src/HOL/Multivariate_Analysis/Integration.thy
author boehmes
Wed May 12 23:54:04 2010 +0200 (2010-05-12)
changeset 36899 bcd6fce5bf06
parent 36844 5f9385ecc1a7
child 37489 44e42d392c6e
permissions -rw-r--r--
layered SMT setup, adapted SMT clients, added further tests, made Z3 proof abstraction configurable
     1 
     2 header {* Kurzweil-Henstock gauge integration in many dimensions. *}
     3 (*  Author:                     John Harrison
     4     Translation from HOL light: Robert Himmelmann, TU Muenchen *)
     5 
     6 theory Integration
     7   imports Derivative "~~/src/HOL/Decision_Procs/Dense_Linear_Order"
     8 begin
     9 
    10 declare [[smt_certificates="~~/src/HOL/Multivariate_Analysis/Integration.certs"]]
    11 declare [[smt_fixed=true]]
    12 declare [[z3_proofs=true]]
    13 
    14 setup {* Arith_Data.add_tactic "Ferrante-Rackoff" (K FerranteRackoff.dlo_tac) *}
    15 
    16 
    17 subsection {* Sundries *}
    18 
    19 lemma conjunctD2: assumes "a \<and> b" shows a b using assms by auto
    20 lemma conjunctD3: assumes "a \<and> b \<and> c" shows a b c using assms by auto
    21 lemma conjunctD4: assumes "a \<and> b \<and> c \<and> d" shows a b c d using assms by auto
    22 lemma conjunctD5: assumes "a \<and> b \<and> c \<and> d \<and> e" shows a b c d e using assms by auto
    23 
    24 declare smult_conv_scaleR[simp]
    25 
    26 lemma simple_image: "{f x |x . x \<in> s} = f ` s" by blast
    27 
    28 lemma linear_simps:  assumes "bounded_linear f"
    29   shows "f (a + b) = f a + f b" "f (a - b) = f a - f b" "f 0 = 0" "f (- a) = - f a" "f (s *\<^sub>R v) = s *\<^sub>R (f v)"
    30   apply(rule_tac[!] additive.add additive.minus additive.diff additive.zero bounded_linear.scaleR)
    31   using assms unfolding bounded_linear_def additive_def by auto
    32 
    33 lemma bounded_linearI:assumes "\<And>x y. f (x + y) = f x + f y"
    34   "\<And>r x. f (r *\<^sub>R x) = r *\<^sub>R f x" "\<And>x. norm (f x) \<le> norm x * K"
    35   shows "bounded_linear f"
    36   unfolding bounded_linear_def additive_def bounded_linear_axioms_def using assms by auto
    37  
    38 lemma real_le_inf_subset:
    39   assumes "t \<noteq> {}" "t \<subseteq> s" "\<exists>b. b <=* s" shows "Inf s <= Inf (t::real set)"
    40   apply(rule isGlb_le_isLb) apply(rule Inf[OF assms(1)])
    41   using assms apply-apply(erule exE) apply(rule_tac x=b in exI)
    42   unfolding isLb_def setge_def by auto
    43 
    44 lemma real_ge_sup_subset:
    45   assumes "t \<noteq> {}" "t \<subseteq> s" "\<exists>b. s *<= b" shows "Sup s >= Sup (t::real set)"
    46   apply(rule isLub_le_isUb) apply(rule Sup[OF assms(1)])
    47   using assms apply-apply(erule exE) apply(rule_tac x=b in exI)
    48   unfolding isUb_def setle_def by auto
    49 
    50 lemma dist_trans[simp]:"dist (vec1 x) (vec1 y) = dist x (y::real)"
    51   unfolding dist_real_def dist_vec1 ..
    52 
    53 lemma Lim_trans[simp]: fixes f::"'a \<Rightarrow> real"
    54   shows "((\<lambda>x. vec1 (f x)) ---> vec1 l) net \<longleftrightarrow> (f ---> l) net"
    55   using assms unfolding Lim dist_trans ..
    56 
    57 lemma bounded_linear_component[intro]: "bounded_linear (\<lambda>x::real^'n. x $ k)"
    58   apply(rule bounded_linearI[where K=1]) 
    59   using component_le_norm[of _ k] unfolding real_norm_def by auto
    60 
    61 lemma bounded_vec1[intro]:  "bounded s \<Longrightarrow> bounded (vec1 ` (s::real set))"
    62   unfolding bounded_def apply safe apply(rule_tac x="vec1 x" in exI,rule_tac x=e in exI) by auto
    63 
    64 lemma transitive_stepwise_lt_eq:
    65   assumes "(\<And>x y z::nat. R x y \<Longrightarrow> R y z \<Longrightarrow> R x z)"
    66   shows "((\<forall>m. \<forall>n>m. R m n) \<longleftrightarrow> (\<forall>n. R n (Suc n)))" (is "?l = ?r")
    67 proof(safe) assume ?r fix n m::nat assume "m < n" thus "R m n" apply-
    68   proof(induct n arbitrary: m) case (Suc n) show ?case 
    69     proof(cases "m < n") case True
    70       show ?thesis apply(rule assms[OF Suc(1)[OF True]]) using `?r` by auto
    71     next case False hence "m = n" using Suc(2) by auto
    72       thus ?thesis using `?r` by auto
    73     qed qed auto qed auto
    74 
    75 lemma transitive_stepwise_gt:
    76   assumes "\<And>x y z. R x y \<Longrightarrow> R y z \<Longrightarrow> R x z" "\<And>n. R n (Suc n) "
    77   shows "\<forall>n>m. R m n"
    78 proof- have "\<forall>m. \<forall>n>m. R m n" apply(subst transitive_stepwise_lt_eq)
    79     apply(rule assms) apply(assumption,assumption) using assms(2) by auto
    80   thus ?thesis by auto qed
    81 
    82 lemma transitive_stepwise_le_eq:
    83   assumes "\<And>x. R x x" "\<And>x y z. R x y \<Longrightarrow> R y z \<Longrightarrow> R x z"
    84   shows "(\<forall>m. \<forall>n\<ge>m. R m n) \<longleftrightarrow> (\<forall>n. R n (Suc n))" (is "?l = ?r")
    85 proof safe assume ?r fix m n::nat assume "m\<le>n" thus "R m n" apply-
    86   proof(induct n arbitrary: m) case (Suc n) show ?case 
    87     proof(cases "m \<le> n") case True show ?thesis apply(rule assms(2))
    88         apply(rule Suc(1)[OF True]) using `?r` by auto
    89     next case False hence "m = Suc n" using Suc(2) by auto
    90       thus ?thesis using assms(1) by auto
    91     qed qed(insert assms(1), auto) qed auto
    92 
    93 lemma transitive_stepwise_le:
    94   assumes "\<And>x. R x x" "\<And>x y z. R x y \<Longrightarrow> R y z \<Longrightarrow> R x z" "\<And>n. R n (Suc n) "
    95   shows "\<forall>n\<ge>m. R m n"
    96 proof- have "\<forall>m. \<forall>n\<ge>m. R m n" apply(subst transitive_stepwise_le_eq)
    97     apply(rule assms) apply(rule assms,assumption,assumption) using assms(3) by auto
    98   thus ?thesis by auto qed
    99 
   100 
   101 subsection {* Some useful lemmas about intervals. *}
   102 
   103 lemma empty_as_interval: "{} = {1..0::real^'n}"
   104   apply(rule set_ext,rule) defer unfolding vector_le_def mem_interval
   105   using UNIV_witness[where 'a='n] apply(erule_tac exE,rule_tac x=x in allE) by auto
   106 
   107 lemma interior_subset_union_intervals: 
   108   assumes "i = {a..b::real^'n}" "j = {c..d}" "interior j \<noteq> {}" "i \<subseteq> j \<union> s" "interior(i) \<inter> interior(j) = {}"
   109   shows "interior i \<subseteq> interior s" proof-
   110   have "{a<..<b} \<inter> {c..d} = {}" using inter_interval_mixed_eq_empty[of c d a b] and assms(3,5)
   111     unfolding assms(1,2) interior_closed_interval by auto
   112   moreover have "{a<..<b} \<subseteq> {c..d} \<union> s" apply(rule order_trans,rule interval_open_subset_closed)
   113     using assms(4) unfolding assms(1,2) by auto
   114   ultimately show ?thesis apply-apply(rule interior_maximal) defer apply(rule open_interior)
   115     unfolding assms(1,2) interior_closed_interval by auto qed
   116 
   117 lemma inter_interior_unions_intervals: fixes f::"(real^'n) set set"
   118   assumes "finite f" "open s" "\<forall>t\<in>f. \<exists>a b. t = {a..b}" "\<forall>t\<in>f. s \<inter> (interior t) = {}"
   119   shows "s \<inter> interior(\<Union>f) = {}" proof(rule ccontr,unfold ex_in_conv[THEN sym]) case goal1
   120   have lem1:"\<And>x e s U. ball x e \<subseteq> s \<inter> interior U \<longleftrightarrow> ball x e \<subseteq> s \<inter> U" apply rule  defer apply(rule_tac Int_greatest)
   121     unfolding open_subset_interior[OF open_ball]  using interior_subset by auto
   122   have lem2:"\<And>x s P. \<exists>x\<in>s. P x \<Longrightarrow> \<exists>x\<in>insert x s. P x" by auto
   123   have "\<And>f. finite f \<Longrightarrow> (\<forall>t\<in>f. \<exists>a b. t = {a..b}) \<Longrightarrow> (\<exists>x. x \<in> s \<inter> interior (\<Union>f)) \<Longrightarrow> (\<exists>t\<in>f. \<exists>x. \<exists>e>0. ball x e \<subseteq> s \<inter> t)" proof- case goal1
   124   thus ?case proof(induct rule:finite_induct) 
   125     case empty from this(2) guess x .. hence False unfolding Union_empty interior_empty by auto thus ?case by auto next
   126     case (insert i f) guess x using insert(5) .. note x = this
   127     then guess e unfolding open_contains_ball_eq[OF open_Int[OF assms(2) open_interior],rule_format] .. note e=this
   128     guess a using insert(4)[rule_format,OF insertI1] .. then guess b .. note ab = this
   129     show ?case proof(cases "x\<in>i") case False hence "x \<in> UNIV - {a..b}" unfolding ab by auto
   130       then guess d unfolding open_contains_ball_eq[OF open_Diff[OF open_UNIV closed_interval],rule_format] ..
   131       hence "0 < d" "ball x (min d e) \<subseteq> UNIV - i" using e unfolding ab by auto
   132       hence "ball x (min d e) \<subseteq> s \<inter> interior (\<Union>f)" using e unfolding lem1 by auto hence "x \<in> s \<inter> interior (\<Union>f)" using `d>0` e by auto
   133       hence "\<exists>t\<in>f. \<exists>x e. 0 < e \<and> ball x e \<subseteq> s \<inter> t" apply-apply(rule insert(3)) using insert(4) by auto thus ?thesis by auto next
   134     case True show ?thesis proof(cases "x\<in>{a<..<b}")
   135       case True then guess d unfolding open_contains_ball_eq[OF open_interval,rule_format] ..
   136       thus ?thesis apply(rule_tac x=i in bexI,rule_tac x=x in exI,rule_tac x="min d e" in exI)
   137 	unfolding ab using interval_open_subset_closed[of a b] and e by fastsimp+ next
   138     case False then obtain k where "x$k \<le> a$k \<or> x$k \<ge> b$k" unfolding mem_interval by(auto simp add:not_less) 
   139     hence "x$k = a$k \<or> x$k = b$k" using True unfolding ab and mem_interval apply(erule_tac x=k in allE) by auto
   140     hence "\<exists>x. ball x (e/2) \<subseteq> s \<inter> (\<Union>f)" proof(erule_tac disjE)
   141       let ?z = "x - (e/2) *\<^sub>R basis k" assume as:"x$k = a$k" have "ball ?z (e / 2) \<inter> i = {}" apply(rule ccontr) unfolding ex_in_conv[THEN sym] proof(erule exE)
   142 	fix y assume "y \<in> ball ?z (e / 2) \<inter> i" hence "dist ?z y < e/2" and yi:"y\<in>i" by auto
   143 	hence "\<bar>(?z - y) $ k\<bar> < e/2" using component_le_norm[of "?z - y" k] unfolding dist_norm by auto
   144 	hence "y$k < a$k" unfolding vector_component_simps vector_scaleR_component as using e[THEN conjunct1] by(auto simp add:field_simps)
   145 	hence "y \<notin> i" unfolding ab mem_interval not_all by(rule_tac x=k in exI,auto) thus False using yi by auto qed
   146       moreover have "ball ?z (e/2) \<subseteq> s \<inter> (\<Union>insert i f)" apply(rule order_trans[OF _ e[THEN conjunct2, unfolded lem1]]) proof
   147 	fix y assume as:"y\<in> ball ?z (e/2)" have "norm (x - y) \<le> \<bar>e\<bar> / 2 + norm (x - y - (e / 2) *\<^sub>R basis k)"
   148 	   apply-apply(rule order_trans,rule norm_triangle_sub[of "x - y" "(e/2) *\<^sub>R basis k"])
   149 	  unfolding norm_scaleR norm_basis by auto
   150 	also have "\<dots> < \<bar>e\<bar> / 2 + \<bar>e\<bar> / 2" apply(rule add_strict_left_mono) using as unfolding mem_ball dist_norm using e by(auto simp add:field_simps)
   151 	finally show "y\<in>ball x e" unfolding mem_ball dist_norm using e by(auto simp add:field_simps) qed
   152       ultimately show ?thesis apply(rule_tac x="?z" in exI) unfolding Union_insert by auto
   153     next let ?z = "x + (e/2) *\<^sub>R basis k" assume as:"x$k = b$k" have "ball ?z (e / 2) \<inter> i = {}" apply(rule ccontr) unfolding ex_in_conv[THEN sym] proof(erule exE)
   154 	fix y assume "y \<in> ball ?z (e / 2) \<inter> i" hence "dist ?z y < e/2" and yi:"y\<in>i" by auto
   155 	hence "\<bar>(?z - y) $ k\<bar> < e/2" using component_le_norm[of "?z - y" k] unfolding dist_norm by auto
   156 	hence "y$k > b$k" unfolding vector_component_simps vector_scaleR_component as using e[THEN conjunct1] by(auto simp add:field_simps)
   157 	hence "y \<notin> i" unfolding ab mem_interval not_all by(rule_tac x=k in exI,auto) thus False using yi by auto qed
   158       moreover have "ball ?z (e/2) \<subseteq> s \<inter> (\<Union>insert i f)" apply(rule order_trans[OF _ e[THEN conjunct2, unfolded lem1]]) proof
   159 	fix y assume as:"y\<in> ball ?z (e/2)" have "norm (x - y) \<le> \<bar>e\<bar> / 2 + norm (x - y + (e / 2) *\<^sub>R basis k)"
   160 	   apply-apply(rule order_trans,rule norm_triangle_sub[of "x - y" "- (e/2) *\<^sub>R basis k"])
   161 	  unfolding norm_scaleR norm_basis by auto
   162 	also have "\<dots> < \<bar>e\<bar> / 2 + \<bar>e\<bar> / 2" apply(rule add_strict_left_mono) using as unfolding mem_ball dist_norm using e by(auto simp add:field_simps)
   163 	finally show "y\<in>ball x e" unfolding mem_ball dist_norm using e by(auto simp add:field_simps) qed
   164       ultimately show ?thesis apply(rule_tac x="?z" in exI) unfolding Union_insert by auto qed 
   165     then guess x .. hence "x \<in> s \<inter> interior (\<Union>f)" unfolding lem1[where U="\<Union>f",THEN sym] using centre_in_ball e[THEN conjunct1] by auto
   166     thus ?thesis apply-apply(rule lem2,rule insert(3)) using insert(4) by auto qed qed qed qed note * = this
   167   guess t using *[OF assms(1,3) goal1]  .. from this(2) guess x .. then guess e ..
   168   hence "x \<in> s" "x\<in>interior t" defer using open_subset_interior[OF open_ball, of x e t] by auto
   169   thus False using `t\<in>f` assms(4) by auto qed
   170 subsection {* Bounds on intervals where they exist. *}
   171 
   172 definition "interval_upperbound (s::(real^'n) set) = (\<chi> i. Sup {a. \<exists>x\<in>s. x$i = a})"
   173 
   174 definition "interval_lowerbound (s::(real^'n) set) = (\<chi> i. Inf {a. \<exists>x\<in>s. x$i = a})"
   175 
   176 lemma interval_upperbound[simp]: assumes "\<forall>i. a$i \<le> b$i" shows "interval_upperbound {a..b} = b"
   177   using assms unfolding interval_upperbound_def Cart_eq Cart_lambda_beta apply-apply(rule,erule_tac x=i in allE)
   178   apply(rule Sup_unique) unfolding setle_def apply rule unfolding mem_Collect_eq apply(erule bexE) unfolding mem_interval defer
   179   apply(rule,rule) apply(rule_tac x="b$i" in bexI) defer unfolding mem_Collect_eq apply(rule_tac x=b in bexI)
   180   unfolding mem_interval using assms by auto
   181 
   182 lemma interval_lowerbound[simp]: assumes "\<forall>i. a$i \<le> b$i" shows "interval_lowerbound {a..b} = a"
   183   using assms unfolding interval_lowerbound_def Cart_eq Cart_lambda_beta apply-apply(rule,erule_tac x=i in allE)
   184   apply(rule Inf_unique) unfolding setge_def apply rule unfolding mem_Collect_eq apply(erule bexE) unfolding mem_interval defer
   185   apply(rule,rule) apply(rule_tac x="a$i" in bexI) defer unfolding mem_Collect_eq apply(rule_tac x=a in bexI)
   186   unfolding mem_interval using assms by auto
   187 
   188 lemmas interval_bounds = interval_upperbound interval_lowerbound
   189 
   190 lemma interval_bounds'[simp]: assumes "{a..b}\<noteq>{}" shows "interval_upperbound {a..b} = b" "interval_lowerbound {a..b} = a"
   191   using assms unfolding interval_ne_empty by auto
   192 
   193 lemma interval_upperbound_1[simp]: "dest_vec1 a \<le> dest_vec1 b \<Longrightarrow> interval_upperbound {a..b} = (b::real^1)"
   194   apply(rule interval_upperbound) by auto
   195 
   196 lemma interval_lowerbound_1[simp]: "dest_vec1 a \<le> dest_vec1 b \<Longrightarrow> interval_lowerbound {a..b} = (a::real^1)"
   197   apply(rule interval_lowerbound) by auto
   198 
   199 lemmas interval_bound_1 = interval_upperbound_1 interval_lowerbound_1
   200 
   201 subsection {* Content (length, area, volume...) of an interval. *}
   202 
   203 definition "content (s::(real^'n) set) =
   204        (if s = {} then 0 else (\<Prod>i\<in>UNIV. (interval_upperbound s)$i - (interval_lowerbound s)$i))"
   205 
   206 lemma interval_not_empty:"\<forall>i. a$i \<le> b$i \<Longrightarrow> {a..b::real^'n} \<noteq> {}"
   207   unfolding interval_eq_empty unfolding not_ex not_less by assumption
   208 
   209 lemma content_closed_interval: assumes "\<forall>i. a$i \<le> b$i"
   210   shows "content {a..b} = (\<Prod>i\<in>UNIV. b$i - a$i)"
   211   using interval_not_empty[OF assms] unfolding content_def interval_upperbound[OF assms] interval_lowerbound[OF assms] by auto
   212 
   213 lemma content_closed_interval': assumes "{a..b}\<noteq>{}" shows "content {a..b} = (\<Prod>i\<in>UNIV. b$i - a$i)"
   214   apply(rule content_closed_interval) using assms unfolding interval_ne_empty .
   215 
   216 lemma content_1:"dest_vec1 a \<le> dest_vec1 b \<Longrightarrow> content {a..b} = dest_vec1 b - dest_vec1 a"
   217   using content_closed_interval[of a b] by auto
   218 
   219 lemma content_1':"a \<le> b \<Longrightarrow> content {vec1 a..vec1 b} = b - a" using content_1[of "vec a" "vec b"] by auto
   220 
   221 lemma content_unit[intro]: "content{0..1::real^'n} = 1" proof-
   222   have *:"\<forall>i. 0$i \<le> (1::real^'n::finite)$i" by auto
   223   have "0 \<in> {0..1::real^'n::finite}" unfolding mem_interval by auto
   224   thus ?thesis unfolding content_def interval_bounds[OF *] using setprod_1 by auto qed
   225 
   226 lemma content_pos_le[intro]: "0 \<le> content {a..b}" proof(cases "{a..b}={}")
   227   case False hence *:"\<forall>i. a $ i \<le> b $ i" unfolding interval_ne_empty by assumption
   228   have "(\<Prod>i\<in>UNIV. interval_upperbound {a..b} $ i - interval_lowerbound {a..b} $ i) \<ge> 0"
   229     apply(rule setprod_nonneg) unfolding interval_bounds[OF *] using * apply(erule_tac x=x in allE) by auto
   230   thus ?thesis unfolding content_def by(auto simp del:interval_bounds') qed(unfold content_def, auto)
   231 
   232 lemma content_pos_lt: assumes "\<forall>i. a$i < b$i" shows "0 < content {a..b}"
   233 proof- have help_lemma1: "\<forall>i. a$i < b$i \<Longrightarrow> \<forall>i. a$i \<le> ((b$i)::real)" apply(rule,erule_tac x=i in allE) by auto
   234   show ?thesis unfolding content_closed_interval[OF help_lemma1[OF assms]] apply(rule setprod_pos)
   235     using assms apply(erule_tac x=x in allE) by auto qed
   236 
   237 lemma content_pos_lt_1: "dest_vec1 a < dest_vec1 b \<Longrightarrow> 0 < content({a..b})"
   238   apply(rule content_pos_lt) by auto
   239 
   240 lemma content_eq_0: "content({a..b::real^'n}) = 0 \<longleftrightarrow> (\<exists>i. b$i \<le> a$i)" proof(cases "{a..b} = {}")
   241   case True thus ?thesis unfolding content_def if_P[OF True] unfolding interval_eq_empty apply-
   242     apply(rule,erule exE) apply(rule_tac x=i in exI) by auto next
   243   guess a using UNIV_witness[where 'a='n] .. case False note as=this[unfolded interval_eq_empty not_ex not_less]
   244   show ?thesis unfolding content_def if_not_P[OF False] setprod_zero_iff[OF finite_UNIV]
   245     apply(rule) apply(erule_tac[!] exE bexE) unfolding interval_bounds[OF as] apply(rule_tac x=x in exI) defer
   246     apply(rule_tac x=i in bexI) using as apply(erule_tac x=i in allE) by auto qed
   247 
   248 lemma cond_cases:"(P \<Longrightarrow> Q x) \<Longrightarrow> (\<not> P \<Longrightarrow> Q y) \<Longrightarrow> Q (if P then x else y)" by auto
   249 
   250 lemma content_closed_interval_cases:
   251   "content {a..b} = (if \<forall>i. a$i \<le> b$i then setprod (\<lambda>i. b$i - a$i) UNIV else 0)" apply(rule cond_cases) 
   252   apply(rule content_closed_interval) unfolding content_eq_0 not_all not_le defer apply(erule exE,rule_tac x=x in exI) by auto
   253 
   254 lemma content_eq_0_interior: "content {a..b} = 0 \<longleftrightarrow> interior({a..b}) = {}"
   255   unfolding content_eq_0 interior_closed_interval interval_eq_empty by auto
   256 
   257 lemma content_eq_0_1: "content {a..b::real^1} = 0 \<longleftrightarrow> dest_vec1 b \<le> dest_vec1 a"
   258   unfolding content_eq_0 by auto
   259 
   260 lemma content_pos_lt_eq: "0 < content {a..b} \<longleftrightarrow> (\<forall>i. a$i < b$i)"
   261   apply(rule) defer apply(rule content_pos_lt,assumption) proof- assume "0 < content {a..b}"
   262   hence "content {a..b} \<noteq> 0" by auto thus "\<forall>i. a$i < b$i" unfolding content_eq_0 not_ex not_le by auto qed
   263 
   264 lemma content_empty[simp]: "content {} = 0" unfolding content_def by auto
   265 
   266 lemma content_subset: assumes "{a..b} \<subseteq> {c..d}" shows "content {a..b::real^'n} \<le> content {c..d}" proof(cases "{a..b}={}")
   267   case True thus ?thesis using content_pos_le[of c d] by auto next
   268   case False hence ab_ne:"\<forall>i. a $ i \<le> b $ i" unfolding interval_ne_empty by auto
   269   hence ab_ab:"a\<in>{a..b}" "b\<in>{a..b}" unfolding mem_interval by auto
   270   have "{c..d} \<noteq> {}" using assms False by auto
   271   hence cd_ne:"\<forall>i. c $ i \<le> d $ i" using assms unfolding interval_ne_empty by auto
   272   show ?thesis unfolding content_def unfolding interval_bounds[OF ab_ne] interval_bounds[OF cd_ne]
   273     unfolding if_not_P[OF False] if_not_P[OF `{c..d} \<noteq> {}`] apply(rule setprod_mono,rule) proof fix i::'n
   274     show "0 \<le> b $ i - a $ i" using ab_ne[THEN spec[where x=i]] by auto
   275     show "b $ i - a $ i \<le> d $ i - c $ i"
   276       using assms[unfolded subset_eq mem_interval,rule_format,OF ab_ab(2),of i]
   277       using assms[unfolded subset_eq mem_interval,rule_format,OF ab_ab(1),of i] by auto qed qed
   278 
   279 lemma content_lt_nz: "0 < content {a..b} \<longleftrightarrow> content {a..b} \<noteq> 0"
   280   unfolding content_pos_lt_eq content_eq_0 unfolding not_ex not_le by auto
   281 
   282 subsection {* The notion of a gauge --- simply an open set containing the point. *}
   283 
   284 definition gauge where "gauge d \<longleftrightarrow> (\<forall>x. x\<in>(d x) \<and> open(d x))"
   285 
   286 lemma gaugeI:assumes "\<And>x. x\<in>g x" "\<And>x. open (g x)" shows "gauge g"
   287   using assms unfolding gauge_def by auto
   288 
   289 lemma gaugeD[dest]: assumes "gauge d" shows "x\<in>d x" "open (d x)" using assms unfolding gauge_def by auto
   290 
   291 lemma gauge_ball_dependent: "\<forall>x. 0 < e x \<Longrightarrow> gauge (\<lambda>x. ball x (e x))"
   292   unfolding gauge_def by auto 
   293 
   294 lemma gauge_ball[intro]: "0 < e \<Longrightarrow> gauge (\<lambda>x. ball x e)" unfolding gauge_def by auto 
   295 
   296 lemma gauge_trivial[intro]: "gauge (\<lambda>x. ball x 1)" apply(rule gauge_ball) by auto
   297 
   298 lemma gauge_inter[intro]: "gauge d1 \<Longrightarrow> gauge d2 \<Longrightarrow> gauge (\<lambda>x. (d1 x) \<inter> (d2 x))"
   299   unfolding gauge_def by auto 
   300 
   301 lemma gauge_inters: assumes "finite s" "\<forall>d\<in>s. gauge (f d)" shows "gauge(\<lambda>x. \<Inter> {f d x | d. d \<in> s})" proof-
   302   have *:"\<And>x. {f d x |d. d \<in> s} = (\<lambda>d. f d x) ` s" by auto show ?thesis
   303   unfolding gauge_def unfolding * 
   304   using assms unfolding Ball_def Inter_iff mem_Collect_eq gauge_def by auto qed
   305 
   306 lemma gauge_existence_lemma: "(\<forall>x. \<exists>d::real. p x \<longrightarrow> 0 < d \<and> q d x) \<longleftrightarrow> (\<forall>x. \<exists>d>0. p x \<longrightarrow> q d x)" by(meson zero_less_one)
   307 
   308 subsection {* Divisions. *}
   309 
   310 definition division_of (infixl "division'_of" 40) where
   311   "s division_of i \<equiv>
   312         finite s \<and>
   313         (\<forall>k\<in>s. k \<subseteq> i \<and> k \<noteq> {} \<and> (\<exists>a b. k = {a..b})) \<and>
   314         (\<forall>k1\<in>s. \<forall>k2\<in>s. k1 \<noteq> k2 \<longrightarrow> interior(k1) \<inter> interior(k2) = {}) \<and>
   315         (\<Union>s = i)"
   316 
   317 lemma division_ofD[dest]: assumes  "s division_of i"
   318   shows"finite s" "\<And>k. k\<in>s \<Longrightarrow> k \<subseteq> i" "\<And>k. k\<in>s \<Longrightarrow>  k \<noteq> {}" "\<And>k. k\<in>s \<Longrightarrow> (\<exists>a b. k = {a..b})"
   319   "\<And>k1 k2. \<lbrakk>k1\<in>s; k2\<in>s; k1 \<noteq> k2\<rbrakk> \<Longrightarrow> interior(k1) \<inter> interior(k2) = {}" "\<Union>s = i" using assms unfolding division_of_def by auto
   320 
   321 lemma division_ofI:
   322   assumes "finite s" "\<And>k. k\<in>s \<Longrightarrow> k \<subseteq> i" "\<And>k. k\<in>s \<Longrightarrow>  k \<noteq> {}" "\<And>k. k\<in>s \<Longrightarrow> (\<exists>a b. k = {a..b})"
   323   "\<And>k1 k2. \<lbrakk>k1\<in>s; k2\<in>s; k1 \<noteq> k2\<rbrakk> \<Longrightarrow> interior(k1) \<inter> interior(k2) = {}" "\<Union>s = i"
   324   shows "s division_of i" using assms unfolding division_of_def by auto
   325 
   326 lemma division_of_finite: "s division_of i \<Longrightarrow> finite s"
   327   unfolding division_of_def by auto
   328 
   329 lemma division_of_self[intro]: "{a..b} \<noteq> {} \<Longrightarrow> {{a..b}} division_of {a..b}"
   330   unfolding division_of_def by auto
   331 
   332 lemma division_of_trivial[simp]: "s division_of {} \<longleftrightarrow> s = {}" unfolding division_of_def by auto 
   333 
   334 lemma division_of_sing[simp]: "s division_of {a..a::real^'n} \<longleftrightarrow> s = {{a..a}}" (is "?l = ?r") proof
   335   assume ?r moreover { assume "s = {{a}}" moreover fix k assume "k\<in>s" 
   336     ultimately have"\<exists>x y. k = {x..y}" apply(rule_tac x=a in exI)+ unfolding interval_sing[THEN conjunct1] by auto }
   337   ultimately show ?l unfolding division_of_def interval_sing[THEN conjunct1] by auto next
   338   assume ?l note as=conjunctD4[OF this[unfolded division_of_def interval_sing[THEN conjunct1]]]
   339   { fix x assume x:"x\<in>s" have "x={a}" using as(2)[rule_format,OF x] by auto }
   340   moreover have "s \<noteq> {}" using as(4) by auto ultimately show ?r unfolding interval_sing[THEN conjunct1] by auto qed
   341 
   342 lemma elementary_empty: obtains p where "p division_of {}"
   343   unfolding division_of_trivial by auto
   344 
   345 lemma elementary_interval: obtains p where  "p division_of {a..b}"
   346   by(metis division_of_trivial division_of_self)
   347 
   348 lemma division_contains: "s division_of i \<Longrightarrow> \<forall>x\<in>i. \<exists>k\<in>s. x \<in> k"
   349   unfolding division_of_def by auto
   350 
   351 lemma forall_in_division:
   352  "d division_of i \<Longrightarrow> ((\<forall>x\<in>d. P x) \<longleftrightarrow> (\<forall>a b. {a..b} \<in> d \<longrightarrow> P {a..b}))"
   353   unfolding division_of_def by fastsimp
   354 
   355 lemma division_of_subset: assumes "p division_of (\<Union>p)" "q \<subseteq> p" shows "q division_of (\<Union>q)"
   356   apply(rule division_ofI) proof- note as=division_ofD[OF assms(1)]
   357   show "finite q" apply(rule finite_subset) using as(1) assms(2) by auto
   358   { fix k assume "k \<in> q" hence kp:"k\<in>p" using assms(2) by auto show "k\<subseteq>\<Union>q" using `k \<in> q` by auto
   359   show "\<exists>a b. k = {a..b}" using as(4)[OF kp] by auto show "k \<noteq> {}" using as(3)[OF kp] by auto }
   360   fix k1 k2 assume "k1 \<in> q" "k2 \<in> q" "k1 \<noteq> k2" hence *:"k1\<in>p" "k2\<in>p" "k1\<noteq>k2" using assms(2) by auto
   361   show "interior k1 \<inter> interior k2 = {}" using as(5)[OF *] by auto qed auto
   362 
   363 lemma division_of_union_self[intro]: "p division_of s \<Longrightarrow> p division_of (\<Union>p)" unfolding division_of_def by auto
   364 
   365 lemma division_of_content_0: assumes "content {a..b} = 0" "d division_of {a..b}" shows "\<forall>k\<in>d. content k = 0"
   366   unfolding forall_in_division[OF assms(2)] apply(rule,rule,rule) apply(drule division_ofD(2)[OF assms(2)])
   367   apply(drule content_subset) unfolding assms(1) proof- case goal1 thus ?case using content_pos_le[of a b] by auto qed
   368 
   369 lemma division_inter: assumes "p1 division_of s1" "p2 division_of (s2::(real^'a) set)"
   370   shows "{k1 \<inter> k2 | k1 k2 .k1 \<in> p1 \<and> k2 \<in> p2 \<and> k1 \<inter> k2 \<noteq> {}} division_of (s1 \<inter> s2)" (is "?A' division_of _") proof-
   371 let ?A = "{s. s \<in>  (\<lambda>(k1,k2). k1 \<inter> k2) ` (p1 \<times> p2) \<and> s \<noteq> {}}" have *:"?A' = ?A" by auto
   372 show ?thesis unfolding * proof(rule division_ofI) have "?A \<subseteq> (\<lambda>(x, y). x \<inter> y) ` (p1 \<times> p2)" by auto
   373   moreover have "finite (p1 \<times> p2)" using assms unfolding division_of_def by auto ultimately show "finite ?A" by auto
   374   have *:"\<And>s. \<Union>{x\<in>s. x \<noteq> {}} = \<Union>s" by auto show "\<Union>?A = s1 \<inter> s2" apply(rule set_ext) unfolding * and Union_image_eq UN_iff
   375     using division_ofD(6)[OF assms(1)] and division_ofD(6)[OF assms(2)] by auto
   376   { fix k assume "k\<in>?A" then obtain k1 k2 where k:"k = k1 \<inter> k2" "k1\<in>p1" "k2\<in>p2" "k\<noteq>{}" by auto thus "k \<noteq> {}" by auto
   377   show "k \<subseteq> s1 \<inter> s2" using division_ofD(2)[OF assms(1) k(2)] and division_ofD(2)[OF assms(2) k(3)] unfolding k by auto
   378   guess a1 using division_ofD(4)[OF assms(1) k(2)] .. then guess b1 .. note ab1=this
   379   guess a2 using division_ofD(4)[OF assms(2) k(3)] .. then guess b2 .. note ab2=this
   380   show "\<exists>a b. k = {a..b}" unfolding k ab1 ab2 unfolding inter_interval by auto } fix k1 k2
   381   assume "k1\<in>?A" then obtain x1 y1 where k1:"k1 = x1 \<inter> y1" "x1\<in>p1" "y1\<in>p2" "k1\<noteq>{}" by auto
   382   assume "k2\<in>?A" then obtain x2 y2 where k2:"k2 = x2 \<inter> y2" "x2\<in>p1" "y2\<in>p2" "k2\<noteq>{}" by auto
   383   assume "k1 \<noteq> k2" hence th:"x1\<noteq>x2 \<or> y1\<noteq>y2" unfolding k1 k2 by auto
   384   have *:"(interior x1 \<inter> interior x2 = {} \<or> interior y1 \<inter> interior y2 = {}) \<Longrightarrow>
   385       interior(x1 \<inter> y1) \<subseteq> interior(x1) \<Longrightarrow> interior(x1 \<inter> y1) \<subseteq> interior(y1) \<Longrightarrow>
   386       interior(x2 \<inter> y2) \<subseteq> interior(x2) \<Longrightarrow> interior(x2 \<inter> y2) \<subseteq> interior(y2)
   387       \<Longrightarrow> interior(x1 \<inter> y1) \<inter> interior(x2 \<inter> y2) = {}" by auto
   388   show "interior k1 \<inter> interior k2 = {}" unfolding k1 k2 apply(rule *) defer apply(rule_tac[1-4] subset_interior)
   389     using division_ofD(5)[OF assms(1) k1(2) k2(2)]
   390     using division_ofD(5)[OF assms(2) k1(3) k2(3)] using th by auto qed qed
   391 
   392 lemma division_inter_1: assumes "d division_of i" "{a..b::real^'n} \<subseteq> i"
   393   shows "{ {a..b} \<inter> k |k. k \<in> d \<and> {a..b} \<inter> k \<noteq> {} } division_of {a..b}" proof(cases "{a..b} = {}")
   394   case True show ?thesis unfolding True and division_of_trivial by auto next
   395   have *:"{a..b} \<inter> i = {a..b}" using assms(2) by auto 
   396   case False show ?thesis using division_inter[OF division_of_self[OF False] assms(1)] unfolding * by auto qed
   397 
   398 lemma elementary_inter: assumes "p1 division_of s" "p2 division_of (t::(real^'n) set)"
   399   shows "\<exists>p. p division_of (s \<inter> t)"
   400   by(rule,rule division_inter[OF assms])
   401 
   402 lemma elementary_inters: assumes "finite f" "f\<noteq>{}" "\<forall>s\<in>f. \<exists>p. p division_of (s::(real^'n) set)"
   403   shows "\<exists>p. p division_of (\<Inter> f)" using assms apply-proof(induct f rule:finite_induct)
   404 case (insert x f) show ?case proof(cases "f={}")
   405   case True thus ?thesis unfolding True using insert by auto next
   406   case False guess p using insert(3)[OF False insert(5)[unfolded ball_simps,THEN conjunct2]] ..
   407   moreover guess px using insert(5)[rule_format,OF insertI1] .. ultimately
   408   show ?thesis unfolding Inter_insert apply(rule_tac elementary_inter) by assumption+ qed qed auto
   409 
   410 lemma division_disjoint_union:
   411   assumes "p1 division_of s1" "p2 division_of s2" "interior s1 \<inter> interior s2 = {}"
   412   shows "(p1 \<union> p2) division_of (s1 \<union> s2)" proof(rule division_ofI) 
   413   note d1 = division_ofD[OF assms(1)] and d2 = division_ofD[OF assms(2)]
   414   show "finite (p1 \<union> p2)" using d1(1) d2(1) by auto
   415   show "\<Union>(p1 \<union> p2) = s1 \<union> s2" using d1(6) d2(6) by auto
   416   { fix k1 k2 assume as:"k1 \<in> p1 \<union> p2" "k2 \<in> p1 \<union> p2" "k1 \<noteq> k2" moreover let ?g="interior k1 \<inter> interior k2 = {}"
   417   { assume as:"k1\<in>p1" "k2\<in>p2" have ?g using subset_interior[OF d1(2)[OF as(1)]] subset_interior[OF d2(2)[OF as(2)]]
   418       using assms(3) by blast } moreover
   419   { assume as:"k1\<in>p2" "k2\<in>p1" have ?g using subset_interior[OF d1(2)[OF as(2)]] subset_interior[OF d2(2)[OF as(1)]]
   420       using assms(3) by blast} ultimately
   421   show ?g using d1(5)[OF _ _ as(3)] and d2(5)[OF _ _ as(3)] by auto }
   422   fix k assume k:"k \<in> p1 \<union> p2"  show "k \<subseteq> s1 \<union> s2" using k d1(2) d2(2) by auto
   423   show "k \<noteq> {}" using k d1(3) d2(3) by auto show "\<exists>a b. k = {a..b}" using k d1(4) d2(4) by auto qed
   424 
   425 lemma partial_division_extend_1:
   426   assumes "{c..d} \<subseteq> {a..b::real^'n}" "{c..d} \<noteq> {}"
   427   obtains p where "p division_of {a..b}" "{c..d} \<in> p"
   428 proof- def n \<equiv> "CARD('n)" have n:"1 \<le> n" "0 < n" "n \<noteq> 0" unfolding n_def by auto
   429   guess \<pi> using ex_bij_betw_nat_finite_1[OF finite_UNIV[where 'a='n]] .. note \<pi>=this
   430   def \<pi>' \<equiv> "inv_into {1..n} \<pi>"
   431   have \<pi>':"bij_betw \<pi>' UNIV {1..n}" using bij_betw_inv_into[OF \<pi>] unfolding \<pi>'_def n_def by auto
   432   hence \<pi>'i:"\<And>i. \<pi>' i \<in> {1..n}" unfolding bij_betw_def by auto 
   433   have \<pi>\<pi>'[simp]:"\<And>i. \<pi> (\<pi>' i) = i" unfolding \<pi>'_def apply(rule f_inv_into_f) unfolding n_def using \<pi> unfolding bij_betw_def by auto
   434   have \<pi>'\<pi>[simp]:"\<And>i. i\<in>{1..n} \<Longrightarrow> \<pi>' (\<pi> i) = i" unfolding \<pi>'_def apply(rule inv_into_f_eq) using \<pi> unfolding n_def bij_betw_def by auto
   435   have "{c..d} \<noteq> {}" using assms by auto
   436   let ?p1 = "\<lambda>l. {(\<chi> i. if \<pi>' i < l then c$i else a$i) .. (\<chi> i. if \<pi>' i < l then d$i else if \<pi>' i = l then c$\<pi> l else b$i)}"
   437   let ?p2 = "\<lambda>l. {(\<chi> i. if \<pi>' i < l then c$i else if \<pi>' i = l then d$\<pi> l else a$i) .. (\<chi> i. if \<pi>' i < l then d$i else b$i)}"
   438   let ?p =  "{?p1 l |l. l \<in> {1..n+1}} \<union> {?p2 l |l. l \<in> {1..n+1}}"
   439   have abcd:"\<And>i. a $ i \<le> c $ i \<and> c$i \<le> d$i \<and> d $ i \<le> b $ i" using assms unfolding subset_interval interval_eq_empty by(auto simp add:not_le not_less)
   440   show ?thesis apply(rule that[of ?p]) apply(rule division_ofI)
   441   proof- have "\<And>i. \<pi>' i < Suc n"
   442     proof(rule ccontr,unfold not_less) fix i assume "Suc n \<le> \<pi>' i"
   443       hence "\<pi>' i \<notin> {1..n}" by auto thus False using \<pi>' unfolding bij_betw_def by auto
   444     qed hence "c = (\<chi> i. if \<pi>' i < Suc n then c $ i else a $ i)"
   445         "d = (\<chi> i. if \<pi>' i < Suc n then d $ i else if \<pi>' i = n + 1 then c $ \<pi> (n + 1) else b $ i)"
   446       unfolding Cart_eq Cart_lambda_beta using \<pi>' unfolding bij_betw_def by auto
   447     thus cdp:"{c..d} \<in> ?p" apply-apply(rule UnI1) unfolding mem_Collect_eq apply(rule_tac x="n + 1" in exI) by auto
   448     have "\<And>l. l\<in>{1..n+1} \<Longrightarrow> ?p1 l \<subseteq> {a..b}"  "\<And>l. l\<in>{1..n+1} \<Longrightarrow> ?p2 l \<subseteq> {a..b}"
   449       unfolding subset_eq apply(rule_tac[!] ballI,rule_tac[!] ccontr)
   450     proof- fix l assume l:"l\<in>{1..n+1}" fix x assume "x\<notin>{a..b}"
   451       then guess i unfolding mem_interval not_all .. note i=this
   452       show "x \<in> ?p1 l \<Longrightarrow> False" "x \<in> ?p2 l \<Longrightarrow> False" unfolding mem_interval apply(erule_tac[!] x=i in allE)
   453         apply(case_tac[!] "\<pi>' i < l", case_tac[!] "\<pi>' i = l") using abcd[of i] i by auto 
   454     qed moreover have "\<And>x. x \<in> {a..b} \<Longrightarrow> x \<in> \<Union>?p"
   455     proof- fix x assume x:"x\<in>{a..b}"
   456       { presume "x\<notin>{c..d} \<Longrightarrow> x \<in> \<Union>?p" thus "x \<in> \<Union>?p" using cdp by blast }
   457       let ?M = "{i. i\<in>{1..n+1} \<and> \<not> (c $ \<pi> i \<le> x $ \<pi> i \<and> x $ \<pi> i \<le> d $ \<pi> i)}"
   458       assume "x\<notin>{c..d}" then guess i0 unfolding mem_interval not_all ..
   459       hence "\<pi>' i0 \<in> ?M" using \<pi>' unfolding bij_betw_def by(auto intro!:le_SucI)
   460       hence M:"finite ?M" "?M \<noteq> {}" by auto
   461       def l \<equiv> "Min ?M" note l = Min_less_iff[OF M,unfolded l_def[symmetric]] Min_in[OF M,unfolded mem_Collect_eq l_def[symmetric]]
   462         Min_gr_iff[OF M,unfolded l_def[symmetric]]
   463       have "x\<in>?p1 l \<or> x\<in>?p2 l" using l(2)[THEN conjunct2] unfolding de_Morgan_conj not_le
   464         apply- apply(erule disjE) apply(rule disjI1) defer apply(rule disjI2)
   465       proof- assume as:"x $ \<pi> l < c $ \<pi> l"
   466         show "x \<in> ?p1 l" unfolding mem_interval Cart_lambda_beta
   467         proof case goal1 have "\<pi>' i \<in> {1..n}" using \<pi>' unfolding bij_betw_def not_le by auto
   468           thus ?case using as x[unfolded mem_interval,rule_format,of i]
   469             apply auto using l(3)[of "\<pi>' i"] by(auto elim!:ballE[where x="\<pi>' i"])
   470         qed
   471       next assume as:"x $ \<pi> l > d $ \<pi> l"
   472         show "x \<in> ?p2 l" unfolding mem_interval Cart_lambda_beta
   473         proof case goal1 have "\<pi>' i \<in> {1..n}" using \<pi>' unfolding bij_betw_def not_le by auto
   474           thus ?case using as x[unfolded mem_interval,rule_format,of i]
   475             apply auto using l(3)[of "\<pi>' i"] by(auto elim!:ballE[where x="\<pi>' i"])
   476         qed qed
   477       thus "x \<in> \<Union>?p" using l(2) by blast 
   478     qed ultimately show "\<Union>?p = {a..b}" apply-apply(rule) defer apply(rule) by(assumption,blast)
   479     
   480     show "finite ?p" by auto
   481     fix k assume k:"k\<in>?p" then obtain l where l:"k = ?p1 l \<or> k = ?p2 l" "l \<in> {1..n + 1}" by auto
   482     show "k\<subseteq>{a..b}" apply(rule,unfold mem_interval,rule,rule) 
   483     proof- fix i::'n and x assume "x \<in> k" moreover have "\<pi>' i < l \<or> \<pi>' i = l \<or> \<pi>' i > l" by auto
   484       ultimately show "a$i \<le> x$i" "x$i \<le> b$i" using abcd[of i] using l by(auto elim:disjE elim!:allE[where x=i] simp add:vector_le_def)
   485     qed have "\<And>l. ?p1 l \<noteq> {}" "\<And>l. ?p2 l \<noteq> {}" unfolding interval_eq_empty not_ex apply(rule_tac[!] allI)
   486     proof- case goal1 thus ?case using abcd[of x] by auto
   487     next   case goal2 thus ?case using abcd[of x] by auto
   488     qed thus "k \<noteq> {}" using k by auto
   489     show "\<exists>a b. k = {a..b}" using k by auto
   490     fix k' assume k':"k' \<in> ?p" "k \<noteq> k'" then obtain l' where l':"k' = ?p1 l' \<or> k' = ?p2 l'" "l' \<in> {1..n + 1}" by auto
   491     { fix k k' l l'
   492       assume k:"k\<in>?p" and l:"k = ?p1 l \<or> k = ?p2 l" "l \<in> {1..n + 1}" 
   493       assume k':"k' \<in> ?p" "k \<noteq> k'" and  l':"k' = ?p1 l' \<or> k' = ?p2 l'" "l' \<in> {1..n + 1}" 
   494       assume "l \<le> l'" fix x
   495       have "x \<notin> interior k \<inter> interior k'" 
   496       proof(rule,cases "l' = n+1") assume x:"x \<in> interior k \<inter> interior k'"
   497         case True hence "\<And>i. \<pi>' i < l'" using \<pi>'i by(auto simp add:less_Suc_eq_le)
   498         hence k':"k' = {c..d}" using l'(1) \<pi>'i by(auto simp add:Cart_nth_inverse)
   499         have ln:"l < n + 1" 
   500         proof(rule ccontr) case goal1 hence l2:"l = n+1" using l by auto
   501           hence "\<And>i. \<pi>' i < l" using \<pi>'i by(auto simp add:less_Suc_eq_le)
   502           hence "k = {c..d}" using l(1) \<pi>'i by(auto simp add:Cart_nth_inverse)
   503           thus False using `k\<noteq>k'` k' by auto
   504         qed have **:"\<pi>' (\<pi> l) = l" using \<pi>'\<pi>[of l] using l ln by auto
   505         have "x $ \<pi> l < c $ \<pi> l \<or> d $ \<pi> l < x $ \<pi> l" using l(1) apply-
   506         proof(erule disjE)
   507           assume as:"k = ?p1 l" note * = conjunct1[OF x[unfolded as Int_iff interior_closed_interval mem_interval],rule_format]
   508           show ?thesis using *[of "\<pi> l"] using ln unfolding Cart_lambda_beta ** by auto
   509         next assume as:"k = ?p2 l" note * = conjunct1[OF x[unfolded as Int_iff interior_closed_interval mem_interval],rule_format]
   510           show ?thesis using *[of "\<pi> l"] using ln unfolding Cart_lambda_beta ** by auto
   511         qed thus False using x unfolding k' unfolding Int_iff interior_closed_interval mem_interval
   512           by(auto elim!:allE[where x="\<pi> l"])
   513       next case False hence "l < n + 1" using l'(2) using `l\<le>l'` by auto
   514         hence ln:"l \<in> {1..n}" "l' \<in> {1..n}" using l l' False by auto
   515         note \<pi>l = \<pi>'\<pi>[OF ln(1)] \<pi>'\<pi>[OF ln(2)]
   516         assume x:"x \<in> interior k \<inter> interior k'"
   517         show False using l(1) l'(1) apply-
   518         proof(erule_tac[!] disjE)+
   519           assume as:"k = ?p1 l" "k' = ?p1 l'"
   520           note * = x[unfolded as Int_iff interior_closed_interval mem_interval]
   521           have "l \<noteq> l'" using k'(2)[unfolded as] by auto
   522           thus False using * by(smt Cart_lambda_beta \<pi>l)
   523         next assume as:"k = ?p2 l" "k' = ?p2 l'"
   524           note * = conjunctD2[OF x[unfolded as Int_iff interior_closed_interval mem_interval],rule_format]
   525           have "l \<noteq> l'" apply(rule) using k'(2)[unfolded as] by auto
   526           thus False using *[of "\<pi> l"] *[of "\<pi> l'"]
   527             unfolding Cart_lambda_beta \<pi>l using `l \<le> l'` by auto
   528         next assume as:"k = ?p1 l" "k' = ?p2 l'"
   529           note * = conjunctD2[OF x[unfolded as Int_iff interior_closed_interval mem_interval],rule_format]
   530           show False using *[of "\<pi> l"] *[of "\<pi> l'"]
   531             unfolding Cart_lambda_beta \<pi>l using `l \<le> l'` using abcd[of "\<pi> l'"] by smt 
   532         next assume as:"k = ?p2 l" "k' = ?p1 l'"
   533           note * = conjunctD2[OF x[unfolded as Int_iff interior_closed_interval mem_interval],rule_format]
   534           show False using *[of "\<pi> l"] *[of "\<pi> l'"]
   535             unfolding Cart_lambda_beta \<pi>l using `l \<le> l'` using abcd[of "\<pi> l'"] by smt
   536         qed qed } 
   537     from this[OF k l k' l'] this[OF k'(1) l' k _ l] have "\<And>x. x \<notin> interior k \<inter> interior k'"
   538       apply - apply(cases "l' \<le> l") using k'(2) by auto            
   539     thus "interior k \<inter> interior k' = {}" by auto        
   540 qed qed
   541 
   542 lemma partial_division_extend_interval: assumes "p division_of (\<Union>p)" "(\<Union>p) \<subseteq> {a..b}"
   543   obtains q where "p \<subseteq> q" "q division_of {a..b::real^'n}" proof(cases "p = {}")
   544   case True guess q apply(rule elementary_interval[of a b]) .
   545   thus ?thesis apply- apply(rule that[of q]) unfolding True by auto next
   546   case False note p = division_ofD[OF assms(1)]
   547   have *:"\<forall>k\<in>p. \<exists>q. q division_of {a..b} \<and> k\<in>q" proof case goal1
   548     guess c using p(4)[OF goal1] .. then guess d .. note cd_ = this
   549     have *:"{c..d} \<subseteq> {a..b}" "{c..d} \<noteq> {}" using p(2,3)[OF goal1, unfolded cd_] using assms(2) by auto
   550     guess q apply(rule partial_division_extend_1[OF *]) . thus ?case unfolding cd_ by auto qed
   551   guess q using bchoice[OF *] .. note q = conjunctD2[OF this[rule_format]]
   552   have "\<And>x. x\<in>p \<Longrightarrow> \<exists>d. d division_of \<Union>(q x - {x})" apply(rule,rule_tac p="q x" in division_of_subset) proof-
   553     fix x assume x:"x\<in>p" show "q x division_of \<Union>q x" apply-apply(rule division_ofI)
   554       using division_ofD[OF q(1)[OF x]] by auto show "q x - {x} \<subseteq> q x" by auto qed
   555   hence "\<exists>d. d division_of \<Inter> ((\<lambda>i. \<Union>(q i - {i})) ` p)" apply- apply(rule elementary_inters)
   556     apply(rule finite_imageI[OF p(1)]) unfolding image_is_empty apply(rule False) by auto
   557   then guess d .. note d = this
   558   show ?thesis apply(rule that[of "d \<union> p"]) proof-
   559     have *:"\<And>s f t. s \<noteq> {} \<Longrightarrow> (\<forall>i\<in>s. f i \<union> i = t) \<Longrightarrow> t = \<Inter> (f ` s) \<union> (\<Union>s)" by auto
   560     have *:"{a..b} = \<Inter> (\<lambda>i. \<Union>(q i - {i})) ` p \<union> \<Union>p" apply(rule *[OF False]) proof fix i assume i:"i\<in>p"
   561       show "\<Union>(q i - {i}) \<union> i = {a..b}" using division_ofD(6)[OF q(1)[OF i]] using q(2)[OF i] by auto qed
   562     show "d \<union> p division_of {a..b}" unfolding * apply(rule division_disjoint_union[OF d assms(1)])
   563       apply(rule inter_interior_unions_intervals) apply(rule p open_interior ballI)+ proof(assumption,rule)
   564       fix k assume k:"k\<in>p" have *:"\<And>u t s. u \<subseteq> s \<Longrightarrow> s \<inter> t = {} \<Longrightarrow> u \<inter> t = {}" by auto
   565       show "interior (\<Inter>(\<lambda>i. \<Union>(q i - {i})) ` p) \<inter> interior k = {}" apply(rule *[of _ "interior (\<Union>(q k - {k}))"])
   566 	defer apply(subst Int_commute) apply(rule inter_interior_unions_intervals) proof- note qk=division_ofD[OF q(1)[OF k]]
   567 	show "finite (q k - {k})" "open (interior k)"  "\<forall>t\<in>q k - {k}. \<exists>a b. t = {a..b}" using qk by auto
   568 	show "\<forall>t\<in>q k - {k}. interior k \<inter> interior t = {}" using qk(5) using q(2)[OF k] by auto
   569 	have *:"\<And>x s. x \<in> s \<Longrightarrow> \<Inter>s \<subseteq> x" by auto show "interior (\<Inter>(\<lambda>i. \<Union>(q i - {i})) ` p) \<subseteq> interior (\<Union>(q k - {k}))"
   570 	  apply(rule subset_interior *)+ using k by auto qed qed qed auto qed
   571 
   572 lemma elementary_bounded[dest]: "p division_of s \<Longrightarrow> bounded (s::(real^'n) set)"
   573   unfolding division_of_def by(metis bounded_Union bounded_interval) 
   574 
   575 lemma elementary_subset_interval: "p division_of s \<Longrightarrow> \<exists>a b. s \<subseteq> {a..b::real^'n}"
   576   by(meson elementary_bounded bounded_subset_closed_interval)
   577 
   578 lemma division_union_intervals_exists: assumes "{a..b::real^'n} \<noteq> {}"
   579   obtains p where "(insert {a..b} p) division_of ({a..b} \<union> {c..d})" proof(cases "{c..d} = {}")
   580   case True show ?thesis apply(rule that[of "{}"]) unfolding True using assms by auto next
   581   case False note false=this show ?thesis proof(cases "{a..b} \<inter> {c..d} = {}")
   582   have *:"\<And>a b. {a,b} = {a} \<union> {b}" by auto
   583   case True show ?thesis apply(rule that[of "{{c..d}}"]) unfolding * apply(rule division_disjoint_union)
   584     using false True assms using interior_subset by auto next
   585   case False obtain u v where uv:"{a..b} \<inter> {c..d} = {u..v}" unfolding inter_interval by auto
   586   have *:"{u..v} \<subseteq> {c..d}" using uv by auto
   587   guess p apply(rule partial_division_extend_1[OF * False[unfolded uv]]) . note p=this division_ofD[OF this(1)]
   588   have *:"{a..b} \<union> {c..d} = {a..b} \<union> \<Union>(p - {{u..v}})" "\<And>x s. insert x s = {x} \<union> s" using p(8) unfolding uv[THEN sym] by auto
   589   show thesis apply(rule that[of "p - {{u..v}}"]) unfolding *(1) apply(subst *(2)) apply(rule division_disjoint_union)
   590     apply(rule,rule assms) apply(rule division_of_subset[of p]) apply(rule division_of_union_self[OF p(1)]) defer
   591     unfolding interior_inter[THEN sym] proof-
   592     have *:"\<And>cd p uv ab. p \<subseteq> cd \<Longrightarrow> ab \<inter> cd = uv \<Longrightarrow> ab \<inter> p = uv \<inter> p" by auto
   593     have "interior ({a..b} \<inter> \<Union>(p - {{u..v}})) = interior({u..v} \<inter> \<Union>(p - {{u..v}}))" 
   594       apply(rule arg_cong[of _ _ interior]) apply(rule *[OF _ uv]) using p(8) by auto
   595     also have "\<dots> = {}" unfolding interior_inter apply(rule inter_interior_unions_intervals) using p(6) p(7)[OF p(2)] p(3) by auto
   596     finally show "interior ({a..b} \<inter> \<Union>(p - {{u..v}})) = {}" by assumption qed auto qed qed
   597 
   598 lemma division_of_unions: assumes "finite f"  "\<And>p. p\<in>f \<Longrightarrow> p division_of (\<Union>p)"
   599   "\<And>k1 k2. \<lbrakk>k1 \<in> \<Union>f; k2 \<in> \<Union>f; k1 \<noteq> k2\<rbrakk> \<Longrightarrow> interior k1 \<inter> interior k2 = {}"
   600   shows "\<Union>f division_of \<Union>\<Union>f" apply(rule division_ofI) prefer 5 apply(rule assms(3)|assumption)+
   601   apply(rule finite_Union assms(1))+ prefer 3 apply(erule UnionE) apply(rule_tac s=X in division_ofD(3)[OF assms(2)])
   602   using division_ofD[OF assms(2)] by auto
   603   
   604 lemma elementary_union_interval: assumes "p division_of \<Union>p"
   605   obtains q where "q division_of ({a..b::real^'n} \<union> \<Union>p)" proof-
   606   note assm=division_ofD[OF assms]
   607   have lem1:"\<And>f s. \<Union>\<Union> (f ` s) = \<Union>(\<lambda>x.\<Union>(f x)) ` s" by auto
   608   have lem2:"\<And>f s. f \<noteq> {} \<Longrightarrow> \<Union>{s \<union> t |t. t \<in> f} = s \<union> \<Union>f" by auto
   609 { presume "p={} \<Longrightarrow> thesis" "{a..b} = {} \<Longrightarrow> thesis" "{a..b} \<noteq> {} \<Longrightarrow> interior {a..b} = {} \<Longrightarrow> thesis"
   610     "p\<noteq>{} \<Longrightarrow> interior {a..b}\<noteq>{} \<Longrightarrow> {a..b} \<noteq> {} \<Longrightarrow> thesis"
   611   thus thesis by auto
   612 next assume as:"p={}" guess p apply(rule elementary_interval[of a b]) .
   613   thus thesis apply(rule_tac that[of p]) unfolding as by auto 
   614 next assume as:"{a..b}={}" show thesis apply(rule that) unfolding as using assms by auto
   615 next assume as:"interior {a..b} = {}" "{a..b} \<noteq> {}"
   616   show thesis apply(rule that[of "insert {a..b} p"],rule division_ofI)
   617     unfolding finite_insert apply(rule assm(1)) unfolding Union_insert  
   618     using assm(2-4) as apply- by(fastsimp dest: assm(5))+
   619 next assume as:"p \<noteq> {}" "interior {a..b} \<noteq> {}" "{a..b}\<noteq>{}"
   620   have "\<forall>k\<in>p. \<exists>q. (insert {a..b} q) division_of ({a..b} \<union> k)" proof case goal1
   621     from assm(4)[OF this] guess c .. then guess d ..
   622     thus ?case apply-apply(rule division_union_intervals_exists[OF as(3),of c d]) by auto
   623   qed from bchoice[OF this] guess q .. note q=division_ofD[OF this[rule_format]]
   624   let ?D = "\<Union>{insert {a..b} (q k) | k. k \<in> p}"
   625   show thesis apply(rule that[of "?D"]) proof(rule division_ofI)
   626     have *:"{insert {a..b} (q k) |k. k \<in> p} = (\<lambda>k. insert {a..b} (q k)) ` p" by auto
   627     show "finite ?D" apply(rule finite_Union) unfolding * apply(rule finite_imageI) using assm(1) q(1) by auto
   628     show "\<Union>?D = {a..b} \<union> \<Union>p" unfolding * lem1 unfolding lem2[OF as(1), of "{a..b}",THEN sym]
   629       using q(6) by auto
   630     fix k assume k:"k\<in>?D" thus " k \<subseteq> {a..b} \<union> \<Union>p" using q(2) by auto
   631     show "k \<noteq> {}" using q(3) k by auto show "\<exists>a b. k = {a..b}" using q(4) k by auto
   632     fix k' assume k':"k'\<in>?D" "k\<noteq>k'"
   633     obtain x  where x: "k \<in>insert {a..b} (q x)"  "x\<in>p"  using k  by auto
   634     obtain x' where x':"k'\<in>insert {a..b} (q x')" "x'\<in>p" using k' by auto
   635     show "interior k \<inter> interior k' = {}" proof(cases "x=x'")
   636       case True show ?thesis apply(rule q(5)) using x x' k' unfolding True by auto
   637     next case False 
   638       { presume "k = {a..b} \<Longrightarrow> ?thesis" "k' = {a..b} \<Longrightarrow> ?thesis" 
   639         "k \<noteq> {a..b} \<Longrightarrow> k' \<noteq> {a..b} \<Longrightarrow> ?thesis"
   640         thus ?thesis by auto }
   641       { assume as':"k  = {a..b}" show ?thesis apply(rule q(5)) using x' k'(2) unfolding as' by auto }
   642       { assume as':"k' = {a..b}" show ?thesis apply(rule q(5)) using x  k'(2) unfolding as' by auto }
   643       assume as':"k \<noteq> {a..b}" "k' \<noteq> {a..b}"
   644       guess c using q(4)[OF x(2,1)] .. then guess d .. note c_d=this
   645       have "interior k  \<inter> interior {a..b} = {}" apply(rule q(5)) using x  k'(2) using as' by auto
   646       hence "interior k \<subseteq> interior x" apply-
   647         apply(rule interior_subset_union_intervals[OF c_d _ as(2) q(2)[OF x(2,1)]]) by auto moreover
   648       guess c using q(4)[OF x'(2,1)] .. then guess d .. note c_d=this
   649       have "interior k' \<inter> interior {a..b} = {}" apply(rule q(5)) using x' k'(2) using as' by auto
   650       hence "interior k' \<subseteq> interior x'" apply-
   651         apply(rule interior_subset_union_intervals[OF c_d _ as(2) q(2)[OF x'(2,1)]]) by auto
   652       ultimately show ?thesis using assm(5)[OF x(2) x'(2) False] by auto
   653     qed qed } qed
   654 
   655 lemma elementary_unions_intervals:
   656   assumes "finite f" "\<And>s. s \<in> f \<Longrightarrow> \<exists>a b. s = {a..b::real^'n}"
   657   obtains p where "p division_of (\<Union>f)" proof-
   658   have "\<exists>p. p division_of (\<Union>f)" proof(induct_tac f rule:finite_subset_induct) 
   659     show "\<exists>p. p division_of \<Union>{}" using elementary_empty by auto
   660     fix x F assume as:"finite F" "x \<notin> F" "\<exists>p. p division_of \<Union>F" "x\<in>f"
   661     from this(3) guess p .. note p=this
   662     from assms(2)[OF as(4)] guess a .. then guess b .. note ab=this
   663     have *:"\<Union>F = \<Union>p" using division_ofD[OF p] by auto
   664     show "\<exists>p. p division_of \<Union>insert x F" using elementary_union_interval[OF p[unfolded *], of a b]
   665       unfolding Union_insert ab * by auto
   666   qed(insert assms,auto) thus ?thesis apply-apply(erule exE,rule that) by auto qed
   667 
   668 lemma elementary_union: assumes "ps division_of s" "pt division_of (t::(real^'n) set)"
   669   obtains p where "p division_of (s \<union> t)"
   670 proof- have "s \<union> t = \<Union>ps \<union> \<Union>pt" using assms unfolding division_of_def by auto
   671   hence *:"\<Union>(ps \<union> pt) = s \<union> t" by auto
   672   show ?thesis apply-apply(rule elementary_unions_intervals[of "ps\<union>pt"])
   673     unfolding * prefer 3 apply(rule_tac p=p in that)
   674     using assms[unfolded division_of_def] by auto qed
   675 
   676 lemma partial_division_extend: fixes t::"(real^'n) set"
   677   assumes "p division_of s" "q division_of t" "s \<subseteq> t"
   678   obtains r where "p \<subseteq> r" "r division_of t" proof-
   679   note divp = division_ofD[OF assms(1)] and divq = division_ofD[OF assms(2)]
   680   obtain a b where ab:"t\<subseteq>{a..b}" using elementary_subset_interval[OF assms(2)] by auto
   681   guess r1 apply(rule partial_division_extend_interval) apply(rule assms(1)[unfolded divp(6)[THEN sym]])
   682     apply(rule subset_trans) by(rule ab assms[unfolded divp(6)[THEN sym]])+  note r1 = this division_ofD[OF this(2)]
   683   guess p' apply(rule elementary_unions_intervals[of "r1 - p"]) using r1(3,6) by auto 
   684   then obtain r2 where r2:"r2 division_of (\<Union>(r1 - p)) \<inter> (\<Union>q)" 
   685     apply- apply(drule elementary_inter[OF _ assms(2)[unfolded divq(6)[THEN sym]]]) by auto
   686   { fix x assume x:"x\<in>t" "x\<notin>s"
   687     hence "x\<in>\<Union>r1" unfolding r1 using ab by auto
   688     then guess r unfolding Union_iff .. note r=this moreover
   689     have "r \<notin> p" proof assume "r\<in>p" hence "x\<in>s" using divp(2) r by auto
   690       thus False using x by auto qed
   691     ultimately have "x\<in>\<Union>(r1 - p)" by auto }
   692   hence *:"t = \<Union>p \<union> (\<Union>(r1 - p) \<inter> \<Union>q)" unfolding divp divq using assms(3) by auto
   693   show ?thesis apply(rule that[of "p \<union> r2"]) unfolding * defer apply(rule division_disjoint_union)
   694     unfolding divp(6) apply(rule assms r2)+
   695   proof- have "interior s \<inter> interior (\<Union>(r1-p)) = {}"
   696     proof(rule inter_interior_unions_intervals)
   697       show "finite (r1 - p)" "open (interior s)" "\<forall>t\<in>r1-p. \<exists>a b. t = {a..b}" using r1 by auto
   698       have *:"\<And>s. (\<And>x. x \<in> s \<Longrightarrow> False) \<Longrightarrow> s = {}" by auto
   699       show "\<forall>t\<in>r1-p. interior s \<inter> interior t = {}" proof(rule)
   700         fix m x assume as:"m\<in>r1-p"
   701         have "interior m \<inter> interior (\<Union>p) = {}" proof(rule inter_interior_unions_intervals)
   702           show "finite p" "open (interior m)" "\<forall>t\<in>p. \<exists>a b. t = {a..b}" using divp by auto
   703           show "\<forall>t\<in>p. interior m \<inter> interior t = {}" apply(rule, rule r1(7)) using as using r1 by auto
   704         qed thus "interior s \<inter> interior m = {}" unfolding divp by auto
   705       qed qed        
   706     thus "interior s \<inter> interior (\<Union>(r1-p) \<inter> (\<Union>q)) = {}" using interior_subset by auto
   707   qed auto qed
   708 
   709 subsection {* Tagged (partial) divisions. *}
   710 
   711 definition tagged_partial_division_of (infixr "tagged'_partial'_division'_of" 40) where
   712   "(s tagged_partial_division_of i) \<equiv>
   713         finite s \<and>
   714         (\<forall>x k. (x,k) \<in> s \<longrightarrow> x \<in> k \<and> k \<subseteq> i \<and> (\<exists>a b. k = {a..b})) \<and>
   715         (\<forall>x1 k1 x2 k2. (x1,k1) \<in> s \<and> (x2,k2) \<in> s \<and> ((x1,k1) \<noteq> (x2,k2))
   716                        \<longrightarrow> (interior(k1) \<inter> interior(k2) = {}))"
   717 
   718 lemma tagged_partial_division_ofD[dest]: assumes "s tagged_partial_division_of i"
   719   shows "finite s" "\<And>x k. (x,k) \<in> s \<Longrightarrow> x \<in> k" "\<And>x k. (x,k) \<in> s \<Longrightarrow> k \<subseteq> i"
   720   "\<And>x k. (x,k) \<in> s \<Longrightarrow> \<exists>a b. k = {a..b}"
   721   "\<And>x1 k1 x2 k2. (x1,k1) \<in> s \<Longrightarrow> (x2,k2) \<in> s \<Longrightarrow> (x1,k1) \<noteq> (x2,k2) \<Longrightarrow> interior(k1) \<inter> interior(k2) = {}"
   722   using assms unfolding tagged_partial_division_of_def  apply- by blast+ 
   723 
   724 definition tagged_division_of (infixr "tagged'_division'_of" 40) where
   725   "(s tagged_division_of i) \<equiv>
   726         (s tagged_partial_division_of i) \<and> (\<Union>{k. \<exists>x. (x,k) \<in> s} = i)"
   727 
   728 lemma tagged_division_of_finite[dest]: "s tagged_division_of i \<Longrightarrow> finite s"
   729   unfolding tagged_division_of_def tagged_partial_division_of_def by auto
   730 
   731 lemma tagged_division_of:
   732  "(s tagged_division_of i) \<longleftrightarrow>
   733         finite s \<and>
   734         (\<forall>x k. (x,k) \<in> s
   735                \<longrightarrow> x \<in> k \<and> k \<subseteq> i \<and> (\<exists>a b. k = {a..b})) \<and>
   736         (\<forall>x1 k1 x2 k2. (x1,k1) \<in> s \<and> (x2,k2) \<in> s \<and> ~((x1,k1) = (x2,k2))
   737                        \<longrightarrow> (interior(k1) \<inter> interior(k2) = {})) \<and>
   738         (\<Union>{k. \<exists>x. (x,k) \<in> s} = i)"
   739   unfolding tagged_division_of_def tagged_partial_division_of_def by auto
   740 
   741 lemma tagged_division_ofI: assumes
   742   "finite s" "\<And>x k. (x,k) \<in> s \<Longrightarrow> x \<in> k" "\<And>x k. (x,k) \<in> s \<Longrightarrow> k \<subseteq> i"  "\<And>x k. (x,k) \<in> s \<Longrightarrow> \<exists>a b. k = {a..b}"
   743   "\<And>x1 k1 x2 k2. (x1,k1) \<in> s \<Longrightarrow> (x2,k2) \<in> s \<Longrightarrow> ~((x1,k1) = (x2,k2)) \<Longrightarrow> (interior(k1) \<inter> interior(k2) = {})"
   744   "(\<Union>{k. \<exists>x. (x,k) \<in> s} = i)"
   745   shows "s tagged_division_of i"
   746   unfolding tagged_division_of apply(rule) defer apply rule
   747   apply(rule allI impI conjI assms)+ apply assumption
   748   apply(rule, rule assms, assumption) apply(rule assms, assumption)
   749   using assms(1,5-) apply- by blast+
   750 
   751 lemma tagged_division_ofD[dest]: assumes "s tagged_division_of i"
   752   shows "finite s" "\<And>x k. (x,k) \<in> s \<Longrightarrow> x \<in> k" "\<And>x k. (x,k) \<in> s \<Longrightarrow> k \<subseteq> i"  "\<And>x k. (x,k) \<in> s \<Longrightarrow> \<exists>a b. k = {a..b}"
   753   "\<And>x1 k1 x2 k2. (x1,k1) \<in> s \<Longrightarrow> (x2,k2) \<in> s \<Longrightarrow> ~((x1,k1) = (x2,k2)) \<Longrightarrow> (interior(k1) \<inter> interior(k2) = {})"
   754   "(\<Union>{k. \<exists>x. (x,k) \<in> s} = i)" using assms unfolding tagged_division_of apply- by blast+
   755 
   756 lemma division_of_tagged_division: assumes"s tagged_division_of i"  shows "(snd ` s) division_of i"
   757 proof(rule division_ofI) note assm=tagged_division_ofD[OF assms]
   758   show "\<Union>snd ` s = i" "finite (snd ` s)" using assm by auto
   759   fix k assume k:"k \<in> snd ` s" then obtain xk where xk:"(xk, k) \<in> s" by auto
   760   thus  "k \<subseteq> i" "k \<noteq> {}" "\<exists>a b. k = {a..b}" using assm apply- by fastsimp+
   761   fix k' assume k':"k' \<in> snd ` s" "k \<noteq> k'" from this(1) obtain xk' where xk':"(xk', k') \<in> s" by auto
   762   thus "interior k \<inter> interior k' = {}" apply-apply(rule assm(5)) apply(rule xk xk')+ using k' by auto
   763 qed
   764 
   765 lemma partial_division_of_tagged_division: assumes "s tagged_partial_division_of i"
   766   shows "(snd ` s) division_of \<Union>(snd ` s)"
   767 proof(rule division_ofI) note assm=tagged_partial_division_ofD[OF assms]
   768   show "finite (snd ` s)" "\<Union>snd ` s = \<Union>snd ` s" using assm by auto
   769   fix k assume k:"k \<in> snd ` s" then obtain xk where xk:"(xk, k) \<in> s" by auto
   770   thus "k\<noteq>{}" "\<exists>a b. k = {a..b}" "k \<subseteq> \<Union>snd ` s" using assm by auto
   771   fix k' assume k':"k' \<in> snd ` s" "k \<noteq> k'" from this(1) obtain xk' where xk':"(xk', k') \<in> s" by auto
   772   thus "interior k \<inter> interior k' = {}" apply-apply(rule assm(5)) apply(rule xk xk')+ using k' by auto
   773 qed
   774 
   775 lemma tagged_partial_division_subset: assumes "s tagged_partial_division_of i" "t \<subseteq> s"
   776   shows "t tagged_partial_division_of i"
   777   using assms unfolding tagged_partial_division_of_def using finite_subset[OF assms(2)] by blast
   778 
   779 lemma setsum_over_tagged_division_lemma: fixes d::"(real^'m) set \<Rightarrow> 'a::real_normed_vector"
   780   assumes "p tagged_division_of i" "\<And>u v. {u..v} \<noteq> {} \<Longrightarrow> content {u..v} = 0 \<Longrightarrow> d {u..v} = 0"
   781   shows "setsum (\<lambda>(x,k). d k) p = setsum d (snd ` p)"
   782 proof- note assm=tagged_division_ofD[OF assms(1)]
   783   have *:"(\<lambda>(x,k). d k) = d \<circ> snd" unfolding o_def apply(rule ext) by auto
   784   show ?thesis unfolding * apply(subst eq_commute) proof(rule setsum_reindex_nonzero)
   785     show "finite p" using assm by auto
   786     fix x y assume as:"x\<in>p" "y\<in>p" "x\<noteq>y" "snd x = snd y" 
   787     obtain a b where ab:"snd x = {a..b}" using assm(4)[of "fst x" "snd x"] as(1) by auto
   788     have "(fst x, snd y) \<in> p" "(fst x, snd y) \<noteq> y" unfolding as(4)[THEN sym] using as(1-3) by auto
   789     hence "interior (snd x) \<inter> interior (snd y) = {}" apply-apply(rule assm(5)[of "fst x" _ "fst y"]) using as by auto 
   790     hence "content {a..b} = 0" unfolding as(4)[THEN sym] ab content_eq_0_interior by auto
   791     hence "d {a..b} = 0" apply-apply(rule assms(2)) using assm(2)[of "fst x" "snd x"] as(1) unfolding ab[THEN sym] by auto
   792     thus "d (snd x) = 0" unfolding ab by auto qed qed
   793 
   794 lemma tag_in_interval: "p tagged_division_of i \<Longrightarrow> (x,k) \<in> p \<Longrightarrow> x \<in> i" by auto
   795 
   796 lemma tagged_division_of_empty: "{} tagged_division_of {}"
   797   unfolding tagged_division_of by auto
   798 
   799 lemma tagged_partial_division_of_trivial[simp]:
   800  "p tagged_partial_division_of {} \<longleftrightarrow> p = {}"
   801   unfolding tagged_partial_division_of_def by auto
   802 
   803 lemma tagged_division_of_trivial[simp]:
   804  "p tagged_division_of {} \<longleftrightarrow> p = {}"
   805   unfolding tagged_division_of by auto
   806 
   807 lemma tagged_division_of_self:
   808  "x \<in> {a..b} \<Longrightarrow> {(x,{a..b})} tagged_division_of {a..b}"
   809   apply(rule tagged_division_ofI) by auto
   810 
   811 lemma tagged_division_union:
   812   assumes "p1 tagged_division_of s1"  "p2 tagged_division_of s2" "interior s1 \<inter> interior s2 = {}"
   813   shows "(p1 \<union> p2) tagged_division_of (s1 \<union> s2)"
   814 proof(rule tagged_division_ofI) note p1=tagged_division_ofD[OF assms(1)] and p2=tagged_division_ofD[OF assms(2)]
   815   show "finite (p1 \<union> p2)" using p1(1) p2(1) by auto
   816   show "\<Union>{k. \<exists>x. (x, k) \<in> p1 \<union> p2} = s1 \<union> s2" using p1(6) p2(6) by blast
   817   fix x k assume xk:"(x,k)\<in>p1\<union>p2" show "x\<in>k" "\<exists>a b. k = {a..b}" using xk p1(2,4) p2(2,4) by auto
   818   show "k\<subseteq>s1\<union>s2" using xk p1(3) p2(3) by blast
   819   fix x' k' assume xk':"(x',k')\<in>p1\<union>p2" "(x,k) \<noteq> (x',k')"
   820   have *:"\<And>a b. a\<subseteq> s1 \<Longrightarrow> b\<subseteq> s2 \<Longrightarrow> interior a \<inter> interior b = {}" using assms(3) subset_interior by blast
   821   show "interior k \<inter> interior k' = {}" apply(cases "(x,k)\<in>p1", case_tac[!] "(x',k')\<in>p1")
   822     apply(rule p1(5)) prefer 4 apply(rule *) prefer 6 apply(subst Int_commute,rule *) prefer 8 apply(rule p2(5))
   823     using p1(3) p2(3) using xk xk' by auto qed 
   824 
   825 lemma tagged_division_unions:
   826   assumes "finite iset" "\<forall>i\<in>iset. (pfn(i) tagged_division_of i)"
   827   "\<forall>i1 \<in> iset. \<forall>i2 \<in> iset. ~(i1 = i2) \<longrightarrow> (interior(i1) \<inter> interior(i2) = {})"
   828   shows "\<Union>(pfn ` iset) tagged_division_of (\<Union>iset)"
   829 proof(rule tagged_division_ofI)
   830   note assm = tagged_division_ofD[OF assms(2)[rule_format]]
   831   show "finite (\<Union>pfn ` iset)" apply(rule finite_Union) using assms by auto
   832   have "\<Union>{k. \<exists>x. (x, k) \<in> \<Union>pfn ` iset} = \<Union>(\<lambda>i. \<Union>{k. \<exists>x. (x, k) \<in> pfn i}) ` iset" by blast 
   833   also have "\<dots> = \<Union>iset" using assm(6) by auto
   834   finally show "\<Union>{k. \<exists>x. (x, k) \<in> \<Union>pfn ` iset} = \<Union>iset" . 
   835   fix x k assume xk:"(x,k)\<in>\<Union>pfn ` iset" then obtain i where i:"i \<in> iset" "(x, k) \<in> pfn i" by auto
   836   show "x\<in>k" "\<exists>a b. k = {a..b}" "k \<subseteq> \<Union>iset" using assm(2-4)[OF i] using i(1) by auto
   837   fix x' k' assume xk':"(x',k')\<in>\<Union>pfn ` iset" "(x, k) \<noteq> (x', k')" then obtain i' where i':"i' \<in> iset" "(x', k') \<in> pfn i'" by auto
   838   have *:"\<And>a b. i\<noteq>i' \<Longrightarrow> a\<subseteq> i \<Longrightarrow> b\<subseteq> i' \<Longrightarrow> interior a \<inter> interior b = {}" using i(1) i'(1)
   839     using assms(3)[rule_format] subset_interior by blast
   840   show "interior k \<inter> interior k' = {}" apply(cases "i=i'")
   841     using assm(5)[OF i _ xk'(2)]  i'(2) using assm(3)[OF i] assm(3)[OF i'] defer apply-apply(rule *) by auto
   842 qed
   843 
   844 lemma tagged_partial_division_of_union_self:
   845   assumes "p tagged_partial_division_of s" shows "p tagged_division_of (\<Union>(snd ` p))"
   846   apply(rule tagged_division_ofI) using tagged_partial_division_ofD[OF assms] by auto
   847 
   848 lemma tagged_division_of_union_self: assumes "p tagged_division_of s"
   849   shows "p tagged_division_of (\<Union>(snd ` p))"
   850   apply(rule tagged_division_ofI) using tagged_division_ofD[OF assms] by auto
   851 
   852 subsection {* Fine-ness of a partition w.r.t. a gauge. *}
   853 
   854 definition fine (infixr "fine" 46) where
   855   "d fine s \<longleftrightarrow> (\<forall>(x,k) \<in> s. k \<subseteq> d(x))"
   856 
   857 lemma fineI: assumes "\<And>x k. (x,k) \<in> s \<Longrightarrow> k \<subseteq> d x"
   858   shows "d fine s" using assms unfolding fine_def by auto
   859 
   860 lemma fineD[dest]: assumes "d fine s"
   861   shows "\<And>x k. (x,k) \<in> s \<Longrightarrow> k \<subseteq> d x" using assms unfolding fine_def by auto
   862 
   863 lemma fine_inter: "(\<lambda>x. d1 x \<inter> d2 x) fine p \<longleftrightarrow> d1 fine p \<and> d2 fine p"
   864   unfolding fine_def by auto
   865 
   866 lemma fine_inters:
   867  "(\<lambda>x. \<Inter> {f d x | d.  d \<in> s}) fine p \<longleftrightarrow> (\<forall>d\<in>s. (f d) fine p)"
   868   unfolding fine_def by blast
   869 
   870 lemma fine_union:
   871   "d fine p1 \<Longrightarrow> d fine p2 \<Longrightarrow> d fine (p1 \<union> p2)"
   872   unfolding fine_def by blast
   873 
   874 lemma fine_unions:"(\<And>p. p \<in> ps \<Longrightarrow> d fine p) \<Longrightarrow> d fine (\<Union>ps)"
   875   unfolding fine_def by auto
   876 
   877 lemma fine_subset:  "p \<subseteq> q \<Longrightarrow> d fine q \<Longrightarrow> d fine p"
   878   unfolding fine_def by blast
   879 
   880 subsection {* Gauge integral. Define on compact intervals first, then use a limit. *}
   881 
   882 definition has_integral_compact_interval (infixr "has'_integral'_compact'_interval" 46) where
   883   "(f has_integral_compact_interval y) i \<equiv>
   884         (\<forall>e>0. \<exists>d. gauge d \<and>
   885           (\<forall>p. p tagged_division_of i \<and> d fine p
   886                         \<longrightarrow> norm(setsum (\<lambda>(x,k). content k *\<^sub>R f x) p - y) < e))"
   887 
   888 definition has_integral (infixr "has'_integral" 46) where 
   889 "((f::(real^'n \<Rightarrow> 'b::real_normed_vector)) has_integral y) i \<equiv>
   890         if (\<exists>a b. i = {a..b}) then (f has_integral_compact_interval y) i
   891         else (\<forall>e>0. \<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b}
   892               \<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> i then f x else 0) has_integral_compact_interval z) {a..b} \<and>
   893                                        norm(z - y) < e))"
   894 
   895 lemma has_integral:
   896  "(f has_integral y) ({a..b}) \<longleftrightarrow>
   897         (\<forall>e>0. \<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p
   898                         \<longrightarrow> norm(setsum (\<lambda>(x,k). content(k) *\<^sub>R f x) p - y) < e))"
   899   unfolding has_integral_def has_integral_compact_interval_def by auto
   900 
   901 lemma has_integralD[dest]: assumes
   902  "(f has_integral y) ({a..b})" "e>0"
   903   obtains d where "gauge d" "\<And>p. p tagged_division_of {a..b} \<Longrightarrow> d fine p
   904                         \<Longrightarrow> norm(setsum (\<lambda>(x,k). content(k) *\<^sub>R f(x)) p - y) < e"
   905   using assms unfolding has_integral by auto
   906 
   907 lemma has_integral_alt:
   908  "(f has_integral y) i \<longleftrightarrow>
   909       (if (\<exists>a b. i = {a..b}) then (f has_integral y) i
   910        else (\<forall>e>0. \<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b}
   911                                \<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> i then f(x) else 0)
   912                                         has_integral z) ({a..b}) \<and>
   913                                        norm(z - y) < e)))"
   914   unfolding has_integral unfolding has_integral_compact_interval_def has_integral_def by auto
   915 
   916 lemma has_integral_altD:
   917   assumes "(f has_integral y) i" "\<not> (\<exists>a b. i = {a..b})" "e>0"
   918   obtains B where "B>0" "\<forall>a b. ball 0 B \<subseteq> {a..b}\<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> i then f(x) else 0) has_integral z) ({a..b}) \<and> norm(z - y) < e)"
   919   using assms unfolding has_integral unfolding has_integral_compact_interval_def has_integral_def by auto
   920 
   921 definition integrable_on (infixr "integrable'_on" 46) where
   922   "(f integrable_on i) \<equiv> \<exists>y. (f has_integral y) i"
   923 
   924 definition "integral i f \<equiv> SOME y. (f has_integral y) i"
   925 
   926 lemma integrable_integral[dest]:
   927  "f integrable_on i \<Longrightarrow> (f has_integral (integral i f)) i"
   928   unfolding integrable_on_def integral_def by(rule someI_ex)
   929 
   930 lemma has_integral_integrable[intro]: "(f has_integral i) s \<Longrightarrow> f integrable_on s"
   931   unfolding integrable_on_def by auto
   932 
   933 lemma has_integral_integral:"f integrable_on s \<longleftrightarrow> (f has_integral (integral s f)) s"
   934   by auto
   935 
   936 lemma has_integral_vec1: assumes "(f has_integral k) {a..b}"
   937   shows "((\<lambda>x. vec1 (f x)) has_integral (vec1 k)) {a..b}"
   938 proof- have *:"\<And>p. (\<Sum>(x, k)\<in>p. content k *\<^sub>R vec1 (f x)) - vec1 k = vec1 ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - k)"
   939     unfolding vec_sub Cart_eq by(auto simp add: split_beta)
   940   show ?thesis using assms unfolding has_integral apply safe
   941     apply(erule_tac x=e in allE,safe) apply(rule_tac x=d in exI,safe)
   942     apply(erule_tac x=p in allE,safe) unfolding * norm_vector_1 by auto qed
   943 
   944 lemma setsum_content_null:
   945   assumes "content({a..b}) = 0" "p tagged_division_of {a..b}"
   946   shows "setsum (\<lambda>(x,k). content k *\<^sub>R f x) p = (0::'a::real_normed_vector)"
   947 proof(rule setsum_0',rule) fix y assume y:"y\<in>p"
   948   obtain x k where xk:"y = (x,k)" using surj_pair[of y] by blast
   949   note assm = tagged_division_ofD(3-4)[OF assms(2) y[unfolded xk]]
   950   from this(2) guess c .. then guess d .. note c_d=this
   951   have "(\<lambda>(x, k). content k *\<^sub>R f x) y = content k *\<^sub>R f x" unfolding xk by auto
   952   also have "\<dots> = 0" using content_subset[OF assm(1)[unfolded c_d]] content_pos_le[of c d]
   953     unfolding assms(1) c_d by auto
   954   finally show "(\<lambda>(x, k). content k *\<^sub>R f x) y = 0" .
   955 qed
   956 
   957 subsection {* Some basic combining lemmas. *}
   958 
   959 lemma tagged_division_unions_exists:
   960   assumes "finite iset" "\<forall>i \<in> iset. \<exists>p. p tagged_division_of i \<and> d fine p"
   961   "\<forall>i1\<in>iset. \<forall>i2\<in>iset. ~(i1 = i2) \<longrightarrow> (interior(i1) \<inter> interior(i2) = {})" "(\<Union>iset = i)"
   962    obtains p where "p tagged_division_of i" "d fine p"
   963 proof- guess pfn using bchoice[OF assms(2)] .. note pfn = conjunctD2[OF this[rule_format]]
   964   show thesis apply(rule_tac p="\<Union>(pfn ` iset)" in that) unfolding assms(4)[THEN sym]
   965     apply(rule tagged_division_unions[OF assms(1) _ assms(3)]) defer 
   966     apply(rule fine_unions) using pfn by auto
   967 qed
   968 
   969 subsection {* The set we're concerned with must be closed. *}
   970 
   971 lemma division_of_closed: "s division_of i \<Longrightarrow> closed (i::(real^'n) set)"
   972   unfolding division_of_def by(fastsimp intro!: closed_Union closed_interval)
   973 
   974 subsection {* General bisection principle for intervals; might be useful elsewhere. *}
   975 
   976 lemma interval_bisection_step:
   977   assumes "P {}" "(\<forall>s t. P s \<and> P t \<and> interior(s) \<inter> interior(t) = {} \<longrightarrow> P(s \<union> t))" "~(P {a..b::real^'n})"
   978   obtains c d where "~(P{c..d})"
   979   "\<forall>i. a$i \<le> c$i \<and> c$i \<le> d$i \<and> d$i \<le> b$i \<and> 2 * (d$i - c$i) \<le> b$i - a$i"
   980 proof- have "{a..b} \<noteq> {}" using assms(1,3) by auto
   981   note ab=this[unfolded interval_eq_empty not_ex not_less]
   982   { fix f have "finite f \<Longrightarrow>
   983         (\<forall>s\<in>f. P s) \<Longrightarrow>
   984         (\<forall>s\<in>f. \<exists>a b. s = {a..b}) \<Longrightarrow>
   985         (\<forall>s\<in>f.\<forall>t\<in>f. ~(s = t) \<longrightarrow> interior(s) \<inter> interior(t) = {}) \<Longrightarrow> P(\<Union>f)"
   986     proof(induct f rule:finite_induct)
   987       case empty show ?case using assms(1) by auto
   988     next case (insert x f) show ?case unfolding Union_insert apply(rule assms(2)[rule_format])
   989         apply rule defer apply rule defer apply(rule inter_interior_unions_intervals)
   990         using insert by auto
   991     qed } note * = this
   992   let ?A = "{{c..d} | c d. \<forall>i. (c$i = a$i) \<and> (d$i = (a$i + b$i) / 2) \<or> (c$i = (a$i + b$i) / 2) \<and> (d$i = b$i)}"
   993   let ?PP = "\<lambda>c d. \<forall>i. a$i \<le> c$i \<and> c$i \<le> d$i \<and> d$i \<le> b$i \<and> 2 * (d$i - c$i) \<le> b$i - a$i"
   994   { presume "\<forall>c d. ?PP c d \<longrightarrow> P {c..d} \<Longrightarrow> False"
   995     thus thesis unfolding atomize_not not_all apply-apply(erule exE)+ apply(rule_tac c=x and d=xa in that) by auto }
   996   assume as:"\<forall>c d. ?PP c d \<longrightarrow> P {c..d}"
   997   have "P (\<Union> ?A)" proof(rule *, rule_tac[2-] ballI, rule_tac[4] ballI, rule_tac[4] impI) 
   998     let ?B = "(\<lambda>s.{(\<chi> i. if i \<in> s then a$i else (a$i + b$i) / 2) ..
   999       (\<chi> i. if i \<in> s then (a$i + b$i) / 2 else b$i)}) ` {s. s \<subseteq> UNIV}"
  1000     have "?A \<subseteq> ?B" proof case goal1
  1001       then guess c unfolding mem_Collect_eq .. then guess d apply- by(erule exE,(erule conjE)+) note c_d=this[rule_format]
  1002       have *:"\<And>a b c d. a = c \<Longrightarrow> b = d \<Longrightarrow> {a..b} = {c..d}" by auto
  1003       show "x\<in>?B" unfolding image_iff apply(rule_tac x="{i. c$i = a$i}" in bexI)
  1004         unfolding c_d apply(rule * ) unfolding Cart_eq cond_component Cart_lambda_beta
  1005       proof(rule_tac[1-2] allI) fix i show "c $ i = (if i \<in> {i. c $ i = a $ i} then a $ i else (a $ i + b $ i) / 2)"
  1006           "d $ i = (if i \<in> {i. c $ i = a $ i} then (a $ i + b $ i) / 2 else b $ i)"
  1007           using c_d(2)[of i] ab[THEN spec[where x=i]] by(auto simp add:field_simps)
  1008       qed auto qed
  1009     thus "finite ?A" apply(rule finite_subset[of _ ?B]) by auto
  1010     fix s assume "s\<in>?A" then guess c unfolding mem_Collect_eq .. then guess d apply- by(erule exE,(erule conjE)+)
  1011     note c_d=this[rule_format]
  1012     show "P s" unfolding c_d apply(rule as[rule_format]) proof- case goal1 show ?case 
  1013         using c_d(2)[of i] using ab[THEN spec[where x=i]] by auto qed
  1014     show "\<exists>a b. s = {a..b}" unfolding c_d by auto
  1015     fix t assume "t\<in>?A" then guess e unfolding mem_Collect_eq .. then guess f apply- by(erule exE,(erule conjE)+)
  1016     note e_f=this[rule_format]
  1017     assume "s \<noteq> t" hence "\<not> (c = e \<and> d = f)" unfolding c_d e_f by auto
  1018     then obtain i where "c$i \<noteq> e$i \<or> d$i \<noteq> f$i" unfolding de_Morgan_conj Cart_eq by auto
  1019     hence i:"c$i \<noteq> e$i" "d$i \<noteq> f$i" apply- apply(erule_tac[!] disjE)
  1020     proof- assume "c$i \<noteq> e$i" thus "d$i \<noteq> f$i" using c_d(2)[of i] e_f(2)[of i] by fastsimp
  1021     next   assume "d$i \<noteq> f$i" thus "c$i \<noteq> e$i" using c_d(2)[of i] e_f(2)[of i] by fastsimp
  1022     qed have *:"\<And>s t. (\<And>a. a\<in>s \<Longrightarrow> a\<in>t \<Longrightarrow> False) \<Longrightarrow> s \<inter> t = {}" by auto
  1023     show "interior s \<inter> interior t = {}" unfolding e_f c_d interior_closed_interval proof(rule *)
  1024       fix x assume "x\<in>{c<..<d}" "x\<in>{e<..<f}"
  1025       hence x:"c$i < d$i" "e$i < f$i" "c$i < f$i" "e$i < d$i" unfolding mem_interval apply-apply(erule_tac[!] x=i in allE)+ by auto
  1026       show False using c_d(2)[of i] apply- apply(erule_tac disjE)
  1027       proof(erule_tac[!] conjE) assume as:"c $ i = a $ i" "d $ i = (a $ i + b $ i) / 2"
  1028         show False using e_f(2)[of i] and i x unfolding as by(fastsimp simp add:field_simps)
  1029       next assume as:"c $ i = (a $ i + b $ i) / 2" "d $ i = b $ i"
  1030         show False using e_f(2)[of i] and i x unfolding as by(fastsimp simp add:field_simps)
  1031       qed qed qed
  1032   also have "\<Union> ?A = {a..b}" proof(rule set_ext,rule)
  1033     fix x assume "x\<in>\<Union>?A" then guess Y unfolding Union_iff ..
  1034     from this(1) guess c unfolding mem_Collect_eq .. then guess d ..
  1035     note c_d = this[THEN conjunct2,rule_format] `x\<in>Y`[unfolded this[THEN conjunct1]]
  1036     show "x\<in>{a..b}" unfolding mem_interval proof 
  1037       fix i show "a $ i \<le> x $ i \<and> x $ i \<le> b $ i"
  1038         using c_d(1)[of i] c_d(2)[unfolded mem_interval,THEN spec[where x=i]] by auto qed
  1039   next fix x assume x:"x\<in>{a..b}"
  1040     have "\<forall>i. \<exists>c d. (c = a$i \<and> d = (a$i + b$i) / 2 \<or> c = (a$i + b$i) / 2 \<and> d = b$i) \<and> c\<le>x$i \<and> x$i \<le> d"
  1041       (is "\<forall>i. \<exists>c d. ?P i c d") unfolding mem_interval proof fix i
  1042       have "?P i (a$i) ((a $ i + b $ i) / 2) \<or> ?P i ((a $ i + b $ i) / 2) (b$i)"
  1043         using x[unfolded mem_interval,THEN spec[where x=i]] by auto thus "\<exists>c d. ?P i c d" by blast
  1044     qed thus "x\<in>\<Union>?A" unfolding Union_iff lambda_skolem unfolding Bex_def mem_Collect_eq
  1045       apply-apply(erule exE)+ apply(rule_tac x="{xa..xaa}" in exI) unfolding mem_interval by auto
  1046   qed finally show False using assms by auto qed
  1047 
  1048 lemma interval_bisection:
  1049   assumes "P {}" "(\<forall>s t. P s \<and> P t \<and> interior(s) \<inter> interior(t) = {} \<longrightarrow> P(s \<union> t))" "\<not> P {a..b::real^'n}"
  1050   obtains x where "x \<in> {a..b}" "\<forall>e>0. \<exists>c d. x \<in> {c..d} \<and> {c..d} \<subseteq> ball x e \<and> {c..d} \<subseteq> {a..b} \<and> ~P({c..d})"
  1051 proof-
  1052   have "\<forall>x. \<exists>y. \<not> P {fst x..snd x} \<longrightarrow> (\<not> P {fst y..snd y} \<and> (\<forall>i. fst x$i \<le> fst y$i \<and> fst y$i \<le> snd y$i \<and> snd y$i \<le> snd x$i \<and>
  1053                            2 * (snd y$i - fst y$i) \<le> snd x$i - fst x$i))" proof case goal1 thus ?case proof-
  1054       presume "\<not> P {fst x..snd x} \<Longrightarrow> ?thesis"
  1055       thus ?thesis apply(cases "P {fst x..snd x}") by auto
  1056     next assume as:"\<not> P {fst x..snd x}" from interval_bisection_step[of P, OF assms(1-2) as] guess c d . 
  1057       thus ?thesis apply- apply(rule_tac x="(c,d)" in exI) by auto
  1058     qed qed then guess f apply-apply(drule choice) by(erule exE) note f=this
  1059   def AB \<equiv> "\<lambda>n. (f ^^ n) (a,b)" def A \<equiv> "\<lambda>n. fst(AB n)" and B \<equiv> "\<lambda>n. snd(AB n)" note ab_def = this AB_def
  1060   have "A 0 = a" "B 0 = b" "\<And>n. \<not> P {A(Suc n)..B(Suc n)} \<and>
  1061     (\<forall>i. A(n)$i \<le> A(Suc n)$i \<and> A(Suc n)$i \<le> B(Suc n)$i \<and> B(Suc n)$i \<le> B(n)$i \<and> 
  1062     2 * (B(Suc n)$i - A(Suc n)$i) \<le> B(n)$i - A(n)$i)" (is "\<And>n. ?P n")
  1063   proof- show "A 0 = a" "B 0 = b" unfolding ab_def by auto
  1064     case goal3 note S = ab_def funpow.simps o_def id_apply show ?case
  1065     proof(induct n) case 0 thus ?case unfolding S apply(rule f[rule_format]) using assms(3) by auto
  1066     next case (Suc n) show ?case unfolding S apply(rule f[rule_format]) using Suc unfolding S by auto
  1067     qed qed note AB = this(1-2) conjunctD2[OF this(3),rule_format]
  1068 
  1069   have interv:"\<And>e. 0 < e \<Longrightarrow> \<exists>n. \<forall>x\<in>{A n..B n}. \<forall>y\<in>{A n..B n}. dist x y < e"
  1070   proof- case goal1 guess n using real_arch_pow2[of "(setsum (\<lambda>i. b$i - a$i) UNIV) / e"] .. note n=this
  1071     show ?case apply(rule_tac x=n in exI) proof(rule,rule)
  1072       fix x y assume xy:"x\<in>{A n..B n}" "y\<in>{A n..B n}"
  1073       have "dist x y \<le> setsum (\<lambda>i. abs((x - y)$i)) UNIV" unfolding dist_norm by(rule norm_le_l1)
  1074       also have "\<dots> \<le> setsum (\<lambda>i. B n$i - A n$i) UNIV"
  1075       proof(rule setsum_mono) fix i show "\<bar>(x - y) $ i\<bar> \<le> B n $ i - A n $ i"
  1076           using xy[unfolded mem_interval,THEN spec[where x=i]]
  1077           unfolding vector_minus_component by auto qed
  1078       also have "\<dots> \<le> setsum (\<lambda>i. b$i - a$i) UNIV / 2^n" unfolding setsum_divide_distrib
  1079       proof(rule setsum_mono) case goal1 thus ?case
  1080         proof(induct n) case 0 thus ?case unfolding AB by auto
  1081         next case (Suc n) have "B (Suc n) $ i - A (Suc n) $ i \<le> (B n $ i - A n $ i) / 2" using AB(4)[of n i] by auto
  1082           also have "\<dots> \<le> (b $ i - a $ i) / 2 ^ Suc n" using Suc by(auto simp add:field_simps) finally show ?case .
  1083         qed qed
  1084       also have "\<dots> < e" using n using goal1 by(auto simp add:field_simps) finally show "dist x y < e" .
  1085     qed qed
  1086   { fix n m ::nat assume "m \<le> n" then guess d unfolding le_Suc_ex_iff .. note d=this
  1087     have "{A n..B n} \<subseteq> {A m..B m}" unfolding d 
  1088     proof(induct d) case 0 thus ?case by auto
  1089     next case (Suc d) show ?case apply(rule subset_trans[OF _ Suc])
  1090         apply(rule) unfolding mem_interval apply(rule,erule_tac x=i in allE)
  1091       proof- case goal1 thus ?case using AB(4)[of "m + d" i] by(auto simp add:field_simps)
  1092       qed qed } note ABsubset = this 
  1093   have "\<exists>a. \<forall>n. a\<in>{A n..B n}" apply(rule decreasing_closed_nest[rule_format,OF closed_interval _ ABsubset interv])
  1094   proof- fix n show "{A n..B n} \<noteq> {}" apply(cases "0<n") using AB(3)[of "n - 1"] assms(1,3) AB(1-2) by auto qed auto
  1095   then guess x0 .. note x0=this[rule_format]
  1096   show thesis proof(rule that[rule_format,of x0])
  1097     show "x0\<in>{a..b}" using x0[of 0] unfolding AB .
  1098     fix e assume "0 < (e::real)" from interv[OF this] guess n .. note n=this
  1099     show "\<exists>c d. x0 \<in> {c..d} \<and> {c..d} \<subseteq> ball x0 e \<and> {c..d} \<subseteq> {a..b} \<and> \<not> P {c..d}"
  1100       apply(rule_tac x="A n" in exI,rule_tac x="B n" in exI) apply(rule,rule x0) apply rule defer 
  1101     proof show "\<not> P {A n..B n}" apply(cases "0<n") using AB(3)[of "n - 1"] assms(3) AB(1-2) by auto
  1102       show "{A n..B n} \<subseteq> ball x0 e" using n using x0[of n] by auto
  1103       show "{A n..B n} \<subseteq> {a..b}" unfolding AB(1-2)[symmetric] apply(rule ABsubset) by auto
  1104     qed qed qed 
  1105 
  1106 subsection {* Cousin's lemma. *}
  1107 
  1108 lemma fine_division_exists: assumes "gauge g" 
  1109   obtains p where "p tagged_division_of {a..b::real^'n}" "g fine p"
  1110 proof- presume "\<not> (\<exists>p. p tagged_division_of {a..b} \<and> g fine p) \<Longrightarrow> False"
  1111   then guess p unfolding atomize_not not_not .. thus thesis apply-apply(rule that[of p]) by auto
  1112 next assume as:"\<not> (\<exists>p. p tagged_division_of {a..b} \<and> g fine p)"
  1113   guess x apply(rule interval_bisection[of "\<lambda>s. \<exists>p. p tagged_division_of s \<and> g fine p",rule_format,OF _ _ as])
  1114     apply(rule_tac x="{}" in exI) defer apply(erule conjE exE)+
  1115   proof- show "{} tagged_division_of {} \<and> g fine {}" unfolding fine_def by auto
  1116     fix s t p p' assume "p tagged_division_of s" "g fine p" "p' tagged_division_of t" "g fine p'" "interior s \<inter> interior t = {}"
  1117     thus "\<exists>p. p tagged_division_of s \<union> t \<and> g fine p" apply-apply(rule_tac x="p \<union> p'" in exI) apply rule
  1118       apply(rule tagged_division_union) prefer 4 apply(rule fine_union) by auto
  1119   qed note x=this
  1120   obtain e where e:"e>0" "ball x e \<subseteq> g x" using gaugeD[OF assms, of x] unfolding open_contains_ball by auto
  1121   from x(2)[OF e(1)] guess c d apply-apply(erule exE conjE)+ . note c_d = this
  1122   have "g fine {(x, {c..d})}" unfolding fine_def using e using c_d(2) by auto
  1123   thus False using tagged_division_of_self[OF c_d(1)] using c_d by auto qed
  1124 
  1125 subsection {* Basic theorems about integrals. *}
  1126 
  1127 lemma has_integral_unique: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  1128   assumes "(f has_integral k1) i" "(f has_integral k2) i" shows "k1 = k2"
  1129 proof(rule ccontr) let ?e = "norm(k1 - k2) / 2" assume as:"k1 \<noteq> k2" hence e:"?e > 0" by auto
  1130   have lem:"\<And>f::real^'n \<Rightarrow> 'a.  \<And> a b k1 k2.
  1131     (f has_integral k1) ({a..b}) \<Longrightarrow> (f has_integral k2) ({a..b}) \<Longrightarrow> k1 \<noteq> k2 \<Longrightarrow> False"
  1132   proof- case goal1 let ?e = "norm(k1 - k2) / 2" from goal1(3) have e:"?e > 0" by auto
  1133     guess d1 by(rule has_integralD[OF goal1(1) e]) note d1=this
  1134     guess d2 by(rule has_integralD[OF goal1(2) e]) note d2=this
  1135     guess p by(rule fine_division_exists[OF gauge_inter[OF d1(1) d2(1)],of a b]) note p=this
  1136     let ?c = "(\<Sum>(x, k)\<in>p. content k *\<^sub>R f x)" have "norm (k1 - k2) \<le> norm (?c - k2) + norm (?c - k1)"
  1137       using norm_triangle_ineq4[of "k1 - ?c" "k2 - ?c"] by(auto simp add:algebra_simps norm_minus_commute)
  1138     also have "\<dots> < norm (k1 - k2) / 2 + norm (k1 - k2) / 2"
  1139       apply(rule add_strict_mono) apply(rule_tac[!] d2(2) d1(2)) using p unfolding fine_def by auto
  1140     finally show False by auto
  1141   qed { presume "\<not> (\<exists>a b. i = {a..b}) \<Longrightarrow> False"
  1142     thus False apply-apply(cases "\<exists>a b. i = {a..b}")
  1143       using assms by(auto simp add:has_integral intro:lem[OF _ _ as]) }
  1144   assume as:"\<not> (\<exists>a b. i = {a..b})"
  1145   guess B1 by(rule has_integral_altD[OF assms(1) as,OF e]) note B1=this[rule_format]
  1146   guess B2 by(rule has_integral_altD[OF assms(2) as,OF e]) note B2=this[rule_format]
  1147   have "\<exists>a b::real^'n. ball 0 B1 \<union> ball 0 B2 \<subseteq> {a..b}" apply(rule bounded_subset_closed_interval)
  1148     using bounded_Un bounded_ball by auto then guess a b apply-by(erule exE)+
  1149   note ab=conjunctD2[OF this[unfolded Un_subset_iff]]
  1150   guess w using B1(2)[OF ab(1)] .. note w=conjunctD2[OF this]
  1151   guess z using B2(2)[OF ab(2)] .. note z=conjunctD2[OF this]
  1152   have "z = w" using lem[OF w(1) z(1)] by auto
  1153   hence "norm (k1 - k2) \<le> norm (z - k2) + norm (w - k1)"
  1154     using norm_triangle_ineq4[of "k1 - w" "k2 - z"] by(auto simp add: norm_minus_commute) 
  1155   also have "\<dots> < norm (k1 - k2) / 2 + norm (k1 - k2) / 2" apply(rule add_strict_mono) by(rule_tac[!] z(2) w(2))
  1156   finally show False by auto qed
  1157 
  1158 lemma integral_unique[intro]:
  1159   "(f has_integral y) k \<Longrightarrow> integral k f = y"
  1160   unfolding integral_def apply(rule some_equality) by(auto intro: has_integral_unique) 
  1161 
  1162 lemma has_integral_is_0: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector" 
  1163   assumes "\<forall>x\<in>s. f x = 0" shows "(f has_integral 0) s"
  1164 proof- have lem:"\<And>a b. \<And>f::real^'n \<Rightarrow> 'a.
  1165     (\<forall>x\<in>{a..b}. f(x) = 0) \<Longrightarrow> (f has_integral 0) ({a..b})" unfolding has_integral
  1166   proof(rule,rule) fix a b e and f::"real^'n \<Rightarrow> 'a"
  1167     assume as:"\<forall>x\<in>{a..b}. f x = 0" "0 < (e::real)"
  1168     show "\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - 0) < e)"
  1169       apply(rule_tac x="\<lambda>x. ball x 1" in exI)  apply(rule,rule gaugeI) unfolding centre_in_ball defer apply(rule open_ball)
  1170     proof(rule,rule,erule conjE) case goal1
  1171       have "(\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) = 0" proof(rule setsum_0',rule)
  1172         fix x assume x:"x\<in>p" have "f (fst x) = 0" using tagged_division_ofD(2-3)[OF goal1(1), of "fst x" "snd x"] using as x by auto
  1173         thus "(\<lambda>(x, k). content k *\<^sub>R f x) x = 0" apply(subst surjective_pairing[of x]) unfolding split_conv by auto
  1174       qed thus ?case using as by auto
  1175     qed auto qed  { presume "\<not> (\<exists>a b. s = {a..b}) \<Longrightarrow> ?thesis"
  1176     thus ?thesis apply-apply(cases "\<exists>a b. s = {a..b}")
  1177       using assms by(auto simp add:has_integral intro:lem) }
  1178   have *:"(\<lambda>x. if x \<in> s then f x else 0) = (\<lambda>x. 0)" apply(rule ext) using assms by auto
  1179   assume "\<not> (\<exists>a b. s = {a..b})" thus ?thesis apply(subst has_integral_alt) unfolding if_not_P *
  1180   apply(rule,rule,rule_tac x=1 in exI,rule) defer apply(rule,rule,rule)
  1181   proof- fix e::real and a b assume "e>0"
  1182     thus "\<exists>z. ((\<lambda>x::real^'n. 0::'a) has_integral z) {a..b} \<and> norm (z - 0) < e"
  1183       apply(rule_tac x=0 in exI) apply(rule,rule lem) by auto
  1184   qed auto qed
  1185 
  1186 lemma has_integral_0[simp]: "((\<lambda>x::real^'n. 0) has_integral 0) s"
  1187   apply(rule has_integral_is_0) by auto 
  1188 
  1189 lemma has_integral_0_eq[simp]: "((\<lambda>x. 0) has_integral i) s \<longleftrightarrow> i = 0"
  1190   using has_integral_unique[OF has_integral_0] by auto
  1191 
  1192 lemma has_integral_linear: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  1193   assumes "(f has_integral y) s" "bounded_linear h" shows "((h o f) has_integral ((h y))) s"
  1194 proof- interpret bounded_linear h using assms(2) . from pos_bounded guess B .. note B=conjunctD2[OF this,rule_format]
  1195   have lem:"\<And>f::real^'n \<Rightarrow> 'a. \<And> y a b.
  1196     (f has_integral y) ({a..b}) \<Longrightarrow> ((h o f) has_integral h(y)) ({a..b})"
  1197   proof(subst has_integral,rule,rule) case goal1
  1198     from pos_bounded guess B .. note B=conjunctD2[OF this,rule_format]
  1199     have *:"e / B > 0" apply(rule divide_pos_pos) using goal1(2) B by auto
  1200     guess g using has_integralD[OF goal1(1) *] . note g=this
  1201     show ?case apply(rule_tac x=g in exI) apply(rule,rule g(1))
  1202     proof(rule,rule,erule conjE) fix p assume as:"p tagged_division_of {a..b}" "g fine p" 
  1203       have *:"\<And>x k. h ((\<lambda>(x, k). content k *\<^sub>R f x) x) = (\<lambda>(x, k). h (content k *\<^sub>R f x)) x" by auto
  1204       have "(\<Sum>(x, k)\<in>p. content k *\<^sub>R (h \<circ> f) x) = setsum (h \<circ> (\<lambda>(x, k). content k *\<^sub>R f x)) p"
  1205         unfolding o_def unfolding scaleR[THEN sym] * by simp
  1206       also have "\<dots> = h (\<Sum>(x, k)\<in>p. content k *\<^sub>R f x)" using setsum[of "\<lambda>(x,k). content k *\<^sub>R f x" p] using as by auto
  1207       finally have *:"(\<Sum>(x, k)\<in>p. content k *\<^sub>R (h \<circ> f) x) = h (\<Sum>(x, k)\<in>p. content k *\<^sub>R f x)" .
  1208       show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R (h \<circ> f) x) - h y) < e" unfolding * diff[THEN sym]
  1209         apply(rule le_less_trans[OF B(2)]) using g(2)[OF as] B(1) by(auto simp add:field_simps)
  1210     qed qed { presume "\<not> (\<exists>a b. s = {a..b}) \<Longrightarrow> ?thesis"
  1211     thus ?thesis apply-apply(cases "\<exists>a b. s = {a..b}") using assms by(auto simp add:has_integral intro!:lem) }
  1212   assume as:"\<not> (\<exists>a b. s = {a..b})" thus ?thesis apply(subst has_integral_alt) unfolding if_not_P
  1213   proof(rule,rule) fix e::real  assume e:"0<e"
  1214     have *:"0 < e/B" by(rule divide_pos_pos,rule e,rule B(1))
  1215     guess M using has_integral_altD[OF assms(1) as *,rule_format] . note M=this
  1216     show "\<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b} \<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> s then (h \<circ> f) x else 0) has_integral z) {a..b} \<and> norm (z - h y) < e)"
  1217       apply(rule_tac x=M in exI) apply(rule,rule M(1))
  1218     proof(rule,rule,rule) case goal1 guess z using M(2)[OF goal1(1)] .. note z=conjunctD2[OF this]
  1219       have *:"(\<lambda>x. if x \<in> s then (h \<circ> f) x else 0) = h \<circ> (\<lambda>x. if x \<in> s then f x else 0)"
  1220         unfolding o_def apply(rule ext) using zero by auto
  1221       show ?case apply(rule_tac x="h z" in exI,rule) unfolding * apply(rule lem[OF z(1)]) unfolding diff[THEN sym]
  1222         apply(rule le_less_trans[OF B(2)]) using B(1) z(2) by(auto simp add:field_simps)
  1223     qed qed qed
  1224 
  1225 lemma has_integral_cmul:
  1226   shows "(f has_integral k) s \<Longrightarrow> ((\<lambda>x. c *\<^sub>R f x) has_integral (c *\<^sub>R k)) s"
  1227   unfolding o_def[THEN sym] apply(rule has_integral_linear,assumption)
  1228   by(rule scaleR.bounded_linear_right)
  1229 
  1230 lemma has_integral_neg:
  1231   shows "(f has_integral k) s \<Longrightarrow> ((\<lambda>x. -(f x)) has_integral (-k)) s"
  1232   apply(drule_tac c="-1" in has_integral_cmul) by auto
  1233 
  1234 lemma has_integral_add: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector" 
  1235   assumes "(f has_integral k) s" "(g has_integral l) s"
  1236   shows "((\<lambda>x. f x + g x) has_integral (k + l)) s"
  1237 proof- have lem:"\<And>f g::real^'n \<Rightarrow> 'a. \<And>a b k l.
  1238     (f has_integral k) ({a..b}) \<Longrightarrow> (g has_integral l) ({a..b}) \<Longrightarrow>
  1239      ((\<lambda>x. f(x) + g(x)) has_integral (k + l)) ({a..b})" proof- case goal1
  1240     show ?case unfolding has_integral proof(rule,rule) fix e::real assume e:"e>0" hence *:"e/2>0" by auto
  1241       guess d1 using has_integralD[OF goal1(1) *] . note d1=this
  1242       guess d2 using has_integralD[OF goal1(2) *] . note d2=this
  1243       show "\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R (f x + g x)) - (k + l)) < e)"
  1244         apply(rule_tac x="\<lambda>x. (d1 x) \<inter> (d2 x)" in exI) apply(rule,rule gauge_inter[OF d1(1) d2(1)])
  1245       proof(rule,rule,erule conjE) fix p assume as:"p tagged_division_of {a..b}" "(\<lambda>x. d1 x \<inter> d2 x) fine p"
  1246         have *:"(\<Sum>(x, k)\<in>p. content k *\<^sub>R (f x + g x)) = (\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) + (\<Sum>(x, k)\<in>p. content k *\<^sub>R g x)"
  1247           unfolding scaleR_right_distrib setsum_addf[of "\<lambda>(x,k). content k *\<^sub>R f x" "\<lambda>(x,k). content k *\<^sub>R g x" p,THEN sym]
  1248           by(rule setsum_cong2,auto)
  1249         have "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R (f x + g x)) - (k + l)) = norm (((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - k) + ((\<Sum>(x, k)\<in>p. content k *\<^sub>R g x) - l))"
  1250           unfolding * by(auto simp add:algebra_simps) also let ?res = "\<dots>"
  1251         from as have *:"d1 fine p" "d2 fine p" unfolding fine_inter by auto
  1252         have "?res < e/2 + e/2" apply(rule le_less_trans[OF norm_triangle_ineq])
  1253           apply(rule add_strict_mono) using d1(2)[OF as(1) *(1)] and d2(2)[OF as(1) *(2)] by auto
  1254         finally show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R (f x + g x)) - (k + l)) < e" by auto
  1255       qed qed qed { presume "\<not> (\<exists>a b. s = {a..b}) \<Longrightarrow> ?thesis"
  1256     thus ?thesis apply-apply(cases "\<exists>a b. s = {a..b}") using assms by(auto simp add:has_integral intro!:lem) }
  1257   assume as:"\<not> (\<exists>a b. s = {a..b})" thus ?thesis apply(subst has_integral_alt) unfolding if_not_P
  1258   proof(rule,rule) case goal1 hence *:"e/2 > 0" by auto
  1259     from has_integral_altD[OF assms(1) as *] guess B1 . note B1=this[rule_format]
  1260     from has_integral_altD[OF assms(2) as *] guess B2 . note B2=this[rule_format]
  1261     show ?case apply(rule_tac x="max B1 B2" in exI) apply(rule,rule min_max.less_supI1,rule B1)
  1262     proof(rule,rule,rule) fix a b assume "ball 0 (max B1 B2) \<subseteq> {a..b::real^'n}"
  1263       hence *:"ball 0 B1 \<subseteq> {a..b::real^'n}" "ball 0 B2 \<subseteq> {a..b::real^'n}" by auto
  1264       guess w using B1(2)[OF *(1)] .. note w=conjunctD2[OF this]
  1265       guess z using B2(2)[OF *(2)] .. note z=conjunctD2[OF this]
  1266       have *:"\<And>x. (if x \<in> s then f x + g x else 0) = (if x \<in> s then f x else 0) + (if x \<in> s then g x else 0)" by auto
  1267       show "\<exists>z. ((\<lambda>x. if x \<in> s then f x + g x else 0) has_integral z) {a..b} \<and> norm (z - (k + l)) < e"
  1268         apply(rule_tac x="w + z" in exI) apply(rule,rule lem[OF w(1) z(1), unfolded *[THEN sym]])
  1269         using norm_triangle_ineq[of "w - k" "z - l"] w(2) z(2) by(auto simp add:field_simps)
  1270     qed qed qed
  1271 
  1272 lemma has_integral_sub:
  1273   shows "(f has_integral k) s \<Longrightarrow> (g has_integral l) s \<Longrightarrow> ((\<lambda>x. f(x) - g(x)) has_integral (k - l)) s"
  1274   using has_integral_add[OF _ has_integral_neg,of f k s g l] unfolding algebra_simps by auto
  1275 
  1276 lemma integral_0: "integral s (\<lambda>x::real^'n. 0::real^'m) = 0"
  1277   by(rule integral_unique has_integral_0)+
  1278 
  1279 lemma integral_add:
  1280   shows "f integrable_on s \<Longrightarrow> g integrable_on s \<Longrightarrow>
  1281    integral s (\<lambda>x. f x + g x) = integral s f + integral s g"
  1282   apply(rule integral_unique) apply(drule integrable_integral)+
  1283   apply(rule has_integral_add) by assumption+
  1284 
  1285 lemma integral_cmul:
  1286   shows "f integrable_on s \<Longrightarrow> integral s (\<lambda>x. c *\<^sub>R f x) = c *\<^sub>R integral s f"
  1287   apply(rule integral_unique) apply(drule integrable_integral)+
  1288   apply(rule has_integral_cmul) by assumption+
  1289 
  1290 lemma integral_neg:
  1291   shows "f integrable_on s \<Longrightarrow> integral s (\<lambda>x. - f x) = - integral s f"
  1292   apply(rule integral_unique) apply(drule integrable_integral)+
  1293   apply(rule has_integral_neg) by assumption+
  1294 
  1295 lemma integral_sub:
  1296   shows "f integrable_on s \<Longrightarrow> g integrable_on s \<Longrightarrow> integral s (\<lambda>x. f x - g x) = integral s f - integral s g"
  1297   apply(rule integral_unique) apply(drule integrable_integral)+
  1298   apply(rule has_integral_sub) by assumption+
  1299 
  1300 lemma integrable_0: "(\<lambda>x. 0) integrable_on s"
  1301   unfolding integrable_on_def using has_integral_0 by auto
  1302 
  1303 lemma integrable_add:
  1304   shows "f integrable_on s \<Longrightarrow> g integrable_on s \<Longrightarrow> (\<lambda>x. f x + g x) integrable_on s"
  1305   unfolding integrable_on_def by(auto intro: has_integral_add)
  1306 
  1307 lemma integrable_cmul:
  1308   shows "f integrable_on s \<Longrightarrow> (\<lambda>x. c *\<^sub>R f(x)) integrable_on s"
  1309   unfolding integrable_on_def by(auto intro: has_integral_cmul)
  1310 
  1311 lemma integrable_neg:
  1312   shows "f integrable_on s \<Longrightarrow> (\<lambda>x. -f(x)) integrable_on s"
  1313   unfolding integrable_on_def by(auto intro: has_integral_neg)
  1314 
  1315 lemma integrable_sub:
  1316   shows "f integrable_on s \<Longrightarrow> g integrable_on s \<Longrightarrow> (\<lambda>x. f x - g x) integrable_on s"
  1317   unfolding integrable_on_def by(auto intro: has_integral_sub)
  1318 
  1319 lemma integrable_linear:
  1320   shows "f integrable_on s \<Longrightarrow> bounded_linear h \<Longrightarrow> (h o f) integrable_on s"
  1321   unfolding integrable_on_def by(auto intro: has_integral_linear)
  1322 
  1323 lemma integral_linear:
  1324   shows "f integrable_on s \<Longrightarrow> bounded_linear h \<Longrightarrow> integral s (h o f) = h(integral s f)"
  1325   apply(rule has_integral_unique) defer unfolding has_integral_integral 
  1326   apply(drule has_integral_linear,assumption,assumption) unfolding has_integral_integral[THEN sym]
  1327   apply(rule integrable_linear) by assumption+
  1328 
  1329 lemma integral_component_eq[simp]: fixes f::"real^'n \<Rightarrow> real^'m"
  1330   assumes "f integrable_on s" shows "integral s (\<lambda>x. f x $ k) = integral s f $ k"
  1331   using integral_linear[OF assms(1) bounded_linear_component,unfolded o_def] .
  1332 
  1333 lemma has_integral_setsum:
  1334   assumes "finite t" "\<forall>a\<in>t. ((f a) has_integral (i a)) s"
  1335   shows "((\<lambda>x. setsum (\<lambda>a. f a x) t) has_integral (setsum i t)) s"
  1336 proof(insert assms(1) subset_refl[of t],induct rule:finite_subset_induct)
  1337   case (insert x F) show ?case unfolding setsum_insert[OF insert(1,3)]
  1338     apply(rule has_integral_add) using insert assms by auto
  1339 qed auto
  1340 
  1341 lemma integral_setsum:
  1342   shows "finite t \<Longrightarrow> \<forall>a\<in>t. (f a) integrable_on s \<Longrightarrow>
  1343   integral s (\<lambda>x. setsum (\<lambda>a. f a x) t) = setsum (\<lambda>a. integral s (f a)) t"
  1344   apply(rule integral_unique) apply(rule has_integral_setsum)
  1345   using integrable_integral by auto
  1346 
  1347 lemma integrable_setsum:
  1348   shows "finite t \<Longrightarrow> \<forall>a \<in> t.(f a) integrable_on s \<Longrightarrow> (\<lambda>x. setsum (\<lambda>a. f a x) t) integrable_on s"
  1349   unfolding integrable_on_def apply(drule bchoice) using has_integral_setsum[of t] by auto
  1350 
  1351 lemma has_integral_eq:
  1352   assumes "\<forall>x\<in>s. f x = g x" "(f has_integral k) s" shows "(g has_integral k) s"
  1353   using has_integral_sub[OF assms(2), of "\<lambda>x. f x - g x" 0]
  1354   using has_integral_is_0[of s "\<lambda>x. f x - g x"] using assms(1) by auto
  1355 
  1356 lemma integrable_eq:
  1357   shows "\<forall>x\<in>s. f x = g x \<Longrightarrow> f integrable_on s \<Longrightarrow> g integrable_on s"
  1358   unfolding integrable_on_def using has_integral_eq[of s f g] by auto
  1359 
  1360 lemma has_integral_eq_eq:
  1361   shows "\<forall>x\<in>s. f x = g x \<Longrightarrow> ((f has_integral k) s \<longleftrightarrow> (g has_integral k) s)"
  1362   using has_integral_eq[of s f g] has_integral_eq[of s g f] by rule auto
  1363 
  1364 lemma has_integral_null[dest]:
  1365   assumes "content({a..b}) = 0" shows  "(f has_integral 0) ({a..b})"
  1366   unfolding has_integral apply(rule,rule,rule_tac x="\<lambda>x. ball x 1" in exI,rule) defer
  1367 proof(rule,rule,erule conjE) fix e::real assume e:"e>0" thus "gauge (\<lambda>x. ball x 1)" by auto
  1368   fix p assume p:"p tagged_division_of {a..b}" (*"(\<lambda>x. ball x 1) fine p"*)
  1369   have "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - 0) = 0" unfolding norm_eq_zero diff_0_right
  1370     using setsum_content_null[OF assms(1) p, of f] . 
  1371   thus "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - 0) < e" using e by auto qed
  1372 
  1373 lemma has_integral_null_eq[simp]:
  1374   shows "content({a..b}) = 0 \<Longrightarrow> ((f has_integral i) ({a..b}) \<longleftrightarrow> i = 0)"
  1375   apply rule apply(rule has_integral_unique,assumption) 
  1376   apply(drule has_integral_null,assumption)
  1377   apply(drule has_integral_null) by auto
  1378 
  1379 lemma integral_null[dest]: shows "content({a..b}) = 0 \<Longrightarrow> integral({a..b}) f = 0"
  1380   by(rule integral_unique,drule has_integral_null)
  1381 
  1382 lemma integrable_on_null[dest]: shows "content({a..b}) = 0 \<Longrightarrow> f integrable_on {a..b}"
  1383   unfolding integrable_on_def apply(drule has_integral_null) by auto
  1384 
  1385 lemma has_integral_empty[intro]: shows "(f has_integral 0) {}"
  1386   unfolding empty_as_interval apply(rule has_integral_null) 
  1387   using content_empty unfolding empty_as_interval .
  1388 
  1389 lemma has_integral_empty_eq[simp]: shows "(f has_integral i) {} \<longleftrightarrow> i = 0"
  1390   apply(rule,rule has_integral_unique,assumption) by auto
  1391 
  1392 lemma integrable_on_empty[intro]: shows "f integrable_on {}" unfolding integrable_on_def by auto
  1393 
  1394 lemma integral_empty[simp]: shows "integral {} f = 0"
  1395   apply(rule integral_unique) using has_integral_empty .
  1396 
  1397 lemma has_integral_refl[intro]: shows "(f has_integral 0) {a..a}" "(f has_integral 0) {a}"
  1398 proof- have *:"{a} = {a..a}" apply(rule set_ext) unfolding mem_interval singleton_iff Cart_eq
  1399     apply safe prefer 3 apply(erule_tac x=i in allE) by(auto simp add: field_simps)
  1400   show "(f has_integral 0) {a..a}" "(f has_integral 0) {a}" unfolding *
  1401     apply(rule_tac[!] has_integral_null) unfolding content_eq_0_interior
  1402     unfolding interior_closed_interval using interval_sing by auto qed
  1403 
  1404 lemma integrable_on_refl[intro]: shows "f integrable_on {a..a}" unfolding integrable_on_def by auto
  1405 
  1406 lemma integral_refl: shows "integral {a..a} f = 0" apply(rule integral_unique) by auto
  1407 
  1408 subsection {* Cauchy-type criterion for integrability. *}
  1409 
  1410 lemma integrable_cauchy: fixes f::"real^'n \<Rightarrow> 'a::{real_normed_vector,complete_space}" 
  1411   shows "f integrable_on {a..b} \<longleftrightarrow>
  1412   (\<forall>e>0.\<exists>d. gauge d \<and> (\<forall>p1 p2. p1 tagged_division_of {a..b} \<and> d fine p1 \<and>
  1413                             p2 tagged_division_of {a..b} \<and> d fine p2
  1414                             \<longrightarrow> norm(setsum (\<lambda>(x,k). content k *\<^sub>R f x) p1 -
  1415                                      setsum (\<lambda>(x,k). content k *\<^sub>R f x) p2) < e))" (is "?l = (\<forall>e>0. \<exists>d. ?P e d)")
  1416 proof assume ?l
  1417   then guess y unfolding integrable_on_def has_integral .. note y=this
  1418   show "\<forall>e>0. \<exists>d. ?P e d" proof(rule,rule) case goal1 hence "e/2 > 0" by auto
  1419     then guess d apply- apply(drule y[rule_format]) by(erule exE,erule conjE) note d=this[rule_format]
  1420     show ?case apply(rule_tac x=d in exI,rule,rule d) apply(rule,rule,rule,(erule conjE)+)
  1421     proof- fix p1 p2 assume as:"p1 tagged_division_of {a..b}" "d fine p1" "p2 tagged_division_of {a..b}" "d fine p2"
  1422       show "norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x)) < e"
  1423         apply(rule dist_triangle_half_l[where y=y,unfolded dist_norm])
  1424         using d(2)[OF conjI[OF as(1-2)]] d(2)[OF conjI[OF as(3-4)]] .
  1425     qed qed
  1426 next assume "\<forall>e>0. \<exists>d. ?P e d" hence "\<forall>n::nat. \<exists>d. ?P (inverse(real (n + 1))) d" by auto
  1427   from choice[OF this] guess d .. note d=conjunctD2[OF this[rule_format],rule_format]
  1428   have "\<And>n. gauge (\<lambda>x. \<Inter>{d i x |i. i \<in> {0..n}})" apply(rule gauge_inters) using d(1) by auto
  1429   hence "\<forall>n. \<exists>p. p tagged_division_of {a..b} \<and> (\<lambda>x. \<Inter>{d i x |i. i \<in> {0..n}}) fine p" apply-
  1430   proof case goal1 from this[of n] show ?case apply(drule_tac fine_division_exists) by auto qed
  1431   from choice[OF this] guess p .. note p = conjunctD2[OF this[rule_format]]
  1432   have dp:"\<And>i n. i\<le>n \<Longrightarrow> d i fine p n" using p(2) unfolding fine_inters by auto
  1433   have "Cauchy (\<lambda>n. setsum (\<lambda>(x,k). content k *\<^sub>R (f x)) (p n))"
  1434   proof(rule CauchyI) case goal1 then guess N unfolding real_arch_inv[of e] .. note N=this
  1435     show ?case apply(rule_tac x=N in exI)
  1436     proof(rule,rule,rule,rule) fix m n assume mn:"N \<le> m" "N \<le> n" have *:"N = (N - 1) + 1" using N by auto
  1437       show "norm ((\<Sum>(x, k)\<in>p m. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p n. content k *\<^sub>R f x)) < e"
  1438         apply(rule less_trans[OF _ N[THEN conjunct2,THEN conjunct2]]) apply(subst *) apply(rule d(2))
  1439         using dp p(1) using mn by auto 
  1440     qed qed
  1441   then guess y unfolding convergent_eq_cauchy[THEN sym] .. note y=this[unfolded Lim_sequentially,rule_format]
  1442   show ?l unfolding integrable_on_def has_integral apply(rule_tac x=y in exI)
  1443   proof(rule,rule) fix e::real assume "e>0" hence *:"e/2 > 0" by auto
  1444     then guess N1 unfolding real_arch_inv[of "e/2"] .. note N1=this hence N1':"N1 = N1 - 1 + 1" by auto
  1445     guess N2 using y[OF *] .. note N2=this
  1446     show "\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - y) < e)"
  1447       apply(rule_tac x="d (N1 + N2)" in exI) apply rule defer 
  1448     proof(rule,rule,erule conjE) show "gauge (d (N1 + N2))" using d by auto
  1449       fix q assume as:"q tagged_division_of {a..b}" "d (N1 + N2) fine q"
  1450       have *:"inverse (real (N1 + N2 + 1)) < e / 2" apply(rule less_trans) using N1 by auto
  1451       show "norm ((\<Sum>(x, k)\<in>q. content k *\<^sub>R f x) - y) < e" apply(rule norm_triangle_half_r)
  1452         apply(rule less_trans[OF _ *]) apply(subst N1', rule d(2)[of "p (N1+N2)"]) defer
  1453         using N2[rule_format,unfolded dist_norm,of "N1+N2"]
  1454         using as dp[of "N1 - 1 + 1 + N2" "N1 + N2"] using p(1)[of "N1 + N2"] using N1 by auto qed qed qed
  1455 
  1456 subsection {* Additivity of integral on abutting intervals. *}
  1457 
  1458 lemma interval_split:
  1459   "{a..b::real^'n} \<inter> {x. x$k \<le> c} = {a .. (\<chi> i. if i = k then min (b$k) c else b$i)}"
  1460   "{a..b} \<inter> {x. x$k \<ge> c} = {(\<chi> i. if i = k then max (a$k) c else a$i) .. b}"
  1461   apply(rule_tac[!] set_ext) unfolding Int_iff mem_interval mem_Collect_eq
  1462   unfolding Cart_lambda_beta by auto
  1463 
  1464 lemma content_split:
  1465   "content {a..b::real^'n} = content({a..b} \<inter> {x. x$k \<le> c}) + content({a..b} \<inter> {x. x$k >= c})"
  1466 proof- note simps = interval_split content_closed_interval_cases Cart_lambda_beta vector_le_def
  1467   { presume "a\<le>b \<Longrightarrow> ?thesis" thus ?thesis apply(cases "a\<le>b") unfolding simps by auto }
  1468   have *:"UNIV = insert k (UNIV - {k})" "\<And>x. finite (UNIV-{x::'n})" "\<And>x. x\<notin>UNIV-{x}" by auto
  1469   have *:"\<And>X Y Z. (\<Prod>i\<in>UNIV. Z i (if i = k then X else Y i)) = Z k X * (\<Prod>i\<in>UNIV-{k}. Z i (Y i))"
  1470     "(\<Prod>i\<in>UNIV. b$i - a$i) = (\<Prod>i\<in>UNIV-{k}. b$i - a$i) * (b$k - a$k)" 
  1471     apply(subst *(1)) defer apply(subst *(1)) unfolding setprod_insert[OF *(2-)] by auto
  1472   assume as:"a\<le>b" moreover have "\<And>x. min (b $ k) c = max (a $ k) c
  1473     \<Longrightarrow> x* (b$k - a$k) = x*(max (a $ k) c - a $ k) + x*(b $ k - max (a $ k) c)"
  1474     by  (auto simp add:field_simps)
  1475   moreover have "\<not> a $ k \<le> c \<Longrightarrow> \<not> c \<le> b $ k \<Longrightarrow> False"
  1476     unfolding not_le using as[unfolded vector_le_def,rule_format,of k] by auto
  1477   ultimately show ?thesis 
  1478     unfolding simps unfolding *(1)[of "\<lambda>i x. b$i - x"] *(1)[of "\<lambda>i x. x - a$i"] *(2) by(auto)
  1479 qed
  1480 
  1481 lemma division_split_left_inj:
  1482   assumes "d division_of i" "k1 \<in> d" "k2 \<in> d"  "k1 \<noteq> k2"
  1483   "k1 \<inter> {x::real^'n. x$k \<le> c} = k2 \<inter> {x. x$k \<le> c}"
  1484   shows "content(k1 \<inter> {x. x$k \<le> c}) = 0"
  1485 proof- note d=division_ofD[OF assms(1)]
  1486   have *:"\<And>a b::real^'n. \<And> c k. (content({a..b} \<inter> {x. x$k \<le> c}) = 0 \<longleftrightarrow> interior({a..b} \<inter> {x. x$k \<le> c}) = {})"
  1487     unfolding interval_split content_eq_0_interior by auto
  1488   guess u1 v1 using d(4)[OF assms(2)] apply-by(erule exE)+ note uv1=this
  1489   guess u2 v2 using d(4)[OF assms(3)] apply-by(erule exE)+ note uv2=this
  1490   have **:"\<And>s t u. s \<inter> t = {} \<Longrightarrow> u \<subseteq> s \<Longrightarrow> u \<subseteq> t \<Longrightarrow> u = {}" by auto
  1491   show ?thesis unfolding uv1 uv2 * apply(rule **[OF d(5)[OF assms(2-4)]])
  1492     defer apply(subst assms(5)[unfolded uv1 uv2]) unfolding uv1 uv2 by auto qed
  1493 
  1494 lemma division_split_right_inj:
  1495   assumes "d division_of i" "k1 \<in> d" "k2 \<in> d"  "k1 \<noteq> k2"
  1496   "k1 \<inter> {x::real^'n. x$k \<ge> c} = k2 \<inter> {x. x$k \<ge> c}"
  1497   shows "content(k1 \<inter> {x. x$k \<ge> c}) = 0"
  1498 proof- note d=division_ofD[OF assms(1)]
  1499   have *:"\<And>a b::real^'n. \<And> c k. (content({a..b} \<inter> {x. x$k >= c}) = 0 \<longleftrightarrow> interior({a..b} \<inter> {x. x$k >= c}) = {})"
  1500     unfolding interval_split content_eq_0_interior by auto
  1501   guess u1 v1 using d(4)[OF assms(2)] apply-by(erule exE)+ note uv1=this
  1502   guess u2 v2 using d(4)[OF assms(3)] apply-by(erule exE)+ note uv2=this
  1503   have **:"\<And>s t u. s \<inter> t = {} \<Longrightarrow> u \<subseteq> s \<Longrightarrow> u \<subseteq> t \<Longrightarrow> u = {}" by auto
  1504   show ?thesis unfolding uv1 uv2 * apply(rule **[OF d(5)[OF assms(2-4)]])
  1505     defer apply(subst assms(5)[unfolded uv1 uv2]) unfolding uv1 uv2 by auto qed
  1506 
  1507 lemma tagged_division_split_left_inj:
  1508   assumes "d tagged_division_of i" "(x1,k1) \<in> d" "(x2,k2) \<in> d" "k1 \<noteq> k2"  "k1 \<inter> {x. x$k \<le> c} = k2 \<inter> {x. x$k \<le> c}" 
  1509   shows "content(k1 \<inter> {x. x$k \<le> c}) = 0"
  1510 proof- have *:"\<And>a b c. (a,b) \<in> c \<Longrightarrow> b \<in> snd ` c" unfolding image_iff apply(rule_tac x="(a,b)" in bexI) by auto
  1511   show ?thesis apply(rule division_split_left_inj[OF division_of_tagged_division[OF assms(1)]])
  1512     apply(rule_tac[1-2] *) using assms(2-) by auto qed
  1513 
  1514 lemma tagged_division_split_right_inj:
  1515   assumes "d tagged_division_of i" "(x1,k1) \<in> d" "(x2,k2) \<in> d" "k1 \<noteq> k2"  "k1 \<inter> {x. x$k \<ge> c} = k2 \<inter> {x. x$k \<ge> c}" 
  1516   shows "content(k1 \<inter> {x. x$k \<ge> c}) = 0"
  1517 proof- have *:"\<And>a b c. (a,b) \<in> c \<Longrightarrow> b \<in> snd ` c" unfolding image_iff apply(rule_tac x="(a,b)" in bexI) by auto
  1518   show ?thesis apply(rule division_split_right_inj[OF division_of_tagged_division[OF assms(1)]])
  1519     apply(rule_tac[1-2] *) using assms(2-) by auto qed
  1520 
  1521 lemma division_split:
  1522   assumes "p division_of {a..b::real^'n}"
  1523   shows "{l \<inter> {x. x$k \<le> c} | l. l \<in> p \<and> ~(l \<inter> {x. x$k \<le> c} = {})} division_of ({a..b} \<inter> {x. x$k \<le> c})" (is "?p1 division_of ?I1") and 
  1524         "{l \<inter> {x. x$k \<ge> c} | l. l \<in> p \<and> ~(l \<inter> {x. x$k \<ge> c} = {})} division_of ({a..b} \<inter> {x. x$k \<ge> c})" (is "?p2 division_of ?I2")
  1525 proof(rule_tac[!] division_ofI) note p=division_ofD[OF assms]
  1526   show "finite ?p1" "finite ?p2" using p(1) by auto show "\<Union>?p1 = ?I1" "\<Union>?p2 = ?I2" unfolding p(6)[THEN sym] by auto
  1527   { fix k assume "k\<in>?p1" then guess l unfolding mem_Collect_eq apply-by(erule exE,(erule conjE)+) note l=this
  1528     guess u v using p(4)[OF l(2)] apply-by(erule exE)+ note uv=this
  1529     show "k\<subseteq>?I1" "k \<noteq> {}" "\<exists>a b. k = {a..b}" unfolding l
  1530       using p(2-3)[OF l(2)] l(3) unfolding uv apply- prefer 3 apply(subst interval_split) by auto
  1531     fix k' assume "k'\<in>?p1" then guess l' unfolding mem_Collect_eq apply-by(erule exE,(erule conjE)+) note l'=this
  1532     assume "k\<noteq>k'" thus "interior k \<inter> interior k' = {}" unfolding l l' using p(5)[OF l(2) l'(2)] by auto }
  1533   { fix k assume "k\<in>?p2" then guess l unfolding mem_Collect_eq apply-by(erule exE,(erule conjE)+) note l=this
  1534     guess u v using p(4)[OF l(2)] apply-by(erule exE)+ note uv=this
  1535     show "k\<subseteq>?I2" "k \<noteq> {}" "\<exists>a b. k = {a..b}" unfolding l
  1536       using p(2-3)[OF l(2)] l(3) unfolding uv apply- prefer 3 apply(subst interval_split) by auto
  1537     fix k' assume "k'\<in>?p2" then guess l' unfolding mem_Collect_eq apply-by(erule exE,(erule conjE)+) note l'=this
  1538     assume "k\<noteq>k'" thus "interior k \<inter> interior k' = {}" unfolding l l' using p(5)[OF l(2) l'(2)] by auto }
  1539 qed
  1540 
  1541 lemma has_integral_split: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  1542   assumes "(f has_integral i) ({a..b} \<inter> {x. x$k \<le> c})"  "(f has_integral j) ({a..b} \<inter> {x. x$k \<ge> c})"
  1543   shows "(f has_integral (i + j)) ({a..b})"
  1544 proof(unfold has_integral,rule,rule) case goal1 hence e:"e/2>0" by auto
  1545   guess d1 using has_integralD[OF assms(1)[unfolded interval_split] e] . note d1=this[unfolded interval_split[THEN sym]]
  1546   guess d2 using has_integralD[OF assms(2)[unfolded interval_split] e] . note d2=this[unfolded interval_split[THEN sym]]
  1547   let ?d = "\<lambda>x. if x$k = c then (d1 x \<inter> d2 x) else ball x (abs(x$k - c)) \<inter> d1 x \<inter> d2 x"
  1548   show ?case apply(rule_tac x="?d" in exI,rule) defer apply(rule,rule,(erule conjE)+)
  1549   proof- show "gauge ?d" using d1(1) d2(1) unfolding gauge_def by auto
  1550     fix p assume "p tagged_division_of {a..b}" "?d fine p" note p = this tagged_division_ofD[OF this(1)]
  1551     have lem0:"\<And>x kk. (x,kk) \<in> p \<Longrightarrow> ~(kk \<inter> {x. x$k \<le> c} = {}) \<Longrightarrow> x$k \<le> c"
  1552          "\<And>x kk. (x,kk) \<in> p \<Longrightarrow> ~(kk \<inter> {x. x$k \<ge> c} = {}) \<Longrightarrow> x$k \<ge> c"
  1553     proof- fix x kk assume as:"(x,kk)\<in>p"
  1554       show "~(kk \<inter> {x. x$k \<le> c} = {}) \<Longrightarrow> x$k \<le> c"
  1555       proof(rule ccontr) case goal1
  1556         from this(2)[unfolded not_le] have "kk \<subseteq> ball x \<bar>x $ k - c\<bar>"
  1557           using p(2)[unfolded fine_def,rule_format,OF as,unfolded split_conv] by auto
  1558         hence "\<exists>y. y \<in> ball x \<bar>x $ k - c\<bar> \<inter> {x. x $ k \<le> c}" using goal1(1) by blast 
  1559         then guess y .. hence "\<bar>x $ k - y $ k\<bar> < \<bar>x $ k - c\<bar>" "y$k \<le> c" apply-apply(rule le_less_trans)
  1560           using component_le_norm[of "x - y" k,unfolded vector_minus_component] by(auto simp add:dist_norm)
  1561         thus False using goal1(2)[unfolded not_le] by(auto simp add:field_simps)
  1562       qed
  1563       show "~(kk \<inter> {x. x$k \<ge> c} = {}) \<Longrightarrow> x$k \<ge> c"
  1564       proof(rule ccontr) case goal1
  1565         from this(2)[unfolded not_le] have "kk \<subseteq> ball x \<bar>x $ k - c\<bar>"
  1566           using p(2)[unfolded fine_def,rule_format,OF as,unfolded split_conv] by auto
  1567         hence "\<exists>y. y \<in> ball x \<bar>x $ k - c\<bar> \<inter> {x. x $ k \<ge> c}" using goal1(1) by blast 
  1568         then guess y .. hence "\<bar>x $ k - y $ k\<bar> < \<bar>x $ k - c\<bar>" "y$k \<ge> c" apply-apply(rule le_less_trans)
  1569           using component_le_norm[of "x - y" k,unfolded vector_minus_component] by(auto simp add:dist_norm)
  1570         thus False using goal1(2)[unfolded not_le] by(auto simp add:field_simps)
  1571       qed
  1572     qed
  1573 
  1574     have lem1: "\<And>f P Q. (\<forall>x k. (x,k) \<in> {(x,f k) | x k. P x k} \<longrightarrow> Q x k) \<longleftrightarrow> (\<forall>x k. P x k \<longrightarrow> Q x (f k))" by auto
  1575     have lem2: "\<And>f s P f. finite s \<Longrightarrow> finite {(x,f k) | x k. (x,k) \<in> s \<and> P x k}"
  1576     proof- case goal1 thus ?case apply-apply(rule finite_subset[of _ "(\<lambda>(x,k). (x,f k)) ` s"]) by auto qed
  1577     have lem3: "\<And>g::(real ^ 'n \<Rightarrow> bool) \<Rightarrow> real ^ 'n \<Rightarrow> bool. finite p \<Longrightarrow>
  1578       setsum (\<lambda>(x,k). content k *\<^sub>R f x) {(x,g k) |x k. (x,k) \<in> p \<and> ~(g k = {})}
  1579                = setsum (\<lambda>(x,k). content k *\<^sub>R f x) ((\<lambda>(x,k). (x,g k)) ` p)"
  1580       apply(rule setsum_mono_zero_left) prefer 3
  1581     proof fix g::"(real ^ 'n \<Rightarrow> bool) \<Rightarrow> real ^ 'n \<Rightarrow> bool" and i::"(real^'n) \<times> ((real^'n) set)"
  1582       assume "i \<in> (\<lambda>(x, k). (x, g k)) ` p - {(x, g k) |x k. (x, k) \<in> p \<and> g k \<noteq> {}}"
  1583       then obtain x k where xk:"i=(x,g k)" "(x,k)\<in>p" "(x,g k) \<notin> {(x, g k) |x k. (x, k) \<in> p \<and> g k \<noteq> {}}" by auto
  1584       have "content (g k) = 0" using xk using content_empty by auto
  1585       thus "(\<lambda>(x, k). content k *\<^sub>R f x) i = 0" unfolding xk split_conv by auto
  1586     qed auto
  1587     have lem4:"\<And>g. (\<lambda>(x,l). content (g l) *\<^sub>R f x) = (\<lambda>(x,l). content l *\<^sub>R f x) o (\<lambda>(x,l). (x,g l))" apply(rule ext) by auto
  1588 
  1589     let ?M1 = "{(x,kk \<inter> {x. x$k \<le> c}) |x kk. (x,kk) \<in> p \<and> kk \<inter> {x. x$k \<le> c} \<noteq> {}}"
  1590     have "norm ((\<Sum>(x, k)\<in>?M1. content k *\<^sub>R f x) - i) < e/2" apply(rule d1(2),rule tagged_division_ofI)
  1591       apply(rule lem2 p(3))+ prefer 6 apply(rule fineI)
  1592     proof- show "\<Union>{k. \<exists>x. (x, k) \<in> ?M1} = {a..b} \<inter> {x. x$k \<le> c}" unfolding p(8)[THEN sym] by auto
  1593       fix x l assume xl:"(x,l)\<in>?M1"
  1594       then guess x' l' unfolding mem_Collect_eq apply- unfolding Pair_eq apply((erule exE)+,(erule conjE)+) .  note xl'=this
  1595       have "l' \<subseteq> d1 x'" apply(rule order_trans[OF fineD[OF p(2) xl'(3)]]) by auto
  1596       thus "l \<subseteq> d1 x" unfolding xl' by auto
  1597       show "x\<in>l" "l \<subseteq> {a..b} \<inter> {x. x $ k \<le> c}" unfolding xl' using p(4-6)[OF xl'(3)] using xl'(4)
  1598         using lem0(1)[OF xl'(3-4)] by auto
  1599       show  "\<exists>a b. l = {a..b}" unfolding xl' using p(6)[OF xl'(3)] by(fastsimp simp add: interval_split[where c=c and k=k])
  1600       fix y r let ?goal = "interior l \<inter> interior r = {}" assume yr:"(y,r)\<in>?M1"
  1601       then guess y' r' unfolding mem_Collect_eq apply- unfolding Pair_eq apply((erule exE)+,(erule conjE)+) .  note yr'=this
  1602       assume as:"(x,l) \<noteq> (y,r)" show "interior l \<inter> interior r = {}"
  1603       proof(cases "l' = r' \<longrightarrow> x' = y'")
  1604         case False thus ?thesis using p(7)[OF xl'(3) yr'(3)] using as unfolding xl' yr' by auto
  1605       next case True hence "l' \<noteq> r'" using as unfolding xl' yr' by auto
  1606         thus ?thesis using p(7)[OF xl'(3) yr'(3)] using as unfolding xl' yr' by auto
  1607       qed qed moreover
  1608 
  1609     let ?M2 = "{(x,kk \<inter> {x. x$k \<ge> c}) |x kk. (x,kk) \<in> p \<and> kk \<inter> {x. x$k \<ge> c} \<noteq> {}}" 
  1610     have "norm ((\<Sum>(x, k)\<in>?M2. content k *\<^sub>R f x) - j) < e/2" apply(rule d2(2),rule tagged_division_ofI)
  1611       apply(rule lem2 p(3))+ prefer 6 apply(rule fineI)
  1612     proof- show "\<Union>{k. \<exists>x. (x, k) \<in> ?M2} = {a..b} \<inter> {x. x$k \<ge> c}" unfolding p(8)[THEN sym] by auto
  1613       fix x l assume xl:"(x,l)\<in>?M2"
  1614       then guess x' l' unfolding mem_Collect_eq apply- unfolding Pair_eq apply((erule exE)+,(erule conjE)+) .  note xl'=this
  1615       have "l' \<subseteq> d2 x'" apply(rule order_trans[OF fineD[OF p(2) xl'(3)]]) by auto
  1616       thus "l \<subseteq> d2 x" unfolding xl' by auto
  1617       show "x\<in>l" "l \<subseteq> {a..b} \<inter> {x. x $ k \<ge> c}" unfolding xl' using p(4-6)[OF xl'(3)] using xl'(4)
  1618         using lem0(2)[OF xl'(3-4)] by auto
  1619       show  "\<exists>a b. l = {a..b}" unfolding xl' using p(6)[OF xl'(3)] by(fastsimp simp add: interval_split[where c=c and k=k])
  1620       fix y r let ?goal = "interior l \<inter> interior r = {}" assume yr:"(y,r)\<in>?M2"
  1621       then guess y' r' unfolding mem_Collect_eq apply- unfolding Pair_eq apply((erule exE)+,(erule conjE)+) .  note yr'=this
  1622       assume as:"(x,l) \<noteq> (y,r)" show "interior l \<inter> interior r = {}"
  1623       proof(cases "l' = r' \<longrightarrow> x' = y'")
  1624         case False thus ?thesis using p(7)[OF xl'(3) yr'(3)] using as unfolding xl' yr' by auto
  1625       next case True hence "l' \<noteq> r'" using as unfolding xl' yr' by auto
  1626         thus ?thesis using p(7)[OF xl'(3) yr'(3)] using as unfolding xl' yr' by auto
  1627       qed qed ultimately
  1628 
  1629     have "norm (((\<Sum>(x, k)\<in>?M1. content k *\<^sub>R f x) - i) + ((\<Sum>(x, k)\<in>?M2. content k *\<^sub>R f x) - j)) < e/2 + e/2"
  1630       apply- apply(rule norm_triangle_lt) by auto
  1631     also { have *:"\<And>x y. x = (0::real) \<Longrightarrow> x *\<^sub>R (y::'a) = 0" using scaleR_zero_left by auto
  1632       have "((\<Sum>(x, k)\<in>?M1. content k *\<^sub>R f x) - i) + ((\<Sum>(x, k)\<in>?M2. content k *\<^sub>R f x) - j)
  1633        = (\<Sum>(x, k)\<in>?M1. content k *\<^sub>R f x) + (\<Sum>(x, k)\<in>?M2. content k *\<^sub>R f x) - (i + j)" by auto
  1634       also have "\<dots> = (\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. x $ k \<le> c}) *\<^sub>R f x) + (\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. c \<le> x $ k}) *\<^sub>R f x) - (i + j)"
  1635         unfolding lem3[OF p(3)] apply(subst setsum_reindex_nonzero[OF p(3)]) defer apply(subst setsum_reindex_nonzero[OF p(3)])
  1636         defer unfolding lem4[THEN sym] apply(rule refl) unfolding split_paired_all split_conv apply(rule_tac[!] *)
  1637       proof- case goal1 thus ?case apply- apply(rule tagged_division_split_left_inj [OF p(1), of a b aa ba]) by auto
  1638       next case   goal2 thus ?case apply- apply(rule tagged_division_split_right_inj[OF p(1), of a b aa ba]) by auto
  1639       qed also note setsum_addf[THEN sym]
  1640       also have *:"\<And>x. x\<in>p \<Longrightarrow> (\<lambda>(x, ka). content (ka \<inter> {x. x $ k \<le> c}) *\<^sub>R f x) x + (\<lambda>(x, ka). content (ka \<inter> {x. c \<le> x $ k}) *\<^sub>R f x) x
  1641         = (\<lambda>(x,ka). content ka *\<^sub>R f x) x" unfolding split_paired_all split_conv
  1642       proof- fix a b assume "(a,b) \<in> p" from p(6)[OF this] guess u v apply-by(erule exE)+ note uv=this
  1643         thus "content (b \<inter> {x. x $ k \<le> c}) *\<^sub>R f a + content (b \<inter> {x. c \<le> x $ k}) *\<^sub>R f a = content b *\<^sub>R f a"
  1644           unfolding scaleR_left_distrib[THEN sym] unfolding uv content_split[of u v k c] by auto
  1645       qed note setsum_cong2[OF this]
  1646       finally have "(\<Sum>(x, k)\<in>{(x, kk \<inter> {x. x $ k \<le> c}) |x kk. (x, kk) \<in> p \<and> kk \<inter> {x. x $ k \<le> c} \<noteq> {}}. content k *\<^sub>R f x) - i +
  1647         ((\<Sum>(x, k)\<in>{(x, kk \<inter> {x. c \<le> x $ k}) |x kk. (x, kk) \<in> p \<and> kk \<inter> {x. c \<le> x $ k} \<noteq> {}}. content k *\<^sub>R f x) - j) =
  1648         (\<Sum>(x, ka)\<in>p. content ka *\<^sub>R f x) - (i + j)" by auto }
  1649     finally show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - (i + j)) < e" by auto qed qed
  1650 
  1651 subsection {* A sort of converse, integrability on subintervals. *}
  1652 
  1653 lemma tagged_division_union_interval:
  1654   assumes "p1 tagged_division_of ({a..b} \<inter> {x::real^'n. x$k \<le> (c::real)})"  "p2 tagged_division_of ({a..b} \<inter> {x. x$k \<ge> c})"
  1655   shows "(p1 \<union> p2) tagged_division_of ({a..b})"
  1656 proof- have *:"{a..b} = ({a..b} \<inter> {x. x$k \<le> c}) \<union> ({a..b} \<inter> {x. x$k \<ge> c})" by auto
  1657   show ?thesis apply(subst *) apply(rule tagged_division_union[OF assms])
  1658     unfolding interval_split interior_closed_interval
  1659     by(auto simp add: vector_less_def elim!:allE[where x=k]) qed
  1660 
  1661 lemma has_integral_separate_sides: fixes f::"real^'m \<Rightarrow> 'a::real_normed_vector"
  1662   assumes "(f has_integral i) ({a..b})" "e>0"
  1663   obtains d where "gauge d" "(\<forall>p1 p2. p1 tagged_division_of ({a..b} \<inter> {x. x$k \<le> c}) \<and> d fine p1 \<and>
  1664                                 p2 tagged_division_of ({a..b} \<inter> {x. x$k \<ge> c}) \<and> d fine p2
  1665                                 \<longrightarrow> norm((setsum (\<lambda>(x,k). content k *\<^sub>R f x) p1 +
  1666                                           setsum (\<lambda>(x,k). content k *\<^sub>R f x) p2) - i) < e)"
  1667 proof- guess d using has_integralD[OF assms] . note d=this
  1668   show ?thesis apply(rule that[of d]) apply(rule d) apply(rule,rule,rule,(erule conjE)+)
  1669   proof- fix p1 p2 assume "p1 tagged_division_of {a..b} \<inter> {x. x $ k \<le> c}" "d fine p1" note p1=tagged_division_ofD[OF this(1)] this
  1670                    assume "p2 tagged_division_of {a..b} \<inter> {x. c \<le> x $ k}" "d fine p2" note p2=tagged_division_ofD[OF this(1)] this
  1671     note tagged_division_union_interval[OF p1(7) p2(7)] note p12 = tagged_division_ofD[OF this] this
  1672     have "norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) + (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x) - i) = norm ((\<Sum>(x, k)\<in>p1 \<union> p2. content k *\<^sub>R f x) - i)"
  1673       apply(subst setsum_Un_zero) apply(rule p1 p2)+ apply(rule) unfolding split_paired_all split_conv
  1674     proof- fix a b assume ab:"(a,b) \<in> p1 \<inter> p2"
  1675       have "(a,b) \<in> p1" using ab by auto from p1(4)[OF this] guess u v apply-by(erule exE)+ note uv =this
  1676       have "b \<subseteq> {x. x$k = c}" using ab p1(3)[of a b] p2(3)[of a b] by fastsimp
  1677       moreover have "interior {x. x $ k = c} = {}" 
  1678       proof(rule ccontr) case goal1 then obtain x where x:"x\<in>interior {x. x$k = c}" by auto
  1679         then guess e unfolding mem_interior .. note e=this
  1680         have x:"x$k = c" using x interior_subset by fastsimp
  1681         have *:"\<And>i. \<bar>(x - (x + (\<chi> i. if i = k then e / 2 else 0))) $ i\<bar> = (if i = k then e/2 else 0)" using e by auto
  1682         have "x + (\<chi> i. if i = k then e/2 else 0) \<in> ball x e" unfolding mem_ball dist_norm 
  1683           apply(rule le_less_trans[OF norm_le_l1]) unfolding * 
  1684           unfolding setsum_delta[OF finite_UNIV] using e by auto 
  1685         hence "x + (\<chi> i. if i = k then e/2 else 0) \<in> {x. x$k = c}" using e by auto
  1686         thus False unfolding mem_Collect_eq using e x by auto
  1687       qed ultimately have "content b = 0" unfolding uv content_eq_0_interior apply-apply(drule subset_interior) by auto
  1688       thus "content b *\<^sub>R f a = 0" by auto
  1689     qed auto
  1690     also have "\<dots> < e" by(rule d(2) p12 fine_union p1 p2)+
  1691     finally show "norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) + (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x) - i) < e" . qed qed
  1692 
  1693 lemma integrable_split[intro]: fixes f::"real^'n \<Rightarrow> 'a::{real_normed_vector,complete_space}" assumes "f integrable_on {a..b}"
  1694   shows "f integrable_on ({a..b} \<inter> {x. x$k \<le> c})" (is ?t1) and "f integrable_on ({a..b} \<inter> {x. x$k \<ge> c})" (is ?t2) 
  1695 proof- guess y using assms unfolding integrable_on_def .. note y=this
  1696   def b' \<equiv> "(\<chi> i. if i = k then min (b$k) c else b$i)::real^'n"
  1697   and a' \<equiv> "(\<chi> i. if i = k then max (a$k) c else a$i)::real^'n"
  1698   show ?t1 ?t2 unfolding interval_split integrable_cauchy unfolding interval_split[THEN sym]
  1699   proof(rule_tac[!] allI impI)+ fix e::real assume "e>0" hence "e/2>0" by auto
  1700     from has_integral_separate_sides[OF y this,of k c] guess d . note d=this[rule_format]
  1701     let ?P = "\<lambda>A. \<exists>d. gauge d \<and> (\<forall>p1 p2. p1 tagged_division_of {a..b} \<inter> A \<and> d fine p1 \<and> p2 tagged_division_of {a..b} \<inter> A \<and> d fine p2 \<longrightarrow>
  1702                               norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x)) < e)"
  1703     show "?P {x. x $ k \<le> c}" apply(rule_tac x=d in exI) apply(rule,rule d) apply(rule,rule,rule)
  1704     proof- fix p1 p2 assume as:"p1 tagged_division_of {a..b} \<inter> {x. x $ k \<le> c} \<and> d fine p1 \<and> p2 tagged_division_of {a..b} \<inter> {x. x $ k \<le> c} \<and> d fine p2"
  1705       show "norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x)) < e"
  1706       proof- guess p using fine_division_exists[OF d(1), of a' b] . note p=this
  1707         show ?thesis using norm_triangle_half_l[OF d(2)[of p1 p] d(2)[of p2 p]]
  1708           using as unfolding interval_split b'_def[symmetric] a'_def[symmetric]
  1709           using p using assms by(auto simp add:algebra_simps)
  1710       qed qed  
  1711     show "?P {x. x $ k \<ge> c}" apply(rule_tac x=d in exI) apply(rule,rule d) apply(rule,rule,rule)
  1712     proof- fix p1 p2 assume as:"p1 tagged_division_of {a..b} \<inter> {x. x $ k \<ge> c} \<and> d fine p1 \<and> p2 tagged_division_of {a..b} \<inter> {x. x $ k \<ge> c} \<and> d fine p2"
  1713       show "norm ((\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x)) < e"
  1714       proof- guess p using fine_division_exists[OF d(1), of a b'] . note p=this
  1715         show ?thesis using norm_triangle_half_l[OF d(2)[of p p1] d(2)[of p p2]]
  1716           using as unfolding interval_split b'_def[symmetric] a'_def[symmetric]
  1717           using p using assms by(auto simp add:algebra_simps) qed qed qed qed
  1718 
  1719 subsection {* Generalized notion of additivity. *}
  1720 
  1721 definition "neutral opp = (SOME x. \<forall>y. opp x y = y \<and> opp y x = y)"
  1722 
  1723 definition operative :: "('a \<Rightarrow> 'a \<Rightarrow> 'a) \<Rightarrow> ((real^'n) set \<Rightarrow> 'a) \<Rightarrow> bool" where
  1724   "operative opp f \<equiv> 
  1725     (\<forall>a b. content {a..b} = 0 \<longrightarrow> f {a..b} = neutral(opp)) \<and>
  1726     (\<forall>a b c k. f({a..b}) =
  1727                    opp (f({a..b} \<inter> {x. x$k \<le> c}))
  1728                        (f({a..b} \<inter> {x. x$k \<ge> c})))"
  1729 
  1730 lemma operativeD[dest]: assumes "operative opp f"
  1731   shows "\<And>a b. content {a..b} = 0 \<Longrightarrow> f {a..b} = neutral(opp)"
  1732   "\<And>a b c k. f({a..b}) = opp (f({a..b} \<inter> {x. x$k \<le> c})) (f({a..b} \<inter> {x. x$k \<ge> c}))"
  1733   using assms unfolding operative_def by auto
  1734 
  1735 lemma operative_trivial:
  1736  "operative opp f \<Longrightarrow> content({a..b}) = 0 \<Longrightarrow> f({a..b}) = neutral opp"
  1737   unfolding operative_def by auto
  1738 
  1739 lemma property_empty_interval:
  1740  "(\<forall>a b. content({a..b}) = 0 \<longrightarrow> P({a..b})) \<Longrightarrow> P {}" 
  1741   using content_empty unfolding empty_as_interval by auto
  1742 
  1743 lemma operative_empty: "operative opp f \<Longrightarrow> f {} = neutral opp"
  1744   unfolding operative_def apply(rule property_empty_interval) by auto
  1745 
  1746 subsection {* Using additivity of lifted function to encode definedness. *}
  1747 
  1748 lemma forall_option: "(\<forall>x. P x) \<longleftrightarrow> P None \<and> (\<forall>x. P(Some x))"
  1749   by (metis option.nchotomy)
  1750 
  1751 lemma exists_option:
  1752  "(\<exists>x. P x) \<longleftrightarrow> P None \<or> (\<exists>x. P(Some x))" 
  1753   by (metis option.nchotomy)
  1754 
  1755 fun lifted where 
  1756   "lifted (opp::'a\<Rightarrow>'a\<Rightarrow>'b) (Some x) (Some y) = Some(opp x y)" |
  1757   "lifted opp None _ = (None::'b option)" |
  1758   "lifted opp _ None = None"
  1759 
  1760 lemma lifted_simp_1[simp]: "lifted opp v None = None"
  1761   apply(induct v) by auto
  1762 
  1763 definition "monoidal opp \<equiv>  (\<forall>x y. opp x y = opp y x) \<and>
  1764                    (\<forall>x y z. opp x (opp y z) = opp (opp x y) z) \<and>
  1765                    (\<forall>x. opp (neutral opp) x = x)"
  1766 
  1767 lemma monoidalI: assumes "\<And>x y. opp x y = opp y x"
  1768   "\<And>x y z. opp x (opp y z) = opp (opp x y) z"
  1769   "\<And>x. opp (neutral opp) x = x" shows "monoidal opp"
  1770   unfolding monoidal_def using assms by fastsimp
  1771 
  1772 lemma monoidal_ac: assumes "monoidal opp"
  1773   shows "opp (neutral opp) a = a" "opp a (neutral opp) = a" "opp a b = opp b a"
  1774   "opp (opp a b) c = opp a (opp b c)"  "opp a (opp b c) = opp b (opp a c)"
  1775   using assms unfolding monoidal_def apply- by metis+
  1776 
  1777 lemma monoidal_simps[simp]: assumes "monoidal opp"
  1778   shows "opp (neutral opp) a = a" "opp a (neutral opp) = a"
  1779   using monoidal_ac[OF assms] by auto
  1780 
  1781 lemma neutral_lifted[cong]: assumes "monoidal opp"
  1782   shows "neutral (lifted opp) = Some(neutral opp)"
  1783   apply(subst neutral_def) apply(rule some_equality) apply(rule,induct_tac y) prefer 3
  1784 proof- fix x assume "\<forall>y. lifted opp x y = y \<and> lifted opp y x = y"
  1785   thus "x = Some (neutral opp)" apply(induct x) defer
  1786     apply rule apply(subst neutral_def) apply(subst eq_commute,rule some_equality)
  1787     apply(rule,erule_tac x="Some y" in allE) defer apply(erule_tac x="Some x" in allE) by auto
  1788 qed(auto simp add:monoidal_ac[OF assms])
  1789 
  1790 lemma monoidal_lifted[intro]: assumes "monoidal opp" shows "monoidal(lifted opp)"
  1791   unfolding monoidal_def forall_option neutral_lifted[OF assms] using monoidal_ac[OF assms] by auto
  1792 
  1793 definition "support opp f s = {x. x\<in>s \<and> f x \<noteq> neutral opp}"
  1794 definition "fold' opp e s \<equiv> (if finite s then fold opp e s else e)"
  1795 definition "iterate opp s f \<equiv> fold' (\<lambda>x a. opp (f x) a) (neutral opp) (support opp f s)"
  1796 
  1797 lemma support_subset[intro]:"support opp f s \<subseteq> s" unfolding support_def by auto
  1798 lemma support_empty[simp]:"support opp f {} = {}" using support_subset[of opp f "{}"] by auto
  1799 
  1800 lemma fun_left_comm_monoidal[intro]: assumes "monoidal opp" shows "fun_left_comm opp"
  1801   unfolding fun_left_comm_def using monoidal_ac[OF assms] by auto
  1802 
  1803 lemma support_clauses:
  1804   "\<And>f g s. support opp f {} = {}"
  1805   "\<And>f g s. support opp f (insert x s) = (if f(x) = neutral opp then support opp f s else insert x (support opp f s))"
  1806   "\<And>f g s. support opp f (s - {x}) = (support opp f s) - {x}"
  1807   "\<And>f g s. support opp f (s \<union> t) = (support opp f s) \<union> (support opp f t)"
  1808   "\<And>f g s. support opp f (s \<inter> t) = (support opp f s) \<inter> (support opp f t)"
  1809   "\<And>f g s. support opp f (s - t) = (support opp f s) - (support opp f t)"
  1810   "\<And>f g s. support opp g (f ` s) = f ` (support opp (g o f) s)"
  1811 unfolding support_def by auto
  1812 
  1813 lemma finite_support[intro]:"finite s \<Longrightarrow> finite (support opp f s)"
  1814   unfolding support_def by auto
  1815 
  1816 lemma iterate_empty[simp]:"iterate opp {} f = neutral opp"
  1817   unfolding iterate_def fold'_def by auto 
  1818 
  1819 lemma iterate_insert[simp]: assumes "monoidal opp" "finite s"
  1820   shows "iterate opp (insert x s) f = (if x \<in> s then iterate opp s f else opp (f x) (iterate opp s f))" 
  1821 proof(cases "x\<in>s") case True hence *:"insert x s = s" by auto
  1822   show ?thesis unfolding iterate_def if_P[OF True] * by auto
  1823 next case False note x=this
  1824   note * = fun_left_comm.fun_left_comm_apply[OF fun_left_comm_monoidal[OF assms(1)]]
  1825   show ?thesis proof(cases "f x = neutral opp")
  1826     case True show ?thesis unfolding iterate_def if_not_P[OF x] support_clauses if_P[OF True]
  1827       unfolding True monoidal_simps[OF assms(1)] by auto
  1828   next case False show ?thesis unfolding iterate_def fold'_def  if_not_P[OF x] support_clauses if_not_P[OF False]
  1829       apply(subst fun_left_comm.fold_insert[OF * finite_support])
  1830       using `finite s` unfolding support_def using False x by auto qed qed 
  1831 
  1832 lemma iterate_some:
  1833   assumes "monoidal opp"  "finite s"
  1834   shows "iterate (lifted opp) s (\<lambda>x. Some(f x)) = Some (iterate opp s f)" using assms(2)
  1835 proof(induct s) case empty thus ?case using assms by auto
  1836 next case (insert x F) show ?case apply(subst iterate_insert) prefer 3 apply(subst if_not_P)
  1837     defer unfolding insert(3) lifted.simps apply rule using assms insert by auto qed
  1838 
  1839 subsection {* Two key instances of additivity. *}
  1840 
  1841 lemma neutral_add[simp]:
  1842   "neutral op + = (0::_::comm_monoid_add)" unfolding neutral_def 
  1843   apply(rule some_equality) defer apply(erule_tac x=0 in allE) by auto
  1844 
  1845 lemma operative_content[intro]: "operative (op +) content"
  1846   unfolding operative_def content_split[THEN sym] neutral_add by auto
  1847 
  1848 lemma neutral_monoid: "neutral ((op +)::('a::comm_monoid_add) \<Rightarrow> 'a \<Rightarrow> 'a) = 0"
  1849   by (rule neutral_add) (* FIXME: duplicate *)
  1850 
  1851 lemma monoidal_monoid[intro]:
  1852   shows "monoidal ((op +)::('a::comm_monoid_add) \<Rightarrow> 'a \<Rightarrow> 'a)"
  1853   unfolding monoidal_def neutral_monoid by(auto simp add: algebra_simps) 
  1854 
  1855 lemma operative_integral: fixes f::"real^'n \<Rightarrow> 'a::banach"
  1856   shows "operative (lifted(op +)) (\<lambda>i. if f integrable_on i then Some(integral i f) else None)"
  1857   unfolding operative_def unfolding neutral_lifted[OF monoidal_monoid] neutral_add
  1858   apply(rule,rule,rule,rule) defer apply(rule allI)+
  1859 proof- fix a b c k show "(if f integrable_on {a..b} then Some (integral {a..b} f) else None) =
  1860               lifted op + (if f integrable_on {a..b} \<inter> {x. x $ k \<le> c} then Some (integral ({a..b} \<inter> {x. x $ k \<le> c}) f) else None)
  1861                (if f integrable_on {a..b} \<inter> {x. c \<le> x $ k} then Some (integral ({a..b} \<inter> {x. c \<le> x $ k}) f) else None)"
  1862   proof(cases "f integrable_on {a..b}") 
  1863     case True show ?thesis unfolding if_P[OF True]
  1864       unfolding if_P[OF integrable_split(1)[OF True]] if_P[OF integrable_split(2)[OF True]]
  1865       unfolding lifted.simps option.inject apply(rule integral_unique) apply(rule has_integral_split) 
  1866       apply(rule_tac[!] integrable_integral integrable_split)+ using True by assumption+
  1867   next case False have "(\<not> (f integrable_on {a..b} \<inter> {x. x $ k \<le> c})) \<or> (\<not> ( f integrable_on {a..b} \<inter> {x. c \<le> x $ k}))"
  1868     proof(rule ccontr) case goal1 hence "f integrable_on {a..b}" apply- unfolding integrable_on_def
  1869         apply(rule_tac x="integral ({a..b} \<inter> {x. x $ k \<le> c}) f + integral ({a..b} \<inter> {x. x $ k \<ge> c}) f" in exI)
  1870         apply(rule has_integral_split) apply(rule_tac[!] integrable_integral) by auto
  1871       thus False using False by auto
  1872     qed thus ?thesis using False by auto 
  1873   qed next 
  1874   fix a b assume as:"content {a..b::real^'n} = 0"
  1875   thus "(if f integrable_on {a..b} then Some (integral {a..b} f) else None) = Some 0"
  1876     unfolding if_P[OF integrable_on_null[OF as]] using has_integral_null_eq[OF as] by auto qed
  1877 
  1878 subsection {* Points of division of a partition. *}
  1879 
  1880 definition "division_points (k::(real^'n) set) d = 
  1881     {(j,x). (interval_lowerbound k)$j < x \<and> x < (interval_upperbound k)$j \<and>
  1882            (\<exists>i\<in>d. (interval_lowerbound i)$j = x \<or> (interval_upperbound i)$j = x)}"
  1883 
  1884 lemma division_points_finite: assumes "d division_of i"
  1885   shows "finite (division_points i d)"
  1886 proof- note assm = division_ofD[OF assms]
  1887   let ?M = "\<lambda>j. {(j,x)|x. (interval_lowerbound i)$j < x \<and> x < (interval_upperbound i)$j \<and>
  1888            (\<exists>i\<in>d. (interval_lowerbound i)$j = x \<or> (interval_upperbound i)$j = x)}"
  1889   have *:"division_points i d = \<Union>(?M ` UNIV)"
  1890     unfolding division_points_def by auto
  1891   show ?thesis unfolding * using assm by auto qed
  1892 
  1893 lemma division_points_subset:
  1894   assumes "d division_of {a..b}" "\<forall>i. a$i < b$i"  "a$k < c" "c < b$k"
  1895   shows "division_points ({a..b} \<inter> {x. x$k \<le> c}) {l \<inter> {x. x$k \<le> c} | l . l \<in> d \<and> ~(l \<inter> {x. x$k \<le> c} = {})}
  1896                   \<subseteq> division_points ({a..b}) d" (is ?t1) and
  1897         "division_points ({a..b} \<inter> {x. x$k \<ge> c}) {l \<inter> {x. x$k \<ge> c} | l . l \<in> d \<and> ~(l \<inter> {x. x$k \<ge> c} = {})}
  1898                   \<subseteq> division_points ({a..b}) d" (is ?t2)
  1899 proof- note assm = division_ofD[OF assms(1)]
  1900   have *:"\<forall>i. a$i \<le> b$i"   "\<forall>i. a$i \<le> (\<chi> i. if i = k then min (b $ k) c else b $ i) $ i"
  1901     "\<forall>i. (\<chi> i. if i = k then max (a $ k) c else a $ i) $ i \<le> b$i"  "min (b $ k) c = c" "max (a $ k) c = c"
  1902     using assms using less_imp_le by auto
  1903   show ?t1 unfolding division_points_def interval_split[of a b]
  1904     unfolding interval_bounds[OF *(1)] interval_bounds[OF *(2)] interval_bounds[OF *(3)] Cart_lambda_beta unfolding *
  1905     unfolding subset_eq apply(rule) unfolding mem_Collect_eq split_beta apply(erule bexE conjE)+ unfolding mem_Collect_eq apply(erule exE conjE)+
  1906   proof- fix i l x assume as:"a $ fst x < snd x" "snd x < (if fst x = k then c else b $ fst x)"
  1907       "interval_lowerbound i $ fst x = snd x \<or> interval_upperbound i $ fst x = snd x"  "i = l \<inter> {x. x $ k \<le> c}" "l \<in> d" "l \<inter> {x. x $ k \<le> c} \<noteq> {}"
  1908     from assm(4)[OF this(5)] guess u v apply-by(erule exE)+ note l=this
  1909     have *:"\<forall>i. u $ i \<le> (\<chi> i. if i = k then min (v $ k) c else v $ i) $ i" using as(6) unfolding l interval_split interval_ne_empty as .
  1910     have **:"\<forall>i. u$i \<le> v$i" using l using as(6) unfolding interval_ne_empty[THEN sym] by auto
  1911     show "a $ fst x < snd x \<and> snd x < b $ fst x \<and> (\<exists>i\<in>d. interval_lowerbound i $ fst x = snd x \<or> interval_upperbound i $ fst x = snd x)"
  1912       using as(1-3,5) unfolding l interval_split interval_ne_empty as interval_bounds[OF *] Cart_lambda_beta apply-
  1913       apply(rule,assumption,rule) defer apply(rule_tac x="{u..v}" in bexI) unfolding interval_bounds[OF **]
  1914       apply(case_tac[!] "fst x = k") using assms by auto
  1915   qed
  1916   show ?t2 unfolding division_points_def interval_split[of a b]
  1917     unfolding interval_bounds[OF *(1)] interval_bounds[OF *(2)] interval_bounds[OF *(3)] Cart_lambda_beta unfolding *
  1918     unfolding subset_eq apply(rule) unfolding mem_Collect_eq split_beta apply(erule bexE conjE)+ unfolding mem_Collect_eq apply(erule exE conjE)+
  1919   proof- fix i l x assume as:"(if fst x = k then c else a $ fst x) < snd x" "snd x < b $ fst x" "interval_lowerbound i $ fst x = snd x \<or> interval_upperbound i $ fst x = snd x"
  1920       "i = l \<inter> {x. c \<le> x $ k}" "l \<in> d" "l \<inter> {x. c \<le> x $ k} \<noteq> {}"
  1921     from assm(4)[OF this(5)] guess u v apply-by(erule exE)+ note l=this
  1922     have *:"\<forall>i. (\<chi> i. if i = k then max (u $ k) c else u $ i) $ i \<le> v $ i" using as(6) unfolding l interval_split interval_ne_empty as .
  1923     have **:"\<forall>i. u$i \<le> v$i" using l using as(6) unfolding interval_ne_empty[THEN sym] by auto
  1924     show "a $ fst x < snd x \<and> snd x < b $ fst x \<and> (\<exists>i\<in>d. interval_lowerbound i $ fst x = snd x \<or> interval_upperbound i $ fst x = snd x)"
  1925       using as(1-3,5) unfolding l interval_split interval_ne_empty as interval_bounds[OF *] Cart_lambda_beta apply-
  1926       apply rule defer apply(rule,assumption) apply(rule_tac x="{u..v}" in bexI) unfolding interval_bounds[OF **]
  1927       apply(case_tac[!] "fst x = k") using assms by auto qed qed
  1928 
  1929 lemma division_points_psubset:
  1930   assumes "d division_of {a..b}"  "\<forall>i. a$i < b$i"  "a$k < c" "c < b$k"
  1931   "l \<in> d" "interval_lowerbound l$k = c \<or> interval_upperbound l$k = c"
  1932   shows "division_points ({a..b} \<inter> {x. x$k \<le> c}) {l \<inter> {x. x$k \<le> c} | l. l\<in>d \<and> l \<inter> {x. x$k \<le> c} \<noteq> {}} \<subset> division_points ({a..b}) d" (is "?D1 \<subset> ?D") 
  1933         "division_points ({a..b} \<inter> {x. x$k \<ge> c}) {l \<inter> {x. x$k \<ge> c} | l. l\<in>d \<and> l \<inter> {x. x$k \<ge> c} \<noteq> {}} \<subset> division_points ({a..b}) d" (is "?D2 \<subset> ?D") 
  1934 proof- have ab:"\<forall>i. a$i \<le> b$i" using assms(2) by(auto intro!:less_imp_le)
  1935   guess u v using division_ofD(4)[OF assms(1,5)] apply-by(erule exE)+ note l=this
  1936   have uv:"\<forall>i. u$i \<le> v$i" "\<forall>i. a$i \<le> u$i \<and> v$i \<le> b$i" using division_ofD(2,2,3)[OF assms(1,5)] unfolding l interval_ne_empty
  1937     unfolding subset_eq apply- defer apply(erule_tac x=u in ballE, erule_tac x=v in ballE) unfolding mem_interval by auto
  1938   have *:"interval_upperbound ({a..b} \<inter> {x. x $ k \<le> interval_upperbound l $ k}) $ k = interval_upperbound l $ k"
  1939          "interval_upperbound ({a..b} \<inter> {x. x $ k \<le> interval_lowerbound l $ k}) $ k = interval_lowerbound l $ k"
  1940     unfolding interval_split apply(subst interval_bounds) prefer 3 apply(subst interval_bounds)
  1941     unfolding l interval_bounds[OF uv(1)] using uv[rule_format,of k] ab by auto
  1942   have "\<exists>x. x \<in> ?D - ?D1" using assms(2-) apply-apply(erule disjE)
  1943     apply(rule_tac x="(k,(interval_lowerbound l)$k)" in exI) defer
  1944     apply(rule_tac x="(k,(interval_upperbound l)$k)" in exI)
  1945     unfolding division_points_def unfolding interval_bounds[OF ab]
  1946     apply auto unfolding * by auto
  1947   thus "?D1 \<subset> ?D" apply-apply(rule,rule division_points_subset[OF assms(1-4)]) by auto
  1948 
  1949   have *:"interval_lowerbound ({a..b} \<inter> {x. x $ k \<ge> interval_lowerbound l $ k}) $ k = interval_lowerbound l $ k"
  1950          "interval_lowerbound ({a..b} \<inter> {x. x $ k \<ge> interval_upperbound l $ k}) $ k = interval_upperbound l $ k"
  1951     unfolding interval_split apply(subst interval_bounds) prefer 3 apply(subst interval_bounds)
  1952     unfolding l interval_bounds[OF uv(1)] using uv[rule_format,of k] ab by auto
  1953   have "\<exists>x. x \<in> ?D - ?D2" using assms(2-) apply-apply(erule disjE)
  1954     apply(rule_tac x="(k,(interval_lowerbound l)$k)" in exI) defer
  1955     apply(rule_tac x="(k,(interval_upperbound l)$k)" in exI)
  1956     unfolding division_points_def unfolding interval_bounds[OF ab]
  1957     apply auto unfolding * by auto
  1958   thus "?D2 \<subset> ?D" apply-apply(rule,rule division_points_subset[OF assms(1-4)]) by auto qed
  1959 
  1960 subsection {* Preservation by divisions and tagged divisions. *}
  1961 
  1962 lemma support_support[simp]:"support opp f (support opp f s) = support opp f s"
  1963   unfolding support_def by auto
  1964 
  1965 lemma iterate_support[simp]: "iterate opp (support opp f s) f = iterate opp s f"
  1966   unfolding iterate_def support_support by auto
  1967 
  1968 lemma iterate_expand_cases:
  1969   "iterate opp s f = (if finite(support opp f s) then iterate opp (support opp f s) f else neutral opp)"
  1970   apply(cases) apply(subst if_P,assumption) unfolding iterate_def support_support fold'_def by auto 
  1971 
  1972 lemma iterate_image: assumes "monoidal opp"  "inj_on f s"
  1973   shows "iterate opp (f ` s) g = iterate opp s (g \<circ> f)"
  1974 proof- have *:"\<And>s. finite s \<Longrightarrow>  \<forall>x\<in>s. \<forall>y\<in>s. f x = f y \<longrightarrow> x = y \<Longrightarrow>
  1975      iterate opp (f ` s) g = iterate opp s (g \<circ> f)"
  1976   proof- case goal1 show ?case using goal1
  1977     proof(induct s) case empty thus ?case using assms(1) by auto
  1978     next case (insert x s) show ?case unfolding iterate_insert[OF assms(1) insert(1)]
  1979         unfolding if_not_P[OF insert(2)] apply(subst insert(3)[THEN sym])
  1980         unfolding image_insert defer apply(subst iterate_insert[OF assms(1)])
  1981         apply(rule finite_imageI insert)+ apply(subst if_not_P)
  1982         unfolding image_iff o_def using insert(2,4) by auto
  1983     qed qed
  1984   show ?thesis 
  1985     apply(cases "finite (support opp g (f ` s))")
  1986     apply(subst (1) iterate_support[THEN sym],subst (2) iterate_support[THEN sym])
  1987     unfolding support_clauses apply(rule *)apply(rule finite_imageD,assumption) unfolding inj_on_def[symmetric]
  1988     apply(rule subset_inj_on[OF assms(2) support_subset])+
  1989     apply(subst iterate_expand_cases) unfolding support_clauses apply(simp only: if_False)
  1990     apply(subst iterate_expand_cases) apply(subst if_not_P) by auto qed
  1991 
  1992 
  1993 (* This lemma about iterations comes up in a few places.                     *)
  1994 lemma iterate_nonzero_image_lemma:
  1995   assumes "monoidal opp" "finite s" "g(a) = neutral opp"
  1996   "\<forall>x\<in>s. \<forall>y\<in>s. f x = f y \<and> x \<noteq> y \<longrightarrow> g(f x) = neutral opp"
  1997   shows "iterate opp {f x | x. x \<in> s \<and> f x \<noteq> a} g = iterate opp s (g \<circ> f)"
  1998 proof- have *:"{f x |x. x \<in> s \<and> ~(f x = a)} = f ` {x. x \<in> s \<and> ~(f x = a)}" by auto
  1999   have **:"support opp (g \<circ> f) {x \<in> s. f x \<noteq> a} = support opp (g \<circ> f) s"
  2000     unfolding support_def using assms(3) by auto
  2001   show ?thesis unfolding *
  2002     apply(subst iterate_support[THEN sym]) unfolding support_clauses
  2003     apply(subst iterate_image[OF assms(1)]) defer
  2004     apply(subst(2) iterate_support[THEN sym]) apply(subst **)
  2005     unfolding inj_on_def using assms(3,4) unfolding support_def by auto qed
  2006 
  2007 lemma iterate_eq_neutral:
  2008   assumes "monoidal opp"  "\<forall>x \<in> s. (f(x) = neutral opp)"
  2009   shows "(iterate opp s f = neutral opp)"
  2010 proof- have *:"support opp f s = {}" unfolding support_def using assms(2) by auto
  2011   show ?thesis apply(subst iterate_support[THEN sym]) 
  2012     unfolding * using assms(1) by auto qed
  2013 
  2014 lemma iterate_op: assumes "monoidal opp" "finite s"
  2015   shows "iterate opp s (\<lambda>x. opp (f x) (g x)) = opp (iterate opp s f) (iterate opp s g)" using assms(2)
  2016 proof(induct s) case empty thus ?case unfolding iterate_insert[OF assms(1)] using assms(1) by auto
  2017 next case (insert x F) show ?case unfolding iterate_insert[OF assms(1) insert(1)] if_not_P[OF insert(2)] insert(3)
  2018     unfolding monoidal_ac[OF assms(1)] by(rule refl) qed
  2019 
  2020 lemma iterate_eq: assumes "monoidal opp" "\<And>x. x \<in> s \<Longrightarrow> f x = g x"
  2021   shows "iterate opp s f = iterate opp s g"
  2022 proof- have *:"support opp g s = support opp f s"
  2023     unfolding support_def using assms(2) by auto
  2024   show ?thesis
  2025   proof(cases "finite (support opp f s)")
  2026     case False thus ?thesis apply(subst iterate_expand_cases,subst(2) iterate_expand_cases)
  2027       unfolding * by auto
  2028   next def su \<equiv> "support opp f s"
  2029     case True note support_subset[of opp f s] 
  2030     thus ?thesis apply- apply(subst iterate_support[THEN sym],subst(2) iterate_support[THEN sym]) unfolding * using True
  2031       unfolding su_def[symmetric]
  2032     proof(induct su) case empty show ?case by auto
  2033     next case (insert x s) show ?case unfolding iterate_insert[OF assms(1) insert(1)] 
  2034         unfolding if_not_P[OF insert(2)] apply(subst insert(3))
  2035         defer apply(subst assms(2)[of x]) using insert by auto qed qed qed
  2036 
  2037 lemma nonempty_witness: assumes "s \<noteq> {}" obtains x where "x \<in> s" using assms by auto
  2038 
  2039 lemma operative_division: fixes f::"(real^'n) set \<Rightarrow> 'a"
  2040   assumes "monoidal opp" "operative opp f" "d division_of {a..b}"
  2041   shows "iterate opp d f = f {a..b}"
  2042 proof- def C \<equiv> "card (division_points {a..b} d)" thus ?thesis using assms
  2043   proof(induct C arbitrary:a b d rule:full_nat_induct)
  2044     case goal1
  2045     { presume *:"content {a..b} \<noteq> 0 \<Longrightarrow> ?case"
  2046       thus ?case apply-apply(cases) defer apply assumption
  2047       proof- assume as:"content {a..b} = 0"
  2048         show ?case unfolding operativeD(1)[OF assms(2) as] apply(rule iterate_eq_neutral[OF goal1(2)])
  2049         proof fix x assume x:"x\<in>d"
  2050           then guess u v apply(drule_tac division_ofD(4)[OF goal1(4)]) by(erule exE)+
  2051           thus "f x = neutral opp" using division_of_content_0[OF as goal1(4)] 
  2052             using operativeD(1)[OF assms(2)] x by auto
  2053         qed qed }
  2054     assume "content {a..b} \<noteq> 0" note ab = this[unfolded content_lt_nz[THEN sym] content_pos_lt_eq]
  2055     hence ab':"\<forall>i. a$i \<le> b$i" by (auto intro!: less_imp_le) show ?case 
  2056     proof(cases "division_points {a..b} d = {}")
  2057       case True have d':"\<forall>i\<in>d. \<exists>u v. i = {u..v} \<and>
  2058         (\<forall>j. u$j = a$j \<and> v$j = a$j \<or> u$j = b$j \<and> v$j = b$j \<or> u$j = a$j \<and> v$j = b$j)"
  2059         unfolding forall_in_division[OF goal1(4)] apply(rule,rule,rule)
  2060         apply(rule_tac x=a in exI,rule_tac x=b in exI) apply(rule,rule refl) apply(rule)
  2061       proof- fix u v j assume as:"{u..v} \<in> d" note division_ofD(3)[OF goal1(4) this]
  2062         hence uv:"\<forall>i. u$i \<le> v$i" "u$j \<le> v$j" unfolding interval_ne_empty by auto
  2063         have *:"\<And>p r Q. p \<or> r \<or> (\<forall>x\<in>d. Q x) \<Longrightarrow> p \<or> r \<or> (Q {u..v})" using as by auto
  2064         have "(j, u$j) \<notin> division_points {a..b} d"
  2065           "(j, v$j) \<notin> division_points {a..b} d" using True by auto
  2066         note this[unfolded de_Morgan_conj division_points_def mem_Collect_eq split_conv interval_bounds[OF ab'] bex_simps]
  2067         note *[OF this(1)] *[OF this(2)] note this[unfolded interval_bounds[OF uv(1)]]
  2068         moreover have "a$j \<le> u$j" "v$j \<le> b$j" using division_ofD(2,2,3)[OF goal1(4) as] 
  2069           unfolding subset_eq apply- apply(erule_tac x=u in ballE,erule_tac[3] x=v in ballE)
  2070           unfolding interval_ne_empty mem_interval by auto
  2071         ultimately show "u$j = a$j \<and> v$j = a$j \<or> u$j = b$j \<and> v$j = b$j \<or> u$j = a$j \<and> v$j = b$j"
  2072           unfolding not_less de_Morgan_disj using ab[rule_format,of j] uv(2) by auto
  2073       qed have "(1/2) *\<^sub>R (a+b) \<in> {a..b}" unfolding mem_interval using ab by(auto intro!:less_imp_le)
  2074       note this[unfolded division_ofD(6)[OF goal1(4),THEN sym] Union_iff]
  2075       then guess i .. note i=this guess u v using d'[rule_format,OF i(1)] apply-by(erule exE conjE)+ note uv=this
  2076       have "{a..b} \<in> d"
  2077       proof- { presume "i = {a..b}" thus ?thesis using i by auto }
  2078         { presume "u = a" "v = b" thus "i = {a..b}" using uv by auto }
  2079         show "u = a" "v = b" unfolding Cart_eq
  2080         proof(rule_tac[!] allI) fix j note i(2)[unfolded uv mem_interval,rule_format,of j]
  2081           thus "u $ j = a $ j" "v $ j = b $ j" using uv(2)[rule_format,of j] by auto
  2082         qed qed
  2083       hence *:"d = insert {a..b} (d - {{a..b}})" by auto
  2084       have "iterate opp (d - {{a..b}}) f = neutral opp" apply(rule iterate_eq_neutral[OF goal1(2)])
  2085       proof fix x assume x:"x \<in> d - {{a..b}}" hence "x\<in>d" by auto note d'[rule_format,OF this]
  2086         then guess u v apply-by(erule exE conjE)+ note uv=this
  2087         have "u\<noteq>a \<or> v\<noteq>b" using x[unfolded uv] by auto  
  2088         then obtain j where "u$j \<noteq> a$j \<or> v$j \<noteq> b$j" unfolding Cart_eq by auto
  2089         hence "u$j = v$j" using uv(2)[rule_format,of j] by auto
  2090         hence "content {u..v} = 0"  unfolding content_eq_0 apply(rule_tac x=j in exI) by auto
  2091         thus "f x = neutral opp" unfolding uv(1) by(rule operativeD(1)[OF goal1(3)])
  2092       qed thus "iterate opp d f = f {a..b}" apply-apply(subst *) 
  2093         apply(subst iterate_insert[OF goal1(2)]) using goal1(2,4) by auto
  2094     next case False hence "\<exists>x. x\<in>division_points {a..b} d" by auto
  2095       then guess k c unfolding split_paired_Ex apply- unfolding division_points_def mem_Collect_eq split_conv
  2096         by(erule exE conjE)+ note kc=this[unfolded interval_bounds[OF ab']]
  2097       from this(3) guess j .. note j=this
  2098       def d1 \<equiv> "{l \<inter> {x. x$k \<le> c} | l. l \<in> d \<and> l \<inter> {x. x$k \<le> c} \<noteq> {}}"
  2099       def d2 \<equiv> "{l \<inter> {x. x$k \<ge> c} | l. l \<in> d \<and> l \<inter> {x. x$k \<ge> c} \<noteq> {}}"
  2100       def cb \<equiv> "(\<chi> i. if i = k then c else b$i)" and ca \<equiv> "(\<chi> i. if i = k then c else a$i)"
  2101       note division_points_psubset[OF goal1(4) ab kc(1-2) j]
  2102       note psubset_card_mono[OF _ this(1)] psubset_card_mono[OF _ this(2)]
  2103       hence *:"(iterate opp d1 f) = f ({a..b} \<inter> {x. x$k \<le> c})" "(iterate opp d2 f) = f ({a..b} \<inter> {x. x$k \<ge> c})"
  2104         apply- unfolding interval_split apply(rule_tac[!] goal1(1)[rule_format])
  2105         using division_split[OF goal1(4), where k=k and c=c]
  2106         unfolding interval_split d1_def[symmetric] d2_def[symmetric] unfolding goal1(2) Suc_le_mono
  2107         using goal1(2-3) using division_points_finite[OF goal1(4)] by auto
  2108       have "f {a..b} = opp (iterate opp d1 f) (iterate opp d2 f)" (is "_ = ?prev")
  2109         unfolding * apply(rule operativeD(2)) using goal1(3) .
  2110       also have "iterate opp d1 f = iterate opp d (\<lambda>l. f(l \<inter> {x. x$k \<le> c}))"
  2111         unfolding d1_def apply(rule iterate_nonzero_image_lemma[unfolded o_def])
  2112         unfolding empty_as_interval apply(rule goal1 division_of_finite operativeD[OF goal1(3)])+
  2113         unfolding empty_as_interval[THEN sym] apply(rule content_empty)
  2114       proof(rule,rule,rule,erule conjE) fix l y assume as:"l \<in> d" "y \<in> d" "l \<inter> {x. x $ k \<le> c} = y \<inter> {x. x $ k \<le> c}" "l \<noteq> y" 
  2115         from division_ofD(4)[OF goal1(4) this(1)] guess u v apply-by(erule exE)+ note l=this
  2116         show "f (l \<inter> {x. x $ k \<le> c}) = neutral opp" unfolding l interval_split
  2117           apply(rule operativeD(1) goal1)+ unfolding interval_split[THEN sym] apply(rule division_split_left_inj)
  2118           apply(rule goal1) unfolding l[THEN sym] apply(rule as(1),rule as(2)) by(rule as)+
  2119       qed also have "iterate opp d2 f = iterate opp d (\<lambda>l. f(l \<inter> {x. x$k \<ge> c}))"
  2120         unfolding d2_def apply(rule iterate_nonzero_image_lemma[unfolded o_def])
  2121         unfolding empty_as_interval apply(rule goal1 division_of_finite operativeD[OF goal1(3)])+
  2122         unfolding empty_as_interval[THEN sym] apply(rule content_empty)
  2123       proof(rule,rule,rule,erule conjE) fix l y assume as:"l \<in> d" "y \<in> d" "l \<inter> {x. c \<le> x $ k} = y \<inter> {x. c \<le> x $ k}" "l \<noteq> y" 
  2124         from division_ofD(4)[OF goal1(4) this(1)] guess u v apply-by(erule exE)+ note l=this
  2125         show "f (l \<inter> {x. x $ k \<ge> c}) = neutral opp" unfolding l interval_split
  2126           apply(rule operativeD(1) goal1)+ unfolding interval_split[THEN sym] apply(rule division_split_right_inj)
  2127           apply(rule goal1) unfolding l[THEN sym] apply(rule as(1),rule as(2)) by(rule as)+
  2128       qed also have *:"\<forall>x\<in>d. f x = opp (f (x \<inter> {x. x $ k \<le> c})) (f (x \<inter> {x. c \<le> x $ k}))"
  2129         unfolding forall_in_division[OF goal1(4)] apply(rule,rule,rule,rule operativeD(2)) using goal1(3) .
  2130       have "opp (iterate opp d (\<lambda>l. f (l \<inter> {x. x $ k \<le> c}))) (iterate opp d (\<lambda>l. f (l \<inter> {x. c \<le> x $ k})))
  2131         = iterate opp d f" apply(subst(3) iterate_eq[OF _ *[rule_format]]) prefer 3
  2132         apply(rule iterate_op[THEN sym]) using goal1 by auto
  2133       finally show ?thesis by auto
  2134     qed qed qed 
  2135 
  2136 lemma iterate_image_nonzero: assumes "monoidal opp"
  2137   "finite s" "\<forall>x\<in>s. \<forall>y\<in>s. ~(x = y) \<and> f x = f y \<longrightarrow> g(f x) = neutral opp"
  2138   shows "iterate opp (f ` s) g = iterate opp s (g \<circ> f)" using assms
  2139 proof(induct rule:finite_subset_induct[OF assms(2) subset_refl])
  2140   case goal1 show ?case using assms(1) by auto
  2141 next case goal2 have *:"\<And>x y. y = neutral opp \<Longrightarrow> x = opp y x" using assms(1) by auto
  2142   show ?case unfolding image_insert apply(subst iterate_insert[OF assms(1)])
  2143     apply(rule finite_imageI goal2)+
  2144     apply(cases "f a \<in> f ` F") unfolding if_P if_not_P apply(subst goal2(4)[OF assms(1) goal2(1)]) defer
  2145     apply(subst iterate_insert[OF assms(1) goal2(1)]) defer
  2146     apply(subst iterate_insert[OF assms(1) goal2(1)])
  2147     unfolding if_not_P[OF goal2(3)] defer unfolding image_iff defer apply(erule bexE)
  2148     apply(rule *) unfolding o_def apply(rule_tac y=x in goal2(7)[rule_format])
  2149     using goal2 unfolding o_def by auto qed 
  2150 
  2151 lemma operative_tagged_division: assumes "monoidal opp" "operative opp f" "d tagged_division_of {a..b}"
  2152   shows "iterate(opp) d (\<lambda>(x,l). f l) = f {a..b}"
  2153 proof- have *:"(\<lambda>(x,l). f l) = (f o snd)" unfolding o_def by(rule,auto) note assm = tagged_division_ofD[OF assms(3)]
  2154   have "iterate(opp) d (\<lambda>(x,l). f l) = iterate opp (snd ` d) f" unfolding *
  2155     apply(rule iterate_image_nonzero[THEN sym,OF assms(1)]) apply(rule tagged_division_of_finite assms)+ 
  2156     unfolding Ball_def split_paired_All snd_conv apply(rule,rule,rule,rule,rule,rule,rule,erule conjE)
  2157   proof- fix a b aa ba assume as:"(a, b) \<in> d" "(aa, ba) \<in> d" "(a, b) \<noteq> (aa, ba)" "b = ba"
  2158     guess u v using assm(4)[OF as(1)] apply-by(erule exE)+ note uv=this
  2159     show "f b = neutral opp" unfolding uv apply(rule operativeD(1)[OF assms(2)])
  2160       unfolding content_eq_0_interior using tagged_division_ofD(5)[OF assms(3) as(1-3)]
  2161       unfolding as(4)[THEN sym] uv by auto
  2162   qed also have "\<dots> = f {a..b}" 
  2163     using operative_division[OF assms(1-2) division_of_tagged_division[OF assms(3)]] .
  2164   finally show ?thesis . qed
  2165 
  2166 subsection {* Additivity of content. *}
  2167 
  2168 lemma setsum_iterate:assumes "finite s" shows "setsum f s = iterate op + s f"
  2169 proof- have *:"setsum f s = setsum f (support op + f s)"
  2170     apply(rule setsum_mono_zero_right)
  2171     unfolding support_def neutral_monoid using assms by auto
  2172   thus ?thesis unfolding * setsum_def iterate_def fold_image_def fold'_def
  2173     unfolding neutral_monoid . qed
  2174 
  2175 lemma additive_content_division: assumes "d division_of {a..b}"
  2176   shows "setsum content d = content({a..b})"
  2177   unfolding operative_division[OF monoidal_monoid operative_content assms,THEN sym]
  2178   apply(subst setsum_iterate) using assms by auto
  2179 
  2180 lemma additive_content_tagged_division:
  2181   assumes "d tagged_division_of {a..b}"
  2182   shows "setsum (\<lambda>(x,l). content l) d = content({a..b})"
  2183   unfolding operative_tagged_division[OF monoidal_monoid operative_content assms,THEN sym]
  2184   apply(subst setsum_iterate) using assms by auto
  2185 
  2186 subsection {* Finally, the integral of a constant *}
  2187 
  2188 lemma has_integral_const[intro]:
  2189   "((\<lambda>x. c) has_integral (content({a..b::real^'n}) *\<^sub>R c)) ({a..b})"
  2190   unfolding has_integral apply(rule,rule,rule_tac x="\<lambda>x. ball x 1" in exI)
  2191   apply(rule,rule gauge_trivial)apply(rule,rule,erule conjE)
  2192   unfolding split_def apply(subst scaleR_left.setsum[THEN sym, unfolded o_def])
  2193   defer apply(subst additive_content_tagged_division[unfolded split_def]) apply assumption by auto
  2194 
  2195 subsection {* Bounds on the norm of Riemann sums and the integral itself. *}
  2196 
  2197 lemma dsum_bound: assumes "p division_of {a..b}" "norm(c) \<le> e"
  2198   shows "norm(setsum (\<lambda>l. content l *\<^sub>R c) p) \<le> e * content({a..b})" (is "?l \<le> ?r")
  2199   apply(rule order_trans,rule setsum_norm) defer unfolding norm_scaleR setsum_left_distrib[THEN sym]
  2200   apply(rule order_trans[OF mult_left_mono],rule assms,rule setsum_abs_ge_zero)
  2201   apply(subst mult_commute) apply(rule mult_left_mono)
  2202   apply(rule order_trans[of _ "setsum content p"]) apply(rule eq_refl,rule setsum_cong2)
  2203   apply(subst abs_of_nonneg) unfolding additive_content_division[OF assms(1)]
  2204 proof- from order_trans[OF norm_ge_zero[of c] assms(2)] show "0 \<le> e" .
  2205   fix x assume "x\<in>p" from division_ofD(4)[OF assms(1) this] guess u v apply-by(erule exE)+
  2206   thus "0 \<le> content x" using content_pos_le by auto
  2207 qed(insert assms,auto)
  2208 
  2209 lemma rsum_bound: assumes "p tagged_division_of {a..b}" "\<forall>x\<in>{a..b}. norm(f x) \<le> e"
  2210   shows "norm(setsum (\<lambda>(x,k). content k *\<^sub>R f x) p) \<le> e * content({a..b})"
  2211 proof(cases "{a..b} = {}") case True
  2212   show ?thesis using assms(1) unfolding True tagged_division_of_trivial by auto
  2213 next case False show ?thesis
  2214     apply(rule order_trans,rule setsum_norm) defer unfolding split_def norm_scaleR
  2215     apply(rule order_trans[OF setsum_mono]) apply(rule mult_left_mono[OF _ abs_ge_zero, of _ e]) defer
  2216     unfolding setsum_left_distrib[THEN sym] apply(subst mult_commute) apply(rule mult_left_mono)
  2217     apply(rule order_trans[of _ "setsum (content \<circ> snd) p"]) apply(rule eq_refl,rule setsum_cong2)
  2218     apply(subst o_def, rule abs_of_nonneg)
  2219   proof- show "setsum (content \<circ> snd) p \<le> content {a..b}" apply(rule eq_refl)
  2220       unfolding additive_content_tagged_division[OF assms(1),THEN sym] split_def by auto
  2221     guess w using nonempty_witness[OF False] .
  2222     thus "e\<ge>0" apply-apply(rule order_trans) defer apply(rule assms(2)[rule_format],assumption) by auto
  2223     fix xk assume *:"xk\<in>p" guess x k  using surj_pair[of xk] apply-by(erule exE)+ note xk = this *[unfolded this]
  2224     from tagged_division_ofD(4)[OF assms(1) xk(2)] guess u v apply-by(erule exE)+ note uv=this
  2225     show "0\<le> content (snd xk)" unfolding xk snd_conv uv by(rule content_pos_le)
  2226     show "norm (f (fst xk)) \<le> e" unfolding xk fst_conv using tagged_division_ofD(2,3)[OF assms(1) xk(2)] assms(2) by auto
  2227   qed(insert assms,auto) qed
  2228 
  2229 lemma rsum_diff_bound:
  2230   assumes "p tagged_division_of {a..b}"  "\<forall>x\<in>{a..b}. norm(f x - g x) \<le> e"
  2231   shows "norm(setsum (\<lambda>(x,k). content k *\<^sub>R f x) p - setsum (\<lambda>(x,k). content k *\<^sub>R g x) p) \<le> e * content({a..b})"
  2232   apply(rule order_trans[OF _ rsum_bound[OF assms]]) apply(rule eq_refl) apply(rule arg_cong[where f=norm])
  2233   unfolding setsum_subtractf[THEN sym] apply(rule setsum_cong2) unfolding scaleR.diff_right by auto
  2234 
  2235 lemma has_integral_bound: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  2236   assumes "0 \<le> B" "(f has_integral i) ({a..b})" "\<forall>x\<in>{a..b}. norm(f x) \<le> B"
  2237   shows "norm i \<le> B * content {a..b}"
  2238 proof- let ?P = "content {a..b} > 0" { presume "?P \<Longrightarrow> ?thesis"
  2239     thus ?thesis proof(cases ?P) case False
  2240       hence *:"content {a..b} = 0" using content_lt_nz by auto
  2241       hence **:"i = 0" using assms(2) apply(subst has_integral_null_eq[THEN sym]) by auto
  2242       show ?thesis unfolding * ** using assms(1) by auto
  2243     qed auto } assume ab:?P
  2244   { presume "\<not> ?thesis \<Longrightarrow> False" thus ?thesis by auto }
  2245   assume "\<not> ?thesis" hence *:"norm i - B * content {a..b} > 0" by auto
  2246   from assms(2)[unfolded has_integral,rule_format,OF *] guess d apply-by(erule exE conjE)+ note d=this[rule_format]
  2247   from fine_division_exists[OF this(1), of a b] guess p . note p=this
  2248   have *:"\<And>s B. norm s \<le> B \<Longrightarrow> \<not> (norm (s - i) < norm i - B)"
  2249   proof- case goal1 thus ?case unfolding not_less
  2250     using norm_triangle_sub[of i s] unfolding norm_minus_commute by auto
  2251   qed show False using d(2)[OF conjI[OF p]] *[OF rsum_bound[OF p(1) assms(3)]] by auto qed
  2252 
  2253 subsection {* Similar theorems about relationship among components. *}
  2254 
  2255 lemma rsum_component_le: fixes f::"real^'n \<Rightarrow> real^'m"
  2256   assumes "p tagged_division_of {a..b}"  "\<forall>x\<in>{a..b}. (f x)$i \<le> (g x)$i"
  2257   shows "(setsum (\<lambda>(x,k). content k *\<^sub>R f x) p)$i \<le> (setsum (\<lambda>(x,k). content k *\<^sub>R g x) p)$i"
  2258   unfolding setsum_component apply(rule setsum_mono)
  2259   apply(rule mp) defer apply assumption unfolding split_paired_all apply rule unfolding split_conv
  2260 proof- fix a b assume ab:"(a,b) \<in> p" note assm = tagged_division_ofD(2-4)[OF assms(1) ab]
  2261   from this(3) guess u v apply-by(erule exE)+ note b=this
  2262   show "(content b *\<^sub>R f a) $ i \<le> (content b *\<^sub>R g a) $ i" unfolding b
  2263     unfolding Cart_nth.scaleR real_scaleR_def apply(rule mult_left_mono)
  2264     defer apply(rule content_pos_le,rule assms(2)[rule_format]) using assm by auto qed
  2265 
  2266 lemma has_integral_component_le: fixes f::"real^'n \<Rightarrow> real^'m"
  2267   assumes "(f has_integral i) s" "(g has_integral j) s"  "\<forall>x\<in>s. (f x)$k \<le> (g x)$k"
  2268   shows "i$k \<le> j$k"
  2269 proof- have lem:"\<And>a b g i j. \<And>f::real^'n \<Rightarrow> real^'m. (f has_integral i) ({a..b}) \<Longrightarrow> 
  2270     (g has_integral j) ({a..b}) \<Longrightarrow> \<forall>x\<in>{a..b}. (f x)$k \<le> (g x)$k \<Longrightarrow> i$k \<le> j$k"
  2271   proof(rule ccontr) case goal1 hence *:"0 < (i$k - j$k) / 3" by auto
  2272     guess d1 using goal1(1)[unfolded has_integral,rule_format,OF *] apply-by(erule exE conjE)+ note d1=this[rule_format]
  2273     guess d2 using goal1(2)[unfolded has_integral,rule_format,OF *] apply-by(erule exE conjE)+ note d2=this[rule_format]
  2274     guess p using fine_division_exists[OF gauge_inter[OF d1(1) d2(1)], of a b] unfolding fine_inter .
  2275     note p = this(1) conjunctD2[OF this(2)]  note le_less_trans[OF component_le_norm, of _ _ k]
  2276     note this[OF d1(2)[OF conjI[OF p(1,2)]]] this[OF d2(2)[OF conjI[OF p(1,3)]]]
  2277     thus False unfolding Cart_nth.diff using rsum_component_le[OF p(1) goal1(3)] by smt
  2278   qed let ?P = "\<exists>a b. s = {a..b}"
  2279   { presume "\<not> ?P \<Longrightarrow> ?thesis" thus ?thesis proof(cases ?P)
  2280       case True then guess a b apply-by(erule exE)+ note s=this
  2281       show ?thesis apply(rule lem) using assms[unfolded s] by auto
  2282     qed auto } assume as:"\<not> ?P"
  2283   { presume "\<not> ?thesis \<Longrightarrow> False" thus ?thesis by auto }
  2284   assume "\<not> i$k \<le> j$k" hence ij:"(i$k - j$k) / 3 > 0" by auto
  2285   note has_integral_altD[OF _ as this] from this[OF assms(1)] this[OF assms(2)] guess B1 B2 . note B=this[rule_format]
  2286   have "bounded (ball 0 B1 \<union> ball (0::real^'n) B2)" unfolding bounded_Un by(rule conjI bounded_ball)+
  2287   from bounded_subset_closed_interval[OF this] guess a b apply- by(erule exE)+
  2288   note ab = conjunctD2[OF this[unfolded Un_subset_iff]]
  2289   guess w1 using B(2)[OF ab(1)] .. note w1=conjunctD2[OF this]
  2290   guess w2 using B(4)[OF ab(2)] .. note w2=conjunctD2[OF this]
  2291   have *:"\<And>w1 w2 j i::real .\<bar>w1 - i\<bar> < (i - j) / 3 \<Longrightarrow> \<bar>w2 - j\<bar> < (i - j) / 3 \<Longrightarrow> w1 \<le> w2 \<Longrightarrow> False" by smt(*SMTSMT*)
  2292   note le_less_trans[OF component_le_norm[of _ k]] note this[OF w1(2)] this[OF w2(2)] moreover
  2293   have "w1$k \<le> w2$k" apply(rule lem[OF w1(1) w2(1)]) using assms by auto ultimately
  2294   show False unfolding Cart_nth.diff by(rule *) qed
  2295 
  2296 lemma integral_component_le: fixes f::"real^'n \<Rightarrow> real^'m"
  2297   assumes "f integrable_on s" "g integrable_on s"  "\<forall>x\<in>s. (f x)$k \<le> (g x)$k"
  2298   shows "(integral s f)$k \<le> (integral s g)$k"
  2299   apply(rule has_integral_component_le) using integrable_integral assms by auto
  2300 
  2301 lemma has_integral_dest_vec1_le: fixes f::"real^'n \<Rightarrow> real^1"
  2302   assumes "(f has_integral i) s"  "(g has_integral j) s" "\<forall>x\<in>s. f x \<le> g x"
  2303   shows "dest_vec1 i \<le> dest_vec1 j" apply(rule has_integral_component_le[OF assms(1-2)])
  2304   using assms(3) unfolding vector_le_def by auto
  2305 
  2306 lemma integral_dest_vec1_le: fixes f::"real^'n \<Rightarrow> real^1"
  2307   assumes "f integrable_on s" "g integrable_on s" "\<forall>x\<in>s. f x \<le> g x"
  2308   shows "dest_vec1(integral s f) \<le> dest_vec1(integral s g)"
  2309   apply(rule has_integral_dest_vec1_le) apply(rule_tac[1-2] integrable_integral) using assms by auto
  2310 
  2311 lemma has_integral_component_nonneg: fixes f::"real^'n \<Rightarrow> real^'m"
  2312   assumes "(f has_integral i) s" "\<forall>x\<in>s. 0 \<le> (f x)$k" shows "0 \<le> i$k"
  2313   using has_integral_component_le[OF has_integral_0 assms(1)] using assms(2) by auto
  2314 
  2315 lemma integral_component_nonneg: fixes f::"real^'n \<Rightarrow> real^'m"
  2316   assumes "f integrable_on s" "\<forall>x\<in>s. 0 \<le> (f x)$k" shows "0 \<le> (integral s f)$k"
  2317   apply(rule has_integral_component_nonneg) using assms by auto
  2318 
  2319 lemma has_integral_dest_vec1_nonneg: fixes f::"real^'n \<Rightarrow> real^1"
  2320   assumes "(f has_integral i) s" "\<forall>x\<in>s. 0 \<le> f x" shows "0 \<le> i"
  2321   using has_integral_component_nonneg[OF assms(1), of 1]
  2322   using assms(2) unfolding vector_le_def by auto
  2323 
  2324 lemma integral_dest_vec1_nonneg: fixes f::"real^'n \<Rightarrow> real^1"
  2325   assumes "f integrable_on s" "\<forall>x\<in>s. 0 \<le> f x" shows "0 \<le> integral s f"
  2326   apply(rule has_integral_dest_vec1_nonneg) using assms by auto
  2327 
  2328 lemma has_integral_component_neg: fixes f::"real^'n \<Rightarrow> real^'m"
  2329   assumes "(f has_integral i) s" "\<forall>x\<in>s. (f x)$k \<le> 0" shows "i$k \<le> 0"
  2330   using has_integral_component_le[OF assms(1) has_integral_0] assms(2) by auto
  2331 
  2332 lemma has_integral_dest_vec1_neg: fixes f::"real^'n \<Rightarrow> real^1"
  2333   assumes "(f has_integral i) s" "\<forall>x\<in>s. f x \<le> 0" shows "i \<le> 0"
  2334   using has_integral_component_neg[OF assms(1),of 1] using assms(2) by auto
  2335 
  2336 lemma has_integral_component_lbound:
  2337   assumes "(f has_integral i) {a..b}"  "\<forall>x\<in>{a..b}. B \<le> f(x)$k" shows "B * content {a..b} \<le> i$k"
  2338   using has_integral_component_le[OF has_integral_const assms(1),of "(\<chi> i. B)" k] assms(2)
  2339   unfolding Cart_lambda_beta vector_scaleR_component by(auto simp add:field_simps)
  2340 
  2341 lemma has_integral_component_ubound: 
  2342   assumes "(f has_integral i) {a..b}" "\<forall>x\<in>{a..b}. f x$k \<le> B"
  2343   shows "i$k \<le> B * content({a..b})"
  2344   using has_integral_component_le[OF assms(1) has_integral_const, of k "vec B"]
  2345   unfolding vec_component Cart_nth.scaleR using assms(2) by(auto simp add:field_simps)
  2346 
  2347 lemma integral_component_lbound:
  2348   assumes "f integrable_on {a..b}" "\<forall>x\<in>{a..b}. B \<le> f(x)$k"
  2349   shows "B * content({a..b}) \<le> (integral({a..b}) f)$k"
  2350   apply(rule has_integral_component_lbound) using assms unfolding has_integral_integral by auto
  2351 
  2352 lemma integral_component_ubound:
  2353   assumes "f integrable_on {a..b}" "\<forall>x\<in>{a..b}. f(x)$k \<le> B"
  2354   shows "(integral({a..b}) f)$k \<le> B * content({a..b})"
  2355   apply(rule has_integral_component_ubound) using assms unfolding has_integral_integral by auto
  2356 
  2357 subsection {* Uniform limit of integrable functions is integrable. *}
  2358 
  2359 lemma real_arch_invD:
  2360   "0 < (e::real) \<Longrightarrow> (\<exists>n::nat. n \<noteq> 0 \<and> 0 < inverse (real n) \<and> inverse (real n) < e)"
  2361   by(subst(asm) real_arch_inv)
  2362 
  2363 lemma integrable_uniform_limit: fixes f::"real^'n \<Rightarrow> 'a::banach"
  2364   assumes "\<forall>e>0. \<exists>g. (\<forall>x\<in>{a..b}. norm(f x - g x) \<le> e) \<and> g integrable_on {a..b}"
  2365   shows "f integrable_on {a..b}"
  2366 proof- { presume *:"content {a..b} > 0 \<Longrightarrow> ?thesis"
  2367     show ?thesis apply cases apply(rule *,assumption)
  2368       unfolding content_lt_nz integrable_on_def using has_integral_null by auto }
  2369   assume as:"content {a..b} > 0"
  2370   have *:"\<And>P. \<forall>e>(0::real). P e \<Longrightarrow> \<forall>n::nat. P (inverse (real n+1))" by auto
  2371   from choice[OF *[OF assms]] guess g .. note g=conjunctD2[OF this[rule_format],rule_format]
  2372   from choice[OF allI[OF g(2)[unfolded integrable_on_def], of "\<lambda>x. x"]] guess i .. note i=this[rule_format]
  2373   
  2374   have "Cauchy i" unfolding Cauchy_def
  2375   proof(rule,rule) fix e::real assume "e>0"
  2376     hence "e / 4 / content {a..b} > 0" using as by(auto simp add:field_simps)
  2377     then guess M apply-apply(subst(asm) real_arch_inv) by(erule exE conjE)+ note M=this
  2378     show "\<exists>M. \<forall>m\<ge>M. \<forall>n\<ge>M. dist (i m) (i n) < e" apply(rule_tac x=M in exI,rule,rule,rule,rule)
  2379     proof- case goal1 have "e/4>0" using `e>0` by auto note * = i[unfolded has_integral,rule_format,OF this]
  2380       from *[of m] guess gm apply-by(erule conjE exE)+ note gm=this[rule_format]
  2381       from *[of n] guess gn apply-by(erule conjE exE)+ note gn=this[rule_format]
  2382       from fine_division_exists[OF gauge_inter[OF gm(1) gn(1)], of a b] guess p . note p=this
  2383       have lem2:"\<And>s1 s2 i1 i2. norm(s2 - s1) \<le> e/2 \<Longrightarrow> norm(s1 - i1) < e / 4 \<Longrightarrow> norm(s2 - i2) < e / 4 \<Longrightarrow>norm(i1 - i2) < e"
  2384       proof- case goal1 have "norm (i1 - i2) \<le> norm (i1 - s1) + norm (s1 - s2) + norm (s2 - i2)"
  2385           using norm_triangle_ineq[of "i1 - s1" "s1 - i2"]
  2386           using norm_triangle_ineq[of "s1 - s2" "s2 - i2"] by(auto simp add:algebra_simps)
  2387         also have "\<dots> < e" using goal1 unfolding norm_minus_commute by(auto simp add:algebra_simps)
  2388         finally show ?case .
  2389       qed
  2390       show ?case unfolding dist_norm apply(rule lem2) defer
  2391         apply(rule gm(2)[OF conjI[OF p(1)]],rule_tac[2] gn(2)[OF conjI[OF p(1)]])
  2392         using conjunctD2[OF p(2)[unfolded fine_inter]] apply- apply assumption+ apply(rule order_trans)
  2393         apply(rule rsum_diff_bound[OF p(1), where e="2 / real M"])
  2394       proof show "2 / real M * content {a..b} \<le> e / 2" unfolding divide_inverse 
  2395           using M as by(auto simp add:field_simps)
  2396         fix x assume x:"x \<in> {a..b}"
  2397         have "norm (f x - g n x) + norm (f x - g m x) \<le> inverse (real n + 1) + inverse (real m + 1)" 
  2398             using g(1)[OF x, of n] g(1)[OF x, of m] by auto
  2399         also have "\<dots> \<le> inverse (real M) + inverse (real M)" apply(rule add_mono)
  2400           apply(rule_tac[!] le_imp_inverse_le) using goal1 M by auto
  2401         also have "\<dots> = 2 / real M" unfolding divide_inverse by auto
  2402         finally show "norm (g n x - g m x) \<le> 2 / real M"
  2403           using norm_triangle_le[of "g n x - f x" "f x - g m x" "2 / real M"]
  2404           by(auto simp add:algebra_simps simp add:norm_minus_commute)
  2405       qed qed qed
  2406   from this[unfolded convergent_eq_cauchy[THEN sym]] guess s .. note s=this
  2407 
  2408   show ?thesis unfolding integrable_on_def apply(rule_tac x=s in exI) unfolding has_integral
  2409   proof(rule,rule)  
  2410     case goal1 hence *:"e/3 > 0" by auto
  2411     from s[unfolded Lim_sequentially,rule_format,OF this] guess N1 .. note N1=this
  2412     from goal1 as have "e / 3 / content {a..b} > 0" by(auto simp add:field_simps)
  2413     from real_arch_invD[OF this] guess N2 apply-by(erule exE conjE)+ note N2=this
  2414     from i[of "N1 + N2",unfolded has_integral,rule_format,OF *] guess g' .. note g'=conjunctD2[OF this,rule_format]
  2415     have lem:"\<And>sf sg i. norm(sf - sg) \<le> e / 3 \<Longrightarrow> norm(i - s) < e / 3 \<Longrightarrow> norm(sg - i) < e / 3 \<Longrightarrow> norm(sf - s) < e"
  2416     proof- case goal1 have "norm (sf - s) \<le> norm (sf - sg) + norm (sg - i) + norm (i - s)"
  2417         using norm_triangle_ineq[of "sf - sg" "sg - s"]
  2418         using norm_triangle_ineq[of "sg -  i" " i - s"] by(auto simp add:algebra_simps)
  2419       also have "\<dots> < e" using goal1 unfolding norm_minus_commute by(auto simp add:algebra_simps)
  2420       finally show ?case .
  2421     qed
  2422     show ?case apply(rule_tac x=g' in exI) apply(rule,rule g')
  2423     proof(rule,rule) fix p assume p:"p tagged_division_of {a..b} \<and> g' fine p" note * = g'(2)[OF this]
  2424       show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - s) < e" apply-apply(rule lem[OF _ _ *])
  2425         apply(rule order_trans,rule rsum_diff_bound[OF p[THEN conjunct1]]) apply(rule,rule g,assumption)
  2426       proof- have "content {a..b} < e / 3 * (real N2)"
  2427           using N2 unfolding inverse_eq_divide using as by(auto simp add:field_simps)
  2428         hence "content {a..b} < e / 3 * (real (N1 + N2) + 1)"
  2429           apply-apply(rule less_le_trans,assumption) using `e>0` by auto 
  2430         thus "inverse (real (N1 + N2) + 1) * content {a..b} \<le> e / 3"
  2431           unfolding inverse_eq_divide by(auto simp add:field_simps)
  2432         show "norm (i (N1 + N2) - s) < e / 3" by(rule N1[rule_format,unfolded dist_norm],auto)
  2433       qed qed qed qed
  2434 
  2435 subsection {* Negligible sets. *}
  2436 
  2437 definition "indicator s \<equiv> (\<lambda>x. if x \<in> s then 1 else (0::real))"
  2438 
  2439 lemma dest_vec1_indicator:
  2440  "indicator s x = (if x \<in> s then 1 else 0)" unfolding indicator_def by auto
  2441 
  2442 lemma indicator_pos_le[intro]: "0 \<le> (indicator s x)" unfolding indicator_def by auto
  2443 
  2444 lemma indicator_le_1[intro]: "(indicator s x) \<le> 1" unfolding indicator_def by auto
  2445 
  2446 lemma dest_vec1_indicator_abs_le_1: "abs(indicator s x) \<le> 1"
  2447   unfolding indicator_def by auto
  2448 
  2449 definition "negligible (s::(real^'n) set) \<equiv> (\<forall>a b. ((indicator s) has_integral 0) {a..b})"
  2450 
  2451 lemma indicator_simps[simp]:"x\<in>s \<Longrightarrow> indicator s x = 1" "x\<notin>s \<Longrightarrow> indicator s x = 0"
  2452   unfolding indicator_def by auto
  2453 
  2454 subsection {* Negligibility of hyperplane. *}
  2455 
  2456 lemma vsum_nonzero_image_lemma: 
  2457   assumes "finite s" "g(a) = 0"
  2458   "\<forall>x\<in>s. \<forall>y\<in>s. f x = f y \<and> x \<noteq> y \<longrightarrow> g(f x) = 0"
  2459   shows "setsum g {f x |x. x \<in> s \<and> f x \<noteq> a} = setsum (g o f) s"
  2460   unfolding setsum_iterate[OF assms(1)] apply(subst setsum_iterate) defer
  2461   apply(rule iterate_nonzero_image_lemma) apply(rule assms monoidal_monoid)+
  2462   unfolding assms using neutral_add unfolding neutral_add using assms by auto 
  2463 
  2464 lemma interval_doublesplit: shows "{a..b} \<inter> {x . abs(x$k - c) \<le> (e::real)} =
  2465   {(\<chi> i. if i = k then max (a$k) (c - e) else a$i) .. (\<chi> i. if i = k then min (b$k) (c + e) else b$i)}"
  2466 proof- have *:"\<And>x c e::real. abs(x - c) \<le> e \<longleftrightarrow> x \<ge> c - e \<and> x \<le> c + e" by auto
  2467   have **:"\<And>s P Q. s \<inter> {x. P x \<and> Q x} = (s \<inter> {x. Q x}) \<inter> {x. P x}" by blast
  2468   show ?thesis unfolding * ** interval_split by(rule refl) qed
  2469 
  2470 lemma division_doublesplit: assumes "p division_of {a..b::real^'n}" 
  2471   shows "{l \<inter> {x. abs(x$k - c) \<le> e} |l. l \<in> p \<and> l \<inter> {x. abs(x$k - c) \<le> e} \<noteq> {}} division_of ({a..b} \<inter> {x. abs(x$k - c) \<le> e})"
  2472 proof- have *:"\<And>x c. abs(x - c) \<le> e \<longleftrightarrow> x \<ge> c - e \<and> x \<le> c + e" by auto
  2473   have **:"\<And>p q p' q'. p division_of q \<Longrightarrow> p = p' \<Longrightarrow> q = q' \<Longrightarrow> p' division_of q'" by auto
  2474   note division_split(1)[OF assms, where c="c+e" and k=k,unfolded interval_split]
  2475   note division_split(2)[OF this, where c="c-e" and k=k] 
  2476   thus ?thesis apply(rule **) unfolding interval_doublesplit unfolding * unfolding interval_split interval_doublesplit
  2477     apply(rule set_ext) unfolding mem_Collect_eq apply rule apply(erule conjE exE)+ apply(rule_tac x=la in exI) defer
  2478     apply(erule conjE exE)+ apply(rule_tac x="l \<inter> {x. c + e \<ge> x $ k}" in exI) apply rule defer apply rule
  2479     apply(rule_tac x=l in exI) by blast+ qed
  2480 
  2481 lemma content_doublesplit: assumes "0 < e"
  2482   obtains d where "0 < d" "content({a..b} \<inter> {x. abs(x$k - c) \<le> d}) < e"
  2483 proof(cases "content {a..b} = 0")
  2484   case True show ?thesis apply(rule that[of 1]) defer unfolding interval_doublesplit
  2485     apply(rule le_less_trans[OF content_subset]) defer apply(subst True)
  2486     unfolding interval_doublesplit[THEN sym] using assms by auto 
  2487 next case False def d \<equiv> "e / 3 / setprod (\<lambda>i. b$i - a$i) (UNIV - {k})"
  2488   note False[unfolded content_eq_0 not_ex not_le, rule_format]
  2489   hence prod0:"0 < setprod (\<lambda>i. b$i - a$i) (UNIV - {k})" apply-apply(rule setprod_pos) by smt
  2490   hence "d > 0" unfolding d_def using assms by(auto simp add:field_simps) thus ?thesis
  2491   proof(rule that[of d]) have *:"UNIV = insert k (UNIV - {k})" by auto
  2492     have **:"{a..b} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d} \<noteq> {} \<Longrightarrow> 
  2493       (\<Prod>i\<in>UNIV - {k}. interval_upperbound ({a..b} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) $ i - interval_lowerbound ({a..b} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) $ i)
  2494       = (\<Prod>i\<in>UNIV - {k}. b$i - a$i)" apply(rule setprod_cong,rule refl)
  2495       unfolding interval_doublesplit interval_eq_empty not_ex not_less unfolding interval_bounds by auto
  2496     show "content ({a..b} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) < e" apply(cases) unfolding content_def apply(subst if_P,assumption,rule assms)
  2497       unfolding if_not_P apply(subst *) apply(subst setprod_insert) unfolding **
  2498       unfolding interval_doublesplit interval_eq_empty not_ex not_less unfolding interval_bounds unfolding Cart_lambda_beta if_P[OF refl]
  2499     proof- have "(min (b $ k) (c + d) - max (a $ k) (c - d)) \<le> 2 * d" by auto
  2500       also have "... < e / (\<Prod>i\<in>UNIV - {k}. b $ i - a $ i)" unfolding d_def using assms prod0 by(auto simp add:field_simps)
  2501       finally show "(min (b $ k) (c + d) - max (a $ k) (c - d)) * (\<Prod>i\<in>UNIV - {k}. b $ i - a $ i) < e"
  2502         unfolding pos_less_divide_eq[OF prod0] . qed auto qed qed
  2503 
  2504 lemma negligible_standard_hyperplane[intro]: "negligible {x. x$k = (c::real)}" 
  2505   unfolding negligible_def has_integral apply(rule,rule,rule,rule)
  2506 proof- case goal1 from content_doublesplit[OF this,of a b k c] guess d . note d=this let ?i = "indicator {x. x$k = c}"
  2507   show ?case apply(rule_tac x="\<lambda>x. ball x d" in exI) apply(rule,rule gauge_ball,rule d)
  2508   proof(rule,rule) fix p assume p:"p tagged_division_of {a..b} \<and> (\<lambda>x. ball x d) fine p"
  2509     have *:"(\<Sum>(x, ka)\<in>p. content ka *\<^sub>R ?i x) = (\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. abs(x$k - c) \<le> d}) *\<^sub>R ?i x)"
  2510       apply(rule setsum_cong2) unfolding split_paired_all real_scaleR_def mult_cancel_right split_conv
  2511       apply(cases,rule disjI1,assumption,rule disjI2)
  2512     proof- fix x l assume as:"(x,l)\<in>p" "?i x \<noteq> 0" hence xk:"x$k = c" unfolding indicator_def apply-by(rule ccontr,auto)
  2513       show "content l = content (l \<inter> {x. \<bar>x $ k - c\<bar> \<le> d})" apply(rule arg_cong[where f=content])
  2514         apply(rule set_ext,rule,rule) unfolding mem_Collect_eq
  2515       proof- fix y assume y:"y\<in>l" note p[THEN conjunct2,unfolded fine_def,rule_format,OF as(1),unfolded split_conv]
  2516         note this[unfolded subset_eq mem_ball dist_norm,rule_format,OF y] note le_less_trans[OF component_le_norm[of _ k] this]
  2517         thus "\<bar>y $ k - c\<bar> \<le> d" unfolding Cart_nth.diff xk by auto
  2518       qed auto qed
  2519     note p'= tagged_division_ofD[OF p[THEN conjunct1]] and p''=division_of_tagged_division[OF p[THEN conjunct1]]
  2520     show "norm ((\<Sum>(x, ka)\<in>p. content ka *\<^sub>R ?i x) - 0) < e" unfolding diff_0_right * unfolding real_scaleR_def real_norm_def
  2521       apply(subst abs_of_nonneg) apply(rule setsum_nonneg,rule) unfolding split_paired_all split_conv
  2522       apply(rule mult_nonneg_nonneg) apply(drule p'(4)) apply(erule exE)+ apply(rule_tac b=b in back_subst)
  2523       prefer 2 apply(subst(asm) eq_commute) apply assumption
  2524       apply(subst interval_doublesplit) apply(rule content_pos_le) apply(rule indicator_pos_le)
  2525     proof- have "(\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) * ?i x) \<le> (\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}))"
  2526         apply(rule setsum_mono) unfolding split_paired_all split_conv 
  2527         apply(rule mult_right_le_one_le) apply(drule p'(4)) by(auto simp add:interval_doublesplit intro!:content_pos_le)
  2528       also have "... < e" apply(subst setsum_over_tagged_division_lemma[OF p[THEN conjunct1]])
  2529       proof- case goal1 have "content ({u..v} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) \<le> content {u..v}"
  2530           unfolding interval_doublesplit apply(rule content_subset) unfolding interval_doublesplit[THEN sym] by auto
  2531         thus ?case unfolding goal1 unfolding interval_doublesplit using content_pos_le by smt
  2532       next have *:"setsum content {l \<inter> {x. \<bar>x $ k - c\<bar> \<le> d} |l. l \<in> snd ` p \<and> l \<inter> {x. \<bar>x $ k - c\<bar> \<le> d} \<noteq> {}} \<ge> 0"
  2533           apply(rule setsum_nonneg,rule) unfolding mem_Collect_eq image_iff apply(erule exE bexE conjE)+ unfolding split_paired_all 
  2534         proof- fix x l a b assume as:"x = l \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}" "(a, b) \<in> p" "l = snd (a, b)"
  2535           guess u v using p'(4)[OF as(2)] apply-by(erule exE)+ note * = this
  2536           show "content x \<ge> 0" unfolding as snd_conv * interval_doublesplit by(rule content_pos_le)
  2537         qed have **:"norm (1::real) \<le> 1" by auto note division_doublesplit[OF p'',unfolded interval_doublesplit]
  2538         note dsum_bound[OF this **,unfolded interval_doublesplit[THEN sym]]
  2539         note this[unfolded real_scaleR_def real_norm_def mult_1_right mult_1, of k c d] note le_less_trans[OF this d(2)]
  2540         from this[unfolded abs_of_nonneg[OF *]] show "(\<Sum>ka\<in>snd ` p. content (ka \<inter> {x. \<bar>x $ k - c\<bar> \<le> d})) < e"
  2541           apply(subst vsum_nonzero_image_lemma[of "snd ` p" content "{}", unfolded o_def,THEN sym])
  2542           apply(rule finite_imageI p' content_empty)+ unfolding forall_in_division[OF p'']
  2543         proof(rule,rule,rule,rule,rule,rule,rule,erule conjE) fix m n u v
  2544           assume as:"{m..n} \<in> snd ` p" "{u..v} \<in> snd ` p" "{m..n} \<noteq> {u..v}"  "{m..n} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d} = {u..v} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}"
  2545           have "({m..n} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) \<inter> ({u..v} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) \<subseteq> {m..n} \<inter> {u..v}" by blast
  2546           note subset_interior[OF this, unfolded division_ofD(5)[OF p'' as(1-3)] interior_inter[of "{m..n}"]]
  2547           hence "interior ({m..n} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) = {}" unfolding as Int_absorb by auto
  2548           thus "content ({m..n} \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) = 0" unfolding interval_doublesplit content_eq_0_interior[THEN sym] .
  2549         qed qed
  2550       finally show "(\<Sum>(x, ka)\<in>p. content (ka \<inter> {x. \<bar>x $ k - c\<bar> \<le> d}) * ?i x) < e" .
  2551     qed qed qed
  2552 
  2553 subsection {* A technical lemma about "refinement" of division. *}
  2554 
  2555 lemma tagged_division_finer: fixes p::"((real^'n) \<times> ((real^'n) set)) set"
  2556   assumes "p tagged_division_of {a..b}" "gauge d"
  2557   obtains q where "q tagged_division_of {a..b}" "d fine q" "\<forall>(x,k) \<in> p. k \<subseteq> d(x) \<longrightarrow> (x,k) \<in> q"
  2558 proof-
  2559   let ?P = "\<lambda>p. p tagged_partial_division_of {a..b} \<longrightarrow> gauge d \<longrightarrow>
  2560     (\<exists>q. q tagged_division_of (\<Union>{k. \<exists>x. (x,k) \<in> p}) \<and> d fine q \<and>
  2561                    (\<forall>(x,k) \<in> p. k \<subseteq> d(x) \<longrightarrow> (x,k) \<in> q))"
  2562   { have *:"finite p" "p tagged_partial_division_of {a..b}" using assms(1) unfolding tagged_division_of_def by auto
  2563     presume "\<And>p. finite p \<Longrightarrow> ?P p" from this[rule_format,OF * assms(2)] guess q .. note q=this
  2564     thus ?thesis apply-apply(rule that[of q]) unfolding tagged_division_ofD[OF assms(1)] by auto
  2565   } fix p::"((real^'n) \<times> ((real^'n) set)) set" assume as:"finite p"
  2566   show "?P p" apply(rule,rule) using as proof(induct p) 
  2567     case empty show ?case apply(rule_tac x="{}" in exI) unfolding fine_def by auto
  2568   next case (insert xk p) guess x k using surj_pair[of xk] apply- by(erule exE)+ note xk=this
  2569     note tagged_partial_division_subset[OF insert(4) subset_insertI]
  2570     from insert(3)[OF this insert(5)] guess q1 .. note q1 = conjunctD3[OF this]
  2571     have *:"\<Union>{l. \<exists>y. (y,l) \<in> insert xk p} = k \<union> \<Union>{l. \<exists>y. (y,l) \<in> p}" unfolding xk by auto
  2572     note p = tagged_partial_division_ofD[OF insert(4)]
  2573     from p(4)[unfolded xk, OF insertI1] guess u v apply-by(erule exE)+ note uv=this
  2574 
  2575     have "finite {k. \<exists>x. (x, k) \<in> p}" 
  2576       apply(rule finite_subset[of _ "snd ` p"],rule) unfolding subset_eq image_iff mem_Collect_eq
  2577       apply(erule exE,rule_tac x="(xa,x)" in bexI) using p by auto
  2578     hence int:"interior {u..v} \<inter> interior (\<Union>{k. \<exists>x. (x, k) \<in> p}) = {}"
  2579       apply(rule inter_interior_unions_intervals) apply(rule open_interior) apply(rule_tac[!] ballI)
  2580       unfolding mem_Collect_eq apply(erule_tac[!] exE) apply(drule p(4)[OF insertI2],assumption)      
  2581       apply(rule p(5))  unfolding uv xk apply(rule insertI1,rule insertI2) apply assumption
  2582       using insert(2) unfolding uv xk by auto
  2583 
  2584     show ?case proof(cases "{u..v} \<subseteq> d x")
  2585       case True thus ?thesis apply(rule_tac x="{(x,{u..v})} \<union> q1" in exI) apply rule
  2586         unfolding * uv apply(rule tagged_division_union,rule tagged_division_of_self)
  2587         apply(rule p[unfolded xk uv] insertI1)+  apply(rule q1,rule int) 
  2588         apply(rule,rule fine_union,subst fine_def) defer apply(rule q1)
  2589         unfolding Ball_def split_paired_All split_conv apply(rule,rule,rule,rule)
  2590         apply(erule insertE) defer apply(rule UnI2) apply(drule q1(3)[rule_format]) unfolding xk uv by auto
  2591     next case False from fine_division_exists[OF assms(2), of u v] guess q2 . note q2=this
  2592       show ?thesis apply(rule_tac x="q2 \<union> q1" in exI)
  2593         apply rule unfolding * uv apply(rule tagged_division_union q2 q1 int fine_union)+
  2594         unfolding Ball_def split_paired_All split_conv apply rule apply(rule fine_union)
  2595         apply(rule q1 q2)+ apply(rule,rule,rule,rule) apply(erule insertE)
  2596         apply(rule UnI2) defer apply(drule q1(3)[rule_format])using False unfolding xk uv by auto
  2597     qed qed qed
  2598 
  2599 subsection {* Hence the main theorem about negligible sets. *}
  2600 
  2601 lemma finite_product_dependent: assumes "finite s" "\<And>x. x\<in>s\<Longrightarrow> finite (t x)"
  2602   shows "finite {(i, j) |i j. i \<in> s \<and> j \<in> t i}" using assms
  2603 proof(induct) case (insert x s) 
  2604   have *:"{(i, j) |i j. i \<in> insert x s \<and> j \<in> t i} = (\<lambda>y. (x,y)) ` (t x) \<union> {(i, j) |i j. i \<in> s \<and> j \<in> t i}" by auto
  2605   show ?case unfolding * apply(rule finite_UnI) using insert by auto qed auto
  2606 
  2607 lemma sum_sum_product: assumes "finite s" "\<forall>i\<in>s. finite (t i)"
  2608   shows "setsum (\<lambda>i. setsum (x i) (t i)::real) s = setsum (\<lambda>(i,j). x i j) {(i,j) | i j. i \<in> s \<and> j \<in> t i}" using assms
  2609 proof(induct) case (insert a s)
  2610   have *:"{(i, j) |i j. i \<in> insert a s \<and> j \<in> t i} = (\<lambda>y. (a,y)) ` (t a) \<union> {(i, j) |i j. i \<in> s \<and> j \<in> t i}" by auto
  2611   show ?case unfolding * apply(subst setsum_Un_disjoint) unfolding setsum_insert[OF insert(1-2)]
  2612     prefer 4 apply(subst insert(3)) unfolding add_right_cancel
  2613   proof- show "setsum (x a) (t a) = (\<Sum>(xa, y)\<in>Pair a ` t a. x xa y)" apply(subst setsum_reindex) unfolding inj_on_def by auto
  2614     show "finite {(i, j) |i j. i \<in> s \<and> j \<in> t i}" apply(rule finite_product_dependent) using insert by auto
  2615   qed(insert insert, auto) qed auto
  2616 
  2617 lemma has_integral_negligible: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  2618   assumes "negligible s" "\<forall>x\<in>(t - s). f x = 0"
  2619   shows "(f has_integral 0) t"
  2620 proof- presume P:"\<And>f::real^'n \<Rightarrow> 'a. \<And>a b. (\<forall>x. ~(x \<in> s) \<longrightarrow> f x = 0) \<Longrightarrow> (f has_integral 0) ({a..b})"
  2621   let ?f = "(\<lambda>x. if x \<in> t then f x else 0)"
  2622   show ?thesis apply(rule_tac f="?f" in has_integral_eq) apply(rule) unfolding if_P apply(rule refl)
  2623     apply(subst has_integral_alt) apply(cases,subst if_P,assumption) unfolding if_not_P
  2624   proof- assume "\<exists>a b. t = {a..b}" then guess a b apply-by(erule exE)+ note t = this
  2625     show "(?f has_integral 0) t" unfolding t apply(rule P) using assms(2) unfolding t by auto
  2626   next show "\<forall>e>0. \<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b} \<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> t then ?f x else 0) has_integral z) {a..b} \<and> norm (z - 0) < e)"
  2627       apply(safe,rule_tac x=1 in exI,rule) apply(rule zero_less_one,safe) apply(rule_tac x=0 in exI)
  2628       apply(rule,rule P) using assms(2) by auto
  2629   qed
  2630 next fix f::"real^'n \<Rightarrow> 'a" and a b::"real^'n" assume assm:"\<forall>x. x \<notin> s \<longrightarrow> f x = 0" 
  2631   show "(f has_integral 0) {a..b}" unfolding has_integral
  2632   proof(safe) case goal1
  2633     hence "\<And>n. e / 2 / ((real n+1) * (2 ^ n)) > 0" 
  2634       apply-apply(rule divide_pos_pos) defer apply(rule mult_pos_pos) by(auto simp add:field_simps)
  2635     note assms(1)[unfolded negligible_def has_integral,rule_format,OF this,of a b] note allI[OF this,of "\<lambda>x. x"] 
  2636     from choice[OF this] guess d .. note d=conjunctD2[OF this[rule_format]]
  2637     show ?case apply(rule_tac x="\<lambda>x. d (nat \<lfloor>norm (f x)\<rfloor>) x" in exI) 
  2638     proof safe show "gauge (\<lambda>x. d (nat \<lfloor>norm (f x)\<rfloor>) x)" using d(1) unfolding gauge_def by auto
  2639       fix p assume as:"p tagged_division_of {a..b}" "(\<lambda>x. d (nat \<lfloor>norm (f x)\<rfloor>) x) fine p" 
  2640       let ?goal = "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - 0) < e"
  2641       { presume "p\<noteq>{} \<Longrightarrow> ?goal" thus ?goal apply(cases "p={}") using goal1 by auto  }
  2642       assume as':"p \<noteq> {}" from real_arch_simple[of "Sup((\<lambda>(x,k). norm(f x)) ` p)"] guess N ..
  2643       hence N:"\<forall>x\<in>(\<lambda>(x, k). norm (f x)) ` p. x \<le> real N" apply(subst(asm) Sup_finite_le_iff) using as as' by auto
  2644       have "\<forall>i. \<exists>q. q tagged_division_of {a..b} \<and> (d i) fine q \<and> (\<forall>(x, k)\<in>p. k \<subseteq> (d i) x \<longrightarrow> (x, k) \<in> q)"
  2645         apply(rule,rule tagged_division_finer[OF as(1) d(1)]) by auto
  2646       from choice[OF this] guess q .. note q=conjunctD3[OF this[rule_format]]
  2647       have *:"\<And>i. (\<Sum>(x, k)\<in>q i. content k *\<^sub>R indicator s x) \<ge> 0" apply(rule setsum_nonneg,safe) 
  2648         unfolding real_scaleR_def apply(rule mult_nonneg_nonneg) apply(drule tagged_division_ofD(4)[OF q(1)]) by auto
  2649       have **:"\<And>f g s t. finite s \<Longrightarrow> finite t \<Longrightarrow> (\<forall>(x,y) \<in> t. (0::real) \<le> g(x,y)) \<Longrightarrow> (\<forall>y\<in>s. \<exists>x. (x,y) \<in> t \<and> f(y) \<le> g(x,y)) \<Longrightarrow> setsum f s \<le> setsum g t"
  2650       proof- case goal1 thus ?case apply-apply(rule setsum_le_included[of s t g snd f]) prefer 4
  2651           apply safe apply(erule_tac x=x in ballE) apply(erule exE) apply(rule_tac x="(xa,x)" in bexI) by auto qed
  2652       have "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - 0) \<le> setsum (\<lambda>i. (real i + 1) *
  2653                      norm(setsum (\<lambda>(x,k). content k *\<^sub>R indicator s x) (q i))) {0..N+1}"
  2654         unfolding real_norm_def setsum_right_distrib abs_of_nonneg[OF *] diff_0_right
  2655         apply(rule order_trans,rule setsum_norm) defer apply(subst sum_sum_product) prefer 3 
  2656       proof(rule **,safe) show "finite {(i, j) |i j. i \<in> {0..N + 1} \<and> j \<in> q i}" apply(rule finite_product_dependent) using q by auto
  2657         fix i a b assume as'':"(a,b) \<in> q i" show "0 \<le> (real i + 1) * (content b *\<^sub>R indicator s a)"
  2658           unfolding real_scaleR_def apply(rule mult_nonneg_nonneg) defer apply(rule mult_nonneg_nonneg)
  2659           using tagged_division_ofD(4)[OF q(1) as''] by auto
  2660       next fix i::nat show "finite (q i)" using q by auto
  2661       next fix x k assume xk:"(x,k) \<in> p" def n \<equiv> "nat \<lfloor>norm (f x)\<rfloor>"
  2662         have *:"norm (f x) \<in> (\<lambda>(x, k). norm (f x)) ` p" using xk by auto
  2663         have nfx:"real n \<le> norm(f x)" "norm(f x) \<le> real n + 1" unfolding n_def by auto
  2664         hence "n \<in> {0..N + 1}" using N[rule_format,OF *] by auto
  2665         moreover  note as(2)[unfolded fine_def,rule_format,OF xk,unfolded split_conv]
  2666         note q(3)[rule_format,OF xk,unfolded split_conv,rule_format,OF this] note this[unfolded n_def[symmetric]]
  2667         moreover have "norm (content k *\<^sub>R f x) \<le> (real n + 1) * (content k * indicator s x)"
  2668         proof(cases "x\<in>s") case False thus ?thesis using assm by auto
  2669         next case True have *:"content k \<ge> 0" using tagged_division_ofD(4)[OF as(1) xk] by auto
  2670           moreover have "content k * norm (f x) \<le> content k * (real n + 1)" apply(rule mult_mono) using nfx * by auto
  2671           ultimately show ?thesis unfolding abs_mult using nfx True by(auto simp add:field_simps)
  2672         qed ultimately show "\<exists>y. (y, x, k) \<in> {(i, j) |i j. i \<in> {0..N + 1} \<and> j \<in> q i} \<and> norm (content k *\<^sub>R f x) \<le> (real y + 1) * (content k *\<^sub>R indicator s x)"
  2673           apply(rule_tac x=n in exI,safe) apply(rule_tac x=n in exI,rule_tac x="(x,k)" in exI,safe) by auto
  2674       qed(insert as, auto)
  2675       also have "... \<le> setsum (\<lambda>i. e / 2 / 2 ^ i) {0..N+1}" apply(rule setsum_mono) 
  2676       proof- case goal1 thus ?case apply(subst mult_commute, subst pos_le_divide_eq[THEN sym])
  2677           using d(2)[rule_format,of "q i" i] using q[rule_format] by(auto simp add:field_simps)
  2678       qed also have "... < e * inverse 2 * 2" unfolding divide_inverse setsum_right_distrib[THEN sym]
  2679         apply(rule mult_strict_left_mono) unfolding power_inverse atLeastLessThanSuc_atLeastAtMost[THEN sym]
  2680         apply(subst sumr_geometric) using goal1 by auto
  2681       finally show "?goal" by auto qed qed qed
  2682 
  2683 lemma has_integral_spike: fixes f::"real^'n \<Rightarrow> 'a::real_normed_vector"
  2684   assumes "negligible s" "(\<forall>x\<in>(t - s). g x = f x)" "(f has_integral y) t"
  2685   shows "(g has_integral y) t"
  2686 proof- { fix a b::"real^'n" and f g ::"real^'n \<Rightarrow> 'a" and y::'a
  2687     assume as:"\<forall>x \<in> {a..b} - s. g x = f x" "(f has_integral y) {a..b}"
  2688     have "((\<lambda>x. f x + (g x - f x)) has_integral (y + 0)) {a..b}" apply(rule has_integral_add[OF as(2)])
  2689       apply(rule has_integral_negligible[OF assms(1)]) using as by auto
  2690     hence "(g has_integral y) {a..b}" by auto } note * = this
  2691   show ?thesis apply(subst has_integral_alt) using assms(2-) apply-apply(rule cond_cases,safe)
  2692     apply(rule *, assumption+) apply(subst(asm) has_integral_alt) unfolding if_not_P
  2693     apply(erule_tac x=e in allE,safe,rule_tac x=B in exI,safe) apply(erule_tac x=a in allE,erule_tac x=b in allE,safe)
  2694     apply(rule_tac x=z in exI,safe) apply(rule *[where fa2="\<lambda>x. if x\<in>t then f x else 0"]) by auto qed
  2695 
  2696 lemma has_integral_spike_eq:
  2697   assumes "negligible s" "\<forall>x\<in>(t - s). g x = f x"
  2698   shows "((f has_integral y) t \<longleftrightarrow> (g has_integral y) t)"
  2699   apply rule apply(rule_tac[!] has_integral_spike[OF assms(1)]) using assms(2) by auto
  2700 
  2701 lemma integrable_spike: assumes "negligible s" "\<forall>x\<in>(t - s). g x = f x" "f integrable_on t"
  2702   shows "g integrable_on  t"
  2703   using assms unfolding integrable_on_def apply-apply(erule exE)
  2704   apply(rule,rule has_integral_spike) by fastsimp+
  2705 
  2706 lemma integral_spike: assumes "negligible s" "\<forall>x\<in>(t - s). g x = f x"
  2707   shows "integral t f = integral t g"
  2708   unfolding integral_def using has_integral_spike_eq[OF assms] by auto
  2709 
  2710 subsection {* Some other trivialities about negligible sets. *}
  2711 
  2712 lemma negligible_subset[intro]: assumes "negligible s" "t \<subseteq> s" shows "negligible t" unfolding negligible_def 
  2713 proof(safe) case goal1 show ?case using assms(1)[unfolded negligible_def,rule_format,of a b]
  2714     apply-apply(rule has_integral_spike[OF assms(1)]) defer apply assumption
  2715     using assms(2) unfolding indicator_def by auto qed
  2716 
  2717 lemma negligible_diff[intro?]: assumes "negligible s" shows "negligible(s - t)" using assms by auto
  2718 
  2719 lemma negligible_inter: assumes "negligible s \<or> negligible t" shows "negligible(s \<inter> t)" using assms by auto
  2720 
  2721 lemma negligible_union: assumes "negligible s" "negligible t" shows "negligible (s \<union> t)" unfolding negligible_def 
  2722 proof safe case goal1 note assm = assms[unfolded negligible_def,rule_format,of a b]
  2723   thus ?case apply(subst has_integral_spike_eq[OF assms(2)])
  2724     defer apply assumption unfolding indicator_def by auto qed
  2725 
  2726 lemma negligible_union_eq[simp]: "negligible (s \<union> t) \<longleftrightarrow> (negligible s \<and> negligible t)"
  2727   using negligible_union by auto
  2728 
  2729 lemma negligible_sing[intro]: "negligible {a::real^'n}" 
  2730 proof- guess x using UNIV_witness[where 'a='n] ..
  2731   show ?thesis using negligible_standard_hyperplane[of x "a$x"] by auto qed
  2732 
  2733 lemma negligible_insert[simp]: "negligible(insert a s) \<longleftrightarrow> negligible s"
  2734   apply(subst insert_is_Un) unfolding negligible_union_eq by auto
  2735 
  2736 lemma negligible_empty[intro]: "negligible {}" by auto
  2737 
  2738 lemma negligible_finite[intro]: assumes "finite s" shows "negligible s"
  2739   using assms apply(induct s) by auto
  2740 
  2741 lemma negligible_unions[intro]: assumes "finite s" "\<forall>t\<in>s. negligible t" shows "negligible(\<Union>s)"
  2742   using assms by(induct,auto) 
  2743 
  2744 lemma negligible:  "negligible s \<longleftrightarrow> (\<forall>t::(real^'n) set. (indicator s has_integral 0) t)"
  2745   apply safe defer apply(subst negligible_def)
  2746 proof- fix t::"(real^'n) set" assume as:"negligible s"
  2747   have *:"(\<lambda>x. if x \<in> s \<inter> t then 1 else 0) = (\<lambda>x. if x\<in>t then if x\<in>s then 1 else 0 else 0)" by(rule ext,auto)  
  2748   show "(indicator s has_integral 0) t" apply(subst has_integral_alt)
  2749     apply(cases,subst if_P,assumption) unfolding if_not_P apply(safe,rule as[unfolded negligible_def,rule_format])
  2750     apply(rule_tac x=1 in exI) apply(safe,rule zero_less_one) apply(rule_tac x=0 in exI)
  2751     using negligible_subset[OF as,of "s \<inter> t"] unfolding negligible_def indicator_def unfolding * by auto qed auto
  2752 
  2753 subsection {* Finite case of the spike theorem is quite commonly needed. *}
  2754 
  2755 lemma has_integral_spike_finite: assumes "finite s" "\<forall>x\<in>t-s. g x = f x" 
  2756   "(f has_integral y) t" shows "(g has_integral y) t"
  2757   apply(rule has_integral_spike) using assms by auto
  2758 
  2759 lemma has_integral_spike_finite_eq: assumes "finite s" "\<forall>x\<in>t-s. g x = f x"
  2760   shows "((f has_integral y) t \<longleftrightarrow> (g has_integral y) t)"
  2761   apply rule apply(rule_tac[!] has_integral_spike_finite) using assms by auto
  2762 
  2763 lemma integrable_spike_finite:
  2764   assumes "finite s" "\<forall>x\<in>t-s. g x = f x" "f integrable_on t" shows "g integrable_on  t"
  2765   using assms unfolding integrable_on_def apply safe apply(rule_tac x=y in exI)
  2766   apply(rule has_integral_spike_finite) by auto
  2767 
  2768 subsection {* In particular, the boundary of an interval is negligible. *}
  2769 
  2770 lemma negligible_frontier_interval: "negligible({a..b} - {a<..<b})"
  2771 proof- let ?A = "\<Union>((\<lambda>k. {x. x$k = a$k} \<union> {x. x$k = b$k}) ` UNIV)"
  2772   have "{a..b} - {a<..<b} \<subseteq> ?A" apply rule unfolding Diff_iff mem_interval not_all
  2773     apply(erule conjE exE)+ apply(rule_tac X="{x. x $ xa = a $ xa} \<union> {x. x $ xa = b $ xa}" in UnionI)
  2774     apply(erule_tac[!] x=xa in allE) by auto
  2775   thus ?thesis apply-apply(rule negligible_subset[of ?A]) apply(rule negligible_unions[OF finite_imageI]) by auto qed
  2776 
  2777 lemma has_integral_spike_interior:
  2778   assumes "\<forall>x\<in>{a<..<b}. g x = f x" "(f has_integral y) ({a..b})" shows "(g has_integral y) ({a..b})"
  2779   apply(rule has_integral_spike[OF negligible_frontier_interval _ assms(2)]) using assms(1) by auto
  2780 
  2781 lemma has_integral_spike_interior_eq:
  2782   assumes "\<forall>x\<in>{a<..<b}. g x = f x" shows "((f has_integral y) ({a..b}) \<longleftrightarrow> (g has_integral y) ({a..b}))"
  2783   apply rule apply(rule_tac[!] has_integral_spike_interior) using assms by auto
  2784 
  2785 lemma integrable_spike_interior: assumes "\<forall>x\<in>{a<..<b}. g x = f x" "f integrable_on {a..b}" shows "g integrable_on {a..b}"
  2786   using  assms unfolding integrable_on_def using has_integral_spike_interior[OF assms(1)] by auto
  2787 
  2788 subsection {* Integrability of continuous functions. *}
  2789 
  2790 lemma neutral_and[simp]: "neutral op \<and> = True"
  2791   unfolding neutral_def apply(rule some_equality) by auto
  2792 
  2793 lemma monoidal_and[intro]: "monoidal op \<and>" unfolding monoidal_def by auto
  2794 
  2795 lemma iterate_and[simp]: assumes "finite s" shows "(iterate op \<and>) s p \<longleftrightarrow> (\<forall>x\<in>s. p x)" using assms
  2796 apply induct unfolding iterate_insert[OF monoidal_and] by auto
  2797 
  2798 lemma operative_division_and: assumes "operative op \<and> P" "d division_of {a..b}"
  2799   shows "(\<forall>i\<in>d. P i) \<longleftrightarrow> P {a..b}"
  2800   using operative_division[OF monoidal_and assms] division_of_finite[OF assms(2)] by auto
  2801 
  2802 lemma operative_approximable: assumes "0 \<le> e" fixes f::"real^'n \<Rightarrow> 'a::banach"
  2803   shows "operative op \<and> (\<lambda>i. \<exists>g. (\<forall>x\<in>i. norm (f x - g (x::real^'n)) \<le> e) \<and> g integrable_on i)" unfolding operative_def neutral_and
  2804 proof safe fix a b::"real^'n" { assume "content {a..b} = 0"
  2805     thus "\<exists>g. (\<forall>x\<in>{a..b}. norm (f x - g x) \<le> e) \<and> g integrable_on {a..b}" 
  2806       apply(rule_tac x=f in exI) using assms by(auto intro!:integrable_on_null) }
  2807   { fix c k g assume as:"\<forall>x\<in>{a..b}. norm (f x - g x) \<le> e" "g integrable_on {a..b}"
  2808     show "\<exists>g. (\<forall>x\<in>{a..b} \<inter> {x. x $ k \<le> c}. norm (f x - g x) \<le> e) \<and> g integrable_on {a..b} \<inter> {x. x $ k \<le> c}"
  2809       "\<exists>g. (\<forall>x\<in>{a..b} \<inter> {x. c \<le> x $ k}. norm (f x - g x) \<le> e) \<and> g integrable_on {a..b} \<inter> {x. c \<le> x $ k}"
  2810       apply(rule_tac[!] x=g in exI) using as(1) integrable_split[OF as(2)] by auto }
  2811   fix c k g1 g2 assume as:"\<forall>x\<in>{a..b} \<inter> {x. x $ k \<le> c}. norm (f x - g1 x) \<le> e" "g1 integrable_on {a..b} \<inter> {x. x $ k \<le> c}"
  2812                           "\<forall>x\<in>{a..b} \<inter> {x. c \<le> x $ k}. norm (f x - g2 x) \<le> e" "g2 integrable_on {a..b} \<inter> {x. c \<le> x $ k}"
  2813   let ?g = "\<lambda>x. if x$k = c then f x else if x$k \<le> c then g1 x else g2 x"
  2814   show "\<exists>g. (\<forall>x\<in>{a..b}. norm (f x - g x) \<le> e) \<and> g integrable_on {a..b}" apply(rule_tac x="?g" in exI)
  2815   proof safe case goal1 thus ?case apply- apply(cases "x$k=c", case_tac "x$k < c") using as assms by auto
  2816   next case goal2 presume "?g integrable_on {a..b} \<inter> {x. x $ k \<le> c}" "?g integrable_on {a..b} \<inter> {x. x $ k \<ge> c}"
  2817     then guess h1 h2 unfolding integrable_on_def by auto from has_integral_split[OF this]
  2818     show ?case unfolding integrable_on_def by auto
  2819   next show "?g integrable_on {a..b} \<inter> {x. x $ k \<le> c}" "?g integrable_on {a..b} \<inter> {x. x $ k \<ge> c}"
  2820       apply(rule_tac[!] integrable_spike[OF negligible_standard_hyperplane[of k c]]) using as(2,4) by auto qed qed
  2821 
  2822 lemma approximable_on_division: fixes f::"real^'n \<Rightarrow> 'a::banach"
  2823   assumes "0 \<le> e" "d division_of {a..b}" "\<forall>i\<in>d. \<exists>g. (\<forall>x\<in>i. norm (f x - g x) \<le> e) \<and> g integrable_on i"
  2824   obtains g where "\<forall>x\<in>{a..b}. norm (f x - g x) \<le> e" "g integrable_on {a..b}"
  2825 proof- note * = operative_division[OF monoidal_and operative_approximable[OF assms(1)] assms(2)]
  2826   note this[unfolded iterate_and[OF division_of_finite[OF assms(2)]]] from assms(3)[unfolded this[of f]]
  2827   guess g .. thus thesis apply-apply(rule that[of g]) by auto qed
  2828 
  2829 lemma integrable_continuous: fixes f::"real^'n \<Rightarrow> 'a::banach"
  2830   assumes "continuous_on {a..b} f" shows "f integrable_on {a..b}"
  2831 proof(rule integrable_uniform_limit,safe) fix e::real assume e:"0 < e"
  2832   from compact_uniformly_continuous[OF assms compact_interval,unfolded uniformly_continuous_on_def,rule_format,OF e] guess d ..
  2833   note d=conjunctD2[OF this,rule_format]
  2834   from fine_division_exists[OF gauge_ball[OF d(1)], of a b] guess p . note p=this
  2835   note p' = tagged_division_ofD[OF p(1)]
  2836   have *:"\<forall>i\<in>snd ` p. \<exists>g. (\<forall>x\<in>i. norm (f x - g x) \<le> e) \<and> g integrable_on i"
  2837   proof(safe,unfold snd_conv) fix x l assume as:"(x,l) \<in> p" 
  2838     from p'(4)[OF this] guess a b apply-by(erule exE)+ note l=this
  2839     show "\<exists>g. (\<forall>x\<in>l. norm (f x - g x) \<le> e) \<and> g integrable_on l" apply(rule_tac x="\<lambda>y. f x" in exI)
  2840     proof safe show "(\<lambda>y. f x) integrable_on l" unfolding integrable_on_def l by(rule,rule has_integral_const)
  2841       fix y assume y:"y\<in>l" note fineD[OF p(2) as,unfolded subset_eq,rule_format,OF this]
  2842       note d(2)[OF _ _ this[unfolded mem_ball]]
  2843       thus "norm (f y - f x) \<le> e" using y p'(2-3)[OF as] unfolding dist_norm l norm_minus_commute by fastsimp qed qed
  2844   from e have "0 \<le> e" by auto from approximable_on_division[OF this division_of_tagged_division[OF p(1)] *] guess g .
  2845   thus "\<exists>g. (\<forall>x\<in>{a..b}. norm (f x - g x) \<le> e) \<and> g integrable_on {a..b}" by auto qed 
  2846 
  2847 subsection {* Specialization of additivity to one dimension. *}
  2848 
  2849 lemma operative_1_lt: assumes "monoidal opp"
  2850   shows "operative opp f \<longleftrightarrow> ((\<forall>a b. b \<le> a \<longrightarrow> f {a..b::real^1} = neutral opp) \<and>
  2851                 (\<forall>a b c. a < c \<and> c < b \<longrightarrow> opp (f{a..c})(f{c..b}) = f {a..b}))"
  2852   unfolding operative_def content_eq_0_1 forall_1 vector_le_def vector_less_def
  2853 proof safe fix a b c::"real^1" assume as:"\<forall>a b c. f {a..b} = opp (f ({a..b} \<inter> {x. x $ 1 \<le> c})) (f ({a..b} \<inter> {x. c \<le> x $ 1}))" "a $ 1 < c $ 1" "c $ 1 < b $ 1"
  2854     from this(2-) have "{a..b} \<inter> {x. x $ 1 \<le> c $ 1} = {a..c}" "{a..b} \<inter> {x. x $ 1 \<ge> c $ 1} = {c..b}" by auto
  2855     thus "opp (f {a..c}) (f {c..b}) = f {a..b}" unfolding as(1)[rule_format,of a b "c$1"] by auto
  2856 next fix a b::"real^1" and c::real
  2857   assume as:"\<forall>a b. b $ 1 \<le> a $ 1 \<longrightarrow> f {a..b} = neutral opp" "\<forall>a b c. a $ 1 < c $ 1 \<and> c $ 1 < b $ 1 \<longrightarrow> opp (f {a..c}) (f {c..b}) = f {a..b}"
  2858   show "f {a..b} = opp (f ({a..b} \<inter> {x. x $ 1 \<le> c})) (f ({a..b} \<inter> {x. c \<le> x $ 1}))"
  2859   proof(cases "c \<in> {a$1 .. b$1}")
  2860     case False hence "c<a$1 \<or> c>b$1" by auto
  2861     thus ?thesis apply-apply(erule disjE)
  2862     proof- assume "c<a$1" hence *:"{a..b} \<inter> {x. x $ 1 \<le> c} = {1..0}"  "{a..b} \<inter> {x. c \<le> x $ 1} = {a..b}" by auto
  2863       show ?thesis unfolding * apply(subst as(1)[rule_format,of 0 1]) using assms by auto
  2864     next   assume "b$1<c" hence *:"{a..b} \<inter> {x. x $ 1 \<le> c} = {a..b}"  "{a..b} \<inter> {x. c \<le> x $ 1} = {1..0}" by auto
  2865       show ?thesis unfolding * apply(subst as(1)[rule_format,of 0 1]) using assms by auto
  2866     qed
  2867   next case True hence *:"min (b $ 1) c = c" "max (a $ 1) c = c" by auto
  2868     show ?thesis unfolding interval_split num1_eq_iff if_True * vec_def[THEN sym]
  2869     proof(cases "c = a$1 \<or> c = b$1")
  2870       case False thus "f {a..b} = opp (f {a..vec1 c}) (f {vec1 c..b})"
  2871         apply-apply(subst as(2)[rule_format]) using True by auto
  2872     next case True thus "f {a..b} = opp (f {a..vec1 c}) (f {vec1 c..b})" apply-
  2873       proof(erule disjE) assume "c=a$1" hence *:"a = vec1 c" unfolding Cart_eq by auto 
  2874         hence "f {a..vec1 c} = neutral opp" apply-apply(rule as(1)[rule_format]) by auto
  2875         thus ?thesis using assms unfolding * by auto
  2876       next assume "c=b$1" hence *:"b = vec1 c" unfolding Cart_eq by auto 
  2877         hence "f {vec1 c..b} = neutral opp" apply-apply(rule as(1)[rule_format]) by auto
  2878         thus ?thesis using assms unfolding * by auto qed qed qed qed
  2879 
  2880 lemma operative_1_le: assumes "monoidal opp"
  2881   shows "operative opp f \<longleftrightarrow> ((\<forall>a b. b \<le> a \<longrightarrow> f {a..b::real^1} = neutral opp) \<and>
  2882                 (\<forall>a b c. a \<le> c \<and> c \<le> b \<longrightarrow> opp (f{a..c})(f{c..b}) = f {a..b}))"
  2883 unfolding operative_1_lt[OF assms]
  2884 proof safe fix a b c::"real^1" assume as:"\<forall>a b c. a \<le> c \<and> c \<le> b \<longrightarrow> opp (f {a..c}) (f {c..b}) = f {a..b}" "a < c" "c < b"
  2885   show "opp (f {a..c}) (f {c..b}) = f {a..b}" apply(rule as(1)[rule_format]) using as(2-) unfolding vector_le_def vector_less_def by auto
  2886 next fix a b c ::"real^1"
  2887   assume "\<forall>a b. b \<le> a \<longrightarrow> f {a..b} = neutral opp" "\<forall>a b c. a < c \<and> c < b \<longrightarrow> opp (f {a..c}) (f {c..b}) = f {a..b}" "a \<le> c" "c \<le> b"
  2888   note as = this[rule_format]
  2889   show "opp (f {a..c}) (f {c..b}) = f {a..b}"
  2890   proof(cases "c = a \<or> c = b")
  2891     case False thus ?thesis apply-apply(subst as(2)) using as(3-) unfolding vector_le_def vector_less_def Cart_eq by(auto simp del:dest_vec1_eq)
  2892     next case True thus ?thesis apply-
  2893       proof(erule disjE) assume *:"c=a" hence "f {a..c} = neutral opp" apply-apply(rule as(1)[rule_format]) by auto
  2894         thus ?thesis using assms unfolding * by auto
  2895       next               assume *:"c=b" hence "f {c..b} = neutral opp" apply-apply(rule as(1)[rule_format]) by auto
  2896         thus ?thesis using assms unfolding * by auto qed qed qed 
  2897 
  2898 subsection {* Special case of additivity we need for the FCT. *}
  2899 
  2900 lemma interval_bound_sing[simp]: "interval_upperbound {a} = a"  "interval_lowerbound {a} = a"
  2901   unfolding interval_upperbound_def interval_lowerbound_def unfolding Cart_eq by auto
  2902 
  2903 lemma additive_tagged_division_1: fixes f::"real^1 \<Rightarrow> 'a::real_normed_vector"
  2904   assumes "dest_vec1 a \<le> dest_vec1 b" "p tagged_division_of {a..b}"
  2905   shows "setsum (\<lambda>(x,k). f(interval_upperbound k) - f(interval_lowerbound k)) p = f b - f a"
  2906 proof- let ?f = "(\<lambda>k::(real^1) set. if k = {} then 0 else f(interval_upperbound k) - f(interval_lowerbound k))"
  2907   have *:"operative op + ?f" unfolding operative_1_lt[OF monoidal_monoid] interval_eq_empty_1
  2908     by(auto simp add:not_less vector_less_def)
  2909   have **:"{a..b} \<noteq> {}" using assms(1) by auto note operative_tagged_division[OF monoidal_monoid * assms(2)]
  2910   note * = this[unfolded if_not_P[OF **] interval_bound_1[OF assms(1)],THEN sym ]
  2911   show ?thesis unfolding * apply(subst setsum_iterate[THEN sym]) defer
  2912     apply(rule setsum_cong2) unfolding split_paired_all split_conv using assms(2) by auto qed
  2913 
  2914 subsection {* A useful lemma allowing us to factor out the content size. *}
  2915 
  2916 lemma has_integral_factor_content:
  2917   "(f has_integral i) {a..b} \<longleftrightarrow> (\<forall>e>0. \<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p
  2918     \<longrightarrow> norm (setsum (\<lambda>(x,k). content k *\<^sub>R f x) p - i) \<le> e * content {a..b}))"
  2919 proof(cases "content {a..b} = 0")
  2920   case True show ?thesis unfolding has_integral_null_eq[OF True] apply safe
  2921     apply(rule,rule,rule gauge_trivial,safe) unfolding setsum_content_null[OF True] True defer 
  2922     apply(erule_tac x=1 in allE,safe) defer apply(rule fine_division_exists[of _ a b],assumption)
  2923     apply(erule_tac x=p in allE) unfolding setsum_content_null[OF True] by auto
  2924 next case False note F = this[unfolded content_lt_nz[THEN sym]]
  2925   let ?P = "\<lambda>e opp. \<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> opp (norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - i)) e)"
  2926   show ?thesis apply(subst has_integral)
  2927   proof safe fix e::real assume e:"e>0"
  2928     { assume "\<forall>e>0. ?P e op <" thus "?P (e * content {a..b}) op \<le>" apply(erule_tac x="e * content {a..b}" in allE)
  2929         apply(erule impE) defer apply(erule exE,rule_tac x=d in exI)
  2930         using F e by(auto simp add:field_simps intro:mult_pos_pos) }
  2931     {  assume "\<forall>e>0. ?P (e * content {a..b}) op \<le>" thus "?P e op <" apply(erule_tac x="e / 2 / content {a..b}" in allE)
  2932         apply(erule impE) defer apply(erule exE,rule_tac x=d in exI)
  2933         using F e by(auto simp add:field_simps intro:mult_pos_pos) } qed qed
  2934 
  2935 subsection {* Fundamental theorem of calculus. *}
  2936 
  2937 lemma fundamental_theorem_of_calculus: fixes f::"real^1 \<Rightarrow> 'a::banach"
  2938   assumes "a \<le> b"  "\<forall>x\<in>{a..b}. ((f o vec1) has_vector_derivative f'(vec1 x)) (at x within {a..b})"
  2939   shows "(f' has_integral (f(vec1 b) - f(vec1 a))) ({vec1 a..vec1 b})"
  2940 unfolding has_integral_factor_content
  2941 proof safe fix e::real assume e:"e>0" have ab:"dest_vec1 (vec1 a) \<le> dest_vec1 (vec1 b)" using assms(1) by auto
  2942   note assm = assms(2)[unfolded has_vector_derivative_def has_derivative_within_alt]
  2943   have *:"\<And>P Q. \<forall>x\<in>{a..b}. P x \<and> (\<forall>e>0. \<exists>d>0. Q x e d) \<Longrightarrow> \<forall>x. \<exists>(d::real)>0. x\<in>{a..b} \<longrightarrow> Q x e d" using e by blast
  2944   note this[OF assm,unfolded gauge_existence_lemma] from choice[OF this,unfolded Ball_def[symmetric]]
  2945   guess d .. note d=conjunctD2[OF this[rule_format],rule_format]
  2946   show "\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {vec1 a..vec1 b} \<and> d fine p \<longrightarrow>
  2947                  norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f' x) - (f (vec1 b) - f (vec1 a))) \<le> e * content {vec1 a..vec1 b})"
  2948     apply(rule_tac x="\<lambda>x. ball x (d (dest_vec1 x))" in exI,safe)
  2949     apply(rule gauge_ball_dependent,rule,rule d(1))
  2950   proof- fix p assume as:"p tagged_division_of {vec1 a..vec1 b}" "(\<lambda>x. ball x (d (dest_vec1 x))) fine p"
  2951     show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f' x) - (f (vec1 b) - f (vec1 a))) \<le> e * content {vec1 a..vec1 b}" 
  2952       unfolding content_1[OF ab] additive_tagged_division_1[OF ab as(1),of f,THEN sym]
  2953       unfolding vector_minus_component[THEN sym] additive_tagged_division_1[OF ab as(1),of "\<lambda>x. x",THEN sym]
  2954       apply(subst dest_vec1_setsum) unfolding setsum_right_distrib defer unfolding setsum_subtractf[THEN sym] 
  2955     proof(rule setsum_norm_le,safe) fix x k assume "(x,k)\<in>p"
  2956       note xk = tagged_division_ofD(2-4)[OF as(1) this] from this(3) guess u v apply-by(erule exE)+ note k=this
  2957       have *:"dest_vec1 u \<le> dest_vec1 v" using xk unfolding k by auto
  2958       have ball:"\<forall>xa\<in>k. xa \<in> ball x (d (dest_vec1 x))" using as(2)[unfolded fine_def,rule_format,OF `(x,k)\<in>p`,unfolded split_conv subset_eq] .
  2959       have "norm ((v$1 - u$1) *\<^sub>R f' x - (f v - f u)) \<le> norm (f u - f x - (u$1 - x$1) *\<^sub>R f' x) + norm (f v - f x - (v$1 - x$1) *\<^sub>R f' x)"
  2960         apply(rule order_trans[OF _ norm_triangle_ineq4]) apply(rule eq_refl) apply(rule arg_cong[where f=norm])
  2961         unfolding scaleR.diff_left by(auto simp add:algebra_simps)
  2962       also have "... \<le> e * norm (dest_vec1 u - dest_vec1 x) + e * norm (dest_vec1 v - dest_vec1 x)"
  2963         apply(rule add_mono) apply(rule d(2)[of "x$1" "u$1",unfolded o_def vec1_dest_vec1]) prefer 4
  2964         apply(rule d(2)[of "x$1" "v$1",unfolded o_def vec1_dest_vec1])
  2965         using ball[rule_format,of u] ball[rule_format,of v] 
  2966         using xk(1-2) unfolding k subset_eq by(auto simp add:dist_norm norm_real)
  2967       also have "... \<le> e * dest_vec1 (interval_upperbound k - interval_lowerbound k)"
  2968         unfolding k interval_bound_1[OF *] using xk(1) unfolding k by(auto simp add:dist_norm norm_real field_simps)
  2969       finally show "norm (content k *\<^sub>R f' x - (f (interval_upperbound k) - f (interval_lowerbound k))) \<le>
  2970         e * dest_vec1 (interval_upperbound k - interval_lowerbound k)" unfolding k interval_bound_1[OF *] content_1[OF *] .
  2971     qed(insert as, auto) qed qed
  2972 
  2973 subsection {* Attempt a systematic general set of "offset" results for components. *}
  2974 
  2975 lemma gauge_modify:
  2976   assumes "(\<forall>s. open s \<longrightarrow> open {x. f(x) \<in> s})" "gauge d"
  2977   shows "gauge (\<lambda>x y. d (f x) (f y))"
  2978   using assms unfolding gauge_def apply safe defer apply(erule_tac x="f x" in allE)
  2979   apply(erule_tac x="d (f x)" in allE) unfolding mem_def Collect_def by auto
  2980 
  2981 subsection {* Only need trivial subintervals if the interval itself is trivial. *}
  2982 
  2983 lemma division_of_nontrivial: fixes s::"(real^'n) set set"
  2984   assumes "s division_of {a..b}" "content({a..b}) \<noteq> 0"
  2985   shows "{k. k \<in> s \<and> content k \<noteq> 0} division_of {a..b}" using assms(1) apply-
  2986 proof(induct "card s" arbitrary:s rule:nat_less_induct)
  2987   fix s::"(real^'n) set set" assume assm:"s division_of {a..b}"
  2988     "\<forall>m<card s. \<forall>x. m = card x \<longrightarrow> x division_of {a..b} \<longrightarrow> {k \<in> x. content k \<noteq> 0} division_of {a..b}" 
  2989   note s = division_ofD[OF assm(1)] let ?thesis = "{k \<in> s. content k \<noteq> 0} division_of {a..b}"
  2990   { presume *:"{k \<in> s. content k \<noteq> 0} \<noteq> s \<Longrightarrow> ?thesis"
  2991     show ?thesis apply cases defer apply(rule *,assumption) using assm(1) by auto }
  2992   assume noteq:"{k \<in> s. content k \<noteq> 0} \<noteq> s"
  2993   then obtain k where k:"k\<in>s" "content k = 0" by auto
  2994   from s(4)[OF k(1)] guess c d apply-by(erule exE)+ note k=k this
  2995   from k have "card s > 0" unfolding card_gt_0_iff using assm(1) by auto
  2996   hence card:"card (s - {k}) < card s" using assm(1) k(1) apply(subst card_Diff_singleton_if) by auto
  2997   have *:"closed (\<Union>(s - {k}))" apply(rule closed_Union) defer apply rule apply(drule DiffD1,drule s(4))
  2998     apply safe apply(rule closed_interval) using assm(1) by auto
  2999   have "k \<subseteq> \<Union>(s - {k})" apply safe apply(rule *[unfolded closed_limpt,rule_format]) unfolding islimpt_approachable
  3000   proof safe fix x and e::real assume as:"x\<in>k" "e>0"
  3001     from k(2)[unfolded k content_eq_0] guess i .. 
  3002     hence i:"c$i = d$i" using s(3)[OF k(1),unfolded k] unfolding interval_ne_empty by smt
  3003     hence xi:"x$i = d$i" using as unfolding k mem_interval by smt
  3004     def y \<equiv> "(\<chi> j. if j = i then if c$i \<le> (a$i + b$i) / 2 then c$i + min e (b$i - c$i) / 2 else c$i - min e (c$i - a$i) / 2 else x$j)"
  3005     show "\<exists>x'\<in>\<Union>(s - {k}). x' \<noteq> x \<and> dist x' x < e" apply(rule_tac x=y in bexI) 
  3006     proof have "d \<in> {c..d}" using s(3)[OF k(1)] unfolding k interval_eq_empty mem_interval by(fastsimp simp add: not_less)
  3007       hence "d \<in> {a..b}" using s(2)[OF k(1)] unfolding k by auto note di = this[unfolded mem_interval,THEN spec[where x=i]]
  3008       hence xyi:"y$i \<noteq> x$i" unfolding y_def unfolding i xi Cart_lambda_beta if_P[OF refl]
  3009         apply(cases) apply(subst if_P,assumption) unfolding if_not_P not_le using as(2) using assms(2)[unfolded content_eq_0] by smt+ 
  3010       thus "y \<noteq> x" unfolding Cart_eq by auto
  3011       have *:"UNIV = insert i (UNIV - {i})" by auto
  3012       have "norm (y - x) < e + setsum (\<lambda>i. 0) (UNIV::'n set)" apply(rule le_less_trans[OF norm_le_l1])
  3013         apply(subst *,subst setsum_insert) prefer 3 apply(rule add_less_le_mono)
  3014       proof- show "\<bar>(y - x) $ i\<bar> < e" unfolding y_def Cart_lambda_beta vector_minus_component if_P[OF refl]
  3015           apply(cases) apply(subst if_P,assumption) unfolding if_not_P unfolding i xi using di as(2) by auto
  3016         show "(\<Sum>i\<in>UNIV - {i}. \<bar>(y - x) $ i\<bar>) \<le> (\<Sum>i\<in>UNIV. 0)" unfolding y_def by auto 
  3017       qed auto thus "dist y x < e" unfolding dist_norm by auto
  3018       have "y\<notin>k" unfolding k mem_interval apply rule apply(erule_tac x=i in allE) using xyi unfolding k i xi by auto
  3019       moreover have "y \<in> \<Union>s" unfolding s mem_interval
  3020       proof note simps = y_def Cart_lambda_beta if_not_P
  3021         fix j::'n show "a $ j \<le> y $ j \<and> y $ j \<le> b $ j" 
  3022         proof(cases "j = i") case False have "x \<in> {a..b}" using s(2)[OF k(1)] as(1) by auto
  3023           thus ?thesis unfolding simps if_not_P[OF False] unfolding mem_interval by auto
  3024         next case True note T = this show ?thesis
  3025           proof(cases "c $ i \<le> (a $ i + b $ i) / 2")
  3026             case True show ?thesis unfolding simps if_P[OF T] if_P[OF True] unfolding i
  3027               using True as(2) di apply-apply rule unfolding T by (auto simp add:field_simps) 
  3028           next case False thus ?thesis unfolding simps if_P[OF T] if_not_P[OF False] unfolding i
  3029               using True as(2) di apply-apply rule unfolding T by (auto simp add:field_simps)
  3030           qed qed qed
  3031       ultimately show "y \<in> \<Union>(s - {k})" by auto
  3032     qed qed hence "\<Union>(s - {k}) = {a..b}" unfolding s(6)[THEN sym] by auto
  3033   hence  "{ka \<in> s - {k}. content ka \<noteq> 0} division_of {a..b}" apply-apply(rule assm(2)[rule_format,OF card refl])
  3034     apply(rule division_ofI) defer apply(rule_tac[1-4] s) using assm(1) by auto
  3035   moreover have "{ka \<in> s - {k}. content ka \<noteq> 0} = {k \<in> s. content k \<noteq> 0}" using k by auto ultimately show ?thesis by auto qed
  3036 
  3037 subsection {* Integrabibility on subintervals. *}
  3038 
  3039 lemma operative_integrable: fixes f::"real^'n \<Rightarrow> 'a::banach" shows
  3040   "operative op \<and> (\<lambda>i. f integrable_on i)"
  3041   unfolding operative_def neutral_and apply safe apply(subst integrable_on_def)
  3042   unfolding has_integral_null_eq apply(rule,rule refl) apply(rule,assumption)+
  3043   unfolding integrable_on_def by(auto intro: has_integral_split)
  3044 
  3045 lemma integrable_subinterval: fixes f::"real^'n \<Rightarrow> 'a::banach" 
  3046   assumes "f integrable_on {a..b}" "{c..d} \<subseteq> {a..b}" shows "f integrable_on {c..d}" 
  3047   apply(cases "{c..d} = {}") defer apply(rule partial_division_extend_1[OF assms(2)],assumption)
  3048   using operative_division_and[OF operative_integrable,THEN sym,of _ _ _ f] assms(1) by auto
  3049 
  3050 subsection {* Combining adjacent intervals in 1 dimension. *}
  3051 
  3052 lemma has_integral_combine: assumes "(a::real^1) \<le> c" "c \<le> b"
  3053   "(f has_integral i) {a..c}" "(f has_integral (j::'a::banach)) {c..b}"
  3054   shows "(f has_integral (i + j)) {a..b}"
  3055 proof- note operative_integral[of f, unfolded operative_1_le[OF monoidal_lifted[OF monoidal_monoid]]]
  3056   note conjunctD2[OF this,rule_format] note * = this(2)[OF conjI[OF assms(1-2)],unfolded if_P[OF assms(3)]]
  3057   hence "f integrable_on {a..b}" apply- apply(rule ccontr) apply(subst(asm) if_P) defer
  3058     apply(subst(asm) if_P) using assms(3-) by auto
  3059   with * show ?thesis apply-apply(subst(asm) if_P) defer apply(subst(asm) if_P) defer apply(subst(asm) if_P)
  3060     unfolding lifted.simps using assms(3-) by(auto simp add: integrable_on_def integral_unique) qed
  3061 
  3062 lemma integral_combine: fixes f::"real^1 \<Rightarrow> 'a::banach"
  3063   assumes "a \<le> c" "c \<le> b" "f integrable_on ({a..b})"
  3064   shows "integral {a..c} f + integral {c..b} f = integral({a..b}) f"
  3065   apply(rule integral_unique[THEN sym]) apply(rule has_integral_combine[OF assms(1-2)])
  3066   apply(rule_tac[!] integrable_integral integrable_subinterval[OF assms(3)])+ using assms(1-2) by auto
  3067 
  3068 lemma integrable_combine: fixes f::"real^1 \<Rightarrow> 'a::banach"
  3069   assumes "a \<le> c" "c \<le> b" "f integrable_on {a..c}" "f integrable_on {c..b}"
  3070   shows "f integrable_on {a..b}" using assms unfolding integrable_on_def by(fastsimp intro!:has_integral_combine)
  3071 
  3072 subsection {* Reduce integrability to "local" integrability. *}
  3073 
  3074 lemma integrable_on_little_subintervals: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3075   assumes "\<forall>x\<in>{a..b}. \<exists>d>0. \<forall>u v. x \<in> {u..v} \<and> {u..v} \<subseteq> ball x d \<and> {u..v} \<subseteq> {a..b} \<longrightarrow> f integrable_on {u..v}"
  3076   shows "f integrable_on {a..b}"
  3077 proof- have "\<forall>x. \<exists>d. x\<in>{a..b} \<longrightarrow> d>0 \<and> (\<forall>u v. x \<in> {u..v} \<and> {u..v} \<subseteq> ball x d \<and> {u..v} \<subseteq> {a..b} \<longrightarrow> f integrable_on {u..v})"
  3078     using assms by auto note this[unfolded gauge_existence_lemma] from choice[OF this] guess d .. note d=this[rule_format]
  3079   guess p apply(rule fine_division_exists[OF gauge_ball_dependent,of d a b]) using d by auto note p=this(1-2)
  3080   note division_of_tagged_division[OF this(1)] note * = operative_division_and[OF operative_integrable,OF this,THEN sym,of f]
  3081   show ?thesis unfolding * apply safe unfolding snd_conv
  3082   proof- fix x k assume "(x,k) \<in> p" note tagged_division_ofD(2-4)[OF p(1) this] fineD[OF p(2) this]
  3083     thus "f integrable_on k" apply safe apply(rule d[THEN conjunct2,rule_format,of x]) by auto qed qed
  3084 
  3085 subsection {* Second FCT or existence of antiderivative. *}
  3086 
  3087 lemma integrable_const[intro]:"(\<lambda>x. c) integrable_on {a..b}"
  3088   unfolding integrable_on_def by(rule,rule has_integral_const)
  3089 
  3090 lemma integral_has_vector_derivative: fixes f::"real \<Rightarrow> 'a::banach"
  3091   assumes "continuous_on {a..b} f" "x \<in> {a..b}"
  3092   shows "((\<lambda>u. integral {vec a..vec u} (f o dest_vec1)) has_vector_derivative f(x)) (at x within {a..b})"
  3093   unfolding has_vector_derivative_def has_derivative_within_alt
  3094 apply safe apply(rule scaleR.bounded_linear_left)
  3095 proof- fix e::real assume e:"e>0"
  3096   note compact_uniformly_continuous[OF assms(1) compact_real_interval,unfolded uniformly_continuous_on_def]
  3097   from this[rule_format,OF e] guess d apply-by(erule conjE exE)+ note d=this[rule_format]
  3098   let ?I = "\<lambda>a b. integral {vec1 a..vec1 b} (f \<circ> dest_vec1)"
  3099   show "\<exists>d>0. \<forall>y\<in>{a..b}. norm (y - x) < d \<longrightarrow> norm (?I a y - ?I a x - (y - x) *\<^sub>R f x) \<le> e * norm (y - x)"
  3100   proof(rule,rule,rule d,safe) case goal1 show ?case proof(cases "y < x")
  3101       case False have "f \<circ> dest_vec1 integrable_on {vec1 a..vec1 y}" apply(rule integrable_subinterval,rule integrable_continuous)
  3102         apply(rule continuous_on_o_dest_vec1 assms)+  unfolding not_less using assms(2) goal1 by auto
  3103       hence *:"?I a y - ?I a x = ?I x y" unfolding algebra_simps apply(subst eq_commute) apply(rule integral_combine)
  3104         using False unfolding not_less using assms(2) goal1 by auto
  3105       have **:"norm (y - x) = content {vec1 x..vec1 y}" apply(subst content_1) using False unfolding not_less by auto
  3106       show ?thesis unfolding ** apply(rule has_integral_bound[where f="(\<lambda>u. f u - f x) o dest_vec1"]) unfolding * unfolding o_def
  3107         defer apply(rule has_integral_sub) apply(rule integrable_integral)
  3108         apply(rule integrable_subinterval,rule integrable_continuous) apply(rule continuous_on_o_dest_vec1[unfolded o_def] assms)+
  3109       proof- show "{vec1 x..vec1 y} \<subseteq> {vec1 a..vec1 b}" using goal1 assms(2) by auto
  3110         have *:"y - x = norm(y - x)" using False by auto
  3111         show "((\<lambda>xa. f x) has_integral (y - x) *\<^sub>R f x) {vec1 x..vec1 y}" apply(subst *) unfolding ** by auto
  3112         show "\<forall>xa\<in>{vec1 x..vec1 y}. norm (f (dest_vec1 xa) - f x) \<le> e" apply safe apply(rule less_imp_le)
  3113           apply(rule d(2)[unfolded dist_norm]) using assms(2) using goal1 by auto
  3114       qed(insert e,auto)
  3115     next case True have "f \<circ> dest_vec1 integrable_on {vec1 a..vec1 x}" apply(rule integrable_subinterval,rule integrable_continuous)
  3116         apply(rule continuous_on_o_dest_vec1 assms)+  unfolding not_less using assms(2) goal1 by auto
  3117       hence *:"?I a x - ?I a y = ?I y x" unfolding algebra_simps apply(subst eq_commute) apply(rule integral_combine)
  3118         using True using assms(2) goal1 by auto
  3119       have **:"norm (y - x) = content {vec1 y..vec1 x}" apply(subst content_1) using True unfolding not_less by auto
  3120       have ***:"\<And>fy fx c::'a. fx - fy - (y - x) *\<^sub>R c = -(fy - fx - (x - y) *\<^sub>R c)" unfolding scaleR_left.diff by auto 
  3121       show ?thesis apply(subst ***) unfolding norm_minus_cancel **
  3122         apply(rule has_integral_bound[where f="(\<lambda>u. f u - f x) o dest_vec1"]) unfolding * unfolding o_def
  3123         defer apply(rule has_integral_sub) apply(subst minus_minus[THEN sym]) unfolding minus_minus
  3124         apply(rule integrable_integral) apply(rule integrable_subinterval,rule integrable_continuous)
  3125         apply(rule continuous_on_o_dest_vec1[unfolded o_def] assms)+
  3126       proof- show "{vec1 y..vec1 x} \<subseteq> {vec1 a..vec1 b}" using goal1 assms(2) by auto
  3127         have *:"x - y = norm(y - x)" using True by auto
  3128         show "((\<lambda>xa. f x) has_integral (x - y) *\<^sub>R f x) {vec1 y..vec1 x}" apply(subst *) unfolding ** by auto
  3129         show "\<forall>xa\<in>{vec1 y..vec1 x}. norm (f (dest_vec1 xa) - f x) \<le> e" apply safe apply(rule less_imp_le)
  3130           apply(rule d(2)[unfolded dist_norm]) using assms(2) using goal1 by auto
  3131       qed(insert e,auto) qed qed qed
  3132 
  3133 lemma integral_has_vector_derivative': fixes f::"real^1 \<Rightarrow> 'a::banach"
  3134   assumes "continuous_on {a..b} f" "x \<in> {a..b}"
  3135   shows "((\<lambda>u. (integral {a..vec u} f)) has_vector_derivative f x) (at (x$1) within {a$1..b$1})"
  3136   using integral_has_vector_derivative[OF continuous_on_o_vec1[OF assms(1)], of "x$1"]
  3137   unfolding o_def vec1_dest_vec1 using assms(2) by auto
  3138 
  3139 lemma antiderivative_continuous: assumes "continuous_on {a..b::real} f"
  3140   obtains g where "\<forall>x\<in> {a..b}. (g has_vector_derivative (f(x)::_::banach)) (at x within {a..b})"
  3141   apply(rule that,rule) using integral_has_vector_derivative[OF assms] by auto
  3142 
  3143 subsection {* Combined fundamental theorem of calculus. *}
  3144 
  3145 lemma antiderivative_integral_continuous: fixes f::"real \<Rightarrow> 'a::banach" assumes "continuous_on {a..b} f"
  3146   obtains g where "\<forall>u\<in>{a..b}. \<forall>v \<in> {a..b}. u \<le> v \<longrightarrow> ((f o dest_vec1) has_integral (g v - g u)) {vec u..vec v}"
  3147 proof- from antiderivative_continuous[OF assms] guess g . note g=this
  3148   show ?thesis apply(rule that[of g])
  3149   proof safe case goal1 have "\<forall>x\<in>{u..v}. (g has_vector_derivative f x) (at x within {u..v})"
  3150       apply(rule,rule has_vector_derivative_within_subset) apply(rule g[rule_format]) using goal1(1-2) by auto
  3151     thus ?case using fundamental_theorem_of_calculus[OF goal1(3),of "g o dest_vec1" "f o dest_vec1"]
  3152       unfolding o_def vec1_dest_vec1 by auto qed qed
  3153 
  3154 subsection {* General "twiddling" for interval-to-interval function image. *}
  3155 
  3156 lemma has_integral_twiddle:
  3157   assumes "0 < r" "\<forall>x. h(g x) = x" "\<forall>x. g(h x) = x" "\<forall>x. continuous (at x) g"
  3158   "\<forall>u v. \<exists>w z. g ` {u..v} = {w..z}"
  3159   "\<forall>u v. \<exists>w z. h ` {u..v} = {w..z}"
  3160   "\<forall>u v. content(g ` {u..v}) = r * content {u..v}"
  3161   "(f has_integral i) {a..b}"
  3162   shows "((\<lambda>x. f(g x)) has_integral (1 / r) *\<^sub>R i) (h ` {a..b})"
  3163 proof- { presume *:"{a..b} \<noteq> {} \<Longrightarrow> ?thesis"
  3164     show ?thesis apply cases defer apply(rule *,assumption)
  3165     proof- case goal1 thus ?thesis unfolding goal1 assms(8)[unfolded goal1 has_integral_empty_eq] by auto qed }
  3166   assume "{a..b} \<noteq> {}" from assms(6)[rule_format,of a b] guess w z apply-by(erule exE)+ note wz=this
  3167   have inj:"inj g" "inj h" unfolding inj_on_def apply safe apply(rule_tac[!] ccontr)
  3168     using assms(2) apply(erule_tac x=x in allE) using assms(2) apply(erule_tac x=y in allE) defer
  3169     using assms(3) apply(erule_tac x=x in allE) using assms(3) apply(erule_tac x=y in allE) by auto
  3170   show ?thesis unfolding has_integral_def has_integral_compact_interval_def apply(subst if_P) apply(rule,rule,rule wz)
  3171   proof safe fix e::real assume e:"e>0" hence "e * r > 0" using assms(1) by(rule mult_pos_pos)
  3172     from assms(8)[unfolded has_integral,rule_format,OF this] guess d apply-by(erule exE conjE)+ note d=this[rule_format]
  3173     def d' \<equiv> "\<lambda>x y. d (g x) (g y)" have d':"\<And>x. d' x = {y. g y \<in> (d (g x))}" unfolding d'_def by(auto simp add:mem_def)
  3174     show "\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of h ` {a..b} \<and> d fine p \<longrightarrow> norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f (g x)) - (1 / r) *\<^sub>R i) < e)"
  3175     proof(rule_tac x=d' in exI,safe) show "gauge d'" using d(1) unfolding gauge_def d' using continuous_open_preimage_univ[OF assms(4)] by auto
  3176       fix p assume as:"p tagged_division_of h ` {a..b}" "d' fine p" note p = tagged_division_ofD[OF as(1)] 
  3177       have "(\<lambda>(x, k). (g x, g ` k)) ` p tagged_division_of {a..b} \<and> d fine (\<lambda>(x, k). (g x, g ` k)) ` p" unfolding tagged_division_of 
  3178       proof safe show "finite ((\<lambda>(x, k). (g x, g ` k)) ` p)" using as by auto
  3179         show "d fine (\<lambda>(x, k). (g x, g ` k)) ` p" using as(2) unfolding fine_def d' by auto
  3180         fix x k assume xk[intro]:"(x,k) \<in> p" show "g x \<in> g ` k" using p(2)[OF xk] by auto
  3181         show "\<exists>u v. g ` k = {u..v}" using p(4)[OF xk] using assms(5-6) by auto
  3182         { fix y assume "y \<in> k" thus "g y \<in> {a..b}" "g y \<in> {a..b}" using p(3)[OF xk,unfolded subset_eq,rule_format,of "h (g y)"]
  3183             using assms(2)[rule_format,of y] unfolding inj_image_mem_iff[OF inj(2)] by auto }
  3184         fix x' k' assume xk':"(x',k') \<in> p" fix z assume "z \<in> interior (g ` k)" "z \<in> interior (g ` k')"
  3185         hence *:"interior (g ` k) \<inter> interior (g ` k') \<noteq> {}" by auto
  3186         have same:"(x, k) = (x', k')" apply-apply(rule ccontr,drule p(5)[OF xk xk'])
  3187         proof- assume as:"interior k \<inter> interior k' = {}" from nonempty_witness[OF *] guess z .
  3188           hence "z \<in> g ` (interior k \<inter> interior k')" using interior_image_subset[OF assms(4) inj(1)]
  3189             unfolding image_Int[OF inj(1)] by auto thus False using as by blast
  3190         qed thus "g x = g x'" by auto
  3191         { fix z assume "z \<in> k"  thus  "g z \<in> g ` k'" using same by auto }
  3192         { fix z assume "z \<in> k'" thus  "g z \<in> g ` k"  using same by auto }
  3193       next fix x assume "x \<in> {a..b}" hence "h x \<in>  \<Union>{k. \<exists>x. (x, k) \<in> p}" using p(6) by auto
  3194         then guess X unfolding Union_iff .. note X=this from this(1) guess y unfolding mem_Collect_eq ..
  3195         thus "x \<in> \<Union>{k. \<exists>x. (x, k) \<in> (\<lambda>(x, k). (g x, g ` k)) ` p}" apply-
  3196           apply(rule_tac X="g ` X" in UnionI) defer apply(rule_tac x="h x" in image_eqI)
  3197           using X(2) assms(3)[rule_format,of x] by auto
  3198       qed note ** = d(2)[OF this] have *:"inj_on (\<lambda>(x, k). (g x, g ` k)) p" using inj(1) unfolding inj_on_def by fastsimp
  3199        have "(\<Sum>(x, k)\<in>(\<lambda>(x, k). (g x, g ` k)) ` p. content k *\<^sub>R f x) - i = r *\<^sub>R (\<Sum>(x, k)\<in>p. content k *\<^sub>R f (g x)) - i" (is "?l = _") unfolding algebra_simps add_left_cancel
  3200         unfolding setsum_reindex[OF *] apply(subst scaleR_right.setsum) defer apply(rule setsum_cong2) unfolding o_def split_paired_all split_conv
  3201         apply(drule p(4)) apply safe unfolding assms(7)[rule_format] using p by auto
  3202       also have "... = r *\<^sub>R ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f (g x)) - (1 / r) *\<^sub>R i)" (is "_ = ?r") unfolding scaleR.diff_right scaleR.scaleR_left[THEN sym]
  3203         unfolding real_scaleR_def using assms(1) by auto finally have *:"?l = ?r" .
  3204       show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f (g x)) - (1 / r) *\<^sub>R i) < e" using ** unfolding * unfolding norm_scaleR
  3205         using assms(1) by(auto simp add:field_simps) qed qed qed
  3206 
  3207 subsection {* Special case of a basic affine transformation. *}
  3208 
  3209 lemma interval_image_affinity_interval: shows "\<exists>u v. (\<lambda>x. m *\<^sub>R (x::real^'n) + c) ` {a..b} = {u..v}"
  3210   unfolding image_affinity_interval by auto
  3211 
  3212 lemmas Cart_simps = Cart_nth.add Cart_nth.minus Cart_nth.zero Cart_nth.diff Cart_nth.scaleR real_scaleR_def Cart_lambda_beta
  3213    Cart_eq vector_le_def vector_less_def
  3214 
  3215 lemma setprod_cong2: assumes "\<And>x. x \<in> A \<Longrightarrow> f x = g x" shows "setprod f A = setprod g A"
  3216   apply(rule setprod_cong) using assms by auto
  3217 
  3218 lemma content_image_affinity_interval: 
  3219  "content((\<lambda>x::real^'n. m *\<^sub>R x + c) ` {a..b}) = (abs m) ^ CARD('n) * content {a..b}" (is "?l = ?r")
  3220 proof- { presume *:"{a..b}\<noteq>{} \<Longrightarrow> ?thesis" show ?thesis apply(cases,rule *,assumption)
  3221       unfolding not_not using content_empty by auto }
  3222   assume as:"{a..b}\<noteq>{}" show ?thesis proof(cases "m \<ge> 0")
  3223     case True show ?thesis unfolding image_affinity_interval if_not_P[OF as] if_P[OF True]
  3224       unfolding content_closed_interval'[OF as] apply(subst content_closed_interval') 
  3225       defer apply(subst setprod_constant[THEN sym]) apply(rule finite_UNIV) unfolding setprod_timesf[THEN sym]
  3226       apply(rule setprod_cong2) using True as unfolding interval_ne_empty Cart_simps not_le  
  3227       by(auto simp add:field_simps intro:mult_left_mono)
  3228   next case False show ?thesis unfolding image_affinity_interval if_not_P[OF as] if_not_P[OF False]
  3229       unfolding content_closed_interval'[OF as] apply(subst content_closed_interval') 
  3230       defer apply(subst setprod_constant[THEN sym]) apply(rule finite_UNIV) unfolding setprod_timesf[THEN sym]
  3231       apply(rule setprod_cong2) using False as unfolding interval_ne_empty Cart_simps not_le 
  3232       by(auto simp add:field_simps mult_le_cancel_left_neg) qed qed
  3233 
  3234 lemma has_integral_affinity: assumes "(f has_integral i) {a..b::real^'n}" "m \<noteq> 0"
  3235   shows "((\<lambda>x. f(m *\<^sub>R x + c)) has_integral ((1 / (abs(m) ^ CARD('n::finite))) *\<^sub>R i)) ((\<lambda>x. (1 / m) *\<^sub>R x + -((1 / m) *\<^sub>R c)) ` {a..b})"
  3236   apply(rule has_integral_twiddle,safe) unfolding Cart_eq Cart_simps apply(rule zero_less_power)
  3237   defer apply(insert assms(2), simp add:field_simps) apply(insert assms(2), simp add:field_simps)
  3238   apply(rule continuous_intros)+ apply(rule interval_image_affinity_interval)+ apply(rule content_image_affinity_interval) using assms by auto
  3239 
  3240 lemma integrable_affinity: assumes "f integrable_on {a..b}" "m \<noteq> 0"
  3241   shows "(\<lambda>x. f(m *\<^sub>R x + c)) integrable_on ((\<lambda>x. (1 / m) *\<^sub>R x + -((1/m) *\<^sub>R c)) ` {a..b})"
  3242   using assms unfolding integrable_on_def apply safe apply(drule has_integral_affinity) by auto
  3243 
  3244 subsection {* Special case of stretching coordinate axes separately. *}
  3245 
  3246 lemma image_stretch_interval:
  3247   "(\<lambda>x. \<chi> k. m k * x$k) ` {a..b::real^'n} =
  3248   (if {a..b} = {} then {} else {(\<chi> k. min (m(k) * a$k) (m(k) * b$k)) ..  (\<chi> k. max (m(k) * a$k) (m(k) * b$k))})" (is "?l = ?r")
  3249 proof(cases "{a..b}={}") case True thus ?thesis unfolding True by auto
  3250 next have *:"\<And>P Q. (\<forall>i. P i) \<and> (\<forall>i. Q i) \<longleftrightarrow> (\<forall>i. P i \<and> Q i)" by auto
  3251   case False note ab = this[unfolded interval_ne_empty]
  3252   show ?thesis apply-apply(rule set_ext)
  3253   proof- fix x::"real^'n" have **:"\<And>P Q. (\<forall>i. P i = Q i) \<Longrightarrow> (\<forall>i. P i) = (\<forall>i. Q i)" by auto
  3254     show "x \<in> ?l \<longleftrightarrow> x \<in> ?r" unfolding if_not_P[OF False] 
  3255       unfolding image_iff mem_interval Bex_def Cart_simps Cart_eq *
  3256       unfolding lambda_skolem[THEN sym,of "\<lambda> i xa. (a $ i \<le> xa \<and> xa \<le> b $ i) \<and> x $ i = m i * xa"]
  3257     proof(rule **,rule) fix i::'n show "(\<exists>xa. (a $ i \<le> xa \<and> xa \<le> b $ i) \<and> x $ i = m i * xa) =
  3258         (min (m i * a $ i) (m i * b $ i) \<le> x $ i \<and> x $ i \<le> max (m i * a $ i) (m i * b $ i))"
  3259       proof(cases "m i = 0") case True thus ?thesis using ab by auto
  3260       next case False hence "0 < m i \<or> 0 > m i" by auto thus ?thesis apply-
  3261         proof(erule disjE) assume as:"0 < m i" hence *:"min (m i * a $ i) (m i * b $ i) = m i * a $ i"
  3262             "max (m i * a $ i) (m i * b $ i) = m i * b $ i" using ab unfolding min_def max_def by auto
  3263           show ?thesis unfolding * apply rule defer apply(rule_tac x="1 / m i * x$i" in exI)
  3264             using as by(auto simp add:field_simps)
  3265         next assume as:"0 > m i" hence *:"max (m i * a $ i) (m i * b $ i) = m i * a $ i"
  3266             "min (m i * a $ i) (m i * b $ i) = m i * b $ i" using ab as unfolding min_def max_def 
  3267             by(auto simp add:field_simps mult_le_cancel_left_neg intro: order_antisym)
  3268           show ?thesis unfolding * apply rule defer apply(rule_tac x="1 / m i * x$i" in exI)
  3269             using as by(auto simp add:field_simps) qed qed qed qed qed 
  3270 
  3271 lemma interval_image_stretch_interval: "\<exists>u v. (\<lambda>x. \<chi> k. m k * x$k) ` {a..b::real^'n} = {u..v}"
  3272   unfolding image_stretch_interval by auto 
  3273 
  3274 lemma content_image_stretch_interval:
  3275   "content((\<lambda>x::real^'n. \<chi> k. m k * x$k) ` {a..b}) = abs(setprod m UNIV) * content({a..b})"
  3276 proof(cases "{a..b} = {}") case True thus ?thesis
  3277     unfolding content_def image_is_empty image_stretch_interval if_P[OF True] by auto
  3278 next case False hence "(\<lambda>x. \<chi> k. m k * x $ k) ` {a..b} \<noteq> {}" by auto
  3279   thus ?thesis using False unfolding content_def image_stretch_interval apply- unfolding interval_bounds' if_not_P
  3280     unfolding abs_setprod setprod_timesf[THEN sym] apply(rule setprod_cong2) unfolding Cart_lambda_beta
  3281   proof- fix i::'n have "(m i < 0 \<or> m i > 0) \<or> m i = 0" by auto
  3282     thus "max (m i * a $ i) (m i * b $ i) - min (m i * a $ i) (m i * b $ i) = \<bar>m i\<bar> * (b $ i - a $ i)"
  3283       apply-apply(erule disjE)+ unfolding min_def max_def using False[unfolded interval_ne_empty,rule_format,of i] 
  3284       by(auto simp add:field_simps not_le mult_le_cancel_left_neg mult_le_cancel_left_pos) qed qed
  3285 
  3286 lemma has_integral_stretch: assumes "(f has_integral i) {a..b}" "\<forall>k. ~(m k = 0)"
  3287   shows "((\<lambda>x. f(\<chi> k. m k * x$k)) has_integral
  3288              ((1/(abs(setprod m UNIV))) *\<^sub>R i)) ((\<lambda>x. \<chi> k. 1/(m k) * x$k) ` {a..b})"
  3289   apply(rule has_integral_twiddle) unfolding zero_less_abs_iff content_image_stretch_interval
  3290   unfolding image_stretch_interval empty_as_interval Cart_eq using assms
  3291 proof- show "\<forall>x. continuous (at x) (\<lambda>x. \<chi> k. m k * x $ k)"
  3292    apply(rule,rule linear_continuous_at) unfolding linear_linear
  3293    unfolding linear_def Cart_simps Cart_eq by(auto simp add:field_simps) qed auto
  3294 
  3295 lemma integrable_stretch: 
  3296   assumes "f integrable_on {a..b}" "\<forall>k. ~(m k = 0)"
  3297   shows "(\<lambda>x. f(\<chi> k. m k * x$k)) integrable_on ((\<lambda>x. \<chi> k. 1/(m k) * x$k) ` {a..b})"
  3298   using assms unfolding integrable_on_def apply-apply(erule exE) apply(drule has_integral_stretch) by auto
  3299 
  3300 subsection {* even more special cases. *}
  3301 
  3302 lemma uminus_interval_vector[simp]:"uminus ` {a..b} = {-b .. -a::real^'n}"
  3303   apply(rule set_ext,rule) defer unfolding image_iff
  3304   apply(rule_tac x="-x" in bexI) by(auto simp add:vector_le_def minus_le_iff le_minus_iff)
  3305 
  3306 lemma has_integral_reflect_lemma[intro]: assumes "(f has_integral i) {a..b}"
  3307   shows "((\<lambda>x. f(-x)) has_integral i) {-b .. -a}"
  3308   using has_integral_affinity[OF assms, of "-1" 0] by auto
  3309 
  3310 lemma has_integral_reflect[simp]: "((\<lambda>x. f(-x)) has_integral i) {-b..-a} \<longleftrightarrow> (f has_integral i) ({a..b})"
  3311   apply rule apply(drule_tac[!] has_integral_reflect_lemma) by auto
  3312 
  3313 lemma integrable_reflect[simp]: "(\<lambda>x. f(-x)) integrable_on {-b..-a} \<longleftrightarrow> f integrable_on {a..b}"
  3314   unfolding integrable_on_def by auto
  3315 
  3316 lemma integral_reflect[simp]: "integral {-b..-a} (\<lambda>x. f(-x)) = integral ({a..b}) f"
  3317   unfolding integral_def by auto
  3318 
  3319 subsection {* Stronger form of FCT; quite a tedious proof. *}
  3320 
  3321 (** move this **)
  3322 declare norm_triangle_ineq4[intro] 
  3323 
  3324 lemma bgauge_existence_lemma: "(\<forall>x\<in>s. \<exists>d::real. 0 < d \<and> q d x) \<longleftrightarrow> (\<forall>x. \<exists>d>0. x\<in>s \<longrightarrow> q d x)" by(meson zero_less_one)
  3325 
  3326 lemma additive_tagged_division_1': fixes f::"real \<Rightarrow> 'a::real_normed_vector"
  3327   assumes "a \<le> b" "p tagged_division_of {vec1 a..vec1 b}"
  3328   shows "setsum (\<lambda>(x,k). f (dest_vec1 (interval_upperbound k)) - f(dest_vec1 (interval_lowerbound k))) p = f b - f a"
  3329   using additive_tagged_division_1[OF _ assms(2), of "f o dest_vec1"]
  3330   unfolding o_def vec1_dest_vec1 using assms(1) by auto
  3331 
  3332 lemma split_minus[simp]:"(\<lambda>(x, k). f x k) x - (\<lambda>(x, k). g x k) x = (\<lambda>(x, k). f x k - g x k) x"
  3333   unfolding split_def by(rule refl)
  3334 
  3335 lemma norm_triangle_le_sub: "norm x + norm y \<le> e \<Longrightarrow> norm (x - y) \<le> e"
  3336   apply(subst(asm)(2) norm_minus_cancel[THEN sym])
  3337   apply(drule norm_triangle_le) by(auto simp add:algebra_simps)
  3338 
  3339 lemma fundamental_theorem_of_calculus_interior:
  3340   assumes"a \<le> b" "continuous_on {a..b} f" "\<forall>x\<in>{a<..<b}. (f has_vector_derivative f'(x)) (at x)"
  3341   shows "((f' o dest_vec1) has_integral (f b - f a)) {vec a..vec b}"
  3342 proof- { presume *:"a < b \<Longrightarrow> ?thesis" 
  3343     show ?thesis proof(cases,rule *,assumption)
  3344       assume "\<not> a < b" hence "a = b" using assms(1) by auto
  3345       hence *:"{vec a .. vec b} = {vec b}" "f b - f a = 0" by(auto simp add: Cart_eq vector_le_def order_antisym)
  3346       show ?thesis unfolding *(2) apply(rule has_integral_null) unfolding content_eq_0_1 using * `a=b` by auto
  3347     qed } assume ab:"a < b"
  3348   let ?P = "\<lambda>e. \<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {vec1 a..vec1 b} \<and> d fine p \<longrightarrow>
  3349                    norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R (f' \<circ> dest_vec1) x) - (f b - f a)) \<le> e * content {vec1 a..vec1 b})"
  3350   { presume "\<And>e. e>0 \<Longrightarrow> ?P e" thus ?thesis unfolding has_integral_factor_content by auto }
  3351   fix e::real assume e:"e>0"
  3352   note assms(3)[unfolded has_vector_derivative_def has_derivative_at_alt ball_conj_distrib]
  3353   note conjunctD2[OF this] note bounded=this(1) and this(2)
  3354   from this(2) have "\<forall>x\<in>{a<..<b}. \<exists>d>0. \<forall>y. norm (y - x) < d \<longrightarrow> norm (f y - f x - (y - x) *\<^sub>R f' x) \<le> e/2 * norm (y - x)"
  3355     apply-apply safe apply(erule_tac x=x in ballE,erule_tac x="e/2" in allE) using e by auto note this[unfolded bgauge_existence_lemma]
  3356   from choice[OF this] guess d .. note conjunctD2[OF this[rule_format]] note d = this[rule_format]
  3357   have "bounded (f ` {a..b})" apply(rule compact_imp_bounded compact_continuous_image)+ using compact_real_interval assms by auto
  3358   from this[unfolded bounded_pos] guess B .. note B = this[rule_format]
  3359 
  3360   have "\<exists>da. 0 < da \<and> (\<forall>c. a \<le> c \<and> {a..c} \<subseteq> {a..b} \<and> {a..c} \<subseteq> ball a da
  3361     \<longrightarrow> norm(content {vec1 a..vec1 c} *\<^sub>R f' a - (f c - f a)) \<le> (e * (b - a)) / 4)"
  3362   proof- have "a\<in>{a..b}" using ab by auto
  3363     note assms(2)[unfolded continuous_on_eq_continuous_within,rule_format,OF this]
  3364     note * = this[unfolded continuous_within Lim_within,rule_format] have "(e * (b - a)) / 8 > 0" using e ab by(auto simp add:field_simps)
  3365     from *[OF this] guess k .. note k = conjunctD2[OF this,rule_format]
  3366     have "\<exists>l. 0 < l \<and> norm(l *\<^sub>R f' a) \<le> (e * (b - a)) / 8"
  3367     proof(cases "f' a = 0") case True
  3368       thus ?thesis apply(rule_tac x=1 in exI) using ab e by(auto intro!:mult_nonneg_nonneg) 
  3369     next case False thus ?thesis 
  3370         apply(rule_tac x="(e * (b - a)) / 8 / norm (f' a)" in exI)
  3371         using ab e by(auto simp add:field_simps)
  3372     qed then guess l .. note l = conjunctD2[OF this]
  3373     show ?thesis apply(rule_tac x="min k l" in exI) apply safe unfolding min_less_iff_conj apply(rule,(rule l k)+)
  3374     proof- fix c assume as:"a \<le> c" "{a..c} \<subseteq> {a..b}" "{a..c} \<subseteq> ball a (min k l)" 
  3375       note as' = this[unfolded subset_eq Ball_def mem_ball dist_real_def mem_interval]
  3376       have "norm ((c - a) *\<^sub>R f' a - (f c - f a)) \<le> norm ((c - a) *\<^sub>R f' a) + norm (f c - f a)" by(rule norm_triangle_ineq4)
  3377       also have "... \<le> e * (b - a) / 8 + e * (b - a) / 8" 
  3378       proof(rule add_mono) case goal1 have "\<bar>c - a\<bar> \<le> \<bar>l\<bar>" using as' by auto
  3379         thus ?case apply-apply(rule order_trans[OF _ l(2)]) unfolding norm_scaleR apply(rule mult_right_mono) by auto
  3380       next case goal2 show ?case apply(rule less_imp_le) apply(cases "a = c") defer
  3381           apply(rule k(2)[unfolded dist_norm]) using as' e ab by(auto simp add:field_simps)
  3382       qed finally show "norm (content {vec1 a..vec1 c} *\<^sub>R f' a - (f c - f a)) \<le> e * (b - a) / 4" unfolding content_1'[OF as(1)] by auto
  3383     qed qed then guess da .. note da=conjunctD2[OF this,rule_format]
  3384 
  3385   have "\<exists>db>0. \<forall>c\<le>b. {c..b} \<subseteq> {a..b} \<and> {c..b} \<subseteq> ball b db \<longrightarrow> norm(content {vec1 c..vec1 b} *\<^sub>R f' b - (f b - f c)) \<le> (e * (b - a)) / 4"
  3386   proof- have "b\<in>{a..b}" using ab by auto
  3387     note assms(2)[unfolded continuous_on_eq_continuous_within,rule_format,OF this]
  3388     note * = this[unfolded continuous_within Lim_within,rule_format] have "(e * (b - a)) / 8 > 0" using e ab by(auto simp add:field_simps)
  3389     from *[OF this] guess k .. note k = conjunctD2[OF this,rule_format]
  3390     have "\<exists>l. 0 < l \<and> norm(l *\<^sub>R f' b) \<le> (e * (b - a)) / 8"
  3391     proof(cases "f' b = 0") case True
  3392       thus ?thesis apply(rule_tac x=1 in exI) using ab e by(auto intro!:mult_nonneg_nonneg) 
  3393     next case False thus ?thesis 
  3394         apply(rule_tac x="(e * (b - a)) / 8 / norm (f' b)" in exI)
  3395         using ab e by(auto simp add:field_simps)
  3396     qed then guess l .. note l = conjunctD2[OF this]
  3397     show ?thesis apply(rule_tac x="min k l" in exI) apply safe unfolding min_less_iff_conj apply(rule,(rule l k)+)
  3398     proof- fix c assume as:"c \<le> b" "{c..b} \<subseteq> {a..b}" "{c..b} \<subseteq> ball b (min k l)" 
  3399       note as' = this[unfolded subset_eq Ball_def mem_ball dist_real_def mem_interval]
  3400       have "norm ((b - c) *\<^sub>R f' b - (f b - f c)) \<le> norm ((b - c) *\<^sub>R f' b) + norm (f b - f c)" by(rule norm_triangle_ineq4)
  3401       also have "... \<le> e * (b - a) / 8 + e * (b - a) / 8" 
  3402       proof(rule add_mono) case goal1 have "\<bar>c - b\<bar> \<le> \<bar>l\<bar>" using as' by auto
  3403         thus ?case apply-apply(rule order_trans[OF _ l(2)]) unfolding norm_scaleR apply(rule mult_right_mono) by auto
  3404       next case goal2 show ?case apply(rule less_imp_le) apply(cases "b = c") defer apply(subst norm_minus_commute)
  3405           apply(rule k(2)[unfolded dist_norm]) using as' e ab by(auto simp add:field_simps)
  3406       qed finally show "norm (content {vec1 c..vec1 b} *\<^sub>R f' b - (f b - f c)) \<le> e * (b - a) / 4" unfolding content_1'[OF as(1)] by auto
  3407     qed qed then guess db .. note db=conjunctD2[OF this,rule_format]
  3408 
  3409   let ?d = "(\<lambda>x. ball x (if x=vec1 a then da else if x=vec b then db else d (dest_vec1 x)))"
  3410   show "?P e" apply(rule_tac x="?d" in exI)
  3411   proof safe case goal1 show ?case apply(rule gauge_ball_dependent) using ab db(1) da(1) d(1) by auto
  3412   next case goal2 note as=this let ?A = "{t. fst t \<in> {vec1 a, vec1 b}}" note p = tagged_division_ofD[OF goal2(1)]
  3413     have pA:"p = (p \<inter> ?A) \<union> (p - ?A)" "finite (p \<inter> ?A)" "finite (p - ?A)" "(p \<inter> ?A) \<inter> (p - ?A) = {}"  using goal2 by auto
  3414     note * = additive_tagged_division_1'[OF assms(1) goal2(1), THEN sym]
  3415     have **:"\<And>n1 s1 n2 s2::real. n2 \<le> s2 / 2 \<Longrightarrow> n1 - s1 \<le> s2 / 2 \<Longrightarrow> n1 + n2 \<le> s1 + s2" by arith
  3416     show ?case unfolding content_1'[OF assms(1)] and *[of "\<lambda>x. x"] *[of f] setsum_subtractf[THEN sym] split_minus
  3417       unfolding setsum_right_distrib apply(subst(2) pA,subst pA) unfolding setsum_Un_disjoint[OF pA(2-)]
  3418     proof(rule norm_triangle_le,rule **) 
  3419       case goal1 show ?case apply(rule order_trans,rule setsum_norm_le) apply(rule pA) defer apply(subst divide.setsum)
  3420       proof(rule order_refl,safe,unfold not_le o_def split_conv fst_conv,rule ccontr) fix x k assume as:"(x,k) \<in> p"
  3421           "e * (dest_vec1 (interval_upperbound k) - dest_vec1 (interval_lowerbound k)) / 2
  3422           < norm (content k *\<^sub>R f' (dest_vec1 x) - (f (dest_vec1 (interval_upperbound k)) - f (dest_vec1 (interval_lowerbound k))))"
  3423         from p(4)[OF this(1)] guess u v apply-by(erule exE)+ note k=this
  3424         hence "\<forall>i. u$i \<le> v$i" and uv:"{u,v}\<subseteq>{u..v}" using p(2)[OF as(1)] by auto note this(1) this(1)[unfolded forall_1]
  3425         note result = as(2)[unfolded k interval_bounds[OF this(1)] content_1[OF this(2)]]
  3426 
  3427         assume as':"x \<noteq> vec1 a" "x \<noteq> vec1 b" hence "x$1 \<in> {a<..<b}" using p(2-3)[OF as(1)] by(auto simp add: Cart_eq) note  * = d(2)[OF this]
  3428         have "norm ((v$1 - u$1) *\<^sub>R f' (x$1) - (f (v$1) - f (u$1))) =
  3429           norm ((f (u$1) - f (x$1) - (u$1 - x$1) *\<^sub>R f' (x$1)) - (f (v$1) - f (x$1) - (v$1 - x$1) *\<^sub>R f' (x$1)))" 
  3430           apply(rule arg_cong[of _ _ norm]) unfolding scaleR_left.diff by auto 
  3431         also have "... \<le> e / 2 * norm (u$1 - x$1) + e / 2 * norm (v$1 - x$1)" apply(rule norm_triangle_le_sub)
  3432           apply(rule add_mono) apply(rule_tac[!] *) using fineD[OF goal2(2) as(1)] as' unfolding k subset_eq
  3433           apply- apply(erule_tac x=u in ballE,erule_tac[3] x=v in ballE) using uv by(auto simp add:dist_real)
  3434         also have "... \<le> e / 2 * norm (v$1 - u$1)" using p(2)[OF as(1)] unfolding k by(auto simp add:field_simps)
  3435         finally have "e * (dest_vec1 v - dest_vec1 u) / 2 < e * (dest_vec1 v - dest_vec1 u) / 2"
  3436           apply- apply(rule less_le_trans[OF result]) using uv by auto thus False by auto qed
  3437 
  3438     next have *:"\<And>x s1 s2::real. 0 \<le> s1 \<Longrightarrow> x \<le> (s1 + s2) / 2 \<Longrightarrow> x - s1 \<le> s2 / 2" by auto
  3439       case goal2 show ?case apply(rule *) apply(rule setsum_nonneg) apply(rule,unfold split_paired_all split_conv)
  3440         defer unfolding setsum_Un_disjoint[OF pA(2-),THEN sym] pA(1)[THEN sym] unfolding setsum_right_distrib[THEN sym] 
  3441         apply(subst additive_tagged_division_1[OF _ as(1)]) unfolding vec1_dest_vec1 apply(rule assms)
  3442       proof- fix x k assume "(x,k) \<in> p \<inter> {t. fst t \<in> {vec1 a, vec1 b}}" note xk=IntD1[OF this]
  3443         from p(4)[OF this] guess u v apply-by(erule exE)+ note uv=this
  3444         with p(2)[OF xk] have "{u..v} \<noteq> {}" by auto
  3445         thus "0 \<le> e * ((interval_upperbound k)$1 - (interval_lowerbound k)$1)"
  3446           unfolding uv using e by(auto simp add:field_simps)
  3447       next have *:"\<And>s f t e. setsum f s = setsum f t \<Longrightarrow> norm(setsum f t) \<le> e \<Longrightarrow> norm(setsum f s) \<le> e" by auto
  3448         show "norm (\<Sum>(x, k)\<in>p \<inter> ?A. content k *\<^sub>R (f' \<circ> dest_vec1) x -
  3449           (f ((interval_upperbound k)$1) - f ((interval_lowerbound k)$1))) \<le> e * (b - a) / 2" 
  3450           apply(rule *[where t="p \<inter> {t. fst t \<in> {vec1 a, vec1 b} \<and> content(snd t) \<noteq> 0}"])
  3451           apply(rule setsum_mono_zero_right[OF pA(2)]) defer apply(rule) unfolding split_paired_all split_conv o_def
  3452         proof- fix x k assume "(x,k) \<in> p \<inter> {t. fst t \<in> {vec1 a, vec1 b}} - p \<inter> {t. fst t \<in> {vec1 a, vec1 b} \<and> content (snd t) \<noteq> 0}"
  3453           hence xk:"(x,k)\<in>p" "content k = 0" by auto from p(4)[OF xk(1)] guess u v apply-by(erule exE)+ note uv=this
  3454           have "k\<noteq>{}" using p(2)[OF xk(1)] by auto hence *:"u = v" using xk unfolding uv content_eq_0_1 interval_eq_empty by auto
  3455           thus "content k *\<^sub>R (f' (x$1)) - (f ((interval_upperbound k)$1) - f ((interval_lowerbound k)$1)) = 0" using xk unfolding uv by auto
  3456         next have *:"p \<inter> {t. fst t \<in> {vec1 a, vec1 b} \<and> content(snd t) \<noteq> 0} = 
  3457             {t. t\<in>p \<and> fst t = vec1 a \<and> content(snd t) \<noteq> 0} \<union> {t. t\<in>p \<and> fst t = vec1 b \<and> content(snd t) \<noteq> 0}" by blast
  3458           have **:"\<And>s f. \<And>e::real. (\<forall>x y. x \<in> s \<and> y \<in> s \<longrightarrow> x = y) \<Longrightarrow> (\<forall>x. x \<in> s \<longrightarrow> norm(f x) \<le> e) \<Longrightarrow> e>0 \<Longrightarrow> norm(setsum f s) \<le> e"
  3459           proof(case_tac "s={}") case goal2 then obtain x where "x\<in>s" by auto hence *:"s = {x}" using goal2(1) by auto
  3460             thus ?case using `x\<in>s` goal2(2) by auto
  3461           qed auto
  3462           case goal2 show ?case apply(subst *, subst setsum_Un_disjoint) prefer 4 apply(rule order_trans[of _ "e * (b - a)/4 + e * (b - a)/4"]) 
  3463             apply(rule norm_triangle_le,rule add_mono) apply(rule_tac[1-2] **)
  3464           proof- let ?B = "\<lambda>x. {t \<in> p. fst t = vec1 x \<and> content (snd t) \<noteq> 0}"
  3465             have pa:"\<And>k. (vec1 a, k) \<in> p \<Longrightarrow> \<exists>v. k = {vec1 a .. v} \<and> vec1 a \<le> v" 
  3466             proof- case goal1 guess u v using p(4)[OF goal1] apply-by(erule exE)+ note uv=this
  3467               have *:"u \<le> v" using p(2)[OF goal1] unfolding uv by auto
  3468               have u:"u = vec1 a" proof(rule ccontr)  have "u \<in> {u..v}" using p(2-3)[OF goal1(1)] unfolding uv by auto 
  3469                 have "u \<ge> vec1 a" using p(2-3)[OF goal1(1)] unfolding uv subset_eq by auto moreover assume "u\<noteq>vec1 a" ultimately
  3470                 have "u > vec1 a" unfolding Cart_simps by auto
  3471                 thus False using p(2)[OF goal1(1)] unfolding uv by(auto simp add:Cart_simps)
  3472               qed thus ?case apply(rule_tac x=v in exI) unfolding uv using * by auto
  3473             qed
  3474             have pb:"\<And>k. (vec1 b, k) \<in> p \<Longrightarrow> \<exists>v. k = {v .. vec1 b} \<and> vec1 b \<ge> v" 
  3475             proof- case goal1 guess u v using p(4)[OF goal1] apply-by(erule exE)+ note uv=this
  3476               have *:"u \<le> v" using p(2)[OF goal1] unfolding uv by auto
  3477               have u:"v = vec1 b" proof(rule ccontr)  have "u \<in> {u..v}" using p(2-3)[OF goal1(1)] unfolding uv by auto 
  3478                 have "v \<le> vec1 b" using p(2-3)[OF goal1(1)] unfolding uv subset_eq by auto moreover assume "v\<noteq>vec1 b" ultimately
  3479                 have "v < vec1 b" unfolding Cart_simps by auto
  3480                 thus False using p(2)[OF goal1(1)] unfolding uv by(auto simp add:Cart_simps)
  3481               qed thus ?case apply(rule_tac x=u in exI) unfolding uv using * by auto
  3482             qed
  3483 
  3484             show "\<forall>x y. x \<in> ?B a \<and> y \<in> ?B a \<longrightarrow> x = y" apply(rule,rule,rule,unfold split_paired_all)
  3485               unfolding mem_Collect_eq fst_conv snd_conv apply safe
  3486             proof- fix x k k' assume k:"(vec1 a, k) \<in> p" "(vec1 a, k') \<in> p" "content k \<noteq> 0" "content k' \<noteq> 0"
  3487               guess v using pa[OF k(1)] .. note v = conjunctD2[OF this]
  3488               guess v' using pa[OF k(2)] .. note v' = conjunctD2[OF this] let ?v = "vec1 (min (v$1) (v'$1))"
  3489               have "{vec1 a <..< ?v} \<subseteq> k \<inter> k'" unfolding v v' by(auto simp add:Cart_simps) note subset_interior[OF this,unfolded interior_inter]
  3490               moreover have "vec1 ((a + ?v$1)/2) \<in> {vec1 a <..< ?v}" using k(3-) unfolding v v' content_eq_0_1 not_le by(auto simp add:Cart_simps)
  3491               ultimately have "vec1 ((a + ?v$1)/2) \<in> interior k \<inter> interior k'" unfolding interior_open[OF open_interval] by auto
  3492               hence *:"k = k'" apply- apply(rule ccontr) using p(5)[OF k(1-2)] by auto
  3493               { assume "x\<in>k" thus "x\<in>k'" unfolding * . } { assume "x\<in>k'" thus "x\<in>k" unfolding * . }
  3494             qed 
  3495             show "\<forall>x y. x \<in> ?B b \<and> y \<in> ?B b \<longrightarrow> x = y" apply(rule,rule,rule,unfold split_paired_all)
  3496               unfolding mem_Collect_eq fst_conv snd_conv apply safe
  3497             proof- fix x k k' assume k:"(vec1 b, k) \<in> p" "(vec1 b, k') \<in> p" "content k \<noteq> 0" "content k' \<noteq> 0"
  3498               guess v using pb[OF k(1)] .. note v = conjunctD2[OF this]
  3499               guess v' using pb[OF k(2)] .. note v' = conjunctD2[OF this] let ?v = "vec1 (max (v$1) (v'$1))"
  3500               have "{?v <..< vec1 b} \<subseteq> k \<inter> k'" unfolding v v' by(auto simp add:Cart_simps) note subset_interior[OF this,unfolded interior_inter]
  3501               moreover have "vec1 ((b + ?v$1)/2) \<in> {?v <..< vec1 b}" using k(3-) unfolding v v' content_eq_0_1 not_le by(auto simp add:Cart_simps)
  3502               ultimately have "vec1 ((b + ?v$1)/2) \<in> interior k \<inter> interior k'" unfolding interior_open[OF open_interval] by auto
  3503               hence *:"k = k'" apply- apply(rule ccontr) using p(5)[OF k(1-2)] by auto
  3504               { assume "x\<in>k" thus "x\<in>k'" unfolding * . } { assume "x\<in>k'" thus "x\<in>k" unfolding * . }
  3505             qed
  3506 
  3507             let ?a = a and ?b = b (* a is something else while proofing the next theorem. *)
  3508             show "\<forall>x. x \<in> ?B a \<longrightarrow> norm ((\<lambda>(x, k). content k *\<^sub>R f' (x$1) - (f ((interval_upperbound k)$1) - f ((interval_lowerbound k)$1))) x)
  3509               \<le> e * (b - a) / 4" apply safe unfolding fst_conv snd_conv apply safe unfolding vec1_dest_vec1
  3510             proof- case goal1 guess v using pa[OF goal1(1)] .. note v = conjunctD2[OF this]
  3511               have "vec1 ?a\<in>{vec1 ?a..v}" using v(2) by auto hence "dest_vec1 v \<le> ?b" using p(3)[OF goal1(1)] unfolding subset_eq v by auto
  3512               moreover have "{?a..dest_vec1 v} \<subseteq> ball ?a da" using fineD[OF as(2) goal1(1)]
  3513                 apply-apply(subst(asm) if_P,rule refl) unfolding subset_eq apply safe apply(erule_tac x="vec1 x" in ballE)
  3514                 by(auto simp add:Cart_simps subset_eq dist_real v dist_real_def) ultimately
  3515               show ?case unfolding v unfolding interval_bounds[OF v(2)[unfolded v vector_le_def]] vec1_dest_vec1 apply-
  3516                 apply(rule da(2)[of "v$1",unfolded vec1_dest_vec1])
  3517                 using goal1 fineD[OF as(2) goal1(1)] unfolding v content_eq_0_1 by auto
  3518             qed
  3519             show "\<forall>x. x \<in> ?B b \<longrightarrow> norm ((\<lambda>(x, k). content k *\<^sub>R f' (x$1) - (f ((interval_upperbound k)$1) - f ((interval_lowerbound k)$1))) x)
  3520               \<le> e * (b - a) / 4" apply safe unfolding fst_conv snd_conv apply safe unfolding vec1_dest_vec1
  3521             proof- case goal1 guess v using pb[OF goal1(1)] .. note v = conjunctD2[OF this]
  3522               have "vec1 ?b\<in>{v..vec1 ?b}" using v(2) by auto hence "dest_vec1 v \<ge> ?a" using p(3)[OF goal1(1)] unfolding subset_eq v by auto
  3523               moreover have "{dest_vec1 v..?b} \<subseteq> ball ?b db" using fineD[OF as(2) goal1(1)]
  3524                 apply-apply(subst(asm) if_P,rule refl) unfolding subset_eq apply safe apply(erule_tac x="vec1 x" in ballE) using ab
  3525                 by(auto simp add:Cart_simps subset_eq dist_real v dist_real_def) ultimately
  3526               show ?case unfolding v unfolding interval_bounds[OF v(2)[unfolded v vector_le_def]] vec1_dest_vec1 apply-
  3527                 apply(rule db(2)[of "v$1",unfolded vec1_dest_vec1])
  3528                 using goal1 fineD[OF as(2) goal1(1)] unfolding v content_eq_0_1 by auto
  3529             qed
  3530           qed(insert p(1) ab e, auto simp add:field_simps) qed auto qed qed qed qed
  3531 
  3532 subsection {* Stronger form with finite number of exceptional points. *}
  3533 
  3534 lemma fundamental_theorem_of_calculus_interior_strong: fixes f::"real \<Rightarrow> 'a::banach"
  3535   assumes"finite s" "a \<le> b" "continuous_on {a..b} f"
  3536   "\<forall>x\<in>{a<..<b} - s. (f has_vector_derivative f'(x)) (at x)"
  3537   shows "((f' o dest_vec1) has_integral (f b - f a)) {vec a..vec b}" using assms apply- 
  3538 proof(induct "card s" arbitrary:s a b)
  3539   case 0 show ?case apply(rule fundamental_theorem_of_calculus_interior) using 0 by auto
  3540 next case (Suc n) from this(2) guess c s' apply-apply(subst(asm) eq_commute) unfolding card_Suc_eq
  3541     apply(subst(asm)(2) eq_commute) by(erule exE conjE)+ note cs = this[rule_format]
  3542   show ?case proof(cases "c\<in>{a<..<b}")
  3543     case False thus ?thesis apply- apply(rule Suc(1)[OF cs(3) _ Suc(4,5)]) apply safe defer
  3544       apply(rule Suc(6)[rule_format]) using Suc(3) unfolding cs by auto
  3545   next have *:"f b - f a = (f c - f a) + (f b - f c)" by auto
  3546     case True hence "vec1 a \<le> vec1 c" "vec1 c \<le> vec1 b" by auto
  3547     thus ?thesis apply(subst *) apply(rule has_integral_combine) apply assumption+
  3548       apply(rule_tac[!] Suc(1)[OF cs(3)]) using Suc(3) unfolding cs
  3549     proof- show "continuous_on {a..c} f" "continuous_on {c..b} f"
  3550         apply(rule_tac[!] continuous_on_subset[OF Suc(5)]) using True by auto
  3551       let ?P = "\<lambda>i j. \<forall>x\<in>{i<..<j} - s'. (f has_vector_derivative f' x) (at x)"
  3552       show "?P a c" "?P c b" apply safe apply(rule_tac[!] Suc(6)[rule_format]) using True unfolding cs by auto
  3553     qed auto qed qed
  3554 
  3555 lemma fundamental_theorem_of_calculus_strong: fixes f::"real \<Rightarrow> 'a::banach"
  3556   assumes "finite s" "a \<le> b" "continuous_on {a..b} f"
  3557   "\<forall>x\<in>{a..b} - s. (f has_vector_derivative f'(x)) (at x)"
  3558   shows "((f' o dest_vec1) has_integral (f(b) - f(a))) {vec1 a..vec1 b}"
  3559   apply(rule fundamental_theorem_of_calculus_interior_strong[OF assms(1-3), of f'])
  3560   using assms(4) by auto
  3561 
  3562 lemma indefinite_integral_continuous_left: fixes f::"real^1 \<Rightarrow> 'a::banach"
  3563   assumes "f integrable_on {a..b}" "a < c" "c \<le> b" "0 < e"
  3564   obtains d where "0 < d" "\<forall>t. c$1 - d < t$1 \<and> t \<le> c \<longrightarrow> norm(integral {a..c} f - integral {a..t} f) < e"
  3565 proof- have "\<exists>w>0. \<forall>t. c$1 - w < t$1 \<and> t < c \<longrightarrow> norm(f c) * norm(c - t) < e / 3"
  3566   proof(cases "f c = 0") case False hence "0 < e / 3 / norm (f c)"
  3567       apply-apply(rule divide_pos_pos) using `e>0` by auto
  3568     thus ?thesis apply-apply(rule,rule,assumption,safe)
  3569     proof- fix t assume as:"t < c" and "c$1 - e / 3 / norm (f c) < t$(1::1)"
  3570       hence "c$1 - t$1 < e / 3 / norm (f c)" by auto
  3571       hence "norm (c - t) < e / 3 / norm (f c)" using as unfolding norm_vector_1 vector_less_def by auto
  3572       thus "norm (f c) * norm (c - t) < e / 3" using False apply-
  3573         apply(subst mult_commute) apply(subst pos_less_divide_eq[THEN sym]) by auto
  3574     qed next case True show ?thesis apply(rule_tac x=1 in exI) unfolding True using `e>0` by auto
  3575   qed then guess w .. note w = conjunctD2[OF this,rule_format]
  3576   
  3577   have *:"e / 3 > 0" using assms by auto
  3578   have "f integrable_on {a..c}" apply(rule integrable_subinterval[OF assms(1)]) using assms(2-3) by auto
  3579   from integrable_integral[OF this,unfolded has_integral,rule_format,OF *] guess d1 ..
  3580   note d1 = conjunctD2[OF this,rule_format] def d \<equiv> "\<lambda>x. ball x w \<inter> d1 x"
  3581   have "gauge d" unfolding d_def using w(1) d1 by auto
  3582   note this[unfolded gauge_def,rule_format,of c] note conjunctD2[OF this]
  3583   from this(2)[unfolded open_contains_ball,rule_format,OF this(1)] guess k .. note k=conjunctD2[OF this]
  3584 
  3585   let ?d = "min k (c$1 - a$1)/2" show ?thesis apply(rule that[of ?d])
  3586   proof safe show "?d > 0" using k(1) using assms(2) unfolding vector_less_def by auto
  3587     fix t assume as:"c$1 - ?d < t$1" "t \<le> c" let ?thesis = "norm (integral {a..c} f - integral {a..t} f) < e"
  3588     { presume *:"t < c \<Longrightarrow> ?thesis"
  3589       show ?thesis apply(cases "t = c") defer apply(rule *)
  3590         unfolding vector_less_def apply(subst less_le) using `e>0` as(2) by auto } assume "t < c"
  3591 
  3592     have "f integrable_on {a..t}" apply(rule integrable_subinterval[OF assms(1)]) using assms(2-3) as(2) by auto
  3593     from integrable_integral[OF this,unfolded has_integral,rule_format,OF *] guess d2 ..
  3594     note d2 = conjunctD2[OF this,rule_format]
  3595     def d3 \<equiv> "\<lambda>x. if x \<le> t then d1 x \<inter> d2 x else d1 x"
  3596     have "gauge d3" using d2(1) d1(1) unfolding d3_def gauge_def by auto
  3597     from fine_division_exists[OF this, of a t] guess p . note p=this
  3598     note p'=tagged_division_ofD[OF this(1)]
  3599     have pt:"\<forall>(x,k)\<in>p. x$1 \<le> t$1" proof safe case goal1 from p'(2,3)[OF this] show ?case by auto qed
  3600     with p(2) have "d2 fine p" unfolding fine_def d3_def apply safe apply(erule_tac x="(a,b)" in ballE)+ by auto
  3601     note d2_fin = d2(2)[OF conjI[OF p(1) this]]
  3602     
  3603     have *:"{a..c} \<inter> {x. x$1 \<le> t$1} = {a..t}" "{a..c} \<inter> {x. x$1 \<ge> t$1} = {t..c}"
  3604       using assms(2-3) as by(auto simp add:field_simps)
  3605     have "p \<union> {(c, {t..c})} tagged_division_of {a..c} \<and> d1 fine p \<union> {(c, {t..c})}" apply rule
  3606       apply(rule tagged_division_union_interval[of _ _ _ 1 "t$1"]) unfolding * apply(rule p)
  3607       apply(rule tagged_division_of_self) unfolding fine_def
  3608     proof safe fix x k y assume "(x,k)\<in>p" "y\<in>k" thus "y\<in>d1 x"
  3609         using p(2) pt unfolding fine_def d3_def apply- apply(erule_tac x="(x,k)" in ballE)+ by auto
  3610     next fix x assume "x\<in>{t..c}" hence "dist c x < k" unfolding dist_real
  3611         using as(1) by(auto simp add:field_simps) 
  3612       thus "x \<in> d1 c" using k(2) unfolding d_def by auto
  3613     qed(insert as(2), auto) note d1_fin = d1(2)[OF this]
  3614 
  3615     have *:"integral{a..c} f - integral {a..t} f = -(((c$1 - t$1) *\<^sub>R f c + (\<Sum>(x, k)\<in>p. content k *\<^sub>R f x)) -
  3616         integral {a..c} f) + ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - integral {a..t} f) + (c$1 - t$1) *\<^sub>R f c" 
  3617       "e = (e/3 + e/3) + e/3" by auto
  3618     have **:"(\<Sum>(x, k)\<in>p \<union> {(c, {t..c})}. content k *\<^sub>R f x) = (c$1 - t$1) *\<^sub>R f c + (\<Sum>(x, k)\<in>p. content k *\<^sub>R f x)"
  3619     proof- have **:"\<And>x F. F \<union> {x} = insert x F" by auto
  3620       have "(c, {t..c}) \<notin> p" proof safe case goal1 from p'(2-3)[OF this]
  3621         have "c \<in> {a..t}" by auto thus False using `t<c` unfolding vector_less_def by auto
  3622       qed thus ?thesis unfolding ** apply- apply(subst setsum_insert) apply(rule p')
  3623         unfolding split_conv defer apply(subst content_1) using as(2) by auto qed 
  3624 
  3625     have ***:"c$1 - w < t$1 \<and> t < c"
  3626     proof- have "c$1 - k < t$1" using `k>0` as(1) by(auto simp add:field_simps)
  3627       moreover have "k \<le> w" apply(rule ccontr) using k(2) 
  3628         unfolding subset_eq apply(erule_tac x="c + vec ((k + w)/2)" in ballE)
  3629         unfolding d_def using `k>0` `w>0` by(auto simp add:field_simps not_le not_less dist_real)
  3630       ultimately show  ?thesis using `t<c` by(auto simp add:field_simps) qed
  3631 
  3632     show ?thesis unfolding *(1) apply(subst *(2)) apply(rule norm_triangle_lt add_strict_mono)+
  3633       unfolding norm_minus_cancel apply(rule d1_fin[unfolded **]) apply(rule d2_fin)
  3634       using w(2)[OF ***] unfolding norm_scaleR norm_real by(auto simp add:field_simps) qed qed 
  3635 
  3636 lemma indefinite_integral_continuous_right: fixes f::"real^1 \<Rightarrow> 'a::banach"
  3637   assumes "f integrable_on {a..b}" "a \<le> c" "c < b" "0 < e"
  3638   obtains d where "0 < d" "\<forall>t. c \<le> t \<and> t$1 < c$1 + d \<longrightarrow> norm(integral{a..c} f - integral{a..t} f) < e"
  3639 proof- have *:"(\<lambda>x. f (- x)) integrable_on {- b..- a}" "- b < - c" "- c \<le> - a"
  3640     using assms unfolding Cart_simps by auto
  3641   from indefinite_integral_continuous_left[OF * `e>0`] guess d . note d = this let ?d = "min d (b$1 - c$1)"
  3642   show ?thesis apply(rule that[of "?d"])
  3643   proof safe show "0 < ?d" using d(1) assms(3) unfolding Cart_simps by auto
  3644     fix t::"_^1" assume as:"c \<le> t" "t$1 < c$1 + ?d"
  3645     have *:"integral{a..c} f = integral{a..b} f - integral{c..b} f"
  3646       "integral{a..t} f = integral{a..b} f - integral{t..b} f" unfolding algebra_simps
  3647       apply(rule_tac[!] integral_combine) using assms as unfolding Cart_simps by auto
  3648     have "(- c)$1 - d < (- t)$1 \<and> - t \<le> - c" using as by auto note d(2)[rule_format,OF this]
  3649     thus "norm (integral {a..c} f - integral {a..t} f) < e" unfolding * 
  3650       unfolding integral_reflect apply-apply(subst norm_minus_commute) by(auto simp add:algebra_simps) qed qed
  3651 
  3652 declare dest_vec1_eq[simp del] not_less[simp] not_le[simp]
  3653 
  3654 lemma indefinite_integral_continuous: fixes f::"real^1 \<Rightarrow> 'a::banach"
  3655   assumes "f integrable_on {a..b}" shows  "continuous_on {a..b} (\<lambda>x. integral {a..x} f)"
  3656 proof(unfold continuous_on_iff, safe)  fix x e assume as:"x\<in>{a..b}" "0<(e::real)"
  3657   let ?thesis = "\<exists>d>0. \<forall>x'\<in>{a..b}. dist x' x < d \<longrightarrow> dist (integral {a..x'} f) (integral {a..x} f) < e"
  3658   { presume *:"a<b \<Longrightarrow> ?thesis"
  3659     show ?thesis apply(cases,rule *,assumption)
  3660     proof- case goal1 hence "{a..b} = {x}" using as(1) unfolding Cart_simps  
  3661         by(auto simp only:field_simps not_less Cart_eq forall_1 mem_interval) 
  3662       thus ?case using `e>0` by auto
  3663     qed } assume "a<b"
  3664   have "(x=a \<or> x=b) \<or> (a<x \<and> x<b)" using as(1) by (auto simp add: Cart_simps)
  3665   thus ?thesis apply-apply(erule disjE)+
  3666   proof- assume "x=a" have "a \<le> a" by auto
  3667     from indefinite_integral_continuous_right[OF assms(1) this `a<b` `e>0`] guess d . note d=this
  3668     show ?thesis apply(rule,rule,rule d,safe) apply(subst dist_commute)
  3669       unfolding `x=a` dist_norm apply(rule d(2)[rule_format]) unfolding norm_real by auto
  3670   next   assume "x=b" have "b \<le> b" by auto
  3671     from indefinite_integral_continuous_left[OF assms(1) `a<b` this `e>0`] guess d . note d=this
  3672     show ?thesis apply(rule,rule,rule d,safe) apply(subst dist_commute)
  3673       unfolding `x=b` dist_norm apply(rule d(2)[rule_format]) unfolding norm_real by auto
  3674   next assume "a<x \<and> x<b" hence xl:"a<x" "x\<le>b" and xr:"a\<le>x" "x<b" by(auto simp add: vector_less_def)
  3675     from indefinite_integral_continuous_left [OF assms(1) xl `e>0`] guess d1 . note d1=this
  3676     from indefinite_integral_continuous_right[OF assms(1) xr `e>0`] guess d2 . note d2=this
  3677     show ?thesis apply(rule_tac x="min d1 d2" in exI)
  3678     proof safe show "0 < min d1 d2" using d1 d2 by auto
  3679       fix y assume "y\<in>{a..b}" "dist y x < min d1 d2"
  3680       thus "dist (integral {a..y} f) (integral {a..x} f) < e" apply-apply(subst dist_commute)
  3681         apply(cases "y < x") unfolding dist_norm apply(rule d1(2)[rule_format]) defer
  3682         apply(rule d2(2)[rule_format]) unfolding Cart_simps not_less norm_real by(auto simp add:field_simps)
  3683     qed qed qed 
  3684 
  3685 subsection {* This doesn't directly involve integration, but that gives an easy proof. *}
  3686 
  3687 lemma has_derivative_zero_unique_strong_interval: fixes f::"real \<Rightarrow> 'a::banach"
  3688   assumes "finite k" "continuous_on {a..b} f" "f a = y"
  3689   "\<forall>x\<in>({a..b} - k). (f has_derivative (\<lambda>h. 0)) (at x within {a..b})" "x \<in> {a..b}"
  3690   shows "f x = y"
  3691 proof- have ab:"a\<le>b" using assms by auto
  3692   have *:"(\<lambda>x. 0\<Colon>'a) \<circ> dest_vec1 = (\<lambda>x. 0)" unfolding o_def by auto have **:"a \<le> x" using assms by auto
  3693   have "((\<lambda>x. 0\<Colon>'a) \<circ> dest_vec1 has_integral f x - f a) {vec1 a..vec1 x}"
  3694     apply(rule fundamental_theorem_of_calculus_interior_strong[OF assms(1) ** ])
  3695     apply(rule continuous_on_subset[OF assms(2)]) defer
  3696     apply safe unfolding has_vector_derivative_def apply(subst has_derivative_within_open[THEN sym])
  3697     apply assumption apply(rule open_interval_real) apply(rule has_derivative_within_subset[where s="{a..b}"])
  3698     using assms(4) assms(5) by auto note this[unfolded *]
  3699   note has_integral_unique[OF has_integral_0 this]
  3700   thus ?thesis unfolding assms by auto qed
  3701 
  3702 subsection {* Generalize a bit to any convex set. *}
  3703 
  3704 lemmas scaleR_simps = scaleR_zero_left scaleR_minus_left scaleR_left_diff_distrib
  3705   scaleR_zero_right scaleR_minus_right scaleR_right_diff_distrib scaleR_eq_0_iff
  3706   scaleR_cancel_left scaleR_cancel_right scaleR.add_right scaleR.add_left real_vector_class.scaleR_one
  3707 
  3708 lemma has_derivative_zero_unique_strong_convex: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3709   assumes "convex s" "finite k" "continuous_on s f" "c \<in> s" "f c = y"
  3710   "\<forall>x\<in>(s - k). (f has_derivative (\<lambda>h. 0)) (at x within s)" "x \<in> s"
  3711   shows "f x = y"
  3712 proof- { presume *:"x \<noteq> c \<Longrightarrow> ?thesis" show ?thesis apply(cases,rule *,assumption)
  3713       unfolding assms(5)[THEN sym] by auto } assume "x\<noteq>c"
  3714   note conv = assms(1)[unfolded convex_alt,rule_format]
  3715   have as1:"continuous_on {0..1} (f \<circ> (\<lambda>t. (1 - t) *\<^sub>R c + t *\<^sub>R x))"
  3716     apply(rule continuous_on_intros)+ apply(rule continuous_on_subset[OF assms(3)])
  3717     apply safe apply(rule conv) using assms(4,7) by auto
  3718   have *:"\<And>t xa. (1 - t) *\<^sub>R c + t *\<^sub>R x = (1 - xa) *\<^sub>R c + xa *\<^sub>R x \<Longrightarrow> t = xa"
  3719   proof- case goal1 hence "(t - xa) *\<^sub>R x = (t - xa) *\<^sub>R c" 
  3720       unfolding scaleR_simps by(auto simp add:algebra_simps)
  3721     thus ?case using `x\<noteq>c` by auto qed
  3722   have as2:"finite {t. ((1 - t) *\<^sub>R c + t *\<^sub>R x) \<in> k}" using assms(2) 
  3723     apply(rule finite_surj[where f="\<lambda>z. SOME t. (1-t) *\<^sub>R c + t *\<^sub>R x = z"])
  3724     apply safe unfolding image_iff apply rule defer apply assumption
  3725     apply(rule sym) apply(rule some_equality) defer apply(drule *) by auto
  3726   have "(f \<circ> (\<lambda>t. (1 - t) *\<^sub>R c + t *\<^sub>R x)) 1 = y"
  3727     apply(rule has_derivative_zero_unique_strong_interval[OF as2 as1, of ])
  3728     unfolding o_def using assms(5) defer apply-apply(rule)
  3729   proof- fix t assume as:"t\<in>{0..1} - {t. (1 - t) *\<^sub>R c + t *\<^sub>R x \<in> k}"
  3730     have *:"c - t *\<^sub>R c + t *\<^sub>R x \<in> s - k" apply safe apply(rule conv[unfolded scaleR_simps]) 
  3731       using `x\<in>s` `c\<in>s` as by(auto simp add: algebra_simps)
  3732     have "(f \<circ> (\<lambda>t. (1 - t) *\<^sub>R c + t *\<^sub>R x) has_derivative (\<lambda>x. 0) \<circ> (\<lambda>z. (0 - z *\<^sub>R c) + z *\<^sub>R x)) (at t within {0..1})"
  3733       apply(rule diff_chain_within) apply(rule has_derivative_add)
  3734       unfolding scaleR_simps apply(rule has_derivative_sub) apply(rule has_derivative_const)
  3735       apply(rule has_derivative_vmul_within,rule has_derivative_id)+ 
  3736       apply(rule has_derivative_within_subset,rule assms(6)[rule_format])
  3737       apply(rule *) apply safe apply(rule conv[unfolded scaleR_simps]) using `x\<in>s` `c\<in>s` by auto
  3738     thus "((\<lambda>xa. f ((1 - xa) *\<^sub>R c + xa *\<^sub>R x)) has_derivative (\<lambda>h. 0)) (at t within {0..1})" unfolding o_def .
  3739   qed auto thus ?thesis by auto qed
  3740 
  3741 subsection {* Also to any open connected set with finite set of exceptions. Could 
  3742  generalize to locally convex set with limpt-free set of exceptions. *}
  3743 
  3744 lemma has_derivative_zero_unique_strong_connected: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3745   assumes "connected s" "open s" "finite k" "continuous_on s f" "c \<in> s" "f c = y"
  3746   "\<forall>x\<in>(s - k). (f has_derivative (\<lambda>h. 0)) (at x within s)" "x\<in>s"
  3747   shows "f x = y"
  3748 proof- have "{x \<in> s. f x \<in> {y}} = {} \<or> {x \<in> s. f x \<in> {y}} = s"
  3749     apply(rule assms(1)[unfolded connected_clopen,rule_format]) apply rule defer
  3750     apply(rule continuous_closed_in_preimage[OF assms(4) closed_sing])
  3751     apply(rule open_openin_trans[OF assms(2)]) unfolding open_contains_ball
  3752   proof safe fix x assume "x\<in>s" 
  3753     from assms(2)[unfolded open_contains_ball,rule_format,OF this] guess e .. note e=conjunctD2[OF this]
  3754     show "\<exists>e>0. ball x e \<subseteq> {xa \<in> s. f xa \<in> {f x}}" apply(rule,rule,rule e)
  3755     proof safe fix y assume y:"y \<in> ball x e" thus "y\<in>s" using e by auto
  3756       show "f y = f x" apply(rule has_derivative_zero_unique_strong_convex[OF convex_ball])
  3757         apply(rule assms) apply(rule continuous_on_subset,rule assms) apply(rule e)+
  3758         apply(subst centre_in_ball,rule e,rule) apply safe
  3759         apply(rule has_derivative_within_subset) apply(rule assms(7)[rule_format])
  3760         using y e by auto qed qed
  3761   thus ?thesis using `x\<in>s` `f c = y` `c\<in>s` by auto qed
  3762 
  3763 subsection {* Integrating characteristic function of an interval. *}
  3764 
  3765 lemma has_integral_restrict_open_subinterval: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3766   assumes "(f has_integral i) {c..d}" "{c..d} \<subseteq> {a..b}"
  3767   shows "((\<lambda>x. if x \<in> {c<..<d} then f x else 0) has_integral i) {a..b}"
  3768 proof- def g \<equiv> "\<lambda>x. if x \<in>{c<..<d} then f x else 0"
  3769   { presume *:"{c..d}\<noteq>{} \<Longrightarrow> ?thesis"
  3770     show ?thesis apply(cases,rule *,assumption)
  3771     proof- case goal1 hence *:"{c<..<d} = {}" using interval_open_subset_closed by auto 
  3772       show ?thesis using assms(1) unfolding * using goal1 by auto
  3773     qed } assume "{c..d}\<noteq>{}"
  3774   from partial_division_extend_1[OF assms(2) this] guess p . note p=this
  3775   note mon = monoidal_lifted[OF monoidal_monoid] 
  3776   note operat = operative_division[OF this operative_integral p(1), THEN sym]
  3777   let ?P = "(if g integrable_on {a..b} then Some (integral {a..b} g) else None) = Some i"
  3778   { presume "?P" hence "g integrable_on {a..b} \<and> integral {a..b} g = i"
  3779       apply- apply(cases,subst(asm) if_P,assumption) by auto
  3780     thus ?thesis using integrable_integral unfolding g_def by auto }
  3781 
  3782   note iterate_eq_neutral[OF mon,unfolded neutral_lifted[OF monoidal_monoid]]
  3783   note * = this[unfolded neutral_monoid]
  3784   have iterate:"iterate (lifted op +) (p - {{c..d}})
  3785       (\<lambda>i. if g integrable_on i then Some (integral i g) else None) = Some 0"
  3786   proof(rule *,rule) case goal1 hence "x\<in>p" by auto note div = division_ofD(2-5)[OF p(1) this]
  3787     from div(3) guess u v apply-by(erule exE)+ note uv=this
  3788     have "interior x \<inter> interior {c..d} = {}" using div(4)[OF p(2)] goal1 by auto
  3789     hence "(g has_integral 0) x" unfolding uv apply-apply(rule has_integral_spike_interior[where f="\<lambda>x. 0"])
  3790       unfolding g_def interior_closed_interval by auto thus ?case by auto
  3791   qed
  3792 
  3793   have *:"p = insert {c..d} (p - {{c..d}})" using p by auto
  3794   have **:"g integrable_on {c..d}" apply(rule integrable_spike_interior[where f=f])
  3795     unfolding g_def defer apply(rule has_integral_integrable) using assms(1) by auto
  3796   moreover have "integral {c..d} g = i" apply(rule has_integral_unique[OF _ assms(1)])
  3797     apply(rule has_integral_spike_interior[where f=g]) defer
  3798     apply(rule integrable_integral[OF **]) unfolding g_def by auto
  3799   ultimately show ?P unfolding operat apply- apply(subst *) apply(subst iterate_insert) apply rule+
  3800     unfolding iterate defer apply(subst if_not_P) defer using p by auto qed
  3801 
  3802 lemma has_integral_restrict_closed_subinterval: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3803   assumes "(f has_integral i) ({c..d})" "{c..d} \<subseteq> {a..b}" 
  3804   shows "((\<lambda>x. if x \<in> {c..d} then f x else 0) has_integral i) {a..b}"
  3805 proof- note has_integral_restrict_open_subinterval[OF assms]
  3806   note * = has_integral_spike[OF negligible_frontier_interval _ this]
  3807   show ?thesis apply(rule *[of c d]) using interval_open_subset_closed[of c d] by auto qed
  3808 
  3809 lemma has_integral_restrict_closed_subintervals_eq: fixes f::"real^'n \<Rightarrow> 'a::banach" assumes "{c..d} \<subseteq> {a..b}" 
  3810   shows "((\<lambda>x. if x \<in> {c..d} then f x else 0) has_integral i) {a..b} \<longleftrightarrow> (f has_integral i) {c..d}" (is "?l = ?r")
  3811 proof(cases "{c..d} = {}") case False let ?g = "\<lambda>x. if x \<in> {c..d} then f x else 0"
  3812   show ?thesis apply rule defer apply(rule has_integral_restrict_closed_subinterval[OF _ assms])
  3813   proof assumption assume ?l hence "?g integrable_on {c..d}"
  3814       apply-apply(rule integrable_subinterval[OF _ assms]) by auto
  3815     hence *:"f integrable_on {c..d}"apply-apply(rule integrable_eq) by auto
  3816     hence "i = integral {c..d} f" apply-apply(rule has_integral_unique)
  3817       apply(rule `?l`) apply(rule has_integral_restrict_closed_subinterval[OF _ assms]) by auto
  3818     thus ?r using * by auto qed qed auto
  3819 
  3820 subsection {* Hence we can apply the limit process uniformly to all integrals. *}
  3821 
  3822 lemma has_integral': fixes f::"real^'n \<Rightarrow> 'a::banach" shows
  3823  "(f has_integral i) s \<longleftrightarrow> (\<forall>e>0. \<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b}
  3824   \<longrightarrow> (\<exists>z. ((\<lambda>x. if x \<in> s then f(x) else 0) has_integral z) {a..b} \<and> norm(z - i) < e))" (is "?l \<longleftrightarrow> (\<forall>e>0. ?r e)")
  3825 proof- { presume *:"\<exists>a b. s = {a..b} \<Longrightarrow> ?thesis"
  3826     show ?thesis apply(cases,rule *,assumption)
  3827       apply(subst has_integral_alt) by auto }
  3828   assume "\<exists>a b. s = {a..b}" then guess a b apply-by(erule exE)+ note s=this
  3829   from bounded_interval[of a b, THEN conjunct1, unfolded bounded_pos] guess B ..
  3830   note B = conjunctD2[OF this,rule_format] show ?thesis apply safe
  3831   proof- fix e assume ?l "e>(0::real)"
  3832     show "?r e" apply(rule_tac x="B+1" in exI) apply safe defer apply(rule_tac x=i in exI)
  3833     proof fix c d assume as:"ball 0 (B+1) \<subseteq> {c..d::real^'n}"
  3834       thus "((\<lambda>x. if x \<in> s then f x else 0) has_integral i) {c..d}" unfolding s
  3835         apply-apply(rule has_integral_restrict_closed_subinterval) apply(rule `?l`[unfolded s])
  3836         apply safe apply(drule B(2)[rule_format]) unfolding subset_eq apply(erule_tac x=x in ballE)
  3837         by(auto simp add:dist_norm)
  3838     qed(insert B `e>0`, auto)
  3839   next assume as:"\<forall>e>0. ?r e" 
  3840     from this[rule_format,OF zero_less_one] guess C .. note C=conjunctD2[OF this,rule_format]
  3841     def c \<equiv> "(\<chi> i. - max B C)::real^'n" and d \<equiv> "(\<chi> i. max B C)::real^'n"
  3842     have c_d:"{a..b} \<subseteq> {c..d}" apply safe apply(drule B(2)) unfolding mem_interval
  3843     proof case goal1 thus ?case using component_le_norm[of x i] unfolding c_def d_def
  3844         by(auto simp add:field_simps) qed
  3845     have "ball 0 C \<subseteq> {c..d}" apply safe unfolding mem_interval mem_ball dist_norm 
  3846     proof case goal1 thus ?case using component_le_norm[of x i] unfolding c_def d_def by auto qed
  3847     from C(2)[OF this] have "\<exists>y. (f has_integral y) {a..b}"
  3848       unfolding has_integral_restrict_closed_subintervals_eq[OF c_d,THEN sym] unfolding s by auto
  3849     then guess y .. note y=this
  3850 
  3851     have "y = i" proof(rule ccontr) assume "y\<noteq>i" hence "0 < norm (y - i)" by auto
  3852       from as[rule_format,OF this] guess C ..  note C=conjunctD2[OF this,rule_format]
  3853       def c \<equiv> "(\<chi> i. - max B C)::real^'n" and d \<equiv> "(\<chi> i. max B C)::real^'n"
  3854       have c_d:"{a..b} \<subseteq> {c..d}" apply safe apply(drule B(2)) unfolding mem_interval
  3855       proof case goal1 thus ?case using component_le_norm[of x i] unfolding c_def d_def
  3856           by(auto simp add:field_simps) qed
  3857       have "ball 0 C \<subseteq> {c..d}" apply safe unfolding mem_interval mem_ball dist_norm 
  3858       proof case goal1 thus ?case using component_le_norm[of x i] unfolding c_def d_def by auto qed
  3859       note C(2)[OF this] then guess z .. note z = conjunctD2[OF this, unfolded s]
  3860       note this[unfolded has_integral_restrict_closed_subintervals_eq[OF c_d]]
  3861       hence "z = y" "norm (z - i) < norm (y - i)" apply- apply(rule has_integral_unique[OF _ y(1)]) .
  3862       thus False by auto qed
  3863     thus ?l using y unfolding s by auto qed qed 
  3864 
  3865 lemma has_integral_trans[simp]: fixes f::"real^'n \<Rightarrow> real" shows
  3866   "((\<lambda>x. vec1 (f x)) has_integral vec1 i) s \<longleftrightarrow> (f has_integral i) s"
  3867   unfolding has_integral'[unfolded has_integral] 
  3868 proof case goal1 thus ?case apply safe
  3869   apply(erule_tac x=e in allE,safe) apply(rule_tac x=B in exI,safe)
  3870   apply(erule_tac x=a in allE, erule_tac x=b in allE,safe) 
  3871   apply(rule_tac x="dest_vec1 z" in exI,safe) apply(erule_tac x=ea in allE,safe) 
  3872   apply(rule_tac x=d in exI,safe) apply(erule_tac x=p in allE,safe)
  3873   apply(subst(asm)(2) norm_vector_1) unfolding split_def
  3874   unfolding setsum_component Cart_nth.diff cond_value_iff[of dest_vec1]
  3875     Cart_nth.scaleR vec1_dest_vec1 zero_index apply assumption
  3876   apply(subst(asm)(2) norm_vector_1) by auto
  3877 next case goal2 thus ?case apply safe
  3878   apply(erule_tac x=e in allE,safe) apply(rule_tac x=B in exI,safe)
  3879   apply(erule_tac x=a in allE, erule_tac x=b in allE,safe) 
  3880   apply(rule_tac x="vec1 z" in exI,safe) apply(erule_tac x=ea in allE,safe) 
  3881   apply(rule_tac x=d in exI,safe) apply(erule_tac x=p in allE,safe)
  3882   apply(subst norm_vector_1) unfolding split_def
  3883   unfolding setsum_component Cart_nth.diff cond_value_iff[of dest_vec1]
  3884     Cart_nth.scaleR vec1_dest_vec1 zero_index apply assumption
  3885   apply(subst norm_vector_1) by auto qed
  3886 
  3887 lemma integral_trans[simp]: assumes "(f::real^'n \<Rightarrow> real) integrable_on s"
  3888   shows "integral s (\<lambda>x. vec1 (f x)) = vec1 (integral s f)"
  3889   apply(rule integral_unique) using assms by auto
  3890 
  3891 lemma integrable_on_trans[simp]: fixes f::"real^'n \<Rightarrow> real" shows
  3892   "(\<lambda>x. vec1 (f x)) integrable_on s \<longleftrightarrow> (f integrable_on s)"
  3893   unfolding integrable_on_def
  3894   apply(subst(2) vec1_dest_vec1(1)[THEN sym]) unfolding has_integral_trans
  3895   apply safe defer apply(rule_tac x="vec1 y" in exI) by auto
  3896 
  3897 lemma has_integral_le: fixes f::"real^'n \<Rightarrow> real"
  3898   assumes "(f has_integral i) s" "(g has_integral j) s"  "\<forall>x\<in>s. (f x) \<le> (g x)"
  3899   shows "i \<le> j" using has_integral_component_le[of "vec1 o f" "vec1 i" s "vec1 o g" "vec1 j" 1]
  3900   unfolding o_def using assms by auto 
  3901 
  3902 lemma integral_le: fixes f::"real^'n \<Rightarrow> real"
  3903   assumes "f integrable_on s" "g integrable_on s" "\<forall>x\<in>s. f x \<le> g x"
  3904   shows "integral s f \<le> integral s g"
  3905   using has_integral_le[OF assms(1,2)[unfolded has_integral_integral] assms(3)] .
  3906 
  3907 lemma has_integral_nonneg: fixes f::"real^'n \<Rightarrow> real"
  3908   assumes "(f has_integral i) s" "\<forall>x\<in>s. 0 \<le> f x" shows "0 \<le> i" 
  3909   using has_integral_component_nonneg[of "vec1 o f" "vec1 i" s 1]
  3910   unfolding o_def using assms by auto
  3911 
  3912 lemma integral_nonneg: fixes f::"real^'n \<Rightarrow> real"
  3913   assumes "f integrable_on s" "\<forall>x\<in>s. 0 \<le> f x" shows "0 \<le> integral s f" 
  3914   using has_integral_nonneg[OF assms(1)[unfolded has_integral_integral] assms(2)] .
  3915 
  3916 subsection {* Hence a general restriction property. *}
  3917 
  3918 lemma has_integral_restrict[simp]: assumes "s \<subseteq> t" shows
  3919   "((\<lambda>x. if x \<in> s then f x else (0::'a::banach)) has_integral i) t \<longleftrightarrow> (f has_integral i) s"
  3920 proof- have *:"\<And>x. (if x \<in> t then if x \<in> s then f x else 0 else 0) =  (if x\<in>s then f x else 0)" using assms by auto
  3921   show ?thesis apply(subst(2) has_integral') apply(subst has_integral') unfolding * by rule qed
  3922 
  3923 lemma has_integral_restrict_univ: fixes f::"real^'n \<Rightarrow> 'a::banach" shows
  3924   "((\<lambda>x. if x \<in> s then f x else 0) has_integral i) UNIV \<longleftrightarrow> (f has_integral i) s" by auto
  3925 
  3926 lemma has_integral_on_superset: fixes f::"real^'n \<Rightarrow> 'a::banach" 
  3927   assumes "\<forall>x. ~(x \<in> s) \<longrightarrow> f x = 0" "s \<subseteq> t" "(f has_integral i) s"
  3928   shows "(f has_integral i) t"
  3929 proof- have "(\<lambda>x. if x \<in> s then f x else 0) = (\<lambda>x. if x \<in> t then f x else 0)"
  3930     apply(rule) using assms(1-2) by auto
  3931   thus ?thesis apply- using assms(3) apply(subst has_integral_restrict_univ[THEN sym])
  3932   apply- apply(subst(asm) has_integral_restrict_univ[THEN sym]) by auto qed
  3933 
  3934 lemma integrable_on_superset: fixes f::"real^'n \<Rightarrow> 'a::banach" 
  3935   assumes "\<forall>x. ~(x \<in> s) \<longrightarrow> f x = 0" "s \<subseteq> t" "f integrable_on s"
  3936   shows "f integrable_on t"
  3937   using assms unfolding integrable_on_def by(auto intro:has_integral_on_superset)
  3938 
  3939 lemma integral_restrict_univ[intro]: fixes f::"real^'n \<Rightarrow> 'a::banach" 
  3940   shows "f integrable_on s \<Longrightarrow> integral UNIV (\<lambda>x. if x \<in> s then f x else 0) = integral s f"
  3941   apply(rule integral_unique) unfolding has_integral_restrict_univ by auto
  3942 
  3943 lemma integrable_restrict_univ: fixes f::"real^'n \<Rightarrow> 'a::banach" shows
  3944  "(\<lambda>x. if x \<in> s then f x else 0) integrable_on UNIV \<longleftrightarrow> f integrable_on s"
  3945   unfolding integrable_on_def by auto
  3946 
  3947 lemma negligible_on_intervals: "negligible s \<longleftrightarrow> (\<forall>a b. negligible(s \<inter> {a..b}))" (is "?l = ?r")
  3948 proof assume ?r show ?l unfolding negligible_def
  3949   proof safe case goal1 show ?case apply(rule has_integral_negligible[OF `?r`[rule_format,of a b]])
  3950       unfolding indicator_def by auto qed qed auto
  3951 
  3952 lemma has_integral_spike_set_eq: fixes f::"real^'n \<Rightarrow> 'a::banach" 
  3953   assumes "negligible((s - t) \<union> (t - s))" shows "((f has_integral y) s \<longleftrightarrow> (f has_integral y) t)"
  3954   unfolding has_integral_restrict_univ[THEN sym,of f] apply(rule has_integral_spike_eq[OF assms]) by (safe, auto split: split_if_asm)
  3955 
  3956 lemma has_integral_spike_set[dest]: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3957   assumes "negligible((s - t) \<union> (t - s))" "(f has_integral y) s"
  3958   shows "(f has_integral y) t"
  3959   using assms has_integral_spike_set_eq by auto
  3960 
  3961 lemma integrable_spike_set[dest]: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3962   assumes "negligible((s - t) \<union> (t - s))" "f integrable_on s"
  3963   shows "f integrable_on t" using assms(2) unfolding integrable_on_def 
  3964   unfolding has_integral_spike_set_eq[OF assms(1)] .
  3965 
  3966 lemma integrable_spike_set_eq: fixes f::"real^'n \<Rightarrow> 'a::banach"
  3967   assumes "negligible((s - t) \<union> (t - s))"
  3968   shows "(f integrable_on s \<longleftrightarrow> f integrable_on t)"
  3969   apply(rule,rule_tac[!] integrable_spike_set) using assms by auto
  3970 
  3971 (*lemma integral_spike_set:
  3972  "\<forall>f:real^M->real^N g s t.
  3973         negligible(s DIFF t \<union> t DIFF s)
  3974         \<longrightarrow> integral s f = integral t f"
  3975 qed  REPEAT STRIP_TAC THEN REWRITE_TAC[integral] THEN
  3976   AP_TERM_TAC THEN ABS_TAC THEN MATCH_MP_TAC HAS_INTEGRAL_SPIKE_SET_EQ THEN
  3977   ASM_MESON_TAC[]);;
  3978 
  3979 lemma has_integral_interior:
  3980  "\<forall>f:real^M->real^N y s.
  3981         negligible(frontier s)
  3982         \<longrightarrow> ((f has_integral y) (interior s) \<longleftrightarrow> (f has_integral y) s)"
  3983 qed  REPEAT STRIP_TAC THEN MATCH_MP_TAC HAS_INTEGRAL_SPIKE_SET_EQ THEN
  3984   FIRST_X_ASSUM(MATCH_MP_TAC o MATCH_MP (REWRITE_RULE[IMP_CONJ]
  3985     NEGLIGIBLE_SUBSET)) THEN
  3986   REWRITE_TAC[frontier] THEN
  3987   MP_TAC(ISPEC `s:real^M->bool` INTERIOR_SUBSET) THEN
  3988   MP_TAC(ISPEC `s:real^M->bool` CLOSURE_SUBSET) THEN
  3989   SET_TAC[]);;
  3990 
  3991 lemma has_integral_closure:
  3992  "\<forall>f:real^M->real^N y s.
  3993         negligible(frontier s)
  3994         \<longrightarrow> ((f has_integral y) (closure s) \<longleftrightarrow> (f has_integral y) s)"
  3995 qed  REPEAT STRIP_TAC THEN MATCH_MP_TAC HAS_INTEGRAL_SPIKE_SET_EQ THEN
  3996   FIRST_X_ASSUM(MATCH_MP_TAC o MATCH_MP (REWRITE_RULE[IMP_CONJ]
  3997     NEGLIGIBLE_SUBSET)) THEN
  3998   REWRITE_TAC[frontier] THEN
  3999   MP_TAC(ISPEC `s:real^M->bool` INTERIOR_SUBSET) THEN
  4000   MP_TAC(ISPEC `s:real^M->bool` CLOSURE_SUBSET) THEN
  4001   SET_TAC[]);;*)
  4002 
  4003 subsection {* More lemmas that are useful later. *}
  4004 
  4005 lemma has_integral_subset_component_le: fixes f::"real^'n \<Rightarrow> real^'m"
  4006   assumes "s \<subseteq> t" "(f has_integral i) s" "(f has_integral j) t" "\<forall>x\<in>t. 0 \<le> f(x)$k"
  4007   shows "i$k \<le> j$k"
  4008 proof- note has_integral_restrict_univ[THEN sym, of f]
  4009   note assms(2-3)[unfolded this] note * = has_integral_component_le[OF this]
  4010   show ?thesis apply(rule *) using assms(1,4) by auto qed
  4011 
  4012 lemma has_integral_subset_le: fixes f::"real^'n \<Rightarrow> real"
  4013   assumes "s \<subseteq> t" "(f has_integral i) s" "(f has_integral j) t" "\<forall>x\<in>t. 0 \<le> f(x)"
  4014   shows "i \<le> j" using has_integral_subset_component_le[OF assms(1), of "vec1 o f" "vec1 i" "vec1 j" 1]
  4015   unfolding o_def using assms by auto
  4016 
  4017 lemma integral_subset_component_le: fixes f::"real^'n \<Rightarrow> real^'m"
  4018   assumes "s \<subseteq> t" "f integrable_on s" "f integrable_on t" "\<forall>x \<in> t. 0 \<le> f(x)$k"
  4019   shows "(integral s f)$k \<le> (integral t f)$k"
  4020   apply(rule has_integral_subset_component_le) using assms by auto
  4021 
  4022 lemma integral_subset_le: fixes f::"real^'n \<Rightarrow> real"
  4023   assumes "s \<subseteq> t" "f integrable_on s" "f integrable_on t" "\<forall>x \<in> t. 0 \<le> f(x)"
  4024   shows "(integral s f) \<le> (integral t f)"
  4025   apply(rule has_integral_subset_le) using assms by auto
  4026 
  4027 lemma has_integral_alt': fixes f::"real^'n \<Rightarrow> 'a::banach"
  4028   shows "(f has_integral i) s \<longleftrightarrow> (\<forall>a b. (\<lambda>x. if x \<in> s then f x else 0) integrable_on {a..b}) \<and>
  4029   (\<forall>e>0. \<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b} \<longrightarrow> norm(integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) - i) < e)" (is "?l = ?r")
  4030 proof assume ?r
  4031   show ?l apply- apply(subst has_integral')
  4032   proof safe case goal1 from `?r`[THEN conjunct2,rule_format,OF this] guess B .. note B=conjunctD2[OF this]
  4033     show ?case apply(rule,rule,rule B,safe)
  4034       apply(rule_tac x="integral {a..b} (\<lambda>x. if x \<in> s then f x else 0)" in exI)
  4035       apply(drule B(2)[rule_format]) using integrable_integral[OF `?r`[THEN conjunct1,rule_format]] by auto
  4036   qed next
  4037   assume ?l note as = this[unfolded has_integral'[of f],rule_format]
  4038   let ?f = "\<lambda>x. if x \<in> s then f x else 0"
  4039   show ?r proof safe fix a b::"real^'n"
  4040     from as[OF zero_less_one] guess B .. note B=conjunctD2[OF this,rule_format]
  4041     let ?a = "(\<chi> i. min (a$i) (-B))::real^'n" and ?b = "(\<chi> i. max (b$i) B)::real^'n"
  4042     show "?f integrable_on {a..b}" apply(rule integrable_subinterval[of _ ?a ?b])
  4043     proof- have "ball 0 B \<subseteq> {?a..?b}" apply safe unfolding mem_ball mem_interval dist_norm
  4044       proof case goal1 thus ?case using component_le_norm[of x i] by(auto simp add:field_simps) qed
  4045       from B(2)[OF this] guess z .. note conjunct1[OF this]
  4046       thus "?f integrable_on {?a..?b}" unfolding integrable_on_def by auto
  4047       show "{a..b} \<subseteq> {?a..?b}" apply safe unfolding mem_interval apply(rule,erule_tac x=i in allE) by auto qed
  4048 
  4049     fix e::real assume "e>0" from as[OF this] guess B .. note B=conjunctD2[OF this,rule_format]
  4050     show "\<exists>B>0. \<forall>a b. ball 0 B \<subseteq> {a..b} \<longrightarrow>
  4051                     norm (integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) - i) < e"
  4052     proof(rule,rule,rule B,safe) case goal1 from B(2)[OF this] guess z .. note z=conjunctD2[OF this]
  4053       from integral_unique[OF this(1)] show ?case using z(2) by auto qed qed qed 
  4054 
  4055 
  4056 subsection {* Continuity of the integral (for a 1-dimensional interval). *}
  4057 
  4058 lemma integrable_alt: fixes f::"real^'n \<Rightarrow> 'a::banach" shows 
  4059   "f integrable_on s \<longleftrightarrow>
  4060           (\<forall>a b. (\<lambda>x. if x \<in> s then f x else 0) integrable_on {a..b}) \<and>
  4061           (\<forall>e>0. \<exists>B>0. \<forall>a b c d. ball 0 B \<subseteq> {a..b} \<and> ball 0 B \<subseteq> {c..d}
  4062   \<longrightarrow> norm(integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) -
  4063           integral {c..d}  (\<lambda>x. if x \<in> s then f x else 0)) < e)" (is "?l = ?r")
  4064 proof assume ?l then guess y unfolding integrable_on_def .. note this[unfolded has_integral_alt'[of f]]
  4065   note y=conjunctD2[OF this,rule_format] show ?r apply safe apply(rule y)
  4066   proof- case goal1 hence "e/2 > 0" by auto from y(2)[OF this] guess B .. note B=conjunctD2[OF this,rule_format]
  4067     show ?case apply(rule,rule,rule B)
  4068     proof safe case goal1 show ?case apply(rule norm_triangle_half_l)
  4069         using B(2)[OF goal1(1)] B(2)[OF goal1(2)] by auto qed qed
  4070         
  4071 next assume ?r note as = conjunctD2[OF this,rule_format]
  4072   have "Cauchy (\<lambda>n. integral ({(\<chi> i. - real n) .. (\<chi> i. real n)}) (\<lambda>x. if x \<in> s then f x else 0))"
  4073   proof(unfold Cauchy_def,safe) case goal1
  4074     from as(2)[OF this] guess B .. note B = conjunctD2[OF this,rule_format]
  4075     from real_arch_simple[of B] guess N .. note N = this
  4076     { fix n assume n:"n \<ge> N" have "ball 0 B \<subseteq> {\<chi> i. - real n..\<chi> i. real n}" apply safe
  4077         unfolding mem_ball mem_interval dist_norm
  4078       proof case goal1 thus ?case using component_le_norm[of x i]
  4079           using n N by(auto simp add:field_simps) qed }
  4080     thus ?case apply-apply(rule_tac x=N in exI) apply safe unfolding dist_norm apply(rule B(2)) by auto
  4081   qed from this[unfolded convergent_eq_cauchy[THEN sym]] guess i ..
  4082   note i = this[unfolded Lim_sequentially, rule_format]
  4083 
  4084   show ?l unfolding integrable_on_def has_integral_alt'[of f] apply(rule_tac x=i in exI)
  4085     apply safe apply(rule as(1)[unfolded integrable_on_def])
  4086   proof- case goal1 hence *:"e/2 > 0" by auto
  4087     from i[OF this] guess N .. note N =this[rule_format]
  4088     from as(2)[OF *] guess B .. note B=conjunctD2[OF this,rule_format] let ?B = "max (real N) B"
  4089     show ?case apply(rule_tac x="?B" in exI)
  4090     proof safe show "0 < ?B" using B(1) by auto
  4091       fix a b assume ab:"ball 0 ?B \<subseteq> {a..b::real^'n}"
  4092       from real_arch_simple[of ?B] guess n .. note n=this
  4093       show "norm (integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) - i) < e"
  4094         apply(rule norm_triangle_half_l) apply(rule B(2)) defer apply(subst norm_minus_commute)
  4095         apply(rule N[unfolded dist_norm, of n])
  4096       proof safe show "N \<le> n" using n by auto
  4097         fix x::"real^'n" assume x:"x \<in> ball 0 B" hence "x\<in> ball 0 ?B" by auto
  4098         thus "x\<in>{a..b}" using ab by blast 
  4099         show "x\<in>{\<chi> i. - real n..\<chi> i. real n}" using x unfolding mem_interval mem_ball dist_norm apply-
  4100         proof case goal1 thus ?case using component_le_norm[of x i]
  4101             using n by(auto simp add:field_simps) qed qed qed qed qed
  4102 
  4103 lemma integrable_altD: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4104   assumes "f integrable_on s"
  4105   shows "\<And>a b. (\<lambda>x. if x \<in> s then f x else 0) integrable_on {a..b}"
  4106   "\<And>e. e>0 \<Longrightarrow> \<exists>B>0. \<forall>a b c d. ball 0 B \<subseteq> {a..b} \<and> ball 0 B \<subseteq> {c..d}
  4107   \<longrightarrow> norm(integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) - integral {c..d}  (\<lambda>x. if x \<in> s then f x else 0)) < e"
  4108   using assms[unfolded integrable_alt[of f]] by auto
  4109 
  4110 lemma integrable_on_subinterval: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4111   assumes "f integrable_on s" "{a..b} \<subseteq> s" shows "f integrable_on {a..b}"
  4112   apply(rule integrable_eq) defer apply(rule integrable_altD(1)[OF assms(1)])
  4113   using assms(2) by auto
  4114 
  4115 subsection {* A straddling criterion for integrability. *}
  4116 
  4117 lemma integrable_straddle_interval: fixes f::"real^'n \<Rightarrow> real"
  4118   assumes "\<forall>e>0. \<exists>g  h i j. (g has_integral i) ({a..b}) \<and> (h has_integral j) ({a..b}) \<and>
  4119   norm(i - j) < e \<and> (\<forall>x\<in>{a..b}. (g x) \<le> (f x) \<and> (f x) \<le>(h x))"
  4120   shows "f integrable_on {a..b}"
  4121 proof(subst integrable_cauchy,safe)
  4122   case goal1 hence e:"e/3 > 0" by auto note assms[rule_format,OF this]
  4123   then guess g h i j apply- by(erule exE conjE)+ note obt = this
  4124   from obt(1)[unfolded has_integral[of g], rule_format, OF e] guess d1 .. note d1=conjunctD2[OF this,rule_format]
  4125   from obt(2)[unfolded has_integral[of h], rule_format, OF e] guess d2 .. note d2=conjunctD2[OF this,rule_format]
  4126   show ?case apply(rule_tac x="\<lambda>x. d1 x \<inter> d2 x" in exI) apply(rule conjI gauge_inter d1 d2)+ unfolding fine_inter
  4127   proof safe have **:"\<And>i j g1 g2 h1 h2 f1 f2. g1 - h2 \<le> f1 - f2 \<Longrightarrow> f1 - f2 \<le> h1 - g2 \<Longrightarrow>
  4128       abs(i - j) < e / 3 \<Longrightarrow> abs(g2 - i) < e / 3 \<Longrightarrow>  abs(g1 - i) < e / 3 \<Longrightarrow> 
  4129       abs(h2 - j) < e / 3 \<Longrightarrow> abs(h1 - j) < e / 3 \<Longrightarrow> abs(f1 - f2) < e" using `e>0` by arith
  4130     case goal1 note tagged_division_ofD(2-4) note * = this[OF goal1(1)] this[OF goal1(4)]
  4131 
  4132     have "(\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p1. content k *\<^sub>R g x) \<ge> 0"
  4133       "0 \<le> (\<Sum>(x, k)\<in>p2. content k *\<^sub>R h x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x)" 
  4134       "(\<Sum>(x, k)\<in>p2. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p2. content k *\<^sub>R g x) \<ge> 0"
  4135       "0 \<le> (\<Sum>(x, k)\<in>p1. content k *\<^sub>R h x) - (\<Sum>(x, k)\<in>p1. content k *\<^sub>R f x)" 
  4136       unfolding setsum_subtractf[THEN sym] apply- apply(rule_tac[!] setsum_nonneg)
  4137       apply safe unfolding real_scaleR_def mult.diff_right[THEN sym]
  4138       apply(rule_tac[!] mult_nonneg_nonneg)
  4139     proof- fix a b assume ab:"(a,b) \<in> p1"
  4140       show "0 \<le> content b" using *(3)[OF ab] apply safe using content_pos_le . thus "0 \<le> content b" .
  4141       show "0 \<le> f a - g a" "0 \<le> h a - f a" using *(1-2)[OF ab] using obt(4)[rule_format,of a] by auto
  4142     next fix a b assume ab:"(a,b) \<in> p2"
  4143       show "0 \<le> content b" using *(6)[OF ab] apply safe using content_pos_le . thus "0 \<le> content b" .
  4144       show "0 \<le> f a - g a" "0 \<le> h a - f a" using *(4-5)[OF ab] using obt(4)[rule_format,of a] by auto qed 
  4145 
  4146     thus ?case apply- unfolding real_norm_def apply(rule **) defer defer
  4147       unfolding real_norm_def[THEN sym] apply(rule obt(3))
  4148       apply(rule d1(2)[OF conjI[OF goal1(4,5)]])
  4149       apply(rule d1(2)[OF conjI[OF goal1(1,2)]])
  4150       apply(rule d2(2)[OF conjI[OF goal1(4,6)]])
  4151       apply(rule d2(2)[OF conjI[OF goal1(1,3)]]) by auto qed qed 
  4152      
  4153 lemma integrable_straddle: fixes f::"real^'n \<Rightarrow> real"
  4154   assumes "\<forall>e>0. \<exists>g h i j. (g has_integral i) s \<and> (h has_integral j) s \<and>
  4155   norm(i - j) < e \<and> (\<forall>x\<in>s. (g x) \<le>(f x) \<and>(f x) \<le>(h x))"
  4156   shows "f integrable_on s"
  4157 proof- have "\<And>a b. (\<lambda>x. if x \<in> s then f x else 0) integrable_on {a..b}"
  4158   proof(rule integrable_straddle_interval,safe) case goal1 hence *:"e/4 > 0" by auto
  4159     from assms[rule_format,OF this] guess g h i j apply-by(erule exE conjE)+ note obt=this
  4160     note obt(1)[unfolded has_integral_alt'[of g]] note conjunctD2[OF this, rule_format]
  4161     note g = this(1) and this(2)[OF *] from this(2) guess B1 .. note B1 = conjunctD2[OF this,rule_format]
  4162     note obt(2)[unfolded has_integral_alt'[of h]] note conjunctD2[OF this, rule_format]
  4163     note h = this(1) and this(2)[OF *] from this(2) guess B2 .. note B2 = conjunctD2[OF this,rule_format]
  4164     def c \<equiv> "\<chi> i. min (a$i) (- (max B1 B2))" and d \<equiv> "\<chi> i. max (b$i) (max B1 B2)"
  4165     have *:"ball 0 B1 \<subseteq> {c..d}" "ball 0 B2 \<subseteq> {c..d}" apply safe unfolding mem_ball mem_interval dist_norm
  4166     proof(rule_tac[!] allI)
  4167       case goal1 thus ?case using component_le_norm[of x i] unfolding c_def d_def by auto next
  4168       case goal2 thus ?case using component_le_norm[of x i] unfolding c_def d_def by auto qed
  4169     have **:"\<And>ch cg ag ah::real. norm(ah - ag) \<le> norm(ch - cg) \<Longrightarrow> norm(cg - i) < e / 4 \<Longrightarrow>
  4170       norm(ch - j) < e / 4 \<Longrightarrow> norm(ag - ah) < e"
  4171       using obt(3) unfolding real_norm_def by arith 
  4172     show ?case apply(rule_tac x="\<lambda>x. if x \<in> s then g x else 0" in exI)
  4173                apply(rule_tac x="\<lambda>x. if x \<in> s then h x else 0" in exI)
  4174       apply(rule_tac x="integral {a..b} (\<lambda>x. if x \<in> s then g x else 0)" in exI)
  4175       apply(rule_tac x="integral {a..b} (\<lambda>x. if x \<in> s then h x else 0)" in exI)
  4176       apply safe apply(rule_tac[1-2] integrable_integral,rule g,rule h)
  4177       apply(rule **[OF _ B1(2)[OF *(1)] B2(2)[OF *(2)]])
  4178     proof- have *:"\<And>x f g. (if x \<in> s then f x else 0) - (if x \<in> s then g x else 0) =
  4179         (if x \<in> s then f x - g x else (0::real))" by auto
  4180       note ** = abs_of_nonneg[OF integral_nonneg[OF integrable_sub, OF h g]]
  4181       show " norm (integral {a..b} (\<lambda>x. if x \<in> s then h x else 0) -
  4182                    integral {a..b} (\<lambda>x. if x \<in> s then g x else 0))
  4183            \<le> norm (integral {c..d} (\<lambda>x. if x \<in> s then h x else 0) -
  4184                    integral {c..d} (\<lambda>x. if x \<in> s then g x else 0))"
  4185         unfolding integral_sub[OF h g,THEN sym] real_norm_def apply(subst **) defer apply(subst **) defer
  4186         apply(rule has_integral_subset_le) defer apply(rule integrable_integral integrable_sub h g)+
  4187       proof safe fix x assume "x\<in>{a..b}" thus "x\<in>{c..d}" unfolding mem_interval c_def d_def
  4188           apply - apply rule apply(erule_tac x=i in allE) by auto
  4189       qed(insert obt(4), auto) qed(insert obt(4), auto) qed note interv = this
  4190 
  4191   show ?thesis unfolding integrable_alt[of f] apply safe apply(rule interv)
  4192   proof- case goal1 hence *:"e/3 > 0" by auto
  4193     from assms[rule_format,OF this] guess g h i j apply-by(erule exE conjE)+ note obt=this
  4194     note obt(1)[unfolded has_integral_alt'[of g]] note conjunctD2[OF this, rule_format]
  4195     note g = this(1) and this(2)[OF *] from this(2) guess B1 .. note B1 = conjunctD2[OF this,rule_format]
  4196     note obt(2)[unfolded has_integral_alt'[of h]] note conjunctD2[OF this, rule_format]
  4197     note h = this(1) and this(2)[OF *] from this(2) guess B2 .. note B2 = conjunctD2[OF this,rule_format]
  4198     show ?case apply(rule_tac x="max B1 B2" in exI) apply safe apply(rule min_max.less_supI1,rule B1)
  4199     proof- fix a b c d::"real^'n" assume as:"ball 0 (max B1 B2) \<subseteq> {a..b}" "ball 0 (max B1 B2) \<subseteq> {c..d}"
  4200       have **:"ball 0 B1 \<subseteq> ball (0::real^'n) (max B1 B2)" "ball 0 B2 \<subseteq> ball (0::real^'n) (max B1 B2)" by auto
  4201       have *:"\<And>ga gc ha hc fa fc::real. abs(ga - i) < e / 3 \<and> abs(gc - i) < e / 3 \<and> abs(ha - j) < e / 3 \<and>
  4202         abs(hc - j) < e / 3 \<and> abs(i - j) < e / 3 \<and> ga \<le> fa \<and> fa \<le> ha \<and> gc \<le> fc \<and> fc \<le> hc\<Longrightarrow> abs(fa - fc) < e" by smt
  4203       show "norm (integral {a..b} (\<lambda>x. if x \<in> s then f x else 0) - integral {c..d} (\<lambda>x. if x \<in> s then f x else 0)) < e"
  4204         unfolding real_norm_def apply(rule *, safe) unfolding real_norm_def[THEN sym]
  4205         apply(rule B1(2),rule order_trans,rule **,rule as(1)) 
  4206         apply(rule B1(2),rule order_trans,rule **,rule as(2)) 
  4207         apply(rule B2(2),rule order_trans,rule **,rule as(1)) 
  4208         apply(rule B2(2),rule order_trans,rule **,rule as(2)) 
  4209         apply(rule obt) apply(rule_tac[!] integral_le) using obt
  4210         by(auto intro!: h g interv) qed qed qed 
  4211 
  4212 subsection {* Adding integrals over several sets. *}
  4213 
  4214 lemma has_integral_union: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4215   assumes "(f has_integral i) s" "(f has_integral j) t" "negligible(s \<inter> t)"
  4216   shows "(f has_integral (i + j)) (s \<union> t)"
  4217 proof- note * = has_integral_restrict_univ[THEN sym, of f]
  4218   show ?thesis unfolding * apply(rule has_integral_spike[OF assms(3)])
  4219     defer apply(rule has_integral_add[OF assms(1-2)[unfolded *]]) by auto qed
  4220 
  4221 lemma has_integral_unions: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4222   assumes "finite t" "\<forall>s\<in>t. (f has_integral (i s)) s"  "\<forall>s\<in>t. \<forall>s'\<in>t. ~(s = s') \<longrightarrow> negligible(s \<inter> s')"
  4223   shows "(f has_integral (setsum i t)) (\<Union>t)"
  4224 proof- note * = has_integral_restrict_univ[THEN sym, of f]
  4225   have **:"negligible (\<Union>((\<lambda>(a,b). a \<inter> b) ` {(a,b). a \<in> t \<and> b \<in> {y. y \<in> t \<and> ~(a = y)}}))"
  4226     apply(rule negligible_unions) apply(rule finite_imageI) apply(rule finite_subset[of _ "t \<times> t"]) defer 
  4227     apply(rule finite_cartesian_product[OF assms(1,1)]) using assms(3) by auto 
  4228   note assms(2)[unfolded *] note has_integral_setsum[OF assms(1) this]
  4229   thus ?thesis unfolding * apply-apply(rule has_integral_spike[OF **]) defer apply assumption
  4230   proof safe case goal1 thus ?case
  4231     proof(cases "x\<in>\<Union>t") case True then guess s unfolding Union_iff .. note s=this
  4232       hence *:"\<forall>b\<in>t. x \<in> b \<longleftrightarrow> b = s" using goal1(3) by blast
  4233       show ?thesis unfolding if_P[OF True] apply(rule trans) defer
  4234         apply(rule setsum_cong2) apply(subst *, assumption) apply(rule refl)
  4235         unfolding setsum_delta[OF assms(1)] using s by auto qed auto qed qed
  4236 
  4237 subsection {* In particular adding integrals over a division, maybe not of an interval. *}
  4238 
  4239 lemma has_integral_combine_division: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4240   assumes "d division_of s" "\<forall>k\<in>d. (f has_integral (i k)) k"
  4241   shows "(f has_integral (setsum i d)) s"
  4242 proof- note d = division_ofD[OF assms(1)]
  4243   show ?thesis unfolding d(6)[THEN sym] apply(rule has_integral_unions)
  4244     apply(rule d assms)+ apply(rule,rule,rule)
  4245   proof- case goal1 from d(4)[OF this(1)] d(4)[OF this(2)]
  4246     guess a c b d apply-by(erule exE)+ note obt=this
  4247     from d(5)[OF goal1] show ?case unfolding obt interior_closed_interval
  4248       apply-apply(rule negligible_subset[of "({a..b}-{a<..<b}) \<union> ({c..d}-{c<..<d})"])
  4249       apply(rule negligible_union negligible_frontier_interval)+ by auto qed qed
  4250 
  4251 lemma integral_combine_division_bottomup: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4252   assumes "d division_of s" "\<forall>k\<in>d. f integrable_on k"
  4253   shows "integral s f = setsum (\<lambda>i. integral i f) d"
  4254   apply(rule integral_unique) apply(rule has_integral_combine_division[OF assms(1)])
  4255   using assms(2) unfolding has_integral_integral .
  4256 
  4257 lemma has_integral_combine_division_topdown: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4258   assumes "f integrable_on s" "d division_of k" "k \<subseteq> s"
  4259   shows "(f has_integral (setsum (\<lambda>i. integral i f) d)) k"
  4260   apply(rule has_integral_combine_division[OF assms(2)])
  4261   apply safe unfolding has_integral_integral[THEN sym]
  4262 proof- case goal1 from division_ofD(2,4)[OF assms(2) this]
  4263   show ?case apply safe apply(rule integrable_on_subinterval)
  4264     apply(rule assms) using assms(3) by auto qed
  4265 
  4266 lemma integral_combine_division_topdown: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4267   assumes "f integrable_on s" "d division_of s"
  4268   shows "integral s f = setsum (\<lambda>i. integral i f) d"
  4269   apply(rule integral_unique,rule has_integral_combine_division_topdown) using assms by auto
  4270 
  4271 lemma integrable_combine_division: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4272   assumes "d division_of s" "\<forall>i\<in>d. f integrable_on i"
  4273   shows "f integrable_on s"
  4274   using assms(2) unfolding integrable_on_def
  4275   by(metis has_integral_combine_division[OF assms(1)])
  4276 
  4277 lemma integrable_on_subdivision: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4278   assumes "d division_of i" "f integrable_on s" "i \<subseteq> s"
  4279   shows "f integrable_on i"
  4280   apply(rule integrable_combine_division assms)+
  4281 proof safe case goal1 note division_ofD(2,4)[OF assms(1) this]
  4282   thus ?case apply safe apply(rule integrable_on_subinterval[OF assms(2)])
  4283     using assms(3) by auto qed
  4284 
  4285 subsection {* Also tagged divisions. *}
  4286 
  4287 lemma has_integral_combine_tagged_division: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4288   assumes "p tagged_division_of s" "\<forall>(x,k) \<in> p. (f has_integral (i k)) k"
  4289   shows "(f has_integral (setsum (\<lambda>(x,k). i k) p)) s"
  4290 proof- have *:"(f has_integral (setsum (\<lambda>k. integral k f) (snd ` p))) s"
  4291     apply(rule has_integral_combine_division) apply(rule division_of_tagged_division[OF assms(1)])
  4292     using assms(2) unfolding has_integral_integral[THEN sym] by(safe,auto)
  4293   thus ?thesis apply- apply(rule subst[where P="\<lambda>i. (f has_integral i) s"]) defer apply assumption
  4294     apply(rule trans[of _ "setsum (\<lambda>(x,k). integral k f) p"]) apply(subst eq_commute)
  4295     apply(rule setsum_over_tagged_division_lemma[OF assms(1)]) apply(rule integral_null,assumption)
  4296     apply(rule setsum_cong2) using assms(2) by auto qed
  4297 
  4298 lemma integral_combine_tagged_division_bottomup: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4299   assumes "p tagged_division_of {a..b}" "\<forall>(x,k)\<in>p. f integrable_on k"
  4300   shows "integral {a..b} f = setsum (\<lambda>(x,k). integral k f) p"
  4301   apply(rule integral_unique) apply(rule has_integral_combine_tagged_division[OF assms(1)])
  4302   using assms(2) by auto
  4303 
  4304 lemma has_integral_combine_tagged_division_topdown: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4305   assumes "f integrable_on {a..b}" "p tagged_division_of {a..b}"
  4306   shows "(f has_integral (setsum (\<lambda>(x,k). integral k f) p)) {a..b}"
  4307   apply(rule has_integral_combine_tagged_division[OF assms(2)])
  4308 proof safe case goal1 note tagged_division_ofD(3-4)[OF assms(2) this]
  4309   thus ?case using integrable_subinterval[OF assms(1)] by auto qed
  4310 
  4311 lemma integral_combine_tagged_division_topdown: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4312   assumes "f integrable_on {a..b}" "p tagged_division_of {a..b}"
  4313   shows "integral {a..b} f = setsum (\<lambda>(x,k). integral k f) p"
  4314   apply(rule integral_unique,rule has_integral_combine_tagged_division_topdown) using assms by auto
  4315 
  4316 subsection {* Henstock's lemma. *}
  4317 
  4318 lemma henstock_lemma_part1: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4319   assumes "f integrable_on {a..b}" "0 < e" "gauge d"
  4320   "(\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> norm (setsum (\<lambda>(x,k). content k *\<^sub>R f x) p - integral({a..b}) f) < e)"
  4321   and p:"p tagged_partial_division_of {a..b}" "d fine p"
  4322   shows "norm(setsum (\<lambda>(x,k). content k *\<^sub>R f x - integral k f) p) \<le> e" (is "?x \<le> e")
  4323 proof-  { presume "\<And>k. 0<k \<Longrightarrow> ?x \<le> e + k" thus ?thesis by arith }
  4324   fix k::real assume k:"k>0" note p' = tagged_partial_division_ofD[OF p(1)]
  4325   have "\<Union>snd ` p \<subseteq> {a..b}" using p'(3) by fastsimp
  4326   note partial_division_of_tagged_division[OF p(1)] this
  4327   from partial_division_extend_interval[OF this] guess q . note q=this and q' = division_ofD[OF this(2)]
  4328   def r \<equiv> "q - snd ` p" have "snd ` p \<inter> r = {}" unfolding r_def by auto
  4329   have r:"finite r" using q' unfolding r_def by auto
  4330 
  4331   have "\<forall>i\<in>r. \<exists>p. p tagged_division_of i \<and> d fine p \<and>
  4332     norm(setsum (\<lambda>(x,j). content j *\<^sub>R f x) p - integral i f) < k / (real (card r) + 1)"
  4333   proof safe case goal1 hence i:"i \<in> q" unfolding r_def by auto
  4334     from q'(4)[OF this] guess u v apply-by(erule exE)+ note uv=this
  4335     have *:"k / (real (card r) + 1) > 0" apply(rule divide_pos_pos,rule k) by auto
  4336     have "f integrable_on {u..v}" apply(rule integrable_subinterval[OF assms(1)])
  4337       using q'(2)[OF i] unfolding uv by auto
  4338     note integrable_integral[OF this, unfolded has_integral[of f]]
  4339     from this[rule_format,OF *] guess dd .. note dd=conjunctD2[OF this,rule_format]
  4340     note gauge_inter[OF `gauge d` dd(1)] from fine_division_exists[OF this,of u v] guess qq .
  4341     thus ?case apply(rule_tac x=qq in exI) using dd(2)[of qq] unfolding fine_inter uv by auto qed
  4342   from bchoice[OF this] guess qq .. note qq=this[rule_format]
  4343 
  4344   let ?p = "p \<union> \<Union>qq ` r" have "norm ((\<Sum>(x, k)\<in>?p. content k *\<^sub>R f x) - integral {a..b} f) < e"
  4345     apply(rule assms(4)[rule_format])
  4346   proof show "d fine ?p" apply(rule fine_union,rule p) apply(rule fine_unions) using qq by auto 
  4347     note * = tagged_partial_division_of_union_self[OF p(1)]
  4348     have "p \<union> \<Union>qq ` r tagged_division_of \<Union>snd ` p \<union> \<Union>r"
  4349     proof(rule tagged_division_union[OF * tagged_division_unions])
  4350       show "finite r" by fact case goal2 thus ?case using qq by auto
  4351     next case goal3 thus ?case apply(rule,rule,rule) apply(rule q'(5)) unfolding r_def by auto
  4352     next case goal4 thus ?case apply(rule inter_interior_unions_intervals) apply(fact,rule)
  4353         apply(rule,rule q') defer apply(rule,subst Int_commute) 
  4354         apply(rule inter_interior_unions_intervals) apply(rule finite_imageI,rule p',rule) defer
  4355         apply(rule,rule q') using q(1) p' unfolding r_def by auto qed
  4356     moreover have "\<Union>snd ` p \<union> \<Union>r = {a..b}" "{qq i |i. i \<in> r} = qq ` r"
  4357       unfolding Union_Un_distrib[THEN sym] r_def using q by auto
  4358     ultimately show "?p tagged_division_of {a..b}" by fastsimp qed
  4359 
  4360   hence "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) + (\<Sum>(x, k)\<in>\<Union>qq ` r. content k *\<^sub>R f x) -
  4361     integral {a..b} f) < e" apply(subst setsum_Un_zero[THEN sym]) apply(rule p') prefer 3 
  4362     apply assumption apply rule apply(rule finite_imageI,rule r) apply safe apply(drule qq)
  4363   proof- fix x l k assume as:"(x,l)\<in>p" "(x,l)\<in>qq k" "k\<in>r"
  4364     note qq[OF this(3)] note tagged_division_ofD(3,4)[OF conjunct1[OF this] as(2)]
  4365     from this(2) guess u v apply-by(erule exE)+ note uv=this
  4366     have "l\<in>snd ` p" unfolding image_iff apply(rule_tac x="(x,l)" in bexI) using as by auto
  4367     hence "l\<in>q" "k\<in>q" "l\<noteq>k" using as(1,3) q(1) unfolding r_def by auto
  4368     note q'(5)[OF this] hence "interior l = {}" using subset_interior[OF `l \<subseteq> k`] by blast
  4369     thus "content l *\<^sub>R f x = 0" unfolding uv content_eq_0_interior[THEN sym] by auto qed auto
  4370 
  4371   hence "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) + setsum (setsum (\<lambda>(x, k). content k *\<^sub>R f x))
  4372     (qq ` r) - integral {a..b} f) < e" apply(subst(asm) setsum_UNION_zero)
  4373     prefer 4 apply assumption apply(rule finite_imageI,fact)
  4374     unfolding split_paired_all split_conv image_iff defer apply(erule bexE)+
  4375   proof- fix x m k l T1 T2 assume "(x,m)\<in>T1" "(x,m)\<in>T2" "T1\<noteq>T2" "k\<in>r" "l\<in>r" "T1 = qq k" "T2 = qq l"
  4376     note as = this(1-5)[unfolded this(6-)] note kl = tagged_division_ofD(3,4)[OF qq[THEN conjunct1]]
  4377     from this(2)[OF as(4,1)] guess u v apply-by(erule exE)+ note uv=this
  4378     have *:"interior (k \<inter> l) = {}" unfolding interior_inter apply(rule q')
  4379       using as unfolding r_def by auto
  4380     have "interior m = {}" unfolding subset_empty[THEN sym] unfolding *[THEN sym]
  4381       apply(rule subset_interior) using kl(1)[OF as(4,1)] kl(1)[OF as(5,2)] by auto
  4382     thus "content m *\<^sub>R f x = 0" unfolding uv content_eq_0_interior[THEN sym] by auto 
  4383   qed(insert qq, auto)
  4384 
  4385   hence **:"norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) + setsum (setsum (\<lambda>(x, k). content k *\<^sub>R f x) \<circ> qq) r -
  4386     integral {a..b} f) < e" apply(subst(asm) setsum_reindex_nonzero) apply fact
  4387     apply(rule setsum_0',rule) unfolding split_paired_all split_conv defer apply assumption
  4388   proof- fix k l x m assume as:"k\<in>r" "l\<in>r" "k\<noteq>l" "qq k = qq l" "(x,m)\<in>qq k"
  4389     note tagged_division_ofD(6)[OF qq[THEN conjunct1]] from this[OF as(1)] this[OF as(2)] 
  4390     show "content m *\<^sub>R f x = 0"  using as(3) unfolding as by auto qed
  4391   
  4392   have *:"\<And>ir ip i cr cp. norm((cp + cr) - i) < e \<Longrightarrow> norm(cr - ir) < k \<Longrightarrow> 
  4393     ip + ir = i \<Longrightarrow> norm(cp - ip) \<le> e + k" 
  4394   proof- case goal1 thus ?case  using norm_triangle_le[of "cp + cr - i" "- (cr - ir)"]  
  4395       unfolding goal1(3)[THEN sym] norm_minus_cancel by(auto simp add:algebra_simps) qed
  4396   
  4397   have "?x =  norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R f x) - (\<Sum>(x, k)\<in>p. integral k f))"
  4398     unfolding split_def setsum_subtractf ..
  4399   also have "... \<le> e + k" apply(rule *[OF **, where ir="setsum (\<lambda>k. integral k f) r"])
  4400   proof- case goal2 have *:"(\<Sum>(x, k)\<in>p. integral k f) = (\<Sum>k\<in>snd ` p. integral k f)"
  4401       apply(subst setsum_reindex_nonzero) apply fact
  4402       unfolding split_paired_all snd_conv split_def o_def
  4403     proof- fix x l y m assume as:"(x,l)\<in>p" "(y,m)\<in>p" "(x,l)\<noteq>(y,m)" "l = m"
  4404       from p'(4)[OF as(1)] guess u v apply-by(erule exE)+ note uv=this
  4405       show "integral l f = 0" unfolding uv apply(rule integral_unique)
  4406         apply(rule has_integral_null) unfolding content_eq_0_interior
  4407         using p'(5)[OF as(1-3)] unfolding uv as(4)[THEN sym] by auto
  4408     qed auto 
  4409     show ?case unfolding integral_combine_division_topdown[OF assms(1) q(2)] * r_def
  4410       apply(rule setsum_Un_disjoint'[THEN sym]) using q(1) q'(1) p'(1) by auto
  4411   next  case goal1 have *:"k * real (card r) / (1 + real (card r)) < k" using k by(auto simp add:field_simps)
  4412     show ?case apply(rule le_less_trans[of _ "setsum (\<lambda>x. k / (real (card r) + 1)) r"])
  4413       unfolding setsum_subtractf[THEN sym] apply(rule setsum_norm_le,fact)
  4414       apply rule apply(drule qq) defer unfolding divide_inverse setsum_left_distrib[THEN sym]
  4415       unfolding divide_inverse[THEN sym] using * by(auto simp add:field_simps real_eq_of_nat)
  4416   qed finally show "?x \<le> e + k" . qed
  4417 
  4418 lemma henstock_lemma_part2: fixes f::"real^'m \<Rightarrow> real^'n"
  4419   assumes "f integrable_on {a..b}" "0 < e" "gauge d"
  4420   "\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow> norm (setsum (\<lambda>(x,k). content k *\<^sub>R f x) p -
  4421           integral({a..b}) f) < e"    "p tagged_partial_division_of {a..b}" "d fine p"
  4422   shows "setsum (\<lambda>(x,k). norm(content k *\<^sub>R f x - integral k f)) p \<le> 2 * real (CARD('n)) * e"
  4423   unfolding split_def apply(rule vsum_norm_allsubsets_bound) defer 
  4424   apply(rule henstock_lemma_part1[unfolded split_def,OF assms(1-3)])
  4425   apply safe apply(rule assms[rule_format,unfolded split_def]) defer
  4426   apply(rule tagged_partial_division_subset,rule assms,assumption)
  4427   apply(rule fine_subset,assumption,rule assms) using assms(5) by auto
  4428   
  4429 lemma henstock_lemma: fixes f::"real^'m \<Rightarrow> real^'n"
  4430   assumes "f integrable_on {a..b}" "e>0"
  4431   obtains d where "gauge d"
  4432   "\<forall>p. p tagged_partial_division_of {a..b} \<and> d fine p
  4433   \<longrightarrow> setsum (\<lambda>(x,k). norm(content k *\<^sub>R f x - integral k f)) p < e"
  4434 proof- have *:"e / (2 * (real CARD('n) + 1)) > 0" apply(rule divide_pos_pos) using assms(2) by auto
  4435   from integrable_integral[OF assms(1),unfolded has_integral[of f],rule_format,OF this]
  4436   guess d .. note d = conjunctD2[OF this] show thesis apply(rule that,rule d)
  4437   proof safe case goal1 note * = henstock_lemma_part2[OF assms(1) * d this]
  4438     show ?case apply(rule le_less_trans[OF *]) using `e>0` by(auto simp add:field_simps) qed qed
  4439 
  4440 subsection {* monotone convergence (bounded interval first). *}
  4441 
  4442 lemma monotone_convergence_interval: fixes f::"nat \<Rightarrow> real^'n \<Rightarrow> real^1"
  4443   assumes "\<forall>k. (f k) integrable_on {a..b}"
  4444   "\<forall>k. \<forall>x\<in>{a..b}. dest_vec1(f k x) \<le> dest_vec1(f (Suc k) x)"
  4445   "\<forall>x\<in>{a..b}. ((\<lambda>k. f k x) ---> g x) sequentially"
  4446   "bounded {integral {a..b} (f k) | k . k \<in> UNIV}"
  4447   shows "g integrable_on {a..b} \<and> ((\<lambda>k. integral ({a..b}) (f k)) ---> integral ({a..b}) g) sequentially"
  4448 proof(case_tac[!] "content {a..b} = 0") assume as:"content {a..b} = 0"
  4449   show ?thesis using integrable_on_null[OF as] unfolding integral_null[OF as] using Lim_const by auto
  4450 next assume ab:"content {a..b} \<noteq> 0"
  4451   have fg:"\<forall>x\<in>{a..b}. \<forall> k. (f k x)$1 \<le> (g x)$1"
  4452   proof safe case goal1 note assms(3)[rule_format,OF this]
  4453     note * = Lim_component_ge[OF this trivial_limit_sequentially]
  4454     show ?case apply(rule *) unfolding eventually_sequentially
  4455       apply(rule_tac x=k in exI) apply- apply(rule transitive_stepwise_le)
  4456       using assms(2)[rule_format,OF goal1] by auto qed
  4457   have "\<exists>i. ((\<lambda>k. integral ({a..b}) (f k)) ---> i) sequentially"
  4458     apply(rule bounded_increasing_convergent) defer
  4459     apply rule apply(rule integral_component_le) apply safe
  4460     apply(rule assms(1-2)[rule_format])+ using assms(4) by auto
  4461   then guess i .. note i=this
  4462   have i':"\<And>k. dest_vec1(integral({a..b}) (f k)) \<le> dest_vec1 i"
  4463     apply(rule Lim_component_ge,rule i) apply(rule trivial_limit_sequentially)
  4464     unfolding eventually_sequentially apply(rule_tac x=k in exI)
  4465     apply(rule transitive_stepwise_le) prefer 3 apply(rule integral_dest_vec1_le)
  4466     apply(rule assms(1-2)[rule_format])+ using assms(2) by auto
  4467 
  4468   have "(g has_integral i) {a..b}" unfolding has_integral
  4469   proof safe case goal1 note e=this
  4470     hence "\<forall>k. (\<exists>d. gauge d \<and> (\<forall>p. p tagged_division_of {a..b} \<and> d fine p \<longrightarrow>
  4471              norm ((\<Sum>(x, ka)\<in>p. content ka *\<^sub>R f k x) - integral {a..b} (f k)) < e / 2 ^ (k + 2)))"
  4472       apply-apply(rule,rule assms(1)[unfolded has_integral_integral has_integral,rule_format])
  4473       apply(rule divide_pos_pos) by auto
  4474     from choice[OF this] guess c .. note c=conjunctD2[OF this[rule_format],rule_format]
  4475 
  4476     have "\<exists>r. \<forall>k\<ge>r. 0 \<le> i$1 - dest_vec1(integral {a..b} (f k)) \<and>
  4477                    i$1 - dest_vec1(integral {a..b} (f k)) < e / 4"
  4478     proof- case goal1 have "e/4 > 0" using e by auto
  4479       from i[unfolded Lim_sequentially,rule_format,OF this] guess r ..
  4480       thus ?case apply(rule_tac x=r in exI) apply rule
  4481         apply(erule_tac x=k in allE)
  4482       proof- case goal1 thus ?case using i'[of k] unfolding dist_real by auto qed qed
  4483     then guess r .. note r=conjunctD2[OF this[rule_format]]
  4484 
  4485     have "\<forall>x\<in>{a..b}. \<exists>n\<ge>r. \<forall>k\<ge>n. 0 \<le> (g x)$1 - (f k x)$1 \<and>
  4486            (g x)$1 - (f k x)$1 < e / (4 * content({a..b}))"
  4487     proof case goal1 have "e / (4 * content {a..b}) > 0" apply(rule divide_pos_pos,fact)
  4488         using ab content_pos_le[of a b] by auto
  4489       from assms(3)[rule_format,OF goal1,unfolded Lim_sequentially,rule_format,OF this]
  4490       guess n .. note n=this
  4491       thus ?case apply(rule_tac x="n + r" in exI) apply safe apply(erule_tac[2-3] x=k in allE)
  4492         unfolding dist_real using fg[rule_format,OF goal1] by(auto simp add:field_simps) qed
  4493     from bchoice[OF this] guess m .. note m=conjunctD2[OF this[rule_format],rule_format]
  4494     def d \<equiv> "\<lambda>x. c (m x) x" 
  4495 
  4496     show ?case apply(rule_tac x=d in exI)
  4497     proof safe show "gauge d" using c(1) unfolding gauge_def d_def by auto
  4498     next fix p assume p:"p tagged_division_of {a..b}" "d fine p"
  4499       note p'=tagged_division_ofD[OF p(1)]
  4500       have "\<exists>a. \<forall>x\<in>p. m (fst x) \<le> a" by(rule upper_bound_finite_set,fact)
  4501       then guess s .. note s=this
  4502       have *:"\<forall>a b c d. norm(a - b) \<le> e / 4 \<and> norm(b - c) < e / 2 \<and>
  4503             norm(c - d) < e / 4 \<longrightarrow> norm(a - d) < e" 
  4504       proof safe case goal1 thus ?case using norm_triangle_lt[of "a - b" "b - c" "3* e/4"]
  4505           norm_triangle_lt[of "a - b + (b - c)" "c - d" e] unfolding norm_minus_cancel
  4506           by(auto simp add:algebra_simps) qed
  4507       show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R g x) - i) < e" apply(rule *[rule_format,where
  4508           b="\<Sum>(x, k)\<in>p. content k *\<^sub>R f (m x) x" and c="\<Sum>(x, k)\<in>p. integral k (f (m x))"])
  4509       proof safe case goal1
  4510          show ?case apply(rule order_trans[of _ "\<Sum>(x, k)\<in>p. content k * (e / (4 * content {a..b}))"])
  4511            unfolding setsum_subtractf[THEN sym] apply(rule order_trans,rule setsum_norm[OF p'(1)])
  4512            apply(rule setsum_mono) unfolding split_paired_all split_conv
  4513            unfolding split_def setsum_left_distrib[THEN sym] scaleR.diff_right[THEN sym]
  4514            unfolding additive_content_tagged_division[OF p(1), unfolded split_def]
  4515          proof- fix x k assume xk:"(x,k) \<in> p" hence x:"x\<in>{a..b}" using p'(2-3)[OF xk] by auto
  4516            from p'(4)[OF xk] guess u v apply-by(erule exE)+ note uv=this
  4517            show " norm (content k *\<^sub>R (g x - f (m x) x)) \<le> content k * (e / (4 * content {a..b}))"
  4518              unfolding norm_scaleR uv unfolding abs_of_nonneg[OF content_pos_le] 
  4519              apply(rule mult_left_mono) unfolding norm_real using m(2)[OF x,of "m x"] by auto
  4520          qed(insert ab,auto)
  4521          
  4522        next case goal2 show ?case apply(rule le_less_trans[of _ "norm (\<Sum>j = 0..s.
  4523            \<Sum>(x, k)\<in>{xk\<in>p. m (fst xk) = j}. content k *\<^sub>R f (m x) x - integral k (f (m x)))"])
  4524            apply(subst setsum_group) apply fact apply(rule finite_atLeastAtMost) defer
  4525            apply(subst split_def)+ unfolding setsum_subtractf apply rule
  4526          proof- show "norm (\<Sum>j = 0..s. \<Sum>(x, k)\<in>{xk \<in> p.
  4527              m (fst xk) = j}. content k *\<^sub>R f (m x) x - integral k (f (m x))) < e / 2"
  4528              apply(rule le_less_trans[of _ "setsum (\<lambda>i. e / 2^(i+2)) {0..s}"])
  4529              apply(rule setsum_norm_le[OF finite_atLeastAtMost])
  4530            proof show "(\<Sum>i = 0..s. e / 2 ^ (i + 2)) < e / 2"
  4531                unfolding power_add divide_inverse inverse_mult_distrib
  4532                unfolding setsum_right_distrib[THEN sym] setsum_left_distrib[THEN sym]
  4533                unfolding power_inverse sum_gp apply(rule mult_strict_left_mono[OF _ e])
  4534                unfolding power2_eq_square by auto
  4535              fix t assume "t\<in>{0..s}"
  4536              show "norm (\<Sum>(x, k)\<in>{xk \<in> p. m (fst xk) = t}. content k *\<^sub>R f (m x) x -
  4537                integral k (f (m x))) \<le> e / 2 ^ (t + 2)"apply(rule order_trans[of _
  4538                "norm(setsum (\<lambda>(x,k). content k *\<^sub>R f t x - integral k (f t)) {xk \<in> p. m (fst xk) = t})"])
  4539                apply(rule eq_refl) apply(rule arg_cong[where f=norm]) apply(rule setsum_cong2) defer
  4540                apply(rule henstock_lemma_part1) apply(rule assms(1)[rule_format])
  4541                apply(rule divide_pos_pos,rule e) defer  apply safe apply(rule c)+
  4542                apply rule apply assumption+ apply(rule tagged_partial_division_subset[of p])
  4543                apply(rule p(1)[unfolded tagged_division_of_def,THEN conjunct1]) defer
  4544                unfolding fine_def apply safe apply(drule p(2)[unfolded fine_def,rule_format])
  4545                unfolding d_def by auto qed
  4546          qed(insert s, auto)
  4547 
  4548        next case goal3
  4549          note comb = integral_combine_tagged_division_topdown[OF assms(1)[rule_format] p(1)]
  4550          have *:"\<And>sr sx ss ks kr::real^1. kr = sr \<longrightarrow> ks = ss \<longrightarrow> ks \<le> i \<and> sr \<le> sx \<and> sx \<le> ss \<and> 0 \<le> i$1 - kr$1
  4551            \<and> i$1 - kr$1 < e/4 \<longrightarrow> abs(sx$1 - i$1) < e/4" unfolding Cart_eq forall_1 vector_le_def by arith
  4552          show ?case unfolding norm_real Cart_nth.diff apply(rule *[rule_format],safe)
  4553            apply(rule comb[of r],rule comb[of s]) unfolding vector_le_def forall_1 setsum_component
  4554            apply(rule i') apply(rule_tac[1-2] setsum_mono) unfolding split_paired_all split_conv
  4555            apply(rule_tac[1-2] integral_component_le[OF ])
  4556          proof safe show "0 \<le> i$1 - (integral {a..b} (f r))$1" using r(1) by auto
  4557            show "i$1 - (integral {a..b} (f r))$1 < e / 4" using r(2) by auto
  4558            fix x k assume xk:"(x,k)\<in>p" from p'(4)[OF this] guess u v apply-by(erule exE)+ note uv=this
  4559            show "f r integrable_on k" "f s integrable_on k" "f (m x) integrable_on k" "f (m x) integrable_on k" 
  4560              unfolding uv apply(rule_tac[!] integrable_on_subinterval[OF assms(1)[rule_format]])
  4561              using p'(3)[OF xk] unfolding uv by auto 
  4562            fix y assume "y\<in>k" hence "y\<in>{a..b}" using p'(3)[OF xk] by auto
  4563            hence *:"\<And>m. \<forall>n\<ge>m. (f m y)$1 \<le> (f n y)$1" apply-apply(rule transitive_stepwise_le) using assms(2) by auto
  4564            show "(f r y)$1 \<le> (f (m x) y)$1" "(f (m x) y)$1 \<le> (f s y)$1"
  4565              apply(rule_tac[!] *[rule_format]) using s[rule_format,OF xk] m(1)[of x] p'(2-3)[OF xk] by auto
  4566          qed qed qed qed note * = this 
  4567 
  4568    have "integral {a..b} g = i" apply(rule integral_unique) using * .
  4569    thus ?thesis using i * by auto qed
  4570 
  4571 lemma monotone_convergence_increasing: fixes f::"nat \<Rightarrow> real^'n \<Rightarrow> real^1"
  4572   assumes "\<forall>k. (f k) integrable_on s"  "\<forall>k. \<forall>x\<in>s. (f k x)$1 \<le> (f (Suc k) x)$1"
  4573   "\<forall>x\<in>s. ((\<lambda>k. f k x) ---> g x) sequentially" "bounded {integral s (f k)| k. True}"
  4574   shows "g integrable_on s \<and> ((\<lambda>k. integral s (f k)) ---> integral s g) sequentially"
  4575 proof- have lem:"\<And>f::nat \<Rightarrow> real^'n \<Rightarrow> real^1. \<And> g s. \<forall>k.\<forall>x\<in>s. 0\<le>dest_vec1 (f k x) \<Longrightarrow> \<forall>k. (f k) integrable_on s \<Longrightarrow>
  4576     \<forall>k. \<forall>x\<in>s. (f k x)$1 \<le> (f (Suc k) x)$1 \<Longrightarrow> \<forall>x\<in>s. ((\<lambda>k. f k x) ---> g x) sequentially  \<Longrightarrow>
  4577     bounded {integral s (f k)| k. True} \<Longrightarrow> g integrable_on s \<and> ((\<lambda>k. integral s (f k)) ---> integral s g) sequentially"
  4578   proof- case goal1 note assms=this[rule_format]
  4579     have "\<forall>x\<in>s. \<forall>k. dest_vec1(f k x) \<le> dest_vec1(g x)" apply safe apply(rule Lim_component_ge)
  4580       apply(rule goal1(4)[rule_format],assumption) apply(rule trivial_limit_sequentially)
  4581       unfolding eventually_sequentially apply(rule_tac x=k in exI)
  4582       apply(rule transitive_stepwise_le) using goal1(3) by auto note fg=this[rule_format]
  4583 
  4584     have "\<exists>i. ((\<lambda>k. integral s (f k)) ---> i) sequentially" apply(rule bounded_increasing_convergent)
  4585       apply(rule goal1(5)) apply(rule,rule integral_component_le) apply(rule goal1(2)[rule_format])+
  4586       using goal1(3) by auto then guess i .. note i=this
  4587     have "\<And>k. \<forall>x\<in>s. \<forall>n\<ge>k. f k x \<le> f n x" apply(rule,rule transitive_stepwise_le) using goal1(3) by auto
  4588     hence i':"\<forall>k. (integral s (f k))$1 \<le> i$1" apply-apply(rule,rule Lim_component_ge)
  4589       apply(rule i,rule trivial_limit_sequentially) unfolding eventually_sequentially
  4590       apply(rule_tac x=k in exI,safe) apply(rule integral_dest_vec1_le)
  4591       apply(rule goal1(2)[rule_format])+ by auto 
  4592 
  4593     note int = assms(2)[unfolded integrable_alt[of _ s],THEN conjunct1,rule_format]
  4594     have ifif:"\<And>k t. (\<lambda>x. if x \<in> t then if x \<in> s then f k x else 0 else 0) =
  4595       (\<lambda>x. if x \<in> t\<inter>s then f k x else 0)" apply(rule ext) by auto
  4596     have int':"\<And>k a b. f k integrable_on {a..b} \<inter> s" apply(subst integrable_restrict_univ[THEN sym])
  4597       apply(subst ifif[THEN sym]) apply(subst integrable_restrict_univ) using int .
  4598     have "\<And>a b. (\<lambda>x. if x \<in> s then g x else 0) integrable_on {a..b} \<and>
  4599       ((\<lambda>k. integral {a..b} (\<lambda>x. if x \<in> s then f k x else 0)) --->
  4600       integral {a..b} (\<lambda>x. if x \<in> s then g x else 0)) sequentially"
  4601     proof(rule monotone_convergence_interval,safe)
  4602       case goal1 show ?case using int .
  4603     next case goal2 thus ?case apply-apply(cases "x\<in>s") using assms(3) by auto
  4604     next case goal3 thus ?case apply-apply(cases "x\<in>s") using assms(4) by auto
  4605     next case goal4 note * = integral_dest_vec1_nonneg[unfolded vector_le_def forall_1 zero_index]
  4606       have "\<And>k. norm (integral {a..b} (\<lambda>x. if x \<in> s then f k x else 0)) \<le> norm (integral s (f k))"
  4607         unfolding norm_real apply(subst abs_of_nonneg) apply(rule *[OF int])
  4608         apply(safe,case_tac "x\<in>s") apply(drule assms(1)) prefer 3
  4609         apply(subst abs_of_nonneg) apply(rule *[OF assms(2) goal1(1)[THEN spec]])
  4610         apply(subst integral_restrict_univ[THEN sym,OF int]) 
  4611         unfolding ifif unfolding integral_restrict_univ[OF int']
  4612         apply(rule integral_subset_component_le[OF _ int' assms(2)]) using assms(1) by auto
  4613       thus ?case using assms(5) unfolding bounded_iff apply safe
  4614         apply(rule_tac x=aa in exI,safe) apply(erule_tac x="integral s (f k)" in ballE)
  4615         apply(rule order_trans) apply assumption by auto qed note g = conjunctD2[OF this]
  4616 
  4617     have "(g has_integral i) s" unfolding has_integral_alt' apply safe apply(rule g(1))
  4618     proof- case goal1 hence "e/4>0" by auto
  4619       from i[unfolded Lim_sequentially,rule_format,OF this] guess N .. note N=this
  4620       note assms(2)[of N,unfolded has_integral_integral has_integral_alt'[of "f N"]]
  4621       from this[THEN conjunct2,rule_format,OF `e/4>0`] guess B .. note B=conjunctD2[OF this]
  4622       show ?case apply(rule,rule,rule B,safe)
  4623       proof- fix a b::"real^'n" assume ab:"ball 0 B \<subseteq> {a..b}"
  4624         from `e>0` have "e/2>0" by auto
  4625         from g(2)[unfolded Lim_sequentially,of a b,rule_format,OF this] guess M .. note M=this
  4626         have **:"norm (integral {a..b} (\<lambda>x. if x \<in> s then f N x else 0) - i) < e/2"
  4627           apply(rule norm_triangle_half_l) using B(2)[rule_format,OF ab] N[rule_format,of N]
  4628           unfolding dist_norm apply-defer apply(subst norm_minus_commute) by auto
  4629         have *:"\<And>f1 f2 g. abs(f1 - i$1) < e / 2 \<longrightarrow> abs(f2 - g) < e / 2 \<longrightarrow> f1 \<le> f2 \<longrightarrow> f2 \<le> i$1
  4630           \<longrightarrow> abs(g - i$1) < e" by arith
  4631         show "norm (integral {a..b} (\<lambda>x. if x \<in> s then g x else 0) - i) < e" 
  4632           unfolding norm_real Cart_simps apply(rule *[rule_format])
  4633           apply(rule **[unfolded norm_real Cart_simps])
  4634           apply(rule M[rule_format,of "M + N",unfolded dist_real]) apply(rule le_add1)
  4635           apply(rule integral_component_le[OF int int]) defer
  4636           apply(rule order_trans[OF _ i'[rule_format,of "M + N"]])
  4637         proof safe case goal2 have "\<And>m. x\<in>s \<Longrightarrow> \<forall>n\<ge>m. (f m x)$1 \<le> (f n x)$1"
  4638             apply(rule transitive_stepwise_le) using assms(3) by auto thus ?case by auto
  4639         next case goal1 show ?case apply(subst integral_restrict_univ[THEN sym,OF int]) 
  4640             unfolding ifif integral_restrict_univ[OF int']
  4641             apply(rule integral_subset_component_le[OF _ int']) using assms by auto
  4642         qed qed qed 
  4643     thus ?case apply safe defer apply(drule integral_unique) using i by auto qed
  4644 
  4645   have sub:"\<And>k. integral s (\<lambda>x. f k x - f 0 x) = integral s (f k) - integral s (f 0)"
  4646     apply(subst integral_sub) apply(rule assms(1)[rule_format])+ by rule
  4647   have "\<And>x m. x\<in>s \<Longrightarrow> \<forall>n\<ge>m. dest_vec1 (f m x) \<le> dest_vec1 (f n x)" apply(rule transitive_stepwise_le)
  4648     using assms(2) by auto note * = this[rule_format]
  4649   have "(\<lambda>x. g x - f 0 x) integrable_on s \<and>((\<lambda>k. integral s (\<lambda>x. f (Suc k) x - f 0 x)) --->
  4650       integral s (\<lambda>x. g x - f 0 x)) sequentially" apply(rule lem,safe)
  4651   proof- case goal1 thus ?case using *[of x 0 "Suc k"] by auto
  4652   next case goal2 thus ?case apply(rule integrable_sub) using assms(1) by auto
  4653   next case goal3 thus ?case using *[of x "Suc k" "Suc (Suc k)"] by auto
  4654   next case goal4 thus ?case apply-apply(rule Lim_sub) 
  4655       using seq_offset[OF assms(3)[rule_format],of x 1] by auto
  4656   next case goal5 thus ?case using assms(4) unfolding bounded_iff
  4657       apply safe apply(rule_tac x="a + norm (integral s (\<lambda>x. f 0 x))" in exI)
  4658       apply safe apply(erule_tac x="integral s (\<lambda>x. f (Suc k) x)" in ballE) unfolding sub
  4659       apply(rule order_trans[OF norm_triangle_ineq4]) by auto qed
  4660   note conjunctD2[OF this] note Lim_add[OF this(2) Lim_const[of "integral s (f 0)"]]
  4661     integrable_add[OF this(1) assms(1)[rule_format,of 0]]
  4662   thus ?thesis unfolding sub apply-apply rule defer apply(subst(asm) integral_sub)
  4663     using assms(1) apply auto apply(rule seq_offset_rev[where k=1]) by auto qed
  4664 
  4665 lemma monotone_convergence_decreasing: fixes f::"nat \<Rightarrow> real^'n \<Rightarrow> real^1"
  4666   assumes "\<forall>k. (f k) integrable_on s"  "\<forall>k. \<forall>x\<in>s. (f (Suc k) x)$1 \<le> (f k x)$1"
  4667   "\<forall>x\<in>s. ((\<lambda>k. f k x) ---> g x) sequentially" "bounded {integral s (f k)| k. True}"
  4668   shows "g integrable_on s \<and> ((\<lambda>k. integral s (f k)) ---> integral s g) sequentially"
  4669 proof- note assm = assms[rule_format]
  4670   have *:"{integral s (\<lambda>x. - f k x) |k. True} = op *\<^sub>R -1 ` {integral s (f k)| k. True}"
  4671     apply safe unfolding image_iff apply(rule_tac x="integral s (f k)" in bexI) prefer 3
  4672     apply(rule_tac x=k in exI) unfolding integral_neg[OF assm(1)] by auto
  4673   have "(\<lambda>x. - g x) integrable_on s \<and> ((\<lambda>k. integral s (\<lambda>x. - f k x))
  4674     ---> integral s (\<lambda>x. - g x))  sequentially" apply(rule monotone_convergence_increasing)
  4675     apply(safe,rule integrable_neg) apply(rule assm) defer apply(rule Lim_neg)
  4676     apply(rule assm,assumption) unfolding * apply(rule bounded_scaling) using assm by auto
  4677   note * = conjunctD2[OF this]
  4678   show ?thesis apply rule using integrable_neg[OF *(1)] defer
  4679     using Lim_neg[OF *(2)] apply- unfolding integral_neg[OF assm(1)]
  4680     unfolding integral_neg[OF *(1),THEN sym] by auto qed
  4681 
  4682 lemma monotone_convergence_increasing_real: fixes f::"nat \<Rightarrow> real^'n \<Rightarrow> real"
  4683   assumes "\<forall>k. (f k) integrable_on s"  "\<forall>k. \<forall>x\<in>s. (f (Suc k) x) \<ge> (f k x)"
  4684   "\<forall>x\<in>s. ((\<lambda>k. f k x) ---> g x) sequentially" "bounded {integral s (f k)| k. True}"
  4685   shows "g integrable_on s \<and> ((\<lambda>k. integral s (f k)) ---> integral s g) sequentially"
  4686 proof- have *:"{integral s (\<lambda>x. vec1 (f k x)) |k. True} =  vec1 ` {integral s (f k) |k. True}"
  4687     unfolding integral_trans[OF assms(1)[rule_format]] by auto
  4688   have "vec1 \<circ> g integrable_on s \<and> ((\<lambda>k. integral s (vec1 \<circ> f k)) ---> integral s (vec1 \<circ> g)) sequentially"
  4689     apply(rule monotone_convergence_increasing) unfolding o_def integrable_on_trans
  4690     unfolding vec1_dest_vec1 apply(rule assms)+ unfolding Lim_trans unfolding * using assms(3,4) by auto
  4691   thus ?thesis unfolding o_def unfolding integral_trans[OF assms(1)[rule_format]] by auto qed
  4692 
  4693 lemma monotone_convergence_decreasing_real: fixes f::"nat \<Rightarrow> real^'n \<Rightarrow> real"
  4694   assumes "\<forall>k. (f k) integrable_on s"  "\<forall>k. \<forall>x\<in>s. (f (Suc k) x) \<le> (f k x)"
  4695   "\<forall>x\<in>s. ((\<lambda>k. f k x) ---> g x) sequentially" "bounded {integral s (f k)| k. True}"
  4696   shows "g integrable_on s \<and> ((\<lambda>k. integral s (f k)) ---> integral s g) sequentially"
  4697 proof- have *:"{integral s (\<lambda>x. vec1 (f k x)) |k. True} =  vec1 ` {integral s (f k) |k. True}"
  4698     unfolding integral_trans[OF assms(1)[rule_format]] by auto
  4699   have "vec1 \<circ> g integrable_on s \<and> ((\<lambda>k. integral s (vec1 \<circ> f k)) ---> integral s (vec1 \<circ> g)) sequentially"
  4700     apply(rule monotone_convergence_decreasing) unfolding o_def integrable_on_trans
  4701     unfolding vec1_dest_vec1 apply(rule assms)+ unfolding Lim_trans unfolding * using assms(3,4) by auto
  4702   thus ?thesis unfolding o_def unfolding integral_trans[OF assms(1)[rule_format]] by auto qed
  4703 
  4704 subsection {* absolute integrability (this is the same as Lebesgue integrability). *}
  4705 
  4706 definition absolutely_integrable_on (infixr "absolutely'_integrable'_on" 46) where
  4707   "f absolutely_integrable_on s \<longleftrightarrow> f integrable_on s \<and> (\<lambda>x. (norm(f x))) integrable_on s"
  4708 
  4709 lemma absolutely_integrable_onI[intro?]:
  4710   "f integrable_on s \<Longrightarrow> (\<lambda>x. (norm(f x))) integrable_on s \<Longrightarrow> f absolutely_integrable_on s"
  4711   unfolding absolutely_integrable_on_def by auto
  4712 
  4713 lemma absolutely_integrable_onD[dest]: assumes "f absolutely_integrable_on s"
  4714   shows "f integrable_on s" "(\<lambda>x. (norm(f x))) integrable_on s"
  4715   using assms unfolding absolutely_integrable_on_def by auto
  4716 
  4717 lemma absolutely_integrable_on_trans[simp]: fixes f::"real^'n \<Rightarrow> real" shows
  4718   "(vec1 o f) absolutely_integrable_on s \<longleftrightarrow> f absolutely_integrable_on s"
  4719   unfolding absolutely_integrable_on_def o_def by auto
  4720 
  4721 lemma integral_norm_bound_integral: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4722   assumes "f integrable_on s" "g integrable_on s" "\<forall>x\<in>s. norm(f x) \<le> g x"
  4723   shows "norm(integral s f) \<le> (integral s g)"
  4724 proof- have *:"\<And>x y. (\<forall>e::real. 0 < e \<longrightarrow> x < y + e) \<longrightarrow> x \<le> y" apply(safe,rule ccontr)
  4725     apply(erule_tac x="x - y" in allE) by auto
  4726   have "\<And>e sg dsa dia ig. norm(sg) \<le> dsa \<longrightarrow> abs(dsa - dia) < e / 2 \<longrightarrow> norm(sg - ig) < e / 2
  4727     \<longrightarrow> norm(ig) < dia + e" 
  4728   proof safe case goal1 show ?case apply(rule le_less_trans[OF norm_triangle_sub[of ig sg]])
  4729       apply(subst real_sum_of_halves[of e,THEN sym]) unfolding add_assoc[symmetric]
  4730       apply(rule add_le_less_mono) defer apply(subst norm_minus_commute,rule goal1)
  4731       apply(rule order_trans[OF goal1(1)]) using goal1(2) by arith
  4732   qed note norm=this[rule_format]
  4733   have lem:"\<And>f::real^'n \<Rightarrow> 'a. \<And> g a b. f integrable_on {a..b} \<Longrightarrow> g integrable_on {a..b} \<Longrightarrow>
  4734     \<forall>x\<in>{a..b}. norm(f x) \<le> (g x) \<Longrightarrow> norm(integral({a..b}) f) \<le> (integral({a..b}) g)"
  4735   proof(rule *[rule_format]) case goal1 hence *:"e/2>0" by auto
  4736     from integrable_integral[OF goal1(1),unfolded has_integral[of f],rule_format,OF *]
  4737     guess d1 .. note d1 = conjunctD2[OF this,rule_format]
  4738     from integrable_integral[OF goal1(2),unfolded has_integral[of g],rule_format,OF *]
  4739     guess d2 .. note d2 = conjunctD2[OF this,rule_format]
  4740     note gauge_inter[OF d1(1) d2(1)]
  4741     from fine_division_exists[OF this, of a b] guess p . note p=this
  4742     show ?case apply(rule norm) defer
  4743       apply(rule d2(2)[OF conjI[OF p(1)],unfolded real_norm_def]) defer
  4744       apply(rule d1(2)[OF conjI[OF p(1)]]) defer apply(rule setsum_norm_le)
  4745     proof safe fix x k assume "(x,k)\<in>p" note as = tagged_division_ofD(2-4)[OF p(1) this]
  4746       from this(3) guess u v apply-by(erule exE)+ note uv=this
  4747       show "norm (content k *\<^sub>R f x) \<le> content k *\<^sub>R g x" unfolding uv norm_scaleR
  4748         unfolding abs_of_nonneg[OF content_pos_le] real_scaleR_def
  4749         apply(rule mult_left_mono) using goal1(3) as by auto
  4750     qed(insert p[unfolded fine_inter],auto) qed
  4751 
  4752   { presume "\<And>e. 0 < e \<Longrightarrow> norm (integral s f) < integral s g + e" 
  4753     thus ?thesis apply-apply(rule *[rule_format]) by auto }
  4754   fix e::real assume "e>0" hence e:"e/2 > 0" by auto
  4755   note assms(1)[unfolded integrable_alt[of f]] note f=this[THEN conjunct1,rule_format]
  4756   note assms(2)[unfolded integrable_alt[of g]] note g=this[THEN conjunct1,rule_format]
  4757   from integrable_integral[OF assms(1),unfolded has_integral'[of f],rule_format,OF e]
  4758   guess B1 .. note B1=conjunctD2[OF this[rule_format],rule_format]
  4759   from integrable_integral[OF assms(2),unfolded has_integral'[of g],rule_format,OF e]
  4760   guess B2 .. note B2=conjunctD2[OF this[rule_format],rule_format]
  4761   from bounded_subset_closed_interval[OF bounded_ball, of "0::real^'n" "max B1 B2"]
  4762   guess a b apply-by(erule exE)+ note ab=this[unfolded ball_max_Un]
  4763 
  4764   have "ball 0 B1 \<subseteq> {a..b}" using ab by auto
  4765   from B1(2)[OF this] guess z .. note z=conjunctD2[OF this]
  4766   have "ball 0 B2 \<subseteq> {a..b}" using ab by auto
  4767   from B2(2)[OF this] guess w .. note w=conjunctD2[OF this]
  4768 
  4769   show "norm (integral s f) < integral s g + e" apply(rule norm)
  4770     apply(rule lem[OF f g, of a b]) unfolding integral_unique[OF z(1)] integral_unique[OF w(1)]
  4771     defer apply(rule w(2)[unfolded real_norm_def],rule z(2))
  4772     apply safe apply(case_tac "x\<in>s") unfolding if_P apply(rule assms(3)[rule_format]) by auto qed
  4773 
  4774 lemma integral_norm_bound_integral_component: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4775   assumes "f integrable_on s" "g integrable_on s"  "\<forall>x\<in>s. norm(f x) \<le> (g x)$k"
  4776   shows "norm(integral s f) \<le> (integral s g)$k"
  4777 proof- have "norm (integral s f) \<le> integral s ((\<lambda>x. x $ k) o g)"
  4778     apply(rule integral_norm_bound_integral[OF assms(1)])
  4779     apply(rule integrable_linear[OF assms(2)],rule)
  4780     unfolding o_def by(rule assms)
  4781   thus ?thesis unfolding o_def integral_component_eq[OF assms(2)] . qed
  4782 
  4783 lemma has_integral_norm_bound_integral_component: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4784   assumes "(f has_integral i) s" "(g has_integral j) s" "\<forall>x\<in>s. norm(f x) \<le> (g x)$k"
  4785   shows "norm(i) \<le> j$k" using integral_norm_bound_integral_component[of f s g k]
  4786   unfolding integral_unique[OF assms(1)] integral_unique[OF assms(2)]
  4787   using assms by auto
  4788 
  4789 lemma absolutely_integrable_le: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4790   assumes "f absolutely_integrable_on s"
  4791   shows "norm(integral s f) \<le> integral s (\<lambda>x. norm(f x))"
  4792   apply(rule integral_norm_bound_integral) using assms by auto
  4793 
  4794 lemma absolutely_integrable_0[intro]: "(\<lambda>x. 0) absolutely_integrable_on s"
  4795   unfolding absolutely_integrable_on_def by auto
  4796 
  4797 lemma absolutely_integrable_cmul[intro]:
  4798  "f absolutely_integrable_on s \<Longrightarrow> (\<lambda>x. c *\<^sub>R f x) absolutely_integrable_on s"
  4799   unfolding absolutely_integrable_on_def using integrable_cmul[of f s c]
  4800   using integrable_cmul[of "\<lambda>x. norm (f x)" s "abs c"] by auto
  4801 
  4802 lemma absolutely_integrable_neg[intro]:
  4803  "f absolutely_integrable_on s \<Longrightarrow> (\<lambda>x. -f(x)) absolutely_integrable_on s"
  4804   apply(drule absolutely_integrable_cmul[where c="-1"]) by auto
  4805 
  4806 lemma absolutely_integrable_norm[intro]:
  4807  "f absolutely_integrable_on s \<Longrightarrow> (\<lambda>x. norm(f x)) absolutely_integrable_on s"
  4808   unfolding absolutely_integrable_on_def by auto
  4809 
  4810 lemma absolutely_integrable_abs[intro]:
  4811  "f absolutely_integrable_on s \<Longrightarrow> (\<lambda>x. abs(f x::real)) absolutely_integrable_on s"
  4812   apply(drule absolutely_integrable_norm) unfolding real_norm_def .
  4813 
  4814 lemma absolutely_integrable_on_subinterval: fixes f::"real^'n \<Rightarrow> 'a::banach" shows
  4815   "f absolutely_integrable_on s \<Longrightarrow> {a..b} \<subseteq> s \<Longrightarrow> f absolutely_integrable_on {a..b}" 
  4816   unfolding absolutely_integrable_on_def by(meson integrable_on_subinterval)
  4817 
  4818 lemma absolutely_integrable_bounded_variation: fixes f::"real^'n \<Rightarrow> 'a::banach"
  4819   assumes "f absolutely_integrable_on UNIV"
  4820   obtains B where "\<forall>d. d division_of (\<Union>d) \<longrightarrow> setsum (\<lambda>k. norm(integral k f)) d \<le> B"
  4821   apply(rule that[of "integral UNIV (\<lambda>x. norm (f x))"])
  4822 proof safe case goal1 note d = division_ofD[OF this(2)]
  4823   have "(\<Sum>k\<in>d. norm (integral k f)) \<le> (\<Sum>i\<in>d. integral i (\<lambda>x. norm (f x)))"
  4824     apply(rule setsum_mono,rule absolutely_integrable_le) apply(drule d(4),safe)
  4825     apply(rule absolutely_integrable_on_subinterval[OF assms]) by auto
  4826   also have "... \<le> integral (\<Union>d) (\<lambda>x. norm (f x))"
  4827     apply(subst integral_combine_division_topdown[OF _ goal1(2)])
  4828     using integrable_on_subdivision[OF goal1(2)] using assms by auto
  4829   also have "... \<le> integral UNIV (\<lambda>x. norm (f x))"
  4830     apply(rule integral_subset_le) 
  4831     using integrable_on_subdivision[OF goal1(2)] using assms by auto
  4832   finally show ?case . qed
  4833 
  4834 lemma helplemma:
  4835   assumes "setsum (\<lambda>x. norm(f x - g x)) s < e" "finite s"
  4836   shows "abs(setsum (\<lambda>x. norm(f x)) s - setsum (\<lambda>x. norm(g x)) s) < e"
  4837   unfolding setsum_subtractf[THEN sym] apply(rule le_less_trans[OF setsum_abs])
  4838   apply(rule le_less_trans[OF _ assms(1)]) apply(rule setsum_mono)
  4839   using norm_triangle_ineq3 .
  4840 
  4841 lemma bounded_variation_absolutely_integrable_interval:
  4842   fixes f::"real^'n \<Rightarrow> real^'m" assumes "f integrable_on {a..b}"
  4843   "\<forall>d. d division_of {a..b} \<longrightarrow> setsum (\<lambda>k. norm(integral k f)) d \<le> B"
  4844   shows "f absolutely_integrable_on {a..b}"
  4845 proof- let ?S = "(\<lambda>d. setsum (\<lambda>k. norm(integral k f)) d) ` {d. d division_of {a..b} }" def i \<equiv> "Sup ?S"
  4846   have i:"isLub UNIV ?S i" unfolding i_def apply(rule Sup)
  4847     apply(rule elementary_interval) defer apply(rule_tac x=B in exI)
  4848     apply(rule setleI) using assms(2) by auto
  4849   show ?thesis apply(rule,rule assms) apply rule apply(subst has_integral[of _ i])
  4850   proof safe case goal1 hence "i - e / 2 \<notin> Collect (isUb UNIV (setsum (\<lambda>k. norm (integral k f)) `
  4851         {d. d division_of {a..b}}))" using isLub_ubs[OF i,rule_format]
  4852       unfolding setge_def ubs_def by auto 
  4853     hence " \<exists>y. y division_of {a..b} \<and> i - e / 2 < (\<Sum>k\<in>y. norm (integral k f))"
  4854       unfolding mem_Collect_eq isUb_def setle_def by simp then guess d .. note d=conjunctD2[OF this]
  4855     note d' = division_ofD[OF this(1)]
  4856 
  4857     have "\<forall>x. \<exists>e>0. \<forall>i\<in>d. x \<notin> i \<longrightarrow> ball x e \<inter> i = {}"
  4858     proof case goal1 have "\<exists>da>0. \<forall>xa\<in>\<Union>{i \<in> d. x \<notin> i}. da \<le> dist x xa"
  4859         apply(rule separate_point_closed) apply(rule closed_Union)
  4860         apply(rule finite_subset[OF _ d'(1)]) apply safe apply(drule d'(4)) by auto
  4861       thus ?case apply safe apply(rule_tac x=da in exI,safe)
  4862         apply(erule_tac x=xa in ballE) by auto
  4863     qed from choice[OF this] guess k .. note k=conjunctD2[OF this[rule_format],rule_format]
  4864 
  4865     have "e/2 > 0" using goal1 by auto
  4866     from henstock_lemma[OF assms(1) this] guess g . note g=this[rule_format]
  4867     let ?g = "\<lambda>x. g x \<inter> ball x (k x)"
  4868     show ?case apply(rule_tac x="?g" in exI) apply safe
  4869     proof- show "gauge ?g" using g(1) unfolding gauge_def using k(1) by auto
  4870       fix p assume "p tagged_division_of {a..b}" "?g fine p"
  4871       note p = this(1) conjunctD2[OF this(2)[unfolded fine_inter]]
  4872       note p' = tagged_division_ofD[OF p(1)]
  4873       def p' \<equiv> "{(x,k) | x k. \<exists>i l. x \<in> i \<and> i \<in> d \<and> (x,l) \<in> p \<and> k = i \<inter> l}"
  4874       have gp':"g fine p'" using p(2) unfolding p'_def fine_def by auto
  4875       have p'':"p' tagged_division_of {a..b}" apply(rule tagged_division_ofI)
  4876       proof- show "finite p'" apply(rule finite_subset[of _ "(\<lambda>(k,(x,l)). (x,k \<inter> l))
  4877           ` {(k,xl) | k xl. k \<in> d \<and> xl \<in> p}"]) unfolding p'_def 
  4878           defer apply(rule finite_imageI,rule finite_product_dependent[OF d'(1) p'(1)])
  4879           apply safe unfolding image_iff apply(rule_tac x="(i,x,l)" in bexI) by auto
  4880         fix x k assume "(x,k)\<in>p'"
  4881         hence "\<exists>i l. x \<in> i \<and> i \<in> d \<and> (x, l) \<in> p \<and> k = i \<inter> l" unfolding p'_def by auto
  4882         then guess i l apply-by(erule exE)+ note il=conjunctD4[OF this]
  4883         show "x\<in>k" "k\<subseteq>{a..b}" using p'(2-3)[OF il(3)] il by auto
  4884         show "\<exists>a b. k = {a..b}" unfolding il using p'(4)[OF il(3)] d'(4)[OF il(2)]
  4885           apply safe unfolding inter_interval by auto
  4886       next fix x1 k1 assume "(x1,k1)\<in>p'"
  4887         hence "\<exists>i l. x1 \<in> i \<and> i \<in> d \<and> (x1, l) \<in> p \<and> k1 = i \<inter> l" unfolding p'_def by auto
  4888         then guess i1 l1 apply-by(erule exE)+ note il1=conjunctD4[OF this]
  4889         fix x2 k2 assume "(x2,k2)\<in>p'"
  4890         hence "\<exists>i l. x2 \<in> i \<and> i \<in> d \<and> (x2, l) \<in> p \<and> k2 = i \<inter> l" unfolding p'_def by auto
  4891         then guess i2 l2 apply-by(erule exE)+ note il2=conjunctD4[OF this]
  4892         assume "(x1, k1) \<noteq> (x2, k2)"
  4893         hence "interior(i1) \<inter> interior(i2) = {} \<or> interior(l1) \<inter> interior(l2) = {}"
  4894           using d'(5)[OF il1(2) il2(2)] p'(5)[OF il1(3) il2(3)] unfolding il1 il2 by auto
  4895         thus "interior k1 \<inter> interior k2 = {}" unfolding il1 il2 by auto
  4896       next have *:"\<forall>(x, X) \<in> p'. X \<subseteq> {a..b}" unfolding p'_def using d' by auto
  4897         show "\<Union>{k. \<exists>x. (x, k) \<in> p'} = {a..b}" apply rule apply(rule Union_least)
  4898           unfolding mem_Collect_eq apply(erule exE) apply(drule *[rule_format]) apply safe
  4899         proof- fix y assume y:"y\<in>{a..b}"
  4900           hence "\<exists>x l. (x, l) \<in> p \<and> y\<in>l" unfolding p'(6)[THEN sym] by auto
  4901           then guess x l apply-by(erule exE)+ note xl=conjunctD2[OF this]
  4902           hence "\<exists>k. k\<in>d \<and> y\<in>k" using y unfolding d'(6)[THEN sym] by auto
  4903           then guess i .. note i = conjunctD2[OF this]
  4904           have "x\<in>i" using fineD[OF p(3) xl(1)] using k(2)[OF i(1), of x] using i(2) xl(2) by auto
  4905           thus "y\<in>\<Union>{k. \<exists>x. (x, k) \<in> p'}" unfolding p'_def Union_iff apply(rule_tac x="i \<inter> l" in bexI)
  4906             defer unfolding mem_Collect_eq apply(rule_tac x=x in exI)+ apply(rule_tac x="i\<inter>l" in exI)
  4907             apply safe apply(rule_tac x=i in exI) apply(rule_tac x=l in exI) using i xl by auto 
  4908         qed qed 
  4909 
  4910       hence "(\<Sum>(x, k)\<in>p'. norm (content k *\<^sub>R f x - integral k f)) < e / 2"
  4911         apply-apply(rule g(2)[rule_format]) unfolding tagged_division_of_def apply safe using gp' .
  4912       hence **:" \<bar>(\<Sum>(x,k)\<in>p'. norm (content k *\<^sub>R f x)) - (\<Sum>(x,k)\<in>p'. norm (integral k f))\<bar> < e / 2"
  4913         unfolding split_def apply(rule helplemma) using p'' by auto
  4914 
  4915       have p'alt:"p' = {(x,(i \<inter> l)) | x i l. (x,l) \<in> p \<and> i \<in> d \<and> ~(i \<inter> l = {})}"
  4916       proof safe case goal2
  4917         have "x\<in>i" using fineD[OF p(3) goal2(1)] k(2)[OF goal2(2), of x] goal2(4-) by auto
  4918         hence "(x, i \<inter> l) \<in> p'" unfolding p'_def apply safe
  4919           apply(rule_tac x=x in exI,rule_tac x="i\<inter>l" in exI) apply safe using goal2 by auto
  4920         thus ?case using goal2(3) by auto
  4921       next fix x k assume "(x,k)\<in>p'"
  4922         hence "\<exists>i l. x \<in> i \<and> i \<in> d \<and> (x, l) \<in> p \<and> k = i \<inter> l" unfolding p'_def by auto
  4923         then guess i l apply-by(erule exE)+ note il=conjunctD4[OF this]
  4924         thus "\<exists>y i l. (x, k) = (y, i \<inter> l) \<and> (y, l) \<in> p \<and> i \<in> d \<and> i \<inter> l \<noteq> {}"
  4925           apply(rule_tac x=x in exI,rule_tac x=i in exI,rule_tac x=l in exI)
  4926           using p'(2)[OF il(3)] by auto
  4927       qed
  4928       have sum_p':"(\<Sum>(x, k)\<in>p'. norm (integral k f)) = (\<Sum>k\<in>snd ` p'. norm (integral k f))"
  4929         apply(subst setsum_over_tagged_division_lemma[OF p'',of "\<lambda>k. norm (integral k f)"])
  4930         unfolding norm_eq_zero apply(rule integral_null,assumption) ..
  4931       note snd_p = division_ofD[OF division_of_tagged_division[OF p(1)]]
  4932 
  4933       have *:"\<And>sni sni' sf sf'. abs(sf' - sni') < e / 2 \<longrightarrow> i - e / 2 < sni \<and> sni' \<le> i \<and>
  4934         sni \<le> sni' \<and> sf' = sf \<longrightarrow> abs(sf - i) < e" by arith
  4935       show "norm ((\<Sum>(x, k)\<in>p. content k *\<^sub>R norm (f x)) - i) < e" 
  4936         unfolding real_norm_def apply(rule *[rule_format,OF **],safe) apply(rule d(2))
  4937       proof- case goal1 show ?case unfolding sum_p'
  4938           apply(rule isLubD2[OF i]) using division_of_tagged_division[OF p''] by auto
  4939       next case goal2 have *:"{k \<inter> l | k l. k \<in> d \<and> l \<in> snd ` p} =
  4940           (\<lambda>(k,l). k \<inter> l) ` {(k,l)|k l. k \<in> d \<and> l \<in> snd ` p}" by auto
  4941         have "(\<Sum>k\<in>d. norm (integral k f)) \<le> (\<Sum>i\<in>d. \<Sum>l\<in>snd ` p. norm (integral (i \<inter> l) f))"
  4942         proof(rule setsum_mono) case goal1 note k=this
  4943<