src/HOL/SupInf.thy
author blanchet
Tue, 14 Sep 2010 13:24:18 +0200
changeset 39359 6f49c7fbb1b1
parent 37887 2ae085b07f2f
child 44669 8e6cdb9c00a7
permissions -rw-r--r--
remove "fast_descs" option from Nitpick; the option has been unsound for over a year and is too imprecise to be of any use when made sound

(*  Author: Amine Chaieb and L C Paulson, University of Cambridge *)

header {*Sup and Inf Operators on Sets of Reals.*}

theory SupInf
imports RComplete
begin

instantiation real :: Sup 
begin
definition
  Sup_real_def: "Sup X == (LEAST z::real. \<forall>x\<in>X. x\<le>z)"

instance ..
end

instantiation real :: Inf 
begin
definition
  Inf_real_def: "Inf (X::real set) == - (Sup (uminus ` X))"

instance ..
end

subsection{*Supremum of a set of reals*}

lemma Sup_upper [intro]: (*REAL_SUP_UBOUND in HOL4*)
  fixes x :: real
  assumes x: "x \<in> X"
      and z: "!!x. x \<in> X \<Longrightarrow> x \<le> z"
  shows "x \<le> Sup X"
proof (auto simp add: Sup_real_def) 
  from reals_complete2
  obtain s where s: "(\<forall>y\<in>X. y \<le> s) & (\<forall>z. ((\<forall>y\<in>X. y \<le> z) --> s \<le> z))"
    by (blast intro: x z)
  hence "x \<le> s"
    by (blast intro: x z)
  also with s have "... = (LEAST z. \<forall>x\<in>X. x \<le> z)"
    by (fast intro: Least_equality [symmetric])  
  finally show "x \<le> (LEAST z. \<forall>x\<in>X. x \<le> z)" .
qed

lemma Sup_least [intro]: (*REAL_IMP_SUP_LE in HOL4*)
  fixes z :: real
  assumes x: "X \<noteq> {}"
      and z: "\<And>x. x \<in> X \<Longrightarrow> x \<le> z"
  shows "Sup X \<le> z"
proof (auto simp add: Sup_real_def) 
  from reals_complete2 x
  obtain s where s: "(\<forall>y\<in>X. y \<le> s) & (\<forall>z. ((\<forall>y\<in>X. y \<le> z) --> s \<le> z))"
    by (blast intro: z)
  hence "(LEAST z. \<forall>x\<in>X. x \<le> z) = s"
    by (best intro: Least_equality)  
  also with s z have "... \<le> z"
    by blast
  finally show "(LEAST z. \<forall>x\<in>X. x \<le> z) \<le> z" .
qed

lemma less_SupE:
  fixes y :: real
  assumes "y < Sup X" "X \<noteq> {}"
  obtains x where "x\<in>X" "y < x"
by (metis SupInf.Sup_least assms linorder_not_less that)

lemma Sup_singleton [simp]: "Sup {x::real} = x"
  by (force intro: Least_equality simp add: Sup_real_def)
 
lemma Sup_eq_maximum: (*REAL_SUP_MAX in HOL4*)
  fixes z :: real
  assumes X: "z \<in> X" and z: "!!x. x \<in> X \<Longrightarrow> x \<le> z"
  shows  "Sup X = z"
  by (force intro: Least_equality X z simp add: Sup_real_def)
 
lemma Sup_upper2: (*REAL_IMP_LE_SUP in HOL4*)
  fixes x :: real
  shows "x \<in> X \<Longrightarrow> y \<le> x \<Longrightarrow> (!!x. x \<in> X \<Longrightarrow> x \<le> z) \<Longrightarrow> y \<le> Sup X"
  by (metis Sup_upper order_trans)

lemma Sup_real_iff : (*REAL_SUP_LE in HOL4*)
  fixes z :: real
  shows "X ~= {} ==> (!!x. x \<in> X ==> x \<le> z) ==> (\<exists>x\<in>X. y<x) <-> y < Sup X"
  by (metis Sup_least Sup_upper linorder_not_le le_less_trans)

lemma Sup_eq:
  fixes a :: real
  shows "(!!x. x \<in> X \<Longrightarrow> x \<le> a) 
        \<Longrightarrow> (!!y. (!!x. x \<in> X \<Longrightarrow> x \<le> y) \<Longrightarrow> a \<le> y) \<Longrightarrow> Sup X = a"
  by (metis Sup_least Sup_upper add_le_cancel_left diff_add_cancel insert_absorb
        insert_not_empty order_antisym)

lemma Sup_le:
  fixes S :: "real set"
  shows "S \<noteq> {} \<Longrightarrow> S *<= b \<Longrightarrow> Sup S \<le> b"
by (metis SupInf.Sup_least setle_def)

lemma Sup_upper_EX: 
  fixes x :: real
  shows "x \<in> X \<Longrightarrow> \<exists>z. \<forall>x. x \<in> X \<longrightarrow> x \<le> z \<Longrightarrow>  x \<le> Sup X"
  by blast

lemma Sup_insert_nonempty: 
  fixes x :: real
  assumes x: "x \<in> X"
      and z: "!!x. x \<in> X \<Longrightarrow> x \<le> z"
  shows "Sup (insert a X) = max a (Sup X)"
proof (cases "Sup X \<le> a")
  case True
  thus ?thesis
    apply (simp add: max_def)
    apply (rule Sup_eq_maximum)
    apply (rule insertI1)
    apply (metis Sup_upper [OF _ z] insertE linear order_trans)
    done
next
  case False
  hence 1:"a < Sup X" by simp
  have "Sup X \<le> Sup (insert a X)"
    apply (rule Sup_least)
    apply (metis ex_in_conv x)
    apply (rule Sup_upper_EX) 
    apply blast
    apply (metis insert_iff linear order_refl order_trans z)
    done
  moreover 
  have "Sup (insert a X) \<le> Sup X"
    apply (rule Sup_least)
    apply blast
    apply (metis False Sup_upper insertE linear z)
    done
  ultimately have "Sup (insert a X) = Sup X"
    by (blast intro:  antisym )
  thus ?thesis
    by (metis 1 min_max.le_iff_sup less_le)
qed

lemma Sup_insert_if: 
  fixes X :: "real set"
  assumes z: "!!x. x \<in> X \<Longrightarrow> x \<le> z"
  shows "Sup (insert a X) = (if X={} then a else max a (Sup X))"
by auto (metis Sup_insert_nonempty z) 

lemma Sup: 
  fixes S :: "real set"
  shows "S \<noteq> {} \<Longrightarrow> (\<exists>b. S *<= b) \<Longrightarrow> isLub UNIV S (Sup S)"
by  (auto simp add: isLub_def setle_def leastP_def isUb_def intro!: setgeI) 

lemma Sup_finite_Max: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "Sup S = Max S"
using fS Se
proof-
  let ?m = "Max S"
  from Max_ge[OF fS] have Sm: "\<forall> x\<in> S. x \<le> ?m" by metis
  with Sup[OF Se] have lub: "isLub UNIV S (Sup S)" by (metis setle_def)
  from Max_in[OF fS Se] lub have mrS: "?m \<le> Sup S"
    by (auto simp add: isLub_def leastP_def setle_def setge_def isUb_def)
  moreover
  have "Sup S \<le> ?m" using Sm lub
    by (auto simp add: isLub_def leastP_def isUb_def setle_def setge_def)
  ultimately  show ?thesis by arith
qed

lemma Sup_finite_in:
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "Sup S \<in> S"
  using Sup_finite_Max[OF fS Se] Max_in[OF fS Se] by metis

lemma Sup_finite_ge_iff: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "a \<le> Sup S \<longleftrightarrow> (\<exists> x \<in> S. a \<le> x)"
by (metis Max_ge Se Sup_finite_Max Sup_finite_in fS linorder_not_le less_le_trans)

lemma Sup_finite_le_iff: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "a \<ge> Sup S \<longleftrightarrow> (\<forall> x \<in> S. a \<ge> x)"
by (metis Max_ge Se Sup_finite_Max Sup_finite_in fS order_trans)

lemma Sup_finite_gt_iff: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "a < Sup S \<longleftrightarrow> (\<exists> x \<in> S. a < x)"
by (metis Se Sup_finite_le_iff fS linorder_not_less)

lemma Sup_finite_lt_iff: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "a > Sup S \<longleftrightarrow> (\<forall> x \<in> S. a > x)"
by (metis Se Sup_finite_ge_iff fS linorder_not_less)

lemma Sup_unique:
  fixes S :: "real set"
  shows "S *<= b \<Longrightarrow> (\<forall>b' < b. \<exists>x \<in> S. b' < x) \<Longrightarrow> Sup S = b"
unfolding setle_def
apply (rule Sup_eq, auto) 
apply (metis linorder_not_less) 
done

lemma Sup_abs_le:
  fixes S :: "real set"
  shows "S \<noteq> {} \<Longrightarrow> (\<forall>x\<in>S. \<bar>x\<bar> \<le> a) \<Longrightarrow> \<bar>Sup S\<bar> \<le> a"
by (auto simp add: abs_le_interval_iff) (metis Sup_upper2) 

lemma Sup_bounds:
  fixes S :: "real set"
  assumes Se: "S \<noteq> {}" and l: "a <=* S" and u: "S *<= b"
  shows "a \<le> Sup S \<and> Sup S \<le> b"
proof-
  from Sup[OF Se] u have lub: "isLub UNIV S (Sup S)" by blast
  hence b: "Sup S \<le> b" using u 
    by (auto simp add: isLub_def leastP_def setle_def setge_def isUb_def) 
  from Se obtain y where y: "y \<in> S" by blast
  from lub l have "a \<le> Sup S"
    by (auto simp add: isLub_def leastP_def setle_def setge_def isUb_def)
       (metis le_iff_sup le_sup_iff y)
  with b show ?thesis by blast
qed

lemma Sup_asclose: 
  fixes S :: "real set"
  assumes S:"S \<noteq> {}" and b: "\<forall>x\<in>S. \<bar>x - l\<bar> \<le> e" shows "\<bar>Sup S - l\<bar> \<le> e"
proof-
  have th: "\<And>(x::real) l e. \<bar>x - l\<bar> \<le> e \<longleftrightarrow> l - e \<le> x \<and> x \<le> l + e" by arith
  thus ?thesis using S b Sup_bounds[of S "l - e" "l+e"] unfolding th
    by  (auto simp add: setge_def setle_def)
qed

lemma Sup_lessThan[simp]: "Sup {..<x} = (x::real)"
  by (auto intro!: Sup_eq intro: dense_le)

lemma Sup_greaterThanLessThan[simp]: "y < x \<Longrightarrow> Sup {y<..<x} = (x::real)"
  by (auto intro!: Sup_eq intro: dense_le_bounded)

lemma Sup_atLeastLessThan[simp]: "y < x \<Longrightarrow> Sup {y..<x} = (x::real)"
  by (auto intro!: Sup_eq intro: dense_le_bounded)

lemma Sup_atMost[simp]: "Sup {..x} = (x::real)"
  by (auto intro!: Sup_eq_maximum)

lemma Sup_greaterThanAtMost[simp]: "y < x \<Longrightarrow> Sup {y<..x} = (x::real)"
  by (auto intro!: Sup_eq_maximum)

lemma Sup_atLeastAtMost[simp]: "y \<le> x \<Longrightarrow> Sup {y..x} = (x::real)"
  by (auto intro!: Sup_eq_maximum)


subsection{*Infimum of a set of reals*}

lemma Inf_lower [intro]: 
  fixes z :: real
  assumes x: "x \<in> X"
      and z: "!!x. x \<in> X \<Longrightarrow> z \<le> x"
  shows "Inf X \<le> x"
proof -
  have "-x \<le> Sup (uminus ` X)"
    by (rule Sup_upper [where z = "-z"]) (auto simp add: image_iff x z)
  thus ?thesis 
    by (auto simp add: Inf_real_def)
qed

lemma Inf_greatest [intro]: 
  fixes z :: real
  assumes x: "X \<noteq> {}"
      and z: "\<And>x. x \<in> X \<Longrightarrow> z \<le> x"
  shows "z \<le> Inf X"
proof -
  have "Sup (uminus ` X) \<le> -z" using x z by force
  hence "z \<le> - Sup (uminus ` X)"
    by simp
  thus ?thesis 
    by (auto simp add: Inf_real_def)
qed

lemma Inf_singleton [simp]: "Inf {x::real} = x"
  by (simp add: Inf_real_def) 
 
lemma Inf_eq_minimum: (*REAL_INF_MIN in HOL4*)
  fixes z :: real
  assumes x: "z \<in> X" and z: "!!x. x \<in> X \<Longrightarrow> z \<le> x"
  shows  "Inf X = z"
proof -
  have "Sup (uminus ` X) = -z" using x z
    by (force intro: Sup_eq_maximum x z)
  thus ?thesis
    by (simp add: Inf_real_def) 
qed
 
lemma Inf_lower2:
  fixes x :: real
  shows "x \<in> X \<Longrightarrow> x \<le> y \<Longrightarrow> (!!x. x \<in> X \<Longrightarrow> z \<le> x) \<Longrightarrow> Inf X \<le> y"
  by (metis Inf_lower order_trans)

lemma Inf_real_iff:
  fixes z :: real
  shows "X \<noteq> {} \<Longrightarrow> (!!x. x \<in> X \<Longrightarrow> z \<le> x) \<Longrightarrow> (\<exists>x\<in>X. x<y) \<longleftrightarrow> Inf X < y"
  by (metis Inf_greatest Inf_lower less_le_not_le linear
            order_less_le_trans)

lemma Inf_eq:
  fixes a :: real
  shows "(!!x. x \<in> X \<Longrightarrow> a \<le> x) \<Longrightarrow> (!!y. (!!x. x \<in> X \<Longrightarrow> y \<le> x) \<Longrightarrow> y \<le> a) \<Longrightarrow> Inf X = a"
  by (metis Inf_greatest Inf_lower add_le_cancel_left diff_add_cancel
        insert_absorb insert_not_empty order_antisym)

lemma Inf_ge: 
  fixes S :: "real set"
  shows "S \<noteq> {} \<Longrightarrow> b <=* S \<Longrightarrow> Inf S \<ge> b"
by (metis SupInf.Inf_greatest setge_def)

lemma Inf_lower_EX: 
  fixes x :: real
  shows "x \<in> X \<Longrightarrow> \<exists>z. \<forall>x. x \<in> X \<longrightarrow> z \<le> x \<Longrightarrow> Inf X \<le> x"
  by blast

lemma Inf_insert_nonempty: 
  fixes x :: real
  assumes x: "x \<in> X"
      and z: "!!x. x \<in> X \<Longrightarrow> z \<le> x"
  shows "Inf (insert a X) = min a (Inf X)"
proof (cases "a \<le> Inf X")
  case True
  thus ?thesis
    by (simp add: min_def)
       (blast intro: Inf_eq_minimum order_trans z)
next
  case False
  hence 1:"Inf X < a" by simp
  have "Inf (insert a X) \<le> Inf X"
    apply (rule Inf_greatest)
    apply (metis ex_in_conv x)
    apply (rule Inf_lower_EX)
    apply (erule insertI2)
    apply (metis insert_iff linear order_refl order_trans z)
    done
  moreover 
  have "Inf X \<le> Inf (insert a X)"
    apply (rule Inf_greatest)
    apply blast
    apply (metis False Inf_lower insertE linear z) 
    done
  ultimately have "Inf (insert a X) = Inf X"
    by (blast intro:  antisym )
  thus ?thesis
    by (metis False min_max.inf_absorb2 linear)
qed

lemma Inf_insert_if: 
  fixes X :: "real set"
  assumes z:  "!!x. x \<in> X \<Longrightarrow> z \<le> x"
  shows "Inf (insert a X) = (if X={} then a else min a (Inf X))"
by auto (metis Inf_insert_nonempty z) 

lemma Inf_greater:
  fixes z :: real
  shows "X \<noteq> {} \<Longrightarrow> Inf X < z \<Longrightarrow> \<exists>x \<in> X. x < z"
  by (metis Inf_real_iff mem_def not_leE)

lemma Inf_close:
  fixes e :: real
  shows "X \<noteq> {} \<Longrightarrow> 0 < e \<Longrightarrow> \<exists>x \<in> X. x < Inf X + e"
  by (metis add_strict_increasing add_commute Inf_greater linorder_not_le pos_add_strict)

lemma Inf_finite_Min:
  fixes S :: "real set"
  shows "finite S \<Longrightarrow> S \<noteq> {} \<Longrightarrow> Inf S = Min S"
by (simp add: Inf_real_def Sup_finite_Max image_image) 

lemma Inf_finite_in: 
  fixes S :: "real set"
  assumes fS: "finite S" and Se: "S \<noteq> {}"
  shows "Inf S \<in> S"
  using Inf_finite_Min[OF fS Se] Min_in[OF fS Se] by metis

lemma Inf_finite_ge_iff: 
  fixes S :: "real set"
  shows "finite S \<Longrightarrow> S \<noteq> {} \<Longrightarrow> a \<le> Inf S \<longleftrightarrow> (\<forall> x \<in> S. a \<le> x)"
by (metis Inf_finite_Min Inf_finite_in Min_le order_trans)

lemma Inf_finite_le_iff:
  fixes S :: "real set"
  shows "finite S \<Longrightarrow> S \<noteq> {} \<Longrightarrow> a \<ge> Inf S \<longleftrightarrow> (\<exists> x \<in> S. a \<ge> x)"
by (metis Inf_finite_Min Inf_finite_ge_iff Inf_finite_in Min_le
          order_antisym linear)

lemma Inf_finite_gt_iff: 
  fixes S :: "real set"
  shows "finite S \<Longrightarrow> S \<noteq> {} \<Longrightarrow> a < Inf S \<longleftrightarrow> (\<forall> x \<in> S. a < x)"
by (metis Inf_finite_le_iff linorder_not_less)

lemma Inf_finite_lt_iff: 
  fixes S :: "real set"
  shows "finite S \<Longrightarrow> S \<noteq> {} \<Longrightarrow> a > Inf S \<longleftrightarrow> (\<exists> x \<in> S. a > x)"
by (metis Inf_finite_ge_iff linorder_not_less)

lemma Inf_unique:
  fixes S :: "real set"
  shows "b <=* S \<Longrightarrow> (\<forall>b' > b. \<exists>x \<in> S. b' > x) \<Longrightarrow> Inf S = b"
unfolding setge_def
apply (rule Inf_eq, auto) 
apply (metis less_le_not_le linorder_not_less) 
done

lemma Inf_abs_ge:
  fixes S :: "real set"
  shows "S \<noteq> {} \<Longrightarrow> (\<forall>x\<in>S. \<bar>x\<bar> \<le> a) \<Longrightarrow> \<bar>Inf S\<bar> \<le> a"
by (simp add: Inf_real_def) (rule Sup_abs_le, auto) 

lemma Inf_asclose:
  fixes S :: "real set"
  assumes S:"S \<noteq> {}" and b: "\<forall>x\<in>S. \<bar>x - l\<bar> \<le> e" shows "\<bar>Inf S - l\<bar> \<le> e"
proof -
  have "\<bar>- Sup (uminus ` S) - l\<bar> =  \<bar>Sup (uminus ` S) - (-l)\<bar>"
    by auto
  also have "... \<le> e" 
    apply (rule Sup_asclose) 
    apply (auto simp add: S)
    apply (metis abs_minus_add_cancel b add_commute diff_minus)
    done
  finally have "\<bar>- Sup (uminus ` S) - l\<bar> \<le> e" .
  thus ?thesis
    by (simp add: Inf_real_def)
qed

lemma Inf_greaterThanLessThan[simp]: "y < x \<Longrightarrow> Inf {y<..<x} = (y::real)"
  by (simp add: Inf_real_def)

lemma Inf_atLeastLessThan[simp]: "y < x \<Longrightarrow> Inf {y..<x} = (y::real)"
  by (simp add: Inf_real_def)

lemma Inf_atLeast[simp]: "Inf {x..} = (x::real)"
  by (simp add: Inf_real_def)

lemma Inf_greaterThanAtMost[simp]: "y < x \<Longrightarrow> Inf {y<..x} = (y::real)"
  by (simp add: Inf_real_def)

lemma Inf_atLeastAtMost[simp]: "y \<le> x \<Longrightarrow> Inf {y..x} = (y::real)"
  by (simp add: Inf_real_def)

subsection{*Relate max and min to Sup and Inf.*}

lemma real_max_Sup:
  fixes x :: real
  shows "max x y = Sup {x,y}"
proof-
  have f: "finite {x, y}" "{x,y} \<noteq> {}"  by simp_all
  from Sup_finite_le_iff[OF f, of "max x y"] have "Sup {x,y} \<le> max x y" by simp
  moreover
  have "max x y \<le> Sup {x,y}" using Sup_finite_ge_iff[OF f, of "max x y"]
    by (simp add: linorder_linear)
  ultimately show ?thesis by arith
qed

lemma real_min_Inf: 
  fixes x :: real
  shows "min x y = Inf {x,y}"
proof-
  have f: "finite {x, y}" "{x,y} \<noteq> {}"  by simp_all
  from Inf_finite_le_iff[OF f, of "min x y"] have "Inf {x,y} \<le> min x y"
    by (simp add: linorder_linear)
  moreover
  have "min x y \<le> Inf {x,y}" using Inf_finite_ge_iff[OF f, of "min x y"]
    by simp
  ultimately show ?thesis by arith
qed

lemma reals_complete_interval:
  fixes a::real and b::real
  assumes "a < b" and "P a" and "~P b"
  shows "\<exists>c. a \<le> c & c \<le> b & (\<forall>x. a \<le> x & x < c --> P x) &
             (\<forall>d. (\<forall>x. a \<le> x & x < d --> P x) --> d \<le> c)"
proof (rule exI [where x = "Sup {d. \<forall>x. a \<le> x & x < d --> P x}"], auto)
  show "a \<le> Sup {d. \<forall>c. a \<le> c \<and> c < d \<longrightarrow> P c}"
    by (rule SupInf.Sup_upper [where z=b], auto)
       (metis `a < b` `\<not> P b` linear less_le)
next
  show "Sup {d. \<forall>c. a \<le> c \<and> c < d \<longrightarrow> P c} \<le> b"
    apply (rule SupInf.Sup_least) 
    apply (auto simp add: )
    apply (metis less_le_not_le)
    apply (metis `a<b` `~ P b` linear less_le)
    done
next
  fix x
  assume x: "a \<le> x" and lt: "x < Sup {d. \<forall>c. a \<le> c \<and> c < d \<longrightarrow> P c}"
  show "P x"
    apply (rule less_SupE [OF lt], auto)
    apply (metis less_le_not_le)
    apply (metis x) 
    done
next
  fix d
    assume 0: "\<forall>x. a \<le> x \<and> x < d \<longrightarrow> P x"
    thus "d \<le> Sup {d. \<forall>c. a \<le> c \<and> c < d \<longrightarrow> P c}"
      by (rule_tac z="b" in SupInf.Sup_upper, auto) 
         (metis `a<b` `~ P b` linear less_le)
qed

end