src/HOL/Library/Coinductive_List.thy
author haftmann
Wed Apr 22 19:09:21 2009 +0200 (2009-04-22)
changeset 30960 fec1a04b7220
parent 30952 7ab2716dd93b
child 30971 7fbebf75b3ef
permissions -rw-r--r--
power operation defined generic
wenzelm@18400
     1
(*  Title:      HOL/Library/Coinductive_Lists.thy
wenzelm@18400
     2
    Author:     Lawrence C Paulson and Makarius
wenzelm@18400
     3
*)
wenzelm@18400
     4
wenzelm@18400
     5
header {* Potentially infinite lists as greatest fixed-point *}
wenzelm@18400
     6
wenzelm@18400
     7
theory Coinductive_List
haftmann@30663
     8
imports List Main
wenzelm@18400
     9
begin
wenzelm@18400
    10
wenzelm@18400
    11
subsection {* List constructors over the datatype universe *}
wenzelm@18400
    12
wenzelm@24860
    13
definition "NIL = Datatype.In0 (Datatype.Numb 0)"
wenzelm@24860
    14
definition "CONS M N = Datatype.In1 (Datatype.Scons M N)"
wenzelm@18400
    15
wenzelm@18400
    16
lemma CONS_not_NIL [iff]: "CONS M N \<noteq> NIL"
wenzelm@18400
    17
  and NIL_not_CONS [iff]: "NIL \<noteq> CONS M N"
wenzelm@18400
    18
  and CONS_inject [iff]: "(CONS K M) = (CONS L N) = (K = L \<and> M = N)"
wenzelm@18400
    19
  by (simp_all add: NIL_def CONS_def)
wenzelm@18400
    20
wenzelm@18400
    21
lemma CONS_mono: "M \<subseteq> M' \<Longrightarrow> N \<subseteq> N' \<Longrightarrow> CONS M N \<subseteq> CONS M' N'"
wenzelm@18400
    22
  by (simp add: CONS_def In1_mono Scons_mono)
wenzelm@18400
    23
wenzelm@18400
    24
lemma CONS_UN1: "CONS M (\<Union>x. f x) = (\<Union>x. CONS M (f x))"
wenzelm@18400
    25
    -- {* A continuity result? *}
wenzelm@18400
    26
  by (simp add: CONS_def In1_UN1 Scons_UN1_y)
wenzelm@18400
    27
wenzelm@24860
    28
definition "List_case c h = Datatype.Case (\<lambda>_. c) (Datatype.Split h)"
wenzelm@18400
    29
wenzelm@18400
    30
lemma List_case_NIL [simp]: "List_case c h NIL = c"
wenzelm@18400
    31
  and List_case_CONS [simp]: "List_case c h (CONS M N) = h M N"
wenzelm@18400
    32
  by (simp_all add: List_case_def NIL_def CONS_def)
wenzelm@18400
    33
wenzelm@18400
    34
wenzelm@18400
    35
subsection {* Corecursive lists *}
wenzelm@18400
    36
wenzelm@24860
    37
coinductive_set LList for A
wenzelm@24860
    38
where NIL [intro]:  "NIL \<in> LList A"
berghofe@23755
    39
  | CONS [intro]: "a \<in> A \<Longrightarrow> M \<in> LList A \<Longrightarrow> CONS a M \<in> LList A"
wenzelm@18400
    40
berghofe@23755
    41
lemma LList_mono:
berghofe@23755
    42
  assumes subset: "A \<subseteq> B"
berghofe@23755
    43
  shows "LList A \<subseteq> LList B"
wenzelm@18400
    44
    -- {* This justifies using @{text LList} in other recursive type definitions. *}
berghofe@23755
    45
proof
berghofe@23755
    46
  fix x
berghofe@23755
    47
  assume "x \<in> LList A"
berghofe@23755
    48
  then show "x \<in> LList B"
berghofe@23755
    49
  proof coinduct
berghofe@23755
    50
    case LList
berghofe@23755
    51
    then show ?case using subset
berghofe@23755
    52
      by cases blast+
berghofe@23755
    53
  qed
berghofe@23755
    54
qed
wenzelm@18400
    55
wenzelm@18400
    56
consts
wenzelm@20820
    57
  LList_corec_aux :: "nat \<Rightarrow> ('a \<Rightarrow> ('b Datatype.item \<times> 'a) option) \<Rightarrow>
wenzelm@20820
    58
    'a \<Rightarrow> 'b Datatype.item"
wenzelm@18400
    59
primrec
wenzelm@18400
    60
  "LList_corec_aux 0 f x = {}"
wenzelm@18400
    61
  "LList_corec_aux (Suc k) f x =
wenzelm@18400
    62
    (case f x of
wenzelm@18400
    63
      None \<Rightarrow> NIL
wenzelm@18400
    64
    | Some (z, w) \<Rightarrow> CONS z (LList_corec_aux k f w))"
wenzelm@18400
    65
wenzelm@24860
    66
definition "LList_corec a f = (\<Union>k. LList_corec_aux k f a)"
wenzelm@18400
    67
wenzelm@18400
    68
text {*
wenzelm@18400
    69
  Note: the subsequent recursion equation for @{text LList_corec} may
wenzelm@18400
    70
  be used with the Simplifier, provided it operates in a non-strict
wenzelm@18400
    71
  fashion for case expressions (i.e.\ the usual @{text case}
wenzelm@18400
    72
  congruence rule needs to be present).
wenzelm@18400
    73
*}
wenzelm@18400
    74
wenzelm@18400
    75
lemma LList_corec:
wenzelm@18400
    76
  "LList_corec a f =
wenzelm@18400
    77
    (case f a of None \<Rightarrow> NIL | Some (z, w) \<Rightarrow> CONS z (LList_corec w f))"
wenzelm@18400
    78
  (is "?lhs = ?rhs")
wenzelm@18400
    79
proof
wenzelm@18400
    80
  show "?lhs \<subseteq> ?rhs"
wenzelm@18400
    81
    apply (unfold LList_corec_def)
wenzelm@18400
    82
    apply (rule UN_least)
wenzelm@18400
    83
    apply (case_tac k)
wenzelm@18400
    84
     apply (simp_all (no_asm_simp) split: option.splits)
wenzelm@18400
    85
    apply (rule allI impI subset_refl [THEN CONS_mono] UNIV_I [THEN UN_upper])+
wenzelm@18400
    86
    done
wenzelm@18400
    87
  show "?rhs \<subseteq> ?lhs"
wenzelm@18400
    88
    apply (simp add: LList_corec_def split: option.splits)
wenzelm@18400
    89
    apply (simp add: CONS_UN1)
wenzelm@18400
    90
    apply safe
wenzelm@18400
    91
     apply (rule_tac a = "Suc ?k" in UN_I, simp, simp)+
wenzelm@18400
    92
    done
wenzelm@18400
    93
qed
wenzelm@18400
    94
wenzelm@18400
    95
lemma LList_corec_type: "LList_corec a f \<in> LList UNIV"
wenzelm@18400
    96
proof -
berghofe@23755
    97
  have "\<exists>x. LList_corec a f = LList_corec x f" by blast
wenzelm@18400
    98
  then show ?thesis
wenzelm@18400
    99
  proof coinduct
wenzelm@18400
   100
    case (LList L)
wenzelm@18400
   101
    then obtain x where L: "L = LList_corec x f" by blast
wenzelm@18400
   102
    show ?case
wenzelm@18400
   103
    proof (cases "f x")
wenzelm@18400
   104
      case None
wenzelm@18400
   105
      then have "LList_corec x f = NIL"
wenzelm@18400
   106
        by (simp add: LList_corec)
wenzelm@18400
   107
      with L have ?NIL by simp
wenzelm@18400
   108
      then show ?thesis ..
wenzelm@18400
   109
    next
wenzelm@18400
   110
      case (Some p)
wenzelm@18400
   111
      then have "LList_corec x f = CONS (fst p) (LList_corec (snd p) f)"
berghofe@22780
   112
        by (simp add: LList_corec split: prod.split)
wenzelm@18400
   113
      with L have ?CONS by auto
wenzelm@18400
   114
      then show ?thesis ..
wenzelm@18400
   115
    qed
wenzelm@18400
   116
  qed
wenzelm@18400
   117
qed
wenzelm@18400
   118
wenzelm@18400
   119
wenzelm@18400
   120
subsection {* Abstract type definition *}
wenzelm@18400
   121
wenzelm@24860
   122
typedef 'a llist = "LList (range Datatype.Leaf) :: 'a Datatype.item set"
wenzelm@18400
   123
proof
wenzelm@18400
   124
  show "NIL \<in> ?llist" ..
wenzelm@18400
   125
qed
wenzelm@18400
   126
wenzelm@18400
   127
lemma NIL_type: "NIL \<in> llist"
wenzelm@18730
   128
  unfolding llist_def by (rule LList.NIL)
wenzelm@18400
   129
wenzelm@20820
   130
lemma CONS_type: "a \<in> range Datatype.Leaf \<Longrightarrow>
wenzelm@18400
   131
    M \<in> llist \<Longrightarrow> CONS a M \<in> llist"
wenzelm@18730
   132
  unfolding llist_def by (rule LList.CONS)
wenzelm@18400
   133
wenzelm@20820
   134
lemma llistI: "x \<in> LList (range Datatype.Leaf) \<Longrightarrow> x \<in> llist"
wenzelm@18400
   135
  by (simp add: llist_def)
wenzelm@18400
   136
wenzelm@20820
   137
lemma llistD: "x \<in> llist \<Longrightarrow> x \<in> LList (range Datatype.Leaf)"
wenzelm@18400
   138
  by (simp add: llist_def)
wenzelm@18400
   139
wenzelm@18400
   140
lemma Rep_llist_UNIV: "Rep_llist x \<in> LList UNIV"
wenzelm@18400
   141
proof -
wenzelm@18400
   142
  have "Rep_llist x \<in> llist" by (rule Rep_llist)
wenzelm@20820
   143
  then have "Rep_llist x \<in> LList (range Datatype.Leaf)"
wenzelm@18400
   144
    by (simp add: llist_def)
wenzelm@18400
   145
  also have "\<dots> \<subseteq> LList UNIV" by (rule LList_mono) simp
wenzelm@18400
   146
  finally show ?thesis .
wenzelm@18400
   147
qed
wenzelm@18400
   148
wenzelm@24860
   149
definition "LNil = Abs_llist NIL"
wenzelm@24860
   150
definition "LCons x xs = Abs_llist (CONS (Datatype.Leaf x) (Rep_llist xs))"
wenzelm@18400
   151
haftmann@28693
   152
code_datatype LNil LCons
haftmann@28693
   153
wenzelm@18400
   154
lemma LCons_not_LNil [iff]: "LCons x xs \<noteq> LNil"
wenzelm@18400
   155
  apply (simp add: LNil_def LCons_def)
wenzelm@18400
   156
  apply (subst Abs_llist_inject)
wenzelm@18400
   157
    apply (auto intro: NIL_type CONS_type Rep_llist)
wenzelm@18400
   158
  done
wenzelm@18400
   159
wenzelm@18400
   160
lemma LNil_not_LCons [iff]: "LNil \<noteq> LCons x xs"
wenzelm@18400
   161
  by (rule LCons_not_LNil [symmetric])
wenzelm@18400
   162
wenzelm@18400
   163
lemma LCons_inject [iff]: "(LCons x xs = LCons y ys) = (x = y \<and> xs = ys)"
wenzelm@18400
   164
  apply (simp add: LCons_def)
wenzelm@18400
   165
  apply (subst Abs_llist_inject)
wenzelm@18400
   166
    apply (auto simp add: Rep_llist_inject intro: CONS_type Rep_llist)
wenzelm@18400
   167
  done
wenzelm@18400
   168
wenzelm@18400
   169
lemma Rep_llist_LNil: "Rep_llist LNil = NIL"
wenzelm@18400
   170
  by (simp add: LNil_def add: Abs_llist_inverse NIL_type)
wenzelm@18400
   171
wenzelm@18400
   172
lemma Rep_llist_LCons: "Rep_llist (LCons x l) =
wenzelm@20820
   173
    CONS (Datatype.Leaf x) (Rep_llist l)"
wenzelm@18400
   174
  by (simp add: LCons_def Abs_llist_inverse CONS_type Rep_llist)
wenzelm@18400
   175
wenzelm@20802
   176
lemma llist_cases [cases type: llist]:
wenzelm@20802
   177
  obtains
wenzelm@20802
   178
    (LNil) "l = LNil"
wenzelm@20802
   179
  | (LCons) x l' where "l = LCons x l'"
wenzelm@18400
   180
proof (cases l)
wenzelm@18400
   181
  case (Abs_llist L)
wenzelm@20820
   182
  from `L \<in> llist` have "L \<in> LList (range Datatype.Leaf)" by (rule llistD)
wenzelm@18400
   183
  then show ?thesis
wenzelm@18400
   184
  proof cases
wenzelm@18400
   185
    case NIL
wenzelm@18400
   186
    with Abs_llist have "l = LNil" by (simp add: LNil_def)
wenzelm@18400
   187
    with LNil show ?thesis .
wenzelm@18400
   188
  next
berghofe@23755
   189
    case (CONS a K)
wenzelm@18400
   190
    then have "K \<in> llist" by (blast intro: llistI)
wenzelm@18400
   191
    then obtain l' where "K = Rep_llist l'" by cases
wenzelm@18400
   192
    with CONS and Abs_llist obtain x where "l = LCons x l'"
wenzelm@18400
   193
      by (auto simp add: LCons_def Abs_llist_inject)
wenzelm@18400
   194
    with LCons show ?thesis .
wenzelm@18400
   195
  qed
wenzelm@18400
   196
qed
wenzelm@18400
   197
wenzelm@18400
   198
wenzelm@19086
   199
definition
haftmann@28693
   200
  [code del]: "llist_case c d l =
wenzelm@20820
   201
    List_case c (\<lambda>x y. d (inv Datatype.Leaf x) (Abs_llist y)) (Rep_llist l)"
wenzelm@20770
   202
wenzelm@20770
   203
syntax  (* FIXME? *)
wenzelm@20770
   204
  LNil :: logic
wenzelm@20770
   205
  LCons :: logic
wenzelm@18400
   206
translations
wenzelm@20770
   207
  "case p of LNil \<Rightarrow> a | LCons x l \<Rightarrow> b" \<rightleftharpoons> "CONST llist_case a (\<lambda>x l. b) p"
wenzelm@18400
   208
haftmann@28693
   209
lemma llist_case_LNil [simp, code]: "llist_case c d LNil = c"
wenzelm@18400
   210
  by (simp add: llist_case_def LNil_def
wenzelm@18400
   211
    NIL_type Abs_llist_inverse)
wenzelm@18400
   212
haftmann@28693
   213
lemma llist_case_LCons [simp, code]: "llist_case c d (LCons M N) = d M N"
wenzelm@18400
   214
  by (simp add: llist_case_def LCons_def
wenzelm@18400
   215
    CONS_type Abs_llist_inverse Rep_llist Rep_llist_inverse inj_Leaf)
wenzelm@18400
   216
haftmann@28693
   217
lemma llist_case_cert:
haftmann@28693
   218
  assumes "CASE \<equiv> llist_case c d"
wenzelm@28856
   219
  shows "(CASE LNil \<equiv> c) &&& (CASE (LCons M N) \<equiv> d M N)"
haftmann@28693
   220
  using assms by simp_all
haftmann@28693
   221
haftmann@28693
   222
setup {*
haftmann@28693
   223
  Code.add_case @{thm llist_case_cert}
haftmann@28693
   224
*}
wenzelm@18400
   225
wenzelm@19086
   226
definition
haftmann@28693
   227
  [code del]: "llist_corec a f =
wenzelm@18400
   228
    Abs_llist (LList_corec a
wenzelm@18400
   229
      (\<lambda>z.
wenzelm@18400
   230
        case f z of None \<Rightarrow> None
wenzelm@20820
   231
        | Some (v, w) \<Rightarrow> Some (Datatype.Leaf v, w)))"
wenzelm@18400
   232
wenzelm@18400
   233
lemma LList_corec_type2:
wenzelm@18400
   234
  "LList_corec a
wenzelm@18400
   235
    (\<lambda>z. case f z of None \<Rightarrow> None
wenzelm@20820
   236
      | Some (v, w) \<Rightarrow> Some (Datatype.Leaf v, w)) \<in> llist"
wenzelm@18400
   237
  (is "?corec a \<in> _")
wenzelm@18400
   238
proof (unfold llist_def)
wenzelm@18400
   239
  let "LList_corec a ?g" = "?corec a"
berghofe@23755
   240
  have "\<exists>x. ?corec a = ?corec x" by blast
wenzelm@20820
   241
  then show "?corec a \<in> LList (range Datatype.Leaf)"
wenzelm@18400
   242
  proof coinduct
wenzelm@18400
   243
    case (LList L)
wenzelm@18400
   244
    then obtain x where L: "L = ?corec x" by blast
wenzelm@18400
   245
    show ?case
wenzelm@18400
   246
    proof (cases "f x")
wenzelm@18400
   247
      case None
wenzelm@18400
   248
      then have "?corec x = NIL"
wenzelm@18400
   249
        by (simp add: LList_corec)
wenzelm@18400
   250
      with L have ?NIL by simp
wenzelm@18400
   251
      then show ?thesis ..
wenzelm@18400
   252
    next
wenzelm@18400
   253
      case (Some p)
wenzelm@18400
   254
      then have "?corec x =
wenzelm@20820
   255
          CONS (Datatype.Leaf (fst p)) (?corec (snd p))"
berghofe@22780
   256
        by (simp add: LList_corec split: prod.split)
wenzelm@18400
   257
      with L have ?CONS by auto
wenzelm@18400
   258
      then show ?thesis ..
wenzelm@18400
   259
    qed
wenzelm@18400
   260
  qed
wenzelm@18400
   261
qed
wenzelm@18400
   262
haftmann@28693
   263
lemma llist_corec [code]:
wenzelm@18400
   264
  "llist_corec a f =
wenzelm@18400
   265
    (case f a of None \<Rightarrow> LNil | Some (z, w) \<Rightarrow> LCons z (llist_corec w f))"
wenzelm@18400
   266
proof (cases "f a")
wenzelm@18400
   267
  case None
wenzelm@18400
   268
  then show ?thesis
wenzelm@18400
   269
    by (simp add: llist_corec_def LList_corec LNil_def)
wenzelm@18400
   270
next
wenzelm@18400
   271
  case (Some p)
wenzelm@18400
   272
wenzelm@18400
   273
  let "?corec a" = "llist_corec a f"
wenzelm@18400
   274
  let "?rep_corec a" =
wenzelm@18400
   275
    "LList_corec a
wenzelm@18400
   276
      (\<lambda>z. case f z of None \<Rightarrow> None
wenzelm@20820
   277
        | Some (v, w) \<Rightarrow> Some (Datatype.Leaf v, w))"
wenzelm@18400
   278
wenzelm@18400
   279
  have "?corec a = Abs_llist (?rep_corec a)"
wenzelm@18400
   280
    by (simp only: llist_corec_def)
wenzelm@18400
   281
  also from Some have "?rep_corec a =
wenzelm@20820
   282
      CONS (Datatype.Leaf (fst p)) (?rep_corec (snd p))"
berghofe@22780
   283
    by (simp add: LList_corec split: prod.split)
wenzelm@18400
   284
  also have "?rep_corec (snd p) = Rep_llist (?corec (snd p))"
wenzelm@18400
   285
    by (simp only: llist_corec_def Abs_llist_inverse LList_corec_type2)
wenzelm@18400
   286
  finally have "?corec a = LCons (fst p) (?corec (snd p))"
wenzelm@18400
   287
    by (simp only: LCons_def)
berghofe@22780
   288
  with Some show ?thesis by (simp split: prod.split)
wenzelm@18400
   289
qed
wenzelm@18400
   290
wenzelm@18400
   291
wenzelm@22367
   292
subsection {* Equality as greatest fixed-point -- the bisimulation principle *}
wenzelm@18400
   293
wenzelm@24860
   294
coinductive_set EqLList for r
wenzelm@24860
   295
where EqNIL: "(NIL, NIL) \<in> EqLList r"
berghofe@23755
   296
  | EqCONS: "(a, b) \<in> r \<Longrightarrow> (M, N) \<in> EqLList r \<Longrightarrow>
wenzelm@18400
   297
      (CONS a M, CONS b N) \<in> EqLList r"
wenzelm@18400
   298
wenzelm@18400
   299
lemma EqLList_unfold:
nipkow@30198
   300
    "EqLList r = dsum (Id_on {Datatype.Numb 0}) (dprod r (EqLList r))"
wenzelm@18400
   301
  by (fast intro!: EqLList.intros [unfolded NIL_def CONS_def]
wenzelm@18400
   302
           elim: EqLList.cases [unfolded NIL_def CONS_def])
wenzelm@18400
   303
wenzelm@18400
   304
lemma EqLList_implies_ntrunc_equality:
nipkow@30198
   305
    "(M, N) \<in> EqLList (Id_on A) \<Longrightarrow> ntrunc k M = ntrunc k N"
wenzelm@20503
   306
  apply (induct k arbitrary: M N rule: nat_less_induct)
wenzelm@18400
   307
  apply (erule EqLList.cases)
wenzelm@18400
   308
   apply (safe del: equalityI)
wenzelm@18400
   309
  apply (case_tac n)
wenzelm@18400
   310
   apply simp
wenzelm@18400
   311
  apply (rename_tac n')
wenzelm@18400
   312
  apply (case_tac n')
wenzelm@18400
   313
   apply (simp_all add: CONS_def less_Suc_eq)
wenzelm@18400
   314
  done
wenzelm@18400
   315
nipkow@30198
   316
lemma Domain_EqLList: "Domain (EqLList (Id_on A)) \<subseteq> LList A"
berghofe@23755
   317
  apply (rule subsetI)
berghofe@23755
   318
  apply (erule LList.coinduct)
berghofe@23755
   319
  apply (subst (asm) EqLList_unfold)
berghofe@23755
   320
  apply (auto simp add: NIL_def CONS_def)
wenzelm@18400
   321
  done
wenzelm@18400
   322
nipkow@30198
   323
lemma EqLList_Id_on: "EqLList (Id_on A) = Id_on (LList A)"
wenzelm@18400
   324
  (is "?lhs = ?rhs")
wenzelm@18400
   325
proof
wenzelm@18400
   326
  show "?lhs \<subseteq> ?rhs"
wenzelm@18400
   327
    apply (rule subsetI)
wenzelm@18400
   328
    apply (rule_tac p = x in PairE)
wenzelm@18400
   329
    apply clarify
nipkow@30198
   330
    apply (rule Id_on_eqI)
wenzelm@18400
   331
     apply (rule EqLList_implies_ntrunc_equality [THEN ntrunc_equality],
wenzelm@18400
   332
       assumption)
wenzelm@18400
   333
    apply (erule DomainI [THEN Domain_EqLList [THEN subsetD]])
wenzelm@18400
   334
    done
berghofe@23755
   335
  {
nipkow@30198
   336
    fix M N assume "(M, N) \<in> Id_on (LList A)"
nipkow@30198
   337
    then have "(M, N) \<in> EqLList (Id_on A)"
wenzelm@18400
   338
    proof coinduct
berghofe@23755
   339
      case (EqLList M N)
berghofe@23755
   340
      then obtain L where L: "L \<in> LList A" and MN: "M = L" "N = L" by blast
wenzelm@18400
   341
      from L show ?case
wenzelm@18400
   342
      proof cases
berghofe@23755
   343
        case NIL with MN have ?EqNIL by simp
wenzelm@18400
   344
        then show ?thesis ..
wenzelm@18400
   345
      next
nipkow@30198
   346
        case CONS with MN have ?EqCONS by (simp add: Id_onI)
wenzelm@18400
   347
        then show ?thesis ..
wenzelm@18400
   348
      qed
wenzelm@18400
   349
    qed
berghofe@23755
   350
  }
berghofe@23755
   351
  then show "?rhs \<subseteq> ?lhs" by auto
wenzelm@18400
   352
qed
wenzelm@18400
   353
nipkow@30198
   354
lemma EqLList_Id_on_iff [iff]: "(p \<in> EqLList (Id_on A)) = (p \<in> Id_on (LList A))"
nipkow@30198
   355
  by (simp only: EqLList_Id_on)
wenzelm@18400
   356
wenzelm@18400
   357
wenzelm@18400
   358
text {*
wenzelm@18400
   359
  To show two LLists are equal, exhibit a bisimulation!  (Also admits
wenzelm@18400
   360
  true equality.)
wenzelm@18400
   361
*}
wenzelm@18400
   362
wenzelm@18400
   363
lemma LList_equalityI
wenzelm@18400
   364
  [consumes 1, case_names EqLList, case_conclusion EqLList EqNIL EqCONS]:
wenzelm@18400
   365
  assumes r: "(M, N) \<in> r"
berghofe@23755
   366
    and step: "\<And>M N. (M, N) \<in> r \<Longrightarrow>
berghofe@23755
   367
      M = NIL \<and> N = NIL \<or>
berghofe@23755
   368
        (\<exists>a b M' N'.
nipkow@30198
   369
          M = CONS a M' \<and> N = CONS b N' \<and> (a, b) \<in> Id_on A \<and>
nipkow@30198
   370
            ((M', N') \<in> r \<or> (M', N') \<in> EqLList (Id_on A)))"
wenzelm@18400
   371
  shows "M = N"
wenzelm@18400
   372
proof -
nipkow@30198
   373
  from r have "(M, N) \<in> EqLList (Id_on A)"
wenzelm@18400
   374
  proof coinduct
wenzelm@18400
   375
    case EqLList
wenzelm@18400
   376
    then show ?case by (rule step)
wenzelm@18400
   377
  qed
wenzelm@18400
   378
  then show ?thesis by auto
wenzelm@18400
   379
qed
wenzelm@18400
   380
wenzelm@18400
   381
lemma LList_fun_equalityI
wenzelm@18400
   382
  [consumes 1, case_names NIL_type NIL CONS, case_conclusion CONS EqNIL EqCONS]:
wenzelm@18400
   383
  assumes M: "M \<in> LList A"
wenzelm@18400
   384
    and fun_NIL: "g NIL \<in> LList A"  "f NIL = g NIL"
wenzelm@18400
   385
    and fun_CONS: "\<And>x l. x \<in> A \<Longrightarrow> l \<in> LList A \<Longrightarrow>
wenzelm@18400
   386
            (f (CONS x l), g (CONS x l)) = (NIL, NIL) \<or>
wenzelm@18400
   387
            (\<exists>M N a b.
wenzelm@18400
   388
              (f (CONS x l), g (CONS x l)) = (CONS a M, CONS b N) \<and>
nipkow@30198
   389
                (a, b) \<in> Id_on A \<and>
nipkow@30198
   390
                (M, N) \<in> {(f u, g u) | u. u \<in> LList A} \<union> Id_on (LList A))"
wenzelm@18400
   391
      (is "\<And>x l. _ \<Longrightarrow> _ \<Longrightarrow> ?fun_CONS x l")
wenzelm@18400
   392
  shows "f M = g M"
wenzelm@18400
   393
proof -
wenzelm@18400
   394
  let ?bisim = "{(f L, g L) | L. L \<in> LList A}"
wenzelm@18400
   395
  have "(f M, g M) \<in> ?bisim" using M by blast
wenzelm@18400
   396
  then show ?thesis
wenzelm@18400
   397
  proof (coinduct taking: A rule: LList_equalityI)
berghofe@23755
   398
    case (EqLList M N)
berghofe@23755
   399
    then obtain L where MN: "M = f L" "N = g L" and L: "L \<in> LList A" by blast
wenzelm@18400
   400
    from L show ?case
wenzelm@18400
   401
    proof (cases L)
wenzelm@18400
   402
      case NIL
nipkow@30198
   403
      with fun_NIL and MN have "(M, N) \<in> Id_on (LList A)" by auto
nipkow@30198
   404
      then have "(M, N) \<in> EqLList (Id_on A)" ..
wenzelm@18400
   405
      then show ?thesis by cases simp_all
wenzelm@18400
   406
    next
berghofe@23755
   407
      case (CONS a K)
wenzelm@18400
   408
      from fun_CONS and `a \<in> A` `K \<in> LList A`
wenzelm@18400
   409
      have "?fun_CONS a K" (is "?NIL \<or> ?CONS") .
wenzelm@18400
   410
      then show ?thesis
wenzelm@18400
   411
      proof
wenzelm@18400
   412
        assume ?NIL
nipkow@30198
   413
        with MN CONS have "(M, N) \<in> Id_on (LList A)" by auto
nipkow@30198
   414
        then have "(M, N) \<in> EqLList (Id_on A)" ..
wenzelm@18400
   415
        then show ?thesis by cases simp_all
wenzelm@18400
   416
      next
wenzelm@18400
   417
        assume ?CONS
berghofe@23755
   418
        with CONS obtain a b M' N' where
berghofe@23755
   419
            fg: "(f L, g L) = (CONS a M', CONS b N')"
nipkow@30198
   420
          and ab: "(a, b) \<in> Id_on A"
nipkow@30198
   421
          and M'N': "(M', N') \<in> ?bisim \<union> Id_on (LList A)"
wenzelm@18400
   422
          by blast
berghofe@23755
   423
        from M'N' show ?thesis
wenzelm@18400
   424
        proof
berghofe@23755
   425
          assume "(M', N') \<in> ?bisim"
berghofe@23755
   426
          with MN fg ab show ?thesis by simp
wenzelm@18400
   427
        next
nipkow@30198
   428
          assume "(M', N') \<in> Id_on (LList A)"
nipkow@30198
   429
          then have "(M', N') \<in> EqLList (Id_on A)" ..
berghofe@23755
   430
          with MN fg ab show ?thesis by simp
wenzelm@18400
   431
        qed
wenzelm@18400
   432
      qed
wenzelm@18400
   433
    qed
wenzelm@18400
   434
  qed
wenzelm@18400
   435
qed
wenzelm@18400
   436
wenzelm@18400
   437
text {*
wenzelm@18400
   438
  Finality of @{text "llist A"}: Uniqueness of functions defined by corecursion.
wenzelm@18400
   439
*}
wenzelm@18400
   440
wenzelm@18400
   441
lemma equals_LList_corec:
wenzelm@18400
   442
  assumes h: "\<And>x. h x =
wenzelm@18400
   443
    (case f x of None \<Rightarrow> NIL | Some (z, w) \<Rightarrow> CONS z (h w))"
wenzelm@18400
   444
  shows "h x = (\<lambda>x. LList_corec x f) x"
wenzelm@18400
   445
proof -
wenzelm@18400
   446
  def h' \<equiv> "\<lambda>x. LList_corec x f"
wenzelm@18400
   447
  then have h': "\<And>x. h' x =
wenzelm@18400
   448
      (case f x of None \<Rightarrow> NIL | Some (z, w) \<Rightarrow> CONS z (h' w))"
wenzelm@18730
   449
    unfolding h'_def by (simp add: LList_corec)
wenzelm@18400
   450
  have "(h x, h' x) \<in> {(h u, h' u) | u. True}" by blast
wenzelm@18400
   451
  then show "h x = h' x"
wenzelm@24863
   452
  proof (coinduct taking: UNIV rule: LList_equalityI)
berghofe@23755
   453
    case (EqLList M N)
berghofe@23755
   454
    then obtain x where MN: "M = h x" "N = h' x" by blast
wenzelm@18400
   455
    show ?case
wenzelm@18400
   456
    proof (cases "f x")
wenzelm@18400
   457
      case None
berghofe@23755
   458
      with h h' MN have ?EqNIL by simp
wenzelm@18400
   459
      then show ?thesis ..
wenzelm@18400
   460
    next
wenzelm@18400
   461
      case (Some p)
berghofe@23755
   462
      with h h' MN have "M = CONS (fst p) (h (snd p))"
berghofe@23755
   463
	and "N = CONS (fst p) (h' (snd p))"
berghofe@23755
   464
        by (simp_all split: prod.split)
nipkow@30198
   465
      then have ?EqCONS by (auto iff: Id_on_iff)
wenzelm@18400
   466
      then show ?thesis ..
wenzelm@18400
   467
    qed
wenzelm@18400
   468
  qed
wenzelm@18400
   469
qed
wenzelm@18400
   470
wenzelm@18400
   471
wenzelm@18400
   472
lemma llist_equalityI
wenzelm@18400
   473
  [consumes 1, case_names Eqllist, case_conclusion Eqllist EqLNil EqLCons]:
wenzelm@18400
   474
  assumes r: "(l1, l2) \<in> r"
wenzelm@18400
   475
    and step: "\<And>q. q \<in> r \<Longrightarrow>
wenzelm@18400
   476
      q = (LNil, LNil) \<or>
wenzelm@18400
   477
        (\<exists>l1 l2 a b.
wenzelm@18400
   478
          q = (LCons a l1, LCons b l2) \<and> a = b \<and>
wenzelm@18400
   479
            ((l1, l2) \<in> r \<or> l1 = l2))"
wenzelm@18400
   480
      (is "\<And>q. _ \<Longrightarrow> ?EqLNil q \<or> ?EqLCons q")
wenzelm@18400
   481
  shows "l1 = l2"
wenzelm@18400
   482
proof -
wenzelm@18400
   483
  def M \<equiv> "Rep_llist l1" and N \<equiv> "Rep_llist l2"
wenzelm@18400
   484
  with r have "(M, N) \<in> {(Rep_llist l1, Rep_llist l2) | l1 l2. (l1, l2) \<in> r}"
wenzelm@18400
   485
    by blast
wenzelm@18400
   486
  then have "M = N"
wenzelm@24863
   487
  proof (coinduct taking: UNIV rule: LList_equalityI)
berghofe@23755
   488
    case (EqLList M N)
wenzelm@18400
   489
    then obtain l1 l2 where
berghofe@23755
   490
        MN: "M = Rep_llist l1" "N = Rep_llist l2" and r: "(l1, l2) \<in> r"
wenzelm@18400
   491
      by auto
wenzelm@18400
   492
    from step [OF r] show ?case
wenzelm@18400
   493
    proof
wenzelm@18400
   494
      assume "?EqLNil (l1, l2)"
berghofe@23755
   495
      with MN have ?EqNIL by (simp add: Rep_llist_LNil)
wenzelm@18400
   496
      then show ?thesis ..
wenzelm@18400
   497
    next
wenzelm@18400
   498
      assume "?EqLCons (l1, l2)"
berghofe@23755
   499
      with MN have ?EqCONS
nipkow@30198
   500
        by (force simp add: Rep_llist_LCons EqLList_Id_on intro: Rep_llist_UNIV)
wenzelm@18400
   501
      then show ?thesis ..
wenzelm@18400
   502
    qed
wenzelm@18400
   503
  qed
wenzelm@18400
   504
  then show ?thesis by (simp add: M_def N_def Rep_llist_inject)
wenzelm@18400
   505
qed
wenzelm@18400
   506
wenzelm@18400
   507
lemma llist_fun_equalityI
wenzelm@18400
   508
  [case_names LNil LCons, case_conclusion LCons EqLNil EqLCons]:
wenzelm@18400
   509
  assumes fun_LNil: "f LNil = g LNil"
wenzelm@18400
   510
    and fun_LCons: "\<And>x l.
wenzelm@18400
   511
      (f (LCons x l), g (LCons x l)) = (LNil, LNil) \<or>
wenzelm@18400
   512
        (\<exists>l1 l2 a b.
wenzelm@18400
   513
          (f (LCons x l), g (LCons x l)) = (LCons a l1, LCons b l2) \<and>
wenzelm@18400
   514
            a = b \<and> ((l1, l2) \<in> {(f u, g u) | u. True} \<or> l1 = l2))"
wenzelm@18400
   515
      (is "\<And>x l. ?fun_LCons x l")
wenzelm@18400
   516
  shows "f l = g l"
wenzelm@18400
   517
proof -
wenzelm@18400
   518
  have "(f l, g l) \<in> {(f l, g l) | l. True}" by blast
wenzelm@18400
   519
  then show ?thesis
wenzelm@18400
   520
  proof (coinduct rule: llist_equalityI)
wenzelm@18400
   521
    case (Eqllist q)
wenzelm@18400
   522
    then obtain l where q: "q = (f l, g l)" by blast
wenzelm@18400
   523
    show ?case
wenzelm@18400
   524
    proof (cases l)
wenzelm@18400
   525
      case LNil
wenzelm@18400
   526
      with fun_LNil and q have "q = (g LNil, g LNil)" by simp
wenzelm@18400
   527
      then show ?thesis by (cases "g LNil") simp_all
wenzelm@18400
   528
    next
wenzelm@18400
   529
      case (LCons x l')
wenzelm@18400
   530
      with `?fun_LCons x l'` q LCons show ?thesis by blast
wenzelm@18400
   531
    qed
wenzelm@18400
   532
  qed
wenzelm@18400
   533
qed
wenzelm@18400
   534
wenzelm@18400
   535
wenzelm@18400
   536
subsection {* Derived operations -- both on the set and abstract type *}
wenzelm@18400
   537
wenzelm@18400
   538
subsubsection {* @{text Lconst} *}
wenzelm@18400
   539
wenzelm@24860
   540
definition "Lconst M \<equiv> lfp (\<lambda>N. CONS M N)"
wenzelm@18400
   541
wenzelm@18400
   542
lemma Lconst_fun_mono: "mono (CONS M)"
wenzelm@18400
   543
  by (simp add: monoI CONS_mono)
wenzelm@18400
   544
wenzelm@18400
   545
lemma Lconst: "Lconst M = CONS M (Lconst M)"
wenzelm@18400
   546
  by (rule Lconst_def [THEN def_lfp_unfold]) (rule Lconst_fun_mono)
wenzelm@18400
   547
wenzelm@18400
   548
lemma Lconst_type:
wenzelm@18400
   549
  assumes "M \<in> A"
wenzelm@18400
   550
  shows "Lconst M \<in> LList A"
wenzelm@18400
   551
proof -
berghofe@23755
   552
  have "Lconst M \<in> {Lconst (id M)}" by simp
wenzelm@18400
   553
  then show ?thesis
wenzelm@18400
   554
  proof coinduct
wenzelm@18400
   555
    case (LList N)
wenzelm@18400
   556
    then have "N = Lconst M" by simp
wenzelm@18400
   557
    also have "\<dots> = CONS M (Lconst M)" by (rule Lconst)
wenzelm@18400
   558
    finally have ?CONS using `M \<in> A` by simp
wenzelm@18400
   559
    then show ?case ..
wenzelm@18400
   560
  qed
wenzelm@18400
   561
qed
wenzelm@18400
   562
wenzelm@18400
   563
lemma Lconst_eq_LList_corec: "Lconst M = LList_corec M (\<lambda>x. Some (x, x))"
wenzelm@18400
   564
  apply (rule equals_LList_corec)
wenzelm@18400
   565
  apply simp
wenzelm@18400
   566
  apply (rule Lconst)
wenzelm@18400
   567
  done
wenzelm@18400
   568
wenzelm@18400
   569
lemma gfp_Lconst_eq_LList_corec:
wenzelm@18400
   570
    "gfp (\<lambda>N. CONS M N) = LList_corec M (\<lambda>x. Some(x, x))"
wenzelm@18400
   571
  apply (rule equals_LList_corec)
wenzelm@18400
   572
  apply simp
wenzelm@18400
   573
  apply (rule Lconst_fun_mono [THEN gfp_unfold])
wenzelm@18400
   574
  done
wenzelm@18400
   575
wenzelm@18400
   576
wenzelm@18400
   577
subsubsection {* @{text Lmap} and @{text lmap} *}
wenzelm@18400
   578
wenzelm@19086
   579
definition
wenzelm@19086
   580
  "Lmap f M = LList_corec M (List_case None (\<lambda>x M'. Some (f x, M')))"
wenzelm@21404
   581
definition
wenzelm@19086
   582
  "lmap f l = llist_corec l
wenzelm@18400
   583
    (\<lambda>z.
wenzelm@18400
   584
      case z of LNil \<Rightarrow> None
wenzelm@18400
   585
      | LCons y z \<Rightarrow> Some (f y, z))"
wenzelm@18400
   586
wenzelm@18400
   587
lemma Lmap_NIL [simp]: "Lmap f NIL = NIL"
wenzelm@18400
   588
  and Lmap_CONS [simp]: "Lmap f (CONS M N) = CONS (f M) (Lmap f N)"
wenzelm@18400
   589
  by (simp_all add: Lmap_def LList_corec)
wenzelm@18400
   590
wenzelm@18400
   591
lemma Lmap_type:
wenzelm@18400
   592
  assumes M: "M \<in> LList A"
wenzelm@18400
   593
    and f: "\<And>x. x \<in> A \<Longrightarrow> f x \<in> B"
wenzelm@18400
   594
  shows "Lmap f M \<in> LList B"
wenzelm@18400
   595
proof -
wenzelm@18400
   596
  from M have "Lmap f M \<in> {Lmap f N | N. N \<in> LList A}" by blast
wenzelm@18400
   597
  then show ?thesis
wenzelm@18400
   598
  proof coinduct
wenzelm@18400
   599
    case (LList L)
wenzelm@18400
   600
    then obtain N where L: "L = Lmap f N" and N: "N \<in> LList A" by blast
wenzelm@18400
   601
    from N show ?case
wenzelm@18400
   602
    proof cases
wenzelm@18400
   603
      case NIL
wenzelm@18400
   604
      with L have ?NIL by simp
wenzelm@18400
   605
      then show ?thesis ..
wenzelm@18400
   606
    next
wenzelm@18400
   607
      case (CONS K a)
wenzelm@18400
   608
      with f L have ?CONS by auto
wenzelm@18400
   609
      then show ?thesis ..
wenzelm@18400
   610
    qed
wenzelm@18400
   611
  qed
wenzelm@18400
   612
qed
wenzelm@18400
   613
wenzelm@18400
   614
lemma Lmap_compose:
wenzelm@18400
   615
  assumes M: "M \<in> LList A"
wenzelm@18400
   616
  shows "Lmap (f o g) M = Lmap f (Lmap g M)"  (is "?lhs M = ?rhs M")
wenzelm@18400
   617
proof -
wenzelm@18400
   618
  have "(?lhs M, ?rhs M) \<in> {(?lhs N, ?rhs N) | N. N \<in> LList A}"
wenzelm@18400
   619
    using M by blast
wenzelm@18400
   620
  then show ?thesis
wenzelm@24863
   621
  proof (coinduct taking: "range (\<lambda>N. N)" rule: LList_equalityI)
berghofe@23755
   622
    case (EqLList L M)
berghofe@23755
   623
    then obtain N where LM: "L = ?lhs N" "M = ?rhs N" and N: "N \<in> LList A" by blast
wenzelm@18400
   624
    from N show ?case
wenzelm@18400
   625
    proof cases
wenzelm@18400
   626
      case NIL
berghofe@23755
   627
      with LM have ?EqNIL by simp
wenzelm@18400
   628
      then show ?thesis ..
wenzelm@18400
   629
    next
wenzelm@18400
   630
      case CONS
berghofe@23755
   631
      with LM have ?EqCONS by auto
wenzelm@18400
   632
      then show ?thesis ..
wenzelm@18400
   633
    qed
wenzelm@18400
   634
  qed
wenzelm@18400
   635
qed
wenzelm@18400
   636
wenzelm@18400
   637
lemma Lmap_ident:
wenzelm@18400
   638
  assumes M: "M \<in> LList A"
wenzelm@18400
   639
  shows "Lmap (\<lambda>x. x) M = M"  (is "?lmap M = _")
wenzelm@18400
   640
proof -
wenzelm@18400
   641
  have "(?lmap M, M) \<in> {(?lmap N, N) | N. N \<in> LList A}" using M by blast
wenzelm@18400
   642
  then show ?thesis
wenzelm@24863
   643
  proof (coinduct taking: "range (\<lambda>N. N)" rule: LList_equalityI)
berghofe@23755
   644
    case (EqLList L M)
berghofe@23755
   645
    then obtain N where LM: "L = ?lmap N" "M = N" and N: "N \<in> LList A" by blast
wenzelm@18400
   646
    from N show ?case
wenzelm@18400
   647
    proof cases
wenzelm@18400
   648
      case NIL
berghofe@23755
   649
      with LM have ?EqNIL by simp
wenzelm@18400
   650
      then show ?thesis ..
wenzelm@18400
   651
    next
wenzelm@18400
   652
      case CONS
berghofe@23755
   653
      with LM have ?EqCONS by auto
wenzelm@18400
   654
      then show ?thesis ..
wenzelm@18400
   655
    qed
wenzelm@18400
   656
  qed
wenzelm@18400
   657
qed
wenzelm@18400
   658
wenzelm@18400
   659
lemma lmap_LNil [simp]: "lmap f LNil = LNil"
wenzelm@18400
   660
  and lmap_LCons [simp]: "lmap f (LCons M N) = LCons (f M) (lmap f N)"
wenzelm@18400
   661
  by (simp_all add: lmap_def llist_corec)
wenzelm@18400
   662
wenzelm@18400
   663
lemma lmap_compose [simp]: "lmap (f o g) l = lmap f (lmap g l)"
wenzelm@24860
   664
  by (coinduct l rule: llist_fun_equalityI) auto
wenzelm@18400
   665
wenzelm@18400
   666
lemma lmap_ident [simp]: "lmap (\<lambda>x. x) l = l"
wenzelm@24860
   667
  by (coinduct l rule: llist_fun_equalityI) auto
wenzelm@18400
   668
wenzelm@18400
   669
wenzelm@18400
   670
wenzelm@18400
   671
subsubsection {* @{text Lappend} *}
wenzelm@18400
   672
wenzelm@19086
   673
definition
wenzelm@19086
   674
  "Lappend M N = LList_corec (M, N)
wenzelm@18400
   675
    (split (List_case
wenzelm@18400
   676
        (List_case None (\<lambda>N1 N2. Some (N1, (NIL, N2))))
wenzelm@18400
   677
        (\<lambda>M1 M2 N. Some (M1, (M2, N)))))"
wenzelm@21404
   678
definition
wenzelm@19086
   679
  "lappend l n = llist_corec (l, n)
wenzelm@18400
   680
    (split (llist_case
wenzelm@18400
   681
        (llist_case None (\<lambda>n1 n2. Some (n1, (LNil, n2))))
wenzelm@18400
   682
        (\<lambda>l1 l2 n. Some (l1, (l2, n)))))"
wenzelm@18400
   683
wenzelm@18400
   684
lemma Lappend_NIL_NIL [simp]:
wenzelm@18400
   685
    "Lappend NIL NIL = NIL"
wenzelm@18400
   686
  and Lappend_NIL_CONS [simp]:
wenzelm@18400
   687
    "Lappend NIL (CONS N N') = CONS N (Lappend NIL N')"
wenzelm@18400
   688
  and Lappend_CONS [simp]:
wenzelm@18400
   689
    "Lappend (CONS M M') N = CONS M (Lappend M' N)"
wenzelm@18400
   690
  by (simp_all add: Lappend_def LList_corec)
wenzelm@18400
   691
wenzelm@18400
   692
lemma Lappend_NIL [simp]: "M \<in> LList A \<Longrightarrow> Lappend NIL M = M"
wenzelm@18400
   693
  by (erule LList_fun_equalityI) auto
wenzelm@18400
   694
wenzelm@18400
   695
lemma Lappend_NIL2: "M \<in> LList A \<Longrightarrow> Lappend M NIL = M"
wenzelm@18400
   696
  by (erule LList_fun_equalityI) auto
wenzelm@18400
   697
wenzelm@18400
   698
lemma Lappend_type:
wenzelm@18400
   699
  assumes M: "M \<in> LList A" and N: "N \<in> LList A"
wenzelm@18400
   700
  shows "Lappend M N \<in> LList A"
wenzelm@18400
   701
proof -
wenzelm@18400
   702
  have "Lappend M N \<in> {Lappend u v | u v. u \<in> LList A \<and> v \<in> LList A}"
wenzelm@18400
   703
    using M N by blast
wenzelm@18400
   704
  then show ?thesis
wenzelm@18400
   705
  proof coinduct
wenzelm@18400
   706
    case (LList L)
wenzelm@18400
   707
    then obtain M N where L: "L = Lappend M N"
wenzelm@18400
   708
        and M: "M \<in> LList A" and N: "N \<in> LList A"
wenzelm@18400
   709
      by blast
wenzelm@18400
   710
    from M show ?case
wenzelm@18400
   711
    proof cases
wenzelm@18400
   712
      case NIL
wenzelm@18400
   713
      from N show ?thesis
wenzelm@18400
   714
      proof cases
wenzelm@18400
   715
        case NIL
wenzelm@18400
   716
        with L and `M = NIL` have ?NIL by simp
wenzelm@18400
   717
        then show ?thesis ..
wenzelm@18400
   718
      next
wenzelm@18400
   719
        case CONS
wenzelm@18400
   720
        with L and `M = NIL` have ?CONS by simp
wenzelm@18400
   721
        then show ?thesis ..
wenzelm@18400
   722
      qed
wenzelm@18400
   723
    next
wenzelm@18400
   724
      case CONS
wenzelm@18400
   725
      with L N have ?CONS by auto
wenzelm@18400
   726
      then show ?thesis ..
wenzelm@18400
   727
    qed
wenzelm@18400
   728
  qed
wenzelm@18400
   729
qed
wenzelm@18400
   730
wenzelm@18400
   731
lemma lappend_LNil_LNil [simp]: "lappend LNil LNil = LNil"
wenzelm@18400
   732
  and lappend_LNil_LCons [simp]: "lappend LNil (LCons l l') = LCons l (lappend LNil l')"
wenzelm@18400
   733
  and lappend_LCons [simp]: "lappend (LCons l l') m = LCons l (lappend l' m)"
wenzelm@18400
   734
  by (simp_all add: lappend_def llist_corec)
wenzelm@18400
   735
wenzelm@18400
   736
lemma lappend_LNil1 [simp]: "lappend LNil l = l"
wenzelm@24860
   737
  by (coinduct l rule: llist_fun_equalityI) auto
wenzelm@18400
   738
wenzelm@18400
   739
lemma lappend_LNil2 [simp]: "lappend l LNil = l"
wenzelm@24860
   740
  by (coinduct l rule: llist_fun_equalityI) auto
wenzelm@18400
   741
wenzelm@18400
   742
lemma lappend_assoc: "lappend (lappend l1 l2) l3 = lappend l1 (lappend l2 l3)"
wenzelm@24860
   743
  by (coinduct l1 rule: llist_fun_equalityI) auto
wenzelm@18400
   744
wenzelm@18400
   745
lemma lmap_lappend_distrib: "lmap f (lappend l n) = lappend (lmap f l) (lmap f n)"
wenzelm@24860
   746
  by (coinduct l rule: llist_fun_equalityI) auto
wenzelm@18400
   747
wenzelm@18400
   748
wenzelm@18400
   749
subsection{* iterates *}
wenzelm@18400
   750
wenzelm@18400
   751
text {* @{text llist_fun_equalityI} cannot be used here! *}
wenzelm@18400
   752
wenzelm@19086
   753
definition
wenzelm@21404
   754
  iterates :: "('a \<Rightarrow> 'a) \<Rightarrow> 'a \<Rightarrow> 'a llist" where
wenzelm@19086
   755
  "iterates f a = llist_corec a (\<lambda>x. Some (x, f x))"
wenzelm@18400
   756
wenzelm@18400
   757
lemma iterates: "iterates f x = LCons x (iterates f (f x))"
wenzelm@18400
   758
  apply (unfold iterates_def)
wenzelm@18400
   759
  apply (subst llist_corec)
wenzelm@18400
   760
  apply simp
wenzelm@18400
   761
  done
wenzelm@18400
   762
wenzelm@18400
   763
lemma lmap_iterates: "lmap f (iterates f x) = iterates f (f x)"
wenzelm@18400
   764
proof -
wenzelm@18400
   765
  have "(lmap f (iterates f x), iterates f (f x)) \<in>
wenzelm@18400
   766
    {(lmap f (iterates f u), iterates f (f u)) | u. True}" by blast
wenzelm@18400
   767
  then show ?thesis
wenzelm@18400
   768
  proof (coinduct rule: llist_equalityI)
wenzelm@18400
   769
    case (Eqllist q)
wenzelm@18400
   770
    then obtain x where q: "q = (lmap f (iterates f x), iterates f (f x))"
wenzelm@18400
   771
      by blast
wenzelm@18400
   772
    also have "iterates f (f x) = LCons (f x) (iterates f (f (f x)))"
wenzelm@18400
   773
      by (subst iterates) rule
wenzelm@18400
   774
    also have "iterates f x = LCons x (iterates f (f x))"
wenzelm@18400
   775
      by (subst iterates) rule
wenzelm@18400
   776
    finally have ?EqLCons by auto
wenzelm@18400
   777
    then show ?case ..
wenzelm@18400
   778
  qed
wenzelm@18400
   779
qed
wenzelm@18400
   780
wenzelm@18400
   781
lemma iterates_lmap: "iterates f x = LCons x (lmap f (iterates f x))"
wenzelm@18400
   782
  by (subst lmap_iterates) (rule iterates)
wenzelm@18400
   783
wenzelm@18400
   784
wenzelm@18400
   785
subsection{* A rather complex proof about iterates -- cf.\ Andy Pitts *}
wenzelm@18400
   786
wenzelm@18400
   787
lemma funpow_lmap:
wenzelm@18400
   788
  fixes f :: "'a \<Rightarrow> 'a"
haftmann@30952
   789
  shows "(lmap f o^ n) (LCons b l) = LCons ((f o^ n) b) ((lmap f o^ n) l)"
wenzelm@18400
   790
  by (induct n) simp_all
wenzelm@18400
   791
wenzelm@18400
   792
wenzelm@18400
   793
lemma iterates_equality:
wenzelm@18400
   794
  assumes h: "\<And>x. h x = LCons x (lmap f (h x))"
wenzelm@18400
   795
  shows "h = iterates f"
wenzelm@18400
   796
proof
wenzelm@18400
   797
  fix x
wenzelm@18400
   798
  have "(h x, iterates f x) \<in>
haftmann@30952
   799
      {((lmap f o^ n) (h u), (lmap f o^ n) (iterates f u)) | u n. True}"
wenzelm@18400
   800
  proof -
haftmann@30952
   801
    have "(h x, iterates f x) = ((lmap f o^ 0) (h x), (lmap f o^ 0) (iterates f x))"
wenzelm@18400
   802
      by simp
wenzelm@18400
   803
    then show ?thesis by blast
wenzelm@18400
   804
  qed
wenzelm@18400
   805
  then show "h x = iterates f x"
wenzelm@18400
   806
  proof (coinduct rule: llist_equalityI)
wenzelm@18400
   807
    case (Eqllist q)
haftmann@30952
   808
    then obtain u n where "q = ((lmap f o^ n) (h u), (lmap f o^ n) (iterates f u))"
wenzelm@18400
   809
        (is "_ = (?q1, ?q2)")
wenzelm@18400
   810
      by auto
haftmann@30952
   811
    also have "?q1 = LCons ((f o^ n) u) ((lmap f o^ Suc n) (h u))"
wenzelm@18400
   812
    proof -
haftmann@30952
   813
      have "?q1 = (lmap f o^ n) (LCons u (lmap f (h u)))"
wenzelm@18400
   814
        by (subst h) rule
haftmann@30952
   815
      also have "\<dots> = LCons ((f o^ n) u) ((lmap f o^ n) (lmap f (h u)))"
wenzelm@18400
   816
        by (rule funpow_lmap)
haftmann@30952
   817
      also have "(lmap f o^ n) (lmap f (h u)) = (lmap f o^ Suc n) (h u)"
wenzelm@18400
   818
        by (simp add: funpow_swap1)
wenzelm@18400
   819
      finally show ?thesis .
wenzelm@18400
   820
    qed
haftmann@30952
   821
    also have "?q2 = LCons ((f o^ n) u) ((lmap f o^ Suc n) (iterates f u))"
wenzelm@18400
   822
    proof -
haftmann@30952
   823
      have "?q2 = (lmap f o^ n) (LCons u (iterates f (f u)))"
wenzelm@18400
   824
        by (subst iterates) rule
haftmann@30952
   825
      also have "\<dots> = LCons ((f o^ n) u) ((lmap f o^ n) (iterates f (f u)))"
wenzelm@18400
   826
        by (rule funpow_lmap)
haftmann@30952
   827
      also have "(lmap f o^ n) (iterates f (f u)) = (lmap f o^ Suc n) (iterates f u)"
wenzelm@18400
   828
        by (simp add: lmap_iterates funpow_swap1)
wenzelm@18400
   829
      finally show ?thesis .
wenzelm@18400
   830
    qed
wenzelm@18400
   831
    finally have ?EqLCons by (auto simp del: funpow.simps)
wenzelm@18400
   832
    then show ?case ..
wenzelm@18400
   833
  qed
wenzelm@18400
   834
qed
wenzelm@18400
   835
wenzelm@18400
   836
lemma lappend_iterates: "lappend (iterates f x) l = iterates f x"
wenzelm@18400
   837
proof -
wenzelm@18400
   838
  have "(lappend (iterates f x) l, iterates f x) \<in>
wenzelm@18400
   839
    {(lappend (iterates f u) l, iterates f u) | u. True}" by blast
wenzelm@18400
   840
  then show ?thesis
wenzelm@18400
   841
  proof (coinduct rule: llist_equalityI)
wenzelm@18400
   842
    case (Eqllist q)
wenzelm@18400
   843
    then obtain x where "q = (lappend (iterates f x) l, iterates f x)" by blast
wenzelm@18400
   844
    also have "iterates f x = LCons x (iterates f (f x))" by (rule iterates)
wenzelm@18400
   845
    finally have ?EqLCons by auto
wenzelm@18400
   846
    then show ?case ..
wenzelm@18400
   847
  qed
wenzelm@18400
   848
qed
wenzelm@18400
   849
wenzelm@18400
   850
end