src/HOL/Library/Zorn.thy
author nipkow
Sun Mar 02 15:02:06 2008 +0100 (2008-03-02)
changeset 26191 ae537f315b34
parent 25691 8f8d83af100a
child 26272 d63776c3be97
permissions -rw-r--r--
Generalized Zorn and added well-ordering theorem
wenzelm@14706
     1
(*  Title       : HOL/Library/Zorn.thy
paulson@13652
     2
    ID          : $Id$
nipkow@26191
     3
    Author      : Jacques D. Fleuriot, Tobias Nipkow
nipkow@26191
     4
    Description : Zorn's Lemma (ported from Larry Paulson's Zorn.thy in ZF)
nipkow@26191
     5
                  The well-ordering theorem
wenzelm@14706
     6
*)
paulson@13551
     7
wenzelm@14706
     8
header {* Zorn's Lemma *}
paulson@13551
     9
nipkow@15131
    10
theory Zorn
haftmann@25691
    11
imports ATP_Linkup Hilbert_Choice
nipkow@15131
    12
begin
paulson@13551
    13
wenzelm@14706
    14
text{*
wenzelm@14706
    15
  The lemma and section numbers refer to an unpublished article
wenzelm@14706
    16
  \cite{Abrial-Laffitte}.
wenzelm@14706
    17
*}
paulson@13551
    18
wenzelm@19736
    19
definition
wenzelm@21404
    20
  chain     ::  "'a set set => 'a set set set" where
wenzelm@19736
    21
  "chain S  = {F. F \<subseteq> S & (\<forall>x \<in> F. \<forall>y \<in> F. x \<subseteq> y | y \<subseteq> x)}"
paulson@13551
    22
wenzelm@21404
    23
definition
wenzelm@21404
    24
  super     ::  "['a set set,'a set set] => 'a set set set" where
wenzelm@19736
    25
  "super S c = {d. d \<in> chain S & c \<subset> d}"
paulson@13551
    26
wenzelm@21404
    27
definition
wenzelm@21404
    28
  maxchain  ::  "'a set set => 'a set set set" where
wenzelm@19736
    29
  "maxchain S = {c. c \<in> chain S & super S c = {}}"
paulson@13551
    30
wenzelm@21404
    31
definition
wenzelm@21404
    32
  succ      ::  "['a set set,'a set set] => 'a set set" where
wenzelm@19736
    33
  "succ S c =
wenzelm@19736
    34
    (if c \<notin> chain S | c \<in> maxchain S
wenzelm@19736
    35
    then c else SOME c'. c' \<in> super S c)"
paulson@13551
    36
berghofe@23755
    37
inductive_set
wenzelm@14706
    38
  TFin :: "'a set set => 'a set set set"
berghofe@23755
    39
  for S :: "'a set set"
berghofe@23755
    40
  where
paulson@13551
    41
    succI:        "x \<in> TFin S ==> succ S x \<in> TFin S"
berghofe@23755
    42
  | Pow_UnionI:   "Y \<in> Pow(TFin S) ==> Union(Y) \<in> TFin S"
paulson@13551
    43
  monos          Pow_mono
paulson@13551
    44
paulson@13551
    45
paulson@13551
    46
subsection{*Mathematical Preamble*}
paulson@13551
    47
wenzelm@17200
    48
lemma Union_lemma0:
paulson@18143
    49
    "(\<forall>x \<in> C. x \<subseteq> A | B \<subseteq> x) ==> Union(C) \<subseteq> A | B \<subseteq> Union(C)"
wenzelm@17200
    50
  by blast
paulson@13551
    51
paulson@13551
    52
paulson@13551
    53
text{*This is theorem @{text increasingD2} of ZF/Zorn.thy*}
wenzelm@17200
    54
paulson@13551
    55
lemma Abrial_axiom1: "x \<subseteq> succ S x"
wenzelm@17200
    56
  apply (unfold succ_def)
wenzelm@17200
    57
  apply (rule split_if [THEN iffD2])
wenzelm@17200
    58
  apply (auto simp add: super_def maxchain_def psubset_def)
wenzelm@18585
    59
  apply (rule contrapos_np, assumption)
wenzelm@17200
    60
  apply (rule someI2, blast+)
wenzelm@17200
    61
  done
paulson@13551
    62
paulson@13551
    63
lemmas TFin_UnionI = TFin.Pow_UnionI [OF PowI]
paulson@13551
    64
wenzelm@14706
    65
lemma TFin_induct:
wenzelm@14706
    66
          "[| n \<in> TFin S;
wenzelm@14706
    67
             !!x. [| x \<in> TFin S; P(x) |] ==> P(succ S x);
wenzelm@14706
    68
             !!Y. [| Y \<subseteq> TFin S; Ball Y P |] ==> P(Union Y) |]
paulson@13551
    69
          ==> P(n)"
wenzelm@19736
    70
  apply (induct set: TFin)
wenzelm@17200
    71
   apply blast+
wenzelm@17200
    72
  done
paulson@13551
    73
paulson@13551
    74
lemma succ_trans: "x \<subseteq> y ==> x \<subseteq> succ S y"
wenzelm@17200
    75
  apply (erule subset_trans)
wenzelm@17200
    76
  apply (rule Abrial_axiom1)
wenzelm@17200
    77
  done
paulson@13551
    78
paulson@13551
    79
text{*Lemma 1 of section 3.1*}
paulson@13551
    80
lemma TFin_linear_lemma1:
wenzelm@14706
    81
     "[| n \<in> TFin S;  m \<in> TFin S;
wenzelm@14706
    82
         \<forall>x \<in> TFin S. x \<subseteq> m --> x = m | succ S x \<subseteq> m
paulson@13551
    83
      |] ==> n \<subseteq> m | succ S m \<subseteq> n"
wenzelm@17200
    84
  apply (erule TFin_induct)
wenzelm@17200
    85
   apply (erule_tac [2] Union_lemma0)
wenzelm@17200
    86
  apply (blast del: subsetI intro: succ_trans)
wenzelm@17200
    87
  done
paulson@13551
    88
paulson@13551
    89
text{* Lemma 2 of section 3.2 *}
paulson@13551
    90
lemma TFin_linear_lemma2:
paulson@13551
    91
     "m \<in> TFin S ==> \<forall>n \<in> TFin S. n \<subseteq> m --> n=m | succ S n \<subseteq> m"
wenzelm@17200
    92
  apply (erule TFin_induct)
wenzelm@17200
    93
   apply (rule impI [THEN ballI])
wenzelm@17200
    94
   txt{*case split using @{text TFin_linear_lemma1}*}
wenzelm@17200
    95
   apply (rule_tac n1 = n and m1 = x in TFin_linear_lemma1 [THEN disjE],
wenzelm@17200
    96
     assumption+)
wenzelm@17200
    97
    apply (drule_tac x = n in bspec, assumption)
wenzelm@17200
    98
    apply (blast del: subsetI intro: succ_trans, blast)
wenzelm@17200
    99
  txt{*second induction step*}
wenzelm@17200
   100
  apply (rule impI [THEN ballI])
wenzelm@17200
   101
  apply (rule Union_lemma0 [THEN disjE])
wenzelm@17200
   102
    apply (rule_tac [3] disjI2)
wenzelm@17200
   103
    prefer 2 apply blast
wenzelm@17200
   104
   apply (rule ballI)
wenzelm@17200
   105
   apply (rule_tac n1 = n and m1 = x in TFin_linear_lemma1 [THEN disjE],
wenzelm@17200
   106
     assumption+, auto)
wenzelm@17200
   107
  apply (blast intro!: Abrial_axiom1 [THEN subsetD])
wenzelm@17200
   108
  done
paulson@13551
   109
paulson@13551
   110
text{*Re-ordering the premises of Lemma 2*}
paulson@13551
   111
lemma TFin_subsetD:
paulson@13551
   112
     "[| n \<subseteq> m;  m \<in> TFin S;  n \<in> TFin S |] ==> n=m | succ S n \<subseteq> m"
wenzelm@17200
   113
  by (rule TFin_linear_lemma2 [rule_format])
paulson@13551
   114
paulson@13551
   115
text{*Consequences from section 3.3 -- Property 3.2, the ordering is total*}
paulson@13551
   116
lemma TFin_subset_linear: "[| m \<in> TFin S;  n \<in> TFin S|] ==> n \<subseteq> m | m \<subseteq> n"
wenzelm@17200
   117
  apply (rule disjE)
wenzelm@17200
   118
    apply (rule TFin_linear_lemma1 [OF _ _TFin_linear_lemma2])
wenzelm@17200
   119
      apply (assumption+, erule disjI2)
wenzelm@17200
   120
  apply (blast del: subsetI
wenzelm@17200
   121
    intro: subsetI Abrial_axiom1 [THEN subset_trans])
wenzelm@17200
   122
  done
paulson@13551
   123
paulson@13551
   124
text{*Lemma 3 of section 3.3*}
paulson@13551
   125
lemma eq_succ_upper: "[| n \<in> TFin S;  m \<in> TFin S;  m = succ S m |] ==> n \<subseteq> m"
wenzelm@17200
   126
  apply (erule TFin_induct)
wenzelm@17200
   127
   apply (drule TFin_subsetD)
wenzelm@17200
   128
     apply (assumption+, force, blast)
wenzelm@17200
   129
  done
paulson@13551
   130
paulson@13551
   131
text{*Property 3.3 of section 3.3*}
paulson@13551
   132
lemma equal_succ_Union: "m \<in> TFin S ==> (m = succ S m) = (m = Union(TFin S))"
wenzelm@17200
   133
  apply (rule iffI)
wenzelm@17200
   134
   apply (rule Union_upper [THEN equalityI])
paulson@18143
   135
    apply assumption
paulson@18143
   136
   apply (rule eq_succ_upper [THEN Union_least], assumption+)
wenzelm@17200
   137
  apply (erule ssubst)
wenzelm@17200
   138
  apply (rule Abrial_axiom1 [THEN equalityI])
wenzelm@17200
   139
  apply (blast del: subsetI intro: subsetI TFin_UnionI TFin.succI)
wenzelm@17200
   140
  done
paulson@13551
   141
paulson@13551
   142
subsection{*Hausdorff's Theorem: Every Set Contains a Maximal Chain.*}
paulson@13551
   143
wenzelm@14706
   144
text{*NB: We assume the partial ordering is @{text "\<subseteq>"},
paulson@13551
   145
 the subset relation!*}
paulson@13551
   146
paulson@13551
   147
lemma empty_set_mem_chain: "({} :: 'a set set) \<in> chain S"
wenzelm@17200
   148
  by (unfold chain_def) auto
paulson@13551
   149
paulson@13551
   150
lemma super_subset_chain: "super S c \<subseteq> chain S"
wenzelm@17200
   151
  by (unfold super_def) blast
paulson@13551
   152
paulson@13551
   153
lemma maxchain_subset_chain: "maxchain S \<subseteq> chain S"
wenzelm@17200
   154
  by (unfold maxchain_def) blast
paulson@13551
   155
nipkow@26191
   156
lemma mem_super_Ex: "c \<in> chain S - maxchain S ==> EX d. d \<in> super S c"
wenzelm@17200
   157
  by (unfold super_def maxchain_def) auto
paulson@13551
   158
paulson@18143
   159
lemma select_super:
paulson@18143
   160
     "c \<in> chain S - maxchain S ==> (\<some>c'. c': super S c): super S c"
wenzelm@17200
   161
  apply (erule mem_super_Ex [THEN exE])
wenzelm@17200
   162
  apply (rule someI2, auto)
wenzelm@17200
   163
  done
paulson@13551
   164
paulson@18143
   165
lemma select_not_equals:
paulson@18143
   166
     "c \<in> chain S - maxchain S ==> (\<some>c'. c': super S c) \<noteq> c"
wenzelm@17200
   167
  apply (rule notI)
wenzelm@17200
   168
  apply (drule select_super)
wenzelm@17200
   169
  apply (simp add: super_def psubset_def)
wenzelm@17200
   170
  done
paulson@13551
   171
wenzelm@17200
   172
lemma succI3: "c \<in> chain S - maxchain S ==> succ S c = (\<some>c'. c': super S c)"
wenzelm@17200
   173
  by (unfold succ_def) (blast intro!: if_not_P)
paulson@13551
   174
paulson@13551
   175
lemma succ_not_equals: "c \<in> chain S - maxchain S ==> succ S c \<noteq> c"
wenzelm@17200
   176
  apply (frule succI3)
wenzelm@17200
   177
  apply (simp (no_asm_simp))
wenzelm@17200
   178
  apply (rule select_not_equals, assumption)
wenzelm@17200
   179
  done
paulson@13551
   180
paulson@13551
   181
lemma TFin_chain_lemma4: "c \<in> TFin S ==> (c :: 'a set set): chain S"
wenzelm@17200
   182
  apply (erule TFin_induct)
wenzelm@17200
   183
   apply (simp add: succ_def select_super [THEN super_subset_chain[THEN subsetD]])
wenzelm@17200
   184
  apply (unfold chain_def)
wenzelm@17200
   185
  apply (rule CollectI, safe)
wenzelm@17200
   186
   apply (drule bspec, assumption)
wenzelm@17200
   187
   apply (rule_tac [2] m1 = Xa and n1 = X in TFin_subset_linear [THEN disjE],
wenzelm@17200
   188
     blast+)
wenzelm@17200
   189
  done
wenzelm@14706
   190
paulson@13551
   191
theorem Hausdorff: "\<exists>c. (c :: 'a set set): maxchain S"
paulson@18143
   192
  apply (rule_tac x = "Union (TFin S)" in exI)
wenzelm@17200
   193
  apply (rule classical)
wenzelm@17200
   194
  apply (subgoal_tac "succ S (Union (TFin S)) = Union (TFin S) ")
wenzelm@17200
   195
   prefer 2
wenzelm@17200
   196
   apply (blast intro!: TFin_UnionI equal_succ_Union [THEN iffD2, symmetric])
wenzelm@17200
   197
  apply (cut_tac subset_refl [THEN TFin_UnionI, THEN TFin_chain_lemma4])
wenzelm@17200
   198
  apply (drule DiffI [THEN succ_not_equals], blast+)
wenzelm@17200
   199
  done
paulson@13551
   200
paulson@13551
   201
wenzelm@14706
   202
subsection{*Zorn's Lemma: If All Chains Have Upper Bounds Then
paulson@13551
   203
                               There Is  a Maximal Element*}
paulson@13551
   204
wenzelm@14706
   205
lemma chain_extend:
wenzelm@14706
   206
    "[| c \<in> chain S; z \<in> S;
paulson@18143
   207
        \<forall>x \<in> c. x \<subseteq> (z:: 'a set) |] ==> {z} Un c \<in> chain S"
wenzelm@17200
   208
  by (unfold chain_def) blast
paulson@13551
   209
paulson@13551
   210
lemma chain_Union_upper: "[| c \<in> chain S; x \<in> c |] ==> x \<subseteq> Union(c)"
wenzelm@17200
   211
  by (unfold chain_def) auto
paulson@13551
   212
paulson@13551
   213
lemma chain_ball_Union_upper: "c \<in> chain S ==> \<forall>x \<in> c. x \<subseteq> Union(c)"
wenzelm@17200
   214
  by (unfold chain_def) auto
paulson@13551
   215
paulson@13551
   216
lemma maxchain_Zorn:
paulson@13551
   217
     "[| c \<in> maxchain S; u \<in> S; Union(c) \<subseteq> u |] ==> Union(c) = u"
wenzelm@17200
   218
  apply (rule ccontr)
wenzelm@17200
   219
  apply (simp add: maxchain_def)
wenzelm@17200
   220
  apply (erule conjE)
paulson@18143
   221
  apply (subgoal_tac "({u} Un c) \<in> super S c")
wenzelm@17200
   222
   apply simp
wenzelm@17200
   223
  apply (unfold super_def psubset_def)
wenzelm@17200
   224
  apply (blast intro: chain_extend dest: chain_Union_upper)
wenzelm@17200
   225
  done
paulson@13551
   226
paulson@13551
   227
theorem Zorn_Lemma:
wenzelm@17200
   228
    "\<forall>c \<in> chain S. Union(c): S ==> \<exists>y \<in> S. \<forall>z \<in> S. y \<subseteq> z --> y = z"
wenzelm@17200
   229
  apply (cut_tac Hausdorff maxchain_subset_chain)
wenzelm@17200
   230
  apply (erule exE)
wenzelm@17200
   231
  apply (drule subsetD, assumption)
wenzelm@17200
   232
  apply (drule bspec, assumption)
paulson@18143
   233
  apply (rule_tac x = "Union(c)" in bexI)
wenzelm@17200
   234
   apply (rule ballI, rule impI)
wenzelm@17200
   235
   apply (blast dest!: maxchain_Zorn, assumption)
wenzelm@17200
   236
  done
paulson@13551
   237
paulson@13551
   238
subsection{*Alternative version of Zorn's Lemma*}
paulson@13551
   239
paulson@13551
   240
lemma Zorn_Lemma2:
wenzelm@17200
   241
  "\<forall>c \<in> chain S. \<exists>y \<in> S. \<forall>x \<in> c. x \<subseteq> y
wenzelm@17200
   242
    ==> \<exists>y \<in> S. \<forall>x \<in> S. (y :: 'a set) \<subseteq> x --> y = x"
wenzelm@17200
   243
  apply (cut_tac Hausdorff maxchain_subset_chain)
wenzelm@17200
   244
  apply (erule exE)
wenzelm@17200
   245
  apply (drule subsetD, assumption)
wenzelm@17200
   246
  apply (drule bspec, assumption, erule bexE)
wenzelm@17200
   247
  apply (rule_tac x = y in bexI)
wenzelm@17200
   248
   prefer 2 apply assumption
wenzelm@17200
   249
  apply clarify
wenzelm@17200
   250
  apply (rule ccontr)
wenzelm@17200
   251
  apply (frule_tac z = x in chain_extend)
wenzelm@17200
   252
    apply (assumption, blast)
wenzelm@17200
   253
  apply (unfold maxchain_def super_def psubset_def)
wenzelm@17200
   254
  apply (blast elim!: equalityCE)
wenzelm@17200
   255
  done
paulson@13551
   256
paulson@13551
   257
text{*Various other lemmas*}
paulson@13551
   258
paulson@13551
   259
lemma chainD: "[| c \<in> chain S; x \<in> c; y \<in> c |] ==> x \<subseteq> y | y \<subseteq> x"
wenzelm@17200
   260
  by (unfold chain_def) blast
paulson@13551
   261
paulson@13551
   262
lemma chainD2: "!!(c :: 'a set set). c \<in> chain S ==> c \<subseteq> S"
wenzelm@17200
   263
  by (unfold chain_def) blast
paulson@13551
   264
nipkow@26191
   265
nipkow@26191
   266
(* FIXME into Relation.thy *)
nipkow@26191
   267
nipkow@26191
   268
lemma mono_Field: "r \<subseteq> s \<Longrightarrow> Field r \<subseteq> Field s"
nipkow@26191
   269
by(auto simp:Field_def Domain_def Range_def)
nipkow@26191
   270
nipkow@26191
   271
lemma Field_empty[simp]: "Field {} = {}"
nipkow@26191
   272
by(auto simp:Field_def)
nipkow@26191
   273
nipkow@26191
   274
lemma Field_insert[simp]: "Field (insert (a,b) r) = {a,b} \<union> Field r"
nipkow@26191
   275
by(auto simp:Field_def)
nipkow@26191
   276
nipkow@26191
   277
lemma Field_Un[simp]: "Field (r \<union> s) = Field r \<union> Field s"
nipkow@26191
   278
by(auto simp:Field_def)
nipkow@26191
   279
nipkow@26191
   280
lemma Field_Union[simp]: "Field (\<Union>R) = \<Union>(Field ` R)"
nipkow@26191
   281
by(auto simp:Field_def)
nipkow@26191
   282
nipkow@26191
   283
lemma Domain_converse[simp]: "Domain(r^-1) = Range r"
nipkow@26191
   284
by blast
nipkow@26191
   285
nipkow@26191
   286
lemma Range_converse[simp]: "Range(r^-1) = Domain r"
nipkow@26191
   287
by blast
nipkow@26191
   288
nipkow@26191
   289
lemma Field_converse[simp]: "Field(r^-1) = Field r"
nipkow@26191
   290
by(auto simp:Field_def)
nipkow@26191
   291
nipkow@26191
   292
lemma reflexive_reflcl[simp]: "reflexive(r^=)"
nipkow@26191
   293
by(simp add:refl_def)
nipkow@26191
   294
nipkow@26191
   295
lemma antisym_reflcl[simp]: "antisym(r^=) = antisym r"
nipkow@26191
   296
by(simp add:antisym_def)
nipkow@26191
   297
nipkow@26191
   298
lemma trans_reflclI[simp]: "trans r \<Longrightarrow> trans(r^=)"
nipkow@26191
   299
unfolding trans_def by blast
nipkow@26191
   300
nipkow@26191
   301
(*********************************************************)
nipkow@26191
   302
nipkow@26191
   303
(* Define globally? In Set.thy?
nipkow@26191
   304
   Use in def of chain at the beginning *)
nipkow@26191
   305
definition "subset_chain C \<equiv> \<forall>A\<in>C.\<forall>B\<in>C. A \<subseteq> B \<or> B \<subseteq> A"
nipkow@26191
   306
nipkow@26191
   307
(* Define globally? In Relation.thy? *)
nipkow@26191
   308
definition Chain :: "('a*'a)set \<Rightarrow> 'a set set" where
nipkow@26191
   309
"Chain r \<equiv> {A. \<forall>a\<in>A.\<forall>b\<in>A. (a,b) : r \<or> (b,a) \<in> r}"
nipkow@26191
   310
nipkow@26191
   311
lemma mono_Chain: "r \<subseteq> s \<Longrightarrow> Chain r \<subseteq> Chain s"
nipkow@26191
   312
unfolding Chain_def by blast
nipkow@26191
   313
nipkow@26191
   314
(* Are the following definitions the "right" ones?
nipkow@26191
   315
nipkow@26191
   316
Key point: should the set appear as an explicit argument,
nipkow@26191
   317
(as currently in "refl A r") or should it remain implicitly the Field
nipkow@26191
   318
(as in Refl below)? I use refl/Refl merely to illusrate the point.
nipkow@26191
   319
nipkow@26191
   320
The notation "refl A r" is closer to the usual (A,<=) in the literature
nipkow@26191
   321
whereas "Refl r" is shorter and avoids naming the set.
nipkow@26191
   322
Note that "refl A r \<Longrightarrow> A = Field r & Refl r" and "Refl r \<Longrightarrow> refl (Field r) r"
nipkow@26191
   323
This makes the A look redundant.
nipkow@26191
   324
nipkow@26191
   325
A slight advantage of having the A around is that one can write "a:A"
nipkow@26191
   326
rather than "a:Field r". A disavantage is the multiple occurrences of
nipkow@26191
   327
"refl (Field r) r" (etc) in the proof of the well-ordering thm.
nipkow@26191
   328
nipkow@26191
   329
I propose to move the definitions into Main, either as they are or
nipkow@26191
   330
with an additional A argument.
nipkow@26191
   331
nipkow@26191
   332
Naming: The capital letters were chosen to distinguish them from
nipkow@26191
   333
versions on the whole type we have (eg reflexive) or may want to have
nipkow@26191
   334
(eg preorder). In case of an additional A argument one could append
nipkow@26191
   335
"_on" to distinguish the relativized versions.
nipkow@26191
   336
*)
nipkow@26191
   337
nipkow@26191
   338
definition "Refl r \<equiv> \<forall>x \<in> Field r. (x,x) \<in> r"
nipkow@26191
   339
definition "Preorder r \<equiv> Refl r \<and> trans r"
nipkow@26191
   340
definition "Partial_order r \<equiv> Preorder r \<and> antisym r"
nipkow@26191
   341
definition "Total r \<equiv> \<forall>x\<in>Field r.\<forall>y\<in>Field r. x\<noteq>y \<longrightarrow> (x,y)\<in>r \<or> (y,x)\<in>r"
nipkow@26191
   342
definition "Linear_order r \<equiv> Partial_order r \<and> Total r"
nipkow@26191
   343
definition "Well_order r \<equiv> Linear_order r \<and> wf(r - Id)"
nipkow@26191
   344
nipkow@26191
   345
lemmas Order_defs =
nipkow@26191
   346
  Preorder_def Partial_order_def Linear_order_def Well_order_def
nipkow@26191
   347
nipkow@26191
   348
lemma Refl_empty[simp]: "Refl {}"
nipkow@26191
   349
by(simp add:Refl_def)
nipkow@26191
   350
lemma Preorder_empty[simp]: "Preorder {}"
nipkow@26191
   351
by(simp add:Preorder_def trans_def)
nipkow@26191
   352
lemma Partial_order_empty[simp]: "Partial_order {}"
nipkow@26191
   353
by(simp add:Partial_order_def)
nipkow@26191
   354
lemma Total_empty[simp]: "Total {}"
nipkow@26191
   355
by(simp add:Total_def)
nipkow@26191
   356
lemma Linear_order_empty[simp]: "Linear_order {}"
nipkow@26191
   357
by(simp add:Linear_order_def)
nipkow@26191
   358
lemma Well_order_empty[simp]: "Well_order {}"
nipkow@26191
   359
by(simp add:Well_order_def)
nipkow@26191
   360
nipkow@26191
   361
lemma Refl_converse[simp]: "Refl(r^-1) = Refl r"
nipkow@26191
   362
by(simp add:Refl_def)
nipkow@26191
   363
nipkow@26191
   364
lemma Preorder_converse[simp]: "Preorder (r^-1) = Preorder r"
nipkow@26191
   365
by (simp add:Preorder_def)
nipkow@26191
   366
nipkow@26191
   367
lemma Partial_order_converse[simp]:
nipkow@26191
   368
  "Partial_order (r^-1) = Partial_order r"
nipkow@26191
   369
by (simp add: Partial_order_def)
nipkow@26191
   370
nipkow@26191
   371
lemma subset_Image_Image_iff:
nipkow@26191
   372
  "\<lbrakk> Preorder r; A \<subseteq> Field r; B \<subseteq> Field r\<rbrakk> \<Longrightarrow>
nipkow@26191
   373
   r `` A \<subseteq> r `` B \<longleftrightarrow> (\<forall>a\<in>A.\<exists>b\<in>B. (b,a):r)"
nipkow@26191
   374
apply(auto simp add:subset_def Preorder_def Refl_def Image_def)
nipkow@26191
   375
apply metis
nipkow@26191
   376
by(metis trans_def)
nipkow@26191
   377
nipkow@26191
   378
lemma subset_Image1_Image1_iff:
nipkow@26191
   379
  "\<lbrakk> Preorder r; a : Field r; b : Field r\<rbrakk> \<Longrightarrow> r `` {a} \<subseteq> r `` {b} \<longleftrightarrow> (b,a):r"
nipkow@26191
   380
by(simp add:subset_Image_Image_iff)
nipkow@26191
   381
nipkow@26191
   382
lemma Refl_antisym_eq_Image1_Image1_iff:
nipkow@26191
   383
  "\<lbrakk>Refl r; antisym r; a:Field r; b:Field r\<rbrakk> \<Longrightarrow> r `` {a} = r `` {b} \<longleftrightarrow> a=b"
nipkow@26191
   384
by(simp add:Preorder_def expand_set_eq Partial_order_def antisym_def Refl_def)
nipkow@26191
   385
  metis
nipkow@26191
   386
nipkow@26191
   387
lemma Partial_order_eq_Image1_Image1_iff:
nipkow@26191
   388
  "\<lbrakk>Partial_order r; a:Field r; b:Field r\<rbrakk> \<Longrightarrow> r `` {a} = r `` {b} \<longleftrightarrow> a=b"
nipkow@26191
   389
by(auto simp:Preorder_def Partial_order_def Refl_antisym_eq_Image1_Image1_iff)
nipkow@26191
   390
nipkow@26191
   391
text{* Zorn's lemma for partial orders: *}
nipkow@26191
   392
nipkow@26191
   393
lemma Zorns_po_lemma:
nipkow@26191
   394
assumes po: "Partial_order r" and u: "\<forall>C\<in>Chain r. \<exists>u\<in>Field r. \<forall>a\<in>C. (a,u):r"
nipkow@26191
   395
shows "\<exists>m\<in>Field r. \<forall>a\<in>Field r. (m,a):r \<longrightarrow> a=m"
nipkow@26191
   396
proof-
nipkow@26191
   397
  have "Preorder r" using po by(simp add:Partial_order_def)
nipkow@26191
   398
--{* Mirror r in the set of subsets below (wrt r) elements of A*}
nipkow@26191
   399
  let ?B = "%x. r^-1 `` {x}" let ?S = "?B ` Field r"
nipkow@26191
   400
  have "\<forall>C \<in> chain ?S. EX U:?S. ALL A:C. A\<subseteq>U"
nipkow@26191
   401
  proof (auto simp:chain_def)
nipkow@26191
   402
    fix C assume 1: "C \<subseteq> ?S" and 2: "\<forall>A\<in>C.\<forall>B\<in>C. A\<subseteq>B | B\<subseteq>A"
nipkow@26191
   403
    let ?A = "{x\<in>Field r. \<exists>M\<in>C. M = ?B x}"
nipkow@26191
   404
    have "C = ?B ` ?A" using 1 by(auto simp: image_def)
nipkow@26191
   405
    have "?A\<in>Chain r"
nipkow@26191
   406
    proof (simp add:Chain_def, intro allI impI, elim conjE)
nipkow@26191
   407
      fix a b
nipkow@26191
   408
      assume "a \<in> Field r" "?B a \<in> C" "b \<in> Field r" "?B b \<in> C"
nipkow@26191
   409
      hence "?B a \<subseteq> ?B b \<or> ?B b \<subseteq> ?B a" using 2 by auto
nipkow@26191
   410
      thus "(a, b) \<in> r \<or> (b, a) \<in> r" using `Preorder r` `a:Field r` `b:Field r`
nipkow@26191
   411
	by(simp add:subset_Image1_Image1_iff)
nipkow@26191
   412
    qed
nipkow@26191
   413
    then obtain u where uA: "u:Field r" "\<forall>a\<in>?A. (a,u) : r" using u by auto
nipkow@26191
   414
    have "\<forall>A\<in>C. A \<subseteq> r^-1 `` {u}" (is "?P u")
nipkow@26191
   415
    proof auto
nipkow@26191
   416
      fix a B assume aB: "B:C" "a:B"
nipkow@26191
   417
      with 1 obtain x where "x:Field r" "B = r^-1 `` {x}" by auto
nipkow@26191
   418
      thus "(a,u) : r" using uA aB `Preorder r`
nipkow@26191
   419
	by (auto simp add: Preorder_def Refl_def) (metis transD)
nipkow@26191
   420
    qed
nipkow@26191
   421
    thus "EX u:Field r. ?P u" using `u:Field r` by blast
nipkow@26191
   422
  qed
nipkow@26191
   423
  from Zorn_Lemma2[OF this]
nipkow@26191
   424
  obtain m B where "m:Field r" "B = r^-1 `` {m}"
nipkow@26191
   425
    "\<forall>x\<in>Field r. B \<subseteq> r^-1 `` {x} \<longrightarrow> B = r^-1 `` {x}"
nipkow@26191
   426
    by(auto simp:image_def) blast
nipkow@26191
   427
  hence "\<forall>a\<in>Field r. (m, a) \<in> r \<longrightarrow> a = m" using po `Preorder r` `m:Field r`
nipkow@26191
   428
    by(auto simp:subset_Image1_Image1_iff Partial_order_eq_Image1_Image1_iff)
nipkow@26191
   429
  thus ?thesis using `m:Field r` by blast
nipkow@26191
   430
qed
nipkow@26191
   431
nipkow@26191
   432
(* The initial segment of a relation appears generally useful.
nipkow@26191
   433
   Move to Relation.thy?
nipkow@26191
   434
   Definition correct/most general?
nipkow@26191
   435
   Naming?
nipkow@26191
   436
*)
nipkow@26191
   437
definition init_seg_of :: "(('a*'a)set * ('a*'a)set)set" where
nipkow@26191
   438
"init_seg_of == {(r,s). r \<subseteq> s \<and> (\<forall>a b c. (a,b):s \<and> (b,c):r \<longrightarrow> (a,b):r)}"
nipkow@26191
   439
nipkow@26191
   440
abbreviation initialSegmentOf :: "('a*'a)set \<Rightarrow> ('a*'a)set \<Rightarrow> bool"
nipkow@26191
   441
             (infix "initial'_segment'_of" 55) where
nipkow@26191
   442
"r initial_segment_of s == (r,s):init_seg_of"
nipkow@26191
   443
nipkow@26191
   444
lemma refl_init_seg_of[simp]: "r initial_segment_of r"
nipkow@26191
   445
by(simp add:init_seg_of_def)
nipkow@26191
   446
nipkow@26191
   447
lemma trans_init_seg_of:
nipkow@26191
   448
  "r initial_segment_of s \<Longrightarrow> s initial_segment_of t \<Longrightarrow> r initial_segment_of t"
nipkow@26191
   449
by(simp (no_asm_use) add: init_seg_of_def)
nipkow@26191
   450
  (metis Domain_iff UnCI Un_absorb2 subset_trans)
nipkow@26191
   451
nipkow@26191
   452
lemma antisym_init_seg_of:
nipkow@26191
   453
  "r initial_segment_of s \<Longrightarrow> s initial_segment_of r \<Longrightarrow> r=s"
nipkow@26191
   454
by(auto simp:init_seg_of_def)
nipkow@26191
   455
nipkow@26191
   456
lemma Chain_init_seg_of_Union:
nipkow@26191
   457
  "R \<in> Chain init_seg_of \<Longrightarrow> r\<in>R \<Longrightarrow> r initial_segment_of \<Union>R"
nipkow@26191
   458
by(auto simp add:init_seg_of_def Chain_def Ball_def) blast
nipkow@26191
   459
nipkow@26191
   460
lemma subset_chain_trans_Union:
nipkow@26191
   461
  "subset_chain R \<Longrightarrow> \<forall>r\<in>R. trans r \<Longrightarrow> trans(\<Union>R)"
nipkow@26191
   462
apply(auto simp add:subset_chain_def)
nipkow@26191
   463
apply(simp (no_asm_use) add:trans_def)
nipkow@26191
   464
apply (metis subsetD)
nipkow@26191
   465
done
nipkow@26191
   466
nipkow@26191
   467
lemma subset_chain_antisym_Union:
nipkow@26191
   468
  "subset_chain R \<Longrightarrow> \<forall>r\<in>R. antisym r \<Longrightarrow> antisym(\<Union>R)"
nipkow@26191
   469
apply(auto simp add:subset_chain_def antisym_def)
nipkow@26191
   470
apply (metis subsetD)
nipkow@26191
   471
done
nipkow@26191
   472
nipkow@26191
   473
lemma subset_chain_Total_Union:
nipkow@26191
   474
assumes "subset_chain R" "\<forall>r\<in>R. Total r"
nipkow@26191
   475
shows "Total (\<Union>R)"
nipkow@26191
   476
proof (simp add: Total_def Ball_def, auto del:disjCI)
nipkow@26191
   477
  fix r s a b assume A: "r:R" "s:R" "a:Field r" "b:Field s" "a\<noteq>b"
nipkow@26191
   478
  from `subset_chain R` `r:R` `s:R` have "r\<subseteq>s \<or> s\<subseteq>r"
nipkow@26191
   479
    by(simp add:subset_chain_def)
nipkow@26191
   480
  thus "(\<exists>r\<in>R. (a,b) \<in> r) \<or> (\<exists>r\<in>R. (b,a) \<in> r)"
nipkow@26191
   481
  proof
nipkow@26191
   482
    assume "r\<subseteq>s" hence "(a,b):s \<or> (b,a):s" using assms(2) A
nipkow@26191
   483
      by(simp add:Total_def)(metis mono_Field subsetD)
nipkow@26191
   484
    thus ?thesis using `s:R` by blast
nipkow@26191
   485
  next
nipkow@26191
   486
    assume "s\<subseteq>r" hence "(a,b):r \<or> (b,a):r" using assms(2) A
nipkow@26191
   487
      by(simp add:Total_def)(metis mono_Field subsetD)
nipkow@26191
   488
    thus ?thesis using `r:R` by blast
nipkow@26191
   489
  qed
nipkow@26191
   490
qed
nipkow@26191
   491
nipkow@26191
   492
lemma wf_Union_wf_init_segs:
nipkow@26191
   493
assumes "R \<in> Chain init_seg_of" and "\<forall>r\<in>R. wf r" shows "wf(\<Union>R)"
nipkow@26191
   494
proof(simp add:wf_iff_no_infinite_down_chain, rule ccontr, auto)
nipkow@26191
   495
  fix f assume 1: "\<forall>i. \<exists>r\<in>R. (f(Suc i), f i) \<in> r"
nipkow@26191
   496
  then obtain r where "r:R" and "(f(Suc 0), f 0) : r" by auto
nipkow@26191
   497
  { fix i have "(f(Suc i), f i) \<in> r"
nipkow@26191
   498
    proof(induct i)
nipkow@26191
   499
      case 0 show ?case by fact
nipkow@26191
   500
    next
nipkow@26191
   501
      case (Suc i)
nipkow@26191
   502
      moreover obtain s where "s\<in>R" and "(f(Suc(Suc i)), f(Suc i)) \<in> s"
nipkow@26191
   503
	using 1 by auto
nipkow@26191
   504
      moreover hence "s initial_segment_of r \<or> r initial_segment_of s"
nipkow@26191
   505
	using assms(1) `r:R` by(simp add: Chain_def)
nipkow@26191
   506
      ultimately show ?case by(simp add:init_seg_of_def) blast
nipkow@26191
   507
    qed
nipkow@26191
   508
  }
nipkow@26191
   509
  thus False using assms(2) `r:R`
nipkow@26191
   510
    by(simp add:wf_iff_no_infinite_down_chain) blast
nipkow@26191
   511
qed
nipkow@26191
   512
nipkow@26191
   513
lemma Chain_inits_DiffI:
nipkow@26191
   514
  "R \<in> Chain init_seg_of \<Longrightarrow> {r - s |r. r \<in> R} \<in> Chain init_seg_of"
nipkow@26191
   515
apply(auto simp:Chain_def init_seg_of_def)
nipkow@26191
   516
apply (metis subsetD)
nipkow@26191
   517
apply (metis subsetD)
nipkow@26191
   518
done
nipkow@26191
   519
nipkow@26191
   520
theorem well_ordering: "\<exists>r::('a*'a)set. Well_order r"
nipkow@26191
   521
proof-
nipkow@26191
   522
-- {*The initial segment relation on well-orders: *}
nipkow@26191
   523
  let ?WO = "{r::('a*'a)set. Well_order r}"
nipkow@26191
   524
  def I \<equiv> "init_seg_of \<inter> ?WO \<times> ?WO"
nipkow@26191
   525
  have I_init: "I \<subseteq> init_seg_of" by(auto simp:I_def)
nipkow@26191
   526
  hence subch: "!!R. R : Chain I \<Longrightarrow> subset_chain R"
nipkow@26191
   527
    by(auto simp:init_seg_of_def subset_chain_def Chain_def)
nipkow@26191
   528
  have Chain_wo: "!!R r. R \<in> Chain I \<Longrightarrow> r \<in> R \<Longrightarrow> Well_order r"
nipkow@26191
   529
    by(simp add:Chain_def I_def) blast
nipkow@26191
   530
  have FI: "Field I = ?WO" by(auto simp add:I_def init_seg_of_def Field_def)
nipkow@26191
   531
  hence 0: "Partial_order I"
nipkow@26191
   532
    by(auto simp add: Partial_order_def Preorder_def antisym_def antisym_init_seg_of Refl_def trans_def I_def)(metis trans_init_seg_of)
nipkow@26191
   533
-- {*I-chains have upper bounds in ?WO wrt I: their Union*}
nipkow@26191
   534
  { fix R assume "R \<in> Chain I"
nipkow@26191
   535
    hence Ris: "R \<in> Chain init_seg_of" using mono_Chain[OF I_init] by blast
nipkow@26191
   536
    have subch: "subset_chain R" using `R : Chain I` I_init
nipkow@26191
   537
      by(auto simp:init_seg_of_def subset_chain_def Chain_def)
nipkow@26191
   538
    have "\<forall>r\<in>R. Refl r" "\<forall>r\<in>R. trans r" "\<forall>r\<in>R. antisym r" "\<forall>r\<in>R. Total r"
nipkow@26191
   539
         "\<forall>r\<in>R. wf(r-Id)"
nipkow@26191
   540
      using Chain_wo[OF `R \<in> Chain I`] by(simp_all add:Order_defs)
nipkow@26191
   541
    have "Refl (\<Union>R)" using `\<forall>r\<in>R. Refl r` by(auto simp:Refl_def)
nipkow@26191
   542
    moreover have "trans (\<Union>R)"
nipkow@26191
   543
      by(rule subset_chain_trans_Union[OF subch `\<forall>r\<in>R. trans r`])
nipkow@26191
   544
    moreover have "antisym(\<Union>R)"
nipkow@26191
   545
      by(rule subset_chain_antisym_Union[OF subch `\<forall>r\<in>R. antisym r`])
nipkow@26191
   546
    moreover have "Total (\<Union>R)"
nipkow@26191
   547
      by(rule subset_chain_Total_Union[OF subch `\<forall>r\<in>R. Total r`])
nipkow@26191
   548
    moreover have "wf((\<Union>R)-Id)"
nipkow@26191
   549
    proof-
nipkow@26191
   550
      have "(\<Union>R)-Id = \<Union>{r-Id|r. r \<in> R}" by blast
nipkow@26191
   551
      with `\<forall>r\<in>R. wf(r-Id)` wf_Union_wf_init_segs[OF Chain_inits_DiffI[OF Ris]]
nipkow@26191
   552
      show ?thesis by (simp (no_asm_simp)) blast
nipkow@26191
   553
    qed
nipkow@26191
   554
    ultimately have "Well_order (\<Union>R)" by(simp add:Order_defs)
nipkow@26191
   555
    moreover have "\<forall>r \<in> R. r initial_segment_of \<Union>R" using Ris
nipkow@26191
   556
      by(simp add: Chain_init_seg_of_Union)
nipkow@26191
   557
    ultimately have "\<Union>R : ?WO \<and> (\<forall>r\<in>R. (r,\<Union>R) : I)"
nipkow@26191
   558
      using mono_Chain[OF I_init] `R \<in> Chain I`
nipkow@26191
   559
      by(simp (no_asm) add:I_def del:Field_Union)(metis Chain_wo subsetD)
nipkow@26191
   560
  }
nipkow@26191
   561
  hence 1: "\<forall>R \<in> Chain I. \<exists>u\<in>Field I. \<forall>r\<in>R. (r,u) : I" by (subst FI) blast
nipkow@26191
   562
--{*Zorn's Lemma yields a maximal well-order m:*}
nipkow@26191
   563
  then obtain m::"('a*'a)set" where "Well_order m" and
nipkow@26191
   564
    max: "\<forall>r. Well_order r \<and> (m,r):I \<longrightarrow> r=m"
nipkow@26191
   565
    using Zorns_po_lemma[OF 0 1] by (auto simp:FI)
nipkow@26191
   566
--{*Now show by contradiction that m covers the whole type:*}
nipkow@26191
   567
  { fix x::'a assume "x \<notin> Field m"
nipkow@26191
   568
--{*We assume that x is not covered and extend m at the top with x*}
nipkow@26191
   569
    have "m \<noteq> {}"
nipkow@26191
   570
    proof
nipkow@26191
   571
      assume "m={}"
nipkow@26191
   572
      moreover have "Well_order {(x,x)}"
nipkow@26191
   573
	by(simp add:Order_defs Refl_def trans_def antisym_def Total_def Field_def Domain_def Range_def)
nipkow@26191
   574
      ultimately show False using max
nipkow@26191
   575
	by (auto simp:I_def init_seg_of_def simp del:Field_insert)
nipkow@26191
   576
    qed
nipkow@26191
   577
    hence "Field m \<noteq> {}" by(auto simp:Field_def)
nipkow@26191
   578
    moreover have "wf(m-Id)" using `Well_order m` by(simp add:Well_order_def)
nipkow@26191
   579
--{*The extension of m by x:*}
nipkow@26191
   580
    let ?s = "{(a,x)|a. a : Field m}" let ?m = "insert (x,x) m Un ?s"
nipkow@26191
   581
    have Fm: "Field ?m = insert x (Field m)"
nipkow@26191
   582
      apply(simp add:Field_insert Field_Un)
nipkow@26191
   583
      unfolding Field_def by auto
nipkow@26191
   584
    have "Refl m" "trans m" "antisym m" "Total m" "wf(m-Id)"
nipkow@26191
   585
      using `Well_order m` by(simp_all add:Order_defs)
nipkow@26191
   586
--{*We show that the extension is a well-order*}
nipkow@26191
   587
    have "Refl ?m" using `Refl m` Fm by(auto simp:Refl_def)
nipkow@26191
   588
    moreover have "trans ?m" using `trans m` `x \<notin> Field m`
nipkow@26191
   589
      unfolding trans_def Field_def Domain_def Range_def by blast
nipkow@26191
   590
    moreover have "antisym ?m" using `antisym m` `x \<notin> Field m`
nipkow@26191
   591
      unfolding antisym_def Field_def Domain_def Range_def by blast
nipkow@26191
   592
    moreover have "Total ?m" using `Total m` Fm by(auto simp: Total_def)
nipkow@26191
   593
    moreover have "wf(?m-Id)"
nipkow@26191
   594
    proof-
nipkow@26191
   595
      have "wf ?s" using `x \<notin> Field m`
nipkow@26191
   596
	by(auto simp add:wf_eq_minimal Field_def Domain_def Range_def) metis
nipkow@26191
   597
      thus ?thesis using `wf(m-Id)` `x \<notin> Field m`
nipkow@26191
   598
	wf_subset[OF `wf ?s` Diff_subset]
nipkow@26191
   599
	by (fastsimp intro!: wf_Un simp add: Un_Diff Field_def)
nipkow@26191
   600
    qed
nipkow@26191
   601
    ultimately have "Well_order ?m" by(simp add:Order_defs)
nipkow@26191
   602
--{*We show that the extension is above m*}
nipkow@26191
   603
    moreover hence "(m,?m) : I" using `Well_order m` `x \<notin> Field m`
nipkow@26191
   604
      by(fastsimp simp:I_def init_seg_of_def Field_def Domain_def Range_def)
nipkow@26191
   605
    ultimately
nipkow@26191
   606
--{*This contradicts maximality of m:*}
nipkow@26191
   607
    have False using max `x \<notin> Field m` unfolding Field_def by blast
nipkow@26191
   608
  }
nipkow@26191
   609
  hence "Field m = UNIV" by auto
nipkow@26191
   610
  with `Well_order m` have "Well_order m" by simp
nipkow@26191
   611
  thus ?thesis ..
nipkow@26191
   612
qed
nipkow@26191
   613
paulson@13551
   614
end