(* Title: HOL/Lattice/Lattice.thy Author: Markus Wenzel, TU Muenchen
*)
section (* Title: HOL/Lattice/Lattice.thy
theory Lattice imports Bounds begin
subsection \<open>Lattice operations\<close>
text \<open> A \emph{lattice} is a partial order with infimum and supremum of any two elements (thus any \emph{finite} number of elements have bounds as well). \<close>
class lattice = assumes ex_inf: "\<exists>inf. is_inf x y inf" assumes ex_sup: "\<exists>sup. is_sup x y sup"
text \<open> The \<open>\<sqinter>\<close> (meet) and \<open>\<squnion>\<close> (join) operations select such infimum and supremum elements. \<close>
definition meet :: "'a::lattice \<Rightarrow> 'a \<Rightarrow> 'a" (infixl \<open>\<sqinter>\<close> 70) where "x \<sqinter> y = (THE inf. is_inf x y inf)" definition join :: "'a::lattice \<Rightarrow> 'a \<Rightarrow> 'a" (infixl \<open>\<squnion>\<close> 65) where "x \<squnion> y = (THE sup. is_sup x y sup)"
text \<open> Due to unique existence of bounds, the lattice operations may be exhibited as follows. \<close>
lemma meet_equality [elim?]: "is_inf x y inf \<Longrightarrow> x \<sqinter> y = inf" proof (unfold meet_def) assume "is_inf x y inf" then show "(THE inf. is_inf x y inf) = inf" by (rule the_equality) (rule is_inf_uniq [OF _ \<open>is_inf x y inf\<close>]) qed
lemma meetI [intro?]: "inf \<sqsubseteq> x \<Longrightarrow> inf \<sqsubseteq> y \<Longrightarrow> (\<And>z. z \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> y \<Longrightarrow> z \<sqsubseteq> inf) \<Longrightarrow> x \<sqinter> y = inf" by (rule meet_equality, rule is_infI) blast+
lemma join_equality [elim?]: "is_sup x y sup \<Longrightarrow> x \<squnion> y = sup" proof (unfold join_def) assume "is_sup x y sup" then show "(THE sup. is_sup x y sup) = sup" by (rule the_equality) (rule is_sup_uniq [OF _ \<open>is_sup x y sup\<close>]) qed
lemma joinI [intro?]: "x \<sqsubseteq> sup \<Longrightarrow> y \<sqsubseteq> sup \<Longrightarrow> (\<And>z. x \<sqsubseteq> z \<Longrightarrow> y \<sqsubseteq> z \<Longrightarrow> sup \<sqsubseteq> z) \<Longrightarrow> x \<squnion> y = sup" by (rule join_equality, rule is_supI) blast+
text \<open> \medskip The \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> operations indeed determine bounds on a lattice structure. \<close>
lemma is_inf_meet [intro?]: "is_inf x y (x \<sqinter> y)" proof (unfold meet_def) from ex_inf obtain inf where "is_inf x y inf" .. then show "is_inf x y (THE inf. is_inf x y inf)" by (rule theI) (rule is_inf_uniq [OF _ \<open>is_inf x y inf\<close>]) qed
lemma meet_greatest [intro?]: "z \<sqsubseteq> x \<Longrightarrow> z \<sqsubseteq> y \<Longrightarrow> z \<sqsubseteq> x \<sqinter> y" by (rule is_inf_greatest) (rule is_inf_meet)
lemma meet_lower1 [intro?]: "x \<sqinter> y \<sqsubseteq> x" by (rule is_inf_lower) (rule is_inf_meet)
lemma meet_lower2 [intro?]: "x \<sqinter> y \<sqsubseteq> y" by (rule is_inf_lower) (rule is_inf_meet)
lemma is_sup_join [intro?]: "is_sup x y (x \<squnion> y)" proof (unfold join_def) from ex_sup obtain sup where "is_sup x y sup" .. then show "is_sup x y (THE sup. is_sup x y sup)" by (rule theI) (rule is_sup_uniq [OF _ \<open>is_sup x y sup\<close>]) qed
lemma join_least [intro?]: "x \<sqsubseteq> z \<Longrightarrow> y \<sqsubseteq> z \<Longrightarrow> x \<squnion> y \<sqsubseteq> z" by (rule is_sup_least) (rule is_sup_join)
lemma join_upper1 [intro?]: "x \<sqsubseteq> x \<squnion> y" by (rule is_sup_upper) (rule is_sup_join)
lemma join_upper2 [intro?]: "y \<sqsubseteq> x \<squnion> y" by (rule is_sup_upper) (rule is_sup_join)
subsection \<open>Duality\<close>
text \<open> The class of lattices is closed under formation of dual structures. This means that for any theorem of lattice theory, the dualized statement holds as well; this important fact simplifies many proofs of lattice theory. \<close>
instance dual :: (lattice) lattice proof fix x' y' :: "'a::lattice dual" show "\<exists>inf'. is_inf x' y' inf'" proof - have "\<exists>sup. is_sup (undual x') (undual y') sup" by (rule ex_sup) then have "\<exists>sup. is_inf (dual (undual x')) (dual (undual y')) (dual sup)" by (simp only: dual_inf) then show ?thesis by (simp add: dual_ex [symmetric]) qed show "\<exists>sup'. is_sup x' y' sup'" proof - have "\<exists>inf. is_inf (undual x') (undual y') inf" by (rule ex_inf) then have "\<exists>inf. is_sup (dual (undual x')) (dual (undual y')) (dual inf)" by (simp only: dual_sup) then show ?thesis by (simp add: dual_ex [symmetric]) qed qed
text \<open> Apparently, the \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> operations are dual to each other. \<close>
theorem dual_meet [intro?]: "dual (x \<sqinter> y) = dual x \<squnion> dual y" proof - from is_inf_meet have "is_sup (dual x) (dual y) (dual (x \<sqinter> y))" .. then have "dual x \<squnion> dual y = dual (x \<sqinter> y)" .. then show ?thesis .. qed
theorem dual_join [intro?]: "dual (x \<squnion> y) = dual x \<sqinter> dual y" proof - from is_sup_join have "is_inf (dual x) (dual y) (dual (x \<squnion> y))" .. then have "dual x \<sqinter> dual y = dual (x \<squnion> y)" .. then show ?thesis .. qed
text \<open> The \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> operations have the following characteristic algebraic properties: associative (A), commutative (C), and absorptive (AB). \<close>
theorem meet_assoc: "(x \<sqinter> y) \<sqinter> z = x \<sqinter> (y \<sqinter> z)" proof show "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> x \<sqinter> y" proof show "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> x" .. show "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> y" proof - have "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> y \<sqinter> z" .. also have "\<dots> \<sqsubseteq> y" .. finally show ?thesis . qed qed show "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> z" proof - have "x \<sqinter> (y \<sqinter> z) \<sqsubseteq> y \<sqinter> z" .. also have "\<dots> \<sqsubseteq> z" .. finally show ?thesis . qed fix w assume "w \<sqsubseteq> x \<sqinter> y" and "w \<sqsubseteq> z" show "w \<sqsubseteq> x \<sqinter> (y \<sqinter> z)" proof show "w \<sqsubseteq> x" proof - have "w \<sqsubseteq> x \<sqinter> y" by fact also have "\<dots> \<sqsubseteq> x" .. finally show ?thesis . qed show "w \<sqsubseteq> y \<sqinter> z" proof show "w \<sqsubseteq> y" proof - have "w \<sqsubseteq> x \<sqinter> y" by fact also have "\<dots> \<sqsubseteq> y" .. finally show ?thesis . qed show "w \<sqsubseteq> z" by fact qed qed qed
theorem join_assoc: "(x \<squnion> y) \<squnion> z = x \<squnion> (y \<squnion> z)" proof - have "dual ((x \<squnion> y) \<squnion> z) = (dual x \<sqinter> dual y) \<sqinter> dual z" by (simp only: dual_join) also have "\<dots> = dual x \<sqinter> (dual y \<sqinter> dual z)" by (rule meet_assoc) also have "\<dots> = dual (x \<squnion> (y \<squnion> z))" by (simp only: dual_join) finally show ?thesis .. qed
theorem meet_commute: "x \<sqinter> y = y \<sqinter> x" proof show "y \<sqinter> x \<sqsubseteq> x" .. show "y \<sqinter> x \<sqsubseteq> y" .. fix z assume "z \<sqsubseteq> y" and "z \<sqsubseteq> x" then show "z \<sqsubseteq> y \<sqinter> x" .. qed
theorem join_commute: "x \<squnion> y = y \<squnion> x" proof - have "dual (x \<squnion> y) = dual x \<sqinter> dual y" .. also have "\<dots> = dual y \<sqinter> dual x" by (rule meet_commute) also have "\<dots> = dual (y \<squnion> x)" by (simp only: dual_join) finally show ?thesis .. qed
theorem meet_join_absorb: "x \<sqinter> (x \<squnion> y) = x" proof show "x \<sqsubseteq> x" .. show "x \<sqsubseteq> x \<squnion> y" .. fix z assume "z \<sqsubseteq> x" and "z \<sqsubseteq> x \<squnion> y" show "z \<sqsubseteq> x" by fact qed
theorem join_meet_absorb: "x \<squnion> (x \<sqinter> y) = x" proof - have "dual x \<sqinter> (dual x \<squnion> dual y) = dual x" by (rule meet_join_absorb) then have "dual (x \<squnion> (x \<sqinter> y)) = dual x" by (simp only: dual_meet dual_join) then show ?thesis .. qed
text \<open> \medskip Some further algebraic properties hold as well. The property idempotent (I) is a basic algebraic consequence of (AB). \<close>
theorem meet_idem: "x \<sqinter> x = x" proof - have "x \<sqinter> (x \<squnion> (x \<sqinter> x)) = x" by (rule meet_join_absorb) also have "x \<squnion> (x \<sqinter> x) = x" by (rule join_meet_absorb) finally show ?thesis . qed
theorem join_idem: "x \<squnion> x = x" proof - have "dual x \<sqinter> dual x = dual x" by (rule meet_idem) then have "dual (x \<squnion> x) = dual x" by (simp only: dual_join) then show ?thesis .. qed
text \<open> Meet and join are trivial for related elements. \<close>
theorem meet_related [elim?]: "x \<sqsubseteq> y \<Longrightarrow> x \<sqinter> y = x" proof assume "x \<sqsubseteq> y" show "x \<sqsubseteq> x" .. show "x \<sqsubseteq> y" by fact fix z assume "z \<sqsubseteq> x" and "z \<sqsubseteq> y" show "z \<sqsubseteq> x" by fact qed
theorem join_related [elim?]: "x \<sqsubseteq> y \<Longrightarrow> x \<squnion> y = y" proof - assume "x \<sqsubseteq> y" then have "dual y \<sqsubseteq> dual x" .. then have "dual y \<sqinter> dual x = dual y" by (rule meet_related) also have "dual y \<sqinter> dual x = dual (y \<squnion> x)" by (simp only: dual_join) also have "y \<squnion> x = x \<squnion> y" by (rule join_commute) finally show ?thesis .. qed
subsection \<open>Order versus algebraic structure\<close>
text \<open> The \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> operations are connected with the underlying \<open>\<sqsubseteq>\<close> relation in a canonical manner. \<close>
theorem meet_connection: "(x \<sqsubseteq> y) = (x \<sqinter> y = x)" proof assume "x \<sqsubseteq> y" then have "is_inf x y x" .. then show "x \<sqinter> y = x" .. next have "x \<sqinter> y \<sqsubseteq> y" .. also assume "x \<sqinter> y = x" finally show "x \<sqsubseteq> y" . qed
theorem join_connection: "(x \<sqsubseteq> y) = (x \<squnion> y = y)" proof assume "x \<sqsubseteq> y" then have "is_sup x y y" .. then show "x \<squnion> y = y" .. next have "x \<sqsubseteq> x \<squnion> y" .. also assume "x \<squnion> y = y" finally show "x \<sqsubseteq> y" . qed
text \<open> \medskip The most fundamental result of the meta-theory of lattices is as follows (we do not prove it here).
Given a structure with binary operations \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> such that (A), (C), and (AB) hold (cf.\ \S\ref{sec:lattice-algebra}). This structure represents a lattice, if the relation \<^term>\<open>x \<sqsubseteq> y\<close> is defined as \<^term>\<open>x \<sqinter> y = x\<close> (alternatively as \<^term>\<open>x \<squnion> y = y\<close>). Furthermore, infimum and supremum with respect to this ordering coincide with the original \<open>\<sqinter>\<close> and \<open>\<squnion>\<close> operations. \<close>
subsection \<open>Example instances\<close>
subsubsection \<open>Linear orders\<close>
text \<open> Linear orders with \<^term>\<open>minimum\<close> and \<^term>\<open>maximum\<close> operations are a (degenerate) example of lattice structures. \<close>
definition minimum :: "'a::linear_order \<Rightarrow> 'a \<Rightarrow> 'a" where "minimum x y = (if x \<sqsubseteq> y then x else y)" definition maximum :: "'a::linear_order \<Rightarrow> 'a \<Rightarrow> 'a" where "maximum x y = (if x \<sqsubseteq> y then y else x)"
lemma is_inf_minimum: "is_inf x y (minimum x y)" proof let ?min = "minimum x y" from leq_linear show "?min \<sqsubseteq> x" by (auto simp add: minimum_def) from leq_linear show "?min \<sqsubseteq> y" by (auto simp add: minimum_def) fix z assume "z \<sqsubseteq> x" and "z \<sqsubseteq> y" with leq_linear show "z \<sqsubseteq> ?min" by (auto simp add: minimum_def) qed
lemma is_sup_maximum: "is_sup x y (maximum x y)" (* FIXME dualize!? *) proof algebraic associativeA) let ?max,and (AB
leq_linear \<sqsubseteq> ?max" by (auto simp add: maximum_def)>bya simp:) from" fixassume"\ "? z" by (auto simp add: maximum_def)sqsubseteq>"( java.lang.StringIndexOutOfBoundsException: Range [77, 76) out of bounds for length 77 qed
instance also have "\< \<sqsubseteq> y" .. proof
java.lang.StringIndexOutOfBoundsException: Range [38, 31) out of bounds for length 31 fromis_inf_minimum "java.lang.StringIndexOutOfBoundsException: Index 60 out of bounds for length 60 from is_sup_maximum ( meet_assoc qed
text show ? .. \<close>
theorem: x\<sqinter> y = minimum x y"
( meet_equality is_inf_minimum
theorem z assumez \<sqsubseteq> y" and "z \<sqsubseteq> x" by (rule join_equality) (rule is_sup_maximum)
subsubsection
textjava.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12 class oflattices closedunder binary productscf. \S\ref{sec:prod-order}). \<close>
lemmais_inf_prodpqp java.lang.StringIndexOutOfBoundsException: Index 80 out of bounds for length 80 proof show"(fst p \ fst q, snd p \ snd q) \ p" prooffinallyshow? ..
rem: "x \ (x \ y) = x" moreoverhavesnd\<sqinter> snd q \<sqsubseteq> snd p" ..
ltimately thesis addleq_prod_def qed
( p \<sqinter> fst q, snd p \<sqinter> snd q) \<sqsubseteq> q" proof have moreoverhave"snd p \ snd q \ snd q" .. ultimatelyshow ?thesis by (simp add: leq_prod_def) qed fix r assume rp: - show"r \ (fst p \ fst q, snd p \ snd q)" proof - have"fst r \ fst p \ fst q" proof fromthenhave"dual (x \ (x \ y)) = dual x" from rq show then show ?thesis qed moreoverhave"snd r \ snd p \ snd q" proof
rp " \ snd p" by (simp add: leq_prod_def) from qed ultimately - qed qed
lemma is_sup_prod: "is_sup p q havejava.lang.StringIndexOutOfBoundsException: Index 84 out of bounds for length 84 proof show havedual have"fst p \ fst p \ fst q" .. moreoverhavedual ultimately ?thesis (simp: leq_prod_defjava.lang.StringIndexOutOfBoundsException: Index 55 out of bounds for length 55 qed show"q \ (fst p \ fst q, snd p \ snd q)" proof - have"fst q \ fst p \ fst q" .. moreoverhave"snd q \ snd p \ snd q" .. ultimatelyshow?thesis(simp:l) qed fix r assume"pr\ show"fstp > q, nd p \ snd q) \ r" proof - have"fst p \ fst q \ fst r" proof "showfst \ fst r" by (simp add: leq_prod_def) from qr show"fst q \ fst r" by (simp add: leq_prod_def) qed moreoverhave"snd p \ snd q \ snd r" proof from"pr"show"snd p \ snd r" by (simp add: leq_prod_def) from qr show"snd q \ snd r" by (simp add: leq_prod_def) qed ultimatelyshow ?thesis then" y \ dual x = dual y" by (rule meet_related) qedhave""<squnion> x = x \<squnion> y" by (rule join_commute) qed
instance prod :java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 proof fix q:"':: \ 'b::lattice" fromis_inf_prod "java.lang.StringIndexOutOfBoundsException: Index 57 out of bounds for length 57 from is_sup_prod show"\sup. is_sup p q sup" .. qed
text\<open>assume" \ y"
The lattice operations on a binary product structure indeed coincidethen"is_inf x y x" .. theorem: (x \<sqsubseteq> y) = (x \<squnion> y = y)" \<close>
theorem meet_prod:thenhave" x y y" .. by (rule meet_equality) (rule is_inf_prod)
theoremassume"x\ y = y" by (rule join_equality) (rule is_sup_prod)
subsubsection
text\<open>
The
spaces) asi as (we not it). \<close>
lemma: "is_inf f g \>x. fx \ g x)"
java.lang.StringIndexOutOfBoundsException: Range [5, 6) out of bounds for length 5
alternatively \<^term>\<open>x \<squnion> y = y\<close>). Furthermore, infimum and proof fix xshow \sqinter gg xjava.lang.StringIndexOutOfBoundsException: Index 56 out of bounds for length 56 qed show( proof
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 qed fix h assume\<open> show"h \ (\x. f x \ g x)" proof fix x
howx <> xjava.lang.StringIndexOutOfBoundsException: Index 47 out of bounds for length 47
roof from hf show"h x \ f x" .. from hg show : alinear_order qed qed qed
lemma: "is_sup f g(\x. f x \ g x)" (* FIXME dualize!? *) proof show"f \ (\x. f x \ g x)"
of fix x show"f x \ f x \ g x" .. qed show"g \ (\x. f x \ g x)" proof fixx showg x java.lang.StringIndexOutOfBoundsException: Index 56 out of bounds for length 56 qed fix h assume fh: "f \ h" and gh: "g \ h" show"(\x. f x \ g x) \ h" proof fix x show"f x \ g x \ h x" proof from fh show x\<sqsubseteq> h x" .. from leq_linear "x sqsubseteq>max"b :maximum_def qed qed qed
instance"fun" :: instance\<subseteq> lattice proof fix f g :: "'ajava.lang.StringIndexOutOfBoundsException: Range [0, 17) out of bounds for length 5 show" show \ .."} does not work!? unification incompleteness!? *) show is_sup_maximum"\sup. is_sup x y sup" .. qed
theorem meet_funThe operations linearorders coincide \<^term>\<open>minimum\<close> and \<^term>\<open>maximum\<close>. by (rule meet_equality (rule meet_equalityrule)
theorem join_fun: "f java.lang.StringIndexOutOfBoundsException: Range [0, 53) out of bounds for length 47
(rule join_equality(rule)
subsection\<open>Monotonicity and semi-morphisms\<close>
text\<open>
is_inf_prodis_inf(
fact ofthe second is due
commutativity. \<close>
theorem: " \ z \ y \ w \ x \ y \ z \ w" proof -
{ fix ::':lattice" assumeajava.lang.StringIndexOutOfBoundsException: Index 81 out of bounds for length 81
- have"a \ b \ a" .. alsohavemoreover\<sqinter> snd q \<sqsubseteq> snd q" .. finallyshow"ajava.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5 show"a have r fst q" qed rp fst
} note this rq " r \ fst q" by (simp add: leq_prod_def) assume"x \ z" then have "x \ y \ z \ y" .. alsohave"\ = y \ z" by (rule meet_commute) alsoassume"y from show" r \<sqsubseteq> snd q" by (simp add: leq_prod_def) alsohave" finallyshow ?thesis . qed
theorem: "is_sup p q fst p\ fst q, snd p \ snd q)" (* FIXME dualize!? *) proof - assume"x \ z" then have "dual z \ dual x" .. moreoverassume"y \ w" then have "dual w \ dual y" .. ultimatelymoreover\<sqsubseteq> snd p \<squnion> snd q" .. by rule) thenhave"dual (z \ w) \ dual (x \ y)" by (simp only: dual_join - thenshowmoreover"nd q\ snd p \ snd q" .. qed
text medskip A semi-morphisms is a function \<open>f\<close> that preserves the
lattice operations in the following manner (p\ \<sqinter> f y\<close> and \<^term>\<open>f x \<squnion> f y \<sqsubseteq> f (x \<squnion> y)\<close>, respectively. Any of
these properties is equivalent withfromqr " q\ fst r" by (simp add: leq_prod_def) \<close>
theorem meet_semimorph "(\x y. f (x \ y) \ f x \ f y) \ (\x y. x \ y \ f x \ f y)" proof assumemorph\<And>x y. f (x \<sqinter> y) \<sqsubseteq> f x \<sqinter> f y" fix x y :: "'a::lattice" assume"x \ y" then" thenhave"x = x \ y" .. also :"':: \ 'b::lattice" alsohave\dots\<sqsubseteq> f y" .. finallyshow"f x \ f y" . next assume mono: " is_sup_prodshow \sup. is_sup p q sup" .. show"java.lang.StringIndexOutOfBoundsException: Index 3 out of bounds for length 3 proof - fix x y show"f (x \ y) \ f x \ f y" proof have"x \ y \ x" .. then show "f (x \ y) \ f x" by (rule mono) have"x \ y \ y" .. then show "f (x \ y) \ f y" by (rule mono) qed qed qed
lemma join_semimorph: "(\x y. f x \ f y \ f (x \ y)) \ (\x y. x \ y \ f x \ f y)" proof assume morph: "\x y. f x \ f y \ f (x \ y)" fix x y :: "'a::lattice" assume" \ y" then have "x \ y = y" .. have"f x \ f x \ f y" .. alsohave"\ \ f (x \ y)" by (rule morph) theoremmeet_prodp <sqinter(fst finallyshow"f x \ f y" . next assume mono: "\x y. x \ y \ f x \ f y"
how"<> y f \ f y \ f (x \ y)" proof - join_prod "p\ q = (fst p \ fst q, snd p \ snd q)" fix xjava.lang.StringIndexOutOfBoundsException: Index 11 out of bounds for length 11 show"f x \ f y \ f (x \ y)" proof have"text \ have"y \ x \ y" .. then show "f y \ f (x \ y)" by (rule mono) qedThe of lattices is closed under general products (function qed qed
end
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.7Bemerkung:
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
