isabelle: src/HOL/Isar_examples/Cantor.thy@5b9c45b21782 (annotated)

6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	1	(* Title: HOL/Isar_examples/Cantor.thy
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	2	ID: $Id$
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	3	Author: Markus Wenzel, TU Muenchen
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	4
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	5	Cantor's theorem -- Isar'ized version of the final section of the HOL
6507 644d75d0dc8c tuned; wenzelm parents: 6506 diff changeset	6	chapter of "Isabelle's Object-Logics" (Larry Paulson).
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	7	*)
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	8
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	9	header {* More classical proofs: Cantor's Theorem *};
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	10
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	11	theory Cantor = Main:;
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	12
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	13	text {*
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	14	Cantor's Theorem states that every set has more subsets than it has
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	15	elements. It has become a favourite basic example in higher-order logic
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	16	since it is so easily expressed: \[\all{f::\alpha \To \alpha \To \idt{bool}}
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	17	\ex{S::\alpha \To \idt{bool}} \all{x::\alpha}. f \ap x \not= S\]
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	18
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	19	Viewing types as sets, $\alpha \To \idt{bool}$ represents the powerset of
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	20	$\alpha$. This version of the theorem states that for every function from
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	21	$\alpha$ to its powerset, some subset is outside its range. The
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	22	Isabelle/Isar proofs below use HOL's set theory, with the type $\alpha \ap
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	23	\idt{set}$ and the operator $\idt{range}$.
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	24
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	25	\bigskip We first consider a rather verbose version of the proof, with the
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	26	reasoning expressed quite naively. We only make use of the pure core of the
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	27	Isar proof language.
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	28	*};
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	29
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	30	theorem "EX S. S ~: range(f :: 'a => 'a set)";
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	31	proof;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	32	let ?S = "{x. x ~: f x}";
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	33	show "?S ~: range f";
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	34	proof;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	35	assume "?S : range f";
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	36	then; show False;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	37	proof;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	38	fix y;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	39	assume "?S = f y";
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	40	then; show ?thesis;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	41	proof (rule equalityCE);
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	42	assume y_in_S: "y : ?S";
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	43	assume y_in_fy: "y : f y";
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	44	from y_in_S; have y_notin_fy: "y ~: f y"; ..;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	45	from y_notin_fy y_in_fy; show ?thesis; by contradiction;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	46	next;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	47	assume y_notin_S: "y ~: ?S";
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	48	assume y_notin_fy: "y ~: f y";
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	49	from y_notin_S; have y_in_fy: "y : f y"; ..;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	50	from y_notin_fy y_in_fy; show ?thesis; by contradiction;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	51	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	52	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	53	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	54	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	55
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	56	text {*
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	57	The following version of the proof essentially does the same reasoning, only
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	58	that it is expressed more neatly, with some derived Isar language elements
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	59	involved.
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	60	*};
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	61
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	62	theorem "EX S. S ~: range(f :: 'a => 'a set)";
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	63	proof;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	64	let ?S = "{x. x ~: f x}";
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	65	show "?S ~: range f";
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	66	proof;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	67	assume "?S : range f";
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	68	thus False;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	69	proof;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	70	fix y;
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	71	assume "?S = f y";
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	72	thus ?thesis;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	73	proof (rule equalityCE);
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	74	assume "y : f y";
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	75	assume "y : ?S"; hence "y ~: f y"; ..;
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	76	thus ?thesis; by contradiction;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	77	next;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	78	assume "y ~: f y";
7480 0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	79	assume "y ~: ?S"; hence "y : f y"; ..;
0a0e0dbe1269 replaced ?? by ?; wenzelm parents: 6746 diff changeset	80	thus ?thesis; by contradiction;
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	81	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	82	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	83	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	84	qed;
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	85
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	86	text {*
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	87	How much creativity is required? As it happens, Isabelle can prove this
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	88	theorem automatically. The default classical set contains rules for most of
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	89	the constructs of HOL's set theory. We must augment it with
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	90	\name{equalityCE} to break up set equalities, and then apply best-first
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	91	search. Depth-first search would diverge, but best-first search
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	92	successfully navigates through the large search space.
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	93	*};
6505 2863855a6902 elaborated; wenzelm parents: 6494 diff changeset	94
6494 ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	95	theorem "EX S. S ~: range(f :: 'a => 'a set)";
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	96	by (best elim: equalityCE);
ab1442d2e4e1 detailed proofs; wenzelm parents: 6444 diff changeset	97
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	98	text {*
7748 5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	99	While this establishes the same theorem internally, we do not get any idea
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	100	of how the proof actually works. There is currently no way to transform
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	101	internal system-level representations of Isabelle proofs back into Isar
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	102	documents. Note that writing Isabelle/Isar proof documents actually
5b9c45b21782 improved presentation; wenzelm parents: 7480 diff changeset	103	\emph{is} a creative process.
6744 9727e83f0578 changed {\| \|} verbatim syntax to {* }; wenzelm* parents: 6517 diff changeset	104	*};
6444 2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	105
2ebe9e630cab Miscellaneous Isabelle/Isar examples for Higher-Order Logic. wenzelm parents: diff changeset	106	end;

author	wenzelm
	Wed, 06 Oct 1999 00:31:40 +0200
changeset 7748	5b9c45b21782
parent 7480	0a0e0dbe1269
child 7800	8ee919e42174
permissions	-rw-r--r--