|
1 (* Title: set/set |
|
2 ID: $Id$ |
|
3 |
|
4 For set.thy. |
|
5 |
|
6 Modified version of |
|
7 Title: HOL/set |
|
8 Author: Lawrence C Paulson, Cambridge University Computer Laboratory |
|
9 Copyright 1991 University of Cambridge |
|
10 |
|
11 For set.thy. Set theory for higher-order logic. A set is simply a predicate. |
|
12 *) |
|
13 |
|
14 open Set; |
|
15 |
|
16 val [prem] = goal Set.thy "[| P(a) |] ==> a : {x.P(x)}"; |
|
17 by (rtac (mem_Collect_iff RS iffD2) 1); |
|
18 by (rtac prem 1); |
|
19 val CollectI = result(); |
|
20 |
|
21 val prems = goal Set.thy "[| a : {x.P(x)} |] ==> P(a)"; |
|
22 by (resolve_tac (prems RL [mem_Collect_iff RS iffD1]) 1); |
|
23 val CollectD = result(); |
|
24 |
|
25 val [prem] = goal Set.thy "[| !!x. x:A <-> x:B |] ==> A = B"; |
|
26 by (rtac (set_extension RS iffD2) 1); |
|
27 by (rtac (prem RS allI) 1); |
|
28 val set_ext = result(); |
|
29 |
|
30 val prems = goal Set.thy "[| !!x. P(x) <-> Q(x) |] ==> {x. P(x)} = {x. Q(x)}"; |
|
31 by (REPEAT (ares_tac [set_ext,iffI,CollectI] 1 ORELSE |
|
32 eresolve_tac ([CollectD] RL (prems RL [iffD1,iffD2])) 1)); |
|
33 val Collect_cong = result(); |
|
34 |
|
35 val CollectE = make_elim CollectD; |
|
36 |
|
37 (*** Bounded quantifiers ***) |
|
38 |
|
39 val prems = goalw Set.thy [Ball_def] |
|
40 "[| !!x. x:A ==> P(x) |] ==> ALL x:A. P(x)"; |
|
41 by (REPEAT (ares_tac (prems @ [allI,impI]) 1)); |
|
42 val ballI = result(); |
|
43 |
|
44 val [major,minor] = goalw Set.thy [Ball_def] |
|
45 "[| ALL x:A. P(x); x:A |] ==> P(x)"; |
|
46 by (rtac (minor RS (major RS spec RS mp)) 1); |
|
47 val bspec = result(); |
|
48 |
|
49 val major::prems = goalw Set.thy [Ball_def] |
|
50 "[| ALL x:A. P(x); P(x) ==> Q; ~ x:A ==> Q |] ==> Q"; |
|
51 by (rtac (major RS spec RS impCE) 1); |
|
52 by (REPEAT (eresolve_tac prems 1)); |
|
53 val ballE = result(); |
|
54 |
|
55 (*Takes assumptions ALL x:A.P(x) and a:A; creates assumption P(a)*) |
|
56 fun ball_tac i = etac ballE i THEN contr_tac (i+1); |
|
57 |
|
58 val prems = goalw Set.thy [Bex_def] |
|
59 "[| P(x); x:A |] ==> EX x:A. P(x)"; |
|
60 by (REPEAT (ares_tac (prems @ [exI,conjI]) 1)); |
|
61 val bexI = result(); |
|
62 |
|
63 val bexCI = prove_goal Set.thy |
|
64 "[| EX x:A. ~P(x) ==> P(a); a:A |] ==> EX x:A.P(x)" |
|
65 (fn prems=> |
|
66 [ (rtac classical 1), |
|
67 (REPEAT (ares_tac (prems@[bexI,ballI,notI,notE]) 1)) ]); |
|
68 |
|
69 val major::prems = goalw Set.thy [Bex_def] |
|
70 "[| EX x:A. P(x); !!x. [| x:A; P(x) |] ==> Q |] ==> Q"; |
|
71 by (rtac (major RS exE) 1); |
|
72 by (REPEAT (eresolve_tac (prems @ [asm_rl,conjE]) 1)); |
|
73 val bexE = result(); |
|
74 |
|
75 (*Trival rewrite rule; (! x:A.P)=P holds only if A is nonempty!*) |
|
76 val prems = goal Set.thy |
|
77 "(ALL x:A. True) <-> True"; |
|
78 by (REPEAT (ares_tac [TrueI,ballI,iffI] 1)); |
|
79 val ball_rew = result(); |
|
80 |
|
81 (** Congruence rules **) |
|
82 |
|
83 val prems = goal Set.thy |
|
84 "[| A=A'; !!x. x:A' ==> P(x) <-> P'(x) |] ==> \ |
|
85 \ (ALL x:A. P(x)) <-> (ALL x:A'. P'(x))"; |
|
86 by (resolve_tac (prems RL [ssubst,iffD2]) 1); |
|
87 by (REPEAT (ares_tac [ballI,iffI] 1 |
|
88 ORELSE eresolve_tac ([make_elim bspec, mp] @ (prems RL [iffE])) 1)); |
|
89 val ball_cong = result(); |
|
90 |
|
91 val prems = goal Set.thy |
|
92 "[| A=A'; !!x. x:A' ==> P(x) <-> P'(x) |] ==> \ |
|
93 \ (EX x:A. P(x)) <-> (EX x:A'. P'(x))"; |
|
94 by (resolve_tac (prems RL [ssubst,iffD2]) 1); |
|
95 by (REPEAT (etac bexE 1 |
|
96 ORELSE ares_tac ([bexI,iffI] @ (prems RL [iffD1,iffD2])) 1)); |
|
97 val bex_cong = result(); |
|
98 |
|
99 (*** Rules for subsets ***) |
|
100 |
|
101 val prems = goalw Set.thy [subset_def] "(!!x.x:A ==> x:B) ==> A <= B"; |
|
102 by (REPEAT (ares_tac (prems @ [ballI]) 1)); |
|
103 val subsetI = result(); |
|
104 |
|
105 (*Rule in Modus Ponens style*) |
|
106 val major::prems = goalw Set.thy [subset_def] "[| A <= B; c:A |] ==> c:B"; |
|
107 by (rtac (major RS bspec) 1); |
|
108 by (resolve_tac prems 1); |
|
109 val subsetD = result(); |
|
110 |
|
111 (*Classical elimination rule*) |
|
112 val major::prems = goalw Set.thy [subset_def] |
|
113 "[| A <= B; ~(c:A) ==> P; c:B ==> P |] ==> P"; |
|
114 by (rtac (major RS ballE) 1); |
|
115 by (REPEAT (eresolve_tac prems 1)); |
|
116 val subsetCE = result(); |
|
117 |
|
118 (*Takes assumptions A<=B; c:A and creates the assumption c:B *) |
|
119 fun set_mp_tac i = etac subsetCE i THEN mp_tac i; |
|
120 |
|
121 val subset_refl = prove_goal Set.thy "A <= A" |
|
122 (fn _=> [ (REPEAT (ares_tac [subsetI] 1)) ]); |
|
123 |
|
124 goal Set.thy "!!A B C. [| A<=B; B<=C |] ==> A<=C"; |
|
125 br subsetI 1; |
|
126 by (REPEAT (eresolve_tac [asm_rl, subsetD] 1)); |
|
127 val subset_trans = result(); |
|
128 |
|
129 |
|
130 (*** Rules for equality ***) |
|
131 |
|
132 (*Anti-symmetry of the subset relation*) |
|
133 val prems = goal Set.thy "[| A <= B; B <= A |] ==> A = B"; |
|
134 by (rtac (iffI RS set_ext) 1); |
|
135 by (REPEAT (ares_tac (prems RL [subsetD]) 1)); |
|
136 val subset_antisym = result(); |
|
137 val equalityI = subset_antisym; |
|
138 |
|
139 (* Equality rules from ZF set theory -- are they appropriate here? *) |
|
140 val prems = goal Set.thy "A = B ==> A<=B"; |
|
141 by (resolve_tac (prems RL [subst]) 1); |
|
142 by (rtac subset_refl 1); |
|
143 val equalityD1 = result(); |
|
144 |
|
145 val prems = goal Set.thy "A = B ==> B<=A"; |
|
146 by (resolve_tac (prems RL [subst]) 1); |
|
147 by (rtac subset_refl 1); |
|
148 val equalityD2 = result(); |
|
149 |
|
150 val prems = goal Set.thy |
|
151 "[| A = B; [| A<=B; B<=A |] ==> P |] ==> P"; |
|
152 by (resolve_tac prems 1); |
|
153 by (REPEAT (resolve_tac (prems RL [equalityD1,equalityD2]) 1)); |
|
154 val equalityE = result(); |
|
155 |
|
156 val major::prems = goal Set.thy |
|
157 "[| A = B; [| c:A; c:B |] ==> P; [| ~ c:A; ~ c:B |] ==> P |] ==> P"; |
|
158 by (rtac (major RS equalityE) 1); |
|
159 by (REPEAT (contr_tac 1 ORELSE eresolve_tac ([asm_rl,subsetCE]@prems) 1)); |
|
160 val equalityCE = result(); |
|
161 |
|
162 (*Lemma for creating induction formulae -- for "pattern matching" on p |
|
163 To make the induction hypotheses usable, apply "spec" or "bspec" to |
|
164 put universal quantifiers over the free variables in p. *) |
|
165 val prems = goal Set.thy |
|
166 "[| p:A; !!z. z:A ==> p=z --> R |] ==> R"; |
|
167 by (rtac mp 1); |
|
168 by (REPEAT (resolve_tac (refl::prems) 1)); |
|
169 val setup_induction = result(); |
|
170 |
|
171 goal Set.thy "{x.x:A} = A"; |
|
172 by (REPEAT (ares_tac [equalityI,subsetI,CollectI] 1 ORELSE eresolve_tac [CollectD] 1)); |
|
173 val trivial_set = result(); |
|
174 |
|
175 (*** Rules for binary union -- Un ***) |
|
176 |
|
177 val prems = goalw Set.thy [Un_def] "c:A ==> c : A Un B"; |
|
178 by (REPEAT (resolve_tac (prems @ [CollectI,disjI1]) 1)); |
|
179 val UnI1 = result(); |
|
180 |
|
181 val prems = goalw Set.thy [Un_def] "c:B ==> c : A Un B"; |
|
182 by (REPEAT (resolve_tac (prems @ [CollectI,disjI2]) 1)); |
|
183 val UnI2 = result(); |
|
184 |
|
185 (*Classical introduction rule: no commitment to A vs B*) |
|
186 val UnCI = prove_goal Set.thy "(~c:B ==> c:A) ==> c : A Un B" |
|
187 (fn prems=> |
|
188 [ (rtac classical 1), |
|
189 (REPEAT (ares_tac (prems@[UnI1,notI]) 1)), |
|
190 (REPEAT (ares_tac (prems@[UnI2,notE]) 1)) ]); |
|
191 |
|
192 val major::prems = goalw Set.thy [Un_def] |
|
193 "[| c : A Un B; c:A ==> P; c:B ==> P |] ==> P"; |
|
194 by (rtac (major RS CollectD RS disjE) 1); |
|
195 by (REPEAT (eresolve_tac prems 1)); |
|
196 val UnE = result(); |
|
197 |
|
198 |
|
199 (*** Rules for small intersection -- Int ***) |
|
200 |
|
201 val prems = goalw Set.thy [Int_def] |
|
202 "[| c:A; c:B |] ==> c : A Int B"; |
|
203 by (REPEAT (resolve_tac (prems @ [CollectI,conjI]) 1)); |
|
204 val IntI = result(); |
|
205 |
|
206 val [major] = goalw Set.thy [Int_def] "c : A Int B ==> c:A"; |
|
207 by (rtac (major RS CollectD RS conjunct1) 1); |
|
208 val IntD1 = result(); |
|
209 |
|
210 val [major] = goalw Set.thy [Int_def] "c : A Int B ==> c:B"; |
|
211 by (rtac (major RS CollectD RS conjunct2) 1); |
|
212 val IntD2 = result(); |
|
213 |
|
214 val [major,minor] = goal Set.thy |
|
215 "[| c : A Int B; [| c:A; c:B |] ==> P |] ==> P"; |
|
216 by (rtac minor 1); |
|
217 by (rtac (major RS IntD1) 1); |
|
218 by (rtac (major RS IntD2) 1); |
|
219 val IntE = result(); |
|
220 |
|
221 |
|
222 (*** Rules for set complement -- Compl ***) |
|
223 |
|
224 val prems = goalw Set.thy [Compl_def] |
|
225 "[| c:A ==> False |] ==> c : Compl(A)"; |
|
226 by (REPEAT (ares_tac (prems @ [CollectI,notI]) 1)); |
|
227 val ComplI = result(); |
|
228 |
|
229 (*This form, with negated conclusion, works well with the Classical prover. |
|
230 Negated assumptions behave like formulae on the right side of the notional |
|
231 turnstile...*) |
|
232 val major::prems = goalw Set.thy [Compl_def] |
|
233 "[| c : Compl(A) |] ==> ~c:A"; |
|
234 by (rtac (major RS CollectD) 1); |
|
235 val ComplD = result(); |
|
236 |
|
237 val ComplE = make_elim ComplD; |
|
238 |
|
239 |
|
240 (*** Empty sets ***) |
|
241 |
|
242 goalw Set.thy [empty_def] "{x.False} = {}"; |
|
243 br refl 1; |
|
244 val empty_eq = result(); |
|
245 |
|
246 val [prem] = goalw Set.thy [empty_def] "a : {} ==> P"; |
|
247 by (rtac (prem RS CollectD RS FalseE) 1); |
|
248 val emptyD = result(); |
|
249 |
|
250 val emptyE = make_elim emptyD; |
|
251 |
|
252 val [prem] = goal Set.thy "~ A={} ==> (EX x.x:A)"; |
|
253 br (prem RS swap) 1; |
|
254 br equalityI 1; |
|
255 by (ALLGOALS (fast_tac (FOL_cs addSIs [subsetI] addSEs [emptyD]))); |
|
256 val not_emptyD = result(); |
|
257 |
|
258 (*** Singleton sets ***) |
|
259 |
|
260 goalw Set.thy [singleton_def] "a : {a}"; |
|
261 by (rtac CollectI 1); |
|
262 by (rtac refl 1); |
|
263 val singletonI = result(); |
|
264 |
|
265 val [major] = goalw Set.thy [singleton_def] "b : {a} ==> b=a"; |
|
266 by (rtac (major RS CollectD) 1); |
|
267 val singletonD = result(); |
|
268 |
|
269 val singletonE = make_elim singletonD; |
|
270 |
|
271 (*** Unions of families ***) |
|
272 |
|
273 (*The order of the premises presupposes that A is rigid; b may be flexible*) |
|
274 val prems = goalw Set.thy [UNION_def] |
|
275 "[| a:A; b: B(a) |] ==> b: (UN x:A. B(x))"; |
|
276 by (REPEAT (resolve_tac (prems @ [bexI,CollectI]) 1)); |
|
277 val UN_I = result(); |
|
278 |
|
279 val major::prems = goalw Set.thy [UNION_def] |
|
280 "[| b : (UN x:A. B(x)); !!x.[| x:A; b: B(x) |] ==> R |] ==> R"; |
|
281 by (rtac (major RS CollectD RS bexE) 1); |
|
282 by (REPEAT (ares_tac prems 1)); |
|
283 val UN_E = result(); |
|
284 |
|
285 val prems = goal Set.thy |
|
286 "[| A=B; !!x. x:B ==> C(x) = D(x) |] ==> \ |
|
287 \ (UN x:A. C(x)) = (UN x:B. D(x))"; |
|
288 by (REPEAT (etac UN_E 1 |
|
289 ORELSE ares_tac ([UN_I,equalityI,subsetI] @ |
|
290 (prems RL [equalityD1,equalityD2] RL [subsetD])) 1)); |
|
291 val UN_cong = result(); |
|
292 |
|
293 (*** Intersections of families -- INTER x:A. B(x) is Inter(B)``A ) *) |
|
294 |
|
295 val prems = goalw Set.thy [INTER_def] |
|
296 "(!!x. x:A ==> b: B(x)) ==> b : (INT x:A. B(x))"; |
|
297 by (REPEAT (ares_tac ([CollectI,ballI] @ prems) 1)); |
|
298 val INT_I = result(); |
|
299 |
|
300 val major::prems = goalw Set.thy [INTER_def] |
|
301 "[| b : (INT x:A. B(x)); a:A |] ==> b: B(a)"; |
|
302 by (rtac (major RS CollectD RS bspec) 1); |
|
303 by (resolve_tac prems 1); |
|
304 val INT_D = result(); |
|
305 |
|
306 (*"Classical" elimination rule -- does not require proving X:C *) |
|
307 val major::prems = goalw Set.thy [INTER_def] |
|
308 "[| b : (INT x:A. B(x)); b: B(a) ==> R; ~ a:A ==> R |] ==> R"; |
|
309 by (rtac (major RS CollectD RS ballE) 1); |
|
310 by (REPEAT (eresolve_tac prems 1)); |
|
311 val INT_E = result(); |
|
312 |
|
313 val prems = goal Set.thy |
|
314 "[| A=B; !!x. x:B ==> C(x) = D(x) |] ==> \ |
|
315 \ (INT x:A. C(x)) = (INT x:B. D(x))"; |
|
316 by (REPEAT_FIRST (resolve_tac [INT_I,equalityI,subsetI])); |
|
317 by (REPEAT (dtac INT_D 1 |
|
318 ORELSE ares_tac (prems RL [equalityD1,equalityD2] RL [subsetD]) 1)); |
|
319 val INT_cong = result(); |
|
320 |
|
321 (*** Rules for Unions ***) |
|
322 |
|
323 (*The order of the premises presupposes that C is rigid; A may be flexible*) |
|
324 val prems = goalw Set.thy [Union_def] |
|
325 "[| X:C; A:X |] ==> A : Union(C)"; |
|
326 by (REPEAT (resolve_tac (prems @ [UN_I]) 1)); |
|
327 val UnionI = result(); |
|
328 |
|
329 val major::prems = goalw Set.thy [Union_def] |
|
330 "[| A : Union(C); !!X.[| A:X; X:C |] ==> R |] ==> R"; |
|
331 by (rtac (major RS UN_E) 1); |
|
332 by (REPEAT (ares_tac prems 1)); |
|
333 val UnionE = result(); |
|
334 |
|
335 (*** Rules for Inter ***) |
|
336 |
|
337 val prems = goalw Set.thy [Inter_def] |
|
338 "[| !!X. X:C ==> A:X |] ==> A : Inter(C)"; |
|
339 by (REPEAT (ares_tac ([INT_I] @ prems) 1)); |
|
340 val InterI = result(); |
|
341 |
|
342 (*A "destruct" rule -- every X in C contains A as an element, but |
|
343 A:X can hold when X:C does not! This rule is analogous to "spec". *) |
|
344 val major::prems = goalw Set.thy [Inter_def] |
|
345 "[| A : Inter(C); X:C |] ==> A:X"; |
|
346 by (rtac (major RS INT_D) 1); |
|
347 by (resolve_tac prems 1); |
|
348 val InterD = result(); |
|
349 |
|
350 (*"Classical" elimination rule -- does not require proving X:C *) |
|
351 val major::prems = goalw Set.thy [Inter_def] |
|
352 "[| A : Inter(C); A:X ==> R; ~ X:C ==> R |] ==> R"; |
|
353 by (rtac (major RS INT_E) 1); |
|
354 by (REPEAT (eresolve_tac prems 1)); |
|
355 val InterE = result(); |