src/ZF/Constructible/AC_in_L.thy
author wenzelm
Thu Dec 14 11:24:26 2017 +0100 (21 months ago)
changeset 67198 694f29a5433b
parent 61798 27f3c10b0b50
child 67443 3abf6a722518
permissions -rw-r--r--
merged
paulson@13543
     1
(*  Title:      ZF/Constructible/AC_in_L.thy
paulson@13543
     2
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@13543
     3
*)
paulson@13543
     4
wenzelm@60770
     5
section \<open>The Axiom of Choice Holds in L!\<close>
paulson@13543
     6
paulson@47084
     7
theory AC_in_L imports Formula Separation begin
paulson@13543
     8
wenzelm@60770
     9
subsection\<open>Extending a Wellordering over a List -- Lexicographic Power\<close>
paulson@13543
    10
wenzelm@60770
    11
text\<open>This could be moved into a library.\<close>
paulson@13543
    12
paulson@13543
    13
consts
paulson@13543
    14
  rlist   :: "[i,i]=>i"
paulson@13543
    15
paulson@13543
    16
inductive
paulson@13543
    17
  domains "rlist(A,r)" \<subseteq> "list(A) * list(A)"
paulson@13543
    18
  intros
paulson@13543
    19
    shorterI:
paulson@13692
    20
      "[| length(l') < length(l); l' \<in> list(A); l \<in> list(A) |]
paulson@13543
    21
       ==> <l', l> \<in> rlist(A,r)"
paulson@13543
    22
paulson@13543
    23
    sameI:
paulson@13692
    24
      "[| <l',l> \<in> rlist(A,r); a \<in> A |]
paulson@13543
    25
       ==> <Cons(a,l'), Cons(a,l)> \<in> rlist(A,r)"
paulson@13543
    26
paulson@13543
    27
    diffI:
paulson@13692
    28
      "[| length(l') = length(l); <a',a> \<in> r;
paulson@13692
    29
          l' \<in> list(A); l \<in> list(A); a' \<in> A; a \<in> A |]
paulson@13543
    30
       ==> <Cons(a',l'), Cons(a,l)> \<in> rlist(A,r)"
paulson@13543
    31
  type_intros list.intros
paulson@13543
    32
paulson@13543
    33
wenzelm@60770
    34
subsubsection\<open>Type checking\<close>
paulson@13543
    35
paulson@13543
    36
lemmas rlist_type = rlist.dom_subset
paulson@13543
    37
paulson@13543
    38
lemmas field_rlist = rlist_type [THEN field_rel_subset]
paulson@13543
    39
wenzelm@60770
    40
subsubsection\<open>Linearity\<close>
paulson@13543
    41
paulson@13543
    42
lemma rlist_Nil_Cons [intro]:
paulson@13543
    43
    "[|a \<in> A; l \<in> list(A)|] ==> <[], Cons(a,l)> \<in> rlist(A, r)"
paulson@13692
    44
by (simp add: shorterI)
paulson@13543
    45
paulson@13543
    46
lemma linear_rlist:
paulson@47085
    47
  assumes r: "linear(A,r)" shows "linear(list(A),rlist(A,r))"
paulson@47085
    48
proof -
paulson@47085
    49
  { fix xs ys
paulson@47085
    50
    have "xs \<in> list(A) \<Longrightarrow> ys \<in> list(A) \<Longrightarrow> \<langle>xs,ys\<rangle> \<in> rlist(A,r) \<or> xs = ys \<or> \<langle>ys,xs\<rangle> \<in> rlist(A, r) "
paulson@47085
    51
    proof (induct xs arbitrary: ys rule: list.induct)
paulson@47085
    52
      case Nil 
paulson@47085
    53
      thus ?case by (induct ys rule: list.induct) (auto simp add: shorterI)
paulson@47085
    54
    next
paulson@47085
    55
      case (Cons x xs)
paulson@47085
    56
      { fix y ys
paulson@47085
    57
        assume "y \<in> A" and "ys \<in> list(A)"
paulson@47085
    58
        with Cons
paulson@47085
    59
        have "\<langle>Cons(x,xs),Cons(y,ys)\<rangle> \<in> rlist(A,r) \<or> x=y & xs = ys \<or> \<langle>Cons(y,ys), Cons(x,xs)\<rangle> \<in> rlist(A,r)" 
paulson@47085
    60
          apply (rule_tac i = "length(xs)" and j = "length(ys)" in Ord_linear_lt)
paulson@47085
    61
          apply (simp_all add: shorterI)
paulson@47085
    62
          apply (rule linearE [OF r, of x y]) 
paulson@47085
    63
          apply (auto simp add: diffI intro: sameI) 
paulson@47085
    64
          done
paulson@47085
    65
      }
paulson@47085
    66
      note yConsCase = this
wenzelm@60770
    67
      show ?case using \<open>ys \<in> list(A)\<close>
paulson@47085
    68
        by (cases rule: list.cases) (simp_all add: Cons rlist_Nil_Cons yConsCase) 
paulson@47085
    69
    qed
paulson@47085
    70
  }
paulson@47085
    71
  thus ?thesis by (simp add: linear_def) 
paulson@47085
    72
qed
paulson@13543
    73
paulson@13543
    74
wenzelm@60770
    75
subsubsection\<open>Well-foundedness\<close>
paulson@13543
    76
wenzelm@60770
    77
text\<open>Nothing preceeds Nil in this ordering.\<close>
paulson@13543
    78
inductive_cases rlist_NilE: " <l,[]> \<in> rlist(A,r)"
paulson@13543
    79
paulson@13543
    80
inductive_cases rlist_ConsE: " <l', Cons(x,l)> \<in> rlist(A,r)"
paulson@13543
    81
paulson@13543
    82
lemma not_rlist_Nil [simp]: " <l,[]> \<notin> rlist(A,r)"
paulson@13543
    83
by (blast intro: elim: rlist_NilE)
paulson@13543
    84
paulson@13543
    85
lemma rlist_imp_length_le: "<l',l> \<in> rlist(A,r) ==> length(l') \<le> length(l)"
paulson@13543
    86
apply (erule rlist.induct)
paulson@13692
    87
apply (simp_all add: leI)
paulson@13543
    88
done
paulson@13543
    89
paulson@13543
    90
lemma wf_on_rlist_n:
paulson@13543
    91
  "[| n \<in> nat; wf[A](r) |] ==> wf[{l \<in> list(A). length(l) = n}](rlist(A,r))"
paulson@13692
    92
apply (induct_tac n)
paulson@13692
    93
 apply (rule wf_onI2, simp)
paulson@13692
    94
apply (rule wf_onI2, clarify)
paulson@13692
    95
apply (erule_tac a=y in list.cases, clarify)
paulson@13543
    96
 apply (simp (no_asm_use))
paulson@13692
    97
apply clarify
paulson@13543
    98
apply (simp (no_asm_use))
paulson@46823
    99
apply (subgoal_tac "\<forall>l2 \<in> list(A). length(l2) = x \<longrightarrow> Cons(a,l2) \<in> B", blast)
paulson@13543
   100
apply (erule_tac a=a in wf_on_induct, assumption)
paulson@13543
   101
apply (rule ballI)
paulson@13692
   102
apply (rule impI)
paulson@13543
   103
apply (erule_tac a=l2 in wf_on_induct, blast, clarify)
paulson@13692
   104
apply (rename_tac a' l2 l')
paulson@13692
   105
apply (drule_tac x="Cons(a',l')" in bspec, typecheck)
paulson@13692
   106
apply simp
paulson@13692
   107
apply (erule mp, clarify)
paulson@13543
   108
apply (erule rlist_ConsE, auto)
paulson@13543
   109
done
paulson@13543
   110
paulson@13543
   111
lemma list_eq_UN_length: "list(A) = (\<Union>n\<in>nat. {l \<in> list(A). length(l) = n})"
paulson@13543
   112
by (blast intro: length_type)
paulson@13543
   113
paulson@13543
   114
paulson@13543
   115
lemma wf_on_rlist: "wf[A](r) ==> wf[list(A)](rlist(A,r))"
paulson@13692
   116
apply (subst list_eq_UN_length)
paulson@13692
   117
apply (rule wf_on_Union)
paulson@13543
   118
  apply (rule wf_imp_wf_on [OF wf_Memrel [of nat]])
paulson@13543
   119
 apply (simp add: wf_on_rlist_n)
paulson@13692
   120
apply (frule rlist_type [THEN subsetD])
paulson@13692
   121
apply (simp add: length_type)
paulson@13543
   122
apply (drule rlist_imp_length_le)
paulson@13692
   123
apply (erule leE)
paulson@13692
   124
apply (simp_all add: lt_def)
paulson@13543
   125
done
paulson@13543
   126
paulson@13543
   127
paulson@13543
   128
lemma wf_rlist: "wf(r) ==> wf(rlist(field(r),r))"
paulson@13543
   129
apply (simp add: wf_iff_wf_on_field)
paulson@13543
   130
apply (rule wf_on_subset_A [OF _ field_rlist])
paulson@13692
   131
apply (blast intro: wf_on_rlist)
paulson@13543
   132
done
paulson@13543
   133
paulson@13543
   134
lemma well_ord_rlist:
paulson@13543
   135
     "well_ord(A,r) ==> well_ord(list(A), rlist(A,r))"
paulson@13543
   136
apply (rule well_ordI)
paulson@13543
   137
apply (simp add: well_ord_def wf_on_rlist)
paulson@13543
   138
apply (simp add: well_ord_def tot_ord_def linear_rlist)
paulson@13543
   139
done
paulson@13543
   140
paulson@13543
   141
wenzelm@60770
   142
subsection\<open>An Injection from Formulas into the Natural Numbers\<close>
paulson@13543
   143
wenzelm@60770
   144
text\<open>There is a well-known bijection between @{term "nat*nat"} and @{term
paulson@13543
   145
nat} given by the expression f(m,n) = triangle(m+n) + m, where triangle(k)
paulson@13543
   146
enumerates the triangular numbers and can be defined by triangle(0)=0,
paulson@13543
   147
triangle(succ(k)) = succ(k + triangle(k)).  Some small amount of effort is
wenzelm@61798
   148
needed to show that f is a bijection.  We already know that such a bijection exists by the theorem \<open>well_ord_InfCard_square_eq\<close>:
paulson@13692
   149
@{thm[display] well_ord_InfCard_square_eq[no_vars]}
paulson@13543
   150
paulson@13692
   151
However, this result merely states that there is a bijection between the two
paulson@13692
   152
sets.  It provides no means of naming a specific bijection.  Therefore, we
paulson@13692
   153
conduct the proofs under the assumption that a bijection exists.  The simplest
wenzelm@60770
   154
way to organize this is to use a locale.\<close>
paulson@13692
   155
wenzelm@60770
   156
text\<open>Locale for any arbitrary injection between @{term "nat*nat"}
wenzelm@60770
   157
      and @{term nat}\<close>
paulson@13543
   158
locale Nat_Times_Nat =
paulson@13543
   159
  fixes fn
paulson@13543
   160
  assumes fn_inj: "fn \<in> inj(nat*nat, nat)"
paulson@13543
   161
paulson@13543
   162
paulson@13543
   163
consts   enum :: "[i,i]=>i"
paulson@13543
   164
primrec
paulson@13543
   165
  "enum(f, Member(x,y)) = f ` <0, f ` <x,y>>"
paulson@13543
   166
  "enum(f, Equal(x,y)) = f ` <1, f ` <x,y>>"
paulson@13543
   167
  "enum(f, Nand(p,q)) = f ` <2, f ` <enum(f,p), enum(f,q)>>"
paulson@13543
   168
  "enum(f, Forall(p)) = f ` <succ(2), enum(f,p)>"
paulson@13543
   169
paulson@13543
   170
lemma (in Nat_Times_Nat) fn_type [TC,simp]:
paulson@13543
   171
    "[|x \<in> nat; y \<in> nat|] ==> fn`<x,y> \<in> nat"
paulson@13692
   172
by (blast intro: inj_is_fun [OF fn_inj] apply_funtype)
paulson@13543
   173
paulson@13543
   174
lemma (in Nat_Times_Nat) fn_iff:
paulson@13692
   175
    "[|x \<in> nat; y \<in> nat; u \<in> nat; v \<in> nat|]
paulson@46823
   176
     ==> (fn`<x,y> = fn`<u,v>) \<longleftrightarrow> (x=u & y=v)"
paulson@13692
   177
by (blast dest: inj_apply_equality [OF fn_inj])
paulson@13543
   178
paulson@13543
   179
lemma (in Nat_Times_Nat) enum_type [TC,simp]:
paulson@13543
   180
    "p \<in> formula ==> enum(fn,p) \<in> nat"
paulson@13692
   181
by (induct_tac p, simp_all)
paulson@13543
   182
paulson@13543
   183
lemma (in Nat_Times_Nat) enum_inject [rule_format]:
paulson@46823
   184
    "p \<in> formula ==> \<forall>q\<in>formula. enum(fn,p) = enum(fn,q) \<longrightarrow> p=q"
paulson@13692
   185
apply (induct_tac p, simp_all)
paulson@13692
   186
   apply (rule ballI)
paulson@13692
   187
   apply (erule formula.cases)
paulson@13692
   188
   apply (simp_all add: fn_iff)
paulson@13692
   189
  apply (rule ballI)
paulson@13692
   190
  apply (erule formula.cases)
paulson@13692
   191
  apply (simp_all add: fn_iff)
paulson@13692
   192
 apply (rule ballI)
paulson@13692
   193
 apply (erule_tac a=qa in formula.cases)
paulson@13692
   194
 apply (simp_all add: fn_iff)
paulson@13692
   195
 apply blast
paulson@13692
   196
apply (rule ballI)
paulson@13692
   197
apply (erule_tac a=q in formula.cases)
paulson@13692
   198
apply (simp_all add: fn_iff, blast)
paulson@13543
   199
done
paulson@13543
   200
paulson@13543
   201
lemma (in Nat_Times_Nat) inj_formula_nat:
paulson@13543
   202
    "(\<lambda>p \<in> formula. enum(fn,p)) \<in> inj(formula, nat)"
paulson@13692
   203
apply (simp add: inj_def lam_type)
paulson@13692
   204
apply (blast intro: enum_inject)
paulson@13543
   205
done
paulson@13543
   206
paulson@13543
   207
lemma (in Nat_Times_Nat) well_ord_formula:
paulson@13543
   208
    "well_ord(formula, measure(formula, enum(fn)))"
paulson@13543
   209
apply (rule well_ord_measure, simp)
paulson@13692
   210
apply (blast intro: enum_inject)
paulson@13543
   211
done
paulson@13543
   212
paulson@13543
   213
lemmas nat_times_nat_lepoll_nat =
paulson@13543
   214
    InfCard_nat [THEN InfCard_square_eqpoll, THEN eqpoll_imp_lepoll]
paulson@13543
   215
paulson@13543
   216
wenzelm@60770
   217
text\<open>Not needed--but interesting?\<close>
paulson@13543
   218
theorem formula_lepoll_nat: "formula \<lesssim> nat"
paulson@13543
   219
apply (insert nat_times_nat_lepoll_nat)
paulson@13543
   220
apply (unfold lepoll_def)
paulson@13692
   221
apply (blast intro: Nat_Times_Nat.inj_formula_nat Nat_Times_Nat.intro)
paulson@13692
   222
done
paulson@13692
   223
paulson@13692
   224
wenzelm@60770
   225
subsection\<open>Defining the Wellordering on @{term "DPow(A)"}\<close>
paulson@13692
   226
wenzelm@60770
   227
text\<open>The objective is to build a wellordering on @{term "DPow(A)"} from a
paulson@13692
   228
given one on @{term A}.  We first introduce wellorderings for environments,
paulson@13692
   229
which are lists built over @{term "A"}.  We combine it with the enumeration of
paulson@13692
   230
formulas.  The order type of the resulting wellordering gives us a map from
paulson@13692
   231
(environment, formula) pairs into the ordinals.  For each member of @{term
wenzelm@60770
   232
"DPow(A)"}, we take the minimum such ordinal.\<close>
paulson@13692
   233
wenzelm@21233
   234
definition
wenzelm@21404
   235
  env_form_r :: "[i,i,i]=>i" where
wenzelm@61798
   236
    \<comment>\<open>wellordering on (environment, formula) pairs\<close>
paulson@13692
   237
   "env_form_r(f,r,A) ==
paulson@13692
   238
      rmult(list(A), rlist(A, r),
wenzelm@32960
   239
            formula, measure(formula, enum(f)))"
paulson@13692
   240
wenzelm@21404
   241
definition
wenzelm@21404
   242
  env_form_map :: "[i,i,i,i]=>i" where
wenzelm@61798
   243
    \<comment>\<open>map from (environment, formula) pairs to ordinals\<close>
paulson@13692
   244
   "env_form_map(f,r,A,z)
paulson@13692
   245
      == ordermap(list(A) * formula, env_form_r(f,r,A)) ` z"
paulson@13692
   246
wenzelm@21404
   247
definition
wenzelm@21404
   248
  DPow_ord :: "[i,i,i,i,i]=>o" where
wenzelm@61798
   249
    \<comment>\<open>predicate that holds if @{term k} is a valid index for @{term X}\<close>
paulson@13702
   250
   "DPow_ord(f,r,A,X,k) ==
paulson@13692
   251
           \<exists>env \<in> list(A). \<exists>p \<in> formula.
paulson@13692
   252
             arity(p) \<le> succ(length(env)) &
paulson@13692
   253
             X = {x\<in>A. sats(A, p, Cons(x,env))} &
paulson@13692
   254
             env_form_map(f,r,A,<env,p>) = k"
paulson@13692
   255
wenzelm@21404
   256
definition
wenzelm@21404
   257
  DPow_least :: "[i,i,i,i]=>i" where
wenzelm@61798
   258
    \<comment>\<open>function yielding the smallest index for @{term X}\<close>
skalberg@14171
   259
   "DPow_least(f,r,A,X) == \<mu> k. DPow_ord(f,r,A,X,k)"
paulson@13692
   260
wenzelm@21404
   261
definition
wenzelm@21404
   262
  DPow_r :: "[i,i,i]=>i" where
wenzelm@61798
   263
    \<comment>\<open>a wellordering on @{term "DPow(A)"}\<close>
paulson@13702
   264
   "DPow_r(f,r,A) == measure(DPow(A), DPow_least(f,r,A))"
paulson@13692
   265
paulson@13692
   266
paulson@13692
   267
lemma (in Nat_Times_Nat) well_ord_env_form_r:
paulson@13692
   268
    "well_ord(A,r)
paulson@13692
   269
     ==> well_ord(list(A) * formula, env_form_r(fn,r,A))"
paulson@13692
   270
by (simp add: env_form_r_def well_ord_rmult well_ord_rlist well_ord_formula)
paulson@13692
   271
paulson@13692
   272
lemma (in Nat_Times_Nat) Ord_env_form_map:
paulson@13692
   273
    "[|well_ord(A,r); z \<in> list(A) * formula|]
paulson@13692
   274
     ==> Ord(env_form_map(fn,r,A,z))"
paulson@13692
   275
by (simp add: env_form_map_def Ord_ordermap well_ord_env_form_r)
paulson@13692
   276
paulson@13702
   277
lemma DPow_imp_ex_DPow_ord:
paulson@13702
   278
    "X \<in> DPow(A) ==> \<exists>k. DPow_ord(fn,r,A,X,k)"
paulson@13702
   279
apply (simp add: DPow_ord_def)
paulson@13692
   280
apply (blast dest!: DPowD)
paulson@13692
   281
done
paulson@13692
   282
paulson@13702
   283
lemma (in Nat_Times_Nat) DPow_ord_imp_Ord:
paulson@13702
   284
     "[|DPow_ord(fn,r,A,X,k); well_ord(A,r)|] ==> Ord(k)"
paulson@13702
   285
apply (simp add: DPow_ord_def, clarify)
paulson@13692
   286
apply (simp add: Ord_env_form_map)
paulson@13543
   287
done
paulson@13543
   288
paulson@13702
   289
lemma (in Nat_Times_Nat) DPow_imp_DPow_least:
paulson@13692
   290
    "[|X \<in> DPow(A); well_ord(A,r)|]
paulson@13702
   291
     ==> DPow_ord(fn, r, A, X, DPow_least(fn,r,A,X))"
paulson@13702
   292
apply (simp add: DPow_least_def)
paulson@13702
   293
apply (blast dest: DPow_imp_ex_DPow_ord intro: DPow_ord_imp_Ord LeastI)
paulson@13692
   294
done
paulson@13692
   295
paulson@13692
   296
lemma (in Nat_Times_Nat) env_form_map_inject:
paulson@13692
   297
    "[|env_form_map(fn,r,A,u) = env_form_map(fn,r,A,v); well_ord(A,r);
paulson@13692
   298
       u \<in> list(A) * formula;  v \<in> list(A) * formula|]
paulson@13692
   299
     ==> u=v"
paulson@13692
   300
apply (simp add: env_form_map_def)
paulson@13692
   301
apply (rule inj_apply_equality [OF bij_is_inj, OF ordermap_bij,
paulson@13692
   302
                                OF well_ord_env_form_r], assumption+)
paulson@13692
   303
done
paulson@13692
   304
paulson@13702
   305
lemma (in Nat_Times_Nat) DPow_ord_unique:
paulson@13702
   306
    "[|DPow_ord(fn,r,A,X,k); DPow_ord(fn,r,A,Y,k); well_ord(A,r)|]
paulson@13692
   307
     ==> X=Y"
paulson@13702
   308
apply (simp add: DPow_ord_def, clarify)
paulson@13692
   309
apply (drule env_form_map_inject, auto)
paulson@13692
   310
done
paulson@13692
   311
paulson@13702
   312
lemma (in Nat_Times_Nat) well_ord_DPow_r:
paulson@13702
   313
    "well_ord(A,r) ==> well_ord(DPow(A), DPow_r(fn,r,A))"
paulson@13702
   314
apply (simp add: DPow_r_def)
paulson@13692
   315
apply (rule well_ord_measure)
paulson@13702
   316
 apply (simp add: DPow_least_def Ord_Least)
paulson@13702
   317
apply (drule DPow_imp_DPow_least, assumption)+
paulson@13692
   318
apply simp
paulson@13702
   319
apply (blast intro: DPow_ord_unique)
paulson@13692
   320
done
paulson@13692
   321
paulson@13692
   322
lemma (in Nat_Times_Nat) DPow_r_type:
paulson@13702
   323
    "DPow_r(fn,r,A) \<subseteq> DPow(A) * DPow(A)"
paulson@13702
   324
by (simp add: DPow_r_def measure_def, blast)
paulson@13692
   325
paulson@13543
   326
wenzelm@60770
   327
subsection\<open>Limit Construction for Well-Orderings\<close>
paulson@13543
   328
wenzelm@60770
   329
text\<open>Now we work towards the transfinite definition of wellorderings for
paulson@13543
   330
@{term "Lset(i)"}.  We assume as an inductive hypothesis that there is a family
wenzelm@60770
   331
of wellorderings for smaller ordinals.\<close>
paulson@13543
   332
wenzelm@21233
   333
definition
wenzelm@21404
   334
  rlimit :: "[i,i=>i]=>i" where
wenzelm@61798
   335
  \<comment>\<open>Expresses the wellordering at limit ordinals.  The conditional
wenzelm@60770
   336
      lets us remove the premise @{term "Limit(i)"} from some theorems.\<close>
paulson@13692
   337
    "rlimit(i,r) ==
paulson@13702
   338
       if Limit(i) then 
wenzelm@32960
   339
         {z: Lset(i) * Lset(i).
wenzelm@32960
   340
          \<exists>x' x. z = <x',x> &
wenzelm@32960
   341
                 (lrank(x') < lrank(x) |
wenzelm@32960
   342
                  (lrank(x') = lrank(x) & <x',x> \<in> r(succ(lrank(x)))))}
paulson@13702
   343
       else 0"
paulson@13692
   344
wenzelm@21404
   345
definition
wenzelm@21404
   346
  Lset_new :: "i=>i" where
wenzelm@61798
   347
  \<comment>\<open>This constant denotes the set of elements introduced at level
wenzelm@60770
   348
      @{term "succ(i)"}\<close>
paulson@13543
   349
    "Lset_new(i) == {x \<in> Lset(succ(i)). lrank(x) = i}"
paulson@13543
   350
paulson@13543
   351
lemma Limit_Lset_eq2:
paulson@13543
   352
    "Limit(i) ==> Lset(i) = (\<Union>j\<in>i. Lset_new(j))"
paulson@13692
   353
apply (simp add: Limit_Lset_eq)
paulson@13543
   354
apply (rule equalityI)
paulson@13543
   355
 apply safe
paulson@13543
   356
 apply (subgoal_tac "Ord(y)")
paulson@13543
   357
  prefer 2 apply (blast intro: Ord_in_Ord Limit_is_Ord)
paulson@13692
   358
 apply (simp_all add: Limit_is_Ord Lset_iff_lrank_lt Lset_new_def
paulson@13692
   359
                      Ord_mem_iff_lt)
paulson@13692
   360
 apply (blast intro: lt_trans)
paulson@13543
   361
apply (rule_tac x = "succ(lrank(x))" in bexI)
paulson@13692
   362
 apply (simp add: Lset_succ_lrank_iff)
paulson@13692
   363
apply (blast intro: Limit_has_succ ltD)
paulson@13543
   364
done
paulson@13543
   365
paulson@13543
   366
lemma wf_on_Lset:
paulson@13543
   367
    "wf[Lset(succ(j))](r(succ(j))) ==> wf[Lset_new(j)](rlimit(i,r))"
paulson@13692
   368
apply (simp add: wf_on_def Lset_new_def)
paulson@13692
   369
apply (erule wf_subset)
paulson@13702
   370
apply (simp add: rlimit_def, force)
paulson@13543
   371
done
paulson@13543
   372
paulson@13543
   373
lemma wf_on_rlimit:
paulson@13702
   374
    "(\<forall>j<i. wf[Lset(j)](r(j))) ==> wf[Lset(i)](rlimit(i,r))"
paulson@13702
   375
apply (case_tac "Limit(i)") 
paulson@13702
   376
 prefer 2
paulson@13702
   377
 apply (simp add: rlimit_def wf_on_any_0)
paulson@13543
   378
apply (simp add: Limit_Lset_eq2)
paulson@13543
   379
apply (rule wf_on_Union)
paulson@13692
   380
  apply (rule wf_imp_wf_on [OF wf_Memrel [of i]])
paulson@13692
   381
 apply (blast intro: wf_on_Lset Limit_has_succ Limit_is_Ord ltI)
paulson@13543
   382
apply (force simp add: rlimit_def Limit_is_Ord Lset_iff_lrank_lt Lset_new_def
paulson@13543
   383
                       Ord_mem_iff_lt)
paulson@13543
   384
done
paulson@13543
   385
paulson@13543
   386
lemma linear_rlimit:
paulson@13543
   387
    "[|Limit(i); \<forall>j<i. linear(Lset(j), r(j)) |]
paulson@13543
   388
     ==> linear(Lset(i), rlimit(i,r))"
paulson@13692
   389
apply (frule Limit_is_Ord)
paulson@13692
   390
apply (simp add: Limit_Lset_eq2 Lset_new_def)
paulson@13692
   391
apply (simp add: linear_def rlimit_def Ball_def lt_Ord Lset_iff_lrank_lt)
paulson@13692
   392
apply (simp add: ltI, clarify)
paulson@13692
   393
apply (rename_tac u v)
paulson@13692
   394
apply (rule_tac i="lrank(u)" and j="lrank(v)" in Ord_linear_lt, simp_all) 
paulson@46823
   395
apply (drule_tac x="succ(lrank(u) \<union> lrank(v))" in ospec)
paulson@13692
   396
 apply (simp add: ltI)
paulson@13692
   397
apply (drule_tac x=u in spec, simp)
paulson@13692
   398
apply (drule_tac x=v in spec, simp)
paulson@13543
   399
done
paulson@13543
   400
paulson@13543
   401
lemma well_ord_rlimit:
paulson@13543
   402
    "[|Limit(i); \<forall>j<i. well_ord(Lset(j), r(j)) |]
paulson@13543
   403
     ==> well_ord(Lset(i), rlimit(i,r))"
paulson@13692
   404
by (blast intro: well_ordI wf_on_rlimit well_ord_is_wf
paulson@13692
   405
                           linear_rlimit well_ord_is_linear)
paulson@13543
   406
paulson@13702
   407
lemma rlimit_cong:
paulson@13702
   408
     "(!!j. j<i ==> r'(j) = r(j)) ==> rlimit(i,r) = rlimit(i,r')"
paulson@13702
   409
apply (simp add: rlimit_def, clarify) 
paulson@13702
   410
apply (rule refl iff_refl Collect_cong ex_cong conj_cong)+
paulson@13702
   411
apply (simp add: Limit_is_Ord Lset_lrank_lt)
paulson@13702
   412
done
paulson@13702
   413
paulson@13543
   414
wenzelm@60770
   415
subsection\<open>Transfinite Definition of the Wellordering on @{term "L"}\<close>
paulson@13543
   416
wenzelm@21233
   417
definition
wenzelm@21404
   418
  L_r :: "[i, i] => i" where
paulson@13702
   419
  "L_r(f) == %i.
paulson@13702
   420
      transrec3(i, 0, \<lambda>x r. DPow_r(f, r, Lset(x)), 
paulson@13702
   421
                \<lambda>x r. rlimit(x, \<lambda>y. r`y))"
paulson@13543
   422
wenzelm@60770
   423
subsubsection\<open>The Corresponding Recursion Equations\<close>
paulson@13543
   424
lemma [simp]: "L_r(f,0) = 0"
paulson@13702
   425
by (simp add: L_r_def)
paulson@13543
   426
paulson@13702
   427
lemma [simp]: "L_r(f, succ(i)) = DPow_r(f, L_r(f,i), Lset(i))"
paulson@13702
   428
by (simp add: L_r_def)
paulson@13543
   429
wenzelm@60770
   430
text\<open>The limit case is non-trivial because of the distinction between
wenzelm@60770
   431
object-level and meta-level abstraction.\<close>
paulson@13543
   432
lemma [simp]: "Limit(i) ==> L_r(f,i) = rlimit(i, L_r(f))"
paulson@13702
   433
by (simp cong: rlimit_cong add: transrec3_Limit L_r_def ltD)
paulson@13543
   434
paulson@13543
   435
lemma (in Nat_Times_Nat) L_r_type:
paulson@13543
   436
    "Ord(i) ==> L_r(fn,i) \<subseteq> Lset(i) * Lset(i)"
paulson@46927
   437
apply (induct i rule: trans_induct3)
paulson@13692
   438
  apply (simp_all add: Lset_succ DPow_r_type well_ord_DPow_r rlimit_def
paulson@13692
   439
                       Transset_subset_DPow [OF Transset_Lset], blast)
paulson@13543
   440
done
paulson@13543
   441
paulson@13543
   442
lemma (in Nat_Times_Nat) well_ord_L_r:
paulson@13543
   443
    "Ord(i) ==> well_ord(Lset(i), L_r(fn,i))"
paulson@46927
   444
apply (induct i rule: trans_induct3)
paulson@13692
   445
apply (simp_all add: well_ord0 Lset_succ L_r_type well_ord_DPow_r
paulson@13692
   446
                     well_ord_rlimit ltD)
paulson@13543
   447
done
paulson@13543
   448
paulson@13543
   449
lemma well_ord_L_r:
paulson@13543
   450
    "Ord(i) ==> \<exists>r. well_ord(Lset(i), r)"
paulson@13543
   451
apply (insert nat_times_nat_lepoll_nat)
paulson@13543
   452
apply (unfold lepoll_def)
paulson@13692
   453
apply (blast intro: Nat_Times_Nat.well_ord_L_r Nat_Times_Nat.intro)
paulson@13543
   454
done
paulson@13543
   455
paulson@13543
   456
wenzelm@60770
   457
text\<open>Every constructible set is well-ordered! Therefore the Wellordering Theorem and
wenzelm@60770
   458
      the Axiom of Choice hold in @{term L}!!\<close>
paulson@47072
   459
theorem L_implies_AC: assumes x: "L(x)" shows "\<exists>r. well_ord(x,r)"
paulson@47072
   460
  using Transset_Lset x
paulson@13543
   461
apply (simp add: Transset_def L_def)
paulson@13692
   462
apply (blast dest!: well_ord_L_r intro: well_ord_subset)
paulson@13543
   463
done
paulson@13543
   464
paulson@47084
   465
interpretation L?: M_basic L by (rule M_basic_L)
paulson@47084
   466
paulson@47084
   467
theorem "\<forall>x[L]. \<exists>r. wellordered(L,x,r)"
paulson@47084
   468
proof 
paulson@47084
   469
  fix x
paulson@47084
   470
  assume "L(x)"
paulson@47084
   471
  then obtain r where "well_ord(x,r)" 
paulson@47084
   472
    by (blast dest: L_implies_AC) 
paulson@47084
   473
  thus "\<exists>r. wellordered(L,x,r)" 
paulson@47084
   474
    by (blast intro: well_ord_imp_relativized)
paulson@47084
   475
qed
paulson@47084
   476
wenzelm@60770
   477
text\<open>In order to prove @{term" \<exists>r[L]. wellordered(L,x,r)"}, it's necessary to know 
paulson@47085
   478
that @{term r} is actually constructible. It follows from the assumption ``@{term V} equals @{term L''}, 
wenzelm@60770
   479
but this reasoning doesn't appear to work in Isabelle.\<close>
paulson@47072
   480
paulson@13543
   481
end