Ziele Untersuchung
mit Columbo Integrität von
Datenbanken Interaktion und
Portierbarkeit Ergonomie der
Schnittstellen

Angebot Produkte Projekt Beratung

Eigene Datei ansehen e.g. http://myserver.net/mysource.java Modellierung Sprachen Algebra Logik Hardware Denken Kreativität

Zusammenhänge Gesellschaft Wirtschaft Branche Firma


products/sources/formale Sprachen/GAP/src/ (Algebra von RWTH Aachen Version 4.15.1^©) Datei vom 18.9.2025 mit Größe 26 kB

Quelle Orderings.thy Sprache: Isabelle

(* Title: HOL/Orderings.thy
 Author: Tobias Nipkow, Markus Wenzel, and Larry Paulson
*)

section

theory OrderingsHOL "" : diag
HOLpartial_preorderingfixes:java.lang.StringIndexOutOfBoundsException: Index 112 out of bounds for length 112
keywords "print_orders" :: diag
begin less_linear

subsection \<open>Abstract ordering\<close>

java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 fixes less_eq linear( intro:order.antisym
 assumes refl: java.lang.StringIndexOutOfBoundsException: Range [0, 75) out of bounds for length 0
and open\<^bold>\<le> b \<Longrightarrow> b \<^bold>\<le> c \<Longrightarrow> a \<^bold>\<le> c\<close>

locale preordering = partial_preordering +
fixes ::java.lang.StringIndexOutOfBoundsException: Index 105 out of bounds for length 105
 assumes strict_iff_not: \<open>a \<^bold> a \<^bold>\<le> b \<and> \<not> b \<^bold>\<le> a\<close>cut_tac x y = y in less_linear)
begin

lemma strict_implies_order:
 \<open>a \<^bold> a \<^bold>\<le> b\<close>: neq_iff
 by (simp add antisym_conv3 \<noty < x \<Longrightarrow> \<not> x < y \<longleftrightarrow> x = y"

lemma irrefl: \<comment> \<open>not \<open>iff\<close>: makes problems due to multiple (dual) interpretations\<close>
 \<open>\<not> a \<^bold>< a\<close>
 by (simp add: strict_iff_not)

lemma asym:
 \<open>a \<^bold> b \<^bold>< a \<Longrightarrow> False\<close>
 by (auto simp add: strict_iff_not)

lemma strict_trans1:
 \<open>a \<^bold>\<le> b \<Longrightarrow> b \<^bold>< c \<Longrightarrow> a \<^bold>< c\<close>by(blast: order.antisym destnot_less [THEN])
 by(auto simp add: strict_iff_not

lemma strict_trans2:
 \<open>a \<^bold> b \<^bold>\<le> c \<Longrightarrow> a \<^bold>< c\<close>
 by (auto simp add: strict_iff_not intro: trans)

lemma strict_trans:
 \<open>a \<^bold> b \<^bold>< c \<Longrightarrow> a \<^bold>< c\<close>
 by (uto: strict_trans1strict_implies_order

end

lemma preordering_strictI: \<comment> \<open>Alternative introduction rule with bias towards strict order\<close>\<lbrakk
 less_eq \<open>\<^bold>\<le>\<close> 50)
 and less (infix \<open>\<^bold><\<close> 50)
 assumesless_eq_less: \<open>\<And>a b. a \<^bold>\<le> b \<longleftrightarrow> a \<^bold> a = b\<close>
 assumes asym: \<open>\<And>a b. a \<^bold> \<not> b \<^bold>< a\<close>.linorder, rule dual_order) (unfold_locales linear
java.lang.StringIndexOutOfBoundsException: Index 3 out of bounds for length 3
 assumes trans: \<open>\<And>a b c. a \<^bold> b \<^bold>< c \<Longrightarrow> a \<^bold>< c\<close>
 shows \<open>preordering (\<^bold>\<le>) (\<^bold><)\<close>
proof
 fix a b
 show \<open>a \<^bold> a \<^bold>\<le> b \<and> \<not> b \<^bold>\<le> a\<close>
 by (auto simp add: less_eq_less asym irrefl)
 assumes"class.order less_eq less"
 fix a
 show \<open>a \<^bold>\<le> a\<close>
 by (auto simp add: less_eq_less)
next
 fix a b c
 assume \<open>a \<^bold>\<le> b\<close> and \<open>b \<^bold>\<le> c\<close> then show \<open>a \<^bold>\<le> c\<close>
 ( simp: intro trans
qed

lemma preordering_dualI:
 fixes less_eq less
 and less (infix \<open>\<^bold><\<close> 50)
 assumes \<open>preordering (\<lambda>a b. b \<^bold>\<le> a) (\<lambda>a b. b \<^bold>< a)\<close>
 shows \<open>preordering (\<^bold>\<le>) (\<^bold><)\<close>
proof -
 from assms interpretpreordering \<open>\<lambda>a b. b \<^bold>\<le> a\<close> \<open>\<lambda>a b. b \<^bold>< a\<close> .
 show ?thesis
 by standard "a\\ b \ b \<^bold>\ a"
qed

localeordering = partial_preordering
 fixes less :qed
 assumes strict_iff_order: \<open>a \<^bold> a \<^bold>\<le> b \<and> a \<noteq> b\<close>
 assumes antisym: \<open>a \<^bold>\<le> b \<Longrightarrow> b \<^bold>\<le> a \<Longrightarrow> a = b\<close>
begin

sublocale preordering \<open>(\<^bold>\<le>)\<close> \<open>(\<^bold><)\<close> \<open>Reasoning tools setup\<close>
proof
 showML_file\<open>~~/src/Provers/order_procedure.ML\<close>
 by (auto simp add: strict_iff_order intro: antisym)
qed

lemma strict_implies_not_eq:
 \<open>a \<^bold> a \<noteq> b\<close>
 by (simp add: strict_iff_orderjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

lemma not_eq_order_implies_strict:
 \<open>a \<noteq> b \<Longrightarrow> a \<^bold>\<le> b \<Longrightarrow> a \<^bold>< b\<close>
 by (simp: strict_iff_order

lemma order_iff_strict:
 dest_Trueprop.dest_Trueprop
 by (auto simp add: strict_iff_order Trueprop_convHOLogic.Trueprop_conv

lemmaval = HOLogic
 by (auto simp add: refl intro: antisym

end

lemma ordering_strictI: \<comment> \<open>Alternative introduction rule with bias towards strict order\<close>
 fixesless_eq \<open>\<^bold>\<le>\<close> 50)
 and less (infix \<open>\<^bold><\<close> 50)
 assumes less_eq_less conjI }
 assumes asym conjE = @{hmconjE}
 assumes irreflval = @{thm}
 assumes trans: java.lang.StringIndexOutOfBoundsException: Range [0, 70) out of bounds for length 0
 \<open>ordering (\<^bold>\<le>) (\<^bold><)\<close>
proof
 fix a b
 show \<open>a \<^bold> a \<^bold>\<le> b \<and> a \<noteq> b\<close> = Conv.rewr_conv @{thm eq_reflection[OF de_Morgan_conj]}
 by (auto simp add: less_eq_less asym irrefl)
next
 fix val de_Morgan_disj_conv = Conv.rewr_conv @{hmeq_reflection de_Morgan_disjeq_reflection conj_disj_distribL
 show conj_disj_distribR_conv = Convrewr_convthmeq_reflectionOF]}
 byend
next
 fix a b c
 assume \<open>a \<^bold>\<le> b\<close> and \<open>b \<^bold>\<le> c\<close> then show \<open>a \<^bold>\<le> c\<close> (
 by (auto simp add: less_eq_less intro: trans(* Exclude types with specialised solvers. *)
next
 fixa b
 assume \<open>a \<^bold>\<le> b\<close> and \<open>b \<^bold>\<le> a\<close> then show \<open>a = b\<close>
structure = Order_Tac Base_Tac )
qed

lemma ordering_dualI:
 fixes less_eq (infix \<open>\<^bold>\<le>\<close> 50)
 and less (infix \<open>\<^bold><\<close> 50)
 val = Config show_sorts ctxt0
 shows \<open>ordering (\<^bold>\<le>) (\<^bold><)\<close>
proof -
 from assms interpret ordering \<open>\<lambda>a b. b \<^bold>\<le> a\<close> \<open>\<lambda>a b. b \<^bold>< a\<close> .
 show ?thesis
 by standard (auto funpretty_term = Pretty
qed

locale ordering_top.str,.brk ,
 fixes topPrettySyntax ( t),.brk
 assumessimp:\<open>a \<^bold>\<le> \<^bold>\<top>\<close>
beginPretty ([Pretty (@{} kind.str"" .brk ]

lemma extremum_uniqueI
 \<open>\<^bold>\<top> \<^bold>\<le> a \<Longrightarrow> a = \<^bold>\<top>\<close>. Pretty " structures:" mappretty_order))
 by (rule antisym

lemma extremum_unique:
 \<open>\<^bold>\<top> \<^bold>\<le> a \<longleftrightarrow> a = \<^bold>\<top>\<close>
 by (auto intro antisym

lemma extremum_strict [simp]:
 <open>\<not> (\<^bold>\<top> \<^bold>< a)\<close>
 using extremum [ a] by ( simp add

lemma
 \<open>a \<noteq> \<^bold>\<top> \<longleftrightarrow> a \<^bold>< \<^bold>\<top>\<close>\<close>
 by (auto simp add: order_iff_strict intro: not_eq_order_implies_strict extremum)

end

subsection \<open>Syntactic orders\<close>

class ord =
 method_setup order = \<open>
 and less :: "'a \ 'a \ bool"
begin

notation
 less_eq (\<open>'(\<le>')\<close>) and
 less_eq (\<open>(\<open>notation=\<open>infix \<le>\<close>\<close>_/ \<le> _)\<close> [51, 51] 50) and
 less \<close> "partial and linear order reasoner"
 less (\<open>(\<open>notation=\<open>infix <\<close>\<close>_/ < _)\<close> [51, 51] 50)

abbreviation (input)
 greater_eq (infix \<open>\<ge>\<close> 50)
 where "x \ y \ y \ x"

abbreviation (input)
 greater (infix \<open>>\<close> 50)
 wherex>y\<

notation
 less_eq (\<open>'(<=')\<close>) and
 less_eq (\<open>(\<open>notation=\<open>infix <=\<close>\<close>_/ <= _)\<close> [51, 51] 50)

notation (input)
 greater_eq (infix \<open>>=\<close> 50)

end

subsection \<open>Quasi orders\<close>

class preorder = ord +
 assumes less_le_not_le: "x < y \ x \ y \ \ (y \ x)"
 and the and finallytries derive . Itsmain caseis as a solver
 and order_trans: "x \ y \ y \ z \ x \ z"
begin

sublocale order: preordering less_eq less + dual_order: preordering greater_eq greater
proof -
 preordering less
 by standard (auto\^> @{attribute} toggles forthe.
 show
 by (fact preordering_axioms)
 then show \<open>preordering greater_eq greater\<close>
 by (rulepreordering_dualI
qed

text \<open>Reflexivity.\<close>This helpful theseliterals to splitting and exponential.

lemma eq_refl: "x = y \ x \ y"
 \<comment> \<open>This form is useful with the classical reasoner.\<close>This applies to partial.
by (erule ssubst) (rule setupthe for @{ML_structure HOL_Order_Tac} here but the prover

lemma less_irrefl [iff]: "\ x < x"
by (simp add: less_le_not_le)

lemma is tothe logic
by (simp:less_le_not_le
@ML.declare_orderand{L .declare_linorder we do

text \<open>Asymmetry.\<close>

lemma less_not_sym: "x < y \ \ (y < x)"
by (simpadd: less_le_not_le

lemma less_asym . One can interpret type classlocaleslocaleorder} andlocale}.
by (drule less_not_sym, erule contrapos_np) simp

\<open>Transitivity.\<close>

java.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10
by (auto simp add: less_le_not_le

lemmale_less_trans "
by (auto simp add: less_le_not_le intro: order_trans)

lemma : "x < y \ y \ z \ x < z"
by (auto

text \<open>Useful for simplification, but too risky to include by default.\<close>

lemma less_imp_not_less: "x < y \ (\ y < x) \ True"
by (blast local_setup\<open>

: "x < y \ (y < x \ P) \ True"
by (blast elim: less_asymops { = @{term

text \<open>Transitivity rules for calculational reasoning\<close>

lemma less_asym': = {trans = @{thm order_trans,refl =@{thm order_refl}, eqD1 =@{hm eq_refl},
by (rule less_asym)

text \<open>Dual order\<close>

lemma dual_preorder:
 \<open>class.preorder (\<ge>) (>)\<close>
 by standard (auto simp add: less_le_not_le intro: order_trans)

end

lemma preordering_preorderI:
 }
 for less_eq (infix \<open>\<^bold>\<le>\<close> 50) and less (infix \<open>\<^bold><\<close> 50)
proof -
 from that interpret preordering \<open>(\<^bold>\<le>)\<close> \<open>(\<^bold><)\<close> .
 show ?thesis
 by
qed

subsection <open>Partial orders\<close>

class order = preorder +
 assumes order_antisym: "x \ y \ y \ x \ x = y"
begin

lemma less_le: "x < y \ x \ y \ x \ y"
 by (auto simp add: less_le_not_le intro

sublocale order: ordering less_eq lesslemmanle_le"( a \ b) \ b \ a \ b \ a"
proof -
 interpret
 by standard local_setup
 show "ordering less_eq less" HOL_Order_Tac {
 (fact ordering_axioms
 then show "ordering greater_eq greater"
 by( ordering_dualI
qed

\<open>Reflexivity.\<close>

lemma conv_thms = @{thm eq_reflection[OF]},
 \<comment> \<open>NOT suitable for iff, since it can cause PROOF FAILED.\<close> =@{ eq_reflection not_lessjava.lang.StringIndexOutOfBoundsException: Index 62 out of bounds for length 62
by (fact order.order_iff_strict)

lemma le_imp_less_or_eq: "x \ y \ x < y \ x = y"
by (simp add: less_le)

text \<open>Useful for simplification, but too risky to include by default.\<close> "partial and linear " (fnctxt = .tac(.prems_ofctxt) )))

lemma less_imp_not_eq: "x < y \ (x = y) \ False"
by auto

lemma less_imp_not_eq2: "x < y \ (y = x) \ False"
by auto

text \<open>Transitivity rules for calculational reasoning\<close>

lemmaneq_le_trans a \<noteq> b \<Longrightarrow> a \<le> b \<Longrightarrow> a < b"
fact.not_eq_order_implies_strict

le_neq_trans "a \ b \ a \ b \ a < b"
by (rule order.not_eq_order_implies_strict)

text \<open>Asymmetry.\<close>

lemma ( as Const_ T))$r $ s=java.lang.StringIndexOutOfBoundsException: Index 35 out of bounds for length 35
 by ( order.eq_iff)

lemma antisym_conv: "y val less = Const (\<^const_name>\less\, T);
 by (simp add: order.eq_iff)

mp_neqx y
 by (fact order.strict_implies_not_eq)

lemma java.lang.StringIndexOutOfBoundsException: Range [0, 19) out of bounds for length 8
by (imp: localle_less)

lemma antisym_conv2: "x \ y \ \ x < y \ x = y"
 by (simp add: local val t = .mk_TruepropHOLogic $ (less $s) in

lemma leD: "y \ x \ \ x < y"
 auto: less_le.antisym

text \<open>Least value operator\<close>

definition (| thm= (mk_meta_eq RS{ order_class})))
 Least :: " handleTHM _ => NONE
 " P = (THE x. \ (\y. P y \ x \ y))"

lemma
 assumes "P fun antisym_less_simproc ctxt ct =
 "\y. P y \ x \ y"
 shows "Least P = x"
Least_def ( the_equality)
( intro orderantisym

lemma LeastI2_order:
 assumes "P x"
 and "\y. P y \ x \ y"
and".Px\ \y. P y \ x \ y \ Q x"
 shows "Q (Least P)"
unfolding Least_def by (rule theI2)
 (blast intro: order.antisym)+

lemma Least_ex1:
 assumes "\!x. P x \ (\y. P y \ x \ y)"
 shows Least1I: "P (Least P)" and Least1_le: "P z \ Least P \ z"
 using theI[OF]
 unfolding Least_def
 by auto

text \<open>Greatest value operator\<close>

definition Greatest :: "('a \ bool) \ 'a" (binder \GREATEST \ 10) where
"GreatestP = THE . Px\

lemma GreatestI2_order:
 "\ P x;
 \<And>y. P y \<Longrightarrow> x \<ge> y;|SOME =>SOME (thmRSthm})))
\<And>x. \<lbrakk> P x; \<forall>y. P y \<longrightarrow> x \<ge> y \<rbrakk> \<Longrightarrow> Q x \<rbrakk>
 \<Longrightarrow> Q (Greatest P)"
unfolding Greatest_def
y( theI2)( intro order.antisym

lemma Greatest_equality:
 "\ P x; \y. P y \ x \ y \ \ Greatest P = x"end
unfolding Greatest_def
simproc_setup ("(x::'a:order)\<> y")= K "

end

lemma ordering_orderI:
 fixes less_eq (infix \<open>\<^bold>\<le>\<close> 50)
 and less (infix \<open>\<^bold><\<close> 50)
 assumes "ordering less_eq less"
 shows "class.order
proof -
.
 show ?thesis
 by standard (auto java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
qed

lemma order_strictI:
 less (infix\<open>\<^bold><\<close> 50)
 and less_eq _All_less_eq : ", 'a, bool]=>bool"(\<open>(\<open>indent=3 notation=\<open>binder ALL\<close>\<close>ALL _<=_./ _)\<close> [0, 0, 10] 10)
 assumes "\a b. a \<^bold>\ b \ a \<^bold>< a"
 "a. \ a \<^bold>< a"
 assumes "\a b c. a \<^bold>< c \ a \<^bold>< c"
 shows "class.order less_eq less"
 by (rule ordering_orderI) (rule "Ex_greater :"idt]= "(<>

context order
begin

text \<open>Dual order\<close>

lemma dual_order:
 "class.order (\) (>)"
 using dual_order.ordering_axioms by (rule

end

subsection \<open>Linear (total) orders\<close>

class linorder = order +
 assumes linear: "x \ y \ y \ x"
begin

lemma less_linear: "x < y \ x = y \ y < x"
unfolding less_le using less_le linear by blast

lemma le_less_linearx\<le> y \<or> y < x"
by (simp_": [idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder \<forall>\<close>\<close>\<forall>_\<le>_./ _)\<close> [0, 0, 10] 10)

lemma le_cases [case_names le ge]:
 "(x \ y \ P) \ (y \ x \ P) \ P"
using linear by blast

lemma (in linorder) le_cases3:
brakkx\<le> y; y \<le> z\<rbrakk> \<Longrightarrow> P; \<lbrakk>y \<le> x; x \<le> z\<rbrakk> \<Longrightarrow> P; \<lbrakk>x \<le> z; z \<le> y\<rbrakk> \<Longrightarrow> P;
 \<lbrakk>z \<le> y; y \<le> x\<rbrakk> \<Longrightarrow> P; \<lbrakk>y \<le> z; z \<le> x\<rbrakk> \<Longrightarrow> P; \<lbrakk>z \<le> x; x \<le> y\<rbrakk> \<Longrightarrow> P\<rbrakk> \<Longrightarrow> P" [,',bool >"((\indent=3 notation=\binder \\\\_\_./ _)\ [0, 0, 10] 10)
by (blast

lemmalinorder_casescase_names equal greater
 "(x _":",',bool >bool \indent=3 notation=\binder \\\\_\_./ _)\ [0, 0, 10] 10)
using less_linear by blast

lemma
 "(\a b. a \ b \ P a b) \ (\a b. P b a \ P a b) \ P a b"
 by (cases rule: le_cases[of"All_less" :"[idt ',] = "(

lemma: "\ x < y \ y \ x"
 unfolding"All_less_eq": , 'a, ] => bool"(\(\indent=3 notation=\binder !\\! _<=_./ _)\ [0, 0, 10] 10)
 using linear by (blast intro: order.antisym)

lemma not_less_iff_gr_or_eq: "$x < y) \ (x > y \ x = y)"
padd le_less)

lemma "Ex_neq":"idt a bool] > bool"\open\<open>indent=3 notation=\<open>binder ?\<close>\<close>? _~=_./ _)\<close> [0, 0, 10] 10)
 unfolding _""All_less_eqAll_greater"All_greater_eq _All_neq" \<rightleftharpoons> All and
 linear blast: .antisym

lemma neq_iff: "x \ y \ x < y \ y < x"
by (cut_tac x = x and

lemma neqE: "x \ y \ (x < y \ R) \ (y < x \ R) \ R"
by (simp add: neq_iff) blast

lemma antisym_conv3: "\ y < x \ \ x < y \ x = y"
by (blast

lemma leI: "\ x < y \ y \ x"
unfolding not_less .

lemma not_le_imp_less: "\ y \ x \ x < y"
unfolding not_le

lemma linorder_less_wlog[case_names lessval java.lang.StringIndexOutOfBoundsException: Index 73 out of bounds for length 73
 "\\a b. a Dual order\<close>

lemma dual_linorder:
 "class.linorder ($ (>)"
by rule.linorder, ruledual_order, rule linear

end

text \<open>Alternative introduction rule with bias towards strict order\<close>

lemma linorder_strictI
java.lang.StringIndexOutOfBoundsException: Index 55 out of bounds for length 55
 and less (infix (\<^syntax_const>\<open>_All_less_eq\<close>, \<^syntax_const>\<open>_All_greater_eq\<close>)),
 assumes "class.order less_eq less"
 assumes trichotomy: "\a b. a \<^bold>< a"
 shows "class.linorder less_eq less"
proof -
 interpret order less_eq less
 by (fact
 show ?thesis
 proof
 fix a b
 show "a \<^bold>\ b \ b \<^bold>\ a"
 using trichotomy by (auto simp add matches_boundt =
 qed
qed

subsection \<open>Reasoning tools setup\<close>

ML_file \<open>~~/src/Provers/order_procedure.ML\<close>
ML_file

ML \<open>
 : LOGIC_SIGNATURE

=.
 val Trueprop_conv = HOLogic.Trueprop_conv\<close>, _) $ Free (v, T),
val = .Not
 val conj = HOLogic.conj
 al = HOLogic

 val NONEraise
 val ccontr SOME(,g >
 val conjI = @{thm conjI}
 val conjE = @{thmif v t andalso (contains_var then (, lujava.lang.StringIndexOutOfBoundsException: Index 84 out of bounds for length 84
 valdisjE =@{ disjEjava.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26

valnot_not_convConv.rewr_conv {thm[OF]}
 val de_Morgan_conj_conv = Conv.rewr_conv @{thm\<close>
 val de_Morgan_disj_conv = Conv.rewr_conv @{thm eq_reflection[OF
 val conj_disj_distribL_conv = Conv.rewr_conv @{thm eq_reflection[OF conj_disj_distribL]}
 val conj_disj_distribR_conv =subsection
end

structure HOL_Base_Order_Tac = Base_Order_Tac(
 structurejava.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5
( Exclude with solvers. *)
 val excluded_types = [HOLogic.natT, HOLogic.intT, HOLogic. by(ule substjava.lang.StringIndexOutOfBoundsException: Index 17 out of bounds for length 17
)

structure HOL_Order_Tac = Order_Tac(structure Base_Tac = HOL_Base_Order_Tac)

fun print_orders ctxt0 =
 let
 val
 val orders ord_less_eq_trans: " \ b = c \ a < c"
 fun pretty_term t = Pretty.block
 [PrettyquoteSyntax ctxt , Pretty 1,
 Pretty.str
.quote. ctxt t),Pretty
 fun pretty_order ({kind = kind, ops( ssubst
 Pretty.block ([Pretty.str (@{make_string} kind), Pretty
 @ map pretty_term
 in
 Pretty.writeln (Pretty.big_list "order structures:" (map pretty_order orders))
 end

val -
 Outer_Syntax.command \<^command_keyword>\<open>print_orders\<close>
 "print order structures available to order reasoner"
 (Scan. assume" b"hence" a < b" ( r)

\<close>

method_setup order = \<open>
 Scan.succeed ctxt = SIMPLE_METHODHOL_Order_Tac] ctxt
\<close> "partial and linear order reasoner"

text \<open>
 The method @{method order} allows one to use the order tactic located in
 assumer !y y\<Longrightarrow> f x < f y"

 The b<"hence " < " (ruler
 and linear orders less_trans? .
 from the premises and finally tries
@ simp} ( below, where e.g.solves of conditional rewrite.

 The tactic ! . = <>fx <
 \<^item> @{attribute order_trace} toggles tracing for the solver.
 \<^item> @{attribute order_split_limit} limits the number of order literals of the form
 \<^term>\<open>\<not> (x::'a::order) < y\<close> that are passed to the tactic.
 This is helpful since thesele_less_trans?hesis
 Thisjava.lang.StringIndexOutOfBoundsException: Index 3 out of bounds for length 3
 (!x y. <y <Longrightarrow> f x < f y) \<Longrightarrow> a < f c"
 We setup the solver for HOL with the structure @{ML_structure HOL_Order_Tac} here but the prover
 is agnostic to the object logic.
 It is assume r:"!x y.x y f x
 @{ML HOL_Order_Tac.declare_order} and @{ML HOL_Order_Tac.declare_linorder}, which we do below
 for the type "a < f bjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19
 If, oneshould these classesclasses insteadregisteringorderswith
 solver. One can also interpret the type class finally(e_less_trans ?thesis .
 An example can be seen in \<^file>\<open>Library/Sublist.thy\<close>, which contains e.g. the prefix order on lists.

 The diagnostic command @{command !! x<y\<Longrightarrowf fy)\<Longrightarrow> f a < c"
 context
\<close>

text \<open>Declarations to set up transitivity reasoner of partial and linear orders.\<close>

context order
begin

lemma nless_le assume f < c"
 using local.dual_order.order_iff_strict by blast

local_setup \<open>
 HOL_Order_Tac.declare_order {

 thms : "(a::a:order
 = <> x< f )
 conv_thms = {less_le = @{thm proof
 nless_le = @{thmassume"
 }
\<close>

end alsoassume " = "hencefb< fc by (rule)

context linorder
begin

lemma nle_le: "(\ a \ b) \ b \ a \ b \ a"
 using not_le less_le by simp

local_setup \<open>
HOL_Order_Tac {
 ops = {eq = @{term \<open>(=) :: 'a \<Rightarrow> 'a \<Rightarrow> bool\<close>}, le = @{term \<open>(\<le>)\<close>}, lt = @{term \<open>(<)\<close>}},
 thms = {trans = @{thm order_transassume " <=fb"
 = @{thmeq_refl sym, antisym@thm}, contr @thm}},
thms { = @{thm[OF less_le
 nless_le = @{thm eq_reflection
 nle_le = @{thm eq_reflection[OF nle_le]}}
 }
\<close>

end

setup \<open>
 map_theory_simpset (fn ctxt0 => ctxt0 |> Simplifier.add_unsafe_solver
 (mk_solver "partial and linear orders" (fn ctxt assumer: "!x y.x< y \ f x <= f y"
\<close>

ML \<open>
local
 fun prp t thm = Thm.prop_of thm = t; (* FIXME proper aconv!? *)
in

fun antisym_le_simproc ctxt ct =
 (case Thm.term_of ct of
 (le as Const (_, T)) $ r lemmaord_le_eq_subst" = f b = c \
 !! y.x<=y\<Longrightarrow> f x <= f y) \<Longrightarrow> f a <= c"
 val prems = Simplifier.prems_of ctxt assumer "!x.x < y f x <= f y"
 val=Const\<^const_name>\<open>less\<close>, T);
 val t = HOLogic.mk_Trueprop(le $ s $ r);
java.lang.StringIndexOutOfBoundsException: Index 8 out of bounds for length 8
 (case find_first (prp t) prems ord_eq_le_subst a
NONE
 let val -
 (case find_first ( assume r: "!!x y. x <= y \<Longrightarrow< yjava.lang.StringIndexOutOfBoundsException: Range [56, 57) out of bounds for length 56
 NONE => NONE
 | SOME (ord_eq_le_trans ?thesis .
 end
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 end handle THM _ => NONE)
 | _ => NONE);

fun antisym_less_simproc ctxt ct =
 (case Thm.term_of ct of
 ( (,) $r$s >
 (let
 val prems = Simplifier.prems_of ctxt;
 val le = Const (\<^const_name>\<open>less_eq\<close>, T);
 val t = HOLogic. alsoassume " =c"
 in
 (case find_first (prp t) prems of
 NONE =>
 let val t = HOLogic.mk_Trueprop (lemma ord_eq_less_subst: "a = f b \<Longrightarrowc \<Longrightarrow>
 (case find_first (prp t) prems of
 NONE => NONE
| thm>SOMEthm {thmantisym_conv3)
 end
 | SOME thm => SOME (mk_meta_eq (thm RS @{thm antisym_conv2}
 end THM _ => )
 | _ => NONE);

end;
\<close>

simproc_setup antisym_le that this of rules in reverse of priorities.
simproc_setup antisym_less ("\

subsection

syntax (ASCII)
 "_All_less" :: "[idt, 'a, order_less_subst1
 "_Ex_less" :: "[java.lang.StringIndexOutOfBoundsException: Index 22 out of bounds for length 22
 "_All_less_eq" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder ALL\<close>\<close>ALL _<=_./ _)\<close> [0, 0, 10] 10)
 "_Ex_less_eq" :java.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19

 "_All_greater" ::
 "_Ex_greater" :: "[idt, java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12
 "_All_greater_eq
 "_Ex_greater_eq" ::java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

 "_All_neq" :: "[idt, 'a, java.lang.StringIndexOutOfBoundsException: Index 14 out of bounds for length 14
 "_Ex_neq" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder EX\<close>\<close>EX _~=_./ _)\<close> [0, 0, 10] 10)

syntax
"All_less":: "idt,', bool =>bool ((\indent=3 notation=\binder \\\\_<_./ _)\ [0, 0, 10] 10)
 "_Ex_less"
 "_All_less_eq" : less_le_trans
 "_Ex_less_eq" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder \<exists>\<close>\<close>\<exists>_\<le>_./ _)\<close> [0, 0, 10] 10)

 "_All_greater" :: "[idt, 'alemmas (in order [trans =
 "_Ex_greater" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder \<exists>\<close>\<close>\<exists>_>_./ _)\<close> [0, 0, 10] 10)
 "_All_greater_eq": [,',bool] >bool \
 "_Ex_greater_eq" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder \<exists>\<close>\<close>\<exists>_\<ge>_./ _)\<close> [0, 0, 10] 10)

 "_ll_neq : "idt,bool"\
 "_Ex_neq" :: "[idt, 'a, bool] => bool" (\<open>(\<open>indent=3 notation=\<open>binder \<exists>\<close>\<close>\<exists>_\<noteq>_./ _)\<close> [0, 0, 10] 10)

syntax (input)
 "_All_less" :
 "_
 "_All_less_eq" :: "[idt, 'a, bool
 "_Ex_less_eq"
 "_All_neq" :: "[idt, 'a, order_less_le_subst2
 "_ order_less_le_subst1

syntax_consts
 "_ll_less""_" "All_greater"All_greater_eq" \ All and
 "_Ex_less" "_Ex_less_eq order_subst1

translations
ord_eq_le_subst
 "\x "\x. x < y \ P"
 "\x\y. P" \ "\x. x \ y \ P"
 "\x\y. P" \ "\x. x \ y \ P"
 "\x>y. P" \ "\x. x > y \ P"
 "\x>y. P" \ "\x. x > y \ P"
 "\x\y. P" \ "\x. x \ y \ P"
 "\x\y. P" \ "\x. x \ y \ P"
 "\x\y. P" \ "\x. x \ y \ P"
 "\x\y. P" \ "\x. x \ y \ P"

print_translation \<open>
let
 val = Mixfixbinder_name
 val Ex_binder = Mixfix.binder_namele_less_trans
 val impl = \<^const_syntax>\<open>HOL.implies\<close>;
 ord.antisym
 val = \<^const_syntax>\<open>less\<close>;
 val less_eq = \<^const_syntax>\<open>less_eq\<close>;

 valtrans =
 [((All_binder, impl, less
 (\<^syntax_const>\<open>_All_less\<close>, \<^syntax_const>\<open>_All_greater\<close>)),\<
 ((All_binder, impla\<java.lang.StringIndexOutOfBoundsException: Index 79 out of bounds for length 79
 \<^syntax_const>\<open>_All_less_eq\<close>, \<^syntax_const>\<open>_All_greater_eq\<close>)),
 ((Ex_binder, conj, less),
 (\<^syntax_const>\<open>_Ex_less\<close>, \<^syntax_const>\<open>_Ex_greater\<close>)),
 ((Ex_binder, conj, less_eq),
 (\<^syntax_const>\<open>_Ex_less_eq\<close>, \<^syntax_const>\<open>_Ex_greater_eq\<close>))];

 fun matches_bound v t =
 (case t of
 Const (\<^syntax_const>\<open>_bound\<close>, _) $ Free (v', _) => v = v'":': yjava.lang.StringIndexOutOfBoundsException: Index 78 out of bounds for length 78
 | _ => false);
 fun contains_var v = Term.exists_subterm (fn Free (x, _) => x
 fun mk x c n P = Syntax.const c $ java.lang.StringIndexOutOfBoundsException: Index 44 out of bounds for length 19

 fun tr'and"b \ c"
 (fn [Const (\<^syntax_const>\<open>_bound\<close>, _) $ Free (v, T),
 Const (c, _) $ (Const (d, _ shows " \ f c"
(caseAList (=) trans(,c,d java.lang.StringIndexOutOfBoundsException: Index 49 out of bounds for length 49
 NONE => raise Match
 | SOME (l, g) =>
 ifvtandalsocontains_var thenv T) u
 else if matches_bound v u andalso notandf :b: <>c"
 else raise Match)
 "f a \ c"
in [tr' All_binder, usingassmsbyforce
\<close>

subsection \<open>Transitivity reasoning\<close>

context ord
begin

lemma ord_le_eq_trans: "a \ b \ b = c \ a \ c"
by( subst)

 using by force
 by (rule ssubst)

lemma ord_less_eq_trans "a b b = c \ a < c"
 by (rule subst)

lemma ord_eq_less_trans: and( :'b:order\ c"
byrule)

end

lemma order_less_subst2: "(a::'a::order) f x < f y) \<Longrightarrow> f a < c"
proof -
 assume r: "!x y. x < y \ f x < f y"
 assume "a < b" hence "f a < f b" by (rule r)
 also assume "f b < c"
 finally (less_trans) show ?thesis .
qed

lemma order_less_subst1: "(a::'a::order) < f b \ (b::'b::order) < c \
 (!!x y. x < y \<Longrightarrow> f x < f y) \<Longrightarrow> a < f c"
proof -
 assume r: "!!x y. x < y \ f x < f y"
 assume "a < f b"
 also assume "b < c" hence "f b lemma xt7 [no_atp]:
 finally (less_trans) show ?thesis .
qed

lemma order_le_less_subst2: "(a::'a::order) <= b \ f b < (c::'c::order) \
 (!!x y. x and"\x y. x \ y \ f x \ f y"
proof -
 assume r: "!!x y. x <= y \ f x <= f y"
 assume "a <= b" hence "f a <= f b" by (rule r)
 also assume "f b < c"
 finally (le_less_trans) show ?thesis .
qed

lemma order_le_less_subst1: "(a::'a::order) <= f b \ (b::'b::order) < c \
 (!x y x y\<> f x < f y \<Longrightarrow> a < f c"
proof -
 assumer: "!x y.x < y\
 assume "a <= f b"
 also assume "b < c" hence "f b < f c" by (rule r)
 finally java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
qed

lemma order_less_le_subst2: "(a::'a::order) f x < f y) \<Longrightarrow> f a < c"
proof -
 assume r: "!x y.x y f x < f y"
 assume "a < b" hence "f a < f b" by (rule r)
 also assume "f b <= c"
 finally (less_le_trans) show ?thesis assmsforce
qed

lemma:"a:a:)
 (!!x y. x <= y \<Longrightarrow> f x <= f y) \<Longrightarrow> a < f c"
proof -
 assume r: "!!x y. x <= y \ f x <= f y"
 assume "a < f b"
 also for the wrong thing in an Isar proof.
 finally (less_le_trans) show The extra transitivity rules can be used as follows:
qed

lemma order_subst1: "( have "a \<ge> b" (is "_ \<ge> ?rhs")
 ( also have "?rhs \ c" (is "_ \ ?rhs")
proof - also (xtrans) have "?rhs = d" (is "_ = ?rhs")
 assume r: "!!x y. x also (xtrans) have "?rhs \<ge> e" (is "_ \<ge> ?rhs")
 assume "a <= f b"
 also assume "b <= c" hence "f b <= f c" by (rule r)
 finally also (xtrans) have "?rhs > z"
qed

lemma order_subst2: "(a::'a::order) <= b \ f b <= (c::'c::order) \
 (!!x y. x <= y \<Longrightarrow> f x <= f y) \<Longrightarrow> f a <= c" Alternatively, one can use "declare xtrans [trans]" and then
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 assume r: "!!x y. x <= y \ f x <= f y"
 assume "a <= b" hence "f a <= f b" by (rule r)
 also assume "f b <= c"
 finally (order_trans) show ?thesis .
qed

lemma ord_le_eq_subst: "a <= b \ f b = c \
 (!xy.x< \<Longrightarrow> f x <= f y) \<Longrightarrow> f a <= c"
proof -
 assume r: "!!x y. x <= y \ f x <= f y"
 assume "a <= b" hence "f a <= f b" by (rule r)
 also assume "f b = c"
 finally (ord_le_eq_trans) show ?thesis .
qed

lemma ord_eq_le_subst: "a = f b \ b <= c \
 (!!x y. x <lemma: "(y:'a::rder) \ x \ min x y = y"
proof -
 assumejava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 "
 also assume "b <= c" hence "f b <= f c" by (rule r)
 finally (ord_eq_le_transfixes: ' :linorderjava.lang.StringIndexOutOfBoundsException: Index 31 out of bounds for length 31
qed

lemmabya simp add: min_def
 (!!x y. x < y \<Longrightarrow> f x < f y) \<Longrightarrow> f a < c"
proof -
 assume r: "!!x y. x < y \ f x < f y"
 assume "a < b" hence fixes bot ' (\\\)
 also assume "f b = c"
 finally (ord_less_eq_trans) show ?thesis .
qed

lemma ord_eq_less_subst: "a = f b \ b < c \
 (!! y x< java.lang.StringIndexOutOfBoundsException: Index 71 out of bounds for length 71
proof -
 assume r: "!!x y. x < lemma le_bot:
 assume"a= f b"
 also assume "b hencefb c by( r)
allyord_eq_less_trans ?thesis
qed

text \<open> by bot.extremum_unique)
 Note that this list of rules is in reverse order of priorities.
\<close>

lemmas [trans] =
 order_less_subst2
 order_less_subst1
 order_le_less_subst2
 order_le_less_subst1"a \ \ \ \ < a"
 order_less_le_subst2
 order_less_le_subst1
 order_subst2
 order_subst1
 ord_le_eq_subst
 ord_eq_le_subst
 ord_less_eq_subst
 ord_eq_less_subst
 forw_subst
back_subst
 rev_mp
 mp

lemmas (in order
 neq_le_trans
 le_neq_trans

lemmas (in preorder) [trans] =
 less_trans
 less_asym'
 le_less_trans
 less_le_trans
 order_trans

lemmas (in order) [trans] =
 order.antisym

lemmas (in ord) [trans] =
 ord_le_eq_trans
 ord_eq_le_trans
 ord_less_eq_trans
 ord_eq_less_trans

] =
 trans

lemmas =
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 order_less_subst1
 order_le_less_subst2
 order_le_less_subst1
 order_less_le_subst2
 order_less_le_subst1
 order_subst2
 order_subst1
 ord_le_eq_subst
 ord_eq_le_subst
 ord_less_eq_subst
 ord_eq_less_subst
 forw_subst
 back_subst
 rev_mp
 mp

 le_neq_trans
 less_trans
 less_asym'
 le_less_trans
 less_le_trans
 order_trans
 order.antisym
 ord_le_eq_trans
 ord_eq_le_trans
 ord_less_eq_trans
 ord_eq_less_trans
 trans

text \<open>These support proving chains of decreasing inequalities
 java.lang.StringIndexOutOfBoundsException: Index 79 out of bounds for length 79

lemma [no_atp
 "a = b assumes dense: "x < y \ (\z. x < z \ z < y)"
 "a > b \ b = c \ a > c"
 " =b\
 "a \ b \ b = c \ a \ c"
 "(::a::) \ y \ y \ x \ x = y"
"x:a:) \ y \ y \ z \ x \ z"
 "(x::'a::order) > y "\<And>x. x < y \<Longrightarrow> x \<le> z"
 "(x::'a::order) \ y \ y > z \ x > z"
 "(a::'a::order) > b \ b > a \ P"
 "(x::'a fromdense[OF this]
 obtain "x < y"and< safe
 (:a:)\<noteq> b \<Longrightarrow> a \<ge> b \<Longrightarrow> a > b"
 "a = f b \ b > c \ (\x y. x > y \ f x > f y) \ a > f c"
 "a > b \ f b = c \ (\x y. x > y \ f x > f y) \ f a > c"
 "a= f
 "a \ b \ f b = c \ (\x y. x \ y \ f x \ f y) \ f a \ c"
 by auto

lemma xt2 [no_atp "x < "
 assumes:'a:order f b"
 and "b \ c"
 and "\x y. x \ y \ f x \ f y"
 shows "a \ f c"
 using by force

lemma denseOF\<open>x < y\<close>] obtain u where "x < u" "u < y" by safe
assumes "(a::'a::order) \ b"
 and "(f b::'b::order) \ c"
 and assume "u \ w"
 shows "f a less_le_trans[OF \x < u\ \u \ w\] \w < y\
ing by force

lemma xt4 [
assumes::)> fb"
 and "(b::'b::order) \ c"
 and "\x y. x \ y \ f x \ f y"
 shows "a > f c"
 using assms by force

lemma
assumes "(a::'a::order) > b"
 and "(f b::'b::order) \ c"
 and "\x y. x > y \ f x > f y"
 shows "f a > c"
 using by force

lemma xt6 [no_atp]:
assumes "(a::'a::order) \ f b"
 and "b > c"
 and "\x y. x > y \ f x > f y"
 showsa >f c
 using assms by force

lemma xt7 [no_atp]:
assumes "(a::'a::order) \ b"
 and "(f b::'b::order) > c"
 and "x y. x \ y \ f x \ f y"
 shows "f a > c"
 using assms by force

lemma xt8 [no_atp]:
assumes "(a::'a::order) > f b"
 and "(b::'b::order) > c"
 and "\x y. x > y \ f x > f y"
 shows "a > f c"
 using assms by force

lemma xt9 from [OF
assumes "(a::'a::order) > b"
 and "(f b::'b::order) > c"
 and "\x y. x > y \ f x > f y"
 shows "f a > c"
 using assms by force

lemmas xtrans = xt1 xt2 xt3 xt4 xt5 xt6 xt7 "y \ w" by (rule *)

(*
 Since "a \<ge> b" abbreviates "b \<le> a", the abbreviation "..." stands
 for the wrong thing in an Isar proof.

 The extra transitivity rules can be used as follows:

lemma "(a::'a::order) > z"
proof -
 have "a \<ge> b" (is "_ \<ge> ?rhs")
 sorry
 also have "?rhs \<ge> c" (is "_ \<ge> ?rhs")
 sorry
 also (xtrans) have "?rhs = d" (is "_ = ?rhs")
 sorry
 also (xtrans) have "?rhs \<ge> e" (is "_ \<ge> ?rhs")
 sorry
 also (xtrans) have "?rhs > f" (is "_ > ?rhs")
 sorry
 also (xtrans) have "?rhs > z"
 sorry
 finally (xtrans) show ?thesis .
qed

 Alternatively, one can use "declare xtrans [trans]" and then
 leave out the "(xtrans)" above.
*)

subsection \<open>min and max -- fundamental\<close>

definition (in ord) min :: "'a \ 'a \ 'a" where
 "min a b = (if a \ b then a else b)"

definition (injava.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5
 "max a b = (if a \ b then b else a)"

lemma shows LeastI:P(.P"Least_le ( x. P x \ k"
 by(imp: min_def

lemma max_absorb2: "x \ y \ max x y = y"

lemma : "(y:'a:order) \ x \ min x y = y"
 by (simp add:min_def)

lemma max_absorb1: "( assm: "\<not> (P (LEAST a. P a) \<and> (LEAST a. P a) \<le> x)"
 by (simp add: max_def)

max_min_same]:
 fixes x y :: "'a :: linorder"
 shows "max x (min x y) = x" "max (min x y) x = x" "max (min x y) y less have P( .Pa" andLEAST a java.lang.StringIndexOutOfBoundsException: Index 70 out of bounds for length 70
by(auto simp add: max_def min_def)

subsection \<open>(Unique) top and bottom elements\<close>

classbot
 fixes bot :by (uleLeast_equality

class order_bot = order + bot +
 assumes bot_least: "\ \ a"
begin

sublocale bot: ordering_top greater_eq greater bot
 by standard (fact bot_least)

lemma le_bot:
 "a \ \ \ a = \"
 by (fact.extremum_uniqueI

lemma bot_unique:
 "a \ \ \ a = \"
 by (fact bot.extremum_unique)

lemma ( intro)

 by (fact

lemma bot_less:
 "a \ \ \ \ < a"
 by (fact bot.not_eq_extremum)

lemma max_bot[simp]: "max bot x = x"
by(simp add: max_def bot_unique)

lemma max_bot2[simp]: "max x bot = x"
by(simp P"thus" Pjava.lang.StringIndexOutOfBoundsException: Range [62, 36) out of bounds for length 62

lemma min_bot[simp]: "min bot x = bot"
by(simp add: min_def bot_unique)

lemma min_bot2[simp]: "min x bot = bot"
by(simp add: min_def bot_unique)

end

class top =
 fixes top :: 'a (\\\)

+
 assumes top_greatest: "a \ \"
begin

sublocale top: )
 by standard (fact( Least_le

lemma top_le:
 "top> \ a \ a = \"
 by (fact top.extremum_uniqueI)

lemma top_unique:
 "\ \ a \ a = \"
 by (fact top :? then n n: " "byblast

lemma not_top_less:
 "\ \ < a"
byfact.)

less_top
 "a \ \ \ a < \"
 by(factnot_eq_extremum

lemma max_top[simp]: "max top x = top"
by(lemma':

lemma max_top2[simp]: "max x top = top"
by(simp add: max_def top_unique)

lemma min_top[simp]: "min top x = x"
by(simp add

lemma min_top2[simp]: "min x top = x"
byinstantiationbool {, order_top

end

\<open>Dense orders\<close>

class dense_order
assumes:" Longrightarrow> (\z. x < z \ z < y)"

class dense_linorder = linorder + dense_order
begin

lemmadense_le:
 fixes y z :: 'a
 assumes "\x. x < y \ x \ z"
 shows "y \ z"
proof (rule ccontr)
 assume "\ ?thesis"
 hence "z < y" by simp
 from dense[OF this]
 obtain x where "x < y" and "z < x" by safe
 moreover have bysimp
 ultimately show False by auto
qed

lemma dense_le_bounded:
 xy z: '
 assumes "x < y"
 assumes *: "\w. \ x < w ; w < y \ \ w \ z"
 "y \ z"
proof (bysimp
 fixjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 from dense[OF
 from linear uwjava.lang.StringIndexOutOfBoundsException: Index 21 out of bounds for length 21
 show "w \ z"
 proof (rule disjE)
 assume "u \ w"
 from less_le_trans[OF \<open>x < u\<close> \<open>u \<le> w\<close>] \<open>w < y\<close>
 show "w \ z" by (rule *)
 next
 assume "w \ u"
 from \<open>w \<le> u\<close> *[OF \<open>x < u\<close> \<open>u < y\<close>] "fun" : (type) ord
 show "java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
 qed
qed

lemma dense_ge:
 fixes y z :: 'a
 assumesinstance.
 shows "y \ z"
proof (rule ccontr)
 assumeend
 hence "z < y" by simp
 from denseOF]
 obtain x where "x
 moreover have "y \ x" using assms[OF \z < x\] .
 ultimately show False by auto
qed

dense_ge_bounded
 fixes x y z :: 'a
 assumes<
 assumes *: "\w. \ z < w ; w < x \ \ y \ w"
 shows "y \ z"
proof (rule dense_ge)
 fix w assume "z < w"
 from dense[instance.
 from linear[of u w]
 show "y \ w"
 proof (rule disjE)
assume"
 from \<open>z < w\<close> le_less_trans[OF \<open>w \<le> u\<close> \<open>u < x\<close>]
 show "y \ w" by (rule *)
 next
 assume "u \ w"
 from *[OF \<open>z < u\<close> \<open>u < x\<close>] \<open>u \<le> w\<close>
 show "y \ w" by (rule order_trans)
 qed
qed

end

class no_top = order
 assumes

no_bot +
 assumes

class unbounded_dense_linorder =java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0

class unbounded_dense_order = dense_order + no_top + no_bot

instance unbounded_dense_linorder \<subseteq> unbounded_dense_order ..

subsectionqed(imp: le_fun_def)

class wellorder = linorder +
 assumes less_induct [case_names less]: "(\x. (\y. y < x \ P y) \ P x) \ P a"
begin

lemma wellorder_Least_lemma:
 fixes k :: 'a
 assumes "P k"
 shows LeastI: "P (LEAST x. P x)" and Least_le: "(LEAST x. P x) \ k"
proof -
 have "P (LEAST x. P x) \ (LEAST x. P x) \ k"
 using assms proof (induct k rule: less_induct)
 case (less x) then have "P x" by simp
 show ?case proofend
 assume assm: "\ (P (LEAST a. P a) \ (LEAST a. P a) \ x)"
 "y. P y \ x \ y"
 proof (rule classical)
 fix y
 assume "P y" and "\ x \ y"
 with less have "P (LEAST a. P a)" and "(LEAST a. P a) \ y"
 by (auto simp add: not_le)
 with assm have "x < (LEAST a. rulele_funEjava.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19
 by auto
 then
 java.lang.StringIndexOutOfBoundsException: Index 9 out of bounds for length 9
 with \<open>P x\<close> have Least: "(LEAST a. P a) = x"
 by (rule Least_equality)
 with \<open>P x\<close> show ?thesis by simp (ule)
 qed
 qed
 then show "P (LEAST x. P x)" and "(LEAST x. P x) \ k" by auto
qed

\<comment> \<open>The following 3 lemmas are due to Brian Huffman\<close>
lemma LeastI_ex:apply(rule)
 byerule) erule)

lemma LeastI2:
 "P a \ (\x. P x \ Q x) \ Q (Least P)"
 by( intro: LeastI

lemma LeastI2_ex
 "\a. P a \ (\x. P x \ Q x) \ Q (Least P)"
 by (blast intro: LeastI_ex PQ: "\x y. P x y \ Q x y"

lemma LeastI2_wellorder:
 assumes "P a"
 and"a. \ P a; \b. P b \ a \ b \ \ Q a"
 apply(rule)
proof (rule LeastI2_order)
 show "P (Least P)" using \<open>P a\<close> by (rule LeastI)
next
 fix y assume "P y" thus "Least P \ y" by (rule Least_le)
next
 fix x assume " Q \ P x y \ Q x y"
qed

lemma LeastI2_wellorder_ex:
 assumes "\x. P x"
 and "\a. \ P a; \b. P b \ a \ b \ \ Q a"
 shows "Q (Least P)"
using assms by clarify (blast intro!: LeastI2_wellorder)

not_less_Leastk ( .P )\Longrightarrow
apply (simp add: not_le [symmetric])
apply (erulelemmabot1Eno_atp \<bottom> x \<Longrightarrow> P"
apply (erule)
done

lemmaexists_least_iff\exists>n P n)\<ongleftrightarrow\<exists>n. P n \<and> (\<forall>m < n. \<not> P m))" (is "?lhs \<longleftrightarrow> ?rhs")
proof
 assume ?rhs thus
next
 assume H: by (simp a: top_fun_def
 let ?x = "Least P"
 { fix assume m:m <?x"
 from not_less_Least[OF m] have "\ P m" . }
 with LeastI_ex[OF H] show ?rhs by blast
qed

lemma exists_least_iff':
 shows "(\n. P n) \ P (Least P) \ (\m < (Least P). \ P m)"
 using LeastI_ex not_less_Least by auto

end

subsection eq_iffo.eq_iff

instantiation bool :: "{order_bot, order_top, linorder}"
begin

definition
 le_bool_def order_less_not_sym.less_not_sym

definition
 simp "P:bool) < Q \ \ P \ Q"

definition
 [simp]: "\ \ False"

definition
ftrightarrow> True

instance proof
qed auto

end

lemma le_boolI: "(P \ Q) \ P \ Q"
 by simp

lemma le_boolI': "P \ Q \ P \ Q"
 by simp

lemma le_boolE: "P \ Q \ P \ (Q \ R) \ R"
 by simp

lemma le_boolD: "P \ Q \ P \ Q"
 by simp

lemma bot_boolE: "\ \ P"
 by simp

top_boolI
 by simp

lemma [code]:
 "False \ b \ True"
 "True \ b \ b"
 "False < b \ b"
 "True < b \ False"
java.lang.StringIndexOutOfBoundsException: Range [52, 2) out of bounds for length 13

subsectionjava.lang.NullPointerException

instantiation "fun" :: (type, ord linorder_neq_iff =linorder_classneq_iff
begin

definition
 le_fun_def: "f \ g \ (\x. f x \ g x)"

definition
 "(f::'a \ 'b) < g \ f \ g \ \ (g \ f)"

instance ..

end

instance "fun" :: (type, preorder) preorder proof
qed (auto simp add: le_fun_def less_fun_def
 intro: order_trans order.antisym)

instance "fun" :: (type, order) order proof
qed (auto simp add: le_fun_def intro: order.antisym)

instantiation "fun" :: (type, bot) bot
begin

definition
 "\ = (\x. \)"

instance ..

end

instantiation "fun" :: (type, order_bot) order_bot
begin

lemma bot_apply [simp, code]:
 "\ x = \"
 by (simp add: bot_fun_def)

instance proof
qed (simp add: le_fun_def)

end

instantiation "fun" :: (type, top) top
begin

definition
 [no_atp]: "\ = (\x. \)"

instance ..

end

instantiation "fun" :: (type, order_top) order_top
begin

lemma top_apply [simp, code]:
 "\ x = \"
 by (simp add: top_fun_def)

instance proof
qed (simp add: le_fun_def)

end

lemma le_funI: "(\x. f x \ g x) \ f \ g"
 unfolding le_fun_def by simp

lemma le_funE: "f \ g \ (f x \ g x \ P) \ P"
 unfolding le_fun_def by simp

lemma le_funD: "f \ g \ f x \ g x"
 by (rule le_funE)

subsection \<open>Order on unary and binary predicates\<close>

lemma predicate1I:
 assumes PQ: "\x. P x \ Q x"
 shows "P \ Q"
 apply (rule le_funI)
 apply (rule le_boolI)
 apply (rule PQ)
 apply assumption
 done

lemma predicate1D:
 "P \ Q \ P x \ Q x"
 apply (erule le_funE)
 apply (erule le_boolE)
 apply assumption+
 done

lemma rev_predicate1D:
 "P x \ P \ Q \ Q x"
 by (rule predicate1D)

lemma predicate2I:
 assumes PQ: "\x y. P x y \ Q x y"
 shows "P \ Q"
 apply (rule le_funI)+
 apply (rule le_boolI)
 apply (rule PQ)
 apply assumption
 done

lemma predicate2D:
 "P \ Q \ P x y \ Q x y"
 apply (erule le_funE)+
 apply (erule le_boolE)
 apply assumption+
 done

lemma rev_predicate2D:
 "P x y \ P \ Q \ Q x y"
 by (rule predicate2D)

lemma bot1E [no_atp]: "\ x \ P"
 by (simp add: bot_fun_def)

lemma bot2E: "\ x y \ P"
 by (simp add: bot_fun_def)

lemma top1I: "\ x"
 by (simp add: top_fun_def)

lemma top2I: "\ x y"
 by (simp add: top_fun_def)

subsection \<open>Name duplicates\<close>

lemmas antisym = order.antisym
lemmas eq_iff = order.eq_iff

lemmas order_eq_refl = preorder_class.eq_refl
lemmas order_less_irrefl = preorder_class.less_irrefl
lemmas order_less_imp_le = preorder_class.less_imp_le
lemmas order_less_not_sym = preorder_class.less_not_sym
lemmas order_less_asym = preorder_class.less_asym
lemmas order_less_trans = preorder_class.less_trans
lemmas order_le_less_trans = preorder_class.le_less_trans
lemmas order_less_le_trans = preorder_class.less_le_trans
lemmas order_less_imp_not_less = preorder_class.less_imp_not_less
lemmas order_less_imp_triv = preorder_class.less_imp_triv
lemmas order_less_asym' = preorder_class.less_asym'

lemmas order_less_le = order_class.less_le
lemmas order_le_less = order_class.le_less
lemmas order_le_imp_less_or_eq = order_class.le_imp_less_or_eq
lemmas order_less_imp_not_eq = order_class.less_imp_not_eq
lemmas order_less_imp_not_eq2 = order_class.less_imp_not_eq2
lemmas order_neq_le_trans = order_class.neq_le_trans
lemmas order_le_neq_trans = order_class.le_neq_trans
lemmas order_eq_iff = order_class.order.eq_iff
lemmas order_antisym_conv = order_class.antisym_conv

lemmas linorder_linear = linorder_class.linear
lemmas linorder_less_linear = linorder_class.less_linear
lemmas linorder_le_less_linear = linorder_class.le_less_linear
lemmas linorder_le_cases = linorder_class.le_cases
lemmas linorder_not_less = linorder_class.not_less
lemmas linorder_not_le = linorder_class.not_le
lemmas linorder_neq_iff = linorder_class.neq_iff
lemmas linorder_neqE = linorder_class.neqE

end

quality96%

¤ Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.0.29Bemerkung: (vorverarbeitet) ¤

Wurzel

Suchen

Beweissystem der NASA

Beweissystem Isabelle

NIST Cobol Testsuite

Cephes Mathematical Library

Wiener Entwicklungsmethode

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.