src/HOL/Library/Zorn.thy
author nipkow
Fri Mar 14 19:57:32 2008 +0100 (2008-03-14)
changeset 26272 d63776c3be97
parent 26191 ae537f315b34
child 26295 afc43168ed85
permissions -rw-r--r--
Added Order_Relation
     1 (*  Title       : HOL/Library/Zorn.thy
     2     ID          : $Id$
     3     Author      : Jacques D. Fleuriot, Tobias Nipkow
     4     Description : Zorn's Lemma (ported from Larry Paulson's Zorn.thy in ZF)
     5                   The well-ordering theorem
     6 *)
     7 
     8 header {* Zorn's Lemma *}
     9 
    10 theory Zorn
    11 imports Order_Relation
    12 begin
    13 
    14 (* Define globally? In Set.thy? *)
    15 definition chain_subset :: "'a set set \<Rightarrow> bool" ("chain\<^bsub>\<subseteq>\<^esub>") where
    16 "chain\<^bsub>\<subseteq>\<^esub> C \<equiv> \<forall>A\<in>C.\<forall>B\<in>C. A \<subseteq> B \<or> B \<subseteq> A"
    17 
    18 text{*
    19   The lemma and section numbers refer to an unpublished article
    20   \cite{Abrial-Laffitte}.
    21 *}
    22 
    23 definition
    24   chain     ::  "'a set set => 'a set set set" where
    25   "chain S  = {F. F \<subseteq> S & chain\<^bsub>\<subseteq>\<^esub> F}"
    26 
    27 definition
    28   super     ::  "['a set set,'a set set] => 'a set set set" where
    29   "super S c = {d. d \<in> chain S & c \<subset> d}"
    30 
    31 definition
    32   maxchain  ::  "'a set set => 'a set set set" where
    33   "maxchain S = {c. c \<in> chain S & super S c = {}}"
    34 
    35 definition
    36   succ      ::  "['a set set,'a set set] => 'a set set" where
    37   "succ S c =
    38     (if c \<notin> chain S | c \<in> maxchain S
    39     then c else SOME c'. c' \<in> super S c)"
    40 
    41 inductive_set
    42   TFin :: "'a set set => 'a set set set"
    43   for S :: "'a set set"
    44   where
    45     succI:        "x \<in> TFin S ==> succ S x \<in> TFin S"
    46   | Pow_UnionI:   "Y \<in> Pow(TFin S) ==> Union(Y) \<in> TFin S"
    47   monos          Pow_mono
    48 
    49 
    50 subsection{*Mathematical Preamble*}
    51 
    52 lemma Union_lemma0:
    53     "(\<forall>x \<in> C. x \<subseteq> A | B \<subseteq> x) ==> Union(C) \<subseteq> A | B \<subseteq> Union(C)"
    54   by blast
    55 
    56 
    57 text{*This is theorem @{text increasingD2} of ZF/Zorn.thy*}
    58 
    59 lemma Abrial_axiom1: "x \<subseteq> succ S x"
    60   apply (unfold succ_def)
    61   apply (rule split_if [THEN iffD2])
    62   apply (auto simp add: super_def maxchain_def psubset_def)
    63   apply (rule contrapos_np, assumption)
    64   apply (rule someI2, blast+)
    65   done
    66 
    67 lemmas TFin_UnionI = TFin.Pow_UnionI [OF PowI]
    68 
    69 lemma TFin_induct:
    70           "[| n \<in> TFin S;
    71              !!x. [| x \<in> TFin S; P(x) |] ==> P(succ S x);
    72              !!Y. [| Y \<subseteq> TFin S; Ball Y P |] ==> P(Union Y) |]
    73           ==> P(n)"
    74   apply (induct set: TFin)
    75    apply blast+
    76   done
    77 
    78 lemma succ_trans: "x \<subseteq> y ==> x \<subseteq> succ S y"
    79   apply (erule subset_trans)
    80   apply (rule Abrial_axiom1)
    81   done
    82 
    83 text{*Lemma 1 of section 3.1*}
    84 lemma TFin_linear_lemma1:
    85      "[| n \<in> TFin S;  m \<in> TFin S;
    86          \<forall>x \<in> TFin S. x \<subseteq> m --> x = m | succ S x \<subseteq> m
    87       |] ==> n \<subseteq> m | succ S m \<subseteq> n"
    88   apply (erule TFin_induct)
    89    apply (erule_tac [2] Union_lemma0)
    90   apply (blast del: subsetI intro: succ_trans)
    91   done
    92 
    93 text{* Lemma 2 of section 3.2 *}
    94 lemma TFin_linear_lemma2:
    95      "m \<in> TFin S ==> \<forall>n \<in> TFin S. n \<subseteq> m --> n=m | succ S n \<subseteq> m"
    96   apply (erule TFin_induct)
    97    apply (rule impI [THEN ballI])
    98    txt{*case split using @{text TFin_linear_lemma1}*}
    99    apply (rule_tac n1 = n and m1 = x in TFin_linear_lemma1 [THEN disjE],
   100      assumption+)
   101     apply (drule_tac x = n in bspec, assumption)
   102     apply (blast del: subsetI intro: succ_trans, blast)
   103   txt{*second induction step*}
   104   apply (rule impI [THEN ballI])
   105   apply (rule Union_lemma0 [THEN disjE])
   106     apply (rule_tac [3] disjI2)
   107     prefer 2 apply blast
   108    apply (rule ballI)
   109    apply (rule_tac n1 = n and m1 = x in TFin_linear_lemma1 [THEN disjE],
   110      assumption+, auto)
   111   apply (blast intro!: Abrial_axiom1 [THEN subsetD])
   112   done
   113 
   114 text{*Re-ordering the premises of Lemma 2*}
   115 lemma TFin_subsetD:
   116      "[| n \<subseteq> m;  m \<in> TFin S;  n \<in> TFin S |] ==> n=m | succ S n \<subseteq> m"
   117   by (rule TFin_linear_lemma2 [rule_format])
   118 
   119 text{*Consequences from section 3.3 -- Property 3.2, the ordering is total*}
   120 lemma TFin_subset_linear: "[| m \<in> TFin S;  n \<in> TFin S|] ==> n \<subseteq> m | m \<subseteq> n"
   121   apply (rule disjE)
   122     apply (rule TFin_linear_lemma1 [OF _ _TFin_linear_lemma2])
   123       apply (assumption+, erule disjI2)
   124   apply (blast del: subsetI
   125     intro: subsetI Abrial_axiom1 [THEN subset_trans])
   126   done
   127 
   128 text{*Lemma 3 of section 3.3*}
   129 lemma eq_succ_upper: "[| n \<in> TFin S;  m \<in> TFin S;  m = succ S m |] ==> n \<subseteq> m"
   130   apply (erule TFin_induct)
   131    apply (drule TFin_subsetD)
   132      apply (assumption+, force, blast)
   133   done
   134 
   135 text{*Property 3.3 of section 3.3*}
   136 lemma equal_succ_Union: "m \<in> TFin S ==> (m = succ S m) = (m = Union(TFin S))"
   137   apply (rule iffI)
   138    apply (rule Union_upper [THEN equalityI])
   139     apply assumption
   140    apply (rule eq_succ_upper [THEN Union_least], assumption+)
   141   apply (erule ssubst)
   142   apply (rule Abrial_axiom1 [THEN equalityI])
   143   apply (blast del: subsetI intro: subsetI TFin_UnionI TFin.succI)
   144   done
   145 
   146 subsection{*Hausdorff's Theorem: Every Set Contains a Maximal Chain.*}
   147 
   148 text{*NB: We assume the partial ordering is @{text "\<subseteq>"},
   149  the subset relation!*}
   150 
   151 lemma empty_set_mem_chain: "({} :: 'a set set) \<in> chain S"
   152 by (unfold chain_def chain_subset_def) auto
   153 
   154 lemma super_subset_chain: "super S c \<subseteq> chain S"
   155   by (unfold super_def) blast
   156 
   157 lemma maxchain_subset_chain: "maxchain S \<subseteq> chain S"
   158   by (unfold maxchain_def) blast
   159 
   160 lemma mem_super_Ex: "c \<in> chain S - maxchain S ==> EX d. d \<in> super S c"
   161   by (unfold super_def maxchain_def) auto
   162 
   163 lemma select_super:
   164      "c \<in> chain S - maxchain S ==> (\<some>c'. c': super S c): super S c"
   165   apply (erule mem_super_Ex [THEN exE])
   166   apply (rule someI2, auto)
   167   done
   168 
   169 lemma select_not_equals:
   170      "c \<in> chain S - maxchain S ==> (\<some>c'. c': super S c) \<noteq> c"
   171   apply (rule notI)
   172   apply (drule select_super)
   173   apply (simp add: super_def psubset_def)
   174   done
   175 
   176 lemma succI3: "c \<in> chain S - maxchain S ==> succ S c = (\<some>c'. c': super S c)"
   177   by (unfold succ_def) (blast intro!: if_not_P)
   178 
   179 lemma succ_not_equals: "c \<in> chain S - maxchain S ==> succ S c \<noteq> c"
   180   apply (frule succI3)
   181   apply (simp (no_asm_simp))
   182   apply (rule select_not_equals, assumption)
   183   done
   184 
   185 lemma TFin_chain_lemma4: "c \<in> TFin S ==> (c :: 'a set set): chain S"
   186   apply (erule TFin_induct)
   187    apply (simp add: succ_def select_super [THEN super_subset_chain[THEN subsetD]])
   188   apply (unfold chain_def chain_subset_def)
   189   apply (rule CollectI, safe)
   190    apply (drule bspec, assumption)
   191    apply (rule_tac [2] m1 = Xa and n1 = X in TFin_subset_linear [THEN disjE],
   192      blast+)
   193   done
   194 
   195 theorem Hausdorff: "\<exists>c. (c :: 'a set set): maxchain S"
   196   apply (rule_tac x = "Union (TFin S)" in exI)
   197   apply (rule classical)
   198   apply (subgoal_tac "succ S (Union (TFin S)) = Union (TFin S) ")
   199    prefer 2
   200    apply (blast intro!: TFin_UnionI equal_succ_Union [THEN iffD2, symmetric])
   201   apply (cut_tac subset_refl [THEN TFin_UnionI, THEN TFin_chain_lemma4])
   202   apply (drule DiffI [THEN succ_not_equals], blast+)
   203   done
   204 
   205 
   206 subsection{*Zorn's Lemma: If All Chains Have Upper Bounds Then
   207                                There Is  a Maximal Element*}
   208 
   209 lemma chain_extend:
   210   "[| c \<in> chain S; z \<in> S; \<forall>x \<in> c. x \<subseteq> (z:: 'a set) |] ==> {z} Un c \<in> chain S"
   211 by (unfold chain_def chain_subset_def) blast
   212 
   213 lemma chain_Union_upper: "[| c \<in> chain S; x \<in> c |] ==> x \<subseteq> Union(c)"
   214 by auto
   215 
   216 lemma chain_ball_Union_upper: "c \<in> chain S ==> \<forall>x \<in> c. x \<subseteq> Union(c)"
   217 by auto
   218 
   219 lemma maxchain_Zorn:
   220   "[| c \<in> maxchain S; u \<in> S; Union(c) \<subseteq> u |] ==> Union(c) = u"
   221 apply (rule ccontr)
   222 apply (simp add: maxchain_def)
   223 apply (erule conjE)
   224 apply (subgoal_tac "({u} Un c) \<in> super S c")
   225  apply simp
   226 apply (unfold super_def psubset_def)
   227 apply (blast intro: chain_extend dest: chain_Union_upper)
   228 done
   229 
   230 theorem Zorn_Lemma:
   231   "\<forall>c \<in> chain S. Union(c): S ==> \<exists>y \<in> S. \<forall>z \<in> S. y \<subseteq> z --> y = z"
   232 apply (cut_tac Hausdorff maxchain_subset_chain)
   233 apply (erule exE)
   234 apply (drule subsetD, assumption)
   235 apply (drule bspec, assumption)
   236 apply (rule_tac x = "Union(c)" in bexI)
   237  apply (rule ballI, rule impI)
   238  apply (blast dest!: maxchain_Zorn, assumption)
   239 done
   240 
   241 subsection{*Alternative version of Zorn's Lemma*}
   242 
   243 lemma Zorn_Lemma2:
   244   "\<forall>c \<in> chain S. \<exists>y \<in> S. \<forall>x \<in> c. x \<subseteq> y
   245     ==> \<exists>y \<in> S. \<forall>x \<in> S. (y :: 'a set) \<subseteq> x --> y = x"
   246 apply (cut_tac Hausdorff maxchain_subset_chain)
   247 apply (erule exE)
   248 apply (drule subsetD, assumption)
   249 apply (drule bspec, assumption, erule bexE)
   250 apply (rule_tac x = y in bexI)
   251  prefer 2 apply assumption
   252 apply clarify
   253 apply (rule ccontr)
   254 apply (frule_tac z = x in chain_extend)
   255   apply (assumption, blast)
   256 apply (unfold maxchain_def super_def psubset_def)
   257 apply (blast elim!: equalityCE)
   258 done
   259 
   260 text{*Various other lemmas*}
   261 
   262 lemma chainD: "[| c \<in> chain S; x \<in> c; y \<in> c |] ==> x \<subseteq> y | y \<subseteq> x"
   263 by (unfold chain_def chain_subset_def) blast
   264 
   265 lemma chainD2: "!!(c :: 'a set set). c \<in> chain S ==> c \<subseteq> S"
   266 by (unfold chain_def) blast
   267 
   268 
   269 (* Define globally? In Relation.thy? *)
   270 definition Chain :: "('a*'a)set \<Rightarrow> 'a set set" where
   271 "Chain r \<equiv> {A. \<forall>a\<in>A.\<forall>b\<in>A. (a,b) : r \<or> (b,a) \<in> r}"
   272 
   273 lemma mono_Chain: "r \<subseteq> s \<Longrightarrow> Chain r \<subseteq> Chain s"
   274 unfolding Chain_def by blast
   275 
   276 text{* Zorn's lemma for partial orders: *}
   277 
   278 lemma Zorns_po_lemma:
   279 assumes po: "Partial_order r" and u: "\<forall>C\<in>Chain r. \<exists>u\<in>Field r. \<forall>a\<in>C. (a,u):r"
   280 shows "\<exists>m\<in>Field r. \<forall>a\<in>Field r. (m,a):r \<longrightarrow> a=m"
   281 proof-
   282   have "Preorder r" using po by(simp add:Partial_order_def)
   283 --{* Mirror r in the set of subsets below (wrt r) elements of A*}
   284   let ?B = "%x. r^-1 `` {x}" let ?S = "?B ` Field r"
   285   have "\<forall>C \<in> chain ?S. EX U:?S. ALL A:C. A\<subseteq>U"
   286   proof (auto simp:chain_def chain_subset_def)
   287     fix C assume 1: "C \<subseteq> ?S" and 2: "\<forall>A\<in>C.\<forall>B\<in>C. A\<subseteq>B | B\<subseteq>A"
   288     let ?A = "{x\<in>Field r. \<exists>M\<in>C. M = ?B x}"
   289     have "C = ?B ` ?A" using 1 by(auto simp: image_def)
   290     have "?A\<in>Chain r"
   291     proof (simp add:Chain_def, intro allI impI, elim conjE)
   292       fix a b
   293       assume "a \<in> Field r" "?B a \<in> C" "b \<in> Field r" "?B b \<in> C"
   294       hence "?B a \<subseteq> ?B b \<or> ?B b \<subseteq> ?B a" using 2 by auto
   295       thus "(a, b) \<in> r \<or> (b, a) \<in> r" using `Preorder r` `a:Field r` `b:Field r`
   296 	by(simp add:subset_Image1_Image1_iff)
   297     qed
   298     then obtain u where uA: "u:Field r" "\<forall>a\<in>?A. (a,u) : r" using u by auto
   299     have "\<forall>A\<in>C. A \<subseteq> r^-1 `` {u}" (is "?P u")
   300     proof auto
   301       fix a B assume aB: "B:C" "a:B"
   302       with 1 obtain x where "x:Field r" "B = r^-1 `` {x}" by auto
   303       thus "(a,u) : r" using uA aB `Preorder r`
   304 	by (auto simp add: Preorder_def Refl_def) (metis transD)
   305     qed
   306     thus "EX u:Field r. ?P u" using `u:Field r` by blast
   307   qed
   308   from Zorn_Lemma2[OF this]
   309   obtain m B where "m:Field r" "B = r^-1 `` {m}"
   310     "\<forall>x\<in>Field r. B \<subseteq> r^-1 `` {x} \<longrightarrow> B = r^-1 `` {x}"
   311     by(auto simp:image_def) blast
   312   hence "\<forall>a\<in>Field r. (m, a) \<in> r \<longrightarrow> a = m" using po `Preorder r` `m:Field r`
   313     by(auto simp:subset_Image1_Image1_iff Partial_order_eq_Image1_Image1_iff)
   314   thus ?thesis using `m:Field r` by blast
   315 qed
   316 
   317 (* The initial segment of a relation appears generally useful.
   318    Move to Relation.thy?
   319    Definition correct/most general?
   320    Naming?
   321 *)
   322 definition init_seg_of :: "(('a*'a)set * ('a*'a)set)set" where
   323 "init_seg_of == {(r,s). r \<subseteq> s \<and> (\<forall>a b c. (a,b):s \<and> (b,c):r \<longrightarrow> (a,b):r)}"
   324 
   325 abbreviation initialSegmentOf :: "('a*'a)set \<Rightarrow> ('a*'a)set \<Rightarrow> bool"
   326              (infix "initial'_segment'_of" 55) where
   327 "r initial_segment_of s == (r,s):init_seg_of"
   328 
   329 lemma refl_init_seg_of[simp]: "r initial_segment_of r"
   330 by(simp add:init_seg_of_def)
   331 
   332 lemma trans_init_seg_of:
   333   "r initial_segment_of s \<Longrightarrow> s initial_segment_of t \<Longrightarrow> r initial_segment_of t"
   334 by(simp (no_asm_use) add: init_seg_of_def)
   335   (metis Domain_iff UnCI Un_absorb2 subset_trans)
   336 
   337 lemma antisym_init_seg_of:
   338   "r initial_segment_of s \<Longrightarrow> s initial_segment_of r \<Longrightarrow> r=s"
   339 by(auto simp:init_seg_of_def)
   340 
   341 lemma Chain_init_seg_of_Union:
   342   "R \<in> Chain init_seg_of \<Longrightarrow> r\<in>R \<Longrightarrow> r initial_segment_of \<Union>R"
   343 by(auto simp add:init_seg_of_def Chain_def Ball_def) blast
   344 
   345 lemma chain_subset_trans_Union:
   346   "chain\<^bsub>\<subseteq>\<^esub> R \<Longrightarrow> \<forall>r\<in>R. trans r \<Longrightarrow> trans(\<Union>R)"
   347 apply(auto simp add:chain_subset_def)
   348 apply(simp (no_asm_use) add:trans_def)
   349 apply (metis subsetD)
   350 done
   351 
   352 lemma chain_subset_antisym_Union:
   353   "chain\<^bsub>\<subseteq>\<^esub> R \<Longrightarrow> \<forall>r\<in>R. antisym r \<Longrightarrow> antisym(\<Union>R)"
   354 apply(auto simp add:chain_subset_def antisym_def)
   355 apply (metis subsetD)
   356 done
   357 
   358 lemma chain_subset_Total_Union:
   359 assumes "chain\<^bsub>\<subseteq>\<^esub> R" "\<forall>r\<in>R. Total r"
   360 shows "Total (\<Union>R)"
   361 proof (simp add: Total_def Ball_def, auto del:disjCI)
   362   fix r s a b assume A: "r:R" "s:R" "a:Field r" "b:Field s" "a\<noteq>b"
   363   from `chain\<^bsub>\<subseteq>\<^esub> R` `r:R` `s:R` have "r\<subseteq>s \<or> s\<subseteq>r"
   364     by(simp add:chain_subset_def)
   365   thus "(\<exists>r\<in>R. (a,b) \<in> r) \<or> (\<exists>r\<in>R. (b,a) \<in> r)"
   366   proof
   367     assume "r\<subseteq>s" hence "(a,b):s \<or> (b,a):s" using assms(2) A
   368       by(simp add:Total_def)(metis mono_Field subsetD)
   369     thus ?thesis using `s:R` by blast
   370   next
   371     assume "s\<subseteq>r" hence "(a,b):r \<or> (b,a):r" using assms(2) A
   372       by(simp add:Total_def)(metis mono_Field subsetD)
   373     thus ?thesis using `r:R` by blast
   374   qed
   375 qed
   376 
   377 lemma wf_Union_wf_init_segs:
   378 assumes "R \<in> Chain init_seg_of" and "\<forall>r\<in>R. wf r" shows "wf(\<Union>R)"
   379 proof(simp add:wf_iff_no_infinite_down_chain, rule ccontr, auto)
   380   fix f assume 1: "\<forall>i. \<exists>r\<in>R. (f(Suc i), f i) \<in> r"
   381   then obtain r where "r:R" and "(f(Suc 0), f 0) : r" by auto
   382   { fix i have "(f(Suc i), f i) \<in> r"
   383     proof(induct i)
   384       case 0 show ?case by fact
   385     next
   386       case (Suc i)
   387       moreover obtain s where "s\<in>R" and "(f(Suc(Suc i)), f(Suc i)) \<in> s"
   388 	using 1 by auto
   389       moreover hence "s initial_segment_of r \<or> r initial_segment_of s"
   390 	using assms(1) `r:R` by(simp add: Chain_def)
   391       ultimately show ?case by(simp add:init_seg_of_def) blast
   392     qed
   393   }
   394   thus False using assms(2) `r:R`
   395     by(simp add:wf_iff_no_infinite_down_chain) blast
   396 qed
   397 
   398 lemma Chain_inits_DiffI:
   399   "R \<in> Chain init_seg_of \<Longrightarrow> {r - s |r. r \<in> R} \<in> Chain init_seg_of"
   400 apply(auto simp:Chain_def init_seg_of_def)
   401 apply (metis subsetD)
   402 apply (metis subsetD)
   403 done
   404 
   405 theorem well_ordering: "\<exists>r::('a*'a)set. Well_order r \<and> Field r = UNIV"
   406 proof-
   407 -- {*The initial segment relation on well-orders: *}
   408   let ?WO = "{r::('a*'a)set. Well_order r}"
   409   def I \<equiv> "init_seg_of \<inter> ?WO \<times> ?WO"
   410   have I_init: "I \<subseteq> init_seg_of" by(auto simp:I_def)
   411   hence subch: "!!R. R : Chain I \<Longrightarrow> chain\<^bsub>\<subseteq>\<^esub> R"
   412     by(auto simp:init_seg_of_def chain_subset_def Chain_def)
   413   have Chain_wo: "!!R r. R \<in> Chain I \<Longrightarrow> r \<in> R \<Longrightarrow> Well_order r"
   414     by(simp add:Chain_def I_def) blast
   415   have FI: "Field I = ?WO" by(auto simp add:I_def init_seg_of_def Field_def)
   416   hence 0: "Partial_order I"
   417     by(auto simp add: Partial_order_def Preorder_def antisym_def antisym_init_seg_of Refl_def trans_def I_def)(metis trans_init_seg_of)
   418 -- {*I-chains have upper bounds in ?WO wrt I: their Union*}
   419   { fix R assume "R \<in> Chain I"
   420     hence Ris: "R \<in> Chain init_seg_of" using mono_Chain[OF I_init] by blast
   421     have subch: "chain\<^bsub>\<subseteq>\<^esub> R" using `R : Chain I` I_init
   422       by(auto simp:init_seg_of_def chain_subset_def Chain_def)
   423     have "\<forall>r\<in>R. Refl r" "\<forall>r\<in>R. trans r" "\<forall>r\<in>R. antisym r" "\<forall>r\<in>R. Total r"
   424          "\<forall>r\<in>R. wf(r-Id)"
   425       using Chain_wo[OF `R \<in> Chain I`] by(simp_all add:Order_defs)
   426     have "Refl (\<Union>R)" using `\<forall>r\<in>R. Refl r` by(auto simp:Refl_def)
   427     moreover have "trans (\<Union>R)"
   428       by(rule chain_subset_trans_Union[OF subch `\<forall>r\<in>R. trans r`])
   429     moreover have "antisym(\<Union>R)"
   430       by(rule chain_subset_antisym_Union[OF subch `\<forall>r\<in>R. antisym r`])
   431     moreover have "Total (\<Union>R)"
   432       by(rule chain_subset_Total_Union[OF subch `\<forall>r\<in>R. Total r`])
   433     moreover have "wf((\<Union>R)-Id)"
   434     proof-
   435       have "(\<Union>R)-Id = \<Union>{r-Id|r. r \<in> R}" by blast
   436       with `\<forall>r\<in>R. wf(r-Id)` wf_Union_wf_init_segs[OF Chain_inits_DiffI[OF Ris]]
   437       show ?thesis by (simp (no_asm_simp)) blast
   438     qed
   439     ultimately have "Well_order (\<Union>R)" by(simp add:Order_defs)
   440     moreover have "\<forall>r \<in> R. r initial_segment_of \<Union>R" using Ris
   441       by(simp add: Chain_init_seg_of_Union)
   442     ultimately have "\<Union>R : ?WO \<and> (\<forall>r\<in>R. (r,\<Union>R) : I)"
   443       using mono_Chain[OF I_init] `R \<in> Chain I`
   444       by(simp (no_asm) add:I_def del:Field_Union)(metis Chain_wo subsetD)
   445   }
   446   hence 1: "\<forall>R \<in> Chain I. \<exists>u\<in>Field I. \<forall>r\<in>R. (r,u) : I" by (subst FI) blast
   447 --{*Zorn's Lemma yields a maximal well-order m:*}
   448   then obtain m::"('a*'a)set" where "Well_order m" and
   449     max: "\<forall>r. Well_order r \<and> (m,r):I \<longrightarrow> r=m"
   450     using Zorns_po_lemma[OF 0 1] by (auto simp:FI)
   451 --{*Now show by contradiction that m covers the whole type:*}
   452   { fix x::'a assume "x \<notin> Field m"
   453 --{*We assume that x is not covered and extend m at the top with x*}
   454     have "m \<noteq> {}"
   455     proof
   456       assume "m={}"
   457       moreover have "Well_order {(x,x)}"
   458 	by(simp add:Order_defs Refl_def trans_def antisym_def Total_def Field_def Domain_def Range_def)
   459       ultimately show False using max
   460 	by (auto simp:I_def init_seg_of_def simp del:Field_insert)
   461     qed
   462     hence "Field m \<noteq> {}" by(auto simp:Field_def)
   463     moreover have "wf(m-Id)" using `Well_order m` by(simp add:Well_order_def)
   464 --{*The extension of m by x:*}
   465     let ?s = "{(a,x)|a. a : Field m}" let ?m = "insert (x,x) m Un ?s"
   466     have Fm: "Field ?m = insert x (Field m)"
   467       apply(simp add:Field_insert Field_Un)
   468       unfolding Field_def by auto
   469     have "Refl m" "trans m" "antisym m" "Total m" "wf(m-Id)"
   470       using `Well_order m` by(simp_all add:Order_defs)
   471 --{*We show that the extension is a well-order*}
   472     have "Refl ?m" using `Refl m` Fm by(auto simp:Refl_def)
   473     moreover have "trans ?m" using `trans m` `x \<notin> Field m`
   474       unfolding trans_def Field_def Domain_def Range_def by blast
   475     moreover have "antisym ?m" using `antisym m` `x \<notin> Field m`
   476       unfolding antisym_def Field_def Domain_def Range_def by blast
   477     moreover have "Total ?m" using `Total m` Fm by(auto simp: Total_def)
   478     moreover have "wf(?m-Id)"
   479     proof-
   480       have "wf ?s" using `x \<notin> Field m`
   481 	by(auto simp add:wf_eq_minimal Field_def Domain_def Range_def) metis
   482       thus ?thesis using `wf(m-Id)` `x \<notin> Field m`
   483 	wf_subset[OF `wf ?s` Diff_subset]
   484 	by (fastsimp intro!: wf_Un simp add: Un_Diff Field_def)
   485     qed
   486     ultimately have "Well_order ?m" by(simp add:Order_defs)
   487 --{*We show that the extension is above m*}
   488     moreover hence "(m,?m) : I" using `Well_order m` `x \<notin> Field m`
   489       by(fastsimp simp:I_def init_seg_of_def Field_def Domain_def Range_def)
   490     ultimately
   491 --{*This contradicts maximality of m:*}
   492     have False using max `x \<notin> Field m` unfolding Field_def by blast
   493   }
   494   hence "Field m = UNIV" by auto
   495   moreover with `Well_order m` have "Well_order m" by simp
   496   ultimately show ?thesis by blast
   497 qed
   498 
   499 corollary well_ordering_set: "\<exists>r::('a*'a)set. Well_order r \<and> Field r = A"
   500 proof -
   501   obtain r::"('a*'a)set" where wo: "Well_order r" and univ: "Field r = UNIV"
   502     using well_ordering[where 'a = "'a"] by blast
   503   let ?r = "{(x,y). x:A & y:A & (x,y):r}"
   504   have 1: "Field ?r = A" using wo univ
   505     by(fastsimp simp: Field_def Domain_def Range_def Order_defs Refl_def)
   506   have "Refl r" "trans r" "antisym r" "Total r" "wf(r-Id)"
   507     using `Well_order r` by(simp_all add:Order_defs)
   508   have "Refl ?r" using `Refl r` by(auto simp:Refl_def 1 univ)
   509   moreover have "trans ?r" using `trans r`
   510     unfolding trans_def by blast
   511   moreover have "antisym ?r" using `antisym r`
   512     unfolding antisym_def by blast
   513   moreover have "Total ?r" using `Total r` by(simp add:Total_def 1 univ)
   514   moreover have "wf(?r - Id)" by(rule wf_subset[OF `wf(r-Id)`]) blast
   515   ultimately have "Well_order ?r" by(simp add:Order_defs)
   516   with 1 show ?thesis by blast
   517 qed
   518 
   519 end