# HG changeset patch # User wenzelm # Date 1586204980 -7200 # Node ID 23abd7f9f054a55e9690ce3ec298ed1774dc2b5f # Parent 54ac957c53ec171362ec0eb2ccb17d9e93d547b3# Parent 8e5c20e4e11a35c4dbe0f256c659823e3d16e434 merged; diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Analysis/Lipschitz.thy --- a/src/HOL/Analysis/Lipschitz.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Analysis/Lipschitz.thy Mon Apr 06 22:29:40 2020 +0200 @@ -686,11 +686,14 @@ using lx'(2) ly'(2) lt'(2) \0 < rx _\ by (auto simp add: field_split_simps strict_mono_def) also have "\ \ diameter ?S / n" - by (force intro!: \0 < n\ strict_mono_def xy diameter_bounded_bound frac_le - compact_imp_bounded compact t - intro: le_trans[OF seq_suble[OF lt'(2)]] - le_trans[OF seq_suble[OF ly'(2)]] - le_trans[OF seq_suble[OF lx'(2)]]) + proof (rule frac_le) + show "diameter ?S \ 0" + using compact compact_imp_bounded diameter_ge_0 by blast + show "dist (f (?t n) (?y n)) (f (?t n) (?x n)) \ diameter ((\(t,x). f t x) ` (T \ X))" + by (metis (no_types) compact compact_imp_bounded diameter_bounded_bound image_eqI mem_Sigma_iff o_apply split_conv t xy(1) xy(2)) + show "real n \ real (rx (ry (rt n)))" + by (meson le_trans lt'(2) lx'(2) ly'(2) of_nat_mono strict_mono_imp_increasing) + qed (use \n > 0\ in auto) also have "\ \ abs (diameter ?S) / n" by (auto intro!: divide_right_mono) finally show ?case by simp diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Binomial.thy --- a/src/HOL/Binomial.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Binomial.thy Mon Apr 06 22:29:40 2020 +0200 @@ -121,21 +121,35 @@ using binomial_Suc_Suc [of "n - 1" "k - 1"] by simp lemma Suc_times_binomial_eq: "Suc n * (n choose k) = (Suc n choose Suc k) * Suc k" - apply (induct n arbitrary: k) - apply simp - apply arith - apply (case_tac k) - apply (auto simp add: add_mult_distrib add_mult_distrib2 le_Suc_eq binomial_eq_0) - done +proof (induction n arbitrary: k) + case 0 + then show ?case + by auto +next + case (Suc n) + show ?case + proof (cases k) + case (Suc k') + then show ?thesis + using Suc.IH + by (auto simp add: add_mult_distrib add_mult_distrib2 le_Suc_eq binomial_eq_0) + qed auto +qed lemma binomial_le_pow2: "n choose k \ 2^n" - apply (induct n arbitrary: k) - apply (case_tac k) - apply simp_all - apply (case_tac k) - apply auto - apply (simp add: add_le_mono mult_2) - done +proof (induction n arbitrary: k) + case 0 + then show ?case + using le_less less_le_trans by fastforce +next + case (Suc n) + show ?case + proof (cases k) + case (Suc k') + then show ?thesis + using Suc.IH by (simp add: add_le_mono mult_2) + qed auto +qed text \The absorption property.\ lemma Suc_times_binomial: "Suc k * (Suc n choose Suc k) = Suc n * (n choose k)" @@ -246,9 +260,7 @@ assumes kn: "k \ n" shows "(of_nat (n choose k) :: 'a::field_char_0) = fact n / (fact k * fact (n - k))" using binomial_fact_lemma[OF kn] - apply (simp add: field_simps) - apply (metis mult.commute of_nat_fact of_nat_mult) - done + by (metis (mono_tags, lifting) fact_nonzero mult_eq_0_iff nonzero_mult_div_cancel_left of_nat_fact of_nat_mult) lemma fact_binomial: assumes "k \ n" @@ -361,11 +373,11 @@ for a :: "'a::field_char_0" proof (cases k) case (Suc k') + then have "a gchoose k = pochhammer (a - of_nat k') (Suc k') / ((1 + of_nat k') * fact k')" + by (simp add: gbinomial_prod_rev pochhammer_prod_rev atLeastLessThanSuc_atLeastAtMost + prod.atLeast_Suc_atMost_Suc_shift of_nat_diff flip: power_mult_distrib prod.cl_ivl_Suc) then show ?thesis - apply (simp add: pochhammer_minus) - apply (simp add: gbinomial_prod_rev pochhammer_prod_rev power_mult_distrib [symmetric] atLeastLessThanSuc_atLeastAtMost - prod.atLeast_Suc_atMost_Suc_shift of_nat_diff del: prod.cl_ivl_Suc) - done + by (simp add: pochhammer_minus Suc) qed auto lemma gbinomial_pochhammer': "a gchoose k = pochhammer (a - of_nat k + 1) k / fact k" @@ -437,10 +449,8 @@ (is "?l = ?r") proof - have "?r = ((- 1) ^k * pochhammer (- a) k / fact k) * (of_nat k - (- a + of_nat k))" - apply (simp only: gbinomial_pochhammer pochhammer_Suc right_diff_distrib power_Suc) - apply (simp del: of_nat_Suc fact_Suc) - apply (auto simp add: field_simps simp del: of_nat_Suc) - done + unfolding gbinomial_pochhammer pochhammer_Suc right_diff_distrib power_Suc + by (auto simp add: field_simps simp del: of_nat_Suc) also have "\ = ?l" by (simp add: field_simps gbinomial_pochhammer) finally show ?thesis .. @@ -459,17 +469,17 @@ next case (Suc h) have eq0: "(\i\{1..k}. (a + 1) - of_nat i) = (\i\{0..h}. a - of_nat i)" - apply (rule prod.reindex_cong [where l = Suc]) - using Suc - apply (auto simp add: image_Suc_atMost) - done + proof (rule prod.reindex_cong) + show "{1..k} = Suc ` {0..h}" + using Suc by (auto simp add: image_Suc_atMost) + qed auto have "fact (Suc k) * (a gchoose k + (a gchoose (Suc k))) = (a gchoose Suc h) * (fact (Suc (Suc h))) + (a gchoose Suc (Suc h)) * (fact (Suc (Suc h)))" by (simp add: Suc field_simps del: fact_Suc) also have "\ = (a gchoose Suc h) * of_nat (Suc (Suc h) * fact (Suc h)) + (\i=0..Suc h. a - of_nat i)" - apply (simp del: fact_Suc prod.op_ivl_Suc add: gbinomial_mult_fact field_simps mult.left_commute [of _ "2"]) + apply (simp only: gbinomial_mult_fact field_simps mult.left_commute [of _ "2"]) apply (simp del: fact_Suc add: fact_Suc [of "Suc h"] field_simps gbinomial_mult_fact mult.left_commute [of _ "2"] atLeastLessThanSuc_atLeastAtMost) done @@ -608,10 +618,8 @@ also have "(\i\n. of_nat (n choose Suc i) * pochhammer a (Suc i) * pochhammer b (n - i)) + pochhammer b (Suc n) = (\i=0..Suc n. of_nat (n choose i) * pochhammer a i * pochhammer b (Suc n - i))" - apply (subst sum.atLeast_Suc_atMost) - apply simp - apply (subst sum.shift_bounds_cl_Suc_ivl) - apply (simp add: atLeast0AtMost) + apply (subst sum.atLeast_Suc_atMost, simp) + apply (simp add: sum.shift_bounds_cl_Suc_ivl atLeast0AtMost del: sum.cl_ivl_Suc) done also have "\ = (\i\n. of_nat (n choose i) * pochhammer a i * pochhammer b (Suc n - i))" using Suc by (intro sum.mono_neutral_right) (auto simp: not_le binomial_eq_0) @@ -641,12 +649,11 @@ using assms of_nat_0_le_iff order_trans by blast have "(a / of_nat k :: 'a) ^ k = (\i = 0.. \ a gchoose k" (* FIXME *) - unfolding gbinomial_altdef_of_nat - apply (safe intro!: prod_mono) - apply simp_all - prefer 2 - subgoal premises for i + also have "\ \ a gchoose k" + proof - + have "\i. i < k \ 0 \ a / of_nat k" + by (simp add: x zero_le_divide_iff) + moreover have "a / of_nat k \ (a - of_nat i) / of_nat (k - i)" if "i < k" for i proof - from assms have "a * of_nat i \ of_nat (i * k)" by (metis mult.commute mult_le_cancel_right of_nat_less_0_iff of_nat_mult) @@ -655,12 +662,14 @@ then have "a * of_nat (k - i) \ (a - of_nat i) * of_nat k" using \i < k\ by (simp add: algebra_simps zero_less_mult_iff of_nat_diff) then have "a * of_nat (k - i) \ (a - of_nat i) * (of_nat k :: 'a)" - by (simp only: of_nat_mult[symmetric] of_nat_le_iff) + by blast with assms show ?thesis using \i < k\ by (simp add: field_simps) qed - apply (simp add: x zero_le_divide_iff) - done + ultimately show ?thesis + unfolding gbinomial_altdef_of_nat + by (intro prod_mono) auto + qed finally show ?thesis . qed @@ -919,12 +928,16 @@ lemma gbinomial_partial_sum_poly_xpos: "(\k\m. (of_nat m + a gchoose k) * x^k * y^(m-k)) = - (\k\m. (of_nat k + a - 1 gchoose k) * x^k * (x + y)^(m-k))" - apply (subst gbinomial_partial_sum_poly) - apply (subst gbinomial_negated_upper) - apply (intro sum.cong, rule refl) - apply (simp add: power_mult_distrib [symmetric]) - done + (\k\m. (of_nat k + a - 1 gchoose k) * x^k * (x + y)^(m-k))" (is "?lhs = ?rhs") +proof - + have "?lhs = (\k\m. (- a gchoose k) * (- x) ^ k * (x + y) ^ (m - k))" + by (simp add: gbinomial_partial_sum_poly) + also have "... = (\k\m. (-1) ^ k * (of_nat k - - a - 1 gchoose k) * (- x) ^ k * (x + y) ^ (m - k))" + by (metis (no_types, hide_lams) gbinomial_negated_upper) + also have "... = ?rhs" + by (intro sum.cong) (auto simp flip: power_mult_distrib) + finally show ?thesis . +qed lemma binomial_r_part_sum: "(\k\m. (2 * m + 1 choose k)) = 2 ^ (2 * m)" proof - @@ -1012,12 +1025,12 @@ by (subst binomial_fact_lemma [symmetric]) auto lemma choose_dvd: - "k \ n \ fact k * fact (n - k) dvd (fact n :: 'a::linordered_semidom)" + assumes "k \ n" shows "fact k * fact (n - k) dvd (fact n :: 'a::linordered_semidom)" unfolding dvd_def - apply (rule exI [where x="of_nat (n choose k)"]) - using binomial_fact_lemma [of k n, THEN arg_cong [where f = of_nat and 'b='a]] - apply auto - done +proof + show "fact n = fact k * fact (n - k) * of_nat (n choose k)" + by (metis assms binomial_fact_lemma of_nat_fact of_nat_mult) +qed lemma fact_fact_dvd_fact: "fact k * fact n dvd (fact (k + n) :: 'a::linordered_semidom)" @@ -1030,11 +1043,14 @@ have "?lhs = fact (m + r + k) div (fact (m + k) * fact (m + r - m)) * (fact (m + k) div (fact k * fact m))" by (simp add: binomial_altdef_nat) - also have "\ = fact (m + r + k) div (fact r * (fact k * fact m))" + also have "... = fact (m + r + k) * fact (m + k) div + (fact (m + k) * fact (m + r - m) * (fact k * fact m))" apply (subst div_mult_div_if_dvd) - apply (auto simp: algebra_simps fact_fact_dvd_fact) + apply (auto simp: algebra_simps fact_fact_dvd_fact) apply (metis add.assoc add.commute fact_fact_dvd_fact) done + also have "\ = fact (m + r + k) div (fact r * (fact k * fact m))" + by (auto simp: algebra_simps fact_fact_dvd_fact) also have "\ = (fact (m + r + k) * fact (m + r)) div (fact r * (fact k * fact m) * fact (m + r))" apply (subst div_mult_div_if_dvd [symmetric]) apply (auto simp add: algebra_simps) diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Fields.thy --- a/src/HOL/Fields.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Fields.thy Mon Apr 06 22:29:40 2020 +0200 @@ -125,11 +125,14 @@ qed lemma inverse_zero_imp_zero: - "inverse a = 0 \ a = 0" -apply (rule classical) -apply (drule nonzero_imp_inverse_nonzero) -apply auto -done + assumes "inverse a = 0" shows "a = 0" +proof (rule ccontr) + assume "a \ 0" + then have "inverse a \ 0" + by (simp add: nonzero_imp_inverse_nonzero) + with assms show False + by auto +qed lemma inverse_unique: assumes ab: "a * b = 1" @@ -209,10 +212,10 @@ lemma minus_divide_left: "- (a / b) = (-a) / b" by (simp add: divide_inverse) -lemma nonzero_minus_divide_right: "b \ 0 ==> - (a / b) = a / (- b)" +lemma nonzero_minus_divide_right: "b \ 0 \ - (a / b) = a / (- b)" by (simp add: divide_inverse nonzero_inverse_minus_eq) -lemma nonzero_minus_divide_divide: "b \ 0 ==> (-a) / (-b) = a / b" +lemma nonzero_minus_divide_divide: "b \ 0 \ (-a) / (-b) = a / b" by (simp add: divide_inverse nonzero_inverse_minus_eq) lemma divide_minus_left [simp]: "(-a) / b = - (a / b)" @@ -712,10 +715,16 @@ qed lemma inverse_less_imp_less: - "inverse a < inverse b \ 0 < a \ b < a" -apply (simp add: less_le [of "inverse a"] less_le [of "b"]) -apply (force dest!: inverse_le_imp_le nonzero_inverse_eq_imp_eq) -done + assumes "inverse a < inverse b" "0 < a" + shows "b < a" +proof - + have "a \ b" + using assms by (simp add: less_le) + moreover have "b \ a" + using assms by (force simp: less_le dest: inverse_le_imp_le) + ultimately show ?thesis + by (simp add: less_le) +qed text\Both premises are essential. Consider -1 and 1.\ lemma inverse_less_iff_less [simp]: @@ -734,41 +743,44 @@ text\These results refer to both operands being negative. The opposite-sign case is trivial, since inverse preserves signs.\ lemma inverse_le_imp_le_neg: - "inverse a \ inverse b \ b < 0 \ b \ a" -apply (rule classical) -apply (subgoal_tac "a < 0") - prefer 2 apply force -apply (insert inverse_le_imp_le [of "-b" "-a"]) -apply (simp add: nonzero_inverse_minus_eq) -done + assumes "inverse a \ inverse b" "b < 0" + shows "b \ a" +proof (rule classical) + assume "\ b \ a" + with \b < 0\ have "a < 0" + by force + with assms show "b \ a" + using inverse_le_imp_le [of "-b" "-a"] by (simp add: nonzero_inverse_minus_eq) +qed lemma less_imp_inverse_less_neg: - "a < b \ b < 0 \ inverse b < inverse a" -apply (subgoal_tac "a < 0") - prefer 2 apply (blast intro: less_trans) -apply (insert less_imp_inverse_less [of "-b" "-a"]) -apply (simp add: nonzero_inverse_minus_eq) -done + assumes "a < b" "b < 0" + shows "inverse b < inverse a" +proof - + have "a < 0" + using assms by (blast intro: less_trans) + with less_imp_inverse_less [of "-b" "-a"] show ?thesis + by (simp add: nonzero_inverse_minus_eq assms) +qed lemma inverse_less_imp_less_neg: - "inverse a < inverse b \ b < 0 \ b < a" -apply (rule classical) -apply (subgoal_tac "a < 0") - prefer 2 - apply force -apply (insert inverse_less_imp_less [of "-b" "-a"]) -apply (simp add: nonzero_inverse_minus_eq) -done + assumes "inverse a < inverse b" "b < 0" + shows "b < a" +proof (rule classical) + assume "\ b < a" + with \b < 0\ have "a < 0" + by force + with inverse_less_imp_less [of "-b" "-a"] show ?thesis + by (simp add: nonzero_inverse_minus_eq assms) +qed lemma inverse_less_iff_less_neg [simp]: "a < 0 \ b < 0 \ inverse a < inverse b \ b < a" -apply (insert inverse_less_iff_less [of "-b" "-a"]) -apply (simp del: inverse_less_iff_less - add: nonzero_inverse_minus_eq) -done + using inverse_less_iff_less [of "-b" "-a"] + by (simp del: inverse_less_iff_less add: nonzero_inverse_minus_eq) lemma le_imp_inverse_le_neg: - "a \ b \ b < 0 ==> inverse b \ inverse a" + "a \ b \ b < 0 \ inverse b \ inverse a" by (force simp add: le_less less_imp_inverse_less_neg) lemma inverse_le_iff_le_neg [simp]: @@ -907,113 +919,125 @@ by (subst le_iff_diff_le_0) (simp add: diff_frac_eq ) lemma divide_pos_pos[simp]: - "0 < x ==> 0 < y ==> 0 < x / y" + "0 < x \ 0 < y \ 0 < x / y" by(simp add:field_simps) lemma divide_nonneg_pos: - "0 <= x ==> 0 < y ==> 0 <= x / y" + "0 \ x \ 0 < y \ 0 \ x / y" by(simp add:field_simps) lemma divide_neg_pos: - "x < 0 ==> 0 < y ==> x / y < 0" -by(simp add:field_simps) + "x < 0 \ 0 < y \ x / y < 0" + by(simp add:field_simps) lemma divide_nonpos_pos: - "x <= 0 ==> 0 < y ==> x / y <= 0" -by(simp add:field_simps) + "x \ 0 \ 0 < y \ x / y \ 0" + by(simp add:field_simps) lemma divide_pos_neg: - "0 < x ==> y < 0 ==> x / y < 0" -by(simp add:field_simps) + "0 < x \ y < 0 \ x / y < 0" + by(simp add:field_simps) lemma divide_nonneg_neg: - "0 <= x ==> y < 0 ==> x / y <= 0" -by(simp add:field_simps) + "0 \ x \ y < 0 \ x / y \ 0" + by(simp add:field_simps) lemma divide_neg_neg: - "x < 0 ==> y < 0 ==> 0 < x / y" -by(simp add:field_simps) + "x < 0 \ y < 0 \ 0 < x / y" + by(simp add:field_simps) lemma divide_nonpos_neg: - "x <= 0 ==> y < 0 ==> 0 <= x / y" -by(simp add:field_simps) + "x \ 0 \ y < 0 \ 0 \ x / y" + by(simp add:field_simps) lemma divide_strict_right_mono: - "[|a < b; 0 < c|] ==> a / c < b / c" -by (simp add: less_imp_not_eq2 divide_inverse mult_strict_right_mono - positive_imp_inverse_positive) + "\a < b; 0 < c\ \ a / c < b / c" + by (simp add: less_imp_not_eq2 divide_inverse mult_strict_right_mono + positive_imp_inverse_positive) lemma divide_strict_right_mono_neg: - "[|b < a; c < 0|] ==> a / c < b / c" -apply (drule divide_strict_right_mono [of _ _ "-c"], simp) -apply (simp add: less_imp_not_eq nonzero_minus_divide_right [symmetric]) -done + assumes "b < a" "c < 0" shows "a / c < b / c" +proof - + have "b / - c < a / - c" + by (rule divide_strict_right_mono) (use assms in auto) + then show ?thesis + by (simp add: less_imp_not_eq) +qed text\The last premise ensures that \<^term>\a\ and \<^term>\b\ have the same sign\ lemma divide_strict_left_mono: - "[|b < a; 0 < c; 0 < a*b|] ==> c / a < c / b" + "\b < a; 0 < c; 0 < a*b\ \ c / a < c / b" by (auto simp: field_simps zero_less_mult_iff mult_strict_right_mono) lemma divide_left_mono: - "[|b \ a; 0 \ c; 0 < a*b|] ==> c / a \ c / b" + "\b \ a; 0 \ c; 0 < a*b\ \ c / a \ c / b" by (auto simp: field_simps zero_less_mult_iff mult_right_mono) lemma divide_strict_left_mono_neg: - "[|a < b; c < 0; 0 < a*b|] ==> c / a < c / b" + "\a < b; c < 0; 0 < a*b\ \ c / a < c / b" by (auto simp: field_simps zero_less_mult_iff mult_strict_right_mono_neg) -lemma mult_imp_div_pos_le: "0 < y ==> x <= z * y ==> - x / y <= z" +lemma mult_imp_div_pos_le: "0 < y \ x \ z * y \ x / y \ z" by (subst pos_divide_le_eq, assumption+) -lemma mult_imp_le_div_pos: "0 < y ==> z * y <= x ==> - z <= x / y" +lemma mult_imp_le_div_pos: "0 < y \ z * y \ x \ z \ x / y" by(simp add:field_simps) -lemma mult_imp_div_pos_less: "0 < y ==> x < z * y ==> - x / y < z" +lemma mult_imp_div_pos_less: "0 < y \ x < z * y \ x / y < z" by(simp add:field_simps) -lemma mult_imp_less_div_pos: "0 < y ==> z * y < x ==> - z < x / y" +lemma mult_imp_less_div_pos: "0 < y \ z * y < x \ z < x / y" by(simp add:field_simps) -lemma frac_le: "0 <= x ==> - x <= y ==> 0 < w ==> w <= z ==> x / z <= y / w" - apply (rule mult_imp_div_pos_le) - apply simp - apply (subst times_divide_eq_left) - apply (rule mult_imp_le_div_pos, assumption) - apply (rule mult_mono) - apply simp_all -done +lemma frac_le: + assumes "0 \ y" "x \ y" "0 < w" "w \ z" + shows "x / z \ y / w" +proof (rule mult_imp_div_pos_le) + show "z > 0" + using assms by simp + have "x \ y * z / w" + proof (rule mult_imp_le_div_pos [OF \0 < w\]) + show "x * w \ y * z" + using assms by (auto intro: mult_mono) + qed + also have "... = y / w * z" + by simp + finally show "x \ y / w * z" . +qed -lemma frac_less: "0 <= x ==> - x < y ==> 0 < w ==> w <= z ==> x / z < y / w" - apply (rule mult_imp_div_pos_less) - apply simp - apply (subst times_divide_eq_left) - apply (rule mult_imp_less_div_pos, assumption) - apply (erule mult_less_le_imp_less) - apply simp_all -done +lemma frac_less: + assumes "0 \ x" "x < y" "0 < w" "w \ z" + shows "x / z < y / w" +proof (rule mult_imp_div_pos_less) + show "z > 0" + using assms by simp + have "x < y * z / w" + proof (rule mult_imp_less_div_pos [OF \0 < w\]) + show "x * w < y * z" + using assms by (auto intro: mult_less_le_imp_less) + qed + also have "... = y / w * z" + by simp + finally show "x < y / w * z" . +qed -lemma frac_less2: "0 < x ==> - x <= y ==> 0 < w ==> w < z ==> x / z < y / w" - apply (rule mult_imp_div_pos_less) - apply simp_all - apply (rule mult_imp_less_div_pos, assumption) - apply (erule mult_le_less_imp_less) - apply simp_all -done +lemma frac_less2: + assumes "0 < x" "x \ y" "0 < w" "w < z" + shows "x / z < y / w" +proof (rule mult_imp_div_pos_less) + show "z > 0" + using assms by simp + show "x < y / w * z" + using assms by (force intro: mult_imp_less_div_pos mult_le_less_imp_less) +qed -lemma less_half_sum: "a < b ==> a < (a+b) / (1+1)" -by (simp add: field_simps zero_less_two) +lemma less_half_sum: "a < b \ a < (a+b) / (1+1)" + by (simp add: field_simps zero_less_two) -lemma gt_half_sum: "a < b ==> (a+b)/(1+1) < b" -by (simp add: field_simps zero_less_two) +lemma gt_half_sum: "a < b \ (a+b)/(1+1) < b" + by (simp add: field_simps zero_less_two) subclass unbounded_dense_linorder proof @@ -1037,11 +1061,11 @@ by (cases b 0 rule: linorder_cases) simp_all lemma nonzero_abs_inverse: - "a \ 0 ==> \inverse a\ = inverse \a\" + "a \ 0 \ \inverse a\ = inverse \a\" by (rule abs_inverse) lemma nonzero_abs_divide: - "b \ 0 ==> \a / b\ = \a\ / \b\" + "b \ 0 \ \a / b\ = \a\ / \b\" by (rule abs_divide) lemma field_le_epsilon: @@ -1055,24 +1079,24 @@ then show "t \ y" by (simp add: algebra_simps) qed -lemma inverse_positive_iff_positive [simp]: - "(0 < inverse a) = (0 < a)" -apply (cases "a = 0", simp) -apply (blast intro: inverse_positive_imp_positive positive_imp_inverse_positive) -done +lemma inverse_positive_iff_positive [simp]: "(0 < inverse a) = (0 < a)" +proof (cases "a = 0") + case False + then show ?thesis + by (blast intro: inverse_positive_imp_positive positive_imp_inverse_positive) +qed auto -lemma inverse_negative_iff_negative [simp]: - "(inverse a < 0) = (a < 0)" -apply (cases "a = 0", simp) -apply (blast intro: inverse_negative_imp_negative negative_imp_inverse_negative) -done +lemma inverse_negative_iff_negative [simp]: "(inverse a < 0) = (a < 0)" +proof (cases "a = 0") + case False + then show ?thesis + by (blast intro: inverse_negative_imp_negative negative_imp_inverse_negative) +qed auto -lemma inverse_nonnegative_iff_nonnegative [simp]: - "0 \ inverse a \ 0 \ a" +lemma inverse_nonnegative_iff_nonnegative [simp]: "0 \ inverse a \ 0 \ a" by (simp add: not_less [symmetric]) -lemma inverse_nonpositive_iff_nonpositive [simp]: - "inverse a \ 0 \ a \ 0" +lemma inverse_nonpositive_iff_nonpositive [simp]: "inverse a \ 0 \ a \ 0" by (simp add: not_less [symmetric]) lemma one_less_inverse_iff: "1 < inverse x \ 0 < x \ x < 1" @@ -1144,20 +1168,14 @@ by (simp add: divide_less_0_iff) lemma divide_right_mono: - "[|a \ b; 0 \ c|] ==> a/c \ b/c" -by (force simp add: divide_strict_right_mono le_less) + "\a \ b; 0 \ c\ \ a/c \ b/c" + by (force simp add: divide_strict_right_mono le_less) -lemma divide_right_mono_neg: "a <= b - ==> c <= 0 ==> b / c <= a / c" -apply (drule divide_right_mono [of _ _ "- c"]) -apply auto -done +lemma divide_right_mono_neg: "a \ b \ c \ 0 \ b / c \ a / c" + by (auto dest: divide_right_mono [of _ _ "- c"]) -lemma divide_left_mono_neg: "a <= b - ==> c <= 0 ==> 0 < a * b ==> c / a <= c / b" - apply (drule divide_left_mono [of _ _ "- c"]) - apply (auto simp add: mult.commute) -done +lemma divide_left_mono_neg: "a \ b \ c \ 0 \ 0 < a * b \ c / a \ c / b" + by (auto simp add: mult.commute dest: divide_left_mono [of _ _ "- c"]) lemma inverse_le_iff: "inverse a \ inverse b \ (0 < a * b \ b \ a) \ (a * b \ 0 \ a \ b)" by (cases a 0 b 0 rule: linorder_cases[case_product linorder_cases]) @@ -1176,19 +1194,19 @@ lemma le_divide_eq_1: "(1 \ b / a) = ((0 < a \ a \ b) \ (a < 0 \ b \ a))" -by (auto simp add: le_divide_eq) + by (auto simp add: le_divide_eq) lemma divide_le_eq_1: "(b / a \ 1) = ((0 < a \ b \ a) \ (a < 0 \ a \ b) \ a=0)" -by (auto simp add: divide_le_eq) + by (auto simp add: divide_le_eq) lemma less_divide_eq_1: "(1 < b / a) = ((0 < a \ a < b) \ (a < 0 \ b < a))" -by (auto simp add: less_divide_eq) + by (auto simp add: less_divide_eq) lemma divide_less_eq_1: "(b / a < 1) = ((0 < a \ b < a) \ (a < 0 \ a < b) \ a=0)" -by (auto simp add: divide_less_eq) + by (auto simp add: divide_less_eq) lemma divide_nonneg_nonneg [simp]: "0 \ x \ 0 \ y \ 0 \ x / y" @@ -1210,55 +1228,52 @@ lemma le_divide_eq_1_pos [simp]: "0 < a \ (1 \ b/a) = (a \ b)" -by (auto simp add: le_divide_eq) + by (auto simp add: le_divide_eq) lemma le_divide_eq_1_neg [simp]: "a < 0 \ (1 \ b/a) = (b \ a)" -by (auto simp add: le_divide_eq) + by (auto simp add: le_divide_eq) lemma divide_le_eq_1_pos [simp]: "0 < a \ (b/a \ 1) = (b \ a)" -by (auto simp add: divide_le_eq) + by (auto simp add: divide_le_eq) lemma divide_le_eq_1_neg [simp]: "a < 0 \ (b/a \ 1) = (a \ b)" -by (auto simp add: divide_le_eq) + by (auto simp add: divide_le_eq) lemma less_divide_eq_1_pos [simp]: "0 < a \ (1 < b/a) = (a < b)" -by (auto simp add: less_divide_eq) + by (auto simp add: less_divide_eq) lemma less_divide_eq_1_neg [simp]: "a < 0 \ (1 < b/a) = (b < a)" -by (auto simp add: less_divide_eq) + by (auto simp add: less_divide_eq) lemma divide_less_eq_1_pos [simp]: "0 < a \ (b/a < 1) = (b < a)" -by (auto simp add: divide_less_eq) + by (auto simp add: divide_less_eq) lemma divide_less_eq_1_neg [simp]: "a < 0 \ b/a < 1 \ a < b" -by (auto simp add: divide_less_eq) + by (auto simp add: divide_less_eq) lemma eq_divide_eq_1 [simp]: "(1 = b/a) = ((a \ 0 \ a = b))" -by (auto simp add: eq_divide_eq) + by (auto simp add: eq_divide_eq) lemma divide_eq_eq_1 [simp]: "(b/a = 1) = ((a \ 0 \ a = b))" -by (auto simp add: divide_eq_eq) + by (auto simp add: divide_eq_eq) -lemma abs_div_pos: "0 < y ==> - \x\ / y = \x / y\" - apply (subst abs_divide) - apply (simp add: order_less_imp_le) -done +lemma abs_div_pos: "0 < y \ \x\ / y = \x / y\" + by (simp add: order_less_imp_le) lemma zero_le_divide_abs_iff [simp]: "(0 \ a / \b\) = (0 \ a \ b = 0)" -by (auto simp: zero_le_divide_iff) + by (auto simp: zero_le_divide_iff) lemma divide_le_0_abs_iff [simp]: "(a / \b\ \ 0) = (a \ 0 \ b = 0)" -by (auto simp: divide_le_0_iff) + by (auto simp: divide_le_0_iff) lemma field_le_mult_one_interval: assumes *: "\z. \ 0 < z ; z < 1 \ \ z * x \ y" @@ -1279,13 +1294,14 @@ text\For creating values between \<^term>\u\ and \<^term>\v\.\ lemma scaling_mono: assumes "u \ v" "0 \ r" "r \ s" - shows "u + r * (v - u) / s \ v" + shows "u + r * (v - u) / s \ v" proof - have "r/s \ 1" using assms using divide_le_eq_1 by fastforce - then have "(r/s) * (v - u) \ 1 * (v - u)" - apply (rule mult_right_mono) + moreover have "0 \ v - u" using assms by simp + ultimately have "(r/s) * (v - u) \ 1 * (v - u)" + by (rule mult_right_mono) then show ?thesis by (simp add: field_simps) qed diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Hilbert_Choice.thy --- a/src/HOL/Hilbert_Choice.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Hilbert_Choice.thy Mon Apr 06 22:29:40 2020 +0200 @@ -49,27 +49,25 @@ using ext[of P Q, OF assms] by simp text \ - Easier to apply than \someI\ if the witness comes from an + Easier to use than \someI\ if the witness comes from an existential formula. \ lemma someI_ex [elim?]: "\x. P x \ P (SOME x. P x)" - apply (erule exE) - apply (erule someI) - done + by (elim exE someI) lemma some_eq_imp: assumes "Eps P = a" "P b" shows "P a" using assms someI_ex by force text \ - Easier to apply than \someI\ because the conclusion has only one + Easier to use than \someI\ because the conclusion has only one occurrence of \<^term>\P\. \ lemma someI2: "P a \ (\x. P x \ Q x) \ Q (SOME x. P x)" by (blast intro: someI) text \ - Easier to apply than \someI2\ if the witness comes from an + Easier to use than \someI2\ if the witness comes from an existential formula. \ lemma someI2_ex: "\a. P a \ (\x. P x \ Q x) \ Q (SOME x. P x)" @@ -94,10 +92,7 @@ by (rule some_equality) (rule refl) lemma some_sym_eq_trivial [simp]: "(SOME y. x = y) = x" - apply (rule some_equality) - apply (rule refl) - apply (erule sym) - done + by (iprover intro: some_equality) subsection \Axiom of Choice, Proved Using the Description Operator\ @@ -240,11 +235,16 @@ lemma surj_iff_all: "surj f \ (\x. f (inv f x) = x)" by (simp add: o_def surj_iff fun_eq_iff) -lemma surj_imp_inv_eq: "surj f \ \x. g (f x) = x \ inv f = g" - apply (rule ext) - apply (drule_tac x = "inv f x" in spec) - apply (simp add: surj_f_inv_f) - done +lemma surj_imp_inv_eq: + assumes "surj f" and gf: "\x. g (f x) = x" + shows "inv f = g" +proof (rule ext) + fix x + have "g (f (inv f x)) = inv f x" + by (rule gf) + then show "inv f x = g x" + by (simp add: surj_f_inv_f \surj f\) +qed lemma bij_imp_bij_inv: "bij f \ bij (inv f)" by (simp add: bij_def inj_imp_surj_inv surj_imp_inj_inv) @@ -266,11 +266,7 @@ lemma inv_into_comp: "inj_on f (g ` A) \ inj_on g A \ x \ f ` g ` A \ inv_into A (f \ g) x = (inv_into A g \ inv_into (g ` A) f) x" - apply (rule inv_into_f_eq) - apply (fast intro: comp_inj_on) - apply (simp add: inv_into_into) - apply (simp add: f_inv_into_f inv_into_into) - done + by (auto simp: f_inv_into_f inv_into_into intro: inv_into_f_eq comp_inj_on) lemma o_inv_distrib: "bij f \ bij g \ inv (f \ g) = inv g \ inv f" by (rule inv_equality) (auto simp add: bij_def surj_f_inv_f) @@ -281,16 +277,25 @@ lemma image_inv_f_f: "inj f \ inv f ` (f ` A) = A" by simp -lemma bij_image_Collect_eq: "bij f \ f ` Collect P = {y. P (inv f y)}" - apply auto - apply (force simp add: bij_is_inj) - apply (blast intro: bij_is_surj [THEN surj_f_inv_f, symmetric]) - done +lemma bij_image_Collect_eq: + assumes "bij f" + shows "f ` Collect P = {y. P (inv f y)}" +proof + show "f ` Collect P \ {y. P (inv f y)}" + using assms by (force simp add: bij_is_inj) + show "{y. P (inv f y)} \ f ` Collect P" + using assms by (blast intro: bij_is_surj [THEN surj_f_inv_f, symmetric]) +qed -lemma bij_vimage_eq_inv_image: "bij f \ f -` A = inv f ` A" - apply (auto simp add: bij_is_surj [THEN surj_f_inv_f]) - apply (blast intro: bij_is_inj [THEN inv_into_f_f, symmetric]) - done +lemma bij_vimage_eq_inv_image: + assumes "bij f" + shows "f -` A = inv f ` A" +proof + show "f -` A \ inv f ` A" + using assms by (blast intro: bij_is_inj [THEN inv_into_f_f, symmetric]) + show "inv f ` A \ f -` A" + using assms by (auto simp add: bij_is_surj [THEN surj_f_inv_f]) +qed lemma inv_fn_o_fn_is_id: fixes f::"'a \ 'a" @@ -338,11 +343,16 @@ shows "inv (f^^n) = ((inv f)^^n)" proof - have "inv (f^^n) x = ((inv f)^^n) x" for x - apply (rule inv_into_f_eq, auto simp add: inj_fn[OF bij_is_inj[OF assms]]) - using fn_o_inv_fn_is_id[OF assms, of n, THEN fun_cong] by (simp) + proof (rule inv_into_f_eq) + show "inj (f ^^ n)" + by (simp add: inj_fn[OF bij_is_inj [OF assms]]) + show "(f ^^ n) ((inv f ^^ n) x) = x" + using fn_o_inv_fn_is_id[OF assms, THEN fun_cong] by force + qed auto then show ?thesis by auto qed + lemma mono_inv: fixes f::"'a::linorder \ 'b::linorder" assumes "mono f" "bij f" @@ -746,13 +756,16 @@ qed then have "N \ card (f N)" by simp also have "\ \ card S" using S by (intro card_mono) - finally have "f (card S) = f N" using eq by auto - then show ?thesis - using eq inj [of N] - apply auto - apply (case_tac "n < N") - apply (auto simp: not_less) - done + finally have \
: "f (card S) = f N" using eq by auto + moreover have "\ (range f) \ f N" + proof clarify + fix x n + assume "x \ f n" + with eq inj [of N] show "x \ f N" + by (cases "n < N") (auto simp: not_less) + qed + ultimately show ?thesis + by auto qed @@ -822,28 +835,13 @@ case True with infinite have "\ finite (A - {a})" by auto with infinite_iff_countable_subset[of "A - {a}"] - obtain f :: "nat \ 'a" where 1: "inj f" and 2: "f ` UNIV \ A - {a}" by blast + obtain f :: "nat \ 'a" where "inj f" and f: "f ` UNIV \ A - {a}" by blast define g where "g n = (if n = 0 then a else f (Suc n))" for n define A' where "A' = g ` UNIV" - have *: "\y. f y \ a" using 2 by blast + have *: "\y. f y \ a" using f by blast have 3: "inj_on g UNIV \ g ` UNIV \ A \ a \ g ` UNIV" - apply (auto simp add: True g_def [abs_def]) - apply (unfold inj_on_def) - apply (intro ballI impI) - apply (case_tac "x = 0") - apply (auto simp add: 2) - proof - - fix y - assume "a = (if y = 0 then a else f (Suc y))" - then show "y = 0" by (cases "y = 0") (use * in auto) - next - fix x y - assume "f (Suc x) = (if y = 0 then a else f (Suc y))" - with 1 * show "x = y" by (cases "y = 0") (auto simp: inj_on_def) - next - fix n - from 2 show "f (Suc n) \ A" by blast - qed + using \inj f\ f * unfolding inj_on_def g_def + by (auto simp add: True image_subset_iff) then have 4: "bij_betw g UNIV A' \ a \ A' \ A' \ A" using inj_on_imp_bij_betw[of g] by (auto simp: A'_def) then have 5: "bij_betw (inv g) A' UNIV" @@ -852,38 +850,14 @@ have 6: "bij_betw g (UNIV - {n}) (A' - {a})" by (rule bij_betw_subset) (use 3 4 n in \auto simp: image_set_diff A'_def\) define v where "v m = (if m < n then m else Suc m)" for m - have 7: "bij_betw v UNIV (UNIV - {n})" - proof (unfold bij_betw_def inj_on_def, intro conjI, clarify) - fix m1 m2 - assume "v m1 = v m2" - then show "m1 = m2" - apply (cases "m1 < n") - apply (cases "m2 < n") - apply (auto simp: inj_on_def v_def [abs_def]) - apply (cases "m2 < n") - apply auto - done - next - show "v ` UNIV = UNIV - {n}" - proof (auto simp: v_def [abs_def]) - fix m - assume "m \ n" - assume *: "m \ Suc ` {m'. \ m' < n}" - have False if "n \ m" - proof - - from \m \ n\ that have **: "Suc n \ m" by auto - from Suc_le_D [OF this] obtain m' where m': "m = Suc m'" .. - with ** have "n \ m'" by auto - with m' * show ?thesis by auto - qed - then show "m < n" by force - qed - qed + have "m < n \ m = n" if "\k. k < n \ m \ Suc k" for m + using that [of "m-1"] by auto + then have 7: "bij_betw v UNIV (UNIV - {n})" + unfolding bij_betw_def inj_on_def v_def by auto define h' where "h' = g \ v \ (inv g)" with 5 6 7 have 8: "bij_betw h' A' (A' - {a})" by (auto simp add: bij_betw_trans) define h where "h b = (if b \ A' then h' b else b)" for b - then have "\b \ A'. h b = h' b" by simp with 8 have "bij_betw h A' (A' - {a})" using bij_betw_cong[of A' h] by auto moreover @@ -943,14 +917,14 @@ lemma Sup_Inf: "\ (Inf ` A) = \ (Sup ` {f ` A |f. \B\A. f B \ B})" proof (rule antisym) show "\ (Inf ` A) \ \ (Sup ` {f ` A |f. \B\A. f B \ B})" - apply (rule Sup_least, rule INF_greatest) - using Inf_lower2 Sup_upper by auto + using Inf_lower2 Sup_upper + by (fastforce simp add: intro: Sup_least INF_greatest) next show "\ (Sup ` {f ` A |f. \B\A. f B \ B}) \ \ (Inf ` A)" proof (simp add: Inf_Sup, rule SUP_least, simp, safe) fix f assume "\Y. (\f. Y = f ` A \ (\Y\A. f Y \ Y)) \ f Y \ Y" - from this have B: "\ F . (\ Y \ A . F Y \ Y) \ \ Z \ A . f (F ` A) = F Z" + then have B: "\ F . (\ Y \ A . F Y \ Y) \ \ Z \ A . f (F ` A) = F Z" by auto show "\(f ` {f ` A |f. \Y\A. f Y \ Y}) \ \(Inf ` A)" proof (cases "\ Z \ A . \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ Inf Z") @@ -963,21 +937,20 @@ by simp next case False - from this have X: "\ Z . Z \ A \ \ x . x \ Z \ \ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ x" + then have X: "\ Z . Z \ A \ \ x . x \ Z \ \ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ x" using Inf_greatest by blast define F where "F = (\ Z . SOME x . x \ Z \ \ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ x)" - have C: "\ Y . Y \ A \ F Y \ Y" + have C: "\Y. Y \ A \ F Y \ Y" using X by (simp add: F_def, rule someI2_ex, auto) - have E: "\ Y . Y \ A \ \ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ F Y" + have E: "\Y. Y \ A \ \ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ F Y" using X by (simp add: F_def, rule someI2_ex, auto) from C and B obtain Z where D: "Z \ A " and Y: "f (F ` A) = F Z" by blast from E and D have W: "\ \(f ` {f ` A |f. \Y\A. f Y \ Y}) \ F Z" by simp have "\(f ` {f ` A |f. \Y\A. f Y \ Y}) \ f (F ` A)" - apply (rule INF_lower) - using C by blast - from this and W and Y show ?thesis + using C by (blast intro: INF_lower) + with W Y show ?thesis by simp qed qed @@ -985,15 +958,13 @@ lemma dual_complete_distrib_lattice: "class.complete_distrib_lattice Sup Inf sup (\) (>) inf \ \" - apply (rule class.complete_distrib_lattice.intro) - apply (fact dual_complete_lattice) - by (simp add: class.complete_distrib_lattice_axioms_def Sup_Inf) + by (simp add: class.complete_distrib_lattice.intro [OF dual_complete_lattice] + class.complete_distrib_lattice_axioms_def Sup_Inf) lemma sup_Inf: "a \ \B = \((\) a ` B)" proof (rule antisym) show "a \ \B \ \((\) a ` B)" - apply (rule INF_greatest) - using Inf_lower sup.mono by fastforce + using Inf_lower sup.mono by (fastforce intro: INF_greatest) next have "\((\) a ` B) \ \(Sup ` {{f {a}, f B} |f. f {a} = a \ f B \ B})" by (rule INF_greatest, auto simp add: INF_lower) @@ -1034,8 +1005,7 @@ have "(INF x\{uu. \y. uu = {uu. \x. uu = P x y}}. f x) \ f {uu. \x. uu = P x y}" by (rule INF_lower, blast) also have "... \ P (SOME x. f {uu . \x. uu = P x y} = P x y) y" - apply (rule someI2_ex) - using A by auto + by (rule someI2_ex) (use A in auto) finally show "\(f ` {uu. \y. uu = {uu. \x. uu = P x y}}) \ P (SOME x. f {uu. \x. uu = P x y} = P x y) y" by simp @@ -1050,70 +1020,46 @@ qed lemma INF_SUP_set: "(\B\A. \(g ` B)) = (\B\{f ` A |f. \C\A. f C \ C}. \(g ` B))" + (is "_ = (\B\?F. _)") proof (rule antisym) - have "\ ((g \ f) ` A) \ \ (g ` B)" if "\B. B \ A \ f B \ B" and "B \ A" - for f and B + have "\ ((g \ f) ` A) \ \ (g ` B)" if "\B. B \ A \ f B \ B" "B \ A" for f B using that by (auto intro: SUP_upper2 INF_lower2) - then show "(\x\{f ` A |f. \Y\A. f Y \ Y}. \a\x. g a) \ (\x\A. \a\x. g a)" + then show "(\x\?F. \a\x. g a) \ (\x\A. \a\x. g a)" by (auto intro!: SUP_least INF_greatest simp add: image_comp) next - show "(\x\A. \a\x. g a) \ (\x\{f ` A |f. \Y\A. f Y \ Y}. \a\x. g a)" + show "(\x\A. \a\x. g a) \ (\x\?F. \a\x. g a)" proof (cases "{} \ A") case True then show ?thesis by (rule INF_lower2) simp_all next case False - have *: "\f B. B \ A \ f B \ B \ - (\B. if B \ A then if f B \ B then g (f B) else \ else \) \ g (f B)" - by (rule INF_lower2, auto) - have **: "\f B. B \ A \ f B \ B \ - (\B. if B \ A then if f B \ B then g (f B) else \ else \) \ g (SOME x. x \ B)" - by (rule INF_lower2, auto) - have ****: "\f B. B \ A \ - (\B. if B \ A then if f B \ B then g (f B) else \ else \) - \ (if f B \ B then g (f B) else g (SOME x. x \ B))" - by (rule INF_lower2) auto - have ***: "\x. (\B. if B \ A then if x B \ B then g (x B) else \ else \) - \ (\x\{f ` A |f. \Y\A. f Y \ Y}. \x\x. g x)" - proof - - fix x - define F where "F = (\ (y::'b set) . if x y \ y then x y else (SOME x . x \y))" - have B: "(\Y\A. F Y \ Y)" - using False some_in_eq F_def by auto - have A: "F ` A \ {f ` A |f. \Y\A. f Y \ Y}" - using B by blast - show "(\xa. if xa \ A then if x xa \ xa then g (x xa) else \ else \) \ (\x\{f ` A |f. \Y\A. f Y \ Y}. \x\x. g x)" - using A apply (rule SUP_upper2) - apply (rule INF_greatest) - using * ** - apply (auto simp add: F_def) - done - qed - {fix x - have "(\x\A. \x\x. g x) \ (\xa. if x \ A then if xa \ x then g xa else \ else \)" + have "(\x\A. \x\x. g x) \ (\u. if x \ A then if u \ x then g u else \ else \)" proof (cases "x \ A") case True then show ?thesis - apply (rule INF_lower2) - apply (rule SUP_least) - apply (rule SUP_upper2) - apply auto - done - next - case False - then show ?thesis by simp + by (intro INF_lower2 SUP_least SUP_upper2) auto + qed auto + } + then have "(\Y\A. \a\Y. g a) \ (\Y. \y. if Y \ A then if y \ Y then g y else \ else \)" + by (rule INF_greatest) + also have "... = (\x. \Y. if Y \ A then if x Y \ Y then g (x Y) else \ else \)" + by (simp only: INF_SUP) + also have "... \ (\x\?F. \a\x. g a)" + proof (rule SUP_least) + show "(\B. if B \ A then if x B \ B then g (x B) else \ else \) + \ (\x\?F. \x\x. g x)" for x + proof - + define G where "G \ \Y. if x Y \ Y then x Y else (SOME x. x \Y)" + have "\Y\A. G Y \ Y" + using False some_in_eq G_def by auto + then have A: "G ` A \ ?F" + by blast + show "(\Y. if Y \ A then if x Y \ Y then g (x Y) else \ else \) \ (\x\?F. \x\x. g x)" + by (fastforce simp: G_def intro: SUP_upper2 [OF A] INF_greatest INF_lower2) qed - } - from this have "(\x\A. \a\x. g a) \ (\x. \xa. if x \ A then if xa \ x then g xa else \ else \)" - by (rule INF_greatest) - also have "... = (\x. \xa. if xa \ A then if x xa \ xa then g (x xa) else \ else \)" - by (simp only: INF_SUP) - also have "... \ (\x\{f ` A |f. \Y\A. f Y \ Y}. \a\x. g a)" - apply (rule SUP_least) - using *** apply simp - done + qed finally show ?thesis by simp qed qed @@ -1181,22 +1127,15 @@ instance proof (standard, clarsimp) fix A :: "(('a set) set) set" fix x::'a - define F where "F = (\ Y . (SOME X . (Y \ A \ X \ Y \ x \ X)))" - assume A: "\xa\A. \X\xa. x \ X" - - from this have B: " (\xa \ F ` A. x \ xa)" - apply (safe, simp add: F_def) - by (rule someI2_ex, auto) - - have C: "(\Y\A. F Y \ Y)" - apply (simp add: F_def, safe) - apply (rule someI2_ex) - using A by auto - - have "(\f. F ` A = f ` A \ (\Y\A. f Y \ Y))" - using C by blast - - from B and this show "\X. (\f. X = f ` A \ (\Y\A. f Y \ Y)) \ (\xa\X. x \ xa)" + assume A: "\\\A. \X\\. x \ X" + define F where "F \ \Y. SOME X. Y \ A \ X \ Y \ x \ X" + have "(\S \ F ` A. x \ S)" + using A unfolding F_def by (fastforce intro: someI2_ex) + moreover have "\Y\A. F Y \ Y" + using A unfolding F_def by (fastforce intro: someI2_ex) + then have "\f. F ` A = f ` A \ (\Y\A. f Y \ Y)" + by blast + ultimately show "\X. (\f. X = f ` A \ (\Y\A. f Y \ Y)) \ (\S\X. x \ S)" by auto qed end @@ -1212,85 +1151,56 @@ context complete_linorder begin - + subclass complete_distrib_lattice proof (standard, rule ccontr) - fix A - assume "\ \(Sup ` A) \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - then have C: "\(Sup ` A) > \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" + fix A :: "'a set set" + let ?F = "{f ` A |f. \Y\A. f Y \ Y}" + assume "\ \(Sup ` A) \ \(Inf ` ?F)" + then have C: "\(Sup ` A) > \(Inf ` ?F)" by (simp add: not_le) show False - proof (cases "\ z . \(Sup ` A) > z \ z > \(Inf ` {f ` A |f. \Y\A. f Y \ Y})") - case True - from this obtain z where A: "z < \(Sup ` A)" and X: "z > \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - by blast - - from A have "\ Y . Y \ A \ z < Sup Y" - by (simp add: less_INF_D) - - from this have B: "\ Y . Y \ A \ \ k \Y . z < k" - using local.less_Sup_iff by blast - - define F where "F = (\ Y . SOME k . k \ Y \ z < k)" - - have D: "\ Y . Y \ A \ z < F Y" - using B apply (simp add: F_def) - by (rule someI2_ex, auto) + proof (cases "\ z . \(Sup ` A) > z \ z > \(Inf ` ?F)") + case True + then obtain z where A: "z < \(Sup ` A)" and X: "z > \(Inf ` ?F)" + by blast + then have B: "\Y. Y \ A \ \k \Y . z < k" + using local.less_Sup_iff by(force dest: less_INF_D) + + define G where "G \ \Y. SOME k . k \ Y \ z < k" + have E: "\Y. Y \ A \ G Y \ Y" + using B unfolding G_def by (fastforce intro: someI2_ex) + have "z \ Inf (G ` A)" + proof (rule INF_greatest) + show "\Y. Y \ A \ z \ G Y" + using B unfolding G_def by (fastforce intro: someI2_ex) + qed + also have "... \ \(Inf ` ?F)" + by (rule SUP_upper) (use E in blast) + finally have "z \ \(Inf ` ?F)" + by simp - - have E: "\ Y . Y \ A \ F Y \ Y" - using B apply (simp add: F_def) - by (rule someI2_ex, auto) - - have "z \ Inf (F ` A)" - by (simp add: D local.INF_greatest local.order.strict_implies_order) - - also have "... \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - apply (rule SUP_upper, safe) - using E by blast - finally have "z \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - by simp - - from X and this show ?thesis - using local.not_less by blast - next - case False - from this have A: "\ z . \(Sup ` A) \ z \ z \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - using local.le_less_linear by blast - - from C have "\ Y . Y \ A \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y}) < Sup Y" - by (simp add: less_INF_D) - - from this have B: "\ Y . Y \ A \ \ k \Y . \(Inf ` {f ` A |f. \Y\A. f Y \ Y}) < k" - using local.less_Sup_iff by blast - - define F where "F = (\ Y . SOME k . k \ Y \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y}) < k)" - - have D: "\ Y . Y \ A \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y}) < F Y" - using B apply (simp add: F_def) - by (rule someI2_ex, auto) - - have E: "\ Y . Y \ A \ F Y \ Y" - using B apply (simp add: F_def) - by (rule someI2_ex, auto) - - have "\ Y . Y \ A \ \(Sup ` A) \ F Y" - using D False local.leI by blast - - from this have "\(Sup ` A) \ Inf (F ` A)" - by (simp add: local.INF_greatest) - - also have "Inf (F ` A) \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - apply (rule SUP_upper, safe) - using E by blast - - finally have "\(Sup ` A) \ \(Inf ` {f ` A |f. \Y\A. f Y \ Y})" - by simp - - from C and this show ?thesis - using not_less by blast - qed + with X show ?thesis + using local.not_less by blast + next + case False + have B: "\Y. Y \ A \ \ k \Y . \(Inf ` ?F) < k" + using C local.less_Sup_iff by(force dest: less_INF_D) + define G where "G \ \ Y . SOME k . k \ Y \ \(Inf ` ?F) < k" + have E: "\Y. Y \ A \ G Y \ Y" + using B unfolding G_def by (fastforce intro: someI2_ex) + have "\Y. Y \ A \ \(Sup ` A) \ G Y" + using B False local.leI unfolding G_def by (fastforce intro: someI2_ex) + then have "\(Sup ` A) \ Inf (G ` A)" + by (simp add: local.INF_greatest) + also have "Inf (G ` A) \ \(Inf ` ?F)" + by (rule SUP_upper) (use E in blast) + finally have "\(Sup ` A) \ \(Inf ` ?F)" + by simp + with C show ?thesis + using not_less by blast qed +qed end diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Rings.thy --- a/src/HOL/Rings.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Rings.thy Mon Apr 06 22:29:40 2020 +0200 @@ -1975,31 +1975,39 @@ lemma mult_pos_neg2: "0 < a \ b < 0 \ b * a < 0" by (drule mult_strict_right_mono [of b 0]) auto -lemma zero_less_mult_pos: "0 < a * b \ 0 < a \ 0 < b" - apply (cases "b \ 0") - apply (auto simp add: le_less not_less) - apply (drule_tac mult_pos_neg [of a b]) - apply (auto dest: less_not_sym) - done - -lemma zero_less_mult_pos2: "0 < b * a \ 0 < a \ 0 < b" - apply (cases "b \ 0") - apply (auto simp add: le_less not_less) - apply (drule_tac mult_pos_neg2 [of a b]) - apply (auto dest: less_not_sym) - done +lemma zero_less_mult_pos: + assumes "0 < a * b" "0 < a" shows "0 < b" +proof (cases "b \ 0") + case True + then show ?thesis + using assms by (auto simp: le_less dest: less_not_sym mult_pos_neg [of a b]) +qed (auto simp add: le_less not_less) + + +lemma zero_less_mult_pos2: + assumes "0 < b * a" "0 < a" shows "0 < b" +proof (cases "b \ 0") + case True + then show ?thesis + using assms by (auto simp: le_less dest: less_not_sym mult_pos_neg2 [of a b]) +qed (auto simp add: le_less not_less) text \Strict monotonicity in both arguments\ lemma mult_strict_mono: - assumes "a < b" and "c < d" and "0 < b" and "0 \ c" + assumes "a < b" "c < d" "0 < b" "0 \ c" shows "a * c < b * d" - using assms - apply (cases "c = 0") - apply simp - apply (erule mult_strict_right_mono [THEN less_trans]) - apply (auto simp add: le_less) - apply (erule (1) mult_strict_left_mono) - done +proof (cases "c = 0") + case True + with assms show ?thesis + by simp +next + case False + with assms have "a*c < b*c" + by (simp add: mult_strict_right_mono [OF \a < b\]) + also have "\ < b*d" + by (simp add: assms mult_strict_left_mono) + finally show ?thesis . +qed text \This weaker variant has more natural premises\ lemma mult_strict_mono': @@ -2010,24 +2018,24 @@ lemma mult_less_le_imp_less: assumes "a < b" and "c \ d" and "0 \ a" and "0 < c" shows "a * c < b * d" - using assms - apply (subgoal_tac "a * c < b * c") - apply (erule less_le_trans) - apply (erule mult_left_mono) - apply simp - apply (erule (1) mult_strict_right_mono) - done +proof - + have "a * c < b * c" + by (simp add: assms mult_strict_right_mono) + also have "... \ b * d" + by (intro mult_left_mono) (use assms in auto) + finally show ?thesis . +qed lemma mult_le_less_imp_less: assumes "a \ b" and "c < d" and "0 < a" and "0 \ c" shows "a * c < b * d" - using assms - apply (subgoal_tac "a * c \ b * c") - apply (erule le_less_trans) - apply (erule mult_strict_left_mono) - apply simp - apply (erule (1) mult_right_mono) - done +proof - + have "a * c \ b * c" + by (simp add: assms mult_right_mono) + also have "... < b * d" + by (intro mult_strict_left_mono) (use assms in auto) + finally show ?thesis . +qed end @@ -2114,14 +2122,10 @@ by (simp add: algebra_simps) lemma mult_left_mono_neg: "b \ a \ c \ 0 \ c * a \ c * b" - apply (drule mult_left_mono [of _ _ "- c"]) - apply simp_all - done + by (auto dest: mult_left_mono [of _ _ "- c"]) lemma mult_right_mono_neg: "b \ a \ c \ 0 \ a * c \ b * c" - apply (drule mult_right_mono [of _ _ "- c"]) - apply simp_all - done + by (auto dest: mult_right_mono [of _ _ "- c"]) lemma mult_nonpos_nonpos: "a \ 0 \ b \ 0 \ 0 \ a * b" using mult_right_mono_neg [of a 0 b] by simp @@ -2251,21 +2255,39 @@ an assumption, but effectively four when the comparison is a goal. \ -lemma mult_less_cancel_right_disj: "a * c < b * c \ 0 < c \ a < b \ c < 0 \ b < a" - apply (cases "c = 0") - apply (auto simp add: neq_iff mult_strict_right_mono mult_strict_right_mono_neg) - apply (auto simp add: not_less not_le [symmetric, of "a*c"] not_le [symmetric, of a]) - apply (erule_tac [!] notE) - apply (auto simp add: less_imp_le mult_right_mono mult_right_mono_neg) - done - -lemma mult_less_cancel_left_disj: "c * a < c * b \ 0 < c \ a < b \ c < 0 \ b < a" - apply (cases "c = 0") - apply (auto simp add: neq_iff mult_strict_left_mono mult_strict_left_mono_neg) - apply (auto simp add: not_less not_le [symmetric, of "c * a"] not_le [symmetric, of a]) - apply (erule_tac [!] notE) - apply (auto simp add: less_imp_le mult_left_mono mult_left_mono_neg) - done +lemma mult_less_cancel_right_disj: "a * c < b * c \ 0 < c \ a < b \ c < 0 \ b < a" +proof (cases "c = 0") + case False + show ?thesis (is "?lhs \ ?rhs") + proof + assume ?lhs + then have "c < 0 \ b < a" "c > 0 \ b > a" + by (auto simp flip: not_le intro: mult_right_mono mult_right_mono_neg) + with False show ?rhs + by (auto simp add: neq_iff) + next + assume ?rhs + with False show ?lhs + by (auto simp add: mult_strict_right_mono mult_strict_right_mono_neg) + qed +qed auto + +lemma mult_less_cancel_left_disj: "c * a < c * b \ 0 < c \ a < b \ c < 0 \ b < a" +proof (cases "c = 0") + case False + show ?thesis (is "?lhs \ ?rhs") + proof + assume ?lhs + then have "c < 0 \ b < a" "c > 0 \ b > a" + by (auto simp flip: not_le intro: mult_left_mono mult_left_mono_neg) + with False show ?rhs + by (auto simp add: neq_iff) + next + assume ?rhs + with False show ?lhs + by (auto simp add: mult_strict_left_mono mult_strict_left_mono_neg) + qed +qed auto text \ The ``conjunction of implication'' lemmas produce two cases when the @@ -2364,29 +2386,29 @@ lemma add_diff_inverse: "\ a < b \ b + (a - b) = a" by simp -lemma add_le_imp_le_diff: "i + k \ n \ i \ n - k" - apply (subst add_le_cancel_right [where c=k, symmetric]) - apply (frule le_add_diff_inverse2) - apply (simp only: add.assoc [symmetric]) - using add_implies_diff - apply fastforce - done +lemma add_le_imp_le_diff: + assumes "i + k \ n" shows "i \ n - k" +proof - + have "n - (i + k) + i + k = n" + by (simp add: assms add.assoc) + with assms add_implies_diff have "i + k \ n - k + k" + by fastforce + then show ?thesis + by simp +qed lemma add_le_add_imp_diff_le: assumes 1: "i + k \ n" and 2: "n \ j + k" shows "i + k \ n \ n \ j + k \ n - k \ j" proof - - have "n - (i + k) + (i + k) = n" - using 1 by simp + have "n - (i + k) + i + k = n" + using 1 by (simp add: add.assoc) moreover have "n - k = n - k - i + i" using 1 by (simp add: add_le_imp_le_diff) ultimately show ?thesis - using 2 - apply (simp add: add.assoc [symmetric]) - apply (rule add_le_imp_le_diff [of _ k "j + k", simplified add_diff_cancel_right']) - apply (simp add: add.commute diff_diff_add) - done + using 2 add_le_imp_le_diff [of "n-k" k "j + k"] + by (simp add: add.commute diff_diff_add) qed lemma less_1_mult: "1 < m \ 1 < n \ 1 < m * n" diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Set_Interval.thy --- a/src/HOL/Set_Interval.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Set_Interval.thy Mon Apr 06 22:29:40 2020 +0200 @@ -812,10 +812,10 @@ greaterThanLessThan_def) lemma atLeastAtMostSuc_conv: "m \ Suc n \ {m..Suc n} = insert (Suc n) {m..n}" -by (auto simp add: atLeastAtMost_def) + by auto lemma atLeastAtMost_insertL: "m \ n \ insert m {Suc m..n} = {m ..n}" -by auto + by auto text \The analogous result is useful on \<^typ>\int\:\ (* here, because we don't have an own int section *) diff -r 54ac957c53ec -r 23abd7f9f054 src/HOL/Transfer.thy --- a/src/HOL/Transfer.thy Mon Apr 06 22:28:41 2020 +0200 +++ b/src/HOL/Transfer.thy Mon Apr 06 22:29:40 2020 +0200 @@ -162,31 +162,33 @@ using assms by(auto simp add: right_total_def) lemma right_total_alt_def2: - "right_total R \ ((R ===> (\)) ===> (\)) All All" - unfolding right_total_def rel_fun_def - apply (rule iffI, fast) - apply (rule allI) - apply (drule_tac x="\x. True" in spec) - apply (drule_tac x="\y. \x. R x y" in spec) - apply fast - done + "right_total R \ ((R ===> (\)) ===> (\)) All All" (is "?lhs = ?rhs") +proof + assume ?lhs then show ?rhs + unfolding right_total_def rel_fun_def by blast +next + assume \
: ?rhs + show ?lhs + using \
[unfolded rel_fun_def, rule_format, of "\x. True" "\y. \x. R x y"] + unfolding right_total_def by blast +qed lemma right_unique_alt_def2: "right_unique R \ (R ===> R ===> (\)) (=) (=)" unfolding right_unique_def rel_fun_def by auto lemma bi_total_alt_def2: - "bi_total R \ ((R ===> (=)) ===> (=)) All All" - unfolding bi_total_def rel_fun_def - apply (rule iffI, fast) - apply safe - apply (drule_tac x="\x. \y. R x y" in spec) - apply (drule_tac x="\y. True" in spec) - apply fast - apply (drule_tac x="\x. True" in spec) - apply (drule_tac x="\y. \x. R x y" in spec) - apply fast - done + "bi_total R \ ((R ===> (=)) ===> (=)) All All" (is "?lhs = ?rhs") +proof + assume ?lhs then show ?rhs + unfolding bi_total_def rel_fun_def by blast +next + assume \
: ?rhs + show ?lhs + using \
[unfolded rel_fun_def, rule_format, of "\x. \y. R x y" "\y. True"] + using \
[unfolded rel_fun_def, rule_format, of "\x. True" "\y. \x. R x y"] + by (auto simp: bi_total_def) +qed lemma bi_unique_alt_def2: "bi_unique R \ (R ===> R ===> (=)) (=) (=)" @@ -194,19 +196,19 @@ lemma [simp]: shows left_unique_conversep: "left_unique A\\ \ right_unique A" - and right_unique_conversep: "right_unique A\\ \ left_unique A" -by(auto simp add: left_unique_def right_unique_def) + and right_unique_conversep: "right_unique A\\ \ left_unique A" + by(auto simp add: left_unique_def right_unique_def) lemma [simp]: shows left_total_conversep: "left_total A\\ \ right_total A" - and right_total_conversep: "right_total A\\ \ left_total A" -by(simp_all add: left_total_def right_total_def) + and right_total_conversep: "right_total A\\ \ left_total A" + by(simp_all add: left_total_def right_total_def) lemma bi_unique_conversep [simp]: "bi_unique R\\ = bi_unique R" -by(auto simp add: bi_unique_def) + by(auto simp add: bi_unique_def) lemma bi_total_conversep [simp]: "bi_total R\\ = bi_total R" -by(auto simp add: bi_total_def) + by(auto simp add: bi_total_def) lemma right_unique_alt_def: "right_unique R = (conversep R OO R \ (=))" unfolding right_unique_def by blast lemma left_unique_alt_def: "left_unique R = (R OO (conversep R) \ (=))" unfolding left_unique_def by blast @@ -230,21 +232,21 @@ lemma is_equality_lemma: "(\R. is_equality R \ PROP (P R)) \ PROP (P (=))" - apply (unfold is_equality_def) - apply (rule equal_intr_rule) - apply (drule meta_spec) - apply (erule meta_mp) - apply (rule refl) - apply simp - done + unfolding is_equality_def +proof (rule equal_intr_rule) + show "(\R. R = (=) \ PROP P R) \ PROP P (=)" + apply (drule meta_spec) + apply (erule meta_mp [OF _ refl]) + done +qed simp lemma Domainp_lemma: "(\R. Domainp T = R \ PROP (P R)) \ PROP (P (Domainp T))" - apply (rule equal_intr_rule) - apply (drule meta_spec) - apply (erule meta_mp) - apply (rule refl) - apply simp - done +proof (rule equal_intr_rule) + show "(\R. Domainp T = R \ PROP P R) \ PROP P (Domainp T)" + apply (drule meta_spec) + apply (erule meta_mp [OF _ refl]) + done +qed simp ML_file \Tools/Transfer/transfer.ML\ declare refl [transfer_rule] @@ -266,14 +268,21 @@ lemma Domainp_pred_fun_eq[relator_domain]: assumes "left_unique T" - shows "Domainp (T ===> S) = pred_fun (Domainp T) (Domainp S)" - using assms unfolding rel_fun_def Domainp_iff[abs_def] left_unique_def fun_eq_iff pred_fun_def - apply safe - apply blast - apply (subst all_comm) - apply (rule choice) - apply blast - done + shows "Domainp (T ===> S) = pred_fun (Domainp T) (Domainp S)" (is "?lhs = ?rhs") +proof (intro ext iffI) + fix x + assume "?lhs x" + then show "?rhs x" + using assms unfolding rel_fun_def pred_fun_def by blast +next + fix x + assume "?rhs x" + then have "\g. \y xa. T xa y \ S (x xa) (g y)" + using assms unfolding Domainp_iff left_unique_def pred_fun_def + by (intro choice) blast + then show "?lhs x" + by blast +qed text \Properties are preserved by relation composition.\ @@ -295,10 +304,10 @@ unfolding right_unique_def OO_def by fast lemma left_total_OO: "left_total R \ left_total S \ left_total (R OO S)" -unfolding left_total_def OO_def by fast + unfolding left_total_def OO_def by fast lemma left_unique_OO: "left_unique R \ left_unique S \ left_unique (R OO S)" -unfolding left_unique_def OO_def by blast + unfolding left_unique_def OO_def by blast subsection \Properties of relators\ @@ -322,18 +331,22 @@ unfolding bi_unique_def by simp lemma left_total_fun[transfer_rule]: - "\left_unique A; left_total B\ \ left_total (A ===> B)" - unfolding left_total_def rel_fun_def - apply (rule allI, rename_tac f) - apply (rule_tac x="\y. SOME z. B (f (THE x. A x y)) z" in exI) - apply clarify - apply (subgoal_tac "(THE x. A x y) = x", simp) - apply (rule someI_ex) - apply (simp) - apply (rule the_equality) - apply assumption - apply (simp add: left_unique_def) - done + assumes "left_unique A" "left_total B" + shows "left_total (A ===> B)" + unfolding left_total_def +proof + fix f + show "Ex ((A ===> B) f)" + unfolding rel_fun_def + proof (intro exI strip) + fix x y + assume A: "A x y" + have "(THE x. A x y) = x" + using A assms by (simp add: left_unique_def the_equality) + then show "B (f x) (SOME z. B (f (THE x. A x y)) z)" + using assms by (force simp: left_total_def intro: someI_ex) + qed +qed lemma left_unique_fun[transfer_rule]: "\left_total A; left_unique B\ \ left_unique (A ===> B)" @@ -341,18 +354,22 @@ by (clarify, rule ext, fast) lemma right_total_fun [transfer_rule]: - "\right_unique A; right_total B\ \ right_total (A ===> B)" - unfolding right_total_def rel_fun_def - apply (rule allI, rename_tac g) - apply (rule_tac x="\x. SOME z. B z (g (THE y. A x y))" in exI) - apply clarify - apply (subgoal_tac "(THE y. A x y) = y", simp) - apply (rule someI_ex) - apply (simp) - apply (rule the_equality) - apply assumption - apply (simp add: right_unique_def) - done + assumes "right_unique A" "right_total B" + shows "right_total (A ===> B)" + unfolding right_total_def +proof + fix g + show "\x. (A ===> B) x g" + unfolding rel_fun_def + proof (intro exI strip) + fix x y + assume A: "A x y" + have "(THE y. A x y) = y" + using A assms by (simp add: right_unique_def the_equality) + then show "B (SOME z. B z (g (THE y. A x y))) (g y)" + using assms by (force simp: right_total_def intro: someI_ex) + qed +qed lemma right_unique_fun [transfer_rule]: "\right_total A; right_unique B\ \ right_unique (A ===> B)" @@ -435,8 +452,8 @@ assumes "right_total B" assumes "bi_unique A" shows "((A ===> B ===> (=)) ===> implies) left_unique left_unique" -using assms unfolding left_unique_def[abs_def] right_total_def bi_unique_def rel_fun_def -by metis + using assms unfolding left_unique_def right_total_def bi_unique_def rel_fun_def + by metis lemma eq_transfer [transfer_rule]: assumes "bi_unique A" @@ -446,14 +463,14 @@ lemma right_total_Ex_transfer[transfer_rule]: assumes "right_total A" shows "((A ===> (=)) ===> (=)) (Bex (Collect (Domainp A))) Ex" -using assms unfolding right_total_def Bex_def rel_fun_def Domainp_iff[abs_def] -by fast + using assms unfolding right_total_def Bex_def rel_fun_def Domainp_iff + by fast lemma right_total_All_transfer[transfer_rule]: assumes "right_total A" shows "((A ===> (=)) ===> (=)) (Ball (Collect (Domainp A))) All" -using assms unfolding right_total_def Ball_def rel_fun_def Domainp_iff[abs_def] -by fast + using assms unfolding right_total_def Ball_def rel_fun_def Domainp_iff + by fast context includes lifting_syntax @@ -480,7 +497,7 @@ lemma Ex1_parametric [transfer_rule]: assumes [transfer_rule]: "bi_unique A" "bi_total A" shows "((A ===> (=)) ===> (=)) Ex1 Ex1" -unfolding Ex1_def[abs_def] by transfer_prover +unfolding Ex1_def by transfer_prover declare If_transfer [transfer_rule] @@ -498,7 +515,7 @@ lemma fun_upd_transfer [transfer_rule]: assumes [transfer_rule]: "bi_unique A" shows "((A ===> B) ===> A ===> B ===> A ===> B) fun_upd fun_upd" - unfolding fun_upd_def [abs_def] by transfer_prover + unfolding fun_upd_def by transfer_prover lemma case_nat_transfer [transfer_rule]: "(A ===> ((=) ===> A) ===> (=) ===> A) case_nat case_nat" @@ -517,18 +534,18 @@ assumes [transfer_rule]: "(A ===> A ===> (=)) (\) (\)" assumes [transfer_rule]: "(B ===> B ===> (=)) (\) (\)" shows "((A ===> B) ===> (=)) mono mono" -unfolding mono_def[abs_def] by transfer_prover +unfolding mono_def by transfer_prover lemma right_total_relcompp_transfer[transfer_rule]: assumes [transfer_rule]: "right_total B" shows "((A ===> B ===> (=)) ===> (B ===> C ===> (=)) ===> A ===> C ===> (=)) (\R S x z. \y\Collect (Domainp B). R x y \ S y z) (OO)" -unfolding OO_def[abs_def] by transfer_prover +unfolding OO_def by transfer_prover lemma relcompp_transfer[transfer_rule]: assumes [transfer_rule]: "bi_total B" shows "((A ===> B ===> (=)) ===> (B ===> C ===> (=)) ===> A ===> C ===> (=)) (OO) (OO)" -unfolding OO_def[abs_def] by transfer_prover +unfolding OO_def by transfer_prover lemma right_total_Domainp_transfer[transfer_rule]: assumes [transfer_rule]: "right_total B" @@ -538,7 +555,7 @@ lemma Domainp_transfer[transfer_rule]: assumes [transfer_rule]: "bi_total B" shows "((A ===> B ===> (=)) ===> A ===> (=)) Domainp Domainp" -unfolding Domainp_iff[abs_def] by transfer_prover +unfolding Domainp_iff by transfer_prover lemma reflp_transfer[transfer_rule]: "bi_total A \ ((A ===> A ===> (=)) ===> (=)) reflp reflp" @@ -546,38 +563,38 @@ "right_total A \ ((A ===> A ===> (=)) ===> implies) reflp reflp" "bi_total A \ ((A ===> A ===> rev_implies) ===> rev_implies) reflp reflp" "bi_total A \ ((A ===> A ===> (=)) ===> rev_implies) reflp reflp" -unfolding reflp_def[abs_def] rev_implies_def bi_total_def right_total_def rel_fun_def +unfolding reflp_def rev_implies_def bi_total_def right_total_def rel_fun_def by fast+ lemma right_unique_transfer [transfer_rule]: "\ right_total A; right_total B; bi_unique B \ \ ((A ===> B ===> (=)) ===> implies) right_unique right_unique" -unfolding right_unique_def[abs_def] right_total_def bi_unique_def rel_fun_def +unfolding right_unique_def right_total_def bi_unique_def rel_fun_def by metis lemma left_total_parametric [transfer_rule]: assumes [transfer_rule]: "bi_total A" "bi_total B" shows "((A ===> B ===> (=)) ===> (=)) left_total left_total" -unfolding left_total_def[abs_def] by transfer_prover +unfolding left_total_def by transfer_prover lemma right_total_parametric [transfer_rule]: assumes [transfer_rule]: "bi_total A" "bi_total B" shows "((A ===> B ===> (=)) ===> (=)) right_total right_total" -unfolding right_total_def[abs_def] by transfer_prover +unfolding right_total_def by transfer_prover lemma left_unique_parametric [transfer_rule]: assumes [transfer_rule]: "bi_unique A" "bi_total A" "bi_total B" shows "((A ===> B ===> (=)) ===> (=)) left_unique left_unique" -unfolding left_unique_def[abs_def] by transfer_prover +unfolding left_unique_def by transfer_prover lemma prod_pred_parametric [transfer_rule]: "((A ===> (=)) ===> (B ===> (=)) ===> rel_prod A B ===> (=)) pred_prod pred_prod" -unfolding prod.pred_set[abs_def] Basic_BNFs.fsts_def Basic_BNFs.snds_def fstsp.simps sndsp.simps +unfolding prod.pred_set Basic_BNFs.fsts_def Basic_BNFs.snds_def fstsp.simps sndsp.simps by simp transfer_prover lemma apfst_parametric [transfer_rule]: "((A ===> B) ===> rel_prod A C ===> rel_prod B C) apfst apfst" -unfolding apfst_def[abs_def] by transfer_prover +unfolding apfst_def by transfer_prover lemma rel_fun_eq_eq_onp: "((=) ===> eq_onp P) = eq_onp (\f. \x. P(f x))" unfolding eq_onp_def rel_fun_def by auto @@ -589,7 +606,7 @@ lemma eq_onp_transfer [transfer_rule]: assumes [transfer_rule]: "bi_unique A" shows "((A ===> (=)) ===> A ===> A ===> (=)) eq_onp eq_onp" -unfolding eq_onp_def[abs_def] by transfer_prover +unfolding eq_onp_def by transfer_prover lemma rtranclp_parametric [transfer_rule]: assumes "bi_unique A" "bi_total A" @@ -633,11 +650,11 @@ lemma right_unique_parametric [transfer_rule]: assumes [transfer_rule]: "bi_total A" "bi_unique B" "bi_total B" shows "((A ===> B ===> (=)) ===> (=)) right_unique right_unique" -unfolding right_unique_def[abs_def] by transfer_prover + unfolding right_unique_def by transfer_prover lemma map_fun_parametric [transfer_rule]: "((A ===> B) ===> (C ===> D) ===> (B ===> C) ===> A ===> D) map_fun map_fun" -unfolding map_fun_def[abs_def] by transfer_prover + unfolding map_fun_def by transfer_prover end @@ -652,14 +669,14 @@ \((\) ===> (\)) of_bool of_bool\ if [transfer_rule]: \0 \ 0\ \1 \ 1\ for R :: \'a::zero_neq_one \ 'b::zero_neq_one \ bool\ (infix \\\ 50) - by (unfold of_bool_def [abs_def]) transfer_prover + unfolding of_bool_def by transfer_prover lemma transfer_rule_of_nat: "((=) ===> (\)) of_nat of_nat" if [transfer_rule]: \0 \ 0\ \1 \ 1\ \((\) ===> (\) ===> (\)) (+) (+)\ for R :: \'a::semiring_1 \ 'b::semiring_1 \ bool\ (infix \\\ 50) - by (unfold of_nat_def [abs_def]) transfer_prover + unfolding of_nat_def by transfer_prover end