1 (* In this Chapter we shall develop a naif theory of sets represented as
2 characteristic predicates over some universe
\ 5code
\ 6A
\ 5/code
\ 6, that is as objects of type
5 include "basics/types.ma".
6 include "basics/bool.ma".
8 (**** For instance the empty set is defined by the always function predicate *)
10 definition empty_set ≝ λA:Type[0].λa:A.
\ 5a href="cic:/matita/basics/logic/False.ind(1,0,0)"
\ 6False
\ 5/a
\ 6.
11 notation "\emptyv" non associative with precedence 90 for @{'empty_set}.
12 interpretation "empty set" 'empty_set = (empty_set ?).
14 (* Similarly, a singleton set contaning containing an element a, is defined
15 by by the characteristic function asserting equality with a *)
17 definition singleton ≝ λA.λx,a:A.x
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6\ 5span class="error" title="Parse error: [term] expected after [sym=] (in [term])"
\ 6\ 5/span
\ 6a.
18 (* notation "{x}" non associative with precedence 90 for @{'sing_lang $x}. *)
19 interpretation "singleton" 'singl x = (singleton ? x).
21 (* The membership relation between an element of type A and a set S:A →Prop is
22 simply the predicate resulting from the application of S to a.
23 The operations of union, intersection, complement and substraction
24 are easily defined in terms of the propositional connectives of dijunction,
25 conjunction and negation *)
27 definition union : ∀A:Type[0].∀P,Q.A → Prop ≝ λA,P,Q,a.P a
\ 5a title="logical or" href="cic:/fakeuri.def(1)"
\ 6∨
\ 5/a
\ 6 Q a.
28 interpretation "union" 'union a b = (union ? a b).
30 definition intersection : ∀A:Type[0].∀P,Q.A→Prop ≝ λA,P,Q,a.P a
\ 5a title="logical and" href="cic:/fakeuri.def(1)"
\ 6∧
\ 5/a
\ 6\ 5span class="error" title="Parse error: [term] expected after [sym∧] (in [term])"
\ 6\ 5/span
\ 6 Q a.
31 interpretation "intersection" 'intersects a b = (intersection ? a b).
33 definition complement ≝ λU:Type[0].λA:U → Prop.λw.
\ 5a title="logical not" href="cic:/fakeuri.def(1)"
\ 6¬
\ 5/a
\ 6 A w.
34 interpretation "complement" 'not a = (complement ? a).
36 definition substraction := λU:Type[0].λA,B:U → Prop.λw.A w
\ 5a title="logical and" href="cic:/fakeuri.def(1)"
\ 6∧
\ 5/a
\ 6 \ 5a title="logical not" href="cic:/fakeuri.def(1)"
\ 6¬
\ 5/a
\ 6 B w.
37 interpretation "substraction" 'minus a b = (substraction ? a b).
39 (* Finally, we use implication to define the inclusion relation between
42 definition subset: ∀A:Type[0].∀P,Q:A→Prop.Prop ≝ λA,P,Q.∀a:A.(P a → Q a).
43 interpretation "subset" 'subseteq a b = (subset ? a b).
45 (* Two sets are equals if and only if they have the same elements, that is,
46 if the two characteristic functions are extensionally equivalent: *)
48 definition eqP ≝ λA:Type[0].λP,Q:A → Prop.∀a:A.P a
\ 5a title="iff" href="cic:/fakeuri.def(1)"
\ 6↔
\ 5/a
\ 6\ 5span class="error" title="Parse error: [term] expected after [sym↔] (in [term])"
\ 6\ 5/span
\ 6 Q a.
49 notation "A =1 B" non associative with precedence 45 for @{'eqP $A $B}.
50 interpretation "extensional equality" 'eqP a b = (eqP ? a b).
52 (* This notion of equality is different from the intensional equality of
53 functions; the fact it defines an equivalence relation must be explicitly
56 lemma eqP_sym: ∀U.∀A,B:U →Prop.
57 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 B → B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A.
58 #U #A #B #eqAB #a @
\ 5a href="cic:/matita/basics/logic/iff_sym.def(2)"
\ 6iff_sym
\ 5/a
\ 6 @eqAB qed.
60 lemma eqP_trans: ∀U.∀A,B,C:U →Prop.
61 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 B → B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C.
62 #U #A #B #C #eqAB #eqBC #a @
\ 5a href="cic:/matita/basics/logic/iff_trans.def(2)"
\ 6iff_trans
\ 5/a
\ 6 // qed.
64 (* For the same reason, we must also prove that all the operations behave well
65 with respect to eqP: *)
67 lemma eqP_union_r: ∀U.∀A,B,C:U →Prop.
68 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6\ 5span class="error" title="Parse error: NUMBER '1' or [term] expected after [sym=] (in [term])"
\ 6\ 5/span
\ 61 C → A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B.
69 #U #A #B #C #eqAB #a @
\ 5a href="cic:/matita/basics/logic/iff_or_r.def(2)"
\ 6iff_or_r
\ 5/a
\ 6 @eqAB qed.
71 lemma eqP_union_l: ∀U.∀A,B,C:U →Prop.
72 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 C.
73 #U #A #B #C #eqBC #a @
\ 5a href="cic:/matita/basics/logic/iff_or_l.def(2)"
\ 6iff_or_l
\ 5/a
\ 6 @eqBC qed.
75 lemma eqP_intersect_r: ∀U.∀A,B,C:U →Prop.
76 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 B.
77 #U #A #B #C #eqAB #a @
\ 5a href="cic:/matita/basics/logic/iff_and_r.def(2)"
\ 6iff_and_r
\ 5/a
\ 6 @eqAB qed.
79 lemma eqP_intersect_l: ∀U.∀A,B,C:U →Prop.
80 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6\ 5span class="error" title="Parse error: [term] expected after [sym∩] (in [term])"
\ 6\ 5/span
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C.
81 #U #A #B #C #eqBC #a @
\ 5a href="cic:/matita/basics/logic/iff_and_l.def(2)"
\ 6iff_and_l
\ 5/a
\ 6 @eqBC qed.
83 lemma eqP_substract_r: ∀U.∀A,B,C:U →Prop.
84 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 B.
85 #U #A #B #C #eqAB #a @
\ 5a href="cic:/matita/basics/logic/iff_and_r.def(2)"
\ 6iff_and_r
\ 5/a
\ 6 @eqAB qed.
87 lemma eqP_substract_l: ∀U.∀A,B,C:U →Prop.
88 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 C → A
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 C.
89 #U #A #B #C #eqBC #a @
\ 5a href="cic:/matita/basics/logic/iff_and_l.def(2)"
\ 6iff_and_l
\ 5/a
\ 6 /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/iff_not.def(4)"
\ 6iff_not
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ qed.
91 (* We can now prove several properties of the previous set-theoretic operations.
92 In particular, union is commutative and associative, and the empty set is an
95 lemma union_empty_r: ∀U.∀A:U→Prop.
96 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 \ 5a title="empty set" href="cic:/fakeuri.def(1)"
\ 6∅
\ 5/a
\ 6 \ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A.
97 #U #A #w % [* // normalize #abs @
\ 5a href="cic:/matita/basics/logic/False_ind.fix(0,1,1)"
\ 6False_ind
\ 5/a
\ 6 /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5/span
\ 6\ 5/span
\ 6/ | /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/]
100 lemma union_comm : ∀U.∀A,B:U →Prop.
101 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 B
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 A.
102 #U #A #B #a % * /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ qed.
104 lemma union_assoc: ∀U.∀A,B,C:U → Prop.
105 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 C
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 (B
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 C).
106 #S #A #B #C #w % [* [* /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ | /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ ] | * [/
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ | * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/]
109 (* In the same way we prove commutativity and associativity for set
112 lemma cap_comm : ∀U.∀A,B:U →Prop.
113 A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 B
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 A.
114 #U #A #B #a % * /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ qed.
116 lemma cap_assoc: ∀U.∀A,B,C:U→Prop.
117 A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 (B
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C)
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 (A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 B)
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C.
118 #U #A #B #C #w % [ * #Aw * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/
\ 5span class="autotactic"
\ 6\ 5span class="autotrace"
\ 6\ 5/span
\ 6\ 5/span
\ 6| * * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ ]
121 (* We can also easily prove idempotency for union and intersection *)
123 lemma union_idemp: ∀U.∀A:U →Prop.
124 A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A.
125 #U #A #a % [* // | /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/] qed.
127 lemma cap_idemp: ∀U.∀A:U →Prop.
128 A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 A
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A.
129 #U #A #a % [* // | /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/] qed.
131 (* We conclude our examples with a couple of distributivity theorems, and a
132 characterization of substraction in terms of interesection and complementation. *)
134 lemma distribute_intersect : ∀U.∀A,B,C:U→Prop.
135 (A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B)
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 (A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C)
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 (B
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 C).
136 #U #A #B #C #w % [* * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ | * * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/]
139 lemma distribute_substract : ∀U.∀A,B,C:U→Prop.
140 (A
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 B)
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 C
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 (A
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 C)
\ 5a title="union" href="cic:/fakeuri.def(1)"
\ 6∪
\ 5/a
\ 6 (B
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6 C).
141 #U #A #B #C #w % [* * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/ | * * /
\ 5span class="autotactic"
\ 63
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"
\ 6or_introl
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"
\ 6or_intror
\ 5/a
\ 6,
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/]
144 lemma substract_def:∀U.∀A,B:U→Prop. A
\ 5a title="substraction" href="cic:/fakeuri.def(1)"
\ 6-
\ 5/a
\ 6B
\ 5a title="extensional equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 61 A
\ 5a title="intersection" href="cic:/fakeuri.def(1)"
\ 6∩
\ 5/a
\ 6 \ 5a title="complement" href="cic:/fakeuri.def(1)"
\ 6¬
\ 5/a
\ 6B.
145 #U #A #B #w normalize /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/
148 (* In several situation it is important to assume to have a decidable equality
149 between elements of a set U, namely a boolean function eqb: U→U→bool such that
150 for any pair of elements a and b in U, (eqb x y) is true if and only if x=y.
151 A set equipped with such an equality is called a DeqSet: *)
153 record DeqSet : Type[1] ≝ { carr :> Type[0];
154 eqb: carr → carr →
\ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6;
155 eqb_true: ∀x,y. (eqb x y
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6)
\ 5a title="iff" href="cic:/fakeuri.def(1)"
\ 6↔
\ 5/a
\ 6 (x
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 y)
158 (* We use the notation == to denote the decidable equality, to distinguish it
159 from the propositional equality. In particular, a term of the form a==b is a
160 boolean, while a=b is a proposition. *)
162 notation "a == b" non associative with precedence 45 for @{ 'eqb $a $b }.
163 interpretation "eqb" 'eqb a b = (eqb ? a b).
165 (* It is convenient to have a simple way to reflect a proof of the fact
166 that (eqb a b) is true into a proof of the proposition (a = b); to this aim,
167 we introduce two operators "\P" and "\b". *)
169 notation "\P H" non associative with precedence 90
170 for @{(proj1 … (eqb_true ???) $H)}.
172 notation "\b H" non associative with precedence 90
173 for @{(proj2 … (eqb_true ???) $H)}.
175 (* If H:eqb a b = true, then \P H: a = b, and conversely if h:a = b, then
176 \b h: eqb a b = true. Let us see an example of their use: the following
177 statement asserts that we can reflect a proof that eqb a b is false into
178 a proof of the proposition a ≠ b. *)
180 lemma eqb_false: ∀S:
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.ind(1,0,0)"
\ 6DeqSet
\ 5/a
\ 6.∀a,b:S.
181 (
\ 5a href="cic:/matita/tutorial/chapter4/eqb.fix(0,0,3)"
\ 6eqb
\ 5/a
\ 6 ? a b)
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6 \ 5a title="iff" href="cic:/fakeuri.def(1)"
\ 6↔
\ 5/a
\ 6 a
\ 5a title="leibnitz's non-equality" href="cic:/fakeuri.def(1)"
\ 6≠
\ 5/a
\ 6 b.
183 (* We start the proof introducing the hypothesis, and then split the "if" and
188 (* The latter is easily reduced to prove the goal true=false under the assumption
190 [@(
\ 5a href="cic:/matita/basics/logic/not_to_not.def(3)"
\ 6not_to_not
\ 5/a
\ 6 …
\ 5a href="cic:/matita/basics/bool/not_eq_true_false.def(3)"
\ 6not_eq_true_false
\ 5/a
\ 6) #H1
192 (* since by assumption H false is equal to (a==b), by rewriting we obtain the goal
193 true=(a==b) that is just the boolean version of H1 *)
195 <H @
\ 5a href="cic:/matita/basics/logic/sym_eq.def(2)"
\ 6sym_eq
\ 5/a
\ 6 @(\b H1)
197 (* In the "if" case, we proceed by cases over the boolean equality (a==b); if
198 (a==b) is false, the goal is trivial; the other case is absurd, since if (a==b) is
199 true, then by reflection a=b, while by hypothesis a≠b *)
201 |cases (
\ 5a href="cic:/matita/basics/bool/true_or_false.def(1)"
\ 6true_or_false
\ 5/a
\ 6 (
\ 5a href="cic:/matita/tutorial/chapter4/eqb.fix(0,0,3)"
\ 6eqb
\ 5/a
\ 6 ? a b)) // #H1 @
\ 5a href="cic:/matita/basics/logic/False_ind.fix(0,1,1)"
\ 6False_ind
\ 5/a
\ 6 @(
\ 5a href="cic:/matita/basics/logic/absurd.def(2)"
\ 6absurd
\ 5/a
\ 6 … (\P H1) H)
205 (* We also introduce two operators "\Pf" and "\bf" to reflect a proof
206 of (a==b)=false into a proof of a≠b, and vice-versa *)
208 notation "\Pf H" non associative with precedence 90
209 for @{(proj1 … (eqb_false ???) $H)}.
211 notation "\bf H" non associative with precedence 90
212 for @{(proj2 … (eqb_false ???) $H)}.
214 (* The following statement proves that propositional equality in a
215 DeqSet is decidable in the traditional sense, namely either a=b or a≠b *)
217 lemma dec_eq: ∀S:
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.ind(1,0,0)"
\ 6DeqSet
\ 5/a
\ 6.∀a,b:S. a
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 b
\ 5a title="logical or" href="cic:/fakeuri.def(1)"
\ 6∨
\ 5/a
\ 6 a
\ 5a title="leibnitz's non-equality" href="cic:/fakeuri.def(1)"
\ 6≠
\ 5/a
\ 6 b.
218 #S #a #b cases (
\ 5a href="cic:/matita/basics/bool/true_or_false.def(1)"
\ 6true_or_false
\ 5/a
\ 6 (
\ 5a href="cic:/matita/tutorial/chapter4/eqb.fix(0,0,3)"
\ 6eqb
\ 5/a
\ 6 ? a b)) #H
219 [%1 @(\P H) | %2 @(\Pf H)]
222 (* A simple example of a set with a decidable equality is bool. We first define
223 the boolean equality beqb, that is just the xand function, then prove that
224 beqb b1 b2 is true if and only if b1=b2, and finally build the type DeqBool by
225 instantiating the DeqSet record with the previous information *)
227 definition beqb ≝ λb1,b2.
228 match b1 with [ true ⇒ b2 | false ⇒
\ 5a href="cic:/matita/basics/bool/notb.def(1)"
\ 6notb
\ 5/a
\ 6 b2].
230 notation < "a == b" non associative with precedence 45 for @{beqb $a $b }.
232 lemma beqb_true: ∀b1,b2.
\ 5a href="cic:/matita/basics/logic/iff.def(1)"
\ 6iff
\ 5/a
\ 6 (
\ 5a href="cic:/matita/tutorial/chapter4/beqb.def(2)"
\ 6beqb
\ 5/a
\ 6 b1 b2
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6) (b1
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 b2).
233 #b1 #b2 cases b1 cases b2 normalize /
\ 5span class="autotactic"
\ 62
\ 5span class="autotrace"
\ 6 trace
\ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"
\ 6conj
\ 5/a
\ 6\ 5/span
\ 6\ 5/span
\ 6/
236 definition DeqBool ≝
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.con(0,1,0)"
\ 6mk_DeqSet
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb.def(2)"
\ 6beqb
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb_true.def(4)"
\ 6beqb_true
\ 5/a
\ 6.
238 (* At this point, we would expect to be able to prove things like the
239 following: for any boolean b, if b==false is true then b=false.
240 Unfortunately, this would not work, unless we declare b of type
241 DeqBool (change the type in the following statement and see what
244 example exhint: ∀b:
\ 5a href="cic:/matita/tutorial/chapter4/DeqBool.def(5)"
\ 6DeqBool
\ 5/a
\ 6. (b
\ 5a title="eqb" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6=
\ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6)
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6 → b
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6\ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6.
248 (* The point is that == expects in input a pair of objects whose type must be the
249 carrier of a DeqSet; bool is indeed the carrier of DeqBool, but the type inference
250 system has no knowledge of it (it is an information that has been supplied by the
251 user, and stored somewhere in the library). More explicitly, the type inference
252 inference system, would face an unification problem consisting to unify bool
253 against the carrier of something (a metavaribale) and it has no way to synthetize
254 the answer. To solve this kind of situations, matita provides a mechanism to hint
255 the system the expected solution. A unification hint is a kind of rule, whose rhd
256 is the unification problem, containing some metavariables X1, ..., Xn, and whose
257 left hand side is the solution suggested to the system, in the form of equations
258 Xi=Mi. The hint is accepted by the system if and only the solution is correct, that
259 is, if it is a unifier for the given problem.
260 To make an example, in the previous case, the unification problem is bool = carr X,
261 and the hint is to take X= mk_DeqSet bool beqb true. The hint is correct, since
262 bool is convertible with (carr (mk_DeqSet bool beb true)). *)
264 unification hint 0
\ 5a href="cic:/fakeuri.def(1)" title="hint_decl_Type1"
\ 6≔
\ 5/a
\ 6 ;
265 X ≟
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.con(0,1,0)"
\ 6mk_DeqSet
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb.def(2)"
\ 6beqb
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb_true.def(4)"
\ 6beqb_true
\ 5/a
\ 6
266 (* ---------------------------------------- *) ⊢
267 \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6 ≡
\ 5a href="cic:/matita/tutorial/chapter4/carr.fix(0,0,2)"
\ 6carr
\ 5/a
\ 6 X.
269 unification hint 0
\ 5a href="cic:/fakeuri.def(1)" title="hint_decl_Type0"
\ 6≔
\ 5/a
\ 6 b1,b2:
\ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6;
270 X ≟
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.con(0,1,0)"
\ 6mk_DeqSet
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb.def(2)"
\ 6beqb
\ 5/a
\ 6 \ 5a href="cic:/matita/tutorial/chapter4/beqb_true.def(4)"
\ 6beqb_true
\ 5/a
\ 6
271 (* ---------------------------------------- *) ⊢
272 \ 5a href="cic:/matita/tutorial/chapter4/beqb.def(2)"
\ 6beqb
\ 5/a
\ 6 b1 b2 ≡
\ 5a href="cic:/matita/tutorial/chapter4/eqb.fix(0,0,3)"
\ 6eqb
\ 5/a
\ 6 X b1 b2.
274 (* After having provided the previous hints, we may rewrite example exhint
275 declaring b of type bool. *)
277 example exhint1: ∀b:
\ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"
\ 6bool
\ 5/a
\ 6. (b
\ 5a title="eqb" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6=
\ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6)
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6 → b
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6.
281 (* The cartesian product of two DeqSets is still a DeqSet. To prove
282 this, we must as usual define the boolen equality function, and prove
283 it correctly reflects propositional equality. *)
285 definition eq_pairs ≝
286 λA,B:
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.ind(1,0,0)"
\ 6DeqSet
\ 5/a
\ 6.λp1,p2:A
\ 5a title="Product" href="cic:/fakeuri.def(1)"
\ 6×
\ 5/a
\ 6B.(
\ 5a title="pair pi1" href="cic:/fakeuri.def(1)"
\ 6\fst
\ 5/a
\ 6 p1
\ 5a title="eqb" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6=
\ 5a title="pair pi1" href="cic:/fakeuri.def(1)"
\ 6\fst
\ 5/a
\ 6 p2)
\ 5a title="boolean and" href="cic:/fakeuri.def(1)"
\ 6∧
\ 5/a
\ 6 (
\ 5a title="pair pi2" href="cic:/fakeuri.def(1)"
\ 6\snd
\ 5/a
\ 6 p1
\ 5a title="eqb" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6=
\ 5a title="pair pi2" href="cic:/fakeuri.def(1)"
\ 6\snd
\ 5/a
\ 6 p2).
288 lemma eq_pairs_true: ∀A,B:
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.ind(1,0,0)"
\ 6DeqSet
\ 5/a
\ 6.∀p1,p2:A
\ 5a title="Product" href="cic:/fakeuri.def(1)"
\ 6×
\ 5/a
\ 6B.
289 \ 5a href="cic:/matita/tutorial/chapter4/eq_pairs.def(4)"
\ 6eq_pairs
\ 5/a
\ 6 A B p1 p2
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6 \ 5a title="iff" href="cic:/fakeuri.def(1)"
\ 6↔
\ 5/a
\ 6 p1
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6 p2.
290 #A #B * #a1 #b1 * #a2 #b2 %
291 [#H cases (
\ 5a href="cic:/matita/basics/bool/andb_true.def(5)"
\ 6andb_true
\ 5/a
\ 6 …H) normalize #eqa #eqb >(\P eqa) >(\P eqb) //
292 |#H destruct normalize >(\b (
\ 5a href="cic:/matita/basics/logic/eq.con(0,1,2)"
\ 6refl
\ 5/a
\ 6 … a2)) >(\b (
\ 5a href="cic:/matita/basics/logic/eq.con(0,1,2)"
\ 6refl
\ 5/a
\ 6 … b2)) //
296 definition DeqProd ≝ λA,B:
\ 5a href="cic:/matita/tutorial/chapter4/DeqSet.ind(1,0,0)"
\ 6DeqSet
\ 5/a
\ 6.
297 \ 5a href="cic:/matita/tutorial/chapter4/DeqSet.con(0,1,0)"
\ 6mk_DeqSet
\ 5/a
\ 6 (A
\ 5a title="Product" href="cic:/fakeuri.def(1)"
\ 6×
\ 5/a
\ 6B) (
\ 5a href="cic:/matita/tutorial/chapter4/eq_pairs.def(4)"
\ 6eq_pairs
\ 5/a
\ 6 A B) (
\ 5a href="cic:/matita/tutorial/chapter4/eq_pairs_true.def(6)"
\ 6eq_pairs_true
\ 5/a
\ 6 A B).
299 (* Having an unification problem of the kind T1×T2 = carr X, what kind
300 of hint can we give to the system? We expect T1 to be the carrier of a
301 DeqSet C1, T2 to be the carrier of a DeqSet C2, and X to be DeqProd C1 C2.
302 This is expressed by the following hint: *)
304 unification hint 0
\ 5a href="cic:/fakeuri.def(1)" title="hint_decl_Type1"
\ 6≔
\ 5/a
\ 6 C1,C2;
305 T1 ≟
\ 5a href="cic:/matita/tutorial/chapter4/carr.fix(0,0,2)"
\ 6carr
\ 5/a
\ 6 C1,
306 T2 ≟
\ 5a href="cic:/matita/tutorial/chapter4/carr.fix(0,0,2)"
\ 6carr
\ 5/a
\ 6 C2,
307 X ≟
\ 5a href="cic:/matita/tutorial/chapter4/DeqProd.def(7)"
\ 6DeqProd
\ 5/a
\ 6 C1 C2
308 (* ---------------------------------------- *) ⊢
309 T1
\ 5a title="Product" href="cic:/fakeuri.def(1)"
\ 6×
\ 5/a
\ 6T2 ≡
\ 5a href="cic:/matita/tutorial/chapter4/carr.fix(0,0,2)"
\ 6carr
\ 5/a
\ 6 X.
311 unification hint 0
\ 5a href="cic:/fakeuri.def(1)" title="hint_decl_Type0"
\ 6≔
\ 5/a
\ 6 T1,T2,p1,p2;
312 X ≟
\ 5a href="cic:/matita/tutorial/chapter4/DeqProd.def(7)"
\ 6DeqProd
\ 5/a
\ 6 T1 T2
313 (* ---------------------------------------- *) ⊢
314 \ 5a href="cic:/matita/tutorial/chapter4/eq_pairs.def(4)"
\ 6eq_pairs
\ 5/a
\ 6 T1 T2 p1 p2 ≡
\ 5a href="cic:/matita/tutorial/chapter4/eqb.fix(0,0,3)"
\ 6eqb
\ 5/a
\ 6 X p1 p2.
316 example hint2: ∀b1,b2.
317 \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"
\ 6〈
\ 5/a
\ 6b1,
\ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6〉
\ 5a title="eqb" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6=
\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"
\ 6〈
\ 5/a
\ 6\ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6,b2〉
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6\ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6 →
\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"
\ 6〈
\ 5/a
\ 6b1,
\ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"
\ 6true
\ 5/a
\ 6〉
\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"
\ 6=
\ 5/a
\ 6\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"
\ 6〈
\ 5/a
\ 6\ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"
\ 6false
\ 5/a
\ 6,b2〉.