theory RAMiCS imports Main begin declare [[ smt_solver = remote_z3]] declare [[ smt_timeout = 60 ]] declare [[ z3_options = "-memory:500" ]] context order begin (* Pointfree ordering *) definition pleq :: "('a \ 'a) \ ('a \ 'a) \ bool" (infix "\" 50) where "pleq f g \ \x. f x \ g x" definition isotone :: "('a \ 'a) set" where "isotone f \ \x y. x \ y \ f x \ f y" lemma isotoneD: "\isotone f; x \ y\ \ f x \ f y" by (metis isotone_def) definition idempotent :: "('a \ 'a) set" where "idempotent f \ f \ f = f" (* Lub *) definition is_ub :: "'a \ 'a set \ bool" where "is_ub x A \ (\y\A. y \ x)" definition is_lub :: "'a \ 'a set \ bool" where "is_lub x A \ is_ub x A \ (\y.(\z\A. z \ y) \ x \ y)" lemma is_lub_equiv: "is_lub x A \ (\z. (x \ z \ (\y\A. y \ z)))" by (metis is_lub_def is_ub_def order_refl order_trans) lemma is_lub_unique: "is_lub x A \ is_lub y A \ x = y" by (metis antisym is_lub_def is_ub_def) definition lub :: "'a set \ 'a" ("\") where "\ A = (THE x. is_lub x A)" lemma the_lub_leq: "\\z. is_lub z X; \z. is_lub z X \ z \ x\ \ \ X \ x" by (metis is_lub_unique lub_def the_equality) lemma the_lub_geq: "\\z. is_lub z X; \z. is_lub z X \ x \ z\ \ x \ \ X" by (metis is_lub_unique lub_def the_equality) lemma singleton_lub: "\ {y} = y" by (simp only: lub_def, rule the_equality, simp_all add: is_lub_def is_ub_def, metis eq_iff) lemma surjective_lub: "surj \" by (metis singleton_lub surj_def) lemma lub_subset: "\X \ Y; is_lub x X; is_lub y Y\ \ x \ y" by (metis in_mono is_lub_def is_ub_def) lemma lub_is_lub [elim?]: "is_lub w A \ \ A = w" by (metis is_lub_unique lub_def the_equality) definition is_lb :: "'a \ 'a set \ bool" where "is_lb x A \ (\y\A. x \ y)" definition is_glb :: "'a \ 'a set \ bool" where "is_glb x A \ is_lb x A \ (\y.(\z\A. y \ z) \ y \ x)" lemma is_glb_equiv: "is_glb x A \ (\z. (z \ x \ (\y\A. z \ y)))" by (metis is_glb_def is_lb_def order_refl order_trans) lemma is_glb_unique: "is_glb x A \ is_glb y A \ x = y" by (metis antisym is_glb_def is_lb_def) definition glb :: "'a set \ 'a" ("\") where "\ A = (THE x. is_glb x A)" lemma the_glb_leq: "\\z. is_glb z X; \z. is_glb z X \ x \ z\ \ x \ \ X" by (metis glb_def is_glb_unique the_equality) lemma glb_is_glb [elim?]: "is_glb w A \ \ A = w" by (metis is_glb_unique glb_def the_equality) lemma is_glb_from_is_lub: "\is_lub x {b. \a\A. b \ a}\ \ is_glb x A" by (smt Collect_def is_glb_def is_lb_def is_lub_equiv mem_def order_refl) lemma is_lub_from_is_glb: "\is_glb x {b. \a\A. a \ b}\ \ is_lub x A" by (smt Collect_def is_lub_def is_ub_def is_glb_equiv mem_def order_refl) definition join :: "'a \ 'a \ 'a" (infixl "\" 70) where "x \ y = \ {x,y}" definition meet :: "'a \ 'a \ 'a" (infixl "\" 70) where "x \ y = \ {x,y}" (* Join and meet preserving maps *) definition ex_join_preserving :: "('a \ 'a) set" where "ex_join_preserving f \ \X\UNIV. (\x. is_lub x X) \ \ (f ` X) = f (\ X)" definition ex_meet_preserving :: "('a \ 'a) set" where "ex_meet_preserving g \ \X\UNIV. (\x. is_glb x X) \ \ (g ` X) = g (\ X)" definition join_preserving :: "('a \ 'a) set" where "join_preserving f \ \X\UNIV. \ (f ` X) = f (\ X)" definition meet_preserving :: "('a \ 'a) set" where "meet_preserving g \ \X\UNIV. \ (g ` X) = g (\ X)" lemma is_lub_to_is_glb_var: "order.is_lub (\x y. y \ x) z {x, y} = is_glb z {x, y}" proof - interpret int: order "\(x::'a) y. y \ x" "\x y. y < x" apply unfold_locales apply (metis less_le_not_le) apply (metis eq_refl) apply (metis order_trans) by (metis eq_iff) show ?thesis by (simp add: int.is_lub_def int.is_ub_def is_glb_def is_lb_def) qed end (* Join and meet semilattices *) class join_semilattice = order + assumes join_ex: "\x y. \z. is_lub z {x,y}" begin lemma leq_def: "x \ y \ x\y = y" by (smt emptyE insertCI insertE is_lub_def is_ub_def join_ex le_less less_le_not_le lub_is_lub ord_eq_le_trans join_def) lemma add_idem: "x \ x = x" by (metis leq_def order_refl) lemma add_comm: "x \ y = y \ x" by (metis insert_commute join_def) lemma add_assoc: "(x \ y) \ z = x \ (y \ z)" proof - have "(x \ y) \ z \ x \ (y \ z)" by (simp add: join_def, smt insertCI insertE is_lub_def is_lub_equiv is_ub_def join_ex lub_is_lub singletonE) thus ?thesis by (simp add: join_def, smt insertCI insertE is_lub_def is_ub_def join_ex lub_is_lub order_trans singletonE eq_iff) qed lemma ex_join_preserving_iso: "ex_join_preserving f \ isotone f" proof (rule classical) assume not_iso: "\ isotone f" and join_pres: "ex_join_preserving f" obtain x and y where xy: "x \ y \ \ (f x \ f y)" by (metis isotone_def not_iso) have "\z. is_lub z {x,y}" by (metis join_ex) hence "f (\ {x,y}) = \ {f x, f y}" by (smt ex_join_preserving_def join_pres subset_UNIV image_empty image_insert) hence "x = y" by (metis join_def leq_def xy) thus "isotone f" by (metis order_refl xy) qed end class meet_semilattice = order + assumes meet_ex: "\x y. \z. is_glb z {x,y}" sublocale meet_semilattice \ dual!: join_semilattice "op \" "op >" proof fix x y z :: 'a show "(y < x) = (y \ x \ \ x \ y)" using less_le_not_le . show "x \ x" by simp show "\y \ x; z \ y\ \ z \ x" by simp show "\y \ x; x \ y\ \ x = y" by simp have "\x y. \z. order.is_glb (\x y. x \ y) z {x, y}" by (metis meet_ex) thus "\x y. \z. order.is_lub (\x y. y \ x) z {x, y}" by (metis is_lub_to_is_glb_var) qed context meet_semilattice begin lemma leq_def2: "x \ y \ y\x = x" by (smt antisym emptyE glb_is_glb insertCI insertE is_glb_def is_lb_def meet_def meet_ex ord_le_eq_trans order_refl) lemma mult_idem: "x \ x = x" by (metis leq_def2 order_refl) lemma mult_comm: "x \ y = y \ x" by (metis insert_commute meet_def) lemma bin_glb_var: "x\y \ z \ x \ z \ y \ z" proof assume a: "z \ x\y" hence "\ {x,z} = z" by (metis leq_def2 glb_is_glb insertI1 is_glb_equiv meet_ex meet_def) moreover have "\ {y,z} = z" by (metis a leq_def2 glb_is_glb insertI1 is_glb_equiv meet_ex mult_comm meet_def) ultimately show "z \ x \ z \ y" by (metis leq_def2 meet_def) next assume "z \ x \ z \ y" thus "z \ x \ y" by (smt emptyE glb_is_glb insertE is_glb_equiv meet_ex meet_def ord_le_eq_trans) qed lemma mult_assoc: "(x \ y) \ z = x \ (y \ z)" proof - have "(x \ y) \ z \ x \ (y \ z)" by (metis eq_refl bin_glb_var) thus ?thesis by (metis antisym bin_glb_var order_refl) qed lemma ex_meet_preserving_iso: "ex_meet_preserving f \ isotone f" proof (rule classical) assume not_iso: "\ isotone f" and meet_pres: "ex_meet_preserving f" obtain x and y where xy: "x \ y \ \ (f x \ f y)" by (metis isotone_def not_iso) have "\z. is_glb z {x,y}" by (metis meet_ex) hence "f (\ {x,y}) = \ {f x, f y}" by (smt ex_meet_preserving_def meet_pres subset_UNIV image_empty image_insert) hence "x = y" by (metis leq_def2 meet_def mult_comm xy) thus "isotone f" by (metis order_refl xy) qed end (* Lattices *) class lattice = join_semilattice + meet_semilattice begin lemma absorb1: "x \ (x \ y) = x" by (metis add_comm leq_def2 leq_def mult_assoc mult_idem) lemma absorb2: "x \ (x \ y) = x" by (metis add_assoc add_idem leq_def2 leq_def mult_comm) lemma order_change: "x\y = y \ y\x = x" by (metis leq_def2 leq_def) end (* Complete join semilattices *) class complete_join_semilattice = order + assumes lub_ex: "\x. is_lub x A" sublocale complete_join_semilattice \ join_semilattice by (unfold_locales, metis lub_ex) context complete_join_semilattice begin lemma bot_ax: "\!b. \x. b \ x" by (metis empty_iff eq_iff is_lub_def lub_ex) definition bot :: "'a" ("\") where "\ \ THE x. \ y. x \ y" lemma prop_bot: "\x. \ \ x" by (simp only: bot_def, rule the1I2, smt bot_ax, metis) lemma is_lub_lub [intro?]: "is_lub (\ X) X" by (metis lub_ex lub_is_lub) lemma lub_greatest [intro?]: "(\y. y \ X \ y \ x) \ \ X \ x" by (metis is_lub_equiv is_lub_lub) lemma lub_least [intro?]: "x \ X \ x \ \ X" by (metis is_lub_def is_lub_lub is_ub_def) lemma empty_lub [simp]: "\ {} = \" by (metis emptyE is_lub_equiv lub_is_lub prop_bot) lemma bot_oner [simp]: "x \ \ = x" by (metis add_comm leq_def prop_bot) lemma bot_onel [simp]: "\ \ x = x" by (metis leq_def prop_bot) end (* Complete meet semilattice *) class complete_meet_semilattice = order + assumes glb_ex: "\x. is_glb x A" sublocale complete_meet_semilattice \ meet_semilattice by (unfold_locales, metis glb_ex) context complete_meet_semilattice begin lemma top_ax: "\!t. \x. x \ t" by (metis empty_iff eq_iff glb_ex is_glb_def) definition top :: "'a" ("\") where "\ \ THE x. \ y. y \ x" lemma prop_top: "\x. x \ \" by (simp only: top_def, rule the1I2, metis top_ax, metis) lemma is_glb_glb [intro?]: "is_glb (\ X) X" by (metis glb_ex glb_is_glb) lemma glb_greatest [intro?]: "(\y. y \ X \ x \ y) \ x \ \ X" by (metis is_glb_def is_glb_glb) lemma glb_least [intro?]: "x \ X \ \ X \ x" by (metis is_glb_def is_glb_glb is_lb_def) lemma empty_glb [simp]: "\ {} = \" by (metis empty_iff glb_is_glb is_glb_def is_lb_def prop_top) end class complete_lattice = complete_join_semilattice + complete_meet_semilattice begin lemma univ_lub: "\ UNIV = \" by (metis eq_iff is_lub_equiv iso_tuple_UNIV_I lub_is_lub prop_top) lemma univ_glb: "\ UNIV = \" by (metis eq_iff glb_is_glb is_glb_equiv iso_tuple_UNIV_I prop_bot) end sublocale complete_lattice \ lattice by unfold_locales (* sublocale complete_join_semilattice \ complete_lattice by (unfold_locales, smt is_lub_lub Collect_def is_glb_from_is_lub) sublocale complete_meet_semilattice \ complete_lattice by (unfold_locales, smt is_glb_glb Collect_def is_lub_from_is_glb) *) definition order_monomorphism :: "('a::order \ 'b::order) set" where "order_monomorphism f \ \x y. (f x \ f y) \ (x \ y)" definition order_isomorphism :: "('a::order \ 'b::order) set" where "order_isomorphism f \ order_monomorphism f \ surj f" lemma order_monomorphism_inj: "order_monomorphism f \ inj f" by (simp add: order_monomorphism_def inj_on_def order_eq_iff) lemma order_monomorphism_iso: "order_monomorphism f \ isotone f" by (simp add: order_monomorphism_def isotone_def) (* +------------------------------------------------------------------------+ | Fixpoints and Prefix Points | +------------------------------------------------------------------------+ *) context complete_lattice begin definition is_pre_fp :: "'a \ ('a \ 'a) \ bool" where "is_pre_fp x f \ f x \ x" definition is_post_fp :: "'a \ ('a \ 'a) \ bool" where "is_post_fp x f \ x \ f x" definition is_fp :: "'a \ ('a \ 'a) \ bool" where "is_fp x f \ f x = x" lemma is_fp_def_var: "is_fp x f = (is_pre_fp x f \ is_post_fp x f)" by (metis antisym eq_refl is_fp_def is_post_fp_def is_pre_fp_def) definition is_lpp :: "'a \ ('a \ 'a) \ bool" where "is_lpp x f \ (is_pre_fp x f) \ (\y. f y \ y \ x \ y)" lemma is_lpp_def_var: "is_lpp x f = (f x \ x \ (\y. f y \ y \ x \ y))" by (metis is_lpp_def is_pre_fp_def) definition is_gpp :: "'a \ ('a \ 'a) \ bool" where "is_gpp x f \ (is_post_fp x f) \ (\y. y \ f y \ y \ x)" lemma is_gpp_def_var: "is_gpp x f = (x \ f x \ (\y. y \ f y \ y \ x))" by (metis is_gpp_def is_post_fp_def) definition is_lfp :: "'a \ ('a \ 'a) \ bool" where "is_lfp x f \ is_fp x f \ (\y. is_fp y f \ x \ y)" definition is_gfp :: "'a \ ('a \ 'a) \ bool" where "is_gfp x f \ is_fp x f \ (\y. is_fp y f \ y \ x)" definition least_prefix_point :: "('a \ 'a) \ 'a" ("\\<^sub>\") where "least_prefix_point f \ THE x. is_lpp x f" definition greatest_postfix_point :: "('a \ 'a) \ 'a" ("\\<^sub>\") where "greatest_postfix_point f \ THE x. is_gpp x f" definition least_fixpoint :: "('a \ 'a) \ 'a" ("\") where "least_fixpoint f \ THE x. is_lfp x f" definition greatest_fixpoint :: "('a \ 'a) \ 'a" ("\") where "greatest_fixpoint f \ THE x. is_gfp x f" lemma lpp_unique: "\is_lpp x f; is_lpp y f\ \ x = y" by (metis eq_iff is_lpp_def_var) lemma gpp_unique: "\is_gpp x f; is_gpp y f\ \ x = y" by (metis eq_iff is_gpp_def_var) lemma lpp_equality [intro?]: "is_lpp x f \ \\<^sub>\ f = x" by (simp add: least_prefix_point_def, rule the_equality, auto, metis antisym is_lpp_def is_pre_fp_def) lemma gpp_equality [intro?]: "is_gpp x f \ \\<^sub>\ f = x" by (simp add: greatest_postfix_point_def, rule the_equality, auto, metis antisym is_gpp_def is_post_fp_def) lemma lfp_equality: "is_lfp x f \ \ f = x" by (simp add: least_fixpoint_def, rule the_equality, auto, metis antisym is_lfp_def) lemma lfp_equality_var [intro?]: "\f x = x; \y. f y = y \ x \ y\ \ x = \ f" by (metis is_fp_def is_lfp_def lfp_equality) lemma gfp_equality: "is_gfp x f \ \ f = x" by (simp add: greatest_fixpoint_def, rule the_equality, auto, metis antisym is_gfp_def) lemma gfp_equality_var [intro?]: "\f x = x; \y. f y = y \ y \ x\ \ x = \ f" by (metis gfp_equality is_fp_def is_gfp_def) lemma lpp_is_lfp: "\isotone f; is_lpp x f\ \ is_lfp x f" by (metis dual.antisym dual.eq_refl is_fp_def is_lfp_def is_lpp_def_var isotoneD) lemma gpp_is_gfp: "\isotone f; is_gpp x f\ \ is_gfp x f" by (metis dual.antisym dual.order_refl is_fp_def is_gfp_def is_gpp_def_var isotoneD) (* +------------------------------------------------------------------------+ | Knaster-Tarski | +------------------------------------------------------------------------+ *) (* Modified version of Wenzel's proof of the Knaster-Tarski theorem *) theorem knaster_tarski_lpp: assumes fmon: "isotone f" obtains a where "is_lpp a f" proof let ?H = "{u. f u \ u}" let ?a = "\ ?H" have "is_pre_fp ?a f" proof - have "\x\?H. ?a \ x" by (metis glb_least) hence "\x\?H. f ?a \ f x" by (metis assms glb_least isotoneD) hence "\x\?H. f ?a \ x" by (metis Collect_def mem_def order_trans) hence "f ?a \ \ ?H" by (smt glb_greatest) thus ?thesis by (metis is_pre_fp_def) qed moreover have "f y \ y \ ?a \ y" by (metis Collect_def glb_least mem_def) ultimately show "is_lpp ?a f" by (smt is_lpp_def Collect_def glb_least mem_def) qed corollary is_lpp_lpp [intro?]: "isotone f \ is_lpp (\\<^sub>\ f) f" using knaster_tarski_lpp by (metis lpp_equality) theorem knaster_tarski: assumes fmon: "isotone f" obtains a where "is_lfp a f" by (metis assms is_lpp_lpp lpp_is_lfp) corollary knaster_tarski_var: "isotone f \ \!x. is_lfp x f" using knaster_tarski by (metis lfp_equality) corollary is_lfp_lfp [intro?]: "isotone f \ is_lfp (\ f) f" using knaster_tarski by (metis lfp_equality) (* Knaster-Tarski for greatest fixpoints *) theorem knaster_tarski_gpp: assumes fmon: "isotone f" obtains a :: "'a" where "is_gpp a f" proof let ?H = "{u. u \ f u}" let ?a = "\ ?H" have "is_post_fp ?a f" proof - have "\x\?H. x \ ?a" by (metis lub_least) hence "\x\?H. x \ f ?a" by (metis (full_types) Collect_def assms lub_least mem_def isotoneD order_trans) hence "\ ?H \ f ?a" by (smt lub_greatest) thus ?thesis by (metis is_post_fp_def) qed moreover have "y \ f y \ y \ ?a" by (metis Collect_def lub_least mem_def order_refl) ultimately show "is_gpp ?a f" by (smt is_gpp_def Collect_def lub_least mem_def) qed corollary is_gpp_gpp [intro?]: "isotone f \ is_gpp (\\<^sub>\ f) f" by (metis gpp_equality knaster_tarski_gpp) theorem knaster_tarski_greatest: assumes fmon: "isotone f" obtains a :: "'a" where "is_gfp a f" by (metis assms is_gpp_gpp gpp_is_gfp) corollary knaster_tarski_greatest_var: "isotone f \ \!x. is_gfp x f" by (metis gfp_equality knaster_tarski_greatest) corollary is_gfp_gfp [intro?]: "isotone f \ is_gfp (\ f) f" by (metis gfp_equality knaster_tarski_greatest_var) lemma lfp_is_lpp: "\isotone f; is_lfp x f\ \ is_lpp x f" by (metis lfp_equality lpp_is_lfp is_lpp_lpp) lemma lfp_is_lpp_var: "isotone f \ \ f = \\<^sub>\ f" by (metis lfp_is_lpp lpp_equality is_lfp_lfp) lemma gfp_is_gpp: "\isotone f; is_gfp x f\ \ is_gpp x f" by (metis gfp_equality gpp_is_gfp is_gpp_gpp) lemma gfp_is_gpp_var: "isotone f \ \ f = \\<^sub>\ f" by (metis gfp_is_gpp gpp_equality is_gfp_gfp) (* We now show some more properties of fixpoints *) (* +------------------------------------------------------------------------+ | Fixpoint Computation | +------------------------------------------------------------------------+ *) lemma prefix_point_computation [simp]: "isotone f \ f (\\<^sub>\ f) = \\<^sub>\ f" by (metis is_lpp_lpp lpp_is_lfp is_lfp_def is_fp_def) lemma fixpoint_computation [simp]: "isotone f \ f (\ f) = \ f" by (metis is_lpp_lpp lfp_equality lpp_is_lfp prefix_point_computation) lemma greatest_prefix_point_computation [simp]: "isotone f \ f (\\<^sub>\ f) = \\<^sub>\ f" by (metis is_gpp_gpp gpp_is_gfp is_gfp_def is_fp_def) lemma greatest_fixpoint_computation [simp]: "isotone f \ f (\ f) = \ f" by (metis is_gpp_gpp gfp_equality gpp_is_gfp greatest_prefix_point_computation) (* +------------------------------------------------------------------------+ | Fixpoint Induction | +------------------------------------------------------------------------+ *) lemma prefix_point_induction [intro?]: assumes fmon: "isotone f" and pp: "f x \ x" shows "\\<^sub>\ f \ x" by (metis fmon is_lpp_def_var is_lpp_lpp pp) lemma fixpoint_induction [intro?]: assumes fmon: "isotone f" and fp: "f x \ x" shows "\ f \ x" by (metis fmon fp lfp_is_lpp_var prefix_point_induction) lemma greatest_postfix_point_induction [intro?]: assumes fmon: "isotone f" and pp: "x \ f x" shows "x \ \\<^sub>\ f" by (metis fmon is_gpp_def is_gpp_gpp pp) lemma greatest_fixpoint_induction [intro?]: assumes fmon: "isotone f" and fp: "x \ f x" shows "x \ \ f" by (metis fmon fp gfp_is_gpp_var greatest_postfix_point_induction) lemma fixpoint_compose: assumes kmon: "isotone k" and comp: "g\k = k\h" and fp: "is_fp x h" shows "is_fp (k x) g" by (metis comp fp is_fp_def o_apply) lemma fixpoint_mono: assumes fmon: "isotone f" and gmon: "isotone g" and fg: "f \ g" shows "\ f \ \ g" by (metis fg fixpoint_induction fmon gmon lfp_is_lpp_var pleq_def prefix_point_computation) lemma greatest_fixpoint_mono: assumes fmon: "isotone f" and gmon: "isotone g" and fg: "f \ g" shows "\ f \ \ g" by (metis fg fmon gfp_is_gpp_var gmon greatest_fixpoint_induction greatest_prefix_point_computation pleq_def) end (* +------------------------------------------------------------------------+ | Galois Connections | +------------------------------------------------------------------------+ *) context order begin definition galois_connection :: "('a \ 'a) \ ('a \ 'a) \ bool" where "galois_connection f g \ \x y. (f x \ y) \ (x \ g y)" definition dual_galois_connection :: "('a \ 'a) \ ('a \ 'a) \ bool" where "dual_galois_connection f g \ \x y. (f x \ y) \ (x \ g y)" definition lower_adjoint :: "('a \ 'a) \ bool" where "lower_adjoint f \ \g. galois_connection f g" definition upper_adjoint :: "('a \ 'a) \ bool" where "upper_adjoint g \ \f. galois_connection f g" lemma deflation: "galois_connection f g \ f (g y) \ y" by (metis galois_connection_def le_less) lemma inflation: "galois_connection f g \ x \ g (f x)" by (metis galois_connection_def le_less) lemma lower_iso: "galois_connection f g \ isotone f" by (metis galois_connection_def inflation isotone_def order_trans) lemma upper_iso: "galois_connection f g \ isotone g" by (metis deflation galois_connection_def isotone_def order_trans) lemma lower_comp: "galois_connection f g \ f \ g \ f = f" proof fix x assume "galois_connection f g" thus "(f \ g \ f) x = f x" by (metis (full_types) antisym deflation inflation isotone_def lower_iso o_apply) qed lemma upper_comp: "galois_connection f g \ g \ f \ g = g" proof fix x assume "galois_connection f g" thus "(g \ f \ g) x = g x" by (metis (full_types) antisym deflation inflation isotone_def o_apply upper_iso) qed lemma upper_idempotency1: "galois_connection f g \ idempotent (f \ g)" by (metis idempotent_def o_assoc upper_comp) lemma upper_idempotency2: "galois_connection f g \ idempotent (g \ f)" by (metis idempotent_def o_assoc lower_comp) lemma galois_dual: "galois_connection f g \ dual_galois_connection g f" by (metis dual_galois_connection_def galois_connection_def) lemma dual_galois_dual: "dual_galois_connection f g \ galois_connection g f" by (metis dual_galois_connection_def galois_connection_def) lemma galois_dualize: "\galois_connection F G \ P F G; dual_galois_connection G F\ \ P F G" by (metis dual_galois_dual) lemma dual_galois_dualize: "\dual_galois_connection F G \ P F G; galois_connection G F\ \ P F G" by (metis galois_dual) lemma galois_comp: assumes g1: "galois_connection F G" and g2 :"galois_connection H K" shows "galois_connection (F \ H) (K \ G)" by (smt g1 g2 galois_connection_def o_apply) lemma galois_id: "galois_connection id id" by (metis galois_connection_def id_def) lemma galois_isotone1: "galois_connection f g \ isotone (g \ f)" by (smt galois_connection_def inflation isotoneD isotone_def o_apply order_trans upper_iso) lemma galois_isotone2: "galois_connection f g \ isotone (f \ g)" by (metis isotone_def lower_iso o_apply upper_iso) lemma point_id1: "galois_connection f g \ id \ g \ f" by (metis inflation id_apply o_apply pleq_def) lemma point_id2: "galois_connection f g \ f \ g \ id" by (metis deflation id_apply o_apply pleq_def) lemma point_cancel: assumes g: "galois_connection f g" shows "f \ g \ g \ f" by (metis assms order_trans pleq_def point_id1 point_id2) lemma cancel: assumes g: "galois_connection f g" shows "f (g x) \ g (f x)" by (metis assms deflation inflation order_trans) lemma cancel_cor1: assumes g: "galois_connection f g" shows "(g x = g y) \ (f (g x) = f (g y))" by (metis assms upper_comp o_apply) lemma cancel_cor2: assumes g: "galois_connection f g" shows "(f x = f y) \ (g (f x) = g (f y))" by (metis assms lower_comp o_apply) lemma semi_inverse1: "galois_connection f g \ f x = f (g (f x))" by (metis o_def lower_comp) lemma semi_inverse2: "galois_connection f g \ g x = g (f (g x))" by (metis o_def upper_comp) lemma universal_mapping_property1: assumes a: "isotone g" and b: "\x. x \ g (f x)" and c: "\x y. (x \ g y) \ (f x \ y)" shows "galois_connection f g" by (metis a b c galois_connection_def isotoneD order_trans) lemma universal_mapping_property2: assumes a: "isotone f" and b: "\x. f (g x) \ x" and c: "\x y. (f x \ y) \ (x \ g y)" shows "galois_connection f g" by (metis a b c galois_connection_def isotoneD order_trans) lemma galois_ump2: "galois_connection f g = (isotone f \ (\y. f (g y) \ y) \ (\x y. f x \ y \ x \ g y))" by (metis deflation dual_galois_connection_def galois_dual lower_iso universal_mapping_property2) lemma galois_ump1: "galois_connection f g = (isotone g \ (\x. x \ g (f x)) \ (\x y. x \ g y \ f x \ y))" by (metis galois_connection_def inflation universal_mapping_property1 upper_iso) (* +------------------------------------------------------------------------+ | Theorem 4.10(a) | +------------------------------------------------------------------------+ *) lemma ore_galois: assumes"\x. x \ g (f x)" and "\x. f (g x) \ x" and "isotone f" and "isotone g" shows "galois_connection f g" by (metis assms isotoneD order_trans universal_mapping_property1) (* +------------------------------------------------------------------------+ | Theorems 4.32(a) and 4.32(b) | +------------------------------------------------------------------------+ *) lemma perfect1: "galois_connection f g \ g (f x) = x \ x \ range g" by (metis (full_types) image_iff range_eqI semi_inverse2) lemma perfect2: "galois_connection f g \ f (g x) = x \ x \ range f" by (metis (full_types) image_iff range_eqI semi_inverse1) (* +------------------------------------------------------------------------+ | Theorems 4.20(a) and 4.20(b) | +------------------------------------------------------------------------+ *) definition is_max :: "'a \ 'a set \ bool" where "is_max x X \ x \ X \ is_lub x X" definition is_min :: "'a \ 'a set \ bool" where "is_min x X \ x \ X \ is_glb x X" lemma galois_max: assumes conn: "galois_connection f g" shows "is_max (g y) {x. f x \ y}" by (simp add: is_max_def is_lub_equiv, metis assms galois_ump2 order_trans) lemma galois_min: assumes conn: "galois_connection f g" shows "is_min (f x) {y. x \ g y}" by (simp add: is_min_def is_glb_equiv, metis assms galois_ump1 order_trans) theorem max_galois: "galois_connection f g = (isotone f \ (\y. is_max (g y) {x. f x \ y}))" proof assume conn: "galois_connection f g" show "isotone f \ (\y. is_max (g y) {x. f x \ y})" proof show "isotone f" by (metis conn lower_iso) next show "\y. is_max (g y) {x. f x \ y}" by (metis conn galois_max) qed next assume "isotone f \ (\y. is_max (g y) {x. f x \ y})" hence fmon: "isotone f" and max: "\y. is_max (g y) {x. f x \ y}" by auto+ show "galois_connection f g" proof (rule universal_mapping_property2) show "isotone f" by (metis fmon) next have max2: "\y. g y \ {x. f x \ y}" by (smt is_max_def max) hence "(g y \ {x. f x \ y}) = (f (g y) \ y)" by (simp only: mem_Collect_eq) thus p: "\y. f (g y) \ y" using max2 by auto next show "\x y. f x \ y \ x \ g y" proof clarify fix x and y have lub1: "is_lub (g y) {x. f x \ y}" by (smt is_max_def max Collect_def is_lub_equiv mem_def) assume "f x \ y" thus "x \ g y" by (metis lub1 Collect_def is_lub_equiv mem_def order_refl) qed qed qed corollary max_galois_rule: "\isotone f; \y. is_max (g y) {x. f x \ y}\ \ galois_connection f g" by (metis max_galois) theorem min_galois: "galois_connection f g = (isotone g \ (\x. is_min (f x) {y. x \ g y}))" proof assume conn: "galois_connection f g" show "isotone g \ (\x. is_min (f x) {y. x \ g y})" proof show "isotone g" by (metis conn upper_iso) next show "\x. is_min (f x) {y. x \ g y}" by (metis conn galois_min) qed next assume "isotone g \ (\x. is_min (f x) {y. x \ g y})" hence gmon: "isotone g" and min: "\x. is_min (f x) {y. x \ g y}" by auto+ show "galois_connection f g" proof (rule universal_mapping_property1) show "isotone g" by (metis gmon) next have "\x. f x \ {y. x \ g y}" by (smt is_min_def min) moreover have "(f x \ {y. x \ g y}) = (x \ g (f x))" by (simp only: mem_Collect_eq) ultimately show "\x. x \ g (f x)" by auto next show "\x y. x \ g y \ f x \ y" proof clarify fix x and y have glb1: "is_glb (f x) {y. x \ g y}" using is_min_def min by (smt Collect_def is_glb_equiv mem_def) assume "x \ g y" thus "f x \ y" by (metis glb1 Collect_def is_glb_equiv mem_def order_refl) qed qed qed corollary min_galois_rule: "\isotone g; \x. is_min (f x) {y. x \ g y}\ \ galois_connection f g" by (metis min_galois) (* Corollary 4.21 *) lemma galois_lub: "galois_connection f g \ is_lub (g y) {x. f x \ y}" by (metis galois_max is_max_def) lemma galois_glb: "galois_connection f g \ is_glb (f x) {y. x \ g y}" by (metis galois_min is_min_def) lemma galois_lub_var: "galois_connection f g \ g y = \ {x. f x \ y}" by (metis galois_lub lub_is_lub) lemma galois_glb_var: "galois_connection f g \ f x = \ {y. x \ g y}" by (metis galois_glb glb_is_glb) (* +------------------------------------------------------------------------+ | Lemma 4.24(a) and 4.24(b) | +------------------------------------------------------------------------+ *) lemma lower_lub: "\is_lub x X; lower_adjoint f\ \ is_lub (f x) (f ` X)" by (smt galois_ump1 galois_ump2 image_iff is_lub_equiv lower_adjoint_def) lemma upper_glb: "\is_glb x X; upper_adjoint g\ \ is_glb (g x) (g ` X)" apply (simp add: is_glb_def upper_adjoint_def is_lb_def galois_connection_def) by (metis order_refl order_trans) lemma lower_preserves_joins: assumes lower: "lower_adjoint f" shows "ex_join_preserving f" by (metis assms ex_join_preserving_def lower_lub lub_is_lub) lemma upper_preserves_meets: assumes upper: "upper_adjoint g" shows "ex_meet_preserving g" by (metis assms ex_meet_preserving_def upper_glb glb_is_glb) end (* +------------------------------------------------------------------------+ | Theorems 4.25(a) and 4.25(b) | +------------------------------------------------------------------------+ *) context complete_lattice begin theorem suprema_galois: "galois_connection f g = (ex_join_preserving f \ (\y. is_lub (g y) {x. f x \ y}))" proof assume "galois_connection f g" thus "ex_join_preserving f \ (\y. is_lub (g y) {x. f x \ y})" by (metis galois_lub lower_adjoint_def lower_preserves_joins) next assume assms: "ex_join_preserving f \ (\y. is_lub (g y) {x. f x \ y})" hence elj: "ex_join_preserving f" and a2: "\y. is_lub (g y) {x. f x \ y}" by metis+ hence fmon: "isotone f" by (metis ex_join_preserving_iso) thus "galois_connection f g" proof (simp add: galois_connection_def) have left: "\x y. (f x \ y) \ (x \ g y)" by (metis Collect_def a2 is_lub_equiv mem_def order_refl) moreover have "\x y. (x \ g y) \ (f x \ y)" proof clarify fix x and y assume gr: "x \ g y" show "f x \ y" proof - have lem: "\ (f ` {x. f x \ y}) \ y" proof (rule the_lub_leq) show "\z. is_lub z (f ` {x\'a. f x \ y})" by (metis lub_ex) next fix z show "is_lub z (f ` {x\'a. f x \ y}) \ z \ y" by (smt Collect_def imageE is_lub_equiv mem_def) qed have "f x \ y \ x \ \ {z. f z \ y}" by (metis a2 gr lub_is_lub) moreover have "x \ \ {z. f z \ y} \ f x \ f (\ {z. f z \ y})" by (metis fmon isotoneD) moreover have "(f x \ f (\ {z. f z \ y})) = (f x \ \ (f ` {z. f z \ y}))" by (metis a2 elj ex_join_preserving_def top_greatest) moreover have "... \ f x \ y" using lem by (metis order_trans) ultimately show ?thesis by (metis a2 gr lub_is_lub) qed qed ultimately show "\x y. (f x \ y) = (x \ g y)" by auto qed qed corollary suprema_galois_rule: "\ex_join_preserving f; \y. is_lub (g y) {x. f x \ y}\ \ galois_connection f g" by (metis suprema_galois) theorem infima_galois: "galois_connection f g = (ex_meet_preserving g \ (\x. is_glb (f x) {y. x \ g y}))" proof assume "galois_connection f g" thus "ex_meet_preserving g \ (\x. is_glb (f x) {y. x \ g y})" by (metis galois_glb upper_adjoint_def upper_preserves_meets) next assume assms: "ex_meet_preserving g \ (\x. is_glb (f x) {y. x \ g y})" hence elj: "ex_meet_preserving g" and a2: "\x. is_glb (f x) {y. x \ g y}" by auto+ hence gmon: "isotone g" by (metis ex_meet_preserving_iso) thus "galois_connection f g" proof (simp add: galois_connection_def) have right: "\x y. (x \ g y) \ (f x \ y)" by (metis Collect_def a2 is_glb_equiv mem_def order_refl) moreover have "\x y. (f x \ y) \ (x \ g y)" proof clarify fix x and y assume gr: "f x \ y" show "x \ g y" proof - have lem: "x \ \ (g ` {y. x \ g y})" proof (rule the_glb_leq) show "\z. is_glb z (g ` {y. x \ g y})" by (metis glb_ex) next fix z show "is_glb z (g ` {y. x \ g y}) \ x \ z" by (smt Collect_def imageE is_glb_equiv mem_def) qed have "x \ g y \ \ {z. x \ g z} \ y" by (metis a2 gr glb_is_glb) moreover have "\ {z. x \ g z} \ y \ g (\ {z. x \ g z}) \ g y" by (metis gmon isotoneD) moreover have "(g (\ {z. x \ g z}) \ g y) = (\ (g ` {z. x \ g z}) \ g y)" by (metis a2 elj ex_meet_preserving_def top_greatest) moreover have "... \ x \ g y" using lem by (metis order_trans) ultimately show ?thesis by (metis a2 gr glb_is_glb) qed qed ultimately show "\x y. (f x \ y) = (x \ g y)" by auto qed qed corollary infima_galois_rule: "\ex_meet_preserving g; \x. is_glb (f x) {y. x \ g y}\ \ galois_connection f g" by (metis infima_galois) (* +------------------------------------------------------------------------+ | Theorems 4.26 and 4.27 | +------------------------------------------------------------------------+ *) theorem cl_lower_join_preserving: "lower_adjoint f = ex_join_preserving f" proof assume "lower_adjoint f" thus "ex_join_preserving f" by (metis lower_adjoint_def lower_iso lower_preserves_joins) next assume ejp: "ex_join_preserving f" have "\g. \y. is_lub (g y) {x. f x \ y}" proof show "\y. is_lub (\ {x. f x \ y}) {x. f x \ y}" by (metis lub_ex lub_is_lub) qed thus "lower_adjoint f" by (metis lower_adjoint_def ejp suprema_galois) qed theorem cl_upper_join_preserving: "upper_adjoint g = ex_meet_preserving g" proof assume "upper_adjoint g" thus "ex_meet_preserving g" by (metis upper_preserves_meets) next assume emp: "ex_meet_preserving g" have "\f. \x. is_glb (f x) {y. x \ g y}" proof show "\x. is_glb (\ {y. x \ g y}) {y. x \ g y}" by (metis glb_ex glb_is_glb) qed thus "upper_adjoint g" by (metis emp infima_galois upper_adjoint_def) qed lemma join_preserving_is_ex: "join_preserving f \ ex_join_preserving f" by (metis ex_join_preserving_def join_preserving_def) lemma join_pres2: "ex_join_preserving f = join_preserving f" by (metis lub_ex ex_join_preserving_def subset_UNIV join_preserving_def) lemma meet_preserving_is_ex: "meet_preserving f = ex_meet_preserving f" by (metis glb_ex ex_meet_preserving_def subset_UNIV meet_preserving_def) lemma galois_join_preserving: "galois_connection f g \ join_preserving f" by (metis ex_join_preserving_def lub_ex subset_UNIV suprema_galois join_preserving_def) lemma galois_meet_preserving: "galois_connection f g \ meet_preserving g" by (metis ex_meet_preserving_def glb_ex subset_UNIV infima_galois meet_preserving_def) (* +------------------------------------------------------------------------+ | Theorems 4.36 and 4.37 | +------------------------------------------------------------------------+ *) theorem upper_exists: "lower_adjoint f = join_preserving f" by (metis lower_adjoint_def cl_lower_join_preserving galois_join_preserving join_preserving_is_ex) theorem lower_exists: "upper_adjoint g = meet_preserving g" by (metis cl_upper_join_preserving meet_preserving_is_ex) (* +------------------------------------------------------------------------+ | Fixpoints and Galois connections | +------------------------------------------------------------------------+ *) lemma fixpoint_rolling: assumes conn: "galois_connection f g" shows "f (\ (g \ f)) = \ (f \ g)" proof show "(f \ g) (f (\ (g \ f))) = f (\ (g \ f))" by (metis assms o_def semi_inverse1) next fix y assume fgy: "(f \ g) y = y" have "\ (g \ f) \ g y" by (metis assms dual.order_refl fgy fixpoint_induction galois_isotone1 o_eq_dest_lhs) thus "f (\ (g \ f)) \ y" by (metis conn galois_connection_def) qed lemma greatest_fixpoint_rolling: assumes conn: "galois_connection f g" shows "g (\ (f \ g)) = \ (g \ f)" proof show "(g \ f) (g (\ (f \ g))) = g (\ (f \ g))" by (metis assms o_def semi_inverse2) next fix y assume gfy: "(g \ f) y = y" have "f y \ \ (f \ g)" by (metis assms dual.order_refl galois_isotone2 gfy greatest_fixpoint_induction o_eq_dest_lhs) thus "y \ g (\ (f \ g))" by (metis conn galois_connection_def) qed (* +------------------------------------------------------------------------+ | Fixpoint Fusion | +------------------------------------------------------------------------+ *) (* uses lfp_equality_var then fixpoint_induction *) theorem fixpoint_fusion [simp]: assumes upper_ex: "lower_adjoint f" and hiso: "isotone h" and kiso: "isotone k" and comm: "f\h = k\f" shows "f (\ h) = \ k" proof show "k (f (\ h)) = f (\ h)" by (metis comm fixpoint_computation hiso o_def) next fix y assume ky: "k y = y" obtain g where conn: "galois_connection f g" by (metis lower_adjoint_def upper_ex) have "\ h \ g y" using hiso proof (rule fixpoint_induction) have "f (g y) \ y" by (metis conn deflation) hence "f (h (g y)) \ y" by (metis comm kiso ky mem_def isotoneD o_def) thus "h (g y) \ g y" by (metis conn galois_connection_def) qed thus "f (\ h) \ y" by (metis conn galois_connection_def) qed theorem greatest_fixpoint_fusion [simp]: assumes lower_ex: "upper_adjoint g" and hiso: "isotone h" and kiso: "isotone k" and comm: "g\h = k\g" shows "g (\ h) = \ k" proof show "k (g (\ h)) = g (\ h)" by (metis comm greatest_fixpoint_computation hiso o_def) next fix y assume ky: "k y = y" obtain f where conn: "galois_connection f g" by (metis lower_ex upper_adjoint_def) have "f y \ \ h" using hiso proof (rule greatest_fixpoint_induction) have "y \ g (f y)" by (metis conn inflation) hence "y \ g (h (f y))" by (metis comm kiso ky mem_def isotoneD o_def) thus "f y \ h (f y)" by (metis conn galois_connection_def) qed thus "y \ g (\ h)" by (metis conn galois_connection_def) qed end (* +------------------------------------------------------------------------+ | Join semilattices with zero and dioids | +------------------------------------------------------------------------+ *) class join_semilattice_zero = join_semilattice + fixes zero :: 'a assumes add_zerol: "zero\x = x" begin lemma add_iso: "x \ y \ x\z \ y\z" by (smt add_assoc add_comm add_idem leq_def) lemma add_ub: "x \ x\y" by (metis add_assoc add_idem leq_def) lemma add_lub: "x\y \ z \ x \ z \ y \ z" by (metis add_comm add_iso add_ub leq_def) lemma min_zero: "zero \ x" by (metis add_zerol leq_def) lemma lub_un: "is_lub w A \ is_lub (x\w) ({x}\A)" by (simp add: is_lub_equiv add_lub) end class dioid = join_semilattice_zero + fixes mult :: "'a \ 'a \ 'a" (infixl "\" 80) and one :: "'a" assumes mult_assoc: "(x\y)\z = x\(y\z)" and distr: "(x\y)\z = x\z\y\z" and distl: "x\(y\z) = x\y\x\z" and mult_onel: "one\x = x" and mult_oner: "x\one = x" and annir: "zero\x = zero" and annil: "x\zero = zero" begin lemma mult_isor: "x \ y \ x\z \ y\z" by (metis distr leq_def) lemma mult_isol: "x \ y \ z\x \ z\y" by (metis distl leq_def) lemma subdistr: "x\z \ (x\y)\z" by (metis add_ub mult_isor) lemma subdistl: "z\x \ z\(x\y)" by (metis add_ub mult_isol) lemma mult_double_iso: "w \ x \ y \ z \ w\y \ x\z" by (metis mult_isol mult_isor order_trans) lemma order_prop: "(x \ y) \ (\z.(x\z = y))" by (metis leq_def add_ub) (* Powers *) primrec power :: "'a \ nat \ 'a" ("_\<^bsup>_\<^esup>" [101,50] 100) where "x\<^bsup>0\<^esup> = one" | "x\<^bsup>Suc n\<^esup> = x\x\<^bsup>n\<^esup>" lemma power_add: "x\<^bsup>m\<^esup>\x\<^bsup>n\<^esup> = x\<^bsup>m+n\<^esup>" proof (induct m) case 0 show ?case by (metis add_0_left mult_onel power.simps(1)) case (Suc m) show ?case by (smt Suc add_Suc mult_assoc power.simps(2)) qed lemma power_commutes: "x\<^bsup>n\<^esup>\x = x\x\<^bsup>n\<^esup>" by (smt power_add mult_oner power.simps) lemma power_inductl_var: "x\y \ y \ (power x n)\y \ y" by (induct n, metis eq_refl mult_onel power.simps(1), smt add_assoc distl leq_def mult_assoc order_prop power.simps(2) power_commutes) lemma power_inductr_var: "y\x \ y \ y\(power x n) \ y" by (induct n, metis mult_oner power.simps(1) order_refl, smt add_assoc distr leq_def mult_assoc order_prop power.simps(2)) --"5" definition powers :: "'a \ 'a set" where "powers x = {y. (\i. y = power x i)}" definition powers_c :: "'a \ 'a \ 'a \ 'a set" where "powers_c x y z = {x\w\z| w. (\i. w = power y i)}" lemma powers_c_elim: "v\(powers_c x y z) \ (\w. v = x\w\z \ (\i. w = power y i))" by (simp add: powers_c_def) lemma powers_to_powers_c: "powers x = powers_c one x one" by auto (simp add: powers_c_elim mult_onel mult_oner, smt Collect_def mem_def powers_def)+ lemma power_in_powers_c: "\i. x\(power y i)\z \ powers_c x y z" by (metis powers_c_elim) lemma powers_sucl: "powers_c x x one = {y. (\i. y = power x (Suc i))}" by auto (metis mult_oner powers_c_elim, metis mult_oner power_in_powers_c) lemma powers_sucr: "powers_c one x x = {y. (\i. y = power x (Suc i))}" by auto (metis mult_onel power_commutes powers_c_elim, metis mult_onel power_commutes power_in_powers_c) lemma powers_suc: "powers_c x x one = powers_c one x x" by (metis powers_sucl powers_sucr) lemma powers_unfoldl: "{one}\(powers_c x x one) = powers x" proof - have "{one}\(powers_c x x one) = {y. y = power x 0 \ (\i. y = power x (Suc i))}" by (metis insert_def insert_is_Un power.simps(1) powers_sucl Collect_disj_eq) also have "... = {y. (\i. y = power x i)}" by auto (smt power.simps(1), metis power.simps(2), metis (full_types) nat.exhaust power.simps(1) power.simps(2)) ultimately show ?thesis by (metis powers_def) qed end (* +------------------------------------------------------------------------+ | Kleene Algebra | +------------------------------------------------------------------------+ *) class kleene_algebra = dioid + fixes star :: "'a \ 'a" ("_\<^sup>\" [101] 100) assumes star_unfoldl: "one\x\x\<^sup>\ \ x\<^sup>\" and star_unfoldr: "one\x\<^sup>\\x \ x\<^sup>\" and star_inductl: "z\x\y \ y \ x\<^sup>\\z \ y" and star_inductr: "z\y\x \ y \ z\x\<^sup>\ \ y" begin lemma star_ref: "one \ x\<^sup>\" by (metis add_lub star_unfoldl) lemma star_trans_eq: "x\<^sup>\\x\<^sup>\ = x\<^sup>\" by (metis eq_iff mult_isor mult_onel star_ref add_lub eq_iff star_inductl star_unfoldl) lemma star_1l: "x\x\<^sup>\ \ x\<^sup>\" by (metis add_lub star_unfoldl) lemma star_inductl_var: "x\y \ y \ x\<^sup>\\y \ y" by (metis add_comm leq_def eq_iff star_inductl) lemma star_subdist: "x\<^sup>\ \ (x\y)\<^sup>\" by (metis add_lub distr star_1l star_ref star_inductl mult_oner) lemma star_iso: "x \ y \ x\<^sup>\ \ y\<^sup>\" by (metis leq_def star_subdist) lemma star_invol: "x\<^sup>\ = (x\<^sup>\)\<^sup>\" by (smt antisym distl leq_def mult_oner star_1l star_inductl star_ref star_trans_eq) lemma star2: "(one\x)\<^sup>\ = x\<^sup>\" by (metis add_comm distr leq_def mult_onel mult_oner star_1l star_inductl star_invol star_ref star_subdist eq_iff) lemma star_ext: "x \ x\<^sup>\" by (smt add_lub leq_def mult_oner star_unfoldl distl) lemma star_sim1: "x\z \ z\y \ x\<^sup>\\z \ z\y\<^sup>\" by (smt add_comm add_lub distr leq_def mult_assoc mult_oner star_1l star_ext star_inductl star_invol star_iso star_ref distl) lemma star_slide1: "(x\y)\<^sup>\\x \ x\(y\x)\<^sup>\" by (metis eq_iff mult_assoc star_sim1) lemma star_unfoldl_eq: "x\<^sup>\ = one\x\x\<^sup>\" by (smt add_comm add_iso distl leq_def star_1l star_ref mult_oner star_inductl antisym star_unfoldl) lemma star_denest: "(x\y)\<^sup>\ = (x\<^sup>\\y\<^sup>\)\<^sup>\" proof - have "(x\y)\<^sup>\ \ (x\<^sup>\\y\<^sup>\)\<^sup>\" by (metis add_lub mult_double_iso mult_onel mult_oner star_ext star_iso star_ref) thus ?thesis by (metis add_comm eq_iff mult_double_iso star_invol star_iso star_subdist star_trans_eq) qed lemma star_unfoldr_eq: "one\x\<^sup>\\x = x\<^sup>\" by (smt distl distr mult_assoc mult_onel mult_oner star_unfoldl_eq star_inductl eq_iff star_unfoldr) lemma star_slide: "(x\y)\<^sup>\\x = x\(y\x)\<^sup>\" by (smt add_comm mult_assoc star_unfoldr_eq star_slide1 mult_isor add_iso mult_isol distl mult_oner distr mult_onel star_unfoldl_eq eq_iff star_slide1) lemma star_slide_var: "x\<^sup>\\x = x\x\<^sup>\" by (metis mult_onel mult_oner star_slide) end (* +------------------------------------------------------------------------+ | Star continuous KA | +------------------------------------------------------------------------+ *) class star_continuous_ka = dioid + fixes cstar :: "'a \ 'a" assumes ex_cstar: "\x y z. \w. is_lub w (powers_c x y z)" and cstar_def:"x\(cstar y)\z = \ (powers_c x y z)" begin lemma prod_cstar_unique: "is_lub w (powers_c x y z) \ x\(cstar y)\z = w" by (metis cstar_def is_lub_unique the_equality lub_def) lemma cstar_unique: "is_lub w (powers x) \ cstar x = w" by (metis mult_onel mult_oner powers_to_powers_c prod_cstar_unique) lemma prod_cstar_is_lub: "is_lub (x\(cstar y)\z) (powers_c x y z)" by (metis ex_cstar prod_cstar_unique) lemma cstar_lub: "(\v\(powers_c x y z). v \ w) \ x\(cstar y)\z \ w" by (metis is_lub_equiv prod_cstar_is_lub) lemma cstar_unfoldl: "one\x\(cstar x) = cstar x" by (metis ex_cstar mult_oner prod_cstar_unique lub_un powers_unfoldl cstar_unique) lemma cstar_unfoldr: "one\(cstar x)\x = cstar x" by (smt mult_onel mult_oner powers_suc prod_cstar_is_lub prod_cstar_unique cstar_unfoldl) lemma cstar_inductl: "x\y \ y \ (cstar x)\y \ y" by (metis power_inductl_var mult_onel powers_c_elim cstar_lub) lemma cstar_inductr: "y\x \ y \ y\(cstar x) \ y" by (metis power_inductr_var mult_oner powers_c_elim cstar_lub) end sublocale star_continuous_ka \ kleene_algebra where star = cstar apply (unfold_locales) apply (metis cstar_unfoldl eq_refl) apply (metis order_refl cstar_unfoldr) apply (metis add_lub cstar_inductl mult_isol order_trans) by (metis add_lub cstar_inductr distr order_prop) (* +------------------------------------------------------------------------+ | Quantales | +------------------------------------------------------------------------+ *) class quantale = complete_lattice + fixes qmult :: "'a \ 'a \ 'a" (infixl "\" 80) assumes qmult_assoc: "(x \ y) \ z = x \ (y \ z)" and inf_distl: "x \ \ Y = \ ((\y. x\y) ` Y)" and inf_distr: "\ Y \ x = \ ((\y. y\x) ` Y)" begin lemma bot_zeror: "x \ \ = \" by (metis empty_lub image_empty inf_distl) lemma bot_zerol: "\ \ x = \" by (metis empty_lub image_empty inf_distr) lemma qdistl1: "x \ (y \ z) = (x \ y) \ (x \ z)" proof - have "x \ \ {y,z} = \ ((\y. x\y) ` {y,z})" using inf_distl . thus ?thesis by (simp add: join_def) qed lemma qdistr1: "(y \ z) \ x = (y \ x) \ (z \ x)" proof - have "\ {y,z} \ x = \ ((\y. y\x) ` {y,z})" using inf_distr . thus ?thesis by (simp add: join_def) qed lemma qmult_isotonel: "isotone (\y. x\y)" by (metis isotone_def leq_def qdistl1) lemma qmult_left_join_preserving: "join_preserving (\y. x\y)" by (metis inf_distl join_preserving_def) lemma qmult_left_lower: "lower_adjoint (\y. x\y)" by (metis qmult_isotonel qmult_left_join_preserving upper_exists) lemma qmult_isotoner: "isotone (\y. y\x)" by (metis isotone_def leq_def qdistr1) lemma qmult_right_join_preserving: "join_preserving (\y. y\x)" by (metis inf_distr join_preserving_def) lemma qmult_right_lower: "lower_adjoint (\y. y\x)" by (metis qmult_right_join_preserving qmult_isotoner upper_exists) definition qpreimp :: "'a \ 'a \ 'a" where "qpreimp x y \ \ {z. x \ z \ y}" definition qpostimp :: "'a \ 'a \ 'a" where "qpostimp x y \ \ {z. z \ y \ x}" lemma qpreimp_conn: "galois_connection (\y. x\y) (qpreimp x)" proof (unfold galois_connection_def, clarify) fix z y obtain g where conn: "galois_connection (\y. x\y) g" by (metis lower_adjoint_def qmult_left_lower) show "(x \ z \ y) \ (z \ qpreimp x y)" by (simp add: qpreimp_def, metis conn galois_connection_def galois_lub_var) qed lemma qpostimp_conn: "galois_connection (\y. y\x) (\y. qpostimp y x)" proof (unfold galois_connection_def, clarify) fix z y obtain g where conn: "galois_connection (\y. y\x) g" by (metis lower_adjoint_def qmult_right_lower) thus "(z \ x \ y) \ (z \ qpostimp y x)" by (simp add: qpostimp_def, metis galois_connection_def galois_lub_var) qed end (* +------------------------------------------------------------------------+ | Unital Quantales | +------------------------------------------------------------------------+ *) class unital_quantale = quantale + fixes qone :: 'a assumes qunitl: "qone \ x = x" and qunitr: "x \ qone = x" sublocale unital_quantale \ dioid where zero = bot and mult = qmult and one = qone proof fix x y z :: 'a show "\ \ x = x" by simp show "(x \ y) \ z = x \ (y \ z)" using qmult_assoc . show "(x \ y) \ z = x \ z \ y \ z" using qdistr1 . show "x \ (y \ z) = x \ y \ x \ z" using qdistl1 . show "qone \ x = x" using qunitl . show "x \ qone = x" using qunitr . show "\ \ x = \" using bot_zerol . show "x \ \ = \" using bot_zeror . qed context unital_quantale begin definition qstar :: "'a \ 'a" where "qstar x \ \ (powers x)" lemma set_predicate_eq: "\x. P x = Q x \ {x. P x} = {x. Q x}" by (metis (no_types) order_eq_iff predicate1I) lemma qstar_distl: "x \ qstar y = \ {x\z|z. (\i. z = power y i)}" proof (simp add: qstar_def powers_def inf_distl, rule_tac f = "\x. \ x" in arg_cong) have "op \ x ` {z. \i. z = dioid.power op \ qone y i} = {z. \p. (\i. p = dioid.power op \ qone y i) \ z = x \ p}" by (simp add: image_def) also have "... = {z. \i. z = x \ dioid.power op \ qone y i}" by (rule set_predicate_eq, blast) also have "... = {x \ w |w. \i. w = dioid.power op \ qone y i}" by (simp add: Collect_def, metis) finally show "op \ x ` {z. \i. z = dioid.power op \ qone y i} = {x \ w |w. \i. w = dioid.power op \ qone y i}" by metis qed lemma qmult_imager: "(\z. z \ y) ` {z. \i. z = dioid.power op \ qone x i} = {w \ y |w. \i. w = dioid.power op \ qone x i}" proof - have "(\z. z\y) ` {z. \i. z = dioid.power op \ qone x i} = {z. \p. (\i. p = dioid.power op \ qone x i) \ z = p \ y}" by (simp add: image_def) also have "... = {z. \i. z = dioid.power op \ qone x i \ y}" by (rule set_predicate_eq, blast) also have "... = {w \ y |w. \i. w = dioid.power op \ qone x i}" by (simp add: Collect_def, metis) finally show ?thesis by metis qed lemma qstar_distr: "qstar x \ y = \ {z\y|z. (\i. z = power x i)}" by (simp add: qstar_def powers_def inf_distr, rule_tac f = "\x. \ x" in arg_cong, metis qmult_imager) lemma function_image: "f ` {P y|y. Q y} = {f (P y) |y. Q y}" proof - have "{y. \x. (\y. x = P y \ Q y) \ y = f x} = {z. \y. z = f (P y) \ Q y}" by (rule set_predicate_eq, blast) hence "{y. \x. (\y. x = P y \ Q y) \ y = f x} = {f (P y) |y. Q y}" by (simp add: Collect_def) thus ?thesis by (simp add: image_def) qed end sublocale unital_quantale \ star_continuous_ka where zero = bot and mult = qmult and one = qone and cstar = qstar proof (unfold_locales, clarify) fix x y z :: 'a show "\w. is_lub w (dioid.powers_c op \ qone x y z)" by (metis lub_ex) show "x \ qstar y \ z = \ (dioid.powers_c op \ qone x y z)" apply (simp only: qstar_distl inf_distr) apply (rule_tac f = "\X. \ X" in arg_cong) by (simp only: powers_c_def, rule function_image) qed lemma (in unital_quantale) "qstar x = \(\y. qone \ y\x)" proof show "qone \ qstar x \ x = qstar x" by (metis cstar_unfoldr) show "\y. qone \ y \ x = y \ qstar x \ y" by (metis dual.order_refl mult_onel star_inductr) qed lemma (in unital_quantale) "qstar x = \(\y. qone \ x\y)" proof show "qone \ x \ qstar x = qstar x" by (metis cstar_unfoldl) show "\y. qone \ x \ y = y \ qstar x \ y" by (metis dual.order_refl mult_oner star_inductl) qed (* +------------------------------------------------------------------------+ | Involutive Quantales | +------------------------------------------------------------------------+ *) class involutive_quantale = quantale + fixes invol :: "'a \ 'a" ("_\<^sup>\" [101] 100) assumes "(x\y)\<^sup>\ = y\<^sup>\\x\<^sup>\" and "(\ X)\<^sup>\ = \ ((\x. x\<^sup>\) ` X)" class involutive_unital_quantale = unital_quantale + involutive_quantale (* +------------------------------------------------------------------------+ | Action Algebra | +------------------------------------------------------------------------+ *) class boffa = dioid + fixes bstar :: "'a \ 'a" assumes boffa1: "one \ x \ (bstar x)\(bstar x) \ bstar x" and boffa2: "one \ x \ y\y \ y \ bstar x \ y" class boffa_original = dioid + fixes b2star :: "'a \ 'a" assumes boffa_orig1: "one \ x \ b2star x" and boffa_orig2: "(b2star x)\(b2star x) = b2star x" and boffa_orig3: "one \ x \ y \ y\y = y \ b2star x \ y" (* We have found a new slightly weaker version of Boffa's axioms. These are complete for the equational theory of regular expressions, since they are equivalent to Boffa's original axioms. We can now base Pratt's action algebras on these axioms. Action algebras are therefore complete by this extension. *) sublocale boffa \ boffa_original where b2star = bstar proof fix x y show "one \ x \ bstar x" by (metis add_lub boffa1) show "(bstar x)\(bstar x) = bstar x" by (metis add_comm add_idem add_lub boffa1 distl leq_def mult_oner) show "one \ x \ y \ y\y = y \ bstar x \ y" by (metis boffa2 leq_def order_refl) qed sublocale boffa_original \ boffa where bstar = b2star proof fix x y show "one \ x \ (b2star x)\(b2star x) \ b2star x" by (metis boffa_orig1 boffa_orig2 eq_refl leq_def) show "one \ x \ y\y \ y \ b2star x \ y" by (metis add_lub antisym boffa_orig3 mult_isol mult_oner) qed class action_algebra = boffa + fixes preimp :: "'a \ 'a \ 'a" (infixr "\" 60) and postimp :: "'a \ 'a \ 'a" (infixl "\" 60) assumes act_galois1: "galois_connection (\x. x\y) (\x. x\y)" and act_galois2: "galois_connection (\y. x\y) (\y. x\y)" sublocale unital_quantale \ action_algebra where zero = bot and mult = qmult and one = qone and bstar = qstar and preimp = qpreimp and postimp = qpostimp apply unfold_locales apply (metis add_lub cstar_inductl star_1l star_ext star_ref) apply (metis add_lub leq_def mult_onel star_inductr star_subdist star_unfoldl_eq) apply (metis qpostimp_conn) by (metis qpreimp_conn) context action_algebra begin lemma act1L: "(x \ z \ y) \ (x\y \ z)" by (metis galois_connection_def act_galois1) lemma act1R: "(x\y \ z) \ y \ x \ z" by (metis galois_connection_def act_galois2) (* We can obtain these by instantiating proofs from galois connections *) lemma galois_unitR: "y \ x \ x\y" by (metis act_galois2 inflation) lemma galois_counitR: "x \ (x \ y) \ y" by (metis act_galois2 deflation) lemma galois_unitL: "x \ x\y \ y" by (metis act_galois1 inflation) lemma galois_counitL: "(y \ x) \ x \ y" by (metis act_galois1 deflation) lemma eq_ax1: "x \ y \ x \ (y \ y')" by (metis act_galois2 add_ub galois_ump1 isotoneD) lemma eq_ax1': "x \ y \ (x \ x') \ y" by (metis act_galois1 add_ub galois_ump1 isotoneD) lemma postimp_trans: "(x \ y) \ (y \ z) \ x \ z" by (smt act1L act1R galois_counitR mult_assoc order_trans) lemma preimp_trans: "(x \ y) \ (y \ z) \ x \ z" by (smt act1L act1R galois_counitL mult_assoc order_trans) lemma postimp_refl: "one \ x \ x" by (metis act1R mult_oner order_refl) lemma preimp_refl: "one \ x \ x" by (metis galois_unitL mult_onel) lemma postimp_pure_induction: "bstar (x \ x) \ (x \ x)" by (metis add_lub boffa2 order_refl postimp_refl postimp_trans) lemma postimp_pure_induction_uncurried: "x\bstar (x \ x) \ x" by (metis act1R postimp_pure_induction) lemma preimp_pure_induction: "bstar (x \ x) \ (x \ x)" by (metis add_lub boffa2 order_refl preimp_refl preimp_trans) lemma star_refl: "one \ bstar x" by (metis boffa1 add_lub) lemma star3: "x \ bstar x" by (metis boffa1 add_lub) lemma star_mon: "(x \ y) \ (bstar x \ bstar y)" by (metis add_lub boffa_orig2 boffa_orig3 order_trans star3 star_refl) lemma star_left_preserves: "(x\y \ y) \ ((bstar x)\y \ y)" by (metis act1L order_trans preimp_pure_induction star_mon) lemma star_right_preserves: "(y\x \ y) \ (y\bstar x \ y)" by (metis act1R order_trans postimp_pure_induction star_mon) end sublocale action_algebra \ kleene_algebra where star = bstar proof fix x y z :: 'a show "one \ x\bstar x \ bstar x" by (metis boffa1 add_assoc add_comm distl distr leq_def mult_oner star3 star_refl) show "one \ bstar x \ x \ bstar x" by (metis boffa1 add_assoc add_comm distl distr leq_def mult_oner star3 star_refl) show "z \ x \ y \ y \ bstar x \ z \ y" by (metis add_lub mult_isol order_trans star_left_preserves) show "z \ y \ x \ y \ z \ bstar x \ y" by (metis add_lub mult_isor order_trans star_right_preserves) qed class equational_action_algebra = dioid + fixes eqstar :: "'a \ 'a" and eqpreimp :: "'a \ 'a \ 'a" and eqpostimp :: "'a \ 'a \ 'a" assumes eq1: "eqpreimp x y \ eqpreimp x (y \ y')" and eq2L: "x\(eqpreimp x y) \ y" and eq2R: "y \ eqpreimp x (x\y)" and eq3: "eqpostimp y x \ eqpostimp (y \ y') x" and eq4L: "(eqpostimp y x)\x \ y" and eq4R: "y \ eqpostimp (y\x) x" and eq5: "one \ (eqstar x)\(eqstar x) \ x \ eqstar x" and eq6: "eqstar x \ eqstar (x \ y)" and eq7: "eqstar (eqpreimp x x) \ (eqpreimp x x)" sublocale action_algebra \ equational_action_algebra where eqstar = bstar and eqpreimp = preimp and eqpostimp = postimp apply unfold_locales apply (metis act1R add_ub galois_counitR order_trans) apply (metis galois_counitR) apply (metis galois_unitR) apply (metis act1L add_ub galois_counitL order_trans) apply (metis galois_counitL) apply (metis galois_unitL) apply (metis add_assoc add_comm boffa1) apply (metis star_subdist) by (metis postimp_pure_induction) sublocale equational_action_algebra \ action_algebra where bstar = eqstar and preimp = eqpreimp and postimp = eqpostimp apply unfold_locales apply (metis add_assoc add_comm eq5) apply (metis add_lub eq2L eq2R eq6 eq7 eq_iff leq_def mult_onel subdistl subdistr) apply (simp add: galois_connection_def, metis eq3 eq4L eq4R leq_def order_trans subdistr) by (simp add: galois_connection_def, metis eq1 eq2L eq2R order_prop order_trans subdistl) sublocale equational_action_algebra \ kleene_algebra where star = eqstar by intro_locales (* +------------------------------------------------------------------------+ | Deflationarity aka wellfoundedness vs UEP | +------------------------------------------------------------------------+ *) class completely_distributive_quantale = unital_quantale + assumes jm_inf_distributive: "x \ \ Y = \ ((\y. x\y) ` Y)" begin lemma lambda_eq: "\x. P x = Q x \ (\x. P x) = (\x. Q x)" by metis lemma lower_ex: "upper_adjoint (\y. qstar x \ z \ y)" by (smt lower_exists add_comm add_lub add_ub isotone_def order_trans jm_inf_distributive meet_preserving_def) lemma kiso: "isotone (\y. x\y \ z)" by (smt add_iso isotone_def order_prop subdistl) lemma hiso: "isotone (\y. x\y)" by (metis qmult_isotonel) lemma comm: "(\y. qstar x \ z \ y)\(\y. x\y) = (\y. x\y \ z)\(\y. qstar x \ z \ y)" proof (unfold o_def, rule lambda_eq, safe) fix y show "qstar x \ z \ x \ y = x \ (qstar x \ z \ y) \ z" by (smt distl mult_assoc add_assoc add_comm mult_onel qdistr1 star_unfoldl_eq) qed lemma arden_fusion: "\ (\y. x\y \ z) = qstar x \ z \ \ (\y. x\y)" by (metis comm greatest_fixpoint_fusion hiso kiso lower_ex) lemma gfp_is_gpp: "\isotone f; is_gfp x f\ \ is_gpp x f" by (metis gfp_equality gpp_is_gfp is_gpp_gpp) lemma gfp_is_gpp_var: "isotone f \ \ f = \\<^sub>\ f" by (metis gfp_is_gpp gpp_equality is_gfp_gfp) lemma deflationarity_eq_strong_deflationarity: "(\y. y \ x\y \ y = \) \ (\y z. y \ x\y \ z \ y \ (qstar x) \ z)" proof - have "(\y. y \ x \ y \ y = \) \ (\y z. y \ x \ y \ z \ y \ qstar x \ z)" by (smt annil gfp_equality_var order_refl arden_fusion bot_oner greatest_fixpoint_induction kiso) thus ?thesis by (metis annil bot_oner leq_def) qed end (******************************************************************************) type_synonym 'a lan = "'a list set" definition l_prod :: "'a lan \ 'a lan \ 'a lan" (infixr "\" 75) where "X\Y = {v@w | v w. v\X \ w\Y}" lemma l_prod_elim: "w\X\Y \ (\u v. w = u@v \ u\X \ v\Y)" by (smt Collect_def l_prod_def mem_def) lemma union_is_join: "X \ Y = X \ Y" apply (simp add: join_def lub_def) apply (rule the_equality[symmetric]) apply (simp_all add: is_lub_def is_ub_def) by (metis Un_least Un_upper1 Un_upper2 equalityI) lemma union_lub: "is_lub (X \ Y) {X, Y}" by (simp add: is_lub_def is_ub_def) lemma "\(x::'a lan) y. \z. is_lub z {x, y}" by (metis union_lub) lemma "((x::'a lan) \ y) \ z = x \ (y \ z)" by (simp add: l_prod_def, auto, metis, metis append_assoc) lemma "x \ y \ z = x \ (y \ z)" by (metis Un_assoc) lemma " x \ y = y \ x" by (metis Un_commute) lemma "(x \ y) \ z = x \ z \ y \ z" by (simp add: l_prod_def, auto) lemma "(x \ y) = (x \ y = y)" by (metis le_iff_sup) lemma "(x \ y) = (x \ y \ \ y \ x)" by (metis less_fun_def) lemma "x \ x = x" by (metis Un_absorb) lemma "{[]} \ x = x" by (simp add: l_prod_def) lemma "x \ {[]} = x" by (simp add: l_prod_def) lemma "{} \ x = x" by (metis Un_empty_left) lemma "{} \ x = {}" by (simp add: l_prod_def) lemma "x \ (y \ z) = x \ y \ x \ z" by (simp add: l_prod_def, auto) lemma "x \ {} = {}" by (simp add: l_prod_def) (* now we have proved that languages form a dioid *) primrec l_power :: "'a lan \ nat \ 'a lan" where "l_power x 0 = {[]}" | "l_power x (Suc n) = x\(l_power x n)" definition star :: "'a lan \ 'a lan" ("_\<^sup>\" [101] 100) where "X\<^sup>\ = (\n. l_power X n)" lemma star_elim: "x\X\<^sup>\ \ (\k. x\l_power X k)" by (metis UN_iff iso_tuple_UNIV_I star_def) lemma star_cont: "X\Y\<^sup>\\Z = (\n. X\l_power Y n\Z)" by (auto, simp_all add: l_prod_elim star_elim, metis+) (* Now we have shown that languages form a star continuous kleene algebra *) lemma set_ext: "\\x. (x \ A) = (x \ B)\ \ A = B" by (metis order_eq_iff subsetI) lemma "(X::'a lan)\(\ Y) = \ ((\Z. X\Z) ` Y)" by (rule set_ext, simp add: l_prod_def, auto) lemma "(\ Y)\(X::'a lan) = \ ((\Z. Z\X) ` Y)" by (rule set_ext, simp add: l_prod_def, auto) (* Now we have shown that languages form a quantale *) (* To form a unital quantale, just go to the dioid laws *) (* Languages form a completely distributive quantale *) lemma "X \ \ Y = \ ((\Z. X\Z) ` Y)" by (metis Inter_image_eq sup_Inf) lemma "X \ \ Y = \ ((\Z. X\Z) ` Y)" by (metis Int_Union Union_image_eq) end