# Theory Complete_Lattices

Up to index of Isabelle/HOL-Proofs

theory Complete_Lattices
imports Set
` (*  Author:     Tobias Nipkow, Lawrence C Paulson and Markus Wenzel; Florian Haftmann, TU Muenchen *)header {* Complete lattices *}theory Complete_Latticesimports Setbeginnotation  less_eq (infix "\<sqsubseteq>" 50) and  less (infix "\<sqsubset>" 50)subsection {* Syntactic infimum and supremum operations *}class Inf =  fixes Inf :: "'a set => 'a" ("\<Sqinter>_" [900] 900)class Sup =  fixes Sup :: "'a set => 'a" ("\<Squnion>_" [900] 900)subsection {* Abstract complete lattices *}class complete_lattice = bounded_lattice + Inf + Sup +  assumes Inf_lower: "x ∈ A ==> \<Sqinter>A \<sqsubseteq> x"     and Inf_greatest: "(!!x. x ∈ A ==> z \<sqsubseteq> x) ==> z \<sqsubseteq> \<Sqinter>A"  assumes Sup_upper: "x ∈ A ==> x \<sqsubseteq> \<Squnion>A"     and Sup_least: "(!!x. x ∈ A ==> x \<sqsubseteq> z) ==> \<Squnion>A \<sqsubseteq> z"beginlemma dual_complete_lattice:  "class.complete_lattice Sup Inf sup (op ≥) (op >) inf \<top> ⊥"  by (auto intro!: class.complete_lattice.intro dual_bounded_lattice)    (unfold_locales, (fact bot_least top_greatest        Sup_upper Sup_least Inf_lower Inf_greatest)+)definition INFI :: "'b set => ('b => 'a) => 'a" where  INF_def: "INFI A f = \<Sqinter>(f ` A)"definition SUPR :: "'b set => ('b => 'a) => 'a" where  SUP_def: "SUPR A f = \<Squnion>(f ` A)"text {*  Note: must use names @{const INFI} and @{const SUPR} here instead of  @{text INF} and @{text SUP} to allow the following syntax coexist  with the plain constant names.*}endsyntax  "_INF1"     :: "pttrns => 'b => 'b"           ("(3INF _./ _)" [0, 10] 10)  "_INF"      :: "pttrn => 'a set => 'b => 'b"  ("(3INF _:_./ _)" [0, 0, 10] 10)  "_SUP1"     :: "pttrns => 'b => 'b"           ("(3SUP _./ _)" [0, 10] 10)  "_SUP"      :: "pttrn => 'a set => 'b => 'b"  ("(3SUP _:_./ _)" [0, 0, 10] 10)syntax (xsymbols)  "_INF1"     :: "pttrns => 'b => 'b"           ("(3\<Sqinter>_./ _)" [0, 10] 10)  "_INF"      :: "pttrn => 'a set => 'b => 'b"  ("(3\<Sqinter>_∈_./ _)" [0, 0, 10] 10)  "_SUP1"     :: "pttrns => 'b => 'b"           ("(3\<Squnion>_./ _)" [0, 10] 10)  "_SUP"      :: "pttrn => 'a set => 'b => 'b"  ("(3\<Squnion>_∈_./ _)" [0, 0, 10] 10)translations  "INF x y. B"   == "INF x. INF y. B"  "INF x. B"     == "CONST INFI CONST UNIV (%x. B)"  "INF x. B"     == "INF x:CONST UNIV. B"  "INF x:A. B"   == "CONST INFI A (%x. B)"  "SUP x y. B"   == "SUP x. SUP y. B"  "SUP x. B"     == "CONST SUPR CONST UNIV (%x. B)"  "SUP x. B"     == "SUP x:CONST UNIV. B"  "SUP x:A. B"   == "CONST SUPR A (%x. B)"print_translation {*  [Syntax_Trans.preserve_binder_abs2_tr' @{const_syntax INFI} @{syntax_const "_INF"},    Syntax_Trans.preserve_binder_abs2_tr' @{const_syntax SUPR} @{syntax_const "_SUP"}]*} -- {* to avoid eta-contraction of body *}context complete_latticebeginlemma INF_foundation_dual [no_atp]:  "complete_lattice.SUPR Inf = INFI"  by (simp add: fun_eq_iff INF_def    complete_lattice.SUP_def [OF dual_complete_lattice])lemma SUP_foundation_dual [no_atp]:  "complete_lattice.INFI Sup = SUPR"  by (simp add: fun_eq_iff SUP_def    complete_lattice.INF_def [OF dual_complete_lattice])lemma INF_lower: "i ∈ A ==> (\<Sqinter>i∈A. f i) \<sqsubseteq> f i"  by (auto simp add: INF_def intro: Inf_lower)lemma INF_greatest: "(!!i. i ∈ A ==> u \<sqsubseteq> f i) ==> u \<sqsubseteq> (\<Sqinter>i∈A. f i)"  by (auto simp add: INF_def intro: Inf_greatest)lemma SUP_upper: "i ∈ A ==> f i \<sqsubseteq> (\<Squnion>i∈A. f i)"  by (auto simp add: SUP_def intro: Sup_upper)lemma SUP_least: "(!!i. i ∈ A ==> f i \<sqsubseteq> u) ==> (\<Squnion>i∈A. f i) \<sqsubseteq> u"  by (auto simp add: SUP_def intro: Sup_least)lemma Inf_lower2: "u ∈ A ==> u \<sqsubseteq> v ==> \<Sqinter>A \<sqsubseteq> v"  using Inf_lower [of u A] by autolemma INF_lower2: "i ∈ A ==> f i \<sqsubseteq> u ==> (\<Sqinter>i∈A. f i) \<sqsubseteq> u"  using INF_lower [of i A f] by autolemma Sup_upper2: "u ∈ A ==> v \<sqsubseteq> u ==> v \<sqsubseteq> \<Squnion>A"  using Sup_upper [of u A] by autolemma SUP_upper2: "i ∈ A ==> u \<sqsubseteq> f i ==> u \<sqsubseteq> (\<Squnion>i∈A. f i)"  using SUP_upper [of i A f] by autolemma le_Inf_iff: "b \<sqsubseteq> \<Sqinter>A <-> (∀a∈A. b \<sqsubseteq> a)"  by (auto intro: Inf_greatest dest: Inf_lower)lemma le_INF_iff: "u \<sqsubseteq> (\<Sqinter>i∈A. f i) <-> (∀i∈A. u \<sqsubseteq> f i)"  by (auto simp add: INF_def le_Inf_iff)lemma Sup_le_iff: "\<Squnion>A \<sqsubseteq> b <-> (∀a∈A. a \<sqsubseteq> b)"  by (auto intro: Sup_least dest: Sup_upper)lemma SUP_le_iff: "(\<Squnion>i∈A. f i) \<sqsubseteq> u <-> (∀i∈A. f i \<sqsubseteq> u)"  by (auto simp add: SUP_def Sup_le_iff)lemma Inf_empty [simp]:  "\<Sqinter>{} = \<top>"  by (auto intro: antisym Inf_greatest)lemma INF_empty [simp]: "(\<Sqinter>x∈{}. f x) = \<top>"  by (simp add: INF_def)lemma Sup_empty [simp]:  "\<Squnion>{} = ⊥"  by (auto intro: antisym Sup_least)lemma SUP_empty [simp]: "(\<Squnion>x∈{}. f x) = ⊥"  by (simp add: SUP_def)lemma Inf_UNIV [simp]:  "\<Sqinter>UNIV = ⊥"  by (auto intro!: antisym Inf_lower)lemma Sup_UNIV [simp]:  "\<Squnion>UNIV = \<top>"  by (auto intro!: antisym Sup_upper)lemma Inf_insert [simp]: "\<Sqinter>insert a A = a \<sqinter> \<Sqinter>A"  by (auto intro: le_infI le_infI1 le_infI2 antisym Inf_greatest Inf_lower)lemma INF_insert: "(\<Sqinter>x∈insert a A. f x) = f a \<sqinter> INFI A f"  by (simp add: INF_def)lemma Sup_insert [simp]: "\<Squnion>insert a A = a \<squnion> \<Squnion>A"  by (auto intro: le_supI le_supI1 le_supI2 antisym Sup_least Sup_upper)lemma SUP_insert: "(\<Squnion>x∈insert a A. f x) = f a \<squnion> SUPR A f"  by (simp add: SUP_def)lemma INF_image [simp]: "(\<Sqinter>x∈f`A. g x) = (\<Sqinter>x∈A. g (f x))"  by (simp add: INF_def image_image)lemma SUP_image [simp]: "(\<Squnion>x∈f`A. g x) = (\<Squnion>x∈A. g (f x))"  by (simp add: SUP_def image_image)lemma Inf_Sup: "\<Sqinter>A = \<Squnion>{b. ∀a ∈ A. b \<sqsubseteq> a}"  by (auto intro: antisym Inf_lower Inf_greatest Sup_upper Sup_least)lemma Sup_Inf:  "\<Squnion>A = \<Sqinter>{b. ∀a ∈ A. a \<sqsubseteq> b}"  by (auto intro: antisym Inf_lower Inf_greatest Sup_upper Sup_least)lemma Inf_superset_mono: "B ⊆ A ==> \<Sqinter>A \<sqsubseteq> \<Sqinter>B"  by (auto intro: Inf_greatest Inf_lower)lemma Sup_subset_mono: "A ⊆ B ==> \<Squnion>A \<sqsubseteq> \<Squnion>B"  by (auto intro: Sup_least Sup_upper)lemma INF_cong:  "A = B ==> (!!x. x ∈ B ==> C x = D x) ==> (\<Sqinter>x∈A. C x) = (\<Sqinter>x∈B. D x)"  by (simp add: INF_def image_def)lemma SUP_cong:  "A = B ==> (!!x. x ∈ B ==> C x = D x) ==> (\<Squnion>x∈A. C x) = (\<Squnion>x∈B. D x)"  by (simp add: SUP_def image_def)lemma Inf_mono:  assumes "!!b. b ∈ B ==> ∃a∈A. a \<sqsubseteq> b"  shows "\<Sqinter>A \<sqsubseteq> \<Sqinter>B"proof (rule Inf_greatest)  fix b assume "b ∈ B"  with assms obtain a where "a ∈ A" and "a \<sqsubseteq> b" by blast  from `a ∈ A` have "\<Sqinter>A \<sqsubseteq> a" by (rule Inf_lower)  with `a \<sqsubseteq> b` show "\<Sqinter>A \<sqsubseteq> b" by autoqedlemma INF_mono:  "(!!m. m ∈ B ==> ∃n∈A. f n \<sqsubseteq> g m) ==> (\<Sqinter>n∈A. f n) \<sqsubseteq> (\<Sqinter>n∈B. g n)"  unfolding INF_def by (rule Inf_mono) fastlemma Sup_mono:  assumes "!!a. a ∈ A ==> ∃b∈B. a \<sqsubseteq> b"  shows "\<Squnion>A \<sqsubseteq> \<Squnion>B"proof (rule Sup_least)  fix a assume "a ∈ A"  with assms obtain b where "b ∈ B" and "a \<sqsubseteq> b" by blast  from `b ∈ B` have "b \<sqsubseteq> \<Squnion>B" by (rule Sup_upper)  with `a \<sqsubseteq> b` show "a \<sqsubseteq> \<Squnion>B" by autoqedlemma SUP_mono:  "(!!n. n ∈ A ==> ∃m∈B. f n \<sqsubseteq> g m) ==> (\<Squnion>n∈A. f n) \<sqsubseteq> (\<Squnion>n∈B. g n)"  unfolding SUP_def by (rule Sup_mono) fastlemma INF_superset_mono:  "B ⊆ A ==> (!!x. x ∈ B ==> f x \<sqsubseteq> g x) ==> (\<Sqinter>x∈A. f x) \<sqsubseteq> (\<Sqinter>x∈B. g x)"  -- {* The last inclusion is POSITIVE! *}  by (blast intro: INF_mono dest: subsetD)lemma SUP_subset_mono:  "A ⊆ B ==> (!!x. x ∈ A ==> f x \<sqsubseteq> g x) ==> (\<Squnion>x∈A. f x) \<sqsubseteq> (\<Squnion>x∈B. g x)"  by (blast intro: SUP_mono dest: subsetD)lemma Inf_less_eq:  assumes "!!v. v ∈ A ==> v \<sqsubseteq> u"    and "A ≠ {}"  shows "\<Sqinter>A \<sqsubseteq> u"proof -  from `A ≠ {}` obtain v where "v ∈ A" by blast  moreover with assms have "v \<sqsubseteq> u" by blast  ultimately show ?thesis by (rule Inf_lower2)qedlemma less_eq_Sup:  assumes "!!v. v ∈ A ==> u \<sqsubseteq> v"    and "A ≠ {}"  shows "u \<sqsubseteq> \<Squnion>A"proof -  from `A ≠ {}` obtain v where "v ∈ A" by blast  moreover with assms have "u \<sqsubseteq> v" by blast  ultimately show ?thesis by (rule Sup_upper2)qedlemma less_eq_Inf_inter: "\<Sqinter>A \<squnion> \<Sqinter>B \<sqsubseteq> \<Sqinter>(A ∩ B)"  by (auto intro: Inf_greatest Inf_lower)lemma Sup_inter_less_eq: "\<Squnion>(A ∩ B) \<sqsubseteq> \<Squnion>A \<sqinter> \<Squnion>B "  by (auto intro: Sup_least Sup_upper)lemma Inf_union_distrib: "\<Sqinter>(A ∪ B) = \<Sqinter>A \<sqinter> \<Sqinter>B"  by (rule antisym) (auto intro: Inf_greatest Inf_lower le_infI1 le_infI2)lemma INF_union:  "(\<Sqinter>i ∈ A ∪ B. M i) = (\<Sqinter>i ∈ A. M i) \<sqinter> (\<Sqinter>i∈B. M i)"  by (auto intro!: antisym INF_mono intro: le_infI1 le_infI2 INF_greatest INF_lower)lemma Sup_union_distrib: "\<Squnion>(A ∪ B) = \<Squnion>A \<squnion> \<Squnion>B"  by (rule antisym) (auto intro: Sup_least Sup_upper le_supI1 le_supI2)lemma SUP_union:  "(\<Squnion>i ∈ A ∪ B. M i) = (\<Squnion>i ∈ A. M i) \<squnion> (\<Squnion>i∈B. M i)"  by (auto intro!: antisym SUP_mono intro: le_supI1 le_supI2 SUP_least SUP_upper)lemma INF_inf_distrib: "(\<Sqinter>a∈A. f a) \<sqinter> (\<Sqinter>a∈A. g a) = (\<Sqinter>a∈A. f a \<sqinter> g a)"  by (rule antisym) (rule INF_greatest, auto intro: le_infI1 le_infI2 INF_lower INF_mono)lemma SUP_sup_distrib: "(\<Squnion>a∈A. f a) \<squnion> (\<Squnion>a∈A. g a) = (\<Squnion>a∈A. f a \<squnion> g a)" (is "?L = ?R")proof (rule antisym)  show "?L ≤ ?R" by (auto intro: le_supI1 le_supI2 SUP_upper SUP_mono)next  show "?R ≤ ?L" by (rule SUP_least) (auto intro: le_supI1 le_supI2 SUP_upper)qedlemma Inf_top_conv [simp, no_atp]:  "\<Sqinter>A = \<top> <-> (∀x∈A. x = \<top>)"  "\<top> = \<Sqinter>A <-> (∀x∈A. x = \<top>)"proof -  show "\<Sqinter>A = \<top> <-> (∀x∈A. x = \<top>)"  proof    assume "∀x∈A. x = \<top>"    then have "A = {} ∨ A = {\<top>}" by auto    then show "\<Sqinter>A = \<top>" by auto  next    assume "\<Sqinter>A = \<top>"    show "∀x∈A. x = \<top>"    proof (rule ccontr)      assume "¬ (∀x∈A. x = \<top>)"      then obtain x where "x ∈ A" and "x ≠ \<top>" by blast      then obtain B where "A = insert x B" by blast      with `\<Sqinter>A = \<top>` `x ≠ \<top>` show False by simp    qed  qed  then show "\<top> = \<Sqinter>A <-> (∀x∈A. x = \<top>)" by autoqedlemma INF_top_conv [simp]: "(\<Sqinter>x∈A. B x) = \<top> <-> (∀x∈A. B x = \<top>)" "\<top> = (\<Sqinter>x∈A. B x) <-> (∀x∈A. B x = \<top>)"  by (auto simp add: INF_def)lemma Sup_bot_conv [simp, no_atp]:  "\<Squnion>A = ⊥ <-> (∀x∈A. x = ⊥)" (is ?P)  "⊥ = \<Squnion>A <-> (∀x∈A. x = ⊥)" (is ?Q)  using dual_complete_lattice  by (rule complete_lattice.Inf_top_conv)+lemma SUP_bot_conv [simp]: "(\<Squnion>x∈A. B x) = ⊥ <-> (∀x∈A. B x = ⊥)" "⊥ = (\<Squnion>x∈A. B x) <-> (∀x∈A. B x = ⊥)"  by (auto simp add: SUP_def)lemma INF_const [simp]: "A ≠ {} ==> (\<Sqinter>i∈A. f) = f"  by (auto intro: antisym INF_lower INF_greatest)lemma SUP_const [simp]: "A ≠ {} ==> (\<Squnion>i∈A. f) = f"  by (auto intro: antisym SUP_upper SUP_least)lemma INF_top [simp]: "(\<Sqinter>x∈A. \<top>) = \<top>"  by (cases "A = {}") simp_alllemma SUP_bot [simp]: "(\<Squnion>x∈A. ⊥) = ⊥"  by (cases "A = {}") simp_alllemma INF_commute: "(\<Sqinter>i∈A. \<Sqinter>j∈B. f i j) = (\<Sqinter>j∈B. \<Sqinter>i∈A. f i j)"  by (iprover intro: INF_lower INF_greatest order_trans antisym)lemma SUP_commute: "(\<Squnion>i∈A. \<Squnion>j∈B. f i j) = (\<Squnion>j∈B. \<Squnion>i∈A. f i j)"  by (iprover intro: SUP_upper SUP_least order_trans antisym)lemma INF_absorb:  assumes "k ∈ I"  shows "A k \<sqinter> (\<Sqinter>i∈I. A i) = (\<Sqinter>i∈I. A i)"proof -  from assms obtain J where "I = insert k J" by blast  then show ?thesis by (simp add: INF_insert)qedlemma SUP_absorb:  assumes "k ∈ I"  shows "A k \<squnion> (\<Squnion>i∈I. A i) = (\<Squnion>i∈I. A i)"proof -  from assms obtain J where "I = insert k J" by blast  then show ?thesis by (simp add: SUP_insert)qedlemma INF_constant:  "(\<Sqinter>y∈A. c) = (if A = {} then \<top> else c)"  by simplemma SUP_constant:  "(\<Squnion>y∈A. c) = (if A = {} then ⊥ else c)"  by simplemma less_INF_D:  assumes "y < (\<Sqinter>i∈A. f i)" "i ∈ A" shows "y < f i"proof -  note `y < (\<Sqinter>i∈A. f i)`  also have "(\<Sqinter>i∈A. f i) ≤ f i" using `i ∈ A`    by (rule INF_lower)  finally show "y < f i" .qedlemma SUP_lessD:  assumes "(\<Squnion>i∈A. f i) < y" "i ∈ A" shows "f i < y"proof -  have "f i ≤ (\<Squnion>i∈A. f i)" using `i ∈ A`    by (rule SUP_upper)  also note `(\<Squnion>i∈A. f i) < y`  finally show "f i < y" .qedlemma INF_UNIV_bool_expand:  "(\<Sqinter>b. A b) = A True \<sqinter> A False"  by (simp add: UNIV_bool INF_insert inf_commute)lemma SUP_UNIV_bool_expand:  "(\<Squnion>b. A b) = A True \<squnion> A False"  by (simp add: UNIV_bool SUP_insert sup_commute)endclass complete_distrib_lattice = complete_lattice +  assumes sup_Inf: "a \<squnion> \<Sqinter>B = (\<Sqinter>b∈B. a \<squnion> b)"  assumes inf_Sup: "a \<sqinter> \<Squnion>B = (\<Squnion>b∈B. a \<sqinter> b)"beginlemma sup_INF:  "a \<squnion> (\<Sqinter>b∈B. f b) = (\<Sqinter>b∈B. a \<squnion> f b)"  by (simp add: INF_def sup_Inf image_image)lemma inf_SUP:  "a \<sqinter> (\<Squnion>b∈B. f b) = (\<Squnion>b∈B. a \<sqinter> f b)"  by (simp add: SUP_def inf_Sup image_image)lemma dual_complete_distrib_lattice:  "class.complete_distrib_lattice Sup Inf sup (op ≥) (op >) inf \<top> ⊥"  apply (rule class.complete_distrib_lattice.intro)  apply (fact dual_complete_lattice)  apply (rule class.complete_distrib_lattice_axioms.intro)  apply (simp_all only: INF_foundation_dual SUP_foundation_dual inf_Sup sup_Inf)  donesubclass distrib_lattice proof  fix a b c  from sup_Inf have "a \<squnion> \<Sqinter>{b, c} = (\<Sqinter>d∈{b, c}. a \<squnion> d)" .  then show "a \<squnion> b \<sqinter> c = (a \<squnion> b) \<sqinter> (a \<squnion> c)" by (simp add: INF_def)qedlemma Inf_sup:  "\<Sqinter>B \<squnion> a = (\<Sqinter>b∈B. b \<squnion> a)"  by (simp add: sup_Inf sup_commute)lemma Sup_inf:  "\<Squnion>B \<sqinter> a = (\<Squnion>b∈B. b \<sqinter> a)"  by (simp add: inf_Sup inf_commute)lemma INF_sup:   "(\<Sqinter>b∈B. f b) \<squnion> a = (\<Sqinter>b∈B. f b \<squnion> a)"  by (simp add: sup_INF sup_commute)lemma SUP_inf:  "(\<Squnion>b∈B. f b) \<sqinter> a = (\<Squnion>b∈B. f b \<sqinter> a)"  by (simp add: inf_SUP inf_commute)lemma Inf_sup_eq_top_iff:  "(\<Sqinter>B \<squnion> a = \<top>) <-> (∀b∈B. b \<squnion> a = \<top>)"  by (simp only: Inf_sup INF_top_conv)lemma Sup_inf_eq_bot_iff:  "(\<Squnion>B \<sqinter> a = ⊥) <-> (∀b∈B. b \<sqinter> a = ⊥)"  by (simp only: Sup_inf SUP_bot_conv)lemma INF_sup_distrib2:  "(\<Sqinter>a∈A. f a) \<squnion> (\<Sqinter>b∈B. g b) = (\<Sqinter>a∈A. \<Sqinter>b∈B. f a \<squnion> g b)"  by (subst INF_commute) (simp add: sup_INF INF_sup)lemma SUP_inf_distrib2:  "(\<Squnion>a∈A. f a) \<sqinter> (\<Squnion>b∈B. g b) = (\<Squnion>a∈A. \<Squnion>b∈B. f a \<sqinter> g b)"  by (subst SUP_commute) (simp add: inf_SUP SUP_inf)endclass complete_boolean_algebra = boolean_algebra + complete_distrib_latticebeginlemma dual_complete_boolean_algebra:  "class.complete_boolean_algebra Sup Inf sup (op ≥) (op >) inf \<top> ⊥ (λx y. x \<squnion> - y) uminus"  by (rule class.complete_boolean_algebra.intro, rule dual_complete_distrib_lattice, rule dual_boolean_algebra)lemma uminus_Inf:  "- (\<Sqinter>A) = \<Squnion>(uminus ` A)"proof (rule antisym)  show "- \<Sqinter>A ≤ \<Squnion>(uminus ` A)"    by (rule compl_le_swap2, rule Inf_greatest, rule compl_le_swap2, rule Sup_upper) simp  show "\<Squnion>(uminus ` A) ≤ - \<Sqinter>A"    by (rule Sup_least, rule compl_le_swap1, rule Inf_lower) autoqedlemma uminus_INF: "- (\<Sqinter>x∈A. B x) = (\<Squnion>x∈A. - B x)"  by (simp add: INF_def SUP_def uminus_Inf image_image)lemma uminus_Sup:  "- (\<Squnion>A) = \<Sqinter>(uminus ` A)"proof -  have "\<Squnion>A = - \<Sqinter>(uminus ` A)" by (simp add: image_image uminus_Inf)  then show ?thesis by simpqed  lemma uminus_SUP: "- (\<Squnion>x∈A. B x) = (\<Sqinter>x∈A. - B x)"  by (simp add: INF_def SUP_def uminus_Sup image_image)endclass complete_linorder = linorder + complete_latticebeginlemma dual_complete_linorder:  "class.complete_linorder Sup Inf sup (op ≥) (op >) inf \<top> ⊥"  by (rule class.complete_linorder.intro, rule dual_complete_lattice, rule dual_linorder)lemma Inf_less_iff:  "\<Sqinter>S \<sqsubset> a <-> (∃x∈S. x \<sqsubset> a)"  unfolding not_le [symmetric] le_Inf_iff by autolemma INF_less_iff:  "(\<Sqinter>i∈A. f i) \<sqsubset> a <-> (∃x∈A. f x \<sqsubset> a)"  unfolding INF_def Inf_less_iff by autolemma less_Sup_iff:  "a \<sqsubset> \<Squnion>S <-> (∃x∈S. a \<sqsubset> x)"  unfolding not_le [symmetric] Sup_le_iff by autolemma less_SUP_iff:  "a \<sqsubset> (\<Squnion>i∈A. f i) <-> (∃x∈A. a \<sqsubset> f x)"  unfolding SUP_def less_Sup_iff by autolemma Sup_eq_top_iff [simp]:  "\<Squnion>A = \<top> <-> (∀x<\<top>. ∃i∈A. x < i)"proof  assume *: "\<Squnion>A = \<top>"  show "(∀x<\<top>. ∃i∈A. x < i)" unfolding * [symmetric]  proof (intro allI impI)    fix x assume "x < \<Squnion>A" then show "∃i∈A. x < i"      unfolding less_Sup_iff by auto  qednext  assume *: "∀x<\<top>. ∃i∈A. x < i"  show "\<Squnion>A = \<top>"  proof (rule ccontr)    assume "\<Squnion>A ≠ \<top>"    with top_greatest [of "\<Squnion>A"]    have "\<Squnion>A < \<top>" unfolding le_less by auto    then have "\<Squnion>A < \<Squnion>A"      using * unfolding less_Sup_iff by auto    then show False by auto  qedqedlemma SUP_eq_top_iff [simp]:  "(\<Squnion>i∈A. f i) = \<top> <-> (∀x<\<top>. ∃i∈A. x < f i)"  unfolding SUP_def by autolemma Inf_eq_bot_iff [simp]:  "\<Sqinter>A = ⊥ <-> (∀x>⊥. ∃i∈A. i < x)"  using dual_complete_linorder  by (rule complete_linorder.Sup_eq_top_iff)lemma INF_eq_bot_iff [simp]:  "(\<Sqinter>i∈A. f i) = ⊥ <-> (∀x>⊥. ∃i∈A. f i < x)"  unfolding INF_def by autoendsubsection {* Complete lattice on @{typ bool} *}instantiation bool :: complete_latticebegindefinition  [simp, code]: "\<Sqinter>A <-> False ∉ A"definition  [simp, code]: "\<Squnion>A <-> True ∈ A"instance proofqed (auto intro: bool_induct)endlemma not_False_in_image_Ball [simp]:  "False ∉ P ` A <-> Ball A P"  by autolemma True_in_image_Bex [simp]:  "True ∈ P ` A <-> Bex A P"  by autolemma INF_bool_eq [simp]:  "INFI = Ball"  by (simp add: fun_eq_iff INF_def)lemma SUP_bool_eq [simp]:  "SUPR = Bex"  by (simp add: fun_eq_iff SUP_def)instance bool :: complete_boolean_algebra proofqed (auto intro: bool_induct)subsection {* Complete lattice on @{typ "_ => _"} *}instantiation "fun" :: (type, complete_lattice) complete_latticebegindefinition  "\<Sqinter>A = (λx. \<Sqinter>f∈A. f x)"lemma Inf_apply [simp, code]:  "(\<Sqinter>A) x = (\<Sqinter>f∈A. f x)"  by (simp add: Inf_fun_def)definition  "\<Squnion>A = (λx. \<Squnion>f∈A. f x)"lemma Sup_apply [simp, code]:  "(\<Squnion>A) x = (\<Squnion>f∈A. f x)"  by (simp add: Sup_fun_def)instance proofqed (auto simp add: le_fun_def intro: INF_lower INF_greatest SUP_upper SUP_least)endlemma INF_apply [simp]:  "(\<Sqinter>y∈A. f y) x = (\<Sqinter>y∈A. f y x)"  by (auto intro: arg_cong [of _ _ Inf] simp add: INF_def)lemma SUP_apply [simp]:  "(\<Squnion>y∈A. f y) x = (\<Squnion>y∈A. f y x)"  by (auto intro: arg_cong [of _ _ Sup] simp add: SUP_def)instance "fun" :: (type, complete_distrib_lattice) complete_distrib_lattice proofqed (auto simp add: INF_def SUP_def inf_Sup sup_Inf image_image)instance "fun" :: (type, complete_boolean_algebra) complete_boolean_algebra ..subsection {* Complete lattice on unary and binary predicates *}lemma INF1_iff: "(\<Sqinter>x∈A. B x) b = (∀x∈A. B x b)"  by simplemma INF2_iff: "(\<Sqinter>x∈A. B x) b c = (∀x∈A. B x b c)"  by simplemma INF1_I: "(!!x. x ∈ A ==> B x b) ==> (\<Sqinter>x∈A. B x) b"  by autolemma INF2_I: "(!!x. x ∈ A ==> B x b c) ==> (\<Sqinter>x∈A. B x) b c"  by autolemma INF1_D: "(\<Sqinter>x∈A. B x) b ==> a ∈ A ==> B a b"  by autolemma INF2_D: "(\<Sqinter>x∈A. B x) b c ==> a ∈ A ==> B a b c"  by autolemma INF1_E: "(\<Sqinter>x∈A. B x) b ==> (B a b ==> R) ==> (a ∉ A ==> R) ==> R"  by autolemma INF2_E: "(\<Sqinter>x∈A. B x) b c ==> (B a b c ==> R) ==> (a ∉ A ==> R) ==> R"  by autolemma SUP1_iff: "(\<Squnion>x∈A. B x) b = (∃x∈A. B x b)"  by simplemma SUP2_iff: "(\<Squnion>x∈A. B x) b c = (∃x∈A. B x b c)"  by simplemma SUP1_I: "a ∈ A ==> B a b ==> (\<Squnion>x∈A. B x) b"  by autolemma SUP2_I: "a ∈ A ==> B a b c ==> (\<Squnion>x∈A. B x) b c"  by autolemma SUP1_E: "(\<Squnion>x∈A. B x) b ==> (!!x. x ∈ A ==> B x b ==> R) ==> R"  by autolemma SUP2_E: "(\<Squnion>x∈A. B x) b c ==> (!!x. x ∈ A ==> B x b c ==> R) ==> R"  by autosubsection {* Complete lattice on @{typ "_ set"} *}instantiation "set" :: (type) complete_latticebegindefinition  "\<Sqinter>A = {x. \<Sqinter>((λB. x ∈ B) ` A)}"definition  "\<Squnion>A = {x. \<Squnion>((λB. x ∈ B) ` A)}"instance proofqed (auto simp add: less_eq_set_def Inf_set_def Sup_set_def Inf_bool_def Sup_bool_def le_fun_def)endinstance "set" :: (type) complete_boolean_algebraproofqed (auto simp add: INF_def SUP_def Inf_set_def Sup_set_def image_def)  subsubsection {* Inter *}abbreviation Inter :: "'a set set => 'a set" where  "Inter S ≡ \<Sqinter>S"  notation (xsymbols)  Inter  ("\<Inter>_" [90] 90)lemma Inter_eq:  "\<Inter>A = {x. ∀B ∈ A. x ∈ B}"proof (rule set_eqI)  fix x  have "(∀Q∈{P. ∃B∈A. P <-> x ∈ B}. Q) <-> (∀B∈A. x ∈ B)"    by auto  then show "x ∈ \<Inter>A <-> x ∈ {x. ∀B ∈ A. x ∈ B}"    by (simp add: Inf_set_def image_def)qedlemma Inter_iff [simp,no_atp]: "A ∈ \<Inter>C <-> (∀X∈C. A ∈ X)"  by (unfold Inter_eq) blastlemma InterI [intro!]: "(!!X. X ∈ C ==> A ∈ X) ==> A ∈ \<Inter>C"  by (simp add: Inter_eq)text {*  \medskip A ``destruct'' rule -- every @{term X} in @{term C}  contains @{term A} as an element, but @{prop "A ∈ X"} can hold when  @{prop "X ∈ C"} does not!  This rule is analogous to @{text spec}.*}lemma InterD [elim, Pure.elim]: "A ∈ \<Inter>C ==> X ∈ C ==> A ∈ X"  by autolemma InterE [elim]: "A ∈ \<Inter>C ==> (X ∉ C ==> R) ==> (A ∈ X ==> R) ==> R"  -- {* ``Classical'' elimination rule -- does not require proving    @{prop "X ∈ C"}. *}  by (unfold Inter_eq) blastlemma Inter_lower: "B ∈ A ==> \<Inter>A ⊆ B"  by (fact Inf_lower)lemma Inter_subset:  "(!!X. X ∈ A ==> X ⊆ B) ==> A ≠ {} ==> \<Inter>A ⊆ B"  by (fact Inf_less_eq)lemma Inter_greatest: "(!!X. X ∈ A ==> C ⊆ X) ==> C ⊆ Inter A"  by (fact Inf_greatest)lemma Inter_empty: "\<Inter>{} = UNIV"  by (fact Inf_empty) (* already simp *)lemma Inter_UNIV: "\<Inter>UNIV = {}"  by (fact Inf_UNIV) (* already simp *)lemma Inter_insert: "\<Inter>(insert a B) = a ∩ \<Inter>B"  by (fact Inf_insert) (* already simp *)lemma Inter_Un_subset: "\<Inter>A ∪ \<Inter>B ⊆ \<Inter>(A ∩ B)"  by (fact less_eq_Inf_inter)lemma Inter_Un_distrib: "\<Inter>(A ∪ B) = \<Inter>A ∩ \<Inter>B"  by (fact Inf_union_distrib)lemma Inter_UNIV_conv [simp, no_atp]:  "\<Inter>A = UNIV <-> (∀x∈A. x = UNIV)"  "UNIV = \<Inter>A <-> (∀x∈A. x = UNIV)"  by (fact Inf_top_conv)+lemma Inter_anti_mono: "B ⊆ A ==> \<Inter>A ⊆ \<Inter>B"  by (fact Inf_superset_mono)subsubsection {* Intersections of families *}abbreviation INTER :: "'a set => ('a => 'b set) => 'b set" where  "INTER ≡ INFI"text {*  Note: must use name @{const INTER} here instead of @{text INT}  to allow the following syntax coexist with the plain constant name.*}syntax  "_INTER1"     :: "pttrns => 'b set => 'b set"           ("(3INT _./ _)" [0, 10] 10)  "_INTER"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3INT _:_./ _)" [0, 0, 10] 10)syntax (xsymbols)  "_INTER1"     :: "pttrns => 'b set => 'b set"           ("(3\<Inter>_./ _)" [0, 10] 10)  "_INTER"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3\<Inter>_∈_./ _)" [0, 0, 10] 10)syntax (latex output)  "_INTER1"     :: "pttrns => 'b set => 'b set"           ("(3\<Inter>(00⇘_⇙)/ _)" [0, 10] 10)  "_INTER"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3\<Inter>(00⇘_∈_⇙)/ _)" [0, 0, 10] 10)translations  "INT x y. B"  == "INT x. INT y. B"  "INT x. B"    == "CONST INTER CONST UNIV (%x. B)"  "INT x. B"    == "INT x:CONST UNIV. B"  "INT x:A. B"  == "CONST INTER A (%x. B)"print_translation {*  [Syntax_Trans.preserve_binder_abs2_tr' @{const_syntax INTER} @{syntax_const "_INTER"}]*} -- {* to avoid eta-contraction of body *}lemma INTER_eq:  "(\<Inter>x∈A. B x) = {y. ∀x∈A. y ∈ B x}"  by (auto simp add: INF_def)lemma Inter_image_eq [simp]:  "\<Inter>(B`A) = (\<Inter>x∈A. B x)"  by (rule sym) (fact INF_def)lemma INT_iff [simp]: "b ∈ (\<Inter>x∈A. B x) <-> (∀x∈A. b ∈ B x)"  by (auto simp add: INF_def image_def)lemma INT_I [intro!]: "(!!x. x ∈ A ==> b ∈ B x) ==> b ∈ (\<Inter>x∈A. B x)"  by (auto simp add: INF_def image_def)lemma INT_D [elim, Pure.elim]: "b ∈ (\<Inter>x∈A. B x) ==> a ∈ A ==> b ∈ B a"  by autolemma INT_E [elim]: "b ∈ (\<Inter>x∈A. B x) ==> (b ∈ B a ==> R) ==> (a ∉ A ==> R) ==> R"  -- {* "Classical" elimination -- by the Excluded Middle on @{prop "a∈A"}. *}  by (auto simp add: INF_def image_def)lemma INT_cong [cong]:  "A = B ==> (!!x. x ∈ B ==> C x = D x) ==> (\<Inter>x∈A. C x) = (\<Inter>x∈B. D x)"  by (fact INF_cong)lemma Collect_ball_eq: "{x. ∀y∈A. P x y} = (\<Inter>y∈A. {x. P x y})"  by blastlemma Collect_all_eq: "{x. ∀y. P x y} = (\<Inter>y. {x. P x y})"  by blastlemma INT_lower: "a ∈ A ==> (\<Inter>x∈A. B x) ⊆ B a"  by (fact INF_lower)lemma INT_greatest: "(!!x. x ∈ A ==> C ⊆ B x) ==> C ⊆ (\<Inter>x∈A. B x)"  by (fact INF_greatest)lemma INT_empty: "(\<Inter>x∈{}. B x) = UNIV"  by (fact INF_empty)lemma INT_absorb: "k ∈ I ==> A k ∩ (\<Inter>i∈I. A i) = (\<Inter>i∈I. A i)"  by (fact INF_absorb)lemma INT_subset_iff: "B ⊆ (\<Inter>i∈I. A i) <-> (∀i∈I. B ⊆ A i)"  by (fact le_INF_iff)lemma INT_insert [simp]: "(\<Inter>x ∈ insert a A. B x) = B a ∩ INTER A B"  by (fact INF_insert)lemma INT_Un: "(\<Inter>i ∈ A ∪ B. M i) = (\<Inter>i ∈ A. M i) ∩ (\<Inter>i∈B. M i)"  by (fact INF_union)lemma INT_insert_distrib:  "u ∈ A ==> (\<Inter>x∈A. insert a (B x)) = insert a (\<Inter>x∈A. B x)"  by blastlemma INT_constant [simp]: "(\<Inter>y∈A. c) = (if A = {} then UNIV else c)"  by (fact INF_constant)lemma INTER_UNIV_conv: "(UNIV = (\<Inter>x∈A. B x)) = (∀x∈A. B x = UNIV)" "((\<Inter>x∈A. B x) = UNIV) = (∀x∈A. B x = UNIV)"  by (fact INF_top_conv)+ (* already simp *)lemma INT_bool_eq: "(\<Inter>b. A b) = A True ∩ A False"  by (fact INF_UNIV_bool_expand)lemma INT_anti_mono:  "A ⊆ B ==> (!!x. x ∈ A ==> f x ⊆ g x) ==> (\<Inter>x∈B. f x) ⊆ (\<Inter>x∈A. g x)"  -- {* The last inclusion is POSITIVE! *}  by (fact INF_superset_mono)lemma Pow_INT_eq: "Pow (\<Inter>x∈A. B x) = (\<Inter>x∈A. Pow (B x))"  by blastlemma vimage_INT: "f -` (\<Inter>x∈A. B x) = (\<Inter>x∈A. f -` B x)"  by blastsubsubsection {* Union *}abbreviation Union :: "'a set set => 'a set" where  "Union S ≡ \<Squnion>S"notation (xsymbols)  Union  ("\<Union>_" [90] 90)lemma Union_eq:  "\<Union>A = {x. ∃B ∈ A. x ∈ B}"proof (rule set_eqI)  fix x  have "(∃Q∈{P. ∃B∈A. P <-> x ∈ B}. Q) <-> (∃B∈A. x ∈ B)"    by auto  then show "x ∈ \<Union>A <-> x ∈ {x. ∃B∈A. x ∈ B}"    by (simp add: Sup_set_def image_def)qedlemma Union_iff [simp, no_atp]:  "A ∈ \<Union>C <-> (∃X∈C. A∈X)"  by (unfold Union_eq) blastlemma UnionI [intro]:  "X ∈ C ==> A ∈ X ==> A ∈ \<Union>C"  -- {* The order of the premises presupposes that @{term C} is rigid;    @{term A} may be flexible. *}  by autolemma UnionE [elim!]:  "A ∈ \<Union>C ==> (!!X. A ∈ X ==> X ∈ C ==> R) ==> R"  by autolemma Union_upper: "B ∈ A ==> B ⊆ \<Union>A"  by (fact Sup_upper)lemma Union_least: "(!!X. X ∈ A ==> X ⊆ C) ==> \<Union>A ⊆ C"  by (fact Sup_least)lemma Union_empty: "\<Union>{} = {}"  by (fact Sup_empty) (* already simp *)lemma Union_UNIV: "\<Union>UNIV = UNIV"  by (fact Sup_UNIV) (* already simp *)lemma Union_insert: "\<Union>insert a B = a ∪ \<Union>B"  by (fact Sup_insert) (* already simp *)lemma Union_Un_distrib [simp]: "\<Union>(A ∪ B) = \<Union>A ∪ \<Union>B"  by (fact Sup_union_distrib)lemma Union_Int_subset: "\<Union>(A ∩ B) ⊆ \<Union>A ∩ \<Union>B"  by (fact Sup_inter_less_eq)lemma Union_empty_conv [no_atp]: "(\<Union>A = {}) <-> (∀x∈A. x = {})"  by (fact Sup_bot_conv) (* already simp *)lemma empty_Union_conv [no_atp]: "({} = \<Union>A) <-> (∀x∈A. x = {})"  by (fact Sup_bot_conv) (* already simp *)lemma subset_Pow_Union: "A ⊆ Pow (\<Union>A)"  by blastlemma Union_Pow_eq [simp]: "\<Union>(Pow A) = A"  by blastlemma Union_mono: "A ⊆ B ==> \<Union>A ⊆ \<Union>B"  by (fact Sup_subset_mono)subsubsection {* Unions of families *}abbreviation UNION :: "'a set => ('a => 'b set) => 'b set" where  "UNION ≡ SUPR"text {*  Note: must use name @{const UNION} here instead of @{text UN}  to allow the following syntax coexist with the plain constant name.*}syntax  "_UNION1"     :: "pttrns => 'b set => 'b set"           ("(3UN _./ _)" [0, 10] 10)  "_UNION"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3UN _:_./ _)" [0, 0, 10] 10)syntax (xsymbols)  "_UNION1"     :: "pttrns => 'b set => 'b set"           ("(3\<Union>_./ _)" [0, 10] 10)  "_UNION"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3\<Union>_∈_./ _)" [0, 0, 10] 10)syntax (latex output)  "_UNION1"     :: "pttrns => 'b set => 'b set"           ("(3\<Union>(00⇘_⇙)/ _)" [0, 10] 10)  "_UNION"      :: "pttrn => 'a set => 'b set => 'b set"  ("(3\<Union>(00⇘_∈_⇙)/ _)" [0, 0, 10] 10)translations  "UN x y. B"   == "UN x. UN y. B"  "UN x. B"     == "CONST UNION CONST UNIV (%x. B)"  "UN x. B"     == "UN x:CONST UNIV. B"  "UN x:A. B"   == "CONST UNION A (%x. B)"text {*  Note the difference between ordinary xsymbol syntax of indexed  unions and intersections (e.g.\ @{text"\<Union>a⇣1∈A⇣1. B"})  and their \LaTeX\ rendition: @{term"\<Union>a⇣1∈A⇣1. B"}. The  former does not make the index expression a subscript of the  union/intersection symbol because this leads to problems with nested  subscripts in Proof General.*}print_translation {*  [Syntax_Trans.preserve_binder_abs2_tr' @{const_syntax UNION} @{syntax_const "_UNION"}]*} -- {* to avoid eta-contraction of body *}lemma UNION_eq [no_atp]:  "(\<Union>x∈A. B x) = {y. ∃x∈A. y ∈ B x}"  by (auto simp add: SUP_def)lemma bind_UNION [code]:  "Set.bind A f = UNION A f"  by (simp add: bind_def UNION_eq)lemma member_bind [simp]:  "x ∈ Set.bind P f <-> x ∈ UNION P f "  by (simp add: bind_UNION)lemma Union_image_eq [simp]:  "\<Union>(B ` A) = (\<Union>x∈A. B x)"  by (rule sym) (fact SUP_def)lemma UN_iff [simp]: "b ∈ (\<Union>x∈A. B x) <-> (∃x∈A. b ∈ B x)"  by (auto simp add: SUP_def image_def)lemma UN_I [intro]: "a ∈ A ==> b ∈ B a ==> b ∈ (\<Union>x∈A. B x)"  -- {* The order of the premises presupposes that @{term A} is rigid;    @{term b} may be flexible. *}  by autolemma UN_E [elim!]: "b ∈ (\<Union>x∈A. B x) ==> (!!x. x∈A ==> b ∈ B x ==> R) ==> R"  by (auto simp add: SUP_def image_def)lemma UN_cong [cong]:  "A = B ==> (!!x. x ∈ B ==> C x = D x) ==> (\<Union>x∈A. C x) = (\<Union>x∈B. D x)"  by (fact SUP_cong)lemma strong_UN_cong:  "A = B ==> (!!x. x ∈ B =simp=> C x = D x) ==> (\<Union>x∈A. C x) = (\<Union>x∈B. D x)"  by (unfold simp_implies_def) (fact UN_cong)lemma image_eq_UN: "f ` A = (\<Union>x∈A. {f x})"  by blastlemma UN_upper: "a ∈ A ==> B a ⊆ (\<Union>x∈A. B x)"  by (fact SUP_upper)lemma UN_least: "(!!x. x ∈ A ==> B x ⊆ C) ==> (\<Union>x∈A. B x) ⊆ C"  by (fact SUP_least)lemma Collect_bex_eq [no_atp]: "{x. ∃y∈A. P x y} = (\<Union>y∈A. {x. P x y})"  by blastlemma UN_insert_distrib: "u ∈ A ==> (\<Union>x∈A. insert a (B x)) = insert a (\<Union>x∈A. B x)"  by blastlemma UN_empty [no_atp]: "(\<Union>x∈{}. B x) = {}"  by (fact SUP_empty)lemma UN_empty2: "(\<Union>x∈A. {}) = {}"  by (fact SUP_bot) (* already simp *)lemma UN_absorb: "k ∈ I ==> A k ∪ (\<Union>i∈I. A i) = (\<Union>i∈I. A i)"  by (fact SUP_absorb)lemma UN_insert [simp]: "(\<Union>x∈insert a A. B x) = B a ∪ UNION A B"  by (fact SUP_insert)lemma UN_Un [simp]: "(\<Union>i ∈ A ∪ B. M i) = (\<Union>i∈A. M i) ∪ (\<Union>i∈B. M i)"  by (fact SUP_union)lemma UN_UN_flatten: "(\<Union>x ∈ (\<Union>y∈A. B y). C x) = (\<Union>y∈A. \<Union>x∈B y. C x)"  by blastlemma UN_subset_iff: "((\<Union>i∈I. A i) ⊆ B) = (∀i∈I. A i ⊆ B)"  by (fact SUP_le_iff)lemma UN_constant [simp]: "(\<Union>y∈A. c) = (if A = {} then {} else c)"  by (fact SUP_constant)lemma image_Union: "f ` \<Union>S = (\<Union>x∈S. f ` x)"  by blastlemma UNION_empty_conv:  "{} = (\<Union>x∈A. B x) <-> (∀x∈A. B x = {})"  "(\<Union>x∈A. B x) = {} <-> (∀x∈A. B x = {})"  by (fact SUP_bot_conv)+ (* already simp *)lemma Collect_ex_eq [no_atp]: "{x. ∃y. P x y} = (\<Union>y. {x. P x y})"  by blastlemma ball_UN: "(∀z ∈ UNION A B. P z) <-> (∀x∈A. ∀z ∈ B x. P z)"  by blastlemma bex_UN: "(∃z ∈ UNION A B. P z) <-> (∃x∈A. ∃z∈B x. P z)"  by blastlemma Un_eq_UN: "A ∪ B = (\<Union>b. if b then A else B)"  by (auto simp add: split_if_mem2)lemma UN_bool_eq: "(\<Union>b. A b) = (A True ∪ A False)"  by (fact SUP_UNIV_bool_expand)lemma UN_Pow_subset: "(\<Union>x∈A. Pow (B x)) ⊆ Pow (\<Union>x∈A. B x)"  by blastlemma UN_mono:  "A ⊆ B ==> (!!x. x ∈ A ==> f x ⊆ g x) ==>    (\<Union>x∈A. f x) ⊆ (\<Union>x∈B. g x)"  by (fact SUP_subset_mono)lemma vimage_Union: "f -` (\<Union>A) = (\<Union>X∈A. f -` X)"  by blastlemma vimage_UN: "f -` (\<Union>x∈A. B x) = (\<Union>x∈A. f -` B x)"  by blastlemma vimage_eq_UN: "f -` B = (\<Union>y∈B. f -` {y})"  -- {* NOT suitable for rewriting *}  by blastlemma image_UN: "f ` UNION A B = (\<Union>x∈A. f ` B x)"  by blastlemma UN_singleton [simp]: "(\<Union>x∈A. {x}) = A"  by blastsubsubsection {* Distributive laws *}lemma Int_Union: "A ∩ \<Union>B = (\<Union>C∈B. A ∩ C)"  by (fact inf_Sup)lemma Un_Inter: "A ∪ \<Inter>B = (\<Inter>C∈B. A ∪ C)"  by (fact sup_Inf)lemma Int_Union2: "\<Union>B ∩ A = (\<Union>C∈B. C ∩ A)"  by (fact Sup_inf)lemma INT_Int_distrib: "(\<Inter>i∈I. A i ∩ B i) = (\<Inter>i∈I. A i) ∩ (\<Inter>i∈I. B i)"  by (rule sym) (rule INF_inf_distrib)lemma UN_Un_distrib: "(\<Union>i∈I. A i ∪ B i) = (\<Union>i∈I. A i) ∪ (\<Union>i∈I. B i)"  by (rule sym) (rule SUP_sup_distrib)lemma Int_Inter_image: "(\<Inter>x∈C. A x ∩ B x) = \<Inter>(A ` C) ∩ \<Inter>(B ` C)"  by (simp only: INT_Int_distrib INF_def)lemma Un_Union_image: "(\<Union>x∈C. A x ∪ B x) = \<Union>(A ` C) ∪ \<Union>(B ` C)"  -- {* Devlin, Fundamentals of Contemporary Set Theory, page 12, exercise 5: *}  -- {* Union of a family of unions *}  by (simp only: UN_Un_distrib SUP_def)lemma Un_INT_distrib: "B ∪ (\<Inter>i∈I. A i) = (\<Inter>i∈I. B ∪ A i)"  by (fact sup_INF)lemma Int_UN_distrib: "B ∩ (\<Union>i∈I. A i) = (\<Union>i∈I. B ∩ A i)"  -- {* Halmos, Naive Set Theory, page 35. *}  by (fact inf_SUP)lemma Int_UN_distrib2: "(\<Union>i∈I. A i) ∩ (\<Union>j∈J. B j) = (\<Union>i∈I. \<Union>j∈J. A i ∩ B j)"  by (fact SUP_inf_distrib2)lemma Un_INT_distrib2: "(\<Inter>i∈I. A i) ∪ (\<Inter>j∈J. B j) = (\<Inter>i∈I. \<Inter>j∈J. A i ∪ B j)"  by (fact INF_sup_distrib2)lemma Union_disjoint: "(\<Union>C ∩ A = {}) <-> (∀B∈C. B ∩ A = {})"  by (fact Sup_inf_eq_bot_iff)subsubsection {* Complement *}lemma Compl_INT [simp]: "- (\<Inter>x∈A. B x) = (\<Union>x∈A. -B x)"  by (fact uminus_INF)lemma Compl_UN [simp]: "- (\<Union>x∈A. B x) = (\<Inter>x∈A. -B x)"  by (fact uminus_SUP)subsubsection {* Miniscoping and maxiscoping *}text {* \medskip Miniscoping: pushing in quantifiers and big Unions           and Intersections. *}lemma UN_simps [simp]:  "!!a B C. (\<Union>x∈C. insert a (B x)) = (if C={} then {} else insert a (\<Union>x∈C. B x))"  "!!A B C. (\<Union>x∈C. A x ∪ B) = ((if C={} then {} else (\<Union>x∈C. A x) ∪ B))"  "!!A B C. (\<Union>x∈C. A ∪ B x) = ((if C={} then {} else A ∪ (\<Union>x∈C. B x)))"  "!!A B C. (\<Union>x∈C. A x ∩ B) = ((\<Union>x∈C. A x) ∩ B)"  "!!A B C. (\<Union>x∈C. A ∩ B x) = (A ∩(\<Union>x∈C. B x))"  "!!A B C. (\<Union>x∈C. A x - B) = ((\<Union>x∈C. A x) - B)"  "!!A B C. (\<Union>x∈C. A - B x) = (A - (\<Inter>x∈C. B x))"  "!!A B. (\<Union>x∈\<Union>A. B x) = (\<Union>y∈A. \<Union>x∈y. B x)"  "!!A B C. (\<Union>z∈UNION A B. C z) = (\<Union>x∈A. \<Union>z∈B x. C z)"  "!!A B f. (\<Union>x∈f`A. B x) = (\<Union>a∈A. B (f a))"  by autolemma INT_simps [simp]:  "!!A B C. (\<Inter>x∈C. A x ∩ B) = (if C={} then UNIV else (\<Inter>x∈C. A x) ∩ B)"  "!!A B C. (\<Inter>x∈C. A ∩ B x) = (if C={} then UNIV else A ∩(\<Inter>x∈C. B x))"  "!!A B C. (\<Inter>x∈C. A x - B) = (if C={} then UNIV else (\<Inter>x∈C. A x) - B)"  "!!A B C. (\<Inter>x∈C. A - B x) = (if C={} then UNIV else A - (\<Union>x∈C. B x))"  "!!a B C. (\<Inter>x∈C. insert a (B x)) = insert a (\<Inter>x∈C. B x)"  "!!A B C. (\<Inter>x∈C. A x ∪ B) = ((\<Inter>x∈C. A x) ∪ B)"  "!!A B C. (\<Inter>x∈C. A ∪ B x) = (A ∪ (\<Inter>x∈C. B x))"  "!!A B. (\<Inter>x∈\<Union>A. B x) = (\<Inter>y∈A. \<Inter>x∈y. B x)"  "!!A B C. (\<Inter>z∈UNION A B. C z) = (\<Inter>x∈A. \<Inter>z∈B x. C z)"  "!!A B f. (\<Inter>x∈f`A. B x) = (\<Inter>a∈A. B (f a))"  by autolemma UN_ball_bex_simps [simp, no_atp]:  "!!A P. (∀x∈\<Union>A. P x) <-> (∀y∈A. ∀x∈y. P x)"  "!!A B P. (∀x∈UNION A B. P x) = (∀a∈A. ∀x∈ B a. P x)"  "!!A P. (∃x∈\<Union>A. P x) <-> (∃y∈A. ∃x∈y. P x)"  "!!A B P. (∃x∈UNION A B. P x) <-> (∃a∈A. ∃x∈B a. P x)"  by autotext {* \medskip Maxiscoping: pulling out big Unions and Intersections. *}lemma UN_extend_simps:  "!!a B C. insert a (\<Union>x∈C. B x) = (if C={} then {a} else (\<Union>x∈C. insert a (B x)))"  "!!A B C. (\<Union>x∈C. A x) ∪ B = (if C={} then B else (\<Union>x∈C. A x ∪ B))"  "!!A B C. A ∪ (\<Union>x∈C. B x) = (if C={} then A else (\<Union>x∈C. A ∪ B x))"  "!!A B C. ((\<Union>x∈C. A x) ∩ B) = (\<Union>x∈C. A x ∩ B)"  "!!A B C. (A ∩ (\<Union>x∈C. B x)) = (\<Union>x∈C. A ∩ B x)"  "!!A B C. ((\<Union>x∈C. A x) - B) = (\<Union>x∈C. A x - B)"  "!!A B C. (A - (\<Inter>x∈C. B x)) = (\<Union>x∈C. A - B x)"  "!!A B. (\<Union>y∈A. \<Union>x∈y. B x) = (\<Union>x∈\<Union>A. B x)"  "!!A B C. (\<Union>x∈A. \<Union>z∈B x. C z) = (\<Union>z∈UNION A B. C z)"  "!!A B f. (\<Union>a∈A. B (f a)) = (\<Union>x∈f`A. B x)"  by autolemma INT_extend_simps:  "!!A B C. (\<Inter>x∈C. A x) ∩ B = (if C={} then B else (\<Inter>x∈C. A x ∩ B))"  "!!A B C. A ∩ (\<Inter>x∈C. B x) = (if C={} then A else (\<Inter>x∈C. A ∩ B x))"  "!!A B C. (\<Inter>x∈C. A x) - B = (if C={} then UNIV - B else (\<Inter>x∈C. A x - B))"  "!!A B C. A - (\<Union>x∈C. B x) = (if C={} then A else (\<Inter>x∈C. A - B x))"  "!!a B C. insert a (\<Inter>x∈C. B x) = (\<Inter>x∈C. insert a (B x))"  "!!A B C. ((\<Inter>x∈C. A x) ∪ B) = (\<Inter>x∈C. A x ∪ B)"  "!!A B C. A ∪ (\<Inter>x∈C. B x) = (\<Inter>x∈C. A ∪ B x)"  "!!A B. (\<Inter>y∈A. \<Inter>x∈y. B x) = (\<Inter>x∈\<Union>A. B x)"  "!!A B C. (\<Inter>x∈A. \<Inter>z∈B x. C z) = (\<Inter>z∈UNION A B. C z)"  "!!A B f. (\<Inter>a∈A. B (f a)) = (\<Inter>x∈f`A. B x)"  by autotext {* Finally *}no_notation  less_eq (infix "\<sqsubseteq>" 50) and  less (infix "\<sqsubset>" 50)lemmas mem_simps =  insert_iff empty_iff Un_iff Int_iff Compl_iff Diff_iff  mem_Collect_eq UN_iff Union_iff INT_iff Inter_iff  -- {* Each of these has ALREADY been added @{text "[simp]"} above. *}end`