src/HOL/List.thy
 author skalberg Thu Mar 03 12:43:01 2005 +0100 (2005-03-03) changeset 15570 8d8c70b41bab parent 15531 08c8dad8e399 child 15656 988f91b9c4ef permissions -rw-r--r--
Move towards standard functions.
```     1 (*  Title:      HOL/List.thy
```
```     2     ID:         \$Id\$
```
```     3     Author:     Tobias Nipkow
```
```     4 *)
```
```     5
```
```     6 header {* The datatype of finite lists *}
```
```     7
```
```     8 theory List
```
```     9 imports PreList
```
```    10 begin
```
```    11
```
```    12 datatype 'a list =
```
```    13     Nil    ("[]")
```
```    14   | Cons 'a  "'a list"    (infixr "#" 65)
```
```    15
```
```    16 subsection{*Basic list processing functions*}
```
```    17
```
```    18 consts
```
```    19   "@" :: "'a list => 'a list => 'a list"    (infixr 65)
```
```    20   filter:: "('a => bool) => 'a list => 'a list"
```
```    21   concat:: "'a list list => 'a list"
```
```    22   foldl :: "('b => 'a => 'b) => 'b => 'a list => 'b"
```
```    23   foldr :: "('a => 'b => 'b) => 'a list => 'b => 'b"
```
```    24   hd:: "'a list => 'a"
```
```    25   tl:: "'a list => 'a list"
```
```    26   last:: "'a list => 'a"
```
```    27   butlast :: "'a list => 'a list"
```
```    28   set :: "'a list => 'a set"
```
```    29   list_all:: "('a => bool) => ('a list => bool)"
```
```    30   list_all2 :: "('a => 'b => bool) => 'a list => 'b list => bool"
```
```    31   list_ex :: "('a \<Rightarrow> bool) \<Rightarrow> 'a list \<Rightarrow> bool"
```
```    32   map :: "('a=>'b) => ('a list => 'b list)"
```
```    33   mem :: "'a => 'a list => bool"    (infixl 55)
```
```    34   nth :: "'a list => nat => 'a"    (infixl "!" 100)
```
```    35   list_update :: "'a list => nat => 'a => 'a list"
```
```    36   take:: "nat => 'a list => 'a list"
```
```    37   drop:: "nat => 'a list => 'a list"
```
```    38   takeWhile :: "('a => bool) => 'a list => 'a list"
```
```    39   dropWhile :: "('a => bool) => 'a list => 'a list"
```
```    40   rev :: "'a list => 'a list"
```
```    41   zip :: "'a list => 'b list => ('a * 'b) list"
```
```    42   upt :: "nat => nat => nat list" ("(1[_..</_'])")
```
```    43   remdups :: "'a list => 'a list"
```
```    44   remove1 :: "'a => 'a list => 'a list"
```
```    45   null:: "'a list => bool"
```
```    46   "distinct":: "'a list => bool"
```
```    47   replicate :: "nat => 'a => 'a list"
```
```    48   rotate1 :: "'a list \<Rightarrow> 'a list"
```
```    49   rotate :: "nat \<Rightarrow> 'a list \<Rightarrow> 'a list"
```
```    50   sublist :: "'a list => nat set => 'a list"
```
```    51
```
```    52
```
```    53 nonterminals lupdbinds lupdbind
```
```    54
```
```    55 syntax
```
```    56   -- {* list Enumeration *}
```
```    57   "@list" :: "args => 'a list"    ("[(_)]")
```
```    58
```
```    59   -- {* Special syntax for filter *}
```
```    60   "@filter" :: "[pttrn, 'a list, bool] => 'a list"    ("(1[_:_./ _])")
```
```    61
```
```    62   -- {* list update *}
```
```    63   "_lupdbind":: "['a, 'a] => lupdbind"    ("(2_ :=/ _)")
```
```    64   "" :: "lupdbind => lupdbinds"    ("_")
```
```    65   "_lupdbinds" :: "[lupdbind, lupdbinds] => lupdbinds"    ("_,/ _")
```
```    66   "_LUpdate" :: "['a, lupdbinds] => 'a"    ("_/[(_)]" [900,0] 900)
```
```    67
```
```    68   upto:: "nat => nat => nat list"    ("(1[_../_])")
```
```    69
```
```    70 translations
```
```    71   "[x, xs]" == "x#[xs]"
```
```    72   "[x]" == "x#[]"
```
```    73   "[x:xs . P]"== "filter (%x. P) xs"
```
```    74
```
```    75   "_LUpdate xs (_lupdbinds b bs)"== "_LUpdate (_LUpdate xs b) bs"
```
```    76   "xs[i:=x]" == "list_update xs i x"
```
```    77
```
```    78   "[i..j]" == "[i..<(Suc j)]"
```
```    79
```
```    80
```
```    81 syntax (xsymbols)
```
```    82   "@filter" :: "[pttrn, 'a list, bool] => 'a list"("(1[_\<in>_ ./ _])")
```
```    83 syntax (HTML output)
```
```    84   "@filter" :: "[pttrn, 'a list, bool] => 'a list"("(1[_\<in>_ ./ _])")
```
```    85
```
```    86
```
```    87 text {*
```
```    88   Function @{text size} is overloaded for all datatypes. Users may
```
```    89   refer to the list version as @{text length}. *}
```
```    90
```
```    91 syntax length :: "'a list => nat"
```
```    92 translations "length" => "size :: _ list => nat"
```
```    93
```
```    94 typed_print_translation {*
```
```    95   let
```
```    96     fun size_tr' _ (Type ("fun", (Type ("list", _) :: _))) [t] =
```
```    97           Syntax.const "length" \$ t
```
```    98       | size_tr' _ _ _ = raise Match;
```
```    99   in [("size", size_tr')] end
```
```   100 *}
```
```   101
```
```   102
```
```   103 primrec
```
```   104   "hd(x#xs) = x"
```
```   105
```
```   106 primrec
```
```   107   "tl([]) = []"
```
```   108   "tl(x#xs) = xs"
```
```   109
```
```   110 primrec
```
```   111   "null([]) = True"
```
```   112   "null(x#xs) = False"
```
```   113
```
```   114 primrec
```
```   115   "last(x#xs) = (if xs=[] then x else last xs)"
```
```   116
```
```   117 primrec
```
```   118   "butlast []= []"
```
```   119   "butlast(x#xs) = (if xs=[] then [] else x#butlast xs)"
```
```   120
```
```   121 primrec
```
```   122   "x mem [] = False"
```
```   123   "x mem (y#ys) = (if y=x then True else x mem ys)"
```
```   124
```
```   125 primrec
```
```   126   "set [] = {}"
```
```   127   "set (x#xs) = insert x (set xs)"
```
```   128
```
```   129 primrec
```
```   130   list_all_Nil:"list_all P [] = True"
```
```   131   list_all_Cons: "list_all P (x#xs) = (P(x) \<and> list_all P xs)"
```
```   132
```
```   133 primrec
```
```   134 "list_ex P [] = False"
```
```   135 "list_ex P (x#xs) = (P x \<or> list_ex P xs)"
```
```   136
```
```   137 primrec
```
```   138   "map f [] = []"
```
```   139   "map f (x#xs) = f(x)#map f xs"
```
```   140
```
```   141 primrec
```
```   142   append_Nil:"[]@ys = ys"
```
```   143   append_Cons: "(x#xs)@ys = x#(xs@ys)"
```
```   144
```
```   145 primrec
```
```   146   "rev([]) = []"
```
```   147   "rev(x#xs) = rev(xs) @ [x]"
```
```   148
```
```   149 primrec
```
```   150   "filter P [] = []"
```
```   151   "filter P (x#xs) = (if P x then x#filter P xs else filter P xs)"
```
```   152
```
```   153 primrec
```
```   154   foldl_Nil:"foldl f a [] = a"
```
```   155   foldl_Cons: "foldl f a (x#xs) = foldl f (f a x) xs"
```
```   156
```
```   157 primrec
```
```   158   "foldr f [] a = a"
```
```   159   "foldr f (x#xs) a = f x (foldr f xs a)"
```
```   160
```
```   161 primrec
```
```   162   "concat([]) = []"
```
```   163   "concat(x#xs) = x @ concat(xs)"
```
```   164
```
```   165 primrec
```
```   166   drop_Nil:"drop n [] = []"
```
```   167   drop_Cons: "drop n (x#xs) = (case n of 0 => x#xs | Suc(m) => drop m xs)"
```
```   168   -- {*Warning: simpset does not contain this definition, but separate
```
```   169        theorems for @{text "n = 0"} and @{text "n = Suc k"} *}
```
```   170
```
```   171 primrec
```
```   172   take_Nil:"take n [] = []"
```
```   173   take_Cons: "take n (x#xs) = (case n of 0 => [] | Suc(m) => x # take m xs)"
```
```   174   -- {*Warning: simpset does not contain this definition, but separate
```
```   175        theorems for @{text "n = 0"} and @{text "n = Suc k"} *}
```
```   176
```
```   177 primrec
```
```   178   nth_Cons:"(x#xs)!n = (case n of 0 => x | (Suc k) => xs!k)"
```
```   179   -- {*Warning: simpset does not contain this definition, but separate
```
```   180        theorems for @{text "n = 0"} and @{text "n = Suc k"} *}
```
```   181
```
```   182 primrec
```
```   183   "[][i:=v] = []"
```
```   184   "(x#xs)[i:=v] = (case i of 0 => v # xs | Suc j => x # xs[j:=v])"
```
```   185
```
```   186 primrec
```
```   187   "takeWhile P [] = []"
```
```   188   "takeWhile P (x#xs) = (if P x then x#takeWhile P xs else [])"
```
```   189
```
```   190 primrec
```
```   191   "dropWhile P [] = []"
```
```   192   "dropWhile P (x#xs) = (if P x then dropWhile P xs else x#xs)"
```
```   193
```
```   194 primrec
```
```   195   "zip xs [] = []"
```
```   196   zip_Cons: "zip xs (y#ys) = (case xs of [] => [] | z#zs => (z,y)#zip zs ys)"
```
```   197   -- {*Warning: simpset does not contain this definition, but separate
```
```   198        theorems for @{text "xs = []"} and @{text "xs = z # zs"} *}
```
```   199
```
```   200 primrec
```
```   201   upt_0: "[i..<0] = []"
```
```   202   upt_Suc: "[i..<(Suc j)] = (if i <= j then [i..<j] @ [j] else [])"
```
```   203
```
```   204 primrec
```
```   205   "distinct [] = True"
```
```   206   "distinct (x#xs) = (x ~: set xs \<and> distinct xs)"
```
```   207
```
```   208 primrec
```
```   209   "remdups [] = []"
```
```   210   "remdups (x#xs) = (if x : set xs then remdups xs else x # remdups xs)"
```
```   211
```
```   212 primrec
```
```   213   "remove1 x [] = []"
```
```   214   "remove1 x (y#xs) = (if x=y then xs else y # remove1 x xs)"
```
```   215
```
```   216 primrec
```
```   217   replicate_0: "replicate 0 x = []"
```
```   218   replicate_Suc: "replicate (Suc n) x = x # replicate n x"
```
```   219
```
```   220 defs
```
```   221 rotate1_def: "rotate1 xs == (case xs of [] \<Rightarrow> [] | x#xs \<Rightarrow> xs @ [x])"
```
```   222 rotate_def:  "rotate n == rotate1 ^ n"
```
```   223
```
```   224 list_all2_def:
```
```   225  "list_all2 P xs ys ==
```
```   226   length xs = length ys \<and> (\<forall>(x, y) \<in> set (zip xs ys). P x y)"
```
```   227
```
```   228 sublist_def:
```
```   229  "sublist xs A == map fst (filter (%p. snd p : A) (zip xs [0..<size xs]))"
```
```   230
```
```   231
```
```   232 lemma not_Cons_self [simp]: "xs \<noteq> x # xs"
```
```   233 by (induct xs) auto
```
```   234
```
```   235 lemmas not_Cons_self2 [simp] = not_Cons_self [symmetric]
```
```   236
```
```   237 lemma neq_Nil_conv: "(xs \<noteq> []) = (\<exists>y ys. xs = y # ys)"
```
```   238 by (induct xs) auto
```
```   239
```
```   240 lemma length_induct:
```
```   241 "(!!xs. \<forall>ys. length ys < length xs --> P ys ==> P xs) ==> P xs"
```
```   242 by (rule measure_induct [of length]) rules
```
```   243
```
```   244
```
```   245 subsubsection {* @{text length} *}
```
```   246
```
```   247 text {*
```
```   248 Needs to come before @{text "@"} because of theorem @{text
```
```   249 append_eq_append_conv}.
```
```   250 *}
```
```   251
```
```   252 lemma length_append [simp]: "length (xs @ ys) = length xs + length ys"
```
```   253 by (induct xs) auto
```
```   254
```
```   255 lemma length_map [simp]: "length (map f xs) = length xs"
```
```   256 by (induct xs) auto
```
```   257
```
```   258 lemma length_rev [simp]: "length (rev xs) = length xs"
```
```   259 by (induct xs) auto
```
```   260
```
```   261 lemma length_tl [simp]: "length (tl xs) = length xs - 1"
```
```   262 by (cases xs) auto
```
```   263
```
```   264 lemma length_0_conv [iff]: "(length xs = 0) = (xs = [])"
```
```   265 by (induct xs) auto
```
```   266
```
```   267 lemma length_greater_0_conv [iff]: "(0 < length xs) = (xs \<noteq> [])"
```
```   268 by (induct xs) auto
```
```   269
```
```   270 lemma length_Suc_conv:
```
```   271 "(length xs = Suc n) = (\<exists>y ys. xs = y # ys \<and> length ys = n)"
```
```   272 by (induct xs) auto
```
```   273
```
```   274 lemma Suc_length_conv:
```
```   275 "(Suc n = length xs) = (\<exists>y ys. xs = y # ys \<and> length ys = n)"
```
```   276 apply (induct xs, simp, simp)
```
```   277 apply blast
```
```   278 done
```
```   279
```
```   280 lemma impossible_Cons [rule_format]:
```
```   281   "length xs <= length ys --> xs = x # ys = False"
```
```   282 apply (induct xs, auto)
```
```   283 done
```
```   284
```
```   285 lemma list_induct2[consumes 1]: "\<And>ys.
```
```   286  \<lbrakk> length xs = length ys;
```
```   287    P [] [];
```
```   288    \<And>x xs y ys. \<lbrakk> length xs = length ys; P xs ys \<rbrakk> \<Longrightarrow> P (x#xs) (y#ys) \<rbrakk>
```
```   289  \<Longrightarrow> P xs ys"
```
```   290 apply(induct xs)
```
```   291  apply simp
```
```   292 apply(case_tac ys)
```
```   293  apply simp
```
```   294 apply(simp)
```
```   295 done
```
```   296
```
```   297 subsubsection {* @{text "@"} -- append *}
```
```   298
```
```   299 lemma append_assoc [simp]: "(xs @ ys) @ zs = xs @ (ys @ zs)"
```
```   300 by (induct xs) auto
```
```   301
```
```   302 lemma append_Nil2 [simp]: "xs @ [] = xs"
```
```   303 by (induct xs) auto
```
```   304
```
```   305 lemma append_is_Nil_conv [iff]: "(xs @ ys = []) = (xs = [] \<and> ys = [])"
```
```   306 by (induct xs) auto
```
```   307
```
```   308 lemma Nil_is_append_conv [iff]: "([] = xs @ ys) = (xs = [] \<and> ys = [])"
```
```   309 by (induct xs) auto
```
```   310
```
```   311 lemma append_self_conv [iff]: "(xs @ ys = xs) = (ys = [])"
```
```   312 by (induct xs) auto
```
```   313
```
```   314 lemma self_append_conv [iff]: "(xs = xs @ ys) = (ys = [])"
```
```   315 by (induct xs) auto
```
```   316
```
```   317 lemma append_eq_append_conv [simp]:
```
```   318  "!!ys. length xs = length ys \<or> length us = length vs
```
```   319  ==> (xs@us = ys@vs) = (xs=ys \<and> us=vs)"
```
```   320 apply (induct xs)
```
```   321  apply (case_tac ys, simp, force)
```
```   322 apply (case_tac ys, force, simp)
```
```   323 done
```
```   324
```
```   325 lemma append_eq_append_conv2: "!!ys zs ts.
```
```   326  (xs @ ys = zs @ ts) =
```
```   327  (EX us. xs = zs @ us & us @ ys = ts | xs @ us = zs & ys = us@ ts)"
```
```   328 apply (induct xs)
```
```   329  apply fastsimp
```
```   330 apply(case_tac zs)
```
```   331  apply simp
```
```   332 apply fastsimp
```
```   333 done
```
```   334
```
```   335 lemma same_append_eq [iff]: "(xs @ ys = xs @ zs) = (ys = zs)"
```
```   336 by simp
```
```   337
```
```   338 lemma append1_eq_conv [iff]: "(xs @ [x] = ys @ [y]) = (xs = ys \<and> x = y)"
```
```   339 by simp
```
```   340
```
```   341 lemma append_same_eq [iff]: "(ys @ xs = zs @ xs) = (ys = zs)"
```
```   342 by simp
```
```   343
```
```   344 lemma append_self_conv2 [iff]: "(xs @ ys = ys) = (xs = [])"
```
```   345 using append_same_eq [of _ _ "[]"] by auto
```
```   346
```
```   347 lemma self_append_conv2 [iff]: "(ys = xs @ ys) = (xs = [])"
```
```   348 using append_same_eq [of "[]"] by auto
```
```   349
```
```   350 lemma hd_Cons_tl [simp]: "xs \<noteq> [] ==> hd xs # tl xs = xs"
```
```   351 by (induct xs) auto
```
```   352
```
```   353 lemma hd_append: "hd (xs @ ys) = (if xs = [] then hd ys else hd xs)"
```
```   354 by (induct xs) auto
```
```   355
```
```   356 lemma hd_append2 [simp]: "xs \<noteq> [] ==> hd (xs @ ys) = hd xs"
```
```   357 by (simp add: hd_append split: list.split)
```
```   358
```
```   359 lemma tl_append: "tl (xs @ ys) = (case xs of [] => tl ys | z#zs => zs @ ys)"
```
```   360 by (simp split: list.split)
```
```   361
```
```   362 lemma tl_append2 [simp]: "xs \<noteq> [] ==> tl (xs @ ys) = tl xs @ ys"
```
```   363 by (simp add: tl_append split: list.split)
```
```   364
```
```   365
```
```   366 lemma Cons_eq_append_conv: "x#xs = ys@zs =
```
```   367  (ys = [] & x#xs = zs | (EX ys'. x#ys' = ys & xs = ys'@zs))"
```
```   368 by(cases ys) auto
```
```   369
```
```   370 lemma append_eq_Cons_conv: "(ys@zs = x#xs) =
```
```   371  (ys = [] & zs = x#xs | (EX ys'. ys = x#ys' & ys'@zs = xs))"
```
```   372 by(cases ys) auto
```
```   373
```
```   374
```
```   375 text {* Trivial rules for solving @{text "@"}-equations automatically. *}
```
```   376
```
```   377 lemma eq_Nil_appendI: "xs = ys ==> xs = [] @ ys"
```
```   378 by simp
```
```   379
```
```   380 lemma Cons_eq_appendI:
```
```   381 "[| x # xs1 = ys; xs = xs1 @ zs |] ==> x # xs = ys @ zs"
```
```   382 by (drule sym) simp
```
```   383
```
```   384 lemma append_eq_appendI:
```
```   385 "[| xs @ xs1 = zs; ys = xs1 @ us |] ==> xs @ ys = zs @ us"
```
```   386 by (drule sym) simp
```
```   387
```
```   388
```
```   389 text {*
```
```   390 Simplification procedure for all list equalities.
```
```   391 Currently only tries to rearrange @{text "@"} to see if
```
```   392 - both lists end in a singleton list,
```
```   393 - or both lists end in the same list.
```
```   394 *}
```
```   395
```
```   396 ML_setup {*
```
```   397 local
```
```   398
```
```   399 val append_assoc = thm "append_assoc";
```
```   400 val append_Nil = thm "append_Nil";
```
```   401 val append_Cons = thm "append_Cons";
```
```   402 val append1_eq_conv = thm "append1_eq_conv";
```
```   403 val append_same_eq = thm "append_same_eq";
```
```   404
```
```   405 fun last (cons as Const("List.list.Cons",_) \$ _ \$ xs) =
```
```   406   (case xs of Const("List.list.Nil",_) => cons | _ => last xs)
```
```   407   | last (Const("List.op @",_) \$ _ \$ ys) = last ys
```
```   408   | last t = t;
```
```   409
```
```   410 fun list1 (Const("List.list.Cons",_) \$ _ \$ Const("List.list.Nil",_)) = true
```
```   411   | list1 _ = false;
```
```   412
```
```   413 fun butlast ((cons as Const("List.list.Cons",_) \$ x) \$ xs) =
```
```   414   (case xs of Const("List.list.Nil",_) => xs | _ => cons \$ butlast xs)
```
```   415   | butlast ((app as Const("List.op @",_) \$ xs) \$ ys) = app \$ butlast ys
```
```   416   | butlast xs = Const("List.list.Nil",fastype_of xs);
```
```   417
```
```   418 val rearr_tac =
```
```   419   simp_tac (HOL_basic_ss addsimps [append_assoc, append_Nil, append_Cons]);
```
```   420
```
```   421 fun list_eq sg _ (F as (eq as Const(_,eqT)) \$ lhs \$ rhs) =
```
```   422   let
```
```   423     val lastl = last lhs and lastr = last rhs;
```
```   424     fun rearr conv =
```
```   425       let
```
```   426         val lhs1 = butlast lhs and rhs1 = butlast rhs;
```
```   427         val Type(_,listT::_) = eqT
```
```   428         val appT = [listT,listT] ---> listT
```
```   429         val app = Const("List.op @",appT)
```
```   430         val F2 = eq \$ (app\$lhs1\$lastl) \$ (app\$rhs1\$lastr)
```
```   431         val eq = HOLogic.mk_Trueprop (HOLogic.mk_eq (F,F2));
```
```   432         val thm = Tactic.prove sg [] [] eq (K (rearr_tac 1));
```
```   433       in SOME ((conv RS (thm RS trans)) RS eq_reflection) end;
```
```   434
```
```   435   in
```
```   436     if list1 lastl andalso list1 lastr then rearr append1_eq_conv
```
```   437     else if lastl aconv lastr then rearr append_same_eq
```
```   438     else NONE
```
```   439   end;
```
```   440
```
```   441 in
```
```   442
```
```   443 val list_eq_simproc =
```
```   444   Simplifier.simproc (Theory.sign_of (the_context ())) "list_eq" ["(xs::'a list) = ys"] list_eq;
```
```   445
```
```   446 end;
```
```   447
```
```   448 Addsimprocs [list_eq_simproc];
```
```   449 *}
```
```   450
```
```   451
```
```   452 subsubsection {* @{text map} *}
```
```   453
```
```   454 lemma map_ext: "(!!x. x : set xs --> f x = g x) ==> map f xs = map g xs"
```
```   455 by (induct xs) simp_all
```
```   456
```
```   457 lemma map_ident [simp]: "map (\<lambda>x. x) = (\<lambda>xs. xs)"
```
```   458 by (rule ext, induct_tac xs) auto
```
```   459
```
```   460 lemma map_append [simp]: "map f (xs @ ys) = map f xs @ map f ys"
```
```   461 by (induct xs) auto
```
```   462
```
```   463 lemma map_compose: "map (f o g) xs = map f (map g xs)"
```
```   464 by (induct xs) (auto simp add: o_def)
```
```   465
```
```   466 lemma rev_map: "rev (map f xs) = map f (rev xs)"
```
```   467 by (induct xs) auto
```
```   468
```
```   469 lemma map_eq_conv[simp]: "(map f xs = map g xs) = (!x : set xs. f x = g x)"
```
```   470 by (induct xs) auto
```
```   471
```
```   472 lemma map_cong [recdef_cong]:
```
```   473 "xs = ys ==> (!!x. x : set ys ==> f x = g x) ==> map f xs = map g ys"
```
```   474 -- {* a congruence rule for @{text map} *}
```
```   475 by simp
```
```   476
```
```   477 lemma map_is_Nil_conv [iff]: "(map f xs = []) = (xs = [])"
```
```   478 by (cases xs) auto
```
```   479
```
```   480 lemma Nil_is_map_conv [iff]: "([] = map f xs) = (xs = [])"
```
```   481 by (cases xs) auto
```
```   482
```
```   483 lemma map_eq_Cons_conv[iff]:
```
```   484  "(map f xs = y#ys) = (\<exists>z zs. xs = z#zs \<and> f z = y \<and> map f zs = ys)"
```
```   485 by (cases xs) auto
```
```   486
```
```   487 lemma Cons_eq_map_conv[iff]:
```
```   488  "(x#xs = map f ys) = (\<exists>z zs. ys = z#zs \<and> x = f z \<and> xs = map f zs)"
```
```   489 by (cases ys) auto
```
```   490
```
```   491 lemma ex_map_conv:
```
```   492   "(EX xs. ys = map f xs) = (ALL y : set ys. EX x. y = f x)"
```
```   493 by(induct ys, auto)
```
```   494
```
```   495 lemma map_eq_imp_length_eq:
```
```   496   "!!xs. map f xs = map f ys ==> length xs = length ys"
```
```   497 apply (induct ys)
```
```   498  apply simp
```
```   499 apply(simp (no_asm_use))
```
```   500 apply clarify
```
```   501 apply(simp (no_asm_use))
```
```   502 apply fast
```
```   503 done
```
```   504
```
```   505 lemma map_inj_on:
```
```   506  "[| map f xs = map f ys; inj_on f (set xs Un set ys) |]
```
```   507   ==> xs = ys"
```
```   508 apply(frule map_eq_imp_length_eq)
```
```   509 apply(rotate_tac -1)
```
```   510 apply(induct rule:list_induct2)
```
```   511  apply simp
```
```   512 apply(simp)
```
```   513 apply (blast intro:sym)
```
```   514 done
```
```   515
```
```   516 lemma inj_on_map_eq_map:
```
```   517  "inj_on f (set xs Un set ys) \<Longrightarrow> (map f xs = map f ys) = (xs = ys)"
```
```   518 by(blast dest:map_inj_on)
```
```   519
```
```   520 lemma map_injective:
```
```   521  "!!xs. map f xs = map f ys ==> inj f ==> xs = ys"
```
```   522 by (induct ys) (auto dest!:injD)
```
```   523
```
```   524 lemma inj_map_eq_map[simp]: "inj f \<Longrightarrow> (map f xs = map f ys) = (xs = ys)"
```
```   525 by(blast dest:map_injective)
```
```   526
```
```   527 lemma inj_mapI: "inj f ==> inj (map f)"
```
```   528 by (rules dest: map_injective injD intro: inj_onI)
```
```   529
```
```   530 lemma inj_mapD: "inj (map f) ==> inj f"
```
```   531 apply (unfold inj_on_def, clarify)
```
```   532 apply (erule_tac x = "[x]" in ballE)
```
```   533  apply (erule_tac x = "[y]" in ballE, simp, blast)
```
```   534 apply blast
```
```   535 done
```
```   536
```
```   537 lemma inj_map[iff]: "inj (map f) = inj f"
```
```   538 by (blast dest: inj_mapD intro: inj_mapI)
```
```   539
```
```   540 lemma inj_on_mapI: "inj_on f (\<Union>(set ` A)) \<Longrightarrow> inj_on (map f) A"
```
```   541 apply(rule inj_onI)
```
```   542 apply(erule map_inj_on)
```
```   543 apply(blast intro:inj_onI dest:inj_onD)
```
```   544 done
```
```   545
```
```   546 lemma map_idI: "(\<And>x. x \<in> set xs \<Longrightarrow> f x = x) \<Longrightarrow> map f xs = xs"
```
```   547 by (induct xs, auto)
```
```   548
```
```   549 lemma map_fun_upd [simp]: "y \<notin> set xs \<Longrightarrow> map (f(y:=v)) xs = map f xs"
```
```   550 by (induct xs) auto
```
```   551
```
```   552 lemma map_fst_zip[simp]:
```
```   553   "length xs = length ys \<Longrightarrow> map fst (zip xs ys) = xs"
```
```   554 by (induct rule:list_induct2, simp_all)
```
```   555
```
```   556 lemma map_snd_zip[simp]:
```
```   557   "length xs = length ys \<Longrightarrow> map snd (zip xs ys) = ys"
```
```   558 by (induct rule:list_induct2, simp_all)
```
```   559
```
```   560
```
```   561 subsubsection {* @{text rev} *}
```
```   562
```
```   563 lemma rev_append [simp]: "rev (xs @ ys) = rev ys @ rev xs"
```
```   564 by (induct xs) auto
```
```   565
```
```   566 lemma rev_rev_ident [simp]: "rev (rev xs) = xs"
```
```   567 by (induct xs) auto
```
```   568
```
```   569 lemma rev_is_Nil_conv [iff]: "(rev xs = []) = (xs = [])"
```
```   570 by (induct xs) auto
```
```   571
```
```   572 lemma Nil_is_rev_conv [iff]: "([] = rev xs) = (xs = [])"
```
```   573 by (induct xs) auto
```
```   574
```
```   575 lemma rev_is_rev_conv [iff]: "!!ys. (rev xs = rev ys) = (xs = ys)"
```
```   576 apply (induct xs, force)
```
```   577 apply (case_tac ys, simp, force)
```
```   578 done
```
```   579
```
```   580 lemma inj_on_rev[iff]: "inj_on rev A"
```
```   581 by(simp add:inj_on_def)
```
```   582
```
```   583 lemma rev_induct [case_names Nil snoc]:
```
```   584   "[| P []; !!x xs. P xs ==> P (xs @ [x]) |] ==> P xs"
```
```   585 apply(simplesubst rev_rev_ident[symmetric])
```
```   586 apply(rule_tac list = "rev xs" in list.induct, simp_all)
```
```   587 done
```
```   588
```
```   589 ML {* val rev_induct_tac = induct_thm_tac (thm "rev_induct") *}-- "compatibility"
```
```   590
```
```   591 lemma rev_exhaust [case_names Nil snoc]:
```
```   592   "(xs = [] ==> P) ==>(!!ys y. xs = ys @ [y] ==> P) ==> P"
```
```   593 by (induct xs rule: rev_induct) auto
```
```   594
```
```   595 lemmas rev_cases = rev_exhaust
```
```   596
```
```   597
```
```   598 subsubsection {* @{text set} *}
```
```   599
```
```   600 lemma finite_set [iff]: "finite (set xs)"
```
```   601 by (induct xs) auto
```
```   602
```
```   603 lemma set_append [simp]: "set (xs @ ys) = (set xs \<union> set ys)"
```
```   604 by (induct xs) auto
```
```   605
```
```   606 lemma hd_in_set: "l = x#xs \<Longrightarrow> x\<in>set l"
```
```   607 by (case_tac l, auto)
```
```   608
```
```   609 lemma set_subset_Cons: "set xs \<subseteq> set (x # xs)"
```
```   610 by auto
```
```   611
```
```   612 lemma set_ConsD: "y \<in> set (x # xs) \<Longrightarrow> y=x \<or> y \<in> set xs"
```
```   613 by auto
```
```   614
```
```   615 lemma set_empty [iff]: "(set xs = {}) = (xs = [])"
```
```   616 by (induct xs) auto
```
```   617
```
```   618 lemma set_empty2[iff]: "({} = set xs) = (xs = [])"
```
```   619 by(induct xs) auto
```
```   620
```
```   621 lemma set_rev [simp]: "set (rev xs) = set xs"
```
```   622 by (induct xs) auto
```
```   623
```
```   624 lemma set_map [simp]: "set (map f xs) = f`(set xs)"
```
```   625 by (induct xs) auto
```
```   626
```
```   627 lemma set_filter [simp]: "set (filter P xs) = {x. x : set xs \<and> P x}"
```
```   628 by (induct xs) auto
```
```   629
```
```   630 lemma set_upt [simp]: "set[i..<j] = {k. i \<le> k \<and> k < j}"
```
```   631 apply (induct j, simp_all)
```
```   632 apply (erule ssubst, auto)
```
```   633 done
```
```   634
```
```   635 lemma in_set_conv_decomp: "(x : set xs) = (\<exists>ys zs. xs = ys @ x # zs)"
```
```   636 proof (induct xs)
```
```   637   case Nil show ?case by simp
```
```   638   case (Cons a xs)
```
```   639   show ?case
```
```   640   proof
```
```   641     assume "x \<in> set (a # xs)"
```
```   642     with prems show "\<exists>ys zs. a # xs = ys @ x # zs"
```
```   643       by (simp, blast intro: Cons_eq_appendI)
```
```   644   next
```
```   645     assume "\<exists>ys zs. a # xs = ys @ x # zs"
```
```   646     then obtain ys zs where eq: "a # xs = ys @ x # zs" by blast
```
```   647     show "x \<in> set (a # xs)"
```
```   648       by (cases ys, auto simp add: eq)
```
```   649   qed
```
```   650 qed
```
```   651
```
```   652 lemma finite_list: "finite A ==> EX l. set l = A"
```
```   653 apply (erule finite_induct, auto)
```
```   654 apply (rule_tac x="x#l" in exI, auto)
```
```   655 done
```
```   656
```
```   657 lemma card_length: "card (set xs) \<le> length xs"
```
```   658 by (induct xs) (auto simp add: card_insert_if)
```
```   659
```
```   660
```
```   661 subsubsection {* @{text mem}, @{text list_all} and @{text list_ex} *}
```
```   662
```
```   663 text{* Only use @{text mem} for generating executable code.  Otherwise
```
```   664 use @{prop"x : set xs"} instead --- it is much easier to reason about.
```
```   665 The same is true for @{text list_all} and @{text list_ex}: write
```
```   666 @{text"\<forall>x\<in>set xs"} and @{text"\<exists>x\<in>set xs"} instead because the HOL
```
```   667 quantifiers are aleady known to the automatic provers. For the purpose
```
```   668 of generating executable code use the theorems @{text set_mem_eq},
```
```   669 @{text list_all_conv} and @{text list_ex_iff} to get rid off or
```
```   670 introduce the combinators. *}
```
```   671
```
```   672 lemma set_mem_eq: "(x mem xs) = (x : set xs)"
```
```   673 by (induct xs) auto
```
```   674
```
```   675 lemma list_all_conv: "list_all P xs = (\<forall>x \<in> set xs. P x)"
```
```   676 by (induct xs) auto
```
```   677
```
```   678 lemma list_all_append [simp]:
```
```   679 "list_all P (xs @ ys) = (list_all P xs \<and> list_all P ys)"
```
```   680 by (induct xs) auto
```
```   681
```
```   682 lemma list_all_rev [simp]: "list_all P (rev xs) = list_all P xs"
```
```   683 by (simp add: list_all_conv)
```
```   684
```
```   685 lemma list_ex_iff: "list_ex P xs = (\<exists>x \<in> set xs. P x)"
```
```   686 by (induct xs) simp_all
```
```   687
```
```   688
```
```   689 subsubsection {* @{text filter} *}
```
```   690
```
```   691 lemma filter_append [simp]: "filter P (xs @ ys) = filter P xs @ filter P ys"
```
```   692 by (induct xs) auto
```
```   693
```
```   694 lemma rev_filter: "rev (filter P xs) = filter P (rev xs)"
```
```   695 by (induct xs) simp_all
```
```   696
```
```   697 lemma filter_filter [simp]: "filter P (filter Q xs) = filter (\<lambda>x. Q x \<and> P x) xs"
```
```   698 by (induct xs) auto
```
```   699
```
```   700 lemma filter_True [simp]: "\<forall>x \<in> set xs. P x ==> filter P xs = xs"
```
```   701 by (induct xs) auto
```
```   702
```
```   703 lemma filter_False [simp]: "\<forall>x \<in> set xs. \<not> P x ==> filter P xs = []"
```
```   704 by (induct xs) auto
```
```   705
```
```   706 lemma length_filter_le [simp]: "length (filter P xs) \<le> length xs"
```
```   707 by (induct xs) (auto simp add: le_SucI)
```
```   708
```
```   709 lemma filter_is_subset [simp]: "set (filter P xs) \<le> set xs"
```
```   710 by auto
```
```   711
```
```   712 lemma length_filter_less:
```
```   713   "\<lbrakk> x : set xs; ~ P x \<rbrakk> \<Longrightarrow> length(filter P xs) < length xs"
```
```   714 proof (induct xs)
```
```   715   case Nil thus ?case by simp
```
```   716 next
```
```   717   case (Cons x xs) thus ?case
```
```   718     apply (auto split:split_if_asm)
```
```   719     using length_filter_le[of P xs] apply arith
```
```   720   done
```
```   721 qed
```
```   722
```
```   723 lemma length_filter_conv_card:
```
```   724  "length(filter p xs) = card{i. i < length xs & p(xs!i)}"
```
```   725 proof (induct xs)
```
```   726   case Nil thus ?case by simp
```
```   727 next
```
```   728   case (Cons x xs)
```
```   729   let ?S = "{i. i < length xs & p(xs!i)}"
```
```   730   have fin: "finite ?S" by(fast intro: bounded_nat_set_is_finite)
```
```   731   show ?case (is "?l = card ?S'")
```
```   732   proof (cases)
```
```   733     assume "p x"
```
```   734     hence eq: "?S' = insert 0 (Suc ` ?S)"
```
```   735       by(auto simp add: nth_Cons image_def split:nat.split elim:lessE)
```
```   736     have "length (filter p (x # xs)) = Suc(card ?S)"
```
```   737       using Cons by simp
```
```   738     also have "\<dots> = Suc(card(Suc ` ?S))" using fin
```
```   739       by (simp add: card_image inj_Suc)
```
```   740     also have "\<dots> = card ?S'" using eq fin
```
```   741       by (simp add:card_insert_if) (simp add:image_def)
```
```   742     finally show ?thesis .
```
```   743   next
```
```   744     assume "\<not> p x"
```
```   745     hence eq: "?S' = Suc ` ?S"
```
```   746       by(auto simp add: nth_Cons image_def split:nat.split elim:lessE)
```
```   747     have "length (filter p (x # xs)) = card ?S"
```
```   748       using Cons by simp
```
```   749     also have "\<dots> = card(Suc ` ?S)" using fin
```
```   750       by (simp add: card_image inj_Suc)
```
```   751     also have "\<dots> = card ?S'" using eq fin
```
```   752       by (simp add:card_insert_if)
```
```   753     finally show ?thesis .
```
```   754   qed
```
```   755 qed
```
```   756
```
```   757
```
```   758 subsubsection {* @{text concat} *}
```
```   759
```
```   760 lemma concat_append [simp]: "concat (xs @ ys) = concat xs @ concat ys"
```
```   761 by (induct xs) auto
```
```   762
```
```   763 lemma concat_eq_Nil_conv [iff]: "(concat xss = []) = (\<forall>xs \<in> set xss. xs = [])"
```
```   764 by (induct xss) auto
```
```   765
```
```   766 lemma Nil_eq_concat_conv [iff]: "([] = concat xss) = (\<forall>xs \<in> set xss. xs = [])"
```
```   767 by (induct xss) auto
```
```   768
```
```   769 lemma set_concat [simp]: "set (concat xs) = \<Union>(set ` set xs)"
```
```   770 by (induct xs) auto
```
```   771
```
```   772 lemma map_concat: "map f (concat xs) = concat (map (map f) xs)"
```
```   773 by (induct xs) auto
```
```   774
```
```   775 lemma filter_concat: "filter p (concat xs) = concat (map (filter p) xs)"
```
```   776 by (induct xs) auto
```
```   777
```
```   778 lemma rev_concat: "rev (concat xs) = concat (map rev (rev xs))"
```
```   779 by (induct xs) auto
```
```   780
```
```   781
```
```   782 subsubsection {* @{text nth} *}
```
```   783
```
```   784 lemma nth_Cons_0 [simp]: "(x # xs)!0 = x"
```
```   785 by auto
```
```   786
```
```   787 lemma nth_Cons_Suc [simp]: "(x # xs)!(Suc n) = xs!n"
```
```   788 by auto
```
```   789
```
```   790 declare nth.simps [simp del]
```
```   791
```
```   792 lemma nth_append:
```
```   793 "!!n. (xs @ ys)!n = (if n < length xs then xs!n else ys!(n - length xs))"
```
```   794 apply (induct "xs", simp)
```
```   795 apply (case_tac n, auto)
```
```   796 done
```
```   797
```
```   798 lemma nth_append_length [simp]: "(xs @ x # ys) ! length xs = x"
```
```   799 by (induct "xs") auto
```
```   800
```
```   801 lemma nth_append_length_plus[simp]: "(xs @ ys) ! (length xs + n) = ys ! n"
```
```   802 by (induct "xs") auto
```
```   803
```
```   804 lemma nth_map [simp]: "!!n. n < length xs ==> (map f xs)!n = f(xs!n)"
```
```   805 apply (induct xs, simp)
```
```   806 apply (case_tac n, auto)
```
```   807 done
```
```   808
```
```   809 lemma set_conv_nth: "set xs = {xs!i | i. i < length xs}"
```
```   810 apply (induct xs, simp, simp)
```
```   811 apply safe
```
```   812 apply (rule_tac x = 0 in exI, simp)
```
```   813  apply (rule_tac x = "Suc i" in exI, simp)
```
```   814 apply (case_tac i, simp)
```
```   815 apply (rename_tac j)
```
```   816 apply (rule_tac x = j in exI, simp)
```
```   817 done
```
```   818
```
```   819 lemma list_ball_nth: "[| n < length xs; !x : set xs. P x|] ==> P(xs!n)"
```
```   820 by (auto simp add: set_conv_nth)
```
```   821
```
```   822 lemma nth_mem [simp]: "n < length xs ==> xs!n : set xs"
```
```   823 by (auto simp add: set_conv_nth)
```
```   824
```
```   825 lemma all_nth_imp_all_set:
```
```   826 "[| !i < length xs. P(xs!i); x : set xs|] ==> P x"
```
```   827 by (auto simp add: set_conv_nth)
```
```   828
```
```   829 lemma all_set_conv_all_nth:
```
```   830 "(\<forall>x \<in> set xs. P x) = (\<forall>i. i < length xs --> P (xs ! i))"
```
```   831 by (auto simp add: set_conv_nth)
```
```   832
```
```   833
```
```   834 subsubsection {* @{text list_update} *}
```
```   835
```
```   836 lemma length_list_update [simp]: "!!i. length(xs[i:=x]) = length xs"
```
```   837 by (induct xs) (auto split: nat.split)
```
```   838
```
```   839 lemma nth_list_update:
```
```   840 "!!i j. i < length xs==> (xs[i:=x])!j = (if i = j then x else xs!j)"
```
```   841 by (induct xs) (auto simp add: nth_Cons split: nat.split)
```
```   842
```
```   843 lemma nth_list_update_eq [simp]: "i < length xs ==> (xs[i:=x])!i = x"
```
```   844 by (simp add: nth_list_update)
```
```   845
```
```   846 lemma nth_list_update_neq [simp]: "!!i j. i \<noteq> j ==> xs[i:=x]!j = xs!j"
```
```   847 by (induct xs) (auto simp add: nth_Cons split: nat.split)
```
```   848
```
```   849 lemma list_update_overwrite [simp]:
```
```   850 "!!i. i < size xs ==> xs[i:=x, i:=y] = xs[i:=y]"
```
```   851 by (induct xs) (auto split: nat.split)
```
```   852
```
```   853 lemma list_update_id[simp]: "!!i. i < length xs ==> xs[i := xs!i] = xs"
```
```   854 apply (induct xs, simp)
```
```   855 apply(simp split:nat.splits)
```
```   856 done
```
```   857
```
```   858 lemma list_update_same_conv:
```
```   859 "!!i. i < length xs ==> (xs[i := x] = xs) = (xs!i = x)"
```
```   860 by (induct xs) (auto split: nat.split)
```
```   861
```
```   862 lemma list_update_append1:
```
```   863  "!!i. i < size xs \<Longrightarrow> (xs @ ys)[i:=x] = xs[i:=x] @ ys"
```
```   864 apply (induct xs, simp)
```
```   865 apply(simp split:nat.split)
```
```   866 done
```
```   867
```
```   868 lemma list_update_length [simp]:
```
```   869  "(xs @ x # ys)[length xs := y] = (xs @ y # ys)"
```
```   870 by (induct xs, auto)
```
```   871
```
```   872 lemma update_zip:
```
```   873 "!!i xy xs. length xs = length ys ==>
```
```   874 (zip xs ys)[i:=xy] = zip (xs[i:=fst xy]) (ys[i:=snd xy])"
```
```   875 by (induct ys) (auto, case_tac xs, auto split: nat.split)
```
```   876
```
```   877 lemma set_update_subset_insert: "!!i. set(xs[i:=x]) <= insert x (set xs)"
```
```   878 by (induct xs) (auto split: nat.split)
```
```   879
```
```   880 lemma set_update_subsetI: "[| set xs <= A; x:A |] ==> set(xs[i := x]) <= A"
```
```   881 by (blast dest!: set_update_subset_insert [THEN subsetD])
```
```   882
```
```   883
```
```   884 subsubsection {* @{text last} and @{text butlast} *}
```
```   885
```
```   886 lemma last_snoc [simp]: "last (xs @ [x]) = x"
```
```   887 by (induct xs) auto
```
```   888
```
```   889 lemma butlast_snoc [simp]: "butlast (xs @ [x]) = xs"
```
```   890 by (induct xs) auto
```
```   891
```
```   892 lemma last_ConsL: "xs = [] \<Longrightarrow> last(x#xs) = x"
```
```   893 by(simp add:last.simps)
```
```   894
```
```   895 lemma last_ConsR: "xs \<noteq> [] \<Longrightarrow> last(x#xs) = last xs"
```
```   896 by(simp add:last.simps)
```
```   897
```
```   898 lemma last_append: "last(xs @ ys) = (if ys = [] then last xs else last ys)"
```
```   899 by (induct xs) (auto)
```
```   900
```
```   901 lemma last_appendL[simp]: "ys = [] \<Longrightarrow> last(xs @ ys) = last xs"
```
```   902 by(simp add:last_append)
```
```   903
```
```   904 lemma last_appendR[simp]: "ys \<noteq> [] \<Longrightarrow> last(xs @ ys) = last ys"
```
```   905 by(simp add:last_append)
```
```   906
```
```   907
```
```   908 lemma length_butlast [simp]: "length (butlast xs) = length xs - 1"
```
```   909 by (induct xs rule: rev_induct) auto
```
```   910
```
```   911 lemma butlast_append:
```
```   912 "!!ys. butlast (xs @ ys) = (if ys = [] then butlast xs else xs @ butlast ys)"
```
```   913 by (induct xs) auto
```
```   914
```
```   915 lemma append_butlast_last_id [simp]:
```
```   916 "xs \<noteq> [] ==> butlast xs @ [last xs] = xs"
```
```   917 by (induct xs) auto
```
```   918
```
```   919 lemma in_set_butlastD: "x : set (butlast xs) ==> x : set xs"
```
```   920 by (induct xs) (auto split: split_if_asm)
```
```   921
```
```   922 lemma in_set_butlast_appendI:
```
```   923 "x : set (butlast xs) | x : set (butlast ys) ==> x : set (butlast (xs @ ys))"
```
```   924 by (auto dest: in_set_butlastD simp add: butlast_append)
```
```   925
```
```   926
```
```   927 subsubsection {* @{text take} and @{text drop} *}
```
```   928
```
```   929 lemma take_0 [simp]: "take 0 xs = []"
```
```   930 by (induct xs) auto
```
```   931
```
```   932 lemma drop_0 [simp]: "drop 0 xs = xs"
```
```   933 by (induct xs) auto
```
```   934
```
```   935 lemma take_Suc_Cons [simp]: "take (Suc n) (x # xs) = x # take n xs"
```
```   936 by simp
```
```   937
```
```   938 lemma drop_Suc_Cons [simp]: "drop (Suc n) (x # xs) = drop n xs"
```
```   939 by simp
```
```   940
```
```   941 declare take_Cons [simp del] and drop_Cons [simp del]
```
```   942
```
```   943 lemma take_Suc: "xs ~= [] ==> take (Suc n) xs = hd xs # take n (tl xs)"
```
```   944 by(clarsimp simp add:neq_Nil_conv)
```
```   945
```
```   946 lemma drop_Suc: "drop (Suc n) xs = drop n (tl xs)"
```
```   947 by(cases xs, simp_all)
```
```   948
```
```   949 lemma drop_tl: "!!n. drop n (tl xs) = tl(drop n xs)"
```
```   950 by(induct xs, simp_all add:drop_Cons drop_Suc split:nat.split)
```
```   951
```
```   952 lemma nth_via_drop: "!!n. drop n xs = y#ys \<Longrightarrow> xs!n = y"
```
```   953 apply (induct xs, simp)
```
```   954 apply(simp add:drop_Cons nth_Cons split:nat.splits)
```
```   955 done
```
```   956
```
```   957 lemma take_Suc_conv_app_nth:
```
```   958  "!!i. i < length xs \<Longrightarrow> take (Suc i) xs = take i xs @ [xs!i]"
```
```   959 apply (induct xs, simp)
```
```   960 apply (case_tac i, auto)
```
```   961 done
```
```   962
```
```   963 lemma drop_Suc_conv_tl:
```
```   964   "!!i. i < length xs \<Longrightarrow> (xs!i) # (drop (Suc i) xs) = drop i xs"
```
```   965 apply (induct xs, simp)
```
```   966 apply (case_tac i, auto)
```
```   967 done
```
```   968
```
```   969 lemma length_take [simp]: "!!xs. length (take n xs) = min (length xs) n"
```
```   970 by (induct n) (auto, case_tac xs, auto)
```
```   971
```
```   972 lemma length_drop [simp]: "!!xs. length (drop n xs) = (length xs - n)"
```
```   973 by (induct n) (auto, case_tac xs, auto)
```
```   974
```
```   975 lemma take_all [simp]: "!!xs. length xs <= n ==> take n xs = xs"
```
```   976 by (induct n) (auto, case_tac xs, auto)
```
```   977
```
```   978 lemma drop_all [simp]: "!!xs. length xs <= n ==> drop n xs = []"
```
```   979 by (induct n) (auto, case_tac xs, auto)
```
```   980
```
```   981 lemma take_append [simp]:
```
```   982 "!!xs. take n (xs @ ys) = (take n xs @ take (n - length xs) ys)"
```
```   983 by (induct n) (auto, case_tac xs, auto)
```
```   984
```
```   985 lemma drop_append [simp]:
```
```   986 "!!xs. drop n (xs @ ys) = drop n xs @ drop (n - length xs) ys"
```
```   987 by (induct n) (auto, case_tac xs, auto)
```
```   988
```
```   989 lemma take_take [simp]: "!!xs n. take n (take m xs) = take (min n m) xs"
```
```   990 apply (induct m, auto)
```
```   991 apply (case_tac xs, auto)
```
```   992 apply (case_tac n, auto)
```
```   993 done
```
```   994
```
```   995 lemma drop_drop [simp]: "!!xs. drop n (drop m xs) = drop (n + m) xs"
```
```   996 apply (induct m, auto)
```
```   997 apply (case_tac xs, auto)
```
```   998 done
```
```   999
```
```  1000 lemma take_drop: "!!xs n. take n (drop m xs) = drop m (take (n + m) xs)"
```
```  1001 apply (induct m, auto)
```
```  1002 apply (case_tac xs, auto)
```
```  1003 done
```
```  1004
```
```  1005 lemma drop_take: "!!m n. drop n (take m xs) = take (m-n) (drop n xs)"
```
```  1006 apply(induct xs)
```
```  1007  apply simp
```
```  1008 apply(simp add: take_Cons drop_Cons split:nat.split)
```
```  1009 done
```
```  1010
```
```  1011 lemma append_take_drop_id [simp]: "!!xs. take n xs @ drop n xs = xs"
```
```  1012 apply (induct n, auto)
```
```  1013 apply (case_tac xs, auto)
```
```  1014 done
```
```  1015
```
```  1016 lemma take_eq_Nil[simp]: "!!n. (take n xs = []) = (n = 0 \<or> xs = [])"
```
```  1017 apply(induct xs)
```
```  1018  apply simp
```
```  1019 apply(simp add:take_Cons split:nat.split)
```
```  1020 done
```
```  1021
```
```  1022 lemma drop_eq_Nil[simp]: "!!n. (drop n xs = []) = (length xs <= n)"
```
```  1023 apply(induct xs)
```
```  1024 apply simp
```
```  1025 apply(simp add:drop_Cons split:nat.split)
```
```  1026 done
```
```  1027
```
```  1028 lemma take_map: "!!xs. take n (map f xs) = map f (take n xs)"
```
```  1029 apply (induct n, auto)
```
```  1030 apply (case_tac xs, auto)
```
```  1031 done
```
```  1032
```
```  1033 lemma drop_map: "!!xs. drop n (map f xs) = map f (drop n xs)"
```
```  1034 apply (induct n, auto)
```
```  1035 apply (case_tac xs, auto)
```
```  1036 done
```
```  1037
```
```  1038 lemma rev_take: "!!i. rev (take i xs) = drop (length xs - i) (rev xs)"
```
```  1039 apply (induct xs, auto)
```
```  1040 apply (case_tac i, auto)
```
```  1041 done
```
```  1042
```
```  1043 lemma rev_drop: "!!i. rev (drop i xs) = take (length xs - i) (rev xs)"
```
```  1044 apply (induct xs, auto)
```
```  1045 apply (case_tac i, auto)
```
```  1046 done
```
```  1047
```
```  1048 lemma nth_take [simp]: "!!n i. i < n ==> (take n xs)!i = xs!i"
```
```  1049 apply (induct xs, auto)
```
```  1050 apply (case_tac n, blast)
```
```  1051 apply (case_tac i, auto)
```
```  1052 done
```
```  1053
```
```  1054 lemma nth_drop [simp]:
```
```  1055 "!!xs i. n + i <= length xs ==> (drop n xs)!i = xs!(n + i)"
```
```  1056 apply (induct n, auto)
```
```  1057 apply (case_tac xs, auto)
```
```  1058 done
```
```  1059
```
```  1060 lemma set_take_subset: "\<And>n. set(take n xs) \<subseteq> set xs"
```
```  1061 by(induct xs)(auto simp:take_Cons split:nat.split)
```
```  1062
```
```  1063 lemma set_drop_subset: "\<And>n. set(drop n xs) \<subseteq> set xs"
```
```  1064 by(induct xs)(auto simp:drop_Cons split:nat.split)
```
```  1065
```
```  1066 lemma in_set_takeD: "x : set(take n xs) \<Longrightarrow> x : set xs"
```
```  1067 using set_take_subset by fast
```
```  1068
```
```  1069 lemma in_set_dropD: "x : set(drop n xs) \<Longrightarrow> x : set xs"
```
```  1070 using set_drop_subset by fast
```
```  1071
```
```  1072 lemma append_eq_conv_conj:
```
```  1073 "!!zs. (xs @ ys = zs) = (xs = take (length xs) zs \<and> ys = drop (length xs) zs)"
```
```  1074 apply (induct xs, simp, clarsimp)
```
```  1075 apply (case_tac zs, auto)
```
```  1076 done
```
```  1077
```
```  1078 lemma take_add [rule_format]:
```
```  1079     "\<forall>i. i+j \<le> length(xs) --> take (i+j) xs = take i xs @ take j (drop i xs)"
```
```  1080 apply (induct xs, auto)
```
```  1081 apply (case_tac i, simp_all)
```
```  1082 done
```
```  1083
```
```  1084 lemma append_eq_append_conv_if:
```
```  1085  "!! ys\<^isub>1. (xs\<^isub>1 @ xs\<^isub>2 = ys\<^isub>1 @ ys\<^isub>2) =
```
```  1086   (if size xs\<^isub>1 \<le> size ys\<^isub>1
```
```  1087    then xs\<^isub>1 = take (size xs\<^isub>1) ys\<^isub>1 \<and> xs\<^isub>2 = drop (size xs\<^isub>1) ys\<^isub>1 @ ys\<^isub>2
```
```  1088    else take (size ys\<^isub>1) xs\<^isub>1 = ys\<^isub>1 \<and> drop (size ys\<^isub>1) xs\<^isub>1 @ xs\<^isub>2 = ys\<^isub>2)"
```
```  1089 apply(induct xs\<^isub>1)
```
```  1090  apply simp
```
```  1091 apply(case_tac ys\<^isub>1)
```
```  1092 apply simp_all
```
```  1093 done
```
```  1094
```
```  1095 lemma take_hd_drop:
```
```  1096   "!!n. n < length xs \<Longrightarrow> take n xs @ [hd (drop n xs)] = take (n+1) xs"
```
```  1097 apply(induct xs)
```
```  1098 apply simp
```
```  1099 apply(simp add:drop_Cons split:nat.split)
```
```  1100 done
```
```  1101
```
```  1102
```
```  1103 subsubsection {* @{text takeWhile} and @{text dropWhile} *}
```
```  1104
```
```  1105 lemma takeWhile_dropWhile_id [simp]: "takeWhile P xs @ dropWhile P xs = xs"
```
```  1106 by (induct xs) auto
```
```  1107
```
```  1108 lemma takeWhile_append1 [simp]:
```
```  1109 "[| x:set xs; ~P(x)|] ==> takeWhile P (xs @ ys) = takeWhile P xs"
```
```  1110 by (induct xs) auto
```
```  1111
```
```  1112 lemma takeWhile_append2 [simp]:
```
```  1113 "(!!x. x : set xs ==> P x) ==> takeWhile P (xs @ ys) = xs @ takeWhile P ys"
```
```  1114 by (induct xs) auto
```
```  1115
```
```  1116 lemma takeWhile_tail: "\<not> P x ==> takeWhile P (xs @ (x#l)) = takeWhile P xs"
```
```  1117 by (induct xs) auto
```
```  1118
```
```  1119 lemma dropWhile_append1 [simp]:
```
```  1120 "[| x : set xs; ~P(x)|] ==> dropWhile P (xs @ ys) = (dropWhile P xs)@ys"
```
```  1121 by (induct xs) auto
```
```  1122
```
```  1123 lemma dropWhile_append2 [simp]:
```
```  1124 "(!!x. x:set xs ==> P(x)) ==> dropWhile P (xs @ ys) = dropWhile P ys"
```
```  1125 by (induct xs) auto
```
```  1126
```
```  1127 lemma set_take_whileD: "x : set (takeWhile P xs) ==> x : set xs \<and> P x"
```
```  1128 by (induct xs) (auto split: split_if_asm)
```
```  1129
```
```  1130 lemma takeWhile_eq_all_conv[simp]:
```
```  1131  "(takeWhile P xs = xs) = (\<forall>x \<in> set xs. P x)"
```
```  1132 by(induct xs, auto)
```
```  1133
```
```  1134 lemma dropWhile_eq_Nil_conv[simp]:
```
```  1135  "(dropWhile P xs = []) = (\<forall>x \<in> set xs. P x)"
```
```  1136 by(induct xs, auto)
```
```  1137
```
```  1138 lemma dropWhile_eq_Cons_conv:
```
```  1139  "(dropWhile P xs = y#ys) = (xs = takeWhile P xs @ y # ys & \<not> P y)"
```
```  1140 by(induct xs, auto)
```
```  1141
```
```  1142
```
```  1143 subsubsection {* @{text zip} *}
```
```  1144
```
```  1145 lemma zip_Nil [simp]: "zip [] ys = []"
```
```  1146 by (induct ys) auto
```
```  1147
```
```  1148 lemma zip_Cons_Cons [simp]: "zip (x # xs) (y # ys) = (x, y) # zip xs ys"
```
```  1149 by simp
```
```  1150
```
```  1151 declare zip_Cons [simp del]
```
```  1152
```
```  1153 lemma zip_Cons1:
```
```  1154  "zip (x#xs) ys = (case ys of [] \<Rightarrow> [] | y#ys \<Rightarrow> (x,y)#zip xs ys)"
```
```  1155 by(auto split:list.split)
```
```  1156
```
```  1157 lemma length_zip [simp]:
```
```  1158 "!!xs. length (zip xs ys) = min (length xs) (length ys)"
```
```  1159 apply (induct ys, simp)
```
```  1160 apply (case_tac xs, auto)
```
```  1161 done
```
```  1162
```
```  1163 lemma zip_append1:
```
```  1164 "!!xs. zip (xs @ ys) zs =
```
```  1165 zip xs (take (length xs) zs) @ zip ys (drop (length xs) zs)"
```
```  1166 apply (induct zs, simp)
```
```  1167 apply (case_tac xs, simp_all)
```
```  1168 done
```
```  1169
```
```  1170 lemma zip_append2:
```
```  1171 "!!ys. zip xs (ys @ zs) =
```
```  1172 zip (take (length ys) xs) ys @ zip (drop (length ys) xs) zs"
```
```  1173 apply (induct xs, simp)
```
```  1174 apply (case_tac ys, simp_all)
```
```  1175 done
```
```  1176
```
```  1177 lemma zip_append [simp]:
```
```  1178  "[| length xs = length us; length ys = length vs |] ==>
```
```  1179 zip (xs@ys) (us@vs) = zip xs us @ zip ys vs"
```
```  1180 by (simp add: zip_append1)
```
```  1181
```
```  1182 lemma zip_rev:
```
```  1183 "length xs = length ys ==> zip (rev xs) (rev ys) = rev (zip xs ys)"
```
```  1184 by (induct rule:list_induct2, simp_all)
```
```  1185
```
```  1186 lemma nth_zip [simp]:
```
```  1187 "!!i xs. [| i < length xs; i < length ys|] ==> (zip xs ys)!i = (xs!i, ys!i)"
```
```  1188 apply (induct ys, simp)
```
```  1189 apply (case_tac xs)
```
```  1190  apply (simp_all add: nth.simps split: nat.split)
```
```  1191 done
```
```  1192
```
```  1193 lemma set_zip:
```
```  1194 "set (zip xs ys) = {(xs!i, ys!i) | i. i < min (length xs) (length ys)}"
```
```  1195 by (simp add: set_conv_nth cong: rev_conj_cong)
```
```  1196
```
```  1197 lemma zip_update:
```
```  1198 "length xs = length ys ==> zip (xs[i:=x]) (ys[i:=y]) = (zip xs ys)[i:=(x,y)]"
```
```  1199 by (rule sym, simp add: update_zip)
```
```  1200
```
```  1201 lemma zip_replicate [simp]:
```
```  1202 "!!j. zip (replicate i x) (replicate j y) = replicate (min i j) (x,y)"
```
```  1203 apply (induct i, auto)
```
```  1204 apply (case_tac j, auto)
```
```  1205 done
```
```  1206
```
```  1207
```
```  1208 subsubsection {* @{text list_all2} *}
```
```  1209
```
```  1210 lemma list_all2_lengthD [intro?]:
```
```  1211   "list_all2 P xs ys ==> length xs = length ys"
```
```  1212 by (simp add: list_all2_def)
```
```  1213
```
```  1214 lemma list_all2_Nil [iff]: "list_all2 P [] ys = (ys = [])"
```
```  1215 by (simp add: list_all2_def)
```
```  1216
```
```  1217 lemma list_all2_Nil2[iff]: "list_all2 P xs [] = (xs = [])"
```
```  1218 by (simp add: list_all2_def)
```
```  1219
```
```  1220 lemma list_all2_Cons [iff]:
```
```  1221 "list_all2 P (x # xs) (y # ys) = (P x y \<and> list_all2 P xs ys)"
```
```  1222 by (auto simp add: list_all2_def)
```
```  1223
```
```  1224 lemma list_all2_Cons1:
```
```  1225 "list_all2 P (x # xs) ys = (\<exists>z zs. ys = z # zs \<and> P x z \<and> list_all2 P xs zs)"
```
```  1226 by (cases ys) auto
```
```  1227
```
```  1228 lemma list_all2_Cons2:
```
```  1229 "list_all2 P xs (y # ys) = (\<exists>z zs. xs = z # zs \<and> P z y \<and> list_all2 P zs ys)"
```
```  1230 by (cases xs) auto
```
```  1231
```
```  1232 lemma list_all2_rev [iff]:
```
```  1233 "list_all2 P (rev xs) (rev ys) = list_all2 P xs ys"
```
```  1234 by (simp add: list_all2_def zip_rev cong: conj_cong)
```
```  1235
```
```  1236 lemma list_all2_rev1:
```
```  1237 "list_all2 P (rev xs) ys = list_all2 P xs (rev ys)"
```
```  1238 by (subst list_all2_rev [symmetric]) simp
```
```  1239
```
```  1240 lemma list_all2_append1:
```
```  1241 "list_all2 P (xs @ ys) zs =
```
```  1242 (EX us vs. zs = us @ vs \<and> length us = length xs \<and> length vs = length ys \<and>
```
```  1243 list_all2 P xs us \<and> list_all2 P ys vs)"
```
```  1244 apply (simp add: list_all2_def zip_append1)
```
```  1245 apply (rule iffI)
```
```  1246  apply (rule_tac x = "take (length xs) zs" in exI)
```
```  1247  apply (rule_tac x = "drop (length xs) zs" in exI)
```
```  1248  apply (force split: nat_diff_split simp add: min_def, clarify)
```
```  1249 apply (simp add: ball_Un)
```
```  1250 done
```
```  1251
```
```  1252 lemma list_all2_append2:
```
```  1253 "list_all2 P xs (ys @ zs) =
```
```  1254 (EX us vs. xs = us @ vs \<and> length us = length ys \<and> length vs = length zs \<and>
```
```  1255 list_all2 P us ys \<and> list_all2 P vs zs)"
```
```  1256 apply (simp add: list_all2_def zip_append2)
```
```  1257 apply (rule iffI)
```
```  1258  apply (rule_tac x = "take (length ys) xs" in exI)
```
```  1259  apply (rule_tac x = "drop (length ys) xs" in exI)
```
```  1260  apply (force split: nat_diff_split simp add: min_def, clarify)
```
```  1261 apply (simp add: ball_Un)
```
```  1262 done
```
```  1263
```
```  1264 lemma list_all2_append:
```
```  1265   "length xs = length ys \<Longrightarrow>
```
```  1266   list_all2 P (xs@us) (ys@vs) = (list_all2 P xs ys \<and> list_all2 P us vs)"
```
```  1267 by (induct rule:list_induct2, simp_all)
```
```  1268
```
```  1269 lemma list_all2_appendI [intro?, trans]:
```
```  1270   "\<lbrakk> list_all2 P a b; list_all2 P c d \<rbrakk> \<Longrightarrow> list_all2 P (a@c) (b@d)"
```
```  1271   by (simp add: list_all2_append list_all2_lengthD)
```
```  1272
```
```  1273 lemma list_all2_conv_all_nth:
```
```  1274 "list_all2 P xs ys =
```
```  1275 (length xs = length ys \<and> (\<forall>i < length xs. P (xs!i) (ys!i)))"
```
```  1276 by (force simp add: list_all2_def set_zip)
```
```  1277
```
```  1278 lemma list_all2_trans:
```
```  1279   assumes tr: "!!a b c. P1 a b ==> P2 b c ==> P3 a c"
```
```  1280   shows "!!bs cs. list_all2 P1 as bs ==> list_all2 P2 bs cs ==> list_all2 P3 as cs"
```
```  1281         (is "!!bs cs. PROP ?Q as bs cs")
```
```  1282 proof (induct as)
```
```  1283   fix x xs bs assume I1: "!!bs cs. PROP ?Q xs bs cs"
```
```  1284   show "!!cs. PROP ?Q (x # xs) bs cs"
```
```  1285   proof (induct bs)
```
```  1286     fix y ys cs assume I2: "!!cs. PROP ?Q (x # xs) ys cs"
```
```  1287     show "PROP ?Q (x # xs) (y # ys) cs"
```
```  1288       by (induct cs) (auto intro: tr I1 I2)
```
```  1289   qed simp
```
```  1290 qed simp
```
```  1291
```
```  1292 lemma list_all2_all_nthI [intro?]:
```
```  1293   "length a = length b \<Longrightarrow> (\<And>n. n < length a \<Longrightarrow> P (a!n) (b!n)) \<Longrightarrow> list_all2 P a b"
```
```  1294   by (simp add: list_all2_conv_all_nth)
```
```  1295
```
```  1296 lemma list_all2I:
```
```  1297   "\<forall>x \<in> set (zip a b). split P x \<Longrightarrow> length a = length b \<Longrightarrow> list_all2 P a b"
```
```  1298   by (simp add: list_all2_def)
```
```  1299
```
```  1300 lemma list_all2_nthD:
```
```  1301   "\<lbrakk> list_all2 P xs ys; p < size xs \<rbrakk> \<Longrightarrow> P (xs!p) (ys!p)"
```
```  1302   by (simp add: list_all2_conv_all_nth)
```
```  1303
```
```  1304 lemma list_all2_nthD2:
```
```  1305   "\<lbrakk>list_all2 P xs ys; p < size ys\<rbrakk> \<Longrightarrow> P (xs!p) (ys!p)"
```
```  1306   by (frule list_all2_lengthD) (auto intro: list_all2_nthD)
```
```  1307
```
```  1308 lemma list_all2_map1:
```
```  1309   "list_all2 P (map f as) bs = list_all2 (\<lambda>x y. P (f x) y) as bs"
```
```  1310   by (simp add: list_all2_conv_all_nth)
```
```  1311
```
```  1312 lemma list_all2_map2:
```
```  1313   "list_all2 P as (map f bs) = list_all2 (\<lambda>x y. P x (f y)) as bs"
```
```  1314   by (auto simp add: list_all2_conv_all_nth)
```
```  1315
```
```  1316 lemma list_all2_refl [intro?]:
```
```  1317   "(\<And>x. P x x) \<Longrightarrow> list_all2 P xs xs"
```
```  1318   by (simp add: list_all2_conv_all_nth)
```
```  1319
```
```  1320 lemma list_all2_update_cong:
```
```  1321   "\<lbrakk> i<size xs; list_all2 P xs ys; P x y \<rbrakk> \<Longrightarrow> list_all2 P (xs[i:=x]) (ys[i:=y])"
```
```  1322   by (simp add: list_all2_conv_all_nth nth_list_update)
```
```  1323
```
```  1324 lemma list_all2_update_cong2:
```
```  1325   "\<lbrakk>list_all2 P xs ys; P x y; i < length ys\<rbrakk> \<Longrightarrow> list_all2 P (xs[i:=x]) (ys[i:=y])"
```
```  1326   by (simp add: list_all2_lengthD list_all2_update_cong)
```
```  1327
```
```  1328 lemma list_all2_takeI [simp,intro?]:
```
```  1329   "\<And>n ys. list_all2 P xs ys \<Longrightarrow> list_all2 P (take n xs) (take n ys)"
```
```  1330   apply (induct xs)
```
```  1331    apply simp
```
```  1332   apply (clarsimp simp add: list_all2_Cons1)
```
```  1333   apply (case_tac n)
```
```  1334   apply auto
```
```  1335   done
```
```  1336
```
```  1337 lemma list_all2_dropI [simp,intro?]:
```
```  1338   "\<And>n bs. list_all2 P as bs \<Longrightarrow> list_all2 P (drop n as) (drop n bs)"
```
```  1339   apply (induct as, simp)
```
```  1340   apply (clarsimp simp add: list_all2_Cons1)
```
```  1341   apply (case_tac n, simp, simp)
```
```  1342   done
```
```  1343
```
```  1344 lemma list_all2_mono [intro?]:
```
```  1345   "\<And>y. list_all2 P x y \<Longrightarrow> (\<And>x y. P x y \<Longrightarrow> Q x y) \<Longrightarrow> list_all2 Q x y"
```
```  1346   apply (induct x, simp)
```
```  1347   apply (case_tac y, auto)
```
```  1348   done
```
```  1349
```
```  1350
```
```  1351 subsubsection {* @{text foldl} and @{text foldr} *}
```
```  1352
```
```  1353 lemma foldl_append [simp]:
```
```  1354 "!!a. foldl f a (xs @ ys) = foldl f (foldl f a xs) ys"
```
```  1355 by (induct xs) auto
```
```  1356
```
```  1357 lemma foldr_append[simp]: "foldr f (xs @ ys) a = foldr f xs (foldr f ys a)"
```
```  1358 by (induct xs) auto
```
```  1359
```
```  1360 lemma foldr_foldl: "foldr f xs a = foldl (%x y. f y x) a (rev xs)"
```
```  1361 by (induct xs) auto
```
```  1362
```
```  1363 lemma foldl_foldr: "foldl f a xs = foldr (%x y. f y x) (rev xs) a"
```
```  1364 by (simp add: foldr_foldl [of "%x y. f y x" "rev xs"])
```
```  1365
```
```  1366 text {*
```
```  1367 Note: @{text "n \<le> foldl (op +) n ns"} looks simpler, but is more
```
```  1368 difficult to use because it requires an additional transitivity step.
```
```  1369 *}
```
```  1370
```
```  1371 lemma start_le_sum: "!!n::nat. m <= n ==> m <= foldl (op +) n ns"
```
```  1372 by (induct ns) auto
```
```  1373
```
```  1374 lemma elem_le_sum: "!!n::nat. n : set ns ==> n <= foldl (op +) 0 ns"
```
```  1375 by (force intro: start_le_sum simp add: in_set_conv_decomp)
```
```  1376
```
```  1377 lemma sum_eq_0_conv [iff]:
```
```  1378 "!!m::nat. (foldl (op +) m ns = 0) = (m = 0 \<and> (\<forall>n \<in> set ns. n = 0))"
```
```  1379 by (induct ns) auto
```
```  1380
```
```  1381
```
```  1382 subsubsection {* @{text upto} *}
```
```  1383
```
```  1384 lemma upt_rec: "[i..<j] = (if i<j then i#[Suc i..<j] else [])"
```
```  1385 -- {* Does not terminate! *}
```
```  1386 by (induct j) auto
```
```  1387
```
```  1388 lemma upt_conv_Nil [simp]: "j <= i ==> [i..<j] = []"
```
```  1389 by (subst upt_rec) simp
```
```  1390
```
```  1391 lemma upt_eq_Nil_conv[simp]: "([i..<j] = []) = (j = 0 \<or> j <= i)"
```
```  1392 by(induct j)simp_all
```
```  1393
```
```  1394 lemma upt_eq_Cons_conv:
```
```  1395  "!!x xs. ([i..<j] = x#xs) = (i < j & i = x & [i+1..<j] = xs)"
```
```  1396 apply(induct j)
```
```  1397  apply simp
```
```  1398 apply(clarsimp simp add: append_eq_Cons_conv)
```
```  1399 apply arith
```
```  1400 done
```
```  1401
```
```  1402 lemma upt_Suc_append: "i <= j ==> [i..<(Suc j)] = [i..<j]@[j]"
```
```  1403 -- {* Only needed if @{text upt_Suc} is deleted from the simpset. *}
```
```  1404 by simp
```
```  1405
```
```  1406 lemma upt_conv_Cons: "i < j ==> [i..<j] = i # [Suc i..<j]"
```
```  1407 apply(rule trans)
```
```  1408 apply(subst upt_rec)
```
```  1409  prefer 2 apply (rule refl, simp)
```
```  1410 done
```
```  1411
```
```  1412 lemma upt_add_eq_append: "i<=j ==> [i..<j+k] = [i..<j]@[j..<j+k]"
```
```  1413 -- {* LOOPS as a simprule, since @{text "j <= j"}. *}
```
```  1414 by (induct k) auto
```
```  1415
```
```  1416 lemma length_upt [simp]: "length [i..<j] = j - i"
```
```  1417 by (induct j) (auto simp add: Suc_diff_le)
```
```  1418
```
```  1419 lemma nth_upt [simp]: "i + k < j ==> [i..<j] ! k = i + k"
```
```  1420 apply (induct j)
```
```  1421 apply (auto simp add: less_Suc_eq nth_append split: nat_diff_split)
```
```  1422 done
```
```  1423
```
```  1424 lemma take_upt [simp]: "!!i. i+m <= n ==> take m [i..<n] = [i..<i+m]"
```
```  1425 apply (induct m, simp)
```
```  1426 apply (subst upt_rec)
```
```  1427 apply (rule sym)
```
```  1428 apply (subst upt_rec)
```
```  1429 apply (simp del: upt.simps)
```
```  1430 done
```
```  1431
```
```  1432 lemma map_Suc_upt: "map Suc [m..<n] = [Suc m..n]"
```
```  1433 by (induct n) auto
```
```  1434
```
```  1435 lemma nth_map_upt: "!!i. i < n-m ==> (map f [m..<n]) ! i = f(m+i)"
```
```  1436 apply (induct n m rule: diff_induct)
```
```  1437 prefer 3 apply (subst map_Suc_upt[symmetric])
```
```  1438 apply (auto simp add: less_diff_conv nth_upt)
```
```  1439 done
```
```  1440
```
```  1441 lemma nth_take_lemma:
```
```  1442   "!!xs ys. k <= length xs ==> k <= length ys ==>
```
```  1443      (!!i. i < k --> xs!i = ys!i) ==> take k xs = take k ys"
```
```  1444 apply (atomize, induct k)
```
```  1445 apply (simp_all add: less_Suc_eq_0_disj all_conj_distrib, clarify)
```
```  1446 txt {* Both lists must be non-empty *}
```
```  1447 apply (case_tac xs, simp)
```
```  1448 apply (case_tac ys, clarify)
```
```  1449  apply (simp (no_asm_use))
```
```  1450 apply clarify
```
```  1451 txt {* prenexing's needed, not miniscoping *}
```
```  1452 apply (simp (no_asm_use) add: all_simps [symmetric] del: all_simps)
```
```  1453 apply blast
```
```  1454 done
```
```  1455
```
```  1456 lemma nth_equalityI:
```
```  1457  "[| length xs = length ys; ALL i < length xs. xs!i = ys!i |] ==> xs = ys"
```
```  1458 apply (frule nth_take_lemma [OF le_refl eq_imp_le])
```
```  1459 apply (simp_all add: take_all)
```
```  1460 done
```
```  1461
```
```  1462 (* needs nth_equalityI *)
```
```  1463 lemma list_all2_antisym:
```
```  1464   "\<lbrakk> (\<And>x y. \<lbrakk>P x y; Q y x\<rbrakk> \<Longrightarrow> x = y); list_all2 P xs ys; list_all2 Q ys xs \<rbrakk>
```
```  1465   \<Longrightarrow> xs = ys"
```
```  1466   apply (simp add: list_all2_conv_all_nth)
```
```  1467   apply (rule nth_equalityI, blast, simp)
```
```  1468   done
```
```  1469
```
```  1470 lemma take_equalityI: "(\<forall>i. take i xs = take i ys) ==> xs = ys"
```
```  1471 -- {* The famous take-lemma. *}
```
```  1472 apply (drule_tac x = "max (length xs) (length ys)" in spec)
```
```  1473 apply (simp add: le_max_iff_disj take_all)
```
```  1474 done
```
```  1475
```
```  1476
```
```  1477 lemma take_Cons':
```
```  1478      "take n (x # xs) = (if n = 0 then [] else x # take (n - 1) xs)"
```
```  1479 by (cases n) simp_all
```
```  1480
```
```  1481 lemma drop_Cons':
```
```  1482      "drop n (x # xs) = (if n = 0 then x # xs else drop (n - 1) xs)"
```
```  1483 by (cases n) simp_all
```
```  1484
```
```  1485 lemma nth_Cons': "(x # xs)!n = (if n = 0 then x else xs!(n - 1))"
```
```  1486 by (cases n) simp_all
```
```  1487
```
```  1488 lemmas [simp] = take_Cons'[of "number_of v",standard]
```
```  1489                 drop_Cons'[of "number_of v",standard]
```
```  1490                 nth_Cons'[of _ _ "number_of v",standard]
```
```  1491
```
```  1492
```
```  1493 subsubsection {* @{text "distinct"} and @{text remdups} *}
```
```  1494
```
```  1495 lemma distinct_append [simp]:
```
```  1496 "distinct (xs @ ys) = (distinct xs \<and> distinct ys \<and> set xs \<inter> set ys = {})"
```
```  1497 by (induct xs) auto
```
```  1498
```
```  1499 lemma distinct_rev[simp]: "distinct(rev xs) = distinct xs"
```
```  1500 by(induct xs) auto
```
```  1501
```
```  1502 lemma set_remdups [simp]: "set (remdups xs) = set xs"
```
```  1503 by (induct xs) (auto simp add: insert_absorb)
```
```  1504
```
```  1505 lemma distinct_remdups [iff]: "distinct (remdups xs)"
```
```  1506 by (induct xs) auto
```
```  1507
```
```  1508 lemma remdups_eq_nil_iff [simp]: "(remdups x = []) = (x = [])"
```
```  1509   by (induct x, auto)
```
```  1510
```
```  1511 lemma remdups_eq_nil_right_iff [simp]: "([] = remdups x) = (x = [])"
```
```  1512   by (induct x, auto)
```
```  1513
```
```  1514 lemma length_remdups_leq[iff]: "length(remdups xs) <= length xs"
```
```  1515 by (induct xs) auto
```
```  1516
```
```  1517 lemma length_remdups_eq[iff]:
```
```  1518   "(length (remdups xs) = length xs) = (remdups xs = xs)"
```
```  1519 apply(induct xs)
```
```  1520  apply auto
```
```  1521 apply(subgoal_tac "length (remdups xs) <= length xs")
```
```  1522  apply arith
```
```  1523 apply(rule length_remdups_leq)
```
```  1524 done
```
```  1525
```
```  1526 lemma distinct_filter [simp]: "distinct xs ==> distinct (filter P xs)"
```
```  1527 by (induct xs) auto
```
```  1528
```
```  1529 lemma distinct_map_filterI:
```
```  1530  "distinct(map f xs) \<Longrightarrow> distinct(map f (filter P xs))"
```
```  1531 apply(induct xs)
```
```  1532  apply simp
```
```  1533 apply force
```
```  1534 done
```
```  1535
```
```  1536 text {*
```
```  1537 It is best to avoid this indexed version of distinct, but sometimes
```
```  1538 it is useful. *}
```
```  1539 lemma distinct_conv_nth:
```
```  1540 "distinct xs = (\<forall>i j. i < size xs \<and> j < size xs \<and> i \<noteq> j --> xs!i \<noteq> xs!j)"
```
```  1541 apply (induct xs, simp, simp)
```
```  1542 apply (rule iffI, clarsimp)
```
```  1543  apply (case_tac i)
```
```  1544 apply (case_tac j, simp)
```
```  1545 apply (simp add: set_conv_nth)
```
```  1546  apply (case_tac j)
```
```  1547 apply (clarsimp simp add: set_conv_nth, simp)
```
```  1548 apply (rule conjI)
```
```  1549  apply (clarsimp simp add: set_conv_nth)
```
```  1550  apply (erule_tac x = 0 in allE)
```
```  1551  apply (erule_tac x = "Suc i" in allE, simp, clarsimp)
```
```  1552 apply (erule_tac x = "Suc i" in allE)
```
```  1553 apply (erule_tac x = "Suc j" in allE, simp)
```
```  1554 done
```
```  1555
```
```  1556 lemma distinct_card: "distinct xs ==> card (set xs) = size xs"
```
```  1557   by (induct xs) auto
```
```  1558
```
```  1559 lemma card_distinct: "card (set xs) = size xs ==> distinct xs"
```
```  1560 proof (induct xs)
```
```  1561   case Nil thus ?case by simp
```
```  1562 next
```
```  1563   case (Cons x xs)
```
```  1564   show ?case
```
```  1565   proof (cases "x \<in> set xs")
```
```  1566     case False with Cons show ?thesis by simp
```
```  1567   next
```
```  1568     case True with Cons.prems
```
```  1569     have "card (set xs) = Suc (length xs)"
```
```  1570       by (simp add: card_insert_if split: split_if_asm)
```
```  1571     moreover have "card (set xs) \<le> length xs" by (rule card_length)
```
```  1572     ultimately have False by simp
```
```  1573     thus ?thesis ..
```
```  1574   qed
```
```  1575 qed
```
```  1576
```
```  1577 lemma inj_on_setI: "distinct(map f xs) ==> inj_on f (set xs)"
```
```  1578 apply(induct xs)
```
```  1579  apply simp
```
```  1580 apply fastsimp
```
```  1581 done
```
```  1582
```
```  1583 lemma inj_on_set_conv:
```
```  1584  "distinct xs \<Longrightarrow> inj_on f (set xs) = distinct(map f xs)"
```
```  1585 apply(induct xs)
```
```  1586  apply simp
```
```  1587 apply fastsimp
```
```  1588 done
```
```  1589
```
```  1590
```
```  1591 subsubsection {* @{text remove1} *}
```
```  1592
```
```  1593 lemma set_remove1_subset: "set(remove1 x xs) <= set xs"
```
```  1594 apply(induct xs)
```
```  1595  apply simp
```
```  1596 apply simp
```
```  1597 apply blast
```
```  1598 done
```
```  1599
```
```  1600 lemma [simp]: "distinct xs ==> set(remove1 x xs) = set xs - {x}"
```
```  1601 apply(induct xs)
```
```  1602  apply simp
```
```  1603 apply simp
```
```  1604 apply blast
```
```  1605 done
```
```  1606
```
```  1607 lemma notin_set_remove1[simp]: "x ~: set xs ==> x ~: set(remove1 y xs)"
```
```  1608 apply(insert set_remove1_subset)
```
```  1609 apply fast
```
```  1610 done
```
```  1611
```
```  1612 lemma distinct_remove1[simp]: "distinct xs ==> distinct(remove1 x xs)"
```
```  1613 by (induct xs) simp_all
```
```  1614
```
```  1615
```
```  1616 subsubsection {* @{text replicate} *}
```
```  1617
```
```  1618 lemma length_replicate [simp]: "length (replicate n x) = n"
```
```  1619 by (induct n) auto
```
```  1620
```
```  1621 lemma map_replicate [simp]: "map f (replicate n x) = replicate n (f x)"
```
```  1622 by (induct n) auto
```
```  1623
```
```  1624 lemma replicate_app_Cons_same:
```
```  1625 "(replicate n x) @ (x # xs) = x # replicate n x @ xs"
```
```  1626 by (induct n) auto
```
```  1627
```
```  1628 lemma rev_replicate [simp]: "rev (replicate n x) = replicate n x"
```
```  1629 apply (induct n, simp)
```
```  1630 apply (simp add: replicate_app_Cons_same)
```
```  1631 done
```
```  1632
```
```  1633 lemma replicate_add: "replicate (n + m) x = replicate n x @ replicate m x"
```
```  1634 by (induct n) auto
```
```  1635
```
```  1636 lemma hd_replicate [simp]: "n \<noteq> 0 ==> hd (replicate n x) = x"
```
```  1637 by (induct n) auto
```
```  1638
```
```  1639 lemma tl_replicate [simp]: "n \<noteq> 0 ==> tl (replicate n x) = replicate (n - 1) x"
```
```  1640 by (induct n) auto
```
```  1641
```
```  1642 lemma last_replicate [simp]: "n \<noteq> 0 ==> last (replicate n x) = x"
```
```  1643 by (atomize (full), induct n) auto
```
```  1644
```
```  1645 lemma nth_replicate[simp]: "!!i. i < n ==> (replicate n x)!i = x"
```
```  1646 apply (induct n, simp)
```
```  1647 apply (simp add: nth_Cons split: nat.split)
```
```  1648 done
```
```  1649
```
```  1650 lemma set_replicate_Suc: "set (replicate (Suc n) x) = {x}"
```
```  1651 by (induct n) auto
```
```  1652
```
```  1653 lemma set_replicate [simp]: "n \<noteq> 0 ==> set (replicate n x) = {x}"
```
```  1654 by (fast dest!: not0_implies_Suc intro!: set_replicate_Suc)
```
```  1655
```
```  1656 lemma set_replicate_conv_if: "set (replicate n x) = (if n = 0 then {} else {x})"
```
```  1657 by auto
```
```  1658
```
```  1659 lemma in_set_replicateD: "x : set (replicate n y) ==> x = y"
```
```  1660 by (simp add: set_replicate_conv_if split: split_if_asm)
```
```  1661
```
```  1662
```
```  1663 subsubsection{*@{text rotate1} and @{text rotate}*}
```
```  1664
```
```  1665 lemma rotate_simps[simp]: "rotate1 [] = [] \<and> rotate1 (x#xs) = xs @ [x]"
```
```  1666 by(simp add:rotate1_def)
```
```  1667
```
```  1668 lemma rotate0[simp]: "rotate 0 = id"
```
```  1669 by(simp add:rotate_def)
```
```  1670
```
```  1671 lemma rotate_Suc[simp]: "rotate (Suc n) xs = rotate1(rotate n xs)"
```
```  1672 by(simp add:rotate_def)
```
```  1673
```
```  1674 lemma rotate_add:
```
```  1675   "rotate (m+n) = rotate m o rotate n"
```
```  1676 by(simp add:rotate_def funpow_add)
```
```  1677
```
```  1678 lemma rotate_rotate: "rotate m (rotate n xs) = rotate (m+n) xs"
```
```  1679 by(simp add:rotate_add)
```
```  1680
```
```  1681 lemma rotate1_length01[simp]: "length xs <= 1 \<Longrightarrow> rotate1 xs = xs"
```
```  1682 by(cases xs) simp_all
```
```  1683
```
```  1684 lemma rotate_length01[simp]: "length xs <= 1 \<Longrightarrow> rotate n xs = xs"
```
```  1685 apply(induct n)
```
```  1686  apply simp
```
```  1687 apply (simp add:rotate_def)
```
```  1688 done
```
```  1689
```
```  1690 lemma rotate1_hd_tl: "xs \<noteq> [] \<Longrightarrow> rotate1 xs = tl xs @ [hd xs]"
```
```  1691 by(simp add:rotate1_def split:list.split)
```
```  1692
```
```  1693 lemma rotate_drop_take:
```
```  1694   "rotate n xs = drop (n mod length xs) xs @ take (n mod length xs) xs"
```
```  1695 apply(induct n)
```
```  1696  apply simp
```
```  1697 apply(simp add:rotate_def)
```
```  1698 apply(cases "xs = []")
```
```  1699  apply (simp)
```
```  1700 apply(case_tac "n mod length xs = 0")
```
```  1701  apply(simp add:mod_Suc)
```
```  1702  apply(simp add: rotate1_hd_tl drop_Suc take_Suc)
```
```  1703 apply(simp add:mod_Suc rotate1_hd_tl drop_Suc[symmetric] drop_tl[symmetric]
```
```  1704                 take_hd_drop linorder_not_le)
```
```  1705 done
```
```  1706
```
```  1707 lemma rotate_conv_mod: "rotate n xs = rotate (n mod length xs) xs"
```
```  1708 by(simp add:rotate_drop_take)
```
```  1709
```
```  1710 lemma rotate_id[simp]: "n mod length xs = 0 \<Longrightarrow> rotate n xs = xs"
```
```  1711 by(simp add:rotate_drop_take)
```
```  1712
```
```  1713 lemma length_rotate1[simp]: "length(rotate1 xs) = length xs"
```
```  1714 by(simp add:rotate1_def split:list.split)
```
```  1715
```
```  1716 lemma length_rotate[simp]: "!!xs. length(rotate n xs) = length xs"
```
```  1717 by (induct n) (simp_all add:rotate_def)
```
```  1718
```
```  1719 lemma distinct1_rotate[simp]: "distinct(rotate1 xs) = distinct xs"
```
```  1720 by(simp add:rotate1_def split:list.split) blast
```
```  1721
```
```  1722 lemma distinct_rotate[simp]: "distinct(rotate n xs) = distinct xs"
```
```  1723 by (induct n) (simp_all add:rotate_def)
```
```  1724
```
```  1725 lemma rotate_map: "rotate n (map f xs) = map f (rotate n xs)"
```
```  1726 by(simp add:rotate_drop_take take_map drop_map)
```
```  1727
```
```  1728 lemma set_rotate1[simp]: "set(rotate1 xs) = set xs"
```
```  1729 by(simp add:rotate1_def split:list.split)
```
```  1730
```
```  1731 lemma set_rotate[simp]: "set(rotate n xs) = set xs"
```
```  1732 by (induct n) (simp_all add:rotate_def)
```
```  1733
```
```  1734 lemma rotate1_is_Nil_conv[simp]: "(rotate1 xs = []) = (xs = [])"
```
```  1735 by(simp add:rotate1_def split:list.split)
```
```  1736
```
```  1737 lemma rotate_is_Nil_conv[simp]: "(rotate n xs = []) = (xs = [])"
```
```  1738 by (induct n) (simp_all add:rotate_def)
```
```  1739
```
```  1740 lemma rotate_rev:
```
```  1741   "rotate n (rev xs) = rev(rotate (length xs - (n mod length xs)) xs)"
```
```  1742 apply(simp add:rotate_drop_take rev_drop rev_take)
```
```  1743 apply(cases "length xs = 0")
```
```  1744  apply simp
```
```  1745 apply(cases "n mod length xs = 0")
```
```  1746  apply simp
```
```  1747 apply(simp add:rotate_drop_take rev_drop rev_take)
```
```  1748 done
```
```  1749
```
```  1750
```
```  1751 subsubsection {* @{text sublist} --- a generalization of @{text nth} to sets *}
```
```  1752
```
```  1753 lemma sublist_empty [simp]: "sublist xs {} = []"
```
```  1754 by (auto simp add: sublist_def)
```
```  1755
```
```  1756 lemma sublist_nil [simp]: "sublist [] A = []"
```
```  1757 by (auto simp add: sublist_def)
```
```  1758
```
```  1759 lemma length_sublist:
```
```  1760   "length(sublist xs I) = card{i. i < length xs \<and> i : I}"
```
```  1761 by(simp add: sublist_def length_filter_conv_card cong:conj_cong)
```
```  1762
```
```  1763 lemma sublist_shift_lemma_Suc:
```
```  1764   "!!is. map fst (filter (%p. P(Suc(snd p))) (zip xs is)) =
```
```  1765          map fst (filter (%p. P(snd p)) (zip xs (map Suc is)))"
```
```  1766 apply(induct xs)
```
```  1767  apply simp
```
```  1768 apply (case_tac "is")
```
```  1769  apply simp
```
```  1770 apply simp
```
```  1771 done
```
```  1772
```
```  1773 lemma sublist_shift_lemma:
```
```  1774      "map fst [p:zip xs [i..<i + length xs] . snd p : A] =
```
```  1775       map fst [p:zip xs [0..<length xs] . snd p + i : A]"
```
```  1776 by (induct xs rule: rev_induct) (simp_all add: add_commute)
```
```  1777
```
```  1778 lemma sublist_append:
```
```  1779      "sublist (l @ l') A = sublist l A @ sublist l' {j. j + length l : A}"
```
```  1780 apply (unfold sublist_def)
```
```  1781 apply (induct l' rule: rev_induct, simp)
```
```  1782 apply (simp add: upt_add_eq_append[of 0] zip_append sublist_shift_lemma)
```
```  1783 apply (simp add: add_commute)
```
```  1784 done
```
```  1785
```
```  1786 lemma sublist_Cons:
```
```  1787 "sublist (x # l) A = (if 0:A then [x] else []) @ sublist l {j. Suc j : A}"
```
```  1788 apply (induct l rule: rev_induct)
```
```  1789  apply (simp add: sublist_def)
```
```  1790 apply (simp del: append_Cons add: append_Cons[symmetric] sublist_append)
```
```  1791 done
```
```  1792
```
```  1793 lemma set_sublist: "!!I. set(sublist xs I) = {xs!i|i. i<size xs \<and> i \<in> I}"
```
```  1794 apply(induct xs)
```
```  1795  apply simp
```
```  1796 apply(auto simp add:sublist_Cons nth_Cons split:nat.split elim: lessE)
```
```  1797  apply(erule lessE)
```
```  1798   apply auto
```
```  1799 apply(erule lessE)
```
```  1800 apply auto
```
```  1801 done
```
```  1802
```
```  1803 lemma set_sublist_subset: "set(sublist xs I) \<subseteq> set xs"
```
```  1804 by(auto simp add:set_sublist)
```
```  1805
```
```  1806 lemma notin_set_sublistI[simp]: "x \<notin> set xs \<Longrightarrow> x \<notin> set(sublist xs I)"
```
```  1807 by(auto simp add:set_sublist)
```
```  1808
```
```  1809 lemma in_set_sublistD: "x \<in> set(sublist xs I) \<Longrightarrow> x \<in> set xs"
```
```  1810 by(auto simp add:set_sublist)
```
```  1811
```
```  1812 lemma sublist_singleton [simp]: "sublist [x] A = (if 0 : A then [x] else [])"
```
```  1813 by (simp add: sublist_Cons)
```
```  1814
```
```  1815
```
```  1816 lemma distinct_sublistI[simp]: "!!I. distinct xs \<Longrightarrow> distinct(sublist xs I)"
```
```  1817 apply(induct xs)
```
```  1818  apply simp
```
```  1819 apply(auto simp add:sublist_Cons)
```
```  1820 done
```
```  1821
```
```  1822
```
```  1823 lemma sublist_upt_eq_take [simp]: "sublist l {..<n} = take n l"
```
```  1824 apply (induct l rule: rev_induct, simp)
```
```  1825 apply (simp split: nat_diff_split add: sublist_append)
```
```  1826 done
```
```  1827
```
```  1828
```
```  1829 subsubsection{*Sets of Lists*}
```
```  1830
```
```  1831 subsubsection {* @{text lists}: the list-forming operator over sets *}
```
```  1832
```
```  1833 consts lists :: "'a set => 'a list set"
```
```  1834 inductive "lists A"
```
```  1835  intros
```
```  1836   Nil [intro!]: "[]: lists A"
```
```  1837   Cons [intro!]: "[| a: A;l: lists A|] ==> a#l : lists A"
```
```  1838
```
```  1839 inductive_cases listsE [elim!]: "x#l : lists A"
```
```  1840
```
```  1841 lemma lists_mono [mono]: "A \<subseteq> B ==> lists A \<subseteq> lists B"
```
```  1842 by (unfold lists.defs) (blast intro!: lfp_mono)
```
```  1843
```
```  1844 lemma lists_IntI:
```
```  1845   assumes l: "l: lists A" shows "l: lists B ==> l: lists (A Int B)" using l
```
```  1846   by induct blast+
```
```  1847
```
```  1848 lemma lists_Int_eq [simp]: "lists (A \<inter> B) = lists A \<inter> lists B"
```
```  1849 proof (rule mono_Int [THEN equalityI])
```
```  1850   show "mono lists" by (simp add: mono_def lists_mono)
```
```  1851   show "lists A \<inter> lists B \<subseteq> lists (A \<inter> B)" by (blast intro: lists_IntI)
```
```  1852 qed
```
```  1853
```
```  1854 lemma append_in_lists_conv [iff]:
```
```  1855      "(xs @ ys : lists A) = (xs : lists A \<and> ys : lists A)"
```
```  1856 by (induct xs) auto
```
```  1857
```
```  1858 lemma in_lists_conv_set: "(xs : lists A) = (\<forall>x \<in> set xs. x : A)"
```
```  1859 -- {* eliminate @{text lists} in favour of @{text set} *}
```
```  1860 by (induct xs) auto
```
```  1861
```
```  1862 lemma in_listsD [dest!]: "xs \<in> lists A ==> \<forall>x\<in>set xs. x \<in> A"
```
```  1863 by (rule in_lists_conv_set [THEN iffD1])
```
```  1864
```
```  1865 lemma in_listsI [intro!]: "\<forall>x\<in>set xs. x \<in> A ==> xs \<in> lists A"
```
```  1866 by (rule in_lists_conv_set [THEN iffD2])
```
```  1867
```
```  1868 lemma lists_UNIV [simp]: "lists UNIV = UNIV"
```
```  1869 by auto
```
```  1870
```
```  1871 subsubsection{*Lists as Cartesian products*}
```
```  1872
```
```  1873 text{*@{text"set_Cons A Xs"}: the set of lists with head drawn from
```
```  1874 @{term A} and tail drawn from @{term Xs}.*}
```
```  1875
```
```  1876 constdefs
```
```  1877   set_Cons :: "'a set \<Rightarrow> 'a list set \<Rightarrow> 'a list set"
```
```  1878   "set_Cons A XS == {z. \<exists>x xs. z = x#xs & x \<in> A & xs \<in> XS}"
```
```  1879
```
```  1880 lemma [simp]: "set_Cons A {[]} = (%x. [x])`A"
```
```  1881 by (auto simp add: set_Cons_def)
```
```  1882
```
```  1883 text{*Yields the set of lists, all of the same length as the argument and
```
```  1884 with elements drawn from the corresponding element of the argument.*}
```
```  1885
```
```  1886 consts  listset :: "'a set list \<Rightarrow> 'a list set"
```
```  1887 primrec
```
```  1888    "listset []    = {[]}"
```
```  1889    "listset(A#As) = set_Cons A (listset As)"
```
```  1890
```
```  1891
```
```  1892 subsection{*Relations on lists*}
```
```  1893
```
```  1894 subsubsection {* Lexicographic orderings on lists *}
```
```  1895
```
```  1896 consts
```
```  1897 lexn :: "('a * 'a)set => nat => ('a list * 'a list)set"
```
```  1898 primrec
```
```  1899 "lexn r 0 = {}"
```
```  1900 "lexn r (Suc n) =
```
```  1901 (prod_fun (%(x,xs). x#xs) (%(x,xs). x#xs) ` (r <*lex*> lexn r n)) Int
```
```  1902 {(xs,ys). length xs = Suc n \<and> length ys = Suc n}"
```
```  1903
```
```  1904 constdefs
```
```  1905 lex :: "('a \<times> 'a) set => ('a list \<times> 'a list) set"
```
```  1906 "lex r == \<Union>n. lexn r n"
```
```  1907
```
```  1908 lexico :: "('a \<times> 'a) set => ('a list \<times> 'a list) set"
```
```  1909 "lexico r == inv_image (less_than <*lex*> lex r) (%xs. (length xs, xs))"
```
```  1910
```
```  1911
```
```  1912 lemma wf_lexn: "wf r ==> wf (lexn r n)"
```
```  1913 apply (induct n, simp, simp)
```
```  1914 apply(rule wf_subset)
```
```  1915  prefer 2 apply (rule Int_lower1)
```
```  1916 apply(rule wf_prod_fun_image)
```
```  1917  prefer 2 apply (rule inj_onI, auto)
```
```  1918 done
```
```  1919
```
```  1920 lemma lexn_length:
```
```  1921      "!!xs ys. (xs, ys) : lexn r n ==> length xs = n \<and> length ys = n"
```
```  1922 by (induct n) auto
```
```  1923
```
```  1924 lemma wf_lex [intro!]: "wf r ==> wf (lex r)"
```
```  1925 apply (unfold lex_def)
```
```  1926 apply (rule wf_UN)
```
```  1927 apply (blast intro: wf_lexn, clarify)
```
```  1928 apply (rename_tac m n)
```
```  1929 apply (subgoal_tac "m \<noteq> n")
```
```  1930  prefer 2 apply blast
```
```  1931 apply (blast dest: lexn_length not_sym)
```
```  1932 done
```
```  1933
```
```  1934 lemma lexn_conv:
```
```  1935 "lexn r n =
```
```  1936 {(xs,ys). length xs = n \<and> length ys = n \<and>
```
```  1937 (\<exists>xys x y xs' ys'. xs= xys @ x#xs' \<and> ys= xys @ y # ys' \<and> (x, y):r)}"
```
```  1938 apply (induct n, simp, blast)
```
```  1939 apply (simp add: image_Collect lex_prod_def, safe, blast)
```
```  1940  apply (rule_tac x = "ab # xys" in exI, simp)
```
```  1941 apply (case_tac xys, simp_all, blast)
```
```  1942 done
```
```  1943
```
```  1944 lemma lex_conv:
```
```  1945 "lex r =
```
```  1946 {(xs,ys). length xs = length ys \<and>
```
```  1947 (\<exists>xys x y xs' ys'. xs = xys @ x # xs' \<and> ys = xys @ y # ys' \<and> (x, y):r)}"
```
```  1948 by (force simp add: lex_def lexn_conv)
```
```  1949
```
```  1950 lemma wf_lexico [intro!]: "wf r ==> wf (lexico r)"
```
```  1951 by (unfold lexico_def) blast
```
```  1952
```
```  1953 lemma lexico_conv:
```
```  1954 "lexico r = {(xs,ys). length xs < length ys |
```
```  1955 length xs = length ys \<and> (xs, ys) : lex r}"
```
```  1956 by (simp add: lexico_def diag_def lex_prod_def measure_def inv_image_def)
```
```  1957
```
```  1958 lemma Nil_notin_lex [iff]: "([], ys) \<notin> lex r"
```
```  1959 by (simp add: lex_conv)
```
```  1960
```
```  1961 lemma Nil2_notin_lex [iff]: "(xs, []) \<notin> lex r"
```
```  1962 by (simp add:lex_conv)
```
```  1963
```
```  1964 lemma Cons_in_lex [iff]:
```
```  1965 "((x # xs, y # ys) : lex r) =
```
```  1966 ((x, y) : r \<and> length xs = length ys | x = y \<and> (xs, ys) : lex r)"
```
```  1967 apply (simp add: lex_conv)
```
```  1968 apply (rule iffI)
```
```  1969  prefer 2 apply (blast intro: Cons_eq_appendI, clarify)
```
```  1970 apply (case_tac xys, simp, simp)
```
```  1971 apply blast
```
```  1972 done
```
```  1973
```
```  1974
```
```  1975 subsubsection{*Lifting a Relation on List Elements to the Lists*}
```
```  1976
```
```  1977 consts  listrel :: "('a * 'a)set => ('a list * 'a list)set"
```
```  1978
```
```  1979 inductive "listrel(r)"
```
```  1980  intros
```
```  1981    Nil:  "([],[]) \<in> listrel r"
```
```  1982    Cons: "[| (x,y) \<in> r; (xs,ys) \<in> listrel r |] ==> (x#xs, y#ys) \<in> listrel r"
```
```  1983
```
```  1984 inductive_cases listrel_Nil1 [elim!]: "([],xs) \<in> listrel r"
```
```  1985 inductive_cases listrel_Nil2 [elim!]: "(xs,[]) \<in> listrel r"
```
```  1986 inductive_cases listrel_Cons1 [elim!]: "(y#ys,xs) \<in> listrel r"
```
```  1987 inductive_cases listrel_Cons2 [elim!]: "(xs,y#ys) \<in> listrel r"
```
```  1988
```
```  1989
```
```  1990 lemma listrel_mono: "r \<subseteq> s \<Longrightarrow> listrel r \<subseteq> listrel s"
```
```  1991 apply clarify
```
```  1992 apply (erule listrel.induct)
```
```  1993 apply (blast intro: listrel.intros)+
```
```  1994 done
```
```  1995
```
```  1996 lemma listrel_subset: "r \<subseteq> A \<times> A \<Longrightarrow> listrel r \<subseteq> lists A \<times> lists A"
```
```  1997 apply clarify
```
```  1998 apply (erule listrel.induct, auto)
```
```  1999 done
```
```  2000
```
```  2001 lemma listrel_refl: "refl A r \<Longrightarrow> refl (lists A) (listrel r)"
```
```  2002 apply (simp add: refl_def listrel_subset Ball_def)
```
```  2003 apply (rule allI)
```
```  2004 apply (induct_tac x)
```
```  2005 apply (auto intro: listrel.intros)
```
```  2006 done
```
```  2007
```
```  2008 lemma listrel_sym: "sym r \<Longrightarrow> sym (listrel r)"
```
```  2009 apply (auto simp add: sym_def)
```
```  2010 apply (erule listrel.induct)
```
```  2011 apply (blast intro: listrel.intros)+
```
```  2012 done
```
```  2013
```
```  2014 lemma listrel_trans: "trans r \<Longrightarrow> trans (listrel r)"
```
```  2015 apply (simp add: trans_def)
```
```  2016 apply (intro allI)
```
```  2017 apply (rule impI)
```
```  2018 apply (erule listrel.induct)
```
```  2019 apply (blast intro: listrel.intros)+
```
```  2020 done
```
```  2021
```
```  2022 theorem equiv_listrel: "equiv A r \<Longrightarrow> equiv (lists A) (listrel r)"
```
```  2023 by (simp add: equiv_def listrel_refl listrel_sym listrel_trans)
```
```  2024
```
```  2025 lemma listrel_Nil [simp]: "listrel r `` {[]} = {[]}"
```
```  2026 by (blast intro: listrel.intros)
```
```  2027
```
```  2028 lemma listrel_Cons:
```
```  2029      "listrel r `` {x#xs} = set_Cons (r``{x}) (listrel r `` {xs})";
```
```  2030 by (auto simp add: set_Cons_def intro: listrel.intros)
```
```  2031
```
```  2032
```
```  2033 subsection{*Miscellany*}
```
```  2034
```
```  2035 subsubsection {* Characters and strings *}
```
```  2036
```
```  2037 datatype nibble =
```
```  2038     Nibble0 | Nibble1 | Nibble2 | Nibble3 | Nibble4 | Nibble5 | Nibble6 | Nibble7
```
```  2039   | Nibble8 | Nibble9 | NibbleA | NibbleB | NibbleC | NibbleD | NibbleE | NibbleF
```
```  2040
```
```  2041 datatype char = Char nibble nibble
```
```  2042   -- "Note: canonical order of character encoding coincides with standard term ordering"
```
```  2043
```
```  2044 types string = "char list"
```
```  2045
```
```  2046 syntax
```
```  2047   "_Char" :: "xstr => char"    ("CHR _")
```
```  2048   "_String" :: "xstr => string"    ("_")
```
```  2049
```
```  2050 parse_ast_translation {*
```
```  2051   let
```
```  2052     val constants = Syntax.Appl o map Syntax.Constant;
```
```  2053
```
```  2054     fun mk_nib n = "Nibble" ^ chr (n + (if n <= 9 then ord "0" else ord "A" - 10));
```
```  2055     fun mk_char c =
```
```  2056       if Symbol.is_ascii c andalso Symbol.is_printable c then
```
```  2057         constants ["Char", mk_nib (ord c div 16), mk_nib (ord c mod 16)]
```
```  2058       else error ("Printable ASCII character expected: " ^ quote c);
```
```  2059
```
```  2060     fun mk_string [] = Syntax.Constant "Nil"
```
```  2061       | mk_string (c :: cs) = Syntax.Appl [Syntax.Constant "Cons", mk_char c, mk_string cs];
```
```  2062
```
```  2063     fun char_ast_tr [Syntax.Variable xstr] =
```
```  2064         (case Syntax.explode_xstr xstr of
```
```  2065           [c] => mk_char c
```
```  2066         | _ => error ("Single character expected: " ^ xstr))
```
```  2067       | char_ast_tr asts = raise AST ("char_ast_tr", asts);
```
```  2068
```
```  2069     fun string_ast_tr [Syntax.Variable xstr] =
```
```  2070         (case Syntax.explode_xstr xstr of
```
```  2071           [] => constants [Syntax.constrainC, "Nil", "string"]
```
```  2072         | cs => mk_string cs)
```
```  2073       | string_ast_tr asts = raise AST ("string_tr", asts);
```
```  2074   in [("_Char", char_ast_tr), ("_String", string_ast_tr)] end;
```
```  2075 *}
```
```  2076
```
```  2077 ML {*
```
```  2078 fun int_of_nibble h =
```
```  2079   if "0" <= h andalso h <= "9" then ord h - ord "0"
```
```  2080   else if "A" <= h andalso h <= "F" then ord h - ord "A" + 10
```
```  2081   else raise Match;
```
```  2082
```
```  2083 fun nibble_of_int i =
```
```  2084   if i <= 9 then chr (ord "0" + i) else chr (ord "A" + i - 10);
```
```  2085 *}
```
```  2086
```
```  2087 print_ast_translation {*
```
```  2088   let
```
```  2089     fun dest_nib (Syntax.Constant c) =
```
```  2090         (case explode c of
```
```  2091           ["N", "i", "b", "b", "l", "e", h] => int_of_nibble h
```
```  2092         | _ => raise Match)
```
```  2093       | dest_nib _ = raise Match;
```
```  2094
```
```  2095     fun dest_chr c1 c2 =
```
```  2096       let val c = chr (dest_nib c1 * 16 + dest_nib c2)
```
```  2097       in if Symbol.is_printable c then c else raise Match end;
```
```  2098
```
```  2099     fun dest_char (Syntax.Appl [Syntax.Constant "Char", c1, c2]) = dest_chr c1 c2
```
```  2100       | dest_char _ = raise Match;
```
```  2101
```
```  2102     fun xstr cs = Syntax.Appl [Syntax.Constant "_xstr", Syntax.Variable (Syntax.implode_xstr cs)];
```
```  2103
```
```  2104     fun char_ast_tr' [c1, c2] = Syntax.Appl [Syntax.Constant "_Char", xstr [dest_chr c1 c2]]
```
```  2105       | char_ast_tr' _ = raise Match;
```
```  2106
```
```  2107     fun list_ast_tr' [args] = Syntax.Appl [Syntax.Constant "_String",
```
```  2108             xstr (map dest_char (Syntax.unfold_ast "_args" args))]
```
```  2109       | list_ast_tr' ts = raise Match;
```
```  2110   in [("Char", char_ast_tr'), ("@list", list_ast_tr')] end;
```
```  2111 *}
```
```  2112
```
```  2113 subsubsection {* Code generator setup *}
```
```  2114
```
```  2115 ML {*
```
```  2116 local
```
```  2117
```
```  2118 fun list_codegen thy gr dep b t =
```
```  2119   let val (gr', ps) = foldl_map (Codegen.invoke_codegen thy dep false)
```
```  2120     (gr, HOLogic.dest_list t)
```
```  2121   in SOME (gr', Pretty.list "[" "]" ps) end handle TERM _ => NONE;
```
```  2122
```
```  2123 fun dest_nibble (Const (s, _)) = int_of_nibble (unprefix "List.nibble.Nibble" s)
```
```  2124   | dest_nibble _ = raise Match;
```
```  2125
```
```  2126 fun char_codegen thy gr dep b (Const ("List.char.Char", _) \$ c1 \$ c2) =
```
```  2127     (let val c = chr (dest_nibble c1 * 16 + dest_nibble c2)
```
```  2128      in if Symbol.is_printable c then SOME (gr, Pretty.quote (Pretty.str c))
```
```  2129        else NONE
```
```  2130      end handle Fail _ => NONE | Match => NONE)
```
```  2131   | char_codegen thy gr dep b _ = NONE;
```
```  2132
```
```  2133 in
```
```  2134
```
```  2135 val list_codegen_setup =
```
```  2136   [Codegen.add_codegen "list_codegen" list_codegen,
```
```  2137    Codegen.add_codegen "char_codegen" char_codegen];
```
```  2138
```
```  2139 end;
```
```  2140
```
```  2141 val term_of_list = HOLogic.mk_list;
```
```  2142
```
```  2143 fun gen_list' aG i j = frequency
```
```  2144   [(i, fn () => aG j :: gen_list' aG (i-1) j), (1, fn () => [])] ()
```
```  2145 and gen_list aG i = gen_list' aG i i;
```
```  2146
```
```  2147 val nibbleT = Type ("List.nibble", []);
```
```  2148
```
```  2149 fun term_of_char c =
```
```  2150   Const ("List.char.Char", nibbleT --> nibbleT --> Type ("List.char", [])) \$
```
```  2151     Const ("List.nibble.Nibble" ^ nibble_of_int (ord c div 16), nibbleT) \$
```
```  2152     Const ("List.nibble.Nibble" ^ nibble_of_int (ord c mod 16), nibbleT);
```
```  2153
```
```  2154 fun gen_char i = chr (random_range (ord "a") (Int.min (ord "a" + i, ord "z")));
```
```  2155 *}
```
```  2156
```
```  2157 types_code
```
```  2158   "list" ("_ list")
```
```  2159   "char" ("string")
```
```  2160
```
```  2161 consts_code "Cons" ("(_ ::/ _)")
```
```  2162
```
```  2163 setup list_codegen_setup
```
```  2164
```
```  2165 end
```