diff --git a/src/HOL/Library/FSet.thy b/src/HOL/Library/FSet.thy --- a/src/HOL/Library/FSet.thy +++ b/src/HOL/Library/FSet.thy @@ -1,1950 +1,1950 @@ (* Title: HOL/Library/FSet.thy Author: Ondrej Kuncar, TU Muenchen Author: Cezary Kaliszyk and Christian Urban Author: Andrei Popescu, TU Muenchen *) section \Type of finite sets defined as a subtype of sets\ theory FSet imports Main Countable begin subsection \Definition of the type\ typedef 'a fset = "{A :: 'a set. finite A}" morphisms fset Abs_fset by auto setup_lifting type_definition_fset subsection \Basic operations and type class instantiations\ (* FIXME transfer and right_total vs. bi_total *) instantiation fset :: (finite) finite begin instance by (standard; transfer; simp) end instantiation fset :: (type) "{bounded_lattice_bot, distrib_lattice, minus}" begin lift_definition bot_fset :: "'a fset" is "{}" parametric empty_transfer by simp lift_definition less_eq_fset :: "'a fset \ 'a fset \ bool" is subset_eq parametric subset_transfer . definition less_fset :: "'a fset \ 'a fset \ bool" where "xs < ys \ xs \ ys \ xs \ (ys::'a fset)" lemma less_fset_transfer[transfer_rule]: includes lifting_syntax assumes [transfer_rule]: "bi_unique A" shows "((pcr_fset A) ===> (pcr_fset A) ===> (=)) (\) (<)" unfolding less_fset_def[abs_def] psubset_eq[abs_def] by transfer_prover lift_definition sup_fset :: "'a fset \ 'a fset \ 'a fset" is union parametric union_transfer by simp lift_definition inf_fset :: "'a fset \ 'a fset \ 'a fset" is inter parametric inter_transfer by simp lift_definition minus_fset :: "'a fset \ 'a fset \ 'a fset" is minus parametric Diff_transfer by simp instance by (standard; transfer; auto)+ end abbreviation fempty :: "'a fset" ("{||}") where "{||} \ bot" abbreviation fsubset_eq :: "'a fset \ 'a fset \ bool" (infix "|\|" 50) where "xs |\| ys \ xs \ ys" abbreviation fsubset :: "'a fset \ 'a fset \ bool" (infix "|\|" 50) where "xs |\| ys \ xs < ys" abbreviation funion :: "'a fset \ 'a fset \ 'a fset" (infixl "|\|" 65) where "xs |\| ys \ sup xs ys" abbreviation finter :: "'a fset \ 'a fset \ 'a fset" (infixl "|\|" 65) where "xs |\| ys \ inf xs ys" abbreviation fminus :: "'a fset \ 'a fset \ 'a fset" (infixl "|-|" 65) where "xs |-| ys \ minus xs ys" instantiation fset :: (equal) equal begin definition "HOL.equal A B \ A |\| B \ B |\| A" instance by intro_classes (auto simp add: equal_fset_def) end instantiation fset :: (type) conditionally_complete_lattice begin context includes lifting_syntax begin lemma right_total_Inf_fset_transfer: assumes [transfer_rule]: "bi_unique A" and [transfer_rule]: "right_total A" shows "(rel_set (rel_set A) ===> rel_set A) (\S. if finite (\S \ Collect (Domainp A)) then \S \ Collect (Domainp A) else {}) (\S. if finite (Inf S) then Inf S else {})" by transfer_prover lemma Inf_fset_transfer: assumes [transfer_rule]: "bi_unique A" and [transfer_rule]: "bi_total A" shows "(rel_set (rel_set A) ===> rel_set A) (\A. if finite (Inf A) then Inf A else {}) (\A. if finite (Inf A) then Inf A else {})" by transfer_prover lift_definition Inf_fset :: "'a fset set \ 'a fset" is "\A. if finite (Inf A) then Inf A else {}" parametric right_total_Inf_fset_transfer Inf_fset_transfer by simp lemma Sup_fset_transfer: assumes [transfer_rule]: "bi_unique A" shows "(rel_set (rel_set A) ===> rel_set A) (\A. if finite (Sup A) then Sup A else {}) (\A. if finite (Sup A) then Sup A else {})" by transfer_prover lift_definition Sup_fset :: "'a fset set \ 'a fset" is "\A. if finite (Sup A) then Sup A else {}" parametric Sup_fset_transfer by simp lemma finite_Sup: "\z. finite z \ (\a. a \ X \ a \ z) \ finite (Sup X)" by (auto intro: finite_subset) lemma transfer_bdd_below[transfer_rule]: "(rel_set (pcr_fset (=)) ===> (=)) bdd_below bdd_below" by auto end instance proof fix x z :: "'a fset" fix X :: "'a fset set" { assume "x \ X" "bdd_below X" then show "Inf X |\| x" by transfer auto next assume "X \ {}" "(\x. x \ X \ z |\| x)" then show "z |\| Inf X" by transfer (clarsimp, blast) next assume "x \ X" "bdd_above X" then obtain z where "x \ X" "(\x. x \ X \ x |\| z)" by (auto simp: bdd_above_def) then show "x |\| Sup X" by transfer (auto intro!: finite_Sup) next assume "X \ {}" "(\x. x \ X \ x |\| z)" then show "Sup X |\| z" by transfer (clarsimp, blast) } qed end instantiation fset :: (finite) complete_lattice begin lift_definition top_fset :: "'a fset" is UNIV parametric right_total_UNIV_transfer UNIV_transfer by simp instance by (standard; transfer; auto) end instantiation fset :: (finite) complete_boolean_algebra begin lift_definition uminus_fset :: "'a fset \ 'a fset" is uminus parametric right_total_Compl_transfer Compl_transfer by simp instance by (standard; transfer) (simp_all add: Inf_Sup Diff_eq) end abbreviation fUNIV :: "'a::finite fset" where "fUNIV \ top" abbreviation fuminus :: "'a::finite fset \ 'a fset" ("|-| _" [81] 80) where "|-| x \ uminus x" declare top_fset.rep_eq[simp] subsection \Other operations\ lift_definition finsert :: "'a \ 'a fset \ 'a fset" is insert parametric Lifting_Set.insert_transfer by simp syntax "_insert_fset" :: "args => 'a fset" ("{|(_)|}") translations "{|x, xs|}" == "CONST finsert x {|xs|}" "{|x|}" == "CONST finsert x {||}" -lift_definition fmember :: "'a \ 'a fset \ bool" (infix "|\|" 50) is Set.member - parametric member_transfer . - -lemma fmember_iff_member_fset: "x |\| A \ x \ fset A" - by (rule fmember.rep_eq) - -abbreviation notin_fset :: "'a \ 'a fset \ bool" (infix "|\|" 50) where "x |\| S \ \ (x |\| S)" +abbreviation fmember :: "'a \ 'a fset \ bool" (infix "|\|" 50) where + "a |\| A \ a \ fset A" + +abbreviation notin_fset :: "'a \ 'a fset \ bool" (infix "|\|" 50) where + "x |\| S \ \ (x |\| S)" context includes lifting_syntax begin +lemma fmember_transfer0[transfer_rule]: + assumes [transfer_rule]: "bi_unique A" + shows "(A ===> pcr_fset A ===> (=)) (\) (|\|)" + by transfer_prover + lift_definition ffilter :: "('a \ bool) \ 'a fset \ 'a fset" is Set.filter parametric Lifting_Set.filter_transfer unfolding Set.filter_def by simp lift_definition fPow :: "'a fset \ 'a fset fset" is Pow parametric Pow_transfer by (simp add: finite_subset) lift_definition fcard :: "'a fset \ nat" is card parametric card_transfer . lift_definition fimage :: "('a \ 'b) \ 'a fset \ 'b fset" (infixr "|`|" 90) is image parametric image_transfer by simp lift_definition fthe_elem :: "'a fset \ 'a" is the_elem . lift_definition fbind :: "'a fset \ ('a \ 'b fset) \ 'b fset" is Set.bind parametric bind_transfer by (simp add: Set.bind_def) lift_definition ffUnion :: "'a fset fset \ 'a fset" is Union parametric Union_transfer by simp lift_definition fBall :: "'a fset \ ('a \ bool) \ bool" is Ball parametric Ball_transfer . lift_definition fBex :: "'a fset \ ('a \ bool) \ bool" is Bex parametric Bex_transfer . lift_definition ffold :: "('a \ 'b \ 'b) \ 'b \ 'a fset \ 'b" is Finite_Set.fold . lift_definition fset_of_list :: "'a list \ 'a fset" is set by (rule finite_set) lift_definition sorted_list_of_fset :: "'a::linorder fset \ 'a list" is sorted_list_of_set . subsection \Transferred lemmas from Set.thy\ lemma fset_eqI: "(\x. (x |\| A) = (x |\| B)) \ A = B" by (rule set_eqI[Transfer.transferred]) lemma fset_eq_iff[no_atp]: "(A = B) = (\x. (x |\| A) = (x |\| B))" by (rule set_eq_iff[Transfer.transferred]) lemma fBallI[intro!]: "(\x. x |\| A \ P x) \ fBall A P" by (rule ballI[Transfer.transferred]) lemma fbspec[dest?]: "fBall A P \ x |\| A \ P x" by (rule bspec[Transfer.transferred]) lemma fBallE[elim]: "fBall A P \ (P x \ Q) \ (x |\| A \ Q) \ Q" by (rule ballE[Transfer.transferred]) lemma fBexI[intro]: "P x \ x |\| A \ fBex A P" by (rule bexI[Transfer.transferred]) lemma rev_fBexI[intro?]: "x |\| A \ P x \ fBex A P" by (rule rev_bexI[Transfer.transferred]) lemma fBexCI: "(fBall A (\x. \ P x) \ P a) \ a |\| A \ fBex A P" by (rule bexCI[Transfer.transferred]) lemma fBexE[elim!]: "fBex A P \ (\x. x |\| A \ P x \ Q) \ Q" by (rule bexE[Transfer.transferred]) lemma fBall_triv[simp]: "fBall A (\x. P) = ((\x. x |\| A) \ P)" by (rule ball_triv[Transfer.transferred]) lemma fBex_triv[simp]: "fBex A (\x. P) = ((\x. x |\| A) \ P)" by (rule bex_triv[Transfer.transferred]) lemma fBex_triv_one_point1[simp]: "fBex A (\x. x = a) = (a |\| A)" by (rule bex_triv_one_point1[Transfer.transferred]) lemma fBex_triv_one_point2[simp]: "fBex A ((=) a) = (a |\| A)" by (rule bex_triv_one_point2[Transfer.transferred]) lemma fBex_one_point1[simp]: "fBex A (\x. x = a \ P x) = (a |\| A \ P a)" by (rule bex_one_point1[Transfer.transferred]) lemma fBex_one_point2[simp]: "fBex A (\x. a = x \ P x) = (a |\| A \ P a)" by (rule bex_one_point2[Transfer.transferred]) lemma fBall_one_point1[simp]: "fBall A (\x. x = a \ P x) = (a |\| A \ P a)" by (rule ball_one_point1[Transfer.transferred]) lemma fBall_one_point2[simp]: "fBall A (\x. a = x \ P x) = (a |\| A \ P a)" by (rule ball_one_point2[Transfer.transferred]) lemma fBall_conj_distrib: "fBall A (\x. P x \ Q x) = (fBall A P \ fBall A Q)" by (rule ball_conj_distrib[Transfer.transferred]) lemma fBex_disj_distrib: "fBex A (\x. P x \ Q x) = (fBex A P \ fBex A Q)" by (rule bex_disj_distrib[Transfer.transferred]) lemma fBall_cong[fundef_cong]: "A = B \ (\x. x |\| B \ P x = Q x) \ fBall A P = fBall B Q" by (rule ball_cong[Transfer.transferred]) lemma fBex_cong[fundef_cong]: "A = B \ (\x. x |\| B \ P x = Q x) \ fBex A P = fBex B Q" by (rule bex_cong[Transfer.transferred]) lemma fsubsetI[intro!]: "(\x. x |\| A \ x |\| B) \ A |\| B" by (rule subsetI[Transfer.transferred]) lemma fsubsetD[elim, intro?]: "A |\| B \ c |\| A \ c |\| B" by (rule subsetD[Transfer.transferred]) lemma rev_fsubsetD[no_atp,intro?]: "c |\| A \ A |\| B \ c |\| B" by (rule rev_subsetD[Transfer.transferred]) lemma fsubsetCE[no_atp,elim]: "A |\| B \ (c |\| A \ P) \ (c |\| B \ P) \ P" by (rule subsetCE[Transfer.transferred]) lemma fsubset_eq[no_atp]: "(A |\| B) = fBall A (\x. x |\| B)" by (rule subset_eq[Transfer.transferred]) lemma contra_fsubsetD[no_atp]: "A |\| B \ c |\| B \ c |\| A" by (rule contra_subsetD[Transfer.transferred]) lemma fsubset_refl: "A |\| A" by (rule subset_refl[Transfer.transferred]) lemma fsubset_trans: "A |\| B \ B |\| C \ A |\| C" by (rule subset_trans[Transfer.transferred]) lemma fset_rev_mp: "c |\| A \ A |\| B \ c |\| B" by (rule rev_subsetD[Transfer.transferred]) lemma fset_mp: "A |\| B \ c |\| A \ c |\| B" by (rule subsetD[Transfer.transferred]) lemma fsubset_not_fsubset_eq[code]: "(A |\| B) = (A |\| B \ \ B |\| A)" by (rule subset_not_subset_eq[Transfer.transferred]) lemma eq_fmem_trans: "a = b \ b |\| A \ a |\| A" by (rule eq_mem_trans[Transfer.transferred]) lemma fsubset_antisym[intro!]: "A |\| B \ B |\| A \ A = B" by (rule subset_antisym[Transfer.transferred]) lemma fequalityD1: "A = B \ A |\| B" by (rule equalityD1[Transfer.transferred]) lemma fequalityD2: "A = B \ B |\| A" by (rule equalityD2[Transfer.transferred]) lemma fequalityE: "A = B \ (A |\| B \ B |\| A \ P) \ P" by (rule equalityE[Transfer.transferred]) lemma fequalityCE[elim]: "A = B \ (c |\| A \ c |\| B \ P) \ (c |\| A \ c |\| B \ P) \ P" by (rule equalityCE[Transfer.transferred]) lemma eqfset_imp_iff: "A = B \ (x |\| A) = (x |\| B)" by (rule eqset_imp_iff[Transfer.transferred]) lemma eqfelem_imp_iff: "x = y \ (x |\| A) = (y |\| A)" by (rule eqelem_imp_iff[Transfer.transferred]) lemma fempty_iff[simp]: "(c |\| {||}) = False" by (rule empty_iff[Transfer.transferred]) lemma fempty_fsubsetI[iff]: "{||} |\| x" by (rule empty_subsetI[Transfer.transferred]) lemma equalsffemptyI: "(\y. y |\| A \ False) \ A = {||}" by (rule equals0I[Transfer.transferred]) lemma equalsffemptyD: "A = {||} \ a |\| A" by (rule equals0D[Transfer.transferred]) lemma fBall_fempty[simp]: "fBall {||} P = True" by (rule ball_empty[Transfer.transferred]) lemma fBex_fempty[simp]: "fBex {||} P = False" by (rule bex_empty[Transfer.transferred]) lemma fPow_iff[iff]: "(A |\| fPow B) = (A |\| B)" by (rule Pow_iff[Transfer.transferred]) lemma fPowI: "A |\| B \ A |\| fPow B" by (rule PowI[Transfer.transferred]) lemma fPowD: "A |\| fPow B \ A |\| B" by (rule PowD[Transfer.transferred]) lemma fPow_bottom: "{||} |\| fPow B" by (rule Pow_bottom[Transfer.transferred]) lemma fPow_top: "A |\| fPow A" by (rule Pow_top[Transfer.transferred]) lemma fPow_not_fempty: "fPow A \ {||}" by (rule Pow_not_empty[Transfer.transferred]) lemma finter_iff[simp]: "(c |\| A |\| B) = (c |\| A \ c |\| B)" by (rule Int_iff[Transfer.transferred]) lemma finterI[intro!]: "c |\| A \ c |\| B \ c |\| A |\| B" by (rule IntI[Transfer.transferred]) lemma finterD1: "c |\| A |\| B \ c |\| A" by (rule IntD1[Transfer.transferred]) lemma finterD2: "c |\| A |\| B \ c |\| B" by (rule IntD2[Transfer.transferred]) lemma finterE[elim!]: "c |\| A |\| B \ (c |\| A \ c |\| B \ P) \ P" by (rule IntE[Transfer.transferred]) lemma funion_iff[simp]: "(c |\| A |\| B) = (c |\| A \ c |\| B)" by (rule Un_iff[Transfer.transferred]) lemma funionI1[elim?]: "c |\| A \ c |\| A |\| B" by (rule UnI1[Transfer.transferred]) lemma funionI2[elim?]: "c |\| B \ c |\| A |\| B" by (rule UnI2[Transfer.transferred]) lemma funionCI[intro!]: "(c |\| B \ c |\| A) \ c |\| A |\| B" by (rule UnCI[Transfer.transferred]) lemma funionE[elim!]: "c |\| A |\| B \ (c |\| A \ P) \ (c |\| B \ P) \ P" by (rule UnE[Transfer.transferred]) lemma fminus_iff[simp]: "(c |\| A |-| B) = (c |\| A \ c |\| B)" by (rule Diff_iff[Transfer.transferred]) lemma fminusI[intro!]: "c |\| A \ c |\| B \ c |\| A |-| B" by (rule DiffI[Transfer.transferred]) lemma fminusD1: "c |\| A |-| B \ c |\| A" by (rule DiffD1[Transfer.transferred]) lemma fminusD2: "c |\| A |-| B \ c |\| B \ P" by (rule DiffD2[Transfer.transferred]) lemma fminusE[elim!]: "c |\| A |-| B \ (c |\| A \ c |\| B \ P) \ P" by (rule DiffE[Transfer.transferred]) lemma finsert_iff[simp]: "(a |\| finsert b A) = (a = b \ a |\| A)" by (rule insert_iff[Transfer.transferred]) lemma finsertI1: "a |\| finsert a B" by (rule insertI1[Transfer.transferred]) lemma finsertI2: "a |\| B \ a |\| finsert b B" by (rule insertI2[Transfer.transferred]) lemma finsertE[elim!]: "a |\| finsert b A \ (a = b \ P) \ (a |\| A \ P) \ P" by (rule insertE[Transfer.transferred]) lemma finsertCI[intro!]: "(a |\| B \ a = b) \ a |\| finsert b B" by (rule insertCI[Transfer.transferred]) lemma fsubset_finsert_iff: "(A |\| finsert x B) = (if x |\| A then A |-| {|x|} |\| B else A |\| B)" by (rule subset_insert_iff[Transfer.transferred]) lemma finsert_ident: "x |\| A \ x |\| B \ (finsert x A = finsert x B) = (A = B)" by (rule insert_ident[Transfer.transferred]) lemma fsingletonI[intro!,no_atp]: "a |\| {|a|}" by (rule singletonI[Transfer.transferred]) lemma fsingletonD[dest!,no_atp]: "b |\| {|a|} \ b = a" by (rule singletonD[Transfer.transferred]) lemma fsingleton_iff: "(b |\| {|a|}) = (b = a)" by (rule singleton_iff[Transfer.transferred]) lemma fsingleton_inject[dest!]: "{|a|} = {|b|} \ a = b" by (rule singleton_inject[Transfer.transferred]) lemma fsingleton_finsert_inj_eq[iff,no_atp]: "({|b|} = finsert a A) = (a = b \ A |\| {|b|})" by (rule singleton_insert_inj_eq[Transfer.transferred]) lemma fsingleton_finsert_inj_eq'[iff,no_atp]: "(finsert a A = {|b|}) = (a = b \ A |\| {|b|})" by (rule singleton_insert_inj_eq'[Transfer.transferred]) lemma fsubset_fsingletonD: "A |\| {|x|} \ A = {||} \ A = {|x|}" by (rule subset_singletonD[Transfer.transferred]) lemma fminus_single_finsert: "A |-| {|x|} |\| B \ A |\| finsert x B" by (rule Diff_single_insert[Transfer.transferred]) lemma fdoubleton_eq_iff: "({|a, b|} = {|c, d|}) = (a = c \ b = d \ a = d \ b = c)" by (rule doubleton_eq_iff[Transfer.transferred]) lemma funion_fsingleton_iff: "(A |\| B = {|x|}) = (A = {||} \ B = {|x|} \ A = {|x|} \ B = {||} \ A = {|x|} \ B = {|x|})" by (rule Un_singleton_iff[Transfer.transferred]) lemma fsingleton_funion_iff: "({|x|} = A |\| B) = (A = {||} \ B = {|x|} \ A = {|x|} \ B = {||} \ A = {|x|} \ B = {|x|})" by (rule singleton_Un_iff[Transfer.transferred]) lemma fimage_eqI[simp, intro]: "b = f x \ x |\| A \ b |\| f |`| A" by (rule image_eqI[Transfer.transferred]) lemma fimageI: "x |\| A \ f x |\| f |`| A" by (rule imageI[Transfer.transferred]) lemma rev_fimage_eqI: "x |\| A \ b = f x \ b |\| f |`| A" by (rule rev_image_eqI[Transfer.transferred]) lemma fimageE[elim!]: "b |\| f |`| A \ (\x. b = f x \ x |\| A \ thesis) \ thesis" by (rule imageE[Transfer.transferred]) lemma Compr_fimage_eq: "{x. x |\| f |`| A \ P x} = f ` {x. x |\| A \ P (f x)}" by (rule Compr_image_eq[Transfer.transferred]) lemma fimage_funion: "f |`| (A |\| B) = f |`| A |\| f |`| B" by (rule image_Un[Transfer.transferred]) lemma fimage_iff: "(z |\| f |`| A) = fBex A (\x. z = f x)" by (rule image_iff[Transfer.transferred]) lemma fimage_fsubset_iff[no_atp]: "(f |`| A |\| B) = fBall A (\x. f x |\| B)" by (rule image_subset_iff[Transfer.transferred]) lemma fimage_fsubsetI: "(\x. x |\| A \ f x |\| B) \ f |`| A |\| B" by (rule image_subsetI[Transfer.transferred]) lemma fimage_ident[simp]: "(\x. x) |`| Y = Y" by (rule image_ident[Transfer.transferred]) lemma if_split_fmem1: "((if Q then x else y) |\| b) = ((Q \ x |\| b) \ (\ Q \ y |\| b))" by (rule if_split_mem1[Transfer.transferred]) lemma if_split_fmem2: "(a |\| (if Q then x else y)) = ((Q \ a |\| x) \ (\ Q \ a |\| y))" by (rule if_split_mem2[Transfer.transferred]) lemma pfsubsetI[intro!,no_atp]: "A |\| B \ A \ B \ A |\| B" by (rule psubsetI[Transfer.transferred]) lemma pfsubsetE[elim!,no_atp]: "A |\| B \ (A |\| B \ \ B |\| A \ R) \ R" by (rule psubsetE[Transfer.transferred]) lemma pfsubset_finsert_iff: "(A |\| finsert x B) = (if x |\| B then A |\| B else if x |\| A then A |-| {|x|} |\| B else A |\| B)" by (rule psubset_insert_iff[Transfer.transferred]) lemma pfsubset_eq: "(A |\| B) = (A |\| B \ A \ B)" by (rule psubset_eq[Transfer.transferred]) lemma pfsubset_imp_fsubset: "A |\| B \ A |\| B" by (rule psubset_imp_subset[Transfer.transferred]) lemma pfsubset_trans: "A |\| B \ B |\| C \ A |\| C" by (rule psubset_trans[Transfer.transferred]) lemma pfsubsetD: "A |\| B \ c |\| A \ c |\| B" by (rule psubsetD[Transfer.transferred]) lemma pfsubset_fsubset_trans: "A |\| B \ B |\| C \ A |\| C" by (rule psubset_subset_trans[Transfer.transferred]) lemma fsubset_pfsubset_trans: "A |\| B \ B |\| C \ A |\| C" by (rule subset_psubset_trans[Transfer.transferred]) lemma pfsubset_imp_ex_fmem: "A |\| B \ \b. b |\| B |-| A" by (rule psubset_imp_ex_mem[Transfer.transferred]) lemma fimage_fPow_mono: "f |`| A |\| B \ (|`|) f |`| fPow A |\| fPow B" by (rule image_Pow_mono[Transfer.transferred]) lemma fimage_fPow_surj: "f |`| A = B \ (|`|) f |`| fPow A = fPow B" by (rule image_Pow_surj[Transfer.transferred]) lemma fsubset_finsertI: "B |\| finsert a B" by (rule subset_insertI[Transfer.transferred]) lemma fsubset_finsertI2: "A |\| B \ A |\| finsert b B" by (rule subset_insertI2[Transfer.transferred]) lemma fsubset_finsert: "x |\| A \ (A |\| finsert x B) = (A |\| B)" by (rule subset_insert[Transfer.transferred]) lemma funion_upper1: "A |\| A |\| B" by (rule Un_upper1[Transfer.transferred]) lemma funion_upper2P: "B |\| A |\| B" by (rule Un_upper2[Transfer.transferred]) lemma funion_least: "A |\| C \ B |\| C \ A |\| B |\| C" by (rule Un_least[Transfer.transferred]) lemma finter_lower1: "A |\| B |\| A" by (rule Int_lower1[Transfer.transferred]) lemma finter_lower2: "A |\| B |\| B" by (rule Int_lower2[Transfer.transferred]) lemma finter_greatest: "C |\| A \ C |\| B \ C |\| A |\| B" by (rule Int_greatest[Transfer.transferred]) lemma fminus_fsubset: "A |-| B |\| A" by (rule Diff_subset[Transfer.transferred]) lemma fminus_fsubset_conv: "(A |-| B |\| C) = (A |\| B |\| C)" by (rule Diff_subset_conv[Transfer.transferred]) lemma fsubset_fempty[simp]: "(A |\| {||}) = (A = {||})" by (rule subset_empty[Transfer.transferred]) lemma not_pfsubset_fempty[iff]: "\ A |\| {||}" by (rule not_psubset_empty[Transfer.transferred]) lemma finsert_is_funion: "finsert a A = {|a|} |\| A" by (rule insert_is_Un[Transfer.transferred]) lemma finsert_not_fempty[simp]: "finsert a A \ {||}" by (rule insert_not_empty[Transfer.transferred]) lemma fempty_not_finsert: "{||} \ finsert a A" by (rule empty_not_insert[Transfer.transferred]) lemma finsert_absorb: "a |\| A \ finsert a A = A" by (rule insert_absorb[Transfer.transferred]) lemma finsert_absorb2[simp]: "finsert x (finsert x A) = finsert x A" by (rule insert_absorb2[Transfer.transferred]) lemma finsert_commute: "finsert x (finsert y A) = finsert y (finsert x A)" by (rule insert_commute[Transfer.transferred]) lemma finsert_fsubset[simp]: "(finsert x A |\| B) = (x |\| B \ A |\| B)" by (rule insert_subset[Transfer.transferred]) lemma finsert_inter_finsert[simp]: "finsert a A |\| finsert a B = finsert a (A |\| B)" by (rule insert_inter_insert[Transfer.transferred]) lemma finsert_disjoint[simp,no_atp]: "(finsert a A |\| B = {||}) = (a |\| B \ A |\| B = {||})" "({||} = finsert a A |\| B) = (a |\| B \ {||} = A |\| B)" by (rule insert_disjoint[Transfer.transferred])+ lemma disjoint_finsert[simp,no_atp]: "(B |\| finsert a A = {||}) = (a |\| B \ B |\| A = {||})" "({||} = A |\| finsert b B) = (b |\| A \ {||} = A |\| B)" by (rule disjoint_insert[Transfer.transferred])+ lemma fimage_fempty[simp]: "f |`| {||} = {||}" by (rule image_empty[Transfer.transferred]) lemma fimage_finsert[simp]: "f |`| finsert a B = finsert (f a) (f |`| B)" by (rule image_insert[Transfer.transferred]) lemma fimage_constant: "x |\| A \ (\x. c) |`| A = {|c|}" by (rule image_constant[Transfer.transferred]) lemma fimage_constant_conv: "(\x. c) |`| A = (if A = {||} then {||} else {|c|})" by (rule image_constant_conv[Transfer.transferred]) lemma fimage_fimage: "f |`| g |`| A = (\x. f (g x)) |`| A" by (rule image_image[Transfer.transferred]) lemma finsert_fimage[simp]: "x |\| A \ finsert (f x) (f |`| A) = f |`| A" by (rule insert_image[Transfer.transferred]) lemma fimage_is_fempty[iff]: "(f |`| A = {||}) = (A = {||})" by (rule image_is_empty[Transfer.transferred]) lemma fempty_is_fimage[iff]: "({||} = f |`| A) = (A = {||})" by (rule empty_is_image[Transfer.transferred]) lemma fimage_cong: "M = N \ (\x. x |\| N \ f x = g x) \ f |`| M = g |`| N" by (rule image_cong[Transfer.transferred]) lemma fimage_finter_fsubset: "f |`| (A |\| B) |\| f |`| A |\| f |`| B" by (rule image_Int_subset[Transfer.transferred]) lemma fimage_fminus_fsubset: "f |`| A |-| f |`| B |\| f |`| (A |-| B)" by (rule image_diff_subset[Transfer.transferred]) lemma finter_absorb: "A |\| A = A" by (rule Int_absorb[Transfer.transferred]) lemma finter_left_absorb: "A |\| (A |\| B) = A |\| B" by (rule Int_left_absorb[Transfer.transferred]) lemma finter_commute: "A |\| B = B |\| A" by (rule Int_commute[Transfer.transferred]) lemma finter_left_commute: "A |\| (B |\| C) = B |\| (A |\| C)" by (rule Int_left_commute[Transfer.transferred]) lemma finter_assoc: "A |\| B |\| C = A |\| (B |\| C)" by (rule Int_assoc[Transfer.transferred]) lemma finter_ac: "A |\| B |\| C = A |\| (B |\| C)" "A |\| (A |\| B) = A |\| B" "A |\| B = B |\| A" "A |\| (B |\| C) = B |\| (A |\| C)" by (rule Int_ac[Transfer.transferred])+ lemma finter_absorb1: "B |\| A \ A |\| B = B" by (rule Int_absorb1[Transfer.transferred]) lemma finter_absorb2: "A |\| B \ A |\| B = A" by (rule Int_absorb2[Transfer.transferred]) lemma finter_fempty_left: "{||} |\| B = {||}" by (rule Int_empty_left[Transfer.transferred]) lemma finter_fempty_right: "A |\| {||} = {||}" by (rule Int_empty_right[Transfer.transferred]) lemma disjoint_iff_fnot_equal: "(A |\| B = {||}) = fBall A (\x. fBall B ((\) x))" by (rule disjoint_iff_not_equal[Transfer.transferred]) lemma finter_funion_distrib: "A |\| (B |\| C) = A |\| B |\| (A |\| C)" by (rule Int_Un_distrib[Transfer.transferred]) lemma finter_funion_distrib2: "B |\| C |\| A = B |\| A |\| (C |\| A)" by (rule Int_Un_distrib2[Transfer.transferred]) lemma finter_fsubset_iff[no_atp, simp]: "(C |\| A |\| B) = (C |\| A \ C |\| B)" by (rule Int_subset_iff[Transfer.transferred]) lemma funion_absorb: "A |\| A = A" by (rule Un_absorb[Transfer.transferred]) lemma funion_left_absorb: "A |\| (A |\| B) = A |\| B" by (rule Un_left_absorb[Transfer.transferred]) lemma funion_commute: "A |\| B = B |\| A" by (rule Un_commute[Transfer.transferred]) lemma funion_left_commute: "A |\| (B |\| C) = B |\| (A |\| C)" by (rule Un_left_commute[Transfer.transferred]) lemma funion_assoc: "A |\| B |\| C = A |\| (B |\| C)" by (rule Un_assoc[Transfer.transferred]) lemma funion_ac: "A |\| B |\| C = A |\| (B |\| C)" "A |\| (A |\| B) = A |\| B" "A |\| B = B |\| A" "A |\| (B |\| C) = B |\| (A |\| C)" by (rule Un_ac[Transfer.transferred])+ lemma funion_absorb1: "A |\| B \ A |\| B = B" by (rule Un_absorb1[Transfer.transferred]) lemma funion_absorb2: "B |\| A \ A |\| B = A" by (rule Un_absorb2[Transfer.transferred]) lemma funion_fempty_left: "{||} |\| B = B" by (rule Un_empty_left[Transfer.transferred]) lemma funion_fempty_right: "A |\| {||} = A" by (rule Un_empty_right[Transfer.transferred]) lemma funion_finsert_left[simp]: "finsert a B |\| C = finsert a (B |\| C)" by (rule Un_insert_left[Transfer.transferred]) lemma funion_finsert_right[simp]: "A |\| finsert a B = finsert a (A |\| B)" by (rule Un_insert_right[Transfer.transferred]) lemma finter_finsert_left: "finsert a B |\| C = (if a |\| C then finsert a (B |\| C) else B |\| C)" by (rule Int_insert_left[Transfer.transferred]) lemma finter_finsert_left_ifffempty[simp]: "a |\| C \ finsert a B |\| C = B |\| C" by (rule Int_insert_left_if0[Transfer.transferred]) lemma finter_finsert_left_if1[simp]: "a |\| C \ finsert a B |\| C = finsert a (B |\| C)" by (rule Int_insert_left_if1[Transfer.transferred]) lemma finter_finsert_right: "A |\| finsert a B = (if a |\| A then finsert a (A |\| B) else A |\| B)" by (rule Int_insert_right[Transfer.transferred]) lemma finter_finsert_right_ifffempty[simp]: "a |\| A \ A |\| finsert a B = A |\| B" by (rule Int_insert_right_if0[Transfer.transferred]) lemma finter_finsert_right_if1[simp]: "a |\| A \ A |\| finsert a B = finsert a (A |\| B)" by (rule Int_insert_right_if1[Transfer.transferred]) lemma funion_finter_distrib: "A |\| (B |\| C) = A |\| B |\| (A |\| C)" by (rule Un_Int_distrib[Transfer.transferred]) lemma funion_finter_distrib2: "B |\| C |\| A = B |\| A |\| (C |\| A)" by (rule Un_Int_distrib2[Transfer.transferred]) lemma funion_finter_crazy: "A |\| B |\| (B |\| C) |\| (C |\| A) = A |\| B |\| (B |\| C) |\| (C |\| A)" by (rule Un_Int_crazy[Transfer.transferred]) lemma fsubset_funion_eq: "(A |\| B) = (A |\| B = B)" by (rule subset_Un_eq[Transfer.transferred]) lemma funion_fempty[iff]: "(A |\| B = {||}) = (A = {||} \ B = {||})" by (rule Un_empty[Transfer.transferred]) lemma funion_fsubset_iff[no_atp, simp]: "(A |\| B |\| C) = (A |\| C \ B |\| C)" by (rule Un_subset_iff[Transfer.transferred]) lemma funion_fminus_finter: "A |-| B |\| (A |\| B) = A" by (rule Un_Diff_Int[Transfer.transferred]) lemma ffunion_empty[simp]: "ffUnion {||} = {||}" by (rule Union_empty[Transfer.transferred]) lemma ffunion_mono: "A |\| B \ ffUnion A |\| ffUnion B" by (rule Union_mono[Transfer.transferred]) lemma ffunion_insert[simp]: "ffUnion (finsert a B) = a |\| ffUnion B" by (rule Union_insert[Transfer.transferred]) lemma fminus_finter2: "A |\| C |-| (B |\| C) = A |\| C |-| B" by (rule Diff_Int2[Transfer.transferred]) lemma funion_finter_assoc_eq: "(A |\| B |\| C = A |\| (B |\| C)) = (C |\| A)" by (rule Un_Int_assoc_eq[Transfer.transferred]) lemma fBall_funion: "fBall (A |\| B) P = (fBall A P \ fBall B P)" by (rule ball_Un[Transfer.transferred]) lemma fBex_funion: "fBex (A |\| B) P = (fBex A P \ fBex B P)" by (rule bex_Un[Transfer.transferred]) lemma fminus_eq_fempty_iff[simp,no_atp]: "(A |-| B = {||}) = (A |\| B)" by (rule Diff_eq_empty_iff[Transfer.transferred]) lemma fminus_cancel[simp]: "A |-| A = {||}" by (rule Diff_cancel[Transfer.transferred]) lemma fminus_idemp[simp]: "A |-| B |-| B = A |-| B" by (rule Diff_idemp[Transfer.transferred]) lemma fminus_triv: "A |\| B = {||} \ A |-| B = A" by (rule Diff_triv[Transfer.transferred]) lemma fempty_fminus[simp]: "{||} |-| A = {||}" by (rule empty_Diff[Transfer.transferred]) lemma fminus_fempty[simp]: "A |-| {||} = A" by (rule Diff_empty[Transfer.transferred]) lemma fminus_finsertffempty[simp,no_atp]: "x |\| A \ A |-| finsert x B = A |-| B" by (rule Diff_insert0[Transfer.transferred]) lemma fminus_finsert: "A |-| finsert a B = A |-| B |-| {|a|}" by (rule Diff_insert[Transfer.transferred]) lemma fminus_finsert2: "A |-| finsert a B = A |-| {|a|} |-| B" by (rule Diff_insert2[Transfer.transferred]) lemma finsert_fminus_if: "finsert x A |-| B = (if x |\| B then A |-| B else finsert x (A |-| B))" by (rule insert_Diff_if[Transfer.transferred]) lemma finsert_fminus1[simp]: "x |\| B \ finsert x A |-| B = A |-| B" by (rule insert_Diff1[Transfer.transferred]) lemma finsert_fminus_single[simp]: "finsert a (A |-| {|a|}) = finsert a A" by (rule insert_Diff_single[Transfer.transferred]) lemma finsert_fminus: "a |\| A \ finsert a (A |-| {|a|}) = A" by (rule insert_Diff[Transfer.transferred]) lemma fminus_finsert_absorb: "x |\| A \ finsert x A |-| {|x|} = A" by (rule Diff_insert_absorb[Transfer.transferred]) lemma fminus_disjoint[simp]: "A |\| (B |-| A) = {||}" by (rule Diff_disjoint[Transfer.transferred]) lemma fminus_partition: "A |\| B \ A |\| (B |-| A) = B" by (rule Diff_partition[Transfer.transferred]) lemma double_fminus: "A |\| B \ B |\| C \ B |-| (C |-| A) = A" by (rule double_diff[Transfer.transferred]) lemma funion_fminus_cancel[simp]: "A |\| (B |-| A) = A |\| B" by (rule Un_Diff_cancel[Transfer.transferred]) lemma funion_fminus_cancel2[simp]: "B |-| A |\| A = B |\| A" by (rule Un_Diff_cancel2[Transfer.transferred]) lemma fminus_funion: "A |-| (B |\| C) = A |-| B |\| (A |-| C)" by (rule Diff_Un[Transfer.transferred]) lemma fminus_finter: "A |-| (B |\| C) = A |-| B |\| (A |-| C)" by (rule Diff_Int[Transfer.transferred]) lemma funion_fminus: "A |\| B |-| C = A |-| C |\| (B |-| C)" by (rule Un_Diff[Transfer.transferred]) lemma finter_fminus: "A |\| B |-| C = A |\| (B |-| C)" by (rule Int_Diff[Transfer.transferred]) lemma fminus_finter_distrib: "C |\| (A |-| B) = C |\| A |-| (C |\| B)" by (rule Diff_Int_distrib[Transfer.transferred]) lemma fminus_finter_distrib2: "A |-| B |\| C = A |\| C |-| (B |\| C)" by (rule Diff_Int_distrib2[Transfer.transferred]) lemma fUNIV_bool[no_atp]: "fUNIV = {|False, True|}" by (rule UNIV_bool[Transfer.transferred]) lemma fPow_fempty[simp]: "fPow {||} = {|{||}|}" by (rule Pow_empty[Transfer.transferred]) lemma fPow_finsert: "fPow (finsert a A) = fPow A |\| finsert a |`| fPow A" by (rule Pow_insert[Transfer.transferred]) lemma funion_fPow_fsubset: "fPow A |\| fPow B |\| fPow (A |\| B)" by (rule Un_Pow_subset[Transfer.transferred]) lemma fPow_finter_eq[simp]: "fPow (A |\| B) = fPow A |\| fPow B" by (rule Pow_Int_eq[Transfer.transferred]) lemma fset_eq_fsubset: "(A = B) = (A |\| B \ B |\| A)" by (rule set_eq_subset[Transfer.transferred]) lemma fsubset_iff[no_atp]: "(A |\| B) = (\t. t |\| A \ t |\| B)" by (rule subset_iff[Transfer.transferred]) lemma fsubset_iff_pfsubset_eq: "(A |\| B) = (A |\| B \ A = B)" by (rule subset_iff_psubset_eq[Transfer.transferred]) lemma all_not_fin_conv[simp]: "(\x. x |\| A) = (A = {||})" by (rule all_not_in_conv[Transfer.transferred]) lemma ex_fin_conv: "(\x. x |\| A) = (A \ {||})" by (rule ex_in_conv[Transfer.transferred]) lemma fimage_mono: "A |\| B \ f |`| A |\| f |`| B" by (rule image_mono[Transfer.transferred]) lemma fPow_mono: "A |\| B \ fPow A |\| fPow B" by (rule Pow_mono[Transfer.transferred]) lemma finsert_mono: "C |\| D \ finsert a C |\| finsert a D" by (rule insert_mono[Transfer.transferred]) lemma funion_mono: "A |\| C \ B |\| D \ A |\| B |\| C |\| D" by (rule Un_mono[Transfer.transferred]) lemma finter_mono: "A |\| C \ B |\| D \ A |\| B |\| C |\| D" by (rule Int_mono[Transfer.transferred]) lemma fminus_mono: "A |\| C \ D |\| B \ A |-| B |\| C |-| D" by (rule Diff_mono[Transfer.transferred]) lemma fin_mono: "A |\| B \ x |\| A \ x |\| B" by (rule in_mono[Transfer.transferred]) lemma fthe_felem_eq[simp]: "fthe_elem {|x|} = x" by (rule the_elem_eq[Transfer.transferred]) lemma fLeast_mono: "mono f \ fBex S (\x. fBall S ((\) x)) \ (LEAST y. y |\| f |`| S) = f (LEAST x. x |\| S)" by (rule Least_mono[Transfer.transferred]) lemma fbind_fbind: "fbind (fbind A B) C = fbind A (\x. fbind (B x) C)" by (rule Set.bind_bind[Transfer.transferred]) lemma fempty_fbind[simp]: "fbind {||} f = {||}" by (rule empty_bind[Transfer.transferred]) lemma nonfempty_fbind_const: "A \ {||} \ fbind A (\_. B) = B" by (rule nonempty_bind_const[Transfer.transferred]) lemma fbind_const: "fbind A (\_. B) = (if A = {||} then {||} else B)" by (rule bind_const[Transfer.transferred]) lemma ffmember_filter[simp]: "(x |\| ffilter P A) = (x |\| A \ P x)" by (rule member_filter[Transfer.transferred]) lemma fequalityI: "A |\| B \ B |\| A \ A = B" by (rule equalityI[Transfer.transferred]) lemma fset_of_list_simps[simp]: "fset_of_list [] = {||}" "fset_of_list (x21 # x22) = finsert x21 (fset_of_list x22)" by (rule set_simps[Transfer.transferred])+ lemma fset_of_list_append[simp]: "fset_of_list (xs @ ys) = fset_of_list xs |\| fset_of_list ys" by (rule set_append[Transfer.transferred]) lemma fset_of_list_rev[simp]: "fset_of_list (rev xs) = fset_of_list xs" by (rule set_rev[Transfer.transferred]) lemma fset_of_list_map[simp]: "fset_of_list (map f xs) = f |`| fset_of_list xs" by (rule set_map[Transfer.transferred]) subsection \Additional lemmas\ subsubsection \\ffUnion\\ lemma ffUnion_funion_distrib[simp]: "ffUnion (A |\| B) = ffUnion A |\| ffUnion B" by (rule Union_Un_distrib[Transfer.transferred]) subsubsection \\fbind\\ lemma fbind_cong[fundef_cong]: "A = B \ (\x. x |\| B \ f x = g x) \ fbind A f = fbind B g" by transfer force subsubsection \\fsingleton\\ lemma fsingletonE: " b |\| {|a|} \ (b = a \ thesis) \ thesis" by (rule fsingletonD [elim_format]) subsubsection \\femepty\\ lemma fempty_ffilter[simp]: "ffilter (\_. False) A = {||}" by transfer auto (* FIXME, transferred doesn't work here *) lemma femptyE [elim!]: "a |\| {||} \ P" by simp subsubsection \\fset\\ lemma fset_simps[simp]: "fset {||} = {}" "fset (finsert x X) = insert x (fset X)" by (rule bot_fset.rep_eq finsert.rep_eq)+ lemma finite_fset [simp]: shows "finite (fset S)" by transfer simp lemmas fset_cong = fset_inject lemma filter_fset [simp]: shows "fset (ffilter P xs) = Collect P \ fset xs" by transfer auto -lemma notin_fset: "x |\| S \ x \ fset S" - by (simp add: fmember_iff_member_fset) - lemma inter_fset[simp]: "fset (A |\| B) = fset A \ fset B" by (rule inf_fset.rep_eq) lemma union_fset[simp]: "fset (A |\| B) = fset A \ fset B" by (rule sup_fset.rep_eq) lemma minus_fset[simp]: "fset (A |-| B) = fset A - fset B" by (rule minus_fset.rep_eq) subsubsection \\ffilter\\ lemma subset_ffilter: "ffilter P A |\| ffilter Q A = (\ x. x |\| A \ P x \ Q x)" by transfer auto lemma eq_ffilter: "(ffilter P A = ffilter Q A) = (\x. x |\| A \ P x = Q x)" by transfer auto lemma pfsubset_ffilter: "(\x. x |\| A \ P x \ Q x) \ (x |\| A \ \ P x \ Q x) \ ffilter P A |\| ffilter Q A" unfolding less_fset_def by (auto simp add: subset_ffilter eq_ffilter) subsubsection \\fset_of_list\\ lemma fset_of_list_filter[simp]: "fset_of_list (filter P xs) = ffilter P (fset_of_list xs)" by transfer (auto simp: Set.filter_def) lemma fset_of_list_subset[intro]: "set xs \ set ys \ fset_of_list xs |\| fset_of_list ys" by transfer simp lemma fset_of_list_elem: "(x |\| fset_of_list xs) \ (x \ set xs)" by transfer simp subsubsection \\finsert\\ (* FIXME, transferred doesn't work here *) lemma set_finsert: assumes "x |\| A" obtains B where "A = finsert x B" and "x |\| B" using assms by transfer (metis Set.set_insert finite_insert) lemma mk_disjoint_finsert: "a |\| A \ \B. A = finsert a B \ a |\| B" by (rule exI [where x = "A |-| {|a|}"]) blast lemma finsert_eq_iff: assumes "a |\| A" and "b |\| B" shows "(finsert a A = finsert b B) = (if a = b then A = B else \C. A = finsert b C \ b |\| C \ B = finsert a C \ a |\| C)" using assms by transfer (force simp: insert_eq_iff) subsubsection \\fimage\\ lemma subset_fimage_iff: "(B |\| f|`|A) = (\ AA. AA |\| A \ B = f|`|AA)" by transfer (metis mem_Collect_eq rev_finite_subset subset_image_iff) lemma fimage_strict_mono: assumes "inj_on f (fset B)" and "A |\| B" shows "f |`| A |\| f |`| B" \ \TODO: Configure transfer framework to lift @{thm Fun.image_strict_mono}.\ proof (rule pfsubsetI) from \A |\| B\ have "A |\| B" by (rule pfsubset_imp_fsubset) thus "f |`| A |\| f |`| B" by (rule fimage_mono) next from \A |\| B\ have "A |\| B" and "A \ B" by (simp_all add: pfsubset_eq) have "fset A \ fset B" using \A \ B\ by (simp add: fset_cong) hence "f ` fset A \ f ` fset B" using \A |\| B\ by (simp add: inj_on_image_eq_iff[OF \inj_on f (fset B)\] less_eq_fset.rep_eq) hence "fset (f |`| A) \ fset (f |`| B)" by (simp add: fimage.rep_eq) thus "f |`| A \ f |`| B" by (simp add: fset_cong) qed subsubsection \bounded quantification\ lemma bex_simps [simp, no_atp]: "\A P Q. fBex A (\x. P x \ Q) = (fBex A P \ Q)" "\A P Q. fBex A (\x. P \ Q x) = (P \ fBex A Q)" "\P. fBex {||} P = False" "\a B P. fBex (finsert a B) P = (P a \ fBex B P)" "\A P f. fBex (f |`| A) P = fBex A (\x. P (f x))" "\A P. (\ fBex A P) = fBall A (\x. \ P x)" by auto lemma ball_simps [simp, no_atp]: "\A P Q. fBall A (\x. P x \ Q) = (fBall A P \ Q)" "\A P Q. fBall A (\x. P \ Q x) = (P \ fBall A Q)" "\A P Q. fBall A (\x. P \ Q x) = (P \ fBall A Q)" "\A P Q. fBall A (\x. P x \ Q) = (fBex A P \ Q)" "\P. fBall {||} P = True" "\a B P. fBall (finsert a B) P = (P a \ fBall B P)" "\A P f. fBall (f |`| A) P = fBall A (\x. P (f x))" "\A P. (\ fBall A P) = fBex A (\x. \ P x)" by auto lemma atomize_fBall: "(\x. x |\| A ==> P x) == Trueprop (fBall A (\x. P x))" apply (simp only: atomize_all atomize_imp) apply (rule equal_intr_rule) by (transfer, simp)+ lemma fBall_mono[mono]: "P \ Q \ fBall S P \ fBall S Q" by auto lemma fBex_mono[mono]: "P \ Q \ fBex S P \ fBex S Q" by auto end subsubsection \\fcard\\ (* FIXME: improve transferred to handle bounded meta quantification *) lemma fcard_fempty: "fcard {||} = 0" by transfer (rule card.empty) lemma fcard_finsert_disjoint: "x |\| A \ fcard (finsert x A) = Suc (fcard A)" by transfer (rule card_insert_disjoint) lemma fcard_finsert_if: "fcard (finsert x A) = (if x |\| A then fcard A else Suc (fcard A))" by transfer (rule card_insert_if) lemma fcard_0_eq [simp, no_atp]: "fcard A = 0 \ A = {||}" by transfer (rule card_0_eq) lemma fcard_Suc_fminus1: "x |\| A \ Suc (fcard (A |-| {|x|})) = fcard A" by transfer (rule card_Suc_Diff1) lemma fcard_fminus_fsingleton: "x |\| A \ fcard (A |-| {|x|}) = fcard A - 1" by transfer (rule card_Diff_singleton) lemma fcard_fminus_fsingleton_if: "fcard (A |-| {|x|}) = (if x |\| A then fcard A - 1 else fcard A)" by transfer (rule card_Diff_singleton_if) lemma fcard_fminus_finsert[simp]: assumes "a |\| A" and "a |\| B" shows "fcard (A |-| finsert a B) = fcard (A |-| B) - 1" using assms by transfer (rule card_Diff_insert) lemma fcard_finsert: "fcard (finsert x A) = Suc (fcard (A |-| {|x|}))" by transfer (rule card.insert_remove) lemma fcard_finsert_le: "fcard A \ fcard (finsert x A)" by transfer (rule card_insert_le) lemma fcard_mono: "A |\| B \ fcard A \ fcard B" by transfer (rule card_mono) lemma fcard_seteq: "A |\| B \ fcard B \ fcard A \ A = B" by transfer (rule card_seteq) lemma pfsubset_fcard_mono: "A |\| B \ fcard A < fcard B" by transfer (rule psubset_card_mono) lemma fcard_funion_finter: "fcard A + fcard B = fcard (A |\| B) + fcard (A |\| B)" by transfer (rule card_Un_Int) lemma fcard_funion_disjoint: "A |\| B = {||} \ fcard (A |\| B) = fcard A + fcard B" by transfer (rule card_Un_disjoint) lemma fcard_funion_fsubset: "B |\| A \ fcard (A |-| B) = fcard A - fcard B" by transfer (rule card_Diff_subset) lemma diff_fcard_le_fcard_fminus: "fcard A - fcard B \ fcard(A |-| B)" by transfer (rule diff_card_le_card_Diff) lemma fcard_fminus1_less: "x |\| A \ fcard (A |-| {|x|}) < fcard A" by transfer (rule card_Diff1_less) lemma fcard_fminus2_less: "x |\| A \ y |\| A \ fcard (A |-| {|x|} |-| {|y|}) < fcard A" by transfer (rule card_Diff2_less) lemma fcard_fminus1_le: "fcard (A |-| {|x|}) \ fcard A" by transfer (rule card_Diff1_le) lemma fcard_pfsubset: "A |\| B \ fcard A < fcard B \ A < B" by transfer (rule card_psubset) subsubsection \\sorted_list_of_fset\\ lemma sorted_list_of_fset_simps[simp]: "set (sorted_list_of_fset S) = fset S" "fset_of_list (sorted_list_of_fset S) = S" by (transfer, simp)+ subsubsection \\ffold\\ (* FIXME: improve transferred to handle bounded meta quantification *) context comp_fun_commute begin lemma ffold_empty[simp]: "ffold f z {||} = z" by (rule fold_empty[Transfer.transferred]) lemma ffold_finsert [simp]: assumes "x |\| A" shows "ffold f z (finsert x A) = f x (ffold f z A)" using assms by (transfer fixing: f) (rule fold_insert) lemma ffold_fun_left_comm: "f x (ffold f z A) = ffold f (f x z) A" by (transfer fixing: f) (rule fold_fun_left_comm) lemma ffold_finsert2: "x |\| A \ ffold f z (finsert x A) = ffold f (f x z) A" by (transfer fixing: f) (rule fold_insert2) lemma ffold_rec: assumes "x |\| A" shows "ffold f z A = f x (ffold f z (A |-| {|x|}))" using assms by (transfer fixing: f) (rule fold_rec) lemma ffold_finsert_fremove: "ffold f z (finsert x A) = f x (ffold f z (A |-| {|x|}))" by (transfer fixing: f) (rule fold_insert_remove) end lemma ffold_fimage: assumes "inj_on g (fset A)" shows "ffold f z (g |`| A) = ffold (f \ g) z A" using assms by transfer' (rule fold_image) lemma ffold_cong: assumes "comp_fun_commute f" "comp_fun_commute g" "\x. x |\| A \ f x = g x" and "s = t" and "A = B" shows "ffold f s A = ffold g t B" using assms[unfolded comp_fun_commute_def'] by transfer (meson Finite_Set.fold_cong subset_UNIV) context comp_fun_idem begin lemma ffold_finsert_idem: "ffold f z (finsert x A) = f x (ffold f z A)" by (transfer fixing: f) (rule fold_insert_idem) declare ffold_finsert [simp del] ffold_finsert_idem [simp] lemma ffold_finsert_idem2: "ffold f z (finsert x A) = ffold f (f x z) A" by (transfer fixing: f) (rule fold_insert_idem2) end subsubsection \@{term fsubset}\ lemma wfP_pfsubset: "wfP (|\|)" proof (rule wfP_if_convertible_to_nat) show "\x y. x |\| y \ fcard x < fcard y" by (rule pfsubset_fcard_mono) qed subsubsection \Group operations\ locale comm_monoid_fset = comm_monoid begin sublocale set: comm_monoid_set .. lift_definition F :: "('b \ 'a) \ 'b fset \ 'a" is set.F . lemma cong[fundef_cong]: "A = B \ (\x. x |\| B \ g x = h x) \ F g A = F h B" by (rule set.cong[Transfer.transferred]) lemma cong_simp[cong]: "\ A = B; \x. x |\| B =simp=> g x = h x \ \ F g A = F h B" unfolding simp_implies_def by (auto cong: cong) end context comm_monoid_add begin sublocale fsum: comm_monoid_fset plus 0 rewrites "comm_monoid_set.F plus 0 = sum" defines fsum = fsum.F proof - show "comm_monoid_fset (+) 0" by standard show "comm_monoid_set.F (+) 0 = sum" unfolding sum_def .. qed end subsubsection \Semilattice operations\ locale semilattice_fset = semilattice begin sublocale set: semilattice_set .. lift_definition F :: "'a fset \ 'a" is set.F . lemma eq_fold: "F (finsert x A) = ffold f x A" by transfer (rule set.eq_fold) lemma singleton [simp]: "F {|x|} = x" by transfer (rule set.singleton) lemma insert_not_elem: "x |\| A \ A \ {||} \ F (finsert x A) = x \<^bold>* F A" by transfer (rule set.insert_not_elem) lemma in_idem: "x |\| A \ x \<^bold>* F A = F A" by transfer (rule set.in_idem) lemma insert [simp]: "A \ {||} \ F (finsert x A) = x \<^bold>* F A" by transfer (rule set.insert) end locale semilattice_order_fset = binary?: semilattice_order + semilattice_fset begin end context linorder begin sublocale fMin: semilattice_order_fset min less_eq less rewrites "semilattice_set.F min = Min" defines fMin = fMin.F proof - show "semilattice_order_fset min (\) (<)" by standard show "semilattice_set.F min = Min" unfolding Min_def .. qed sublocale fMax: semilattice_order_fset max greater_eq greater rewrites "semilattice_set.F max = Max" defines fMax = fMax.F proof - show "semilattice_order_fset max (\) (>)" by standard show "semilattice_set.F max = Max" unfolding Max_def .. qed end lemma mono_fMax_commute: "mono f \ A \ {||} \ f (fMax A) = fMax (f |`| A)" by transfer (rule mono_Max_commute) lemma mono_fMin_commute: "mono f \ A \ {||} \ f (fMin A) = fMin (f |`| A)" by transfer (rule mono_Min_commute) lemma fMax_in[simp]: "A \ {||} \ fMax A |\| A" by transfer (rule Max_in) lemma fMin_in[simp]: "A \ {||} \ fMin A |\| A" by transfer (rule Min_in) lemma fMax_ge[simp]: "x |\| A \ x \ fMax A" by transfer (rule Max_ge) lemma fMin_le[simp]: "x |\| A \ fMin A \ x" by transfer (rule Min_le) lemma fMax_eqI: "(\y. y |\| A \ y \ x) \ x |\| A \ fMax A = x" by transfer (rule Max_eqI) lemma fMin_eqI: "(\y. y |\| A \ x \ y) \ x |\| A \ fMin A = x" by transfer (rule Min_eqI) lemma fMax_finsert[simp]: "fMax (finsert x A) = (if A = {||} then x else max x (fMax A))" by transfer simp lemma fMin_finsert[simp]: "fMin (finsert x A) = (if A = {||} then x else min x (fMin A))" by transfer simp context linorder begin lemma fset_linorder_max_induct[case_names fempty finsert]: assumes "P {||}" and "\x S. \\y. y |\| S \ y < x; P S\ \ P (finsert x S)" shows "P S" proof - (* FIXME transfer and right_total vs. bi_total *) note Domainp_forall_transfer[transfer_rule] show ?thesis using assms by (transfer fixing: less) (auto intro: finite_linorder_max_induct) qed lemma fset_linorder_min_induct[case_names fempty finsert]: assumes "P {||}" and "\x S. \\y. y |\| S \ y > x; P S\ \ P (finsert x S)" shows "P S" proof - (* FIXME transfer and right_total vs. bi_total *) note Domainp_forall_transfer[transfer_rule] show ?thesis using assms by (transfer fixing: less) (auto intro: finite_linorder_min_induct) qed end subsection \Choice in fsets\ lemma fset_choice: assumes "\x. x |\| A \ (\y. P x y)" shows "\f. \x. x |\| A \ P x (f x)" using assms by transfer metis subsection \Induction and Cases rules for fsets\ lemma fset_exhaust [case_names empty insert, cases type: fset]: assumes fempty_case: "S = {||} \ P" and finsert_case: "\x S'. S = finsert x S' \ P" shows "P" using assms by transfer blast lemma fset_induct [case_names empty insert]: assumes fempty_case: "P {||}" and finsert_case: "\x S. P S \ P (finsert x S)" shows "P S" proof - (* FIXME transfer and right_total vs. bi_total *) note Domainp_forall_transfer[transfer_rule] show ?thesis using assms by transfer (auto intro: finite_induct) qed lemma fset_induct_stronger [case_names empty insert, induct type: fset]: assumes empty_fset_case: "P {||}" and insert_fset_case: "\x S. \x |\| S; P S\ \ P (finsert x S)" shows "P S" proof - (* FIXME transfer and right_total vs. bi_total *) note Domainp_forall_transfer[transfer_rule] show ?thesis using assms by transfer (auto intro: finite_induct) qed lemma fset_card_induct: assumes empty_fset_case: "P {||}" and card_fset_Suc_case: "\S T. Suc (fcard S) = (fcard T) \ P S \ P T" shows "P S" proof (induct S) case empty show "P {||}" by (rule empty_fset_case) next case (insert x S) have h: "P S" by fact have "x |\| S" by fact then have "Suc (fcard S) = fcard (finsert x S)" by transfer auto then show "P (finsert x S)" using h card_fset_Suc_case by simp qed lemma fset_strong_cases: obtains "xs = {||}" | ys x where "x |\| ys" and "xs = finsert x ys" by transfer blast lemma fset_induct2: "P {||} {||} \ (\x xs. x |\| xs \ P (finsert x xs) {||}) \ (\y ys. y |\| ys \ P {||} (finsert y ys)) \ (\x xs y ys. \P xs ys; x |\| xs; y |\| ys\ \ P (finsert x xs) (finsert y ys)) \ P xsa ysa" apply (induct xsa arbitrary: ysa) apply (induct_tac x rule: fset_induct_stronger) apply simp_all apply (induct_tac xa rule: fset_induct_stronger) apply simp_all done subsection \Setup for Lifting/Transfer\ subsubsection \Relator and predicator properties\ lift_definition rel_fset :: "('a \ 'b \ bool) \ 'a fset \ 'b fset \ bool" is rel_set parametric rel_set_transfer . lemma rel_fset_alt_def: "rel_fset R = (\A B. (\x.\y. x|\|A \ y|\|B \ R x y) \ (\y. \x. y|\|B \ x|\|A \ R x y))" apply (rule ext)+ apply transfer' apply (subst rel_set_def[unfolded fun_eq_iff]) by blast lemma finite_rel_set: assumes fin: "finite X" "finite Z" assumes R_S: "rel_set (R OO S) X Z" shows "\Y. finite Y \ rel_set R X Y \ rel_set S Y Z" proof - obtain f where f: "\x\X. R x (f x) \ (\z\Z. S (f x) z)" apply atomize_elim apply (subst bchoice_iff[symmetric]) using R_S[unfolded rel_set_def OO_def] by blast obtain g where g: "\z\Z. S (g z) z \ (\x\X. R x (g z))" apply atomize_elim apply (subst bchoice_iff[symmetric]) using R_S[unfolded rel_set_def OO_def] by blast let ?Y = "f ` X \ g ` Z" have "finite ?Y" by (simp add: fin) moreover have "rel_set R X ?Y" unfolding rel_set_def using f g by clarsimp blast moreover have "rel_set S ?Y Z" unfolding rel_set_def using f g by clarsimp blast ultimately show ?thesis by metis qed subsubsection \Transfer rules for the Transfer package\ text \Unconditional transfer rules\ context includes lifting_syntax begin lemma fempty_transfer [transfer_rule]: "rel_fset A {||} {||}" by (rule empty_transfer[Transfer.transferred]) lemma finsert_transfer [transfer_rule]: "(A ===> rel_fset A ===> rel_fset A) finsert finsert" unfolding rel_fun_def rel_fset_alt_def by blast lemma funion_transfer [transfer_rule]: "(rel_fset A ===> rel_fset A ===> rel_fset A) funion funion" unfolding rel_fun_def rel_fset_alt_def by blast lemma ffUnion_transfer [transfer_rule]: "(rel_fset (rel_fset A) ===> rel_fset A) ffUnion ffUnion" unfolding rel_fun_def rel_fset_alt_def by transfer (simp, fast) lemma fimage_transfer [transfer_rule]: "((A ===> B) ===> rel_fset A ===> rel_fset B) fimage fimage" unfolding rel_fun_def rel_fset_alt_def by simp blast lemma fBall_transfer [transfer_rule]: "(rel_fset A ===> (A ===> (=)) ===> (=)) fBall fBall" unfolding rel_fset_alt_def rel_fun_def by blast lemma fBex_transfer [transfer_rule]: "(rel_fset A ===> (A ===> (=)) ===> (=)) fBex fBex" unfolding rel_fset_alt_def rel_fun_def by blast (* FIXME transfer doesn't work here *) lemma fPow_transfer [transfer_rule]: "(rel_fset A ===> rel_fset (rel_fset A)) fPow fPow" unfolding rel_fun_def using Pow_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast lemma rel_fset_transfer [transfer_rule]: "((A ===> B ===> (=)) ===> rel_fset A ===> rel_fset B ===> (=)) rel_fset rel_fset" unfolding rel_fun_def using rel_set_transfer[unfolded rel_fun_def,rule_format, Transfer.transferred, where A = A and B = B] by simp lemma bind_transfer [transfer_rule]: "(rel_fset A ===> (A ===> rel_fset B) ===> rel_fset B) fbind fbind" unfolding rel_fun_def using bind_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast text \Rules requiring bi-unique, bi-total or right-total relations\ lemma fmember_transfer [transfer_rule]: assumes "bi_unique A" shows "(A ===> rel_fset A ===> (=)) (|\|) (|\|)" using assms unfolding rel_fun_def rel_fset_alt_def bi_unique_def by metis lemma finter_transfer [transfer_rule]: assumes "bi_unique A" shows "(rel_fset A ===> rel_fset A ===> rel_fset A) finter finter" using assms unfolding rel_fun_def using inter_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast lemma fminus_transfer [transfer_rule]: assumes "bi_unique A" shows "(rel_fset A ===> rel_fset A ===> rel_fset A) (|-|) (|-|)" using assms unfolding rel_fun_def using Diff_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast lemma fsubset_transfer [transfer_rule]: assumes "bi_unique A" shows "(rel_fset A ===> rel_fset A ===> (=)) (|\|) (|\|)" using assms unfolding rel_fun_def using subset_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast lemma fSup_transfer [transfer_rule]: "bi_unique A \ (rel_set (rel_fset A) ===> rel_fset A) Sup Sup" unfolding rel_fun_def apply clarify apply transfer' using Sup_fset_transfer[unfolded rel_fun_def] by blast (* FIXME: add right_total_fInf_transfer *) lemma fInf_transfer [transfer_rule]: assumes "bi_unique A" and "bi_total A" shows "(rel_set (rel_fset A) ===> rel_fset A) Inf Inf" using assms unfolding rel_fun_def apply clarify apply transfer' using Inf_fset_transfer[unfolded rel_fun_def] by blast lemma ffilter_transfer [transfer_rule]: assumes "bi_unique A" shows "((A ===> (=)) ===> rel_fset A ===> rel_fset A) ffilter ffilter" using assms unfolding rel_fun_def using Lifting_Set.filter_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast lemma card_transfer [transfer_rule]: "bi_unique A \ (rel_fset A ===> (=)) fcard fcard" unfolding rel_fun_def using card_transfer[unfolded rel_fun_def, rule_format, Transfer.transferred] by blast end lifting_update fset.lifting lifting_forget fset.lifting subsection \BNF setup\ context includes fset.lifting begin lemma rel_fset_alt: "rel_fset R a b \ (\t \ fset a. \u \ fset b. R t u) \ (\t \ fset b. \u \ fset a. R u t)" by transfer (simp add: rel_set_def) lemma fset_to_fset: "finite A \ fset (the_inv fset A) = A" apply (rule f_the_inv_into_f[unfolded inj_on_def]) apply (simp add: fset_inject) apply (rule range_eqI Abs_fset_inverse[symmetric] CollectI)+ . lemma rel_fset_aux: "(\t \ fset a. \u \ fset b. R t u) \ (\u \ fset b. \t \ fset a. R t u) \ ((BNF_Def.Grp {a. fset a \ {(a, b). R a b}} (fimage fst))\\ OO BNF_Def.Grp {a. fset a \ {(a, b). R a b}} (fimage snd)) a b" (is "?L = ?R") proof assume ?L define R' where "R' = the_inv fset (Collect (case_prod R) \ (fset a \ fset b))" (is "_ = the_inv fset ?L'") have "finite ?L'" by (intro finite_Int[OF disjI2] finite_cartesian_product) (transfer, simp)+ hence *: "fset R' = ?L'" unfolding R'_def by (intro fset_to_fset) show ?R unfolding Grp_def relcompp.simps conversep.simps proof (intro CollectI case_prodI exI[of _ a] exI[of _ b] exI[of _ R'] conjI refl) from * show "a = fimage fst R'" using conjunct1[OF \?L\] by (transfer, auto simp add: image_def Int_def split: prod.splits) from * show "b = fimage snd R'" using conjunct2[OF \?L\] by (transfer, auto simp add: image_def Int_def split: prod.splits) qed (auto simp add: *) next assume ?R thus ?L unfolding Grp_def relcompp.simps conversep.simps apply (simp add: subset_eq Ball_def) apply (rule conjI) apply (transfer, clarsimp, metis snd_conv) by (transfer, clarsimp, metis fst_conv) qed bnf "'a fset" map: fimage sets: fset bd: natLeq wits: "{||}" rel: rel_fset apply - apply transfer' apply simp apply transfer' apply force apply transfer apply force apply transfer' apply force apply (rule natLeq_card_order) apply (rule natLeq_cinfinite) apply (rule regularCard_natLeq) apply transfer apply (metis finite_iff_ordLess_natLeq) apply (fastforce simp: rel_fset_alt) apply (simp add: Grp_def relcompp.simps conversep.simps fun_eq_iff rel_fset_alt rel_fset_aux[unfolded OO_Grp_alt]) apply transfer apply simp done lemma rel_fset_fset: "rel_set \ (fset A1) (fset A2) = rel_fset \ A1 A2" by transfer (rule refl) end declare fset.map_comp[simp] fset.map_id[simp] fset.set_map[simp] subsection \Size setup\ context includes fset.lifting begin lift_definition size_fset :: "('a \ nat) \ 'a fset \ nat" is "\f. sum (Suc \ f)" . end instantiation fset :: (type) size begin definition size_fset where size_fset_overloaded_def: "size_fset = FSet.size_fset (\_. 0)" instance .. end lemma size_fset_simps[simp]: "size_fset f X = (\x \ fset X. Suc (f x))" by (rule size_fset_def[THEN meta_eq_to_obj_eq, THEN fun_cong, THEN fun_cong, unfolded map_fun_def comp_def id_apply]) lemma size_fset_overloaded_simps[simp]: "size X = (\x \ fset X. Suc 0)" by (rule size_fset_simps[of "\_. 0", unfolded add_0_left add_0_right, folded size_fset_overloaded_def]) lemma fset_size_o_map: "inj f \ size_fset g \ fimage f = size_fset (g \ f)" apply (subst fun_eq_iff) including fset.lifting by transfer (auto intro: sum.reindex_cong subset_inj_on) setup \ BNF_LFP_Size.register_size_global \<^type_name>\fset\ \<^const_name>\size_fset\ @{thm size_fset_overloaded_def} @{thms size_fset_simps size_fset_overloaded_simps} @{thms fset_size_o_map} \ lifting_update fset.lifting lifting_forget fset.lifting subsection \Advanced relator customization\ text \Set vs. sum relators:\ lemma rel_set_rel_sum[simp]: "rel_set (rel_sum \ \) A1 A2 \ rel_set \ (Inl -` A1) (Inl -` A2) \ rel_set \ (Inr -` A1) (Inr -` A2)" (is "?L \ ?Rl \ ?Rr") proof safe assume L: "?L" show ?Rl unfolding rel_set_def Bex_def vimage_eq proof safe fix l1 assume "Inl l1 \ A1" then obtain a2 where a2: "a2 \ A2" and "rel_sum \ \ (Inl l1) a2" using L unfolding rel_set_def by auto then obtain l2 where "a2 = Inl l2 \ \ l1 l2" by (cases a2, auto) thus "\ l2. Inl l2 \ A2 \ \ l1 l2" using a2 by auto next fix l2 assume "Inl l2 \ A2" then obtain a1 where a1: "a1 \ A1" and "rel_sum \ \ a1 (Inl l2)" using L unfolding rel_set_def by auto then obtain l1 where "a1 = Inl l1 \ \ l1 l2" by (cases a1, auto) thus "\ l1. Inl l1 \ A1 \ \ l1 l2" using a1 by auto qed show ?Rr unfolding rel_set_def Bex_def vimage_eq proof safe fix r1 assume "Inr r1 \ A1" then obtain a2 where a2: "a2 \ A2" and "rel_sum \ \ (Inr r1) a2" using L unfolding rel_set_def by auto then obtain r2 where "a2 = Inr r2 \ \ r1 r2" by (cases a2, auto) thus "\ r2. Inr r2 \ A2 \ \ r1 r2" using a2 by auto next fix r2 assume "Inr r2 \ A2" then obtain a1 where a1: "a1 \ A1" and "rel_sum \ \ a1 (Inr r2)" using L unfolding rel_set_def by auto then obtain r1 where "a1 = Inr r1 \ \ r1 r2" by (cases a1, auto) thus "\ r1. Inr r1 \ A1 \ \ r1 r2" using a1 by auto qed next assume Rl: "?Rl" and Rr: "?Rr" show ?L unfolding rel_set_def Bex_def vimage_eq proof safe fix a1 assume a1: "a1 \ A1" show "\ a2. a2 \ A2 \ rel_sum \ \ a1 a2" proof(cases a1) case (Inl l1) then obtain l2 where "Inl l2 \ A2 \ \ l1 l2" using Rl a1 unfolding rel_set_def by blast thus ?thesis unfolding Inl by auto next case (Inr r1) then obtain r2 where "Inr r2 \ A2 \ \ r1 r2" using Rr a1 unfolding rel_set_def by blast thus ?thesis unfolding Inr by auto qed next fix a2 assume a2: "a2 \ A2" show "\ a1. a1 \ A1 \ rel_sum \ \ a1 a2" proof(cases a2) case (Inl l2) then obtain l1 where "Inl l1 \ A1 \ \ l1 l2" using Rl a2 unfolding rel_set_def by blast thus ?thesis unfolding Inl by auto next case (Inr r2) then obtain r1 where "Inr r1 \ A1 \ \ r1 r2" using Rr a2 unfolding rel_set_def by blast thus ?thesis unfolding Inr by auto qed qed qed subsubsection \Countability\ lemma exists_fset_of_list: "\xs. fset_of_list xs = S" including fset.lifting by transfer (rule finite_list) lemma fset_of_list_surj[simp, intro]: "surj fset_of_list" proof - have "x \ range fset_of_list" for x :: "'a fset" unfolding image_iff using exists_fset_of_list by fastforce thus ?thesis by auto qed instance fset :: (countable) countable proof obtain to_nat :: "'a list \ nat" where "inj to_nat" by (metis ex_inj) moreover have "inj (inv fset_of_list)" using fset_of_list_surj by (rule surj_imp_inj_inv) ultimately have "inj (to_nat \ inv fset_of_list)" by (rule inj_compose) thus "\to_nat::'a fset \ nat. inj to_nat" by auto qed subsection \Quickcheck setup\ text \Setup adapted from sets.\ notation Quickcheck_Exhaustive.orelse (infixr "orelse" 55) context includes term_syntax begin definition [code_unfold]: "valterm_femptyset = Code_Evaluation.valtermify ({||} :: ('a :: typerep) fset)" definition [code_unfold]: "valtermify_finsert x s = Code_Evaluation.valtermify finsert {\} (x :: ('a :: typerep * _)) {\} s" end instantiation fset :: (exhaustive) exhaustive begin fun exhaustive_fset where "exhaustive_fset f i = (if i = 0 then None else (f {||} orelse exhaustive_fset (\A. f A orelse Quickcheck_Exhaustive.exhaustive (\x. if x |\| A then None else f (finsert x A)) (i - 1)) (i - 1)))" instance .. end instantiation fset :: (full_exhaustive) full_exhaustive begin fun full_exhaustive_fset where "full_exhaustive_fset f i = (if i = 0 then None else (f valterm_femptyset orelse full_exhaustive_fset (\A. f A orelse Quickcheck_Exhaustive.full_exhaustive (\x. if fst x |\| fst A then None else f (valtermify_finsert x A)) (i - 1)) (i - 1)))" instance .. end no_notation Quickcheck_Exhaustive.orelse (infixr "orelse" 55) instantiation fset :: (random) random begin context includes state_combinator_syntax begin fun random_aux_fset :: "natural \ natural \ natural \ natural \ ('a fset \ (unit \ term)) \ natural \ natural" where "random_aux_fset 0 j = Quickcheck_Random.collapse (Random.select_weight [(1, Pair valterm_femptyset)])" | "random_aux_fset (Code_Numeral.Suc i) j = Quickcheck_Random.collapse (Random.select_weight [(1, Pair valterm_femptyset), (Code_Numeral.Suc i, Quickcheck_Random.random j \\ (\x. random_aux_fset i j \\ (\s. Pair (valtermify_finsert x s))))])" lemma [code]: "random_aux_fset i j = Quickcheck_Random.collapse (Random.select_weight [(1, Pair valterm_femptyset), (i, Quickcheck_Random.random j \\ (\x. random_aux_fset (i - 1) j \\ (\s. Pair (valtermify_finsert x s))))])" proof (induct i rule: natural.induct) case zero show ?case by (subst select_weight_drop_zero[symmetric]) (simp add: less_natural_def) next case (Suc i) show ?case by (simp only: random_aux_fset.simps Suc_natural_minus_one) qed definition "random_fset i = random_aux_fset i i" instance .. end end end diff --git a/src/HOL/Probability/Fin_Map.thy b/src/HOL/Probability/Fin_Map.thy --- a/src/HOL/Probability/Fin_Map.thy +++ b/src/HOL/Probability/Fin_Map.thy @@ -1,1351 +1,1351 @@ (* Title: HOL/Probability/Fin_Map.thy Author: Fabian Immler, TU München *) section \Finite Maps\ theory Fin_Map imports "HOL-Analysis.Finite_Product_Measure" "HOL-Library.Finite_Map" begin text \The \<^type>\fmap\ type can be instantiated to \<^class>\polish_space\, needed for the proof of projective limit. \<^const>\extensional\ functions are used for the representation in order to stay close to the developments of (finite) products \<^const>\Pi\<^sub>E\ and their sigma-algebra \<^const>\Pi\<^sub>M\.\ type_notation fmap ("(_ \\<^sub>F /_)" [22, 21] 21) unbundle fmap.lifting subsection \Domain and Application\ lift_definition domain::"('i \\<^sub>F 'a) \ 'i set" is dom . lemma finite_domain[simp, intro]: "finite (domain P)" by transfer simp lift_definition proj :: "('i \\<^sub>F 'a) \ 'i \ 'a" ("'((_)')\<^sub>F" [0] 1000) is "\f x. if x \ dom f then the (f x) else undefined" . declare [[coercion proj]] lemma extensional_proj[simp, intro]: "(P)\<^sub>F \ extensional (domain P)" by transfer (auto simp: extensional_def) lemma proj_undefined[simp, intro]: "i \ domain P \ P i = undefined" using extensional_proj[of P] unfolding extensional_def by auto lemma finmap_eq_iff: "P = Q \ (domain P = domain Q \ (\i\domain P. P i = Q i))" apply transfer apply (safe intro!: ext) subgoal for P Q x by (cases "x \ dom P"; cases "P x") (auto dest!: bspec[where x=x]) done subsection \Constructor of Finite Maps\ lift_definition finmap_of::"'i set \ ('i \ 'a) \ ('i \\<^sub>F 'a)" is "\I f x. if x \ I \ finite I then Some (f x) else None" by (simp add: dom_def) lemma proj_finmap_of[simp]: assumes "finite inds" shows "(finmap_of inds f)\<^sub>F = restrict f inds" using assms by transfer force lemma domain_finmap_of[simp]: assumes "finite inds" shows "domain (finmap_of inds f) = inds" using assms by transfer (auto split: if_splits) lemma finmap_of_eq_iff[simp]: assumes "finite i" "finite j" shows "finmap_of i m = finmap_of j n \ i = j \ (\k\i. m k= n k)" using assms by (auto simp: finmap_eq_iff) lemma finmap_of_inj_on_extensional_finite: assumes "finite K" assumes "S \ extensional K" shows "inj_on (finmap_of K) S" proof (rule inj_onI) fix x y::"'a \ 'b" assume "finmap_of K x = finmap_of K y" hence "(finmap_of K x)\<^sub>F = (finmap_of K y)\<^sub>F" by simp moreover assume "x \ S" "y \ S" hence "x \ extensional K" "y \ extensional K" using assms by auto ultimately show "x = y" using assms by (simp add: extensional_restrict) qed subsection \Product set of Finite Maps\ text \This is \<^term>\Pi\ for Finite Maps, most of this is copied\ definition Pi' :: "'i set \ ('i \ 'a set) \ ('i \\<^sub>F 'a) set" where "Pi' I A = { P. domain P = I \ (\i. i \ I \ (P)\<^sub>F i \ A i) } " syntax "_Pi'" :: "[pttrn, 'a set, 'b set] => ('a => 'b) set" ("(3\'' _\_./ _)" 10) translations "\' x\A. B" == "CONST Pi' A (\x. B)" subsubsection\Basic Properties of \<^term>\Pi'\\ lemma Pi'_I[intro!]: "domain f = A \ (\x. x \ A \ f x \ B x) \ f \ Pi' A B" by (simp add: Pi'_def) lemma Pi'_I'[simp]: "domain f = A \ (\x. x \ A \ f x \ B x) \ f \ Pi' A B" by (simp add:Pi'_def) lemma Pi'_mem: "f\ Pi' A B \ x \ A \ f x \ B x" by (simp add: Pi'_def) lemma Pi'_iff: "f \ Pi' I X \ domain f = I \ (\i\I. f i \ X i)" unfolding Pi'_def by auto lemma Pi'E [elim]: "f \ Pi' A B \ (f x \ B x \ domain f = A \ Q) \ (x \ A \ Q) \ Q" by(auto simp: Pi'_def) lemma in_Pi'_cong: "domain f = domain g \ (\ w. w \ A \ f w = g w) \ f \ Pi' A B \ g \ Pi' A B" by (auto simp: Pi'_def) lemma Pi'_eq_empty[simp]: assumes "finite A" shows "(Pi' A B) = {} \ (\x\A. B x = {})" using assms apply (simp add: Pi'_def, auto) apply (drule_tac x = "finmap_of A (\u. SOME y. y \ B u)" in spec, auto) apply (cut_tac P= "%y. y \ B i" in some_eq_ex, auto) done lemma Pi'_mono: "(\x. x \ A \ B x \ C x) \ Pi' A B \ Pi' A C" by (auto simp: Pi'_def) lemma Pi_Pi': "finite A \ (Pi\<^sub>E A B) = proj ` Pi' A B" apply (auto simp: Pi'_def Pi_def extensional_def) apply (rule_tac x = "finmap_of A (restrict x A)" in image_eqI) apply auto done subsection \Topological Space of Finite Maps\ instantiation fmap :: (type, topological_space) topological_space begin definition open_fmap :: "('a \\<^sub>F 'b) set \ bool" where [code del]: "open_fmap = generate_topology {Pi' a b|a b. \i\a. open (b i)}" lemma open_Pi'I: "(\i. i \ I \ open (A i)) \ open (Pi' I A)" by (auto intro: generate_topology.Basis simp: open_fmap_def) instance using topological_space_generate_topology by intro_classes (auto simp: open_fmap_def class.topological_space_def) end lemma open_restricted_space: shows "open {m. P (domain m)}" proof - have "{m. P (domain m)} = (\i \ Collect P. {m. domain m = i})" by auto also have "open \" proof (rule, safe, cases) fix i::"'a set" assume "finite i" hence "{m. domain m = i} = Pi' i (\_. UNIV)" by (auto simp: Pi'_def) also have "open \" by (auto intro: open_Pi'I simp: \finite i\) finally show "open {m. domain m = i}" . next fix i::"'a set" assume "\ finite i" hence "{m. domain m = i} = {}" by auto also have "open \" by simp finally show "open {m. domain m = i}" . qed finally show ?thesis . qed lemma closed_restricted_space: shows "closed {m. P (domain m)}" using open_restricted_space[of "\x. \ P x"] unfolding closed_def by (rule back_subst) auto lemma tendsto_proj: "((\x. x) \ a) F \ ((\x. (x)\<^sub>F i) \ (a)\<^sub>F i) F" unfolding tendsto_def proof safe fix S::"'b set" let ?S = "Pi' (domain a) (\x. if x = i then S else UNIV)" assume "open S" hence "open ?S" by (auto intro!: open_Pi'I) moreover assume "\S. open S \ a \ S \ eventually (\x. x \ S) F" "a i \ S" ultimately have "eventually (\x. x \ ?S) F" by auto thus "eventually (\x. (x)\<^sub>F i \ S) F" by eventually_elim (insert \a i \ S\, force simp: Pi'_iff split: if_split_asm) qed lemma continuous_proj: shows "continuous_on s (\x. (x)\<^sub>F i)" unfolding continuous_on_def by (safe intro!: tendsto_proj tendsto_ident_at) instance fmap :: (type, first_countable_topology) first_countable_topology proof fix x::"'a\\<^sub>F'b" have "\i. \A. countable A \ (\a\A. x i \ a) \ (\a\A. open a) \ (\S. open S \ x i \ S \ (\a\A. a \ S)) \ (\a b. a \ A \ b \ A \ a \ b \ A)" (is "\i. ?th i") proof fix i from first_countable_basis_Int_stableE[of "x i"] obtain A where "countable A" "\C. C \ A \ (x)\<^sub>F i \ C" "\C. C \ A \ open C" "\S. open S \ (x)\<^sub>F i \ S \ \A\A. A \ S" "\C D. C \ A \ D \ A \ C \ D \ A" by auto thus "?th i" by (intro exI[where x=A]) simp qed then obtain A where A: "\i. countable (A i) \ Ball (A i) ((\) ((x)\<^sub>F i)) \ Ball (A i) open \ (\S. open S \ (x)\<^sub>F i \ S \ (\a\A i. a \ S)) \ (\a b. a \ A i \ b \ A i \ a \ b \ A i)" by (auto simp: choice_iff) hence open_sub: "\i S. i\domain x \ open (S i) \ x i\(S i) \ (\a\A i. a\(S i))" by auto have A_notempty: "\i. i \ domain x \ A i \ {}" using open_sub[of _ "\_. UNIV"] by auto let ?A = "(\f. Pi' (domain x) f) ` (Pi\<^sub>E (domain x) A)" show "\A::nat \ ('a\\<^sub>F'b) set. (\i. x \ (A i) \ open (A i)) \ (\S. open S \ x \ S \ (\i. A i \ S))" proof (rule first_countableI[of "?A"], safe) show "countable ?A" using A by (simp add: countable_PiE) next fix S::"('a \\<^sub>F 'b) set" assume "open S" "x \ S" thus "\a\?A. a \ S" unfolding open_fmap_def proof (induct rule: generate_topology.induct) case UNIV thus ?case by (auto simp add: ex_in_conv PiE_eq_empty_iff A_notempty) next case (Int a b) then obtain f g where "f \ Pi\<^sub>E (domain x) A" "Pi' (domain x) f \ a" "g \ Pi\<^sub>E (domain x) A" "Pi' (domain x) g \ b" by auto thus ?case using A by (auto simp: Pi'_iff PiE_iff extensional_def Int_stable_def intro!: bexI[where x="\i. f i \ g i"]) next case (UN B) then obtain b where "x \ b" "b \ B" by auto hence "\a\?A. a \ b" using UN by simp - thus ?case using \b \ B\ by blast + thus ?case using \b \ B\ by (metis Sup_upper2) next case (Basis s) then obtain a b where xs: "x\ Pi' a b" "s = Pi' a b" "\i. i\a \ open (b i)" by auto have "\i. \a. (i \ domain x \ open (b i) \ (x)\<^sub>F i \ b i) \ (a\A i \ a \ b i)" using open_sub[of _ b] by auto then obtain b' where "\i. i \ domain x \ open (b i) \ (x)\<^sub>F i \ b i \ (b' i \A i \ b' i \ b i)" unfolding choice_iff by auto with xs have "\i. i \ a \ (b' i \A i \ b' i \ b i)" "Pi' a b' \ Pi' a b" by (auto simp: Pi'_iff intro!: Pi'_mono) thus ?case using xs by (intro bexI[where x="Pi' a b'"]) (auto simp: Pi'_iff intro!: image_eqI[where x="restrict b' (domain x)"]) qed qed (insert A,auto simp: PiE_iff intro!: open_Pi'I) qed subsection \Metric Space of Finite Maps\ (* TODO: Product of uniform spaces and compatibility with metric_spaces! *) instantiation fmap :: (type, metric_space) dist begin definition dist_fmap where "dist P Q = Max (range (\i. dist ((P)\<^sub>F i) ((Q)\<^sub>F i))) + (if domain P = domain Q then 0 else 1)" instance .. end instantiation fmap :: (type, metric_space) uniformity_dist begin definition [code del]: "(uniformity :: (('a, 'b) fmap \ ('a \\<^sub>F 'b)) filter) = (INF e\{0 <..}. principal {(x, y). dist x y < e})" instance by standard (rule uniformity_fmap_def) end declare uniformity_Abort[where 'a="('a \\<^sub>F 'b::metric_space)", code] instantiation fmap :: (type, metric_space) metric_space begin lemma finite_proj_image': "x \ domain P \ finite ((P)\<^sub>F ` S)" by (rule finite_subset[of _ "proj P ` (domain P \ S \ {x})"]) auto lemma finite_proj_image: "finite ((P)\<^sub>F ` S)" by (cases "\x. x \ domain P") (auto intro: finite_proj_image' finite_subset[where B="domain P"]) lemma finite_proj_diag: "finite ((\i. d ((P)\<^sub>F i) ((Q)\<^sub>F i)) ` S)" proof - have "(\i. d ((P)\<^sub>F i) ((Q)\<^sub>F i)) ` S = (\(i, j). d i j) ` ((\i. ((P)\<^sub>F i, (Q)\<^sub>F i)) ` S)" by auto moreover have "((\i. ((P)\<^sub>F i, (Q)\<^sub>F i)) ` S) \ (\i. (P)\<^sub>F i) ` S \ (\i. (Q)\<^sub>F i) ` S" by auto moreover have "finite \" using finite_proj_image[of P S] finite_proj_image[of Q S] by (intro finite_cartesian_product) simp_all ultimately show ?thesis by (simp add: finite_subset) qed lemma dist_le_1_imp_domain_eq: shows "dist P Q < 1 \ domain P = domain Q" by (simp add: dist_fmap_def finite_proj_diag split: if_split_asm) lemma dist_proj: shows "dist ((x)\<^sub>F i) ((y)\<^sub>F i) \ dist x y" proof - have "dist (x i) (y i) \ Max (range (\i. dist (x i) (y i)))" by (simp add: Max_ge_iff finite_proj_diag) also have "\ \ dist x y" by (simp add: dist_fmap_def) finally show ?thesis . qed lemma dist_finmap_lessI: assumes "domain P = domain Q" assumes "0 < e" assumes "\i. i \ domain P \ dist (P i) (Q i) < e" shows "dist P Q < e" proof - have "dist P Q = Max (range (\i. dist (P i) (Q i)))" using assms by (simp add: dist_fmap_def finite_proj_diag) also have "\ < e" proof (subst Max_less_iff, safe) fix i show "dist ((P)\<^sub>F i) ((Q)\<^sub>F i) < e" using assms by (cases "i \ domain P") simp_all qed (simp add: finite_proj_diag) finally show ?thesis . qed instance proof fix S::"('a \\<^sub>F 'b) set" have *: "open S = (\x\S. \e>0. \y. dist y x < e \ y \ S)" (is "_ = ?od") proof assume "open S" thus ?od unfolding open_fmap_def proof (induct rule: generate_topology.induct) case UNIV thus ?case by (auto intro: zero_less_one) next case (Int a b) show ?case proof safe fix x assume x: "x \ a" "x \ b" with Int x obtain e1 e2 where "e1>0" "\y. dist y x < e1 \ y \ a" "e2>0" "\y. dist y x < e2 \ y \ b" by force thus "\e>0. \y. dist y x < e \ y \ a \ b" by (auto intro!: exI[where x="min e1 e2"]) qed next case (UN K) show ?case proof safe fix x X assume "x \ X" and X: "X \ K" with UN obtain e where "e>0" "\y. dist y x < e \ y \ X" by force with X show "\e>0. \y. dist y x < e \ y \ \K" by auto qed next case (Basis s) then obtain a b where s: "s = Pi' a b" and b: "\i. i\a \ open (b i)" by auto show ?case proof safe fix x assume "x \ s" hence [simp]: "finite a" and a_dom: "a = domain x" using s by (auto simp: Pi'_iff) obtain es where es: "\i \ a. es i > 0 \ (\y. dist y (proj x i) < es i \ y \ b i)" using b \x \ s\ by atomize_elim (intro bchoice, auto simp: open_dist s) hence in_b: "\i y. i \ a \ dist y (proj x i) < es i \ y \ b i" by auto show "\e>0. \y. dist y x < e \ y \ s" proof (cases, rule, safe) assume "a \ {}" show "0 < min 1 (Min (es ` a))" using es by (auto simp: \a \ {}\) fix y assume d: "dist y x < min 1 (Min (es ` a))" show "y \ s" unfolding s proof show "domain y = a" using d s \a \ {}\ by (auto simp: dist_le_1_imp_domain_eq a_dom) fix i assume i: "i \ a" hence "dist ((y)\<^sub>F i) ((x)\<^sub>F i) < es i" using d by (auto simp: dist_fmap_def \a \ {}\ intro!: le_less_trans[OF dist_proj]) with i show "y i \ b i" by (rule in_b) qed next assume "\a \ {}" thus "\e>0. \y. dist y x < e \ y \ s" using s \x \ s\ by (auto simp: Pi'_def dist_le_1_imp_domain_eq intro!: exI[where x=1]) qed qed qed next assume "\x\S. \e>0. \y. dist y x < e \ y \ S" then obtain e where e_pos: "\x. x \ S \ e x > 0" and e_in: "\x y . x \ S \ dist y x < e x \ y \ S" unfolding bchoice_iff by auto have S_eq: "S = \{Pi' a b| a b. \x\S. domain x = a \ b = (\i. ball (x i) (e x))}" proof safe fix x assume "x \ S" thus "x \ \{Pi' a b| a b. \x\S. domain x = a \ b = (\i. ball (x i) (e x))}" using e_pos by (auto intro!: exI[where x="Pi' (domain x) (\i. ball (x i) (e x))"]) next fix x y assume "y \ S" moreover assume "x \ (\' i\domain y. ball (y i) (e y))" hence "dist x y < e y" using e_pos \y \ S\ by (auto simp: dist_fmap_def Pi'_iff finite_proj_diag dist_commute) ultimately show "x \ S" by (rule e_in) qed also have "open \" unfolding open_fmap_def by (intro generate_topology.UN) (auto intro: generate_topology.Basis) finally show "open S" . qed show "open S = (\x\S. \\<^sub>F (x', y) in uniformity. x' = x \ y \ S)" unfolding * eventually_uniformity_metric by (simp del: split_paired_All add: dist_fmap_def dist_commute eq_commute) next fix P Q::"'a \\<^sub>F 'b" have Max_eq_iff: "\A m. finite A \ A \ {} \ (Max A = m) = (m \ A \ (\a\A. a \ m))" by (auto intro: Max_in Max_eqI) show "dist P Q = 0 \ P = Q" by (auto simp: finmap_eq_iff dist_fmap_def Max_ge_iff finite_proj_diag Max_eq_iff add_nonneg_eq_0_iff intro!: Max_eqI image_eqI[where x=undefined]) next fix P Q R::"'a \\<^sub>F 'b" let ?dists = "\P Q i. dist ((P)\<^sub>F i) ((Q)\<^sub>F i)" let ?dpq = "?dists P Q" and ?dpr = "?dists P R" and ?dqr = "?dists Q R" let ?dom = "\P Q. (if domain P = domain Q then 0 else 1::real)" have "dist P Q = Max (range ?dpq) + ?dom P Q" by (simp add: dist_fmap_def) also obtain t where "t \ range ?dpq" "t = Max (range ?dpq)" by (simp add: finite_proj_diag) then obtain i where "Max (range ?dpq) = ?dpq i" by auto also have "?dpq i \ ?dpr i + ?dqr i" by (rule dist_triangle2) also have "?dpr i \ Max (range ?dpr)" by (simp add: finite_proj_diag) also have "?dqr i \ Max (range ?dqr)" by (simp add: finite_proj_diag) also have "?dom P Q \ ?dom P R + ?dom Q R" by simp finally show "dist P Q \ dist P R + dist Q R" by (simp add: dist_fmap_def ac_simps) qed end subsection \Complete Space of Finite Maps\ lemma tendsto_finmap: fixes f::"nat \ ('i \\<^sub>F ('a::metric_space))" assumes ind_f: "\n. domain (f n) = domain g" assumes proj_g: "\i. i \ domain g \ (\n. (f n) i) \ g i" shows "f \ g" unfolding tendsto_iff proof safe fix e::real assume "0 < e" let ?dists = "\x i. dist ((f x)\<^sub>F i) ((g)\<^sub>F i)" have "eventually (\x. \i\domain g. ?dists x i < e) sequentially" using finite_domain[of g] proj_g proof induct case (insert i G) with \0 < e\ have "eventually (\x. ?dists x i < e) sequentially" by (auto simp add: tendsto_iff) moreover from insert have "eventually (\x. \i\G. dist ((f x)\<^sub>F i) ((g)\<^sub>F i) < e) sequentially" by simp ultimately show ?case by eventually_elim auto qed simp thus "eventually (\x. dist (f x) g < e) sequentially" by eventually_elim (auto simp add: dist_fmap_def finite_proj_diag ind_f \0 < e\) qed instance fmap :: (type, complete_space) complete_space proof fix P::"nat \ 'a \\<^sub>F 'b" assume "Cauchy P" then obtain Nd where Nd: "\n. n \ Nd \ dist (P n) (P Nd) < 1" by (force simp: Cauchy_altdef2) define d where "d = domain (P Nd)" with Nd have dim: "\n. n \ Nd \ domain (P n) = d" using dist_le_1_imp_domain_eq by auto have [simp]: "finite d" unfolding d_def by simp define p where "p i n = P n i" for i n define q where "q i = lim (p i)" for i define Q where "Q = finmap_of d q" have q: "\i. i \ d \ q i = Q i" by (auto simp add: Q_def Abs_fmap_inverse) { fix i assume "i \ d" have "Cauchy (p i)" unfolding Cauchy_altdef2 p_def proof safe fix e::real assume "0 < e" with \Cauchy P\ obtain N where N: "\n. n\N \ dist (P n) (P N) < min e 1" by (force simp: Cauchy_altdef2 min_def) hence "\n. n \ N \ domain (P n) = domain (P N)" using dist_le_1_imp_domain_eq by auto with dim have dim: "\n. n \ N \ domain (P n) = d" by (metis nat_le_linear) show "\N. \n\N. dist ((P n) i) ((P N) i) < e" proof (safe intro!: exI[where x="N"]) fix n assume "N \ n" have "N \ N" by simp have "dist ((P n) i) ((P N) i) \ dist (P n) (P N)" using dim[OF \N \ n\] dim[OF \N \ N\] \i \ d\ by (auto intro!: dist_proj) also have "\ < e" using N[OF \N \ n\] by simp finally show "dist ((P n) i) ((P N) i) < e" . qed qed hence "convergent (p i)" by (metis Cauchy_convergent_iff) hence "p i \ q i" unfolding q_def convergent_def by (metis limI) } note p = this have "P \ Q" proof (rule metric_LIMSEQ_I) fix e::real assume "0 < e" have "\ni. \i\d. \n\ni i. dist (p i n) (q i) < e" proof (safe intro!: bchoice) fix i assume "i \ d" from p[OF \i \ d\, THEN metric_LIMSEQ_D, OF \0 < e\] show "\no. \n\no. dist (p i n) (q i) < e" . qed then obtain ni where ni: "\i\d. \n\ni i. dist (p i n) (q i) < e" .. define N where "N = max Nd (Max (ni ` d))" show "\N. \n\N. dist (P n) Q < e" proof (safe intro!: exI[where x="N"]) fix n assume "N \ n" hence dom: "domain (P n) = d" "domain Q = d" "domain (P n) = domain Q" using dim by (simp_all add: N_def Q_def dim_def Abs_fmap_inverse) show "dist (P n) Q < e" proof (rule dist_finmap_lessI[OF dom(3) \0 < e\]) fix i assume "i \ domain (P n)" hence "ni i \ Max (ni ` d)" using dom by simp also have "\ \ N" by (simp add: N_def) finally show "dist ((P n)\<^sub>F i) ((Q)\<^sub>F i) < e" using ni \i \ domain (P n)\ \N \ n\ dom by (auto simp: p_def q N_def less_imp_le) qed qed qed thus "convergent P" by (auto simp: convergent_def) qed subsection \Second Countable Space of Finite Maps\ instantiation fmap :: (countable, second_countable_topology) second_countable_topology begin definition basis_proj::"'b set set" where "basis_proj = (SOME B. countable B \ topological_basis B)" lemma countable_basis_proj: "countable basis_proj" and basis_proj: "topological_basis basis_proj" unfolding basis_proj_def by (intro is_basis countable_basis)+ definition basis_finmap::"('a \\<^sub>F 'b) set set" where "basis_finmap = {Pi' I S|I S. finite I \ (\i \ I. S i \ basis_proj)}" lemma in_basis_finmapI: assumes "finite I" assumes "\i. i \ I \ S i \ basis_proj" shows "Pi' I S \ basis_finmap" using assms unfolding basis_finmap_def by auto lemma basis_finmap_eq: assumes "basis_proj \ {}" shows "basis_finmap = (\f. Pi' (domain f) (\i. from_nat_into basis_proj ((f)\<^sub>F i))) ` (UNIV::('a \\<^sub>F nat) set)" (is "_ = ?f ` _") unfolding basis_finmap_def proof safe fix I::"'a set" and S::"'a \ 'b set" assume "finite I" "\i\I. S i \ basis_proj" hence "Pi' I S = ?f (finmap_of I (\x. to_nat_on basis_proj (S x)))" by (force simp: Pi'_def countable_basis_proj) thus "Pi' I S \ range ?f" by simp next fix x and f::"'a \\<^sub>F nat" show "\I S. (\' i\domain f. from_nat_into basis_proj ((f)\<^sub>F i)) = Pi' I S \ finite I \ (\i\I. S i \ basis_proj)" using assms by (auto intro: from_nat_into) qed lemma basis_finmap_eq_empty: "basis_proj = {} \ basis_finmap = {Pi' {} undefined}" by (auto simp: Pi'_iff basis_finmap_def) lemma countable_basis_finmap: "countable basis_finmap" by (cases "basis_proj = {}") (auto simp: basis_finmap_eq basis_finmap_eq_empty) lemma finmap_topological_basis: "topological_basis basis_finmap" proof (subst topological_basis_iff, safe) fix B' assume "B' \ basis_finmap" thus "open B'" by (auto intro!: open_Pi'I topological_basis_open[OF basis_proj] simp: topological_basis_def basis_finmap_def Let_def) next fix O'::"('a \\<^sub>F 'b) set" and x assume O': "open O'" "x \ O'" then obtain a where a: "x \ Pi' (domain x) a" "Pi' (domain x) a \ O'" "\i. i\domain x \ open (a i)" unfolding open_fmap_def proof (atomize_elim, induct rule: generate_topology.induct) case (Int a b) let ?p="\a f. x \ Pi' (domain x) f \ Pi' (domain x) f \ a \ (\i. i \ domain x \ open (f i))" from Int obtain f g where "?p a f" "?p b g" by auto thus ?case by (force intro!: exI[where x="\i. f i \ g i"] simp: Pi'_def) next case (UN k) then obtain kk a where "x \ kk" "kk \ k" "x \ Pi' (domain x) a" "Pi' (domain x) a \ kk" "\i. i\domain x \ open (a i)" by force thus ?case by blast qed (auto simp: Pi'_def) have "\B. (\i\domain x. x i \ B i \ B i \ a i \ B i \ basis_proj)" proof (rule bchoice, safe) fix i assume "i \ domain x" hence "open (a i)" "x i \ a i" using a by auto from topological_basisE[OF basis_proj this] obtain b' where "b' \ basis_proj" "(x)\<^sub>F i \ b'" "b' \ a i" by blast thus "\y. x i \ y \ y \ a i \ y \ basis_proj" by auto qed then obtain B where B: "\i\domain x. (x)\<^sub>F i \ B i \ B i \ a i \ B i \ basis_proj" by auto define B' where "B' = Pi' (domain x) (\i. (B i)::'b set)" have "B' \ Pi' (domain x) a" using B by (auto intro!: Pi'_mono simp: B'_def) also note \\ \ O'\ finally show "\B'\basis_finmap. x \ B' \ B' \ O'" using B by (auto intro!: bexI[where x=B'] Pi'_mono in_basis_finmapI simp: B'_def) qed lemma range_enum_basis_finmap_imp_open: assumes "x \ basis_finmap" shows "open x" using finmap_topological_basis assms by (auto simp: topological_basis_def) instance proof qed (blast intro: finmap_topological_basis countable_basis_finmap topological_basis_imp_subbasis) end subsection \Polish Space of Finite Maps\ instance fmap :: (countable, polish_space) polish_space proof qed subsection \Product Measurable Space of Finite Maps\ definition "PiF I M \ sigma (\J \ I. (\' j\J. space (M j))) {(\' j\J. X j) |X J. J \ I \ X \ (\ j\J. sets (M j))}" abbreviation "Pi\<^sub>F I M \ PiF I M" syntax "_PiF" :: "pttrn \ 'i set \ 'a measure \ ('i => 'a) measure" ("(3\\<^sub>F _\_./ _)" 10) translations "\\<^sub>F x\I. M" == "CONST PiF I (%x. M)" lemma PiF_gen_subset: "{(\' j\J. X j) |X J. J \ I \ X \ (\ j\J. sets (M j))} \ Pow (\J \ I. (\' j\J. space (M j)))" by (auto simp: Pi'_def) (blast dest: sets.sets_into_space) lemma space_PiF: "space (PiF I M) = (\J \ I. (\' j\J. space (M j)))" unfolding PiF_def using PiF_gen_subset by (rule space_measure_of) lemma sets_PiF: "sets (PiF I M) = sigma_sets (\J \ I. (\' j\J. space (M j))) {(\' j\J. X j) |X J. J \ I \ X \ (\ j\J. sets (M j))}" unfolding PiF_def using PiF_gen_subset by (rule sets_measure_of) lemma sets_PiF_singleton: "sets (PiF {I} M) = sigma_sets (\' j\I. space (M j)) {(\' j\I. X j) |X. X \ (\ j\I. sets (M j))}" unfolding sets_PiF by simp lemma in_sets_PiFI: assumes "X = (Pi' J S)" "J \ I" "\i. i\J \ S i \ sets (M i)" shows "X \ sets (PiF I M)" unfolding sets_PiF using assms by blast lemma product_in_sets_PiFI: assumes "J \ I" "\i. i\J \ S i \ sets (M i)" shows "(Pi' J S) \ sets (PiF I M)" unfolding sets_PiF using assms by blast lemma singleton_space_subset_in_sets: fixes J assumes "J \ I" assumes "finite J" shows "space (PiF {J} M) \ sets (PiF I M)" using assms by (intro in_sets_PiFI[where J=J and S="\i. space (M i)"]) (auto simp: product_def space_PiF) lemma singleton_subspace_set_in_sets: assumes A: "A \ sets (PiF {J} M)" assumes "finite J" assumes "J \ I" shows "A \ sets (PiF I M)" using A[unfolded sets_PiF] apply (induct A) unfolding sets_PiF[symmetric] unfolding space_PiF[symmetric] using assms by (auto intro: in_sets_PiFI intro!: singleton_space_subset_in_sets) lemma finite_measurable_singletonI: assumes "finite I" assumes "\J. J \ I \ finite J" assumes MN: "\J. J \ I \ A \ measurable (PiF {J} M) N" shows "A \ measurable (PiF I M) N" unfolding measurable_def proof safe fix y assume "y \ sets N" have "A -` y \ space (PiF I M) = (\J\I. A -` y \ space (PiF {J} M))" by (auto simp: space_PiF) also have "\ \ sets (PiF I M)" proof (rule sets.finite_UN) show "finite I" by fact fix J assume "J \ I" with assms have "finite J" by simp show "A -` y \ space (PiF {J} M) \ sets (PiF I M)" by (rule singleton_subspace_set_in_sets[OF measurable_sets[OF assms(3)]]) fact+ qed finally show "A -` y \ space (PiF I M) \ sets (PiF I M)" . next fix x assume "x \ space (PiF I M)" thus "A x \ space N" using MN[of "domain x"] by (auto simp: space_PiF measurable_space Pi'_def) qed lemma countable_finite_comprehension: fixes f :: "'a::countable set \ _" assumes "\s. P s \ finite s" assumes "\s. P s \ f s \ sets M" shows "\{f s|s. P s} \ sets M" proof - have "\{f s|s. P s} = (\n::nat. let s = set (from_nat n) in if P s then f s else {})" proof safe fix x X s assume *: "x \ f s" "P s" with assms obtain l where "s = set l" using finite_list by blast with * show "x \ (\n. let s = set (from_nat n) in if P s then f s else {})" using \P s\ by (auto intro!: exI[where x="to_nat l"]) next fix x n assume "x \ (let s = set (from_nat n) in if P s then f s else {})" thus "x \ \{f s|s. P s}" using assms by (auto simp: Let_def split: if_split_asm) qed hence "\{f s|s. P s} = (\n. let s = set (from_nat n) in if P s then f s else {})" by simp also have "\ \ sets M" using assms by (auto simp: Let_def) finally show ?thesis . qed lemma space_subset_in_sets: fixes J::"'a::countable set set" assumes "J \ I" assumes "\j. j \ J \ finite j" shows "space (PiF J M) \ sets (PiF I M)" proof - have "space (PiF J M) = \{space (PiF {j} M)|j. j \ J}" unfolding space_PiF by blast also have "\ \ sets (PiF I M)" using assms by (intro countable_finite_comprehension) (auto simp: singleton_space_subset_in_sets) finally show ?thesis . qed lemma subspace_set_in_sets: fixes J::"'a::countable set set" assumes A: "A \ sets (PiF J M)" assumes "J \ I" assumes "\j. j \ J \ finite j" shows "A \ sets (PiF I M)" using A[unfolded sets_PiF] apply (induct A) unfolding sets_PiF[symmetric] unfolding space_PiF[symmetric] using assms by (auto intro: in_sets_PiFI intro!: space_subset_in_sets) lemma countable_measurable_PiFI: fixes I::"'a::countable set set" assumes MN: "\J. J \ I \ finite J \ A \ measurable (PiF {J} M) N" shows "A \ measurable (PiF I M) N" unfolding measurable_def proof safe fix y assume "y \ sets N" have "A -` y = (\{A -` y \ {x. domain x = J}|J. finite J})" by auto { fix x::"'a \\<^sub>F 'b" from finite_list[of "domain x"] obtain xs where "set xs = domain x" by auto hence "\n. domain x = set (from_nat n)" by (intro exI[where x="to_nat xs"]) auto } hence "A -` y \ space (PiF I M) = (\n. A -` y \ space (PiF ({set (from_nat n)}\I) M))" by (auto simp: space_PiF Pi'_def) also have "\ \ sets (PiF I M)" apply (intro sets.Int sets.countable_nat_UN subsetI, safe) apply (case_tac "set (from_nat i) \ I") apply simp_all apply (rule singleton_subspace_set_in_sets[OF measurable_sets[OF MN]]) using assms \y \ sets N\ apply (auto simp: space_PiF) done finally show "A -` y \ space (PiF I M) \ sets (PiF I M)" . next fix x assume "x \ space (PiF I M)" thus "A x \ space N" using MN[of "domain x"] by (auto simp: space_PiF measurable_space Pi'_def) qed lemma measurable_PiF: assumes f: "\x. x \ space N \ domain (f x) \ I \ (\i\domain (f x). (f x) i \ space (M i))" assumes S: "\J S. J \ I \ (\i. i \ J \ S i \ sets (M i)) \ f -` (Pi' J S) \ space N \ sets N" shows "f \ measurable N (PiF I M)" unfolding PiF_def using PiF_gen_subset apply (rule measurable_measure_of) using f apply force apply (insert S, auto) done lemma restrict_sets_measurable: assumes A: "A \ sets (PiF I M)" and "J \ I" shows "A \ {m. domain m \ J} \ sets (PiF J M)" using A[unfolded sets_PiF] proof (induct A) case (Basic a) then obtain K S where S: "a = Pi' K S" "K \ I" "(\i\K. S i \ sets (M i))" by auto show ?case proof cases assume "K \ J" hence "a \ {m. domain m \ J} \ {Pi' K X |X K. K \ J \ X \ (\ j\K. sets (M j))}" using S by (auto intro!: exI[where x=K] exI[where x=S] simp: Pi'_def) also have "\ \ sets (PiF J M)" unfolding sets_PiF by auto finally show ?thesis . next assume "K \ J" hence "a \ {m. domain m \ J} = {}" using S by (auto simp: Pi'_def) also have "\ \ sets (PiF J M)" by simp finally show ?thesis . qed next case (Union a) have "\(a ` UNIV) \ {m. domain m \ J} = (\i. (a i \ {m. domain m \ J}))" by simp also have "\ \ sets (PiF J M)" using Union by (intro sets.countable_nat_UN) auto finally show ?case . next case (Compl a) have "(space (PiF I M) - a) \ {m. domain m \ J} = (space (PiF J M) - (a \ {m. domain m \ J}))" using \J \ I\ by (auto simp: space_PiF Pi'_def) also have "\ \ sets (PiF J M)" using Compl by auto finally show ?case by (simp add: space_PiF) qed simp lemma measurable_finmap_of: assumes f: "\i. (\x \ space N. i \ J x) \ (\x. f x i) \ measurable N (M i)" assumes J: "\x. x \ space N \ J x \ I" "\x. x \ space N \ finite (J x)" assumes JN: "\S. {x. J x = S} \ space N \ sets N" shows "(\x. finmap_of (J x) (f x)) \ measurable N (PiF I M)" proof (rule measurable_PiF) fix x assume "x \ space N" with J[of x] measurable_space[OF f] show "domain (finmap_of (J x) (f x)) \ I \ (\i\domain (finmap_of (J x) (f x)). (finmap_of (J x) (f x)) i \ space (M i))" by auto next fix K S assume "K \ I" and *: "\i. i \ K \ S i \ sets (M i)" with J have eq: "(\x. finmap_of (J x) (f x)) -` Pi' K S \ space N = (if \x \ space N. K = J x \ finite K then if K = {} then {x \ space N. J x = K} else (\i\K. (\x. f x i) -` S i \ {x \ space N. J x = K}) else {})" by (auto simp: Pi'_def) have r: "{x \ space N. J x = K} = space N \ ({x. J x = K} \ space N)" by auto show "(\x. finmap_of (J x) (f x)) -` Pi' K S \ space N \ sets N" unfolding eq r apply (simp del: INT_simps add: ) apply (intro conjI impI sets.finite_INT JN sets.Int[OF sets.top]) apply simp apply assumption apply (subst Int_assoc[symmetric]) apply (rule sets.Int) apply (intro measurable_sets[OF f] *) apply force apply assumption apply (intro JN) done qed lemma measurable_PiM_finmap_of: assumes "finite J" shows "finmap_of J \ measurable (Pi\<^sub>M J M) (PiF {J} M)" apply (rule measurable_finmap_of) apply (rule measurable_component_singleton) apply simp apply rule apply (rule \finite J\) apply simp done lemma proj_measurable_singleton: assumes "A \ sets (M i)" shows "(\x. (x)\<^sub>F i) -` A \ space (PiF {I} M) \ sets (PiF {I} M)" proof cases assume "i \ I" hence "(\x. (x)\<^sub>F i) -` A \ space (PiF {I} M) = Pi' I (\x. if x = i then A else space (M x))" using sets.sets_into_space[OF ] \A \ sets (M i)\ assms by (auto simp: space_PiF Pi'_def) thus ?thesis using assms \A \ sets (M i)\ by (intro in_sets_PiFI) auto next assume "i \ I" hence "(\x. (x)\<^sub>F i) -` A \ space (PiF {I} M) = (if undefined \ A then space (PiF {I} M) else {})" by (auto simp: space_PiF Pi'_def) thus ?thesis by simp qed lemma measurable_proj_singleton: assumes "i \ I" shows "(\x. (x)\<^sub>F i) \ measurable (PiF {I} M) (M i)" by (unfold measurable_def, intro CollectI conjI ballI proj_measurable_singleton assms) (insert \i \ I\, auto simp: space_PiF) lemma measurable_proj_countable: fixes I::"'a::countable set set" assumes "y \ space (M i)" shows "(\x. if i \ domain x then (x)\<^sub>F i else y) \ measurable (PiF I M) (M i)" proof (rule countable_measurable_PiFI) fix J assume "J \ I" "finite J" show "(\x. if i \ domain x then x i else y) \ measurable (PiF {J} M) (M i)" unfolding measurable_def proof safe fix z assume "z \ sets (M i)" have "(\x. if i \ domain x then x i else y) -` z \ space (PiF {J} M) = (\x. if i \ J then (x)\<^sub>F i else y) -` z \ space (PiF {J} M)" by (auto simp: space_PiF Pi'_def) also have "\ \ sets (PiF {J} M)" using \z \ sets (M i)\ \finite J\ by (cases "i \ J") (auto intro!: measurable_sets[OF measurable_proj_singleton]) finally show "(\x. if i \ domain x then x i else y) -` z \ space (PiF {J} M) \ sets (PiF {J} M)" . qed (insert \y \ space (M i)\, auto simp: space_PiF Pi'_def) qed lemma measurable_restrict_proj: assumes "J \ II" "finite J" shows "finmap_of J \ measurable (PiM J M) (PiF II M)" using assms by (intro measurable_finmap_of measurable_component_singleton) auto lemma measurable_proj_PiM: fixes J K ::"'a::countable set" and I::"'a set set" assumes "finite J" "J \ I" assumes "x \ space (PiM J M)" shows "proj \ measurable (PiF {J} M) (PiM J M)" proof (rule measurable_PiM_single) show "proj \ space (PiF {J} M) \ (\\<^sub>E i \ J. space (M i))" using assms by (auto simp add: space_PiM space_PiF extensional_def sets_PiF Pi'_def) next fix A i assume A: "i \ J" "A \ sets (M i)" show "{\ \ space (PiF {J} M). (\)\<^sub>F i \ A} \ sets (PiF {J} M)" proof have "{\ \ space (PiF {J} M). (\)\<^sub>F i \ A} = (\\. (\)\<^sub>F i) -` A \ space (PiF {J} M)" by auto also have "\ \ sets (PiF {J} M)" using assms A by (auto intro: measurable_sets[OF measurable_proj_singleton] simp: space_PiM) finally show ?thesis . qed simp qed lemma space_PiF_singleton_eq_product: assumes "finite I" shows "space (PiF {I} M) = (\' i\I. space (M i))" by (auto simp: product_def space_PiF assms) text \adapted from @{thm sets_PiM_single}\ lemma sets_PiF_single: assumes "finite I" "I \ {}" shows "sets (PiF {I} M) = sigma_sets (\' i\I. space (M i)) {{f\\' i\I. space (M i). f i \ A} | i A. i \ I \ A \ sets (M i)}" (is "_ = sigma_sets ?\ ?R") unfolding sets_PiF_singleton proof (rule sigma_sets_eqI) interpret R: sigma_algebra ?\ "sigma_sets ?\ ?R" by (rule sigma_algebra_sigma_sets) auto fix A assume "A \ {Pi' I X |X. X \ (\ j\I. sets (M j))}" then obtain X where X: "A = Pi' I X" "X \ (\ j\I. sets (M j))" by auto show "A \ sigma_sets ?\ ?R" proof - from \I \ {}\ X have "A = (\j\I. {f\space (PiF {I} M). f j \ X j})" using sets.sets_into_space by (auto simp: space_PiF product_def) blast also have "\ \ sigma_sets ?\ ?R" using X \I \ {}\ assms by (intro R.finite_INT) (auto simp: space_PiF) finally show "A \ sigma_sets ?\ ?R" . qed next fix A assume "A \ ?R" then obtain i B where A: "A = {f\\' i\I. space (M i). f i \ B}" "i \ I" "B \ sets (M i)" by auto then have "A = (\' j \ I. if j = i then B else space (M j))" using sets.sets_into_space[OF A(3)] apply (auto simp: Pi'_iff split: if_split_asm) apply blast done also have "\ \ sigma_sets ?\ {Pi' I X |X. X \ (\ j\I. sets (M j))}" using A by (intro sigma_sets.Basic ) (auto intro: exI[where x="\j. if j = i then B else space (M j)"]) finally show "A \ sigma_sets ?\ {Pi' I X |X. X \ (\ j\I. sets (M j))}" . qed text \adapted from @{thm PiE_cong}\ lemma Pi'_cong: assumes "finite I" assumes "\i. i \ I \ f i = g i" shows "Pi' I f = Pi' I g" using assms by (auto simp: Pi'_def) text \adapted from @{thm Pi_UN}\ lemma Pi'_UN: fixes A :: "nat \ 'i \ 'a set" assumes "finite I" assumes mono: "\i n m. i \ I \ n \ m \ A n i \ A m i" shows "(\n. Pi' I (A n)) = Pi' I (\i. \n. A n i)" proof (intro set_eqI iffI) fix f assume "f \ Pi' I (\i. \n. A n i)" then have "\i\I. \n. f i \ A n i" "domain f = I" by (auto simp: \finite I\ Pi'_def) from bchoice[OF this(1)] obtain n where n: "\i. i \ I \ f i \ (A (n i) i)" by auto obtain k where k: "\i. i \ I \ n i \ k" using \finite I\ finite_nat_set_iff_bounded_le[of "n`I"] by auto have "f \ Pi' I (\i. A k i)" proof fix i assume "i \ I" from mono[OF this, of "n i" k] k[OF this] n[OF this] \domain f = I\ \i \ I\ show "f i \ A k i " by (auto simp: \finite I\) qed (simp add: \domain f = I\ \finite I\) then show "f \ (\n. Pi' I (A n))" by auto qed (auto simp: Pi'_def \finite I\) text \adapted from @{thm sets_PiM_sigma}\ lemma sigma_fprod_algebra_sigma_eq: fixes E :: "'i \ 'a set set" and S :: "'i \ nat \ 'a set" assumes [simp]: "finite I" "I \ {}" and S_union: "\i. i \ I \ (\j. S i j) = space (M i)" and S_in_E: "\i. i \ I \ range (S i) \ E i" assumes E_closed: "\i. i \ I \ E i \ Pow (space (M i))" and E_generates: "\i. i \ I \ sets (M i) = sigma_sets (space (M i)) (E i)" defines "P == { Pi' I F | F. \i\I. F i \ E i }" shows "sets (PiF {I} M) = sigma_sets (space (PiF {I} M)) P" proof let ?P = "sigma (space (Pi\<^sub>F {I} M)) P" from \finite I\[THEN ex_bij_betw_finite_nat] obtain T where "bij_betw T I {0..i. i \ I \ T i < card I" "\i. i\I \ the_inv_into I T (T i) = i" by (auto simp add: bij_betw_def set_eq_iff image_iff the_inv_into_f_f simp del: \finite I\) have P_closed: "P \ Pow (space (Pi\<^sub>F {I} M))" using E_closed by (auto simp: space_PiF P_def Pi'_iff subset_eq) then have space_P: "space ?P = (\' i\I. space (M i))" by (simp add: space_PiF) have "sets (PiF {I} M) = sigma_sets (space ?P) {{f \ \' i\I. space (M i). f i \ A} |i A. i \ I \ A \ sets (M i)}" using sets_PiF_single[of I M] by (simp add: space_P) also have "\ \ sets (sigma (space (PiF {I} M)) P)" proof (safe intro!: sets.sigma_sets_subset) fix i A assume "i \ I" and A: "A \ sets (M i)" have "(\x. (x)\<^sub>F i) \ measurable ?P (sigma (space (M i)) (E i))" proof (subst measurable_iff_measure_of) show "E i \ Pow (space (M i))" using \i \ I\ by fact from space_P \i \ I\ show "(\x. (x)\<^sub>F i) \ space ?P \ space (M i)" by auto show "\A\E i. (\x. (x)\<^sub>F i) -` A \ space ?P \ sets ?P" proof fix A assume A: "A \ E i" from T have *: "\xs. length xs = card I \ (\j\I. (g)\<^sub>F j \ (if i = j then A else S j (xs ! T j)))" if "domain g = I" and "\j\I. (g)\<^sub>F j \ (if i = j then A else S j (f j))" for g f using that by (auto intro!: exI [of _ "map (\n. f (the_inv_into I T n)) [0..x. (x)\<^sub>F i) -` A \ space ?P = (\' j\I. if i = j then A else space (M j))" using E_closed \i \ I\ by (auto simp: space_P Pi_iff subset_eq split: if_split_asm) also have "\ = (\' j\I. \n. if i = j then A else S j n)" by (intro Pi'_cong) (simp_all add: S_union) also have "\ = {g. domain g = I \ (\f. \j\I. (g)\<^sub>F j \ (if i = j then A else S j (f j)))}" by (rule set_eqI) (simp del: if_image_distrib add: Pi'_iff bchoice_iff) also have "\ = (\xs\{xs. length xs = card I}. \' j\I. if i = j then A else S j (xs ! T j))" using * by (auto simp add: Pi'_iff split del: if_split) also have "\ \ sets ?P" proof (safe intro!: sets.countable_UN) fix xs show "(\' j\I. if i = j then A else S j (xs ! T j)) \ sets ?P" using A S_in_E by (simp add: P_closed) (auto simp: P_def subset_eq intro!: exI[of _ "\j. if i = j then A else S j (xs ! T j)"]) qed finally show "(\x. (x)\<^sub>F i) -` A \ space ?P \ sets ?P" using P_closed by simp qed qed from measurable_sets[OF this, of A] A \i \ I\ E_closed have "(\x. (x)\<^sub>F i) -` A \ space ?P \ sets ?P" by (simp add: E_generates) also have "(\x. (x)\<^sub>F i) -` A \ space ?P = {f \ \' i\I. space (M i). f i \ A}" using P_closed by (auto simp: space_PiF) finally show "\ \ sets ?P" . qed finally show "sets (PiF {I} M) \ sigma_sets (space (PiF {I} M)) P" by (simp add: P_closed) show "sigma_sets (space (PiF {I} M)) P \ sets (PiF {I} M)" using \finite I\ \I \ {}\ by (auto intro!: sets.sigma_sets_subset product_in_sets_PiFI simp: E_generates P_def) qed lemma product_open_generates_sets_PiF_single: assumes "I \ {}" assumes [simp]: "finite I" shows "sets (PiF {I} (\_. borel::'b::second_countable_topology measure)) = sigma_sets (space (PiF {I} (\_. borel))) {Pi' I F |F. (\i\I. F i \ Collect open)}" proof - from open_countable_basisE[OF open_UNIV] obtain S::"'b set set" where S: "S \ (SOME B. countable B \ topological_basis B)" "UNIV = \ S" by auto show ?thesis proof (rule sigma_fprod_algebra_sigma_eq) show "finite I" by simp show "I \ {}" by fact define S' where "S' = from_nat_into S" show "(\j. S' j) = space borel" using S apply (auto simp add: from_nat_into countable_basis_proj S'_def basis_proj_def) apply (metis (lifting, mono_tags) UNIV_I UnionE basis_proj_def countable_basis_proj countable_subset from_nat_into_surj) done show "range S' \ Collect open" using S apply (auto simp add: from_nat_into countable_basis_proj S'_def) apply (metis UNIV_not_empty Union_empty from_nat_into subsetD topological_basis_open[OF basis_proj] basis_proj_def) done show "Collect open \ Pow (space borel)" by simp show "sets borel = sigma_sets (space borel) (Collect open)" by (simp add: borel_def) qed qed lemma finmap_UNIV[simp]: "(\J\Collect finite. \' j\J. UNIV) = UNIV" by auto lemma borel_eq_PiF_borel: shows "(borel :: ('i::countable \\<^sub>F 'a::polish_space) measure) = PiF (Collect finite) (\_. borel :: 'a measure)" unfolding borel_def PiF_def proof (rule measure_eqI, clarsimp, rule sigma_sets_eqI) fix a::"('i \\<^sub>F 'a) set" assume "a \ Collect open" hence "open a" by simp then obtain B' where B': "B'\basis_finmap" "a = \B'" using finmap_topological_basis by (force simp add: topological_basis_def) have "a \ sigma UNIV {Pi' J X |X J. finite J \ X \ J \ sigma_sets UNIV (Collect open)}" unfolding \a = \B'\ proof (rule sets.countable_Union) from B' countable_basis_finmap show "countable B'" by (metis countable_subset) next show "B' \ sets (sigma UNIV {Pi' J X |X J. finite J \ X \ J \ sigma_sets UNIV (Collect open)})" (is "_ \ sets ?s") proof fix x assume "x \ B'" with B' have "x \ basis_finmap" by auto then obtain J X where "x = Pi' J X" "finite J" "X \ J \ sigma_sets UNIV (Collect open)" by (auto simp: basis_finmap_def topological_basis_open[OF basis_proj]) thus "x \ sets ?s" by auto qed qed thus "a \ sigma_sets UNIV {Pi' J X |X J. finite J \ X \ J \ sigma_sets UNIV (Collect open)}" by simp next fix b::"('i \\<^sub>F 'a) set" assume "b \ {Pi' J X |X J. finite J \ X \ J \ sigma_sets UNIV (Collect open)}" hence b': "b \ sets (Pi\<^sub>F (Collect finite) (\_. borel))" by (auto simp: sets_PiF borel_def) let ?b = "\J. b \ {x. domain x = J}" have "b = \((\J. ?b J) ` Collect finite)" by auto also have "\ \ sets borel" proof (rule sets.countable_Union, safe) fix J::"'i set" assume "finite J" { assume ef: "J = {}" have "?b J \ sets borel" proof cases assume "?b J \ {}" then obtain f where "f \ b" "domain f = {}" using ef by auto hence "?b J = {f}" using \J = {}\ by (auto simp: finmap_eq_iff) also have "{f} \ sets borel" by simp finally show ?thesis . qed simp } moreover { assume "J \ ({}::'i set)" have "(?b J) = b \ {m. domain m \ {J}}" by auto also have "\ \ sets (PiF {J} (\_. borel))" using b' by (rule restrict_sets_measurable) (auto simp: \finite J\) also have "\ = sigma_sets (space (PiF {J} (\_. borel))) {Pi' (J) F |F. (\j\J. F j \ Collect open)}" (is "_ = sigma_sets _ ?P") by (rule product_open_generates_sets_PiF_single[OF \J \ {}\ \finite J\]) also have "\ \ sigma_sets UNIV (Collect open)" by (intro sigma_sets_mono'') (auto intro!: open_Pi'I simp: space_PiF) finally have "(?b J) \ sets borel" by (simp add: borel_def) } ultimately show "(?b J) \ sets borel" by blast qed (simp add: countable_Collect_finite) finally show "b \ sigma_sets UNIV (Collect open)" by (simp add: borel_def) qed (simp add: emeasure_sigma borel_def PiF_def) subsection \Isomorphism between Functions and Finite Maps\ lemma measurable_finmap_compose: shows "(\m. compose J m f) \ measurable (PiM (f ` J) (\_. M)) (PiM J (\_. M))" unfolding compose_def by measurable lemma measurable_compose_inv: assumes inj: "\j. j \ J \ f' (f j) = j" shows "(\m. compose (f ` J) m f') \ measurable (PiM J (\_. M)) (PiM (f ` J) (\_. M))" unfolding compose_def by (rule measurable_restrict) (auto simp: inj) locale function_to_finmap = fixes J::"'a set" and f :: "'a \ 'b::countable" and f' assumes [simp]: "finite J" assumes inv: "i \ J \ f' (f i) = i" begin text \to measure finmaps\ definition "fm = (finmap_of (f ` J)) o (\g. compose (f ` J) g f')" lemma domain_fm[simp]: "domain (fm x) = f ` J" unfolding fm_def by simp lemma fm_restrict[simp]: "fm (restrict y J) = fm y" unfolding fm_def by (auto simp: compose_def inv intro: restrict_ext) lemma fm_product: assumes "\i. space (M i) = UNIV" shows "fm -` Pi' (f ` J) S \ space (Pi\<^sub>M J M) = (\\<^sub>E j \ J. S (f j))" using assms by (auto simp: inv fm_def compose_def space_PiM Pi'_def) lemma fm_measurable: assumes "f ` J \ N" shows "fm \ measurable (Pi\<^sub>M J (\_. M)) (Pi\<^sub>F N (\_. M))" unfolding fm_def proof (rule measurable_comp, rule measurable_compose_inv) show "finmap_of (f ` J) \ measurable (Pi\<^sub>M (f ` J) (\_. M)) (PiF N (\_. M)) " using assms by (intro measurable_finmap_of measurable_component_singleton) auto qed (simp_all add: inv) lemma proj_fm: assumes "x \ J" shows "fm m (f x) = m x" using assms by (auto simp: fm_def compose_def o_def inv) lemma inj_on_compose_f': "inj_on (\g. compose (f ` J) g f') (extensional J)" proof (rule inj_on_inverseI) fix x::"'a \ 'c" assume "x \ extensional J" thus "(\x. compose J x f) (compose (f ` J) x f') = x" by (auto simp: compose_def inv extensional_def) qed lemma inj_on_fm: assumes "\i. space (M i) = UNIV" shows "inj_on fm (space (Pi\<^sub>M J M))" using assms apply (auto simp: fm_def space_PiM PiE_def) apply (rule comp_inj_on) apply (rule inj_on_compose_f') apply (rule finmap_of_inj_on_extensional_finite) apply simp apply (auto) done text \to measure functions\ definition "mf = (\g. compose J g f) o proj" lemma mf_fm: assumes "x \ space (Pi\<^sub>M J (\_. M))" shows "mf (fm x) = x" proof - have "mf (fm x) \ extensional J" by (auto simp: mf_def extensional_def compose_def) moreover have "x \ extensional J" using assms sets.sets_into_space by (force simp: space_PiM PiE_def) moreover { fix i assume "i \ J" hence "mf (fm x) i = x i" by (auto simp: inv mf_def compose_def fm_def) } ultimately show ?thesis by (rule extensionalityI) qed lemma mf_measurable: assumes "space M = UNIV" shows "mf \ measurable (PiF {f ` J} (\_. M)) (PiM J (\_. M))" unfolding mf_def proof (rule measurable_comp, rule measurable_proj_PiM) show "(\g. compose J g f) \ measurable (Pi\<^sub>M (f ` J) (\x. M)) (Pi\<^sub>M J (\_. M))" by (rule measurable_finmap_compose) qed (auto simp add: space_PiM extensional_def assms) lemma fm_image_measurable: assumes "space M = UNIV" assumes "X \ sets (Pi\<^sub>M J (\_. M))" shows "fm ` X \ sets (PiF {f ` J} (\_. M))" proof - have "fm ` X = (mf) -` X \ space (PiF {f ` J} (\_. M))" proof safe fix x assume "x \ X" with mf_fm[of x] sets.sets_into_space[OF assms(2)] show "fm x \ mf -` X" by auto show "fm x \ space (PiF {f ` J} (\_. M))" by (simp add: space_PiF assms) next fix y x assume x: "mf y \ X" assume y: "y \ space (PiF {f ` J} (\_. M))" thus "y \ fm ` X" by (intro image_eqI[OF _ x], unfold finmap_eq_iff) (auto simp: space_PiF fm_def mf_def compose_def inv Pi'_def) qed also have "\ \ sets (PiF {f ` J} (\_. M))" using assms by (intro measurable_sets[OF mf_measurable]) auto finally show ?thesis . qed lemma fm_image_measurable_finite: assumes "space M = UNIV" assumes "X \ sets (Pi\<^sub>M J (\_. M::'c measure))" shows "fm ` X \ sets (PiF (Collect finite) (\_. M::'c measure))" using fm_image_measurable[OF assms] by (rule subspace_set_in_sets) (auto simp: finite_subset) text \measure on finmaps\ definition "mapmeasure M N = distr M (PiF (Collect finite) N) (fm)" lemma sets_mapmeasure[simp]: "sets (mapmeasure M N) = sets (PiF (Collect finite) N)" unfolding mapmeasure_def by simp lemma space_mapmeasure[simp]: "space (mapmeasure M N) = space (PiF (Collect finite) N)" unfolding mapmeasure_def by simp lemma mapmeasure_PiF: assumes s1: "space M = space (Pi\<^sub>M J (\_. N))" assumes s2: "sets M = sets (Pi\<^sub>M J (\_. N))" assumes "space N = UNIV" assumes "X \ sets (PiF (Collect finite) (\_. N))" shows "emeasure (mapmeasure M (\_. N)) X = emeasure M ((fm -` X \ extensional J))" using assms by (auto simp: measurable_cong_sets[OF s2 refl] mapmeasure_def emeasure_distr fm_measurable space_PiM PiE_def) lemma mapmeasure_PiM: fixes N::"'c measure" assumes s1: "space M = space (Pi\<^sub>M J (\_. N))" assumes s2: "sets M = (Pi\<^sub>M J (\_. N))" assumes N: "space N = UNIV" assumes X: "X \ sets M" shows "emeasure M X = emeasure (mapmeasure M (\_. N)) (fm ` X)" unfolding mapmeasure_def proof (subst emeasure_distr, subst measurable_cong_sets[OF s2 refl], rule fm_measurable) have "X \ space (Pi\<^sub>M J (\_. N))" using assms by (simp add: sets.sets_into_space) from assms inj_on_fm[of "\_. N"] subsetD[OF this] have "fm -` fm ` X \ space (Pi\<^sub>M J (\_. N)) = X" by (auto simp: vimage_image_eq inj_on_def) thus "emeasure M X = emeasure M (fm -` fm ` X \ space M)" using s1 by simp show "fm ` X \ sets (PiF (Collect finite) (\_. N))" by (rule fm_image_measurable_finite[OF N X[simplified s2]]) qed simp end end