src/ZF/OrderArith.thy
 author wenzelm Sun Apr 15 23:25:52 2007 +0200 (2007-04-15 ago) changeset 22710 f44439cdce77 parent 16417 9bc16273c2d4 child 24893 b8ef7afe3a6b permissions -rw-r--r--
read prop as prop, not term;
```     1 (*  Title:      ZF/OrderArith.thy
```
```     2     ID:         \$Id\$
```
```     3     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
```
```     4     Copyright   1994  University of Cambridge
```
```     5
```
```     6 *)
```
```     7
```
```     8 header{*Combining Orderings: Foundations of Ordinal Arithmetic*}
```
```     9
```
```    10 theory OrderArith imports Order Sum Ordinal begin
```
```    11 constdefs
```
```    12
```
```    13   (*disjoint sum of two relations; underlies ordinal addition*)
```
```    14   radd    :: "[i,i,i,i]=>i"
```
```    15     "radd(A,r,B,s) ==
```
```    16                 {z: (A+B) * (A+B).
```
```    17                     (EX x y. z = <Inl(x), Inr(y)>)   |
```
```    18                     (EX x' x. z = <Inl(x'), Inl(x)> & <x',x>:r)   |
```
```    19                     (EX y' y. z = <Inr(y'), Inr(y)> & <y',y>:s)}"
```
```    20
```
```    21   (*lexicographic product of two relations; underlies ordinal multiplication*)
```
```    22   rmult   :: "[i,i,i,i]=>i"
```
```    23     "rmult(A,r,B,s) ==
```
```    24                 {z: (A*B) * (A*B).
```
```    25                     EX x' y' x y. z = <<x',y'>, <x,y>> &
```
```    26                        (<x',x>: r | (x'=x & <y',y>: s))}"
```
```    27
```
```    28   (*inverse image of a relation*)
```
```    29   rvimage :: "[i,i,i]=>i"
```
```    30     "rvimage(A,f,r) == {z: A*A. EX x y. z = <x,y> & <f`x,f`y>: r}"
```
```    31
```
```    32   measure :: "[i, i\<Rightarrow>i] \<Rightarrow> i"
```
```    33     "measure(A,f) == {<x,y>: A*A. f(x) < f(y)}"
```
```    34
```
```    35
```
```    36 subsection{*Addition of Relations -- Disjoint Sum*}
```
```    37
```
```    38 subsubsection{*Rewrite rules.  Can be used to obtain introduction rules*}
```
```    39
```
```    40 lemma radd_Inl_Inr_iff [iff]:
```
```    41     "<Inl(a), Inr(b)> : radd(A,r,B,s)  <->  a:A & b:B"
```
```    42 by (unfold radd_def, blast)
```
```    43
```
```    44 lemma radd_Inl_iff [iff]:
```
```    45     "<Inl(a'), Inl(a)> : radd(A,r,B,s)  <->  a':A & a:A & <a',a>:r"
```
```    46 by (unfold radd_def, blast)
```
```    47
```
```    48 lemma radd_Inr_iff [iff]:
```
```    49     "<Inr(b'), Inr(b)> : radd(A,r,B,s) <->  b':B & b:B & <b',b>:s"
```
```    50 by (unfold radd_def, blast)
```
```    51
```
```    52 lemma radd_Inr_Inl_iff [simp]:
```
```    53     "<Inr(b), Inl(a)> : radd(A,r,B,s) <-> False"
```
```    54 by (unfold radd_def, blast)
```
```    55
```
```    56 declare radd_Inr_Inl_iff [THEN iffD1, dest!]
```
```    57
```
```    58 subsubsection{*Elimination Rule*}
```
```    59
```
```    60 lemma raddE:
```
```    61     "[| <p',p> : radd(A,r,B,s);
```
```    62         !!x y. [| p'=Inl(x); x:A; p=Inr(y); y:B |] ==> Q;
```
```    63         !!x' x. [| p'=Inl(x'); p=Inl(x); <x',x>: r; x':A; x:A |] ==> Q;
```
```    64         !!y' y. [| p'=Inr(y'); p=Inr(y); <y',y>: s; y':B; y:B |] ==> Q
```
```    65      |] ==> Q"
```
```    66 by (unfold radd_def, blast)
```
```    67
```
```    68 subsubsection{*Type checking*}
```
```    69
```
```    70 lemma radd_type: "radd(A,r,B,s) <= (A+B) * (A+B)"
```
```    71 apply (unfold radd_def)
```
```    72 apply (rule Collect_subset)
```
```    73 done
```
```    74
```
```    75 lemmas field_radd = radd_type [THEN field_rel_subset]
```
```    76
```
```    77 subsubsection{*Linearity*}
```
```    78
```
```    79 lemma linear_radd:
```
```    80     "[| linear(A,r);  linear(B,s) |] ==> linear(A+B,radd(A,r,B,s))"
```
```    81 by (unfold linear_def, blast)
```
```    82
```
```    83
```
```    84 subsubsection{*Well-foundedness*}
```
```    85
```
```    86 lemma wf_on_radd: "[| wf[A](r);  wf[B](s) |] ==> wf[A+B](radd(A,r,B,s))"
```
```    87 apply (rule wf_onI2)
```
```    88 apply (subgoal_tac "ALL x:A. Inl (x) : Ba")
```
```    89  --{*Proving the lemma, which is needed twice!*}
```
```    90  prefer 2
```
```    91  apply (erule_tac V = "y : A + B" in thin_rl)
```
```    92  apply (rule_tac ballI)
```
```    93  apply (erule_tac r = r and a = x in wf_on_induct, assumption)
```
```    94  apply blast
```
```    95 txt{*Returning to main part of proof*}
```
```    96 apply safe
```
```    97 apply blast
```
```    98 apply (erule_tac r = s and a = ya in wf_on_induct, assumption, blast)
```
```    99 done
```
```   100
```
```   101 lemma wf_radd: "[| wf(r);  wf(s) |] ==> wf(radd(field(r),r,field(s),s))"
```
```   102 apply (simp add: wf_iff_wf_on_field)
```
```   103 apply (rule wf_on_subset_A [OF _ field_radd])
```
```   104 apply (blast intro: wf_on_radd)
```
```   105 done
```
```   106
```
```   107 lemma well_ord_radd:
```
```   108      "[| well_ord(A,r);  well_ord(B,s) |] ==> well_ord(A+B, radd(A,r,B,s))"
```
```   109 apply (rule well_ordI)
```
```   110 apply (simp add: well_ord_def wf_on_radd)
```
```   111 apply (simp add: well_ord_def tot_ord_def linear_radd)
```
```   112 done
```
```   113
```
```   114 subsubsection{*An @{term ord_iso} congruence law*}
```
```   115
```
```   116 lemma sum_bij:
```
```   117      "[| f: bij(A,C);  g: bij(B,D) |]
```
```   118       ==> (lam z:A+B. case(%x. Inl(f`x), %y. Inr(g`y), z)) : bij(A+B, C+D)"
```
```   119 apply (rule_tac d = "case (%x. Inl (converse(f)`x), %y. Inr(converse(g)`y))"
```
```   120        in lam_bijective)
```
```   121 apply (typecheck add: bij_is_inj inj_is_fun)
```
```   122 apply (auto simp add: left_inverse_bij right_inverse_bij)
```
```   123 done
```
```   124
```
```   125 lemma sum_ord_iso_cong:
```
```   126     "[| f: ord_iso(A,r,A',r');  g: ord_iso(B,s,B',s') |] ==>
```
```   127             (lam z:A+B. case(%x. Inl(f`x), %y. Inr(g`y), z))
```
```   128             : ord_iso(A+B, radd(A,r,B,s), A'+B', radd(A',r',B',s'))"
```
```   129 apply (unfold ord_iso_def)
```
```   130 apply (safe intro!: sum_bij)
```
```   131 (*Do the beta-reductions now*)
```
```   132 apply (auto cong add: conj_cong simp add: bij_is_fun [THEN apply_type])
```
```   133 done
```
```   134
```
```   135 (*Could we prove an ord_iso result?  Perhaps
```
```   136      ord_iso(A+B, radd(A,r,B,s), A Un B, r Un s) *)
```
```   137 lemma sum_disjoint_bij: "A Int B = 0 ==>
```
```   138             (lam z:A+B. case(%x. x, %y. y, z)) : bij(A+B, A Un B)"
```
```   139 apply (rule_tac d = "%z. if z:A then Inl (z) else Inr (z) " in lam_bijective)
```
```   140 apply auto
```
```   141 done
```
```   142
```
```   143 subsubsection{*Associativity*}
```
```   144
```
```   145 lemma sum_assoc_bij:
```
```   146      "(lam z:(A+B)+C. case(case(Inl, %y. Inr(Inl(y))), %y. Inr(Inr(y)), z))
```
```   147       : bij((A+B)+C, A+(B+C))"
```
```   148 apply (rule_tac d = "case (%x. Inl (Inl (x)), case (%x. Inl (Inr (x)), Inr))"
```
```   149        in lam_bijective)
```
```   150 apply auto
```
```   151 done
```
```   152
```
```   153 lemma sum_assoc_ord_iso:
```
```   154      "(lam z:(A+B)+C. case(case(Inl, %y. Inr(Inl(y))), %y. Inr(Inr(y)), z))
```
```   155       : ord_iso((A+B)+C, radd(A+B, radd(A,r,B,s), C, t),
```
```   156                 A+(B+C), radd(A, r, B+C, radd(B,s,C,t)))"
```
```   157 by (rule sum_assoc_bij [THEN ord_isoI], auto)
```
```   158
```
```   159
```
```   160 subsection{*Multiplication of Relations -- Lexicographic Product*}
```
```   161
```
```   162 subsubsection{*Rewrite rule.  Can be used to obtain introduction rules*}
```
```   163
```
```   164 lemma  rmult_iff [iff]:
```
```   165     "<<a',b'>, <a,b>> : rmult(A,r,B,s) <->
```
```   166             (<a',a>: r  & a':A & a:A & b': B & b: B) |
```
```   167             (<b',b>: s  & a'=a & a:A & b': B & b: B)"
```
```   168
```
```   169 by (unfold rmult_def, blast)
```
```   170
```
```   171 lemma rmultE:
```
```   172     "[| <<a',b'>, <a,b>> : rmult(A,r,B,s);
```
```   173         [| <a',a>: r;  a':A;  a:A;  b':B;  b:B |] ==> Q;
```
```   174         [| <b',b>: s;  a:A;  a'=a;  b':B;  b:B |] ==> Q
```
```   175      |] ==> Q"
```
```   176 by blast
```
```   177
```
```   178 subsubsection{*Type checking*}
```
```   179
```
```   180 lemma rmult_type: "rmult(A,r,B,s) <= (A*B) * (A*B)"
```
```   181 by (unfold rmult_def, rule Collect_subset)
```
```   182
```
```   183 lemmas field_rmult = rmult_type [THEN field_rel_subset]
```
```   184
```
```   185 subsubsection{*Linearity*}
```
```   186
```
```   187 lemma linear_rmult:
```
```   188     "[| linear(A,r);  linear(B,s) |] ==> linear(A*B,rmult(A,r,B,s))"
```
```   189 by (simp add: linear_def, blast)
```
```   190
```
```   191 subsubsection{*Well-foundedness*}
```
```   192
```
```   193 lemma wf_on_rmult: "[| wf[A](r);  wf[B](s) |] ==> wf[A*B](rmult(A,r,B,s))"
```
```   194 apply (rule wf_onI2)
```
```   195 apply (erule SigmaE)
```
```   196 apply (erule ssubst)
```
```   197 apply (subgoal_tac "ALL b:B. <x,b>: Ba", blast)
```
```   198 apply (erule_tac a = x in wf_on_induct, assumption)
```
```   199 apply (rule ballI)
```
```   200 apply (erule_tac a = b in wf_on_induct, assumption)
```
```   201 apply (best elim!: rmultE bspec [THEN mp])
```
```   202 done
```
```   203
```
```   204
```
```   205 lemma wf_rmult: "[| wf(r);  wf(s) |] ==> wf(rmult(field(r),r,field(s),s))"
```
```   206 apply (simp add: wf_iff_wf_on_field)
```
```   207 apply (rule wf_on_subset_A [OF _ field_rmult])
```
```   208 apply (blast intro: wf_on_rmult)
```
```   209 done
```
```   210
```
```   211 lemma well_ord_rmult:
```
```   212      "[| well_ord(A,r);  well_ord(B,s) |] ==> well_ord(A*B, rmult(A,r,B,s))"
```
```   213 apply (rule well_ordI)
```
```   214 apply (simp add: well_ord_def wf_on_rmult)
```
```   215 apply (simp add: well_ord_def tot_ord_def linear_rmult)
```
```   216 done
```
```   217
```
```   218
```
```   219 subsubsection{*An @{term ord_iso} congruence law*}
```
```   220
```
```   221 lemma prod_bij:
```
```   222      "[| f: bij(A,C);  g: bij(B,D) |]
```
```   223       ==> (lam <x,y>:A*B. <f`x, g`y>) : bij(A*B, C*D)"
```
```   224 apply (rule_tac d = "%<x,y>. <converse (f) `x, converse (g) `y>"
```
```   225        in lam_bijective)
```
```   226 apply (typecheck add: bij_is_inj inj_is_fun)
```
```   227 apply (auto simp add: left_inverse_bij right_inverse_bij)
```
```   228 done
```
```   229
```
```   230 lemma prod_ord_iso_cong:
```
```   231     "[| f: ord_iso(A,r,A',r');  g: ord_iso(B,s,B',s') |]
```
```   232      ==> (lam <x,y>:A*B. <f`x, g`y>)
```
```   233          : ord_iso(A*B, rmult(A,r,B,s), A'*B', rmult(A',r',B',s'))"
```
```   234 apply (unfold ord_iso_def)
```
```   235 apply (safe intro!: prod_bij)
```
```   236 apply (simp_all add: bij_is_fun [THEN apply_type])
```
```   237 apply (blast intro: bij_is_inj [THEN inj_apply_equality])
```
```   238 done
```
```   239
```
```   240 lemma singleton_prod_bij: "(lam z:A. <x,z>) : bij(A, {x}*A)"
```
```   241 by (rule_tac d = snd in lam_bijective, auto)
```
```   242
```
```   243 (*Used??*)
```
```   244 lemma singleton_prod_ord_iso:
```
```   245      "well_ord({x},xr) ==>
```
```   246           (lam z:A. <x,z>) : ord_iso(A, r, {x}*A, rmult({x}, xr, A, r))"
```
```   247 apply (rule singleton_prod_bij [THEN ord_isoI])
```
```   248 apply (simp (no_asm_simp))
```
```   249 apply (blast dest: well_ord_is_wf [THEN wf_on_not_refl])
```
```   250 done
```
```   251
```
```   252 (*Here we build a complicated function term, then simplify it using
```
```   253   case_cong, id_conv, comp_lam, case_case.*)
```
```   254 lemma prod_sum_singleton_bij:
```
```   255      "a~:C ==>
```
```   256        (lam x:C*B + D. case(%x. x, %y.<a,y>, x))
```
```   257        : bij(C*B + D, C*B Un {a}*D)"
```
```   258 apply (rule subst_elem)
```
```   259 apply (rule id_bij [THEN sum_bij, THEN comp_bij])
```
```   260 apply (rule singleton_prod_bij)
```
```   261 apply (rule sum_disjoint_bij, blast)
```
```   262 apply (simp (no_asm_simp) cong add: case_cong)
```
```   263 apply (rule comp_lam [THEN trans, symmetric])
```
```   264 apply (fast elim!: case_type)
```
```   265 apply (simp (no_asm_simp) add: case_case)
```
```   266 done
```
```   267
```
```   268 lemma prod_sum_singleton_ord_iso:
```
```   269  "[| a:A;  well_ord(A,r) |] ==>
```
```   270     (lam x:pred(A,a,r)*B + pred(B,b,s). case(%x. x, %y.<a,y>, x))
```
```   271     : ord_iso(pred(A,a,r)*B + pred(B,b,s),
```
```   272                   radd(A*B, rmult(A,r,B,s), B, s),
```
```   273               pred(A,a,r)*B Un {a}*pred(B,b,s), rmult(A,r,B,s))"
```
```   274 apply (rule prod_sum_singleton_bij [THEN ord_isoI])
```
```   275 apply (simp (no_asm_simp) add: pred_iff well_ord_is_wf [THEN wf_on_not_refl])
```
```   276 apply (auto elim!: well_ord_is_wf [THEN wf_on_asym] predE)
```
```   277 done
```
```   278
```
```   279 subsubsection{*Distributive law*}
```
```   280
```
```   281 lemma sum_prod_distrib_bij:
```
```   282      "(lam <x,z>:(A+B)*C. case(%y. Inl(<y,z>), %y. Inr(<y,z>), x))
```
```   283       : bij((A+B)*C, (A*C)+(B*C))"
```
```   284 by (rule_tac d = "case (%<x,y>.<Inl (x),y>, %<x,y>.<Inr (x),y>) "
```
```   285     in lam_bijective, auto)
```
```   286
```
```   287 lemma sum_prod_distrib_ord_iso:
```
```   288  "(lam <x,z>:(A+B)*C. case(%y. Inl(<y,z>), %y. Inr(<y,z>), x))
```
```   289   : ord_iso((A+B)*C, rmult(A+B, radd(A,r,B,s), C, t),
```
```   290             (A*C)+(B*C), radd(A*C, rmult(A,r,C,t), B*C, rmult(B,s,C,t)))"
```
```   291 by (rule sum_prod_distrib_bij [THEN ord_isoI], auto)
```
```   292
```
```   293 subsubsection{*Associativity*}
```
```   294
```
```   295 lemma prod_assoc_bij:
```
```   296      "(lam <<x,y>, z>:(A*B)*C. <x,<y,z>>) : bij((A*B)*C, A*(B*C))"
```
```   297 by (rule_tac d = "%<x, <y,z>>. <<x,y>, z>" in lam_bijective, auto)
```
```   298
```
```   299 lemma prod_assoc_ord_iso:
```
```   300  "(lam <<x,y>, z>:(A*B)*C. <x,<y,z>>)
```
```   301   : ord_iso((A*B)*C, rmult(A*B, rmult(A,r,B,s), C, t),
```
```   302             A*(B*C), rmult(A, r, B*C, rmult(B,s,C,t)))"
```
```   303 by (rule prod_assoc_bij [THEN ord_isoI], auto)
```
```   304
```
```   305 subsection{*Inverse Image of a Relation*}
```
```   306
```
```   307 subsubsection{*Rewrite rule*}
```
```   308
```
```   309 lemma rvimage_iff: "<a,b> : rvimage(A,f,r)  <->  <f`a,f`b>: r & a:A & b:A"
```
```   310 by (unfold rvimage_def, blast)
```
```   311
```
```   312 subsubsection{*Type checking*}
```
```   313
```
```   314 lemma rvimage_type: "rvimage(A,f,r) <= A*A"
```
```   315 by (unfold rvimage_def, rule Collect_subset)
```
```   316
```
```   317 lemmas field_rvimage = rvimage_type [THEN field_rel_subset]
```
```   318
```
```   319 lemma rvimage_converse: "rvimage(A,f, converse(r)) = converse(rvimage(A,f,r))"
```
```   320 by (unfold rvimage_def, blast)
```
```   321
```
```   322
```
```   323 subsubsection{*Partial Ordering Properties*}
```
```   324
```
```   325 lemma irrefl_rvimage:
```
```   326     "[| f: inj(A,B);  irrefl(B,r) |] ==> irrefl(A, rvimage(A,f,r))"
```
```   327 apply (unfold irrefl_def rvimage_def)
```
```   328 apply (blast intro: inj_is_fun [THEN apply_type])
```
```   329 done
```
```   330
```
```   331 lemma trans_on_rvimage:
```
```   332     "[| f: inj(A,B);  trans[B](r) |] ==> trans[A](rvimage(A,f,r))"
```
```   333 apply (unfold trans_on_def rvimage_def)
```
```   334 apply (blast intro: inj_is_fun [THEN apply_type])
```
```   335 done
```
```   336
```
```   337 lemma part_ord_rvimage:
```
```   338     "[| f: inj(A,B);  part_ord(B,r) |] ==> part_ord(A, rvimage(A,f,r))"
```
```   339 apply (unfold part_ord_def)
```
```   340 apply (blast intro!: irrefl_rvimage trans_on_rvimage)
```
```   341 done
```
```   342
```
```   343 subsubsection{*Linearity*}
```
```   344
```
```   345 lemma linear_rvimage:
```
```   346     "[| f: inj(A,B);  linear(B,r) |] ==> linear(A,rvimage(A,f,r))"
```
```   347 apply (simp add: inj_def linear_def rvimage_iff)
```
```   348 apply (blast intro: apply_funtype)
```
```   349 done
```
```   350
```
```   351 lemma tot_ord_rvimage:
```
```   352     "[| f: inj(A,B);  tot_ord(B,r) |] ==> tot_ord(A, rvimage(A,f,r))"
```
```   353 apply (unfold tot_ord_def)
```
```   354 apply (blast intro!: part_ord_rvimage linear_rvimage)
```
```   355 done
```
```   356
```
```   357
```
```   358 subsubsection{*Well-foundedness*}
```
```   359
```
```   360 lemma wf_rvimage [intro!]: "wf(r) ==> wf(rvimage(A,f,r))"
```
```   361 apply (simp (no_asm_use) add: rvimage_def wf_eq_minimal)
```
```   362 apply clarify
```
```   363 apply (subgoal_tac "EX w. w : {w: {f`x. x:Q}. EX x. x: Q & (f`x = w) }")
```
```   364  apply (erule allE)
```
```   365  apply (erule impE)
```
```   366  apply assumption
```
```   367  apply blast
```
```   368 apply blast
```
```   369 done
```
```   370
```
```   371 text{*But note that the combination of @{text wf_imp_wf_on} and
```
```   372  @{text wf_rvimage} gives @{prop "wf(r) ==> wf[C](rvimage(A,f,r))"}*}
```
```   373 lemma wf_on_rvimage: "[| f: A->B;  wf[B](r) |] ==> wf[A](rvimage(A,f,r))"
```
```   374 apply (rule wf_onI2)
```
```   375 apply (subgoal_tac "ALL z:A. f`z=f`y --> z: Ba")
```
```   376  apply blast
```
```   377 apply (erule_tac a = "f`y" in wf_on_induct)
```
```   378  apply (blast intro!: apply_funtype)
```
```   379 apply (blast intro!: apply_funtype dest!: rvimage_iff [THEN iffD1])
```
```   380 done
```
```   381
```
```   382 (*Note that we need only wf[A](...) and linear(A,...) to get the result!*)
```
```   383 lemma well_ord_rvimage:
```
```   384      "[| f: inj(A,B);  well_ord(B,r) |] ==> well_ord(A, rvimage(A,f,r))"
```
```   385 apply (rule well_ordI)
```
```   386 apply (unfold well_ord_def tot_ord_def)
```
```   387 apply (blast intro!: wf_on_rvimage inj_is_fun)
```
```   388 apply (blast intro!: linear_rvimage)
```
```   389 done
```
```   390
```
```   391 lemma ord_iso_rvimage:
```
```   392     "f: bij(A,B) ==> f: ord_iso(A, rvimage(A,f,s), B, s)"
```
```   393 apply (unfold ord_iso_def)
```
```   394 apply (simp add: rvimage_iff)
```
```   395 done
```
```   396
```
```   397 lemma ord_iso_rvimage_eq:
```
```   398     "f: ord_iso(A,r, B,s) ==> rvimage(A,f,s) = r Int A*A"
```
```   399 by (unfold ord_iso_def rvimage_def, blast)
```
```   400
```
```   401
```
```   402 subsection{*Every well-founded relation is a subset of some inverse image of
```
```   403       an ordinal*}
```
```   404
```
```   405 lemma wf_rvimage_Ord: "Ord(i) \<Longrightarrow> wf(rvimage(A, f, Memrel(i)))"
```
```   406 by (blast intro: wf_rvimage wf_Memrel)
```
```   407
```
```   408
```
```   409 constdefs
```
```   410   wfrank :: "[i,i]=>i"
```
```   411     "wfrank(r,a) == wfrec(r, a, %x f. \<Union>y \<in> r-``{x}. succ(f`y))"
```
```   412
```
```   413 constdefs
```
```   414   wftype :: "i=>i"
```
```   415     "wftype(r) == \<Union>y \<in> range(r). succ(wfrank(r,y))"
```
```   416
```
```   417 lemma wfrank: "wf(r) ==> wfrank(r,a) = (\<Union>y \<in> r-``{a}. succ(wfrank(r,y)))"
```
```   418 by (subst wfrank_def [THEN def_wfrec], simp_all)
```
```   419
```
```   420 lemma Ord_wfrank: "wf(r) ==> Ord(wfrank(r,a))"
```
```   421 apply (rule_tac a=a in wf_induct, assumption)
```
```   422 apply (subst wfrank, assumption)
```
```   423 apply (rule Ord_succ [THEN Ord_UN], blast)
```
```   424 done
```
```   425
```
```   426 lemma wfrank_lt: "[|wf(r); <a,b> \<in> r|] ==> wfrank(r,a) < wfrank(r,b)"
```
```   427 apply (rule_tac a1 = b in wfrank [THEN ssubst], assumption)
```
```   428 apply (rule UN_I [THEN ltI])
```
```   429 apply (simp add: Ord_wfrank vimage_iff)+
```
```   430 done
```
```   431
```
```   432 lemma Ord_wftype: "wf(r) ==> Ord(wftype(r))"
```
```   433 by (simp add: wftype_def Ord_wfrank)
```
```   434
```
```   435 lemma wftypeI: "\<lbrakk>wf(r);  x \<in> field(r)\<rbrakk> \<Longrightarrow> wfrank(r,x) \<in> wftype(r)"
```
```   436 apply (simp add: wftype_def)
```
```   437 apply (blast intro: wfrank_lt [THEN ltD])
```
```   438 done
```
```   439
```
```   440
```
```   441 lemma wf_imp_subset_rvimage:
```
```   442      "[|wf(r); r \<subseteq> A*A|] ==> \<exists>i f. Ord(i) & r <= rvimage(A, f, Memrel(i))"
```
```   443 apply (rule_tac x="wftype(r)" in exI)
```
```   444 apply (rule_tac x="\<lambda>x\<in>A. wfrank(r,x)" in exI)
```
```   445 apply (simp add: Ord_wftype, clarify)
```
```   446 apply (frule subsetD, assumption, clarify)
```
```   447 apply (simp add: rvimage_iff wfrank_lt [THEN ltD])
```
```   448 apply (blast intro: wftypeI)
```
```   449 done
```
```   450
```
```   451 theorem wf_iff_subset_rvimage:
```
```   452   "relation(r) ==> wf(r) <-> (\<exists>i f A. Ord(i) & r <= rvimage(A, f, Memrel(i)))"
```
```   453 by (blast dest!: relation_field_times_field wf_imp_subset_rvimage
```
```   454           intro: wf_rvimage_Ord [THEN wf_subset])
```
```   455
```
```   456
```
```   457 subsection{*Other Results*}
```
```   458
```
```   459 lemma wf_times: "A Int B = 0 ==> wf(A*B)"
```
```   460 by (simp add: wf_def, blast)
```
```   461
```
```   462 text{*Could also be used to prove @{text wf_radd}*}
```
```   463 lemma wf_Un:
```
```   464      "[| range(r) Int domain(s) = 0; wf(r);  wf(s) |] ==> wf(r Un s)"
```
```   465 apply (simp add: wf_def, clarify)
```
```   466 apply (rule equalityI)
```
```   467  prefer 2 apply blast
```
```   468 apply clarify
```
```   469 apply (drule_tac x=Z in spec)
```
```   470 apply (drule_tac x="Z Int domain(s)" in spec)
```
```   471 apply simp
```
```   472 apply (blast intro: elim: equalityE)
```
```   473 done
```
```   474
```
```   475 subsubsection{*The Empty Relation*}
```
```   476
```
```   477 lemma wf0: "wf(0)"
```
```   478 by (simp add: wf_def, blast)
```
```   479
```
```   480 lemma linear0: "linear(0,0)"
```
```   481 by (simp add: linear_def)
```
```   482
```
```   483 lemma well_ord0: "well_ord(0,0)"
```
```   484 by (blast intro: wf_imp_wf_on well_ordI wf0 linear0)
```
```   485
```
```   486 subsubsection{*The "measure" relation is useful with wfrec*}
```
```   487
```
```   488 lemma measure_eq_rvimage_Memrel:
```
```   489      "measure(A,f) = rvimage(A,Lambda(A,f),Memrel(Collect(RepFun(A,f),Ord)))"
```
```   490 apply (simp (no_asm) add: measure_def rvimage_def Memrel_iff)
```
```   491 apply (rule equalityI, auto)
```
```   492 apply (auto intro: Ord_in_Ord simp add: lt_def)
```
```   493 done
```
```   494
```
```   495 lemma wf_measure [iff]: "wf(measure(A,f))"
```
```   496 by (simp (no_asm) add: measure_eq_rvimage_Memrel wf_Memrel wf_rvimage)
```
```   497
```
```   498 lemma measure_iff [iff]: "<x,y> : measure(A,f) <-> x:A & y:A & f(x)<f(y)"
```
```   499 by (simp (no_asm) add: measure_def)
```
```   500
```
```   501 lemma linear_measure:
```
```   502  assumes Ordf: "!!x. x \<in> A ==> Ord(f(x))"
```
```   503      and inj:  "!!x y. [|x \<in> A; y \<in> A; f(x) = f(y) |] ==> x=y"
```
```   504  shows "linear(A, measure(A,f))"
```
```   505 apply (auto simp add: linear_def)
```
```   506 apply (rule_tac i="f(x)" and j="f(y)" in Ord_linear_lt)
```
```   507     apply (simp_all add: Ordf)
```
```   508 apply (blast intro: inj)
```
```   509 done
```
```   510
```
```   511 lemma wf_on_measure: "wf[B](measure(A,f))"
```
```   512 by (rule wf_imp_wf_on [OF wf_measure])
```
```   513
```
```   514 lemma well_ord_measure:
```
```   515  assumes Ordf: "!!x. x \<in> A ==> Ord(f(x))"
```
```   516      and inj:  "!!x y. [|x \<in> A; y \<in> A; f(x) = f(y) |] ==> x=y"
```
```   517  shows "well_ord(A, measure(A,f))"
```
```   518 apply (rule well_ordI)
```
```   519 apply (rule wf_on_measure)
```
```   520 apply (blast intro: linear_measure Ordf inj)
```
```   521 done
```
```   522
```
```   523 lemma measure_type: "measure(A,f) <= A*A"
```
```   524 by (auto simp add: measure_def)
```
```   525
```
```   526 subsubsection{*Well-foundedness of Unions*}
```
```   527
```
```   528 lemma wf_on_Union:
```
```   529  assumes wfA: "wf[A](r)"
```
```   530      and wfB: "!!a. a\<in>A ==> wf[B(a)](s)"
```
```   531      and ok: "!!a u v. [|<u,v> \<in> s; v \<in> B(a); a \<in> A|]
```
```   532                        ==> (\<exists>a'\<in>A. <a',a> \<in> r & u \<in> B(a')) | u \<in> B(a)"
```
```   533  shows "wf[\<Union>a\<in>A. B(a)](s)"
```
```   534 apply (rule wf_onI2)
```
```   535 apply (erule UN_E)
```
```   536 apply (subgoal_tac "\<forall>z \<in> B(a). z \<in> Ba", blast)
```
```   537 apply (rule_tac a = a in wf_on_induct [OF wfA], assumption)
```
```   538 apply (rule ballI)
```
```   539 apply (rule_tac a = z in wf_on_induct [OF wfB], assumption, assumption)
```
```   540 apply (rename_tac u)
```
```   541 apply (drule_tac x=u in bspec, blast)
```
```   542 apply (erule mp, clarify)
```
```   543 apply (frule ok, assumption+, blast)
```
```   544 done
```
```   545
```
```   546 subsubsection{*Bijections involving Powersets*}
```
```   547
```
```   548 lemma Pow_sum_bij:
```
```   549     "(\<lambda>Z \<in> Pow(A+B). <{x \<in> A. Inl(x) \<in> Z}, {y \<in> B. Inr(y) \<in> Z}>)
```
```   550      \<in> bij(Pow(A+B), Pow(A)*Pow(B))"
```
```   551 apply (rule_tac d = "%<X,Y>. {Inl (x). x \<in> X} Un {Inr (y). y \<in> Y}"
```
```   552        in lam_bijective)
```
```   553 apply force+
```
```   554 done
```
```   555
```
```   556 text{*As a special case, we have @{term "bij(Pow(A*B), A -> Pow(B))"} *}
```
```   557 lemma Pow_Sigma_bij:
```
```   558     "(\<lambda>r \<in> Pow(Sigma(A,B)). \<lambda>x \<in> A. r``{x})
```
```   559      \<in> bij(Pow(Sigma(A,B)), \<Pi> x \<in> A. Pow(B(x)))"
```
```   560 apply (rule_tac d = "%f. \<Union>x \<in> A. \<Union>y \<in> f`x. {<x,y>}" in lam_bijective)
```
```   561 apply (blast intro: lam_type)
```
```   562 apply (blast dest: apply_type, simp_all)
```
```   563 apply fast (*strange, but blast can't do it*)
```
```   564 apply (rule fun_extension, auto)
```
```   565 by blast
```
```   566
```
```   567
```
```   568 ML {*
```
```   569 val measure_def = thm "measure_def";
```
```   570 val radd_Inl_Inr_iff = thm "radd_Inl_Inr_iff";
```
```   571 val radd_Inl_iff = thm "radd_Inl_iff";
```
```   572 val radd_Inr_iff = thm "radd_Inr_iff";
```
```   573 val radd_Inr_Inl_iff = thm "radd_Inr_Inl_iff";
```
```   574 val raddE = thm "raddE";
```
```   575 val radd_type = thm "radd_type";
```
```   576 val field_radd = thm "field_radd";
```
```   577 val linear_radd = thm "linear_radd";
```
```   578 val wf_on_radd = thm "wf_on_radd";
```
```   579 val wf_radd = thm "wf_radd";
```
```   580 val well_ord_radd = thm "well_ord_radd";
```
```   581 val sum_bij = thm "sum_bij";
```
```   582 val sum_ord_iso_cong = thm "sum_ord_iso_cong";
```
```   583 val sum_disjoint_bij = thm "sum_disjoint_bij";
```
```   584 val sum_assoc_bij = thm "sum_assoc_bij";
```
```   585 val sum_assoc_ord_iso = thm "sum_assoc_ord_iso";
```
```   586 val rmult_iff = thm "rmult_iff";
```
```   587 val rmultE = thm "rmultE";
```
```   588 val rmult_type = thm "rmult_type";
```
```   589 val field_rmult = thm "field_rmult";
```
```   590 val linear_rmult = thm "linear_rmult";
```
```   591 val wf_on_rmult = thm "wf_on_rmult";
```
```   592 val wf_rmult = thm "wf_rmult";
```
```   593 val well_ord_rmult = thm "well_ord_rmult";
```
```   594 val prod_bij = thm "prod_bij";
```
```   595 val prod_ord_iso_cong = thm "prod_ord_iso_cong";
```
```   596 val singleton_prod_bij = thm "singleton_prod_bij";
```
```   597 val singleton_prod_ord_iso = thm "singleton_prod_ord_iso";
```
```   598 val prod_sum_singleton_bij = thm "prod_sum_singleton_bij";
```
```   599 val prod_sum_singleton_ord_iso = thm "prod_sum_singleton_ord_iso";
```
```   600 val sum_prod_distrib_bij = thm "sum_prod_distrib_bij";
```
```   601 val sum_prod_distrib_ord_iso = thm "sum_prod_distrib_ord_iso";
```
```   602 val prod_assoc_bij = thm "prod_assoc_bij";
```
```   603 val prod_assoc_ord_iso = thm "prod_assoc_ord_iso";
```
```   604 val rvimage_iff = thm "rvimage_iff";
```
```   605 val rvimage_type = thm "rvimage_type";
```
```   606 val field_rvimage = thm "field_rvimage";
```
```   607 val rvimage_converse = thm "rvimage_converse";
```
```   608 val irrefl_rvimage = thm "irrefl_rvimage";
```
```   609 val trans_on_rvimage = thm "trans_on_rvimage";
```
```   610 val part_ord_rvimage = thm "part_ord_rvimage";
```
```   611 val linear_rvimage = thm "linear_rvimage";
```
```   612 val tot_ord_rvimage = thm "tot_ord_rvimage";
```
```   613 val wf_rvimage = thm "wf_rvimage";
```
```   614 val wf_on_rvimage = thm "wf_on_rvimage";
```
```   615 val well_ord_rvimage = thm "well_ord_rvimage";
```
```   616 val ord_iso_rvimage = thm "ord_iso_rvimage";
```
```   617 val ord_iso_rvimage_eq = thm "ord_iso_rvimage_eq";
```
```   618 val measure_eq_rvimage_Memrel = thm "measure_eq_rvimage_Memrel";
```
```   619 val wf_measure = thm "wf_measure";
```
```   620 val measure_iff = thm "measure_iff";
```
```   621 *}
```
```   622
```
```   623 end
```