# HG changeset patch # User wenzelm # Date 1470164734 -7200 # Node ID d0e2bad67bd467ca67929d7f5170f9478e091d20 # Parent 881e8e2cfec2d959c65af9442fe9066d485b0bcf misc tuning and modernization; diff -r 881e8e2cfec2 -r d0e2bad67bd4 src/HOL/Fun.thy --- a/src/HOL/Fun.thy Tue Aug 02 21:04:52 2016 +0200 +++ b/src/HOL/Fun.thy Tue Aug 02 21:05:34 2016 +0200 @@ -410,8 +410,8 @@ by (auto simp: bij_betw_def) qed -lemma bij_betw_cong: "(\ a. a \ A \ f a = g a) \ bij_betw f A A' = bij_betw g A A'" - unfolding bij_betw_def inj_on_def by force +lemma bij_betw_cong: "(\a. a \ A \ f a = g a) \ bij_betw f A A' = bij_betw g A A'" + unfolding bij_betw_def inj_on_def by force (* slow *) lemma bij_betw_id[intro, simp]: "bij_betw id A A" unfolding bij_betw_def id_def by auto diff -r 881e8e2cfec2 -r d0e2bad67bd4 src/HOL/Groups.thy --- a/src/HOL/Groups.thy Tue Aug 02 21:04:52 2016 +0200 +++ b/src/HOL/Groups.thy Tue Aug 02 21:05:34 2016 +0200 @@ -1,48 +1,46 @@ -(* Title: HOL/Groups.thy - Author: Gertrud Bauer, Steven Obua, Lawrence C Paulson, Markus Wenzel, Jeremy Avigad +(* Title: HOL/Groups.thy + Author: Gertrud Bauer + Author: Steven Obua + Author: Lawrence C Paulson + Author: Markus Wenzel + Author: Jeremy Avigad *) section \Groups, also combined with orderings\ theory Groups -imports Orderings + imports Orderings begin subsection \Dynamic facts\ named_theorems ac_simps "associativity and commutativity simplification rules" - + and algebra_simps "algebra simplification rules" + and field_simps "algebra simplification rules for fields" text \ - The rewrites accumulated in \algebra_simps\ deal with the - classical algebraic structures of groups, rings and family. They simplify - terms by multiplying everything out (in case of a ring) and bringing sums and - products into a canonical form (by ordered rewriting). As a result it decides - group and ring equalities but also helps with inequalities. - - Of course it also works for fields, but it knows nothing about multiplicative - inverses or division. This is catered for by \field_simps\. -\ + The rewrites accumulated in \algebra_simps\ deal with the classical + algebraic structures of groups, rings and family. They simplify terms by + multiplying everything out (in case of a ring) and bringing sums and + products into a canonical form (by ordered rewriting). As a result it + decides group and ring equalities but also helps with inequalities. -named_theorems algebra_simps "algebra simplification rules" - + Of course it also works for fields, but it knows nothing about + multiplicative inverses or division. This is catered for by \field_simps\. -text \ - Lemmas \field_simps\ multiply with denominators in (in)equations - if they can be proved to be non-zero (for equations) or positive/negative - (for inequations). Can be too aggressive and is therefore separate from the - more benign \algebra_simps\. + Facts in \field_simps\ multiply with denominators in (in)equations if they + can be proved to be non-zero (for equations) or positive/negative (for + inequalities). Can be too aggressive and is therefore separate from the more + benign \algebra_simps\. \ -named_theorems field_simps "algebra simplification rules for fields" - subsection \Abstract structures\ text \ - These locales provide basic structures for interpretation into - bigger structures; extensions require careful thinking, otherwise - undesired effects may occur due to interpretation. + These locales provide basic structures for interpretation into bigger + structures; extensions require careful thinking, otherwise undesired effects + may occur due to interpretation. \ locale semigroup = @@ -114,16 +112,13 @@ by (simp add: assoc [symmetric]) qed -lemma inverse_neutral [simp]: - "inverse \<^bold>1 = \<^bold>1" +lemma inverse_neutral [simp]: "inverse \<^bold>1 = \<^bold>1" by (rule inverse_unique) simp -lemma inverse_inverse [simp]: - "inverse (inverse a) = a" +lemma inverse_inverse [simp]: "inverse (inverse a) = a" by (rule inverse_unique) simp -lemma right_inverse [simp]: - "a \<^bold>* inverse a = \<^bold>1" +lemma right_inverse [simp]: "a \<^bold>* inverse a = \<^bold>1" proof - have "a \<^bold>* inverse a = inverse (inverse a) \<^bold>* inverse a" by simp @@ -132,8 +127,7 @@ then show ?thesis by simp qed -lemma inverse_distrib_swap: - "inverse (a \<^bold>* b) = inverse b \<^bold>* inverse a" +lemma inverse_distrib_swap: "inverse (a \<^bold>* b) = inverse b \<^bold>* inverse a" proof (rule inverse_unique) have "a \<^bold>* b \<^bold>* (inverse b \<^bold>* inverse a) = a \<^bold>* (b \<^bold>* inverse b) \<^bold>* inverse a" @@ -143,8 +137,7 @@ finally show "a \<^bold>* b \<^bold>* (inverse b \<^bold>* inverse a) = \<^bold>1" . qed -lemma right_cancel: - "b \<^bold>* a = c \<^bold>* a \ b = c" +lemma right_cancel: "b \<^bold>* a = c \<^bold>* a \ b = c" proof assume "b \<^bold>* a = c \<^bold>* a" then have "b \<^bold>* a \<^bold>* inverse a= c \<^bold>* a \<^bold>* inverse a" @@ -435,10 +428,8 @@ sublocale add: group plus 0 uminus by standard (simp_all add: left_minus) -lemma minus_unique: - assumes "a + b = 0" - shows "- a = b" - using assms by (fact add.inverse_unique) +lemma minus_unique: "a + b = 0 \ - a = b" + by (fact add.inverse_unique) lemma minus_zero: "- 0 = 0" by (fact add.inverse_neutral) @@ -701,8 +692,8 @@ lemma add_le_cancel_left [simp]: "c + a \ c + b \ a \ b" apply auto - apply (drule add_le_imp_le_left) - apply (simp_all add: add_left_mono) + apply (drule add_le_imp_le_left) + apply (simp_all add: add_left_mono) done lemma add_le_cancel_right [simp]: "a + c \ b + c \ a \ b" @@ -803,36 +794,28 @@ class ordered_ab_semigroup_monoid_add_imp_le = monoid_add + ordered_ab_semigroup_add_imp_le begin -lemma add_less_same_cancel1 [simp]: - "b + a < b \ a < 0" +lemma add_less_same_cancel1 [simp]: "b + a < b \ a < 0" using add_less_cancel_left [of _ _ 0] by simp -lemma add_less_same_cancel2 [simp]: - "a + b < b \ a < 0" +lemma add_less_same_cancel2 [simp]: "a + b < b \ a < 0" using add_less_cancel_right [of _ _ 0] by simp -lemma less_add_same_cancel1 [simp]: - "a < a + b \ 0 < b" +lemma less_add_same_cancel1 [simp]: "a < a + b \ 0 < b" using add_less_cancel_left [of _ 0] by simp -lemma less_add_same_cancel2 [simp]: - "a < b + a \ 0 < b" +lemma less_add_same_cancel2 [simp]: "a < b + a \ 0 < b" using add_less_cancel_right [of 0] by simp -lemma add_le_same_cancel1 [simp]: - "b + a \ b \ a \ 0" +lemma add_le_same_cancel1 [simp]: "b + a \ b \ a \ 0" using add_le_cancel_left [of _ _ 0] by simp -lemma add_le_same_cancel2 [simp]: - "a + b \ b \ a \ 0" +lemma add_le_same_cancel2 [simp]: "a + b \ b \ a \ 0" using add_le_cancel_right [of _ _ 0] by simp -lemma le_add_same_cancel1 [simp]: - "a \ a + b \ 0 \ b" +lemma le_add_same_cancel1 [simp]: "a \ a + b \ 0 \ b" using add_le_cancel_left [of _ 0] by simp -lemma le_add_same_cancel2 [simp]: - "a \ b + a \ 0 \ b" +lemma le_add_same_cancel2 [simp]: "a \ b + a \ 0 \ b" using add_le_cancel_right [of 0] by simp subclass cancel_comm_monoid_add @@ -911,7 +894,7 @@ lemma less_minus_iff: "a < - b \ b < - a" proof - - have "- (-a) < - b \ b < - a" + have "- (- a) < - b \ b < - a" by (rule neg_less_iff_less) then show ?thesis by simp qed @@ -925,12 +908,12 @@ lemma le_minus_iff: "a \ - b \ b \ - a" proof - - have mm: "- (- a) < -b \ - (- b) < -a" for a b :: 'a + have mm: "- (- a) < - b \ - (- b) < -a" for a b :: 'a by (simp only: minus_less_iff) - have "- (- a) \ -b \ b \ - a" + have "- (- a) \ - b \ b \ - a" apply (auto simp only: le_less) - apply (drule mm) - apply (simp_all) + apply (drule mm) + apply (simp_all) apply (drule mm[simplified], assumption) done then show ?thesis by simp @@ -1039,11 +1022,11 @@ proof (rule ccontr) assume *: "\ ?thesis" then have "b \ a" by (simp add: linorder_not_le) - then have le2: "c + b \ c + a" by (rule add_left_mono) - have "a = b" - apply (insert le1 le2) + then have "c + b \ c + a" by (rule add_left_mono) + with le1 have "a = b" + apply - apply (drule antisym) - apply simp_all + apply simp_all done with * show False by (simp add: linorder_not_le [symmetric]) @@ -1117,8 +1100,8 @@ lemma double_zero_sym [simp]: "0 = a + a \ a = 0" apply (rule iffI) - apply (drule sym) - apply simp_all + apply (drule sym) + apply simp_all done lemma zero_less_double_add_iff_zero_less_single_add [simp]: "0 < a + a \ 0 < a" @@ -1342,7 +1325,7 @@ fixes x::"'a::{dense_linorder,ordered_ab_group_add_abs}" shows "(\e. 0 < e \ \x\ \ e) \ x = 0" apply (cases "\x\ = 0") - apply simp + apply simp apply (simp only: zero_less_abs_iff [symmetric]) apply (drule dense) apply (auto simp add: not_less [symmetric]) @@ -1402,7 +1385,7 @@ begin context - fixes a b + fixes a b :: 'a assumes le: "a \ b" begin diff -r 881e8e2cfec2 -r d0e2bad67bd4 src/HOL/Inductive.thy --- a/src/HOL/Inductive.thy Tue Aug 02 21:04:52 2016 +0200 +++ b/src/HOL/Inductive.thy Tue Aug 02 21:05:34 2016 +0200 @@ -5,13 +5,13 @@ section \Knaster-Tarski Fixpoint Theorem and inductive definitions\ theory Inductive -imports Complete_Lattices Ctr_Sugar -keywords - "inductive" "coinductive" "inductive_cases" "inductive_simps" :: thy_decl and - "monos" and - "print_inductives" :: diag and - "old_rep_datatype" :: thy_goal and - "primrec" :: thy_decl + imports Complete_Lattices Ctr_Sugar + keywords + "inductive" "coinductive" "inductive_cases" "inductive_simps" :: thy_decl and + "monos" and + "print_inductives" :: diag and + "old_rep_datatype" :: thy_goal and + "primrec" :: thy_decl begin subsection \Least and greatest fixed points\ @@ -50,8 +50,8 @@ lemma lfp_const: "lfp (\x. t) = t" by (rule lfp_unfold) (simp add: mono_def) -lemma lfp_eqI: "\ mono F; F x = x; \z. F z = z \ x \ z \ \ lfp F = x" -by (rule antisym) (simp_all add: lfp_lowerbound lfp_unfold[symmetric]) +lemma lfp_eqI: "mono F \ F x = x \ (\z. F z = z \ x \ z) \ lfp F = x" + by (rule antisym) (simp_all add: lfp_lowerbound lfp_unfold[symmetric]) subsection \General induction rules for least fixed points\ @@ -64,10 +64,11 @@ shows "P (lfp f)" proof - let ?M = "{S. S \ lfp f \ P S}" - have "P (Sup ?M)" using P_Union by simp + from P_Union have "P (Sup ?M)" by simp also have "Sup ?M = lfp f" proof (rule antisym) - show "Sup ?M \ lfp f" by (blast intro: Sup_least) + show "Sup ?M \ lfp f" + by (blast intro: Sup_least) then have "f (Sup ?M) \ f (lfp f)" by (rule mono [THEN monoD]) then have "f (Sup ?M) \ lfp f" @@ -86,11 +87,18 @@ assumes mono: "mono f" and ind: "f (inf (lfp f) P) \ P" shows "lfp f \ P" -proof (induction rule: lfp_ordinal_induct) +proof (induct rule: lfp_ordinal_induct) + case mono + show ?case by fact +next case (step S) then show ?case by (intro order_trans[OF _ ind] monoD[OF mono]) auto -qed (auto intro: mono Sup_least) +next + case (union M) + then show ?case + by (auto intro: Sup_least) +qed lemma lfp_induct_set: assumes lfp: "a \ lfp f" @@ -144,10 +152,10 @@ by (iprover intro: order_antisym gfp_lemma2 gfp_lemma3) lemma gfp_const: "gfp (\x. t) = t" -by (rule gfp_unfold) (simp add: mono_def) + by (rule gfp_unfold) (simp add: mono_def) -lemma gfp_eqI: "\ mono F; F x = x; \z. F z = z \ z \ x \ \ gfp F = x" -by (rule antisym) (simp_all add: gfp_upperbound gfp_unfold[symmetric]) +lemma gfp_eqI: "mono F \ F x = x \ (\z. F z = z \ z \ x) \ gfp F = x" + by (rule antisym) (simp_all add: gfp_upperbound gfp_unfold[symmetric]) subsection \Coinduction rules for greatest fixed points\ @@ -165,11 +173,11 @@ apply (frule gfp_lemma2) apply (drule mono_sup) apply (rule le_supI) - apply assumption - apply (rule order_trans) + apply assumption apply (rule order_trans) - apply assumption - apply (rule sup_ge2) + apply (rule order_trans) + apply assumption + apply (rule sup_ge2) apply assumption done @@ -188,7 +196,7 @@ shows "P (gfp f)" proof - let ?M = "{S. gfp f \ S \ P S}" - have "P (Inf ?M)" using P_Union by simp + from P_Union have "P (Inf ?M)" by simp also have "Inf ?M = gfp f" proof (rule antisym) show "gfp f \ Inf ?M" @@ -211,10 +219,18 @@ assumes mono: "mono f" and ind: "X \ f (sup X (gfp f))" shows "X \ gfp f" -proof (induction rule: gfp_ordinal_induct) - case (step S) then show ?case +proof (induct rule: gfp_ordinal_induct) + case mono + then show ?case by fact +next + case (step S) + then show ?case by (intro order_trans[OF ind _] monoD[OF mono]) auto -qed (auto intro: mono Inf_greatest) +next + case (union M) + then show ?case + by (auto intro: mono Inf_greatest) +qed subsection \Even Stronger Coinduction Rule, by Martin Coen\ @@ -228,9 +244,9 @@ "X \ f (lfp (\x. f x \ X \ gfp f)) \ mono f \ lfp (\x. f x \ X \ gfp f) \ f (lfp (\x. f x \ X \ gfp f))" apply (rule subset_trans) - apply (erule coinduct3_mono_lemma [THEN lfp_lemma3]) + apply (erule coinduct3_mono_lemma [THEN lfp_lemma3]) apply (rule Un_least [THEN Un_least]) - apply (rule subset_refl, assumption) + apply (rule subset_refl, assumption) apply (rule gfp_unfold [THEN equalityD1, THEN subset_trans], assumption) apply (rule monoD, assumption) apply (subst coinduct3_mono_lemma [THEN lfp_unfold], auto) @@ -238,8 +254,8 @@ lemma coinduct3: "mono f \ a \ X \ X \ f (lfp (\x. f x \ X \ gfp f)) \ a \ gfp f" apply (rule coinduct3_lemma [THEN [2] weak_coinduct]) - apply (rule coinduct3_mono_lemma [THEN lfp_unfold, THEN ssubst]) - apply simp_all + apply (rule coinduct3_mono_lemma [THEN lfp_unfold, THEN ssubst]) + apply simp_all done text \Definition forms of \gfp_unfold\ and \coinduct\, to control unfolding.\ diff -r 881e8e2cfec2 -r d0e2bad67bd4 src/HOL/Lattices.thy --- a/src/HOL/Lattices.thy Tue Aug 02 21:04:52 2016 +0200 +++ b/src/HOL/Lattices.thy Tue Aug 02 21:05:34 2016 +0200 @@ -47,12 +47,10 @@ sublocale ordering less_eq less proof - fix a b show "a \<^bold>< b \ a \<^bold>\ b \ a \ b" for a b by (simp add: order_iff strict_order_iff) next - fix a - show "a \<^bold>\ a" + show "a \<^bold>\ a" for a by (simp add: order_iff) next fix a b @@ -83,8 +81,10 @@ assumes "a \<^bold>\ b" and "a \<^bold>\ c" shows "a \<^bold>\ b \<^bold>* c" proof (rule orderI) - from assms obtain "a \<^bold>* b = a" and "a \<^bold>* c = a" by (auto elim!: orderE) - then show "a = a \<^bold>* (b \<^bold>* c)" by (simp add: assoc [symmetric]) + from assms obtain "a \<^bold>* b = a" and "a \<^bold>* c = a" + by (auto elim!: orderE) + then show "a = a \<^bold>* (b \<^bold>* c)" + by (simp add: assoc [symmetric]) qed lemma boundedE: @@ -108,7 +108,8 @@ lemma strict_coboundedI1: "a \<^bold>< c \ a \<^bold>* b \<^bold>< c" using irrefl - by (auto intro: not_eq_order_implies_strict coboundedI1 strict_implies_order elim: strict_boundedE) + by (auto intro: not_eq_order_implies_strict coboundedI1 strict_implies_order + elim: strict_boundedE) lemma strict_coboundedI2: "b \<^bold>< c \ a \<^bold>* b \<^bold>< c" using strict_coboundedI1 [of b c a] by (simp add: commute) @@ -117,10 +118,10 @@ by (blast intro: boundedI coboundedI1 coboundedI2) lemma absorb1: "a \<^bold>\ b \ a \<^bold>* b = a" - by (rule antisym) (auto simp add: refl) + by (rule antisym) (auto simp: refl) lemma absorb2: "b \<^bold>\ a \ a \<^bold>* b = b" - by (rule antisym) (auto simp add: refl) + by (rule antisym) (auto simp: refl) lemma absorb_iff1: "a \<^bold>\ b \ a \<^bold>* b = a" using order_iff by auto @@ -165,8 +166,7 @@ and sup_least: "y \ x \ z \ x \ y \ z \ x" begin -text \Dual lattice\ - +text \Dual lattice.\ lemma dual_semilattice: "class.semilattice_inf sup greater_eq greater" by (rule class.semilattice_inf.intro, rule dual_order) (unfold_locales, simp_all add: sup_least) @@ -330,7 +330,10 @@ begin lemma dual_lattice: "class.lattice sup (op \) (op >) inf" - by (rule class.lattice.intro, rule dual_semilattice, rule class.semilattice_sup.intro, rule dual_order) + by (rule class.lattice.intro, + rule dual_semilattice, + rule class.semilattice_sup.intro, + rule dual_order) (unfold_locales, auto) lemma inf_sup_absorb [simp]: "x \ (x \ y) = x" @@ -343,7 +346,7 @@ lemmas inf_sup_ord = inf_le1 inf_le2 sup_ge1 sup_ge2 -text\Towards distributivity\ +text \Towards distributivity.\ lemma distrib_sup_le: "x \ (y \ z) \ (x \ y) \ (x \ z)" by (auto intro: le_infI1 le_infI2 le_supI1 le_supI2) @@ -533,7 +536,9 @@ lemma dual_boolean_algebra: "class.boolean_algebra (\x y. x \ - y) uminus sup greater_eq greater inf \ \" - by (rule class.boolean_algebra.intro, rule dual_bounded_lattice, rule dual_distrib_lattice) + by (rule class.boolean_algebra.intro, + rule dual_bounded_lattice, + rule dual_distrib_lattice) (unfold_locales, auto simp add: inf_compl_bot sup_compl_top diff_eq) lemma compl_inf_bot [simp]: "- x \ x = \" @@ -645,7 +650,8 @@ assumes "- y \ x" shows "- x \ y" proof - - from assms have "- x \ - (- y)" by (simp only: compl_less_compl_iff) + from assms have "- x \ - (- y)" + by (simp only: compl_less_compl_iff) then show ?thesis by simp qed @@ -661,7 +667,8 @@ lemma inf_cancel_left2: "inf (inf (- x) a) (inf x b) = bot" by (simp add: inf_sup_aci inf_compl_bot) -declare inf_compl_bot [simp] and sup_compl_top [simp] +declare inf_compl_bot [simp] + and sup_compl_top [simp] lemma sup_compl_top_left1 [simp]: "sup (- x) (sup x y) = top" by (simp add: sup_assoc[symmetric]) @@ -821,7 +828,8 @@ lemma sup_apply [simp, code]: "(f \ g) x = f x \ g x" by (simp add: sup_fun_def) -instance by standard (simp_all add: le_fun_def) +instance + by standard (simp_all add: le_fun_def) end diff -r 881e8e2cfec2 -r d0e2bad67bd4 src/HOL/Nat.thy --- a/src/HOL/Nat.thy Tue Aug 02 21:04:52 2016 +0200 +++ b/src/HOL/Nat.thy Tue Aug 02 21:05:34 2016 +0200 @@ -1,5 +1,7 @@ (* Title: HOL/Nat.thy - Author: Tobias Nipkow and Lawrence C Paulson and Markus Wenzel + Author: Tobias Nipkow + Author: Lawrence C Paulson + Author: Markus Wenzel Type "nat" is a linear order, and a datatype; arithmetic operators + - and * (for div and mod, see theory Divides). @@ -8,7 +10,7 @@ section \Natural numbers\ theory Nat -imports Inductive Typedef Fun Rings + imports Inductive Typedef Fun Rings begin named_theorems arith "arith facts -- only ground formulas" @@ -21,75 +23,70 @@ axiomatization Zero_Rep :: ind and Suc_Rep :: "ind \ ind" \ \The axiom of infinity in 2 parts:\ -where Suc_Rep_inject: "Suc_Rep x = Suc_Rep y \ x = y" - and Suc_Rep_not_Zero_Rep: "Suc_Rep x \ Zero_Rep" + where Suc_Rep_inject: "Suc_Rep x = Suc_Rep y \ x = y" + and Suc_Rep_not_Zero_Rep: "Suc_Rep x \ Zero_Rep" + subsection \Type nat\ text \Type definition\ -inductive Nat :: "ind \ bool" where - Zero_RepI: "Nat Zero_Rep" -| Suc_RepI: "Nat i \ Nat (Suc_Rep i)" +inductive Nat :: "ind \ bool" + where + Zero_RepI: "Nat Zero_Rep" + | Suc_RepI: "Nat i \ Nat (Suc_Rep i)" typedef nat = "{n. Nat n}" morphisms Rep_Nat Abs_Nat using Nat.Zero_RepI by auto -lemma Nat_Rep_Nat: - "Nat (Rep_Nat n)" +lemma Nat_Rep_Nat: "Nat (Rep_Nat n)" using Rep_Nat by simp -lemma Nat_Abs_Nat_inverse: - "Nat n \ Rep_Nat (Abs_Nat n) = n" +lemma Nat_Abs_Nat_inverse: "Nat n \ Rep_Nat (Abs_Nat n) = n" using Abs_Nat_inverse by simp -lemma Nat_Abs_Nat_inject: - "Nat n \ Nat m \ Abs_Nat n = Abs_Nat m \ n = m" +lemma Nat_Abs_Nat_inject: "Nat n \ Nat m \ Abs_Nat n = Abs_Nat m \ n = m" using Abs_Nat_inject by simp instantiation nat :: zero begin -definition Zero_nat_def: - "0 = Abs_Nat Zero_Rep" +definition Zero_nat_def: "0 = Abs_Nat Zero_Rep" instance .. end -definition Suc :: "nat \ nat" where - "Suc n = Abs_Nat (Suc_Rep (Rep_Nat n))" +definition Suc :: "nat \ nat" + where "Suc n = Abs_Nat (Suc_Rep (Rep_Nat n))" lemma Suc_not_Zero: "Suc m \ 0" - by (simp add: Zero_nat_def Suc_def Suc_RepI Zero_RepI Nat_Abs_Nat_inject Suc_Rep_not_Zero_Rep Nat_Rep_Nat) + by (simp add: Zero_nat_def Suc_def Suc_RepI Zero_RepI + Nat_Abs_Nat_inject Suc_Rep_not_Zero_Rep Nat_Rep_Nat) lemma Zero_not_Suc: "0 \ Suc m" - by (rule not_sym, rule Suc_not_Zero not_sym) + by (rule not_sym) (rule Suc_not_Zero) lemma Suc_Rep_inject': "Suc_Rep x = Suc_Rep y \ x = y" by (rule iffI, rule Suc_Rep_inject) simp_all lemma nat_induct0: - fixes n - assumes "P 0" and "\n. P n \ P (Suc n)" + assumes "P 0" + and "\n. P n \ P (Suc n)" shows "P n" -using assms -apply (unfold Zero_nat_def Suc_def) -apply (rule Rep_Nat_inverse [THEN subst]) \ \types force good instantiation\ -apply (erule Nat_Rep_Nat [THEN Nat.induct]) -apply (iprover elim: Nat_Abs_Nat_inverse [THEN subst]) -done - -free_constructors case_nat for - "0 :: nat" - | Suc pred -where - "pred (0 :: nat) = (0 :: nat)" + using assms + apply (unfold Zero_nat_def Suc_def) + apply (rule Rep_Nat_inverse [THEN subst]) \ \types force good instantiation\ + apply (erule Nat_Rep_Nat [THEN Nat.induct]) + apply (iprover elim: Nat_Abs_Nat_inverse [THEN subst]) + done + +free_constructors case_nat for "0 :: nat" | Suc pred + where "pred (0 :: nat) = (0 :: nat)" apply atomize_elim apply (rename_tac n, induct_tac n rule: nat_induct0, auto) - apply (simp add: Suc_def Nat_Abs_Nat_inject Nat_Rep_Nat Suc_RepI Suc_Rep_inject' - Rep_Nat_inject) + apply (simp add: Suc_def Nat_Abs_Nat_inject Nat_Rep_Nat Suc_RepI Suc_Rep_inject' Rep_Nat_inject) apply (simp only: Suc_not_Zero) done @@ -97,19 +94,19 @@ setup \Sign.mandatory_path "old"\ old_rep_datatype "0 :: nat" Suc - apply (erule nat_induct0, assumption) - apply (rule nat.inject) -apply (rule nat.distinct(1)) -done + apply (erule nat_induct0) + apply assumption + apply (rule nat.inject) + apply (rule nat.distinct(1)) + done setup \Sign.parent_path\ \ \But erase the prefix for properties that are not generated by \free_constructors\.\ setup \Sign.mandatory_path "nat"\ -declare - old.nat.inject[iff del] - old.nat.distinct(1)[simp del, induct_simp del] +declare old.nat.inject[iff del] + and old.nat.distinct(1)[simp del, induct_simp del] lemmas induct = old.nat.induct lemmas inducts = old.nat.inducts @@ -134,16 +131,16 @@ nat.split_sel_asm lemma nat_exhaust [case_names 0 Suc, cases type: nat]: + "(y = 0 \ P) \ (\nat. y = Suc nat \ P) \ P" \ \for backward compatibility -- names of variables differ\ - "(y = 0 \ P) \ (\nat. y = Suc nat \ P) \ P" -by (rule old.nat.exhaust) + by (rule old.nat.exhaust) lemma nat_induct [case_names 0 Suc, induct type: nat]: - \ \for backward compatibility -- names of variables differ\ fixes n assumes "P 0" and "\n. P n \ P (Suc n)" shows "P n" -using assms by (rule nat.induct) + \ \for backward compatibility -- names of variables differ\ + using assms by (rule nat.induct) hide_fact nat_exhaust @@ -180,35 +177,40 @@ by (simp add: inj_on_def) lemma Suc_neq_Zero: "Suc m = 0 \ R" -by (rule notE, rule Suc_not_Zero) + by (rule notE) (rule Suc_not_Zero) lemma Zero_neq_Suc: "0 = Suc m \ R" -by (rule Suc_neq_Zero, erule sym) + by (rule Suc_neq_Zero) (erule sym) lemma Suc_inject: "Suc x = Suc y \ x = y" -by (rule inj_Suc [THEN injD]) + by (rule inj_Suc [THEN injD]) lemma n_not_Suc_n: "n \ Suc n" -by (induct n) simp_all + by (induct n) simp_all lemma Suc_n_not_n: "Suc n \ n" -by (rule not_sym, rule n_not_Suc_n) - -text \A special form of induction for reasoning - about @{term "m < n"} and @{term "m - n"}\ - + by (rule not_sym) (rule n_not_Suc_n) + +text \A special form of induction for reasoning about @{term "m < n"} and @{term "m - n"}.\ lemma diff_induct: assumes "\x. P x 0" and "\y. P 0 (Suc y)" and "\x y. P x y \ P (Suc x) (Suc y)" shows "P m n" - using assms - apply (rule_tac x = m in spec) - apply (induct n) - prefer 2 - apply (rule allI) - apply (induct_tac x, iprover+) - done +proof (induct n arbitrary: m) + case 0 + show ?case by (rule assms(1)) +next + case (Suc n) + show ?case + proof (induct m) + case 0 + show ?case by (rule assms(2)) + next + case (Suc m) + from \P m n\ show ?case by (rule assms(3)) + qed +qed subsection \Arithmetic operators\ @@ -216,11 +218,13 @@ instantiation nat :: comm_monoid_diff begin -primrec plus_nat where - add_0: "0 + n = (n::nat)" -| add_Suc: "Suc m + n = Suc (m + n)" - -lemma add_0_right [simp]: "m + 0 = m" for m :: nat +primrec plus_nat + where + add_0: "0 + n = (n::nat)" + | add_Suc: "Suc m + n = Suc (m + n)" + +lemma add_0_right [simp]: "m + 0 = m" + for m :: nat by (induct m) simp_all lemma add_Suc_right [simp]: "m + Suc n = Suc (m + n)" @@ -231,13 +235,15 @@ lemma add_Suc_shift [code]: "Suc m + n = m + Suc n" by simp -primrec minus_nat where - diff_0 [code]: "m - 0 = (m::nat)" -| diff_Suc: "m - Suc n = (case m - n of 0 \ 0 | Suc k \ k)" +primrec minus_nat + where + diff_0 [code]: "m - 0 = (m::nat)" + | diff_Suc: "m - Suc n = (case m - n of 0 \ 0 | Suc k \ k)" declare diff_Suc [simp del] -lemma diff_0_eq_0 [simp, code]: "0 - n = 0" for n :: nat +lemma diff_0_eq_0 [simp, code]: "0 - n = 0" + for n :: nat by (induct n) (simp_all add: diff_Suc) lemma diff_Suc_Suc [simp, code]: "Suc m - Suc n = m - n" @@ -261,30 +267,37 @@ instantiation nat :: comm_semiring_1_cancel begin -definition - One_nat_def [simp]: "1 = Suc 0" - -primrec times_nat where - mult_0: "0 * n = (0::nat)" -| mult_Suc: "Suc m * n = n + (m * n)" - -lemma mult_0_right [simp]: "m * 0 = 0" for m :: nat +definition One_nat_def [simp]: "1 = Suc 0" + +primrec times_nat + where + mult_0: "0 * n = (0::nat)" + | mult_Suc: "Suc m * n = n + (m * n)" + +lemma mult_0_right [simp]: "m * 0 = 0" + for m :: nat by (induct m) simp_all lemma mult_Suc_right [simp]: "m * Suc n = m + (m * n)" by (induct m) (simp_all add: add.left_commute) -lemma add_mult_distrib: "(m + n) * k = (m * k) + (n * k)" for m n k :: nat +lemma add_mult_distrib: "(m + n) * k = (m * k) + (n * k)" + for m n k :: nat by (induct m) (simp_all add: add.assoc) instance proof fix k n m q :: nat - show "0 \ (1::nat)" unfolding One_nat_def by simp - show "1 * n = n" unfolding One_nat_def by simp - show "n * m = m * n" by (induct n) simp_all - show "(n * m) * q = n * (m * q)" by (induct n) (simp_all add: add_mult_distrib) - show "(n + m) * q = n * q + m * q" by (rule add_mult_distrib) + show "0 \ (1::nat)" + by simp + show "1 * n = n" + by simp + show "n * m = m * n" + by (induct n) simp_all + show "(n * m) * q = n * (m * q)" + by (induct n) (simp_all add: add_mult_distrib) + show "(n + m) * q = n * q + m * q" + by (rule add_mult_distrib) show "k * (m - n) = (k * m) - (k * n)" by (induct m n rule: diff_induct) simp_all qed @@ -296,7 +309,8 @@ text \Reasoning about \m + 0 = 0\, etc.\ -lemma add_is_0 [iff]: "(m + n = 0) = (m = 0 \ n = 0)" for m n :: nat +lemma add_is_0 [iff]: "m + n = 0 \ m = 0 \ n = 0" + for m n :: nat by (cases m) simp_all lemma add_is_1: "m + n = Suc 0 \ m = Suc 0 \ n = 0 | m = 0 \ n = Suc 0" @@ -305,21 +319,26 @@ lemma one_is_add: "Suc 0 = m + n \ m = Suc 0 \ n = 0 | m = 0 \ n = Suc 0" by (rule trans, rule eq_commute, rule add_is_1) -lemma add_eq_self_zero: "m + n = m \ n = 0" for m n :: nat +lemma add_eq_self_zero: "m + n = m \ n = 0" + for m n :: nat by (induct m) simp_all -lemma inj_on_add_nat[simp]: "inj_on (\n. n + k) N" for k :: nat - apply (induct k) - apply simp - apply (drule comp_inj_on[OF _ inj_Suc]) - apply (simp add: o_def) - done +lemma inj_on_add_nat [simp]: "inj_on (\n. n + k) N" + for k :: nat +proof (induct k) + case 0 + then show ?case by simp +next + case (Suc k) + show ?case + using comp_inj_on [OF Suc inj_Suc] by (simp add: o_def) +qed lemma Suc_eq_plus1: "Suc n = n + 1" - unfolding One_nat_def by simp + by simp lemma Suc_eq_plus1_left: "Suc n = 1 + n" - unfolding One_nat_def by simp + by simp subsubsection \Difference\ @@ -328,7 +347,8 @@ by (simp add: diff_diff_add) lemma diff_Suc_1 [simp]: "Suc n - 1 = n" - unfolding One_nat_def by simp + by simp + subsubsection \Multiplication\ @@ -336,24 +356,30 @@ by (induct m) auto lemma mult_eq_1_iff [simp]: "m * n = Suc 0 \ m = Suc 0 \ n = Suc 0" - apply (induct m) - apply simp - apply (induct n) - apply auto - done +proof (induct m) + case 0 + then show ?case by simp +next + case (Suc m) + then show ?case by (induct n) auto +qed lemma one_eq_mult_iff [simp]: "Suc 0 = m * n \ m = Suc 0 \ n = Suc 0" apply (rule trans) - apply (rule_tac [2] mult_eq_1_iff, fastforce) + apply (rule_tac [2] mult_eq_1_iff) + apply fastforce done -lemma nat_mult_eq_1_iff [simp]: "m * n = 1 \ m = 1 \ n = 1" for m n :: nat +lemma nat_mult_eq_1_iff [simp]: "m * n = 1 \ m = 1 \ n = 1" + for m n :: nat unfolding One_nat_def by (rule mult_eq_1_iff) -lemma nat_1_eq_mult_iff [simp]: "1 = m * n \ m = 1 \ n = 1" for m n :: nat +lemma nat_1_eq_mult_iff [simp]: "1 = m * n \ m = 1 \ n = 1" + for m n :: nat unfolding One_nat_def by (rule one_eq_mult_iff) -lemma mult_cancel1 [simp]: "k * m = k * n \ m = n \ k = 0" for k m n :: nat +lemma mult_cancel1 [simp]: "k * m = k * n \ m = n \ k = 0" + for k m n :: nat proof - have "k \ 0 \ k * m = k * n \ m = n" proof (induct n arbitrary: m) @@ -367,7 +393,8 @@ then show ?thesis by auto qed -lemma mult_cancel2 [simp]: "m * k = n * k \ m = n \ k = 0" for k m n :: nat +lemma mult_cancel2 [simp]: "m * k = n * k \ m = n \ k = 0" + for k m n :: nat by (simp add: mult.commute) lemma Suc_mult_cancel1: "Suc k * m = Suc k * n \ m = n" @@ -381,20 +408,23 @@ instantiation nat :: linorder begin -primrec less_eq_nat where - "(0::nat) \ n \ True" -| "Suc m \ n \ (case n of 0 \ False | Suc n \ m \ n)" +primrec less_eq_nat + where + "(0::nat) \ n \ True" + | "Suc m \ n \ (case n of 0 \ False | Suc n \ m \ n)" declare less_eq_nat.simps [simp del] -lemma le0 [iff]: "0 \ n" for n :: nat +lemma le0 [iff]: "0 \ n" for + n :: nat by (simp add: less_eq_nat.simps) -lemma [code]: "0 \ n \ True" for n :: nat +lemma [code]: "0 \ n \ True" + for n :: nat by simp -definition less_nat where - less_eq_Suc_le: "n < m \ Suc n \ m" +definition less_nat + where less_eq_Suc_le: "n < m \ Suc n \