src/HOL/ex/Dedekind_Real.thy
author wenzelm
Wed Jun 22 10:09:20 2016 +0200 (2016-06-22)
changeset 63343 fb5d8a50c641
parent 61945 1135b8de26c3
child 67443 3abf6a722518
permissions -rw-r--r--
bundle lifting_syntax;
     1 (*  Title:      HOL/ex/Dedekind_Real.thy
     2     Author:     Jacques D. Fleuriot, University of Cambridge
     3     Conversion to Isar and new proofs by Lawrence C Paulson, 2003/4
     4 
     5 The positive reals as Dedekind sections of positive
     6 rationals. Fundamentals of Abstract Analysis [Gleason- p. 121]
     7 provides some of the definitions.
     8 *)
     9 
    10 theory Dedekind_Real
    11 imports Complex_Main
    12 begin
    13 
    14 section \<open>Positive real numbers\<close>
    15 
    16 text\<open>Could be generalized and moved to \<open>Groups\<close>\<close>
    17 lemma add_eq_exists: "\<exists>x. a+x = (b::rat)"
    18 by (rule_tac x="b-a" in exI, simp)
    19 
    20 definition
    21   cut :: "rat set => bool" where
    22   "cut A = ({} \<subset> A &
    23             A < {r. 0 < r} &
    24             (\<forall>y \<in> A. ((\<forall>z. 0<z & z < y --> z \<in> A) & (\<exists>u \<in> A. y < u))))"
    25 
    26 lemma interval_empty_iff:
    27   "{y. (x::'a::unbounded_dense_linorder) < y \<and> y < z} = {} \<longleftrightarrow> \<not> x < z"
    28   by (auto dest: dense)
    29 
    30 
    31 lemma cut_of_rat: 
    32   assumes q: "0 < q" shows "cut {r::rat. 0 < r & r < q}" (is "cut ?A")
    33 proof -
    34   from q have pos: "?A < {r. 0 < r}" by force
    35   have nonempty: "{} \<subset> ?A"
    36   proof
    37     show "{} \<subseteq> ?A" by simp
    38     show "{} \<noteq> ?A"
    39       by (force simp only: q eq_commute [of "{}"] interval_empty_iff)
    40   qed
    41   show ?thesis
    42     by (simp add: cut_def pos nonempty,
    43         blast dest: dense intro: order_less_trans)
    44 qed
    45 
    46 
    47 typedef preal = "Collect cut"
    48   by (blast intro: cut_of_rat [OF zero_less_one])
    49 
    50 lemma Abs_preal_induct [induct type: preal]:
    51   "(\<And>x. cut x \<Longrightarrow> P (Abs_preal x)) \<Longrightarrow> P x"
    52   using Abs_preal_induct [of P x] by simp
    53 
    54 lemma Rep_preal:
    55   "cut (Rep_preal x)"
    56   using Rep_preal [of x] by simp
    57 
    58 definition
    59   psup :: "preal set => preal" where
    60   "psup P = Abs_preal (\<Union>X \<in> P. Rep_preal X)"
    61 
    62 definition
    63   add_set :: "[rat set,rat set] => rat set" where
    64   "add_set A B = {w. \<exists>x \<in> A. \<exists>y \<in> B. w = x + y}"
    65 
    66 definition
    67   diff_set :: "[rat set,rat set] => rat set" where
    68   "diff_set A B = {w. \<exists>x. 0 < w & 0 < x & x \<notin> B & x + w \<in> A}"
    69 
    70 definition
    71   mult_set :: "[rat set,rat set] => rat set" where
    72   "mult_set A B = {w. \<exists>x \<in> A. \<exists>y \<in> B. w = x * y}"
    73 
    74 definition
    75   inverse_set :: "rat set => rat set" where
    76   "inverse_set A = {x. \<exists>y. 0 < x & x < y & inverse y \<notin> A}"
    77 
    78 instantiation preal :: "{ord, plus, minus, times, inverse, one}"
    79 begin
    80 
    81 definition
    82   preal_less_def:
    83     "R < S == Rep_preal R < Rep_preal S"
    84 
    85 definition
    86   preal_le_def:
    87     "R \<le> S == Rep_preal R \<subseteq> Rep_preal S"
    88 
    89 definition
    90   preal_add_def:
    91     "R + S == Abs_preal (add_set (Rep_preal R) (Rep_preal S))"
    92 
    93 definition
    94   preal_diff_def:
    95     "R - S == Abs_preal (diff_set (Rep_preal R) (Rep_preal S))"
    96 
    97 definition
    98   preal_mult_def:
    99     "R * S == Abs_preal (mult_set (Rep_preal R) (Rep_preal S))"
   100 
   101 definition
   102   preal_inverse_def:
   103     "inverse R == Abs_preal (inverse_set (Rep_preal R))"
   104 
   105 definition "R div S = R * inverse (S::preal)"
   106 
   107 definition
   108   preal_one_def:
   109     "1 == Abs_preal {x. 0 < x & x < 1}"
   110 
   111 instance ..
   112 
   113 end
   114 
   115 
   116 text\<open>Reduces equality on abstractions to equality on representatives\<close>
   117 declare Abs_preal_inject [simp]
   118 declare Abs_preal_inverse [simp]
   119 
   120 lemma rat_mem_preal: "0 < q ==> cut {r::rat. 0 < r & r < q}"
   121 by (simp add: cut_of_rat)
   122 
   123 lemma preal_nonempty: "cut A ==> \<exists>x\<in>A. 0 < x"
   124   unfolding cut_def [abs_def] by blast
   125 
   126 lemma preal_Ex_mem: "cut A \<Longrightarrow> \<exists>x. x \<in> A"
   127   apply (drule preal_nonempty)
   128   apply fast
   129   done
   130 
   131 lemma preal_imp_psubset_positives: "cut A ==> A < {r. 0 < r}"
   132   by (force simp add: cut_def)
   133 
   134 lemma preal_exists_bound: "cut A ==> \<exists>x. 0 < x & x \<notin> A"
   135   apply (drule preal_imp_psubset_positives)
   136   apply auto
   137   done
   138 
   139 lemma preal_exists_greater: "[| cut A; y \<in> A |] ==> \<exists>u \<in> A. y < u"
   140   unfolding cut_def [abs_def] by blast
   141 
   142 lemma preal_downwards_closed: "[| cut A; y \<in> A; 0 < z; z < y |] ==> z \<in> A"
   143   unfolding cut_def [abs_def] by blast
   144 
   145 text\<open>Relaxing the final premise\<close>
   146 lemma preal_downwards_closed':
   147      "[| cut A; y \<in> A; 0 < z; z \<le> y |] ==> z \<in> A"
   148 apply (simp add: order_le_less)
   149 apply (blast intro: preal_downwards_closed)
   150 done
   151 
   152 text\<open>A positive fraction not in a positive real is an upper bound.
   153  Gleason p. 122 - Remark (1)\<close>
   154 
   155 lemma not_in_preal_ub:
   156   assumes A: "cut A"
   157     and notx: "x \<notin> A"
   158     and y: "y \<in> A"
   159     and pos: "0 < x"
   160   shows "y < x"
   161 proof (cases rule: linorder_cases)
   162   assume "x<y"
   163   with notx show ?thesis
   164     by (simp add:  preal_downwards_closed [OF A y] pos)
   165 next
   166   assume "x=y"
   167   with notx and y show ?thesis by simp
   168 next
   169   assume "y<x"
   170   thus ?thesis .
   171 qed
   172 
   173 text \<open>preal lemmas instantiated to @{term "Rep_preal X"}\<close>
   174 
   175 lemma mem_Rep_preal_Ex: "\<exists>x. x \<in> Rep_preal X"
   176 thm preal_Ex_mem
   177 by (rule preal_Ex_mem [OF Rep_preal])
   178 
   179 lemma Rep_preal_exists_bound: "\<exists>x>0. x \<notin> Rep_preal X"
   180 by (rule preal_exists_bound [OF Rep_preal])
   181 
   182 lemmas not_in_Rep_preal_ub = not_in_preal_ub [OF Rep_preal]
   183 
   184 
   185 subsection\<open>Properties of Ordering\<close>
   186 
   187 instance preal :: order
   188 proof
   189   fix w :: preal
   190   show "w \<le> w" by (simp add: preal_le_def)
   191 next
   192   fix i j k :: preal
   193   assume "i \<le> j" and "j \<le> k"
   194   then show "i \<le> k" by (simp add: preal_le_def)
   195 next
   196   fix z w :: preal
   197   assume "z \<le> w" and "w \<le> z"
   198   then show "z = w" by (simp add: preal_le_def Rep_preal_inject)
   199 next
   200   fix z w :: preal
   201   show "z < w \<longleftrightarrow> z \<le> w \<and> \<not> w \<le> z"
   202   by (auto simp add: preal_le_def preal_less_def Rep_preal_inject)
   203 qed  
   204 
   205 lemma preal_imp_pos: "[|cut A; r \<in> A|] ==> 0 < r"
   206 by (insert preal_imp_psubset_positives, blast)
   207 
   208 instance preal :: linorder
   209 proof
   210   fix x y :: preal
   211   show "x <= y | y <= x"
   212     apply (auto simp add: preal_le_def)
   213     apply (rule ccontr)
   214     apply (blast dest: not_in_Rep_preal_ub intro: preal_imp_pos [OF Rep_preal]
   215              elim: order_less_asym)
   216     done
   217 qed
   218 
   219 instantiation preal :: distrib_lattice
   220 begin
   221 
   222 definition
   223   "(inf :: preal \<Rightarrow> preal \<Rightarrow> preal) = min"
   224 
   225 definition
   226   "(sup :: preal \<Rightarrow> preal \<Rightarrow> preal) = max"
   227 
   228 instance
   229   by intro_classes
   230     (auto simp add: inf_preal_def sup_preal_def max_min_distrib2)
   231 
   232 end
   233 
   234 subsection\<open>Properties of Addition\<close>
   235 
   236 lemma preal_add_commute: "(x::preal) + y = y + x"
   237 apply (unfold preal_add_def add_set_def)
   238 apply (rule_tac f = Abs_preal in arg_cong)
   239 apply (force simp add: add.commute)
   240 done
   241 
   242 text\<open>Lemmas for proving that addition of two positive reals gives
   243  a positive real\<close>
   244 
   245 text\<open>Part 1 of Dedekind sections definition\<close>
   246 lemma add_set_not_empty:
   247      "[|cut A; cut B|] ==> {} \<subset> add_set A B"
   248 apply (drule preal_nonempty)+
   249 apply (auto simp add: add_set_def)
   250 done
   251 
   252 text\<open>Part 2 of Dedekind sections definition.  A structured version of
   253 this proof is \<open>preal_not_mem_mult_set_Ex\<close> below.\<close>
   254 lemma preal_not_mem_add_set_Ex:
   255      "[|cut A; cut B|] ==> \<exists>q>0. q \<notin> add_set A B"
   256 apply (insert preal_exists_bound [of A] preal_exists_bound [of B], auto) 
   257 apply (rule_tac x = "x+xa" in exI)
   258 apply (simp add: add_set_def, clarify)
   259 apply (drule (3) not_in_preal_ub)+
   260 apply (force dest: add_strict_mono)
   261 done
   262 
   263 lemma add_set_not_rat_set:
   264    assumes A: "cut A" 
   265        and B: "cut B"
   266      shows "add_set A B < {r. 0 < r}"
   267 proof
   268   from preal_imp_pos [OF A] preal_imp_pos [OF B]
   269   show "add_set A B \<subseteq> {r. 0 < r}" by (force simp add: add_set_def) 
   270 next
   271   show "add_set A B \<noteq> {r. 0 < r}"
   272     by (insert preal_not_mem_add_set_Ex [OF A B], blast) 
   273 qed
   274 
   275 text\<open>Part 3 of Dedekind sections definition\<close>
   276 lemma add_set_lemma3:
   277      "[|cut A; cut B; u \<in> add_set A B; 0 < z; z < u|] 
   278       ==> z \<in> add_set A B"
   279 proof (unfold add_set_def, clarify)
   280   fix x::rat and y::rat
   281   assume A: "cut A" 
   282     and B: "cut B"
   283     and [simp]: "0 < z"
   284     and zless: "z < x + y"
   285     and x:  "x \<in> A"
   286     and y:  "y \<in> B"
   287   have xpos [simp]: "0<x" by (rule preal_imp_pos [OF A x])
   288   have ypos [simp]: "0<y" by (rule preal_imp_pos [OF B y])
   289   have xypos [simp]: "0 < x+y" by (simp add: pos_add_strict)
   290   let ?f = "z/(x+y)"
   291   have fless: "?f < 1" by (simp add: zless pos_divide_less_eq)
   292   show "\<exists>x' \<in> A. \<exists>y'\<in>B. z = x' + y'"
   293   proof (intro bexI)
   294     show "z = x*?f + y*?f"
   295       by (simp add: distrib_right [symmetric] divide_inverse ac_simps
   296           order_less_imp_not_eq2)
   297   next
   298     show "y * ?f \<in> B"
   299     proof (rule preal_downwards_closed [OF B y])
   300       show "0 < y * ?f"
   301         by (simp add: divide_inverse zero_less_mult_iff)
   302     next
   303       show "y * ?f < y"
   304         by (insert mult_strict_left_mono [OF fless ypos], simp)
   305     qed
   306   next
   307     show "x * ?f \<in> A"
   308     proof (rule preal_downwards_closed [OF A x])
   309       show "0 < x * ?f"
   310         by (simp add: divide_inverse zero_less_mult_iff)
   311     next
   312       show "x * ?f < x"
   313         by (insert mult_strict_left_mono [OF fless xpos], simp)
   314     qed
   315   qed
   316 qed
   317 
   318 text\<open>Part 4 of Dedekind sections definition\<close>
   319 lemma add_set_lemma4:
   320      "[|cut A; cut B; y \<in> add_set A B|] ==> \<exists>u \<in> add_set A B. y < u"
   321 apply (auto simp add: add_set_def)
   322 apply (frule preal_exists_greater [of A], auto) 
   323 apply (rule_tac x="u + ya" in exI)
   324 apply (auto intro: add_strict_left_mono)
   325 done
   326 
   327 lemma mem_add_set:
   328      "[|cut A; cut B|] ==> cut (add_set A B)"
   329 apply (simp (no_asm_simp) add: cut_def)
   330 apply (blast intro!: add_set_not_empty add_set_not_rat_set
   331                      add_set_lemma3 add_set_lemma4)
   332 done
   333 
   334 lemma preal_add_assoc: "((x::preal) + y) + z = x + (y + z)"
   335 apply (simp add: preal_add_def mem_add_set Rep_preal)
   336 apply (force simp add: add_set_def ac_simps)
   337 done
   338 
   339 instance preal :: ab_semigroup_add
   340 proof
   341   fix a b c :: preal
   342   show "(a + b) + c = a + (b + c)" by (rule preal_add_assoc)
   343   show "a + b = b + a" by (rule preal_add_commute)
   344 qed
   345 
   346 
   347 subsection\<open>Properties of Multiplication\<close>
   348 
   349 text\<open>Proofs essentially same as for addition\<close>
   350 
   351 lemma preal_mult_commute: "(x::preal) * y = y * x"
   352 apply (unfold preal_mult_def mult_set_def)
   353 apply (rule_tac f = Abs_preal in arg_cong)
   354 apply (force simp add: mult.commute)
   355 done
   356 
   357 text\<open>Multiplication of two positive reals gives a positive real.\<close>
   358 
   359 text\<open>Lemmas for proving positive reals multiplication set in @{typ preal}\<close>
   360 
   361 text\<open>Part 1 of Dedekind sections definition\<close>
   362 lemma mult_set_not_empty:
   363      "[|cut A; cut B|] ==> {} \<subset> mult_set A B"
   364 apply (insert preal_nonempty [of A] preal_nonempty [of B]) 
   365 apply (auto simp add: mult_set_def)
   366 done
   367 
   368 text\<open>Part 2 of Dedekind sections definition\<close>
   369 lemma preal_not_mem_mult_set_Ex:
   370   assumes A: "cut A" 
   371     and B: "cut B"
   372   shows "\<exists>q. 0 < q & q \<notin> mult_set A B"
   373 proof -
   374   from preal_exists_bound [OF A] obtain x where 1 [simp]: "0 < x" "x \<notin> A" by blast
   375   from preal_exists_bound [OF B] obtain y where 2 [simp]: "0 < y" "y \<notin> B" by blast
   376   show ?thesis
   377   proof (intro exI conjI)
   378     show "0 < x*y" by simp
   379     show "x * y \<notin> mult_set A B"
   380     proof -
   381       {
   382         fix u::rat and v::rat
   383         assume u: "u \<in> A" and v: "v \<in> B" and xy: "x*y = u*v"
   384         moreover from A B 1 2 u v have "u<x" and "v<y" by (blast dest: not_in_preal_ub)+
   385         moreover
   386         from A B 1 2 u v have "0\<le>v"
   387           by (blast intro: preal_imp_pos [OF B] order_less_imp_le)
   388         moreover
   389         from A B 1 \<open>u < x\<close> \<open>v < y\<close> \<open>0 \<le> v\<close>
   390         have "u*v < x*y" by (blast intro: mult_strict_mono)
   391         ultimately have False by force
   392       }
   393       thus ?thesis by (auto simp add: mult_set_def)
   394     qed
   395   qed
   396 qed
   397 
   398 lemma mult_set_not_rat_set:
   399   assumes A: "cut A" 
   400     and B: "cut B"
   401   shows "mult_set A B < {r. 0 < r}"
   402 proof
   403   show "mult_set A B \<subseteq> {r. 0 < r}"
   404     by (force simp add: mult_set_def
   405       intro: preal_imp_pos [OF A] preal_imp_pos [OF B] mult_pos_pos)
   406   show "mult_set A B \<noteq> {r. 0 < r}"
   407     using preal_not_mem_mult_set_Ex [OF A B] by blast
   408 qed
   409 
   410 
   411 
   412 text\<open>Part 3 of Dedekind sections definition\<close>
   413 lemma mult_set_lemma3:
   414      "[|cut A; cut B; u \<in> mult_set A B; 0 < z; z < u|] 
   415       ==> z \<in> mult_set A B"
   416 proof (unfold mult_set_def, clarify)
   417   fix x::rat and y::rat
   418   assume A: "cut A" 
   419     and B: "cut B"
   420     and [simp]: "0 < z"
   421     and zless: "z < x * y"
   422     and x:  "x \<in> A"
   423     and y:  "y \<in> B"
   424   have [simp]: "0<y" by (rule preal_imp_pos [OF B y])
   425   show "\<exists>x' \<in> A. \<exists>y' \<in> B. z = x' * y'"
   426   proof
   427     show "\<exists>y'\<in>B. z = (z/y) * y'"
   428     proof
   429       show "z = (z/y)*y"
   430         by (simp add: divide_inverse mult.commute [of y] mult.assoc
   431                       order_less_imp_not_eq2)
   432       show "y \<in> B" by fact
   433     qed
   434   next
   435     show "z/y \<in> A"
   436     proof (rule preal_downwards_closed [OF A x])
   437       show "0 < z/y"
   438         by (simp add: zero_less_divide_iff)
   439       show "z/y < x" by (simp add: pos_divide_less_eq zless)
   440     qed
   441   qed
   442 qed
   443 
   444 text\<open>Part 4 of Dedekind sections definition\<close>
   445 lemma mult_set_lemma4:
   446      "[|cut A; cut B; y \<in> mult_set A B|] ==> \<exists>u \<in> mult_set A B. y < u"
   447 apply (auto simp add: mult_set_def)
   448 apply (frule preal_exists_greater [of A], auto) 
   449 apply (rule_tac x="u * ya" in exI)
   450 apply (auto intro: preal_imp_pos [of A] preal_imp_pos [of B] 
   451                    mult_strict_right_mono)
   452 done
   453 
   454 
   455 lemma mem_mult_set:
   456      "[|cut A; cut B|] ==> cut (mult_set A B)"
   457 apply (simp (no_asm_simp) add: cut_def)
   458 apply (blast intro!: mult_set_not_empty mult_set_not_rat_set
   459                      mult_set_lemma3 mult_set_lemma4)
   460 done
   461 
   462 lemma preal_mult_assoc: "((x::preal) * y) * z = x * (y * z)"
   463 apply (simp add: preal_mult_def mem_mult_set Rep_preal)
   464 apply (force simp add: mult_set_def ac_simps)
   465 done
   466 
   467 instance preal :: ab_semigroup_mult
   468 proof
   469   fix a b c :: preal
   470   show "(a * b) * c = a * (b * c)" by (rule preal_mult_assoc)
   471   show "a * b = b * a" by (rule preal_mult_commute)
   472 qed
   473 
   474 
   475 text\<open>Positive real 1 is the multiplicative identity element\<close>
   476 
   477 lemma preal_mult_1: "(1::preal) * z = z"
   478 proof (induct z)
   479   fix A :: "rat set"
   480   assume A: "cut A"
   481   have "{w. \<exists>u. 0 < u \<and> u < 1 & (\<exists>v \<in> A. w = u * v)} = A" (is "?lhs = A")
   482   proof
   483     show "?lhs \<subseteq> A"
   484     proof clarify
   485       fix x::rat and u::rat and v::rat
   486       assume upos: "0<u" and "u<1" and v: "v \<in> A"
   487       have vpos: "0<v" by (rule preal_imp_pos [OF A v])
   488       hence "u*v < 1*v" by (simp only: mult_strict_right_mono upos \<open>u < 1\<close> v)
   489       thus "u * v \<in> A"
   490         by (force intro: preal_downwards_closed [OF A v] mult_pos_pos 
   491           upos vpos)
   492     qed
   493   next
   494     show "A \<subseteq> ?lhs"
   495     proof clarify
   496       fix x::rat
   497       assume x: "x \<in> A"
   498       have xpos: "0<x" by (rule preal_imp_pos [OF A x])
   499       from preal_exists_greater [OF A x]
   500       obtain v where v: "v \<in> A" and xlessv: "x < v" ..
   501       have vpos: "0<v" by (rule preal_imp_pos [OF A v])
   502       show "\<exists>u. 0 < u \<and> u < 1 \<and> (\<exists>v\<in>A. x = u * v)"
   503       proof (intro exI conjI)
   504         show "0 < x/v"
   505           by (simp add: zero_less_divide_iff xpos vpos)
   506         show "x / v < 1"
   507           by (simp add: pos_divide_less_eq vpos xlessv)
   508         show "\<exists>v'\<in>A. x = (x / v) * v'"
   509         proof
   510           show "x = (x/v)*v"
   511             by (simp add: divide_inverse mult.assoc vpos
   512                           order_less_imp_not_eq2)
   513           show "v \<in> A" by fact
   514         qed
   515       qed
   516     qed
   517   qed
   518   thus "1 * Abs_preal A = Abs_preal A"
   519     by (simp add: preal_one_def preal_mult_def mult_set_def 
   520                   rat_mem_preal A)
   521 qed
   522 
   523 instance preal :: comm_monoid_mult
   524 by intro_classes (rule preal_mult_1)
   525 
   526 
   527 subsection\<open>Distribution of Multiplication across Addition\<close>
   528 
   529 lemma mem_Rep_preal_add_iff:
   530       "(z \<in> Rep_preal(R+S)) = (\<exists>x \<in> Rep_preal R. \<exists>y \<in> Rep_preal S. z = x + y)"
   531 apply (simp add: preal_add_def mem_add_set Rep_preal)
   532 apply (simp add: add_set_def) 
   533 done
   534 
   535 lemma mem_Rep_preal_mult_iff:
   536       "(z \<in> Rep_preal(R*S)) = (\<exists>x \<in> Rep_preal R. \<exists>y \<in> Rep_preal S. z = x * y)"
   537 apply (simp add: preal_mult_def mem_mult_set Rep_preal)
   538 apply (simp add: mult_set_def) 
   539 done
   540 
   541 lemma distrib_subset1:
   542      "Rep_preal (w * (x + y)) \<subseteq> Rep_preal (w * x + w * y)"
   543 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_mult_iff)
   544 apply (force simp add: distrib_left)
   545 done
   546 
   547 lemma preal_add_mult_distrib_mean:
   548   assumes a: "a \<in> Rep_preal w"
   549     and b: "b \<in> Rep_preal w"
   550     and d: "d \<in> Rep_preal x"
   551     and e: "e \<in> Rep_preal y"
   552   shows "\<exists>c \<in> Rep_preal w. a * d + b * e = c * (d + e)"
   553 proof
   554   let ?c = "(a*d + b*e)/(d+e)"
   555   have [simp]: "0<a" "0<b" "0<d" "0<e" "0<d+e"
   556     by (blast intro: preal_imp_pos [OF Rep_preal] a b d e pos_add_strict)+
   557   have cpos: "0 < ?c"
   558     by (simp add: zero_less_divide_iff zero_less_mult_iff pos_add_strict)
   559   show "a * d + b * e = ?c * (d + e)"
   560     by (simp add: divide_inverse mult.assoc order_less_imp_not_eq2)
   561   show "?c \<in> Rep_preal w"
   562   proof (cases rule: linorder_le_cases)
   563     assume "a \<le> b"
   564     hence "?c \<le> b"
   565       by (simp add: pos_divide_le_eq distrib_left mult_right_mono
   566                     order_less_imp_le)
   567     thus ?thesis by (rule preal_downwards_closed' [OF Rep_preal b cpos])
   568   next
   569     assume "b \<le> a"
   570     hence "?c \<le> a"
   571       by (simp add: pos_divide_le_eq distrib_left mult_right_mono
   572                     order_less_imp_le)
   573     thus ?thesis by (rule preal_downwards_closed' [OF Rep_preal a cpos])
   574   qed
   575 qed
   576 
   577 lemma distrib_subset2:
   578      "Rep_preal (w * x + w * y) \<subseteq> Rep_preal (w * (x + y))"
   579 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_mult_iff)
   580 apply (drule_tac w=w and x=x and y=y in preal_add_mult_distrib_mean, auto)
   581 done
   582 
   583 lemma preal_add_mult_distrib2: "(w * ((x::preal) + y)) = (w * x) + (w * y)"
   584 apply (rule Rep_preal_inject [THEN iffD1])
   585 apply (rule equalityI [OF distrib_subset1 distrib_subset2])
   586 done
   587 
   588 lemma preal_add_mult_distrib: "(((x::preal) + y) * w) = (x * w) + (y * w)"
   589 by (simp add: preal_mult_commute preal_add_mult_distrib2)
   590 
   591 instance preal :: comm_semiring
   592 by intro_classes (rule preal_add_mult_distrib)
   593 
   594 
   595 subsection\<open>Existence of Inverse, a Positive Real\<close>
   596 
   597 lemma mem_inv_set_ex:
   598   assumes A: "cut A" shows "\<exists>x y. 0 < x & x < y & inverse y \<notin> A"
   599 proof -
   600   from preal_exists_bound [OF A]
   601   obtain x where [simp]: "0<x" "x \<notin> A" by blast
   602   show ?thesis
   603   proof (intro exI conjI)
   604     show "0 < inverse (x+1)"
   605       by (simp add: order_less_trans [OF _ less_add_one]) 
   606     show "inverse(x+1) < inverse x"
   607       by (simp add: less_imp_inverse_less less_add_one)
   608     show "inverse (inverse x) \<notin> A"
   609       by (simp add: order_less_imp_not_eq2)
   610   qed
   611 qed
   612 
   613 text\<open>Part 1 of Dedekind sections definition\<close>
   614 lemma inverse_set_not_empty:
   615      "cut A ==> {} \<subset> inverse_set A"
   616 apply (insert mem_inv_set_ex [of A])
   617 apply (auto simp add: inverse_set_def)
   618 done
   619 
   620 text\<open>Part 2 of Dedekind sections definition\<close>
   621 
   622 lemma preal_not_mem_inverse_set_Ex:
   623    assumes A: "cut A"  shows "\<exists>q. 0 < q & q \<notin> inverse_set A"
   624 proof -
   625   from preal_nonempty [OF A]
   626   obtain x where x: "x \<in> A" and  xpos [simp]: "0<x" ..
   627   show ?thesis
   628   proof (intro exI conjI)
   629     show "0 < inverse x" by simp
   630     show "inverse x \<notin> inverse_set A"
   631     proof -
   632       { fix y::rat 
   633         assume ygt: "inverse x < y"
   634         have [simp]: "0 < y" by (simp add: order_less_trans [OF _ ygt])
   635         have iyless: "inverse y < x" 
   636           by (simp add: inverse_less_imp_less [of x] ygt)
   637         have "inverse y \<in> A"
   638           by (simp add: preal_downwards_closed [OF A x] iyless)}
   639      thus ?thesis by (auto simp add: inverse_set_def)
   640     qed
   641   qed
   642 qed
   643 
   644 lemma inverse_set_not_rat_set:
   645    assumes A: "cut A"  shows "inverse_set A < {r. 0 < r}"
   646 proof
   647   show "inverse_set A \<subseteq> {r. 0 < r}"  by (force simp add: inverse_set_def)
   648 next
   649   show "inverse_set A \<noteq> {r. 0 < r}"
   650     by (insert preal_not_mem_inverse_set_Ex [OF A], blast)
   651 qed
   652 
   653 text\<open>Part 3 of Dedekind sections definition\<close>
   654 lemma inverse_set_lemma3:
   655      "[|cut A; u \<in> inverse_set A; 0 < z; z < u|] 
   656       ==> z \<in> inverse_set A"
   657 apply (auto simp add: inverse_set_def)
   658 apply (auto intro: order_less_trans)
   659 done
   660 
   661 text\<open>Part 4 of Dedekind sections definition\<close>
   662 lemma inverse_set_lemma4:
   663      "[|cut A; y \<in> inverse_set A|] ==> \<exists>u \<in> inverse_set A. y < u"
   664 apply (auto simp add: inverse_set_def)
   665 apply (drule dense [of y]) 
   666 apply (blast intro: order_less_trans)
   667 done
   668 
   669 
   670 lemma mem_inverse_set:
   671      "cut A ==> cut (inverse_set A)"
   672 apply (simp (no_asm_simp) add: cut_def)
   673 apply (blast intro!: inverse_set_not_empty inverse_set_not_rat_set
   674                      inverse_set_lemma3 inverse_set_lemma4)
   675 done
   676 
   677 
   678 subsection\<open>Gleason's Lemma 9-3.4, page 122\<close>
   679 
   680 lemma Gleason9_34_exists:
   681   assumes A: "cut A"
   682     and "\<forall>x\<in>A. x + u \<in> A"
   683     and "0 \<le> z"
   684   shows "\<exists>b\<in>A. b + (of_int z) * u \<in> A"
   685 proof (cases z rule: int_cases)
   686   case (nonneg n)
   687   show ?thesis
   688   proof (simp add: nonneg, induct n)
   689     case 0
   690     from preal_nonempty [OF A]
   691     show ?case  by force 
   692   next
   693     case (Suc k)
   694     then obtain b where b: "b \<in> A" "b + of_nat k * u \<in> A" ..
   695     hence "b + of_int (int k)*u + u \<in> A" by (simp add: assms)
   696     thus ?case by (force simp add: algebra_simps b)
   697   qed
   698 next
   699   case (neg n)
   700   with assms show ?thesis by simp
   701 qed
   702 
   703 lemma Gleason9_34_contra:
   704   assumes A: "cut A"
   705     shows "[|\<forall>x\<in>A. x + u \<in> A; 0 < u; 0 < y; y \<notin> A|] ==> False"
   706 proof (induct u, induct y)
   707   fix a::int and b::int
   708   fix c::int and d::int
   709   assume bpos [simp]: "0 < b"
   710     and dpos [simp]: "0 < d"
   711     and closed: "\<forall>x\<in>A. x + (Fract c d) \<in> A"
   712     and upos: "0 < Fract c d"
   713     and ypos: "0 < Fract a b"
   714     and notin: "Fract a b \<notin> A"
   715   have cpos [simp]: "0 < c" 
   716     by (simp add: zero_less_Fract_iff [OF dpos, symmetric] upos) 
   717   have apos [simp]: "0 < a" 
   718     by (simp add: zero_less_Fract_iff [OF bpos, symmetric] ypos) 
   719   let ?k = "a*d"
   720   have frle: "Fract a b \<le> Fract ?k 1 * (Fract c d)" 
   721   proof -
   722     have "?thesis = ((a * d * b * d) \<le> c * b * (a * d * b * d))"
   723       by (simp add: order_less_imp_not_eq2 ac_simps) 
   724     moreover
   725     have "(1 * (a * d * b * d)) \<le> c * b * (a * d * b * d)"
   726       by (rule mult_mono, 
   727           simp_all add: int_one_le_iff_zero_less zero_less_mult_iff 
   728                         order_less_imp_le)
   729     ultimately
   730     show ?thesis by simp
   731   qed
   732   have k: "0 \<le> ?k" by (simp add: order_less_imp_le zero_less_mult_iff)  
   733   from Gleason9_34_exists [OF A closed k]
   734   obtain z where z: "z \<in> A" 
   735              and mem: "z + of_int ?k * Fract c d \<in> A" ..
   736   have less: "z + of_int ?k * Fract c d < Fract a b"
   737     by (rule not_in_preal_ub [OF A notin mem ypos])
   738   have "0<z" by (rule preal_imp_pos [OF A z])
   739   with frle and less show False by (simp add: Fract_of_int_eq) 
   740 qed
   741 
   742 
   743 lemma Gleason9_34:
   744   assumes A: "cut A"
   745     and upos: "0 < u"
   746   shows "\<exists>r \<in> A. r + u \<notin> A"
   747 proof (rule ccontr, simp)
   748   assume closed: "\<forall>r\<in>A. r + u \<in> A"
   749   from preal_exists_bound [OF A]
   750   obtain y where y: "y \<notin> A" and ypos: "0 < y" by blast
   751   show False
   752     by (rule Gleason9_34_contra [OF A closed upos ypos y])
   753 qed
   754 
   755 
   756 
   757 subsection\<open>Gleason's Lemma 9-3.6\<close>
   758 
   759 lemma lemma_gleason9_36:
   760   assumes A: "cut A"
   761     and x: "1 < x"
   762   shows "\<exists>r \<in> A. r*x \<notin> A"
   763 proof -
   764   from preal_nonempty [OF A]
   765   obtain y where y: "y \<in> A" and  ypos: "0<y" ..
   766   show ?thesis 
   767   proof (rule classical)
   768     assume "~(\<exists>r\<in>A. r * x \<notin> A)"
   769     with y have ymem: "y * x \<in> A" by blast 
   770     from ypos mult_strict_left_mono [OF x]
   771     have yless: "y < y*x" by simp 
   772     let ?d = "y*x - y"
   773     from yless have dpos: "0 < ?d" and eq: "y + ?d = y*x" by auto
   774     from Gleason9_34 [OF A dpos]
   775     obtain r where r: "r\<in>A" and notin: "r + ?d \<notin> A" ..
   776     have rpos: "0<r" by (rule preal_imp_pos [OF A r])
   777     with dpos have rdpos: "0 < r + ?d" by arith
   778     have "~ (r + ?d \<le> y + ?d)"
   779     proof
   780       assume le: "r + ?d \<le> y + ?d" 
   781       from ymem have yd: "y + ?d \<in> A" by (simp add: eq)
   782       have "r + ?d \<in> A" by (rule preal_downwards_closed' [OF A yd rdpos le])
   783       with notin show False by simp
   784     qed
   785     hence "y < r" by simp
   786     with ypos have  dless: "?d < (r * ?d)/y"
   787       using dpos less_divide_eq_1 by fastforce
   788     have "r + ?d < r*x"
   789     proof -
   790       have "r + ?d < r + (r * ?d)/y" by (simp add: dless)
   791       also from ypos have "... = (r/y) * (y + ?d)"
   792         by (simp only: algebra_simps divide_inverse, simp)
   793       also have "... = r*x" using ypos
   794         by simp
   795       finally show "r + ?d < r*x" .
   796     qed
   797     with r notin rdpos
   798     show "\<exists>r\<in>A. r * x \<notin> A" by (blast dest:  preal_downwards_closed [OF A])
   799   qed  
   800 qed
   801 
   802 subsection\<open>Existence of Inverse: Part 2\<close>
   803 
   804 lemma mem_Rep_preal_inverse_iff:
   805       "(z \<in> Rep_preal(inverse R)) = 
   806        (0 < z \<and> (\<exists>y. z < y \<and> inverse y \<notin> Rep_preal R))"
   807 apply (simp add: preal_inverse_def mem_inverse_set Rep_preal)
   808 apply (simp add: inverse_set_def) 
   809 done
   810 
   811 lemma Rep_preal_one:
   812      "Rep_preal 1 = {x. 0 < x \<and> x < 1}"
   813 by (simp add: preal_one_def rat_mem_preal)
   814 
   815 lemma subset_inverse_mult_lemma:
   816   assumes xpos: "0 < x" and xless: "x < 1"
   817   shows "\<exists>r u y. 0 < r & r < y & inverse y \<notin> Rep_preal R & 
   818     u \<in> Rep_preal R & x = r * u"
   819 proof -
   820   from xpos and xless have "1 < inverse x" by (simp add: one_less_inverse_iff)
   821   from lemma_gleason9_36 [OF Rep_preal this]
   822   obtain r where r: "r \<in> Rep_preal R" 
   823              and notin: "r * (inverse x) \<notin> Rep_preal R" ..
   824   have rpos: "0<r" by (rule preal_imp_pos [OF Rep_preal r])
   825   from preal_exists_greater [OF Rep_preal r]
   826   obtain u where u: "u \<in> Rep_preal R" and rless: "r < u" ..
   827   have upos: "0<u" by (rule preal_imp_pos [OF Rep_preal u])
   828   show ?thesis
   829   proof (intro exI conjI)
   830     show "0 < x/u" using xpos upos
   831       by (simp add: zero_less_divide_iff)  
   832     show "x/u < x/r" using xpos upos rpos
   833       by (simp add: divide_inverse mult_less_cancel_left rless) 
   834     show "inverse (x / r) \<notin> Rep_preal R" using notin
   835       by (simp add: divide_inverse mult.commute) 
   836     show "u \<in> Rep_preal R" by (rule u) 
   837     show "x = x / u * u" using upos 
   838       by (simp add: divide_inverse mult.commute) 
   839   qed
   840 qed
   841 
   842 lemma subset_inverse_mult: 
   843      "Rep_preal 1 \<subseteq> Rep_preal(inverse R * R)"
   844 apply (auto simp add: Bex_def Rep_preal_one mem_Rep_preal_inverse_iff 
   845                       mem_Rep_preal_mult_iff)
   846 apply (blast dest: subset_inverse_mult_lemma) 
   847 done
   848 
   849 lemma inverse_mult_subset_lemma:
   850   assumes rpos: "0 < r" 
   851     and rless: "r < y"
   852     and notin: "inverse y \<notin> Rep_preal R"
   853     and q: "q \<in> Rep_preal R"
   854   shows "r*q < 1"
   855 proof -
   856   have "q < inverse y" using rpos rless
   857     by (simp add: not_in_preal_ub [OF Rep_preal notin] q)
   858   hence "r * q < r/y" using rpos
   859     by (simp add: divide_inverse mult_less_cancel_left)
   860   also have "... \<le> 1" using rpos rless
   861     by (simp add: pos_divide_le_eq)
   862   finally show ?thesis .
   863 qed
   864 
   865 lemma inverse_mult_subset:
   866      "Rep_preal(inverse R * R) \<subseteq> Rep_preal 1"
   867 apply (auto simp add: Bex_def Rep_preal_one mem_Rep_preal_inverse_iff
   868                       mem_Rep_preal_mult_iff)
   869 apply (simp add: zero_less_mult_iff preal_imp_pos [OF Rep_preal]) 
   870 apply (blast intro: inverse_mult_subset_lemma) 
   871 done
   872 
   873 lemma preal_mult_inverse: "inverse R * R = (1::preal)"
   874 apply (rule Rep_preal_inject [THEN iffD1])
   875 apply (rule equalityI [OF inverse_mult_subset subset_inverse_mult]) 
   876 done
   877 
   878 lemma preal_mult_inverse_right: "R * inverse R = (1::preal)"
   879 apply (rule preal_mult_commute [THEN subst])
   880 apply (rule preal_mult_inverse)
   881 done
   882 
   883 
   884 text\<open>Theorems needing \<open>Gleason9_34\<close>\<close>
   885 
   886 lemma Rep_preal_self_subset: "Rep_preal (R) \<subseteq> Rep_preal(R + S)"
   887 proof 
   888   fix r
   889   assume r: "r \<in> Rep_preal R"
   890   have rpos: "0<r" by (rule preal_imp_pos [OF Rep_preal r])
   891   from mem_Rep_preal_Ex 
   892   obtain y where y: "y \<in> Rep_preal S" ..
   893   have ypos: "0<y" by (rule preal_imp_pos [OF Rep_preal y])
   894   have ry: "r+y \<in> Rep_preal(R + S)" using r y
   895     by (auto simp add: mem_Rep_preal_add_iff)
   896   show "r \<in> Rep_preal(R + S)" using r ypos rpos 
   897     by (simp add:  preal_downwards_closed [OF Rep_preal ry]) 
   898 qed
   899 
   900 lemma Rep_preal_sum_not_subset: "~ Rep_preal (R + S) \<subseteq> Rep_preal(R)"
   901 proof -
   902   from mem_Rep_preal_Ex 
   903   obtain y where y: "y \<in> Rep_preal S" ..
   904   have ypos: "0<y" by (rule preal_imp_pos [OF Rep_preal y])
   905   from  Gleason9_34 [OF Rep_preal ypos]
   906   obtain r where r: "r \<in> Rep_preal R" and notin: "r + y \<notin> Rep_preal R" ..
   907   have "r + y \<in> Rep_preal (R + S)" using r y
   908     by (auto simp add: mem_Rep_preal_add_iff)
   909   thus ?thesis using notin by blast
   910 qed
   911 
   912 lemma Rep_preal_sum_not_eq: "Rep_preal (R + S) \<noteq> Rep_preal(R)"
   913 by (insert Rep_preal_sum_not_subset, blast)
   914 
   915 text\<open>at last, Gleason prop. 9-3.5(iii) page 123\<close>
   916 lemma preal_self_less_add_left: "(R::preal) < R + S"
   917 apply (unfold preal_less_def less_le)
   918 apply (simp add: Rep_preal_self_subset Rep_preal_sum_not_eq [THEN not_sym])
   919 done
   920 
   921 
   922 subsection\<open>Subtraction for Positive Reals\<close>
   923 
   924 text\<open>Gleason prop. 9-3.5(iv), page 123: proving @{prop "A < B ==> \<exists>D. A + D =
   925 B"}. We define the claimed @{term D} and show that it is a positive real\<close>
   926 
   927 text\<open>Part 1 of Dedekind sections definition\<close>
   928 lemma diff_set_not_empty:
   929      "R < S ==> {} \<subset> diff_set (Rep_preal S) (Rep_preal R)"
   930 apply (auto simp add: preal_less_def diff_set_def elim!: equalityE) 
   931 apply (frule_tac x1 = S in Rep_preal [THEN preal_exists_greater])
   932 apply (drule preal_imp_pos [OF Rep_preal], clarify)
   933 apply (cut_tac a=x and b=u in add_eq_exists, force) 
   934 done
   935 
   936 text\<open>Part 2 of Dedekind sections definition\<close>
   937 lemma diff_set_nonempty:
   938      "\<exists>q. 0 < q & q \<notin> diff_set (Rep_preal S) (Rep_preal R)"
   939 apply (cut_tac X = S in Rep_preal_exists_bound)
   940 apply (erule exE)
   941 apply (rule_tac x = x in exI, auto)
   942 apply (simp add: diff_set_def) 
   943 apply (auto dest: Rep_preal [THEN preal_downwards_closed])
   944 done
   945 
   946 lemma diff_set_not_rat_set:
   947   "diff_set (Rep_preal S) (Rep_preal R) < {r. 0 < r}" (is "?lhs < ?rhs")
   948 proof
   949   show "?lhs \<subseteq> ?rhs" by (auto simp add: diff_set_def) 
   950   show "?lhs \<noteq> ?rhs" using diff_set_nonempty by blast
   951 qed
   952 
   953 text\<open>Part 3 of Dedekind sections definition\<close>
   954 lemma diff_set_lemma3:
   955      "[|R < S; u \<in> diff_set (Rep_preal S) (Rep_preal R); 0 < z; z < u|] 
   956       ==> z \<in> diff_set (Rep_preal S) (Rep_preal R)"
   957 apply (auto simp add: diff_set_def) 
   958 apply (rule_tac x=x in exI) 
   959 apply (drule Rep_preal [THEN preal_downwards_closed], auto)
   960 done
   961 
   962 text\<open>Part 4 of Dedekind sections definition\<close>
   963 lemma diff_set_lemma4:
   964      "[|R < S; y \<in> diff_set (Rep_preal S) (Rep_preal R)|] 
   965       ==> \<exists>u \<in> diff_set (Rep_preal S) (Rep_preal R). y < u"
   966 apply (auto simp add: diff_set_def) 
   967 apply (drule Rep_preal [THEN preal_exists_greater], clarify) 
   968 apply (cut_tac a="x+y" and b=u in add_eq_exists, clarify)  
   969 apply (rule_tac x="y+xa" in exI) 
   970 apply (auto simp add: ac_simps)
   971 done
   972 
   973 lemma mem_diff_set:
   974      "R < S ==> cut (diff_set (Rep_preal S) (Rep_preal R))"
   975 apply (unfold cut_def)
   976 apply (blast intro!: diff_set_not_empty diff_set_not_rat_set
   977                      diff_set_lemma3 diff_set_lemma4)
   978 done
   979 
   980 lemma mem_Rep_preal_diff_iff:
   981       "R < S ==>
   982        (z \<in> Rep_preal(S-R)) = 
   983        (\<exists>x. 0 < x & 0 < z & x \<notin> Rep_preal R & x + z \<in> Rep_preal S)"
   984 apply (simp add: preal_diff_def mem_diff_set Rep_preal)
   985 apply (force simp add: diff_set_def) 
   986 done
   987 
   988 
   989 text\<open>proving that @{term "R + D \<le> S"}\<close>
   990 
   991 lemma less_add_left_lemma:
   992   assumes Rless: "R < S"
   993     and a: "a \<in> Rep_preal R"
   994     and cb: "c + b \<in> Rep_preal S"
   995     and "c \<notin> Rep_preal R"
   996     and "0 < b"
   997     and "0 < c"
   998   shows "a + b \<in> Rep_preal S"
   999 proof -
  1000   have "0<a" by (rule preal_imp_pos [OF Rep_preal a])
  1001   moreover
  1002   have "a < c" using assms by (blast intro: not_in_Rep_preal_ub ) 
  1003   ultimately show ?thesis
  1004     using assms by (simp add: preal_downwards_closed [OF Rep_preal cb])
  1005 qed
  1006 
  1007 lemma less_add_left_le1:
  1008        "R < (S::preal) ==> R + (S-R) \<le> S"
  1009 apply (auto simp add: Bex_def preal_le_def mem_Rep_preal_add_iff 
  1010                       mem_Rep_preal_diff_iff)
  1011 apply (blast intro: less_add_left_lemma) 
  1012 done
  1013 
  1014 subsection\<open>proving that @{term "S \<le> R + D"} --- trickier\<close>
  1015 
  1016 lemma lemma_sum_mem_Rep_preal_ex:
  1017      "x \<in> Rep_preal S ==> \<exists>e. 0 < e & x + e \<in> Rep_preal S"
  1018 apply (drule Rep_preal [THEN preal_exists_greater], clarify) 
  1019 apply (cut_tac a=x and b=u in add_eq_exists, auto) 
  1020 done
  1021 
  1022 lemma less_add_left_lemma2:
  1023   assumes Rless: "R < S"
  1024     and x:     "x \<in> Rep_preal S"
  1025     and xnot: "x \<notin>  Rep_preal R"
  1026   shows "\<exists>u v z. 0 < v & 0 < z & u \<in> Rep_preal R & z \<notin> Rep_preal R & 
  1027                      z + v \<in> Rep_preal S & x = u + v"
  1028 proof -
  1029   have xpos: "0<x" by (rule preal_imp_pos [OF Rep_preal x])
  1030   from lemma_sum_mem_Rep_preal_ex [OF x]
  1031   obtain e where epos: "0 < e" and xe: "x + e \<in> Rep_preal S" by blast
  1032   from  Gleason9_34 [OF Rep_preal epos]
  1033   obtain r where r: "r \<in> Rep_preal R" and notin: "r + e \<notin> Rep_preal R" ..
  1034   with x xnot xpos have rless: "r < x" by (blast intro: not_in_Rep_preal_ub)
  1035   from add_eq_exists [of r x]
  1036   obtain y where eq: "x = r+y" by auto
  1037   show ?thesis 
  1038   proof (intro exI conjI)
  1039     show "r \<in> Rep_preal R" by (rule r)
  1040     show "r + e \<notin> Rep_preal R" by (rule notin)
  1041     show "r + e + y \<in> Rep_preal S" using xe eq by (simp add: ac_simps)
  1042     show "x = r + y" by (simp add: eq)
  1043     show "0 < r + e" using epos preal_imp_pos [OF Rep_preal r]
  1044       by simp
  1045     show "0 < y" using rless eq by arith
  1046   qed
  1047 qed
  1048 
  1049 lemma less_add_left_le2: "R < (S::preal) ==> S \<le> R + (S-R)"
  1050 apply (auto simp add: preal_le_def)
  1051 apply (case_tac "x \<in> Rep_preal R")
  1052 apply (cut_tac Rep_preal_self_subset [of R], force)
  1053 apply (auto simp add: Bex_def mem_Rep_preal_add_iff mem_Rep_preal_diff_iff)
  1054 apply (blast dest: less_add_left_lemma2)
  1055 done
  1056 
  1057 lemma less_add_left: "R < (S::preal) ==> R + (S-R) = S"
  1058 by (blast intro: antisym [OF less_add_left_le1 less_add_left_le2])
  1059 
  1060 lemma less_add_left_Ex: "R < (S::preal) ==> \<exists>D. R + D = S"
  1061 by (fast dest: less_add_left)
  1062 
  1063 lemma preal_add_less2_mono1: "R < (S::preal) ==> R + T < S + T"
  1064 apply (auto dest!: less_add_left_Ex simp add: preal_add_assoc)
  1065 apply (rule_tac y1 = D in preal_add_commute [THEN subst])
  1066 apply (auto intro: preal_self_less_add_left simp add: preal_add_assoc [symmetric])
  1067 done
  1068 
  1069 lemma preal_add_less2_mono2: "R < (S::preal) ==> T + R < T + S"
  1070 by (auto intro: preal_add_less2_mono1 simp add: preal_add_commute [of T])
  1071 
  1072 lemma preal_add_right_less_cancel: "R + T < S + T ==> R < (S::preal)"
  1073 apply (insert linorder_less_linear [of R S], auto)
  1074 apply (drule_tac R = S and T = T in preal_add_less2_mono1)
  1075 apply (blast dest: order_less_trans) 
  1076 done
  1077 
  1078 lemma preal_add_left_less_cancel: "T + R < T + S ==> R <  (S::preal)"
  1079 by (auto elim: preal_add_right_less_cancel simp add: preal_add_commute [of T])
  1080 
  1081 lemma preal_add_less_cancel_left [simp]: "(T + (R::preal) < T + S) = (R < S)"
  1082 by (blast intro: preal_add_less2_mono2 preal_add_left_less_cancel)
  1083 
  1084 lemma preal_add_less_cancel_right [simp]: "((R::preal) + T < S + T) = (R < S)"
  1085   using preal_add_less_cancel_left [symmetric, of R S T] by (simp add: ac_simps)
  1086 
  1087 lemma preal_add_le_cancel_left [simp]: "(T + (R::preal) \<le> T + S) = (R \<le> S)"
  1088 by (simp add: linorder_not_less [symmetric]) 
  1089 
  1090 lemma preal_add_le_cancel_right [simp]: "((R::preal) + T \<le> S + T) = (R \<le> S)"
  1091   using preal_add_le_cancel_left [symmetric, of R S T] by (simp add: ac_simps)
  1092 
  1093 lemma preal_add_right_cancel: "(R::preal) + T = S + T ==> R = S"
  1094 apply (insert linorder_less_linear [of R S], safe)
  1095 apply (drule_tac [!] T = T in preal_add_less2_mono1, auto)
  1096 done
  1097 
  1098 lemma preal_add_left_cancel: "C + A = C + B ==> A = (B::preal)"
  1099 by (auto intro: preal_add_right_cancel simp add: preal_add_commute)
  1100 
  1101 instance preal :: linordered_ab_semigroup_add
  1102 proof
  1103   fix a b c :: preal
  1104   show "a \<le> b \<Longrightarrow> c + a \<le> c + b" by (simp only: preal_add_le_cancel_left)
  1105 qed
  1106 
  1107 
  1108 subsection\<open>Completeness of type @{typ preal}\<close>
  1109 
  1110 text\<open>Prove that supremum is a cut\<close>
  1111 
  1112 text\<open>Part 1 of Dedekind sections definition\<close>
  1113 
  1114 lemma preal_sup_set_not_empty:
  1115      "P \<noteq> {} ==> {} \<subset> (\<Union>X \<in> P. Rep_preal(X))"
  1116 apply auto
  1117 apply (cut_tac X = x in mem_Rep_preal_Ex, auto)
  1118 done
  1119 
  1120 
  1121 text\<open>Part 2 of Dedekind sections definition\<close>
  1122 
  1123 lemma preal_sup_not_exists:
  1124      "\<forall>X \<in> P. X \<le> Y ==> \<exists>q. 0 < q & q \<notin> (\<Union>X \<in> P. Rep_preal(X))"
  1125 apply (cut_tac X = Y in Rep_preal_exists_bound)
  1126 apply (auto simp add: preal_le_def)
  1127 done
  1128 
  1129 lemma preal_sup_set_not_rat_set:
  1130      "\<forall>X \<in> P. X \<le> Y ==> (\<Union>X \<in> P. Rep_preal(X)) < {r. 0 < r}"
  1131 apply (drule preal_sup_not_exists)
  1132 apply (blast intro: preal_imp_pos [OF Rep_preal])  
  1133 done
  1134 
  1135 text\<open>Part 3 of Dedekind sections definition\<close>
  1136 lemma preal_sup_set_lemma3:
  1137      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y; u \<in> (\<Union>X \<in> P. Rep_preal(X)); 0 < z; z < u|]
  1138       ==> z \<in> (\<Union>X \<in> P. Rep_preal(X))"
  1139 by (auto elim: Rep_preal [THEN preal_downwards_closed])
  1140 
  1141 text\<open>Part 4 of Dedekind sections definition\<close>
  1142 lemma preal_sup_set_lemma4:
  1143      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y; y \<in> (\<Union>X \<in> P. Rep_preal(X)) |]
  1144           ==> \<exists>u \<in> (\<Union>X \<in> P. Rep_preal(X)). y < u"
  1145 by (blast dest: Rep_preal [THEN preal_exists_greater])
  1146 
  1147 lemma preal_sup:
  1148      "[|P \<noteq> {}; \<forall>X \<in> P. X \<le> Y|] ==> cut (\<Union>X \<in> P. Rep_preal(X))"
  1149 apply (unfold cut_def)
  1150 apply (blast intro!: preal_sup_set_not_empty preal_sup_set_not_rat_set
  1151                      preal_sup_set_lemma3 preal_sup_set_lemma4)
  1152 done
  1153 
  1154 lemma preal_psup_le:
  1155      "[| \<forall>X \<in> P. X \<le> Y;  x \<in> P |] ==> x \<le> psup P"
  1156 apply (simp (no_asm_simp) add: preal_le_def) 
  1157 apply (subgoal_tac "P \<noteq> {}") 
  1158 apply (auto simp add: psup_def preal_sup) 
  1159 done
  1160 
  1161 lemma psup_le_ub: "[| P \<noteq> {}; \<forall>X \<in> P. X \<le> Y |] ==> psup P \<le> Y"
  1162 apply (simp (no_asm_simp) add: preal_le_def)
  1163 apply (simp add: psup_def preal_sup) 
  1164 apply (auto simp add: preal_le_def)
  1165 done
  1166 
  1167 text\<open>Supremum property\<close>
  1168 lemma preal_complete:
  1169      "[| P \<noteq> {}; \<forall>X \<in> P. X \<le> Y |] ==> (\<exists>X \<in> P. Z < X) = (Z < psup P)"
  1170 apply (simp add: preal_less_def psup_def preal_sup)
  1171 apply (auto simp add: preal_le_def)
  1172 apply (rename_tac U) 
  1173 apply (cut_tac x = U and y = Z in linorder_less_linear)
  1174 apply (auto simp add: preal_less_def)
  1175 done
  1176 
  1177 section \<open>Defining the Reals from the Positive Reals\<close>
  1178 
  1179 definition
  1180   realrel   ::  "((preal * preal) * (preal * preal)) set" where
  1181   "realrel = {p. \<exists>x1 y1 x2 y2. p = ((x1,y1),(x2,y2)) & x1+y2 = x2+y1}"
  1182 
  1183 definition "Real = UNIV//realrel"
  1184 
  1185 typedef real = Real
  1186   morphisms Rep_Real Abs_Real
  1187   unfolding Real_def by (auto simp add: quotient_def)
  1188 
  1189 definition
  1190   (** these don't use the overloaded "real" function: users don't see them **)
  1191   real_of_preal :: "preal => real" where
  1192   "real_of_preal m = Abs_Real (realrel `` {(m + 1, 1)})"
  1193 
  1194 instantiation real :: "{zero, one, plus, minus, uminus, times, inverse, ord, abs, sgn}"
  1195 begin
  1196 
  1197 definition
  1198   real_zero_def: "0 = Abs_Real(realrel``{(1, 1)})"
  1199 
  1200 definition
  1201   real_one_def: "1 = Abs_Real(realrel``{(1 + 1, 1)})"
  1202 
  1203 definition
  1204   real_add_def: "z + w =
  1205        the_elem (\<Union>(x,y) \<in> Rep_Real(z). \<Union>(u,v) \<in> Rep_Real(w).
  1206                  { Abs_Real(realrel``{(x+u, y+v)}) })"
  1207 
  1208 definition
  1209   real_minus_def: "- r =  the_elem (\<Union>(x,y) \<in> Rep_Real(r). { Abs_Real(realrel``{(y,x)}) })"
  1210 
  1211 definition
  1212   real_diff_def: "r - (s::real) = r + - s"
  1213 
  1214 definition
  1215   real_mult_def:
  1216     "z * w =
  1217        the_elem (\<Union>(x,y) \<in> Rep_Real(z). \<Union>(u,v) \<in> Rep_Real(w).
  1218                  { Abs_Real(realrel``{(x*u + y*v, x*v + y*u)}) })"
  1219 
  1220 definition
  1221   real_inverse_def: "inverse (R::real) = (THE S. (R = 0 & S = 0) | S * R = 1)"
  1222 
  1223 definition
  1224   real_divide_def: "R div (S::real) = R * inverse S"
  1225 
  1226 definition
  1227   real_le_def: "z \<le> (w::real) \<longleftrightarrow>
  1228     (\<exists>x y u v. x+v \<le> u+y & (x,y) \<in> Rep_Real z & (u,v) \<in> Rep_Real w)"
  1229 
  1230 definition
  1231   real_less_def: "x < (y::real) \<longleftrightarrow> x \<le> y \<and> x \<noteq> y"
  1232 
  1233 definition
  1234   real_abs_def: "\<bar>r::real\<bar> = (if r < 0 then - r else r)"
  1235 
  1236 definition
  1237   real_sgn_def: "sgn (x::real) = (if x=0 then 0 else if 0<x then 1 else - 1)"
  1238 
  1239 instance ..
  1240 
  1241 end
  1242 
  1243 subsection \<open>Equivalence relation over positive reals\<close>
  1244 
  1245 lemma preal_trans_lemma:
  1246   assumes "x + y1 = x1 + y"
  1247     and "x + y2 = x2 + y"
  1248   shows "x1 + y2 = x2 + (y1::preal)"
  1249 proof -
  1250   have "(x1 + y2) + x = (x + y2) + x1" by (simp add: ac_simps)
  1251   also have "... = (x2 + y) + x1"  by (simp add: assms)
  1252   also have "... = x2 + (x1 + y)"  by (simp add: ac_simps)
  1253   also have "... = x2 + (x + y1)"  by (simp add: assms)
  1254   also have "... = (x2 + y1) + x"  by (simp add: ac_simps)
  1255   finally have "(x1 + y2) + x = (x2 + y1) + x" .
  1256   thus ?thesis by (rule preal_add_right_cancel)
  1257 qed
  1258 
  1259 
  1260 lemma realrel_iff [simp]: "(((x1,y1),(x2,y2)) \<in> realrel) = (x1 + y2 = x2 + y1)"
  1261 by (simp add: realrel_def)
  1262 
  1263 lemma equiv_realrel: "equiv UNIV realrel"
  1264 apply (auto simp add: equiv_def refl_on_def sym_def trans_def realrel_def)
  1265 apply (blast dest: preal_trans_lemma) 
  1266 done
  1267 
  1268 text\<open>Reduces equality of equivalence classes to the @{term realrel} relation:
  1269   @{term "(realrel `` {x} = realrel `` {y}) = ((x,y) \<in> realrel)"}\<close>
  1270 lemmas equiv_realrel_iff = 
  1271        eq_equiv_class_iff [OF equiv_realrel UNIV_I UNIV_I]
  1272 
  1273 declare equiv_realrel_iff [simp]
  1274 
  1275 
  1276 lemma realrel_in_real [simp]: "realrel``{(x,y)}: Real"
  1277 by (simp add: Real_def realrel_def quotient_def, blast)
  1278 
  1279 declare Abs_Real_inject [simp]
  1280 declare Abs_Real_inverse [simp]
  1281 
  1282 
  1283 text\<open>Case analysis on the representation of a real number as an equivalence
  1284       class of pairs of positive reals.\<close>
  1285 lemma eq_Abs_Real [case_names Abs_Real, cases type: real]: 
  1286      "(!!x y. z = Abs_Real(realrel``{(x,y)}) ==> P) ==> P"
  1287 apply (rule Rep_Real [of z, unfolded Real_def, THEN quotientE])
  1288 apply (drule arg_cong [where f=Abs_Real])
  1289 apply (auto simp add: Rep_Real_inverse)
  1290 done
  1291 
  1292 
  1293 subsection \<open>Addition and Subtraction\<close>
  1294 
  1295 lemma real_add_congruent2_lemma:
  1296      "[|a + ba = aa + b; ab + bc = ac + bb|]
  1297       ==> a + ab + (ba + bc) = aa + ac + (b + (bb::preal))"
  1298 apply (simp add: add.assoc)
  1299 apply (rule add.left_commute [of ab, THEN ssubst])
  1300 apply (simp add: add.assoc [symmetric])
  1301 apply (simp add: ac_simps)
  1302 done
  1303 
  1304 lemma real_add:
  1305      "Abs_Real (realrel``{(x,y)}) + Abs_Real (realrel``{(u,v)}) =
  1306       Abs_Real (realrel``{(x+u, y+v)})"
  1307 proof -
  1308   have "(\<lambda>z w. (\<lambda>(x,y). (\<lambda>(u,v). {Abs_Real (realrel `` {(x+u, y+v)})}) w) z)
  1309         respects2 realrel"
  1310     by (auto simp add: congruent2_def, blast intro: real_add_congruent2_lemma) 
  1311   thus ?thesis
  1312     by (simp add: real_add_def UN_UN_split_split_eq
  1313                   UN_equiv_class2 [OF equiv_realrel equiv_realrel])
  1314 qed
  1315 
  1316 lemma real_minus: "- Abs_Real(realrel``{(x,y)}) = Abs_Real(realrel `` {(y,x)})"
  1317 proof -
  1318   have "(\<lambda>(x,y). {Abs_Real (realrel``{(y,x)})}) respects realrel"
  1319     by (auto simp add: congruent_def add.commute) 
  1320   thus ?thesis
  1321     by (simp add: real_minus_def UN_equiv_class [OF equiv_realrel])
  1322 qed
  1323 
  1324 instance real :: ab_group_add
  1325 proof
  1326   fix x y z :: real
  1327   show "(x + y) + z = x + (y + z)"
  1328     by (cases x, cases y, cases z, simp add: real_add add.assoc)
  1329   show "x + y = y + x"
  1330     by (cases x, cases y, simp add: real_add add.commute)
  1331   show "0 + x = x"
  1332     by (cases x, simp add: real_add real_zero_def ac_simps)
  1333   show "- x + x = 0"
  1334     by (cases x, simp add: real_minus real_add real_zero_def add.commute)
  1335   show "x - y = x + - y"
  1336     by (simp add: real_diff_def)
  1337 qed
  1338 
  1339 
  1340 subsection \<open>Multiplication\<close>
  1341 
  1342 lemma real_mult_congruent2_lemma:
  1343      "!!(x1::preal). [| x1 + y2 = x2 + y1 |] ==>
  1344           x * x1 + y * y1 + (x * y2 + y * x2) =
  1345           x * x2 + y * y2 + (x * y1 + y * x1)"
  1346 apply (simp add: add.left_commute add.assoc [symmetric])
  1347 apply (simp add: add.assoc distrib_left [symmetric])
  1348 apply (simp add: add.commute)
  1349 done
  1350 
  1351 lemma real_mult_congruent2:
  1352     "(%p1 p2.
  1353         (%(x1,y1). (%(x2,y2). 
  1354           { Abs_Real (realrel``{(x1*x2 + y1*y2, x1*y2+y1*x2)}) }) p2) p1)
  1355      respects2 realrel"
  1356 apply (rule congruent2_commuteI [OF equiv_realrel], clarify)
  1357 apply (simp add: mult.commute add.commute)
  1358 apply (auto simp add: real_mult_congruent2_lemma)
  1359 done
  1360 
  1361 lemma real_mult:
  1362       "Abs_Real((realrel``{(x1,y1)})) * Abs_Real((realrel``{(x2,y2)})) =
  1363        Abs_Real(realrel `` {(x1*x2+y1*y2,x1*y2+y1*x2)})"
  1364 by (simp add: real_mult_def UN_UN_split_split_eq
  1365          UN_equiv_class2 [OF equiv_realrel equiv_realrel real_mult_congruent2])
  1366 
  1367 lemma real_mult_commute: "(z::real) * w = w * z"
  1368 by (cases z, cases w, simp add: real_mult ac_simps)
  1369 
  1370 lemma real_mult_assoc: "((z1::real) * z2) * z3 = z1 * (z2 * z3)"
  1371 apply (cases z1, cases z2, cases z3)
  1372 apply (simp add: real_mult algebra_simps)
  1373 done
  1374 
  1375 lemma real_mult_1: "(1::real) * z = z"
  1376 apply (cases z)
  1377 apply (simp add: real_mult real_one_def algebra_simps)
  1378 done
  1379 
  1380 lemma real_add_mult_distrib: "((z1::real) + z2) * w = (z1 * w) + (z2 * w)"
  1381 apply (cases z1, cases z2, cases w)
  1382 apply (simp add: real_add real_mult algebra_simps)
  1383 done
  1384 
  1385 text\<open>one and zero are distinct\<close>
  1386 lemma real_zero_not_eq_one: "0 \<noteq> (1::real)"
  1387 proof -
  1388   have "(1::preal) < 1 + 1"
  1389     by (simp add: preal_self_less_add_left)
  1390   then show ?thesis
  1391     by (simp add: real_zero_def real_one_def neq_iff)
  1392 qed
  1393 
  1394 instance real :: comm_ring_1
  1395 proof
  1396   fix x y z :: real
  1397   show "(x * y) * z = x * (y * z)" by (rule real_mult_assoc)
  1398   show "x * y = y * x" by (rule real_mult_commute)
  1399   show "1 * x = x" by (rule real_mult_1)
  1400   show "(x + y) * z = x * z + y * z" by (rule real_add_mult_distrib)
  1401   show "0 \<noteq> (1::real)" by (rule real_zero_not_eq_one)
  1402 qed
  1403 
  1404 subsection \<open>Inverse and Division\<close>
  1405 
  1406 lemma real_zero_iff: "Abs_Real (realrel `` {(x, x)}) = 0"
  1407 by (simp add: real_zero_def add.commute)
  1408 
  1409 text\<open>Instead of using an existential quantifier and constructing the inverse
  1410 within the proof, we could define the inverse explicitly.\<close>
  1411 
  1412 lemma real_mult_inverse_left_ex: "x \<noteq> 0 ==> \<exists>y. y*x = (1::real)"
  1413 apply (simp add: real_zero_def real_one_def, cases x)
  1414 apply (cut_tac x = xa and y = y in linorder_less_linear)
  1415 apply (auto dest!: less_add_left_Ex simp add: real_zero_iff)
  1416 apply (rule_tac
  1417         x = "Abs_Real (realrel``{(1, inverse (D) + 1)})"
  1418        in exI)
  1419 apply (rule_tac [2]
  1420         x = "Abs_Real (realrel``{(inverse (D) + 1, 1)})" 
  1421        in exI)
  1422 apply (auto simp add: real_mult preal_mult_inverse_right algebra_simps)
  1423 done
  1424 
  1425 lemma real_mult_inverse_left: "x \<noteq> 0 ==> inverse(x)*x = (1::real)"
  1426 apply (simp add: real_inverse_def)
  1427 apply (drule real_mult_inverse_left_ex, safe)
  1428 apply (rule theI, assumption, rename_tac z)
  1429 apply (subgoal_tac "(z * x) * y = z * (x * y)")
  1430 apply (simp add: mult.commute)
  1431 apply (rule mult.assoc)
  1432 done
  1433 
  1434 
  1435 subsection\<open>The Real Numbers form a Field\<close>
  1436 
  1437 instance real :: field
  1438 proof
  1439   fix x y z :: real
  1440   show "x \<noteq> 0 ==> inverse x * x = 1" by (rule real_mult_inverse_left)
  1441   show "x / y = x * inverse y" by (simp add: real_divide_def)
  1442   show "inverse 0 = (0::real)" by (simp add: real_inverse_def)
  1443 qed
  1444 
  1445 
  1446 subsection\<open>The \<open>\<le>\<close> Ordering\<close>
  1447 
  1448 lemma real_le_refl: "w \<le> (w::real)"
  1449 by (cases w, force simp add: real_le_def)
  1450 
  1451 text\<open>The arithmetic decision procedure is not set up for type preal.
  1452   This lemma is currently unused, but it could simplify the proofs of the
  1453   following two lemmas.\<close>
  1454 lemma preal_eq_le_imp_le:
  1455   assumes eq: "a+b = c+d" and le: "c \<le> a"
  1456   shows "b \<le> (d::preal)"
  1457 proof -
  1458   from le have "c+d \<le> a+d" by simp
  1459   hence "a+b \<le> a+d" by (simp add: eq)
  1460   thus "b \<le> d" by simp
  1461 qed
  1462 
  1463 lemma real_le_lemma:
  1464   assumes l: "u1 + v2 \<le> u2 + v1"
  1465     and "x1 + v1 = u1 + y1"
  1466     and "x2 + v2 = u2 + y2"
  1467   shows "x1 + y2 \<le> x2 + (y1::preal)"
  1468 proof -
  1469   have "(x1+v1) + (u2+y2) = (u1+y1) + (x2+v2)" by (simp add: assms)
  1470   hence "(x1+y2) + (u2+v1) = (x2+y1) + (u1+v2)" by (simp add: ac_simps)
  1471   also have "... \<le> (x2+y1) + (u2+v1)" by (simp add: assms)
  1472   finally show ?thesis by simp
  1473 qed
  1474 
  1475 lemma real_le: 
  1476      "(Abs_Real(realrel``{(x1,y1)}) \<le> Abs_Real(realrel``{(x2,y2)})) =  
  1477       (x1 + y2 \<le> x2 + y1)"
  1478 apply (simp add: real_le_def)
  1479 apply (auto intro: real_le_lemma)
  1480 done
  1481 
  1482 lemma real_le_antisym: "[| z \<le> w; w \<le> z |] ==> z = (w::real)"
  1483 by (cases z, cases w, simp add: real_le)
  1484 
  1485 lemma real_trans_lemma:
  1486   assumes "x + v \<le> u + y"
  1487     and "u + v' \<le> u' + v"
  1488     and "x2 + v2 = u2 + y2"
  1489   shows "x + v' \<le> u' + (y::preal)"
  1490 proof -
  1491   have "(x+v') + (u+v) = (x+v) + (u+v')" by (simp add: ac_simps)
  1492   also have "... \<le> (u+y) + (u+v')" by (simp add: assms)
  1493   also have "... \<le> (u+y) + (u'+v)" by (simp add: assms)
  1494   also have "... = (u'+y) + (u+v)"  by (simp add: ac_simps)
  1495   finally show ?thesis by simp
  1496 qed
  1497 
  1498 lemma real_le_trans: "[| i \<le> j; j \<le> k |] ==> i \<le> (k::real)"
  1499 apply (cases i, cases j, cases k)
  1500 apply (simp add: real_le)
  1501 apply (blast intro: real_trans_lemma)
  1502 done
  1503 
  1504 instance real :: order
  1505 proof
  1506   fix u v :: real
  1507   show "u < v \<longleftrightarrow> u \<le> v \<and> \<not> v \<le> u" 
  1508     by (auto simp add: real_less_def intro: real_le_antisym)
  1509 qed (assumption | rule real_le_refl real_le_trans real_le_antisym)+
  1510 
  1511 (* Axiom 'linorder_linear' of class 'linorder': *)
  1512 lemma real_le_linear: "(z::real) \<le> w | w \<le> z"
  1513 apply (cases z, cases w)
  1514 apply (auto simp add: real_le real_zero_def ac_simps)
  1515 done
  1516 
  1517 instance real :: linorder
  1518   by (intro_classes, rule real_le_linear)
  1519 
  1520 lemma real_le_eq_diff: "(x \<le> y) = (x-y \<le> (0::real))"
  1521 apply (cases x, cases y) 
  1522 apply (auto simp add: real_le real_zero_def real_diff_def real_add real_minus
  1523                       ac_simps)
  1524 apply (simp_all add: add.assoc [symmetric])
  1525 done
  1526 
  1527 lemma real_add_left_mono: 
  1528   assumes le: "x \<le> y" shows "z + x \<le> z + (y::real)"
  1529 proof -
  1530   have "z + x - (z + y) = (z + -z) + (x - y)" 
  1531     by (simp add: algebra_simps) 
  1532   with le show ?thesis 
  1533     by (simp add: real_le_eq_diff[of x] real_le_eq_diff[of "z+x"])
  1534 qed
  1535 
  1536 lemma real_sum_gt_zero_less: "(0 < S + (-W::real)) ==> (W < S)"
  1537 by (simp add: linorder_not_le [symmetric] real_le_eq_diff [of S])
  1538 
  1539 lemma real_less_sum_gt_zero: "(W < S) ==> (0 < S + (-W::real))"
  1540 by (simp add: linorder_not_le [symmetric] real_le_eq_diff [of S])
  1541 
  1542 lemma real_mult_order: "[| 0 < x; 0 < y |] ==> (0::real) < x * y"
  1543 apply (cases x, cases y)
  1544 apply (simp add: linorder_not_le [where 'a = real, symmetric] 
  1545                  linorder_not_le [where 'a = preal] 
  1546                   real_zero_def real_le real_mult)
  1547   \<comment>\<open>Reduce to the (simpler) \<open>\<le>\<close> relation\<close>
  1548 apply (auto dest!: less_add_left_Ex
  1549      simp add: algebra_simps preal_self_less_add_left)
  1550 done
  1551 
  1552 lemma real_mult_less_mono2: "[| (0::real) < z; x < y |] ==> z * x < z * y"
  1553 apply (rule real_sum_gt_zero_less)
  1554 apply (drule real_less_sum_gt_zero [of x y])
  1555 apply (drule real_mult_order, assumption)
  1556 apply (simp add: algebra_simps)
  1557 done
  1558 
  1559 instantiation real :: distrib_lattice
  1560 begin
  1561 
  1562 definition
  1563   "(inf :: real \<Rightarrow> real \<Rightarrow> real) = min"
  1564 
  1565 definition
  1566   "(sup :: real \<Rightarrow> real \<Rightarrow> real) = max"
  1567 
  1568 instance
  1569   by standard (auto simp add: inf_real_def sup_real_def max_min_distrib2)
  1570 
  1571 end
  1572 
  1573 
  1574 subsection\<open>The Reals Form an Ordered Field\<close>
  1575 
  1576 instance real :: linordered_field
  1577 proof
  1578   fix x y z :: real
  1579   show "x \<le> y ==> z + x \<le> z + y" by (rule real_add_left_mono)
  1580   show "x < y ==> 0 < z ==> z * x < z * y" by (rule real_mult_less_mono2)
  1581   show "\<bar>x\<bar> = (if x < 0 then -x else x)" by (simp only: real_abs_def)
  1582   show "sgn x = (if x=0 then 0 else if 0<x then 1 else - 1)"
  1583     by (simp only: real_sgn_def)
  1584 qed
  1585 
  1586 text\<open>The function @{term real_of_preal} requires many proofs, but it seems
  1587 to be essential for proving completeness of the reals from that of the
  1588 positive reals.\<close>
  1589 
  1590 lemma real_of_preal_add:
  1591      "real_of_preal ((x::preal) + y) = real_of_preal x + real_of_preal y"
  1592 by (simp add: real_of_preal_def real_add algebra_simps)
  1593 
  1594 lemma real_of_preal_mult:
  1595      "real_of_preal ((x::preal) * y) = real_of_preal x* real_of_preal y"
  1596 by (simp add: real_of_preal_def real_mult algebra_simps)
  1597 
  1598 
  1599 text\<open>Gleason prop 9-4.4 p 127\<close>
  1600 lemma real_of_preal_trichotomy:
  1601       "\<exists>m. (x::real) = real_of_preal m | x = 0 | x = -(real_of_preal m)"
  1602 apply (simp add: real_of_preal_def real_zero_def, cases x)
  1603 apply (auto simp add: real_minus ac_simps)
  1604 apply (cut_tac x = xa and y = y in linorder_less_linear)
  1605 apply (auto dest!: less_add_left_Ex simp add: add.assoc [symmetric])
  1606 done
  1607 
  1608 lemma real_of_preal_leD:
  1609       "real_of_preal m1 \<le> real_of_preal m2 ==> m1 \<le> m2"
  1610 by (simp add: real_of_preal_def real_le)
  1611 
  1612 lemma real_of_preal_lessI: "m1 < m2 ==> real_of_preal m1 < real_of_preal m2"
  1613 by (auto simp add: real_of_preal_leD linorder_not_le [symmetric])
  1614 
  1615 lemma real_of_preal_lessD:
  1616       "real_of_preal m1 < real_of_preal m2 ==> m1 < m2"
  1617 by (simp add: real_of_preal_def real_le linorder_not_le [symmetric])
  1618 
  1619 lemma real_of_preal_less_iff [simp]:
  1620      "(real_of_preal m1 < real_of_preal m2) = (m1 < m2)"
  1621 by (blast intro: real_of_preal_lessI real_of_preal_lessD)
  1622 
  1623 lemma real_of_preal_le_iff:
  1624      "(real_of_preal m1 \<le> real_of_preal m2) = (m1 \<le> m2)"
  1625 by (simp add: linorder_not_less [symmetric])
  1626 
  1627 lemma real_of_preal_zero_less: "0 < real_of_preal m"
  1628 using preal_self_less_add_left [of 1 m]
  1629 apply (auto simp add: real_zero_def real_of_preal_def real_less_def real_le_def ac_simps neq_iff)
  1630 apply (metis Rep_preal_self_subset add.commute preal_le_def)
  1631 done
  1632 
  1633 lemma real_of_preal_minus_less_zero: "- real_of_preal m < 0"
  1634 by (simp add: real_of_preal_zero_less)
  1635 
  1636 lemma real_of_preal_not_minus_gt_zero: "~ 0 < - real_of_preal m"
  1637 proof -
  1638   from real_of_preal_minus_less_zero
  1639   show ?thesis by (blast dest: order_less_trans)
  1640 qed
  1641 
  1642 
  1643 subsection\<open>Theorems About the Ordering\<close>
  1644 
  1645 lemma real_gt_zero_preal_Ex: "(0 < x) = (\<exists>y. x = real_of_preal y)"
  1646 apply (auto simp add: real_of_preal_zero_less)
  1647 apply (cut_tac x = x in real_of_preal_trichotomy)
  1648 apply (blast elim!: real_of_preal_not_minus_gt_zero [THEN notE])
  1649 done
  1650 
  1651 lemma real_gt_preal_preal_Ex:
  1652      "real_of_preal z < x ==> \<exists>y. x = real_of_preal y"
  1653 by (blast dest!: real_of_preal_zero_less [THEN order_less_trans]
  1654              intro: real_gt_zero_preal_Ex [THEN iffD1])
  1655 
  1656 lemma real_ge_preal_preal_Ex:
  1657      "real_of_preal z \<le> x ==> \<exists>y. x = real_of_preal y"
  1658 by (blast dest: order_le_imp_less_or_eq real_gt_preal_preal_Ex)
  1659 
  1660 lemma real_less_all_preal: "y \<le> 0 ==> \<forall>x. y < real_of_preal x"
  1661 by (auto elim: order_le_imp_less_or_eq [THEN disjE] 
  1662             intro: real_of_preal_zero_less [THEN [2] order_less_trans] 
  1663             simp add: real_of_preal_zero_less)
  1664 
  1665 lemma real_less_all_real2: "~ 0 < y ==> \<forall>x. y < real_of_preal x"
  1666 by (blast intro!: real_less_all_preal linorder_not_less [THEN iffD1])
  1667 
  1668 subsection \<open>Completeness of Positive Reals\<close>
  1669 
  1670 text \<open>
  1671   Supremum property for the set of positive reals
  1672 
  1673   Let \<open>P\<close> be a non-empty set of positive reals, with an upper
  1674   bound \<open>y\<close>.  Then \<open>P\<close> has a least upper bound
  1675   (written \<open>S\<close>).
  1676 
  1677   FIXME: Can the premise be weakened to \<open>\<forall>x \<in> P. x\<le> y\<close>?
  1678 \<close>
  1679 
  1680 lemma posreal_complete:
  1681   assumes positive_P: "\<forall>x \<in> P. (0::real) < x"
  1682     and not_empty_P: "\<exists>x. x \<in> P"
  1683     and upper_bound_Ex: "\<exists>y. \<forall>x \<in> P. x<y"
  1684   shows "\<exists>S. \<forall>y. (\<exists>x \<in> P. y < x) = (y < S)"
  1685 proof (rule exI, rule allI)
  1686   fix y
  1687   let ?pP = "{w. real_of_preal w \<in> P}"
  1688 
  1689   show "(\<exists>x\<in>P. y < x) = (y < real_of_preal (psup ?pP))"
  1690   proof (cases "0 < y")
  1691     assume neg_y: "\<not> 0 < y"
  1692     show ?thesis
  1693     proof
  1694       assume "\<exists>x\<in>P. y < x"
  1695       have "\<forall>x. y < real_of_preal x"
  1696         using neg_y by (rule real_less_all_real2)
  1697       thus "y < real_of_preal (psup ?pP)" ..
  1698     next
  1699       assume "y < real_of_preal (psup ?pP)"
  1700       obtain "x" where x_in_P: "x \<in> P" using not_empty_P ..
  1701       hence "0 < x" using positive_P by simp
  1702       hence "y < x" using neg_y by simp
  1703       thus "\<exists>x \<in> P. y < x" using x_in_P ..
  1704     qed
  1705   next
  1706     assume pos_y: "0 < y"
  1707 
  1708     then obtain py where y_is_py: "y = real_of_preal py"
  1709       by (auto simp add: real_gt_zero_preal_Ex)
  1710 
  1711     obtain a where "a \<in> P" using not_empty_P ..
  1712     with positive_P have a_pos: "0 < a" ..
  1713     then obtain pa where "a = real_of_preal pa"
  1714       by (auto simp add: real_gt_zero_preal_Ex)
  1715     hence "pa \<in> ?pP" using \<open>a \<in> P\<close> by auto
  1716     hence pP_not_empty: "?pP \<noteq> {}" by auto
  1717 
  1718     obtain sup where sup: "\<forall>x \<in> P. x < sup"
  1719       using upper_bound_Ex ..
  1720     from this and \<open>a \<in> P\<close> have "a < sup" ..
  1721     hence "0 < sup" using a_pos by arith
  1722     then obtain possup where "sup = real_of_preal possup"
  1723       by (auto simp add: real_gt_zero_preal_Ex)
  1724     hence "\<forall>X \<in> ?pP. X \<le> possup"
  1725       using sup by (auto simp add: real_of_preal_lessI)
  1726     with pP_not_empty have psup: "\<And>Z. (\<exists>X \<in> ?pP. Z < X) = (Z < psup ?pP)"
  1727       by (rule preal_complete)
  1728 
  1729     show ?thesis
  1730     proof
  1731       assume "\<exists>x \<in> P. y < x"
  1732       then obtain x where x_in_P: "x \<in> P" and y_less_x: "y < x" ..
  1733       hence "0 < x" using pos_y by arith
  1734       then obtain px where x_is_px: "x = real_of_preal px"
  1735         by (auto simp add: real_gt_zero_preal_Ex)
  1736 
  1737       have py_less_X: "\<exists>X \<in> ?pP. py < X"
  1738       proof
  1739         show "py < px" using y_is_py and x_is_px and y_less_x
  1740           by (simp add: real_of_preal_lessI)
  1741         show "px \<in> ?pP" using x_in_P and x_is_px by simp
  1742       qed
  1743 
  1744       have "(\<exists>X \<in> ?pP. py < X) ==> (py < psup ?pP)"
  1745         using psup by simp
  1746       hence "py < psup ?pP" using py_less_X by simp
  1747       thus "y < real_of_preal (psup {w. real_of_preal w \<in> P})"
  1748         using y_is_py and pos_y by (simp add: real_of_preal_lessI)
  1749     next
  1750       assume y_less_psup: "y < real_of_preal (psup ?pP)"
  1751 
  1752       hence "py < psup ?pP" using y_is_py
  1753         by (simp add: real_of_preal_lessI)
  1754       then obtain "X" where py_less_X: "py < X" and X_in_pP: "X \<in> ?pP"
  1755         using psup by auto
  1756       then obtain x where x_is_X: "x = real_of_preal X"
  1757         by (simp add: real_gt_zero_preal_Ex)
  1758       hence "y < x" using py_less_X and y_is_py
  1759         by (simp add: real_of_preal_lessI)
  1760 
  1761       moreover have "x \<in> P" using x_is_X and X_in_pP by simp
  1762 
  1763       ultimately show "\<exists> x \<in> P. y < x" ..
  1764     qed
  1765   qed
  1766 qed
  1767 
  1768 text \<open>
  1769   \medskip Completeness
  1770 \<close>
  1771 
  1772 lemma reals_complete:
  1773   fixes S :: "real set"
  1774   assumes notempty_S: "\<exists>X. X \<in> S"
  1775     and exists_Ub: "bdd_above S"
  1776   shows "\<exists>x. (\<forall>s\<in>S. s \<le> x) \<and> (\<forall>y. (\<forall>s\<in>S. s \<le> y) \<longrightarrow> x \<le> y)"
  1777 proof -
  1778   obtain X where X_in_S: "X \<in> S" using notempty_S ..
  1779   obtain Y where Y_isUb: "\<forall>s\<in>S. s \<le> Y"
  1780     using exists_Ub by (auto simp: bdd_above_def)
  1781   let ?SHIFT = "{z. \<exists>x \<in>S. z = x + (-X) + 1} \<inter> {x. 0 < x}"
  1782 
  1783   {
  1784     fix x
  1785     assume S_le_x: "\<forall>s\<in>S. s \<le> x"
  1786     {
  1787       fix s
  1788       assume "s \<in> {z. \<exists>x\<in>S. z = x + - X + 1}"
  1789       hence "\<exists> x \<in> S. s = x + -X + 1" ..
  1790       then obtain x1 where x1: "x1 \<in> S" "s = x1 + (-X) + 1" ..
  1791       then have "x1 \<le> x" using S_le_x by simp
  1792       with x1 have "s \<le> x + - X + 1" by arith
  1793     }
  1794     then have "\<forall>s\<in>?SHIFT. s \<le> x + (-X) + 1"
  1795       by auto
  1796   } note S_Ub_is_SHIFT_Ub = this
  1797 
  1798   have *: "\<forall>s\<in>?SHIFT. s \<le> Y + (-X) + 1" using Y_isUb by (rule S_Ub_is_SHIFT_Ub)
  1799   have "\<forall>s\<in>?SHIFT. s < Y + (-X) + 2"
  1800   proof
  1801     fix s assume "s\<in>?SHIFT"
  1802     with * have "s \<le> Y + (-X) + 1" by simp
  1803     also have "\<dots> < Y + (-X) + 2" by simp
  1804     finally show "s < Y + (-X) + 2" .
  1805   qed
  1806   moreover have "\<forall>y \<in> ?SHIFT. 0 < y" by auto
  1807   moreover have shifted_not_empty: "\<exists>u. u \<in> ?SHIFT"
  1808     using X_in_S and Y_isUb by auto
  1809   ultimately obtain t where t_is_Lub: "\<forall>y. (\<exists>x\<in>?SHIFT. y < x) = (y < t)"
  1810     using posreal_complete [of ?SHIFT] unfolding bdd_above_def by blast
  1811 
  1812   show ?thesis
  1813   proof
  1814     show "(\<forall>s\<in>S. s \<le> (t + X + (-1))) \<and> (\<forall>y. (\<forall>s\<in>S. s \<le> y) \<longrightarrow> (t + X + (-1)) \<le> y)"
  1815     proof safe
  1816       fix x
  1817       assume "\<forall>s\<in>S. s \<le> x"
  1818       hence "\<forall>s\<in>?SHIFT. s \<le> x + (-X) + 1"
  1819         using S_Ub_is_SHIFT_Ub by simp
  1820       then have "\<not> x + (-X) + 1 < t"
  1821         by (subst t_is_Lub[rule_format, symmetric]) (simp add: not_less)
  1822       thus "t + X + -1 \<le> x" by arith
  1823     next
  1824       fix y
  1825       assume y_in_S: "y \<in> S"
  1826       obtain "u" where u_in_shift: "u \<in> ?SHIFT" using shifted_not_empty ..
  1827       hence "\<exists> x \<in> S. u = x + - X + 1" by simp
  1828       then obtain "x" where x_and_u: "u = x + - X + 1" ..
  1829       have u_le_t: "u \<le> t"
  1830       proof (rule dense_le)
  1831         fix x assume "x < u" then have "x < t"
  1832           using u_in_shift t_is_Lub by auto
  1833         then show "x \<le> t"  by simp
  1834       qed
  1835 
  1836       show "y \<le> t + X + -1"
  1837       proof cases
  1838         assume "y \<le> x"
  1839         moreover have "x = u + X + - 1" using x_and_u by arith
  1840         moreover have "u + X + - 1  \<le> t + X + -1" using u_le_t by arith
  1841         ultimately show "y  \<le> t + X + -1" by arith
  1842       next
  1843         assume "~(y \<le> x)"
  1844         hence x_less_y: "x < y" by arith
  1845 
  1846         have "x + (-X) + 1 \<in> ?SHIFT" using x_and_u and u_in_shift by simp
  1847         hence "0 < x + (-X) + 1" by simp
  1848         hence "0 < y + (-X) + 1" using x_less_y by arith
  1849         hence *: "y + (-X) + 1 \<in> ?SHIFT" using y_in_S by simp
  1850         have "y + (-X) + 1 \<le> t"
  1851         proof (rule dense_le)
  1852           fix x assume "x < y + (-X) + 1" then have "x < t"
  1853             using * t_is_Lub by auto
  1854           then show "x \<le> t"  by simp
  1855         qed
  1856         thus ?thesis by simp
  1857       qed
  1858     qed
  1859   qed
  1860 qed
  1861 
  1862 subsection \<open>The Archimedean Property of the Reals\<close>
  1863 
  1864 theorem reals_Archimedean:
  1865   fixes x :: real
  1866   assumes x_pos: "0 < x"
  1867   shows "\<exists>n. inverse (of_nat (Suc n)) < x"
  1868 proof (rule ccontr)
  1869   assume contr: "\<not> ?thesis"
  1870   have "\<forall>n. x * of_nat (Suc n) <= 1"
  1871   proof
  1872     fix n
  1873     from contr have "x \<le> inverse (of_nat (Suc n))"
  1874       by (simp add: linorder_not_less)
  1875     hence "x \<le> (1 / (of_nat (Suc n)))"
  1876       by (simp add: inverse_eq_divide)
  1877     moreover have "(0::real) \<le> of_nat (Suc n)"
  1878       by (rule of_nat_0_le_iff)
  1879     ultimately have "x * of_nat (Suc n) \<le> (1 / of_nat (Suc n)) * of_nat (Suc n)"
  1880       by (rule mult_right_mono)
  1881     thus "x * of_nat (Suc n) \<le> 1" by (simp del: of_nat_Suc)
  1882   qed
  1883   hence 2: "bdd_above {z. \<exists>n. z = x * (of_nat (Suc n))}"
  1884     by (auto intro!: bdd_aboveI[of _ 1])
  1885   have 1: "\<exists>X. X \<in> {z. \<exists>n. z = x* (of_nat (Suc n))}" by auto
  1886   obtain t where
  1887     upper: "\<And>z. z \<in> {z. \<exists>n. z = x * of_nat (Suc n)} \<Longrightarrow> z \<le> t" and
  1888     least: "\<And>y. (\<And>a. a \<in> {z. \<exists>n. z = x * of_nat (Suc n)} \<Longrightarrow> a \<le> y) \<Longrightarrow> t \<le> y"
  1889     using reals_complete[OF 1 2] by auto
  1890 
  1891 
  1892   have "t \<le> t + - x"
  1893   proof (rule least)
  1894     fix a assume a: "a \<in> {z. \<exists>n. z = x * (of_nat (Suc n))}"
  1895     have "\<forall>n::nat. x * of_nat n \<le> t + - x"
  1896     proof
  1897       fix n
  1898       have "x * of_nat (Suc n) \<le> t"
  1899         by (simp add: upper)
  1900       hence  "x * (of_nat n) + x \<le> t"
  1901         by (simp add: distrib_left)
  1902       thus  "x * (of_nat n) \<le> t + - x" by arith
  1903     qed    hence "\<forall>m. x * of_nat (Suc m) \<le> t + - x" by (simp del: of_nat_Suc)
  1904     with a show "a \<le> t + - x"
  1905       by auto
  1906   qed
  1907   thus False using x_pos by arith
  1908 qed
  1909 
  1910 text \<open>
  1911   There must be other proofs, e.g. \<open>Suc\<close> of the largest
  1912   integer in the cut representing \<open>x\<close>.
  1913 \<close>
  1914 
  1915 lemma reals_Archimedean2: "\<exists>n. (x::real) < of_nat (n::nat)"
  1916 proof cases
  1917   assume "x \<le> 0"
  1918   hence "x < of_nat (1::nat)" by simp
  1919   thus ?thesis ..
  1920 next
  1921   assume "\<not> x \<le> 0"
  1922   hence x_greater_zero: "0 < x" by simp
  1923   hence "0 < inverse x" by simp
  1924   then obtain n where "inverse (of_nat (Suc n)) < inverse x"
  1925     using reals_Archimedean by blast
  1926   hence "inverse (of_nat (Suc n)) * x < inverse x * x"
  1927     using x_greater_zero by (rule mult_strict_right_mono)
  1928   hence "inverse (of_nat (Suc n)) * x < 1"
  1929     using x_greater_zero by simp
  1930   hence "of_nat (Suc n) * (inverse (of_nat (Suc n)) * x) < of_nat (Suc n) * 1"
  1931     by (rule mult_strict_left_mono) (simp del: of_nat_Suc)
  1932   hence "x < of_nat (Suc n)"
  1933     by (simp add: algebra_simps del: of_nat_Suc)
  1934   thus "\<exists>(n::nat). x < of_nat n" ..
  1935 qed
  1936 
  1937 instance real :: archimedean_field
  1938 proof
  1939   fix r :: real
  1940   obtain n :: nat where "r < of_nat n"
  1941     using reals_Archimedean2 ..
  1942   then have "r \<le> of_int (int n)"
  1943     by simp
  1944   then show "\<exists>z. r \<le> of_int z" ..
  1945 qed
  1946 
  1947 end