(* Title: HOL/Library/Infinite_Set.thy

Author: Stephan Merz

*)

header {* Infinite Sets and Related Concepts *}

theory Infinite_Set

imports Main

begin

subsection "Infinite Sets"

text {*

Some elementary facts about infinite sets, mostly by Stefan Merz.

Beware! Because "infinite" merely abbreviates a negation, these

lemmas may not work well with @{text "blast"}.

*}

abbreviation infinite :: "'a set => bool"

where "infinite S ≡ ¬ finite S"

text {*

Infinite sets are non-empty, and if we remove some elements from an

infinite set, the result is still infinite.

*}

lemma infinite_imp_nonempty: "infinite S ==> S ≠ {}"

by auto

lemma infinite_remove: "infinite S ==> infinite (S - {a})"

by simp

lemma Diff_infinite_finite:

assumes T: "finite T" and S: "infinite S"

shows "infinite (S - T)"

using T

proof induct

from S

show "infinite (S - {})" by auto

next

fix T x

assume ih: "infinite (S - T)"

have "S - (insert x T) = (S - T) - {x}"

by (rule Diff_insert)

with ih

show "infinite (S - (insert x T))"

by (simp add: infinite_remove)

qed

lemma Un_infinite: "infinite S ==> infinite (S ∪ T)"

by simp

lemma infinite_Un: "infinite (S ∪ T) <-> infinite S ∨ infinite T"

by simp

lemma infinite_super:

assumes T: "S ⊆ T" and S: "infinite S"

shows "infinite T"

proof

assume "finite T"

with T have "finite S" by (simp add: finite_subset)

with S show False by simp

qed

text {*

As a concrete example, we prove that the set of natural numbers is

infinite.

*}

lemma finite_nat_bounded:

assumes S: "finite (S::nat set)"

shows "∃k. S ⊆ {..<k}" (is "∃k. ?bounded S k")

using S

proof induct

have "?bounded {} 0" by simp

then show "∃k. ?bounded {} k" ..

next

fix S x

assume "∃k. ?bounded S k"

then obtain k where k: "?bounded S k" ..

show "∃k. ?bounded (insert x S) k"

proof (cases "x < k")

case True

with k show ?thesis by auto

next

case False

with k have "?bounded S (Suc x)" by auto

then show ?thesis by auto

qed

qed

lemma finite_nat_iff_bounded:

"finite (S::nat set) <-> (∃k. S ⊆ {..<k})" (is "?lhs <-> ?rhs")

proof

assume ?lhs

then show ?rhs by (rule finite_nat_bounded)

next

assume ?rhs

then obtain k where "S ⊆ {..<k}" ..

then show "finite S"

by (rule finite_subset) simp

qed

lemma finite_nat_iff_bounded_le:

"finite (S::nat set) <-> (∃k. S ⊆ {..k})" (is "?lhs <-> ?rhs")

proof

assume ?lhs

then obtain k where "S ⊆ {..<k}"

by (blast dest: finite_nat_bounded)

then have "S ⊆ {..k}" by auto

then show ?rhs ..

next

assume ?rhs

then obtain k where "S ⊆ {..k}" ..

then show "finite S"

by (rule finite_subset) simp

qed

lemma infinite_nat_iff_unbounded:

"infinite (S::nat set) <-> (∀m. ∃n. m < n ∧ n ∈ S)"

(is "?lhs <-> ?rhs")

proof

assume ?lhs

show ?rhs

proof (rule ccontr)

assume "¬ ?rhs"

then obtain m where m: "∀n. m < n --> n ∉ S" by blast

then have "S ⊆ {..m}"

by (auto simp add: sym [OF linorder_not_less])

with `?lhs` show False

by (simp add: finite_nat_iff_bounded_le)

qed

next

assume ?rhs

show ?lhs

proof

assume "finite S"

then obtain m where "S ⊆ {..m}"

by (auto simp add: finite_nat_iff_bounded_le)

then have "∀n. m < n --> n ∉ S" by auto

with `?rhs` show False by blast

qed

qed

lemma infinite_nat_iff_unbounded_le:

"infinite (S::nat set) <-> (∀m. ∃n. m ≤ n ∧ n ∈ S)"

(is "?lhs <-> ?rhs")

proof

assume ?lhs

show ?rhs

proof

fix m

from `?lhs` obtain n where "m < n ∧ n ∈ S"

by (auto simp add: infinite_nat_iff_unbounded)

then have "m ≤ n ∧ n ∈ S" by simp

then show "∃n. m ≤ n ∧ n ∈ S" ..

qed

next

assume ?rhs

show ?lhs

proof (auto simp add: infinite_nat_iff_unbounded)

fix m

from `?rhs` obtain n where "Suc m ≤ n ∧ n ∈ S"

by blast

then have "m < n ∧ n ∈ S" by simp

then show "∃n. m < n ∧ n ∈ S" ..

qed

qed

text {*

For a set of natural numbers to be infinite, it is enough to know

that for any number larger than some @{text k}, there is some larger

number that is an element of the set.

*}

lemma unbounded_k_infinite:

assumes k: "∀m. k < m --> (∃n. m < n ∧ n ∈ S)"

shows "infinite (S::nat set)"

proof -

{

fix m have "∃n. m < n ∧ n ∈ S"

proof (cases "k < m")

case True

with k show ?thesis by blast

next

case False

from k obtain n where "Suc k < n ∧ n ∈ S" by auto

with False have "m < n ∧ n ∈ S" by auto

then show ?thesis ..

qed

}

then show ?thesis

by (auto simp add: infinite_nat_iff_unbounded)

qed

(* duplicates Finite_Set.infinite_UNIV_nat *)

lemma nat_infinite: "infinite (UNIV :: nat set)"

by (auto simp add: infinite_nat_iff_unbounded)

lemma nat_not_finite: "finite (UNIV::nat set) ==> R"

by simp

text {*

Every infinite set contains a countable subset. More precisely we

show that a set @{text S} is infinite if and only if there exists an

injective function from the naturals into @{text S}.

*}

lemma range_inj_infinite:

"inj (f::nat => 'a) ==> infinite (range f)"

proof

assume "finite (range f)" and "inj f"

then have "finite (UNIV::nat set)"

by (rule finite_imageD)

then show False by simp

qed

lemma int_infinite [simp]: "infinite (UNIV::int set)"

proof -

from inj_int have "infinite (range int)"

by (rule range_inj_infinite)

moreover

have "range int ⊆ (UNIV::int set)" by simp

ultimately show "infinite (UNIV::int set)"

by (simp add: infinite_super)

qed

text {*

The ``only if'' direction is harder because it requires the

construction of a sequence of pairwise different elements of an

infinite set @{text S}. The idea is to construct a sequence of

non-empty and infinite subsets of @{text S} obtained by successively

removing elements of @{text S}.

*}

lemma linorder_injI:

assumes hyp: "!!x y. x < (y::'a::linorder) ==> f x ≠ f y"

shows "inj f"

proof (rule inj_onI)

fix x y

assume f_eq: "f x = f y"

show "x = y"

proof (rule linorder_cases)

assume "x < y"

with hyp have "f x ≠ f y" by blast

with f_eq show ?thesis by simp

next

assume "x = y"

then show ?thesis .

next

assume "y < x"

with hyp have "f y ≠ f x" by blast

with f_eq show ?thesis by simp

qed

qed

lemma infinite_countable_subset:

assumes inf: "infinite (S::'a set)"

shows "∃f. inj (f::nat => 'a) ∧ range f ⊆ S"

proof -

def Sseq ≡ "nat_rec S (λn T. T - {SOME e. e ∈ T})"

def pick ≡ "λn. (SOME e. e ∈ Sseq n)"

have Sseq_inf: "!!n. infinite (Sseq n)"

proof -

fix n

show "infinite (Sseq n)"

proof (induct n)

from inf show "infinite (Sseq 0)"

by (simp add: Sseq_def)

next

fix n

assume "infinite (Sseq n)" then show "infinite (Sseq (Suc n))"

by (simp add: Sseq_def infinite_remove)

qed

qed

have Sseq_S: "!!n. Sseq n ⊆ S"

proof -

fix n

show "Sseq n ⊆ S"

by (induct n) (auto simp add: Sseq_def)

qed

have Sseq_pick: "!!n. pick n ∈ Sseq n"

proof -

fix n

show "pick n ∈ Sseq n"

unfolding pick_def

proof (rule someI_ex)

from Sseq_inf have "infinite (Sseq n)" .

then have "Sseq n ≠ {}" by auto

then show "∃x. x ∈ Sseq n" by auto

qed

qed

with Sseq_S have rng: "range pick ⊆ S"

by auto

have pick_Sseq_gt: "!!n m. pick n ∉ Sseq (n + Suc m)"

proof -

fix n m

show "pick n ∉ Sseq (n + Suc m)"

by (induct m) (auto simp add: Sseq_def pick_def)

qed

have pick_pick: "!!n m. pick n ≠ pick (n + Suc m)"

proof -

fix n m

from Sseq_pick have "pick (n + Suc m) ∈ Sseq (n + Suc m)" .

moreover from pick_Sseq_gt

have "pick n ∉ Sseq (n + Suc m)" .

ultimately show "pick n ≠ pick (n + Suc m)"

by auto

qed

have inj: "inj pick"

proof (rule linorder_injI)

fix i j :: nat

assume "i < j"

show "pick i ≠ pick j"

proof

assume eq: "pick i = pick j"

from `i < j` obtain k where "j = i + Suc k"

by (auto simp add: less_iff_Suc_add)

with pick_pick have "pick i ≠ pick j" by simp

with eq show False by simp

qed

qed

from rng inj show ?thesis by auto

qed

lemma infinite_iff_countable_subset:

"infinite S <-> (∃f. inj (f::nat => 'a) ∧ range f ⊆ S)"

by (auto simp add: infinite_countable_subset range_inj_infinite infinite_super)

text {*

For any function with infinite domain and finite range there is some

element that is the image of infinitely many domain elements. In

particular, any infinite sequence of elements from a finite set

contains some element that occurs infinitely often.

*}

lemma inf_img_fin_dom:

assumes img: "finite (f`A)" and dom: "infinite A"

shows "∃y ∈ f`A. infinite (f -` {y})"

proof (rule ccontr)

assume "¬ ?thesis"

with img have "finite (UN y:f`A. f -` {y})" by blast

moreover have "A ⊆ (UN y:f`A. f -` {y})" by auto

moreover note dom

ultimately show False by (simp add: infinite_super)

qed

lemma inf_img_fin_domE:

assumes "finite (f`A)" and "infinite A"

obtains y where "y ∈ f`A" and "infinite (f -` {y})"

using assms by (blast dest: inf_img_fin_dom)

subsection "Infinitely Many and Almost All"

text {*

We often need to reason about the existence of infinitely many

(resp., all but finitely many) objects satisfying some predicate, so

we introduce corresponding binders and their proof rules.

*}

definition Inf_many :: "('a => bool) => bool" (binder "INFM " 10)

where "Inf_many P <-> infinite {x. P x}"

definition Alm_all :: "('a => bool) => bool" (binder "MOST " 10)

where "Alm_all P <-> ¬ (INFM x. ¬ P x)"

notation (xsymbols)

Inf_many (binder "∃⇩_{∞}" 10) and

Alm_all (binder "∀⇩_{∞}" 10)

notation (HTML output)

Inf_many (binder "∃⇩_{∞}" 10) and

Alm_all (binder "∀⇩_{∞}" 10)

lemma INFM_iff_infinite: "(INFM x. P x) <-> infinite {x. P x}"

unfolding Inf_many_def ..

lemma MOST_iff_cofinite: "(MOST x. P x) <-> finite {x. ¬ P x}"

unfolding Alm_all_def Inf_many_def by simp

(* legacy name *)

lemmas MOST_iff_finiteNeg = MOST_iff_cofinite

lemma not_INFM [simp]: "¬ (INFM x. P x) <-> (MOST x. ¬ P x)"

unfolding Alm_all_def not_not ..

lemma not_MOST [simp]: "¬ (MOST x. P x) <-> (INFM x. ¬ P x)"

unfolding Alm_all_def not_not ..

lemma INFM_const [simp]: "(INFM x::'a. P) <-> P ∧ infinite (UNIV::'a set)"

unfolding Inf_many_def by simp

lemma MOST_const [simp]: "(MOST x::'a. P) <-> P ∨ finite (UNIV::'a set)"

unfolding Alm_all_def by simp

lemma INFM_EX: "(∃⇩_{∞}x. P x) ==> (∃x. P x)"

apply (erule contrapos_pp)

apply simp

done

lemma ALL_MOST: "∀x. P x ==> ∀⇩_{∞}x. P x"

by simp

lemma INFM_E:

assumes "INFM x. P x"

obtains x where "P x"

using INFM_EX [OF assms] by (rule exE)

lemma MOST_I:

assumes "!!x. P x"

shows "MOST x. P x"

using assms by simp

lemma INFM_mono:

assumes inf: "∃⇩_{∞}x. P x" and q: "!!x. P x ==> Q x"

shows "∃⇩_{∞}x. Q x"

proof -

from inf have "infinite {x. P x}" unfolding Inf_many_def .

moreover from q have "{x. P x} ⊆ {x. Q x}" by auto

ultimately show ?thesis

by (simp add: Inf_many_def infinite_super)

qed

lemma MOST_mono: "∀⇩_{∞}x. P x ==> (!!x. P x ==> Q x) ==> ∀⇩_{∞}x. Q x"

unfolding Alm_all_def by (blast intro: INFM_mono)

lemma INFM_disj_distrib:

"(∃⇩_{∞}x. P x ∨ Q x) <-> (∃⇩_{∞}x. P x) ∨ (∃⇩_{∞}x. Q x)"

unfolding Inf_many_def by (simp add: Collect_disj_eq)

lemma INFM_imp_distrib:

"(INFM x. P x --> Q x) <-> ((MOST x. P x) --> (INFM x. Q x))"

by (simp only: imp_conv_disj INFM_disj_distrib not_MOST)

lemma MOST_conj_distrib:

"(∀⇩_{∞}x. P x ∧ Q x) <-> (∀⇩_{∞}x. P x) ∧ (∀⇩_{∞}x. Q x)"

unfolding Alm_all_def by (simp add: INFM_disj_distrib del: disj_not1)

lemma MOST_conjI:

"MOST x. P x ==> MOST x. Q x ==> MOST x. P x ∧ Q x"

by (simp add: MOST_conj_distrib)

lemma INFM_conjI:

"INFM x. P x ==> MOST x. Q x ==> INFM x. P x ∧ Q x"

unfolding MOST_iff_cofinite INFM_iff_infinite

apply (drule (1) Diff_infinite_finite)

apply (simp add: Collect_conj_eq Collect_neg_eq)

done

lemma MOST_rev_mp:

assumes "∀⇩_{∞}x. P x" and "∀⇩_{∞}x. P x --> Q x"

shows "∀⇩_{∞}x. Q x"

proof -

have "∀⇩_{∞}x. P x ∧ (P x --> Q x)"

using assms by (rule MOST_conjI)

thus ?thesis by (rule MOST_mono) simp

qed

lemma MOST_imp_iff:

assumes "MOST x. P x"

shows "(MOST x. P x --> Q x) <-> (MOST x. Q x)"

proof

assume "MOST x. P x --> Q x"

with assms show "MOST x. Q x" by (rule MOST_rev_mp)

next

assume "MOST x. Q x"

then show "MOST x. P x --> Q x" by (rule MOST_mono) simp

qed

lemma INFM_MOST_simps [simp]:

"!!P Q. (INFM x. P x ∧ Q) <-> (INFM x. P x) ∧ Q"

"!!P Q. (INFM x. P ∧ Q x) <-> P ∧ (INFM x. Q x)"

"!!P Q. (MOST x. P x ∨ Q) <-> (MOST x. P x) ∨ Q"

"!!P Q. (MOST x. P ∨ Q x) <-> P ∨ (MOST x. Q x)"

"!!P Q. (MOST x. P x --> Q) <-> ((INFM x. P x) --> Q)"

"!!P Q. (MOST x. P --> Q x) <-> (P --> (MOST x. Q x))"

unfolding Alm_all_def Inf_many_def

by (simp_all add: Collect_conj_eq)

text {* Properties of quantifiers with injective functions. *}

lemma INFM_inj: "INFM x. P (f x) ==> inj f ==> INFM x. P x"

unfolding INFM_iff_infinite

apply clarify

apply (drule (1) finite_vimageI)

apply simp

done

lemma MOST_inj: "MOST x. P x ==> inj f ==> MOST x. P (f x)"

unfolding MOST_iff_cofinite

apply (drule (1) finite_vimageI)

apply simp

done

text {* Properties of quantifiers with singletons. *}

lemma not_INFM_eq [simp]:

"¬ (INFM x. x = a)"

"¬ (INFM x. a = x)"

unfolding INFM_iff_infinite by simp_all

lemma MOST_neq [simp]:

"MOST x. x ≠ a"

"MOST x. a ≠ x"

unfolding MOST_iff_cofinite by simp_all

lemma INFM_neq [simp]:

"(INFM x::'a. x ≠ a) <-> infinite (UNIV::'a set)"

"(INFM x::'a. a ≠ x) <-> infinite (UNIV::'a set)"

unfolding INFM_iff_infinite by simp_all

lemma MOST_eq [simp]:

"(MOST x::'a. x = a) <-> finite (UNIV::'a set)"

"(MOST x::'a. a = x) <-> finite (UNIV::'a set)"

unfolding MOST_iff_cofinite by simp_all

lemma MOST_eq_imp:

"MOST x. x = a --> P x"

"MOST x. a = x --> P x"

unfolding MOST_iff_cofinite by simp_all

text {* Properties of quantifiers over the naturals. *}

lemma INFM_nat: "(∃⇩_{∞}n. P (n::nat)) <-> (∀m. ∃n. m < n ∧ P n)"

by (simp add: Inf_many_def infinite_nat_iff_unbounded)

lemma INFM_nat_le: "(∃⇩_{∞}n. P (n::nat)) <-> (∀m. ∃n. m ≤ n ∧ P n)"

by (simp add: Inf_many_def infinite_nat_iff_unbounded_le)

lemma MOST_nat: "(∀⇩_{∞}n. P (n::nat)) <-> (∃m. ∀n. m < n --> P n)"

by (simp add: Alm_all_def INFM_nat)

lemma MOST_nat_le: "(∀⇩_{∞}n. P (n::nat)) <-> (∃m. ∀n. m ≤ n --> P n)"

by (simp add: Alm_all_def INFM_nat_le)

subsection "Enumeration of an Infinite Set"

text {*

The set's element type must be wellordered (e.g. the natural numbers).

*}

primrec (in wellorder) enumerate :: "'a set => nat => 'a"

where

enumerate_0: "enumerate S 0 = (LEAST n. n ∈ S)"

| enumerate_Suc: "enumerate S (Suc n) = enumerate (S - {LEAST n. n ∈ S}) n"

lemma enumerate_Suc': "enumerate S (Suc n) = enumerate (S - {enumerate S 0}) n"

by simp

lemma enumerate_in_set: "infinite S ==> enumerate S n : S"

apply (induct n arbitrary: S)

apply (fastforce intro: LeastI dest!: infinite_imp_nonempty)

apply simp

apply (metis DiffE infinite_remove)

done

declare enumerate_0 [simp del] enumerate_Suc [simp del]

lemma enumerate_step: "infinite S ==> enumerate S n < enumerate S (Suc n)"

apply (induct n arbitrary: S)

apply (rule order_le_neq_trans)

apply (simp add: enumerate_0 Least_le enumerate_in_set)

apply (simp only: enumerate_Suc')

apply (subgoal_tac "enumerate (S - {enumerate S 0}) 0 : S - {enumerate S 0}")

apply (blast intro: sym)

apply (simp add: enumerate_in_set del: Diff_iff)

apply (simp add: enumerate_Suc')

done

lemma enumerate_mono: "m<n ==> infinite S ==> enumerate S m < enumerate S n"

apply (erule less_Suc_induct)

apply (auto intro: enumerate_step)

done

lemma le_enumerate:

assumes S: "infinite S"

shows "n ≤ enumerate S n"

using S

proof (induct n)

case 0

then show ?case by simp

next

case (Suc n)

then have "n ≤ enumerate S n" by simp

also note enumerate_mono[of n "Suc n", OF _ `infinite S`]

finally show ?case by simp

qed

lemma enumerate_Suc'':

fixes S :: "'a::wellorder set"

assumes "infinite S"

shows "enumerate S (Suc n) = (LEAST s. s ∈ S ∧ enumerate S n < s)"

using assms

proof (induct n arbitrary: S)

case 0

then have "∀s ∈ S. enumerate S 0 ≤ s"

by (auto simp: enumerate.simps intro: Least_le)

then show ?case

unfolding enumerate_Suc' enumerate_0[of "S - {enumerate S 0}"]

by (intro arg_cong[where f = Least] ext) auto

next

case (Suc n S)

show ?case

using enumerate_mono[OF zero_less_Suc `infinite S`, of n] `infinite S`

apply (subst (1 2) enumerate_Suc')

apply (subst Suc)

using `infinite S`

apply simp

apply (intro arg_cong[where f = Least] ext)

apply (auto simp: enumerate_Suc'[symmetric])

done

qed

lemma enumerate_Ex:

assumes S: "infinite (S::nat set)"

shows "s ∈ S ==> ∃n. enumerate S n = s"

proof (induct s rule: less_induct)

case (less s)

show ?case

proof cases

let ?y = "Max {s'∈S. s' < s}"

assume "∃y∈S. y < s"

then have y: "!!x. ?y < x <-> (∀s'∈S. s' < s --> s' < x)"

by (subst Max_less_iff) auto

then have y_in: "?y ∈ {s'∈S. s' < s}"

by (intro Max_in) auto

with less.hyps[of ?y] obtain n where "enumerate S n = ?y"

by auto

with S have "enumerate S (Suc n) = s"

by (auto simp: y less enumerate_Suc'' intro!: Least_equality)

then show ?case by auto

next

assume *: "¬ (∃y∈S. y < s)"

then have "∀t∈S. s ≤ t" by auto

with `s ∈ S` show ?thesis

by (auto intro!: exI[of _ 0] Least_equality simp: enumerate_0)

qed

qed

lemma bij_enumerate:

fixes S :: "nat set"

assumes S: "infinite S"

shows "bij_betw (enumerate S) UNIV S"

proof -

have "!!n m. n ≠ m ==> enumerate S n ≠ enumerate S m"

using enumerate_mono[OF _ `infinite S`] by (auto simp: neq_iff)

then have "inj (enumerate S)"

by (auto simp: inj_on_def)

moreover have "∀s ∈ S. ∃i. enumerate S i = s"

using enumerate_Ex[OF S] by auto

moreover note `infinite S`

ultimately show ?thesis

unfolding bij_betw_def by (auto intro: enumerate_in_set)

qed

subsection "Miscellaneous"

text {*

A few trivial lemmas about sets that contain at most one element.

These simplify the reasoning about deterministic automata.

*}

definition atmost_one :: "'a set => bool"

where "atmost_one S <-> (∀x y. x∈S ∧ y∈S --> x = y)"

lemma atmost_one_empty: "S = {} ==> atmost_one S"

by (simp add: atmost_one_def)

lemma atmost_one_singleton: "S = {x} ==> atmost_one S"

by (simp add: atmost_one_def)

lemma atmost_one_unique [elim]: "atmost_one S ==> x ∈ S ==> y ∈ S ==> y = x"

by (simp add: atmost_one_def)

end