# HG changeset patch # User wenzelm # Date 1434831627 -7200 # Node ID f909f1a5cb2251e8cc58aa6d83172f36fd973084 # Parent b9add7665d7a5e8c1f51bc9f7f880c96850c0664 tuned proofs; diff -r b9add7665d7a -r f909f1a5cb22 src/HOL/Decision_Procs/Dense_Linear_Order.thy --- a/src/HOL/Decision_Procs/Dense_Linear_Order.thy Sat Jun 20 20:55:31 2015 +0200 +++ b/src/HOL/Decision_Procs/Dense_Linear_Order.thy Sat Jun 20 22:20:27 2015 +0200 @@ -18,7 +18,7 @@ lemma less_not_permute[no_atp]: "\ (x < y \ y < x)" by (simp add: not_less linear) -lemma gather_simps[no_atp]: +lemma gather_simps[no_atp]: "(\x. (\y \ L. y < x) \ (\y \ U. x < y) \ x < u \ P x) \ (\x. (\y \ L. y < x) \ (\y \ (insert u U). x < y) \ P x)" "(\x. (\y \ L. y < x) \ (\y \ U. x < y) \ l < x \ P x) \ @@ -29,7 +29,7 @@ (\x. (\y \ (insert l L). y < x) \ (\y \ U. x < y))" by auto -lemma gather_start [no_atp]: "(\x. P x) \ (\x. (\y \ {}. y < x) \ (\y\ {}. x < y) \ P x)" +lemma gather_start [no_atp]: "(\x. P x) \ (\x. (\y \ {}. y < x) \ (\y\ {}. x < y) \ P x)" by simp text\Theorems for @{text "\z. \x. x < z \ (P x \ P\<^sub>-\<^sub>\)"}\ @@ -56,184 +56,248 @@ lemma pinf_neq[no_atp]: "\z. \x. z < x \ (x \ t \ True)" by auto lemma pinf_P[no_atp]: "\z. \x. z < x \ (P \ P)" by blast -lemma nmi_lt[no_atp]: "t \ U \ \x. \True \ x < t \ (\ u\ U. u \ x)" by auto -lemma nmi_gt[no_atp]: "t \ U \ \x. \False \ t < x \ (\ u\ U. u \ x)" +lemma nmi_lt[no_atp]: "t \ U \ \x. \True \ x < t \ (\u\ U. u \ x)" by auto +lemma nmi_gt[no_atp]: "t \ U \ \x. \False \ t < x \ (\u\ U. u \ x)" by (auto simp add: le_less) -lemma nmi_le[no_atp]: "t \ U \ \x. \True \ x\ t \ (\ u\ U. u \ x)" by auto -lemma nmi_ge[no_atp]: "t \ U \ \x. \False \ t\ x \ (\ u\ U. u \ x)" by auto -lemma nmi_eq[no_atp]: "t \ U \ \x. \False \ x = t \ (\ u\ U. u \ x)" by auto -lemma nmi_neq[no_atp]: "t \ U \\x. \True \ x \ t \ (\ u\ U. u \ x)" by auto -lemma nmi_P[no_atp]: "\ x. ~P \ P \ (\ u\ U. u \ x)" by auto -lemma nmi_conj[no_atp]: "\\x. \P1' \ P1 x \ (\ u\ U. u \ x) ; - \x. \P2' \ P2 x \ (\ u\ U. u \ x)\ \ - \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\ u\ U. u \ x)" by auto -lemma nmi_disj[no_atp]: "\\x. \P1' \ P1 x \ (\ u\ U. u \ x) ; - \x. \P2' \ P2 x \ (\ u\ U. u \ x)\ \ - \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\ u\ U. u \ x)" by auto +lemma nmi_le[no_atp]: "t \ U \ \x. \True \ x\ t \ (\u\ U. u \ x)" by auto +lemma nmi_ge[no_atp]: "t \ U \ \x. \False \ t\ x \ (\u\ U. u \ x)" by auto +lemma nmi_eq[no_atp]: "t \ U \ \x. \False \ x = t \ (\u\ U. u \ x)" by auto +lemma nmi_neq[no_atp]: "t \ U \\x. \True \ x \ t \ (\u\ U. u \ x)" by auto +lemma nmi_P[no_atp]: "\x. ~P \ P \ (\u\ U. u \ x)" by auto +lemma nmi_conj[no_atp]: "\\x. \P1' \ P1 x \ (\u\ U. u \ x) ; + \x. \P2' \ P2 x \ (\u\ U. u \ x)\ \ + \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\u\ U. u \ x)" by auto +lemma nmi_disj[no_atp]: "\\x. \P1' \ P1 x \ (\u\ U. u \ x) ; + \x. \P2' \ P2 x \ (\u\ U. u \ x)\ \ + \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\u\ U. u \ x)" by auto -lemma npi_lt[no_atp]: "t \ U \ \x. \False \ x < t \ (\ u\ U. x \ u)" by (auto simp add: le_less) -lemma npi_gt[no_atp]: "t \ U \ \x. \True \ t < x \ (\ u\ U. x \ u)" by auto -lemma npi_le[no_atp]: "t \ U \ \x. \False \ x \ t \ (\ u\ U. x \ u)" by auto -lemma npi_ge[no_atp]: "t \ U \ \x. \True \ t \ x \ (\ u\ U. x \ u)" by auto -lemma npi_eq[no_atp]: "t \ U \ \x. \False \ x = t \ (\ u\ U. x \ u)" by auto -lemma npi_neq[no_atp]: "t \ U \ \x. \True \ x \ t \ (\ u\ U. x \ u )" by auto -lemma npi_P[no_atp]: "\ x. ~P \ P \ (\ u\ U. x \ u)" by auto -lemma npi_conj[no_atp]: "\\x. \P1' \ P1 x \ (\ u\ U. x \ u) ; \x. \P2' \ P2 x \ (\ u\ U. x \ u)\ - \ \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\ u\ U. x \ u)" by auto -lemma npi_disj[no_atp]: "\\x. \P1' \ P1 x \ (\ u\ U. x \ u) ; \x. \P2' \ P2 x \ (\ u\ U. x \ u)\ - \ \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\ u\ U. x \ u)" by auto +lemma npi_lt[no_atp]: "t \ U \ \x. \False \ x < t \ (\u\ U. x \ u)" by (auto simp add: le_less) +lemma npi_gt[no_atp]: "t \ U \ \x. \True \ t < x \ (\u\ U. x \ u)" by auto +lemma npi_le[no_atp]: "t \ U \ \x. \False \ x \ t \ (\u\ U. x \ u)" by auto +lemma npi_ge[no_atp]: "t \ U \ \x. \True \ t \ x \ (\u\ U. x \ u)" by auto +lemma npi_eq[no_atp]: "t \ U \ \x. \False \ x = t \ (\u\ U. x \ u)" by auto +lemma npi_neq[no_atp]: "t \ U \ \x. \True \ x \ t \ (\u\ U. x \ u )" by auto +lemma npi_P[no_atp]: "\x. ~P \ P \ (\u\ U. x \ u)" by auto +lemma npi_conj[no_atp]: "\\x. \P1' \ P1 x \ (\u\ U. x \ u) ; \x. \P2' \ P2 x \ (\u\ U. x \ u)\ + \ \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\u\ U. x \ u)" by auto +lemma npi_disj[no_atp]: "\\x. \P1' \ P1 x \ (\u\ U. x \ u) ; \x. \P2' \ P2 x \ (\u\ U. x \ u)\ + \ \x. \(P1' \ P2') \ (P1 x \ P2 x) \ (\u\ U. x \ u)" by auto lemma lin_dense_lt[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t < u \ t \ U) \ l< x \ x < u \ x < t \ (\ y. l < y \ y < u \ y < t)" -proof(clarsimp) + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ x < t \ (\y. l < y \ y < u \ y < t)" +proof clarsimp fix x l u y - assume tU: "t \ U" and noU: "\t. l < t \ t < u \ t \ U" and lx: "l < x" - and xu: "xy" by auto - { assume H: "t < y" - from less_trans[OF lx px] less_trans[OF H yu] - have "l < t \ t < u" by simp - with tU noU have "False" by auto } - then have "\ t < y" by auto - then have "y \ t" by (simp add: not_less) - then show "y < t" using tny by (simp add: less_le) + assume tU: "t \ U" + and noU: "\t. l < t \ t < u \ t \ U" + and lx: "l < x" + and xu: "x < u" + and px: "x < t" + and ly: "l < y" + and yu: "y < u" + from tU noU ly yu have tny: "t \ y" by auto + have False if H: "t < y" + proof - + from less_trans[OF lx px] less_trans[OF H yu] have "l < t \ t < u" + by simp + with tU noU show ?thesis + by auto + qed + then have "\ t < y" + by auto + then have "y \ t" + by (simp add: not_less) + then show "y < t" + using tny by (simp add: less_le) qed lemma lin_dense_gt[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l < x \ x < u \ t < x \ (\ y. l < y \ y < u \ t < y)" -proof(clarsimp) + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ t < x \ (\y. l < y \ y < u \ t < y)" +proof clarsimp fix x l u y - assume tU: "t \ U" and noU: "\t. l < t \ t < u \ t \ U" and lx: "l < x" and xu: "xy" by auto - { assume H: "y< t" - from less_trans[OF ly H] less_trans[OF px xu] have "l < t \ t < u" by simp - with tU noU have "False" by auto } - then have "\ y y" by (auto simp add: not_less) - then show "t < y" using tny by (simp add: less_le) + assume tU: "t \ U" + and noU: "\t. l < t \ t < u \ t \ U" + and lx: "l < x" + and xu: "x < u" + and px: "t < x" + and ly: "l < y" + and yu: "y < u" + from tU noU ly yu have tny: "t \ y" by auto + have False if H: "y < t" + proof - + from less_trans[OF ly H] less_trans[OF px xu] have "l < t \ t < u" + by simp + with tU noU show ?thesis + by auto + qed + then have "\ y < t" + by auto + then have "t \ y" + by (auto simp add: not_less) + then show "t < y" + using tny by (simp add: less_le) qed lemma lin_dense_le[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ x \ t \ (\ y. l < y \ y < u \ y\ t)" -proof(clarsimp) + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ x \ t \ (\y. l < y \ y < u \ y \ t)" +proof clarsimp fix x l u y - assume tU: "t \ U" and noU: "\t. l < t \ t < u \ t \ U" and lx: "l < x" and xu: "x t" and ly: "ly" by auto - { assume H: "t < y" + assume tU: "t \ U" + and noU: "\t. l < t \ t < u \ t \ U" + and lx: "l < x" + and xu: "x < u" + and px: "x \ t" + and ly: "l < y" + and yu: "y < u" + from tU noU ly yu have tny: "t \ y" by auto + have False if H: "t < y" + proof - from less_le_trans[OF lx px] less_trans[OF H yu] have "l < t \ t < u" by simp - with tU noU have "False" by auto } + with tU noU show ?thesis by auto + qed then have "\ t < y" by auto then show "y \ t" by (simp add: not_less) qed lemma lin_dense_ge[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ t \ x \ (\ y. l < y \ y < u \ t \ y)" -proof(clarsimp) + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ t \ x \ (\y. l < y \ y < u \ t \ y)" +proof clarsimp fix x l u y - assume tU: "t \ U" and noU: "\t. l < t \ t < u \ t \ U" and lx: "l < x" and xu: "x x" and ly: "ly" by auto - { assume H: "y< t" + assume tU: "t \ U" + and noU: "\t. l < t \ t < u \ t \ U" + and lx: "l < x" + and xu: "x < u" + and px: "t \ x" + and ly: "l < y" + and yu: "y < u" + from tU noU ly yu have tny: "t \ y" by auto + have False if H: "y < t" + proof - from less_trans[OF ly H] le_less_trans[OF px xu] have "l < t \ t < u" by simp - with tU noU have "False" by auto } - then have "\ y y < t" by auto then show "t \ y" by (simp add: not_less) qed lemma lin_dense_eq[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ x = t \ (\ y. l < y \ y < u \ y= t)" + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ x = t \ (\y. l < y \ y < u \ y = t)" by auto lemma lin_dense_neq[no_atp]: "t \ U \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ x \ t \ (\ y. l < y \ y < u \ y\ t)" + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ x \ t \ (\y. l < y \ y < u \ y \ t)" by auto lemma lin_dense_P[no_atp]: - "\x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ P \ (\ y. l < y \ y < u \ P)" + "\x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ P \ (\y. l < y \ y < u \ P)" by auto lemma lin_dense_conj[no_atp]: - "\\x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ P1 x - \ (\ y. l < y \ y < u \ P1 y) ; - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ P2 x - \ (\ y. l < y \ y < u \ P2 y)\ \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ (P1 x \ P2 x) - \ (\ y. l < y \ y < u \ (P1 y \ P2 y))" + "\\x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ P1 x + \ (\y. l < y \ y < u \ P1 y) ; + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ P2 x + \ (\y. l < y \ y < u \ P2 y)\ \ + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ (P1 x \ P2 x) + \ (\y. l < y \ y < u \ (P1 y \ P2 y))" by blast lemma lin_dense_disj[no_atp]: - "\\x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ P1 x - \ (\ y. l < y \ y < u \ P1 y) ; - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ P2 x - \ (\ y. l < y \ y < u \ P2 y)\ \ - \x l u. (\ t. l < t \ t< u \ t \ U) \ l< x \ x < u \ (P1 x \ P2 x) - \ (\ y. l < y \ y < u \ (P1 y \ P2 y))" + "\\x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ P1 x + \ (\y. l < y \ y < u \ P1 y) ; + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ P2 x + \ (\y. l < y \ y < u \ P2 y)\ \ + \x l u. (\t. l < t \ t < u \ t \ U) \ l < x \ x < u \ (P1 x \ P2 x) + \ (\y. l < y \ y < u \ (P1 y \ P2 y))" by blast -lemma npmibnd[no_atp]: "\\x. \ MP \ P x \ (\ u\ U. u \ x); \x. \PP \ P x \ (\ u\ U. x \ u)\ - \ \x. \ MP \ \PP \ P x \ (\ u\ U. \ u' \ U. u \ x \ x \ u')" +lemma npmibnd[no_atp]: "\\x. \ MP \ P x \ (\u\ U. u \ x); \x. \PP \ P x \ (\u\ U. x \ u)\ + \ \x. \ MP \ \PP \ P x \ (\u\ U. \u' \ U. u \ x \ x \ u')" by auto lemma finite_set_intervals[no_atp]: - assumes px: "P x" and lx: "l \ x" and xu: "x \ u" and linS: "l\ S" - and uinS: "u \ S" and fS:"finite S" and lS: "\ x\ S. l \ x" and Su: "\ x\ S. x \ u" - shows "\ a \ S. \ b \ S. (\ y. a < y \ y < b \ y \ S) \ a \ x \ x \ b \ P x" + assumes px: "P x" + and lx: "l \ x" + and xu: "x \ u" + and linS: "l\ S" + and uinS: "u \ S" + and fS:"finite S" + and lS: "\x\ S. l \ x" + and Su: "\x\ S. x \ u" + shows "\a \ S. \b \ S. (\y. a < y \ y < b \ y \ S) \ a \ x \ x \ b \ P x" proof - let ?Mx = "{y. y\ S \ y \ x}" let ?xM = "{y. y\ S \ x \ y}" let ?a = "Max ?Mx" let ?b = "Min ?xM" - have MxS: "?Mx \ S" by blast - hence fMx: "finite ?Mx" using fS finite_subset by auto - from lx linS have linMx: "l \ ?Mx" by blast - hence Mxne: "?Mx \ {}" by blast - have xMS: "?xM \ S" by blast - hence fxM: "finite ?xM" using fS finite_subset by auto - from xu uinS have linxM: "u \ ?xM" by blast - hence xMne: "?xM \ {}" by blast - have ax:"?a \ x" using Mxne fMx by auto - have xb:"x \ ?b" using xMne fxM by auto - have "?a \ ?Mx" using Max_in[OF fMx Mxne] by simp hence ainS: "?a \ S" using MxS by blast - have "?b \ ?xM" using Min_in[OF fxM xMne] by simp hence binS: "?b \ S" using xMS by blast - have noy:"\ y. ?a < y \ y < ?b \ y \ S" - proof(clarsimp) + have MxS: "?Mx \ S" + by blast + then have fMx: "finite ?Mx" + using fS finite_subset by auto + from lx linS have linMx: "l \ ?Mx" + by blast + then have Mxne: "?Mx \ {}" + by blast + have xMS: "?xM \ S" + by blast + then have fxM: "finite ?xM" + using fS finite_subset by auto + from xu uinS have linxM: "u \ ?xM" + by blast + then have xMne: "?xM \ {}" + by blast + have ax: "?a \ x" + using Mxne fMx by auto + have xb: "x \ ?b" + using xMne fxM by auto + have "?a \ ?Mx" + using Max_in[OF fMx Mxne] by simp then have ainS: "?a \ S" using MxS by blast + have "?b \ ?xM" + using Min_in[OF fxM xMne] by simp then have binS: "?b \ S" using xMS by blast + have noy: "\y. ?a < y \ y < ?b \ y \ S" + proof clarsimp fix y assume ay: "?a < y" and yb: "y < ?b" and yS: "y \ S" - from yS have "y\ ?Mx \ y\ ?xM" by (auto simp add: linear) - moreover { + from yS have "y \ ?Mx \ y \ ?xM" by (auto simp add: linear) + then show False + proof assume "y \ ?Mx" - hence "y \ ?a" using Mxne fMx by auto - with ay have "False" by (simp add: not_le[symmetric]) - } - moreover { + then have "y \ ?a" using Mxne fMx by auto + with ay show ?thesis by (simp add: not_le[symmetric]) + next assume "y \ ?xM" - hence "?b \ y" using xMne fxM by auto - with yb have "False" by (simp add: not_le[symmetric]) - } - ultimately show False by blast + then have "?b \ y" using xMne fxM by auto + with yb show ?thesis by (simp add: not_le[symmetric]) + qed qed from ainS binS noy ax xb px show ?thesis by blast qed lemma finite_set_intervals2[no_atp]: - assumes px: "P x" and lx: "l \ x" and xu: "x \ u" and linS: "l\ S" - and uinS: "u \ S" and fS:"finite S" and lS: "\ x\ S. l \ x" and Su: "\ x\ S. x \ u" - shows "(\ s\ S. P s) \ (\ a \ S. \ b \ S. (\ y. a < y \ y < b \ y \ S) \ a < x \ x < b \ P x)" -proof- + assumes px: "P x" + and lx: "l \ x" + and xu: "x \ u" + and linS: "l\ S" + and uinS: "u \ S" + and fS: "finite S" + and lS: "\x\ S. l \ x" + and Su: "\x\ S. x \ u" + shows "(\s\ S. P s) \ (\a \ S. \b \ S. (\y. a < y \ y < b \ y \ S) \ a < x \ x < b \ P x)" +proof - from finite_set_intervals[where P="P", OF px lx xu linS uinS fS lS Su] - obtain a and b where as: "a\ S" and bs: "b\ S" and noS:"\y. a < y \ y < b \ y \ S" - and axb: "a \ x \ x \ b \ P x" by auto - from axb have "x= a \ x= b \ (a < x \ x < b)" by (auto simp add: le_less) - thus ?thesis using px as bs noS by blast + obtain a and b where as: "a \ S" and bs: "b \ S" + and noS: "\y. a < y \ y < b \ y \ S" + and axb: "a \ x \ x \ b \ P x" + by auto + from axb have "x = a \ x = b \ (a < x \ x < b)" + by (auto simp add: le_less) + then show ?thesis + using px as bs noS by blast qed end @@ -247,21 +311,26 @@ lemma interval_empty_iff: "{y. x < y \ y < z} = {} \ \ x < z" by (auto dest: dense) -lemma dlo_qe_bnds[no_atp]: - assumes ne: "L \ {}" and neU: "U \ {}" and fL: "finite L" and fU: "finite U" - shows "(\x. (\y \ L. y < x) \ (\y \ U. x < y)) \ (\ l \ L. \u \ U. l < u)" +lemma dlo_qe_bnds[no_atp]: + assumes ne: "L \ {}" + and neU: "U \ {}" + and fL: "finite L" + and fU: "finite U" + shows "(\x. (\y \ L. y < x) \ (\y \ U. x < y)) \ (\l \ L. \u \ U. l < u)" proof (simp only: atomize_eq, rule iffI) assume H: "\x. (\y\L. y < x) \ (\y\U. x < y)" then obtain x where xL: "\y\L. y < x" and xU: "\y\U. x < y" by blast - { fix l u assume l: "l \ L" and u: "u \ U" + have "l < u" if l: "l \ L" and u: "u \ U" for l u + proof - have "l < x" using xL l by blast also have "x < u" using xU u by blast - finally (less_trans) have "l < u" . } + finally show ?thesis . + qed then show "\l\L. \u\U. l < u" by blast next assume H: "\l\L. \u\U. l < u" let ?ML = "Max L" - let ?MU = "Min U" + let ?MU = "Min U" from fL ne have th1: "?ML \ L" and th1': "\l\L. l \ ?ML" by auto from fU neU have th2: "?MU \ U" and th2': "\u\U. ?MU \ u" by auto from th1 th2 H have "?ML < ?MU" by auto @@ -271,30 +340,32 @@ ultimately show "\x. (\y\L. y < x) \ (\y\U. x < y)" by auto qed -lemma dlo_qe_noub[no_atp]: - assumes ne: "L \ {}" and fL: "finite L" +lemma dlo_qe_noub[no_atp]: + assumes ne: "L \ {}" + and fL: "finite L" shows "(\x. (\y \ L. y < x) \ (\y \ {}. x < y)) \ True" -proof(simp add: atomize_eq) +proof (simp add: atomize_eq) from gt_ex[of "Max L"] obtain M where M: "Max L < M" by blast from ne fL have "\x \ L. x \ Max L" by simp with M have "\x\L. x < M" by (auto intro: le_less_trans) - thus "\x. \y\L. y < x" by blast + then show "\x. \y\L. y < x" by blast qed -lemma dlo_qe_nolb[no_atp]: - assumes ne: "U \ {}" and fU: "finite U" +lemma dlo_qe_nolb[no_atp]: + assumes ne: "U \ {}" + and fU: "finite U" shows "(\x. (\y \ {}. y < x) \ (\y \ U. x < y)) \ True" -proof(simp add: atomize_eq) +proof (simp add: atomize_eq) from lt_ex[of "Min U"] obtain M where M: "M < Min U" by blast from ne fU have "\x \ U. Min U \ x" by simp with M have "\x\U. M < x" by (auto intro: less_le_trans) - thus "\x. \y\U. x < y" by blast + then show "\x. \y\U. x < y" by blast qed -lemma exists_neq[no_atp]: "\(x::'a). x \ t" "\(x::'a). t \ x" +lemma exists_neq[no_atp]: "\(x::'a). x \ t" "\(x::'a). t \ x" using gt_ex[of t] by auto -lemmas dlo_simps[no_atp] = order_refl less_irrefl not_less not_le exists_neq +lemmas dlo_simps[no_atp] = order_refl less_irrefl not_less not_le exists_neq le_less neq_iff linear less_not_permute lemma axiom[no_atp]: "class.unbounded_dense_linorder (op \) (op <)" @@ -315,8 +386,11 @@ lemmas weak_dnf_simps[no_atp] = simp_thms dnf lemma nnf_simps[no_atp]: - "(\(P \ Q)) = (\P \ \Q)" "(\(P \ Q)) = (\P \ \Q)" "(P \ Q) = (\P \ Q)" - "(P = Q) = ((P \ Q) \ (\P \ \ Q))" "(\ \(P)) = P" + "(\(P \ Q)) = (\P \ \Q)" + "(\(P \ Q)) = (\P \ \Q)" + "(P \ Q) = (\P \ Q)" + "(P = Q) = ((P \ Q) \ (\P \ \ Q))" + "(\ \(P)) = P" by blast+ lemma ex_distrib[no_atp]: "(\x. P x \ Q x) \ ((\x. P x) \ (\x. Q x))" by blast @@ -348,23 +422,23 @@ assumes gt_ex: "\y. less x y" begin -lemma ge_ex[no_atp]: "\y. x \ y" using gt_ex by auto +lemma ge_ex[no_atp]: "\y. x \ y" + using gt_ex by auto text \Theorems for @{text "\z. \x. z \ x \ (P x \ P\<^sub>+\<^sub>\)"}\ lemma pinf_conj[no_atp]: assumes ex1: "\z1. \x. z1 \ x \ (P1 x \ P1')" - and ex2: "\z2. \x. z2 \ x \ (P2 x \ P2')" + and ex2: "\z2. \x. z2 \ x \ (P2 x \ P2')" shows "\z. \x. z \ x \ ((P1 x \ P2 x) \ (P1' \ P2'))" -proof- +proof - from ex1 ex2 obtain z1 and z2 where z1: "\x. z1 \ x \ (P1 x \ P1')" - and z2: "\x. z2 \ x \ (P2 x \ P2')" by blast + and z2: "\x. z2 \ x \ (P2 x \ P2')" + by blast from gt_ex obtain z where z:"ord.max less_eq z1 z2 \ z" by blast from z have zz1: "z1 \ z" and zz2: "z2 \ z" by simp_all - { fix x assume H: "z \ x" - from less_trans[OF zz1 H] less_trans[OF zz2 H] - have "(P1 x \ P2 x) \ (P1' \ P2')" using z1 zz1 z2 zz2 by auto - } - thus ?thesis by blast + have "(P1 x \ P2 x) \ (P1' \ P2')" if H: "z \ x" for x + using less_trans[OF zz1 H] less_trans[OF zz2 H] z1 zz1 z2 zz2 by auto + then show ?thesis by blast qed lemma pinf_disj[no_atp]: @@ -376,14 +450,15 @@ and z2: "\x. z2 \ x \ (P2 x \ P2')" by blast from gt_ex obtain z where z:"ord.max less_eq z1 z2 \ z" by blast from z have zz1: "z1 \ z" and zz2: "z2 \ z" by simp_all - { fix x assume H: "z \ x" - from less_trans[OF zz1 H] less_trans[OF zz2 H] - have "(P1 x \ P2 x) \ (P1' \ P2')" using z1 zz1 z2 zz2 by auto - } - thus ?thesis by blast + have "(P1 x \ P2 x) \ (P1' \ P2')" if H: "z \ x" for x + using less_trans[OF zz1 H] less_trans[OF zz2 H] z1 zz1 z2 zz2 by auto + then show ?thesis by blast qed -lemma pinf_ex[no_atp]: assumes ex:"\z. \x. z \ x \ (P x \ P1)" and p1: P1 shows "\ x. P x" +lemma pinf_ex[no_atp]: + assumes ex: "\z. \x. z \ x \ (P x \ P1)" + and p1: P1 + shows "\x. P x" proof - from ex obtain z where z: "\x. z \ x \ (P x \ P1)" by blast from gt_ex obtain x where x: "z \ x" by blast @@ -406,15 +481,15 @@ assumes ex1: "\z1. \x. x \ z1 \ (P1 x \ P1')" and ex2: "\z2. \x. x \ z2 \ (P2 x \ P2')" shows "\z. \x. x \ z \ ((P1 x \ P2 x) \ (P1' \ P2'))" -proof- - from ex1 ex2 obtain z1 and z2 where z1: "\x. x \ z1 \ (P1 x \ P1')"and z2: "\x. x \ z2 \ (P2 x \ P2')" by blast +proof - + from ex1 ex2 obtain z1 and z2 where z1: "\x. x \ z1 \ (P1 x \ P1')" + and z2: "\x. x \ z2 \ (P2 x \ P2')" + by blast from lt_ex obtain z where z:"z \ ord.min less_eq z1 z2" by blast from z have zz1: "z \ z1" and zz2: "z \ z2" by simp_all - { fix x assume H: "x \ z" - from less_trans[OF H zz1] less_trans[OF H zz2] - have "(P1 x \ P2 x) \ (P1' \ P2')" using z1 zz1 z2 zz2 by auto - } - thus ?thesis by blast + have "(P1 x \ P2 x) \ (P1' \ P2')" if H: "x \ z" for x + using less_trans[OF H zz1] less_trans[OF H zz2] z1 zz1 z2 zz2 by auto + then show ?thesis by blast qed lemma minf_disj[no_atp]: @@ -426,17 +501,15 @@ and z2: "\x. x \ z2 \ (P2 x \ P2')" by blast from lt_ex obtain z where z:"z \ ord.min less_eq z1 z2" by blast from z have zz1: "z \ z1" and zz2: "z \ z2" by simp_all - { fix x assume H: "x \ z" - from less_trans[OF H zz1] less_trans[OF H zz2] - have "(P1 x \ P2 x) \ (P1' \ P2')" using z1 zz1 z2 zz2 by auto - } - thus ?thesis by blast + have "(P1 x \ P2 x) \ (P1' \ P2')" if H: "x \ z" for x + using less_trans[OF H zz1] less_trans[OF H zz2] z1 zz1 z2 zz2 by auto + then show ?thesis by blast qed lemma minf_ex[no_atp]: assumes ex: "\z. \x. x \ z \ (P x \ P1)" and p1: P1 - shows "\ x. P x" + shows "\x. P x" proof - from ex obtain z where z: "\x. x \ z \ (P x \ P1)" by blast from lt_ex obtain x where x: "x \ z" by blast @@ -452,7 +525,7 @@ and between_same: "between x x = x" begin -sublocale dlo: unbounded_dense_linorder +sublocale dlo: unbounded_dense_linorder apply unfold_locales using gt_ex lt_ex between_less apply auto @@ -462,74 +535,104 @@ lemma rinf_U[no_atp]: assumes fU: "finite U" - and lin_dense: "\x l u. (\ t. l \ t \ t\ u \ t \ U) \ l\ x \ x \ u \ P x - \ (\ y. l \ y \ y \ u \ P y )" - and nmpiU: "\x. \ MP \ \PP \ P x \ (\ u\ U. \ u' \ U. u \ x \ x \ u')" - and nmi: "\ MP" and npi: "\ PP" and ex: "\ x. P x" - shows "\ u\ U. \ u' \ U. P (between u u')" + and lin_dense: "\x l u. (\t. l \ t \ t\ u \ t \ U) \ l\ x \ x \ u \ P x + \ (\y. l \ y \ y \ u \ P y )" + and nmpiU: "\x. \ MP \ \PP \ P x \ (\u\ U. \u' \ U. u \ x \ x \ u')" + and nmi: "\ MP" and npi: "\ PP" and ex: "\x. P x" + shows "\u\ U. \u' \ U. P (between u u')" proof - - from ex obtain x where px: "P x" by blast - from px nmi npi nmpiU have "\ u\ U. \ u' \ U. u \ x \ x \ u'" by auto - then obtain u and u' where uU:"u\ U" and uU': "u' \ U" and ux:"u \ x" and xu':"x \ u'" by auto - from uU have Une: "U \ {}" by auto + from ex obtain x where px: "P x" + by blast + from px nmi npi nmpiU have "\u\ U. \u' \ U. u \ x \ x \ u'" + by auto + then obtain u and u' where uU: "u\ U" and uU': "u' \ U" and ux: "u \ x" and xu': "x \ u'" + by auto + from uU have Une: "U \ {}" + by auto let ?l = "linorder.Min less_eq U" let ?u = "linorder.Max less_eq U" - have linM: "?l \ U" using fU Une by simp - have uinM: "?u \ U" using fU Une by simp - have lM: "\ t\ U. ?l \ t" using Une fU by auto - have Mu: "\ t\ U. t \ ?u" using Une fU by auto - have th:"?l \ u" using uU Une lM by auto + have linM: "?l \ U" + using fU Une by simp + have uinM: "?u \ U" + using fU Une by simp + have lM: "\t\ U. ?l \ t" + using Une fU by auto + have Mu: "\t\ U. t \ ?u" + using Une fU by auto + have th: "?l \ u" + using uU Une lM by auto from order_trans[OF th ux] have lx: "?l \ x" . - have th: "u' \ ?u" using uU' Une Mu by simp + have th: "u' \ ?u" + using uU' Une Mu by simp from order_trans[OF xu' th] have xu: "x \ ?u" . from finite_set_intervals2[where P="P",OF px lx xu linM uinM fU lM Mu] - have "(\ s\ U. P s) \ - (\ t1\ U. \ t2 \ U. (\ y. t1 \ y \ y \ t2 \ y \ U) \ t1 \ x \ x \ t2 \ P x)" . - moreover { - fix u assume um: "u\U" and pu: "P u" + consider u where "u \ U" "P u" | + t1 t2 where "t1 \ U" "t2 \ U" "\y. t1 \ y \ y \ t2 \ y \ U" "t1 \ x" "x \ t2" "P x" + by blast + then show ?thesis + proof cases + case 1 have "between u u = u" by (simp add: between_same) - with um pu have "P (between u u)" by simp - with um have ?thesis by blast } - moreover { - assume "\ t1\ U. \ t2 \ U. (\ y. t1 \ y \ y \ t2 \ y \ U) \ t1 \ x \ x \ t2 \ P x" - then obtain t1 and t2 where t1M: "t1 \ U" and t2M: "t2\ U" - and noM: "\ y. t1 \ y \ y \ t2 \ y \ U" - and t1x: "t1 \ x" and xt2: "x \ t2" and px: "P x" by blast + with 1 have "P (between u u)" by simp + with 1 show ?thesis by blast + next + case 2 + note t1M = \t1 \ U\ and t2M = \t2\ U\ + and noM = \\y. t1 \ y \ y \ t2 \ y \ U\ + and t1x = \t1 \ x\ and xt2 = \x \ t2\ + and px = \P x\ from less_trans[OF t1x xt2] have t1t2: "t1 \ t2" . let ?u = "between t1 t2" from between_less t1t2 have t1lu: "t1 \ ?u" and ut2: "?u \ t2" by auto from lin_dense noM t1x xt2 px t1lu ut2 have "P ?u" by blast - with t1M t2M have ?thesis by blast - } - ultimately show ?thesis by blast + with t1M t2M show ?thesis by blast + qed qed theorem fr_eq[no_atp]: assumes fU: "finite U" - and lin_dense: "\x l u. (\ t. l \ t \ t\ u \ t \ U) \ l\ x \ x \ u \ P x - \ (\ y. l \ y \ y \ u \ P y )" - and nmibnd: "\x. \ MP \ P x \ (\ u\ U. u \ x)" - and npibnd: "\x. \PP \ P x \ (\ u\ U. x \ u)" + and lin_dense: "\x l u. (\t. l \ t \ t\ u \ t \ U) \ l\ x \ x \ u \ P x + \ (\y. l \ y \ y \ u \ P y )" + and nmibnd: "\x. \ MP \ P x \ (\u\ U. u \ x)" + and npibnd: "\x. \PP \ P x \ (\u\ U. x \ u)" and mi: "\z. \x. x \ z \ (P x = MP)" and pi: "\z. \x. z \ x \ (P x = PP)" - shows "(\ x. P x) \ (MP \ PP \ (\ u \ U. \ u'\ U. P (between u u')))" + shows "(\x. P x) \ (MP \ PP \ (\u \ U. \u'\ U. P (between u u')))" (is "_ \ (_ \ _ \ ?F)" is "?E \ ?D") proof - - { assume px: "\ x. P x" - have "MP \ PP \ (\ MP \ \ PP)" by blast - moreover { assume "MP \ PP" hence "?D" by blast } - moreover { - assume nmi: "\ MP" and npi: "\ PP" - from npmibnd[OF nmibnd npibnd] - have nmpiU: "\x. \ MP \ \PP \ P x \ (\ u\ U. \ u' \ U. u \ x \ x \ u')" . - from rinf_U[OF fU lin_dense nmpiU nmi npi px] have "?D" by blast } - ultimately have "?D" by blast } - moreover - { assume "?D" - moreover { assume m:"MP" from minf_ex[OF mi m] have "?E" . } - moreover { assume p: "PP" from pinf_ex[OF pi p] have "?E" . } - moreover { assume f:"?F" hence "?E" by blast } - ultimately have "?E" by blast } - ultimately have "?E = ?D" by blast thus "?E \ ?D" by simp + have "?E \ ?D" + proof + show ?D if px: ?E + proof - + consider "MP \ PP" | "\ MP" "\ PP" by blast + then show ?thesis + proof cases + case 1 + then show ?thesis by blast + next + case 2 + from npmibnd[OF nmibnd npibnd] + have nmpiU: "\x. \ MP \ \PP \ P x \ (\u\ U. \u' \ U. u \ x \ x \ u')" . + from rinf_U[OF fU lin_dense nmpiU \\ MP\ \\ PP\ px] show ?thesis + by blast + qed + qed + show ?E if ?D + proof - + from that consider MP | PP | ?F by blast + then show ?thesis + proof cases + case 1 + show ?thesis by (rule minf_ex[OF mi 1]) + next + case 2 + show ?thesis by (rule pinf_ex[OF pi 2]) + next + case 3 + then show ?thesis by blast + qed + qed + qed + then show "?E \ ?D" by simp qed lemmas minf_thms[no_atp] = minf_conj minf_disj minf_eq minf_neq minf_lt minf_le minf_gt minf_ge minf_P @@ -595,114 +698,141 @@ subsection \Ferrante and Rackoff algorithm over ordered fields\ -lemma neg_prod_lt:"(c\'a\linordered_field) < 0 \ ((c*x < 0) == (x > 0))" +lemma neg_prod_lt: + fixes c :: "'a::linordered_field" + assumes "c < 0" + shows "c * x < 0 \ x > 0" proof - - assume H: "c < 0" - have "c*x < 0 = (0/c < x)" - by (simp only: neg_divide_less_eq[OF H] algebra_simps) - also have "\ = (0 < x)" by simp - finally show "(c*x < 0) == (x > 0)" by simp + have "c * x < 0 \ 0 / c < x" + by (simp only: neg_divide_less_eq[OF \c < 0\] algebra_simps) + also have "\ \ 0 < x" by simp + finally show "PROP ?thesis" by simp qed -lemma pos_prod_lt:"(c\'a\linordered_field) > 0 \ ((c*x < 0) == (x < 0))" +lemma pos_prod_lt: + fixes c :: "'a::linordered_field" + assumes "c > 0" + shows "c * x < 0 \ x < 0" proof - - assume H: "c > 0" - then have "c*x < 0 = (0/c > x)" - by (simp only: pos_less_divide_eq[OF H] algebra_simps) - also have "\ = (0 > x)" by simp - finally show "(c*x < 0) == (x < 0)" by simp + have "c * x < 0 \ 0 /c > x" + by (simp only: pos_less_divide_eq[OF \c > 0\] algebra_simps) + also have "\ \ 0 > x" by simp + finally show "PROP ?thesis" by simp qed -lemma neg_prod_sum_lt: "(c\'a\linordered_field) < 0 \ ((c*x + t< 0) == (x > (- 1/c)*t))" +lemma neg_prod_sum_lt: + fixes c :: "'a::linordered_field" + assumes "c < 0" + shows "c * x + t < 0 \ x > (- 1 / c) * t" proof - - assume H: "c < 0" - have "c*x + t< 0 = (c*x < -t)" - by (subst less_iff_diff_less_0 [of "c*x" "-t"], simp) - also have "\ = (-t/c < x)" - by (simp only: neg_divide_less_eq[OF H] algebra_simps) - also have "\ = ((- 1/c)*t < x)" by simp - finally show "(c*x + t < 0) == (x > (- 1/c)*t)" by simp + have "c * x + t < 0 \ c * x < - t" + by (subst less_iff_diff_less_0 [of "c * x" "- t"]) simp + also have "\ \ - t / c < x" + by (simp only: neg_divide_less_eq[OF \c < 0\] algebra_simps) + also have "\ \ (- 1 / c) * t < x" by simp + finally show "PROP ?thesis" by simp qed -lemma pos_prod_sum_lt:"(c\'a\linordered_field) > 0 \ ((c*x + t < 0) == (x < (- 1/c)*t))" +lemma pos_prod_sum_lt: + fixes c :: "'a::linordered_field" + assumes "c > 0" + shows "c * x + t < 0 \ x < (- 1 / c) * t" proof - - assume H: "c > 0" - have "c*x + t< 0 = (c*x < -t)" - by (subst less_iff_diff_less_0 [of "c*x" "-t"], simp) - also have "\ = (-t/c > x)" - by (simp only: pos_less_divide_eq[OF H] algebra_simps) - also have "\ = ((- 1/c)*t > x)" by simp - finally show "(c*x + t < 0) == (x < (- 1/c)*t)" by simp + have "c * x + t < 0 \ c * x < - t" + by (subst less_iff_diff_less_0 [of "c * x" "- t"]) simp + also have "\ \ - t / c > x" + by (simp only: pos_less_divide_eq[OF \c > 0\] algebra_simps) + also have "\ \ (- 1 / c) * t > x" by simp + finally show "PROP ?thesis" by simp qed -lemma sum_lt:"((x::'a::ordered_ab_group_add) + t < 0) == (x < - t)" +lemma sum_lt: + fixes x :: "'a::ordered_ab_group_add" + shows "x + t < 0 \ x < - t" using less_diff_eq[where a= x and b=t and c=0] by simp -lemma neg_prod_le:"(c\'a\linordered_field) < 0 \ ((c*x <= 0) == (x >= 0))" +lemma neg_prod_le: + fixes c :: "'a::linordered_field" + assumes "c < 0" + shows "c * x \ 0 \ x \ 0" proof - - assume H: "c < 0" - have "c*x <= 0 = (0/c <= x)" - by (simp only: neg_divide_le_eq[OF H] algebra_simps) - also have "\ = (0 <= x)" by simp - finally show "(c*x <= 0) == (x >= 0)" by simp + have "c * x \ 0 \ 0 / c \ x" + by (simp only: neg_divide_le_eq[OF \c < 0\] algebra_simps) + also have "\ \ 0 \ x" by simp + finally show "PROP ?thesis" by simp qed -lemma pos_prod_le:"(c\'a\linordered_field) > 0 \ ((c*x <= 0) == (x <= 0))" +lemma pos_prod_le: + fixes c :: "'a::linordered_field" + assumes "c > 0" + shows "c * x \ 0 \ x \ 0" proof - - assume H: "c > 0" - hence "c*x <= 0 = (0/c >= x)" - by (simp only: pos_le_divide_eq[OF H] algebra_simps) - also have "\ = (0 >= x)" by simp - finally show "(c*x <= 0) == (x <= 0)" by simp + have "c * x \ 0 \ 0 / c \ x" + by (simp only: pos_le_divide_eq[OF \c > 0\] algebra_simps) + also have "\ \ 0 \ x" by simp + finally show "PROP ?thesis" by simp +qed + +lemma neg_prod_sum_le: + fixes c :: "'a::linordered_field" + assumes "c < 0" + shows "c * x + t \ 0 \ x \ (- 1 / c) * t" +proof - + have "c * x + t \ 0 \ c * x \ -t" + by (subst le_iff_diff_le_0 [of "c*x" "-t"]) simp + also have "\ \ - t / c \ x" + by (simp only: neg_divide_le_eq[OF \c < 0\] algebra_simps) + also have "\ \ (- 1 / c) * t \ x" by simp + finally show "PROP ?thesis" by simp qed -lemma neg_prod_sum_le: "(c\'a\linordered_field) < 0 \ ((c*x + t <= 0) == (x >= (- 1/c)*t))" +lemma pos_prod_sum_le: + fixes c :: "'a::linordered_field" + assumes "c > 0" + shows "c * x + t \ 0 \ x \ (- 1 / c) * t" proof - - assume H: "c < 0" - have "c*x + t <= 0 = (c*x <= -t)" - by (subst le_iff_diff_le_0 [of "c*x" "-t"], simp) - also have "\ = (-t/c <= x)" - by (simp only: neg_divide_le_eq[OF H] algebra_simps) - also have "\ = ((- 1/c)*t <= x)" by simp - finally show "(c*x + t <= 0) == (x >= (- 1/c)*t)" by simp + have "c * x + t \ 0 \ c * x \ - t" + by (subst le_iff_diff_le_0 [of "c*x" "-t"]) simp + also have "\ \ - t / c \ x" + by (simp only: pos_le_divide_eq[OF \c > 0\] algebra_simps) + also have "\ \ (- 1 / c) * t \ x" by simp + finally show "PROP ?thesis" by simp qed -lemma pos_prod_sum_le:"(c\'a\linordered_field) > 0 \ ((c*x + t <= 0) == (x <= (- 1/c)*t))" -proof - - assume H: "c > 0" - have "c*x + t <= 0 = (c*x <= -t)" - by (subst le_iff_diff_le_0 [of "c*x" "-t"], simp) - also have "\ = (-t/c >= x)" - by (simp only: pos_le_divide_eq[OF H] algebra_simps) - also have "\ = ((- 1/c)*t >= x)" by simp - finally show "(c*x + t <= 0) == (x <= (- 1/c)*t)" by simp -qed - -lemma sum_le:"((x::'a::ordered_ab_group_add) + t <= 0) == (x <= - t)" +lemma sum_le: + fixes x :: "'a::ordered_ab_group_add" + shows "x + t \ 0 \ x \ - t" using le_diff_eq[where a= x and b=t and c=0] by simp -lemma nz_prod_eq:"(c\'a\linordered_field) \ 0 \ ((c*x = 0) == (x = 0))" by simp +lemma nz_prod_eq: + fixes c :: "'a::linordered_field" + assumes "c \ 0" + shows "c * x = 0 \ x = 0" + using assms by simp -lemma nz_prod_sum_eq: "(c\'a\linordered_field) \ 0 \ ((c*x + t = 0) == (x = (- 1/c)*t))" +lemma nz_prod_sum_eq: + fixes c :: "'a::linordered_field" + assumes "c \ 0" + shows "c * x + t = 0 \ x = (- 1/c) * t" proof - - assume H: "c \ 0" - have "c*x + t = 0 = (c*x = -t)" - by (subst eq_iff_diff_eq_0 [of "c*x" "-t"], simp) - also have "\ = (x = -t/c)" - by (simp only: nonzero_eq_divide_eq[OF H] algebra_simps) - finally show "(c*x + t = 0) == (x = (- 1/c)*t)" by simp + have "c * x + t = 0 \ c * x = - t" + by (subst eq_iff_diff_eq_0 [of "c*x" "-t"]) simp + also have "\ \ x = - t / c" + by (simp only: nonzero_eq_divide_eq[OF \c \ 0\] algebra_simps) + finally show "PROP ?thesis" by simp qed -lemma sum_eq:"((x::'a::ordered_ab_group_add) + t = 0) == (x = - t)" +lemma sum_eq: + fixes x :: "'a::ordered_ab_group_add" + shows "x + t = 0 \ x = - t" using eq_diff_eq[where a= x and b=t and c=0] by simp interpretation class_dense_linordered_field: constr_dense_linorder - "op <=" "op <" - "\ x y. 1/2 * ((x::'a::{linordered_field}) + y)" + "op \" "op <" "\x y. 1/2 * ((x::'a::linordered_field) + y)" by unfold_locales (dlo, dlo, auto) -declaration\ +declaration \ let fun earlier [] x y = false | earlier (h::t) x y = @@ -934,58 +1064,5 @@ {isolate_conv = field_isolate_conv, whatis = classfield_whatis, simpset = class_field_ss} end \ -(* -lemma upper_bound_finite_set: - assumes fS: "finite S" - shows "\(a::'a::linorder). \x \ S. f x \ a" -proof(induct rule: finite_induct[OF fS]) - case 1 thus ?case by simp -next - case (2 x F) - from "2.hyps" obtain a where a:"\x \F. f x \ a" by blast - let ?a = "max a (f x)" - have m: "a \ ?a" "f x \ ?a" by simp_all - {fix y assume y: "y \ insert x F" - {assume "y = x" hence "f y \ ?a" using m by simp} - moreover - {assume yF: "y\ F" from a[rule_format, OF yF] m have "f y \ ?a" by (simp add: max_def)} - ultimately have "f y \ ?a" using y by blast} - then show ?case by blast -qed -lemma lower_bound_finite_set: - assumes fS: "finite S" - shows "\(a::'a::linorder). \x \ S. f x \ a" -proof(induct rule: finite_induct[OF fS]) - case 1 thus ?case by simp -next - case (2 x F) - from "2.hyps" obtain a where a:"\x \F. f x \ a" by blast - let ?a = "min a (f x)" - have m: "a \ ?a" "f x \ ?a" by simp_all - {fix y assume y: "y \ insert x F" - {assume "y = x" hence "f y \ ?a" using m by simp} - moreover - {assume yF: "y\ F" from a[rule_format, OF yF] m have "f y \ ?a" by (simp add: min_def)} - ultimately have "f y \ ?a" using y by blast} - then show ?case by blast -qed - -lemma bound_finite_set: assumes f: "finite S" - shows "\a. \x \S. (f x:: 'a::linorder) \ a" -proof- - let ?F = "f ` S" - from f have fF: "finite ?F" by simp - let ?a = "Max ?F" - {assume "S = {}" hence ?thesis by blast} - moreover - {assume Se: "S \ {}" hence Fe: "?F \ {}" by simp - {fix x assume x: "x \ S" - hence th0: "f x \ ?F" by simp - hence "f x \ ?a" using Max_ge[OF fF th0] ..} - hence ?thesis by blast} -ultimately show ?thesis by blast -qed -*) - -end +end