# HG changeset patch # User wenzelm # Date 1464000504 -7200 # Node ID 87a4283537e408e58d80f30b2ca324e4ba90e54b # Parent 02b8855917358ff9dda70cc8896f0c6ceda999af proper document source; tuned proofs; diff -r 02b885591735 -r 87a4283537e4 src/HOL/Wellfounded.thy --- a/src/HOL/Wellfounded.thy Mon May 23 12:18:16 2016 +0200 +++ b/src/HOL/Wellfounded.thy Mon May 23 12:48:24 2016 +0200 @@ -317,17 +317,17 @@ shows "wf (\R)" using assms wf_UN[of R "\i. i"] by simp -(*Intuition: we find an (R u S)-min element of a nonempty subset A - by case distinction. - 1. There is a step a -R-> b with a,b : A. - Pick an R-min element z of the (nonempty) set {a:A | EX b:A. a -R-> b}. - By definition, there is z':A s.t. z -R-> z'. Because z is R-min in the - subset, z' must be R-min in A. Because z' has an R-predecessor, it cannot - have an S-successor and is thus S-min in A as well. - 2. There is no such step. - Pick an S-min element of A. In this case it must be an R-min - element of A as well. -*) +text \ + Intuition: We find an \R \ S\-min element of a nonempty subset \A\ by case distinction. + \<^enum> There is a step \a \R\ b\ with \a, b \ A\. + Pick an \R\-min element \z\ of the (nonempty) set \{a\A | \b\A. a \R\ b}\. + By definition, there is \z' \ A\ s.t. \z \R\ z'\. Because \z\ is \R\-min in the + subset, \z'\ must be \R\-min in \A\. Because \z'\ has an \R\-predecessor, it cannot + have an \S\-successor and is thus \S\-min in \A\ as well. + \<^enum> There is no such step. + Pick an \S\-min element of \A\. In this case it must be an \R\-min + element of \A\ as well. +\ lemma wf_Un: "wf r \ wf s \ Domain r \ Range s = {} \ wf (r \ s)" using wf_union_compatible[of s r] by (auto simp: Un_ac) @@ -342,24 +342,20 @@ ultimately show "wf ?B" by (rule wf_subset) next assume "wf ?B" - show "wf ?A" proof (rule wfI_min) fix Q :: "'a set" and x assume "x \ Q" - - with \wf ?B\ - obtain z where "z \ Q" and "\y. (y, z) \ ?B \ y \ Q" + with \wf ?B\ obtain z where "z \ Q" and "\y. (y, z) \ ?B \ y \ Q" by (erule wfE_min) - then have A1: "\y. (y, z) \ R O R \ y \ Q" - and A2: "\y. (y, z) \ S O R \ y \ Q" - and A3: "\y. (y, z) \ S \ y \ Q" + then have 1: "\y. (y, z) \ R O R \ y \ Q" + and 2: "\y. (y, z) \ S O R \ y \ Q" + and 3: "\y. (y, z) \ S \ y \ Q" by auto - show "\z\Q. \y. (y, z) \ ?A \ y \ Q" proof (cases "\y. (y, z) \ R \ y \ Q") case True - with \z \ Q\ A3 show ?thesis by blast + with \z \ Q\ 3 show ?thesis by blast next case False then obtain z' where "z'\Q" "(z', z) \ R" by blast @@ -370,11 +366,11 @@ proof assume "(y, z') \ R" then have "(y, z) \ R O R" using \(z', z) \ R\ .. - with A1 show "y \ Q" . + with 1 show "y \ Q" . next assume "(y, z') \ S" then have "(y, z) \ S O R" using \(z', z) \ R\ .. - with A2 show "y \ Q" . + with 2 show "y \ Q" . qed qed with \z' \ Q\ show ?thesis .. @@ -392,40 +388,55 @@ lemma qc_wf_relto_iff: assumes "R O S \ (R \ S)\<^sup>* O R" \ \R quasi-commutes over S\ - shows "wf (S\<^sup>* O R O S\<^sup>*) \ wf R" (is "wf ?S \ _") + shows "wf (S\<^sup>* O R O S\<^sup>*) \ wf R" + (is "wf ?S \ _") proof - assume "wf ?S" - moreover have "R \ ?S" by auto - ultimately show "wf R" using wf_subset by auto + show "wf R" if "wf ?S" + proof - + have "R \ ?S" by auto + with that show "wf R" using wf_subset by auto + qed next - assume "wf R" - show "wf ?S" + show "wf ?S" if "wf R" proof (rule wfI_pf) - fix A assume A: "A \ ?S `` A" + fix A + assume A: "A \ ?S `` A" let ?X = "(R \ S)\<^sup>* `` A" have *: "R O (R \ S)\<^sup>* \ (R \ S)\<^sup>* O R" - proof - - { fix x y z assume "(y, z) \ (R \ S)\<^sup>*" and "(x, y) \ R" - then have "(x, z) \ (R \ S)\<^sup>* O R" - proof (induct y z) - case rtrancl_refl then show ?case by auto - next - case (rtrancl_into_rtrancl a b c) - then have "(x, c) \ ((R \ S)\<^sup>* O (R \ S)\<^sup>*) O R" using assms by blast - then show ?case by simp - qed } - then show ?thesis by auto + proof - + have "(x, z) \ (R \ S)\<^sup>* O R" if "(y, z) \ (R \ S)\<^sup>*" and "(x, y) \ R" for x y z + using that + proof (induct y z) + case rtrancl_refl + then show ?case by auto + next + case (rtrancl_into_rtrancl a b c) + then have "(x, c) \ ((R \ S)\<^sup>* O (R \ S)\<^sup>*) O R" + using assms by blast + then show ?case by simp qed - then have "R O S\<^sup>* \ (R \ S)\<^sup>* O R" using rtrancl_Un_subset by blast - then have "?S \ (R \ S)\<^sup>* O (R \ S)\<^sup>* O R" by (simp add: relcomp_mono rtrancl_mono) - also have "\ = (R \ S)\<^sup>* O R" by (simp add: O_assoc[symmetric]) - finally have "?S O (R \ S)\<^sup>* \ (R \ S)\<^sup>* O R O (R \ S)\<^sup>*" by (simp add: O_assoc[symmetric] relcomp_mono) - also have "\ \ (R \ S)\<^sup>* O (R \ S)\<^sup>* O R" using * by (simp add: relcomp_mono) - finally have "?S O (R \ S)\<^sup>* \ (R \ S)\<^sup>* O R" by (simp add: O_assoc[symmetric]) - then have "(?S O (R \ S)\<^sup>*) `` A \ ((R \ S)\<^sup>* O R) `` A" by (simp add: Image_mono) - moreover have "?X \ (?S O (R \ S)\<^sup>*) `` A" using A by (auto simp: relcomp_Image) - ultimately have "?X \ R `` ?X" by (auto simp: relcomp_Image) - then have "?X = {}" using \wf R\ by (simp add: wfE_pf) + then show ?thesis by auto + qed + then have "R O S\<^sup>* \ (R \ S)\<^sup>* O R" + using rtrancl_Un_subset by blast + then have "?S \ (R \ S)\<^sup>* O (R \ S)\<^sup>* O R" + by (simp add: relcomp_mono rtrancl_mono) + also have "\ = (R \ S)\<^sup>* O R" + by (simp add: O_assoc[symmetric]) + finally have "?S O (R \ S)\<^sup>* \ (R \ S)\<^sup>* O R O (R \ S)\<^sup>*" + by (simp add: O_assoc[symmetric] relcomp_mono) + also have "\ \ (R \ S)\<^sup>* O (R \ S)\<^sup>* O R" + using * by (simp add: relcomp_mono) + finally have "?S O (R \ S)\<^sup>* \ (R \ S)\<^sup>* O R" + by (simp add: O_assoc[symmetric]) + then have "(?S O (R \ S)\<^sup>*) `` A \ ((R \ S)\<^sup>* O R) `` A" + by (simp add: Image_mono) + moreover have "?X \ (?S O (R \ S)\<^sup>*) `` A" + using A by (auto simp: relcomp_Image) + ultimately have "?X \ R `` ?X" + by (auto simp: relcomp_Image) + then have "?X = {}" + using \wf R\ by (simp add: wfE_pf) moreover have "A \ ?X" by auto ultimately show "A = {}" by simp qed @@ -664,25 +675,15 @@ text \Set versions of the above theorems\ lemmas acc_induct = accp_induct [to_set] - lemmas acc_induct_rule = acc_induct [rule_format, induct set: acc] - lemmas acc_downward = accp_downward [to_set] - lemmas not_acc_down = not_accp_down [to_set] - lemmas acc_downwards_aux = accp_downwards_aux [to_set] - lemmas acc_downwards = accp_downwards [to_set] - lemmas acc_wfI = accp_wfPI [to_set] - lemmas acc_wfD = accp_wfPD [to_set] - lemmas wf_acc_iff = wfP_accp_iff [to_set] - lemmas acc_subset = accp_subset [to_set] - lemmas acc_subset_induct = accp_subset_induct [to_set] @@ -691,7 +692,7 @@ text \Inverse Image\ lemma wf_inv_image [simp,intro!]: "wf r \ wf (inv_image r f)" for f :: "'a \ 'b" -apply (simp (no_asm_use) add: inv_image_def wf_eq_minimal) +apply (simp add: inv_image_def wf_eq_minimal) apply clarify apply (subgoal_tac "\w::'b. w \ {w. \x::'a. x \ Q \ f x = w}") prefer 2 apply (blast del: allE) @@ -731,7 +732,7 @@ lemma wf_lex_prod [intro!]: "wf ra \ wf rb \ wf (ra <*lex*> rb)" apply (unfold wf_def lex_prod_def) apply (rule allI, rule impI) -apply (simp (no_asm_use) only: split_paired_All) +apply (simp only: split_paired_All) apply (drule spec, erule mp) apply (rule allI, rule impI) apply (drule spec, erule mp, blast)