Theory Topology_Euclidean_Space

theory Topology_Euclidean_Space
imports Indicator_Function Countable_Set FuncSet Linear_Algebra Norm_Arith
(*  title:      HOL/Library/Topology_Euclidian_Space.thy
    Author:     Amine Chaieb, University of Cambridge
    Author:     Robert Himmelmann, TU Muenchen
    Author:     Brian Huffman, Portland State University
*)

section ‹Elementary topology in Euclidean space.›

theory Topology_Euclidean_Space
imports
  "~~/src/HOL/Library/Indicator_Function"
  "~~/src/HOL/Library/Countable_Set"
  "~~/src/HOL/Library/FuncSet"
  Linear_Algebra
  Norm_Arith
begin

lemma image_affinity_interval:
  fixes c :: "'a::ordered_real_vector"
  shows "((λx. m *R x + c) ` {a..b}) = (if {a..b}={} then {}
            else if 0 <= m then {m *R a + c .. m  *R b + c}
            else {m *R b + c .. m *R a + c})"
  apply (case_tac "m=0", force)
  apply (auto simp: scaleR_left_mono)
  apply (rule_tac x="inverse m *R (x-c)" in rev_image_eqI, auto simp: pos_le_divideR_eq le_diff_eq scaleR_left_mono_neg)
  apply (metis diff_le_eq inverse_inverse_eq order.not_eq_order_implies_strict pos_le_divideR_eq positive_imp_inverse_positive)
  apply (rule_tac x="inverse m *R (x-c)" in rev_image_eqI, auto simp: not_le neg_le_divideR_eq diff_le_eq)
  using le_diff_eq scaleR_le_cancel_left_neg
  apply fastforce
  done

lemma dist_0_norm:
  fixes x :: "'a::real_normed_vector"
  shows "dist 0 x = norm x"
unfolding dist_norm by simp

lemma dist_double: "dist x y < d / 2 ⟹ dist x z < d / 2 ⟹ dist y z < d"
  using dist_triangle[of y z x] by (simp add: dist_commute)

(* LEGACY *)
lemma lim_subseq: "subseq r ⟹ s ⇢ l ⟹ (s ∘ r) ⇢ l"
  by (rule LIMSEQ_subseq_LIMSEQ)

lemma countable_PiE:
  "finite I ⟹ (⋀i. i ∈ I ⟹ countable (F i)) ⟹ countable (PiE I F)"
  by (induct I arbitrary: F rule: finite_induct) (auto simp: PiE_insert_eq)

lemma Lim_within_open:
  fixes f :: "'a::topological_space ⇒ 'b::topological_space"
  shows "a ∈ S ⟹ open S ⟹ (f ⤏ l)(at a within S) ⟷ (f ⤏ l)(at a)"
  by (fact tendsto_within_open)

lemma Lim_within_open_NO_MATCH:
  fixes f :: "'a::topological_space ⇒ 'b::topological_space"
  shows "a ∈ S ⟹ NO_MATCH UNIV S ⟹ open S ⟹ (f ⤏ l)(at a within S) ⟷ (f ⤏ l)(at a)"
using tendsto_within_open by blast

lemma continuous_on_union:
  "closed s ⟹ closed t ⟹ continuous_on s f ⟹ continuous_on t f ⟹ continuous_on (s ∪ t) f"
  by (fact continuous_on_closed_Un)

lemma continuous_on_cases:
  "closed s ⟹ closed t ⟹ continuous_on s f ⟹ continuous_on t g ⟹
    ∀x. (x∈s ∧ ¬ P x) ∨ (x ∈ t ∧ P x) ⟶ f x = g x ⟹
    continuous_on (s ∪ t) (λx. if P x then f x else g x)"
  by (rule continuous_on_If) auto


subsection ‹Topological Basis›

context topological_space
begin

definition "topological_basis B ⟷
  (∀b∈B. open b) ∧ (∀x. open x ⟶ (∃B'. B' ⊆ B ∧ ⋃B' = x))"

lemma topological_basis:
  "topological_basis B ⟷ (∀x. open x ⟷ (∃B'. B' ⊆ B ∧ ⋃B' = x))"
  unfolding topological_basis_def
  apply safe
     apply fastforce
    apply fastforce
   apply (erule_tac x="x" in allE)
   apply simp
   apply (rule_tac x="{x}" in exI)
  apply auto
  done

lemma topological_basis_iff:
  assumes "⋀B'. B' ∈ B ⟹ open B'"
  shows "topological_basis B ⟷ (∀O'. open O' ⟶ (∀x∈O'. ∃B'∈B. x ∈ B' ∧ B' ⊆ O'))"
    (is "_ ⟷ ?rhs")
proof safe
  fix O' and x::'a
  assume H: "topological_basis B" "open O'" "x ∈ O'"
  then have "(∃B'⊆B. ⋃B' = O')" by (simp add: topological_basis_def)
  then obtain B' where "B' ⊆ B" "O' = ⋃B'" by auto
  then show "∃B'∈B. x ∈ B' ∧ B' ⊆ O'" using H by auto
next
  assume H: ?rhs
  show "topological_basis B"
    using assms unfolding topological_basis_def
  proof safe
    fix O' :: "'a set"
    assume "open O'"
    with H obtain f where "∀x∈O'. f x ∈ B ∧ x ∈ f x ∧ f x ⊆ O'"
      by (force intro: bchoice simp: Bex_def)
    then show "∃B'⊆B. ⋃B' = O'"
      by (auto intro: exI[where x="{f x |x. x ∈ O'}"])
  qed
qed

lemma topological_basisI:
  assumes "⋀B'. B' ∈ B ⟹ open B'"
    and "⋀O' x. open O' ⟹ x ∈ O' ⟹ ∃B'∈B. x ∈ B' ∧ B' ⊆ O'"
  shows "topological_basis B"
  using assms by (subst topological_basis_iff) auto

lemma topological_basisE:
  fixes O'
  assumes "topological_basis B"
    and "open O'"
    and "x ∈ O'"
  obtains B' where "B' ∈ B" "x ∈ B'" "B' ⊆ O'"
proof atomize_elim
  from assms have "⋀B'. B'∈B ⟹ open B'"
    by (simp add: topological_basis_def)
  with topological_basis_iff assms
  show  "∃B'. B' ∈ B ∧ x ∈ B' ∧ B' ⊆ O'"
    using assms by (simp add: Bex_def)
qed

lemma topological_basis_open:
  assumes "topological_basis B"
    and "X ∈ B"
  shows "open X"
  using assms by (simp add: topological_basis_def)

lemma topological_basis_imp_subbasis:
  assumes B: "topological_basis B"
  shows "open = generate_topology B"
proof (intro ext iffI)
  fix S :: "'a set"
  assume "open S"
  with B obtain B' where "B' ⊆ B" "S = ⋃B'"
    unfolding topological_basis_def by blast
  then show "generate_topology B S"
    by (auto intro: generate_topology.intros dest: topological_basis_open)
next
  fix S :: "'a set"
  assume "generate_topology B S"
  then show "open S"
    by induct (auto dest: topological_basis_open[OF B])
qed

lemma basis_dense:
  fixes B :: "'a set set"
    and f :: "'a set ⇒ 'a"
  assumes "topological_basis B"
    and choosefrom_basis: "⋀B'. B' ≠ {} ⟹ f B' ∈ B'"
  shows "∀X. open X ⟶ X ≠ {} ⟶ (∃B' ∈ B. f B' ∈ X)"
proof (intro allI impI)
  fix X :: "'a set"
  assume "open X" and "X ≠ {}"
  from topological_basisE[OF ‹topological_basis B› ‹open X› choosefrom_basis[OF ‹X ≠ {}›]]
  obtain B' where "B' ∈ B" "f X ∈ B'" "B' ⊆ X" .
  then show "∃B'∈B. f B' ∈ X"
    by (auto intro!: choosefrom_basis)
qed

end

lemma topological_basis_prod:
  assumes A: "topological_basis A"
    and B: "topological_basis B"
  shows "topological_basis ((λ(a, b). a × b) ` (A × B))"
  unfolding topological_basis_def
proof (safe, simp_all del: ex_simps add: subset_image_iff ex_simps(1)[symmetric])
  fix S :: "('a × 'b) set"
  assume "open S"
  then show "∃X⊆A × B. (⋃(a,b)∈X. a × b) = S"
  proof (safe intro!: exI[of _ "{x∈A × B. fst x × snd x ⊆ S}"])
    fix x y
    assume "(x, y) ∈ S"
    from open_prod_elim[OF ‹open S› this]
    obtain a b where a: "open a""x ∈ a" and b: "open b" "y ∈ b" and "a × b ⊆ S"
      by (metis mem_Sigma_iff)
    moreover
    from A a obtain A0 where "A0 ∈ A" "x ∈ A0" "A0 ⊆ a"
      by (rule topological_basisE)
    moreover
    from B b obtain B0 where "B0 ∈ B" "y ∈ B0" "B0 ⊆ b"
      by (rule topological_basisE)
    ultimately show "(x, y) ∈ (⋃(a, b)∈{X ∈ A × B. fst X × snd X ⊆ S}. a × b)"
      by (intro UN_I[of "(A0, B0)"]) auto
  qed auto
qed (metis A B topological_basis_open open_Times)


subsection ‹Countable Basis›

locale countable_basis =
  fixes B :: "'a::topological_space set set"
  assumes is_basis: "topological_basis B"
    and countable_basis: "countable B"
begin

lemma open_countable_basis_ex:
  assumes "open X"
  shows "∃B' ⊆ B. X = ⋃B'"
  using assms countable_basis is_basis
  unfolding topological_basis_def by blast

lemma open_countable_basisE:
  assumes "open X"
  obtains B' where "B' ⊆ B" "X = ⋃B'"
  using assms open_countable_basis_ex
  by (atomize_elim) simp

lemma countable_dense_exists:
  "∃D::'a set. countable D ∧ (∀X. open X ⟶ X ≠ {} ⟶ (∃d ∈ D. d ∈ X))"
proof -
  let ?f = "(λB'. SOME x. x ∈ B')"
  have "countable (?f ` B)" using countable_basis by simp
  with basis_dense[OF is_basis, of ?f] show ?thesis
    by (intro exI[where x="?f ` B"]) (metis (mono_tags) all_not_in_conv imageI someI)
qed

lemma countable_dense_setE:
  obtains D :: "'a set"
  where "countable D" "⋀X. open X ⟹ X ≠ {} ⟹ ∃d ∈ D. d ∈ X"
  using countable_dense_exists by blast

end

lemma (in first_countable_topology) first_countable_basisE:
  obtains A where "countable A" "⋀a. a ∈ A ⟹ x ∈ a" "⋀a. a ∈ A ⟹ open a"
    "⋀S. open S ⟹ x ∈ S ⟹ (∃a∈A. a ⊆ S)"
  using first_countable_basis[of x]
  apply atomize_elim
  apply (elim exE)
  apply (rule_tac x="range A" in exI)
  apply auto
  done

lemma (in first_countable_topology) first_countable_basis_Int_stableE:
  obtains A where "countable A" "⋀a. a ∈ A ⟹ x ∈ a" "⋀a. a ∈ A ⟹ open a"
    "⋀S. open S ⟹ x ∈ S ⟹ (∃a∈A. a ⊆ S)"
    "⋀a b. a ∈ A ⟹ b ∈ A ⟹ a ∩ b ∈ A"
proof atomize_elim
  obtain A' where A':
    "countable A'"
    "⋀a. a ∈ A' ⟹ x ∈ a"
    "⋀a. a ∈ A' ⟹ open a"
    "⋀S. open S ⟹ x ∈ S ⟹ ∃a∈A'. a ⊆ S"
    by (rule first_countable_basisE) blast
  def A  "(λN. ⋂((λn. from_nat_into A' n) ` N)) ` (Collect finite::nat set set)"
  then show "∃A. countable A ∧ (∀a. a ∈ A ⟶ x ∈ a) ∧ (∀a. a ∈ A ⟶ open a) ∧
        (∀S. open S ⟶ x ∈ S ⟶ (∃a∈A. a ⊆ S)) ∧ (∀a b. a ∈ A ⟶ b ∈ A ⟶ a ∩ b ∈ A)"
  proof (safe intro!: exI[where x=A])
    show "countable A"
      unfolding A_def by (intro countable_image countable_Collect_finite)
    fix a
    assume "a ∈ A"
    then show "x ∈ a" "open a"
      using A'(4)[OF open_UNIV] by (auto simp: A_def intro: A' from_nat_into)
  next
    let ?int = "λN. ⋂(from_nat_into A' ` N)"
    fix a b
    assume "a ∈ A" "b ∈ A"
    then obtain N M where "a = ?int N" "b = ?int M" "finite (N ∪ M)"
      by (auto simp: A_def)
    then show "a ∩ b ∈ A"
      by (auto simp: A_def intro!: image_eqI[where x="N ∪ M"])
  next
    fix S
    assume "open S" "x ∈ S"
    then obtain a where a: "a∈A'" "a ⊆ S" using A' by blast
    then show "∃a∈A. a ⊆ S" using a A'
      by (intro bexI[where x=a]) (auto simp: A_def intro: image_eqI[where x="{to_nat_on A' a}"])
  qed
qed

lemma (in topological_space) first_countableI:
  assumes "countable A"
    and 1: "⋀a. a ∈ A ⟹ x ∈ a" "⋀a. a ∈ A ⟹ open a"
    and 2: "⋀S. open S ⟹ x ∈ S ⟹ ∃a∈A. a ⊆ S"
  shows "∃A::nat ⇒ 'a set. (∀i. x ∈ A i ∧ open (A i)) ∧ (∀S. open S ∧ x ∈ S ⟶ (∃i. A i ⊆ S))"
proof (safe intro!: exI[of _ "from_nat_into A"])
  fix i
  have "A ≠ {}" using 2[of UNIV] by auto
  show "x ∈ from_nat_into A i" "open (from_nat_into A i)"
    using range_from_nat_into_subset[OF ‹A ≠ {}›] 1 by auto
next
  fix S
  assume "open S" "x∈S" from 2[OF this]
  show "∃i. from_nat_into A i ⊆ S"
    using subset_range_from_nat_into[OF ‹countable A›] by auto
qed

instance prod :: (first_countable_topology, first_countable_topology) first_countable_topology
proof
  fix x :: "'a × 'b"
  obtain A where A:
      "countable A"
      "⋀a. a ∈ A ⟹ fst x ∈ a"
      "⋀a. a ∈ A ⟹ open a"
      "⋀S. open S ⟹ fst x ∈ S ⟹ ∃a∈A. a ⊆ S"
    by (rule first_countable_basisE[of "fst x"]) blast
  obtain B where B:
      "countable B"
      "⋀a. a ∈ B ⟹ snd x ∈ a"
      "⋀a. a ∈ B ⟹ open a"
      "⋀S. open S ⟹ snd x ∈ S ⟹ ∃a∈B. a ⊆ S"
    by (rule first_countable_basisE[of "snd x"]) blast
  show "∃A::nat ⇒ ('a × 'b) set.
    (∀i. x ∈ A i ∧ open (A i)) ∧ (∀S. open S ∧ x ∈ S ⟶ (∃i. A i ⊆ S))"
  proof (rule first_countableI[of "(λ(a, b). a × b) ` (A × B)"], safe)
    fix a b
    assume x: "a ∈ A" "b ∈ B"
    with A(2, 3)[of a] B(2, 3)[of b] show "x ∈ a × b" and "open (a × b)"
      unfolding mem_Times_iff
      by (auto intro: open_Times)
  next
    fix S
    assume "open S" "x ∈ S"
    then obtain a' b' where a'b': "open a'" "open b'" "x ∈ a' × b'" "a' × b' ⊆ S"
      by (rule open_prod_elim)
    moreover
    from a'b' A(4)[of a'] B(4)[of b']
    obtain a b where "a ∈ A" "a ⊆ a'" "b ∈ B" "b ⊆ b'"
      by auto
    ultimately
    show "∃a∈(λ(a, b). a × b) ` (A × B). a ⊆ S"
      by (auto intro!: bexI[of _ "a × b"] bexI[of _ a] bexI[of _ b])
  qed (simp add: A B)
qed

class second_countable_topology = topological_space +
  assumes ex_countable_subbasis:
    "∃B::'a::topological_space set set. countable B ∧ open = generate_topology B"
begin

lemma ex_countable_basis: "∃B::'a set set. countable B ∧ topological_basis B"
proof -
  from ex_countable_subbasis obtain B where B: "countable B" "open = generate_topology B"
    by blast
  let ?B = "Inter ` {b. finite b ∧ b ⊆ B }"

  show ?thesis
  proof (intro exI conjI)
    show "countable ?B"
      by (intro countable_image countable_Collect_finite_subset B)
    {
      fix S
      assume "open S"
      then have "∃B'⊆{b. finite b ∧ b ⊆ B}. (⋃b∈B'. ⋂b) = S"
        unfolding B
      proof induct
        case UNIV
        show ?case by (intro exI[of _ "{{}}"]) simp
      next
        case (Int a b)
        then obtain x y where x: "a = UNION x Inter" "⋀i. i ∈ x ⟹ finite i ∧ i ⊆ B"
          and y: "b = UNION y Inter" "⋀i. i ∈ y ⟹ finite i ∧ i ⊆ B"
          by blast
        show ?case
          unfolding x y Int_UN_distrib2
          by (intro exI[of _ "{i ∪ j| i j.  i ∈ x ∧ j ∈ y}"]) (auto dest: x(2) y(2))
      next
        case (UN K)
        then have "∀k∈K. ∃B'⊆{b. finite b ∧ b ⊆ B}. UNION B' Inter = k" by auto
        then obtain k where
            "∀ka∈K. k ka ⊆ {b. finite b ∧ b ⊆ B} ∧ UNION (k ka) Inter = ka"
          unfolding bchoice_iff ..
        then show "∃B'⊆{b. finite b ∧ b ⊆ B}. UNION B' Inter = ⋃K"
          by (intro exI[of _ "UNION K k"]) auto
      next
        case (Basis S)
        then show ?case
          by (intro exI[of _ "{{S}}"]) auto
      qed
      then have "(∃B'⊆Inter ` {b. finite b ∧ b ⊆ B}. ⋃B' = S)"
        unfolding subset_image_iff by blast }
    then show "topological_basis ?B"
      unfolding topological_space_class.topological_basis_def
      by (safe intro!: topological_space_class.open_Inter)
         (simp_all add: B generate_topology.Basis subset_eq)
  qed
qed

end

sublocale second_countable_topology <
  countable_basis "SOME B. countable B ∧ topological_basis B"
  using someI_ex[OF ex_countable_basis]
  by unfold_locales safe

instance prod :: (second_countable_topology, second_countable_topology) second_countable_topology
proof
  obtain A :: "'a set set" where "countable A" "topological_basis A"
    using ex_countable_basis by auto
  moreover
  obtain B :: "'b set set" where "countable B" "topological_basis B"
    using ex_countable_basis by auto
  ultimately show "∃B::('a × 'b) set set. countable B ∧ open = generate_topology B"
    by (auto intro!: exI[of _ "(λ(a, b). a × b) ` (A × B)"] topological_basis_prod
      topological_basis_imp_subbasis)
qed

instance second_countable_topology  first_countable_topology
proof
  fix x :: 'a
  def B  "SOME B::'a set set. countable B ∧ topological_basis B"
  then have B: "countable B" "topological_basis B"
    using countable_basis is_basis
    by (auto simp: countable_basis is_basis)
  then show "∃A::nat ⇒ 'a set.
    (∀i. x ∈ A i ∧ open (A i)) ∧ (∀S. open S ∧ x ∈ S ⟶ (∃i. A i ⊆ S))"
    by (intro first_countableI[of "{b∈B. x ∈ b}"])
       (fastforce simp: topological_space_class.topological_basis_def)+
qed


subsection ‹Polish spaces›

text ‹Textbooks define Polish spaces as completely metrizable.
  We assume the topology to be complete for a given metric.›

class polish_space = complete_space + second_countable_topology

subsection ‹General notion of a topology as a value›

definition "istopology L ⟷
  L {} ∧ (∀S T. L S ⟶ L T ⟶ L (S ∩ T)) ∧ (∀K. Ball K L ⟶ L (⋃K))"

typedef 'a topology = "{L::('a set) ⇒ bool. istopology L}"
  morphisms "openin" "topology"
  unfolding istopology_def by blast

lemma istopology_open_in[intro]: "istopology(openin U)"
  using openin[of U] by blast

lemma topology_inverse': "istopology U ⟹ openin (topology U) = U"
  using topology_inverse[unfolded mem_Collect_eq] .

lemma topology_inverse_iff: "istopology U ⟷ openin (topology U) = U"
  using topology_inverse[of U] istopology_open_in[of "topology U"] by auto

lemma topology_eq: "T1 = T2 ⟷ (∀S. openin T1 S ⟷ openin T2 S)"
proof
  assume "T1 = T2"
  then show "∀S. openin T1 S ⟷ openin T2 S" by simp
next
  assume H: "∀S. openin T1 S ⟷ openin T2 S"
  then have "openin T1 = openin T2" by (simp add: fun_eq_iff)
  then have "topology (openin T1) = topology (openin T2)" by simp
  then show "T1 = T2" unfolding openin_inverse .
qed

text‹Infer the "universe" from union of all sets in the topology.›

definition "topspace T = ⋃{S. openin T S}"

subsubsection ‹Main properties of open sets›

lemma openin_clauses:
  fixes U :: "'a topology"
  shows
    "openin U {}"
    "⋀S T. openin U S ⟹ openin U T ⟹ openin U (S∩T)"
    "⋀K. (∀S ∈ K. openin U S) ⟹ openin U (⋃K)"
  using openin[of U] unfolding istopology_def mem_Collect_eq by fast+

lemma openin_subset[intro]: "openin U S ⟹ S ⊆ topspace U"
  unfolding topspace_def by blast

lemma openin_empty[simp]: "openin U {}"
  by (simp add: openin_clauses)

lemma openin_Int[intro]: "openin U S ⟹ openin U T ⟹ openin U (S ∩ T)"
  using openin_clauses by simp

lemma openin_Union[intro]: "(∀S ∈K. openin U S) ⟹ openin U (⋃K)"
  using openin_clauses by simp

lemma openin_Un[intro]: "openin U S ⟹ openin U T ⟹ openin U (S ∪ T)"
  using openin_Union[of "{S,T}" U] by auto

lemma openin_topspace[intro, simp]: "openin U (topspace U)"
  by (simp add: openin_Union topspace_def)

lemma openin_subopen: "openin U S ⟷ (∀x ∈ S. ∃T. openin U T ∧ x ∈ T ∧ T ⊆ S)"
  (is "?lhs ⟷ ?rhs")
proof
  assume ?lhs
  then show ?rhs by auto
next
  assume H: ?rhs
  let ?t = "⋃{T. openin U T ∧ T ⊆ S}"
  have "openin U ?t" by (simp add: openin_Union)
  also have "?t = S" using H by auto
  finally show "openin U S" .
qed


subsubsection ‹Closed sets›

definition "closedin U S ⟷ S ⊆ topspace U ∧ openin U (topspace U - S)"

lemma closedin_subset: "closedin U S ⟹ S ⊆ topspace U"
  by (metis closedin_def)

lemma closedin_empty[simp]: "closedin U {}"
  by (simp add: closedin_def)

lemma closedin_topspace[intro, simp]: "closedin U (topspace U)"
  by (simp add: closedin_def)

lemma closedin_Un[intro]: "closedin U S ⟹ closedin U T ⟹ closedin U (S ∪ T)"
  by (auto simp add: Diff_Un closedin_def)

lemma Diff_Inter[intro]: "A - ⋂S = ⋃{A - s|s. s∈S}"
  by auto

lemma closedin_Inter[intro]:
  assumes Ke: "K ≠ {}"
    and Kc: "⋀S. S ∈K ⟹ closedin U S"
  shows "closedin U (⋂K)"
  using Ke Kc unfolding closedin_def Diff_Inter by auto

lemma closedin_INT[intro]:
  assumes "A ≠ {}" "⋀x. x ∈ A ⟹ closedin U (B x)"
  shows "closedin U (⋂x∈A. B x)"
  unfolding Inter_image_eq [symmetric]
  apply (rule closedin_Inter)
  using assms
  apply auto
  done

lemma closedin_Int[intro]: "closedin U S ⟹ closedin U T ⟹ closedin U (S ∩ T)"
  using closedin_Inter[of "{S,T}" U] by auto

lemma openin_closedin_eq: "openin U S ⟷ S ⊆ topspace U ∧ closedin U (topspace U - S)"
  apply (auto simp add: closedin_def Diff_Diff_Int inf_absorb2)
  apply (metis openin_subset subset_eq)
  done

lemma openin_closedin: "S ⊆ topspace U ⟹ (openin U S ⟷ closedin U (topspace U - S))"
  by (simp add: openin_closedin_eq)

lemma openin_diff[intro]:
  assumes oS: "openin U S"
    and cT: "closedin U T"
  shows "openin U (S - T)"
proof -
  have "S - T = S ∩ (topspace U - T)" using openin_subset[of U S]  oS cT
    by (auto simp add: topspace_def openin_subset)
  then show ?thesis using oS cT
    by (auto simp add: closedin_def)
qed

lemma closedin_diff[intro]:
  assumes oS: "closedin U S"
    and cT: "openin U T"
  shows "closedin U (S - T)"
proof -
  have "S - T = S ∩ (topspace U - T)"
    using closedin_subset[of U S] oS cT by (auto simp add: topspace_def)
  then show ?thesis
    using oS cT by (auto simp add: openin_closedin_eq)
qed


subsubsection ‹Subspace topology›

definition "subtopology U V = topology (λT. ∃S. T = S ∩ V ∧ openin U S)"

lemma istopology_subtopology: "istopology (λT. ∃S. T = S ∩ V ∧ openin U S)"
  (is "istopology ?L")
proof -
  have "?L {}" by blast
  {
    fix A B
    assume A: "?L A" and B: "?L B"
    from A B obtain Sa and Sb where Sa: "openin U Sa" "A = Sa ∩ V" and Sb: "openin U Sb" "B = Sb ∩ V"
      by blast
    have "A ∩ B = (Sa ∩ Sb) ∩ V" "openin U (Sa ∩ Sb)"
      using Sa Sb by blast+
    then have "?L (A ∩ B)" by blast
  }
  moreover
  {
    fix K
    assume K: "K ⊆ Collect ?L"
    have th0: "Collect ?L = (λS. S ∩ V) ` Collect (openin U)"
      by blast
    from K[unfolded th0 subset_image_iff]
    obtain Sk where Sk: "Sk ⊆ Collect (openin U)" "K = (λS. S ∩ V) ` Sk"
      by blast
    have "⋃K = (⋃Sk) ∩ V"
      using Sk by auto
    moreover have "openin U (⋃Sk)"
      using Sk by (auto simp add: subset_eq)
    ultimately have "?L (⋃K)" by blast
  }
  ultimately show ?thesis
    unfolding subset_eq mem_Collect_eq istopology_def by blast
qed

lemma openin_subtopology: "openin (subtopology U V) S ⟷ (∃T. openin U T ∧ S = T ∩ V)"
  unfolding subtopology_def topology_inverse'[OF istopology_subtopology]
  by auto

lemma topspace_subtopology: "topspace (subtopology U V) = topspace U ∩ V"
  by (auto simp add: topspace_def openin_subtopology)

lemma closedin_subtopology: "closedin (subtopology U V) S ⟷ (∃T. closedin U T ∧ S = T ∩ V)"
  unfolding closedin_def topspace_subtopology
  by (auto simp add: openin_subtopology)

lemma openin_subtopology_refl: "openin (subtopology U V) V ⟷ V ⊆ topspace U"
  unfolding openin_subtopology
  by auto (metis IntD1 in_mono openin_subset)

lemma subtopology_superset:
  assumes UV: "topspace U ⊆ V"
  shows "subtopology U V = U"
proof -
  {
    fix S
    {
      fix T
      assume T: "openin U T" "S = T ∩ V"
      from T openin_subset[OF T(1)] UV have eq: "S = T"
        by blast
      have "openin U S"
        unfolding eq using T by blast
    }
    moreover
    {
      assume S: "openin U S"
      then have "∃T. openin U T ∧ S = T ∩ V"
        using openin_subset[OF S] UV by auto
    }
    ultimately have "(∃T. openin U T ∧ S = T ∩ V) ⟷ openin U S"
      by blast
  }
  then show ?thesis
    unfolding topology_eq openin_subtopology by blast
qed

lemma subtopology_topspace[simp]: "subtopology U (topspace U) = U"
  by (simp add: subtopology_superset)

lemma subtopology_UNIV[simp]: "subtopology U UNIV = U"
  by (simp add: subtopology_superset)


subsubsection ‹The standard Euclidean topology›

definition euclidean :: "'a::topological_space topology"
  where "euclidean = topology open"

lemma open_openin: "open S ⟷ openin euclidean S"
  unfolding euclidean_def
  apply (rule cong[where x=S and y=S])
  apply (rule topology_inverse[symmetric])
  apply (auto simp add: istopology_def)
  done

lemma topspace_euclidean: "topspace euclidean = UNIV"
  apply (simp add: topspace_def)
  apply (rule set_eqI)
  apply (auto simp add: open_openin[symmetric])
  done

lemma topspace_euclidean_subtopology[simp]: "topspace (subtopology euclidean S) = S"
  by (simp add: topspace_euclidean topspace_subtopology)

lemma closed_closedin: "closed S ⟷ closedin euclidean S"
  by (simp add: closed_def closedin_def topspace_euclidean open_openin Compl_eq_Diff_UNIV)

lemma open_subopen: "open S ⟷ (∀x∈S. ∃T. open T ∧ x ∈ T ∧ T ⊆ S)"
  by (simp add: open_openin openin_subopen[symmetric])

text ‹Basic "localization" results are handy for connectedness.›

lemma openin_open: "openin (subtopology euclidean U) S ⟷ (∃T. open T ∧ (S = U ∩ T))"
  by (auto simp add: openin_subtopology open_openin[symmetric])

lemma openin_open_Int[intro]: "open S ⟹ openin (subtopology euclidean U) (U ∩ S)"
  by (auto simp add: openin_open)

lemma open_openin_trans[trans]:
  "open S ⟹ open T ⟹ T ⊆ S ⟹ openin (subtopology euclidean S) T"
  by (metis Int_absorb1  openin_open_Int)

lemma open_subset: "S ⊆ T ⟹ open S ⟹ openin (subtopology euclidean T) S"
  by (auto simp add: openin_open)

lemma closedin_closed: "closedin (subtopology euclidean U) S ⟷ (∃T. closed T ∧ S = U ∩ T)"
  by (simp add: closedin_subtopology closed_closedin Int_ac)

lemma closedin_closed_Int: "closed S ⟹ closedin (subtopology euclidean U) (U ∩ S)"
  by (metis closedin_closed)

lemma closed_closedin_trans:
  "closed S ⟹ closed T ⟹ T ⊆ S ⟹ closedin (subtopology euclidean S) T"
  by (metis closedin_closed inf.absorb2)

lemma closed_subset: "S ⊆ T ⟹ closed S ⟹ closedin (subtopology euclidean T) S"
  by (auto simp add: closedin_closed)

lemma openin_euclidean_subtopology_iff:
  fixes S U :: "'a::metric_space set"
  shows "openin (subtopology euclidean U) S ⟷
    S ⊆ U ∧ (∀x∈S. ∃e>0. ∀x'∈U. dist x' x < e ⟶ x'∈ S)"
  (is "?lhs ⟷ ?rhs")
proof
  assume ?lhs
  then show ?rhs
    unfolding openin_open open_dist by blast
next
  def T  "{x. ∃a∈S. ∃d>0. (∀y∈U. dist y a < d ⟶ y ∈ S) ∧ dist x a < d}"
  have 1: "∀x∈T. ∃e>0. ∀y. dist y x < e ⟶ y ∈ T"
    unfolding T_def
    apply clarsimp
    apply (rule_tac x="d - dist x a" in exI)
    apply (clarsimp simp add: less_diff_eq)
    by (metis dist_commute dist_triangle_lt)
  assume ?rhs then have 2: "S = U ∩ T"
    unfolding T_def
    by auto (metis dist_self)
  from 1 2 show ?lhs
    unfolding openin_open open_dist by fast
qed

lemma connected_open_in:
      "connected s ⟷
       ~(∃e1 e2. openin (subtopology euclidean s) e1 ∧
                 openin (subtopology euclidean s) e2 ∧
                 s ⊆ e1 ∪ e2 ∧ e1 ∩ e2 = {} ∧ e1 ≠ {} ∧ e2 ≠ {})"
  apply (simp add: connected_def openin_open, safe)
  apply (simp_all, blast+)  ‹slow›
  done

lemma connected_open_in_eq:
      "connected s ⟷
       ~(∃e1 e2. openin (subtopology euclidean s) e1 ∧
                 openin (subtopology euclidean s) e2 ∧
                 e1 ∪ e2 = s ∧ e1 ∩ e2 = {} ∧
                 e1 ≠ {} ∧ e2 ≠ {})"
  apply (simp add: connected_open_in, safe)
  apply blast
  by (metis Int_lower1 Un_subset_iff openin_open subset_antisym)

lemma connected_closed_in:
      "connected s ⟷
       ~(∃e1 e2.
             closedin (subtopology euclidean s) e1 ∧
             closedin (subtopology euclidean s) e2 ∧
             s ⊆ e1 ∪ e2 ∧ e1 ∩ e2 = {} ∧
             e1 ≠ {} ∧ e2 ≠ {})"
proof -
  { fix A B x x'
    assume s_sub: "s ⊆ A ∪ B"
       and disj: "A ∩ B ∩ s = {}"
       and x: "x ∈ s" "x ∈ B" and x': "x' ∈ s" "x' ∈ A"
       and cl: "closed A" "closed B"
    assume "∀e1. (∀T. closed T ⟶ e1 ≠ s ∩ T) ∨ (∀e2. e1 ∩ e2 = {} ⟶ s ⊆ e1 ∪ e2 ⟶ (∀T. closed T ⟶ e2 ≠ s ∩ T) ∨ e1 = {} ∨ e2 = {})"
    then have "⋀C D. s ∩ C = {} ∨ s ∩ D = {} ∨ s ∩ (C ∩ (s ∩ D)) ≠ {} ∨ ¬ s ⊆ s ∩ (C ∪ D) ∨ ¬ closed C ∨ ¬ closed D"
      by (metis (no_types) Int_Un_distrib Int_assoc)
    moreover have "s ∩ (A ∩ B) = {}" "s ∩ (A ∪ B) = s" "s ∩ B ≠ {}"
      using disj s_sub x by blast+
    ultimately have "s ∩ A = {}"
      using cl by (metis inf.left_commute inf_bot_right order_refl)
    then have False
      using x' by blast
  } note * = this
  show ?thesis
    apply (simp add: connected_closed closedin_closed)
    apply (safe; simp)
    apply blast
    apply (blast intro: *)
    done
qed

lemma connected_closed_in_eq:
      "connected s ⟷
           ~(∃e1 e2.
                 closedin (subtopology euclidean s) e1 ∧
                 closedin (subtopology euclidean s) e2 ∧
                 e1 ∪ e2 = s ∧ e1 ∩ e2 = {} ∧
                 e1 ≠ {} ∧ e2 ≠ {})"
  apply (simp add: connected_closed_in, safe)
  apply blast
  by (metis Int_lower1 Un_subset_iff closedin_closed subset_antisym)

text ‹These "transitivity" results are handy too›

lemma openin_trans[trans]:
  "openin (subtopology euclidean T) S ⟹ openin (subtopology euclidean U) T ⟹
    openin (subtopology euclidean U) S"
  unfolding open_openin openin_open by blast

lemma openin_open_trans: "openin (subtopology euclidean T) S ⟹ open T ⟹ open S"
  by (auto simp add: openin_open intro: openin_trans)

lemma closedin_trans[trans]:
  "closedin (subtopology euclidean T) S ⟹ closedin (subtopology euclidean U) T ⟹
    closedin (subtopology euclidean U) S"
  by (auto simp add: closedin_closed closed_closedin closed_Inter Int_assoc)

lemma closedin_closed_trans: "closedin (subtopology euclidean T) S ⟹ closed T ⟹ closed S"
  by (auto simp add: closedin_closed intro: closedin_trans)

lemma openin_subtopology_inter_subset:
   "openin (subtopology euclidean u) (u ∩ s) ∧ v ⊆ u ⟹ openin (subtopology euclidean v) (v ∩ s)"
  by (auto simp: openin_subtopology)

lemma openin_open_eq: "open s ⟹ (openin (subtopology euclidean s) t ⟷ open t ∧ t ⊆ s)"
  using open_subset openin_open_trans openin_subset by fastforce


subsection ‹Open and closed balls›

definition ball :: "'a::metric_space ⇒ real ⇒ 'a set"
  where "ball x e = {y. dist x y < e}"

definition cball :: "'a::metric_space ⇒ real ⇒ 'a set"
  where "cball x e = {y. dist x y ≤ e}"

definition sphere :: "'a::metric_space ⇒ real ⇒ 'a set"
  where "sphere x e = {y. dist x y = e}"

lemma mem_ball [simp]: "y ∈ ball x e ⟷ dist x y < e"
  by (simp add: ball_def)

lemma mem_cball [simp]: "y ∈ cball x e ⟷ dist x y ≤ e"
  by (simp add: cball_def)

lemma mem_sphere [simp]: "y ∈ sphere x e ⟷ dist x y = e"
  by (simp add: sphere_def)

lemma ball_trivial [simp]: "ball x 0 = {}"
  by (simp add: ball_def)

lemma cball_trivial [simp]: "cball x 0 = {x}"
  by (simp add: cball_def)

lemma mem_ball_0 [simp]:
  fixes x :: "'a::real_normed_vector"
  shows "x ∈ ball 0 e ⟷ norm x < e"
  by (simp add: dist_norm)

lemma mem_cball_0 [simp]:
  fixes x :: "'a::real_normed_vector"
  shows "x ∈ cball 0 e ⟷ norm x ≤ e"
  by (simp add: dist_norm)

lemma centre_in_ball [simp]: "x ∈ ball x e ⟷ 0 < e"
  by simp

lemma centre_in_cball [simp]: "x ∈ cball x e ⟷ 0 ≤ e"
  by simp

lemma ball_subset_cball [simp,intro]: "ball x e ⊆ cball x e"
  by (simp add: subset_eq)

lemma sphere_cball [simp,intro]: "sphere z r ⊆ cball z r"
  by force

lemma subset_ball[intro]: "d ≤ e ⟹ ball x d ⊆ ball x e"
  by (simp add: subset_eq)

lemma subset_cball[intro]: "d ≤ e ⟹ cball x d ⊆ cball x e"
  by (simp add: subset_eq)

lemma ball_max_Un: "ball a (max r s) = ball a r ∪ ball a s"
  by (simp add: set_eq_iff) arith

lemma ball_min_Int: "ball a (min r s) = ball a r ∩ ball a s"
  by (simp add: set_eq_iff)

lemma cball_diff_eq_sphere: "cball a r - ball a r =  {x. dist x a = r}"
  by (auto simp: cball_def ball_def dist_commute)

lemma open_ball [intro, simp]: "open (ball x e)"
proof -
  have "open (dist x -` {..<e})"
    by (intro open_vimage open_lessThan continuous_intros)
  also have "dist x -` {..<e} = ball x e"
    by auto
  finally show ?thesis .
qed

lemma open_contains_ball: "open S ⟷ (∀x∈S. ∃e>0. ball x e ⊆ S)"
  unfolding open_dist subset_eq mem_ball Ball_def dist_commute ..

lemma openE[elim?]:
  assumes "open S" "x∈S"
  obtains e where "e>0" "ball x e ⊆ S"
  using assms unfolding open_contains_ball by auto

lemma open_contains_ball_eq: "open S ⟹ ∀x. x∈S ⟷ (∃e>0. ball x e ⊆ S)"
  by (metis open_contains_ball subset_eq centre_in_ball)

lemma ball_eq_empty[simp]: "ball x e = {} ⟷ e ≤ 0"
  unfolding mem_ball set_eq_iff
  apply (simp add: not_less)
  apply (metis zero_le_dist order_trans dist_self)
  done

lemma ball_empty: "e ≤ 0 ⟹ ball x e = {}" by simp

lemma euclidean_dist_l2:
  fixes x y :: "'a :: euclidean_space"
  shows "dist x y = setL2 (λi. dist (x ∙ i) (y ∙ i)) Basis"
  unfolding dist_norm norm_eq_sqrt_inner setL2_def
  by (subst euclidean_inner) (simp add: power2_eq_square inner_diff_left)

lemma eventually_nhds_ball: "d > 0 ⟹ eventually (λx. x ∈ ball z d) (nhds z)"
  by (rule eventually_nhds_in_open) simp_all

lemma eventually_at_ball: "d > 0 ⟹ eventually (λt. t ∈ ball z d ∧ t ∈ A) (at z within A)"
  unfolding eventually_at by (intro exI[of _ d]) (simp_all add: dist_commute)

lemma eventually_at_ball': "d > 0 ⟹ eventually (λt. t ∈ ball z d ∧ t ≠ z ∧ t ∈ A) (at z within A)"
  unfolding eventually_at by (intro exI[of _ d]) (simp_all add: dist_commute)


subsection ‹Boxes›

abbreviation One :: "'a::euclidean_space"
  where "One ≡ ∑Basis"

definition (in euclidean_space) eucl_less (infix "<e" 50)
  where "eucl_less a b ⟷ (∀i∈Basis. a ∙ i < b ∙ i)"

definition box_eucl_less: "box a b = {x. a <e x ∧ x <e b}"
definition "cbox a b = {x. ∀i∈Basis. a ∙ i ≤ x ∙ i ∧ x ∙ i ≤ b ∙ i}"

lemma box_def: "box a b = {x. ∀i∈Basis. a ∙ i < x ∙ i ∧ x ∙ i < b ∙ i}"
  and in_box_eucl_less: "x ∈ box a b ⟷ a <e x ∧ x <e b"
  and mem_box: "x ∈ box a b ⟷ (∀i∈Basis. a ∙ i < x ∙ i ∧ x ∙ i < b ∙ i)"
    "x ∈ cbox a b ⟷ (∀i∈Basis. a ∙ i ≤ x ∙ i ∧ x ∙ i ≤ b ∙ i)"
  by (auto simp: box_eucl_less eucl_less_def cbox_def)

lemma cbox_Pair_eq: "cbox (a, c) (b, d) = cbox a b × cbox c d"
  by (force simp: cbox_def Basis_prod_def)

lemma cbox_Pair_iff [iff]: "(x, y) ∈ cbox (a, c) (b, d) ⟷ x ∈ cbox a b ∧ y ∈ cbox c d"
  by (force simp: cbox_Pair_eq)

lemma cbox_Pair_eq_0: "cbox (a, c) (b, d) = {} ⟷ cbox a b = {} ∨ cbox c d = {}"
  by (force simp: cbox_Pair_eq)

lemma swap_cbox_Pair [simp]: "prod.swap ` cbox (c, a) (d, b) = cbox (a,c) (b,d)"
  by auto

lemma mem_box_real[simp]:
  "(x::real) ∈ box a b ⟷ a < x ∧ x < b"
  "(x::real) ∈ cbox a b ⟷ a ≤ x ∧ x ≤ b"
  by (auto simp: mem_box)

lemma box_real[simp]:
  fixes a b:: real
  shows "box a b = {a <..< b}" "cbox a b = {a .. b}"
  by auto

lemma box_Int_box:
  fixes a :: "'a::euclidean_space"
  shows "box a b ∩ box c d =
    box (∑i∈Basis. max (a∙i) (c∙i) *R i) (∑i∈Basis. min (b∙i) (d∙i) *R i)"
  unfolding set_eq_iff and Int_iff and mem_box by auto

lemma rational_boxes:
  fixes x :: "'a::euclidean_space"
  assumes "e > 0"
  shows "∃a b. (∀i∈Basis. a ∙ i ∈ ℚ ∧ b ∙ i ∈ ℚ ) ∧ x ∈ box a b ∧ box a b ⊆ ball x e"
proof -
  def e'  "e / (2 * sqrt (real (DIM ('a))))"
  then have e: "e' > 0"
    using assms by (auto simp: DIM_positive)
  have "∀i. ∃y. y ∈ ℚ ∧ y < x ∙ i ∧ x ∙ i - y < e'" (is "∀i. ?th i")
  proof
    fix i
    from Rats_dense_in_real[of "x ∙ i - e'" "x ∙ i"] e
    show "?th i" by auto
  qed
  from choice[OF this] obtain a where
    a: "∀xa. a xa ∈ ℚ ∧ a xa < x ∙ xa ∧ x ∙ xa - a xa < e'" ..
  have "∀i. ∃y. y ∈ ℚ ∧ x ∙ i < y ∧ y - x ∙ i < e'" (is "∀i. ?th i")
  proof
    fix i
    from Rats_dense_in_real[of "x ∙ i" "x ∙ i + e'"] e
    show "?th i" by auto
  qed
  from choice[OF this] obtain b where
    b: "∀xa. b xa ∈ ℚ ∧ x ∙ xa < b xa ∧ b xa - x ∙ xa < e'" ..
  let ?a = "∑i∈Basis. a i *R i" and ?b = "∑i∈Basis. b i *R i"
  show ?thesis
  proof (rule exI[of _ ?a], rule exI[of _ ?b], safe)
    fix y :: 'a
    assume *: "y ∈ box ?a ?b"
    have "dist x y = sqrt (∑i∈Basis. (dist (x ∙ i) (y ∙ i))2)"
      unfolding setL2_def[symmetric] by (rule euclidean_dist_l2)
    also have "… < sqrt (∑(i::'a)∈Basis. e^2 / real (DIM('a)))"
    proof (rule real_sqrt_less_mono, rule setsum_strict_mono)
      fix i :: "'a"
      assume i: "i ∈ Basis"
      have "a i < y∙i ∧ y∙i < b i"
        using * i by (auto simp: box_def)
      moreover have "a i < x∙i" "x∙i - a i < e'"
        using a by auto
      moreover have "x∙i < b i" "b i - x∙i < e'"
        using b by auto
      ultimately have "¦x∙i - y∙i¦ < 2 * e'"
        by auto
      then have "dist (x ∙ i) (y ∙ i) < e/sqrt (real (DIM('a)))"
        unfolding e'_def by (auto simp: dist_real_def)
      then have "(dist (x ∙ i) (y ∙ i))2 < (e/sqrt (real (DIM('a))))2"
        by (rule power_strict_mono) auto
      then show "(dist (x ∙ i) (y ∙ i))2 < e2 / real DIM('a)"
        by (simp add: power_divide)
    qed auto
    also have "… = e"
      using ‹0 < e› by simp
    finally show "y ∈ ball x e"
      by (auto simp: ball_def)
  qed (insert a b, auto simp: box_def)
qed

lemma open_UNION_box:
  fixes M :: "'a::euclidean_space set"
  assumes "open M"
  defines "a' ≡ λf :: 'a ⇒ real × real. (∑(i::'a)∈Basis. fst (f i) *R i)"
  defines "b' ≡ λf :: 'a ⇒ real × real. (∑(i::'a)∈Basis. snd (f i) *R i)"
  defines "I ≡ {f∈Basis →E ℚ × ℚ. box (a' f) (b' f) ⊆ M}"
  shows "M = (⋃f∈I. box (a' f) (b' f))"
proof -
  have "x ∈ (⋃f∈I. box (a' f) (b' f))" if "x ∈ M" for x
  proof -
    obtain e where e: "e > 0" "ball x e ⊆ M"
      using openE[OF ‹open M› ‹x ∈ M›] by auto
    moreover obtain a b where ab:
      "x ∈ box a b"
      "∀i ∈ Basis. a ∙ i ∈ ℚ"
      "∀i∈Basis. b ∙ i ∈ ℚ"
      "box a b ⊆ ball x e"
      using rational_boxes[OF e(1)] by metis
    ultimately show ?thesis
       by (intro UN_I[of "λi∈Basis. (a ∙ i, b ∙ i)"])
          (auto simp: euclidean_representation I_def a'_def b'_def)
  qed
  then show ?thesis by (auto simp: I_def)
qed

lemma box_eq_empty:
  fixes a :: "'a::euclidean_space"
  shows "(box a b = {} ⟷ (∃i∈Basis. b∙i ≤ a∙i))" (is ?th1)
    and "(cbox a b = {} ⟷ (∃i∈Basis. b∙i < a∙i))" (is ?th2)
proof -
  {
    fix i x
    assume i: "i∈Basis" and as:"b∙i ≤ a∙i" and x:"x∈box a b"
    then have "a ∙ i < x ∙ i ∧ x ∙ i < b ∙ i"
      unfolding mem_box by (auto simp: box_def)
    then have "a∙i < b∙i" by auto
    then have False using as by auto
  }
  moreover
  {
    assume as: "∀i∈Basis. ¬ (b∙i ≤ a∙i)"
    let ?x = "(1/2) *R (a + b)"
    {
      fix i :: 'a
      assume i: "i ∈ Basis"
      have "a∙i < b∙i"
        using as[THEN bspec[where x=i]] i by auto
      then have "a∙i < ((1/2) *R (a+b)) ∙ i" "((1/2) *R (a+b)) ∙ i < b∙i"
        by (auto simp: inner_add_left)
    }
    then have "box a b ≠ {}"
      using mem_box(1)[of "?x" a b] by auto
  }
  ultimately show ?th1 by blast

  {
    fix i x
    assume i: "i ∈ Basis" and as:"b∙i < a∙i" and x:"x∈cbox a b"
    then have "a ∙ i ≤ x ∙ i ∧ x ∙ i ≤ b ∙ i"
      unfolding mem_box by auto
    then have "a∙i ≤ b∙i" by auto
    then have False using as by auto
  }
  moreover
  {
    assume as:"∀i∈Basis. ¬ (b∙i < a∙i)"
    let ?x = "(1/2) *R (a + b)"
    {
      fix i :: 'a
      assume i:"i ∈ Basis"
      have "a∙i ≤ b∙i"
        using as[THEN bspec[where x=i]] i by auto
      then have "a∙i ≤ ((1/2) *R (a+b)) ∙ i" "((1/2) *R (a+b)) ∙ i ≤ b∙i"
        by (auto simp: inner_add_left)
    }
    then have "cbox a b ≠ {}"
      using mem_box(2)[of "?x" a b] by auto
  }
  ultimately show ?th2 by blast
qed

lemma box_ne_empty:
  fixes a :: "'a::euclidean_space"
  shows "cbox a b ≠ {} ⟷ (∀i∈Basis. a∙i ≤ b∙i)"
  and "box a b ≠ {} ⟷ (∀i∈Basis. a∙i < b∙i)"
  unfolding box_eq_empty[of a b] by fastforce+

lemma
  fixes a :: "'a::euclidean_space"
  shows cbox_sing: "cbox a a = {a}"
    and box_sing: "box a a = {}"
  unfolding set_eq_iff mem_box eq_iff [symmetric]
  by (auto intro!: euclidean_eqI[where 'a='a])
     (metis all_not_in_conv nonempty_Basis)

lemma subset_box_imp:
  fixes a :: "'a::euclidean_space"
  shows "(∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i) ⟹ cbox c d ⊆ cbox a b"
    and "(∀i∈Basis. a∙i < c∙i ∧ d∙i < b∙i) ⟹ cbox c d ⊆ box a b"
    and "(∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i) ⟹ box c d ⊆ cbox a b"
     and "(∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i) ⟹ box c d ⊆ box a b"
  unfolding subset_eq[unfolded Ball_def] unfolding mem_box
  by (best intro: order_trans less_le_trans le_less_trans less_imp_le)+

lemma box_subset_cbox:
  fixes a :: "'a::euclidean_space"
  shows "box a b ⊆ cbox a b"
  unfolding subset_eq [unfolded Ball_def] mem_box
  by (fast intro: less_imp_le)

lemma subset_box:
  fixes a :: "'a::euclidean_space"
  shows "cbox c d ⊆ cbox a b ⟷ (∀i∈Basis. c∙i ≤ d∙i) --> (∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i)" (is ?th1)
    and "cbox c d ⊆ box a b ⟷ (∀i∈Basis. c∙i ≤ d∙i) --> (∀i∈Basis. a∙i < c∙i ∧ d∙i < b∙i)" (is ?th2)
    and "box c d ⊆ cbox a b ⟷ (∀i∈Basis. c∙i < d∙i) --> (∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i)" (is ?th3)
    and "box c d ⊆ box a b ⟷ (∀i∈Basis. c∙i < d∙i) --> (∀i∈Basis. a∙i ≤ c∙i ∧ d∙i ≤ b∙i)" (is ?th4)
proof -
  show ?th1
    unfolding subset_eq and Ball_def and mem_box
    by (auto intro: order_trans)
  show ?th2
    unfolding subset_eq and Ball_def and mem_box
    by (auto intro: le_less_trans less_le_trans order_trans less_imp_le)
  {
    assume as: "box c d ⊆ cbox a b" "∀i∈Basis. c∙i < d∙i"
    then have "box c d ≠ {}"
      unfolding box_eq_empty by auto
    fix i :: 'a
    assume i: "i ∈ Basis"
    (** TODO combine the following two parts as done in the HOL_light version. **)
    {
      let ?x = "(∑j∈Basis. (if j=i then ((min (a∙j) (d∙j))+c∙j)/2 else (c∙j+d∙j)/2) *R j)::'a"
      assume as2: "a∙i > c∙i"
      {
        fix j :: 'a
        assume j: "j ∈ Basis"
        then have "c ∙ j < ?x ∙ j ∧ ?x ∙ j < d ∙ j"
          apply (cases "j = i")
          using as(2)[THEN bspec[where x=j]] i
          apply (auto simp add: as2)
          done
      }
      then have "?x∈box c d"
        using i unfolding mem_box by auto
      moreover
      have "?x ∉ cbox a b"
        unfolding mem_box
        apply auto
        apply (rule_tac x=i in bexI)
        using as(2)[THEN bspec[where x=i]] and as2 i
        apply auto
        done
      ultimately have False using as by auto
    }
    then have "a∙i ≤ c∙i" by (rule ccontr) auto
    moreover
    {
      let ?x = "(∑j∈Basis. (if j=i then ((max (b∙j) (c∙j))+d∙j)/2 else (c∙j+d∙j)/2) *R j)::'a"
      assume as2: "b∙i < d∙i"
      {
        fix j :: 'a
        assume "j∈Basis"
        then have "d ∙ j > ?x ∙ j ∧ ?x ∙ j > c ∙ j"
          apply (cases "j = i")
          using as(2)[THEN bspec[where x=j]]
          apply (auto simp add: as2)
          done
      }
      then have "?x∈box c d"
        unfolding mem_box by auto
      moreover
      have "?x∉cbox a b"
        unfolding mem_box
        apply auto
        apply (rule_tac x=i in bexI)
        using as(2)[THEN bspec[where x=i]] and as2 using i
        apply auto
        done
      ultimately have False using as by auto
    }
    then have "b∙i ≥ d∙i" by (rule ccontr) auto
    ultimately
    have "a∙i ≤ c∙i ∧ d∙i ≤ b∙i" by auto
  } note part1 = this
  show ?th3
    unfolding subset_eq and Ball_def and mem_box
    apply (rule, rule, rule, rule)
    apply (rule part1)
    unfolding subset_eq and Ball_def and mem_box
    prefer 4
    apply auto
    apply (erule_tac x=xa in allE, erule_tac x=xa in allE, fastforce)+
    done
  {
    assume as: "box c d ⊆ box a b" "∀i∈Basis. c∙i < d∙i"
    fix i :: 'a
    assume i:"i∈Basis"
    from as(1) have "box c d ⊆ cbox a b"
      using box_subset_cbox[of a b] by auto
    then have "a∙i ≤ c∙i ∧ d∙i ≤ b∙i"
      using part1 and as(2) using i by auto
  } note * = this
  show ?th4
    unfolding subset_eq and Ball_def and mem_box
    apply (rule, rule, rule, rule)
    apply (rule *)
    unfolding subset_eq and Ball_def and mem_box
    prefer 4
    apply auto
    apply (erule_tac x=xa in allE, simp)+
    done
qed

lemma inter_interval:
  fixes a :: "'a::euclidean_space"
  shows "cbox a b ∩ cbox c d =
    cbox (∑i∈Basis. max (a∙i) (c∙i) *R i) (∑i∈Basis. min (b∙i) (d∙i) *R i)"
  unfolding set_eq_iff and Int_iff and mem_box
  by auto

lemma disjoint_interval:
  fixes a::"'a::euclidean_space"
  shows "cbox a b ∩ cbox c d = {} ⟷ (∃i∈Basis. (b∙i < a∙i ∨ d∙i < c∙i ∨ b∙i < c∙i ∨ d∙i < a∙i))" (is ?th1)
    and "cbox a b ∩ box c d = {} ⟷ (∃i∈Basis. (b∙i < a∙i ∨ d∙i ≤ c∙i ∨ b∙i ≤ c∙i ∨ d∙i ≤ a∙i))" (is ?th2)
    and "box a b ∩ cbox c d = {} ⟷ (∃i∈Basis. (b∙i ≤ a∙i ∨ d∙i < c∙i ∨ b∙i ≤ c∙i ∨ d∙i ≤ a∙i))" (is ?th3)
    and "box a b ∩ box c d = {} ⟷ (∃i∈Basis. (b∙i ≤ a∙i ∨ d∙i ≤ c∙i ∨ b∙i ≤ c∙i ∨ d∙i ≤ a∙i))" (is ?th4)
proof -
  let ?z = "(∑i∈Basis. (((max (a∙i) (c∙i)) + (min (b∙i) (d∙i))) / 2) *R i)::'a"
  have **: "⋀P Q. (⋀i :: 'a. i ∈ Basis ⟹ Q ?z i ⟹ P i) ⟹
      (⋀i x :: 'a. i ∈ Basis ⟹ P i ⟹ Q x i) ⟹ (∀x. ∃i∈Basis. Q x i) ⟷ (∃i∈Basis. P i)"
    by blast
  note * = set_eq_iff Int_iff empty_iff mem_box ball_conj_distrib[symmetric] eq_False ball_simps(10)
  show ?th1 unfolding * by (intro **) auto
  show ?th2 unfolding * by (intro **) auto
  show ?th3 unfolding * by (intro **) auto
  show ?th4 unfolding * by (intro **) auto
qed

lemma UN_box_eq_UNIV: "(⋃i::nat. box (- (real i *R One)) (real i *R One)) = UNIV"
proof -
  have "¦x ∙ b¦ < real_of_int (⌈Max ((λb. ¦x ∙ b¦)`Basis)⌉ + 1)"
    if [simp]: "b ∈ Basis" for x b :: 'a
  proof -
    have "¦x ∙ b¦ ≤ real_of_int ⌈¦x ∙ b¦⌉"
      by (rule le_of_int_ceiling)
    also have "… ≤ real_of_int ⌈Max ((λb. ¦x ∙ b¦)`Basis)⌉"
      by (auto intro!: ceiling_mono)
    also have "… < real_of_int (⌈Max ((λb. ¦x ∙ b¦)`Basis)⌉ + 1)"
      by simp
    finally show ?thesis .
  qed
  then have "∃n::nat. ∀b∈Basis. ¦x ∙ b¦ < real n" for x :: 'a
    by (metis order.strict_trans reals_Archimedean2)
  moreover have "⋀x b::'a. ⋀n::nat.  ¦x ∙ b¦ < real n ⟷ - real n < x ∙ b ∧ x ∙ b < real n"
    by auto
  ultimately show ?thesis
    by (auto simp: box_def inner_setsum_left inner_Basis setsum.If_cases)
qed

text ‹Intervals in general, including infinite and mixtures of open and closed.›

definition "is_interval (s::('a::euclidean_space) set) ⟷
  (∀a∈s. ∀b∈s. ∀x. (∀i∈Basis. ((a∙i ≤ x∙i ∧ x∙i ≤ b∙i) ∨ (b∙i ≤ x∙i ∧ x∙i ≤ a∙i))) ⟶ x ∈ s)"

lemma is_interval_cbox: "is_interval (cbox a (b::'a::euclidean_space))" (is ?th1)
  and is_interval_box: "is_interval (box a b)" (is ?th2)
  unfolding is_interval_def mem_box Ball_def atLeastAtMost_iff
  by (meson order_trans le_less_trans less_le_trans less_trans)+

lemma is_interval_empty [iff]: "is_interval {}"
  unfolding is_interval_def  by simp

lemma is_interval_univ [iff]: "is_interval UNIV"
  unfolding is_interval_def  by simp

lemma mem_is_intervalI:
  assumes "is_interval s"
  assumes "a ∈ s" "b ∈ s"
  assumes "⋀i. i ∈ Basis ⟹ a ∙ i ≤ x ∙ i ∧ x ∙ i ≤ b ∙ i ∨ b ∙ i ≤ x ∙ i ∧ x ∙ i ≤ a ∙ i"
  shows "x ∈ s"
  by (rule assms(1)[simplified is_interval_def, rule_format, OF assms(2,3,4)])

lemma interval_subst:
  fixes S::"'a::euclidean_space set"
  assumes "is_interval S"
  assumes "x ∈ S" "y j ∈ S"
  assumes "j ∈ Basis"
  shows "(∑i∈Basis. (if i = j then y i ∙ i else x ∙ i) *R i) ∈ S"
  by (rule mem_is_intervalI[OF assms(1,2)]) (auto simp: assms)

lemma mem_box_componentwiseI:
  fixes S::"'a::euclidean_space set"
  assumes "is_interval S"
  assumes "⋀i. i ∈ Basis ⟹ x ∙ i ∈ ((λx. x ∙ i) ` S)"
  shows "x ∈ S"
proof -
  from assms have "∀i ∈ Basis. ∃s ∈ S. x ∙ i = s ∙ i"
    by auto
  with finite_Basis obtain s and bs::"'a list" where
    s: "⋀i. i ∈ Basis ⟹ x ∙ i = s i ∙ i" "⋀i. i ∈ Basis ⟹ s i ∈ S" and
    bs: "set bs = Basis" "distinct bs"
    by (metis finite_distinct_list)
  from nonempty_Basis s obtain j where j: "j ∈ Basis" "s j ∈ S" by blast
  def y  "rec_list
    (s j)
    (λj _ Y. (∑i∈Basis. (if i = j then s i ∙ i else Y ∙ i) *R i))"
  have "x = (∑i∈Basis. (if i ∈ set bs then s i ∙ i else s j ∙ i) *R i)"
    using bs by (auto simp add: s(1)[symmetric] euclidean_representation)
  also have [symmetric]: "y bs = …"
    using bs(2) bs(1)[THEN equalityD1]
    by (induct bs) (auto simp: y_def euclidean_representation intro!: euclidean_eqI[where 'a='a])
  also have "y bs ∈ S"
    using bs(1)[THEN equalityD1]
    apply (induct bs)
    apply (auto simp: y_def j)
    apply (rule interval_subst[OF assms(1)])
    apply (auto simp: s)
    done
  finally show ?thesis .
qed


subsection‹Connectedness›

lemma connected_local:
 "connected S ⟷
  ¬ (∃e1 e2.
      openin (subtopology euclidean S) e1 ∧
      openin (subtopology euclidean S) e2 ∧
      S ⊆ e1 ∪ e2 ∧
      e1 ∩ e2 = {} ∧
      e1 ≠ {} ∧
      e2 ≠ {})"
  unfolding connected_def openin_open
  by safe blast+

lemma exists_diff:
  fixes P :: "'a set ⇒ bool"
  shows "(∃S. P (- S)) ⟷ (∃S. P S)" (is "?lhs ⟷ ?rhs")
proof -
  {
    assume "?lhs"
    then have ?rhs by blast
  }
  moreover
  {
    fix S
    assume H: "P S"
    have "S = - (- S)" by auto
    with H have "P (- (- S))" by metis
  }
  ultimately show ?thesis by metis
qed

lemma connected_clopen: "connected S ⟷
  (∀T. openin (subtopology euclidean S) T ∧
     closedin (subtopology euclidean S) T ⟶ T = {} ∨ T = S)" (is "?lhs ⟷ ?rhs")
proof -
  have "¬ connected S ⟷
    (∃e1 e2. open e1 ∧ open (- e2) ∧ S ⊆ e1 ∪ (- e2) ∧ e1 ∩ (- e2) ∩ S = {} ∧ e1 ∩ S ≠ {} ∧ (- e2) ∩ S ≠ {})"
    unfolding connected_def openin_open closedin_closed
    by (metis double_complement)
  then have th0: "connected S ⟷
    ¬ (∃e2 e1. closed e2 ∧ open e1 ∧ S ⊆ e1 ∪ (- e2) ∧ e1 ∩ (- e2) ∩ S = {} ∧ e1 ∩ S ≠ {} ∧ (- e2) ∩ S ≠ {})"
    (is " _ ⟷ ¬ (∃e2 e1. ?P e2 e1)")
    apply (simp add: closed_def)
    apply metis
    done
  have th1: "?rhs ⟷ ¬ (∃t' t. closed t'∧t = S∩t' ∧ t≠{} ∧ t≠S ∧ (∃t'. open t' ∧ t = S ∩ t'))"
    (is "_ ⟷ ¬ (∃t' t. ?Q t' t)")
    unfolding connected_def openin_open closedin_closed by auto
  {
    fix e2
    {
      fix e1
      have "?P e2 e1 ⟷ (∃t. closed e2 ∧ t = S∩e2 ∧ open e1 ∧ t = S∩e1 ∧ t≠{} ∧ t ≠ S)"
        by auto
    }
    then have "(∃e1. ?P e2 e1) ⟷ (∃t. ?Q e2 t)"
      by metis
  }
  then have "∀e2. (∃e1. ?P e2 e1) ⟷ (∃t. ?Q e2 t)"
    by blast
  then show ?thesis
    unfolding th0 th1 by simp
qed

subsection‹Limit points›

definition (in topological_space) islimpt:: "'a ⇒ 'a set ⇒ bool"  (infixr "islimpt" 60)
  where "x islimpt S ⟷ (∀T. x∈T ⟶ open T ⟶ (∃y∈S. y∈T ∧ y≠x))"

lemma islimptI:
  assumes "⋀T. x ∈ T ⟹ open T ⟹ ∃y∈S. y ∈ T ∧ y ≠ x"
  shows "x islimpt S"
  using assms unfolding islimpt_def by auto

lemma islimptE:
  assumes "x islimpt S" and "x ∈ T" and "open T"
  obtains y where "y ∈ S" and "y ∈ T" and "y ≠ x"
  using assms unfolding islimpt_def by auto

lemma islimpt_iff_eventually: "x islimpt S ⟷ ¬ eventually (λy. y ∉ S) (at x)"
  unfolding islimpt_def eventually_at_topological by auto

lemma islimpt_subset: "x islimpt S ⟹ S ⊆ T ⟹ x islimpt T"
  unfolding islimpt_def by fast

lemma islimpt_approachable:
  fixes x :: "'a::metric_space"
  shows "x islimpt S ⟷ (∀e>0. ∃x'∈S. x' ≠ x ∧ dist x' x < e)"
  unfolding islimpt_iff_eventually eventually_at by fast

lemma islimpt_approachable_le:
  fixes x :: "'a::metric_space"
  shows "x islimpt S ⟷ (∀e>0. ∃x'∈ S. x' ≠ x ∧ dist x' x ≤ e)"
  unfolding islimpt_approachable
  using approachable_lt_le [where f="λy. dist y x" and P="λy. y ∉ S ∨ y = x",
    THEN arg_cong [where f=Not]]
  by (simp add: Bex_def conj_commute conj_left_commute)

lemma islimpt_UNIV_iff: "x islimpt UNIV ⟷ ¬ open {x}"
  unfolding islimpt_def by (safe, fast, case_tac "T = {x}", fast, fast)

lemma islimpt_punctured: "x islimpt S = x islimpt (S-{x})"
  unfolding islimpt_def by blast

text ‹A perfect space has no isolated points.›

lemma islimpt_UNIV [simp, intro]: "(x::'a::perfect_space) islimpt UNIV"
  unfolding islimpt_UNIV_iff by (rule not_open_singleton)

lemma perfect_choose_dist:
  fixes x :: "'a::{perfect_space, metric_space}"
  shows "0 < r ⟹ ∃a. a ≠ x ∧ dist a x < r"
  using islimpt_UNIV [of x]
  by (simp add: islimpt_approachable)

lemma closed_limpt: "closed S ⟷ (∀x. x islimpt S ⟶ x ∈ S)"
  unfolding closed_def
  apply (subst open_subopen)
  apply (simp add: islimpt_def subset_eq)
  apply (metis ComplE ComplI)
  done

lemma islimpt_EMPTY[simp]: "¬ x islimpt {}"
  unfolding islimpt_def by auto

lemma finite_set_avoid:
  fixes a :: "'a::metric_space"
  assumes fS: "finite S"
  shows  "∃d>0. ∀x∈S. x ≠ a ⟶ d ≤ dist a x"
proof (induct rule: finite_induct[OF fS])
  case 1
  then show ?case by (auto intro: zero_less_one)
next
  case (2 x F)
  from 2 obtain d where d: "d > 0" "∀x∈F. x ≠ a ⟶ d ≤ dist a x"
    by blast
  show ?case
  proof (cases "x = a")
    case True
    then show ?thesis using d by auto
  next
    case False
    let ?d = "min d (dist a x)"
    have dp: "?d > 0"
      using False d(1) by auto
    from d have d': "∀x∈F. x ≠ a ⟶ ?d ≤ dist a x"
      by auto
    with dp False show ?thesis
      by (auto intro!: exI[where x="?d"])
  qed
qed

lemma islimpt_Un: "x islimpt (S ∪ T) ⟷ x islimpt S ∨ x islimpt T"
  by (simp add: islimpt_iff_eventually eventually_conj_iff)

lemma discrete_imp_closed:
  fixes S :: "'a::metric_space set"
  assumes e: "0 < e"
    and d: "∀x ∈ S. ∀y ∈ S. dist y x < e ⟶ y = x"
  shows "closed S"
proof -
  {
    fix x
    assume C: "∀e>0. ∃x'∈S. x' ≠ x ∧ dist x' x < e"
    from e have e2: "e/2 > 0" by arith
    from C[rule_format, OF e2] obtain y where y: "y ∈ S" "y ≠ x" "dist y x < e/2"
      by blast
    let ?m = "min (e/2) (dist x y) "
    from e2 y(2) have mp: "?m > 0"
      by simp
    from C[rule_format, OF mp] obtain z where z: "z ∈ S" "z ≠ x" "dist z x < ?m"
      by blast
    have th: "dist z y < e" using z y
      by (intro dist_triangle_lt [where z=x], simp)
    from d[rule_format, OF y(1) z(1) th] y z
    have False by (auto simp add: dist_commute)}
  then show ?thesis
    by (metis islimpt_approachable closed_limpt [where 'a='a])
qed

lemma closed_of_nat_image: "closed (of_nat ` A :: 'a :: real_normed_algebra_1 set)"
  by (rule discrete_imp_closed[of 1]) (auto simp: dist_of_nat)

lemma closed_of_int_image: "closed (of_int ` A :: 'a :: real_normed_algebra_1 set)"
  by (rule discrete_imp_closed[of 1]) (auto simp: dist_of_int)

lemma closed_Nats [simp]: "closed (ℕ :: 'a :: real_normed_algebra_1 set)"
  unfolding Nats_def by (rule closed_of_nat_image)

lemma closed_Ints [simp]: "closed (ℤ :: 'a :: real_normed_algebra_1 set)"
  unfolding Ints_def by (rule closed_of_int_image)


subsection ‹Interior of a Set›

definition "interior S = ⋃{T. open T ∧ T ⊆ S}"

lemma interiorI [intro?]:
  assumes "open T" and "x ∈ T" and "T ⊆ S"
  shows "x ∈ interior S"
  using assms unfolding interior_def by fast

lemma interiorE [elim?]:
  assumes "x ∈ interior S"
  obtains T where "open T" and "x ∈ T" and "T ⊆ S"
  using assms unfolding interior_def by fast

lemma open_interior [simp, intro]: "open (interior S)"
  by (simp add: interior_def open_Union)

lemma interior_subset: "interior S ⊆ S"
  by (auto simp add: interior_def)

lemma interior_maximal: "T ⊆ S ⟹ open T ⟹ T ⊆ interior S"
  by (auto simp add: interior_def)

lemma interior_open: "open S ⟹ interior S = S"
  by (intro equalityI interior_subset interior_maximal subset_refl)

lemma interior_eq: "interior S = S ⟷ open S"
  by (metis open_interior interior_open)

lemma open_subset_interior: "open S ⟹ S ⊆ interior T ⟷ S ⊆ T"
  by (metis interior_maximal interior_subset subset_trans)

lemma interior_empty [simp]: "interior {} = {}"
  using open_empty by (rule interior_open)

lemma interior_UNIV [simp]: "interior UNIV = UNIV"
  using open_UNIV by (rule interior_open)

lemma interior_interior [simp]: "interior (interior S) = interior S"
  using open_interior by (rule interior_open)

lemma interior_mono: "S ⊆ T ⟹ interior S ⊆ interior T"
  by (auto simp add: interior_def)

lemma interior_unique:
  assumes "T ⊆ S" and "open T"
  assumes "⋀T'. T' ⊆ S ⟹ open T' ⟹ T' ⊆ T"
  shows "interior S = T"
  by (intro equalityI assms interior_subset open_interior interior_maximal)

lemma interior_singleton [simp]:
      fixes a :: "'a::perfect_space" shows "interior {a} = {}"
  apply (rule interior_unique, simp_all)
  using not_open_singleton subset_singletonD by fastforce

lemma interior_Int [simp]: "interior (S ∩ T) = interior S ∩ interior T"
  by (intro equalityI Int_mono Int_greatest interior_mono Int_lower1
    Int_lower2 interior_maximal interior_subset open_Int open_interior)

lemma mem_interior: "x ∈ interior S ⟷ (∃e>0. ball x e ⊆ S)"
  using open_contains_ball_eq [where S="interior S"]
  by (simp add: open_subset_interior)

lemma eventually_nhds_in_nhd: "x ∈ interior s ⟹ eventually (λy. y ∈ s) (nhds x)"
  using interior_subset[of s] by (subst eventually_nhds) blast

lemma interior_limit_point [intro]:
  fixes x :: "'a::perfect_space"
  assumes x: "x ∈ interior S"
  shows "x islimpt S"
  using x islimpt_UNIV [of x]
  unfolding interior_def islimpt_def
  apply (clarsimp, rename_tac T T')
  apply (drule_tac x="T ∩ T'" in spec)
  apply (auto simp add: open_Int)
  done

lemma interior_closed_Un_empty_interior:
  assumes cS: "closed S"
    and iT: "interior T = {}"
  shows "interior (S ∪ T) = interior S"
proof
  show "interior S ⊆ interior (S ∪ T)"
    by (rule interior_mono) (rule Un_upper1)
  show "interior (S ∪ T) ⊆ interior S"
  proof
    fix x
    assume "x ∈ interior (S ∪ T)"
    then obtain R where "open R" "x ∈ R" "R ⊆ S ∪ T" ..
    show "x ∈ interior S"
    proof (rule ccontr)
      assume "x ∉ interior S"
      with ‹x ∈ R› ‹open R› obtain y where "y ∈ R - S"
        unfolding interior_def by fast
      from ‹open R› ‹closed S› have "open (R - S)"
        by (rule open_Diff)
      from ‹R ⊆ S ∪ T› have "R - S ⊆ T"
        by fast
      from ‹y ∈ R - S› ‹open (R - S)› ‹R - S ⊆ T› ‹interior T = {}› show False
        unfolding interior_def by fast
    qed
  qed
qed

lemma interior_Times: "interior (A × B) = interior A × interior B"
proof (rule interior_unique)
  show "interior A × interior B ⊆ A × B"
    by (intro Sigma_mono interior_subset)
  show "open (interior A × interior B)"
    by (intro open_Times open_interior)
  fix T
  assume "T ⊆ A × B" and "open T"
  then show "T ⊆ interior A × interior B"
  proof safe
    fix x y
    assume "(x, y) ∈ T"
    then obtain C D where "open C" "open D" "C × D ⊆ T" "x ∈ C" "y ∈ D"
      using ‹open T› unfolding open_prod_def by fast
    then have "open C" "open D" "C ⊆ A" "D ⊆ B" "x ∈ C" "y ∈ D"
      using ‹T ⊆ A × B› by auto
    then show "x ∈ interior A" and "y ∈ interior B"
      by (auto intro: interiorI)
  qed
qed

lemma interior_Ici:
  fixes x :: "'a :: {dense_linorder, linorder_topology}"
  assumes "b < x"
  shows "interior { x ..} = { x <..}"
proof (rule interior_unique)
  fix T assume "T ⊆ {x ..}" "open T"
  moreover have "x ∉ T"
  proof
    assume "x ∈ T"
    obtain y where "y < x" "{y <.. x} ⊆ T"
      using open_left[OF ‹open T› ‹x ∈ T› ‹b < x›] by auto
    with dense[OF ‹y < x›] obtain z where "z ∈ T" "z < x"
      by (auto simp: subset_eq Ball_def)
    with ‹T ⊆ {x ..}› show False by auto
  qed
  ultimately show "T ⊆ {x <..}"
    by (auto simp: subset_eq less_le)
qed auto

lemma interior_Iic:
  fixes x :: "'a :: {dense_linorder, linorder_topology}"
  assumes "x < b"
  shows "interior {.. x} = {..< x}"
proof (rule interior_unique)
  fix T assume "T ⊆ {.. x}" "open T"
  moreover have "x ∉ T"
  proof
    assume "x ∈ T"
    obtain y where "x < y" "{x ..< y} ⊆ T"
      using open_right[OF ‹open T› ‹x ∈ T› ‹x < b›] by auto
    with dense[OF ‹x < y›] obtain z where "z ∈ T" "x < z"
      by (auto simp: subset_eq Ball_def less_le)
    with ‹T ⊆ {.. x}› show False by auto
  qed
  ultimately show "T ⊆ {..< x}"
    by (auto simp: subset_eq less_le)
qed auto

subsection ‹Closure of a Set›

definition "closure S = S ∪ {x | x. x islimpt S}"

lemma interior_closure: "interior S = - (closure (- S))"
  unfolding interior_def closure_def islimpt_def by auto

lemma closure_interior: "closure S = - interior (- S)"
  unfolding interior_closure by simp

lemma closed_closure[simp, intro]: "closed (closure S)"
  unfolding closure_interior by (simp add: closed_Compl)

lemma closure_subset: "S ⊆ closure S"
  unfolding closure_def by simp

lemma closure_hull: "closure S = closed hull S"
  unfolding hull_def closure_interior interior_def by auto

lemma closure_eq: "closure S = S ⟷ closed S"
  unfolding closure_hull using closed_Inter by (rule hull_eq)

lemma closure_closed [simp]: "closed S ⟹ closure S = S"
  unfolding closure_eq .

lemma closure_closure [simp]: "closure (closure S) = closure S"
  unfolding closure_hull by (rule hull_hull)

lemma closure_mono: "S ⊆ T ⟹ closure S ⊆ closure T"
  unfolding closure_hull by (rule hull_mono)

lemma closure_minimal: "S ⊆ T ⟹ closed T ⟹ closure S ⊆ T"
  unfolding closure_hull by (rule hull_minimal)

lemma closure_unique:
  assumes "S ⊆ T"
    and "closed T"
    and "⋀T'. S ⊆ T' ⟹ closed T' ⟹ T ⊆ T'"
  shows "closure S = T"
  using assms unfolding closure_hull by (rule hull_unique)

lemma closure_empty [simp]: "closure {} = {}"
  using closed_empty by (rule closure_closed)

lemma closure_UNIV [simp]: "closure UNIV = UNIV"
  using closed_UNIV by (rule closure_closed)

lemma closure_union [simp]: "closure (S ∪ T) = closure S ∪ closure T"
  unfolding closure_interior by simp

lemma closure_eq_empty [iff]: "closure S = {} ⟷ S = {}"
  using closure_empty closure_subset[of S]
  by blast

lemma closure_subset_eq: "closure S ⊆ S ⟷ closed S"
  using closure_eq[of S] closure_subset[of S]
  by simp

lemma open_inter_closure_eq_empty:
  "open S ⟹ (S ∩ closure T) = {} ⟷ S ∩ T = {}"
  using open_subset_interior[of S "- T"]
  using interior_subset[of "- T"]
  unfolding closure_interior
  by auto

lemma open_inter_closure_subset:
  "open S ⟹ (S ∩ (closure T)) ⊆ closure(S ∩ T)"
proof
  fix x
  assume as: "open S" "x ∈ S ∩ closure T"
  {
    assume *: "x islimpt T"
    have "x islimpt (S ∩ T)"
    proof (rule islimptI)
      fix A
      assume "x ∈ A" "open A"
      with as have "x ∈ A ∩ S" "open (A ∩ S)"
        by (simp_all add: open_Int)
      with * obtain y where "y ∈ T" "y ∈ A ∩ S" "y ≠ x"
        by (rule islimptE)
      then have "y ∈ S ∩ T" "y ∈ A ∧ y ≠ x"
        by simp_all
      then show "∃y∈(S ∩ T). y ∈ A ∧ y ≠ x" ..
    qed
  }
  then show "x ∈ closure (S ∩ T)" using as
    unfolding closure_def
    by blast
qed

lemma closure_complement: "closure (- S) = - interior S"
  unfolding closure_interior by simp

lemma interior_complement: "interior (- S) = - closure S"
  unfolding closure_interior by simp

lemma closure_Times: "closure (A × B) = closure A × closure B"
proof (rule closure_unique)
  show "A × B ⊆ closure A × closure B"
    by (intro Sigma_mono closure_subset)
  show "closed (closure A × closure B)"
    by (intro closed_Times closed_closure)
  fix T
  assume "A × B ⊆ T" and "closed T"
  then show "closure A × closure B ⊆ T"
    apply (simp add: closed_def open_prod_def, clarify)
    apply (rule ccontr)
    apply (drule_tac x="(a, b)" in bspec, simp, clarify, rename_tac C D)
    apply (simp add: closure_interior interior_def)
    apply (drule_tac x=C in spec)
    apply (drule_tac x=D in spec)
    apply auto
    done
qed

lemma islimpt_in_closure: "(x islimpt S) = (x:closure(S-{x}))"
  unfolding closure_def using islimpt_punctured by blast

lemma connected_imp_connected_closure: "connected s ⟹ connected (closure s)"
    by (rule connectedI) (meson closure_subset open_Int open_inter_closure_eq_empty subset_trans connectedD)

lemma limpt_of_limpts:
      fixes x :: "'a::metric_space"
      shows "x islimpt {y. y islimpt s} ⟹ x islimpt s"
  apply (clarsimp simp add: islimpt_approachable)
  apply (drule_tac x="e/2" in spec)
  apply (auto simp: simp del: less_divide_eq_numeral1)
  apply (drule_tac x="dist x' x" in spec)
  apply (auto simp: zero_less_dist_iff simp del: less_divide_eq_numeral1)
  apply (erule rev_bexI)
  by (metis dist_commute dist_triangle_half_r less_trans less_irrefl)

lemma closed_limpts:  "closed {x::'a::metric_space. x islimpt s}"
  using closed_limpt limpt_of_limpts by blast

lemma limpt_of_closure:
      fixes x :: "'a::metric_space"
      shows "x islimpt closure s ⟷ x islimpt s"
  by (auto simp: closure_def islimpt_Un dest: limpt_of_limpts)

lemma closed_in_limpt:
   "closedin (subtopology euclidean t) s ⟷ s ⊆ t ∧ (∀x. x islimpt s ∧ x ∈ t ⟶ x ∈ s)"
  apply (simp add: closedin_closed, safe)
  apply (simp add: closed_limpt islimpt_subset)
  apply (rule_tac x="closure s" in exI)
  apply simp
  apply (force simp: closure_def)
  done

lemma closedin_closed_eq:
    "closed s ⟹ (closedin (subtopology euclidean s) t ⟷ closed t ∧ t ⊆ s)"
  by (meson closed_in_limpt closed_subset closedin_closed_trans)

lemma bdd_below_closure:
  fixes A :: "real set"
  assumes "bdd_below A"
  shows "bdd_below (closure A)"
proof -
  from assms obtain m where "⋀x. x ∈ A ⟹ m ≤ x" unfolding bdd_below_def by auto
  hence "A ⊆ {m..}" by auto
  hence "closure A ⊆ {m..}" using closed_real_atLeast by (rule closure_minimal)
  thus ?thesis unfolding bdd_below_def by auto
qed

subsection‹Connected components, considered as a connectedness relation or a set›

definition
   "connected_component s x y ≡ ∃t. connected t ∧ t ⊆ s ∧ x ∈ t ∧ y ∈ t"

abbreviation
   "connected_component_set s x ≡ Collect (connected_component s x)"

lemma connected_componentI:
    "⟦connected t; t ⊆ s; x ∈ t; y ∈ t⟧ ⟹ connected_component s x y"
  by (auto simp: connected_component_def)

lemma connected_component_in: "connected_component s x y ⟹ x ∈ s ∧ y ∈ s"
  by (auto simp: connected_component_def)

lemma connected_component_refl: "x ∈ s ⟹ connected_component s x x"
  apply (auto simp: connected_component_def)
  using connected_sing by blast

lemma connected_component_refl_eq [simp]: "connected_component s x x ⟷ x ∈ s"
  by (auto simp: connected_component_refl) (auto simp: connected_component_def)

lemma connected_component_sym: "connected_component s x y ⟹ connected_component s y x"
  by (auto simp: connected_component_def)

lemma connected_component_trans:
    "⟦connected_component s x y; connected_component s y z⟧ ⟹ connected_component s x z"
  unfolding connected_component_def
  by (metis Int_iff Un_iff Un_subset_iff equals0D connected_Un)

lemma connected_component_of_subset: "⟦connected_component s x y; s ⊆ t⟧ ⟹ connected_component t x y"
  by (auto simp: connected_component_def)

lemma connected_component_Union: "connected_component_set s x = ⋃{t. connected t ∧ x ∈ t ∧ t ⊆ s}"
  by (auto simp: connected_component_def)

lemma connected_connected_component [iff]: "connected (connected_component_set s x)"
  by (auto simp: connected_component_Union intro: connected_Union)

lemma connected_iff_eq_connected_component_set: "connected s ⟷ (∀x ∈ s. connected_component_set s x = s)"
proof (cases "s={}")
  case True then show ?thesis by simp
next
  case False
  then obtain x where "x ∈ s" by auto
  show ?thesis
  proof
    assume "connected s"
    then show "∀x ∈ s. connected_component_set s x = s"
      by (force simp: connected_component_def)
  next
    assume "∀x ∈ s. connected_component_set s x = s"
    then show "connected s"
      by (metis ‹x ∈ s› connected_connected_component)
  qed
qed

lemma connected_component_subset: "connected_component_set s x ⊆ s"
  using connected_component_in by blast

lemma connected_component_eq_self: "⟦connected s; x ∈ s⟧ ⟹ connected_component_set s x = s"
  by (simp add: connected_iff_eq_connected_component_set)

lemma connected_iff_connected_component:
    "connected s ⟷ (∀x ∈ s. ∀y ∈ s. connected_component s x y)"
  using connected_component_in by (auto simp: connected_iff_eq_connected_component_set)

lemma connected_component_maximal:
    "⟦x ∈ t; connected t; t ⊆ s⟧ ⟹ t ⊆ (connected_component_set s x)"
  using connected_component_eq_self connected_component_of_subset by blast

lemma connected_component_mono:
    "s ⊆ t ⟹ (connected_component_set s x) ⊆ (connected_component_set t x)"
  by (simp add: Collect_mono connected_component_of_subset)

lemma connected_component_eq_empty [simp]: "connected_component_set s x = {} ⟷ (x ∉ s)"
  using connected_component_refl by (fastforce simp: connected_component_in)

lemma connected_component_set_empty [simp]: "connected_component_set {} x = {}"
  using connected_component_eq_empty by blast

lemma connected_component_eq:
    "y ∈ connected_component_set s x
     ⟹ (connected_component_set s y = connected_component_set s x)"
  by (metis (no_types, lifting) Collect_cong connected_component_sym connected_component_trans mem_Collect_eq)

lemma closed_connected_component:
  assumes s: "closed s" shows "closed (connected_component_set s x)"
proof (cases "x ∈ s")
  case False then show ?thesis
    by (metis connected_component_eq_empty closed_empty)
next
  case True
  show ?thesis
    unfolding closure_eq [symmetric]
    proof
      show "closure (connected_component_set s x) ⊆ connected_component_set s x"
        apply (rule connected_component_maximal)
        apply (simp add: closure_def True)
        apply (simp add: connected_imp_connected_closure)
        apply (simp add: s closure_minimal connected_component_subset)
        done
    next
      show "connected_component_set s x ⊆ closure (connected_component_set s x)"
        by (simp add: closure_subset)
  qed
qed

lemma connected_component_disjoint:
    "(connected_component_set s a) ∩ (connected_component_set s b) = {} ⟷
     a ∉ connected_component_set s b"
apply (auto simp: connected_component_eq)
using connected_component_eq connected_component_sym by blast

lemma connected_component_nonoverlap:
    "(connected_component_set s a) ∩ (connected_component_set s b) = {} ⟷
     (a ∉ s ∨ b ∉ s ∨ connected_component_set s a ≠ connected_component_set s b)"
  apply (auto simp: connected_component_in)
  using connected_component_refl_eq apply blast
  apply (metis connected_component_eq mem_Collect_eq)
  apply (metis connected_component_eq mem_Collect_eq)
  done

lemma connected_component_overlap:
    "(connected_component_set s a ∩ connected_component_set s b ≠ {}) =
     (a ∈ s ∧ b ∈ s ∧ connected_component_set s a = connected_component_set s b)"
  by (auto simp: connected_component_nonoverlap)

lemma connected_component_sym_eq: "connected_component s x y ⟷ connected_component s y x"
  using connected_component_sym by blast

lemma connected_component_eq_eq:
    "connected_component_set s x = connected_component_set s y ⟷
     x ∉ s ∧ y ∉ s ∨ x ∈ s ∧ y ∈ s ∧ connected_component s x y"
  apply (case_tac "y ∈ s")
   apply (simp add:)
   apply (metis connected_component_eq connected_component_eq_empty connected_component_refl_eq mem_Collect_eq)
  apply (case_tac "x ∈ s")
   apply (simp add:)
   apply (metis connected_component_eq_empty)
  using connected_component_eq_empty by blast

lemma connected_iff_connected_component_eq:
    "connected s ⟷
       (∀x ∈ s. ∀y ∈ s. connected_component_set s x = connected_component_set s y)"
  by (simp add: connected_component_eq_eq connected_iff_connected_component)

lemma connected_component_idemp:
    "connected_component_set (connected_component_set s x) x = connected_component_set s x"
apply (rule subset_antisym)
apply (simp add: connected_component_subset)
by (metis connected_component_eq_empty connected_component_maximal connected_component_refl_eq connected_connected_component mem_Collect_eq set_eq_subset)

lemma connected_component_unique:
  "⟦x ∈ c; c ⊆ s; connected c;
    ⋀c'. x ∈ c' ∧ c' ⊆ s ∧ connected c'
              ⟹ c' ⊆ c⟧
        ⟹ connected_component_set s x = c"
apply (rule subset_antisym)
apply (meson connected_component_maximal connected_component_subset connected_connected_component contra_subsetD)
by (simp add: connected_component_maximal)

lemma joinable_connected_component_eq:
  "⟦connected t; t ⊆ s;
    connected_component_set s x ∩ t ≠ {};
    connected_component_set s y ∩ t ≠ {}⟧
    ⟹ connected_component_set s x = connected_component_set s y"
apply (simp add: ex_in_conv [symmetric])
apply (rule connected_component_eq)
by (metis (no_types, hide_lams) connected_component_eq_eq connected_component_in connected_component_maximal subsetD mem_Collect_eq)


lemma Union_connected_component: "⋃(connected_component_set s ` s) = s"
  apply (rule subset_antisym)
  apply (simp add: SUP_least connected_component_subset)
  using connected_component_refl_eq
  by force


lemma complement_connected_component_unions:
    "s - connected_component_set s x =
     ⋃(connected_component_set s ` s - {connected_component_set s x})"
  apply (subst Union_connected_component [symmetric], auto)
  apply (metis connected_component_eq_eq connected_component_in)
  by (metis connected_component_eq mem_Collect_eq)

lemma connected_component_intermediate_subset:
        "⟦connected_component_set u a ⊆ t; t ⊆ u⟧
        ⟹ connected_component_set t a = connected_component_set u a"
  apply (case_tac "a ∈ u")
  apply (simp add: connected_component_maximal connected_component_mono subset_antisym)
  using connected_component_eq_empty by blast

subsection‹The set of connected components of a set›

definition components:: "'a::topological_space set ⇒ 'a set set" where
  "components s ≡ connected_component_set s ` s"

lemma components_iff: "s ∈ components u ⟷ (∃x. x ∈ u ∧ s = connected_component_set u x)"
  by (auto simp: components_def)

lemma Union_components: "u = ⋃(components u)"
  apply (rule subset_antisym)
  apply (metis Union_connected_component components_def set_eq_subset)
  using Union_connected_component components_def by fastforce

lemma pairwise_disjoint_components: "pairwise (λX Y. X ∩ Y = {}) (components u)"
  apply (simp add: pairwise_def)
  apply (auto simp: components_iff)
  apply (metis connected_component_eq_eq connected_component_in)+
  done

lemma in_components_nonempty: "c ∈ components s ⟹ c ≠ {}"
    by (metis components_iff connected_component_eq_empty)

lemma in_components_subset: "c ∈ components s ⟹ c ⊆ s"
  using Union_components by blast

lemma in_components_connected: "c ∈ components s ⟹ connected c"
  by (metis components_iff connected_connected_component)

lemma in_components_maximal:
     "c ∈ components s ⟷
      (c ≠ {} ∧ c ⊆ s ∧ connected c ∧ (∀d. d ≠ {} ∧ c ⊆ d ∧ d ⊆ s ∧ connected d ⟶ d = c))"
  apply (rule iffI)
  apply (simp add: in_components_nonempty in_components_connected)
  apply (metis (full_types) components_iff connected_component_eq_self connected_component_intermediate_subset connected_component_refl in_components_subset mem_Collect_eq rev_subsetD)
  by (metis bot.extremum_uniqueI components_iff connected_component_eq_empty connected_component_maximal connected_component_subset connected_connected_component subset_emptyI)

lemma joinable_components_eq:
    "connected t ∧ t ⊆ s ∧ c1 ∈ components s ∧ c2 ∈ components s ∧ c1 ∩ t ≠ {} ∧ c2 ∩ t ≠ {} ⟹ c1 = c2"
  by (metis (full_types) components_iff joinable_connected_component_eq)

lemma closed_components: "⟦closed s; c ∈ components s⟧ ⟹ closed c"
  by (metis closed_connected_component components_iff)

lemma components_nonoverlap:
    "⟦c ∈ components s; c' ∈ components s⟧ ⟹ (c ∩ c' = {}) ⟷ (c ≠ c')"
  apply (auto simp: in_components_nonempty components_iff)
    using connected_component_refl apply blast
   apply (metis connected_component_eq_eq connected_component_in)
  by (metis connected_component_eq mem_Collect_eq)

lemma components_eq: "⟦c ∈ components s; c' ∈ components s⟧ ⟹ (c = c' ⟷ c ∩ c' ≠ {})"
  by (metis components_nonoverlap)

lemma components_eq_empty [simp]: "components s = {} ⟷ s = {}"
  by (simp add: components_def)

lemma components_empty [simp]: "components {} = {}"
  by simp

lemma connected_eq_connected_components_eq: "connected s ⟷ (∀c ∈ components s. ∀c' ∈ components s. c = c')"
  by (metis (no_types, hide_lams) components_iff connected_component_eq_eq connected_iff_connected_component)

lemma components_eq_sing_iff: "components s = {s} ⟷ connected s ∧ s ≠ {}"
  apply (rule iffI)
   using in_components_connected apply fastforce
  apply safe
    using Union_components apply fastforce
   apply (metis components_iff connected_component_eq_self)
  using in_components_maximal by auto

lemma components_eq_sing_exists: "(∃a. components s = {a}) ⟷ connected s ∧ s ≠ {}"
  apply (rule iffI)
   using connected_eq_connected_components_eq apply fastforce
  by (metis components_eq_sing_iff)

lemma connected_eq_components_subset_sing: "connected s ⟷ components s ⊆ {s}"
  by (metis Union_components components_empty components_eq_sing_iff connected_empty insert_subset order_refl subset_singletonD)

lemma connected_eq_components_subset_sing_exists: "connected s ⟷ (∃a. components s ⊆ {a})"
  by (metis components_eq_sing_exists connected_eq_components_subset_sing empty_iff subset_iff subset_singletonD)

lemma in_components_self: "s ∈ components s ⟷ connected s ∧ s ≠ {}"
  by (metis components_empty components_eq_sing_iff empty_iff in_components_connected insertI1)

lemma components_maximal: "⟦c ∈ components s; connected t; t ⊆ s; c ∩ t ≠ {}⟧ ⟹ t ⊆ c"
  apply (simp add: components_def ex_in_conv [symmetric], clarify)
  by (meson connected_component_def connected_component_trans)

lemma exists_component_superset: "⟦t ⊆ s; s ≠ {}; connected t⟧ ⟹ ∃c. c ∈ components s ∧ t ⊆ c"
  apply (case_tac "t = {}")
   apply force
  by (metis components_def ex_in_conv connected_component_maximal contra_subsetD image_eqI)

lemma components_intermediate_subset: "⟦s ∈ components u; s ⊆ t; t ⊆ u⟧ ⟹ s ∈ components t"
  apply (auto simp: components_iff)
  by (metis connected_component_eq_empty connected_component_intermediate_subset)

lemma in_components_unions_complement: "c ∈ components s ⟹ s - c = ⋃(components s - {c})"
  by (metis complement_connected_component_unions components_def components_iff)

lemma connected_intermediate_closure:
  assumes cs: "connected s" and st: "s ⊆ t" and ts: "t ⊆ closure s"
    shows "connected t"
proof (rule connectedI)
  fix A B
  assume A: "open A" and B: "open B" and Alap: "A ∩ t ≠ {}" and Blap: "B ∩ t ≠ {}"
     and disj: "A ∩ B ∩ t = {}" and cover: "t ⊆ A ∪ B"
  have disjs: "A ∩ B ∩ s = {}"
    using disj st by auto
  have "A ∩ closure s ≠ {}"
    using Alap Int_absorb1 ts by blast
  then have Alaps: "A ∩ s ≠ {}"
    by (simp add: A open_inter_closure_eq_empty)
  have "B ∩ closure s ≠ {}"
    using Blap Int_absorb1 ts by blast
  then have Blaps: "B ∩ s ≠ {}"
    by (simp add: B open_inter_closure_eq_empty)
  then show False
    using cs [unfolded connected_def] A B disjs Alaps Blaps cover st
    by blast
qed

lemma closed_in_connected_component: "closedin (subtopology euclidean s) (connected_component_set s x)"
proof (cases "connected_component_set s x = {}")
  case True then show ?thesis
    by (metis closedin_empty)
next
  case False
  then obtain y where y: "connected_component s x y"
    by blast
  have 1: "connected_component_set s x ⊆ s ∩ closure (connected_component_set s x)"
    by (auto simp: closure_def connected_component_in)
  have 2: "connected_component s x y ⟹ s ∩ closure (connected_component_set s x) ⊆ connected_component_set s x"
    apply (rule connected_component_maximal)
    apply (simp add:)
    using closure_subset connected_component_in apply fastforce
    using "1" connected_intermediate_closure apply blast+
    done
  show ?thesis using y
    apply (simp add: Topology_Euclidean_Space.closedin_closed)
    using 1 2 by auto
qed

subsection ‹Frontier (aka boundary)›

definition "frontier S = closure S - interior S"

lemma frontier_closed: "closed (frontier S)"
  by (simp add: frontier_def closed_Diff)

lemma frontier_closures: "frontier S = (closure S) ∩ (closure(- S))"
  by (auto simp add: frontier_def interior_closure)

lemma frontier_straddle:
  fixes a :: "'a::metric_space"
  shows "a ∈ frontier S ⟷ (∀e>0. (∃x∈S. dist a x < e) ∧ (∃x. x ∉ S ∧ dist a x < e))"
  unfolding frontier_def closure_interior
  by (auto simp add: mem_interior subset_eq ball_def)

lemma frontier_subset_closed: "closed S ⟹ frontier S ⊆ S"
  by (metis frontier_def closure_closed Diff_subset)

lemma frontier_empty[simp]: "frontier {} = {}"
  by (simp add: frontier_def)

lemma frontier_subset_eq: "frontier S ⊆ S ⟷ closed S"
proof -
  {
    assume "frontier S ⊆ S"
    then have "closure S ⊆ S"
      using interior_subset unfolding frontier_def by auto
    then have "closed S"
      using closure_subset_eq by auto
  }
  then show ?thesis using frontier_subset_closed[of S] ..
qed

lemma frontier_complement  [simp]: "frontier (- S) = frontier S"
  by (auto simp add: frontier_def closure_complement interior_complement)

lemma frontier_disjoint_eq: "frontier S ∩ S = {} ⟷ open S"
  using frontier_complement frontier_subset_eq[of "- S"]
  unfolding open_closed by auto


subsection ‹Filters and the ``eventually true'' quantifier›

definition indirection :: "'a::real_normed_vector ⇒ 'a ⇒ 'a filter"
    (infixr "indirection" 70)
  where "a indirection v = at a within {b. ∃c≥0. b - a = scaleR c v}"

text ‹Identify Trivial limits, where we can't approach arbitrarily closely.›

lemma trivial_limit_within: "trivial_limit (at a within S) ⟷ ¬ a islimpt S"
proof
  assume "trivial_limit (at a within S)"
  then show "¬ a islimpt S"
    unfolding trivial_limit_def
    unfolding eventually_at_topological
    unfolding islimpt_def
    apply (clarsimp simp add: set_eq_iff)
    apply (rename_tac T, rule_tac x=T in exI)
    apply (clarsimp, drule_tac x=y in bspec, simp_all)
    done
next
  assume "¬ a islimpt S"
  then show "trivial_limit (at a within S)"
    unfolding trivial_limit_def eventually_at_topological islimpt_def
    by metis
qed

lemma trivial_limit_at_iff: "trivial_limit (at a) ⟷ ¬ a islimpt UNIV"
  using trivial_limit_within [of a UNIV] by simp

lemma trivial_limit_at:
  fixes a :: "'a::perfect_space"
  shows "¬ trivial_limit (at a)"
  by (rule at_neq_bot)

lemma trivial_limit_at_infinity:
  "¬ trivial_limit (at_infinity :: ('a::{real_normed_vector,perfect_space}) filter)"
  unfolding trivial_limit_def eventually_at_infinity
  apply clarsimp
  apply (subgoal_tac "∃x::'a. x ≠ 0", clarify)
   apply (rule_tac x="scaleR (b / norm x) x" in exI, simp)
  apply (cut_tac islimpt_UNIV [of "0::'a", unfolded islimpt_def])
  apply (drule_tac x=UNIV in spec, simp)
  done

lemma not_trivial_limit_within: "¬ trivial_limit (at x within S) = (x ∈ closure (S - {x}))"
  using islimpt_in_closure
  by (metis trivial_limit_within)

lemma at_within_eq_bot_iff: "(at c within A = bot) ⟷ (c ∉ closure (A - {c}))"
  using not_trivial_limit_within[of c A] by blast

text ‹Some property holds "sufficiently close" to the limit point.›

lemma trivial_limit_eventually: "trivial_limit net ⟹ eventually P net"
  by simp

lemma trivial_limit_eq: "trivial_limit net ⟷ (∀P. eventually P net)"
  by (simp add: filter_eq_iff)


subsection ‹Limits›

lemma Lim:
  "(f ⤏ l) net ⟷
        trivial_limit net ∨
        (∀e>0. eventually (λx. dist (f x) l < e) net)"
  unfolding tendsto_iff trivial_limit_eq by auto

text‹Show that they yield usual definitions in the various cases.›

lemma Lim_within_le: "(f ⤏ l)(at a within S) ⟷
    (∀e>0. ∃d>0. ∀x∈S. 0 < dist x a ∧ dist x a ≤ d ⟶ dist (f x) l < e)"
  by (auto simp add: tendsto_iff eventually_at_le)

lemma Lim_within: "(f ⤏ l) (at a within S) ⟷
    (∀e >0. ∃d>0. ∀x ∈ S. 0 < dist x a ∧ dist x a  < d ⟶ dist (f x) l < e)"
  by (auto simp add: tendsto_iff eventually_at)

corollary Lim_withinI [intro?]:
  assumes "⋀e. e > 0 ⟹ ∃d>0. ∀x ∈ S. 0 < dist x a ∧ dist x a < d ⟶ dist (f x) l ≤ e"
  shows "(f ⤏ l) (at a within S)"
apply (simp add: Lim_within, clarify)
apply (rule ex_forward [OF assms [OF half_gt_zero]], auto)
done

lemma Lim_at: "(f ⤏ l) (at a) ⟷
    (∀e >0. ∃d>0. ∀x. 0 < dist x a ∧ dist x a < d  ⟶ dist (f x) l < e)"
  by (auto simp add: tendsto_iff eventually_at2)

lemma Lim_at_infinity:
  "(f ⤏ l) at_infinity ⟷ (∀e>0. ∃b. ∀x. norm x ≥ b ⟶ dist (f x) l < e)"
  by (auto simp add: tendsto_iff eventually_at_infinity)

corollary Lim_at_infinityI [intro?]:
  assumes "⋀e. e > 0 ⟹ ∃B. ∀x. norm x ≥ B ⟶ dist (f x) l ≤ e"
  shows "(f ⤏ l) at_infinity"
apply (simp add: Lim_at_infinity, clarify)
apply (rule ex_forward [OF assms [OF half_gt_zero]], auto)
done

lemma Lim_eventually: "eventually (λx. f x = l) net ⟹ (f ⤏ l) net"
  by (rule topological_tendstoI, auto elim: eventually_mono)

text‹The expected monotonicity property.›

lemma Lim_Un:
  assumes "(f ⤏ l) (at x within S)" "(f ⤏ l) (at x within T)"
  shows "(f ⤏ l) (at x within (S ∪ T))"
  using assms unfolding at_within_union by (rule filterlim_sup)

lemma Lim_Un_univ:
  "(f ⤏ l) (at x within S) ⟹ (f ⤏ l) (at x within T) ⟹
    S ∪ T = UNIV ⟹ (f ⤏ l) (at x)"
  by (metis Lim_Un)

text‹Interrelations between restricted and unrestricted limits.›

lemma Lim_at_imp_Lim_at_within:
  "(f ⤏ l) (at x) ⟹ (f ⤏ l) (at x within S)"
  by (metis order_refl filterlim_mono subset_UNIV at_le)

lemma eventually_within_interior:
  assumes "x ∈ interior S"
  shows "eventually P (at x within S) ⟷ eventually P (at x)"
  (is "?lhs = ?rhs")
proof
  from assms obtain T where T: "open T" "x ∈ T" "T ⊆ S" ..
  {
    assume "?lhs"
    then obtain A where "open A" and "x ∈ A" and "∀y∈A. y ≠ x ⟶ y ∈ S ⟶ P y"
      unfolding eventually_at_topological
      by auto
    with T have "open (A ∩ T)" and "x ∈ A ∩ T" and "∀y ∈ A ∩ T. y ≠ x ⟶ P y"
      by auto
    then show "?rhs"
      unfolding eventually_at_topological by auto
  next
    assume "?rhs"
    then show "?lhs"
      by (auto elim: eventually_mono simp: eventually_at_filter)
  }
qed

lemma at_within_interior:
  "x ∈ interior S ⟹ at x within S = at x"
  unfolding filter_eq_iff by (intro allI eventually_within_interior)

lemma Lim_within_LIMSEQ:
  fixes a :: "'a::first_countable_topology"
  assumes "∀S. (∀n. S n ≠ a ∧ S n ∈ T) ∧ S ⇢ a ⟶ (λn. X (S n)) ⇢ L"
  shows "(X ⤏ L) (at a within T)"
  using assms unfolding tendsto_def [where l=L]
  by (simp add: sequentially_imp_eventually_within)

lemma Lim_right_bound:
  fixes f :: "'a :: {linorder_topology, conditionally_complete_linorder, no_top} ⇒
    'b::{linorder_topology, conditionally_complete_linorder}"
  assumes mono: "⋀a b. a ∈ I ⟹ b ∈ I ⟹ x < a ⟹ a ≤ b ⟹ f a ≤ f b"
    and bnd: "⋀a. a ∈ I ⟹ x < a ⟹ K ≤ f a"
  shows "(f ⤏ Inf (f ` ({x<..} ∩ I))) (at x within ({x<..} ∩ I))"
proof (cases "{x<..} ∩ I = {}")
  case True
  then show ?thesis by simp
next
  case False
  show ?thesis
  proof (rule order_tendstoI)
    fix a
    assume a: "a < Inf (f ` ({x<..} ∩ I))"
    {
      fix y
      assume "y ∈ {x<..} ∩ I"
      with False bnd have "Inf (f ` ({x<..} ∩ I)) ≤ f y"
        by (auto intro!: cInf_lower bdd_belowI2 simp del: Inf_image_eq)
      with a have "a < f y"
        by (blast intro: less_le_trans)
    }
    then show "eventually (λx. a < f x) (at x within ({x<..} ∩ I))"
      by (auto simp: eventually_at_filter intro: exI[of _ 1] zero_less_one)
  next
    fix a
    assume "Inf (f ` ({x<..} ∩ I)) < a"
    from cInf_lessD[OF _ this] False obtain y where y: "x < y" "y ∈ I" "f y < a"
      by auto
    then have "eventually (λx. x ∈ I ⟶ f x < a) (at_right x)"
      unfolding eventually_at_right[OF ‹x < y›] by (metis less_imp_le le_less_trans mono)
    then show "eventually (λx. f x < a) (at x within ({x<..} ∩ I))"
      unfolding eventually_at_filter by eventually_elim simp
  qed
qed

text‹Another limit point characterization.›

lemma islimpt_sequential:
  fixes x :: "'a::first_countable_topology"
  shows "x islimpt S ⟷ (∃f. (∀n::nat. f n ∈ S - {x}) ∧ (f ⤏ x) sequentially)"
    (is "?lhs = ?rhs")
proof
  assume ?lhs
  from countable_basis_at_decseq[of x] obtain A where A:
      "⋀i. open (A i)"
      "⋀i. x ∈ A i"
      "⋀S. open S ⟹ x ∈ S ⟹ eventually (λi. A i ⊆ S) sequentially"
    by blast
  def f  "λn. SOME y. y ∈ S ∧ y ∈ A n ∧ x ≠ y"
  {
    fix n
    from ‹?lhs› have "∃y. y ∈ S ∧ y ∈ A n ∧ x ≠ y"
      unfolding islimpt_def using A(1,2)[of n] by auto
    then have "f n ∈ S ∧ f n ∈ A n ∧ x ≠ f n"
      unfolding f_def by (rule someI_ex)
    then have "f n ∈ S" "f n ∈ A n" "x ≠ f n" by auto
  }
  then have "∀n. f n ∈ S - {x}" by auto
  moreover have "(λn. f n) ⇢ x"
  proof (rule topological_tendstoI)
    fix S
    assume "open S" "x ∈ S"
    from A(3)[OF this] ‹⋀n. f n ∈ A n›
    show "eventually (λx. f x ∈ S) sequentially"
      by (auto elim!: eventually_mono)
  qed
  ultimately show ?rhs by fast
next
  assume ?rhs
  then obtain f :: "nat ⇒ 'a" where f: "⋀n. f n ∈ S - {x}" and lim: "f ⇢ x"
    by auto
  show ?lhs
    unfolding islimpt_def
  proof safe
    fix T
    assume "open T" "x ∈ T"
    from lim[THEN topological_tendstoD, OF this] f
    show "∃y∈S. y ∈ T ∧ y ≠ x"
      unfolding eventually_sequentially by auto
  qed
qed

lemma Lim_null:
  fixes f :: "'a ⇒ 'b::real_normed_vector"
  shows "(f ⤏ l) net ⟷ ((λx. f(x) - l) ⤏ 0) net"
  by (simp add: Lim dist_norm)

lemma Lim_null_comparison:
  fixes f :: "'a ⇒ 'b::real_normed_vector"
  assumes "eventually (λx. norm (f x) ≤ g x) net" "(g ⤏ 0) net"
  shows "(f ⤏ 0) net"
  using assms(2)
proof (rule metric_tendsto_imp_tendsto)
  show "eventually (λx. dist (f x) 0 ≤ dist (g x) 0) net"
    using assms(1) by (rule eventually_mono) (simp add: dist_norm)
qed

lemma Lim_transform_bound:
  fixes f :: "'a ⇒ 'b::real_normed_vector"
    and g :: "'a ⇒ 'c::real_normed_vector"
  assumes "eventually (λn. norm (f n) ≤ norm (g n)) net"
    and "(g ⤏ 0) net"
  shows "(f ⤏ 0) net"
  using assms(1) tendsto_norm_zero [OF assms(2)]
  by (rule Lim_null_comparison)

text‹Deducing things about the limit from the elements.›

lemma Lim_in_closed_set:
  assumes "closed S"
    and "eventually (λx. f(x) ∈ S) net"
    and "¬ trivial_limit net" "(f ⤏ l) net"
  shows "l ∈ S"
proof (rule ccontr)
  assume "l ∉ S"
  with ‹closed S› have "open (- S)" "l ∈ - S"
    by (simp_all add: open_Compl)
  with assms(4) have "eventually (λx. f x ∈ - S) net"
    by (rule topological_tendstoD)
  with assms(2) have "eventually (λx. False) net"
    by (rule eventually_elim2) simp
  with assms(3) show "False"
    by (simp add: eventually_False)
qed

text‹Need to prove closed(cball(x,e)) before deducing this as a corollary.›

lemma Lim_dist_ubound:
  assumes "¬(trivial_limit net)"
    and "(f ⤏ l) net"
    and "eventually (λx. dist a (f x) ≤ e) net"
  shows "dist a l ≤ e"
  using assms by (fast intro: tendsto_le tendsto_intros)

lemma Lim_norm_ubound:
  fixes f :: "'a ⇒ 'b::real_normed_vector"
  assumes "¬(trivial_limit net)" "(f ⤏ l) net" "eventually (λx. norm(f x) ≤ e) net"
  shows "norm(l) ≤ e"
  using assms by (fast intro: tendsto_le tendsto_intros)

lemma Lim_norm_lbound:
  fixes f :: "'a ⇒ 'b::real_normed_vector"
  assumes "¬ trivial_limit net"
    and "(f ⤏ l) net"
    and "eventually (λx. e ≤ norm (f x)) net"
  shows "e ≤ norm l"
  using assms by (fast intro: tendsto_le tendsto_intros)

text‹Limit under bilinear function›

lemma Lim_bilinear:
  assumes "(f ⤏ l) net"
    and "(g ⤏ m) net"
    and "bounded_bilinear h"
  shows "((λx. h (f x) (g x)) ⤏ (h l m)) net"
  using ‹bounded_bilinear h› ‹(f ⤏ l) net› ‹(g ⤏ m) net›
  by (rule bounded_bilinear.tendsto)

text‹These are special for limits out of the same vector space.›

lemma Lim_within_id: "(id ⤏ a) (at a within s)"
  unfolding id_def by (rule tendsto_ident_at)

lemma Lim_at_id: "(id ⤏ a) (at a)"
  unfolding id_def by (rule tendsto_ident_at)

lemma Lim_at_zero:
  fixes a :: "'a::real_normed_vector"
    and l :: "'b::topological_space"
  shows "(f ⤏ l) (at a) ⟷ ((λx. f(a + x)) ⤏ l) (at 0)"
  using LIM_offset_zero LIM_offset_zero_cancel ..

text‹It's also sometimes useful to extract the limit point from the filter.›

abbreviation netlimit :: "'a::t2_space filter ⇒ 'a"
  where "netlimit F ≡ Lim F (λx. x)"

lemma netlimit_within: "¬ trivial_limit (at a within S) ⟹ netlimit (at a within S) = a"
  by (rule tendsto_Lim) (auto intro: tendsto_intros)

lemma netlimit_at:
  fixes a :: "'a::{perfect_space,t2_space}"
  shows "netlimit (at a) = a"
  using netlimit_within [of a UNIV] by simp

lemma lim_within_interior:
  "x ∈ interior S ⟹ (f ⤏ l) (at x within S) ⟷ (f ⤏ l) (at x)"
  by (metis at_within_interior)

lemma netlimit_within_interior:
  fixes x :: "'a::{t2_space,perfect_space}"
  assumes "x ∈ interior S"
  shows "netlimit (at x within S) = x"
  using assms by (metis at_within_interior netlimit_at)

lemma netlimit_at_vector:
  fixes a :: "'a::real_normed_vector"
  shows "netlimit (at a) = a"
proof (cases "∃x. x ≠ a")
  case True then obtain x where x: "x ≠ a" ..
  have "¬ trivial_limit (at a)"
    unfolding trivial_limit_def eventually_at dist_norm
    apply clarsimp
    apply (rule_tac x="a + scaleR (d / 2) (sgn (x - a))" in exI)
    apply (simp add: norm_sgn sgn_zero_iff x)
    done
  then show ?thesis
    by (rule netlimit_within [of a UNIV])
qed simp


text‹Useful lemmas on closure and set of possible sequential limits.›

lemma closure_sequential:
  fixes l :: "'a::first_countable_topology"
  shows "l ∈ closure S ⟷ (∃x. (∀n. x n ∈ S) ∧ (x ⤏ l) sequentially)"
  (is "?lhs = ?rhs")
proof
  assume "?lhs"
  moreover
  {
    assume "l ∈ S"
    then have "?rhs" using tendsto_const[of l sequentially] by auto
  }
  moreover
  {
    assume "l islimpt S"
    then have "?rhs" unfolding islimpt_sequential by auto
  }
  ultimately show "?rhs"
    unfolding closure_def by auto
next
  assume "?rhs"
  then show "?lhs" unfolding closure_def islimpt_sequential by auto
qed

lemma closed_sequential_limits:
  fixes S :: "'a::first_countable_topology set"
  shows "closed S ⟷ (∀x l. (∀n. x n ∈ S) ∧ (x ⤏ l) sequentially ⟶ l ∈ S)"
by (metis closure_sequential closure_subset_eq subset_iff)

lemma closure_approachable:
  fixes S :: "'a::metric_space set"
  shows "x ∈ closure S ⟷ (∀e>0. ∃y∈S. dist y x < e)"
  apply (auto simp add: closure_def islimpt_approachable)
  apply (metis dist_self)
  done

lemma closed_approachable:
  fixes S :: "'a::metric_space set"
  shows "closed S ⟹ (∀e>0. ∃y∈S. dist y x < e) ⟷ x ∈ S"
  by (metis closure_closed closure_approachable)

lemma closure_contains_Inf:
  fixes S :: "real set"
  assumes "S ≠ {}" "bdd_below S"
  shows "Inf S ∈ closure S"
proof -
  have *: "∀x∈S. Inf S ≤ x"
    using cInf_lower[of _ S] assms by metis
  {
    fix e :: real
    assume "e > 0"
    then have "Inf S < Inf S + e" by simp
    with assms obtain x where "x ∈ S" "x < Inf S + e"
      by (subst (asm) cInf_less_iff) auto
    with * have "∃x∈S. dist x (Inf S) < e"
      by (intro bexI[of _ x]) (auto simp add: dist_real_def)
  }
  then show ?thesis unfolding closure_approachable by auto
qed

lemma closed_contains_Inf:
  fixes S :: "real set"
  shows "S ≠ {} ⟹ bdd_below S ⟹ closed S ⟹ Inf S ∈ S"
  by (metis closure_contains_Inf closure_closed assms)

lemma closed_subset_contains_Inf:
  fixes A C :: "real set"
  shows "closed C ⟹ A ⊆ C ⟹ A ≠ {} ⟹ bdd_below A ⟹ Inf A ∈ C"
  by (metis closure_contains_Inf closure_minimal subset_eq)

lemma atLeastAtMost_subset_contains_Inf:
  fixes A :: "real set" and a b :: real
  shows "A ≠ {} ⟹ a ≤ b ⟹ A ⊆ {a..b} ⟹ Inf A ∈ {a..b}"
  by (rule closed_subset_contains_Inf)
     (auto intro: closed_real_atLeastAtMost intro!: bdd_belowI[of A a])

lemma not_trivial_limit_within_ball:
  "¬ trivial_limit (at x within S) ⟷ (∀e>0. S ∩ ball x e - {x} ≠ {})"
  (is "?lhs ⟷ ?rhs")
proof
  show ?rhs if ?lhs
  proof -
    {
      fix e :: real
      assume "e > 0"
      then obtain y where "y ∈ S - {x}" and "dist y x < e"
        using ‹?lhs› not_trivial_limit_within[of x S] closure_approachable[of x "S - {x}"]
        by auto
      then have "y ∈ S ∩ ball x e - {x}"
        unfolding ball_def by (simp add: dist_commute)
      then have "S ∩ ball x e - {x} ≠ {}" by blast
    }
    then show ?thesis by auto
  qed
  show ?lhs if ?rhs
  proof -
    {
      fix e :: real
      assume "e > 0"
      then obtain y where "y ∈ S ∩ ball x e - {x}"
        using ‹?rhs› by blast
      then have "y ∈ S - {x}" and "dist y x < e"
        unfolding ball_def by (simp_all add: dist_commute)
      then have "∃y ∈ S - {x}. dist y x < e"
        by auto
    }
    then show ?thesis
      using not_trivial_limit_within[of x S] closure_approachable[of x "S - {x}"]
      by auto
  qed
qed


subsection ‹Infimum Distance›

definition "infdist x A = (if A = {} then 0 else INF a:A. dist x a)"

lemma bdd_below_infdist[intro, simp]: "bdd_below (dist x`A)"
  by (auto intro!: zero_le_dist)

lemma infdist_notempty: "A ≠ {} ⟹ infdist x A = (INF a:A. dist x a)"
  by (simp add: infdist_def)

lemma infdist_nonneg: "0 ≤ infdist x A"
  by (auto simp add: infdist_def intro: cINF_greatest)

lemma infdist_le: "a ∈ A ⟹ infdist x A ≤ dist x a"
  by (auto intro: cINF_lower simp add: infdist_def)

lemma infdist_le2: "a ∈ A ⟹ dist x a ≤ d ⟹ infdist x A ≤ d"
  by (auto intro!: cINF_lower2 simp add: infdist_def)

lemma infdist_zero[simp]: "a ∈ A ⟹ infdist a A = 0"
  by (auto intro!: antisym infdist_nonneg infdist_le2)

lemma infdist_triangle: "infdist x A ≤ infdist y A + dist x y"
proof (cases "A = {}")
  case True
  then show ?thesis by (simp add: infdist_def)
next
  case False
  then obtain a where "a ∈ A" by auto
  have "infdist x A ≤ Inf {dist x y + dist y a |a. a ∈ A}"
  proof (rule cInf_greatest)
    from ‹A ≠ {}› show "{dist x y + dist y a |a. a ∈ A} ≠ {}"
      by simp
    fix d
    assume "d ∈ {dist x y + dist y a |a. a ∈ A}"
    then obtain a where d: "d = dist x y + dist y a" "a ∈ A"
      by auto
    show "infdist x A ≤ d"
      unfolding infdist_notempty[OF ‹A ≠ {}›]
    proof (rule cINF_lower2)
      show "a ∈ A" by fact
      show "dist x a ≤ d"
        unfolding d by (rule dist_triangle)
    qed simp
  qed
  also have "… = dist x y + infdist y A"
  proof (rule cInf_eq, safe)
    fix a
    assume "a ∈ A"
    then show "dist x y + infdist y A ≤ dist x y + dist y a"
      by (auto intro: infdist_le)
  next
    fix i
    assume inf: "⋀d. d ∈ {dist x y + dist y a |a. a ∈ A} ⟹ i ≤ d"
    then have "i - dist x y ≤ infdist y A"
      unfolding infdist_notempty[OF ‹A ≠ {}›] using ‹a ∈ A›
      by (intro cINF_greatest) (auto simp: field_simps)
    then show "i ≤ dist x y + infdist y A"
      by simp
  qed
  finally show ?thesis by simp
qed

lemma in_closure_iff_infdist_zero:
  assumes "A ≠ {}"
  shows "x ∈ closure A ⟷ infdist x A = 0"
proof
  assume "x ∈ closure A"
  show "infdist x A = 0"
  proof (rule ccontr)
    assume "infdist x A ≠ 0"
    with infdist_nonneg[of x A] have "infdist x A > 0"
      by auto
    then have "ball x (infdist x A) ∩ closure A = {}"
      apply auto
      apply (metis ‹x ∈ closure A› closure_approachable dist_commute infdist_le not_less)
      done
    then have "x ∉ closure A"
      by (metis ‹0 < infdist x A› centre_in_ball disjoint_iff_not_equal)
    then show False using ‹x ∈ closure A› by simp
  qed
next
  assume x: "infdist x A = 0"
  then obtain a where "a ∈ A"
    by atomize_elim (metis all_not_in_conv assms)
  show "x ∈ closure A"
    unfolding closure_approachable
    apply safe
  proof (rule ccontr)
    fix e :: real
    assume "e > 0"
    assume "¬ (∃y∈A. dist y x < e)"
    then have "infdist x A ≥ e" using ‹a ∈ A›
      unfolding infdist_def
      by (force simp: dist_commute intro: cINF_greatest)
    with x ‹e > 0› show False by auto
  qed
qed

lemma in_closed_iff_infdist_zero:
  assumes "closed A" "A ≠ {}"
  shows "x ∈ A ⟷ infdist x A = 0"
proof -
  have "x ∈ closure A ⟷ infdist x A = 0"
    by (rule in_closure_iff_infdist_zero) fact
  with assms show ?thesis by simp
qed

lemma tendsto_infdist [tendsto_intros]:
  assumes f: "(f ⤏ l) F"
  shows "((λx. infdist (f x) A) ⤏ infdist l A) F"
proof (rule tendstoI)
  fix e ::real
  assume "e > 0"
  from tendstoD[OF f this]
  show "eventually (λx. dist (infdist (f x) A) (infdist l A) < e) F"
  proof (eventually_elim)
    fix x
    from infdist_triangle[of l A "f x"] infdist_triangle[of "f x" A l]
    have "dist (infdist (f x) A) (infdist l A) ≤ dist (f x) l"
      by (simp add: dist_commute dist_real_def)
    also assume "dist (f x) l < e"
    finally show "dist (infdist (f x) A) (infdist l A) < e" .
  qed
qed

text‹Some other lemmas about sequences.›

lemma sequentially_offset: (* TODO: move to Topological_Spaces.thy *)
  assumes "eventually (λi. P i) sequentially"
  shows "eventually (λi. P (i + k)) sequentially"
  using assms by (rule eventually_sequentially_seg [THEN iffD2])

lemma seq_offset_neg: (* TODO: move to Topological_Spaces.thy *)
  "(f ⤏ l) sequentially ⟹ ((λi. f(i - k)) ⤏ l) sequentially"
  apply (erule filterlim_compose)
  apply (simp add: filterlim_def le_sequentially eventually_filtermap eventually_sequentially)
  apply arith
  done

lemma seq_harmonic: "((λn. inverse (real n)) ⤏ 0) sequentially"
  using LIMSEQ_inverse_real_of_nat by (rule LIMSEQ_imp_Suc) (* TODO: move to Limits.thy *)

subsection ‹More properties of closed balls›

lemma closed_cball [iff]: "closed (cball x e)"
proof -
  have "closed (dist x -` {..e})"
    by (intro closed_vimage closed_atMost continuous_intros)
  also have "dist x -` {..e} = cball x e"
    by auto
  finally show ?thesis .
qed

lemma open_contains_cball: "open S ⟷ (∀x∈S. ∃e>0.  cball x e ⊆ S)"
proof -
  {
    fix x and e::real
    assume "x∈S" "e>0" "ball x e ⊆ S"
    then have "∃d>0. cball x d ⊆ S" unfolding subset_eq by (rule_tac x="e/2" in exI, auto)
  }
  moreover
  {
    fix x and e::real
    assume "x∈S" "e>0" "cball x e ⊆ S"
    then have "∃d>0. ball x d ⊆ S"
      unfolding subset_eq
      apply(rule_tac x="e/2" in exI)
      apply auto
      done
  }
  ultimately show ?thesis
    unfolding open_contains_ball by auto
qed

lemma open_contains_cball_eq: "open S ⟹ (∀x. x ∈ S ⟷ (∃e>0. cball x e ⊆ S))"
  by (metis open_contains_cball subset_eq order_less_imp_le centre_in_cball)

lemma mem_interior_cball: "x ∈ interior S ⟷ (∃e>0. cball x e ⊆ S)"
  apply (simp add: interior_def, safe)
  apply (force simp add: open_contains_cball)
  apply (rule_tac x="ball x e" in exI)
  apply (simp add: subset_trans [OF ball_subset_cball])
  done

lemma islimpt_ball:
  fixes x y :: "'a::{real_normed_vector,perfect_space}"
  shows "y islimpt ball x e ⟷ 0 < e ∧ y ∈ cball x e"
  (is "?lhs ⟷ ?rhs")
proof
  show ?rhs if ?lhs
  proof
    {
      assume "e ≤ 0"
      then have *: "ball x e = {}"
        using ball_eq_empty[of x e] by auto
      have False using ‹?lhs›
        unfolding * using islimpt_EMPTY[of y] by auto
    }
    then show "e > 0" by (metis not_less)
    show "y ∈ cball x e"
      using closed_cball[of x e] islimpt_subset[of y "ball x e" "cball x e"]
        ball_subset_cball[of x e] ‹?lhs›
      unfolding closed_limpt by auto
  qed
  show ?lhs if ?rhs
  proof -
    from that have "e > 0" by auto
    {
      fix d :: real
      assume "d > 0"
      have "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
      proof (cases "d ≤ dist x y")
        case True
        then show "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
        proof (cases "x = y")
          case True
          then have False
            using ‹d ≤ dist x y› ‹d>0› by auto
          then show "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
            by auto
        next
          case False
          have "dist x (y - (d / (2 * dist y x)) *R (y - x)) =
            norm (x - y + (d / (2 * norm (y - x))) *R (y - x))"
            unfolding mem_cball mem_ball dist_norm diff_diff_eq2 diff_add_eq[symmetric]
            by auto
          also have "… = ¦- 1 + d / (2 * norm (x - y))¦ * norm (x - y)"
            using scaleR_left_distrib[of "- 1" "d / (2 * norm (y - x))", symmetric, of "y - x"]
            unfolding scaleR_minus_left scaleR_one
            by (auto simp add: norm_minus_commute)
          also have "… = ¦- norm (x - y) + d / 2¦"
            unfolding abs_mult_pos[of "norm (x - y)", OF norm_ge_zero[of "x - y"]]
            unfolding distrib_right using ‹x≠y›  by auto
          also have "… ≤ e - d/2" using ‹d ≤ dist x y› and ‹d>0› and ‹?rhs›
            by (auto simp add: dist_norm)
          finally have "y - (d / (2 * dist y x)) *R (y - x) ∈ ball x e" using ‹d>0›
            by auto
          moreover
          have "(d / (2*dist y x)) *R (y - x) ≠ 0"
            using ‹x≠y›[unfolded dist_nz] ‹d>0› unfolding scaleR_eq_0_iff
            by (auto simp add: dist_commute)
          moreover
          have "dist (y - (d / (2 * dist y x)) *R (y - x)) y < d"
            unfolding dist_norm
            apply simp
            unfolding norm_minus_cancel
            using ‹d > 0› ‹x≠y›[unfolded dist_nz] dist_commute[of x y]
            unfolding dist_norm
            apply auto
            done
          ultimately show "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
            apply (rule_tac x = "y - (d / (2*dist y x)) *R (y - x)" in bexI)
            apply auto
            done
        qed
      next
        case False
        then have "d > dist x y" by auto
        show "∃x' ∈ ball x e. x' ≠ y ∧ dist x' y < d"
        proof (cases "x = y")
          case True
          obtain z where **: "z ≠ y" "dist z y < min e d"
            using perfect_choose_dist[of "min e d" y]
            using ‹d > 0› ‹e>0› by auto
          show "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
            unfolding ‹x = y›
            using ‹z ≠ y› **
            apply (rule_tac x=z in bexI)
            apply (auto simp add: dist_commute)
            done
        next
          case False
          then show "∃x'∈ball x e. x' ≠ y ∧ dist x' y < d"
            using ‹d>0› ‹d > dist x y› ‹?rhs›
            apply (rule_tac x=x in bexI)
            apply auto
            done
        qed
      qed
    }
    then show ?thesis
      unfolding mem_cball islimpt_approachable mem_ball by auto
  qed
qed

lemma closure_ball_lemma:
  fixes x y :: "'a::real_normed_vector"
  assumes "x ≠ y"
  shows "y islimpt ball x (dist x y)"
proof (rule islimptI)
  fix T
  assume "y ∈ T" "open T"
  then obtain r where "0 < r" "∀z. dist z y < r ⟶ z ∈ T"
    unfolding open_dist by fast
  (* choose point between x and y, within distance r of y. *)
  def k  "min 1 (r / (2 * dist x y))"
  def z  "y + scaleR k (x - y)"
  have z_def2: "z = x + scaleR (1 - k) (y - x)"
    unfolding z_def by (simp add: algebra_simps)
  have "dist z y < r"
    unfolding z_def k_def using ‹0 < r›
    by (simp add: dist_norm min_def)
  then have "z ∈ T"
    using ‹∀z. dist z y < r ⟶ z ∈ T› by simp
  have "dist x z < dist x y"
    unfolding z_def2 dist_norm
    apply (simp add: norm_minus_commute)
    apply (simp only: dist_norm [symmetric])
    apply (subgoal_tac "¦1 - k¦ * dist x y < 1 * dist x y", simp)
    apply (rule mult_strict_right_mono)
    apply (simp add: k_def ‹0 < r› ‹x ≠ y›)
    apply (simp add: ‹x ≠ y›)
    done
  then have "z ∈ ball x (dist x y)"
    by simp
  have "z ≠ y"
    unfolding z_def k_def using ‹x ≠ y› ‹0 < r›
    by (simp add: min_def)
  show "∃z∈ball x (dist x y). z ∈ T ∧ z ≠ y"
    using ‹z ∈ ball x (dist x y)› ‹z ∈ T› ‹z ≠ y›
    by fast
qed

lemma closure_ball [simp]:
  fixes x :: "'a::real_normed_vector"
  shows "0 < e ⟹ closure (ball x e) = cball x e"
  apply (rule equalityI)
  apply (rule closure_minimal)
  apply (rule ball_subset_cball)
  apply (rule closed_cball)
  apply (rule subsetI, rename_tac y)
  apply (simp add: le_less [where 'a=real])
  apply (erule disjE)
  apply (rule subsetD [OF closure_subset], simp)
  apply (simp add: closure_def)
  apply clarify
  apply (rule closure_ball_lemma)
  apply (simp add: zero_less_dist_iff)
  done

(* In a trivial vector space, this fails for e = 0. *)
lemma interior_cball [simp]:
  fixes x :: "'a::{real_normed_vector, perfect_space}"
  shows "interior (cball x e) = ball x e"
proof (cases "e ≥ 0")
  case False note cs = this
  from cs have null: "ball x e = {}"
    using ball_empty[of e x] by auto
  moreover
  {
    fix y
    assume "y ∈ cball x e"
    then have False
      by (metis ball_eq_empty null cs dist_eq_0_iff dist_le_zero_iff empty_subsetI mem_cball subset_antisym subset_ball)
  }
  then have "cball x e = {}" by auto
  then have "interior (cball x e) = {}"
    using interior_empty by auto
  ultimately show ?thesis by blast
next
  case True note cs = this
  have "ball x e ⊆ cball x e"
    using ball_subset_cball by auto
  moreover
  {
    fix S y
    assume as: "S ⊆ cball x e" "open S" "y∈S"
    then obtain d where "d>0" and d: "∀x'. dist x' y < d ⟶ x' ∈ S"
      unfolding open_dist by blast
    then obtain xa where xa_y: "xa ≠ y" and xa: "dist xa y < d"
      using perfect_choose_dist [of d] by auto
    have "xa ∈ S"
      using d[THEN spec[where x = xa]]
      using xa by (auto simp add: dist_commute)
    then have xa_cball: "xa ∈ cball x e"
      using as(1) by auto
    then have "y ∈ ball x e"
    proof (cases "x = y")
      case True
      then have "e > 0" using cs order.order_iff_strict xa_cball xa_y by fastforce
      then show "y ∈ ball x e"
        using ‹x = y › by simp
    next
      case False
      have "dist (y + (d / 2 / dist y x) *R (y - x)) y < d"
        unfolding dist_norm
        using ‹d>0› norm_ge_zero[of "y - x"] ‹x ≠ y› by auto
      then have *: "y + (d / 2 / dist y x) *R (y - x) ∈ cball x e"
        using d as(1)[unfolded subset_eq] by blast
      have "y - x ≠ 0" using ‹x ≠ y› by auto
      hence **:"d / (2 * norm (y - x)) > 0"
        unfolding zero_less_norm_iff[symmetric] using ‹d>0› by auto
      have "dist (y + (d / 2 / dist y x) *R (y - x)) x =
        norm (y + (d / (2 * norm (y - x))) *R y - (d / (2 * norm (y - x))) *R x - x)"
        by (auto simp add: dist_norm algebra_simps)
      also have "… = norm ((1 + d / (2 * norm (y - x))) *R (y - x))"
        by (auto simp add: algebra_simps)
      also have "… = ¦1 + d / (2 * norm (y - x))¦ * norm (y - x)"
        using ** by auto
      also have "… = (dist y x) + d/2"
        using ** by (auto simp add: distrib_right dist_norm)
      finally have "e ≥ dist x y +d/2"
        using *[unfolded mem_cball] by (auto simp add: dist_commute)
      then show "y ∈ ball x e"
        unfolding mem_ball using ‹d>0› by auto
    qed
  }
  then have "∀S ⊆ cball x e. open S ⟶ S ⊆ ball x e"
    by auto
  ultimately show ?thesis
    using interior_unique[of "ball x e" "cball x e"]
    using open_ball[of x e]
    by auto
qed

lemma frontier_ball:
  fixes a :: "'a::real_normed_vector"
  shows "0 < e ⟹ frontier(ball a e) = {x. dist a x = e}"
  apply (simp add: frontier_def closure_ball interior_open order_less_imp_le)
  apply (simp add: set_eq_iff)
  apply arith
  done

lemma frontier_cball:
  fixes a :: "'a::{real_normed_vector, perfect_space}"
  shows "frontier (cball a e) = {x. dist a x = e}"
  apply (simp add: frontier_def interior_cball closed_cball order_less_imp_le)
  apply (simp add: set_eq_iff)
  apply arith
  done

lemma cball_eq_empty [simp]: "cball x e = {} ⟷ e < 0"
  apply (simp add: set_eq_iff not_le)
  apply (metis zero_le_dist dist_self order_less_le_trans)
  done

lemma cball_empty [simp]: "e < 0 ⟹ cball x e = {}"
  by (simp add: cball_eq_empty)

lemma cball_eq_sing:
  fixes x :: "'a::{metric_space,perfect_space}"
  shows "cball x e = {x} ⟷ e = 0"
proof (rule linorder_cases)
  assume e: "0 < e"
  obtain a where "a ≠ x" "dist a x < e"
    using perfect_choose_dist [OF e] by auto
  then have "a ≠ x" "dist x a ≤ e"
    by (auto simp add: dist_commute)
  with e show ?thesis by (auto simp add: set_eq_iff)
qed auto

lemma cball_sing:
  fixes x :: "'a::metric_space"
  shows "e = 0 ⟹ cball x e = {x}"
  by (auto simp add: set_eq_iff)

lemma ball_divide_subset: "d ≥ 1 ⟹ ball x (e/d) ⊆ ball x e"
  apply (cases "e ≤ 0")
  apply (simp add: ball_empty divide_simps)
  apply (rule subset_ball)
  apply (simp add: divide_simps)
  done

lemma ball_divide_subset_numeral: "ball x (e / numeral w) ⊆ ball x e"
  using ball_divide_subset one_le_numeral by blast

lemma cball_divide_subset: "d ≥ 1 ⟹ cball x (e/d) ⊆ cball x e"
  apply (cases "e < 0")
  apply (simp add: divide_simps)
  apply (rule subset_cball)
  apply (metis divide_1 frac_le not_le order_refl zero_less_one)
  done

lemma cball_divide_subset_numeral: "cball x (e / numeral w) ⊆ cball x e"
  using cball_divide_subset one_le_numeral by blast


subsection ‹Boundedness›

  (* FIXME: This has to be unified with BSEQ!! *)
definition (in metric_space) bounded :: "'a set ⇒ bool"
  where "bounded S ⟷ (∃x e. ∀y∈S. dist x y ≤ e)"

lemma bounded_subset_cball: "bounded S ⟷ (∃e x. S ⊆ cball x e ∧ 0 ≤ e)"
  unfolding bounded_def subset_eq  by auto (meson order_trans zero_le_dist)

lemma bounded_subset_ballD:
  assumes "bounded S" shows "∃r. 0 < r ∧ S ⊆ ball x r"
proof -
  obtain e::real and y where "S ⊆ cball y e"  "0 ≤ e"
    using assms by (auto simp: bounded_subset_cball)
  then show ?thesis
    apply (rule_tac x="dist x y + e + 1" in exI)
    apply (simp add: add.commute add_pos_nonneg)
    apply (erule subset_trans)
    apply (clarsimp simp add: cball_def)
    by (metis add_le_cancel_right add_strict_increasing dist_commute dist_triangle_le zero_less_one)
qed

lemma bounded_any_center: "bounded S ⟷ (∃e. ∀y∈S. dist a y ≤ e)"
  unfolding bounded_def
  by auto (metis add.commute add_le_cancel_right dist_commute dist_triangle_le)

lemma bounded_iff: "bounded S ⟷ (∃a. ∀x∈S. norm x ≤ a)"
  unfolding bounded_any_center [where a=0]
  by (simp add: dist_norm)

lemma bdd_above_norm: "bdd_above (norm ` X) ⟷ bounded X"
  by (simp add: bounded_iff bdd_above_def)

lemma bounded_realI:
  assumes "∀x∈s. ¦x::real¦ ≤ B"
  shows "bounded s"
  unfolding bounded_def dist_real_def
  by (metis abs_minus_commute assms diff_0_right)

lemma bounded_empty [simp]: "bounded {}"
  by (simp add: bounded_def)

lemma bounded_subset: "bounded T ⟹ S ⊆ T ⟹ bounded S"
  by (metis bounded_def subset_eq)

lemma bounded_interior[intro]: "bounded S ⟹ bounded(interior S)"
  by (metis bounded_subset interior_subset)

lemma bounded_closure[intro]:
  assumes "bounded S"
  shows "bounded (closure S)"
proof -
  from assms obtain x and a where a: "∀y∈S. dist x y ≤ a"
    unfolding bounded_def by auto
  {
    fix y
    assume "y ∈ closure S"
    then obtain f where f: "∀n. f n ∈ S"  "(f ⤏ y) sequentially"
      unfolding closure_sequential by auto
    have "∀n. f n ∈ S ⟶ dist x (f n) ≤ a" using a by simp
    then have "eventually (λn. dist x (f n) ≤ a) sequentially"
      by (simp add: f(1))
    have "dist x y ≤ a"
      apply (rule Lim_dist_ubound [of sequentially f])
      apply (rule trivial_limit_sequentially)
      apply (rule f(2))
      apply fact
      done
  }
  then show ?thesis
    unfolding bounded_def by auto
qed

lemma bounded_cball[simp,intro]: "bounded (cball x e)"
  apply (simp add: bounded_def)
  apply (rule_tac x=x in exI)
  apply (rule_tac x=e in exI)
  apply auto
  done

lemma bounded_ball[simp,intro]: "bounded (ball x e)"
  by (metis ball_subset_cball bounded_cball bounded_subset)

lemma bounded_Un[simp]: "bounded (S ∪ T) ⟷ bounded S ∧ bounded T"
  apply (auto simp add: bounded_def)
  by (metis Un_iff add_le_cancel_left dist_triangle le_max_iff_disj max.order_iff)

lemma bounded_Union[intro]: "finite F ⟹ ∀S∈F. bounded S ⟹ bounded (⋃F)"
  by (induct rule: finite_induct[of F]) auto

lemma bounded_UN [intro]: "finite A ⟹ ∀x∈A. bounded (B x) ⟹ bounded (⋃x∈A. B x)"
  by (induct set: finite) auto

lemma bounded_insert [simp]: "bounded (insert x S) ⟷ bounded S"
proof -
  have "∀y∈{x}. dist x y ≤ 0"
    by simp
  then have "bounded {x}"
    unfolding bounded_def by fast
  then show ?thesis
    by (metis insert_is_Un bounded_Un)
qed

lemma finite_imp_bounded [intro]: "finite S ⟹ bounded S"
  by (induct set: finite) simp_all

lemma bounded_pos: "bounded S ⟷ (∃b>0. ∀x∈ S. norm x ≤ b)"
  apply (simp add: bounded_iff)
  apply (subgoal_tac "⋀x (y::real). 0 < 1 + ¦y¦ ∧ (x ≤ y ⟶ x ≤ 1 + ¦y¦)")
  apply metis
  apply arith
  done

lemma bounded_pos_less: "bounded S ⟷ (∃b>0. ∀x∈ S. norm x < b)"
  apply (simp add: bounded_pos)
  apply (safe; rule_tac x="b+1" in exI; force)
  done

lemma Bseq_eq_bounded:
  fixes f :: "nat ⇒ 'a::real_normed_vector"
  shows "Bseq f ⟷ bounded (range f)"
  unfolding Bseq_def bounded_pos by auto

lemma bounded_Int[intro]: "bounded S ∨ bounded T ⟹ bounded (S ∩ T)"
  by (metis Int_lower1 Int_lower2 bounded_subset)

lemma bounded_diff[intro]: "bounded S ⟹ bounded (S - T)"
  by (metis Diff_subset bounded_subset)

lemma not_bounded_UNIV[simp, intro]:
  "¬ bounded (UNIV :: 'a::{real_normed_vector, perfect_space} set)"
proof (auto simp add: bounded_pos not_le)
  obtain x :: 'a where "x ≠ 0"
    using perfect_choose_dist [OF zero_less_one] by fast
  fix b :: real
  assume b: "b >0"
  have b1: "b +1 ≥ 0"
    using b by simp
  with ‹x ≠ 0› have "b < norm (scaleR (b + 1) (sgn x))"
    by (simp add: norm_sgn)
  then show "∃x::'a. b < norm x" ..
qed

corollary cobounded_imp_unbounded:
    fixes S :: "'a::{real_normed_vector, perfect_space} set"
    shows "bounded (- S) ⟹ ~ (bounded S)"
  using bounded_Un [of S "-S"]  by (simp add: sup_compl_top)

lemma bounded_linear_image:
  assumes "bounded S"
    and "bounded_linear f"
  shows "bounded (f ` S)"
proof -
  from assms(1) obtain b where b: "b > 0" "∀x∈S. norm x ≤ b"
    unfolding bounded_pos by auto
  from assms(2) obtain B where B: "B > 0" "∀x. norm (f x) ≤ B * norm x"
    using bounded_linear.pos_bounded by (auto simp add: ac_simps)
  {
    fix x
    assume "x ∈ S"
    then have "norm x ≤ b"
      using b by auto
    then have "norm (f x) ≤ B * b"
      using B(2)
      apply (erule_tac x=x in allE)
      apply (metis B(1) B(2) order_trans mult_le_cancel_left_pos)
      done
  }
  then show ?thesis
    unfolding bounded_pos
    apply (rule_tac x="b*B" in exI)
    using b B by (auto simp add: mult.commute)
qed

lemma bounded_scaling:
  fixes S :: "'a::real_normed_vector set"
  shows "bounded S ⟹ bounded ((λx. c *R x) ` S)"
  apply (rule bounded_linear_image)
  apply assumption
  apply (rule bounded_linear_scaleR_right)
  done

lemma bounded_translation:
  fixes S :: "'a::real_normed_vector set"
  assumes "bounded S"
  shows "bounded ((λx. a + x) ` S)"
proof -
  from assms obtain b where b: "b > 0" "∀x∈S. norm x ≤ b"
    unfolding bounded_pos by auto
  {
    fix x
    assume "x ∈ S"
    then have "norm (a + x) ≤ b + norm a"
      using norm_triangle_ineq[of a x] b by auto
  }
  then show ?thesis
    unfolding bounded_pos
    using norm_ge_zero[of a] b(1) and add_strict_increasing[of b 0 "norm a"]
    by (auto intro!: exI[of _ "b + norm a"])
qed

lemma bounded_uminus [simp]:
  fixes X :: "'a::euclidean_space set"
  shows "bounded (uminus ` X) ⟷ bounded X"
by (auto simp: bounded_def dist_norm; rule_tac x="-x" in exI; force simp add: add.commute norm_minus_commute)


text‹Some theorems on sups and infs using the notion "bounded".›

lemma bounded_real: "bounded (S::real set) ⟷ (∃a. ∀x∈S. ¦x¦ ≤ a)"
  by (simp add: bounded_iff)

lemma bounded_imp_bdd_above: "bounded S ⟹ bdd_above (S :: real set)"
  by (auto simp: bounded_def bdd_above_def dist_real_def)
     (metis abs_le_D1 abs_minus_commute diff_le_eq)

lemma bounded_imp_bdd_below: "bounded S ⟹ bdd_below (S :: real set)"
  by (auto simp: bounded_def bdd_below_def dist_real_def)
     (metis abs_le_D1 add.commute diff_le_eq)

lemma bounded_inner_imp_bdd_above:
  assumes "bounded s"
    shows "bdd_above ((λx. x ∙ a) ` s)"
by (simp add: assms bounded_imp_bdd_above bounded_linear_image bounded_linear_inner_left)

lemma bounded_inner_imp_bdd_below:
  assumes "bounded s"
    shows "bdd_below ((λx. x ∙ a) ` s)"
by (simp add: assms bounded_imp_bdd_below bounded_linear_image bounded_linear_inner_left)

lemma bounded_has_Sup:
  fixes S :: "real set"
  assumes "bounded S"
    and "S ≠ {}"
  shows "∀x∈S. x ≤ Sup S"
    and "∀b. (∀x∈S. x ≤ b) ⟶ Sup S ≤ b"
proof
  show "∀b. (∀x∈S. x ≤ b) ⟶ Sup S ≤ b"
    using assms by (metis cSup_least)
qed (metis cSup_upper assms(1) bounded_imp_bdd_above)

lemma Sup_insert:
  fixes S :: "real set"
  shows "bounded S ⟹ Sup (insert x S) = (if S = {} then x else max x (Sup S))"
  by (auto simp: bounded_imp_bdd_above sup_max cSup_insert_If)

lemma Sup_insert_finite:
  fixes S :: "'a::conditionally_complete_linorder set"
  shows "finite S ⟹ Sup (insert x S) = (if S = {} then x else max x (Sup S))"
by (simp add: cSup_insert sup_max)

lemma bounded_has_Inf:
  fixes S :: "real set"
  assumes "bounded S"
    and "S ≠ {}"
  shows "∀x∈S. x ≥ Inf S"
    and "∀b. (∀x∈S. x ≥ b) ⟶ Inf S ≥ b"
proof
  show "∀b. (∀x∈S. x ≥ b) ⟶ Inf S ≥ b"
    using assms by (metis cInf_greatest)
qed (metis cInf_lower assms(1) bounded_imp_bdd_below)

lemma Inf_insert:
  fixes S :: "real set"
  shows "bounded S ⟹ Inf (insert x S) = (if S = {} then x else min x (Inf S))"
  by (auto simp: bounded_imp_bdd_below inf_min cInf_insert_If)

lemma Inf_insert_finite:
  fixes S :: "'a::conditionally_complete_linorder set"
  shows "finite S ⟹ Inf (insert x S) = (if S = {} then x else min x (Inf S))"
by (simp add: cInf_eq_Min)

lemma finite_imp_less_Inf:
  fixes a :: "'a::conditionally_complete_linorder"
  shows "⟦finite X; x ∈ X; ⋀x. x∈X ⟹ a < x⟧ ⟹ a < Inf X"
  by (induction X rule: finite_induct) (simp_all add: cInf_eq_Min Inf_insert_finite)

lemma finite_less_Inf_iff:
  fixes a :: "'a :: conditionally_complete_linorder"
  shows "⟦finite X; X ≠ {}⟧ ⟹ a < Inf X ⟷ (∀x ∈ X. a < x)"
  by (auto simp: cInf_eq_Min)

lemma finite_imp_Sup_less:
  fixes a :: "'a::conditionally_complete_linorder"
  shows "⟦finite X; x ∈ X; ⋀x. x∈X ⟹ a > x⟧ ⟹ a > Sup X"
  by (induction X rule: finite_induct) (simp_all add: cSup_eq_Max Sup_insert_finite)

lemma finite_Sup_less_iff:
  fixes a :: "'a :: conditionally_complete_linorder"
  shows "⟦finite X; X ≠ {}⟧ ⟹ a > Sup X ⟷ (∀x ∈ X. a > x)"
  by (auto simp: cSup_eq_Max)

subsection ‹Compactness›

subsubsection ‹Bolzano-Weierstrass property›

lemma heine_borel_imp_bolzano_weierstrass:
  assumes "compact s"
    and "infinite t"
    and "t ⊆ s"
  shows "∃x ∈ s. x islimpt t"
proof (rule ccontr)
  assume "¬ (∃x ∈ s. x islimpt t)"
  then obtain f where f: "∀x∈s. x ∈ f x ∧ open (f x) ∧ (∀y∈t. y ∈ f x ⟶ y = x)"
    unfolding islimpt_def
    using bchoice[of s "λ x T. x ∈ T ∧ open T ∧ (∀y∈t. y ∈ T ⟶ y = x)"]
    by auto
  obtain g where g: "g ⊆ {t. ∃x. x ∈ s ∧ t = f x}" "finite g" "s ⊆ ⋃g"
    using assms(1)[unfolded compact_eq_heine_borel, THEN spec[where x="{t. ∃x. x∈s ∧ t = f x}"]]
    using f by auto
  from g(1,3) have g':"∀x∈g. ∃xa ∈ s. x = f xa"
    by auto
  {
    fix x y
    assume "x ∈ t" "y ∈ t" "f x = f y"
    then have "x ∈ f x"  "y ∈ f x ⟶ y = x"
      using f[THEN bspec[where x=x]] and ‹t ⊆ s› by auto
    then have "x = y"
      using ‹f x = f y› and f[THEN bspec[where x=y]] and ‹y ∈ t› and ‹t ⊆ s›
      by auto
  }
  then have "inj_on f t"
    unfolding inj_on_def by simp
  then have "infinite (f ` t)"
    using assms(2) using finite_imageD by auto
  moreover
  {
    fix x
    assume "x ∈ t" "f x ∉ g"
    from g(3) assms(3) ‹x ∈ t› obtain h where "h ∈ g" and "x ∈ h"
      by auto
    then obtain y where "y ∈ s" "h = f y"
      using g'[THEN bspec[where x=h]] by auto
    then have "y = x"
      using f[THEN bspec[where x=y]] and ‹x∈t› and ‹x∈h›[unfolded ‹h = f y›]
      by auto
    then have False
      using ‹f x ∉ g› ‹h ∈ g› unfolding ‹h = f y›
      by auto
  }
  then have "f ` t ⊆ g" by auto
  ultimately show False
    using g(2) using finite_subset by auto
qed

lemma acc_point_range_imp_convergent_subsequence:
  fixes l :: "'a :: first_countable_topology"
  assumes l: "∀U. l∈U ⟶ open U ⟶ infinite (U ∩ range f)"
  shows "∃r. subseq r ∧ (f ∘ r) ⇢ l"
proof -
  from countable_basis_at_decseq[of l]
  obtain A where A:
      "⋀i. open (A i)"
      "⋀i. l ∈ A i"
      "⋀S. open S ⟹ l ∈ S ⟹ eventually (λi. A i ⊆ S) sequentially"
    by blast
  def s  "λn i. SOME j. i < j ∧ f j ∈ A (Suc n)"
  {
    fix n i
    have "infinite (A (Suc n) ∩ range f - f`{.. i})"
      using l A by auto
    then have "∃x. x ∈ A (Suc n) ∩ range f - f`{.. i}"
      unfolding ex_in_conv by (intro notI) simp
    then have "∃j. f j ∈ A (Suc n) ∧ j ∉ {.. i}"
      by auto
    then have "∃a. i < a ∧ f a ∈ A (Suc n)"
      by (auto simp: not_le)
    then have "i < s n i" "f (s n i) ∈ A (Suc n)"
      unfolding s_def by (auto intro: someI2_ex)
  }
  note s = this
  def r  "rec_nat (s 0 0) s"
  have "subseq r"
    by (auto simp: r_def s subseq_Suc_iff)
  moreover
  have "(λn. f (r n)) ⇢ l"
  proof (rule topological_tendstoI)
    fix S
    assume "open S" "l ∈ S"
    with A(3) have "eventually (λi. A i ⊆ S) sequentially"
      by auto
    moreover
    {
      fix i
      assume "Suc 0 ≤ i"
      then have "f (r i) ∈ A i"
        by (cases i) (simp_all add: r_def s)
    }
    then have "eventually (λi. f (r i) ∈ A i) sequentially"
      by (auto simp: eventually_sequentially)
    ultimately show "eventually (λi. f (r i) ∈ S) sequentially"
      by eventually_elim auto
  qed
  ultimately show "∃r. subseq r ∧ (f ∘ r) ⇢ l"
    by (auto simp: convergent_def comp_def)
qed

lemma sequence_infinite_lemma:
  fixes f :: "nat ⇒ 'a::t1_space"
  assumes "∀n. f n ≠ l"
    and "(f ⤏ l) sequentially"
  shows "infinite (range f)"
proof
  assume "finite (range f)"
  then have "closed (range f)"
    by (rule finite_imp_closed)
  then have "open (- range f)"
    by (rule open_Compl)
  from assms(1) have "l ∈ - range f"
    by auto
  from assms(2) have "eventually (λn. f n ∈ - range f) sequentially"
    using ‹open (- range f)› ‹l ∈ - range f›
    by (rule topological_tendstoD)
  then show False
    unfolding eventually_sequentially
    by auto
qed

lemma closure_insert:
  fixes x :: "'a::t1_space"
  shows "closure (insert x s) = insert x (closure s)"
  apply (rule closure_unique)
  apply (rule insert_mono [OF closure_subset])
  apply (rule closed_insert [OF closed_closure])
  apply (simp add: closure_minimal)
  done

lemma islimpt_insert:
  fixes x :: "'a::t1_space"
  shows "x islimpt (insert a s) ⟷ x islimpt s"
proof
  assume *: "x islimpt (insert a s)"
  show "x islimpt s"
  proof (rule islimptI)
    fix t
    assume t: "x ∈ t" "open t"
    show "∃y∈s. y ∈ t ∧ y ≠ x"
    proof (cases "x = a")
      case True
      obtain y where "y ∈ insert a s" "y ∈ t" "y ≠ x"
        using * t by (rule islimptE)
      with ‹x = a› show ?thesis by auto
    next
      case False
      with t have t': "x ∈ t - {a}" "open (t - {a})"
        by (simp_all add: open_Diff)
      obtain y where "y ∈ insert a s" "y ∈ t - {a}" "y ≠ x"
        using * t' by (rule islimptE)
      then show ?thesis by auto
    qed
  qed
next
  assume "x islimpt s"
  then show "x islimpt (insert a s)"
    by (rule islimpt_subset) auto
qed

lemma islimpt_finite:
  fixes x :: "'a::t1_space"
  shows "finite s ⟹ ¬ x islimpt s"
  by (induct set: finite) (simp_all add: islimpt_insert)

lemma islimpt_union_finite:
  fixes x :: "'a::t1_space"
  shows "finite s ⟹ x islimpt (s ∪ t) ⟷ x islimpt t"
  by (simp add: islimpt_Un islimpt_finite)

lemma islimpt_eq_acc_point:
  fixes l :: "'a :: t1_space"
  shows "l islimpt S ⟷ (∀U. l∈U ⟶ open U ⟶ infinite (U ∩ S))"
proof (safe intro!: islimptI)
  fix U
  assume "l islimpt S" "l ∈ U" "open U" "finite (U ∩ S)"
  then have "l islimpt S" "l ∈ (U - (U ∩ S - {l}))" "open (U - (U ∩ S - {l}))"
    by (auto intro: finite_imp_closed)
  then show False
    by (rule islimptE) auto
next
  fix T
  assume *: "∀U. l∈U ⟶ open U ⟶ infinite (U ∩ S)" "l ∈ T" "open T"
  then have "infinite (T ∩ S - {l})"
    by auto
  then have "∃x. x ∈ (T ∩ S - {l})"
    unfolding ex_in_conv by (intro notI) simp
  then show "∃y∈S. y ∈ T ∧ y ≠ l"
    by auto
qed

lemma islimpt_range_imp_convergent_subsequence:
  fixes l :: "'a :: {t1_space, first_countable_topology}"
  assumes l: "l islimpt (range f)"
  shows "∃r. subseq r ∧ (f ∘ r) ⇢ l"
  using l unfolding islimpt_eq_acc_point
  by (rule acc_point_range_imp_convergent_subsequence)

lemma sequence_unique_limpt:
  fixes f :: "nat ⇒ 'a::t2_space"
  assumes "(f ⤏ l) sequentially"
    and "l' islimpt (range f)"
  shows "l' = l"
proof (rule ccontr)
  assume "l' ≠ l"
  obtain s t where "open s" "open t" "l' ∈ s" "l ∈ t" "s ∩ t = {}"
    using hausdorff [OF ‹l' ≠ l›] by auto
  have "eventually (λn. f n ∈ t) sequentially"
    using assms(1) ‹open t› ‹l ∈ t› by (rule topological_tendstoD)
  then obtain N where "∀n≥N. f n ∈ t"
    unfolding eventually_sequentially by auto

  have "UNIV = {..<N} ∪ {N..}"
    by auto
  then have "l' islimpt (f ` ({..<N} ∪ {N..}))"
    using assms(2) by simp
  then have "l' islimpt (f ` {..<N} ∪ f ` {N..})"
    by (simp add: image_Un)
  then have "l' islimpt (f ` {N..})"
    by (simp add: islimpt_union_finite)
  then obtain y where "y ∈ f ` {N..}" "y ∈ s" "y ≠ l'"
    using ‹l' ∈ s› ‹open s› by (rule islimptE)
  then obtain n where "N ≤ n" "f n ∈ s" "f n ≠ l'"
    by auto
  with ‹∀n≥N. f n ∈ t› have "f n ∈ s ∩ t"
    by simp
  with ‹s ∩ t = {}› show False
    by simp
qed

lemma bolzano_weierstrass_imp_closed:
  fixes s :: "'a::{first_countable_topology,t2_space} set"
  assumes "∀t. infinite t ∧ t ⊆ s --> (∃x ∈ s. x islimpt t)"
  shows "closed s"
proof -
  {
    fix x l
    assume as: "∀n::nat. x n ∈ s" "(x ⤏ l) sequentially"
    then have "l ∈ s"
    proof (cases "∀n. x n ≠ l")
      case False
      then show "l∈s" using as(1) by auto
    next
      case True note cas = this
      with as(2) have "infinite (range x)"
        using sequence_infinite_lemma[of x l] by auto
      then obtain l' where "l'∈s" "l' islimpt (range x)"
        using assms[THEN spec[where x="range x"]] as(1) by auto
      then show "l∈s" using sequence_unique_limpt[of x l l']
        using as cas by auto
    qed
  }
  then show ?thesis
    unfolding closed_sequential_limits by fast
qed

lemma compact_imp_bounded:
  assumes "compact U"
  shows "bounded U"
proof -
  have "compact U" "∀x∈U. open (ball x 1)" "U ⊆ (⋃x∈U. ball x 1)"
    using assms by auto
  then obtain D where D: "D ⊆ U" "finite D" "U ⊆ (⋃x∈D. ball x 1)"
    by (rule compactE_image)
  from ‹finite D› have "bounded (⋃x∈D. ball x 1)"
    by (simp add: bounded_UN)
  then show "bounded U" using ‹U ⊆ (⋃x∈D. ball x 1)›
    by (rule bounded_subset)
qed

text‹In particular, some common special cases.›

lemma compact_union [intro]:
  assumes "compact s"
    and "compact t"
  shows " compact (s ∪ t)"
proof (rule compactI)
  fix f
  assume *: "Ball f open" "s ∪ t ⊆ ⋃f"
  from * ‹compact s› obtain s' where "s' ⊆ f ∧ finite s' ∧ s ⊆ ⋃s'"
    unfolding compact_eq_heine_borel by (auto elim!: allE[of _ f])
  moreover
  from * ‹compact t› obtain t' where "t' ⊆ f ∧ finite t' ∧ t ⊆ ⋃t'"
    unfolding compact_eq_heine_borel by (auto elim!: allE[of _ f])
  ultimately show "∃f'⊆f. finite f' ∧ s ∪ t ⊆ ⋃f'"
    by (auto intro!: exI[of _ "s' ∪ t'"])
qed

lemma compact_Union [intro]: "finite S ⟹ (⋀T. T ∈ S ⟹ compact T) ⟹ compact (⋃S)"
  by (induct set: finite) auto

lemma compact_UN [intro]:
  "finite A ⟹ (⋀x. x ∈ A ⟹ compact (B x)) ⟹ compact (⋃x∈A. B x)"
  unfolding SUP_def by (rule compact_Union) auto

lemma closed_inter_compact [intro]:
  assumes "closed s"
    and "compact t"
  shows "compact (s ∩ t)"
  using compact_inter_closed [of t s] assms
  by (simp add: Int_commute)

lemma compact_inter [intro]:
  fixes s t :: "'a :: t2_space set"
  assumes "compact s"
    and "compact t"
  shows "compact (s ∩ t)"
  using assms by (intro compact_inter_closed compact_imp_closed)

lemma compact_sing [simp]: "compact {a}"
  unfolding compact_eq_heine_borel by auto

lemma compact_insert [simp]:
  assumes "compact s"
  shows "compact (insert x s)"
proof -
  have "compact ({x} ∪ s)"
    using compact_sing assms by (rule compact_union)
  then show ?thesis by simp
qed

lemma finite_imp_compact: "finite s ⟹ compact s"
  by (induct set: finite) simp_all

lemma open_delete:
  fixes s :: "'a::t1_space set"
  shows "open s ⟹ open (s - {x})"
  by (simp add: open_Diff)

text‹Compactness expressed with filters›

lemma closure_iff_nhds_not_empty:
  "x ∈ closure X ⟷ (∀A. ∀S⊆A. open S ⟶ x ∈ S ⟶ X ∩ A ≠ {})"
proof safe
  assume x: "x ∈ closure X"
  fix S A
  assume "open S" "x ∈ S" "X ∩ A = {}" "S ⊆ A"
  then have "x ∉ closure (-S)"
    by (auto simp: closure_complement subset_eq[symmetric] intro: interiorI)
  with x have "x ∈ closure X - closure (-S)"
    by auto
  also have "… ⊆ closure (X ∩ S)"
    using ‹open S› open_inter_closure_subset[of S X] by (simp add: closed_Compl ac_simps)
  finally have "X ∩ S ≠ {}" by auto
  then show False using ‹X ∩ A = {}› ‹S ⊆ A› by auto
next
  assume "∀A S. S ⊆ A ⟶ open S ⟶ x ∈ S ⟶ X ∩ A ≠ {}"
  from this[THEN spec, of "- X", THEN spec, of "- closure X"]
  show "x ∈ closure X"
    by (simp add: closure_subset open_Compl)
qed

lemma compact_filter:
  "compact U ⟷ (∀F. F ≠ bot ⟶ eventually (λx. x ∈ U) F ⟶ (∃x∈U. inf (nhds x) F ≠ bot))"
proof (intro allI iffI impI compact_fip[THEN iffD2] notI)
  fix F
  assume "compact U"
  assume F: "F ≠ bot" "eventually (λx. x ∈ U) F"
  then have "U ≠ {}"
    by (auto simp: eventually_False)

  def Z  "closure ` {A. eventually (λx. x ∈ A) F}"
  then have "∀z∈Z. closed z"
    by auto
  moreover
  have ev_Z: "⋀z. z ∈ Z ⟹ eventually (λx. x ∈ z) F"
    unfolding Z_def by (auto elim: eventually_mono intro: set_mp[OF closure_subset])
  have "(∀B ⊆ Z. finite B ⟶ U ∩ ⋂B ≠ {})"
  proof (intro allI impI)
    fix B assume "finite B" "B ⊆ Z"
    with ‹finite B› ev_Z F(2) have "eventually (λx. x ∈ U ∩ (⋂B)) F"
      by (auto simp: eventually_ball_finite_distrib eventually_conj_iff)
    with F show "U ∩ ⋂B ≠ {}"
      by (intro notI) (simp add: eventually_False)
  qed
  ultimately have "U ∩ ⋂Z ≠ {}"
    using ‹compact U› unfolding compact_fip by blast
  then obtain x where "x ∈ U" and x: "⋀z. z ∈ Z ⟹ x ∈ z"
    by auto

  have "⋀P. eventually P (inf (nhds x) F) ⟹ P ≠ bot"
    unfolding eventually_inf eventually_nhds
  proof safe
    fix P Q R S
    assume "eventually R F" "open S" "x ∈ S"
    with open_inter_closure_eq_empty[of S "{x. R x}"] x[of "closure {x. R x}"]
    have "S ∩ {x. R x} ≠ {}" by (auto simp: Z_def)
    moreover assume "Ball S Q" "∀x. Q x ∧ R x ⟶ bot x"
    ultimately show False by (auto simp: set_eq_iff)
  qed
  with ‹x ∈ U› show "∃x∈U. inf (nhds x) F ≠ bot"
    by (metis eventually_bot)
next
  fix A
  assume A: "∀a∈A. closed a" "∀B⊆A. finite B ⟶ U ∩ ⋂B ≠ {}" "U ∩ ⋂A = {}"
  def F  "INF a:insert U A. principal a"
  have "F ≠ bot"
    unfolding F_def
  proof (rule INF_filter_not_bot)
    fix X assume "X ⊆ insert U A" "finite X"
    moreover with A(2)[THEN spec, of "X - {U}"] have "U ∩ ⋂(X - {U}) ≠ {}"
      by auto
    ultimately show "(INF a:X. principal a) ≠ bot"
      by (auto simp add: INF_principal_finite principal_eq_bot_iff)
  qed
  moreover
  have "F ≤ principal U"
    unfolding F_def by auto
  then have "eventually (λx. x ∈ U) F"
    by (auto simp: le_filter_def eventually_principal)
  moreover
  assume "∀F. F ≠ bot ⟶ eventually (λx. x ∈ U) F ⟶ (∃x∈U. inf (nhds x) F ≠ bot)"
  ultimately obtain x where "x ∈ U" and x: "inf (nhds x) F ≠ bot"
    by auto

  { fix V assume "V ∈ A"
    then have "F ≤ principal V"
      unfolding F_def by (intro INF_lower2[of V]) auto
    then have V: "eventually (λx. x ∈ V) F"
      by (auto simp: le_filter_def eventually_principal)
    have "x ∈ closure V"
      unfolding closure_iff_nhds_not_empty
    proof (intro impI allI)
      fix S A
      assume "open S" "x ∈ S" "S ⊆ A"
      then have "eventually (λx. x ∈ A) (nhds x)"
        by (auto simp: eventually_nhds)
      with V have "eventually (λx. x ∈ V ∩ A) (inf (nhds x) F)"
        by (auto simp: eventually_inf)
      with x show "V ∩ A ≠ {}"
        by (auto simp del: Int_iff simp add: trivial_limit_def)
    qed
    then have "x ∈ V"
      using ‹V ∈ A› A(1) by simp
  }
  with ‹x∈U› have "x ∈ U ∩ ⋂A" by auto
  with ‹U ∩ ⋂A = {}› show False by auto
qed

definition "countably_compact U ⟷
    (∀A. countable A ⟶ (∀a∈A. open a) ⟶ U ⊆ ⋃A ⟶ (∃T⊆A. finite T ∧ U ⊆ ⋃T))"

lemma countably_compactE:
  assumes "countably_compact s" and "∀t∈C. open t" and "s ⊆ ⋃C" "countable C"
  obtains C' where "C' ⊆ C" and "finite C'" and "s ⊆ ⋃C'"
  using assms unfolding countably_compact_def by metis

lemma countably_compactI:
  assumes "⋀C. ∀t∈C. open t ⟹ s ⊆ ⋃C ⟹ countable C ⟹ (∃C'⊆C. finite C' ∧ s ⊆ ⋃C')"
  shows "countably_compact s"
  using assms unfolding countably_compact_def by metis

lemma compact_imp_countably_compact: "compact U ⟹ countably_compact U"
  by (auto simp: compact_eq_heine_borel countably_compact_def)

lemma countably_compact_imp_compact:
  assumes "countably_compact U"
    and ccover: "countable B" "∀b∈B. open b"
    and basis: "⋀T x. open T ⟹ x ∈ T ⟹ x ∈ U ⟹ ∃b∈B. x ∈ b ∧ b ∩ U ⊆ T"
  shows "compact U"
  using ‹countably_compact U›
  unfolding compact_eq_heine_borel countably_compact_def
proof safe
  fix A
  assume A: "∀a∈A. open a" "U ⊆ ⋃A"
  assume *: "∀A. countable A ⟶ (∀a∈A. open a) ⟶ U ⊆ ⋃A ⟶ (∃T⊆A. finite T ∧ U ⊆ ⋃T)"

  moreover def C  "{b∈B. ∃a∈A. b ∩ U ⊆ a}"
  ultimately have "countable C" "∀a∈C. open a"
    unfolding C_def using ccover by auto
  moreover
  have "⋃A ∩ U ⊆ ⋃C"
  proof safe
    fix x a
    assume "x ∈ U" "x ∈ a" "a ∈ A"
    with basis[of a x] A obtain b where "b ∈ B" "x ∈ b" "b ∩ U ⊆ a"
      by blast
    with ‹a ∈ A› show "x ∈ ⋃C"
      unfolding C_def by auto
  qed
  then have "U ⊆ ⋃C" using ‹U ⊆ ⋃A› by auto
  ultimately obtain T where T: "T⊆C" "finite T" "U ⊆ ⋃T"
    using * by metis
  then have "∀t∈T. ∃a∈A. t ∩ U ⊆ a"
    by (auto simp: C_def)
  then obtain f where "∀t∈T. f t ∈ A ∧ t ∩ U ⊆ f t"
    unfolding bchoice_iff Bex_def ..
  with T show "∃T⊆A. finite T ∧ U ⊆ ⋃T"
    unfolding C_def by (intro exI[of _ "f`T"]) fastforce
qed

lemma countably_compact_imp_compact_second_countable:
  "countably_compact U ⟹ compact (U :: 'a :: second_countable_topology set)"
proof (rule countably_compact_imp_compact)
  fix T and x :: 'a
  assume "open T" "x ∈ T"
  from topological_basisE[OF is_basis this] obtain b where
    "b ∈ (SOME B. countable B ∧ topological_basis B)" "x ∈ b" "b ⊆ T" .
  then show "∃b∈SOME B. countable B ∧ topological_basis B. x ∈ b ∧ b ∩ U ⊆ T"
    by blast
qed (insert countable_basis topological_basis_open[OF is_basis], auto)

lemma countably_compact_eq_compact:
  "countably_compact U ⟷ compact (U :: 'a :: second_countable_topology set)"
  using countably_compact_imp_compact_second_countable compact_imp_countably_compact by blast

subsubsection‹Sequential compactness›

definition seq_compact :: "'a::topological_space set ⇒ bool"
  where "seq_compact S ⟷
    (∀f. (∀n. f n ∈ S) ⟶ (∃l∈S. ∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially))"

lemma seq_compactI:
  assumes "⋀f. ∀n. f n ∈ S ⟹ ∃l∈S. ∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially"
  shows "seq_compact S"
  unfolding seq_compact_def using assms by fast

lemma seq_compactE:
  assumes "seq_compact S" "∀n. f n ∈ S"
  obtains l r where "l ∈ S" "subseq r" "((f ∘ r) ⤏ l) sequentially"
  using assms unfolding seq_compact_def by fast

lemma closed_sequentially: (* TODO: move upwards *)
  assumes "closed s" and "∀n. f n ∈ s" and "f ⇢ l"
  shows "l ∈ s"
proof (rule ccontr)
  assume "l ∉ s"
  with ‹closed s› and ‹f ⇢ l› have "eventually (λn. f n ∈ - s) sequentially"
    by (fast intro: topological_tendstoD)
  with ‹∀n. f n ∈ s› show "False"
    by simp
qed

lemma seq_compact_inter_closed:
  assumes "seq_compact s" and "closed t"
  shows "seq_compact (s ∩ t)"
proof (rule seq_compactI)
  fix f assume "∀n::nat. f n ∈ s ∩ t"
  hence "∀n. f n ∈ s" and "∀n. f n ∈ t"
    by simp_all
  from ‹seq_compact s› and ‹∀n. f n ∈ s›
  obtain l r where "l ∈ s" and r: "subseq r" and l: "(f ∘ r) ⇢ l"
    by (rule seq_compactE)
  from ‹∀n. f n ∈ t› have "∀n. (f ∘ r) n ∈ t"
    by simp
  from ‹closed t› and this and l have "l ∈ t"
    by (rule closed_sequentially)
  with ‹l ∈ s› and r and l show "∃l∈s ∩ t. ∃r. subseq r ∧ (f ∘ r) ⇢ l"
    by fast
qed

lemma seq_compact_closed_subset:
  assumes "closed s" and "s ⊆ t" and "seq_compact t"
  shows "seq_compact s"
  using assms seq_compact_inter_closed [of t s] by (simp add: Int_absorb1)

lemma seq_compact_imp_countably_compact:
  fixes U :: "'a :: first_countable_topology set"
  assumes "seq_compact U"
  shows "countably_compact U"
proof (safe intro!: countably_compactI)
  fix A
  assume A: "∀a∈A. open a" "U ⊆ ⋃A" "countable A"
  have subseq: "⋀X. range X ⊆ U ⟹ ∃r x. x ∈ U ∧ subseq r ∧ (X ∘ r) ⇢ x"
    using ‹seq_compact U› by (fastforce simp: seq_compact_def subset_eq)
  show "∃T⊆A. finite T ∧ U ⊆ ⋃T"
  proof cases
    assume "finite A"
    with A show ?thesis by auto
  next
    assume "infinite A"
    then have "A ≠ {}" by auto
    show ?thesis
    proof (rule ccontr)
      assume "¬ (∃T⊆A. finite T ∧ U ⊆ ⋃T)"
      then have "∀T. ∃x. T ⊆ A ∧ finite T ⟶ (x ∈ U - ⋃T)"
        by auto
      then obtain X' where T: "⋀T. T ⊆ A ⟹ finite T ⟹ X' T ∈ U - ⋃T"
        by metis
      def X  "λn. X' (from_nat_into A ` {.. n})"
      have X: "⋀n. X n ∈ U - (⋃i≤n. from_nat_into A i)"
        using ‹A ≠ {}› unfolding X_def SUP_def by (intro T) (auto intro: from_nat_into)
      then have "range X ⊆ U"
        by auto
      with subseq[of X] obtain r x where "x ∈ U" and r: "subseq r" "(X ∘ r) ⇢ x"
        by auto
      from ‹x∈U› ‹U ⊆ ⋃A› from_nat_into_surj[OF ‹countable A›]
      obtain n where "x ∈ from_nat_into A n" by auto
      with r(2) A(1) from_nat_into[OF ‹A ≠ {}›, of n]
      have "eventually (λi. X (r i) ∈ from_nat_into A n) sequentially"
        unfolding tendsto_def by (auto simp: comp_def)
      then obtain N where "⋀i. N ≤ i ⟹ X (r i) ∈ from_nat_into A n"
        by (auto simp: eventually_sequentially)
      moreover from X have "⋀i. n ≤ r i ⟹ X (r i) ∉ from_nat_into A n"
        by auto
      moreover from ‹subseq r›[THEN seq_suble, of "max n N"] have "∃i. n ≤ r i ∧ N ≤ i"
        by (auto intro!: exI[of _ "max n N"])
      ultimately show False
        by auto
    qed
  qed
qed

lemma compact_imp_seq_compact:
  fixes U :: "'a :: first_countable_topology set"
  assumes "compact U"
  shows "seq_compact U"
  unfolding seq_compact_def
proof safe
  fix X :: "nat ⇒ 'a"
  assume "∀n. X n ∈ U"
  then have "eventually (λx. x ∈ U) (filtermap X sequentially)"
    by (auto simp: eventually_filtermap)
  moreover
  have "filtermap X sequentially ≠ bot"
    by (simp add: trivial_limit_def eventually_filtermap)
  ultimately
  obtain x where "x ∈ U" and x: "inf (nhds x) (filtermap X sequentially) ≠ bot" (is "?F ≠ _")
    using ‹compact U› by (auto simp: compact_filter)

  from countable_basis_at_decseq[of x]
  obtain A where A:
      "⋀i. open (A i)"
      "⋀i. x ∈ A i"
      "⋀S. open S ⟹ x ∈ S ⟹ eventually (λi. A i ⊆ S) sequentially"
    by blast
  def s  "λn i. SOME j. i < j ∧ X j ∈ A (Suc n)"
  {
    fix n i
    have "∃a. i < a ∧ X a ∈ A (Suc n)"
    proof (rule ccontr)
      assume "¬ (∃a>i. X a ∈ A (Suc n))"
      then have "⋀a. Suc i ≤ a ⟹ X a ∉ A (Suc n)"
        by auto
      then have "eventually (λx. x ∉ A (Suc n)) (filtermap X sequentially)"
        by (auto simp: eventually_filtermap eventually_sequentially)
      moreover have "eventually (λx. x ∈ A (Suc n)) (nhds x)"
        using A(1,2)[of "Suc n"] by (auto simp: eventually_nhds)
      ultimately have "eventually (λx. False) ?F"
        by (auto simp add: eventually_inf)
      with x show False
        by (simp add: eventually_False)
    qed
    then have "i < s n i" "X (s n i) ∈ A (Suc n)"
      unfolding s_def by (auto intro: someI2_ex)
  }
  note s = this
  def r  "rec_nat (s 0 0) s"
  have "subseq r"
    by (auto simp: r_def s subseq_Suc_iff)
  moreover
  have "(λn. X (r n)) ⇢ x"
  proof (rule topological_tendstoI)
    fix S
    assume "open S" "x ∈ S"
    with A(3) have "eventually (λi. A i ⊆ S) sequentially"
      by auto
    moreover
    {
      fix i
      assume "Suc 0 ≤ i"
      then have "X (r i) ∈ A i"
        by (cases i) (simp_all add: r_def s)
    }
    then have "eventually (λi. X (r i) ∈ A i) sequentially"
      by (auto simp: eventually_sequentially)
    ultimately show "eventually (λi. X (r i) ∈ S) sequentially"
      by eventually_elim auto
  qed
  ultimately show "∃x ∈ U. ∃r. subseq r ∧ (X ∘ r) ⇢ x"
    using ‹x ∈ U› by (auto simp: convergent_def comp_def)
qed

lemma countably_compact_imp_acc_point:
  assumes "countably_compact s"
    and "countable t"
    and "infinite t"
    and "t ⊆ s"
  shows "∃x∈s. ∀U. x∈U ∧ open U ⟶ infinite (U ∩ t)"
proof (rule ccontr)
  def C  "(λF. interior (F ∪ (- t))) ` {F. finite F ∧ F ⊆ t }"
  note ‹countably_compact s›
  moreover have "∀t∈C. open t"
    by (auto simp: C_def)
  moreover
  assume "¬ (∃x∈s. ∀U. x∈U ∧ open U ⟶ infinite (U ∩ t))"
  then have s: "⋀x. x ∈ s ⟹ ∃U. x∈U ∧ open U ∧ finite (U ∩ t)" by metis
  have "s ⊆ ⋃C"
    using ‹t ⊆ s›
    unfolding C_def Union_image_eq
    apply (safe dest!: s)
    apply (rule_tac a="U ∩ t" in UN_I)
    apply (auto intro!: interiorI simp add: finite_subset)
    done
  moreover
  from ‹countable t› have "countable C"
    unfolding C_def by (auto intro: countable_Collect_finite_subset)
  ultimately
  obtain D where "D ⊆ C" "finite D" "s ⊆ ⋃D"
    by (rule countably_compactE)
  then obtain E where E: "E ⊆ {F. finite F ∧ F ⊆ t }" "finite E"
    and s: "s ⊆ (⋃F∈E. interior (F ∪ (- t)))"
    by (metis (lifting) Union_image_eq finite_subset_image C_def)
  from s ‹t ⊆ s› have "t ⊆ ⋃E"
    using interior_subset by blast
  moreover have "finite (⋃E)"
    using E by auto
  ultimately show False using ‹infinite t›
    by (auto simp: finite_subset)
qed

lemma countable_acc_point_imp_seq_compact:
  fixes s :: "'a::first_countable_topology set"
  assumes "∀t. infinite t ∧ countable t ∧ t ⊆ s ⟶
    (∃x∈s. ∀U. x∈U ∧ open U ⟶ infinite (U ∩ t))"
  shows "seq_compact s"
proof -
  {
    fix f :: "nat ⇒ 'a"
    assume f: "∀n. f n ∈ s"
    have "∃l∈s. ∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially"
    proof (cases "finite (range f)")
      case True
      obtain l where "infinite {n. f n = f l}"
        using pigeonhole_infinite[OF _ True] by auto
      then obtain r where "subseq r" and fr: "∀n. f (r n) = f l"
        using infinite_enumerate by blast
      then have "subseq r ∧ (f ∘ r) ⇢ f l"
        by (simp add: fr o_def)
      with f show "∃l∈s. ∃r. subseq r ∧ (f ∘ r) ⇢ l"
        by auto
    next
      case False
      with f assms have "∃x∈s. ∀U. x∈U ∧ open U ⟶ infinite (U ∩ range f)"
        by auto
      then obtain l where "l ∈ s" "∀U. l∈U ∧ open U ⟶ infinite (U ∩ range f)" ..
      from this(2) have "∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially"
        using acc_point_range_imp_convergent_subsequence[of l f] by auto
      with ‹l ∈ s› show "∃l∈s. ∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially" ..
    qed
  }
  then show ?thesis
    unfolding seq_compact_def by auto
qed

lemma seq_compact_eq_countably_compact:
  fixes U :: "'a :: first_countable_topology set"
  shows "seq_compact U ⟷ countably_compact U"
  using
    countable_acc_point_imp_seq_compact
    countably_compact_imp_acc_point
    seq_compact_imp_countably_compact
  by metis

lemma seq_compact_eq_acc_point:
  fixes s :: "'a :: first_countable_topology set"
  shows "seq_compact s ⟷
    (∀t. infinite t ∧ countable t ∧ t ⊆ s --> (∃x∈s. ∀U. x∈U ∧ open U ⟶ infinite (U ∩ t)))"
  using
    countable_acc_point_imp_seq_compact[of s]
    countably_compact_imp_acc_point[of s]
    seq_compact_imp_countably_compact[of s]
  by metis

lemma seq_compact_eq_compact:
  fixes U :: "'a :: second_countable_topology set"
  shows "seq_compact U ⟷ compact U"
  using seq_compact_eq_countably_compact countably_compact_eq_compact by blast

lemma bolzano_weierstrass_imp_seq_compact:
  fixes s :: "'a::{t1_space, first_countable_topology} set"
  shows "∀t. infinite t ∧ t ⊆ s --> (∃x ∈ s. x islimpt t) ⟹ seq_compact s"
  by (rule countable_acc_point_imp_seq_compact) (metis islimpt_eq_acc_point)

subsubsection‹Totally bounded›

lemma cauchy_def: "Cauchy s ⟷ (∀e>0. ∃N. ∀m n. m ≥ N ∧ n ≥ N --> dist(s m)(s n) < e)"
  unfolding Cauchy_def by metis

lemma seq_compact_imp_totally_bounded:
  assumes "seq_compact s"
  shows "∀e>0. ∃k. finite k ∧ k ⊆ s ∧ s ⊆ (⋃x∈k. ball x e)"
proof -
  { fix e::real assume "e > 0" assume *: "⋀k. finite k ⟹ k ⊆ s ⟹ ¬ s ⊆ (⋃x∈k. ball x e)"
    let ?Q = "λx n r. r ∈ s ∧ (∀m < (n::nat). ¬ (dist (x m) r < e))"
    have "∃x. ∀n::nat. ?Q x n (x n)"
    proof (rule dependent_wellorder_choice)
      fix n x assume "⋀y. y < n ⟹ ?Q x y (x y)"
      then have "¬ s ⊆ (⋃x∈x ` {0..<n}. ball x e)"
        using *[of "x ` {0 ..< n}"] by (auto simp: subset_eq)
      then obtain z where z:"z∈s" "z ∉ (⋃x∈x ` {0..<n}. ball x e)"
        unfolding subset_eq by auto
      show "∃r. ?Q x n r"
        using z by auto
    qed simp
    then obtain x where "∀n::nat. x n ∈ s" and x:"⋀n m. m < n ⟹ ¬ (dist (x m) (x n) < e)"
      by blast
    then obtain l r where "l ∈ s" and r:"subseq r" and "((x ∘ r) ⤏ l) sequentially"
      using assms by (metis seq_compact_def)
    from this(3) have "Cauchy (x ∘ r)"
      using LIMSEQ_imp_Cauchy by auto
    then obtain N::nat where "⋀m n. N ≤ m ⟹ N ≤ n ⟹ dist ((x ∘ r) m) ((x ∘ r) n) < e"
      unfolding cauchy_def using ‹e > 0› by blast
    then have False
      using x[of "r N" "r (N+1)"] r by (auto simp: subseq_def) }
  then show ?thesis
    by metis
qed

subsubsection‹Heine-Borel theorem›

lemma seq_compact_imp_heine_borel:
  fixes s :: "'a :: metric_space set"
  assumes "seq_compact s"
  shows "compact s"
proof -
  from seq_compact_imp_totally_bounded[OF ‹seq_compact s›]
  obtain f where f: "∀e>0. finite (f e) ∧ f e ⊆ s ∧ s ⊆ (⋃x∈f e. ball x e)"
    unfolding choice_iff' ..
  def K  "(λ(x, r). ball x r) ` ((⋃e ∈ ℚ ∩ {0 <..}. f e) × ℚ)"
  have "countably_compact s"
    using ‹seq_compact s› by (rule seq_compact_imp_countably_compact)
  then show "compact s"
  proof (rule countably_compact_imp_compact)
    show "countable K"
      unfolding K_def using f
      by (auto intro: countable_finite countable_subset countable_rat
               intro!: countable_image countable_SIGMA countable_UN)
    show "∀b∈K. open b" by (auto simp: K_def)
  next
    fix T x
    assume T: "open T" "x ∈ T" and x: "x ∈ s"
    from openE[OF T] obtain e where "0 < e" "ball x e ⊆ T"
      by auto
    then have "0 < e / 2" "ball x (e / 2) ⊆ T"
      by auto
    from Rats_dense_in_real[OF ‹0 < e / 2›] obtain r where "r ∈ ℚ" "0 < r" "r < e / 2"
      by auto
    from f[rule_format, of r] ‹0 < r› ‹x ∈ s› obtain k where "k ∈ f r" "x ∈ ball k r"
      unfolding Union_image_eq by auto
    from ‹r ∈ ℚ› ‹0 < r› ‹k ∈ f r› have "ball k r ∈ K"
      by (auto simp: K_def)
    then show "∃b∈K. x ∈ b ∧ b ∩ s ⊆ T"
    proof (rule bexI[rotated], safe)
      fix y
      assume "y ∈ ball k r"
      with ‹r < e / 2› ‹x ∈ ball k r› have "dist x y < e"
        by (intro dist_double[where x = k and d=e]) (auto simp: dist_commute)
      with ‹ball x e ⊆ T› show "y ∈ T"
        by auto
    next
      show "x ∈ ball k r" by fact
    qed
  qed
qed

lemma compact_eq_seq_compact_metric:
  "compact (s :: 'a::metric_space set) ⟷ seq_compact s"
  using compact_imp_seq_compact seq_compact_imp_heine_borel by blast

lemma compact_def:
  "compact (S :: 'a::metric_space set) ⟷
   (∀f. (∀n. f n ∈ S) ⟶ (∃l∈S. ∃r. subseq r ∧ (f ∘ r) ⇢ l))"
  unfolding compact_eq_seq_compact_metric seq_compact_def by auto

subsubsection ‹Complete the chain of compactness variants›

lemma compact_eq_bolzano_weierstrass:
  fixes s :: "'a::metric_space set"
  shows "compact s ⟷ (∀t. infinite t ∧ t ⊆ s --> (∃x ∈ s. x islimpt t))"
  (is "?lhs = ?rhs")
proof
  assume ?lhs
  then show ?rhs
    using heine_borel_imp_bolzano_weierstrass[of s] by auto
next
  assume ?rhs
  then show ?lhs
    unfolding compact_eq_seq_compact_metric by (rule bolzano_weierstrass_imp_seq_compact)
qed

lemma bolzano_weierstrass_imp_bounded:
  "∀t. infinite t ∧ t ⊆ s ⟶ (∃x ∈ s. x islimpt t) ⟹ bounded s"
  using compact_imp_bounded unfolding compact_eq_bolzano_weierstrass .

subsection ‹Metric spaces with the Heine-Borel property›

text ‹
  A metric space (or topological vector space) is said to have the
  Heine-Borel property if every closed and bounded subset is compact.
›

class heine_borel = metric_space +
  assumes bounded_imp_convergent_subsequence:
    "bounded (range f) ⟹ ∃l r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially"

lemma bounded_closed_imp_seq_compact:
  fixes s::"'a::heine_borel set"
  assumes "bounded s"
    and "closed s"
  shows "seq_compact s"
proof (unfold seq_compact_def, clarify)
  fix f :: "nat ⇒ 'a"
  assume f: "∀n. f n ∈ s"
  with ‹bounded s› have "bounded (range f)"
    by (auto intro: bounded_subset)
  obtain l r where r: "subseq r" and l: "((f ∘ r) ⤏ l) sequentially"
    using bounded_imp_convergent_subsequence [OF ‹bounded (range f)›] by auto
  from f have fr: "∀n. (f ∘ r) n ∈ s"
    by simp
  have "l ∈ s" using ‹closed s› fr l
    by (rule closed_sequentially)
  show "∃l∈s. ∃r. subseq r ∧ ((f ∘ r) ⤏ l) sequentially"
    using ‹l ∈ s› r l by blast
qed

lemma compact_eq_bounded_closed:
  fixes s :: "'a::heine_borel set"
  shows "compact s ⟷ bounded s ∧ closed s"
  (is "?lhs = ?rhs")
proof
  assume ?lhs
  then show ?rhs
    using compact_imp_closed compact_imp_bounded
    by blast
next
  assume ?rhs
  then show ?lhs
    using bounded_closed_imp_seq_compact[of s]
    unfolding compact_eq_seq_compact_metric
    by auto
qed

lemma compact_components:
  fixes s :: "'a::heine_borel set"
  shows "⟦compact s; c ∈ components s⟧ ⟹ compact c"
by (meson bounded_subset closed_components in_components_subset compact_eq_bounded_closed)

(* TODO: is this lemma necessary? *)
lemma bounded_increasing_convergent:
  fixes s :: "nat ⇒ real"
  shows "bounded {s n| n. True} ⟹ ∀n. s n ≤ s (Suc n) ⟹ ∃l. s ⇢ l"
  using Bseq_mono_convergent[of s] incseq_Suc_iff[of s]
  by (auto simp: image_def Bseq_eq_bounded convergent_def incseq_def)

instance real :: heine_borel
proof
  fix f :: "nat ⇒ real"
  assume f: "bounded (range f)"
  obtain r where r: "subseq r" "monoseq (f ∘ r)"
    unfolding comp_def by (metis seq_monosub)
  then have "Bseq (f ∘ r)"
    unfolding Bseq_eq_bounded using f by (force intro: bounded_subset)
  with r show "∃l r. subseq r ∧ (f ∘ r) ⇢ l"
    using Bseq_monoseq_convergent[of "f ∘ r"] by (auto simp: convergent_def)
qed

lemma compact_lemma_general:
  fixes f :: "nat ⇒ 'a"
  fixes proj::"'a ⇒ 'b ⇒ 'c::heine_borel" (infixl "proj" 60)
  fixes unproj:: "('b ⇒ 'c) ⇒ 'a"
  assumes finite_basis: "finite basis"
  assumes bounded_proj: "⋀k. k ∈ basis ⟹ bounded ((λx. x proj k) ` range f)"
  assumes proj_unproj: "⋀e k. k ∈ basis ⟹ (unproj e) proj k = e k"
  assumes unproj_proj: "⋀x. unproj (λk. x proj k) = x"
  shows "∀d⊆basis. ∃l::'a. ∃ r.
    subseq r ∧ (∀e>0. eventually (λn. ∀i∈d. dist (f (r n) proj i) (l proj i) < e) sequentially)"
proof safe
  fix d :: "'b set"
  assume d: <