src/HOL/Quotient_Examples/FSet.thy
author griff
Tue Apr 03 17:45:06 2012 +0900 (2012-04-03)
changeset 47434 b75ce48a93ee
parent 47198 cfd8ff62eab1
child 47435 e1b761c216ac
permissions -rw-r--r--
dropped abbreviation "pred_comp"; introduced infix notation "P OO Q" for "relcompp P Q"
kaliszyk@36524
     1
(*  Title:      HOL/Quotient_Examples/FSet.thy
kaliszyk@36465
     2
    Author:     Cezary Kaliszyk, TU Munich
kaliszyk@36465
     3
    Author:     Christian Urban, TU Munich
kaliszyk@36280
     4
wenzelm@41467
     5
Type of finite sets.
kaliszyk@36280
     6
*)
kaliszyk@36465
     7
kaliszyk@36280
     8
theory FSet
haftmann@45994
     9
imports "~~/src/HOL/Library/Multiset" "~~/src/HOL/Library/Quotient_List"
kaliszyk@36280
    10
begin
kaliszyk@36280
    11
urbanc@40030
    12
text {* 
urbanc@40030
    13
  The type of finite sets is created by a quotient construction
urbanc@40030
    14
  over lists. The definition of the equivalence:
urbanc@40030
    15
*}
kaliszyk@36280
    16
haftmann@40467
    17
definition
kaliszyk@36280
    18
  list_eq :: "'a list \<Rightarrow> 'a list \<Rightarrow> bool" (infix "\<approx>" 50)
kaliszyk@36280
    19
where
haftmann@40952
    20
  [simp]: "xs \<approx> ys \<longleftrightarrow> set xs = set ys"
kaliszyk@36280
    21
haftmann@40822
    22
lemma list_eq_reflp:
haftmann@40822
    23
  "reflp list_eq"
haftmann@40822
    24
  by (auto intro: reflpI)
haftmann@40822
    25
haftmann@40822
    26
lemma list_eq_symp:
haftmann@40822
    27
  "symp list_eq"
haftmann@40822
    28
  by (auto intro: sympI)
haftmann@40822
    29
haftmann@40822
    30
lemma list_eq_transp:
haftmann@40822
    31
  "transp list_eq"
haftmann@40822
    32
  by (auto intro: transpI)
haftmann@40822
    33
kaliszyk@36280
    34
lemma list_eq_equivp:
haftmann@40822
    35
  "equivp list_eq"
haftmann@40822
    36
  by (auto intro: equivpI list_eq_reflp list_eq_symp list_eq_transp)
kaliszyk@36280
    37
haftmann@40688
    38
text {* The @{text fset} type *}
urbanc@40030
    39
kaliszyk@36280
    40
quotient_type
kaliszyk@36280
    41
  'a fset = "'a list" / "list_eq"
kaliszyk@36280
    42
  by (rule list_eq_equivp)
kaliszyk@36280
    43
urbanc@40030
    44
text {* 
haftmann@40953
    45
  Definitions for sublist, cardinality, 
urbanc@40030
    46
  intersection, difference and respectful fold over 
urbanc@40030
    47
  lists.
kaliszyk@39994
    48
*}
kaliszyk@36280
    49
haftmann@40953
    50
declare List.member_def [simp]
kaliszyk@36280
    51
urbanc@40034
    52
definition
kaliszyk@36280
    53
  sub_list :: "'a list \<Rightarrow> 'a list \<Rightarrow> bool"
urbanc@40030
    54
where 
urbanc@40034
    55
  [simp]: "sub_list xs ys \<longleftrightarrow> set xs \<subseteq> set ys"
kaliszyk@36280
    56
urbanc@40034
    57
definition
urbanc@40030
    58
  card_list :: "'a list \<Rightarrow> nat"
kaliszyk@36280
    59
where
urbanc@40034
    60
  [simp]: "card_list xs = card (set xs)"
kaliszyk@36675
    61
urbanc@40034
    62
definition
urbanc@40030
    63
  inter_list :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list"
kaliszyk@36675
    64
where
urbanc@40034
    65
  [simp]: "inter_list xs ys = [x \<leftarrow> xs. x \<in> set xs \<and> x \<in> set ys]"
urbanc@40030
    66
urbanc@40034
    67
definition
urbanc@40030
    68
  diff_list :: "'a list \<Rightarrow> 'a list \<Rightarrow> 'a list"
urbanc@40030
    69
where
urbanc@40034
    70
  [simp]: "diff_list xs ys = [x \<leftarrow> xs. x \<notin> set ys]"
kaliszyk@36280
    71
kaliszyk@36280
    72
definition
haftmann@40954
    73
  rsp_fold :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> bool"
kaliszyk@36280
    74
where
haftmann@40954
    75
  "rsp_fold f \<longleftrightarrow> (\<forall>u v. f u \<circ> f v = f v \<circ> f u)"
kaliszyk@36280
    76
haftmann@40961
    77
lemma rsp_foldI:
haftmann@40961
    78
  "(\<And>u v. f u \<circ> f v = f v \<circ> f u) \<Longrightarrow> rsp_fold f"
haftmann@40961
    79
  by (simp add: rsp_fold_def)
haftmann@40961
    80
haftmann@40961
    81
lemma rsp_foldE:
haftmann@40961
    82
  assumes "rsp_fold f"
haftmann@40961
    83
  obtains "f u \<circ> f v = f v \<circ> f u"
haftmann@40961
    84
  using assms by (simp add: rsp_fold_def)
haftmann@40961
    85
haftmann@40962
    86
definition
haftmann@40962
    87
  fold_once :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'a list \<Rightarrow> 'b \<Rightarrow> 'b"
kaliszyk@36280
    88
where
haftmann@40962
    89
  "fold_once f xs = (if rsp_fold f then fold f (remdups xs) else id)"
kaliszyk@36280
    90
haftmann@40962
    91
lemma fold_once_default [simp]:
haftmann@40962
    92
  "\<not> rsp_fold f \<Longrightarrow> fold_once f xs = id"
haftmann@40962
    93
  by (simp add: fold_once_def)
haftmann@40961
    94
haftmann@40962
    95
lemma fold_once_fold_remdups:
haftmann@40962
    96
  "rsp_fold f \<Longrightarrow> fold_once f xs = fold f (remdups xs)"
haftmann@40962
    97
  by (simp add: fold_once_def)
urbanc@40030
    98
urbanc@40030
    99
urbanc@40030
   100
section {* Quotient composition lemmas *}
kaliszyk@36280
   101
urbanc@40030
   102
lemma list_all2_refl':
urbanc@40030
   103
  assumes q: "equivp R"
urbanc@40030
   104
  shows "(list_all2 R) r r"
urbanc@40030
   105
  by (rule list_all2_refl) (metis equivp_def q)
kaliszyk@36280
   106
kaliszyk@36280
   107
lemma compose_list_refl:
urbanc@40030
   108
  assumes q: "equivp R"
urbanc@40030
   109
  shows "(list_all2 R OOO op \<approx>) r r"
kaliszyk@36280
   110
proof
kaliszyk@36465
   111
  have *: "r \<approx> r" by (rule equivp_reflp[OF fset_equivp])
urbanc@40030
   112
  show "list_all2 R r r" by (rule list_all2_refl'[OF q])
urbanc@40030
   113
  with * show "(op \<approx> OO list_all2 R) r r" ..
kaliszyk@36280
   114
qed
kaliszyk@36280
   115
urbanc@40030
   116
lemma map_list_eq_cong: "b \<approx> ba \<Longrightarrow> map f b \<approx> map f ba"
haftmann@40467
   117
  by (simp only: list_eq_def set_map)
kaliszyk@36280
   118
urbanc@40030
   119
lemma quotient_compose_list_g:
urbanc@40030
   120
  assumes q: "Quotient R Abs Rep"
urbanc@40030
   121
  and     e: "equivp R"
urbanc@40030
   122
  shows  "Quotient ((list_all2 R) OOO (op \<approx>))
urbanc@40030
   123
    (abs_fset \<circ> (map Abs)) ((map Rep) \<circ> rep_fset)"
urbanc@40030
   124
  unfolding Quotient_def comp_def
urbanc@40030
   125
proof (intro conjI allI)
urbanc@40030
   126
  fix a r s
urbanc@40030
   127
  show "abs_fset (map Abs (map Rep (rep_fset a))) = a"
haftmann@46663
   128
    by (simp add: abs_o_rep[OF q] Quotient_abs_rep[OF Quotient_fset] List.map.id)
urbanc@40030
   129
  have b: "list_all2 R (map Rep (rep_fset a)) (map Rep (rep_fset a))"
urbanc@40030
   130
    by (rule list_all2_refl'[OF e])
urbanc@40030
   131
  have c: "(op \<approx> OO list_all2 R) (map Rep (rep_fset a)) (map Rep (rep_fset a))"
urbanc@40030
   132
    by (rule, rule equivp_reflp[OF fset_equivp]) (rule b)
urbanc@40030
   133
  show "(list_all2 R OOO op \<approx>) (map Rep (rep_fset a)) (map Rep (rep_fset a))"
urbanc@40030
   134
    by (rule, rule list_all2_refl'[OF e]) (rule c)
urbanc@40030
   135
  show "(list_all2 R OOO op \<approx>) r s = ((list_all2 R OOO op \<approx>) r r \<and>
urbanc@40030
   136
        (list_all2 R OOO op \<approx>) s s \<and> abs_fset (map Abs r) = abs_fset (map Abs s))"
urbanc@40030
   137
  proof (intro iffI conjI)
urbanc@40030
   138
    show "(list_all2 R OOO op \<approx>) r r" by (rule compose_list_refl[OF e])
urbanc@40030
   139
    show "(list_all2 R OOO op \<approx>) s s" by (rule compose_list_refl[OF e])
urbanc@40030
   140
  next
urbanc@40030
   141
    assume a: "(list_all2 R OOO op \<approx>) r s"
urbanc@40030
   142
    then have b: "map Abs r \<approx> map Abs s"
griff@47434
   143
    proof (elim relcomppE)
urbanc@40030
   144
      fix b ba
urbanc@40030
   145
      assume c: "list_all2 R r b"
urbanc@40030
   146
      assume d: "b \<approx> ba"
urbanc@40030
   147
      assume e: "list_all2 R ba s"
urbanc@40030
   148
      have f: "map Abs r = map Abs b"
urbanc@40030
   149
        using Quotient_rel[OF list_quotient[OF q]] c by blast
urbanc@40030
   150
      have "map Abs ba = map Abs s"
urbanc@40030
   151
        using Quotient_rel[OF list_quotient[OF q]] e by blast
urbanc@40030
   152
      then have g: "map Abs s = map Abs ba" by simp
urbanc@40030
   153
      then show "map Abs r \<approx> map Abs s" using d f map_list_eq_cong by simp
urbanc@40030
   154
    qed
urbanc@40030
   155
    then show "abs_fset (map Abs r) = abs_fset (map Abs s)"
urbanc@40030
   156
      using Quotient_rel[OF Quotient_fset] by blast
urbanc@40030
   157
  next
urbanc@40030
   158
    assume a: "(list_all2 R OOO op \<approx>) r r \<and> (list_all2 R OOO op \<approx>) s s
urbanc@40030
   159
      \<and> abs_fset (map Abs r) = abs_fset (map Abs s)"
urbanc@40030
   160
    then have s: "(list_all2 R OOO op \<approx>) s s" by simp
urbanc@40030
   161
    have d: "map Abs r \<approx> map Abs s"
haftmann@40822
   162
      by (subst Quotient_rel [OF Quotient_fset, symmetric]) (simp add: a)
urbanc@40030
   163
    have b: "map Rep (map Abs r) \<approx> map Rep (map Abs s)"
urbanc@40030
   164
      by (rule map_list_eq_cong[OF d])
urbanc@40030
   165
    have y: "list_all2 R (map Rep (map Abs s)) s"
urbanc@40030
   166
      by (fact rep_abs_rsp_left[OF list_quotient[OF q], OF list_all2_refl'[OF e, of s]])
urbanc@40030
   167
    have c: "(op \<approx> OO list_all2 R) (map Rep (map Abs r)) s"
griff@47434
   168
      by (rule relcomppI) (rule b, rule y)
urbanc@40030
   169
    have z: "list_all2 R r (map Rep (map Abs r))"
urbanc@40030
   170
      by (fact rep_abs_rsp[OF list_quotient[OF q], OF list_all2_refl'[OF e, of r]])
urbanc@40030
   171
    then show "(list_all2 R OOO op \<approx>) r s"
griff@47434
   172
      using a c relcomppI by simp
urbanc@40030
   173
  qed
urbanc@40030
   174
qed
urbanc@40030
   175
kaliszyk@36280
   176
lemma quotient_compose_list[quot_thm]:
kaliszyk@37492
   177
  shows  "Quotient ((list_all2 op \<approx>) OOO (op \<approx>))
kaliszyk@36280
   178
    (abs_fset \<circ> (map abs_fset)) ((map rep_fset) \<circ> rep_fset)"
urbanc@40030
   179
  by (rule quotient_compose_list_g, rule Quotient_fset, rule list_eq_equivp)
urbanc@40030
   180
kaliszyk@36280
   181
urbanc@40030
   182
section {* Quotient definitions for fsets *}
urbanc@40030
   183
urbanc@40030
   184
urbanc@40030
   185
subsection {* Finite sets are a bounded, distributive lattice with minus *}
kaliszyk@36280
   186
urbanc@37634
   187
instantiation fset :: (type) "{bounded_lattice_bot, distrib_lattice, minus}"
kaliszyk@36280
   188
begin
kaliszyk@36280
   189
kaliszyk@36280
   190
quotient_definition
urbanc@40030
   191
  "bot :: 'a fset" 
kuncar@47092
   192
  is "Nil :: 'a list" done
kaliszyk@36280
   193
kaliszyk@36280
   194
abbreviation
urbanc@40030
   195
  empty_fset  ("{||}")
kaliszyk@36280
   196
where
kaliszyk@36280
   197
  "{||} \<equiv> bot :: 'a fset"
kaliszyk@36280
   198
kaliszyk@36280
   199
quotient_definition
urbanc@40030
   200
  "less_eq_fset :: ('a fset \<Rightarrow> 'a fset \<Rightarrow> bool)"
kuncar@47092
   201
  is "sub_list :: ('a list \<Rightarrow> 'a list \<Rightarrow> bool)" by simp
kaliszyk@36280
   202
kaliszyk@36280
   203
abbreviation
urbanc@40030
   204
  subset_fset :: "'a fset \<Rightarrow> 'a fset \<Rightarrow> bool" (infix "|\<subseteq>|" 50)
kaliszyk@36280
   205
where
kaliszyk@36280
   206
  "xs |\<subseteq>| ys \<equiv> xs \<le> ys"
kaliszyk@36280
   207
kaliszyk@36280
   208
definition
kaliszyk@39995
   209
  less_fset :: "'a fset \<Rightarrow> 'a fset \<Rightarrow> bool"
kaliszyk@39995
   210
where  
kaliszyk@39995
   211
  "xs < ys \<equiv> xs \<le> ys \<and> xs \<noteq> (ys::'a fset)"
kaliszyk@36280
   212
kaliszyk@36280
   213
abbreviation
urbanc@40030
   214
  psubset_fset :: "'a fset \<Rightarrow> 'a fset \<Rightarrow> bool" (infix "|\<subset>|" 50)
kaliszyk@36280
   215
where
kaliszyk@36280
   216
  "xs |\<subset>| ys \<equiv> xs < ys"
kaliszyk@36280
   217
kaliszyk@36280
   218
quotient_definition
kaliszyk@39995
   219
  "sup :: 'a fset \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   220
  is "append :: 'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" by simp
kaliszyk@36280
   221
kaliszyk@36280
   222
abbreviation
urbanc@40030
   223
  union_fset (infixl "|\<union>|" 65)
kaliszyk@36280
   224
where
urbanc@40030
   225
  "xs |\<union>| ys \<equiv> sup xs (ys::'a fset)"
kaliszyk@36280
   226
kaliszyk@36280
   227
quotient_definition
kaliszyk@39995
   228
  "inf :: 'a fset \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   229
  is "inter_list :: 'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" by simp
kaliszyk@36280
   230
kaliszyk@36280
   231
abbreviation
urbanc@40030
   232
  inter_fset (infixl "|\<inter>|" 65)
kaliszyk@36280
   233
where
urbanc@40030
   234
  "xs |\<inter>| ys \<equiv> inf xs (ys::'a fset)"
kaliszyk@36280
   235
kaliszyk@36675
   236
quotient_definition
urbanc@37634
   237
  "minus :: 'a fset \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   238
  is "diff_list :: 'a list \<Rightarrow> 'a list \<Rightarrow> 'a list" by fastforce
urbanc@40030
   239
kaliszyk@36280
   240
instance
kaliszyk@36280
   241
proof
kaliszyk@36280
   242
  fix x y z :: "'a fset"
urbanc@37634
   243
  show "x |\<subset>| y \<longleftrightarrow> x |\<subseteq>| y \<and> \<not> y |\<subseteq>| x"
haftmann@40467
   244
    by (unfold less_fset_def, descending) auto
cezarykaliszyk@46441
   245
  show "x |\<subseteq>| x" by (descending) (simp)
urbanc@40030
   246
  show "{||} |\<subseteq>| x" by (descending) (simp)
urbanc@40030
   247
  show "x |\<subseteq>| x |\<union>| y" by (descending) (simp)
urbanc@40030
   248
  show "y |\<subseteq>| x |\<union>| y" by (descending) (simp)
urbanc@40030
   249
  show "x |\<inter>| y |\<subseteq>| x" by (descending) (auto)
urbanc@40030
   250
  show "x |\<inter>| y |\<subseteq>| y" by (descending) (auto)
urbanc@37634
   251
  show "x |\<union>| (y |\<inter>| z) = x |\<union>| y |\<inter>| (x |\<union>| z)" 
urbanc@40030
   252
    by (descending) (auto)
kaliszyk@36280
   253
next
kaliszyk@36280
   254
  fix x y z :: "'a fset"
kaliszyk@36280
   255
  assume a: "x |\<subseteq>| y"
kaliszyk@36280
   256
  assume b: "y |\<subseteq>| z"
urbanc@40030
   257
  show "x |\<subseteq>| z" using a b by (descending) (simp)
kaliszyk@36280
   258
next
kaliszyk@36280
   259
  fix x y :: "'a fset"
kaliszyk@36280
   260
  assume a: "x |\<subseteq>| y"
kaliszyk@36280
   261
  assume b: "y |\<subseteq>| x"
urbanc@40030
   262
  show "x = y" using a b by (descending) (auto)
kaliszyk@36280
   263
next
kaliszyk@36280
   264
  fix x y z :: "'a fset"
kaliszyk@36280
   265
  assume a: "y |\<subseteq>| x"
kaliszyk@36280
   266
  assume b: "z |\<subseteq>| x"
urbanc@40030
   267
  show "y |\<union>| z |\<subseteq>| x" using a b by (descending) (simp)
kaliszyk@36280
   268
next
kaliszyk@36280
   269
  fix x y z :: "'a fset"
kaliszyk@36280
   270
  assume a: "x |\<subseteq>| y"
kaliszyk@36280
   271
  assume b: "x |\<subseteq>| z"
urbanc@40030
   272
  show "x |\<subseteq>| y |\<inter>| z" using a b by (descending) (auto)
kaliszyk@36280
   273
qed
kaliszyk@36280
   274
kaliszyk@36280
   275
end
kaliszyk@36280
   276
urbanc@40030
   277
urbanc@40030
   278
subsection {* Other constants for fsets *}
kaliszyk@36280
   279
kaliszyk@36280
   280
quotient_definition
urbanc@40030
   281
  "insert_fset :: 'a \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   282
  is "Cons" by auto
kaliszyk@36280
   283
kaliszyk@36280
   284
syntax
wenzelm@45343
   285
  "_insert_fset"     :: "args => 'a fset"  ("{|(_)|}")
kaliszyk@36280
   286
kaliszyk@36280
   287
translations
urbanc@40030
   288
  "{|x, xs|}" == "CONST insert_fset x {|xs|}"
urbanc@40030
   289
  "{|x|}"     == "CONST insert_fset x {||}"
kaliszyk@36280
   290
kaliszyk@36280
   291
quotient_definition
haftmann@40953
   292
  fset_member
kaliszyk@36280
   293
where
kuncar@47092
   294
  "fset_member :: 'a fset \<Rightarrow> 'a \<Rightarrow> bool" is "List.member" by fastforce
haftmann@40953
   295
haftmann@40953
   296
abbreviation
haftmann@40953
   297
  in_fset :: "'a \<Rightarrow> 'a fset \<Rightarrow> bool" (infix "|\<in>|" 50)
haftmann@40953
   298
where
haftmann@40953
   299
  "x |\<in>| S \<equiv> fset_member S x"
kaliszyk@36280
   300
kaliszyk@36280
   301
abbreviation
urbanc@40030
   302
  notin_fset :: "'a \<Rightarrow> 'a fset \<Rightarrow> bool" (infix "|\<notin>|" 50)
kaliszyk@36280
   303
where
kaliszyk@36280
   304
  "x |\<notin>| S \<equiv> \<not> (x |\<in>| S)"
kaliszyk@36280
   305
urbanc@40030
   306
urbanc@40030
   307
subsection {* Other constants on the Quotient Type *}
kaliszyk@36280
   308
kaliszyk@36280
   309
quotient_definition
urbanc@40030
   310
  "card_fset :: 'a fset \<Rightarrow> nat"
kuncar@47092
   311
  is card_list by simp
kaliszyk@36280
   312
kaliszyk@36280
   313
quotient_definition
urbanc@40030
   314
  "map_fset :: ('a \<Rightarrow> 'b) \<Rightarrow> 'a fset \<Rightarrow> 'b fset"
kuncar@47092
   315
  is map by simp
kaliszyk@36280
   316
kaliszyk@36280
   317
quotient_definition
urbanc@40030
   318
  "remove_fset :: 'a \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   319
  is removeAll by simp
kaliszyk@36280
   320
kaliszyk@36280
   321
quotient_definition
kaliszyk@39996
   322
  "fset :: 'a fset \<Rightarrow> 'a set"
kuncar@47092
   323
  is "set" by simp
kuncar@47092
   324
kuncar@47092
   325
lemma fold_once_set_equiv:
kuncar@47092
   326
  assumes "xs \<approx> ys"
kuncar@47092
   327
  shows "fold_once f xs = fold_once f ys"
kuncar@47092
   328
proof (cases "rsp_fold f")
kuncar@47092
   329
  case False then show ?thesis by simp
kuncar@47092
   330
next
kuncar@47092
   331
  case True
kuncar@47092
   332
  then have "\<And>x y. x \<in> set (remdups xs) \<Longrightarrow> y \<in> set (remdups xs) \<Longrightarrow> f x \<circ> f y = f y \<circ> f x"
kuncar@47092
   333
    by (rule rsp_foldE)
kuncar@47092
   334
  moreover from assms have "multiset_of (remdups xs) = multiset_of (remdups ys)"
kuncar@47092
   335
    by (simp add: set_eq_iff_multiset_of_remdups_eq)
kuncar@47092
   336
  ultimately have "fold f (remdups xs) = fold f (remdups ys)"
kuncar@47092
   337
    by (rule fold_multiset_equiv)
kuncar@47092
   338
  with True show ?thesis by (simp add: fold_once_fold_remdups)
kuncar@47092
   339
qed
kaliszyk@36280
   340
kaliszyk@36280
   341
quotient_definition
haftmann@40961
   342
  "fold_fset :: ('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'a fset \<Rightarrow> 'b \<Rightarrow> 'b"
kuncar@47092
   343
  is fold_once by (rule fold_once_set_equiv)
kuncar@47092
   344
kuncar@47092
   345
lemma concat_rsp_pre:
kuncar@47092
   346
  assumes a: "list_all2 op \<approx> x x'"
kuncar@47092
   347
  and     b: "x' \<approx> y'"
kuncar@47092
   348
  and     c: "list_all2 op \<approx> y' y"
kuncar@47092
   349
  and     d: "\<exists>x\<in>set x. xa \<in> set x"
kuncar@47092
   350
  shows "\<exists>x\<in>set y. xa \<in> set x"
kuncar@47092
   351
proof -
kuncar@47092
   352
  obtain xb where e: "xb \<in> set x" and f: "xa \<in> set xb" using d by auto
kuncar@47092
   353
  have "\<exists>y. y \<in> set x' \<and> xb \<approx> y" by (rule list_all2_find_element[OF e a])
kuncar@47092
   354
  then obtain ya where h: "ya \<in> set x'" and i: "xb \<approx> ya" by auto
kuncar@47092
   355
  have "ya \<in> set y'" using b h by simp
kuncar@47092
   356
  then have "\<exists>yb. yb \<in> set y \<and> ya \<approx> yb" using c by (rule list_all2_find_element)
kuncar@47092
   357
  then show ?thesis using f i by auto
kuncar@47092
   358
qed
kaliszyk@36280
   359
kaliszyk@36280
   360
quotient_definition
urbanc@40030
   361
  "concat_fset :: ('a fset) fset \<Rightarrow> 'a fset"
kuncar@47092
   362
  is concat 
griff@47434
   363
proof (elim relcomppE)
kuncar@47092
   364
fix a b ba bb
kuncar@47092
   365
  assume a: "list_all2 op \<approx> a ba"
kuncar@47092
   366
  with list_symp [OF list_eq_symp] have a': "list_all2 op \<approx> ba a" by (rule sympE)
kuncar@47092
   367
  assume b: "ba \<approx> bb"
kuncar@47092
   368
  with list_eq_symp have b': "bb \<approx> ba" by (rule sympE)
kuncar@47092
   369
  assume c: "list_all2 op \<approx> bb b"
kuncar@47092
   370
  with list_symp [OF list_eq_symp] have c': "list_all2 op \<approx> b bb" by (rule sympE)
kuncar@47092
   371
  have "\<forall>x. (\<exists>xa\<in>set a. x \<in> set xa) = (\<exists>xa\<in>set b. x \<in> set xa)" 
kuncar@47092
   372
  proof
kuncar@47092
   373
    fix x
kuncar@47092
   374
    show "(\<exists>xa\<in>set a. x \<in> set xa) = (\<exists>xa\<in>set b. x \<in> set xa)" 
kuncar@47092
   375
    proof
kuncar@47092
   376
      assume d: "\<exists>xa\<in>set a. x \<in> set xa"
kuncar@47092
   377
      show "\<exists>xa\<in>set b. x \<in> set xa" by (rule concat_rsp_pre[OF a b c d])
kuncar@47092
   378
    next
kuncar@47092
   379
      assume e: "\<exists>xa\<in>set b. x \<in> set xa"
kuncar@47092
   380
      show "\<exists>xa\<in>set a. x \<in> set xa" by (rule concat_rsp_pre[OF c' b' a' e])
kuncar@47092
   381
    qed
kuncar@47092
   382
  qed
kuncar@47092
   383
  then show "concat a \<approx> concat b" by auto
kuncar@47092
   384
qed
kaliszyk@36280
   385
bulwahn@36639
   386
quotient_definition
urbanc@40030
   387
  "filter_fset :: ('a \<Rightarrow> bool) \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
kuncar@47092
   388
  is filter by force
bulwahn@36639
   389
urbanc@40030
   390
urbanc@40030
   391
subsection {* Compositional respectfulness and preservation lemmas *}
kaliszyk@36280
   392
urbanc@40030
   393
lemma Nil_rsp2 [quot_respect]: 
urbanc@40030
   394
  shows "(list_all2 op \<approx> OOO op \<approx>) Nil Nil"
urbanc@40030
   395
  by (rule compose_list_refl, rule list_eq_equivp)
kaliszyk@36280
   396
urbanc@40030
   397
lemma Cons_rsp2 [quot_respect]:
kaliszyk@39994
   398
  shows "(op \<approx> ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) Cons Cons"
haftmann@40467
   399
  apply (auto intro!: fun_relI)
griff@47434
   400
  apply (rule_tac b="x # b" in relcomppI)
kaliszyk@36280
   401
  apply auto
griff@47434
   402
  apply (rule_tac b="x # ba" in relcomppI)
kaliszyk@36280
   403
  apply auto
kaliszyk@36280
   404
  done
kaliszyk@36280
   405
cezarykaliszyk@46441
   406
lemma Nil_prs2 [quot_preserve]:
cezarykaliszyk@46441
   407
  assumes "Quotient R Abs Rep"
cezarykaliszyk@46441
   408
  shows "(Abs \<circ> map f) [] = Abs []"
urbanc@40030
   409
  by simp
urbanc@40030
   410
cezarykaliszyk@46441
   411
lemma Cons_prs2 [quot_preserve]:
cezarykaliszyk@46441
   412
  assumes q: "Quotient R1 Abs1 Rep1"
cezarykaliszyk@46441
   413
  and     r: "Quotient R2 Abs2 Rep2"
cezarykaliszyk@46441
   414
  shows "(Rep1 ---> (map Rep1 \<circ> Rep2) ---> (Abs2 \<circ> map Abs1)) (op #) = (id ---> Rep2 ---> Abs2) (op #)"
cezarykaliszyk@46441
   415
  by (auto simp add: fun_eq_iff comp_def Quotient_abs_rep [OF q])
kaliszyk@36280
   416
cezarykaliszyk@46441
   417
lemma append_prs2 [quot_preserve]:
cezarykaliszyk@46441
   418
  assumes q: "Quotient R1 Abs1 Rep1"
cezarykaliszyk@46441
   419
  and     r: "Quotient R2 Abs2 Rep2"
cezarykaliszyk@46441
   420
  shows "((map Rep1 \<circ> Rep2) ---> (map Rep1 \<circ> Rep2) ---> (Abs2 \<circ> map Abs1)) op @ =
cezarykaliszyk@46441
   421
    (Rep2 ---> Rep2 ---> Abs2) op @"
haftmann@46663
   422
  by (simp add: fun_eq_iff abs_o_rep[OF q] List.map.id)
kaliszyk@36280
   423
kaliszyk@37492
   424
lemma list_all2_app_l:
kaliszyk@36280
   425
  assumes a: "reflp R"
kaliszyk@37492
   426
  and b: "list_all2 R l r"
kaliszyk@37492
   427
  shows "list_all2 R (z @ l) (z @ r)"
haftmann@40822
   428
  using a b by (induct z) (auto elim: reflpE)
kaliszyk@36280
   429
kaliszyk@36280
   430
lemma append_rsp2_pre0:
kaliszyk@37492
   431
  assumes a:"list_all2 op \<approx> x x'"
kaliszyk@37492
   432
  shows "list_all2 op \<approx> (x @ z) (x' @ z)"
kaliszyk@36280
   433
  using a apply (induct x x' rule: list_induct2')
urbanc@40030
   434
  by simp_all (rule list_all2_refl'[OF list_eq_equivp])
kaliszyk@36280
   435
kaliszyk@36280
   436
lemma append_rsp2_pre1:
kaliszyk@37492
   437
  assumes a:"list_all2 op \<approx> x x'"
kaliszyk@37492
   438
  shows "list_all2 op \<approx> (z @ x) (z @ x')"
kaliszyk@36280
   439
  using a apply (induct x x' arbitrary: z rule: list_induct2')
urbanc@40030
   440
  apply (rule list_all2_refl'[OF list_eq_equivp])
haftmann@40467
   441
  apply (simp_all del: list_eq_def)
kaliszyk@37492
   442
  apply (rule list_all2_app_l)
haftmann@40822
   443
  apply (simp_all add: reflpI)
kaliszyk@36280
   444
  done
kaliszyk@36280
   445
kaliszyk@36280
   446
lemma append_rsp2_pre:
haftmann@40822
   447
  assumes "list_all2 op \<approx> x x'"
haftmann@40822
   448
    and "list_all2 op \<approx> z z'"
kaliszyk@37492
   449
  shows "list_all2 op \<approx> (x @ z) (x' @ z')"
haftmann@40822
   450
  using assms by (rule list_all2_appendI)
kaliszyk@36280
   451
cezarykaliszyk@46441
   452
lemma compositional_rsp3:
cezarykaliszyk@46441
   453
  assumes "(R1 ===> R2 ===> R3) C C" and "(R4 ===> R5 ===> R6) C C"
cezarykaliszyk@46441
   454
  shows "(R1 OOO R4 ===> R2 OOO R5 ===> R3 OOO R6) C C"
cezarykaliszyk@46441
   455
  by (auto intro!: fun_relI)
griff@47434
   456
     (metis (full_types) assms fun_relE relcomppI)
cezarykaliszyk@46441
   457
urbanc@40030
   458
lemma append_rsp2 [quot_respect]:
urbanc@40030
   459
  "(list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) append append"
kuncar@47092
   460
  by (intro compositional_rsp3)
cezarykaliszyk@46441
   461
     (auto intro!: fun_relI simp add: append_rsp2_pre)
kaliszyk@36280
   462
cezarykaliszyk@46404
   463
lemma map_rsp2 [quot_respect]:
cezarykaliszyk@46404
   464
  "((op \<approx> ===> op \<approx>) ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) map map"
cezarykaliszyk@46404
   465
proof (auto intro!: fun_relI)
cezarykaliszyk@46404
   466
  fix f f' :: "'a list \<Rightarrow> 'b list"
cezarykaliszyk@46404
   467
  fix xa ya x y :: "'a list list"
cezarykaliszyk@46404
   468
  assume fs: "(op \<approx> ===> op \<approx>) f f'" and x: "list_all2 op \<approx> xa x" and xy: "set x = set y" and y: "list_all2 op \<approx> y ya"
cezarykaliszyk@46404
   469
  have a: "(list_all2 op \<approx>) (map f xa) (map f x)"
cezarykaliszyk@46404
   470
    using x
cezarykaliszyk@46404
   471
    by (induct xa x rule: list_induct2')
cezarykaliszyk@46404
   472
       (simp_all, metis fs fun_relE list_eq_def)
cezarykaliszyk@46404
   473
  have b: "set (map f x) = set (map f y)"
cezarykaliszyk@46404
   474
    using xy fs
cezarykaliszyk@46404
   475
    by (induct x y rule: list_induct2')
cezarykaliszyk@46404
   476
       (simp_all, metis image_insert)
cezarykaliszyk@46404
   477
  have c: "(list_all2 op \<approx>) (map f y) (map f' ya)"
cezarykaliszyk@46404
   478
    using y fs
cezarykaliszyk@46404
   479
    by (induct y ya rule: list_induct2')
cezarykaliszyk@46404
   480
       (simp_all, metis apply_rsp' list_eq_def)
cezarykaliszyk@46404
   481
  show "(list_all2 op \<approx> OOO op \<approx>) (map f xa) (map f' ya)"
griff@47434
   482
    by (metis a b c list_eq_def relcomppI)
cezarykaliszyk@46404
   483
qed
urbanc@40030
   484
cezarykaliszyk@46404
   485
lemma map_prs2 [quot_preserve]:
cezarykaliszyk@46441
   486
  shows "((abs_fset ---> rep_fset) ---> (map rep_fset \<circ> rep_fset) ---> abs_fset \<circ> map abs_fset) map = (id ---> rep_fset ---> abs_fset) map"
cezarykaliszyk@46441
   487
  by (auto simp add: fun_eq_iff)
cezarykaliszyk@46441
   488
     (simp only: map_map[symmetric] map_prs_aux[OF Quotient_fset Quotient_fset])
urbanc@40030
   489
urbanc@40030
   490
section {* Lifted theorems *}
urbanc@40030
   491
urbanc@40030
   492
subsection {* fset *}
urbanc@40030
   493
urbanc@40030
   494
lemma fset_simps [simp]:
urbanc@40030
   495
  shows "fset {||} = {}"
urbanc@40030
   496
  and   "fset (insert_fset x S) = insert x (fset S)"
urbanc@40030
   497
  by (descending, simp)+
urbanc@40030
   498
urbanc@40030
   499
lemma finite_fset [simp]: 
urbanc@40030
   500
  shows "finite (fset S)"
urbanc@40030
   501
  by (descending) (simp)
urbanc@40030
   502
urbanc@40030
   503
lemma fset_cong:
urbanc@40030
   504
  shows "fset S = fset T \<longleftrightarrow> S = T"
urbanc@40030
   505
  by (descending) (simp)
urbanc@40030
   506
kaliszyk@44204
   507
lemma filter_fset [simp]:
kaliszyk@44204
   508
  shows "fset (filter_fset P xs) = Collect P \<inter> fset xs"
kaliszyk@44204
   509
  by (descending) (auto)
urbanc@40030
   510
urbanc@40030
   511
lemma remove_fset [simp]: 
urbanc@40030
   512
  shows "fset (remove_fset x xs) = fset xs - {x}"
urbanc@40030
   513
  by (descending) (simp)
urbanc@40030
   514
urbanc@40030
   515
lemma inter_fset [simp]: 
urbanc@40030
   516
  shows "fset (xs |\<inter>| ys) = fset xs \<inter> fset ys"
urbanc@40030
   517
  by (descending) (auto)
urbanc@40030
   518
urbanc@40030
   519
lemma union_fset [simp]: 
urbanc@40030
   520
  shows "fset (xs |\<union>| ys) = fset xs \<union> fset ys"
urbanc@40030
   521
  by (lifting set_append)
urbanc@40030
   522
urbanc@40030
   523
lemma minus_fset [simp]: 
urbanc@40030
   524
  shows "fset (xs - ys) = fset xs - fset ys"
urbanc@40030
   525
  by (descending) (auto)
urbanc@40030
   526
urbanc@40030
   527
urbanc@40030
   528
subsection {* in_fset *}
urbanc@40030
   529
urbanc@40030
   530
lemma in_fset: 
urbanc@40030
   531
  shows "x |\<in>| S \<longleftrightarrow> x \<in> fset S"
haftmann@40953
   532
  by descending simp
urbanc@40030
   533
urbanc@40030
   534
lemma notin_fset: 
urbanc@40030
   535
  shows "x |\<notin>| S \<longleftrightarrow> x \<notin> fset S"
urbanc@40030
   536
  by (simp add: in_fset)
urbanc@40030
   537
urbanc@40030
   538
lemma notin_empty_fset: 
urbanc@40030
   539
  shows "x |\<notin>| {||}"
urbanc@40030
   540
  by (simp add: in_fset)
kaliszyk@36280
   541
urbanc@40030
   542
lemma fset_eq_iff:
urbanc@40030
   543
  shows "S = T \<longleftrightarrow> (\<forall>x. (x |\<in>| S) = (x |\<in>| T))"
haftmann@40953
   544
  by descending auto
urbanc@40030
   545
urbanc@40030
   546
lemma none_in_empty_fset:
urbanc@40030
   547
  shows "(\<forall>x. x |\<notin>| S) \<longleftrightarrow> S = {||}"
haftmann@40953
   548
  by descending simp
urbanc@40030
   549
urbanc@40030
   550
urbanc@40030
   551
subsection {* insert_fset *}
urbanc@40030
   552
urbanc@40030
   553
lemma in_insert_fset_iff [simp]:
urbanc@40030
   554
  shows "x |\<in>| insert_fset y S \<longleftrightarrow> x = y \<or> x |\<in>| S"
haftmann@40953
   555
  by descending simp
urbanc@40030
   556
urbanc@40030
   557
lemma
urbanc@40030
   558
  shows insert_fsetI1: "x |\<in>| insert_fset x S"
urbanc@40030
   559
  and   insert_fsetI2: "x |\<in>| S \<Longrightarrow> x |\<in>| insert_fset y S"
urbanc@40030
   560
  by simp_all
urbanc@40030
   561
urbanc@40030
   562
lemma insert_absorb_fset [simp]:
urbanc@40030
   563
  shows "x |\<in>| S \<Longrightarrow> insert_fset x S = S"
urbanc@40030
   564
  by (descending) (auto)
kaliszyk@36280
   565
urbanc@40030
   566
lemma empty_not_insert_fset[simp]:
urbanc@40030
   567
  shows "{||} \<noteq> insert_fset x S"
urbanc@40030
   568
  and   "insert_fset x S \<noteq> {||}"
urbanc@40030
   569
  by (descending, simp)+
urbanc@40030
   570
urbanc@40030
   571
lemma insert_fset_left_comm:
urbanc@40030
   572
  shows "insert_fset x (insert_fset y S) = insert_fset y (insert_fset x S)"
urbanc@40030
   573
  by (descending) (auto)
urbanc@40030
   574
urbanc@40030
   575
lemma insert_fset_left_idem:
urbanc@40030
   576
  shows "insert_fset x (insert_fset x S) = insert_fset x S"
urbanc@40030
   577
  by (descending) (auto)
urbanc@40030
   578
urbanc@40030
   579
lemma singleton_fset_eq[simp]:
urbanc@40030
   580
  shows "{|x|} = {|y|} \<longleftrightarrow> x = y"
urbanc@40030
   581
  by (descending) (auto)
urbanc@40030
   582
urbanc@40030
   583
lemma in_fset_mdef:
urbanc@40030
   584
  shows "x |\<in>| F \<longleftrightarrow> x |\<notin>| (F - {|x|}) \<and> F = insert_fset x (F - {|x|})"
urbanc@40030
   585
  by (descending) (auto)
urbanc@40030
   586
urbanc@40030
   587
urbanc@40030
   588
subsection {* union_fset *}
urbanc@40030
   589
urbanc@40030
   590
lemmas [simp] =
wenzelm@45605
   591
  sup_bot_left[where 'a="'a fset"]
wenzelm@45605
   592
  sup_bot_right[where 'a="'a fset"]
urbanc@40030
   593
urbanc@40030
   594
lemma union_insert_fset [simp]:
urbanc@40030
   595
  shows "insert_fset x S |\<union>| T = insert_fset x (S |\<union>| T)"
urbanc@40030
   596
  by (lifting append.simps(2))
kaliszyk@36280
   597
urbanc@40030
   598
lemma singleton_union_fset_left:
urbanc@40030
   599
  shows "{|a|} |\<union>| S = insert_fset a S"
urbanc@40030
   600
  by simp
urbanc@40030
   601
urbanc@40030
   602
lemma singleton_union_fset_right:
urbanc@40030
   603
  shows "S |\<union>| {|a|} = insert_fset a S"
urbanc@40030
   604
  by (subst sup.commute) simp
urbanc@40030
   605
urbanc@40030
   606
lemma in_union_fset:
urbanc@40030
   607
  shows "x |\<in>| S |\<union>| T \<longleftrightarrow> x |\<in>| S \<or> x |\<in>| T"
urbanc@40030
   608
  by (descending) (simp)
urbanc@40030
   609
urbanc@40030
   610
urbanc@40030
   611
subsection {* minus_fset *}
urbanc@40030
   612
urbanc@40030
   613
lemma minus_in_fset: 
urbanc@40030
   614
  shows "x |\<in>| (xs - ys) \<longleftrightarrow> x |\<in>| xs \<and> x |\<notin>| ys"
urbanc@40030
   615
  by (descending) (simp)
urbanc@40030
   616
urbanc@40030
   617
lemma minus_insert_fset: 
urbanc@40030
   618
  shows "insert_fset x xs - ys = (if x |\<in>| ys then xs - ys else insert_fset x (xs - ys))"
urbanc@40030
   619
  by (descending) (auto)
urbanc@40030
   620
urbanc@40030
   621
lemma minus_insert_in_fset[simp]: 
urbanc@40030
   622
  shows "x |\<in>| ys \<Longrightarrow> insert_fset x xs - ys = xs - ys"
urbanc@40030
   623
  by (simp add: minus_insert_fset)
urbanc@40030
   624
urbanc@40030
   625
lemma minus_insert_notin_fset[simp]: 
urbanc@40030
   626
  shows "x |\<notin>| ys \<Longrightarrow> insert_fset x xs - ys = insert_fset x (xs - ys)"
urbanc@40030
   627
  by (simp add: minus_insert_fset)
urbanc@40030
   628
urbanc@40030
   629
lemma in_minus_fset: 
urbanc@40030
   630
  shows "x |\<in>| F - S \<Longrightarrow> x |\<notin>| S"
urbanc@40030
   631
  unfolding in_fset minus_fset
urbanc@40030
   632
  by blast
urbanc@40030
   633
urbanc@40030
   634
lemma notin_minus_fset: 
urbanc@40030
   635
  shows "x |\<in>| S \<Longrightarrow> x |\<notin>| F - S"
urbanc@40030
   636
  unfolding in_fset minus_fset
urbanc@40030
   637
  by blast
urbanc@40030
   638
urbanc@40030
   639
urbanc@40030
   640
subsection {* remove_fset *}
urbanc@40030
   641
urbanc@40030
   642
lemma in_remove_fset:
urbanc@40030
   643
  shows "x |\<in>| remove_fset y S \<longleftrightarrow> x |\<in>| S \<and> x \<noteq> y"
urbanc@40030
   644
  by (descending) (simp)
urbanc@40030
   645
urbanc@40030
   646
lemma notin_remove_fset:
urbanc@40030
   647
  shows "x |\<notin>| remove_fset x S"
urbanc@40030
   648
  by (descending) (simp)
kaliszyk@36280
   649
urbanc@40030
   650
lemma notin_remove_ident_fset:
urbanc@40030
   651
  shows "x |\<notin>| S \<Longrightarrow> remove_fset x S = S"
urbanc@40030
   652
  by (descending) (simp)
urbanc@40030
   653
urbanc@40030
   654
lemma remove_fset_cases:
urbanc@40030
   655
  shows "S = {||} \<or> (\<exists>x. x |\<in>| S \<and> S = insert_fset x (remove_fset x S))"
urbanc@40030
   656
  by (descending) (auto simp add: insert_absorb)
urbanc@40030
   657
  
urbanc@40030
   658
urbanc@40030
   659
subsection {* inter_fset *}
urbanc@40030
   660
urbanc@40030
   661
lemma inter_empty_fset_l:
urbanc@40030
   662
  shows "{||} |\<inter>| S = {||}"
urbanc@40030
   663
  by simp
urbanc@40030
   664
urbanc@40030
   665
lemma inter_empty_fset_r:
urbanc@40030
   666
  shows "S |\<inter>| {||} = {||}"
urbanc@40030
   667
  by simp
urbanc@40030
   668
urbanc@40030
   669
lemma inter_insert_fset:
urbanc@40030
   670
  shows "insert_fset x S |\<inter>| T = (if x |\<in>| T then insert_fset x (S |\<inter>| T) else S |\<inter>| T)"
urbanc@40030
   671
  by (descending) (auto)
urbanc@40030
   672
urbanc@40030
   673
lemma in_inter_fset:
urbanc@40030
   674
  shows "x |\<in>| (S |\<inter>| T) \<longleftrightarrow> x |\<in>| S \<and> x |\<in>| T"
urbanc@40030
   675
  by (descending) (simp)
urbanc@40030
   676
kaliszyk@36280
   677
urbanc@40030
   678
subsection {* subset_fset and psubset_fset *}
urbanc@40030
   679
urbanc@40030
   680
lemma subset_fset: 
urbanc@40030
   681
  shows "xs |\<subseteq>| ys \<longleftrightarrow> fset xs \<subseteq> fset ys"
urbanc@40030
   682
  by (descending) (simp)
urbanc@40030
   683
urbanc@40030
   684
lemma psubset_fset: 
urbanc@40030
   685
  shows "xs |\<subset>| ys \<longleftrightarrow> fset xs \<subset> fset ys"
urbanc@40030
   686
  unfolding less_fset_def 
urbanc@40030
   687
  by (descending) (auto)
urbanc@40030
   688
urbanc@40030
   689
lemma subset_insert_fset:
urbanc@40030
   690
  shows "(insert_fset x xs) |\<subseteq>| ys \<longleftrightarrow> x |\<in>| ys \<and> xs |\<subseteq>| ys"
urbanc@40030
   691
  by (descending) (simp)
urbanc@40030
   692
urbanc@40030
   693
lemma subset_in_fset: 
urbanc@40030
   694
  shows "xs |\<subseteq>| ys = (\<forall>x. x |\<in>| xs \<longrightarrow> x |\<in>| ys)"
urbanc@40030
   695
  by (descending) (auto)
urbanc@40030
   696
urbanc@40030
   697
lemma subset_empty_fset:
urbanc@40030
   698
  shows "xs |\<subseteq>| {||} \<longleftrightarrow> xs = {||}"
urbanc@40030
   699
  by (descending) (simp)
urbanc@40030
   700
urbanc@40030
   701
lemma not_psubset_empty_fset: 
urbanc@40030
   702
  shows "\<not> xs |\<subset>| {||}"
urbanc@40030
   703
  by (metis fset_simps(1) psubset_fset not_psubset_empty)
urbanc@40030
   704
urbanc@40030
   705
urbanc@40030
   706
subsection {* map_fset *}
kaliszyk@36280
   707
urbanc@40030
   708
lemma map_fset_simps [simp]:
urbanc@40030
   709
   shows "map_fset f {||} = {||}"
urbanc@40030
   710
  and   "map_fset f (insert_fset x S) = insert_fset (f x) (map_fset f S)"
urbanc@40030
   711
  by (descending, simp)+
urbanc@40030
   712
urbanc@40030
   713
lemma map_fset_image [simp]:
urbanc@40030
   714
  shows "fset (map_fset f S) = f ` (fset S)"
urbanc@40030
   715
  by (descending) (simp)
urbanc@40030
   716
urbanc@40030
   717
lemma inj_map_fset_cong:
urbanc@40030
   718
  shows "inj f \<Longrightarrow> map_fset f S = map_fset f T \<longleftrightarrow> S = T"
haftmann@40467
   719
  by (descending) (metis inj_vimage_image_eq list_eq_def set_map)
urbanc@40030
   720
urbanc@40030
   721
lemma map_union_fset: 
urbanc@40030
   722
  shows "map_fset f (S |\<union>| T) = map_fset f S |\<union>| map_fset f T"
urbanc@40030
   723
  by (descending) (simp)
urbanc@40030
   724
urbanc@40030
   725
urbanc@40030
   726
subsection {* card_fset *}
urbanc@40030
   727
urbanc@40030
   728
lemma card_fset: 
urbanc@40030
   729
  shows "card_fset xs = card (fset xs)"
urbanc@40030
   730
  by (descending) (simp)
urbanc@40030
   731
urbanc@40030
   732
lemma card_insert_fset_iff [simp]:
urbanc@40030
   733
  shows "card_fset (insert_fset x S) = (if x |\<in>| S then card_fset S else Suc (card_fset S))"
urbanc@40030
   734
  by (descending) (simp add: insert_absorb)
urbanc@40030
   735
urbanc@40030
   736
lemma card_fset_0[simp]:
urbanc@40030
   737
  shows "card_fset S = 0 \<longleftrightarrow> S = {||}"
urbanc@40030
   738
  by (descending) (simp)
urbanc@40030
   739
urbanc@40030
   740
lemma card_empty_fset[simp]:
urbanc@40030
   741
  shows "card_fset {||} = 0"
urbanc@40030
   742
  by (simp add: card_fset)
urbanc@40030
   743
urbanc@40030
   744
lemma card_fset_1:
urbanc@40030
   745
  shows "card_fset S = 1 \<longleftrightarrow> (\<exists>x. S = {|x|})"
urbanc@40030
   746
  by (descending) (auto simp add: card_Suc_eq)
urbanc@40030
   747
urbanc@40030
   748
lemma card_fset_gt_0:
urbanc@40030
   749
  shows "x \<in> fset S \<Longrightarrow> 0 < card_fset S"
urbanc@40030
   750
  by (descending) (auto simp add: card_gt_0_iff)
urbanc@40030
   751
  
urbanc@40030
   752
lemma card_notin_fset:
urbanc@40030
   753
  shows "(x |\<notin>| S) = (card_fset (insert_fset x S) = Suc (card_fset S))"
urbanc@40030
   754
  by simp
kaliszyk@36280
   755
urbanc@40030
   756
lemma card_fset_Suc: 
urbanc@40030
   757
  shows "card_fset S = Suc n \<Longrightarrow> \<exists>x T. x |\<notin>| T \<and> S = insert_fset x T \<and> card_fset T = n"
urbanc@40030
   758
  apply(descending)
urbanc@40030
   759
  apply(auto dest!: card_eq_SucD)
urbanc@40030
   760
  by (metis Diff_insert_absorb set_removeAll)
urbanc@40030
   761
urbanc@40030
   762
lemma card_remove_fset_iff [simp]:
urbanc@40030
   763
  shows "card_fset (remove_fset y S) = (if y |\<in>| S then card_fset S - 1 else card_fset S)"
urbanc@40030
   764
  by (descending) (simp)
urbanc@40030
   765
urbanc@40030
   766
lemma card_Suc_exists_in_fset: 
urbanc@40030
   767
  shows "card_fset S = Suc n \<Longrightarrow> \<exists>a. a |\<in>| S"
urbanc@40030
   768
  by (drule card_fset_Suc) (auto)
urbanc@40030
   769
urbanc@40030
   770
lemma in_card_fset_not_0: 
urbanc@40030
   771
  shows "a |\<in>| A \<Longrightarrow> card_fset A \<noteq> 0"
urbanc@40030
   772
  by (descending) (auto)
urbanc@40030
   773
urbanc@40030
   774
lemma card_fset_mono: 
urbanc@40030
   775
  shows "xs |\<subseteq>| ys \<Longrightarrow> card_fset xs \<le> card_fset ys"
urbanc@40030
   776
  unfolding card_fset psubset_fset
urbanc@40030
   777
  by (simp add: card_mono subset_fset)
urbanc@40030
   778
urbanc@40030
   779
lemma card_subset_fset_eq: 
urbanc@40030
   780
  shows "xs |\<subseteq>| ys \<Longrightarrow> card_fset ys \<le> card_fset xs \<Longrightarrow> xs = ys"
urbanc@40030
   781
  unfolding card_fset subset_fset
urbanc@40030
   782
  by (auto dest: card_seteq[OF finite_fset] simp add: fset_cong)
kaliszyk@36675
   783
urbanc@40030
   784
lemma psubset_card_fset_mono: 
urbanc@40030
   785
  shows "xs |\<subset>| ys \<Longrightarrow> card_fset xs < card_fset ys"
urbanc@40030
   786
  unfolding card_fset subset_fset
urbanc@40030
   787
  by (metis finite_fset psubset_fset psubset_card_mono)
urbanc@40030
   788
urbanc@40030
   789
lemma card_union_inter_fset: 
urbanc@40030
   790
  shows "card_fset xs + card_fset ys = card_fset (xs |\<union>| ys) + card_fset (xs |\<inter>| ys)"
urbanc@40030
   791
  unfolding card_fset union_fset inter_fset
urbanc@40030
   792
  by (rule card_Un_Int[OF finite_fset finite_fset])
urbanc@40030
   793
urbanc@40030
   794
lemma card_union_disjoint_fset: 
urbanc@40030
   795
  shows "xs |\<inter>| ys = {||} \<Longrightarrow> card_fset (xs |\<union>| ys) = card_fset xs + card_fset ys"
urbanc@40030
   796
  unfolding card_fset union_fset 
urbanc@40030
   797
  apply (rule card_Un_disjoint[OF finite_fset finite_fset])
urbanc@40030
   798
  by (metis inter_fset fset_simps(1))
urbanc@40030
   799
urbanc@40030
   800
lemma card_remove_fset_less1: 
urbanc@40030
   801
  shows "x |\<in>| xs \<Longrightarrow> card_fset (remove_fset x xs) < card_fset xs"
urbanc@40030
   802
  unfolding card_fset in_fset remove_fset 
urbanc@40030
   803
  by (rule card_Diff1_less[OF finite_fset])
urbanc@40030
   804
urbanc@40030
   805
lemma card_remove_fset_less2: 
urbanc@40030
   806
  shows "x |\<in>| xs \<Longrightarrow> y |\<in>| xs \<Longrightarrow> card_fset (remove_fset y (remove_fset x xs)) < card_fset xs"
urbanc@40030
   807
  unfolding card_fset remove_fset in_fset
urbanc@40030
   808
  by (rule card_Diff2_less[OF finite_fset])
urbanc@40030
   809
urbanc@40030
   810
lemma card_remove_fset_le1: 
urbanc@40030
   811
  shows "card_fset (remove_fset x xs) \<le> card_fset xs"
urbanc@40030
   812
  unfolding remove_fset card_fset
urbanc@40030
   813
  by (rule card_Diff1_le[OF finite_fset])
kaliszyk@36280
   814
urbanc@40030
   815
lemma card_psubset_fset: 
urbanc@40030
   816
  shows "ys |\<subseteq>| xs \<Longrightarrow> card_fset ys < card_fset xs \<Longrightarrow> ys |\<subset>| xs"
urbanc@40030
   817
  unfolding card_fset psubset_fset subset_fset
urbanc@40030
   818
  by (rule card_psubset[OF finite_fset])
urbanc@40030
   819
urbanc@40030
   820
lemma card_map_fset_le: 
urbanc@40030
   821
  shows "card_fset (map_fset f xs) \<le> card_fset xs"
urbanc@40030
   822
  unfolding card_fset map_fset_image
urbanc@40030
   823
  by (rule card_image_le[OF finite_fset])
urbanc@40030
   824
urbanc@40030
   825
lemma card_minus_insert_fset[simp]:
urbanc@40030
   826
  assumes "a |\<in>| A" and "a |\<notin>| B"
urbanc@40030
   827
  shows "card_fset (A - insert_fset a B) = card_fset (A - B) - 1"
urbanc@40030
   828
  using assms 
urbanc@40030
   829
  unfolding in_fset card_fset minus_fset
urbanc@40030
   830
  by (simp add: card_Diff_insert[OF finite_fset])
urbanc@40030
   831
urbanc@40030
   832
lemma card_minus_subset_fset:
urbanc@40030
   833
  assumes "B |\<subseteq>| A"
urbanc@40030
   834
  shows "card_fset (A - B) = card_fset A - card_fset B"
urbanc@40030
   835
  using assms 
urbanc@40030
   836
  unfolding subset_fset card_fset minus_fset
urbanc@40030
   837
  by (rule card_Diff_subset[OF finite_fset])
urbanc@40030
   838
urbanc@40030
   839
lemma card_minus_fset:
urbanc@40030
   840
  shows "card_fset (A - B) = card_fset A - card_fset (A |\<inter>| B)"
urbanc@40030
   841
  unfolding inter_fset card_fset minus_fset
urbanc@40030
   842
  by (rule card_Diff_subset_Int) (simp)
urbanc@40030
   843
urbanc@40030
   844
urbanc@40030
   845
subsection {* concat_fset *}
urbanc@40030
   846
urbanc@40030
   847
lemma concat_empty_fset [simp]:
urbanc@40030
   848
  shows "concat_fset {||} = {||}"
cezarykaliszyk@46416
   849
  by descending simp
urbanc@40030
   850
urbanc@40030
   851
lemma concat_insert_fset [simp]:
urbanc@40030
   852
  shows "concat_fset (insert_fset x S) = x |\<union>| concat_fset S"
cezarykaliszyk@46416
   853
  by descending simp
urbanc@40030
   854
cezarykaliszyk@46441
   855
lemma concat_union_fset [simp]:
urbanc@40030
   856
  shows "concat_fset (xs |\<union>| ys) = concat_fset xs |\<union>| concat_fset ys"
cezarykaliszyk@46416
   857
  by descending simp
urbanc@40030
   858
cezarykaliszyk@46404
   859
lemma map_concat_fset:
cezarykaliszyk@46404
   860
  shows "map_fset f (concat_fset xs) = concat_fset (map_fset (map_fset f) xs)"
cezarykaliszyk@46404
   861
  by (lifting map_concat)
urbanc@40030
   862
urbanc@40030
   863
subsection {* filter_fset *}
urbanc@40030
   864
urbanc@40030
   865
lemma subset_filter_fset: 
haftmann@40961
   866
  "filter_fset P xs |\<subseteq>| filter_fset Q xs = (\<forall> x. x |\<in>| xs \<longrightarrow> P x \<longrightarrow> Q x)"
haftmann@40961
   867
  by descending auto
urbanc@40030
   868
urbanc@40030
   869
lemma eq_filter_fset: 
haftmann@40961
   870
  "(filter_fset P xs = filter_fset Q xs) = (\<forall>x. x |\<in>| xs \<longrightarrow> P x = Q x)"
haftmann@40961
   871
  by descending auto
kaliszyk@36280
   872
urbanc@40030
   873
lemma psubset_filter_fset:
haftmann@40961
   874
  "(\<And>x. x |\<in>| xs \<Longrightarrow> P x \<Longrightarrow> Q x) \<Longrightarrow> (x |\<in>| xs & \<not> P x & Q x) \<Longrightarrow> 
urbanc@40030
   875
    filter_fset P xs |\<subset>| filter_fset Q xs"
urbanc@40030
   876
  unfolding less_fset_def by (auto simp add: subset_filter_fset eq_filter_fset)
urbanc@40030
   877
urbanc@40030
   878
urbanc@40030
   879
subsection {* fold_fset *}
urbanc@40030
   880
urbanc@40030
   881
lemma fold_empty_fset: 
haftmann@40961
   882
  "fold_fset f {||} = id"
haftmann@40962
   883
  by descending (simp add: fold_once_def)
urbanc@40030
   884
haftmann@40961
   885
lemma fold_insert_fset: "fold_fset f (insert_fset a A) =
haftmann@40962
   886
  (if rsp_fold f then if a |\<in>| A then fold_fset f A else fold_fset f A \<circ> f a else id)"
haftmann@40962
   887
  by descending (simp add: fold_once_fold_remdups)
urbanc@40030
   888
kuncar@47092
   889
lemma remdups_removeAll:
kuncar@47092
   890
  "remdups (removeAll x xs) = remove1 x (remdups xs)"
kuncar@47092
   891
  by (induct xs) auto
kuncar@47092
   892
kuncar@47092
   893
lemma member_commute_fold_once:
kuncar@47092
   894
  assumes "rsp_fold f"
kuncar@47092
   895
    and "x \<in> set xs"
kuncar@47092
   896
  shows "fold_once f xs = fold_once f (removeAll x xs) \<circ> f x"
kuncar@47092
   897
proof -
kuncar@47092
   898
  from assms have "fold f (remdups xs) = fold f (remove1 x (remdups xs)) \<circ> f x"
kuncar@47092
   899
    by (auto intro!: fold_remove1_split elim: rsp_foldE)
kuncar@47092
   900
  then show ?thesis using `rsp_fold f` by (simp add: fold_once_fold_remdups remdups_removeAll)
kuncar@47092
   901
qed
kuncar@47092
   902
urbanc@40030
   903
lemma in_commute_fold_fset:
haftmann@40962
   904
  "rsp_fold f \<Longrightarrow> h |\<in>| b \<Longrightarrow> fold_fset f b = fold_fset f (remove_fset h b) \<circ> f h"
haftmann@40962
   905
  by descending (simp add: member_commute_fold_once)
urbanc@40030
   906
urbanc@40030
   907
urbanc@40030
   908
subsection {* Choice in fsets *}
urbanc@40030
   909
urbanc@40030
   910
lemma fset_choice: 
urbanc@40030
   911
  assumes a: "\<forall>x. x |\<in>| A \<longrightarrow> (\<exists>y. P x y)"
urbanc@40030
   912
  shows "\<exists>f. \<forall>x. x |\<in>| A \<longrightarrow> P x (f x)"
urbanc@40030
   913
  using a
urbanc@40030
   914
  apply(descending)
urbanc@40030
   915
  using finite_set_choice
urbanc@40030
   916
  by (auto simp add: Ball_def)
urbanc@40030
   917
urbanc@40030
   918
urbanc@40030
   919
section {* Induction and Cases rules for fsets *}
urbanc@40030
   920
haftmann@41070
   921
lemma fset_exhaust [case_names empty insert, cases type: fset]:
urbanc@40030
   922
  assumes empty_fset_case: "S = {||} \<Longrightarrow> P" 
urbanc@40030
   923
  and     insert_fset_case: "\<And>x S'. S = insert_fset x S' \<Longrightarrow> P"
urbanc@40030
   924
  shows "P"
urbanc@40030
   925
  using assms by (lifting list.exhaust)
urbanc@40030
   926
haftmann@41070
   927
lemma fset_induct [case_names empty insert]:
urbanc@40030
   928
  assumes empty_fset_case: "P {||}"
urbanc@40030
   929
  and     insert_fset_case: "\<And>x S. P S \<Longrightarrow> P (insert_fset x S)"
urbanc@40030
   930
  shows "P S"
urbanc@40030
   931
  using assms 
urbanc@40030
   932
  by (descending) (blast intro: list.induct)
urbanc@40030
   933
haftmann@41070
   934
lemma fset_induct_stronger [case_names empty insert, induct type: fset]:
urbanc@40030
   935
  assumes empty_fset_case: "P {||}"
urbanc@40030
   936
  and     insert_fset_case: "\<And>x S. \<lbrakk>x |\<notin>| S; P S\<rbrakk> \<Longrightarrow> P (insert_fset x S)"
urbanc@40030
   937
  shows "P S"
urbanc@40030
   938
proof(induct S rule: fset_induct)
haftmann@41070
   939
  case empty
urbanc@40030
   940
  show "P {||}" using empty_fset_case by simp
urbanc@40030
   941
next
haftmann@41070
   942
  case (insert x S)
urbanc@40030
   943
  have "P S" by fact
urbanc@40030
   944
  then show "P (insert_fset x S)" using insert_fset_case 
urbanc@40030
   945
    by (cases "x |\<in>| S") (simp_all)
kaliszyk@36280
   946
qed
kaliszyk@36280
   947
urbanc@40030
   948
lemma fset_card_induct:
urbanc@40030
   949
  assumes empty_fset_case: "P {||}"
urbanc@40030
   950
  and     card_fset_Suc_case: "\<And>S T. Suc (card_fset S) = (card_fset T) \<Longrightarrow> P S \<Longrightarrow> P T"
urbanc@40030
   951
  shows "P S"
urbanc@40030
   952
proof (induct S)
haftmann@41070
   953
  case empty
urbanc@40030
   954
  show "P {||}" by (rule empty_fset_case)
urbanc@40030
   955
next
haftmann@41070
   956
  case (insert x S)
urbanc@40030
   957
  have h: "P S" by fact
urbanc@40030
   958
  have "x |\<notin>| S" by fact
urbanc@40030
   959
  then have "Suc (card_fset S) = card_fset (insert_fset x S)" 
urbanc@40030
   960
    using card_fset_Suc by auto
urbanc@40030
   961
  then show "P (insert_fset x S)" 
urbanc@40030
   962
    using h card_fset_Suc_case by simp
urbanc@40030
   963
qed
kaliszyk@36280
   964
kaliszyk@36280
   965
lemma fset_raw_strong_cases:
kaliszyk@36465
   966
  obtains "xs = []"
haftmann@40953
   967
    | ys x where "\<not> List.member ys x" and "xs \<approx> x # ys"
wenzelm@45129
   968
proof (induct xs)
kaliszyk@36465
   969
  case Nil
kaliszyk@36465
   970
  then show thesis by simp
kaliszyk@36465
   971
next
kaliszyk@36465
   972
  case (Cons a xs)
haftmann@40953
   973
  have a: "\<lbrakk>xs = [] \<Longrightarrow> thesis; \<And>x ys. \<lbrakk>\<not> List.member ys x; xs \<approx> x # ys\<rbrakk> \<Longrightarrow> thesis\<rbrakk> \<Longrightarrow> thesis"
haftmann@40953
   974
    by (rule Cons(1))
haftmann@40953
   975
  have b: "\<And>x' ys'. \<lbrakk>\<not> List.member ys' x'; a # xs \<approx> x' # ys'\<rbrakk> \<Longrightarrow> thesis" by fact
urbanc@40030
   976
  have c: "xs = [] \<Longrightarrow> thesis" using b 
urbanc@40030
   977
    apply(simp)
urbanc@40030
   978
    by (metis List.set.simps(1) emptyE empty_subsetI)
haftmann@40953
   979
  have "\<And>x ys. \<lbrakk>\<not> List.member ys x; xs \<approx> x # ys\<rbrakk> \<Longrightarrow> thesis"
kaliszyk@36465
   980
  proof -
kaliszyk@36465
   981
    fix x :: 'a
kaliszyk@36465
   982
    fix ys :: "'a list"
haftmann@40953
   983
    assume d:"\<not> List.member ys x"
kaliszyk@36465
   984
    assume e:"xs \<approx> x # ys"
kaliszyk@36465
   985
    show thesis
kaliszyk@36465
   986
    proof (cases "x = a")
kaliszyk@36465
   987
      assume h: "x = a"
haftmann@40953
   988
      then have f: "\<not> List.member ys a" using d by simp
kaliszyk@36465
   989
      have g: "a # xs \<approx> a # ys" using e h by auto
kaliszyk@36465
   990
      show thesis using b f g by simp
kaliszyk@36465
   991
    next
kaliszyk@36465
   992
      assume h: "x \<noteq> a"
haftmann@40953
   993
      then have f: "\<not> List.member (a # ys) x" using d by auto
kaliszyk@36465
   994
      have g: "a # xs \<approx> x # (a # ys)" using e h by auto
haftmann@40953
   995
      show thesis using b f g by (simp del: List.member_def) 
kaliszyk@36465
   996
    qed
kaliszyk@36465
   997
  qed
kaliszyk@36465
   998
  then show thesis using a c by blast
kaliszyk@36465
   999
qed
kaliszyk@36280
  1000
urbanc@40030
  1001
urbanc@40030
  1002
lemma fset_strong_cases:
urbanc@40030
  1003
  obtains "xs = {||}"
haftmann@40953
  1004
    | ys x where "x |\<notin>| ys" and "xs = insert_fset x ys"
urbanc@40030
  1005
  by (lifting fset_raw_strong_cases)
kaliszyk@36280
  1006
kaliszyk@39996
  1007
urbanc@40030
  1008
lemma fset_induct2:
urbanc@40030
  1009
  "P {||} {||} \<Longrightarrow>
urbanc@40030
  1010
  (\<And>x xs. x |\<notin>| xs \<Longrightarrow> P (insert_fset x xs) {||}) \<Longrightarrow>
urbanc@40030
  1011
  (\<And>y ys. y |\<notin>| ys \<Longrightarrow> P {||} (insert_fset y ys)) \<Longrightarrow>
urbanc@40030
  1012
  (\<And>x xs y ys. \<lbrakk>P xs ys; x |\<notin>| xs; y |\<notin>| ys\<rbrakk> \<Longrightarrow> P (insert_fset x xs) (insert_fset y ys)) \<Longrightarrow>
urbanc@40030
  1013
  P xsa ysa"
urbanc@40030
  1014
  apply (induct xsa arbitrary: ysa)
urbanc@40030
  1015
  apply (induct_tac x rule: fset_induct_stronger)
urbanc@40030
  1016
  apply simp_all
urbanc@40030
  1017
  apply (induct_tac xa rule: fset_induct_stronger)
urbanc@40030
  1018
  apply simp_all
urbanc@40030
  1019
  done
kaliszyk@36280
  1020
haftmann@41070
  1021
text {* Extensionality *}
urbanc@40030
  1022
haftmann@41070
  1023
lemma fset_eqI:
haftmann@41070
  1024
  assumes "\<And>x. x \<in> fset A \<longleftrightarrow> x \<in> fset B"
haftmann@41070
  1025
  shows "A = B"
haftmann@41070
  1026
using assms proof (induct A arbitrary: B)
haftmann@41070
  1027
  case empty then show ?case
haftmann@41070
  1028
    by (auto simp add: in_fset none_in_empty_fset [symmetric] sym)
haftmann@41070
  1029
next
haftmann@41070
  1030
  case (insert x A)
haftmann@41070
  1031
  from insert.prems insert.hyps(1) have "\<And>z. z \<in> fset A \<longleftrightarrow> z \<in> fset (B - {|x|})"
haftmann@41070
  1032
    by (auto simp add: in_fset)
haftmann@41070
  1033
  then have "A = B - {|x|}" by (rule insert.hyps(2))
haftmann@41070
  1034
  moreover with insert.prems [symmetric, of x] have "x |\<in>| B" by (simp add: in_fset)
haftmann@41070
  1035
  ultimately show ?case by (metis in_fset_mdef)
haftmann@41070
  1036
qed
kaliszyk@36280
  1037
urbanc@40030
  1038
subsection {* alternate formulation with a different decomposition principle
kaliszyk@36280
  1039
  and a proof of equivalence *}
kaliszyk@36280
  1040
kaliszyk@36280
  1041
inductive
haftmann@40952
  1042
  list_eq2 :: "'a list \<Rightarrow> 'a list \<Rightarrow> bool" ("_ \<approx>2 _")
kaliszyk@36280
  1043
where
urbanc@40030
  1044
  "(a # b # xs) \<approx>2 (b # a # xs)"
urbanc@40030
  1045
| "[] \<approx>2 []"
haftmann@40952
  1046
| "xs \<approx>2 ys \<Longrightarrow> ys \<approx>2 xs"
urbanc@40030
  1047
| "(a # a # xs) \<approx>2 (a # xs)"
haftmann@40952
  1048
| "xs \<approx>2 ys \<Longrightarrow> (a # xs) \<approx>2 (a # ys)"
haftmann@40952
  1049
| "xs1 \<approx>2 xs2 \<Longrightarrow> xs2 \<approx>2 xs3 \<Longrightarrow> xs1 \<approx>2 xs3"
kaliszyk@36280
  1050
kaliszyk@36280
  1051
lemma list_eq2_refl:
urbanc@40030
  1052
  shows "xs \<approx>2 xs"
kaliszyk@36280
  1053
  by (induct xs) (auto intro: list_eq2.intros)
kaliszyk@36280
  1054
kaliszyk@36280
  1055
lemma cons_delete_list_eq2:
haftmann@40953
  1056
  shows "(a # (removeAll a A)) \<approx>2 (if List.member A a then A else a # A)"
kaliszyk@36280
  1057
  apply (induct A)
urbanc@40030
  1058
  apply (simp add: list_eq2_refl)
haftmann@40953
  1059
  apply (case_tac "List.member (aa # A) a")
urbanc@40030
  1060
  apply (simp_all)
kaliszyk@36280
  1061
  apply (case_tac [!] "a = aa")
kaliszyk@36280
  1062
  apply (simp_all)
haftmann@40953
  1063
  apply (case_tac "List.member A a")
urbanc@40030
  1064
  apply (auto)[2]
kaliszyk@36280
  1065
  apply (metis list_eq2.intros(3) list_eq2.intros(4) list_eq2.intros(5) list_eq2.intros(6))
kaliszyk@36280
  1066
  apply (metis list_eq2.intros(1) list_eq2.intros(5) list_eq2.intros(6))
haftmann@40953
  1067
  apply (auto simp add: list_eq2_refl)
kaliszyk@36280
  1068
  done
kaliszyk@36280
  1069
haftmann@40953
  1070
lemma member_delete_list_eq2:
haftmann@40953
  1071
  assumes a: "List.member r e"
urbanc@40030
  1072
  shows "(e # removeAll e r) \<approx>2 r"
kaliszyk@36280
  1073
  using a cons_delete_list_eq2[of e r]
kaliszyk@36280
  1074
  by simp
kaliszyk@36280
  1075
kaliszyk@36280
  1076
lemma list_eq2_equiv:
kaliszyk@36280
  1077
  "(l \<approx> r) \<longleftrightarrow> (list_eq2 l r)"
kaliszyk@36280
  1078
proof
kaliszyk@36280
  1079
  show "list_eq2 l r \<Longrightarrow> l \<approx> r" by (induct rule: list_eq2.induct) auto
kaliszyk@36280
  1080
next
kaliszyk@36280
  1081
  {
kaliszyk@36280
  1082
    fix n
urbanc@40030
  1083
    assume a: "card_list l = n" and b: "l \<approx> r"
urbanc@40030
  1084
    have "l \<approx>2 r"
kaliszyk@36280
  1085
      using a b
kaliszyk@36280
  1086
    proof (induct n arbitrary: l r)
kaliszyk@36280
  1087
      case 0
urbanc@40030
  1088
      have "card_list l = 0" by fact
haftmann@40953
  1089
      then have "\<forall>x. \<not> List.member l x" by auto
urbanc@40030
  1090
      then have z: "l = []" by auto
kaliszyk@36280
  1091
      then have "r = []" using `l \<approx> r` by simp
kaliszyk@36280
  1092
      then show ?case using z list_eq2_refl by simp
kaliszyk@36280
  1093
    next
kaliszyk@36280
  1094
      case (Suc m)
kaliszyk@36280
  1095
      have b: "l \<approx> r" by fact
urbanc@40030
  1096
      have d: "card_list l = Suc m" by fact
haftmann@40953
  1097
      then have "\<exists>a. List.member l a" 
wenzelm@41067
  1098
        apply(simp)
wenzelm@41067
  1099
        apply(drule card_eq_SucD)
wenzelm@41067
  1100
        apply(blast)
wenzelm@41067
  1101
        done
haftmann@40953
  1102
      then obtain a where e: "List.member l a" by auto
haftmann@40953
  1103
      then have e': "List.member r a" using list_eq_def [simplified List.member_def [symmetric], of l r] b 
wenzelm@41067
  1104
        by auto
urbanc@40030
  1105
      have f: "card_list (removeAll a l) = m" using e d by (simp)
kuncar@47198
  1106
      have g: "removeAll a l \<approx> removeAll a r" using remove_fset.rsp b by simp
urbanc@40030
  1107
      have "(removeAll a l) \<approx>2 (removeAll a r)" by (rule Suc.hyps[OF f g])
urbanc@40030
  1108
      then have h: "(a # removeAll a l) \<approx>2 (a # removeAll a r)" by (rule list_eq2.intros(5))
wenzelm@41067
  1109
      have i: "l \<approx>2 (a # removeAll a l)"
haftmann@40953
  1110
        by (rule list_eq2.intros(3)[OF member_delete_list_eq2[OF e]])
urbanc@40030
  1111
      have "l \<approx>2 (a # removeAll a r)" by (rule list_eq2.intros(6)[OF i h])
haftmann@40953
  1112
      then show ?case using list_eq2.intros(6)[OF _ member_delete_list_eq2[OF e']] by simp
kaliszyk@36280
  1113
    qed
kaliszyk@36280
  1114
    }
urbanc@40030
  1115
  then show "l \<approx> r \<Longrightarrow> l \<approx>2 r" by blast
kaliszyk@36280
  1116
qed
kaliszyk@36280
  1117
kaliszyk@36280
  1118
kaliszyk@36280
  1119
(* We cannot write it as "assumes .. shows" since Isabelle changes
kaliszyk@36280
  1120
   the quantifiers to schematic variables and reintroduces them in
kaliszyk@36280
  1121
   a different order *)
kaliszyk@36280
  1122
lemma fset_eq_cases:
kaliszyk@36280
  1123
 "\<lbrakk>a1 = a2;
urbanc@40030
  1124
   \<And>a b xs. \<lbrakk>a1 = insert_fset a (insert_fset b xs); a2 = insert_fset b (insert_fset a xs)\<rbrakk> \<Longrightarrow> P;
kaliszyk@36280
  1125
   \<lbrakk>a1 = {||}; a2 = {||}\<rbrakk> \<Longrightarrow> P; \<And>xs ys. \<lbrakk>a1 = ys; a2 = xs; xs = ys\<rbrakk> \<Longrightarrow> P;
urbanc@40030
  1126
   \<And>a xs. \<lbrakk>a1 = insert_fset a (insert_fset a xs); a2 = insert_fset a xs\<rbrakk> \<Longrightarrow> P;
urbanc@40030
  1127
   \<And>xs ys a. \<lbrakk>a1 = insert_fset a xs; a2 = insert_fset a ys; xs = ys\<rbrakk> \<Longrightarrow> P;
kaliszyk@36280
  1128
   \<And>xs1 xs2 xs3. \<lbrakk>a1 = xs1; a2 = xs3; xs1 = xs2; xs2 = xs3\<rbrakk> \<Longrightarrow> P\<rbrakk>
kaliszyk@36280
  1129
  \<Longrightarrow> P"
kaliszyk@36280
  1130
  by (lifting list_eq2.cases[simplified list_eq2_equiv[symmetric]])
kaliszyk@36280
  1131
kaliszyk@36280
  1132
lemma fset_eq_induct:
kaliszyk@36280
  1133
  assumes "x1 = x2"
urbanc@40030
  1134
  and "\<And>a b xs. P (insert_fset a (insert_fset b xs)) (insert_fset b (insert_fset a xs))"
kaliszyk@36280
  1135
  and "P {||} {||}"
kaliszyk@36280
  1136
  and "\<And>xs ys. \<lbrakk>xs = ys; P xs ys\<rbrakk> \<Longrightarrow> P ys xs"
urbanc@40030
  1137
  and "\<And>a xs. P (insert_fset a (insert_fset a xs)) (insert_fset a xs)"
urbanc@40030
  1138
  and "\<And>xs ys a. \<lbrakk>xs = ys; P xs ys\<rbrakk> \<Longrightarrow> P (insert_fset a xs) (insert_fset a ys)"
kaliszyk@36280
  1139
  and "\<And>xs1 xs2 xs3. \<lbrakk>xs1 = xs2; P xs1 xs2; xs2 = xs3; P xs2 xs3\<rbrakk> \<Longrightarrow> P xs1 xs3"
kaliszyk@36280
  1140
  shows "P x1 x2"
kaliszyk@36280
  1141
  using assms
kaliszyk@36280
  1142
  by (lifting list_eq2.induct[simplified list_eq2_equiv[symmetric]])
kaliszyk@36280
  1143
kaliszyk@36280
  1144
ML {*
kaliszyk@36465
  1145
fun dest_fsetT (Type (@{type_name fset}, [T])) = T
kaliszyk@36280
  1146
  | dest_fsetT T = raise TYPE ("dest_fsetT: fset type expected", [T], []);
kaliszyk@36280
  1147
*}
kaliszyk@36280
  1148
kaliszyk@36280
  1149
no_notation
urbanc@40034
  1150
  list_eq (infix "\<approx>" 50) and 
urbanc@40034
  1151
  list_eq2 (infix "\<approx>2" 50)
kaliszyk@36280
  1152
kaliszyk@36280
  1153
end