src/HOL/ex/Dedekind_Real.thy
author bulwahn
Fri Oct 21 11:17:14 2011 +0200 (2011-10-21)
changeset 45231 d85a2fdc586c
parent 41541 1fa4725c4656
child 45694 4a8743618257
permissions -rw-r--r--
replacing code_inline by code_unfold, removing obsolete code_unfold, code_inline del now that the ancient code generator is removed
     1 (*  Title:      HOL/ex/Dedekind_Real.thy
     2     Author:     Jacques D. Fleuriot, University of Cambridge
     3     Conversion to Isar and new proofs by Lawrence C Paulson, 2003/4
     4 
     5 The positive reals as Dedekind sections of positive
     6 rationals. Fundamentals of Abstract Analysis [Gleason- p. 121]
     7 provides some of the definitions.
     8 *)
     9 
    10 theory Dedekind_Real
    11 imports Rat Lubs
    12 begin
    13 
    14 section {* Positive real numbers *}
    15 
    16 text{*Could be generalized and moved to @{text Groups}*}
    17 lemma add_eq_exists: "\<exists>x. a+x = (b::rat)"
    18 by (rule_tac x="b-a" in exI, simp)
    19 
    20 definition
    21   cut :: "rat set => bool" where
    22   "cut A = ({} \<subset> A &
    23             A < {r. 0 < r} &
    24             (\<forall>y \<in> A. ((\<forall>z. 0<z & z < y --> z \<in> A) & (\<exists>u \<in> A. y < u))))"
    25 
    26 lemma interval_empty_iff:
    27   "{y. (x::'a::dense_linorder) < y \<and> y < z} = {} \<longleftrightarrow> \<not> x < z"
    28   by (auto dest: dense)
    29 
    30 
    31 lemma cut_of_rat: 
    32   assumes q: "0 < q" shows "cut {r::rat. 0 < r & r < q}" (is "cut ?A")
    33 proof -
    34   from q have pos: "?A < {r. 0 < r}" by force
    35   have nonempty: "{} \<subset> ?A"
    36   proof
    37     show "{} \<subseteq> ?A" by simp
    38     show "{} \<noteq> ?A"
    39       by (force simp only: q eq_commute [of "{}"] interval_empty_iff)
    40   qed
    41   show ?thesis
    42     by (simp add: cut_def pos nonempty,
    43         blast dest: dense intro: order_less_trans)
    44 qed
    45 
    46 
    47 typedef preal = "{A. cut A}"
    48   by (blast intro: cut_of_rat [OF zero_less_one])
    49 
    50 definition
    51   psup :: "preal set => preal" where
    52   "psup P = Abs_preal (\<Union>X \<in> P. Rep_preal X)"
    53 
    54 definition
    55   add_set :: "[rat set,rat set] => rat set" where
    56   "add_set A B = {w. \<exists>x \<in> A. \<exists>y \<in> B. w = x + y}"
    57 
    58 definition
    59   diff_set :: "[rat set,rat set] => rat set" where
    60   "diff_set A B = {w. \<exists>x. 0 < w & 0 < x & x \<notin> B & x + w \<in> A}"
    61 
    62 definition
    63   mult_set :: "[rat set,rat set] => rat set" where
    64   "mult_set A B = {w. \<exists>x \<in> A. \<exists>y \<in> B. w = x * y}"
    65 
    66 definition
    67   inverse_set :: "rat set => rat set" where
    68   "inverse_set A = {x. \<exists>y. 0 < x & x < y & inverse y \<notin> A}"
    69 
    70 instantiation preal :: "{ord, plus, minus, times, inverse, one}"
    71 begin
    72 
    73 definition
    74   preal_less_def:
    75     "R < S == Rep_preal R < Rep_preal S"
    76 
    77 definition
    78   preal_le_def:
    79     "R \<le> S == Rep_preal R \<subseteq> Rep_preal S"
    80 
    81 definition
    82   preal_add_def:
    83     "R + S == Abs_preal (add_set (Rep_preal R) (Rep_preal S))"
    84 
    85 definition
    86   preal_diff_def:
    87     "R - S == Abs_preal (diff_set (Rep_preal R) (Rep_preal S))"
    88 
    89 definition
    90   preal_mult_def:
    91     "R * S == Abs_preal (mult_set (Rep_preal R) (Rep_preal S))"
    92 
    93 definition
    94   preal_inverse_def:
    95     "inverse R == Abs_preal (inverse_set (Rep_preal R))"
    96 
    97 definition "R / S = R * inverse (S\<Colon>preal)"
    98 
    99 definition
   100   preal_one_def:
   101     "1 == Abs_preal {x. 0 < x & x < 1}"
   102 
   103 instance ..
   104 
   105 end
   106 
   107 
   108 text{*Reduces equality on abstractions to equality on representatives*}
   109 declare Abs_preal_inject [simp]
   110 declare Abs_preal_inverse [simp]
   111 
   112 lemma rat_mem_preal: "0 < q ==> {r::rat. 0 < r & r < q} \<in> preal"
   113 by (simp add: preal_def cut_of_rat)
   114 
   115 lemma preal_nonempty: "A \<in> preal ==> \<exists>x\<in>A. 0 < x"
   116 by (unfold preal_def cut_def, blast)
   117 
   118 lemma preal_Ex_mem: "A \<in> preal \<Longrightarrow> \<exists>x. x \<in> A"
   119 by (drule preal_nonempty, fast)
   120 
   121 lemma preal_imp_psubset_positives: "A \<in> preal ==> A < {r. 0 < r}"
   122 by (force simp add: preal_def cut_def)
   123 
   124 lemma preal_exists_bound: "A \<in> preal ==> \<exists>x. 0 < x & x \<notin> A"
   125 by (drule preal_imp_psubset_positives, auto)
   126 
   127 lemma preal_exists_greater: "[| A \<in> preal; y \<in> A |] ==> \<exists>u \<in> A. y < u"
   128 by (unfold preal_def cut_def, blast)
   129 
   130 lemma preal_downwards_closed: "[| A \<in> preal; y \<in> A; 0 < z; z < y |] ==> z \<in> A"
   131 by (unfold preal_def cut_def, blast)
   132 
   133 text{*Relaxing the final premise*}
   134 lemma preal_downwards_closed':
   135      "[| A \<in> preal; y \<in> A; 0 < z; z \<le> y |] ==> z \<in> A"
   136 apply (simp add: order_le_less)
   137 apply (blast intro: preal_downwards_closed)
   138 done
   139 
   140 text{*A positive fraction not in a positive real is an upper bound.
   141  Gleason p. 122 - Remark (1)*}
   142 
   143 lemma not_in_preal_ub:
   144   assumes A: "A \<in> preal"
   145     and notx: "x \<notin> A"
   146     and y: "y \<in> A"
   147     and pos: "0 < x"
   148   shows "y < x"
   149 proof (cases rule: linorder_cases)
   150   assume "x<y"
   151   with notx show ?thesis
   152     by (simp add:  preal_downwards_closed [OF A y] pos)
   153 next
   154   assume "x=y"
   155   with notx and y show ?thesis by simp
   156 next
   157   assume "y<x"
   158   thus ?thesis .
   159 qed
   160 
   161 text {* preal lemmas instantiated to @{term "Rep_preal X"} *}
   162 
   163 lemma mem_Rep_preal_Ex: "\<exists>x. x \<in> Rep_preal X"
   164 by (rule preal_Ex_mem [OF Rep_preal])
   165 
   166 lemma Rep_preal_exists_bound: "\<exists>x>0. x \<notin> Rep_preal X"
   167 by (rule preal_exists_bound [OF Rep_preal])
   168 
   169 lemmas not_in_Rep_preal_ub = not_in_preal_ub [OF Rep_preal]
   170 
   171 
   172 subsection{*Properties of Ordering*}
   173 
   174 instance preal :: order
   175 proof
   176   fix w :: preal
   177   show "w \<le> w" by (simp add: preal_le_def)
   178 next
   179   fix i j k :: preal
   180   assume "i \<le> j" and "j \<le> k"
   181   then show "i \<le> k" by (simp add: preal_le_def)
   182 next
   183   fix z w :: preal
   184   assume "z \<le> w" and "w \<le> z"
   185   then show "z = w" by (simp add: preal_le_def Rep_preal_inject)
   186 next
   187   fix z w :: preal
   188   show "z < w \<longleftrightarrow> z \<le> w \<and> \<not> w \<le> z"
   189   by (auto simp add: preal_le_def preal_less_def Rep_preal_inject)
   190 qed  
   191 
   192 lemma preal_imp_pos: "[|A \<in> preal; r \<in> A|] ==> 0 < r"
   193 by (insert preal_imp_psubset_positives, blast)
   194 
   195 instance preal :: linorder
   196 proof
   197   fix x y :: preal
   198   show "x <= y | y <= x"
   199     apply (auto simp add: preal_le_def)
   200     apply (rule ccontr)
   201     apply (blast dest: not_in_Rep_preal_ub intro: preal_imp_pos [OF Rep_preal]
   202              elim: order_less_asym)
   203     done
   204 qed
   205 
   206 instantiation preal :: distrib_lattice
   207 begin
   208 
   209 definition
   210   "(inf \<Colon> preal \<Rightarrow> preal \<Rightarrow> preal) = min"
   211 
   212 definition
   213   "(sup \<Colon> preal \<Rightarrow> preal \<Rightarrow> preal) = max"
   214 
   215 instance
   216   by intro_classes
   217     (auto simp add: inf_preal_def sup_preal_def min_max.sup_inf_distrib1)
   218 
   219 end
   220 
   221 subsection{*Properties of Addition*}
   222 
   223 lemma preal_add_commute: "(x::preal) + y = y + x"
   224 apply (unfold preal_add_def add_set_def)
   225 apply (rule_tac f = Abs_preal in arg_cong)
   226 apply (force simp add: add_commute)
   227 done
   228 
   229 text{*Lemmas for proving that addition of two positive reals gives
   230  a positive real*}
   231 
   232 text{*Part 1 of Dedekind sections definition*}
   233 lemma add_set_not_empty:
   234      "[|A \<in> preal; B \<in> preal|] ==> {} \<subset> add_set A B"
   235 apply (drule preal_nonempty)+
   236 apply (auto simp add: add_set_def)
   237 done
   238 
   239 text{*Part 2 of Dedekind sections definition.  A structured version of
   240 this proof is @{text preal_not_mem_mult_set_Ex} below.*}
   241 lemma preal_not_mem_add_set_Ex:
   242      "[|A \<in> preal; B \<in> preal|] ==> \<exists>q>0. q \<notin> add_set A B"
   243 apply (insert preal_exists_bound [of A] preal_exists_bound [of B], auto) 
   244 apply (rule_tac x = "x+xa" in exI)
   245 apply (simp add: add_set_def, clarify)
   246 apply (drule (3) not_in_preal_ub)+
   247 apply (force dest: add_strict_mono)
   248 done
   249 
   250 lemma add_set_not_rat_set:
   251    assumes A: "A \<in> preal" 
   252        and B: "B \<in> preal"
   253      shows "add_set A B < {r. 0 < r}"
   254 proof
   255   from preal_imp_pos [OF A] preal_imp_pos [OF B]
   256   show "add_set A B \<subseteq> {r. 0 < r}" by (force simp add: add_set_def) 
   257 next
   258   show "add_set A B \<noteq> {r. 0 < r}"
   259     by (insert preal_not_mem_add_set_Ex [OF A B], blast) 
   260 qed
   261 
   262 text{*Part 3 of Dedekind sections definition*}
   263 lemma add_set_lemma3:
   264      "[|A \<in> preal; B \<in> preal; u \<in> add_set A B; 0 < z; z < u|] 
   265       ==> z \<in> add_set A B"
   266 proof (unfold add_set_def, clarify)
   267   fix x::rat and y::rat
   268   assume A: "A \<in> preal" 
   269     and B: "B \<in> preal"
   270     and [simp]: "0 < z"
   271     and zless: "z < x + y"
   272     and x:  "x \<in> A"
   273     and y:  "y \<in> B"
   274   have xpos [simp]: "0<x" by (rule preal_imp_pos [OF A x])
   275   have ypos [simp]: "0<y" by (rule preal_imp_pos [OF B y])
   276   have xypos [simp]: "0 < x+y" by (simp add: pos_add_strict)
   277   let ?f = "z/(x+y)"
   278   have fless: "?f < 1" by (simp add: zless pos_divide_less_eq)
   279   show "\<exists>x' \<in> A. \<exists>y'\<in>B. z = x' + y'"
   280   proof (intro bexI)
   281     show "z = x*?f + y*?f"
   282       by (simp add: left_distrib [symmetric] divide_inverse mult_ac
   283           order_less_imp_not_eq2)
   284   next
   285     show "y * ?f \<in> B"
   286     proof (rule preal_downwards_closed [OF B y])
   287       show "0 < y * ?f"
   288         by (simp add: divide_inverse zero_less_mult_iff)
   289     next
   290       show "y * ?f < y"
   291         by (insert mult_strict_left_mono [OF fless ypos], simp)
   292     qed
   293   next
   294     show "x * ?f \<in> A"
   295     proof (rule preal_downwards_closed [OF A x])
   296       show "0 < x * ?f"
   297         by (simp add: divide_inverse zero_less_mult_iff)
   298     next
   299       show "x * ?f < x"
   300         by (insert mult_strict_left_mono [OF fless xpos], simp)
   301     qed
   302   qed
   303 qed
   304 
   305 text{*Part 4 of Dedekind sections definition*}
   306 lemma add_set_lemma4:
   307      "[|A \<in> preal; B \<in> preal; y \<in> add_set A B|] ==> \<exists>u \<in> add_set A B. y < u"
   308 apply (auto simp add: add_set_def)
   309 apply (frule preal_exists_greater [of A], auto) 
   310 apply (rule_tac x="u + y" in exI)
   311 apply (auto intro: add_strict_left_mono)
   312 done
   313 
   314 lemma mem_add_set:
   315      "[|A \<in> preal; B \<in> preal|] ==> add_set A B \<in> preal"
   316 apply (simp (no_asm_simp) add: preal_def cut_def)
   317 apply (blast intro!: add_set_not_empty add_set_not_rat_set
   318                      add_set_lemma3 add_set_lemma4)
   319 done
   320 
   321 lemma preal_add_assoc: "((x::preal) + y) + z = x + (y + z)"
   322 apply (simp add: preal_add_def mem_add_set Rep_preal)
   323 apply (force simp add: add_set_def add_ac)
   324 done
   325 
   326 instance preal :: ab_semigroup_add
   327 proof
   328   fix a b c :: preal
   329   show "(a + b) + c = a + (b + c)" by (rule preal_add_assoc)
   330   show "a + b = b + a" by (rule preal_add_commute)
   331 qed
   332 
   333 
   334 subsection{*Properties of Multiplication*}
   335 
   336 text{*Proofs essentially same as for addition*}
   337 
   338 lemma preal_mult_commute: "(x::preal) * y = y * x"
   339 apply (unfold preal_mult_def mult_set_def)
   340 apply (rule_tac f = Abs_preal in arg_cong)
   341 apply (force simp add: mult_commute)
   342 done
   343 
   344 text{*Multiplication of two positive reals gives a positive real.*}
   345 
   346 text{*Lemmas for proving positive reals multiplication set in @{typ preal}*}
   347 
   348 text{*Part 1 of Dedekind sections definition*}
   349 lemma mult_set_not_empty:
   350      "[|A \<in> preal; B \<in> preal|] ==> {} \<subset> mult_set A B"
   351 apply (insert preal_nonempty [of A] preal_nonempty [of B]) 
   352 apply (auto simp add: mult_set_def)
   353 done
   354 
   355 text{*Part 2 of Dedekind sections definition*}
   356 lemma preal_not_mem_mult_set_Ex:
   357   assumes A: "A \<in> preal" 
   358     and B: "B \<in> preal"
   359   shows "\<exists>q. 0 < q & q \<notin> mult_set A B"
   360 proof -
   361   from preal_exists_bound [OF A] obtain x where 1 [simp]: "0 < x" "x \<notin> A" by blast
   362   from preal_exists_bound [OF B] obtain y where 2 [simp]: "0 < y" "y \<notin> B" by blast
   363   show ?thesis
   364   proof (intro exI conjI)
   365     show "0 < x*y" by (simp add: mult_pos_pos)
   366     show "x * y \<notin> mult_set A B"
   367     proof -
   368       {
   369         fix u::rat and v::rat
   370         assume u: "u \<in> A" and v: "v \<in> B" and xy: "x*y = u*v"
   371         moreover from A B 1 2 u v have "u<x" and "v<y" by (blast dest: not_in_preal_ub)+
   372         moreover
   373         from A B 1 2 u v have "0\<le>v"
   374           by (blast intro: preal_imp_pos [OF B] order_less_imp_le)
   375         moreover
   376         from A B 1 `u < x` `v < y` `0 \<le> v`
   377         have "u*v < x*y" by (blast intro: mult_strict_mono)
   378         ultimately have False by force
   379       }
   380       thus ?thesis by (auto simp add: mult_set_def)
   381     qed
   382   qed
   383 qed
   384 
   385 lemma mult_set_not_rat_set:
   386   assumes A: "A \<in> preal" 
   387     and B: "B \<in> preal"
   388   shows "mult_set A B < {r. 0 < r}"
   389 proof
   390   show "mult_set A B \<subseteq> {r. 0 < r}"
   391     by (force simp add: mult_set_def
   392       intro: preal_imp_pos [OF A] preal_imp_pos [OF B] mult_pos_pos)
   393   show "mult_set A B \<noteq> {r. 0 < r}"
   394     using preal_not_mem_mult_set_Ex [OF A B] by blast
   395 qed
   396 
   397 
   398 
   399 text{*Part 3 of Dedekind sections definition*}
   400 lemma mult_set_lemma3:
   401      "[|A \<in> preal; B \<in> preal; u \<in> mult_set A B; 0 < z; z < u|] 
   402       ==> z \<in> mult_set A B"
   403 proof (unfold mult_set_def, clarify)
   404   fix x::rat and y::rat
   405   assume A: "A \<in> preal" 
   406     and B: "B \<in> preal"
   407     and [simp]: "0 < z"
   408     and zless: "z < x * y"
   409     and x:  "x \<in> A"
   410     and y:  "y \<in> B"
   411   have [simp]: "0<y" by (rule preal_imp_pos [OF B y])
   412   show "\<exists>x' \<in> A. \<exists>y' \<in> B. z = x' * y'"
   413   proof
   414     show "\<exists>y'\<in>B. z = (z/y) * y'"
   415     proof
   416       show "z = (z/y)*y"
   417         by (simp add: divide_inverse mult_commute [of y] mult_assoc
   418                       order_less_imp_not_eq2)
   419       show "y \<in> B" by fact
   420     qed
   421   next
   422     show "z/y \<in> A"
   423     proof (rule preal_downwards_closed [OF A x])
   424       show "0 < z/y"
   425         by (simp add: zero_less_divide_iff)
   426       show "z/y < x" by (simp add: pos_divide_less_eq zless)
   427     qed
   428   qed
   429 qed
   430 
   431 text{*Part 4 of Dedekind sections definition*}
   432 lemma mult_set_lemma4:
   433      "[|A \<in> preal; B \<in> preal; y \<in> mult_set A B|] ==> \<exists>u \<in> mult_set A B. y < u"
   434 apply (auto simp add: mult_set_def)
   435 apply (frule preal_exists_greater [of A], auto) 
   436 apply (rule_tac x="u * y" in exI)
   437 apply (auto intro: preal_imp_pos [of A] preal_imp_pos [of B] 
   438                    mult_strict_right_mono)
   439 done
   440 
   441 
   442 lemma mem_mult_set:
   443      "[|A \<in> preal; B \<in> preal|] ==> mult_set A B \<in> preal"
   444 apply (simp (no_asm_simp) add: preal_def cut_def)
   445 apply (blast intro!: mult_set_not_empty mult_set_not_rat_set
   446                      mult_set_lemma3 mult_set_lemma4)
   447 done
   448 
   449 lemma preal_mult_assoc: "((x::preal) * y) * z = x * (y * z)"
   450 apply (simp add: preal_mult_def mem_mult_set Rep_preal)
   451 apply (force simp add: mult_set_def mult_ac)
   452 done
   453 
   454 instance preal :: ab_semigroup_mult
   455 proof
   456   fix a b c :: preal
   457   show "(a * b) * c = a * (b * c)" by (rule preal_mult_assoc)
   458   show "a * b = b * a" by (rule preal_mult_commute)
   459 qed
   460 
   461 
   462 text{* Positive real 1 is the multiplicative identity element *}
   463 
   464 lemma preal_mult_1: "(1::preal) * z = z"
   465 proof (induct z)
   466   fix A :: "rat set"
   467   assume A: "A \<in> preal"
   468   have "{w. \<exists>u. 0 < u \<and> u < 1 & (\<exists>v \<in> A. w = u * v)} = A" (is "?lhs = A")
   469   proof
   470     show "?lhs \<subseteq> A"
   471     proof clarify
   472       fix x::rat and u::rat and v::rat
   473       assume upos: "0<u" and "u<1" and v: "v \<in> A"
   474       have vpos: "0<v" by (rule preal_imp_pos [OF A v])
   475       hence "u*v < 1*v" by (simp only: mult_strict_right_mono upos `u < 1` v)
   476       thus "u * v \<in> A"
   477         by (force intro: preal_downwards_closed [OF A v] mult_pos_pos 
   478           upos vpos)
   479     qed
   480   next
   481     show "A \<subseteq> ?lhs"
   482     proof clarify
   483       fix x::rat
   484       assume x: "x \<in> A"
   485       have xpos: "0<x" by (rule preal_imp_pos [OF A x])
   486       from preal_exists_greater [OF A x]
   487       obtain v where v: "v \<in> A" and xlessv: "x < v" ..
   488       have vpos: "0<v" by (rule preal_imp_pos [OF A v])
   489       show "\<exists>u. 0 < u \<and> u < 1 \<and> (\<exists>v\<in>A. x = u * v)"
   490       proof (intro exI conjI)
   491         show "0 < x/v"
   492           by (simp add: zero_less_divide_iff xpos vpos)
   493         show "x / v < 1"
   494           by (simp add: pos_divide_less_eq vpos xlessv)
   495         show "\<exists>v'\<in>A. x = (x / v) * v'"
   496         proof
   497           show "x = (x/v)*v"
   498             by (simp add: divide_inverse mult_assoc vpos
   499                           order_less_imp_not_eq2)
   500           show "v \<in> A" by fact
   501         qed
   502       qed
   503     qed
   504   qed
   505   thus "1 * Abs_preal A = Abs_preal A"
   506     by (simp add: preal_one_def preal_mult_def mult_set_def 
   507                   rat_mem_preal A)
   508 qed
   509 
   510 instance preal :: comm_monoid_mult
   511 by intro_classes (rule preal_mult_1)
   512 
   513 
   514 subsection{*Distribution of Multiplication across Addition*}
   515 
   516 lemma mem_Rep_preal_add_iff:
   517       "(z \<in> Rep_preal(R+S)) = (\<exists>x \<in> Rep_preal R. \<exists>y \<in> Rep_preal S. z = x + y)"
   518 apply (simp add: preal_add_def mem_add_set Rep_preal)
   519 apply (simp add: add_set_def) 
   520 done
   521 
   522 lemma mem_Rep_preal_mult_iff:
   523       "(z \<in> Rep_preal(R*S)) = (\<exists>x \<in> Rep_preal R. \<exists>y \<in> Rep_preal S. z = x * y)"
   524 apply (simp add: preal_mult_def mem_mult_set Rep_preal)
   525 apply (simp add: mult_set_def) 
   526 done
   527 
   528 lemma distrib_subset1:
   529      "Rep_preal (w * (x + y)) \<subseteq> Rep_preal (w * x + w * y)"
   530 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_mult_iff)
   531 apply (force simp add: right_distrib)
   532 done
   533 
   534 lemma preal_add_mult_distrib_mean:
   535   assumes a: "a \<in> Rep_preal w"
   536     and b: "b \<in> Rep_preal w"
   537     and d: "d \<in> Rep_preal x"
   538     and e: "e \<in> Rep_preal y"
   539   shows "\<exists>c \<in> Rep_preal w. a * d + b * e = c * (d + e)"
   540 proof
   541   let ?c = "(a*d + b*e)/(d+e)"
   542   have [simp]: "0<a" "0<b" "0<d" "0<e" "0<d+e"
   543     by (blast intro: preal_imp_pos [OF Rep_preal] a b d e pos_add_strict)+
   544   have cpos: "0 < ?c"
   545     by (simp add: zero_less_divide_iff zero_less_mult_iff pos_add_strict)
   546   show "a * d + b * e = ?c * (d + e)"
   547     by (simp add: divide_inverse mult_assoc order_less_imp_not_eq2)
   548   show "?c \<in> Rep_preal w"
   549   proof (cases rule: linorder_le_cases)
   550     assume "a \<le> b"
   551     hence "?c \<le> b"
   552       by (simp add: pos_divide_le_eq right_distrib mult_right_mono
   553                     order_less_imp_le)
   554     thus ?thesis by (rule preal_downwards_closed' [OF Rep_preal b cpos])
   555   next
   556     assume "b \<le> a"
   557     hence "?c \<le> a"
   558       by (simp add: pos_divide_le_eq right_distrib mult_right_mono
   559                     order_less_imp_le)
   560     thus ?thesis by (rule preal_downwards_closed' [OF Rep_preal a cpos])
   561   qed
   562 qed
   563 
   564 lemma distrib_subset2:
   565      "Rep_preal (w * x + w * y) \<subseteq> Rep_preal (w * (x + y))"
   566 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_mult_iff)
   567 apply (drule_tac w=w and x=x and y=y in preal_add_mult_distrib_mean, auto)
   568 done
   569 
   570 lemma preal_add_mult_distrib2: "(w * ((x::preal) + y)) = (w * x) + (w * y)"
   571 apply (rule Rep_preal_inject [THEN iffD1])
   572 apply (rule equalityI [OF distrib_subset1 distrib_subset2])
   573 done
   574 
   575 lemma preal_add_mult_distrib: "(((x::preal) + y) * w) = (x * w) + (y * w)"
   576 by (simp add: preal_mult_commute preal_add_mult_distrib2)
   577 
   578 instance preal :: comm_semiring
   579 by intro_classes (rule preal_add_mult_distrib)
   580 
   581 
   582 subsection{*Existence of Inverse, a Positive Real*}
   583 
   584 lemma mem_inv_set_ex:
   585   assumes A: "A \<in> preal" shows "\<exists>x y. 0 < x & x < y & inverse y \<notin> A"
   586 proof -
   587   from preal_exists_bound [OF A]
   588   obtain x where [simp]: "0<x" "x \<notin> A" by blast
   589   show ?thesis
   590   proof (intro exI conjI)
   591     show "0 < inverse (x+1)"
   592       by (simp add: order_less_trans [OF _ less_add_one]) 
   593     show "inverse(x+1) < inverse x"
   594       by (simp add: less_imp_inverse_less less_add_one)
   595     show "inverse (inverse x) \<notin> A"
   596       by (simp add: order_less_imp_not_eq2)
   597   qed
   598 qed
   599 
   600 text{*Part 1 of Dedekind sections definition*}
   601 lemma inverse_set_not_empty:
   602      "A \<in> preal ==> {} \<subset> inverse_set A"
   603 apply (insert mem_inv_set_ex [of A])
   604 apply (auto simp add: inverse_set_def)
   605 done
   606 
   607 text{*Part 2 of Dedekind sections definition*}
   608 
   609 lemma preal_not_mem_inverse_set_Ex:
   610    assumes A: "A \<in> preal"  shows "\<exists>q. 0 < q & q \<notin> inverse_set A"
   611 proof -
   612   from preal_nonempty [OF A]
   613   obtain x where x: "x \<in> A" and  xpos [simp]: "0<x" ..
   614   show ?thesis
   615   proof (intro exI conjI)
   616     show "0 < inverse x" by simp
   617     show "inverse x \<notin> inverse_set A"
   618     proof -
   619       { fix y::rat 
   620         assume ygt: "inverse x < y"
   621         have [simp]: "0 < y" by (simp add: order_less_trans [OF _ ygt])
   622         have iyless: "inverse y < x" 
   623           by (simp add: inverse_less_imp_less [of x] ygt)
   624         have "inverse y \<in> A"
   625           by (simp add: preal_downwards_closed [OF A x] iyless)}
   626      thus ?thesis by (auto simp add: inverse_set_def)
   627     qed
   628   qed
   629 qed
   630 
   631 lemma inverse_set_not_rat_set:
   632    assumes A: "A \<in> preal"  shows "inverse_set A < {r. 0 < r}"
   633 proof
   634   show "inverse_set A \<subseteq> {r. 0 < r}"  by (force simp add: inverse_set_def)
   635 next
   636   show "inverse_set A \<noteq> {r. 0 < r}"
   637     by (insert preal_not_mem_inverse_set_Ex [OF A], blast)
   638 qed
   639 
   640 text{*Part 3 of Dedekind sections definition*}
   641 lemma inverse_set_lemma3:
   642      "[|A \<in> preal; u \<in> inverse_set A; 0 < z; z < u|] 
   643       ==> z \<in> inverse_set A"
   644 apply (auto simp add: inverse_set_def)
   645 apply (auto intro: order_less_trans)
   646 done
   647 
   648 text{*Part 4 of Dedekind sections definition*}
   649 lemma inverse_set_lemma4:
   650      "[|A \<in> preal; y \<in> inverse_set A|] ==> \<exists>u \<in> inverse_set A. y < u"
   651 apply (auto simp add: inverse_set_def)
   652 apply (drule dense [of y]) 
   653 apply (blast intro: order_less_trans)
   654 done
   655 
   656 
   657 lemma mem_inverse_set:
   658      "A \<in> preal ==> inverse_set A \<in> preal"
   659 apply (simp (no_asm_simp) add: preal_def cut_def)
   660 apply (blast intro!: inverse_set_not_empty inverse_set_not_rat_set
   661                      inverse_set_lemma3 inverse_set_lemma4)
   662 done
   663 
   664 
   665 subsection{*Gleason's Lemma 9-3.4, page 122*}
   666 
   667 lemma Gleason9_34_exists:
   668   assumes A: "A \<in> preal"
   669     and "\<forall>x\<in>A. x + u \<in> A"
   670     and "0 \<le> z"
   671   shows "\<exists>b\<in>A. b + (of_int z) * u \<in> A"
   672 proof (cases z rule: int_cases)
   673   case (nonneg n)
   674   show ?thesis
   675   proof (simp add: nonneg, induct n)
   676     case 0
   677     from preal_nonempty [OF A]
   678     show ?case  by force 
   679   next
   680     case (Suc k)
   681     then obtain b where b: "b \<in> A" "b + of_nat k * u \<in> A" ..
   682     hence "b + of_int (int k)*u + u \<in> A" by (simp add: assms)
   683     thus ?case by (force simp add: algebra_simps b)
   684   qed
   685 next
   686   case (neg n)
   687   with assms show ?thesis by simp
   688 qed
   689 
   690 lemma Gleason9_34_contra:
   691   assumes A: "A \<in> preal"
   692     shows "[|\<forall>x\<in>A. x + u \<in> A; 0 < u; 0 < y; y \<notin> A|] ==> False"
   693 proof (induct u, induct y)
   694   fix a::int and b::int
   695   fix c::int and d::int
   696   assume bpos [simp]: "0 < b"
   697     and dpos [simp]: "0 < d"
   698     and closed: "\<forall>x\<in>A. x + (Fract c d) \<in> A"
   699     and upos: "0 < Fract c d"
   700     and ypos: "0 < Fract a b"
   701     and notin: "Fract a b \<notin> A"
   702   have cpos [simp]: "0 < c" 
   703     by (simp add: zero_less_Fract_iff [OF dpos, symmetric] upos) 
   704   have apos [simp]: "0 < a" 
   705     by (simp add: zero_less_Fract_iff [OF bpos, symmetric] ypos) 
   706   let ?k = "a*d"
   707   have frle: "Fract a b \<le> Fract ?k 1 * (Fract c d)" 
   708   proof -
   709     have "?thesis = ((a * d * b * d) \<le> c * b * (a * d * b * d))"
   710       by (simp add: order_less_imp_not_eq2 mult_ac) 
   711     moreover
   712     have "(1 * (a * d * b * d)) \<le> c * b * (a * d * b * d)"
   713       by (rule mult_mono, 
   714           simp_all add: int_one_le_iff_zero_less zero_less_mult_iff 
   715                         order_less_imp_le)
   716     ultimately
   717     show ?thesis by simp
   718   qed
   719   have k: "0 \<le> ?k" by (simp add: order_less_imp_le zero_less_mult_iff)  
   720   from Gleason9_34_exists [OF A closed k]
   721   obtain z where z: "z \<in> A" 
   722              and mem: "z + of_int ?k * Fract c d \<in> A" ..
   723   have less: "z + of_int ?k * Fract c d < Fract a b"
   724     by (rule not_in_preal_ub [OF A notin mem ypos])
   725   have "0<z" by (rule preal_imp_pos [OF A z])
   726   with frle and less show False by (simp add: Fract_of_int_eq) 
   727 qed
   728 
   729 
   730 lemma Gleason9_34:
   731   assumes A: "A \<in> preal"
   732     and upos: "0 < u"
   733   shows "\<exists>r \<in> A. r + u \<notin> A"
   734 proof (rule ccontr, simp)
   735   assume closed: "\<forall>r\<in>A. r + u \<in> A"
   736   from preal_exists_bound [OF A]
   737   obtain y where y: "y \<notin> A" and ypos: "0 < y" by blast
   738   show False
   739     by (rule Gleason9_34_contra [OF A closed upos ypos y])
   740 qed
   741 
   742 
   743 
   744 subsection{*Gleason's Lemma 9-3.6*}
   745 
   746 lemma lemma_gleason9_36:
   747   assumes A: "A \<in> preal"
   748     and x: "1 < x"
   749   shows "\<exists>r \<in> A. r*x \<notin> A"
   750 proof -
   751   from preal_nonempty [OF A]
   752   obtain y where y: "y \<in> A" and  ypos: "0<y" ..
   753   show ?thesis 
   754   proof (rule classical)
   755     assume "~(\<exists>r\<in>A. r * x \<notin> A)"
   756     with y have ymem: "y * x \<in> A" by blast 
   757     from ypos mult_strict_left_mono [OF x]
   758     have yless: "y < y*x" by simp 
   759     let ?d = "y*x - y"
   760     from yless have dpos: "0 < ?d" and eq: "y + ?d = y*x" by auto
   761     from Gleason9_34 [OF A dpos]
   762     obtain r where r: "r\<in>A" and notin: "r + ?d \<notin> A" ..
   763     have rpos: "0<r" by (rule preal_imp_pos [OF A r])
   764     with dpos have rdpos: "0 < r + ?d" by arith
   765     have "~ (r + ?d \<le> y + ?d)"
   766     proof
   767       assume le: "r + ?d \<le> y + ?d" 
   768       from ymem have yd: "y + ?d \<in> A" by (simp add: eq)
   769       have "r + ?d \<in> A" by (rule preal_downwards_closed' [OF A yd rdpos le])
   770       with notin show False by simp
   771     qed
   772     hence "y < r" by simp
   773     with ypos have  dless: "?d < (r * ?d)/y"
   774       by (simp add: pos_less_divide_eq mult_commute [of ?d]
   775                     mult_strict_right_mono dpos)
   776     have "r + ?d < r*x"
   777     proof -
   778       have "r + ?d < r + (r * ?d)/y" by (simp add: dless)
   779       also with ypos have "... = (r/y) * (y + ?d)"
   780         by (simp only: algebra_simps divide_inverse, simp)
   781       also have "... = r*x" using ypos
   782         by simp
   783       finally show "r + ?d < r*x" .
   784     qed
   785     with r notin rdpos
   786     show "\<exists>r\<in>A. r * x \<notin> A" by (blast dest:  preal_downwards_closed [OF A])
   787   qed  
   788 qed
   789 
   790 subsection{*Existence of Inverse: Part 2*}
   791 
   792 lemma mem_Rep_preal_inverse_iff:
   793       "(z \<in> Rep_preal(inverse R)) = 
   794        (0 < z \<and> (\<exists>y. z < y \<and> inverse y \<notin> Rep_preal R))"
   795 apply (simp add: preal_inverse_def mem_inverse_set Rep_preal)
   796 apply (simp add: inverse_set_def) 
   797 done
   798 
   799 lemma Rep_preal_one:
   800      "Rep_preal 1 = {x. 0 < x \<and> x < 1}"
   801 by (simp add: preal_one_def rat_mem_preal)
   802 
   803 lemma subset_inverse_mult_lemma:
   804   assumes xpos: "0 < x" and xless: "x < 1"
   805   shows "\<exists>r u y. 0 < r & r < y & inverse y \<notin> Rep_preal R & 
   806     u \<in> Rep_preal R & x = r * u"
   807 proof -
   808   from xpos and xless have "1 < inverse x" by (simp add: one_less_inverse_iff)
   809   from lemma_gleason9_36 [OF Rep_preal this]
   810   obtain r where r: "r \<in> Rep_preal R" 
   811              and notin: "r * (inverse x) \<notin> Rep_preal R" ..
   812   have rpos: "0<r" by (rule preal_imp_pos [OF Rep_preal r])
   813   from preal_exists_greater [OF Rep_preal r]
   814   obtain u where u: "u \<in> Rep_preal R" and rless: "r < u" ..
   815   have upos: "0<u" by (rule preal_imp_pos [OF Rep_preal u])
   816   show ?thesis
   817   proof (intro exI conjI)
   818     show "0 < x/u" using xpos upos
   819       by (simp add: zero_less_divide_iff)  
   820     show "x/u < x/r" using xpos upos rpos
   821       by (simp add: divide_inverse mult_less_cancel_left rless) 
   822     show "inverse (x / r) \<notin> Rep_preal R" using notin
   823       by (simp add: divide_inverse mult_commute) 
   824     show "u \<in> Rep_preal R" by (rule u) 
   825     show "x = x / u * u" using upos 
   826       by (simp add: divide_inverse mult_commute) 
   827   qed
   828 qed
   829 
   830 lemma subset_inverse_mult: 
   831      "Rep_preal 1 \<subseteq> Rep_preal(inverse R * R)"
   832 apply (auto simp add: Bex_def Rep_preal_one mem_Rep_preal_inverse_iff 
   833                       mem_Rep_preal_mult_iff)
   834 apply (blast dest: subset_inverse_mult_lemma) 
   835 done
   836 
   837 lemma inverse_mult_subset_lemma:
   838   assumes rpos: "0 < r" 
   839     and rless: "r < y"
   840     and notin: "inverse y \<notin> Rep_preal R"
   841     and q: "q \<in> Rep_preal R"
   842   shows "r*q < 1"
   843 proof -
   844   have "q < inverse y" using rpos rless
   845     by (simp add: not_in_preal_ub [OF Rep_preal notin] q)
   846   hence "r * q < r/y" using rpos
   847     by (simp add: divide_inverse mult_less_cancel_left)
   848   also have "... \<le> 1" using rpos rless
   849     by (simp add: pos_divide_le_eq)
   850   finally show ?thesis .
   851 qed
   852 
   853 lemma inverse_mult_subset:
   854      "Rep_preal(inverse R * R) \<subseteq> Rep_preal 1"
   855 apply (auto simp add: Bex_def Rep_preal_one mem_Rep_preal_inverse_iff
   856                       mem_Rep_preal_mult_iff)
   857 apply (simp add: zero_less_mult_iff preal_imp_pos [OF Rep_preal]) 
   858 apply (blast intro: inverse_mult_subset_lemma) 
   859 done
   860 
   861 lemma preal_mult_inverse: "inverse R * R = (1::preal)"
   862 apply (rule Rep_preal_inject [THEN iffD1])
   863 apply (rule equalityI [OF inverse_mult_subset subset_inverse_mult]) 
   864 done
   865 
   866 lemma preal_mult_inverse_right: "R * inverse R = (1::preal)"
   867 apply (rule preal_mult_commute [THEN subst])
   868 apply (rule preal_mult_inverse)
   869 done
   870 
   871 
   872 text{*Theorems needing @{text Gleason9_34}*}
   873 
   874 lemma Rep_preal_self_subset: "Rep_preal (R) \<subseteq> Rep_preal(R + S)"
   875 proof 
   876   fix r
   877   assume r: "r \<in> Rep_preal R"
   878   have rpos: "0<r" by (rule preal_imp_pos [OF Rep_preal r])
   879   from mem_Rep_preal_Ex 
   880   obtain y where y: "y \<in> Rep_preal S" ..
   881   have ypos: "0<y" by (rule preal_imp_pos [OF Rep_preal y])
   882   have ry: "r+y \<in> Rep_preal(R + S)" using r y
   883     by (auto simp add: mem_Rep_preal_add_iff)
   884   show "r \<in> Rep_preal(R + S)" using r ypos rpos 
   885     by (simp add:  preal_downwards_closed [OF Rep_preal ry]) 
   886 qed
   887 
   888 lemma Rep_preal_sum_not_subset: "~ Rep_preal (R + S) \<subseteq> Rep_preal(R)"
   889 proof -
   890   from mem_Rep_preal_Ex 
   891   obtain y where y: "y \<in> Rep_preal S" ..
   892   have ypos: "0<y" by (rule preal_imp_pos [OF Rep_preal y])
   893   from  Gleason9_34 [OF Rep_preal ypos]
   894   obtain r where r: "r \<in> Rep_preal R" and notin: "r + y \<notin> Rep_preal R" ..
   895   have "r + y \<in> Rep_preal (R + S)" using r y
   896     by (auto simp add: mem_Rep_preal_add_iff)
   897   thus ?thesis using notin by blast
   898 qed
   899 
   900 lemma Rep_preal_sum_not_eq: "Rep_preal (R + S) \<noteq> Rep_preal(R)"
   901 by (insert Rep_preal_sum_not_subset, blast)
   902 
   903 text{*at last, Gleason prop. 9-3.5(iii) page 123*}
   904 lemma preal_self_less_add_left: "(R::preal) < R + S"
   905 apply (unfold preal_less_def less_le)
   906 apply (simp add: Rep_preal_self_subset Rep_preal_sum_not_eq [THEN not_sym])
   907 done
   908 
   909 
   910 subsection{*Subtraction for Positive Reals*}
   911 
   912 text{*Gleason prop. 9-3.5(iv), page 123: proving @{prop "A < B ==> \<exists>D. A + D =
   913 B"}. We define the claimed @{term D} and show that it is a positive real*}
   914 
   915 text{*Part 1 of Dedekind sections definition*}
   916 lemma diff_set_not_empty:
   917      "R < S ==> {} \<subset> diff_set (Rep_preal S) (Rep_preal R)"
   918 apply (auto simp add: preal_less_def diff_set_def elim!: equalityE) 
   919 apply (frule_tac x1 = S in Rep_preal [THEN preal_exists_greater])
   920 apply (drule preal_imp_pos [OF Rep_preal], clarify)
   921 apply (cut_tac a=x and b=u in add_eq_exists, force) 
   922 done
   923 
   924 text{*Part 2 of Dedekind sections definition*}
   925 lemma diff_set_nonempty:
   926      "\<exists>q. 0 < q & q \<notin> diff_set (Rep_preal S) (Rep_preal R)"
   927 apply (cut_tac X = S in Rep_preal_exists_bound)
   928 apply (erule exE)
   929 apply (rule_tac x = x in exI, auto)
   930 apply (simp add: diff_set_def) 
   931 apply (auto dest: Rep_preal [THEN preal_downwards_closed])
   932 done
   933 
   934 lemma diff_set_not_rat_set:
   935   "diff_set (Rep_preal S) (Rep_preal R) < {r. 0 < r}" (is "?lhs < ?rhs")
   936 proof
   937   show "?lhs \<subseteq> ?rhs" by (auto simp add: diff_set_def) 
   938   show "?lhs \<noteq> ?rhs" using diff_set_nonempty by blast
   939 qed
   940 
   941 text{*Part 3 of Dedekind sections definition*}
   942 lemma diff_set_lemma3:
   943      "[|R < S; u \<in> diff_set (Rep_preal S) (Rep_preal R); 0 < z; z < u|] 
   944       ==> z \<in> diff_set (Rep_preal S) (Rep_preal R)"
   945 apply (auto simp add: diff_set_def) 
   946 apply (rule_tac x=x in exI) 
   947 apply (drule Rep_preal [THEN preal_downwards_closed], auto)
   948 done
   949 
   950 text{*Part 4 of Dedekind sections definition*}
   951 lemma diff_set_lemma4:
   952      "[|R < S; y \<in> diff_set (Rep_preal S) (Rep_preal R)|] 
   953       ==> \<exists>u \<in> diff_set (Rep_preal S) (Rep_preal R). y < u"
   954 apply (auto simp add: diff_set_def) 
   955 apply (drule Rep_preal [THEN preal_exists_greater], clarify) 
   956 apply (cut_tac a="x+y" and b=u in add_eq_exists, clarify)  
   957 apply (rule_tac x="y+xa" in exI) 
   958 apply (auto simp add: add_ac)
   959 done
   960 
   961 lemma mem_diff_set:
   962      "R < S ==> diff_set (Rep_preal S) (Rep_preal R) \<in> preal"
   963 apply (unfold preal_def cut_def)
   964 apply (blast intro!: diff_set_not_empty diff_set_not_rat_set
   965                      diff_set_lemma3 diff_set_lemma4)
   966 done
   967 
   968 lemma mem_Rep_preal_diff_iff:
   969       "R < S ==>
   970        (z \<in> Rep_preal(S-R)) = 
   971        (\<exists>x. 0 < x & 0 < z & x \<notin> Rep_preal R & x + z \<in> Rep_preal S)"
   972 apply (simp add: preal_diff_def mem_diff_set Rep_preal)
   973 apply (force simp add: diff_set_def) 
   974 done
   975 
   976 
   977 text{*proving that @{term "R + D \<le> S"}*}
   978 
   979 lemma less_add_left_lemma:
   980   assumes Rless: "R < S"
   981     and a: "a \<in> Rep_preal R"
   982     and cb: "c + b \<in> Rep_preal S"
   983     and "c \<notin> Rep_preal R"
   984     and "0 < b"
   985     and "0 < c"
   986   shows "a + b \<in> Rep_preal S"
   987 proof -
   988   have "0<a" by (rule preal_imp_pos [OF Rep_preal a])
   989   moreover
   990   have "a < c" using assms by (blast intro: not_in_Rep_preal_ub ) 
   991   ultimately show ?thesis
   992     using assms by (simp add: preal_downwards_closed [OF Rep_preal cb])
   993 qed
   994 
   995 lemma less_add_left_le1:
   996        "R < (S::preal) ==> R + (S-R) \<le> S"
   997 apply (auto simp add: Bex_def preal_le_def mem_Rep_preal_add_iff 
   998                       mem_Rep_preal_diff_iff)
   999 apply (blast intro: less_add_left_lemma) 
  1000 done
  1001 
  1002 subsection{*proving that @{term "S \<le> R + D"} --- trickier*}
  1003 
  1004 lemma lemma_sum_mem_Rep_preal_ex:
  1005      "x \<in> Rep_preal S ==> \<exists>e. 0 < e & x + e \<in> Rep_preal S"
  1006 apply (drule Rep_preal [THEN preal_exists_greater], clarify) 
  1007 apply (cut_tac a=x and b=u in add_eq_exists, auto) 
  1008 done
  1009 
  1010 lemma less_add_left_lemma2:
  1011   assumes Rless: "R < S"
  1012     and x:     "x \<in> Rep_preal S"
  1013     and xnot: "x \<notin>  Rep_preal R"
  1014   shows "\<exists>u v z. 0 < v & 0 < z & u \<in> Rep_preal R & z \<notin> Rep_preal R & 
  1015                      z + v \<in> Rep_preal S & x = u + v"
  1016 proof -
  1017   have xpos: "0<x" by (rule preal_imp_pos [OF Rep_preal x])
  1018   from lemma_sum_mem_Rep_preal_ex [OF x]
  1019   obtain e where epos: "0 < e" and xe: "x + e \<in> Rep_preal S" by blast
  1020   from  Gleason9_34 [OF Rep_preal epos]
  1021   obtain r where r: "r \<in> Rep_preal R" and notin: "r + e \<notin> Rep_preal R" ..
  1022   with x xnot xpos have rless: "r < x" by (blast intro: not_in_Rep_preal_ub)
  1023   from add_eq_exists [of r x]
  1024   obtain y where eq: "x = r+y" by auto
  1025   show ?thesis 
  1026   proof (intro exI conjI)
  1027     show "r \<in> Rep_preal R" by (rule r)
  1028     show "r + e \<notin> Rep_preal R" by (rule notin)
  1029     show "r + e + y \<in> Rep_preal S" using xe eq by (simp add: add_ac)
  1030     show "x = r + y" by (simp add: eq)
  1031     show "0 < r + e" using epos preal_imp_pos [OF Rep_preal r]
  1032       by simp
  1033     show "0 < y" using rless eq by arith
  1034   qed
  1035 qed
  1036 
  1037 lemma less_add_left_le2: "R < (S::preal) ==> S \<le> R + (S-R)"
  1038 apply (auto simp add: preal_le_def)
  1039 apply (case_tac "x \<in> Rep_preal R")
  1040 apply (cut_tac Rep_preal_self_subset [of R], force)
  1041 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_diff_iff)
  1042 apply (blast dest: less_add_left_lemma2)
  1043 done
  1044 
  1045 lemma less_add_left: "R < (S::preal) ==> R + (S-R) = S"
  1046 by (blast intro: antisym [OF less_add_left_le1 less_add_left_le2])
  1047 
  1048 lemma less_add_left_Ex: "R < (S::preal) ==> \<exists>D. R + D = S"
  1049 by (fast dest: less_add_left)
  1050 
  1051 lemma preal_add_less2_mono1: "R < (S::preal) ==> R + T < S + T"
  1052 apply (auto dest!: less_add_left_Ex simp add: preal_add_assoc)
  1053 apply (rule_tac y1 = D in preal_add_commute [THEN subst])
  1054 apply (auto intro: preal_self_less_add_left simp add: preal_add_assoc [symmetric])
  1055 done
  1056 
  1057 lemma preal_add_less2_mono2: "R < (S::preal) ==> T + R < T + S"
  1058 by (auto intro: preal_add_less2_mono1 simp add: preal_add_commute [of T])
  1059 
  1060 lemma preal_add_right_less_cancel: "R + T < S + T ==> R < (S::preal)"
  1061 apply (insert linorder_less_linear [of R S], auto)
  1062 apply (drule_tac R = S and T = T in preal_add_less2_mono1)
  1063 apply (blast dest: order_less_trans) 
  1064 done
  1065 
  1066 lemma preal_add_left_less_cancel: "T + R < T + S ==> R <  (S::preal)"
  1067 by (auto elim: preal_add_right_less_cancel simp add: preal_add_commute [of T])
  1068 
  1069 lemma preal_add_less_cancel_left: "(T + (R::preal) < T + S) = (R < S)"
  1070 by (blast intro: preal_add_less2_mono2 preal_add_left_less_cancel)
  1071 
  1072 lemma preal_add_le_cancel_left: "(T + (R::preal) \<le> T + S) = (R \<le> S)"
  1073 by (simp add: linorder_not_less [symmetric] preal_add_less_cancel_left) 
  1074 
  1075 lemma preal_add_right_cancel: "(R::preal) + T = S + T ==> R = S"
  1076 apply (insert linorder_less_linear [of R S], safe)
  1077 apply (drule_tac [!] T = T in preal_add_less2_mono1, auto)
  1078 done
  1079 
  1080 lemma preal_add_left_cancel: "C + A = C + B ==> A = (B::preal)"
  1081 by (auto intro: preal_add_right_cancel simp add: preal_add_commute)
  1082 
  1083 instance preal :: linordered_cancel_ab_semigroup_add
  1084 proof
  1085   fix a b c :: preal
  1086   show "a + b = a + c \<Longrightarrow> b = c" by (rule preal_add_left_cancel)
  1087   show "a \<le> b \<Longrightarrow> c + a \<le> c + b" by (simp only: preal_add_le_cancel_left)
  1088 qed
  1089 
  1090 
  1091 subsection{*Completeness of type @{typ preal}*}
  1092 
  1093 text{*Prove that supremum is a cut*}
  1094 
  1095 text{*Part 1 of Dedekind sections definition*}
  1096 
  1097 lemma preal_sup_set_not_empty:
  1098      "P \<noteq> {} ==> {} \<subset> (\<Union>X \<in> P. Rep_preal(X))"
  1099 apply auto
  1100 apply (cut_tac X = x in mem_Rep_preal_Ex, auto)
  1101 done
  1102 
  1103 
  1104 text{*Part 2 of Dedekind sections definition*}
  1105 
  1106 lemma preal_sup_not_exists:
  1107      "\<forall>X \<in> P. X \<le> Y ==> \<exists>q. 0 < q & q \<notin> (\<Union>X \<in> P. Rep_preal(X))"
  1108 apply (cut_tac X = Y in Rep_preal_exists_bound)
  1109 apply (auto simp add: preal_le_def)
  1110 done
  1111 
  1112 lemma preal_sup_set_not_rat_set:
  1113      "\<forall>X \<in> P. X \<le> Y ==> (\<Union>X \<in> P. Rep_preal(X)) < {r. 0 < r}"
  1114 apply (drule preal_sup_not_exists)
  1115 apply (blast intro: preal_imp_pos [OF Rep_preal])  
  1116 done
  1117 
  1118 text{*Part 3 of Dedekind sections definition*}
  1119 lemma preal_sup_set_lemma3:
  1120      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y; u \<in> (\<Union>X \<in> P. Rep_preal(X)); 0 < z; z < u|]
  1121       ==> z \<in> (\<Union>X \<in> P. Rep_preal(X))"
  1122 by (auto elim: Rep_preal [THEN preal_downwards_closed])
  1123 
  1124 text{*Part 4 of Dedekind sections definition*}
  1125 lemma preal_sup_set_lemma4:
  1126      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y; y \<in> (\<Union>X \<in> P. Rep_preal(X)) |]
  1127           ==> \<exists>u \<in> (\<Union>X \<in> P. Rep_preal(X)). y < u"
  1128 by (blast dest: Rep_preal [THEN preal_exists_greater])
  1129 
  1130 lemma preal_sup:
  1131      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y|] ==> (\<Union>X \<in> P. Rep_preal(X)) \<in> preal"
  1132 apply (unfold preal_def cut_def)
  1133 apply (blast intro!: preal_sup_set_not_empty preal_sup_set_not_rat_set
  1134                      preal_sup_set_lemma3 preal_sup_set_lemma4)
  1135 done
  1136 
  1137 lemma preal_psup_le:
  1138      "[| \<forall>X \<in> P. X \<le> Y;  x \<in> P |] ==> x \<le> psup P"
  1139 apply (simp (no_asm_simp) add: preal_le_def) 
  1140 apply (subgoal_tac "P \<noteq> {}") 
  1141 apply (auto simp add: psup_def preal_sup) 
  1142 done
  1143 
  1144 lemma psup_le_ub: "[| P \<noteq> {}; \<forall>X \<in> P. X \<le> Y |] ==> psup P \<le> Y"
  1145 apply (simp (no_asm_simp) add: preal_le_def)
  1146 apply (simp add: psup_def preal_sup) 
  1147 apply (auto simp add: preal_le_def)
  1148 done
  1149 
  1150 text{*Supremum property*}
  1151 lemma preal_complete:
  1152      "[| P \<noteq> {}; \<forall>X \<in> P. X \<le> Y |] ==> (\<exists>X \<in> P. Z < X) = (Z < psup P)"
  1153 apply (simp add: preal_less_def psup_def preal_sup)
  1154 apply (auto simp add: preal_le_def)
  1155 apply (rename_tac U) 
  1156 apply (cut_tac x = U and y = Z in linorder_less_linear)
  1157 apply (auto simp add: preal_less_def)
  1158 done
  1159 
  1160 section {*Defining the Reals from the Positive Reals*}
  1161 
  1162 definition
  1163   realrel   ::  "((preal * preal) * (preal * preal)) set" where
  1164   "realrel = {p. \<exists>x1 y1 x2 y2. p = ((x1,y1),(x2,y2)) & x1+y2 = x2+y1}"
  1165 
  1166 typedef (Real)  real = "UNIV//realrel"
  1167   by (auto simp add: quotient_def)
  1168 
  1169 definition
  1170   (** these don't use the overloaded "real" function: users don't see them **)
  1171   real_of_preal :: "preal => real" where
  1172   "real_of_preal m = Abs_Real (realrel `` {(m + 1, 1)})"
  1173 
  1174 instantiation real :: "{zero, one, plus, minus, uminus, times, inverse, ord, abs, sgn}"
  1175 begin
  1176 
  1177 definition
  1178   real_zero_def: "0 = Abs_Real(realrel``{(1, 1)})"
  1179 
  1180 definition
  1181   real_one_def: "1 = Abs_Real(realrel``{(1 + 1, 1)})"
  1182 
  1183 definition
  1184   real_add_def: "z + w =
  1185        the_elem (\<Union>(x,y) \<in> Rep_Real(z). \<Union>(u,v) \<in> Rep_Real(w).
  1186                  { Abs_Real(realrel``{(x+u, y+v)}) })"
  1187 
  1188 definition
  1189   real_minus_def: "- r =  the_elem (\<Union>(x,y) \<in> Rep_Real(r). { Abs_Real(realrel``{(y,x)}) })"
  1190 
  1191 definition
  1192   real_diff_def: "r - (s::real) = r + - s"
  1193 
  1194 definition
  1195   real_mult_def:
  1196     "z * w =
  1197        the_elem (\<Union>(x,y) \<in> Rep_Real(z). \<Union>(u,v) \<in> Rep_Real(w).
  1198                  { Abs_Real(realrel``{(x*u + y*v, x*v + y*u)}) })"
  1199 
  1200 definition
  1201   real_inverse_def: "inverse (R::real) = (THE S. (R = 0 & S = 0) | S * R = 1)"
  1202 
  1203 definition
  1204   real_divide_def: "R / (S::real) = R * inverse S"
  1205 
  1206 definition
  1207   real_le_def: "z \<le> (w::real) \<longleftrightarrow>
  1208     (\<exists>x y u v. x+v \<le> u+y & (x,y) \<in> Rep_Real z & (u,v) \<in> Rep_Real w)"
  1209 
  1210 definition
  1211   real_less_def: "x < (y\<Colon>real) \<longleftrightarrow> x \<le> y \<and> x \<noteq> y"
  1212 
  1213 definition
  1214   real_abs_def:  "abs (r::real) = (if r < 0 then - r else r)"
  1215 
  1216 definition
  1217   real_sgn_def: "sgn (x::real) = (if x=0 then 0 else if 0<x then 1 else - 1)"
  1218 
  1219 instance ..
  1220 
  1221 end
  1222 
  1223 subsection {* Equivalence relation over positive reals *}
  1224 
  1225 lemma preal_trans_lemma:
  1226   assumes "x + y1 = x1 + y"
  1227     and "x + y2 = x2 + y"
  1228   shows "x1 + y2 = x2 + (y1::preal)"
  1229 proof -
  1230   have "(x1 + y2) + x = (x + y2) + x1" by (simp add: add_ac)
  1231   also have "... = (x2 + y) + x1"  by (simp add: assms)
  1232   also have "... = x2 + (x1 + y)"  by (simp add: add_ac)
  1233   also have "... = x2 + (x + y1)"  by (simp add: assms)
  1234   also have "... = (x2 + y1) + x"  by (simp add: add_ac)
  1235   finally have "(x1 + y2) + x = (x2 + y1) + x" .
  1236   thus ?thesis by (rule add_right_imp_eq)
  1237 qed
  1238 
  1239 
  1240 lemma realrel_iff [simp]: "(((x1,y1),(x2,y2)) \<in> realrel) = (x1 + y2 = x2 + y1)"
  1241 by (simp add: realrel_def)
  1242 
  1243 lemma equiv_realrel: "equiv UNIV realrel"
  1244 apply (auto simp add: equiv_def refl_on_def sym_def trans_def realrel_def)
  1245 apply (blast dest: preal_trans_lemma) 
  1246 done
  1247 
  1248 text{*Reduces equality of equivalence classes to the @{term realrel} relation:
  1249   @{term "(realrel `` {x} = realrel `` {y}) = ((x,y) \<in> realrel)"} *}
  1250 lemmas equiv_realrel_iff = 
  1251        eq_equiv_class_iff [OF equiv_realrel UNIV_I UNIV_I]
  1252 
  1253 declare equiv_realrel_iff [simp]
  1254 
  1255 
  1256 lemma realrel_in_real [simp]: "realrel``{(x,y)}: Real"
  1257 by (simp add: Real_def realrel_def quotient_def, blast)
  1258 
  1259 declare Abs_Real_inject [simp]
  1260 declare Abs_Real_inverse [simp]
  1261 
  1262 
  1263 text{*Case analysis on the representation of a real number as an equivalence
  1264       class of pairs of positive reals.*}
  1265 lemma eq_Abs_Real [case_names Abs_Real, cases type: real]: 
  1266      "(!!x y. z = Abs_Real(realrel``{(x,y)}) ==> P) ==> P"
  1267 apply (rule Rep_Real [of z, unfolded Real_def, THEN quotientE])
  1268 apply (drule arg_cong [where f=Abs_Real])
  1269 apply (auto simp add: Rep_Real_inverse)
  1270 done
  1271 
  1272 
  1273 subsection {* Addition and Subtraction *}
  1274 
  1275 lemma real_add_congruent2_lemma:
  1276      "[|a + ba = aa + b; ab + bc = ac + bb|]
  1277       ==> a + ab + (ba + bc) = aa + ac + (b + (bb::preal))"
  1278 apply (simp add: add_assoc)
  1279 apply (rule add_left_commute [of ab, THEN ssubst])
  1280 apply (simp add: add_assoc [symmetric])
  1281 apply (simp add: add_ac)
  1282 done
  1283 
  1284 lemma real_add:
  1285      "Abs_Real (realrel``{(x,y)}) + Abs_Real (realrel``{(u,v)}) =
  1286       Abs_Real (realrel``{(x+u, y+v)})"
  1287 proof -
  1288   have "(\<lambda>z w. (\<lambda>(x,y). (\<lambda>(u,v). {Abs_Real (realrel `` {(x+u, y+v)})}) w) z)
  1289         respects2 realrel"
  1290     by (auto simp add: congruent2_def, blast intro: real_add_congruent2_lemma) 
  1291   thus ?thesis
  1292     by (simp add: real_add_def UN_UN_split_split_eq
  1293                   UN_equiv_class2 [OF equiv_realrel equiv_realrel])
  1294 qed
  1295 
  1296 lemma real_minus: "- Abs_Real(realrel``{(x,y)}) = Abs_Real(realrel `` {(y,x)})"
  1297 proof -
  1298   have "(\<lambda>(x,y). {Abs_Real (realrel``{(y,x)})}) respects realrel"
  1299     by (auto simp add: congruent_def add_commute) 
  1300   thus ?thesis
  1301     by (simp add: real_minus_def UN_equiv_class [OF equiv_realrel])
  1302 qed
  1303 
  1304 instance real :: ab_group_add
  1305 proof
  1306   fix x y z :: real
  1307   show "(x + y) + z = x + (y + z)"
  1308     by (cases x, cases y, cases z, simp add: real_add add_assoc)
  1309   show "x + y = y + x"
  1310     by (cases x, cases y, simp add: real_add add_commute)
  1311   show "0 + x = x"
  1312     by (cases x, simp add: real_add real_zero_def add_ac)
  1313   show "- x + x = 0"
  1314     by (cases x, simp add: real_minus real_add real_zero_def add_commute)
  1315   show "x - y = x + - y"
  1316     by (simp add: real_diff_def)
  1317 qed
  1318 
  1319 
  1320 subsection {* Multiplication *}
  1321 
  1322 lemma real_mult_congruent2_lemma:
  1323      "!!(x1::preal). [| x1 + y2 = x2 + y1 |] ==>
  1324           x * x1 + y * y1 + (x * y2 + y * x2) =
  1325           x * x2 + y * y2 + (x * y1 + y * x1)"
  1326 apply (simp add: add_left_commute add_assoc [symmetric])
  1327 apply (simp add: add_assoc right_distrib [symmetric])
  1328 apply (simp add: add_commute)
  1329 done
  1330 
  1331 lemma real_mult_congruent2:
  1332     "(%p1 p2.
  1333         (%(x1,y1). (%(x2,y2). 
  1334           { Abs_Real (realrel``{(x1*x2 + y1*y2, x1*y2+y1*x2)}) }) p2) p1)
  1335      respects2 realrel"
  1336 apply (rule congruent2_commuteI [OF equiv_realrel], clarify)
  1337 apply (simp add: mult_commute add_commute)
  1338 apply (auto simp add: real_mult_congruent2_lemma)
  1339 done
  1340 
  1341 lemma real_mult:
  1342       "Abs_Real((realrel``{(x1,y1)})) * Abs_Real((realrel``{(x2,y2)})) =
  1343        Abs_Real(realrel `` {(x1*x2+y1*y2,x1*y2+y1*x2)})"
  1344 by (simp add: real_mult_def UN_UN_split_split_eq
  1345          UN_equiv_class2 [OF equiv_realrel equiv_realrel real_mult_congruent2])
  1346 
  1347 lemma real_mult_commute: "(z::real) * w = w * z"
  1348 by (cases z, cases w, simp add: real_mult add_ac mult_ac)
  1349 
  1350 lemma real_mult_assoc: "((z1::real) * z2) * z3 = z1 * (z2 * z3)"
  1351 apply (cases z1, cases z2, cases z3)
  1352 apply (simp add: real_mult algebra_simps)
  1353 done
  1354 
  1355 lemma real_mult_1: "(1::real) * z = z"
  1356 apply (cases z)
  1357 apply (simp add: real_mult real_one_def algebra_simps)
  1358 done
  1359 
  1360 lemma real_add_mult_distrib: "((z1::real) + z2) * w = (z1 * w) + (z2 * w)"
  1361 apply (cases z1, cases z2, cases w)
  1362 apply (simp add: real_add real_mult algebra_simps)
  1363 done
  1364 
  1365 text{*one and zero are distinct*}
  1366 lemma real_zero_not_eq_one: "0 \<noteq> (1::real)"
  1367 proof -
  1368   have "(1::preal) < 1 + 1"
  1369     by (simp add: preal_self_less_add_left)
  1370   thus ?thesis
  1371     by (simp add: real_zero_def real_one_def)
  1372 qed
  1373 
  1374 instance real :: comm_ring_1
  1375 proof
  1376   fix x y z :: real
  1377   show "(x * y) * z = x * (y * z)" by (rule real_mult_assoc)
  1378   show "x * y = y * x" by (rule real_mult_commute)
  1379   show "1 * x = x" by (rule real_mult_1)
  1380   show "(x + y) * z = x * z + y * z" by (rule real_add_mult_distrib)
  1381   show "0 \<noteq> (1::real)" by (rule real_zero_not_eq_one)
  1382 qed
  1383 
  1384 subsection {* Inverse and Division *}
  1385 
  1386 lemma real_zero_iff: "Abs_Real (realrel `` {(x, x)}) = 0"
  1387 by (simp add: real_zero_def add_commute)
  1388 
  1389 text{*Instead of using an existential quantifier and constructing the inverse
  1390 within the proof, we could define the inverse explicitly.*}
  1391 
  1392 lemma real_mult_inverse_left_ex: "x \<noteq> 0 ==> \<exists>y. y*x = (1::real)"
  1393 apply (simp add: real_zero_def real_one_def, cases x)
  1394 apply (cut_tac x = xa and y = y in linorder_less_linear)
  1395 apply (auto dest!: less_add_left_Ex simp add: real_zero_iff)
  1396 apply (rule_tac
  1397         x = "Abs_Real (realrel``{(1, inverse (D) + 1)})"
  1398        in exI)
  1399 apply (rule_tac [2]
  1400         x = "Abs_Real (realrel``{(inverse (D) + 1, 1)})" 
  1401        in exI)
  1402 apply (auto simp add: real_mult preal_mult_inverse_right algebra_simps)
  1403 done
  1404 
  1405 lemma real_mult_inverse_left: "x \<noteq> 0 ==> inverse(x)*x = (1::real)"
  1406 apply (simp add: real_inverse_def)
  1407 apply (drule real_mult_inverse_left_ex, safe)
  1408 apply (rule theI, assumption, rename_tac z)
  1409 apply (subgoal_tac "(z * x) * y = z * (x * y)")
  1410 apply (simp add: mult_commute)
  1411 apply (rule mult_assoc)
  1412 done
  1413 
  1414 
  1415 subsection{*The Real Numbers form a Field*}
  1416 
  1417 instance real :: field_inverse_zero
  1418 proof
  1419   fix x y z :: real
  1420   show "x \<noteq> 0 ==> inverse x * x = 1" by (rule real_mult_inverse_left)
  1421   show "x / y = x * inverse y" by (simp add: real_divide_def)
  1422   show "inverse 0 = (0::real)" by (simp add: real_inverse_def)
  1423 qed
  1424 
  1425 
  1426 subsection{*The @{text "\<le>"} Ordering*}
  1427 
  1428 lemma real_le_refl: "w \<le> (w::real)"
  1429 by (cases w, force simp add: real_le_def)
  1430 
  1431 text{*The arithmetic decision procedure is not set up for type preal.
  1432   This lemma is currently unused, but it could simplify the proofs of the
  1433   following two lemmas.*}
  1434 lemma preal_eq_le_imp_le:
  1435   assumes eq: "a+b = c+d" and le: "c \<le> a"
  1436   shows "b \<le> (d::preal)"
  1437 proof -
  1438   have "c+d \<le> a+d" by (simp add: le)
  1439   hence "a+b \<le> a+d" by (simp add: eq)
  1440   thus "b \<le> d" by simp
  1441 qed
  1442 
  1443 lemma real_le_lemma:
  1444   assumes l: "u1 + v2 \<le> u2 + v1"
  1445     and "x1 + v1 = u1 + y1"
  1446     and "x2 + v2 = u2 + y2"
  1447   shows "x1 + y2 \<le> x2 + (y1::preal)"
  1448 proof -
  1449   have "(x1+v1) + (u2+y2) = (u1+y1) + (x2+v2)" by (simp add: assms)
  1450   hence "(x1+y2) + (u2+v1) = (x2+y1) + (u1+v2)" by (simp add: add_ac)
  1451   also have "... \<le> (x2+y1) + (u2+v1)" by (simp add: assms)
  1452   finally show ?thesis by simp
  1453 qed
  1454 
  1455 lemma real_le: 
  1456      "(Abs_Real(realrel``{(x1,y1)}) \<le> Abs_Real(realrel``{(x2,y2)})) =  
  1457       (x1 + y2 \<le> x2 + y1)"
  1458 apply (simp add: real_le_def)
  1459 apply (auto intro: real_le_lemma)
  1460 done
  1461 
  1462 lemma real_le_antisym: "[| z \<le> w; w \<le> z |] ==> z = (w::real)"
  1463 by (cases z, cases w, simp add: real_le)
  1464 
  1465 lemma real_trans_lemma:
  1466   assumes "x + v \<le> u + y"
  1467     and "u + v' \<le> u' + v"
  1468     and "x2 + v2 = u2 + y2"
  1469   shows "x + v' \<le> u' + (y::preal)"
  1470 proof -
  1471   have "(x+v') + (u+v) = (x+v) + (u+v')" by (simp add: add_ac)
  1472   also have "... \<le> (u+y) + (u+v')" by (simp add: assms)
  1473   also have "... \<le> (u+y) + (u'+v)" by (simp add: assms)
  1474   also have "... = (u'+y) + (u+v)"  by (simp add: add_ac)
  1475   finally show ?thesis by simp
  1476 qed
  1477 
  1478 lemma real_le_trans: "[| i \<le> j; j \<le> k |] ==> i \<le> (k::real)"
  1479 apply (cases i, cases j, cases k)
  1480 apply (simp add: real_le)
  1481 apply (blast intro: real_trans_lemma)
  1482 done
  1483 
  1484 instance real :: order
  1485 proof
  1486   fix u v :: real
  1487   show "u < v \<longleftrightarrow> u \<le> v \<and> \<not> v \<le> u" 
  1488     by (auto simp add: real_less_def intro: real_le_antisym)
  1489 qed (assumption | rule real_le_refl real_le_trans real_le_antisym)+
  1490 
  1491 (* Axiom 'linorder_linear' of class 'linorder': *)
  1492 lemma real_le_linear: "(z::real) \<le> w | w \<le> z"
  1493 apply (cases z, cases w)
  1494 apply (auto simp add: real_le real_zero_def add_ac)
  1495 done
  1496 
  1497 instance real :: linorder
  1498   by (intro_classes, rule real_le_linear)
  1499 
  1500 
  1501 lemma real_le_eq_diff: "(x \<le> y) = (x-y \<le> (0::real))"
  1502 apply (cases x, cases y) 
  1503 apply (auto simp add: real_le real_zero_def real_diff_def real_add real_minus
  1504                       add_ac)
  1505 apply (simp_all add: add_assoc [symmetric])
  1506 done
  1507 
  1508 lemma real_add_left_mono: 
  1509   assumes le: "x \<le> y" shows "z + x \<le> z + (y::real)"
  1510 proof -
  1511   have "z + x - (z + y) = (z + -z) + (x - y)" 
  1512     by (simp add: algebra_simps) 
  1513   with le show ?thesis 
  1514     by (simp add: real_le_eq_diff[of x] real_le_eq_diff[of "z+x"] diff_minus)
  1515 qed
  1516 
  1517 lemma real_sum_gt_zero_less: "(0 < S + (-W::real)) ==> (W < S)"
  1518 by (simp add: linorder_not_le [symmetric] real_le_eq_diff [of S] diff_minus)
  1519 
  1520 lemma real_less_sum_gt_zero: "(W < S) ==> (0 < S + (-W::real))"
  1521 by (simp add: linorder_not_le [symmetric] real_le_eq_diff [of S] diff_minus)
  1522 
  1523 lemma real_mult_order: "[| 0 < x; 0 < y |] ==> (0::real) < x * y"
  1524 apply (cases x, cases y)
  1525 apply (simp add: linorder_not_le [where 'a = real, symmetric] 
  1526                  linorder_not_le [where 'a = preal] 
  1527                   real_zero_def real_le real_mult)
  1528   --{*Reduce to the (simpler) @{text "\<le>"} relation *}
  1529 apply (auto dest!: less_add_left_Ex
  1530      simp add: algebra_simps preal_self_less_add_left)
  1531 done
  1532 
  1533 lemma real_mult_less_mono2: "[| (0::real) < z; x < y |] ==> z * x < z * y"
  1534 apply (rule real_sum_gt_zero_less)
  1535 apply (drule real_less_sum_gt_zero [of x y])
  1536 apply (drule real_mult_order, assumption)
  1537 apply (simp add: right_distrib)
  1538 done
  1539 
  1540 instantiation real :: distrib_lattice
  1541 begin
  1542 
  1543 definition
  1544   "(inf \<Colon> real \<Rightarrow> real \<Rightarrow> real) = min"
  1545 
  1546 definition
  1547   "(sup \<Colon> real \<Rightarrow> real \<Rightarrow> real) = max"
  1548 
  1549 instance
  1550   by default (auto simp add: inf_real_def sup_real_def min_max.sup_inf_distrib1)
  1551 
  1552 end
  1553 
  1554 
  1555 subsection{*The Reals Form an Ordered Field*}
  1556 
  1557 instance real :: linordered_field_inverse_zero
  1558 proof
  1559   fix x y z :: real
  1560   show "x \<le> y ==> z + x \<le> z + y" by (rule real_add_left_mono)
  1561   show "x < y ==> 0 < z ==> z * x < z * y" by (rule real_mult_less_mono2)
  1562   show "\<bar>x\<bar> = (if x < 0 then -x else x)" by (simp only: real_abs_def)
  1563   show "sgn x = (if x=0 then 0 else if 0<x then 1 else - 1)"
  1564     by (simp only: real_sgn_def)
  1565 qed
  1566 
  1567 text{*The function @{term real_of_preal} requires many proofs, but it seems
  1568 to be essential for proving completeness of the reals from that of the
  1569 positive reals.*}
  1570 
  1571 lemma real_of_preal_add:
  1572      "real_of_preal ((x::preal) + y) = real_of_preal x + real_of_preal y"
  1573 by (simp add: real_of_preal_def real_add algebra_simps)
  1574 
  1575 lemma real_of_preal_mult:
  1576      "real_of_preal ((x::preal) * y) = real_of_preal x* real_of_preal y"
  1577 by (simp add: real_of_preal_def real_mult algebra_simps)
  1578 
  1579 
  1580 text{*Gleason prop 9-4.4 p 127*}
  1581 lemma real_of_preal_trichotomy:
  1582       "\<exists>m. (x::real) = real_of_preal m | x = 0 | x = -(real_of_preal m)"
  1583 apply (simp add: real_of_preal_def real_zero_def, cases x)
  1584 apply (auto simp add: real_minus add_ac)
  1585 apply (cut_tac x = x and y = y in linorder_less_linear)
  1586 apply (auto dest!: less_add_left_Ex simp add: add_assoc [symmetric])
  1587 done
  1588 
  1589 lemma real_of_preal_leD:
  1590       "real_of_preal m1 \<le> real_of_preal m2 ==> m1 \<le> m2"
  1591 by (simp add: real_of_preal_def real_le)
  1592 
  1593 lemma real_of_preal_lessI: "m1 < m2 ==> real_of_preal m1 < real_of_preal m2"
  1594 by (auto simp add: real_of_preal_leD linorder_not_le [symmetric])
  1595 
  1596 lemma real_of_preal_lessD:
  1597       "real_of_preal m1 < real_of_preal m2 ==> m1 < m2"
  1598 by (simp add: real_of_preal_def real_le linorder_not_le [symmetric])
  1599 
  1600 lemma real_of_preal_less_iff [simp]:
  1601      "(real_of_preal m1 < real_of_preal m2) = (m1 < m2)"
  1602 by (blast intro: real_of_preal_lessI real_of_preal_lessD)
  1603 
  1604 lemma real_of_preal_le_iff:
  1605      "(real_of_preal m1 \<le> real_of_preal m2) = (m1 \<le> m2)"
  1606 by (simp add: linorder_not_less [symmetric])
  1607 
  1608 lemma real_of_preal_zero_less: "0 < real_of_preal m"
  1609 apply (insert preal_self_less_add_left [of 1 m])
  1610 apply (auto simp add: real_zero_def real_of_preal_def
  1611                       real_less_def real_le_def add_ac)
  1612 apply (rule_tac x="m + 1" in exI, rule_tac x="1" in exI)
  1613 apply (simp add: add_ac)
  1614 done
  1615 
  1616 lemma real_of_preal_minus_less_zero: "- real_of_preal m < 0"
  1617 by (simp add: real_of_preal_zero_less)
  1618 
  1619 lemma real_of_preal_not_minus_gt_zero: "~ 0 < - real_of_preal m"
  1620 proof -
  1621   from real_of_preal_minus_less_zero
  1622   show ?thesis by (blast dest: order_less_trans)
  1623 qed
  1624 
  1625 
  1626 subsection{*Theorems About the Ordering*}
  1627 
  1628 lemma real_gt_zero_preal_Ex: "(0 < x) = (\<exists>y. x = real_of_preal y)"
  1629 apply (auto simp add: real_of_preal_zero_less)
  1630 apply (cut_tac x = x in real_of_preal_trichotomy)
  1631 apply (blast elim!: real_of_preal_not_minus_gt_zero [THEN notE])
  1632 done
  1633 
  1634 lemma real_gt_preal_preal_Ex:
  1635      "real_of_preal z < x ==> \<exists>y. x = real_of_preal y"
  1636 by (blast dest!: real_of_preal_zero_less [THEN order_less_trans]
  1637              intro: real_gt_zero_preal_Ex [THEN iffD1])
  1638 
  1639 lemma real_ge_preal_preal_Ex:
  1640      "real_of_preal z \<le> x ==> \<exists>y. x = real_of_preal y"
  1641 by (blast dest: order_le_imp_less_or_eq real_gt_preal_preal_Ex)
  1642 
  1643 lemma real_less_all_preal: "y \<le> 0 ==> \<forall>x. y < real_of_preal x"
  1644 by (auto elim: order_le_imp_less_or_eq [THEN disjE] 
  1645             intro: real_of_preal_zero_less [THEN [2] order_less_trans] 
  1646             simp add: real_of_preal_zero_less)
  1647 
  1648 lemma real_less_all_real2: "~ 0 < y ==> \<forall>x. y < real_of_preal x"
  1649 by (blast intro!: real_less_all_preal linorder_not_less [THEN iffD1])
  1650 
  1651 
  1652 subsection{*Numerals and Arithmetic*}
  1653 
  1654 instantiation real :: number_ring
  1655 begin
  1656 
  1657 definition
  1658   real_number_of_def: "(number_of w :: real) = of_int w"
  1659 
  1660 instance
  1661   by intro_classes (simp add: real_number_of_def)
  1662 
  1663 end
  1664 
  1665 subsection {* Completeness of Positive Reals *}
  1666 
  1667 text {*
  1668   Supremum property for the set of positive reals
  1669 
  1670   Let @{text "P"} be a non-empty set of positive reals, with an upper
  1671   bound @{text "y"}.  Then @{text "P"} has a least upper bound
  1672   (written @{text "S"}).
  1673 
  1674   FIXME: Can the premise be weakened to @{text "\<forall>x \<in> P. x\<le> y"}?
  1675 *}
  1676 
  1677 lemma posreal_complete:
  1678   assumes positive_P: "\<forall>x \<in> P. (0::real) < x"
  1679     and not_empty_P: "\<exists>x. x \<in> P"
  1680     and upper_bound_Ex: "\<exists>y. \<forall>x \<in> P. x<y"
  1681   shows "\<exists>S. \<forall>y. (\<exists>x \<in> P. y < x) = (y < S)"
  1682 proof (rule exI, rule allI)
  1683   fix y
  1684   let ?pP = "{w. real_of_preal w \<in> P}"
  1685 
  1686   show "(\<exists>x\<in>P. y < x) = (y < real_of_preal (psup ?pP))"
  1687   proof (cases "0 < y")
  1688     assume neg_y: "\<not> 0 < y"
  1689     show ?thesis
  1690     proof
  1691       assume "\<exists>x\<in>P. y < x"
  1692       have "\<forall>x. y < real_of_preal x"
  1693         using neg_y by (rule real_less_all_real2)
  1694       thus "y < real_of_preal (psup ?pP)" ..
  1695     next
  1696       assume "y < real_of_preal (psup ?pP)"
  1697       obtain "x" where x_in_P: "x \<in> P" using not_empty_P ..
  1698       hence "0 < x" using positive_P by simp
  1699       hence "y < x" using neg_y by simp
  1700       thus "\<exists>x \<in> P. y < x" using x_in_P ..
  1701     qed
  1702   next
  1703     assume pos_y: "0 < y"
  1704 
  1705     then obtain py where y_is_py: "y = real_of_preal py"
  1706       by (auto simp add: real_gt_zero_preal_Ex)
  1707 
  1708     obtain a where "a \<in> P" using not_empty_P ..
  1709     with positive_P have a_pos: "0 < a" ..
  1710     then obtain pa where "a = real_of_preal pa"
  1711       by (auto simp add: real_gt_zero_preal_Ex)
  1712     hence "pa \<in> ?pP" using `a \<in> P` by auto
  1713     hence pP_not_empty: "?pP \<noteq> {}" by auto
  1714 
  1715     obtain sup where sup: "\<forall>x \<in> P. x < sup"
  1716       using upper_bound_Ex ..
  1717     from this and `a \<in> P` have "a < sup" ..
  1718     hence "0 < sup" using a_pos by arith
  1719     then obtain possup where "sup = real_of_preal possup"
  1720       by (auto simp add: real_gt_zero_preal_Ex)
  1721     hence "\<forall>X \<in> ?pP. X \<le> possup"
  1722       using sup by (auto simp add: real_of_preal_lessI)
  1723     with pP_not_empty have psup: "\<And>Z. (\<exists>X \<in> ?pP. Z < X) = (Z < psup ?pP)"
  1724       by (rule preal_complete)
  1725 
  1726     show ?thesis
  1727     proof
  1728       assume "\<exists>x \<in> P. y < x"
  1729       then obtain x where x_in_P: "x \<in> P" and y_less_x: "y < x" ..
  1730       hence "0 < x" using pos_y by arith
  1731       then obtain px where x_is_px: "x = real_of_preal px"
  1732         by (auto simp add: real_gt_zero_preal_Ex)
  1733 
  1734       have py_less_X: "\<exists>X \<in> ?pP. py < X"
  1735       proof
  1736         show "py < px" using y_is_py and x_is_px and y_less_x
  1737           by (simp add: real_of_preal_lessI)
  1738         show "px \<in> ?pP" using x_in_P and x_is_px by simp
  1739       qed
  1740 
  1741       have "(\<exists>X \<in> ?pP. py < X) ==> (py < psup ?pP)"
  1742         using psup by simp
  1743       hence "py < psup ?pP" using py_less_X by simp
  1744       thus "y < real_of_preal (psup {w. real_of_preal w \<in> P})"
  1745         using y_is_py and pos_y by (simp add: real_of_preal_lessI)
  1746     next
  1747       assume y_less_psup: "y < real_of_preal (psup ?pP)"
  1748 
  1749       hence "py < psup ?pP" using y_is_py
  1750         by (simp add: real_of_preal_lessI)
  1751       then obtain "X" where py_less_X: "py < X" and X_in_pP: "X \<in> ?pP"
  1752         using psup by auto
  1753       then obtain x where x_is_X: "x = real_of_preal X"
  1754         by (simp add: real_gt_zero_preal_Ex)
  1755       hence "y < x" using py_less_X and y_is_py
  1756         by (simp add: real_of_preal_lessI)
  1757 
  1758       moreover have "x \<in> P" using x_is_X and X_in_pP by simp
  1759 
  1760       ultimately show "\<exists> x \<in> P. y < x" ..
  1761     qed
  1762   qed
  1763 qed
  1764 
  1765 text {*
  1766   \medskip Completeness properties using @{text "isUb"}, @{text "isLub"} etc.
  1767 *}
  1768 
  1769 lemma posreals_complete:
  1770   assumes positive_S: "\<forall>x \<in> S. 0 < x"
  1771     and not_empty_S: "\<exists>x. x \<in> S"
  1772     and upper_bound_Ex: "\<exists>u. isUb (UNIV::real set) S u"
  1773   shows "\<exists>t. isLub (UNIV::real set) S t"
  1774 proof
  1775   let ?pS = "{w. real_of_preal w \<in> S}"
  1776 
  1777   obtain u where "isUb UNIV S u" using upper_bound_Ex ..
  1778   hence sup: "\<forall>x \<in> S. x \<le> u" by (simp add: isUb_def setle_def)
  1779 
  1780   obtain x where x_in_S: "x \<in> S" using not_empty_S ..
  1781   hence x_gt_zero: "0 < x" using positive_S by simp
  1782   have  "x \<le> u" using sup and x_in_S ..
  1783   hence "0 < u" using x_gt_zero by arith
  1784 
  1785   then obtain pu where u_is_pu: "u = real_of_preal pu"
  1786     by (auto simp add: real_gt_zero_preal_Ex)
  1787 
  1788   have pS_less_pu: "\<forall>pa \<in> ?pS. pa \<le> pu"
  1789   proof
  1790     fix pa
  1791     assume "pa \<in> ?pS"
  1792     then obtain a where "a \<in> S" and "a = real_of_preal pa"
  1793       by simp
  1794     moreover hence "a \<le> u" using sup by simp
  1795     ultimately show "pa \<le> pu"
  1796       using sup and u_is_pu by (simp add: real_of_preal_le_iff)
  1797   qed
  1798 
  1799   have "\<forall>y \<in> S. y \<le> real_of_preal (psup ?pS)"
  1800   proof
  1801     fix y
  1802     assume y_in_S: "y \<in> S"
  1803     hence "0 < y" using positive_S by simp
  1804     then obtain py where y_is_py: "y = real_of_preal py"
  1805       by (auto simp add: real_gt_zero_preal_Ex)
  1806     hence py_in_pS: "py \<in> ?pS" using y_in_S by simp
  1807     with pS_less_pu have "py \<le> psup ?pS"
  1808       by (rule preal_psup_le)
  1809     thus "y \<le> real_of_preal (psup ?pS)"
  1810       using y_is_py by (simp add: real_of_preal_le_iff)
  1811   qed
  1812 
  1813   moreover {
  1814     fix x
  1815     assume x_ub_S: "\<forall>y\<in>S. y \<le> x"
  1816     have "real_of_preal (psup ?pS) \<le> x"
  1817     proof -
  1818       obtain "s" where s_in_S: "s \<in> S" using not_empty_S ..
  1819       hence s_pos: "0 < s" using positive_S by simp
  1820 
  1821       hence "\<exists> ps. s = real_of_preal ps" by (simp add: real_gt_zero_preal_Ex)
  1822       then obtain "ps" where s_is_ps: "s = real_of_preal ps" ..
  1823       hence ps_in_pS: "ps \<in> {w. real_of_preal w \<in> S}" using s_in_S by simp
  1824 
  1825       from x_ub_S have "s \<le> x" using s_in_S ..
  1826       hence "0 < x" using s_pos by simp
  1827       hence "\<exists> px. x = real_of_preal px" by (simp add: real_gt_zero_preal_Ex)
  1828       then obtain "px" where x_is_px: "x = real_of_preal px" ..
  1829 
  1830       have "\<forall>pe \<in> ?pS. pe \<le> px"
  1831       proof
  1832         fix pe
  1833         assume "pe \<in> ?pS"
  1834         hence "real_of_preal pe \<in> S" by simp
  1835         hence "real_of_preal pe \<le> x" using x_ub_S by simp
  1836         thus "pe \<le> px" using x_is_px by (simp add: real_of_preal_le_iff)
  1837       qed
  1838 
  1839       moreover have "?pS \<noteq> {}" using ps_in_pS by auto
  1840       ultimately have "(psup ?pS) \<le> px" by (simp add: psup_le_ub)
  1841       thus "real_of_preal (psup ?pS) \<le> x" using x_is_px by (simp add: real_of_preal_le_iff)
  1842     qed
  1843   }
  1844   ultimately show "isLub UNIV S (real_of_preal (psup ?pS))"
  1845     by (simp add: isLub_def leastP_def isUb_def setle_def setge_def)
  1846 qed
  1847 
  1848 text {*
  1849   \medskip reals Completeness (again!)
  1850 *}
  1851 
  1852 lemma reals_complete:
  1853   assumes notempty_S: "\<exists>X. X \<in> S"
  1854     and exists_Ub: "\<exists>Y. isUb (UNIV::real set) S Y"
  1855   shows "\<exists>t. isLub (UNIV :: real set) S t"
  1856 proof -
  1857   obtain X where X_in_S: "X \<in> S" using notempty_S ..
  1858   obtain Y where Y_isUb: "isUb (UNIV::real set) S Y"
  1859     using exists_Ub ..
  1860   let ?SHIFT = "{z. \<exists>x \<in>S. z = x + (-X) + 1} \<inter> {x. 0 < x}"
  1861 
  1862   {
  1863     fix x
  1864     assume "isUb (UNIV::real set) S x"
  1865     hence S_le_x: "\<forall> y \<in> S. y <= x"
  1866       by (simp add: isUb_def setle_def)
  1867     {
  1868       fix s
  1869       assume "s \<in> {z. \<exists>x\<in>S. z = x + - X + 1}"
  1870       hence "\<exists> x \<in> S. s = x + -X + 1" ..
  1871       then obtain x1 where "x1 \<in> S" and "s = x1 + (-X) + 1" ..
  1872       moreover hence "x1 \<le> x" using S_le_x by simp
  1873       ultimately have "s \<le> x + - X + 1" by arith
  1874     }
  1875     then have "isUb (UNIV::real set) ?SHIFT (x + (-X) + 1)"
  1876       by (auto simp add: isUb_def setle_def)
  1877   } note S_Ub_is_SHIFT_Ub = this
  1878 
  1879   hence "isUb UNIV ?SHIFT (Y + (-X) + 1)" using Y_isUb by simp
  1880   hence "\<exists>Z. isUb UNIV ?SHIFT Z" ..
  1881   moreover have "\<forall>y \<in> ?SHIFT. 0 < y" by auto
  1882   moreover have shifted_not_empty: "\<exists>u. u \<in> ?SHIFT"
  1883     using X_in_S and Y_isUb by auto
  1884   ultimately obtain t where t_is_Lub: "isLub UNIV ?SHIFT t"
  1885     using posreals_complete [of ?SHIFT] by blast
  1886 
  1887   show ?thesis
  1888   proof
  1889     show "isLub UNIV S (t + X + (-1))"
  1890     proof (rule isLubI2)
  1891       {
  1892         fix x
  1893         assume "isUb (UNIV::real set) S x"
  1894         hence "isUb (UNIV::real set) (?SHIFT) (x + (-X) + 1)"
  1895           using S_Ub_is_SHIFT_Ub by simp
  1896         hence "t \<le> (x + (-X) + 1)"
  1897           using t_is_Lub by (simp add: isLub_le_isUb)
  1898         hence "t + X + -1 \<le> x" by arith
  1899       }
  1900       then show "(t + X + -1) <=* Collect (isUb UNIV S)"
  1901         by (simp add: setgeI)
  1902     next
  1903       show "isUb UNIV S (t + X + -1)"
  1904       proof -
  1905         {
  1906           fix y
  1907           assume y_in_S: "y \<in> S"
  1908           have "y \<le> t + X + -1"
  1909           proof -
  1910             obtain "u" where u_in_shift: "u \<in> ?SHIFT" using shifted_not_empty ..
  1911             hence "\<exists> x \<in> S. u = x + - X + 1" by simp
  1912             then obtain "x" where x_and_u: "u = x + - X + 1" ..
  1913             have u_le_t: "u \<le> t" using u_in_shift and t_is_Lub by (simp add: isLubD2)
  1914 
  1915             show ?thesis
  1916             proof cases
  1917               assume "y \<le> x"
  1918               moreover have "x = u + X + - 1" using x_and_u by arith
  1919               moreover have "u + X + - 1  \<le> t + X + -1" using u_le_t by arith
  1920               ultimately show "y  \<le> t + X + -1" by arith
  1921             next
  1922               assume "~(y \<le> x)"
  1923               hence x_less_y: "x < y" by arith
  1924 
  1925               have "x + (-X) + 1 \<in> ?SHIFT" using x_and_u and u_in_shift by simp
  1926               hence "0 < x + (-X) + 1" by simp
  1927               hence "0 < y + (-X) + 1" using x_less_y by arith
  1928               hence "y + (-X) + 1 \<in> ?SHIFT" using y_in_S by simp
  1929               hence "y + (-X) + 1 \<le> t" using t_is_Lub  by (simp add: isLubD2)
  1930               thus ?thesis by simp
  1931             qed
  1932           qed
  1933         }
  1934         then show ?thesis by (simp add: isUb_def setle_def)
  1935       qed
  1936     qed
  1937   qed
  1938 qed
  1939 
  1940 text{*A version of the same theorem without all those predicates!*}
  1941 lemma reals_complete2:
  1942   fixes S :: "(real set)"
  1943   assumes "\<exists>y. y\<in>S" and "\<exists>(x::real). \<forall>y\<in>S. y \<le> x"
  1944   shows "\<exists>x. (\<forall>y\<in>S. y \<le> x) & 
  1945                (\<forall>z. ((\<forall>y\<in>S. y \<le> z) --> x \<le> z))"
  1946 proof -
  1947   have "\<exists>x. isLub UNIV S x" 
  1948     by (rule reals_complete)
  1949        (auto simp add: isLub_def isUb_def leastP_def setle_def setge_def assms)
  1950   thus ?thesis
  1951     by (metis UNIV_I isLub_isUb isLub_le_isUb isUbD isUb_def setleI)
  1952 qed
  1953 
  1954 
  1955 subsection {* The Archimedean Property of the Reals *}
  1956 
  1957 theorem reals_Archimedean:
  1958   fixes x :: real
  1959   assumes x_pos: "0 < x"
  1960   shows "\<exists>n. inverse (of_nat (Suc n)) < x"
  1961 proof (rule ccontr)
  1962   assume contr: "\<not> ?thesis"
  1963   have "\<forall>n. x * of_nat (Suc n) <= 1"
  1964   proof
  1965     fix n
  1966     from contr have "x \<le> inverse (of_nat (Suc n))"
  1967       by (simp add: linorder_not_less)
  1968     hence "x \<le> (1 / (of_nat (Suc n)))"
  1969       by (simp add: inverse_eq_divide)
  1970     moreover have "(0::real) \<le> of_nat (Suc n)"
  1971       by (rule of_nat_0_le_iff)
  1972     ultimately have "x * of_nat (Suc n) \<le> (1 / of_nat (Suc n)) * of_nat (Suc n)"
  1973       by (rule mult_right_mono)
  1974     thus "x * of_nat (Suc n) \<le> 1" by (simp del: of_nat_Suc)
  1975   qed
  1976   hence "{z. \<exists>n. z = x * (of_nat (Suc n))} *<= 1"
  1977     by (simp add: setle_def del: of_nat_Suc, safe, rule spec)
  1978   hence "isUb (UNIV::real set) {z. \<exists>n. z = x * (of_nat (Suc n))} 1"
  1979     by (simp add: isUbI)
  1980   hence "\<exists>Y. isUb (UNIV::real set) {z. \<exists>n. z = x* (of_nat (Suc n))} Y" ..
  1981   moreover have "\<exists>X. X \<in> {z. \<exists>n. z = x* (of_nat (Suc n))}" by auto
  1982   ultimately have "\<exists>t. isLub UNIV {z. \<exists>n. z = x * of_nat (Suc n)} t"
  1983     by (simp add: reals_complete)
  1984   then obtain "t" where
  1985     t_is_Lub: "isLub UNIV {z. \<exists>n. z = x * of_nat (Suc n)} t" ..
  1986 
  1987   have "\<forall>n::nat. x * of_nat n \<le> t + - x"
  1988   proof
  1989     fix n
  1990     from t_is_Lub have "x * of_nat (Suc n) \<le> t"
  1991       by (simp add: isLubD2)
  1992     hence  "x * (of_nat n) + x \<le> t"
  1993       by (simp add: right_distrib)
  1994     thus  "x * (of_nat n) \<le> t + - x" by arith
  1995   qed
  1996 
  1997   hence "\<forall>m. x * of_nat (Suc m) \<le> t + - x" by (simp del: of_nat_Suc)
  1998   hence "{z. \<exists>n. z = x * (of_nat (Suc n))}  *<= (t + - x)"
  1999     by (auto simp add: setle_def)
  2000   hence "isUb (UNIV::real set) {z. \<exists>n. z = x * (of_nat (Suc n))} (t + (-x))"
  2001     by (simp add: isUbI)
  2002   hence "t \<le> t + - x"
  2003     using t_is_Lub by (simp add: isLub_le_isUb)
  2004   thus False using x_pos by arith
  2005 qed
  2006 
  2007 text {*
  2008   There must be other proofs, e.g. @{text Suc} of the largest
  2009   integer in the cut representing @{text "x"}.
  2010 *}
  2011 
  2012 lemma reals_Archimedean2: "\<exists>n. (x::real) < of_nat (n::nat)"
  2013 proof cases
  2014   assume "x \<le> 0"
  2015   hence "x < of_nat (1::nat)" by simp
  2016   thus ?thesis ..
  2017 next
  2018   assume "\<not> x \<le> 0"
  2019   hence x_greater_zero: "0 < x" by simp
  2020   hence "0 < inverse x" by simp
  2021   then obtain n where "inverse (of_nat (Suc n)) < inverse x"
  2022     using reals_Archimedean by blast
  2023   hence "inverse (of_nat (Suc n)) * x < inverse x * x"
  2024     using x_greater_zero by (rule mult_strict_right_mono)
  2025   hence "inverse (of_nat (Suc n)) * x < 1"
  2026     using x_greater_zero by simp
  2027   hence "of_nat (Suc n) * (inverse (of_nat (Suc n)) * x) < of_nat (Suc n) * 1"
  2028     by (rule mult_strict_left_mono) (simp del: of_nat_Suc)
  2029   hence "x < of_nat (Suc n)"
  2030     by (simp add: algebra_simps del: of_nat_Suc)
  2031   thus "\<exists>(n::nat). x < of_nat n" ..
  2032 qed
  2033 
  2034 instance real :: archimedean_field
  2035 proof
  2036   fix r :: real
  2037   obtain n :: nat where "r < of_nat n"
  2038     using reals_Archimedean2 ..
  2039   then have "r \<le> of_int (int n)"
  2040     by simp
  2041   then show "\<exists>z. r \<le> of_int z" ..
  2042 qed
  2043 
  2044 end