Transitive and Well-Founded Relations as Properties
Overview
Most ProofPower relations are properties not sets, so the theory of this kind of well-foundedness is developed here.
Introduction
A new "wf_relp" theory is created as a child of "wf_rel". The purpose of this theory is entirely cosmetic. I want to use the results in developing set theory but I want to avoid use of the membership sign in a context in which it is likely to cause confusion.
Transitive Relations
Elementary results about transitive relations and transitive closure.
Well-Founded Relations
Definition of well-founded and transitive-well-founded and proof that the transitive closure of a well-founded relation is transitive-well-founded.
Proof Context
In this section I will create a decent proof context for recursive definitions, eventually.
Listing of Theory wf_relp
Introduction
A new "wf_relp" theory is created as a child of "wf_rel". The purpose of this theory is entirely cosmetic. I want to use the results in developing set theory but I want to avoid use of the membership sign in a context in which it is likely to cause confusion.
Introduction
One of the principle well-founded relations of interest in this application is isin.gifg, which has type
xl-gft
qqco.gifGS rarr.gif GS rarr.gif BOOLqqter.gif

so I would like a version of "well-founded" which has type:
xl-gft
qqco.gif('a rarr.gif 'a rarr.gif BOOL) rarr.gif BOOLqqter.gif
</subsec>
<subsec title="The Theory wf_relp">
The new theory is first created, together with a proof context which we will build up as we develop the theory.


xl-sml
open_theory "hol";
force_new_theory "wf_relp";
force_new_pc "wf_relp";
merge_pcs ["xl_cs_exist.gif_conv"] "wf_relp";
set_merge_pcs ["hol", "wf_relp"];

Transitive Relations
Elementary results about transitive relations and transitive closure.
Definitions

xl-holconst
trans: ('a rarr.gif 'a rarr.gif BOOL) rarr.gif BOOL
forall.gif r bull.gif
ftbr trans r equiv.gif forall.gif s t ubull.gif r s t and.gif r t u ruarr.gif r s u

xl-holconst
tc: ('a rarr.gif 'a rarr.gif BOOL) rarr.gif ('a rarr.gif 'a rarr.gif BOOL)
forall.gif r bull.gif
ftbr tc r = lambda.gif s tbull.gif forall.giftrbull.gif trans tr and.gif (forall.gifv ubull.gif r v u ruarr.gif tr v u) ruarr.gif tr s t
Theorems

xl-sml
set_goal([],qqtel.gifforall.gifrbull.gif trans (tc r)qqter.gif);
a (rewrite_tac(map get_spec [qqtel.giftcqqter.gif,qqtel.giftransqqter.gif]));
a (REPEAT strip_tac);
a (all_asm_fc_tac []);
a (all_asm_fc_tac []);
val tran_tc_thm = save_pop_thm("tran_tc_thm");

set_goal([],qqtel.gifforall.gif r x y zbull.gif tc r x y and.gif tc r y z ruarr.gif tc r x zqqter.gif);
a (prove_tac [rewrite_rule [get_spec qqtel.giftransqqter.gif] tran_tc_thm]);
val tran_tc_thm2 = save_pop_thm("tran_tc_thm2");

set_goal([],qqtel.gifforall.gifr x y bull.gif r x y ruarr.gif tc r x yqqter.gif);
a (rewrite_tac [get_spec qqtel.giftcqqter.gif, sets_ext_clauses]
fttabTHEN REPEAT strip_tac);
a (all_asm_fc_tac[]);
val tc_incr_thm = save_pop_thm("tc_incr_thm");


xl-sml
set_goal([],qqtel.gifforall.gif r x ybull.gif tc r x y and.gif not.gif r x y ruarr.gif exist.gifzbull.gif tc r x z and.gif r z yqqter.gif);
a (REPEAT strip_tac);
a (lemma_tac qqtel.gifforall.gifqbull.gif trans q and.gif (forall.gifv wbull.gif r v w ruarr.gif q v w) ruarr.gif q x yqqter.gif);
a (asm_ante_tac qqtel.giftc r x yqqter.gif);
a (rewrite_tac [get_spec qqtel.giftcqqter.gif,
fttabget_spec qqtel.giftransqqter.gif]);
a (spec_nth_asm_tac 1 qqtel.giflambda.gifv wbull.gif r v w or.gif exist.gifubull.gif tc r v u and.gif r u wqqter.gif);


xl-gft
(* *** Goal "2.1" *** *)

(* 4 *) qqtel.giftc r x yqqter.gif
(* 3 *) qqtel.gifnot.gif r x yqqter.gif
(* 2 *) qqtel.gifforall.gif qbull.gif trans q and.gif (forall.gif v wbull.gif r v w ruarr.gif q v w) ruarr.gif q x yqqter.gif
(* 1 *) qqtel.gifnot.gif trans (lambda.gif v wbull.gif r v w or.gif (exist.gif ubull.gif tc r v u and.gif r u w))qqter.gif

(* ?turnstil.gif *) qqtel.gifexist.gif zbull.gif tc r x z and.gif r z yqqter.gif


xl-sml
a (swap_nth_asm_concl_tac 1
fttabTHEN rewrite_tac [get_spec qqtel.giftransqqter.gif]
fttabTHEN REPEAT strip_tac);
(* *** Goal "2.1.1" *** *)
a (exist.gif_tac qqtel.giftqqter.gif
fttabTHEN asm_rewrite_tac[]);
a (all_fc_tac [tc_incr_thm]);
(* *** Goal "2.1.2" *** *)
a (exist.gif_tac qqtel.gifu'qqter.gif
fttabTHEN asm_rewrite_tac[]);
a (REPEAT (all_asm_fc_tac [tran_tc_thm2,tc_incr_thm]));
(* *** Goal "2.1.3" *** *)
a (exist.gif_tac qqtel.giftqqter.gif
fttabTHEN asm_rewrite_tac[]);
a (REPEAT(all_asm_fc_tac [tran_tc_thm2,tc_incr_thm]));
(* *** Goal "2.1.4" *** *)
a (exist.gif_tac qqtel.gifu''qqter.gif
fttabTHEN asm_rewrite_tac[]);
a (REPEAT(all_asm_fc_tac [tran_tc_thm2,tc_incr_thm]));
(* *** Goal "2.2" *** *)
a (swap_nth_asm_concl_tac 1
fttabTHEN asm_rewrite_tac []);
(* *** Goal "2.3" *** *)
a (swap_nth_asm_concl_tac 1
fttabTHEN asm_rewrite_tac []);
val tc_decomp_thm = save_pop_thm "tc_decomp_thm";


xl-sml
set_goal([],qqtel.gifforall.gif r1 r2bull.gif (forall.gif x ybull.gif r1 x y ruarr.gif r2 x y)
fttabruarr.gif (forall.gif x ybull.gif tc r1 x y ruarr.gif tc r2 x y)qqter.gif);
a (rewrite_tac [get_spec qqtel.giftcqqter.gif]);
a (REPEAT strip_tac);
a (spec_nth_asm_tac 3 qqtel.giftrqqter.gif);
a (all_asm_fc_tac[]);
a (all_asm_fc_tac[]);
val tc_mono_thm = save_pop_thm "tc_mono_thm";


xl-sml
set_goal([],qqtel.gifforall.gif r pbull.gif (forall.gif x ybull.gif r x y ruarr.gif p x)
fttabruarr.gif (forall.gif x ybull.gif tc r x y ruarr.gif p x)qqter.gif);
a (rewrite_tac [get_spec qqtel.giftcqqter.gif]);
a (REPEAT strip_tac);
a (SPEC_NTH_ASM_T 1 qqtel.giflambda.gifx y:'a bull.gif (p x):BOOLqqter.gif
fttab(fn x => strip_asm_tac (rewrite_rule[] x))
fttabTHEN_TRY all_asm_fc_tac[]);
a (swap_nth_asm_concl_tac 1
fttabTHEN rewrite_tac [get_spec qqtel.giftransqqter.gif]
fttabTHEN REPEAT strip_tac);
val tc_p_thm = save_pop_thm "tc_p_thm";

Well-Founded Relations
Definition of well-founded and transitive-well-founded and proof that the transitive closure of a well-founded relation is transitive-well-founded.
Definitions

xl-holconst
well_founded: ('a rarr.gif 'a rarr.gif BOOL) rarr.gif BOOL
forall.gif r bull.gif
ftbr well_founded r equiv.gif forall.gif s bull.gif (forall.gif x bull.gif (forall.gif y bull.gif r y x ruarr.gif s y) ruarr.gif s x) ruarr.gif forall.gif x bull.gif s x

xl-holconst
twfp: ('a rarr.gif 'a rarr.gif BOOL) rarr.gif BOOL
forall.gif r bull.gif
ftbr twfp r equiv.gif well_founded r and.gif trans r
Theorems
The first thing I need to prove here is that the transitive closure of a well-founded relation is also well-founded. This provides a form of induction with a stronger induction hypothesis. Naturally we would expect this to be proven inductively and the question is therefore what property to use in the inductive proof, the observation that the transitive closure of a relation is well-founded is not explicitly the ascription of a property to the field of the relation. The obvious method is to relativise the required result to the transitive closure of a set, giving a property of sets, and then to prove that this property is hereditary if the relation is well-founded.


xl-sml
set_goal([],qqtel.gifforall.gifs rbull.gif well_founded r ruarr.gif forall.gifxbull.gif (forall.gifybull.gif tc r y x ruarr.gif (forall.gifzbull.gif tc r z y ruarr.gif s z) ruarr.gif s y)
fttabruarr.gif (forall.gifybull.gif tc r y x ruarr.gif s y)qqter.gif);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]);
a (REPEAT_N 3 strip_tac);
a (SPEC_NTH_ASM_T 1 qqtel.giflambda.gifx bull.gif (forall.gifybull.gif tc r y x ruarr.gif (forall.gifzbull.gif tc r z y ruarr.gif s z) ruarr.gif s y)
fttabruarr.gif (forall.gifybull.gif tc r y x ruarr.gif s y)qqter.gif ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN REPEAT strip_tac);
a (fc_tac [list_forall.gif_elim [qqtel.gifrqqter.gif,qqtel.gifyqqter.gif,qqtel.gifxqqter.gif] tc_decomp_thm]);
(* *** Goal "1" *** *)
a (spec_nth_asm_tac 7 qqtel.gifyqqter.gif);
(* *** Goal "1.1" *** *)
a (all_fc_tac [tran_tc_thm2]);
a (spec_nth_asm_tac 10 qqtel.gify''qqter.gif);
a (asm_fc_tac[]);
(* *** Goal "1.2" *** *)
a (spec_nth_asm_tac 7 qqtel.gifyqqter.gif);
a (spec_nth_asm_tac 3 qqtel.gifzqqter.gif);
(* *** Goal "2" *** *)
a (spec_nth_asm_tac 8 qqtel.gifzqqter.gif);
(* *** Goal "2.1" *** *)
a (lemma_tac qqtel.giftc r z xqqter.gif
fttabTHEN1 fc_tac [tc_incr_thm]);
a (lemma_tac qqtel.giftc r y'' xqqter.gif
fttabTHEN1 strip_asm_tac (list_forall.gif_elim [qqtel.gifrqqter.gif,qqtel.gify''qqter.gif,qqtel.gifzqqter.gif,qqtel.gifxqqter.gif] tran_tc_thm2));
a (spec_nth_asm_tac 12 qqtel.gify''qqter.gif);
a (spec_nth_asm_tac 6 qqtel.gifz'qqter.gif);
(* *** Goal "2.2" *** *)
a (asm_fc_tac[]);
val tcwf_lemma1 = save_pop_thm "tcwf_lemma1";


xl-sml
set_goal([],qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif forall.gifsbull.gif (forall.giftbull.gif (forall.gifubull.gif tc r u t ruarr.gif s u) ruarr.gif s t) ruarr.gif (forall.gifebull.gif s e)qqter.gif);
a (REPEAT strip_tac THEN fc_tac [tcwf_lemma1]);
a (spec_nth_asm_tac 2 qqtel.gifeqqter.gif);
a (list_spec_nth_asm_tac 3 [qqtel.gifeqqter.gif,qqtel.gifsqqter.gif,qqtel.gifuqqter.gif]);
a (spec_nth_asm_tac 7 qqtel.gifyqqter.gif);
a (spec_nth_asm_tac 4 qqtel.gifu'qqter.gif);
val tcwf_lemma2 = save_pop_thm "tcwf_lemma2";


xl-sml
set_goal([],qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif well_founded (tc r)qqter.gif);
a (strip_tac THEN strip_tac
fttabTHEN fc_tac [tcwf_lemma1]);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]);
a (REPEAT strip_tac);
a (spec_nth_asm_tac 1 qqtel.gifxqqter.gif);
a (list_spec_nth_asm_tac 4 [qqtel.gifxqqter.gif,qqtel.gifsqqter.gif,qqtel.gifyqqter.gif]);
a (spec_nth_asm_tac 6 qqtel.gify'qqter.gif);
a (spec_nth_asm_tac 4 qqtel.gify''qqter.gif);
val wf_tc_wf_thm = save_pop_thm "wf_tc_wf_thm";

Now we prove that if the transitive closure of a relation is well-founded then so must be the relation.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif well_founded (tc r) ruarr.gif well_founded rqqter.gif);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]
fttabTHEN REPEAT strip_tac);
a (spec_nth_asm_tac 2 qqtel.gifsqqter.gif);
(* *** Goal "1" *** *)
a (spec_nth_asm_tac 3 qqtel.gifx'qqter.gif);
a (all_asm_fc_tac [tc_incr_thm]);
a (all_asm_fc_tac []);
(* *** Goal "2" *** *)
a (asm_rewrite_tac[]);
val tc_wf_wf_thm = save_pop_thm "tc_wf_wf_thm";


xl-sml
set_goal([],qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif twfp (tc r)qqter.gif);
a (REPEAT strip_tac);
a (fc_tac [wf_tc_wf_thm]);
a (asm_rewrite_tac [get_spec qqtel.giftwfpqqter.gif, tran_tc_thm]);
val tc_wf_twf_thm = save_pop_thm "tc_wf_twf_thm";

Induction Tactics etc.
We here define a general tactic for performing induction using some well-founded relation. The following function (I think these things are called "THM-TACTICAL"s) must be given a theorem which asserts that some relation is well-founded, and then a THM-TACTIC (which determines what is done with the induction assumption), and then a term which is the variable to induct over, and will then facilitate an inductive proof of the current goal using that theorem.
xl-sml
fun WF_INDUCTION_T (thm : THM) (ttac : THM -> TACTIC) : TERM -> TACTIC = (
fttabletfttabfun bad_thm thm = thm_fail "WF_INDUCTION_T" 29021 [thm];
fttabfttabval (wf, r) = (dest_app (concl thm))
fttabfttabfttabhandle Fail _ => bad_thm thm;
fttabfttabval sthm = forall.gif_elim r tcwf_lemma2
fttabfttabfttabhandle Fail _ => bad_thm thm;
fttabfttabval ithm = ruarr.gif_elim sthm thm
fttabfttabfttabhandle Fail _ => bad_thm thm;
fttabin GEN_INDUCTION_T ithm ttac
fttabend
);

And now we make a tactic out of that (basically by saying "strip the induction hypothesis into the assumptions").
xl-sml
fun wf_induction_tac (thm : THM) : TERM -> TACTIC = (
fttabletfttabval ttac = (WF_INDUCTION_T thm strip_asm_tac)
fttabfttabfttabhandle ex => reraise ex "wf_induction_tac";
fttabin
fttabfn tm =>
fttabletfttabval tac = (ttac tm) handle ex => reraise ex "wf_induction_tac";
fttabinfttabfn gl => ((tac gl) handle ex => reraise ex "wf_induction_tac")
fttabend
fttabend
);

Well-foundedness and Induction
The following proof shows how the above induction tactic can be used. The theorem can be paraphrased loosely along the lines that there are no bottomless descending chains in a well-founded relation. We think of a bottomless descending chain as a non-empty set (represented by a property called "p") every element of which is preceded by an element under the transitive closure of r.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif forall.gifxbull.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif tc r y x and.gif exist.gifzbull.gif p z and.gif r z yqqter.gif);
a (strip_tac THEN strip_tac THEN strip_tac);
a (wf_induction_tac (asm_rule qqtel.gifwell_founded rqqter.gif) qqtel.gifxqqter.gif);
a contr_tac;
a (all_asm_fc_tac[]);
a (spec_nth_asm_tac 6 qqtel.gifvqqter.gif);
a (SPEC_NTH_ASM_T 1 qqtel.giflambda.gifxbull.gif p x and.gif tc r x vqqter.gif ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN REPEAT strip_tac);
a (exist.gif_tac qqtel.gifzqqter.gif
fttabTHEN REPEAT strip_tac);
(* *** Goal "1" *** *)
a (fc_tac [tc_incr_thm]);
(* *** Goal "2" *** *)
a (spec_nth_asm_tac 7 qqtel.gifyqqter.gif);
a (exist.gif_tac qqtel.gifz'qqter.gif THEN asm_rewrite_tac[]);
a (lemma_tac qqtel.giftc r z' yqqter.gif THEN1 fc_tac [tc_incr_thm]);
a (all_fc_tac [tran_tc_thm2]);
val wf_nochain_thm = save_pop_thm "wf_nochain_thm";

Now a shorter formulation of bottomless pits.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif exist.gifzbull.gif p z and.gif r z yqqter.gif);
a (contr_tac);
a (lemma_tac qqtel.gifforall.gifxbull.gif not.gif p xqqter.gif THEN1 (strip_tac
fttabTHEN wf_induction_tac (asm_rule qqtel.gifwell_founded rqqter.gif) qqtel.gifxqqter.gif));
(* *** Goal "1" *** *)
a (contr_tac
fttabTHEN REPEAT (all_asm_fc_tac[tc_incr_thm]));
(* *** Goal "2" *** *)
a (REPEAT (all_asm_fc_tac[]));
val wf_wf_thm = save_pop_thm "wf_wf_thm";

Next we prove the converse, that the lack of bottomless pits entails well-foundedness.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif (forall.gifxbull.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif tc r y x and.gif exist.gifzbull.gif p z and.gif r z y) ruarr.gif well_founded rqqter.gif);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]);
a contr_tac;
a (DROP_NTH_ASM_T 3 ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN strip_tac);
a (exist.gif_tac qqtel.gifxqqter.gif
fttabTHEN rewrite_tac[]);
a (lemma_tac qqtel.gifexist.gifrelbull.gif rel = lambda.gif v wbull.gif not.gif s v and.gif not.gif s w and.gif r v wqqter.gif
fttabTHEN1 prove_exist.gif_tac);
a (exist.gif_tac qqtel.giflambda.gifqbull.gif tc rel q xqqter.giffttabTHEN rewrite_tac[]);
a (spec_nth_asm_tac 3 qqtel.gifxqqter.gif);
a (exist.gif_tac qqtel.gifyqqter.gif THEN REPEAT strip_tac);
(* *** Goal "1" *** *)
a (lemma_tac qqtel.gifrel y xqqter.gif THEN1 asm_rewrite_tac[]);
a (all_asm_fc_tac [tc_incr_thm]);
(* *** Goal "2" *** *)
a (lemma_tac qqtel.gifforall.gifx ybull.gif rel x y ruarr.gif r x yqqter.gif
fttabTHEN1 (strip_tac THEN strip_tac
fttabTHEN asm_rewrite_tac[] THEN REPEAT strip_tac));
a (all_fc_tac [tc_mono_thm]);
(* *** Goal "3" *** *)
a (lemma_tac qqtel.gifnot.gif s y'qqter.gif);
(* *** Goal "3.1" *** *)
a (lemma_tac qqtel.gifforall.gif x ybull.gif rel x y ruarr.gif not.gif s xqqter.gif
fttabTHEN1
fttab(REPEAT forall.gif_tac
fttabTHEN asm_rewrite_tac []
fttabTHEN REPEAT strip_tac));
a (all_asm_fc_tac[rewrite_rule[](list_forall.gif_elim [qqtel.gifrelqqter.gif, qqtel.giflambda.gifxbull.gifnot.gif s xqqter.gif] tc_p_thm)]);
(* *** Goal "3.2" *** *)
a (spec_nth_asm_tac 7 qqtel.gify'qqter.gif);
a (exist.gif_tac qqtel.gify''qqter.gif THEN REPEAT strip_tac);
a (lemma_tac qqtel.giftc rel y'' y'qqter.gif);
(* *** Goal "3.2.1" *** *)
a (lemma_tac qqtel.gifrel y'' y'qqter.gif
fttabTHEN1 asm_rewrite_tac[]);
a (all_asm_fc_tac[tc_incr_thm]);
(* *** Goal "3.2.2" *** *)
a (all_asm_fc_tac[tran_tc_thm2]);
val nochain_wf_thm = save_pop_thm "nochain_wf_thm";

Now with second order foundation.
xl-sml
set_goal([], qqtel.gif(not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif exist.gifzbull.gif p z and.gif r z y) ruarr.gif well_founded rqqter.gif);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]
fttabTHEN REPEAT strip_tac);
a (SPEC_NTH_ASM_T 2 qqtel.giflambda.gifxbull.gif not.gif s xqqter.gif ante_tac
fttabTHEN rewrite_tac[] THEN strip_tac);
a (spec_nth_asm_tac 1 qqtel.gifxqqter.gif);
a (spec_nth_asm_tac 4 qqtel.gifyqqter.gif);
a (spec_nth_asm_tac 3 qqtel.gify'qqter.gif);
val wf_induct_thm = save_pop_thm "wf_induct_thm";

Try a weaker hypothesis.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif (forall.gifxbull.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif exist.gifzbull.gif p z and.gif r z y) ruarr.gif well_founded rqqter.gif);
a (rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]);
a contr_tac;
a (DROP_NTH_ASM_T 3 ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN strip_tac);
a (lemma_tac qqtel.gifexist.gifrelbull.gif rel = lambda.gif v wbull.gif not.gif s v and.gif not.gif s w and.gif r v wqqter.gif
fttabTHEN1 prove_exist.gif_tac);
a (exist.gif_tac qqtel.giflambda.gifqbull.gif tc rel q xqqter.giffttabTHEN rewrite_tac[]);
a (spec_nth_asm_tac 3 qqtel.gifxqqter.gif);
a (exist.gif_tac qqtel.gifyqqter.gif THEN REPEAT strip_tac);
(* *** Goal "1" *** *)
a (lemma_tac qqtel.gifrel y xqqter.gif THEN1 asm_rewrite_tac[]);
a (all_asm_fc_tac [tc_incr_thm]);
(* *** Goal "2" *** *)
a (lemma_tac qqtel.gifforall.gif x ybull.gif rel x y ruarr.gif not.gif s xqqter.gif
fttabTHEN1
fttab(REPEAT forall.gif_tac
fttabTHEN asm_rewrite_tac []
fttabTHEN REPEAT strip_tac));
a (all_asm_fc_tac[rewrite_rule[](list_forall.gif_elim [qqtel.gifrelqqter.gif, qqtel.giflambda.gifxbull.gifnot.gif s xqqter.gif] tc_p_thm)]);
a (spec_nth_asm_tac 8 qqtel.gify'qqter.gif);
a (exist.gif_tac qqtel.gify''qqter.gif THEN REPEAT strip_tac);
a (lemma_tac qqtel.gifrel y'' y'qqter.gif THEN1 asm_rewrite_tac[]);
a (lemma_tac qqtel.giftc rel y'' y'qqter.gif THEN1 all_asm_fc_tac[tc_incr_thm]);
a (all_asm_fc_tac[tran_tc_thm2]);
val nochain_wf_thm2 = save_pop_thm "nochain_wf_thm2";

Bottomless Pits and Minimal Elements
The following theorem states something like that if there are no unending downward chains then every "set" has a minimal element.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif(forall.gifxbull.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif tc r y x and.gif exist.gifzbull.gif p z and.gif r z y)
fttabruarr.gif forall.gifxbull.gif (exist.gifybull.gif r y x) ruarr.gif exist.gifzbull.gif r z x and.gif not.gifexist.gifvbull.gif r v z and.gif r v xqqter.gif);
a contr_tac;
a (DROP_NTH_ASM_T 3 ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN REPEAT strip_tac
fttabTHEN rewrite_tac[]
);
a (exist.gif_tac qqtel.gifxqqter.gif
fttabTHEN exist.gif_tac qqtel.giflambda.gifwbull.gif r w xqqter.gif
fttabTHEN exist.gif_tac qqtel.gifyqqter.gif
fttabTHEN asm_rewrite_tac[]);
a (strip_tac THEN asm_rewrite_tac[]);
a (REPEAT strip_tac);
(* *** Goal "1" *** *)
a (all_asm_fc_tac [tc_incr_thm]);
(* *** Goal "2" *** *)
a (spec_nth_asm_tac 2 qqtel.gify'qqter.gif);
a (exist.gif_tac qqtel.gifvqqter.gif THEN asm_rewrite_tac[]);
val nochain_min_thm = save_pop_thm "nochain_min_thm";

A second order version with the weaker bottomless pits can be formulated as follows:
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif(forall.gifxbull.gif not.gifexist.gifp vbull.gif p v and.gif forall.gifybull.gif p y ruarr.gif exist.gifzbull.gif p z and.gif r z y)
fttabruarr.gif forall.gifpbull.gif (exist.gifybull.gif p y) ruarr.gif exist.gifzbull.gif p z and.gif not.gifexist.gifvbull.gif r v z and.gif p vqqter.gif);
a contr_tac;
a (DROP_NTH_ASM_T 3 ante_tac
fttabTHEN rewrite_tac[]
fttabTHEN REPEAT strip_tac
);
a (exist.gif_tac qqtel.gifpqqter.gif
fttabTHEN exist.gif_tac qqtel.gifyqqter.gif
fttabTHEN asm_rewrite_tac[]);
a (REPEAT strip_tac);
a (spec_nth_asm_tac 2 qqtel.gify'qqter.gif);
a (exist.gif_tac qqtel.gifvqqter.gif THEN asm_rewrite_tac[]);
val nochain_min_thm2 = save_pop_thm "nochain_min_thm2";

It follows that all non-empty collections of predecessors under a well-founded relation have minimal elements.
xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif forall.gifxbull.gif (exist.gifybull.gif r y x) ruarr.gif exist.gifzbull.gif r z x and.gif not.gifexist.gifvbull.gif r v z and.gif r v xqqter.gif);
a (REPEAT_N 2 strip_tac);
a (strip_asm_tac ( forall.gif_elim qqtel.gifrqqter.gif wf_nochain_thm));
a (ante_tac (forall.gif_elim qqtel.gifrqqter.gif nochain_min_thm));
a (GET_NTH_ASM_T 1 ante_tac);
a (rewrite_tac [prove_rule [] qqtel.gifforall.gifa bbull.gif a ruarr.gif (a ruarr.gif b) ruarr.gif bqqter.gif ]);
val wf_min_thm = save_pop_thm "wf_min_thm";

But the converse does not hold.
xl-sml
set_goal([], qqtel.gifexist.gifr: BOOLrarr.gifBOOLrarr.gifBOOLbull.gif(forall.gifxbull.gif (exist.gifybull.gif r y x) ruarr.gif exist.gifzbull.gif r z x and.gif not.gifexist.gifvbull.gif r v z and.gif r v x) and.gif not.gif well_founded rqqter.gif);
a (exist.gif_tac qqtel.giflambda.gifx y:BOOLbull.gif yqqter.gif
fttabTHEN rewrite_tac [get_spec qqtel.gifwell_foundedqqter.gif]
fttabTHEN REPEAT strip_tac);
(* *** Goal "1" *** *)
a (exist.gif_tac qqtel.gifFqqter.gif THEN asm_rewrite_tac []);
(* *** Goal "2" *** *)
a (exist.gif_tac qqtel.gif$not.gifqqter.gif THEN REPEAT strip_tac);
(* *** Goal "2.1" *** *)
a (spec_nth_asm_tac 1 qqtel.gifxqqter.gif);
(* *** Goal "2.2" *** *)
a (exist.gif_tac qqtel.gifTqqter.gif THEN rewrite_tac[]);
val minr_not_wf_thm = save_pop_thm "minr_not_wf_thm";

Restrictions of Well-Founded Relations
In this section we show that a restriction of a well-founded relation is well-founded.
Restriction of Well-Founded Relation

xl-sml
set_goal([], qqtel.gifforall.gifrbull.gif well_founded r ruarr.gif forall.gifr2bull.gif well_founded (lambda.gifx ybull.gif r2 x y and.gif r x y)qqter.gif);
a (REPEAT strip_tac);
a (bc_tac [nochain_wf_thm]);
a (fc_tac [wf_nochain_thm]);
a (REPEAT strip_tac);
a (list_spec_nth_asm_tac 2 [qqtel.gifpqqter.gif, qqtel.gifxqqter.gif, qqtel.gifvqqter.gif]);
(* *** Goal "1" *** *)
a (spec_nth_asm_tac 3 qqtel.gifyqqter.gif);
a (lemma_tac qqtel.gifforall.gif x ybull.gif (lambda.gif x ybull.gif r2 x y and.gif r x y) x y ruarr.gif r x yqqter.gif
fttabTHEN1 (rewrite_tac[] THEN REPEAT strip_tac));
a (FC_T fc_tac [tc_mono_thm]);
(* *** Goal "2" *** *)
a (SPEC_NTH_ASM_T 3 qqtel.gifyqqter.gif ante_tac
fttabTHEN (rewrite_tac []) THEN REPEAT strip_tac);
a (spec_nth_asm_tac 5 qqtel.gifzqqter.gif);
val wf_restrict_wf_thm = save_pop_thm "wf_restrict_wf_thm";

Proof Context
In this section I will create a decent proof context for recursive definitions, eventually.
Proof Context

xl-sml
(* commit_pc "wf_relp"; *)

up quick index © RBJ

$Id: x002.xml,v 1.5 2008/04/06 13:07:17 rbj01 Exp $

V