 apply (rule exI)
```
```   445 apply (erule (1) le_less_trans)
```
```   446 done
```
```   447
```
```   448 instantiation enat :: "{bot, top}"
```
```   449 begin
```
```   450
```
```   451 definition bot_enat :: enat where
```
```   452   "bot_enat = 0"
```
```   453
```
```   454 definition top_enat :: enat where
```
```   455   "top_enat = \<infinity>"
```
```   456
```
```   457 instance proof
```
```   458 qed (simp_all add: bot_enat_def top_enat_def)
```
```   459
```
```   460 end
```
```   461
```
```   462 lemma finite_Fin_bounded:
```
```   463   assumes le_fin: "\<And>y. y \<in> A \<Longrightarrow> y \<le> Fin n"
```
```   464   shows "finite A"
```
```   465 proof (rule finite_subset)
```
```   466   show "finite (Fin ` {..n})" by blast
```
```   467
```
```   468   have "A \<subseteq> {..Fin n}" using le_fin by fastsimp
```
```   469   also have "\<dots> \<subseteq> Fin ` {..n}"
```
```   470     by (rule subsetI) (case_tac x, auto)
```
```   471   finally show "A \<subseteq> Fin ` {..n}" .
```
```   472 qed
```
```   473
```
```   474
```
```   475 subsection {* Well-ordering *}
```
```   476
```
```   477 lemma less_FinE:
```
```   478   "[| n < Fin m; !!k. n = Fin k ==> k < m ==> P |] ==> P"
```
```   479 by (induct n) auto
```
```   480
```
```   481 lemma less_InftyE:
```
```   482   "[| n < Infty; !!k. n = Fin k ==> P |] ==> P"
```
```   483 by (induct n) auto
```
```   484
```
```   485 lemma enat_less_induct:
```
```   486   assumes prem: "!!n. \<forall>m::enat. m < n --> P m ==> P n" shows "P n"
```
```   487 proof -
```
```   488   have P_Fin: "!!k. P (Fin k)"
```
```   489     apply (rule nat_less_induct)
```
```   490     apply (rule prem, clarify)
```
```   491     apply (erule less_FinE, simp)
```
```   492     done
```
```   493   show ?thesis
```
```   494   proof (induct n)
```
```   495     fix nat
```
```   496     show "P (Fin nat)" by (rule P_Fin)
```
```   497   next
```
```   498     show "P Infty"
```
```   499       apply (rule prem, clarify)
```
```   500       apply (erule less_InftyE)
```
```   501       apply (simp add: P_Fin)
```
```   502       done
```
```   503   qed
```
```   504 qed
```
```   505
```
```   506 instance enat :: wellorder
```
```   507 proof
```
```   508   fix P and n
```
```   509   assume hyp: "(\<And>n\<Colon>enat. (\<And>m\<Colon>enat. m < n \<Longrightarrow> P m) \<Longrightarrow> P n)"
```
```   510   show "P n" by (blast intro: enat_less_induct hyp)
```
```   511 qed
```
```   512
```
```   513 subsection {* Complete Lattice *}
```
```   514
```
```   515 instantiation enat :: complete_lattice
```
```   516 begin
```
```   517
```
```   518 definition inf_enat :: "enat \<Rightarrow> enat \<Rightarrow> enat" where
```
```   519   "inf_enat \<equiv> min"
```
```   520
```
```   521 definition sup_enat :: "enat \<Rightarrow> enat \<Rightarrow> enat" where
```
```   522   "sup_enat \<equiv> max"
```
```   523
```
```   524 definition Inf_enat :: "enat set \<Rightarrow> enat" where
```
```   525   "Inf_enat A \<equiv> if A = {} then \<infinity> else (LEAST x. x \<in> A)"
```
```   526
```
```   527 definition Sup_enat :: "enat set \<Rightarrow> enat" where
```
```   528   "Sup_enat A \<equiv> if A = {} then 0
```
```   529     else if finite A then Max A
```
```   530                      else \<infinity>"
```
```   531 instance proof
```
```   532   fix x :: "enat" and A :: "enat set"
```
```   533   { assume "x \<in> A" then show "Inf A \<le> x"
```
```   534       unfolding Inf_enat_def by (auto intro: Least_le) }
```
```   535   { assume "\<And>y. y \<in> A \<Longrightarrow> x \<le> y" then show "x \<le> Inf A"
```
```   536       unfolding Inf_enat_def
```
```   537       by (cases "A = {}") (auto intro: LeastI2_ex) }
```
```   538   { assume "x \<in> A" then show "x \<le> Sup A"
```
```   539       unfolding Sup_enat_def by (cases "finite A") auto }
```
```   540   { assume "\<And>y. y \<in> A \<Longrightarrow> y \<le> x" then show "Sup A \<le> x"
```
```   541       unfolding Sup_enat_def using finite_Fin_bounded by auto }
```
```   542 qed (simp_all add: inf_enat_def sup_enat_def)
```
```   543 end
```
```   544
```
```   545
```
```   546 subsection {* Traditional theorem names *}
```
```   547
```
```   548 lemmas enat_defs = zero_enat_def one_enat_def number_of_enat_def iSuc_def
```
```   549   plus_enat_def less_eq_enat_def less_enat_def
```
```   550
```
```   551 end
```