diff --git a/src/ZF/AC/AC15_WO6.thy b/src/ZF/AC/AC15_WO6.thy --- a/src/ZF/AC/AC15_WO6.thy +++ b/src/ZF/AC/AC15_WO6.thy @@ -1,289 +1,289 @@ (* Title: ZF/AC/AC15_WO6.thy Author: Krzysztof Grabczewski The proofs needed to state that AC10, ..., AC15 are equivalent to the rest. We need the following: WO1 \ AC10(n) \ AC11 \ AC12 \ AC15 \ WO6 In order to add the formulations AC13 and AC14 we need: AC10(succ(n)) \ AC13(n) \ AC14 \ AC15 or AC1 \ AC13(1); AC13(m) \ AC13(n) \ AC14 \ AC15 (m\n) So we don't have to prove all implications of both cases. Moreover we don't need to prove AC13(1) \ AC1 and AC11 \ AC14 as -Rubin \ Rubin do. +Rubin & Rubin do. *) theory AC15_WO6 imports HH Cardinal_aux begin (* ********************************************************************** *) (* Lemmas used in the proofs in which the conclusion is AC13, AC14 *) (* or AC15 *) (* - cons_times_nat_not_Finite *) (* - ex_fun_AC13_AC15 *) (* ********************************************************************** *) lemma lepoll_Sigma: "A\0 \ B \ A*B" unfolding lepoll_def apply (erule not_emptyE) apply (rule_tac x = "\z \ B. \x,z\" in exI) apply (fast intro!: snd_conv lam_injective) done lemma cons_times_nat_not_Finite: "0\A \ \B \ {cons(0,x*nat). x \ A}. \Finite(B)" apply clarify apply (rule nat_not_Finite [THEN notE] ) apply (subgoal_tac "x \ 0") apply (blast intro: lepoll_Sigma [THEN lepoll_Finite])+ done lemma lemma1: "\\(C)=A; a \ A\ \ \B \ C. a \ B \ B \ A" by fast lemma lemma2: "\pairwise_disjoint(A); B \ A; C \ A; a \ B; a \ C\ \ B=C" by (unfold pairwise_disjoint_def, blast) lemma lemma3: "\B \ {cons(0, x*nat). x \ A}. pairwise_disjoint(f`B) \ sets_of_size_between(f`B, 2, n) \ \(f`B)=B \ \B \ A. \! u. u \ f`cons(0, B*nat) \ u \ cons(0, B*nat) \ 0 \ u \ 2 \ u \ u \ n" unfolding sets_of_size_between_def apply (rule ballI) apply (erule_tac x="cons(0, B*nat)" in ballE) apply (blast dest: lemma1 intro!: lemma2, blast) done lemma lemma4: "\A \ i; Ord(i)\ \ {P(a). a \ A} \ i" unfolding lepoll_def apply (erule exE) apply (rule_tac x = "\x \ RepFun(A,P). \ j. \a\A. x=P(a) \ f`a=j" in exI) apply (rule_tac d = "\y. P (converse (f) `y) " in lam_injective) apply (erule RepFunE) apply (frule inj_is_fun [THEN apply_type], assumption) apply (fast intro: LeastI2 elim!: Ord_in_Ord inj_is_fun [THEN apply_type]) apply (erule RepFunE) apply (rule LeastI2) apply fast apply (fast elim!: Ord_in_Ord inj_is_fun [THEN apply_type]) apply (fast elim: sym left_inverse [THEN ssubst]) done lemma lemma5_1: "\B \ A; 2 \ u(B)\ \ (\x \ A. {fst(x). x \ u(x)-{0}})`B \ 0" apply simp apply (fast dest: lepoll_Diff_sing elim: lepoll_trans [THEN succ_lepoll_natE] ssubst intro!: lepoll_refl) done lemma lemma5_2: "\B \ A; u(B) \ cons(0, B*nat)\ \ (\x \ A. {fst(x). x \ u(x)-{0}})`B \ B" apply auto done lemma lemma5_3: "\n \ nat; B \ A; 0 \ u(B); u(B) \ succ(n)\ \ (\x \ A. {fst(x). x \ u(x)-{0}})`B \ n" apply simp apply (fast elim!: Diff_lepoll [THEN lemma4 [OF _ nat_into_Ord]]) done lemma ex_fun_AC13_AC15: "\\B \ {cons(0, x*nat). x \ A}. pairwise_disjoint(f`B) \ sets_of_size_between(f`B, 2, succ(n)) \ \(f`B)=B; n \ nat\ \ \f. \B \ A. f`B \ 0 \ f`B \ B \ f`B \ n" by (fast del: subsetI notI dest!: lemma3 theI intro!: lemma5_1 lemma5_2 lemma5_3) (* ********************************************************************** *) (* The target proofs *) (* ********************************************************************** *) (* ********************************************************************** *) (* AC10(n) \ AC11 *) (* ********************************************************************** *) theorem AC10_AC11: "\n \ nat; 1\n; AC10(n)\ \ AC11" by (unfold AC10_def AC11_def, blast) (* ********************************************************************** *) (* AC11 \ AC12 *) (* ********************************************************************** *) theorem AC11_AC12: "AC11 \ AC12" by (unfold AC10_def AC11_def AC11_def AC12_def, blast) (* ********************************************************************** *) (* AC12 \ AC15 *) (* ********************************************************************** *) theorem AC12_AC15: "AC12 \ AC15" unfolding AC12_def AC15_def apply (blast del: ballI intro!: cons_times_nat_not_Finite ex_fun_AC13_AC15) done (* ********************************************************************** *) (* AC15 \ WO6 *) (* ********************************************************************** *) lemma OUN_eq_UN: "Ord(x) \ (\aa \ x. F(a))" by (fast intro!: ltI dest!: ltD) lemma AC15_WO6_aux1: "\x \ Pow(A)-{0}. f`x\0 \ f`x \ x \ f`x \ m \ (\i<\ x. HH(f,A,x)={A}. HH(f,A,i)) = A" apply (simp add: Ord_Least [THEN OUN_eq_UN]) apply (rule equalityI) apply (fast dest!: less_Least_subset_x) apply (blast del: subsetI intro!: f_subsets_imp_UN_HH_eq_x [THEN Diff_eq_0_iff [THEN iffD1]]) done lemma AC15_WO6_aux2: "\x \ Pow(A)-{0}. f`x\0 \ f`x \ x \ f`x \ m \ \x < (\ x. HH(f,A,x)={A}). HH(f,A,x) \ m" apply (rule oallI) apply (drule ltD [THEN less_Least_subset_x]) apply (frule HH_subset_imp_eq) apply (erule ssubst) apply (blast dest!: HH_subset_x_imp_subset_Diff_UN [THEN not_emptyI2]) (*but can't use del: DiffE despite the obvious conflict*) done theorem AC15_WO6: "AC15 \ WO6" unfolding AC15_def WO6_def apply (rule allI) apply (erule_tac x = "Pow (A) -{0}" in allE) apply (erule impE, fast) apply (elim bexE conjE exE) apply (rule bexI) apply (rule conjI, assumption) apply (rule_tac x = "\ i. HH (f,A,i) ={A}" in exI) apply (rule_tac x = "\j \ (\ i. HH (f,A,i) ={A}) . HH (f,A,j) " in exI) apply (simp_all add: ltD) apply (fast intro!: Ord_Least lam_type [THEN domain_of_fun] elim!: less_Least_subset_x AC15_WO6_aux1 AC15_WO6_aux2) done (* ********************************************************************** *) (* The proof needed in the first case, not in the second *) (* ********************************************************************** *) (* ********************************************************************** *) (* AC10(n) \ AC13(n-1) if 2\n *) (* *) (* Because of the change to the formal definition of AC10(n) we prove *) (* the following obviously equivalent theorem \ *) (* AC10(n) implies AC13(n) for (1\n) *) (* ********************************************************************** *) theorem AC10_AC13: "\n \ nat; 1\n; AC10(n)\ \ AC13(n)" apply (unfold AC10_def AC13_def, safe) apply (erule allE) apply (erule impE [OF _ cons_times_nat_not_Finite], assumption) apply (fast elim!: impE [OF _ cons_times_nat_not_Finite] dest!: ex_fun_AC13_AC15) done (* ********************************************************************** *) (* The proofs needed in the second case, not in the first *) (* ********************************************************************** *) (* ********************************************************************** *) (* AC1 \ AC13(1) *) (* ********************************************************************** *) lemma AC1_AC13: "AC1 \ AC13(1)" unfolding AC1_def AC13_def apply (rule allI) apply (erule allE) apply (rule impI) apply (drule mp, assumption) apply (elim exE) apply (rule_tac x = "\x \ A. {f`x}" in exI) apply (simp add: singleton_eqpoll_1 [THEN eqpoll_imp_lepoll]) done (* ********************************************************************** *) (* AC13(m) \ AC13(n) for m \ n *) (* ********************************************************************** *) lemma AC13_mono: "\m\n; AC13(m)\ \ AC13(n)" unfolding AC13_def apply (drule le_imp_lepoll) apply (fast elim!: lepoll_trans) done (* ********************************************************************** *) (* The proofs necessary for both cases *) (* ********************************************************************** *) (* ********************************************************************** *) (* AC13(n) \ AC14 if 1 \ n *) (* ********************************************************************** *) theorem AC13_AC14: "\n \ nat; 1\n; AC13(n)\ \ AC14" by (unfold AC13_def AC14_def, auto) (* ********************************************************************** *) (* AC14 \ AC15 *) (* ********************************************************************** *) theorem AC14_AC15: "AC14 \ AC15" by (unfold AC13_def AC14_def AC15_def, fast) (* ********************************************************************** *) -(* The redundant proofs; however cited by Rubin \ Rubin *) +(* The redundant proofs; however cited by Rubin & Rubin *) (* ********************************************************************** *) (* ********************************************************************** *) (* AC13(1) \ AC1 *) (* ********************************************************************** *) lemma lemma_aux: "\A\0; A \ 1\ \ \a. A={a}" by (fast elim!: not_emptyE lepoll_1_is_sing) lemma AC13_AC1_lemma: "\B \ A. f(B)\0 \ f(B)<=B \ f(B) \ 1 \ (\x \ A. THE y. f(x)={y}) \ (\X \ A. X)" apply (rule lam_type) apply (drule bspec, assumption) apply (elim conjE) apply (erule lemma_aux [THEN exE], assumption) apply (simp add: the_equality) done theorem AC13_AC1: "AC13(1) \ AC1" unfolding AC13_def AC1_def apply (fast elim!: AC13_AC1_lemma) done (* ********************************************************************** *) (* AC11 \ AC14 *) (* ********************************************************************** *) theorem AC11_AC14: "AC11 \ AC14" unfolding AC11_def AC14_def apply (fast intro!: AC10_AC13) done end diff --git a/src/ZF/AC/AC17_AC1.thy b/src/ZF/AC/AC17_AC1.thy --- a/src/ZF/AC/AC17_AC1.thy +++ b/src/ZF/AC/AC17_AC1.thy @@ -1,301 +1,301 @@ (* Title: ZF/AC/AC17_AC1.thy Author: Krzysztof Grabczewski The equivalence of AC0, AC1 and AC17 Also, the proofs needed to show that each of AC2, AC3, ..., AC6 is equivalent to AC0 and AC1. *) theory AC17_AC1 imports HH begin (** AC0 is equivalent to AC1. - AC0 comes from Suppes, AC1 from Rubin \ Rubin **) + AC0 comes from Suppes, AC1 from Rubin & Rubin **) lemma AC0_AC1_lemma: "\f:(\X \ A. X); D \ A\ \ \g. g:(\X \ D. X)" by (fast intro!: lam_type apply_type) lemma AC0_AC1: "AC0 \ AC1" unfolding AC0_def AC1_def apply (blast intro: AC0_AC1_lemma) done lemma AC1_AC0: "AC1 \ AC0" by (unfold AC0_def AC1_def, blast) (**** The proof of AC1 \ AC17 ****) lemma AC1_AC17_lemma: "f \ (\X \ Pow(A) - {0}. X) \ f \ (Pow(A) - {0} -> A)" apply (rule Pi_type, assumption) apply (drule apply_type, assumption, fast) done lemma AC1_AC17: "AC1 \ AC17" unfolding AC1_def AC17_def apply (rule allI) apply (rule ballI) apply (erule_tac x = "Pow (A) -{0}" in allE) apply (erule impE, fast) apply (erule exE) apply (rule bexI) apply (erule_tac [2] AC1_AC17_lemma) apply (rule apply_type, assumption) apply (fast dest!: AC1_AC17_lemma elim!: apply_type) done (**** The proof of AC17 \ AC1 ****) (* *********************************************************************** *) (* more properties of HH *) (* *********************************************************************** *) lemma UN_eq_imp_well_ord: "\x - (\j \ \ i. HH(\X \ Pow(x)-{0}. {f`X}, x, i) = {x}. HH(\X \ Pow(x)-{0}. {f`X}, x, j)) = 0; f \ Pow(x)-{0} -> x\ \ \r. well_ord(x,r)" apply (rule exI) apply (erule well_ord_rvimage [OF bij_Least_HH_x [THEN bij_converse_bij, THEN bij_is_inj] Ord_Least [THEN well_ord_Memrel]], assumption) done (* *********************************************************************** *) (* theorems closer to the proof *) (* *********************************************************************** *) lemma not_AC1_imp_ex: "\AC1 \ \A. \f \ Pow(A)-{0} -> A. \u \ Pow(A)-{0}. f`u \ u" unfolding AC1_def apply (erule swap) apply (rule allI) apply (erule swap) apply (rule_tac x = "\(A)" in exI) apply (blast intro: lam_type) done lemma AC17_AC1_aux1: "\\f \ Pow(x) - {0} -> x. \u \ Pow(x) - {0}. f`u\u; \f \ Pow(x)-{0}->x. x - (\a \ (\ i. HH(\X \ Pow(x)-{0}. {f`X},x,i)={x}). HH(\X \ Pow(x)-{0}. {f`X},x,a)) = 0\ \ P" apply (erule bexE) apply (erule UN_eq_imp_well_ord [THEN exE], assumption) apply (erule ex_choice_fun_Pow [THEN exE]) apply (erule ballE) apply (fast intro: apply_type del: DiffE) apply (erule notE) apply (rule Pi_type, assumption) apply (blast dest: apply_type) done lemma AC17_AC1_aux2: "\ (\f \ Pow(x)-{0}->x. x - F(f) = 0) \ (\f \ Pow(x)-{0}->x . x - F(f)) \ (Pow(x) -{0} -> x) -> Pow(x) - {0}" by (fast intro!: lam_type dest!: Diff_eq_0_iff [THEN iffD1]) lemma AC17_AC1_aux3: "\f`Z \ Z; Z \ Pow(x)-{0}\ \ (\X \ Pow(x)-{0}. {f`X})`Z \ Pow(Z)-{0}" by auto lemma AC17_AC1_aux4: "\f \ F. f`((\f \ F. Q(f))`f) \ (\f \ F. Q(f))`f \ \f \ F. f`Q(f) \ Q(f)" by simp lemma AC17_AC1: "AC17 \ AC1" unfolding AC17_def apply (rule classical) apply (erule not_AC1_imp_ex [THEN exE]) apply (case_tac "\f \ Pow(x)-{0} -> x. x - (\a \ (\ i. HH (\X \ Pow (x) -{0}. {f`X},x,i) ={x}) . HH (\X \ Pow (x) -{0}. {f`X},x,a)) = 0") apply (erule AC17_AC1_aux1, assumption) apply (drule AC17_AC1_aux2) apply (erule allE) apply (drule bspec, assumption) apply (drule AC17_AC1_aux4) apply (erule bexE) apply (drule apply_type, assumption) apply (simp add: HH_Least_eq_x del: Diff_iff ) apply (drule AC17_AC1_aux3, assumption) apply (fast dest!: subst_elem [OF _ HH_Least_eq_x [symmetric]] f_subset_imp_HH_subset elim!: mem_irrefl) done (* ********************************************************************** AC1 \ AC2 \ AC1 AC1 \ AC4 \ AC3 \ AC1 AC4 \ AC5 \ AC4 AC1 \ AC6 ************************************************************************* *) (* ********************************************************************** *) (* AC1 \ AC2 *) (* ********************************************************************** *) lemma AC1_AC2_aux1: "\f:(\X \ A. X); B \ A; 0\A\ \ {f`B} \ B \ {f`C. C \ A}" by (fast elim!: apply_type) lemma AC1_AC2_aux2: "\pairwise_disjoint(A); B \ A; C \ A; D \ B; D \ C\ \ f`B = f`C" by (unfold pairwise_disjoint_def, fast) lemma AC1_AC2: "AC1 \ AC2" unfolding AC1_def AC2_def apply (rule allI) apply (rule impI) apply (elim asm_rl conjE allE exE impE, assumption) apply (intro exI ballI equalityI) prefer 2 apply (rule AC1_AC2_aux1, assumption+) apply (fast elim!: AC1_AC2_aux2 elim: apply_type) done (* ********************************************************************** *) (* AC2 \ AC1 *) (* ********************************************************************** *) lemma AC2_AC1_aux1: "0\A \ 0 \ {B*{B}. B \ A}" by (fast dest!: sym [THEN Sigma_empty_iff [THEN iffD1]]) lemma AC2_AC1_aux2: "\X*{X} \ C = {y}; X \ A\ \ (THE y. X*{X} \ C = {y}): X*A" apply (rule subst_elem [of y]) apply (blast elim!: equalityE) apply (auto simp add: singleton_eq_iff) done lemma AC2_AC1_aux3: "\D \ {E*{E}. E \ A}. \y. D \ C = {y} \ (\x \ A. fst(THE z. (x*{x} \ C = {z}))) \ (\X \ A. X)" apply (rule lam_type) apply (drule bspec, blast) apply (blast intro: AC2_AC1_aux2 fst_type) done lemma AC2_AC1: "AC2 \ AC1" unfolding AC1_def AC2_def pairwise_disjoint_def apply (intro allI impI) apply (elim allE impE) prefer 2 apply (fast elim!: AC2_AC1_aux3) apply (blast intro!: AC2_AC1_aux1) done (* ********************************************************************** *) (* AC1 \ AC4 *) (* ********************************************************************** *) lemma empty_notin_images: "0 \ {R``{x}. x \ domain(R)}" by blast lemma AC1_AC4: "AC1 \ AC4" unfolding AC1_def AC4_def apply (intro allI impI) apply (drule spec, drule mp [OF _ empty_notin_images]) apply (best intro!: lam_type elim!: apply_type) done (* ********************************************************************** *) (* AC4 \ AC3 *) (* ********************************************************************** *) lemma AC4_AC3_aux1: "f \ A->B \ (\z \ A. {z}*f`z) \ A*\(B)" by (fast dest!: apply_type) lemma AC4_AC3_aux2: "domain(\z \ A. {z}*f(z)) = {a \ A. f(a)\0}" by blast lemma AC4_AC3_aux3: "x \ A \ (\z \ A. {z}*f(z))``{x} = f(x)" by fast lemma AC4_AC3: "AC4 \ AC3" unfolding AC3_def AC4_def apply (intro allI ballI) apply (elim allE impE) apply (erule AC4_AC3_aux1) apply (simp add: AC4_AC3_aux2 AC4_AC3_aux3 cong add: Pi_cong) done (* ********************************************************************** *) (* AC3 \ AC1 *) (* ********************************************************************** *) lemma AC3_AC1_lemma: "b\A \ (\x \ {a \ A. id(A)`a\b}. id(A)`x) = (\x \ A. x)" apply (simp add: id_def cong add: Pi_cong) apply (rule_tac b = A in subst_context, fast) done lemma AC3_AC1: "AC3 \ AC1" unfolding AC1_def AC3_def apply (fast intro!: id_type elim: AC3_AC1_lemma [THEN subst]) done (* ********************************************************************** *) (* AC4 \ AC5 *) (* ********************************************************************** *) lemma AC4_AC5: "AC4 \ AC5" unfolding range_def AC4_def AC5_def apply (intro allI ballI) apply (elim allE impE) apply (erule fun_is_rel [THEN converse_type]) apply (erule exE) apply (rename_tac g) apply (rule_tac x=g in bexI) apply (blast dest: apply_equality range_type) apply (blast intro: Pi_type dest: apply_type fun_is_rel) done (* ********************************************************************** *) -(* AC5 \ AC4, Rubin \ Rubin, p. 11 *) +(* AC5 \ AC4, Rubin & Rubin, p. 11 *) (* ********************************************************************** *) lemma AC5_AC4_aux1: "R \ A*B \ (\x \ R. fst(x)) \ R -> A" by (fast intro!: lam_type fst_type) lemma AC5_AC4_aux2: "R \ A*B \ range(\x \ R. fst(x)) = domain(R)" by (unfold lam_def, force) lemma AC5_AC4_aux3: "\\f \ A->C. P(f,domain(f)); A=B\ \ \f \ B->C. P(f,B)" apply (erule bexE) apply (frule domain_of_fun, fast) done lemma AC5_AC4_aux4: "\R \ A*B; g \ C->R; \x \ C. (\z \ R. fst(z))` (g`x) = x\ \ (\x \ C. snd(g`x)): (\x \ C. R``{x})" apply (rule lam_type) apply (force dest: apply_type) done lemma AC5_AC4: "AC5 \ AC4" apply (unfold AC4_def AC5_def, clarify) apply (elim allE ballE) apply (drule AC5_AC4_aux3 [OF _ AC5_AC4_aux2], assumption) apply (fast elim!: AC5_AC4_aux4) apply (blast intro: AC5_AC4_aux1) done (* ********************************************************************** *) (* AC1 \ AC6 *) (* ********************************************************************** *) lemma AC1_iff_AC6: "AC1 \ AC6" by (unfold AC1_def AC6_def, blast) end diff --git a/src/ZF/AC/AC7_AC9.thy b/src/ZF/AC/AC7_AC9.thy --- a/src/ZF/AC/AC7_AC9.thy +++ b/src/ZF/AC/AC7_AC9.thy @@ -1,169 +1,169 @@ (* Title: ZF/AC/AC7_AC9.thy Author: Krzysztof Grabczewski The proofs needed to state that AC7, AC8 and AC9 are equivalent to the previous instances of AC. *) theory AC7_AC9 imports AC_Equiv begin (* ********************************************************************** *) (* Lemmas used in the proofs AC7 \ AC6 and AC9 \ AC1 *) (* - Sigma_fun_space_not0 *) (* - Sigma_fun_space_eqpoll *) (* ********************************************************************** *) lemma Sigma_fun_space_not0: "\0\A; B \ A\ \ (nat->\(A)) * B \ 0" by (blast dest!: Sigma_empty_iff [THEN iffD1] Union_empty_iff [THEN iffD1]) lemma inj_lemma: "C \ A \ (\g \ (nat->\(A))*C. (\n \ nat. if(n=0, snd(g), fst(g)`(n #- 1)))) \ inj((nat->\(A))*C, (nat->\(A)) ) " unfolding inj_def apply (rule CollectI) apply (fast intro!: lam_type if_type apply_type fst_type snd_type, auto) apply (rule fun_extension, assumption+) apply (drule lam_eqE [OF _ nat_succI], assumption, simp) apply (drule lam_eqE [OF _ nat_0I], simp) done lemma Sigma_fun_space_eqpoll: "\C \ A; 0\A\ \ (nat->\(A)) * C \ (nat->\(A))" apply (rule eqpollI) apply (simp add: lepoll_def) apply (fast intro!: inj_lemma) apply (fast elim!: prod_lepoll_self not_sym [THEN not_emptyE] subst_elem elim: swap) done (* ********************************************************************** *) (* AC6 \ AC7 *) (* ********************************************************************** *) lemma AC6_AC7: "AC6 \ AC7" by (unfold AC6_def AC7_def, blast) (* ********************************************************************** *) -(* AC7 \ AC6, Rubin \ Rubin p. 12, Theorem 2.8 *) +(* AC7 \ AC6, Rubin & Rubin p. 12, Theorem 2.8 *) (* The case of the empty family of sets added in order to complete *) (* the proof. *) (* ********************************************************************** *) lemma lemma1_1: "y \ (\B \ A. Y*B) \ (\B \ A. snd(y`B)) \ (\B \ A. B)" by (fast intro!: lam_type snd_type apply_type) lemma lemma1_2: "y \ (\B \ {Y*C. C \ A}. B) \ (\B \ A. y`(Y*B)) \ (\B \ A. Y*B)" apply (fast intro!: lam_type apply_type) done lemma AC7_AC6_lemma1: "(\B \ {(nat->\(A))*C. C \ A}. B) \ 0 \ (\B \ A. B) \ 0" by (fast intro!: equals0I lemma1_1 lemma1_2) lemma AC7_AC6_lemma2: "0 \ A \ 0 \ {(nat -> \(A)) * C. C \ A}" by (blast dest: Sigma_fun_space_not0) lemma AC7_AC6: "AC7 \ AC6" unfolding AC6_def AC7_def apply (rule allI) apply (rule impI) apply (case_tac "A=0", simp) apply (rule AC7_AC6_lemma1) apply (erule allE) apply (blast del: notI intro!: AC7_AC6_lemma2 intro: eqpoll_sym eqpoll_trans Sigma_fun_space_eqpoll) done (* ********************************************************************** *) (* AC1 \ AC8 *) (* ********************************************************************** *) lemma AC1_AC8_lemma1: "\B \ A. \B1 B2. B=\B1,B2\ \ B1 \ B2 \ 0 \ { bij(fst(B),snd(B)). B \ A }" apply (unfold eqpoll_def, auto) done lemma AC1_AC8_lemma2: "\f \ (\X \ RepFun(A,p). X); D \ A\ \ (\x \ A. f`p(x))`D \ p(D)" apply (simp, fast elim!: apply_type) done lemma AC1_AC8: "AC1 \ AC8" unfolding AC1_def AC8_def apply (fast dest: AC1_AC8_lemma1 AC1_AC8_lemma2) done (* ********************************************************************** *) (* AC8 \ AC9 *) -(* - this proof replaces the following two from Rubin \ Rubin: *) +(* - this proof replaces the following two from Rubin & Rubin: *) (* AC8 \ AC1 and AC1 \ AC9 *) (* ********************************************************************** *) lemma AC8_AC9_lemma: "\B1 \ A. \B2 \ A. B1 \ B2 \ \B \ A*A. \B1 B2. B=\B1,B2\ \ B1 \ B2" by fast lemma AC8_AC9: "AC8 \ AC9" unfolding AC8_def AC9_def apply (intro allI impI) apply (erule allE) apply (erule impE, erule AC8_AC9_lemma, force) done (* ********************************************************************** *) (* AC9 \ AC1 *) (* The idea of this proof comes from "Equivalents of the Axiom of Choice" *) -(* by Rubin \ Rubin. But (x * y) is not necessarily equipollent to *) +(* by Rubin & Rubin. But (x * y) is not necessarily equipollent to *) (* (x * y) \ {0} when y is a set of total functions acting from nat to *) (* \(A) -- therefore we have used the set (y * nat) instead of y. *) (* ********************************************************************** *) lemma snd_lepoll_SigmaI: "b \ B \ X \ B \ X" by (blast intro: lepoll_trans prod_lepoll_self eqpoll_imp_lepoll prod_commute_eqpoll) lemma nat_lepoll_lemma: "\0 \ A; B \ A\ \ nat \ ((nat \ \(A)) \ B) \ nat" by (blast dest: Sigma_fun_space_not0 intro: snd_lepoll_SigmaI) lemma AC9_AC1_lemma1: "\0\A; A\0; C = {((nat->\(A))*B)*nat. B \ A} \ {cons(0,((nat->\(A))*B)*nat). B \ A}; B1 \ C; B2 \ C\ \ B1 \ B2" by (blast intro!: nat_lepoll_lemma Sigma_fun_space_eqpoll nat_cons_eqpoll [THEN eqpoll_trans] prod_eqpoll_cong [OF _ eqpoll_refl] intro: eqpoll_trans eqpoll_sym ) lemma AC9_AC1_lemma2: "\B1 \ {(F*B)*N. B \ A} \ {cons(0,(F*B)*N). B \ A}. \B2 \ {(F*B)*N. B \ A} \ {cons(0,(F*B)*N). B \ A}. f`\B1,B2\ \ bij(B1, B2) \ (\B \ A. snd(fst((f`)`0))) \ (\X \ A. X)" apply (intro lam_type snd_type fst_type) apply (rule apply_type [OF _ consI1]) apply (fast intro!: fun_weaken_type bij_is_fun) done lemma AC9_AC1: "AC9 \ AC1" unfolding AC1_def AC9_def apply (intro allI impI) apply (erule allE) apply (case_tac "A\0") apply (blast dest: AC9_AC1_lemma1 AC9_AC1_lemma2, force) done end diff --git a/src/ZF/AC/WO1_WO7.thy b/src/ZF/AC/WO1_WO7.thy --- a/src/ZF/AC/WO1_WO7.thy +++ b/src/ZF/AC/WO1_WO7.thy @@ -1,114 +1,114 @@ (* Title: ZF/AC/WO1_WO7.thy Author: Lawrence C Paulson, CU Computer Laboratory Copyright 1998 University of Cambridge -WO7 \ LEMMA \ WO1 (Rubin \ Rubin p. 5) +WO7 \ LEMMA \ WO1 (Rubin & Rubin p. 5) LEMMA is the sentence denoted by (**) Also, WO1 \ WO8 *) theory WO1_WO7 imports AC_Equiv begin definition "LEMMA \ \X. \Finite(X) \ (\R. well_ord(X,R) \ \well_ord(X,converse(R)))" (* ********************************************************************** *) (* It is easy to see that WO7 is equivalent to (**) *) (* ********************************************************************** *) lemma WO7_iff_LEMMA: "WO7 \ LEMMA" unfolding WO7_def LEMMA_def apply (blast intro: Finite_well_ord_converse) done (* ********************************************************************** *) (* It is also easy to show that LEMMA implies WO1. *) (* ********************************************************************** *) lemma LEMMA_imp_WO1: "LEMMA \ WO1" unfolding WO1_def LEMMA_def Finite_def eqpoll_def apply (blast intro!: well_ord_rvimage [OF bij_is_inj nat_implies_well_ord]) done (* ********************************************************************** *) (* The Rubins' proof of the other implication is contained within the *) (* following sentence \ *) (* "... each infinite ordinal is well ordered by < but not by >." *) (* This statement can be proved by the following two theorems. *) (* But moreover we need to show similar property for any well ordered *) (* infinite set. It is not very difficult thanks to Isabelle order types *) (* We show that if a set is well ordered by some relation and by its *) (* converse, then apropriate order type is well ordered by the converse *) (* of it's membership relation, which in connection with the previous *) (* gives the conclusion. *) (* ********************************************************************** *) lemma converse_Memrel_not_wf_on: "\Ord(a); \Finite(a)\ \ \wf[a](converse(Memrel(a)))" unfolding wf_on_def wf_def apply (drule nat_le_infinite_Ord [THEN le_imp_subset], assumption) apply (rule notI) apply (erule_tac x = nat in allE, blast) done lemma converse_Memrel_not_well_ord: "\Ord(a); \Finite(a)\ \ \well_ord(a,converse(Memrel(a)))" unfolding well_ord_def apply (blast dest: converse_Memrel_not_wf_on) done lemma well_ord_rvimage_ordertype: "well_ord(A,r) \ rvimage (ordertype(A,r), converse(ordermap(A,r)),r) = Memrel(ordertype(A,r))" by (blast intro: ordertype_ord_iso [THEN ord_iso_sym] ord_iso_rvimage_eq Memrel_type [THEN subset_Int_iff [THEN iffD1]] trans) lemma well_ord_converse_Memrel: "\well_ord(A,r); well_ord(A,converse(r))\ \ well_ord(ordertype(A,r), converse(Memrel(ordertype(A,r))))" apply (subst well_ord_rvimage_ordertype [symmetric], assumption) apply (rule rvimage_converse [THEN subst]) apply (blast intro: ordertype_ord_iso ord_iso_sym ord_iso_is_bij bij_is_inj well_ord_rvimage) done lemma WO1_imp_LEMMA: "WO1 \ LEMMA" apply (unfold WO1_def LEMMA_def, clarify) apply (blast dest: well_ord_converse_Memrel Ord_ordertype [THEN converse_Memrel_not_well_ord] intro: ordertype_ord_iso ord_iso_is_bij bij_is_inj lepoll_Finite lepoll_def [THEN def_imp_iff, THEN iffD2] ) done lemma WO1_iff_WO7: "WO1 \ WO7" apply (simp add: WO7_iff_LEMMA) apply (blast intro: LEMMA_imp_WO1 WO1_imp_LEMMA) done (* ********************************************************************** *) -(* The proof of WO8 \ WO1 (Rubin \ Rubin p. 6) *) +(* The proof of WO8 \ WO1 (Rubin & Rubin p. 6) *) (* ********************************************************************** *) lemma WO1_WO8: "WO1 \ WO8" by (unfold WO1_def WO8_def, fast) -(* The implication "WO8 \ WO1": a faithful image of Rubin \ Rubin's proof*) +(* The implication "WO8 \ WO1": a faithful image of Rubin & Rubin's proof*) lemma WO8_WO1: "WO8 \ WO1" unfolding WO1_def WO8_def apply (rule allI) apply (erule_tac x = "{{x}. x \ A}" in allE) apply (erule impE) apply (rule_tac x = "\a \ {{x}. x \ A}. THE x. a={x}" in exI) apply (force intro!: lam_type simp add: singleton_eq_iff the_equality) apply (blast intro: lam_sing_bij bij_is_inj well_ord_rvimage) done end diff --git a/src/ZF/AC/WO2_AC16.thy b/src/ZF/AC/WO2_AC16.thy --- a/src/ZF/AC/WO2_AC16.thy +++ b/src/ZF/AC/WO2_AC16.thy @@ -1,579 +1,579 @@ (* Title: ZF/AC/WO2_AC16.thy Author: Krzysztof Grabczewski The proof of WO2 \ AC16(k #+ m, k) The main part of the proof is the inductive reasoning concerning properties of constructed family T_gamma. The proof deals with three cases for ordinals: 0, succ and limit ordinal. The first instance is trivial, the third not difficult, but the second is very complicated requiring many lemmas. We also need to prove that at any stage gamma the set -(s - \(...) - k_gamma) (Rubin \ Rubin page 15) +(s - \(...) - k_gamma) (Rubin & Rubin page 15) contains m distinct elements (in fact is equipollent to s) *) theory WO2_AC16 imports AC_Equiv AC16_lemmas Cardinal_aux begin (**** A recursive definition used in the proof of WO2 \ AC16 ****) definition recfunAC16 :: "[i,i,i,i] \ i" where "recfunAC16(f,h,i,a) \ transrec2(i, 0, \g r. if (\y \ r. h`g \ y) then r else r \ {f`(\ i. h`g \ f`i \ (\b f`i \ (\t \ r. \ h`b \ t))))})" (* ********************************************************************** *) (* Basic properties of recfunAC16 *) (* ********************************************************************** *) lemma recfunAC16_0: "recfunAC16(f,h,0,a) = 0" by (simp add: recfunAC16_def) lemma recfunAC16_succ: "recfunAC16(f,h,succ(i),a) = (if (\y \ recfunAC16(f,h,i,a). h ` i \ y) then recfunAC16(f,h,i,a) else recfunAC16(f,h,i,a) \ {f ` (\ j. h ` i \ f ` j \ (\b f`j \ (\t \ recfunAC16(f,h,i,a). \ h`b \ t))))})" apply (simp add: recfunAC16_def) done lemma recfunAC16_Limit: "Limit(i) \ recfunAC16(f,h,i,a) = (\j\g r. r \ B(g,r); Ord(i)\ \ j transrec2(j, 0, B) \ transrec2(i, 0, B)" apply (erule trans_induct) apply (rule Ord_cases, assumption+, fast) apply (simp (no_asm_simp)) apply (blast elim!: leE) apply (simp add: transrec2_Limit) apply (blast intro: OUN_I ltI Ord_in_Ord [THEN le_refl] elim!: Limit_has_succ [THEN ltE]) done lemma transrec2_mono: "\\g r. r \ B(g,r); j\i\ \ transrec2(j, 0, B) \ transrec2(i, 0, B)" apply (erule leE) apply (rule transrec2_mono_lemma) apply (auto intro: lt_Ord2 ) done (* ********************************************************************** *) (* Monotonicity of recfunAC16 *) (* ********************************************************************** *) lemma recfunAC16_mono: "i\j \ recfunAC16(f, g, i, a) \ recfunAC16(f, g, j, a)" unfolding recfunAC16_def apply (rule transrec2_mono, auto) done (* ********************************************************************** *) (* case of limit ordinal *) (* ********************************************************************** *) lemma lemma3_1: "\\yzY \ F(y). f(z)<=Y) \ (\! Y. Y \ F(y) \ f(z)<=Y); \i j. i\j \ F(i) \ F(j); j\i; i F(i); f(z)<=V; W \ F(j); f(z)<=W\ \ V = W" apply (erule asm_rl allE impE)+ apply (drule subsetD, assumption, blast) done lemma lemma3: "\\yzY \ F(y). f(z)<=Y) \ (\! Y. Y \ F(y) \ f(z)<=Y); \i j. i\j \ F(i) \ F(j); i F(i); f(z)<=V; W \ F(j); f(z)<=W\ \ V = W" apply (rule_tac j=j in Ord_linear_le [OF lt_Ord lt_Ord], assumption+) apply (erule lemma3_1 [symmetric], assumption+) apply (erule lemma3_1, assumption+) done lemma lemma4: "\\y X \ (\xY \ F(y). h(x) \ Y) \ (\! Y. Y \ F(y) \ h(x) \ Y)); x < a\ \ \yzY \ F(y). h(z) \ Y) \ (\! Y. Y \ F(y) \ h(z) \ Y)" apply (intro oallI impI) apply (drule ospec, assumption, clarify) apply (blast elim!: oallE ) done lemma lemma5: "\\y X \ (\xY \ F(y). h(x) \ Y) \ (\! Y. Y \ F(y) \ h(x) \ Y)); x < a; Limit(x); \i j. i\j \ F(i) \ F(j)\ \ (\x X \ (\xax \ \x x) \ (\! Y. Y \ (\x h(xa) \ Y))" apply (rule conjI) apply (rule subsetI) apply (erule OUN_E) apply (drule ospec, assumption, fast) apply (drule lemma4, assumption) apply (rule oallI) apply (rule impI) apply (erule disjE) apply (frule ospec, erule Limit_has_succ, assumption) apply (drule_tac A = a and x = xa in ospec, assumption) apply (erule impE, rule le_refl [THEN disjI1], erule lt_Ord) apply (blast intro: lemma3 Limit_has_succ) apply (blast intro: lemma3) done (* ********************************************************************** *) (* case of successor ordinal *) (* ********************************************************************** *) (* First quite complicated proof of the fact used in the recursive construction of the family T_gamma (WO2 \ AC16(k #+ m, k)) - the fact that at any stage gamma the set (s - \(...) - k_gamma) is equipollent to s - (Rubin \ Rubin page 15). + (Rubin & Rubin page 15). *) (* ********************************************************************** *) (* dbl_Diff_eqpoll_Card *) (* ********************************************************************** *) lemma dbl_Diff_eqpoll_Card: "\A\a; Card(a); \Finite(a); B\a; C\a\ \ A - B - C\a" by (blast intro: Diff_lesspoll_eqpoll_Card) (* ********************************************************************** *) (* Case of finite ordinals *) (* ********************************************************************** *) lemma Finite_lesspoll_infinite_Ord: "\Finite(X); \Finite(a); Ord(a)\ \ X\a" unfolding lesspoll_def apply (rule conjI) apply (drule nat_le_infinite_Ord [THEN le_imp_lepoll], assumption) unfolding Finite_def apply (blast intro: leI [THEN le_imp_subset, THEN subset_imp_lepoll] ltI eqpoll_imp_lepoll lepoll_trans) apply (blast intro: eqpoll_sym [THEN eqpoll_trans]) done lemma Union_lesspoll: "\\x \ X. x \ n \ x \ T; well_ord(T, R); X \ b; bFinite(a); Card(a); n \ nat\ \ \(X)\a" apply (case_tac "Finite (X)") apply (blast intro: Card_is_Ord Finite_lesspoll_infinite_Ord lepoll_nat_imp_Finite Finite_Union) apply (drule lepoll_imp_ex_le_eqpoll) apply (erule lt_Ord) apply (elim exE conjE) apply (frule eqpoll_imp_lepoll [THEN lepoll_infinite], assumption) apply (erule eqpoll_sym [THEN eqpoll_def [THEN def_imp_iff, THEN iffD1], THEN exE]) apply (frule bij_is_surj [THEN surj_image_eq]) apply (drule image_fun [OF bij_is_fun subset_refl]) apply (drule sym [THEN trans], assumption) apply (blast intro: lt_Ord UN_lepoll lt_Card_imp_lesspoll lt_trans1 lesspoll_trans1) done (* ********************************************************************** *) (* recfunAC16_lepoll_index *) (* ********************************************************************** *) lemma Un_sing_eq_cons: "A \ {a} = cons(a, A)" by fast lemma Un_lepoll_succ: "A \ B \ A \ {a} \ succ(B)" apply (simp add: Un_sing_eq_cons succ_def) apply (blast elim!: mem_irrefl intro: cons_lepoll_cong) done lemma Diff_UN_succ_empty: "Ord(a) \ F(a) - (\b F(a) \ X - (\b X" by blast lemma recfunAC16_Diff_lepoll_1: "Ord(x) \ recfunAC16(f, g, x, a) - (\i 1" apply (erule Ord_cases) apply (simp add: recfunAC16_0 empty_subsetI [THEN subset_imp_lepoll]) (*Limit case*) prefer 2 apply (simp add: recfunAC16_Limit Diff_cancel empty_subsetI [THEN subset_imp_lepoll]) (*succ case*) apply (simp add: recfunAC16_succ Diff_UN_succ_empty [of _ "\j. recfunAC16(f,g,j,a)"] empty_subsetI [THEN subset_imp_lepoll]) apply (best intro: Diff_UN_succ_subset [THEN subset_imp_lepoll] singleton_eqpoll_1 [THEN eqpoll_imp_lepoll] lepoll_trans) done lemma in_Least_Diff: "\z \ F(x); Ord(x)\ \ z \ F(\ i. z \ F(i)) - (\j<(\ i. z \ F(i)). F(j))" by (fast elim: less_LeastE elim!: LeastI) lemma Least_eq_imp_ex: "\(\ i. w \ F(i)) = (\ i. z \ F(i)); w \ (\i (\i \ \b (F(b) - (\c z \ (F(b) - (\cA \ 1; a \ A; b \ A\ \ a=b" by (fast dest!: lepoll_1_is_sing) lemma UN_lepoll_index: "\\ij 1; Limit(a)\ \ (\x a" apply (rule lepoll_def [THEN def_imp_iff [THEN iffD2]]) apply (rule_tac x = "\z \ (\x i. z \ F (i) " in exI) unfolding inj_def apply (rule CollectI) apply (rule lam_type) apply (erule OUN_E) apply (erule Least_in_Ord) apply (erule ltD) apply (erule lt_Ord2) apply (intro ballI) apply (simp (no_asm_simp)) apply (rule impI) apply (drule Least_eq_imp_ex, assumption+) apply (fast elim!: two_in_lepoll_1) done lemma recfunAC16_lepoll_index: "Ord(y) \ recfunAC16(f, h, y, a) \ y" apply (erule trans_induct3) (*0 case*) apply (simp (no_asm_simp) add: recfunAC16_0 lepoll_refl) (*succ case*) apply (simp (no_asm_simp) add: recfunAC16_succ) apply (blast dest!: succI1 [THEN rev_bspec] intro: subset_succI [THEN subset_imp_lepoll] Un_lepoll_succ lepoll_trans) apply (simp (no_asm_simp) add: recfunAC16_Limit) apply (blast intro: lt_Ord [THEN recfunAC16_Diff_lepoll_1] UN_lepoll_index) done lemma Union_recfunAC16_lesspoll: "\recfunAC16(f,g,y,a) \ {X \ Pow(A). X\n}; A\a; yFinite(a); Card(a); n \ nat\ \ \(recfunAC16(f,g,y,a))\a" apply (erule eqpoll_def [THEN def_imp_iff, THEN iffD1, THEN exE]) apply (rule_tac T=A in Union_lesspoll, simp_all) apply (blast intro!: eqpoll_imp_lepoll) apply (blast intro: bij_is_inj Card_is_Ord [THEN well_ord_Memrel] well_ord_rvimage) apply (erule lt_Ord [THEN recfunAC16_lepoll_index]) done lemma dbl_Diff_eqpoll: "\recfunAC16(f, h, y, a) \ {X \ Pow(A) . X\succ(k #+ m)}; Card(a); \ Finite(a); A\a; k \ nat; y bij(a, {Y \ Pow(A). Y\succ(k)})\ \ A - \(recfunAC16(f, h, y, a)) - h`y\a" apply (rule dbl_Diff_eqpoll_Card, simp_all) apply (simp add: Union_recfunAC16_lesspoll) apply (rule Finite_lesspoll_infinite_Ord) apply (rule Finite_def [THEN def_imp_iff, THEN iffD2]) apply (blast dest: ltD bij_is_fun [THEN apply_type], assumption) apply (blast intro: Card_is_Ord) done (* back to the proof *) lemmas disj_Un_eqpoll_nat_sum = eqpoll_trans [THEN eqpoll_trans, OF disj_Un_eqpoll_sum sum_eqpoll_cong nat_sum_eqpoll_sum] lemma Un_in_Collect: "\x \ Pow(A - B - h`i); x\m; h \ bij(a, {x \ Pow(A) . x\k}); i nat; m \ nat\ \ h ` i \ x \ {x \ Pow(A) . x\k #+ m}" by (blast intro: disj_Un_eqpoll_nat_sum dest: ltD bij_is_fun [THEN apply_type]) (* ********************************************************************** *) (* Lemmas simplifying assumptions *) (* ********************************************************************** *) lemma lemma6: "\\y (\x Q(x,y)); succ(j) \ F(j)<=X \ (\x Q(x,j))" by (blast intro!: lt_Ord succI1 [THEN ltI, THEN lt_Ord, THEN le_refl]) lemma lemma7: "\\x Q(x,j); succ(j) \ P(j,j) \ (\xj | P(x,j) \ Q(x,j))" by (fast elim!: leE) (* ********************************************************************** *) (* Lemmas needed to prove ex_next_set, which means that for any successor *) (* ordinal there is a set satisfying certain properties *) (* ********************************************************************** *) lemma ex_subset_eqpoll: "\A\a; \ Finite(a); Ord(a); m \ nat\ \ \X \ Pow(A). X\m" apply (rule lepoll_imp_eqpoll_subset [of m A, THEN exE]) apply (rule lepoll_trans, rule leI [THEN le_imp_lepoll]) apply (blast intro: lt_trans2 [OF ltI nat_le_infinite_Ord] Ord_nat) apply (erule eqpoll_sym [THEN eqpoll_imp_lepoll]) apply (fast elim!: eqpoll_sym) done lemma subset_Un_disjoint: "\A \ B \ C; A \ C = 0\ \ A \ B" by blast lemma Int_empty: "\X \ Pow(A - \(B) -C); T \ B; F \ T\ \ F \ X = 0" by blast (* ********************************************************************** *) (* equipollent subset (and finite) is the whole set *) (* ********************************************************************** *) lemma subset_imp_eq_lemma: "m \ nat \ \A B. A \ B \ m \ A \ B \ m \ A=B" apply (induct_tac "m") apply (fast dest!: lepoll_0_is_0) apply (intro allI impI) apply (elim conjE) apply (rule succ_lepoll_imp_not_empty [THEN not_emptyE], assumption) apply (frule subsetD [THEN Diff_sing_lepoll], assumption+) apply (frule lepoll_Diff_sing) apply (erule allE impE)+ apply (rule conjI) prefer 2 apply fast apply fast apply (blast elim: equalityE) done lemma subset_imp_eq: "\A \ B; m \ A; B \ m; m \ nat\ \ A=B" by (blast dest!: subset_imp_eq_lemma) lemma bij_imp_arg_eq: "\f \ bij(a, {Y \ X. Y\succ(k)}); k \ nat; f`b \ f`y; b \ b=y" apply (drule subset_imp_eq) apply (erule_tac [3] nat_succI) unfolding bij_def inj_def apply (blast intro: eqpoll_sym eqpoll_imp_lepoll dest: ltD apply_type)+ done lemma ex_next_set: "\recfunAC16(f, h, y, a) \ {X \ Pow(A) . X\succ(k #+ m)}; Card(a); \ Finite(a); A\a; k \ nat; m \ nat; y bij(a, {Y \ Pow(A). Y\succ(k)}); \ (\Y \ recfunAC16(f, h, y, a). h`y \ Y)\ \ \X \ {Y \ Pow(A). Y\succ(k #+ m)}. h`y \ X \ (\b X \ (\T \ recfunAC16(f, h, y, a). \ h`b \ T))" apply (erule_tac m1=m in dbl_Diff_eqpoll [THEN ex_subset_eqpoll, THEN bexE], assumption+) apply (erule Card_is_Ord, assumption) apply (frule Un_in_Collect, (erule asm_rl nat_succI)+) apply (erule CollectE) apply (rule rev_bexI, simp) apply (rule conjI, blast) apply (intro ballI impI oallI notI) apply (drule subset_Un_disjoint, rule Int_empty, assumption+) apply (blast dest: bij_imp_arg_eq) done (* ********************************************************************** *) (* Lemma ex_next_Ord states that for any successor *) (* ordinal there is a number of the set satisfying certain properties *) (* ********************************************************************** *) lemma ex_next_Ord: "\recfunAC16(f, h, y, a) \ {X \ Pow(A) . X\succ(k #+ m)}; Card(a); \ Finite(a); A\a; k \ nat; m \ nat; y bij(a, {Y \ Pow(A). Y\succ(k)}); f \ bij(a, {Y \ Pow(A). Y\succ(k #+ m)}); \ (\Y \ recfunAC16(f, h, y, a). h`y \ Y)\ \ \c f`c \ (\b f`c \ (\T \ recfunAC16(f, h, y, a). \ h`b \ T))" apply (drule ex_next_set, assumption+) apply (erule bexE) apply (rule_tac x="converse(f)`X" in oexI) apply (simp add: right_inverse_bij) apply (blast intro: bij_converse_bij bij_is_fun [THEN apply_type] ltI Card_is_Ord) done (* ********************************************************************** *) (* Lemma simplifying assumptions *) (* ********************************************************************** *) lemma lemma8: "\\xxa \ F(j). P(x, xa)) \ (\! Y. Y \ F(j) \ P(x, Y)); F(j) \ X; L \ X; P(j, L) \ (\x (\xa \ F(j). \P(x, xa)))\ \ F(j) \ {L} \ X \ (\xj | (\xa \ (F(j) \ {L}). P(x, xa)) \ (\! Y. Y \ (F(j) \ {L}) \ P(x, Y)))" apply (rule conjI) apply (fast intro!: singleton_subsetI) apply (rule oallI) apply (blast elim!: leE oallE) done (* ********************************************************************** *) (* The main part of the proof: inductive proof of the property of T_gamma *) (* lemma main_induct *) (* ********************************************************************** *) lemma main_induct: "\b < a; f \ bij(a, {Y \ Pow(A) . Y\succ(k #+ m)}); h \ bij(a, {Y \ Pow(A) . Y\succ(k)}); \Finite(a); Card(a); A\a; k \ nat; m \ nat\ \ recfunAC16(f, h, b, a) \ {X \ Pow(A) . X\succ(k #+ m)} \ (\xY \ recfunAC16(f, h, b, a). h ` x \ Y) \ (\! Y. Y \ recfunAC16(f, h, b, a) \ h ` x \ Y))" apply (erule lt_induct) apply (frule lt_Ord) apply (erule Ord_cases) (* case 0 *) apply (simp add: recfunAC16_0) (* case Limit *) prefer 2 apply (simp add: recfunAC16_Limit) apply (rule lemma5, assumption+) apply (blast dest!: recfunAC16_mono) (* case succ *) apply clarify apply (erule lemma6 [THEN conjE], assumption) apply (simp (no_asm_simp) split del: split_if add: recfunAC16_succ) apply (rule conjI [THEN split_if [THEN iffD2]]) apply (simp, erule lemma7, assumption) apply (rule impI) apply (rule ex_next_Ord [THEN oexE], assumption+, rule le_refl [THEN lt_trans], assumption+) apply (erule lemma8, assumption) apply (rule bij_is_fun [THEN apply_type], assumption) apply (erule Least_le [THEN lt_trans2, THEN ltD]) apply (erule lt_Ord) apply (erule succ_leI) apply (erule LeastI) apply (erule lt_Ord) done (* ********************************************************************** *) (* Lemma to simplify the inductive proof *) (* - the desired property is a consequence of the inductive assumption *) (* ********************************************************************** *) lemma lemma_simp_induct: "\\b. b F(b) \ S \ (\xY \ F(b). f`x \ Y)) \ (\! Y. Y \ F(b) \ f`x \ Y)); f \ a->f``(a); Limit(a); \i j. i\j \ F(i) \ F(j)\ \ (\j S \ (\x \ f``a. \! Y. Y \ (\j x \ Y)" apply (rule conjI) apply (rule subsetI) apply (erule OUN_E, blast) apply (rule ballI) apply (erule imageE) apply (drule ltI, erule Limit_is_Ord) apply (drule Limit_has_succ, assumption) apply (frule_tac x1="succ(xa)" in spec [THEN mp], assumption) apply (erule conjE) apply (drule ospec) (** LEVEL 10 **) apply (erule leI [THEN succ_leE]) apply (erule impE) apply (fast elim!: leI [THEN succ_leE, THEN lt_Ord, THEN le_refl]) apply (drule apply_equality, assumption) apply (elim conjE ex1E) (** LEVEL 15 **) apply (rule ex1I, blast) apply (elim conjE OUN_E) apply (erule_tac i="succ(xa)" and j=aa in Ord_linear_le [OF lt_Ord lt_Ord], assumption) prefer 2 apply (drule spec [THEN spec, THEN mp, THEN subsetD], assumption+, blast) (** LEVEL 20 **) apply (drule_tac x1=aa in spec [THEN mp], assumption) apply (frule succ_leE) apply (drule spec [THEN spec, THEN mp, THEN subsetD], assumption+, blast) done (* ********************************************************************** *) (* The target theorem *) (* ********************************************************************** *) theorem WO2_AC16: "\WO2; 0 nat; m \ nat\ \ AC16(k #+ m,k)" unfolding AC16_def apply (rule allI) apply (rule impI) apply (frule WO2_infinite_subsets_eqpoll_X, assumption+) apply (frule_tac n="k #+ m" in WO2_infinite_subsets_eqpoll_X, simp, simp) apply (frule WO2_imp_ex_Card) apply (elim exE conjE) apply (drule eqpoll_trans [THEN eqpoll_sym, THEN eqpoll_def [THEN def_imp_iff, THEN iffD1]], assumption) apply (drule eqpoll_trans [THEN eqpoll_sym, THEN eqpoll_def [THEN def_imp_iff, THEN iffD1]], assumption+) apply (elim exE) apply (rename_tac h) apply (rule_tac x = "\j WO1. Every proof (except WO6 \ WO1 and WO1 \ WO2) are described as "clear" -by Rubin \ Rubin (page 2). +by Rubin & Rubin (page 2). They refer reader to a book by Gödel to see the proof WO1 \ WO2. Fortunately order types made this proof also very easy. *) theory WO6_WO1 imports Cardinal_aux begin (* Auxiliary definitions used in proof *) definition NN :: "i \ i" where "NN(y) \ {m \ nat. \a. \f. Ord(a) \ domain(f)=a \ (\b (\b m)}" definition uu :: "[i, i, i, i] \ i" where "uu(f, beta, gamma, delta) \ (f`beta * f`gamma) \ f`delta" (** Definitions for case 1 **) definition vv1 :: "[i, i, i] \ i" where "vv1(f,m,b) \ let g = \ g. (\d. Ord(d) \ (domain(uu(f,b,g,d)) \ 0 \ domain(uu(f,b,g,d)) \ m)); d = \ d. domain(uu(f,b,g,d)) \ 0 \ domain(uu(f,b,g,d)) \ m in if f`b \ 0 then domain(uu(f,b,g,d)) else 0" definition ww1 :: "[i, i, i] \ i" where "ww1(f,m,b) \ f`b - vv1(f,m,b)" definition gg1 :: "[i, i, i] \ i" where "gg1(f,a,m) \ \b \ a++a. if b i" where "vv2(f,b,g,s) \ if f`g \ 0 then {uu(f, b, g, \ d. uu(f,b,g,d) \ 0)`s} else 0" definition ww2 :: "[i, i, i, i] \ i" where "ww2(f,b,g,s) \ f`g - vv2(f,b,g,s)" definition gg2 :: "[i, i, i, i] \ i" where "gg2(f,a,b,s) \ \g \ a++a. if g WO3" by (unfold WO2_def WO3_def, fast) (* ********************************************************************** *) lemma WO3_WO1: "WO3 \ WO1" unfolding eqpoll_def WO1_def WO3_def apply (intro allI) apply (drule_tac x=A in spec) apply (blast intro: bij_is_inj well_ord_rvimage well_ord_Memrel [THEN well_ord_subset]) done (* ********************************************************************** *) lemma WO1_WO2: "WO1 \ WO2" unfolding eqpoll_def WO1_def WO2_def apply (blast intro!: Ord_ordertype ordermap_bij) done (* ********************************************************************** *) lemma lam_sets: "f \ A->B \ (\x \ A. {f`x}): A -> {{b}. b \ B}" by (fast intro!: lam_type apply_type) lemma surj_imp_eq': "f \ surj(A,B) \ (\a \ A. {f`a}) = B" unfolding surj_def apply (fast elim!: apply_type) done lemma surj_imp_eq: "\f \ surj(A,B); Ord(A)\ \ (\a WO4(1)" unfolding WO1_def WO4_def apply (rule allI) apply (erule_tac x = A in allE) apply (erule exE) apply (intro exI conjI) apply (erule Ord_ordertype) apply (erule ordermap_bij [THEN bij_converse_bij, THEN bij_is_fun, THEN lam_sets, THEN domain_of_fun]) apply (simp_all add: singleton_eqpoll_1 eqpoll_imp_lepoll Ord_ordertype ordermap_bij [THEN bij_converse_bij, THEN bij_is_surj, THEN surj_imp_eq] ltD) done (* ********************************************************************** *) lemma WO4_mono: "\m\n; WO4(m)\ \ WO4(n)" unfolding WO4_def apply (blast dest!: spec intro: lepoll_trans [OF _ le_imp_lepoll]) done (* ********************************************************************** *) lemma WO4_WO5: "\m \ nat; 1\m; WO4(m)\ \ WO5" by (unfold WO4_def WO5_def, blast) (* ********************************************************************** *) lemma WO5_WO6: "WO5 \ WO6" by (unfold WO4_def WO5_def WO6_def, blast) (* ********************************************************************** The proof of "WO6 \ WO1". Simplified by L C Paulson. - From the book "Equivalents of the Axiom of Choice" by Rubin \ Rubin, + From the book "Equivalents of the Axiom of Choice" by Rubin & Rubin, pages 2-5 ************************************************************************* *) lemma lt_oadd_odiff_disj: "\k < i++j; Ord(i); Ord(j)\ \ k < i | (\ k k = i ++ (k--i) \ (k--i) f`b" by (unfold uu_def, blast) lemma quant_domain_uu_lepoll_m: "\b m \ \bgd m" by (blast intro: domain_uu_subset [THEN subset_imp_lepoll] lepoll_trans) lemma uu_subset1: "uu(f,b,g,d) \ f`b * f`g" by (unfold uu_def, blast) lemma uu_subset2: "uu(f,b,g,d) \ f`d" by (unfold uu_def, blast) lemma uu_lepoll_m: "\\b m; d \ uu(f,b,g,d) \ m" by (blast intro: uu_subset2 [THEN subset_imp_lepoll] lepoll_trans) (* ********************************************************************** *) (* Two cases for lemma ii *) (* ********************************************************************** *) lemma cases: "\bgd m \ (\b 0 \ (\gd 0 \ u(f,b,g,d) \ m)) | (\b 0 \ (\gd 0 \ u(f,b,g,d) \ m))" unfolding lesspoll_def apply (blast del: equalityI) done (* ********************************************************************** *) (* Lemmas used in both cases *) (* ********************************************************************** *) lemma UN_oadd: "Ord(a) \ (\bb C(a++b))" by (blast intro: ltI lt_oadd1 oadd_lt_mono2 dest!: lt_oadd_disj) (* ********************************************************************** *) (* Case 1: lemmas *) (* ********************************************************************** *) lemma vv1_subset: "vv1(f,m,b) \ f`b" by (simp add: vv1_def Let_def domain_uu_subset) (* ********************************************************************** *) (* Case 1: Union of images is the whole "y" *) (* ********************************************************************** *) lemma UN_gg1_eq: "\Ord(a); m \ nat\ \ (\bbP(a, b); Ord(a); Ord(b); Least_a = (\ a. \x. Ord(x) \ P(a, x))\ \ P(Least_a, \ b. P(Least_a, b))" apply (erule ssubst) apply (rule_tac Q = "\z. P (z, \ b. P (z, b))" in LeastI2) apply (fast elim!: LeastI)+ done lemmas nested_Least_instance = nested_LeastI [of "\g d. domain(uu(f,b,g,d)) \ 0 \ domain(uu(f,b,g,d)) \ m"] for f b m lemma gg1_lepoll_m: "\Ord(a); m \ nat; \b0 \ (\gd 0 \ domain(uu(f,b,g,d)) \ m); \b succ(m); b \ gg1(f,a,m)`b \ m" apply (simp add: gg1_def empty_lepollI) apply (safe dest!: lt_oadd_odiff_disj) (*Case b show vv1(f,m,b) \ m *) apply (simp add: vv1_def Let_def empty_lepollI) apply (fast intro: nested_Least_instance [THEN conjunct2] elim!: lt_Ord) (*Case a\b \ show ww1(f,m,b--a) \ m *) apply (simp add: ww1_def empty_lepollI) apply (case_tac "f` (b--a) = 0", simp add: empty_lepollI) apply (rule Diff_lepoll, blast) apply (rule vv1_subset) apply (drule ospec [THEN mp], assumption+) apply (elim oexE conjE) apply (simp add: vv1_def Let_def lt_Ord nested_Least_instance [THEN conjunct1]) done (* ********************************************************************** *) (* Case 2: lemmas *) (* ********************************************************************** *) (* ********************************************************************** *) (* Case 2: vv2_subset *) (* ********************************************************************** *) lemma ex_d_uu_not_empty: "\b0; f`g\0; y*y \ y; (\b \ \d 0" by (unfold uu_def, blast) lemma uu_not_empty: "\b0; f`g\0; y*y \ y; (\b \ uu(f,b,g,\ d. (uu(f,b,g,d) \ 0)) \ 0" apply (drule ex_d_uu_not_empty, assumption+) apply (fast elim!: LeastI lt_Ord) done lemma not_empty_rel_imp_domain: "\r \ A*B; r\0\ \ domain(r)\0" by blast lemma Least_uu_not_empty_lt_a: "\b0; f`g\0; y*y \ y; (\b \ (\ d. uu(f,b,g,d) \ 0) < a" apply (erule ex_d_uu_not_empty [THEN oexE], assumption+) apply (blast intro: Least_le [THEN lt_trans1] lt_Ord) done lemma subset_Diff_sing: "\B \ A; a\B\ \ B \ A-{a}" by blast (*Could this be proved more directly?*) lemma supset_lepoll_imp_eq: "\A \ m; m \ B; B \ A; m \ nat\ \ A=B" apply (erule natE) apply (fast dest!: lepoll_0_is_0 intro!: equalityI) apply (safe intro!: equalityI) apply (rule ccontr) apply (rule succ_lepoll_natE) apply (erule lepoll_trans) apply (rule lepoll_trans) apply (erule subset_Diff_sing [THEN subset_imp_lepoll], assumption) apply (rule Diff_sing_lepoll, assumption+) done lemma uu_Least_is_fun: "\\gd0 \ domain(uu(f, b, g, d)) \ succ(m); \b succ(m); y*y \ y; (\b0; f`g\0; m \ nat; s \ f`b\ \ uu(f, b, g, \ d. uu(f,b,g,d)\0) \ f`b -> f`g" apply (drule_tac x2=g in ospec [THEN ospec, THEN mp]) apply (rule_tac [3] not_empty_rel_imp_domain [OF uu_subset1 uu_not_empty]) apply (rule_tac [2] Least_uu_not_empty_lt_a, assumption+) apply (rule rel_is_fun) apply (erule eqpoll_sym [THEN eqpoll_imp_lepoll]) apply (erule uu_lepoll_m) apply (rule Least_uu_not_empty_lt_a, assumption+) apply (rule uu_subset1) apply (rule supset_lepoll_imp_eq [OF _ eqpoll_sym [THEN eqpoll_imp_lepoll]]) apply (fast intro!: domain_uu_subset)+ done lemma vv2_subset: "\\gd0 \ domain(uu(f, b, g, d)) \ succ(m); \b succ(m); y*y \ y; (\b nat; s \ f`b\ \ vv2(f,b,g,s) \ f`g" apply (simp add: vv2_def) apply (blast intro: uu_Least_is_fun [THEN apply_type]) done (* ********************************************************************** *) (* Case 2: Union of images is the whole "y" *) (* ********************************************************************** *) lemma UN_gg2_eq: "\\gd 0 \ domain(uu(f,b,g,d)) \ succ(m); \b succ(m); y*y \ y; (\b nat; s \ f`b; b \ (\gm \ nat; m\0\ \ vv2(f,b,g,s) \ m" unfolding vv2_def apply (simp add: empty_lepollI) apply (fast dest!: le_imp_subset [THEN subset_imp_lepoll, THEN lepoll_0_is_0] intro!: singleton_eqpoll_1 [THEN eqpoll_imp_lepoll, THEN lepoll_trans] not_lt_imp_le [THEN le_imp_subset, THEN subset_imp_lepoll] nat_into_Ord nat_1I) done lemma ww2_lepoll: "\\b succ(m); g nat; vv2(f,b,g,d) \ f`g\ \ ww2(f,b,g,d) \ m" unfolding ww2_def apply (case_tac "f`g = 0") apply (simp add: empty_lepollI) apply (drule ospec, assumption) apply (rule Diff_lepoll, assumption+) apply (simp add: vv2_def not_emptyI) done lemma gg2_lepoll_m: "\\gd 0 \ domain(uu(f,b,g,d)) \ succ(m); \b succ(m); y*y \ y; (\b f`b; m \ nat; m\ 0; g \ gg2(f,a,b,s) ` g \ m" apply (simp add: gg2_def empty_lepollI) apply (safe elim!: lt_Ord2 dest!: lt_oadd_odiff_disj) apply (simp add: vv2_lepoll) apply (simp add: ww2_lepoll vv2_subset) done (* ********************************************************************** *) (* lemma ii *) (* ********************************************************************** *) lemma lemma_ii: "\succ(m) \ NN(y); y*y \ y; m \ nat; m\0\ \ m \ NN(y)" unfolding NN_def apply (elim CollectE exE conjE) apply (rule quant_domain_uu_lepoll_m [THEN cases, THEN disjE], assumption) (* case 1 *) apply (simp add: lesspoll_succ_iff) apply (rule_tac x = "a++a" in exI) apply (fast intro!: Ord_oadd domain_gg1 UN_gg1_eq gg1_lepoll_m) (* case 2 *) apply (elim oexE conjE) apply (rule_tac A = "f`B" for B in not_emptyE, assumption) apply (rule CollectI) apply (erule succ_natD) apply (rule_tac x = "a++a" in exI) apply (rule_tac x = "gg2 (f,a,b,x) " in exI) apply (simp add: Ord_oadd domain_gg2 UN_gg2_eq gg2_lepoll_m) done (* ********************************************************************** *) (* lemma iv - p. 4: *) (* For every set x there is a set y such that x \ (y * y) \ y *) (* ********************************************************************** *) (* The leading \-quantifier looks odd but makes the proofs shorter (used only in the following two lemmas) *) lemma z_n_subset_z_succ_n: "\n \ nat. rec(n, x, \k r. r \ r*r) \ rec(succ(n), x, \k r. r \ r*r)" by (fast intro: rec_succ [THEN ssubst]) lemma le_subsets: "\\n \ nat. f(n)<=f(succ(n)); n\m; n \ nat; m \ nat\ \ f(n)<=f(m)" apply (erule_tac P = "n\m" in rev_mp) apply (rule_tac P = "\z. n\z \ f (n) \ f (z) " in nat_induct) apply (auto simp add: le_iff) done lemma le_imp_rec_subset: "\n\m; m \ nat\ \ rec(n, x, \k r. r \ r*r) \ rec(m, x, \k r. r \ r*r)" apply (rule z_n_subset_z_succ_n [THEN le_subsets]) apply (blast intro: lt_nat_in_nat)+ done lemma lemma_iv: "\y. x \ y*y \ y" apply (rule_tac x = "\n \ nat. rec (n, x, \k r. r \ r*r) " in exI) apply safe apply (rule nat_0I [THEN UN_I], simp) apply (rule_tac a = "succ (n \ na) " in UN_I) apply (erule Un_nat_type [THEN nat_succI], assumption) apply (auto intro: le_imp_rec_subset [THEN subsetD] intro!: Un_upper1_le Un_upper2_le Un_nat_type elim!: nat_into_Ord) done (* ********************************************************************** *) -(* Rubin \ Rubin wrote, *) +(* Rubin & Rubin wrote, *) (* "It follows from (ii) and mathematical induction that if y*y \ y then *) (* y can be well-ordered" *) (* In fact we have to prove *) (* * WO6 \ NN(y) \ 0 *) (* * reverse induction which lets us infer that 1 \ NN(y) *) (* * 1 \ NN(y) \ y can be well-ordered *) (* ********************************************************************** *) (* ********************************************************************** *) (* WO6 \ NN(y) \ 0 *) (* ********************************************************************** *) lemma WO6_imp_NN_not_empty: "WO6 \ NN(y) \ 0" by (unfold WO6_def NN_def, clarify, blast) (* ********************************************************************** *) (* 1 \ NN(y) \ y can be well-ordered *) (* ********************************************************************** *) lemma lemma1: "\(\b y; \b 1; Ord(a)\ \ \c(\b y; \b 1; Ord(a)\ \ f` (\ i. f`i = {x}) = {x}" apply (drule lemma1, assumption+) apply (fast elim!: lt_Ord intro: LeastI) done lemma NN_imp_ex_inj: "1 \ NN(y) \ \a f. Ord(a) \ f \ inj(y, a)" unfolding NN_def apply (elim CollectE exE conjE) apply (rule_tac x = a in exI) apply (rule_tac x = "\x \ y. \ i. f`i = {x}" in exI) apply (rule conjI, assumption) apply (rule_tac d = "\i. THE x. x \ f`i" in lam_injective) apply (drule lemma1, assumption+) apply (fast elim!: Least_le [THEN lt_trans1, THEN ltD] lt_Ord) apply (rule lemma2 [THEN ssubst], assumption+, blast) done lemma y_well_ord: "\y*y \ y; 1 \ NN(y)\ \ \r. well_ord(y, r)" apply (drule NN_imp_ex_inj) apply (fast elim!: well_ord_rvimage [OF _ well_ord_Memrel]) done (* ********************************************************************** *) (* reverse induction which lets us infer that 1 \ NN(y) *) (* ********************************************************************** *) lemma rev_induct_lemma [rule_format]: "\n \ nat; \m. \m \ nat; m\0; P(succ(m))\ \ P(m)\ \ n\0 \ P(n) \ P(1)" by (erule nat_induct, blast+) lemma rev_induct: "\n \ nat; P(n); n\0; \m. \m \ nat; m\0; P(succ(m))\ \ P(m)\ \ P(1)" by (rule rev_induct_lemma, blast+) lemma NN_into_nat: "n \ NN(y) \ n \ nat" by (simp add: NN_def) lemma lemma3: "\n \ NN(y); y*y \ y; n\0\ \ 1 \ NN(y)" apply (rule rev_induct [OF NN_into_nat], assumption+) apply (rule lemma_ii, assumption+) done (* ********************************************************************** *) (* Main theorem "WO6 \ WO1" *) (* ********************************************************************** *) (* another helpful lemma *) lemma NN_y_0: "0 \ NN(y) \ y=0" unfolding NN_def apply (fast intro!: equalityI dest!: lepoll_0_is_0 elim: subst) done lemma WO6_imp_WO1: "WO6 \ WO1" unfolding WO1_def apply (rule allI) apply (case_tac "A=0") apply (fast intro!: well_ord_Memrel nat_0I [THEN nat_into_Ord]) apply (rule_tac x = A in lemma_iv [elim_format]) apply (erule exE) apply (drule WO6_imp_NN_not_empty) apply (erule Un_subset_iff [THEN iffD1, THEN conjE]) apply (erule_tac A = "NN (y) " in not_emptyE) apply (frule y_well_ord) apply (fast intro!: lemma3 dest!: NN_y_0 elim!: not_emptyE) apply (fast elim: well_ord_subset) done end diff --git a/src/ZF/Induct/PropLog.thy b/src/ZF/Induct/PropLog.thy --- a/src/ZF/Induct/PropLog.thy +++ b/src/ZF/Induct/PropLog.thy @@ -1,340 +1,340 @@ (* Title: ZF/Induct/PropLog.thy - Author: Tobias Nipkow \ Lawrence C Paulson + Author: Tobias Nipkow & Lawrence C Paulson Copyright 1993 University of Cambridge *) section \Meta-theory of propositional logic\ theory PropLog imports ZF begin text \ Datatype definition of propositional logic formulae and inductive definition of the propositional tautologies. Inductive definition of propositional logic. Soundness and completeness w.r.t.\ truth-tables. Prove: If \H |= p\ then \G |= p\ where \G \ Fin(H)\ \ subsection \The datatype of propositions\ consts propn :: i datatype propn = Fls | Var ("n \ nat") (\#_\ [100] 100) | Imp ("p \ propn", "q \ propn") (infixr \\\ 90) subsection \The proof system\ consts thms :: "i \ i" abbreviation thms_syntax :: "[i,i] \ o" (infixl \|-\ 50) where "H |- p \ p \ thms(H)" inductive domains "thms(H)" \ "propn" intros H: "\p \ H; p \ propn\ \ H |- p" K: "\p \ propn; q \ propn\ \ H |- p\q\p" S: "\p \ propn; q \ propn; r \ propn\ \ H |- (p\q\r) \ (p\q) \ p\r" DN: "p \ propn \ H |- ((p\Fls) \ Fls) \ p" MP: "\H |- p\q; H |- p; p \ propn; q \ propn\ \ H |- q" type_intros "propn.intros" declare propn.intros [simp] subsection \The semantics\ subsubsection \Semantics of propositional logic.\ consts is_true_fun :: "[i,i] \ i" primrec "is_true_fun(Fls, t) = 0" "is_true_fun(Var(v), t) = (if v \ t then 1 else 0)" "is_true_fun(p\q, t) = (if is_true_fun(p,t) = 1 then is_true_fun(q,t) else 1)" definition is_true :: "[i,i] \ o" where "is_true(p,t) \ is_true_fun(p,t) = 1" \ \this definition is required since predicates can't be recursive\ lemma is_true_Fls [simp]: "is_true(Fls,t) \ False" by (simp add: is_true_def) lemma is_true_Var [simp]: "is_true(#v,t) \ v \ t" by (simp add: is_true_def) lemma is_true_Imp [simp]: "is_true(p\q,t) \ (is_true(p,t)\is_true(q,t))" by (simp add: is_true_def) subsubsection \Logical consequence\ text \ For every valuation, if all elements of \H\ are true then so is \p\. \ definition logcon :: "[i,i] \ o" (infixl \|=\ 50) where "H |= p \ \t. (\q \ H. is_true(q,t)) \ is_true(p,t)" text \ A finite set of hypotheses from \t\ and the \Var\s in \p\. \ consts hyps :: "[i,i] \ i" primrec "hyps(Fls, t) = 0" "hyps(Var(v), t) = (if v \ t then {#v} else {#v\Fls})" "hyps(p\q, t) = hyps(p,t) \ hyps(q,t)" subsection \Proof theory of propositional logic\ lemma thms_mono: "G \ H \ thms(G) \ thms(H)" unfolding thms.defs apply (rule lfp_mono) apply (rule thms.bnd_mono)+ apply (assumption | rule univ_mono basic_monos)+ done lemmas thms_in_pl = thms.dom_subset [THEN subsetD] inductive_cases ImpE: "p\q \ propn" lemma thms_MP: "\H |- p\q; H |- p\ \ H |- q" \ \Stronger Modus Ponens rule: no typechecking!\ apply (rule thms.MP) apply (erule asm_rl thms_in_pl thms_in_pl [THEN ImpE])+ done lemma thms_I: "p \ propn \ H |- p\p" \ \Rule is called \I\ for Identity Combinator, not for Introduction.\ apply (rule thms.S [THEN thms_MP, THEN thms_MP]) apply (rule_tac [5] thms.K) apply (rule_tac [4] thms.K) apply simp_all done subsubsection \Weakening, left and right\ lemma weaken_left: "\G \ H; G|-p\ \ H|-p" \ \Order of premises is convenient with \THEN\\ by (erule thms_mono [THEN subsetD]) lemma weaken_left_cons: "H |- p \ cons(a,H) |- p" by (erule subset_consI [THEN weaken_left]) lemmas weaken_left_Un1 = Un_upper1 [THEN weaken_left] lemmas weaken_left_Un2 = Un_upper2 [THEN weaken_left] lemma weaken_right: "\H |- q; p \ propn\ \ H |- p\q" by (simp_all add: thms.K [THEN thms_MP] thms_in_pl) subsubsection \The deduction theorem\ theorem deduction: "\cons(p,H) |- q; p \ propn\ \ H |- p\q" apply (erule thms.induct) apply (blast intro: thms_I thms.H [THEN weaken_right]) apply (blast intro: thms.K [THEN weaken_right]) apply (blast intro: thms.S [THEN weaken_right]) apply (blast intro: thms.DN [THEN weaken_right]) apply (blast intro: thms.S [THEN thms_MP [THEN thms_MP]]) done subsubsection \The cut rule\ lemma cut: "\H|-p; cons(p,H) |- q\ \ H |- q" apply (rule deduction [THEN thms_MP]) apply (simp_all add: thms_in_pl) done lemma thms_FlsE: "\H |- Fls; p \ propn\ \ H |- p" apply (rule thms.DN [THEN thms_MP]) apply (rule_tac [2] weaken_right) apply (simp_all add: propn.intros) done lemma thms_notE: "\H |- p\Fls; H |- p; q \ propn\ \ H |- q" by (erule thms_MP [THEN thms_FlsE]) subsubsection \Soundness of the rules wrt truth-table semantics\ theorem soundness: "H |- p \ H |= p" unfolding logcon_def apply (induct set: thms) apply auto done subsection \Completeness\ subsubsection \Towards the completeness proof\ lemma Fls_Imp: "\H |- p\Fls; q \ propn\ \ H |- p\q" apply (frule thms_in_pl) apply (rule deduction) apply (rule weaken_left_cons [THEN thms_notE]) apply (blast intro: thms.H elim: ImpE)+ done lemma Imp_Fls: "\H |- p; H |- q\Fls\ \ H |- (p\q)\Fls" apply (frule thms_in_pl) apply (frule thms_in_pl [of concl: "q\Fls"]) apply (rule deduction) apply (erule weaken_left_cons [THEN thms_MP]) apply (rule consI1 [THEN thms.H, THEN thms_MP]) apply (blast intro: weaken_left_cons elim: ImpE)+ done lemma hyps_thms_if: "p \ propn \ hyps(p,t) |- (if is_true(p,t) then p else p\Fls)" \ \Typical example of strengthening the induction statement.\ apply simp apply (induct_tac p) apply (simp_all add: thms_I thms.H) apply (safe elim!: Fls_Imp [THEN weaken_left_Un1] Fls_Imp [THEN weaken_left_Un2]) apply (blast intro: weaken_left_Un1 weaken_left_Un2 weaken_right Imp_Fls)+ done lemma logcon_thms_p: "\p \ propn; 0 |= p\ \ hyps(p,t) |- p" \ \Key lemma for completeness; yields a set of assumptions satisfying \p\\ apply (drule hyps_thms_if) apply (simp add: logcon_def) done text \ For proving certain theorems in our new propositional logic. \ lemmas propn_SIs = propn.intros deduction and propn_Is = thms_in_pl thms.H thms.H [THEN thms_MP] text \ The excluded middle in the form of an elimination rule. \ lemma thms_excluded_middle: "\p \ propn; q \ propn\ \ H |- (p\q) \ ((p\Fls)\q) \ q" apply (rule deduction [THEN deduction]) apply (rule thms.DN [THEN thms_MP]) apply (best intro!: propn_SIs intro: propn_Is)+ done lemma thms_excluded_middle_rule: "\cons(p,H) |- q; cons(p\Fls,H) |- q; p \ propn\ \ H |- q" \ \Hard to prove directly because it requires cuts\ apply (rule thms_excluded_middle [THEN thms_MP, THEN thms_MP]) apply (blast intro!: propn_SIs intro: propn_Is)+ done subsubsection \Completeness -- lemmas for reducing the set of assumptions\ text \ For the case \<^prop>\hyps(p,t)-cons(#v,Y) |- p\ we also have \<^prop>\hyps(p,t)-{#v} \ hyps(p, t-{v})\. \ lemma hyps_Diff: "p \ propn \ hyps(p, t-{v}) \ cons(#v\Fls, hyps(p,t)-{#v})" by (induct set: propn) auto text \ For the case \<^prop>\hyps(p,t)-cons(#v \ Fls,Y) |- p\ we also have \<^prop>\hyps(p,t)-{#v\Fls} \ hyps(p, cons(v,t))\. \ lemma hyps_cons: "p \ propn \ hyps(p, cons(v,t)) \ cons(#v, hyps(p,t)-{#v\Fls})" by (induct set: propn) auto text \Two lemmas for use with \weaken_left\\ lemma cons_Diff_same: "B-C \ cons(a, B-cons(a,C))" by blast lemma cons_Diff_subset2: "cons(a, B-{c}) - D \ cons(a, B-cons(c,D))" by blast text \ The set \<^term>\hyps(p,t)\ is finite, and elements have the form \<^term>\#v\ or \<^term>\#v\Fls\; could probably prove the stronger \<^prop>\hyps(p,t) \ Fin(hyps(p,0) \ hyps(p,nat))\. \ lemma hyps_finite: "p \ propn \ hyps(p,t) \ Fin(\v \ nat. {#v, #v\Fls})" by (induct set: propn) auto lemmas Diff_weaken_left = Diff_mono [OF _ subset_refl, THEN weaken_left] text \ Induction on the finite set of assumptions \<^term>\hyps(p,t0)\. We may repeatedly subtract assumptions until none are left! \ lemma completeness_0_lemma [rule_format]: "\p \ propn; 0 |= p\ \ \t. hyps(p,t) - hyps(p,t0) |- p" apply (frule hyps_finite) apply (erule Fin_induct) apply (simp add: logcon_thms_p Diff_0) txt \inductive step\ apply safe txt \Case \<^prop>\hyps(p,t)-cons(#v,Y) |- p\\ apply (rule thms_excluded_middle_rule) apply (erule_tac [3] propn.intros) apply (blast intro: cons_Diff_same [THEN weaken_left]) apply (blast intro: cons_Diff_subset2 [THEN weaken_left] hyps_Diff [THEN Diff_weaken_left]) txt \Case \<^prop>\hyps(p,t)-cons(#v \ Fls,Y) |- p\\ apply (rule thms_excluded_middle_rule) apply (erule_tac [3] propn.intros) apply (blast intro: cons_Diff_subset2 [THEN weaken_left] hyps_cons [THEN Diff_weaken_left]) apply (blast intro: cons_Diff_same [THEN weaken_left]) done subsubsection \Completeness theorem\ lemma completeness_0: "\p \ propn; 0 |= p\ \ 0 |- p" \ \The base case for completeness\ apply (rule Diff_cancel [THEN subst]) apply (blast intro: completeness_0_lemma) done lemma logcon_Imp: "\cons(p,H) |= q\ \ H |= p\q" \ \A semantic analogue of the Deduction Theorem\ by (simp add: logcon_def) lemma completeness: "H \ Fin(propn) \ p \ propn \ H |= p \ H |- p" apply (induct arbitrary: p set: Fin) apply (safe intro!: completeness_0) apply (rule weaken_left_cons [THEN thms_MP]) apply (blast intro!: logcon_Imp propn.intros) apply (blast intro: propn_Is) done theorem thms_iff: "H \ Fin(propn) \ H |- p \ H |= p \ p \ propn" by (blast intro: soundness completeness thms_in_pl) end diff --git a/src/ZF/ex/Commutation.thy b/src/ZF/ex/Commutation.thy --- a/src/ZF/ex/Commutation.thy +++ b/src/ZF/ex/Commutation.thy @@ -1,142 +1,142 @@ (* Title: ZF/ex/Commutation.thy - Author: Tobias Nipkow \ Sidi Ould Ehmety + Author: Tobias Nipkow & Sidi Ould Ehmety Copyright 1995 TU Muenchen Commutation theory for proving the Church Rosser theorem. *) theory Commutation imports ZF begin definition square :: "[i, i, i, i] \ o" where "square(r,s,t,u) \ (\a b. \a,b\ \ r \ (\c. \a, c\ \ s \ (\x. \b,x\ \ t \ \c,x\ \ u)))" definition commute :: "[i, i] \ o" where "commute(r,s) \ square(r,s,s,r)" definition diamond :: "i\o" where "diamond(r) \ commute(r, r)" definition strip :: "i\o" where "strip(r) \ commute(r^*, r)" definition Church_Rosser :: "i \ o" where "Church_Rosser(r) \ (\x y. \x,y\ \ (r \ converse(r))^* \ (\z. \x,z\ \ r^* \ \y,z\ \ r^*))" definition confluent :: "i\o" where "confluent(r) \ diamond(r^*)" lemma square_sym: "square(r,s,t,u) \ square(s,r,u,t)" unfolding square_def by blast lemma square_subset: "\square(r,s,t,u); t \ t'\ \ square(r,s,t',u)" unfolding square_def by blast lemma square_rtrancl: "square(r,s,s,t) \ field(s)<=field(t) \ square(r^*,s,s,t^*)" apply (unfold square_def, clarify) apply (erule rtrancl_induct) apply (blast intro: rtrancl_refl) apply (blast intro: rtrancl_into_rtrancl) done (* A special case of square_rtrancl_on *) lemma diamond_strip: "diamond(r) \ strip(r)" unfolding diamond_def commute_def strip_def apply (rule square_rtrancl, simp_all) done (*** commute ***) lemma commute_sym: "commute(r,s) \ commute(s,r)" unfolding commute_def by (blast intro: square_sym) lemma commute_rtrancl: "commute(r,s) \ field(r)=field(s) \ commute(r^*,s^*)" unfolding commute_def apply (rule square_rtrancl) apply (rule square_sym [THEN square_rtrancl, THEN square_sym]) apply (simp_all add: rtrancl_field) done lemma confluentD: "confluent(r) \ diamond(r^*)" by (simp add: confluent_def) lemma strip_confluent: "strip(r) \ confluent(r)" unfolding strip_def confluent_def diamond_def apply (drule commute_rtrancl) apply (simp_all add: rtrancl_field) done lemma commute_Un: "\commute(r,t); commute(s,t)\ \ commute(r \ s, t)" unfolding commute_def square_def by blast lemma diamond_Un: "\diamond(r); diamond(s); commute(r, s)\ \ diamond(r \ s)" unfolding diamond_def by (blast intro: commute_Un commute_sym) lemma diamond_confluent: "diamond(r) \ confluent(r)" unfolding diamond_def confluent_def apply (erule commute_rtrancl, simp) done lemma confluent_Un: "\confluent(r); confluent(s); commute(r^*, s^*); relation(r); relation(s)\ \ confluent(r \ s)" unfolding confluent_def apply (rule rtrancl_Un_rtrancl [THEN subst], auto) apply (blast dest: diamond_Un intro: diamond_confluent [THEN confluentD]) done lemma diamond_to_confluence: "\diamond(r); s \ r; r<= s^*\ \ confluent(s)" apply (drule rtrancl_subset [symmetric], assumption) apply (simp_all add: confluent_def) apply (blast intro: diamond_confluent [THEN confluentD]) done (*** Church_Rosser ***) lemma Church_Rosser1: "Church_Rosser(r) \ confluent(r)" apply (unfold confluent_def Church_Rosser_def square_def commute_def diamond_def, auto) apply (drule converseI) apply (simp (no_asm_use) add: rtrancl_converse [symmetric]) apply (drule_tac x = b in spec) apply (drule_tac x1 = c in spec [THEN mp]) apply (rule_tac b = a in rtrancl_trans) apply (blast intro: rtrancl_mono [THEN subsetD])+ done lemma Church_Rosser2: "confluent(r) \ Church_Rosser(r)" apply (unfold confluent_def Church_Rosser_def square_def commute_def diamond_def, auto) apply (frule fieldI1) apply (simp add: rtrancl_field) apply (erule rtrancl_induct, auto) apply (blast intro: rtrancl_refl) apply (blast del: rtrancl_refl intro: r_into_rtrancl rtrancl_trans)+ done lemma Church_Rosser: "Church_Rosser(r) \ confluent(r)" by (blast intro: Church_Rosser1 Church_Rosser2) end diff --git a/src/ZF/ex/NatSum.thy b/src/ZF/ex/NatSum.thy --- a/src/ZF/ex/NatSum.thy +++ b/src/ZF/ex/NatSum.thy @@ -1,69 +1,69 @@ (* Title: ZF/ex/NatSum.thy - Author: Tobias Nipkow \ Lawrence C Paulson + Author: Tobias Nipkow & Lawrence C Paulson A summation operator. sum(f,n+1) is the sum of all f(i), i=0...n. Note: n is a natural number but the sum is an integer, and f maps integers to integers Summing natural numbers, squares, cubes, etc. Originally demonstrated permutative rewriting, but add_ac is no longer needed thanks to new simprocs. Thanks to Sloane's On-Line Encyclopedia of Integer Sequences, http://www.research.att.com/\njas/sequences/ *) theory NatSum imports ZF begin consts sum :: "[i\i, i] \ i" primrec "sum (f,0) = #0" "sum (f, succ(n)) = f($#n) $+ sum(f,n)" declare zadd_zmult_distrib [simp] zadd_zmult_distrib2 [simp] declare zdiff_zmult_distrib [simp] zdiff_zmult_distrib2 [simp] (*The sum of the first n odd numbers equals n squared.*) lemma sum_of_odds: "n \ nat \ sum (\i. i $+ i $+ #1, n) = $#n $* $#n" by (induct_tac "n", auto) (*The sum of the first n odd squares*) lemma sum_of_odd_squares: "n \ nat \ #3 $* sum (\i. (i $+ i $+ #1) $* (i $+ i $+ #1), n) = $#n $* (#4 $* $#n $* $#n $- #1)" by (induct_tac "n", auto) (*The sum of the first n odd cubes*) lemma sum_of_odd_cubes: "n \ nat \ sum (\i. (i $+ i $+ #1) $* (i $+ i $+ #1) $* (i $+ i $+ #1), n) = $#n $* $#n $* (#2 $* $#n $* $#n $- #1)" by (induct_tac "n", auto) (*The sum of the first n positive integers equals n(n+1)/2.*) lemma sum_of_naturals: "n \ nat \ #2 $* sum(\i. i, succ(n)) = $#n $* $#succ(n)" by (induct_tac "n", auto) lemma sum_of_squares: "n \ nat \ #6 $* sum (\i. i$*i, succ(n)) = $#n $* ($#n $+ #1) $* (#2 $* $#n $+ #1)" by (induct_tac "n", auto) lemma sum_of_cubes: "n \ nat \ #4 $* sum (\i. i$*i$*i, succ(n)) = $#n $* $#n $* ($#n $+ #1) $* ($#n $+ #1)" by (induct_tac "n", auto) (** Sum of fourth powers **) lemma sum_of_fourth_powers: "n \ nat \ #30 $* sum (\i. i$*i$*i$*i, succ(n)) = $#n $* ($#n $+ #1) $* (#2 $* $#n $+ #1) $* (#3 $* $#n $* $#n $+ #3 $* $#n $- #1)" by (induct_tac "n", auto) end