nominal2: comparison Nominal/FSet.thy

equal deleted inserted replaced

-:c9deccd12476
+:a8f5611dbd65
 rsp_fold
 where
 "rsp_fold f \<equiv> \<forall>u v w. (f u (f v w) = f v (f u w))"
 primrec
-ffold_raw :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'b \<Rightarrow> 'a list \<Rightarrow> 'b"
+ffold_list :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'b \<Rightarrow> 'a list \<Rightarrow> 'b"
 where
-"ffold_raw f z [] = z"
+"ffold_list f z [] = z"
-| "ffold_raw f z (a # xs) =
+| "ffold_list f z (a # xs) =
 (if (rsp_fold f) then
-if a \<in> set xs then ffold_raw f z xs
+if a \<in> set xs then ffold_list f z xs
-else f a (ffold_raw f z xs)
+else f a (ffold_list f z xs)
 else z)"
 section {* Quotient composition lemmas *}
 lemma filter_rsp [quot_respect]:
 shows "(op = ===> op \<approx> ===> op \<approx>) filter filter"
 by simp
-lemma memb_commute_ffold_raw:
+lemma memb_commute_ffold_list:
-"rsp_fold f \<Longrightarrow> h \<in> set b \<Longrightarrow> ffold_raw f z b = f h (ffold_raw f z (removeAll h b))"
+"rsp_fold f \<Longrightarrow> h \<in> set b \<Longrightarrow> ffold_list f z b = f h (ffold_list f z (removeAll h b))"
 apply (induct b)
 apply (auto simp add: rsp_fold_def)
 done
-lemma ffold_raw_rsp_pre:
+lemma ffold_list_rsp_pre:
-"set a = set b \<Longrightarrow> ffold_raw f z a = ffold_raw f z b"
+"set a = set b \<Longrightarrow> ffold_list f z a = ffold_list f z b"
 apply (induct a arbitrary: b)
 apply (simp)
 apply (simp (no_asm_use))
 apply (rule conjI)
 apply (rule_tac [!] impI)
 apply (rule_tac [!] conjI)
 apply (rule_tac [!] impI)
 apply (metis insert_absorb)
-apply (metis List.insert_def List.set.simps(2) List.set_insert ffold_raw.simps(2))
+apply (metis List.insert_def List.set.simps(2) List.set_insert ffold_list.simps(2))
-apply (metis Diff_insert_absorb insertI1 memb_commute_ffold_raw set_removeAll)
+apply (metis Diff_insert_absorb insertI1 memb_commute_ffold_list set_removeAll)
 apply(drule_tac x="removeAll a1 b" in meta_spec)
 apply(auto)
 apply(drule meta_mp)
 apply(blast)
-by (metis List.set.simps(2) emptyE ffold_raw.simps(2) in_listsp_conv_set listsp.simps mem_def)
+by (metis List.set.simps(2) emptyE ffold_list.simps(2) in_listsp_conv_set listsp.simps mem_def)
-lemma ffold_raw_rsp [quot_respect]:
+lemma ffold_list_rsp [quot_respect]:
-shows "(op = ===> op = ===> op \<approx> ===> op =) ffold_raw ffold_raw"
+shows "(op = ===> op = ===> op \<approx> ===> op =) ffold_list ffold_list"
 unfolding fun_rel_def
-by(auto intro: ffold_raw_rsp_pre)
+by(auto intro: ffold_list_rsp_pre)
 lemma concat_rsp_pre:
 assumes a: "list_all2 op \<approx> x x'"
 and     b: "x' \<approx> y'"
 and     c: "list_all2 op \<approx> y' y"
 show "\<exists>xa\<in>set a. x \<in> set xa" by (rule concat_rsp_pre[OF c' b' a' e])
 qed
 qed
 then show "concat a \<approx> concat b" by auto
 qed
+section {* Quotient definitions for fsets *}
 subsection {* Finite sets are a bounded, distributive lattice with minus *}
 instantiation fset :: (type) "{bounded_lattice_bot, distrib_lattice, minus}"
 by (descending) (auto simp add: inter_list_def sub_list_def memb_def)
 qed
 end
-section {* Quotient definitions for fsets *}
 quotient_definition
 "finsert :: 'a \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
 is "Cons"
 syntax
 "fset :: 'a fset \<Rightarrow> 'a set"
 is "set"
 quotient_definition
 "ffold :: ('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'b \<Rightarrow> 'a fset \<Rightarrow> 'b"
-is ffold_raw
+is ffold_list
 quotient_definition
 "fconcat :: ('a fset) fset \<Rightarrow> 'a fset"
 is concat
 quotient_definition
 "ffilter :: ('a \<Rightarrow> bool) \<Rightarrow> 'a fset \<Rightarrow> 'a fset"
 is filter
-subsection {* Compositional Respectfulness and Preservation *}
+section {* Compositional respectfulness and preservation lemmas *}
-lemma [quot_respect]: "(list_all2 op \<approx> OOO op \<approx>) [] []"
+lemma Nil_rsp2 [quot_respect]:
+shows "(list_all2 op \<approx> OOO op \<approx>) Nil Nil"
 by (fact compose_list_refl)
-lemma  [quot_preserve]: "(abs_fset \<circ> map f) [] = abs_fset []"
+lemma Cons_rsp2 [quot_respect]:
-by simp
-lemma [quot_respect]:
 shows "(op \<approx> ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) Cons Cons"
 apply auto
 apply (rule_tac b="x # b" in pred_compI)
 apply auto
 apply (rule_tac b="x # ba" in pred_compI)
 apply auto
 done
-lemma [quot_preserve]:
+lemma map_prs [quot_preserve]:
+shows "(abs_fset \<circ> map f) [] = abs_fset []"
+by simp
+lemma finsert_rsp [quot_preserve]:
 "(rep_fset ---> (map rep_fset \<circ> rep_fset) ---> (abs_fset \<circ> map abs_fset)) op # = finsert"
 by (simp add: fun_eq_iff Quotient_abs_rep[OF Quotient_fset]
 abs_o_rep[OF Quotient_fset] map_id finsert_def)
-lemma [quot_preserve]:
+lemma funion_rsp [quot_preserve]:
 "((map rep_fset \<circ> rep_fset) ---> (map rep_fset \<circ> rep_fset) ---> (abs_fset \<circ> map abs_fset)) op @ = funion"
 by (simp add: fun_eq_iff Quotient_abs_rep[OF Quotient_fset]
 abs_o_rep[OF Quotient_fset] map_id sup_fset_def)
 lemma list_all2_app_l:
 apply (rule append_rsp2_pre1)
 apply simp
 done
 lemma [quot_respect]:
-"(list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) op @ op @"
+"(list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx> ===> list_all2 op \<approx> OOO op \<approx>) append append"
 proof (intro fun_relI, elim pred_compE)
 fix x y z w x' z' y' w' :: "'a list list"
 assume a:"list_all2 op \<approx> x x'"
 and b:    "x' \<approx> y'"
 and c:    "list_all2 op \<approx> y' y"
 by (rule pred_compI) (rule a', rule d')
 qed
-section {* Cases *}
+section {* Lifted theorems *}
+subsection {* fin *}
+lemma not_fin_fnil:
+shows "x |\<notin>| {||}"
+by (descending) (simp add: memb_def)
+lemma fin_set:
+shows "x |\<in>| S \<longleftrightarrow> x \<in> fset S"
+by (descending) (simp add: memb_def)
+lemma fnotin_set:
+shows "x |\<notin>| S \<longleftrightarrow> x \<notin> fset S"
+by (descending) (simp add: memb_def)
+lemma fset_eq_iff:
+shows "S = T \<longleftrightarrow> (\<forall>x. (x |\<in>| S) = (x |\<in>| T))"
+by (descending) (auto simp add: memb_def)
+lemma none_fin_fempty:
+shows "(\<forall>x. x |\<notin>| S) \<longleftrightarrow> S = {||}"
+by (descending) (simp add: memb_def)
+subsection {* finsert *}
+lemma fin_finsert_iff[simp]:
+shows "x |\<in>| finsert y S \<longleftrightarrow> x = y \<or> x |\<in>| S"
+by (descending) (simp add: memb_def)
+lemma
+shows finsertI1: "x |\<in>| finsert x S"
+and   finsertI2: "x |\<in>| S \<Longrightarrow> x |\<in>| finsert y S"
+by (descending, simp add: memb_def)+
+lemma finsert_absorb[simp]:
+shows "x |\<in>| S \<Longrightarrow> finsert x S = S"
+by (descending) (auto simp add: memb_def)
+lemma fempty_not_finsert[simp]:
+shows "{||} \<noteq> finsert x S"
+and   "finsert x S \<noteq> {||}"
+by (descending, simp)+
+lemma finsert_left_comm:
+shows "finsert x (finsert y S) = finsert y (finsert x S)"
+by (descending) (auto)
+lemma finsert_left_idem:
+shows "finsert x (finsert x S) = finsert x S"
+by (descending) (auto)
+lemma fsingleton_eq[simp]:
+shows "{|x|} = {|y|} \<longleftrightarrow> x = y"
+by (descending) (auto)
+(* FIXME: is this in any case a useful lemma *)
+lemma fin_mdef:
+shows "x |\<in>| F \<longleftrightarrow> x |\<notin>| (F - {|x|}) \<and> F = finsert x (F - {|x|})"
+by (descending) (auto simp add: memb_def diff_list_def)
+subsection {* fset *}
+lemma fset_simps[simp]:
+"fset {||} = ({} :: 'a set)"
+"fset (finsert (x :: 'a) S) = insert x (fset S)"
+by (lifting set.simps)
+lemma finite_fset [simp]:
+shows "finite (fset S)"
+by (descending) (simp)
+lemma fset_cong:
+shows "fset S = fset T \<longleftrightarrow> S = T"
+by (descending) (simp)
+lemma ffilter_set [simp]:
+shows "fset (ffilter P xs) = P \<inter> fset xs"
+by (descending) (auto simp add: mem_def)
+lemma fdelete_set [simp]:
+shows "fset (fdelete x xs) = fset xs - {x}"
+by (descending) (simp)
+lemma finter_set [simp]:
+shows "fset (xs |\<inter>| ys) = fset xs \<inter> fset ys"
+by (descending) (auto simp add: inter_list_def)
+lemma funion_set [simp]:
+shows "fset (xs |\<union>| ys) = fset xs \<union> fset ys"
+by (lifting set_append)
+lemma fminus_set [simp]:
+shows "fset (xs - ys) = fset xs - fset ys"
+by (descending) (auto simp add: diff_list_def)
+subsection {* funion *}
+lemmas [simp] =
+sup_bot_left[where 'a="'a fset", standard]
+sup_bot_right[where 'a="'a fset", standard]
+lemma funion_finsert[simp]:
+shows "finsert x S |\<union>| T = finsert x (S |\<union>| T)"
+by (lifting append.simps(2))
+lemma singleton_funion_left:
+shows "{|a|} |\<union>| S = finsert a S"
+by simp
+lemma singleton_funion_right:
+shows "S |\<union>| {|a|} = finsert a S"
+by (subst sup.commute) simp
+lemma fin_funion:
+shows "x |\<in>| S |\<union>| T \<longleftrightarrow> x |\<in>| S \<or> x |\<in>| T"
+by (descending) (simp add: memb_def)
+subsection {* fminus *}
+lemma fminus_fin:
+shows "x |\<in>| (xs - ys) \<longleftrightarrow> x |\<in>| xs \<and> x |\<notin>| ys"
+by (descending) (simp add: diff_list_def memb_def)
+lemma fminus_red:
+shows "finsert x xs - ys = (if x |\<in>| ys then xs - ys else finsert x (xs - ys))"
+by (descending) (auto simp add: diff_list_def memb_def)
+lemma fminus_red_fin[simp]:
+shows "x |\<in>| ys \<Longrightarrow> finsert x xs - ys = xs - ys"
+by (simp add: fminus_red)
+lemma fminus_red_fnotin[simp]:
+shows "x |\<notin>| ys \<Longrightarrow> finsert x xs - ys = finsert x (xs - ys)"
+by (simp add: fminus_red)
+lemma fin_fminus_fnotin:
+shows "x |\<in>| F - S \<Longrightarrow> x |\<notin>| S"
+unfolding fin_set fminus_set
+by blast
+lemma fin_fnotin_fminus:
+shows "x |\<in>| S \<Longrightarrow> x |\<notin>| F - S"
+unfolding fin_set fminus_set
+by blast
+section {* fdelete *}
+lemma fin_fdelete:
+shows "x |\<in>| fdelete y S \<longleftrightarrow> x |\<in>| S \<and> x \<noteq> y"
+by (descending) (simp add: memb_def)
+lemma fnotin_fdelete:
+shows "x |\<notin>| fdelete x S"
+by (descending) (simp add: memb_def)
+lemma fnotin_fdelete_ident:
+shows "x |\<notin>| S \<Longrightarrow> fdelete x S = S"
+by (descending) (simp add: memb_def)
+lemma fset_fdelete_cases:
+shows "S = {||} \<or> (\<exists>x. x |\<in>| S \<and> S = finsert x (fdelete x S))"
+by (descending) (auto simp add: memb_def insert_absorb)
+section {* finter *}
+lemma finter_empty_l:
+shows "{||} |\<inter>| S = {||}"
+by simp
+lemma finter_empty_r:
+shows "S |\<inter>| {||} = {||}"
+by simp
+lemma finter_finsert:
+shows "finsert x S |\<inter>| T = (if x |\<in>| T then finsert x (S |\<inter>| T) else S |\<inter>| T)"
+by (descending) (auto simp add: inter_list_def memb_def)
+lemma fin_finter:
+shows "x |\<in>| (S |\<inter>| T) \<longleftrightarrow> x |\<in>| S \<and> x |\<in>| T"
+by (descending) (simp add: inter_list_def memb_def)
+subsection {* fsubset *}
+lemma fsubseteq_set:
+shows "xs |\<subseteq>| ys \<longleftrightarrow> fset xs \<subseteq> fset ys"
+by (descending) (simp add: sub_list_def)
+lemma fsubset_set:
+shows "xs |\<subset>| ys \<longleftrightarrow> fset xs \<subset> fset ys"
+unfolding less_fset_def
+by (descending) (auto simp add: sub_list_def)
+lemma fsubseteq_finsert:
+shows "(finsert x xs) |\<subseteq>| ys \<longleftrightarrow> x |\<in>| ys \<and> xs |\<subseteq>| ys"
+by (descending) (simp add: sub_list_def memb_def)
+lemma fsubset_fin:
+shows "xs |\<subseteq>| ys = (\<forall>x. x |\<in>| xs \<longrightarrow> x |\<in>| ys)"
+by (descending) (auto simp add: sub_list_def memb_def)
+lemma fsubseteq_fempty:
+shows "xs |\<subseteq>| {||} \<longleftrightarrow> xs = {||}"
+by (descending) (simp add: sub_list_def)
+lemma not_fsubset_fnil:
+shows "\<not> xs |\<subset>| {||}"
+by (metis fset_simps(1) fsubset_set not_psubset_empty)
+section {* fmap *}
+lemma fmap_simps [simp]:
+shows "fmap f {||} = {||}"
+and   "fmap f (finsert x S) = finsert (f x) (fmap f S)"
+by (descending, simp)+
+lemma fmap_set_image [simp]:
+shows "fset (fmap f S) = f ` (fset S)"
+by (descending) (simp)
+lemma inj_fmap_eq_iff:
+shows "inj f \<Longrightarrow> fmap f S = fmap f T \<longleftrightarrow> S = T"
+by (descending) (metis inj_vimage_image_eq list_eq.simps set_map)
+lemma fmap_funion:
+shows "fmap f (S |\<union>| T) = fmap f S |\<union>| fmap f T"
+by (descending) (simp)
+subsection {* fcard *}
+lemma fcard_set:
+shows "fcard xs = card (fset xs)"
+by (lifting card_list_def)
+lemma fcard_finsert_if [simp]:
+shows "fcard (finsert x S) = (if x |\<in>| S then fcard S else Suc (fcard S))"
+by (descending) (auto simp add: card_list_def memb_def insert_absorb)
+lemma fcard_0[simp]:
+shows "fcard S = 0 \<longleftrightarrow> S = {||}"
+by (descending) (simp add: card_list_def)
+lemma fcard_fempty[simp]:
+shows "fcard {||} = 0"
+by (simp add: fcard_0)
+lemma fcard_1:
+shows "fcard S = 1 \<longleftrightarrow> (\<exists>x. S = {|x|})"
+by (descending) (auto simp add: card_list_def card_Suc_eq)
+lemma fcard_gt_0:
+shows "x \<in> fset S \<Longrightarrow> 0 < fcard S"
+by (descending) (auto simp add: card_list_def card_gt_0_iff)
+lemma fcard_not_fin:
+shows "(x |\<notin>| S) = (fcard (finsert x S) = Suc (fcard S))"
+by (descending) (auto simp add: memb_def card_list_def insert_absorb)
+lemma fcard_suc:
+shows "fcard S = Suc n \<Longrightarrow> \<exists>x T. x |\<notin>| T \<and> S = finsert x T \<and> fcard T = n"
+apply(descending)
+apply(auto simp add: card_list_def memb_def)
+apply(drule card_eq_SucD)
+apply(auto)
+apply(rule_tac x="b" in exI)
+apply(rule_tac x="removeAll b S" in exI)
+apply(auto)
+done
+lemma fcard_delete:
+shows "fcard (fdelete y S) = (if y |\<in>| S then fcard S - 1 else fcard S)"
+by (descending) (simp add: card_list_def memb_def)
+lemma fcard_suc_memb:
+shows "fcard A = Suc n \<Longrightarrow> \<exists>a. a |\<in>| A"
+apply(descending)
+apply(simp add: card_list_def memb_def)
+apply(drule card_eq_SucD)
+apply(auto)
+done
+lemma fin_fcard_not_0:
+shows "a |\<in>| A \<Longrightarrow> fcard A \<noteq> 0"
+by (descending) (auto simp add: card_list_def memb_def)
+lemma fcard_mono:
+shows "xs |\<subseteq>| ys \<Longrightarrow> fcard xs \<le> fcard ys"
+unfolding fcard_set fsubseteq_set
+by (simp add: card_mono[OF finite_fset])
+lemma fcard_fsubset_eq:
+shows "xs |\<subseteq>| ys \<Longrightarrow> fcard ys \<le> fcard xs \<Longrightarrow> xs = ys"
+unfolding fcard_set fsubseteq_set
+by (auto dest: card_seteq[OF finite_fset] simp add: fset_cong)
+lemma psubset_fcard_mono:
+shows "xs |\<subset>| ys \<Longrightarrow> fcard xs < fcard ys"
+unfolding fcard_set fsubset_set
+by (rule psubset_card_mono[OF finite_fset])
+lemma fcard_funion_finter:
+shows "fcard xs + fcard ys = fcard (xs |\<union>| ys) + fcard (xs |\<inter>| ys)"
+unfolding fcard_set funion_set finter_set
+by (rule card_Un_Int[OF finite_fset finite_fset])
+lemma fcard_funion_disjoint:
+shows "xs |\<inter>| ys = {||} \<Longrightarrow> fcard (xs |\<union>| ys) = fcard xs + fcard ys"
+unfolding fcard_set funion_set
+apply (rule card_Un_disjoint[OF finite_fset finite_fset])
+by (metis finter_set fset_simps(1))
+lemma fcard_delete1_less:
+shows "x |\<in>| xs \<Longrightarrow> fcard (fdelete x xs) < fcard xs"
+unfolding fcard_set fin_set fdelete_set
+by (rule card_Diff1_less[OF finite_fset])
+lemma fcard_delete2_less:
+shows "x |\<in>| xs \<Longrightarrow> y |\<in>| xs \<Longrightarrow> fcard (fdelete y (fdelete x xs)) < fcard xs"
+unfolding fcard_set fdelete_set fin_set
+by (rule card_Diff2_less[OF finite_fset])
+lemma fcard_delete1_le:
+shows "fcard (fdelete x xs) \<le> fcard xs"
+unfolding fdelete_set fcard_set
+by (rule card_Diff1_le[OF finite_fset])
+lemma fcard_psubset:
+shows "ys |\<subseteq>| xs \<Longrightarrow> fcard ys < fcard xs \<Longrightarrow> ys |\<subset>| xs"
+unfolding fcard_set fsubseteq_set fsubset_set
+by (rule card_psubset[OF finite_fset])
+lemma fcard_fmap_le:
+shows "fcard (fmap f xs) \<le> fcard xs"
+unfolding fcard_set fmap_set_image
+by (rule card_image_le[OF finite_fset])
+lemma fcard_fminus_finsert[simp]:
+assumes "a |\<in>| A" and "a |\<notin>| B"
+shows "fcard (A - finsert a B) = fcard (A - B) - 1"
+using assms
+unfolding fin_set fcard_set fminus_set
+by (simp add: card_Diff_insert[OF finite_fset])
+lemma fcard_fminus_fsubset:
+assumes "B |\<subseteq>| A"
+shows "fcard (A - B) = fcard A - fcard B"
+using assms
+unfolding fsubseteq_set fcard_set fminus_set
+by (rule card_Diff_subset[OF finite_fset])
+lemma fcard_fminus_subset_finter:
+shows "fcard (A - B) = fcard A - fcard (A |\<inter>| B)"
+unfolding finter_set fcard_set fminus_set
+by (rule card_Diff_subset_Int) (simp)
+section {* fconcat *}
+lemma fconcat_fempty:
+shows "fconcat {||} = {||}"
+by (lifting concat.simps(1))
+lemma fconcat_finsert:
+shows "fconcat (finsert x S) = x |\<union>| fconcat S"
+by (lifting concat.simps(2))
+lemma fconcat_finter:
+shows "fconcat (xs |\<union>| ys) = fconcat xs |\<union>| fconcat ys"
+by (lifting concat_append)
+section {* ffilter *}
+lemma subseteq_filter:
+shows "ffilter P xs <= ffilter Q xs = (\<forall> x. x |\<in>| xs \<longrightarrow> P x \<longrightarrow> Q x)"
+by  (descending) (auto simp add: memb_def sub_list_def)
+lemma eq_ffilter:
+shows "(ffilter P xs = ffilter Q xs) = (\<forall>x. x |\<in>| xs \<longrightarrow> P x = Q x)"
+by (descending) (auto simp add: memb_def)
+lemma subset_ffilter:
+shows "(\<And>x. x |\<in>| xs \<Longrightarrow> P x \<Longrightarrow> Q x) \<Longrightarrow> (x |\<in>| xs & \<not> P x & Q x) \<Longrightarrow> ffilter P xs < ffilter Q xs"
+unfolding less_fset_def by (auto simp add: subseteq_filter eq_ffilter)
+subsection {* ffold *}
+lemma ffold_nil:
+shows "ffold f z {||} = z"
+by (descending) (simp)
+lemma ffold_finsert: "ffold f z (finsert a A) =
+(if rsp_fold f then if a |\<in>| A then ffold f z A else f a (ffold f z A) else z)"
+by (descending) (simp add: memb_def)
+lemma fin_commute_ffold:
+"\<lbrakk>rsp_fold f; h |\<in>| b\<rbrakk> \<Longrightarrow> ffold f z b = f h (ffold f z (fdelete h b))"
+by (descending) (simp add: memb_def memb_commute_ffold_list)
+subsection {* Choice in fsets *}
+lemma fset_choice:
+assumes a: "\<forall>x. x |\<in>| A \<longrightarrow> (\<exists>y. P x y)"
+shows "\<exists>f. \<forall>x. x |\<in>| A \<longrightarrow> P x (f x)"
+using a
+apply(descending)
+using finite_set_choice
+by (auto simp add: memb_def Ball_def)
+section {* Induction and Cases rules for fsets *}
+lemma fset_exhaust [case_names fempty finsert, cases type: fset]:
+assumes fempty_case: "S = {||} \<Longrightarrow> P"
+and     finsert_case: "\<And>x S'. S = finsert x S' \<Longrightarrow> P"
+shows "P"
+using assms by (lifting list.exhaust)
+lemma fset_induct [case_names fempty finsert]:
+assumes fempty_case: "P {||}"
+and     finsert_case: "\<And>x S. P S \<Longrightarrow> P (finsert x S)"
+shows "P S"
+using assms
+by (descending) (blast intro: list.induct)
+lemma fset_induct_stronger [case_names fempty finsert, induct type: fset]:
+assumes fempty_case: "P {||}"
+and     finsert_case: "\<And>x S. \<lbrakk>x |\<notin>| S; P S\<rbrakk> \<Longrightarrow> P (finsert x S)"
+shows "P S"
+proof(induct S rule: fset_induct)
+case fempty
+show "P {||}" using fempty_case by simp
+next
+case (finsert x S)
+have "P S" by fact
+then show "P (finsert x S)" using finsert_case
+by (cases "x |\<in>| S") (simp_all)
+qed
+lemma fcard_induct:
+assumes fempty_case: "P {||}"
+and     fcard_Suc_case: "\<And>S T. Suc (fcard S) = (fcard T) \<Longrightarrow> P S \<Longrightarrow> P T"
+shows "P S"
+proof (induct S)
+case fempty
+show "P {||}" by (rule fempty_case)
+next
+case (finsert x S)
+have h: "P S" by fact
+have "x |\<notin>| S" by fact
+then have "Suc (fcard S) = fcard (finsert x S)"
+using fcard_suc by auto
+then show "P (finsert x S)"
+using h fcard_Suc_case by simp
+qed
 lemma fset_raw_strong_cases:
 obtains "xs = []"
 | x ys where "\<not> memb x ys" and "xs \<approx> x # ys"
 proof (induct xs arbitrary: x ys)
 qed
 then show thesis using a c by blast
 qed
-text {* alternate formulation with a different decomposition principle
+lemma fset_strong_cases:
+obtains "xs = {||}"
+| x ys where "x |\<notin>| ys" and "xs = finsert x ys"
+by (lifting fset_raw_strong_cases)
+lemma fset_induct2:
+"P {||} {||} \<Longrightarrow>
+(\<And>x xs. x |\<notin>| xs \<Longrightarrow> P (finsert x xs) {||}) \<Longrightarrow>
+(\<And>y ys. y |\<notin>| ys \<Longrightarrow> P {||} (finsert y ys)) \<Longrightarrow>
+(\<And>x xs y ys. \<lbrakk>P xs ys; x |\<notin>| xs; y |\<notin>| ys\<rbrakk> \<Longrightarrow> P (finsert x xs) (finsert y ys)) \<Longrightarrow>
+P xsa ysa"
+apply (induct xsa arbitrary: ysa)
+apply (induct_tac x rule: fset_induct_stronger)
+apply simp_all
+apply (induct_tac xa rule: fset_induct_stronger)
+apply simp_all
+done
+subsection {* alternate formulation with a different decomposition principle
 and a proof of equivalence *}
 inductive
-list_eq2
+list_eq2 ("_ \<approx>2 _")
 where
-"list_eq2 (a # b # xs) (b # a # xs)"
+"(a # b # xs) \<approx>2 (b # a # xs)"
-| "list_eq2 [] []"
+| "[] \<approx>2 []"
-| "list_eq2 xs ys \<Longrightarrow> list_eq2 ys xs"
+| "xs \<approx>2 ys \<Longrightarrow>  ys \<approx>2 xs"
-| "list_eq2 (a # a # xs) (a # xs)"
+| "(a # a # xs) \<approx>2 (a # xs)"
-| "list_eq2 xs ys \<Longrightarrow> list_eq2 (a # xs) (a # ys)"
+| "xs \<approx>2 ys \<Longrightarrow>  (a # xs) \<approx>2 (a # ys)"
-| "\<lbrakk>list_eq2 xs1 xs2; list_eq2 xs2 xs3\<rbrakk> \<Longrightarrow> list_eq2 xs1 xs3"
+| "\<lbrakk>xs1 \<approx>2 xs2;  xs2 \<approx>2 xs3\<rbrakk> \<Longrightarrow> xs1 \<approx>2 xs3"
 lemma list_eq2_refl:
-shows "list_eq2 xs xs"
+shows "xs \<approx>2 xs"
 by (induct xs) (auto intro: list_eq2.intros)
+lemma list_eq2_set:
+assumes a: "xs \<approx>2 ys"
+shows "set xs = set ys"
+using a by (induct) (auto)
+lemma list_eq2_card:
+assumes a: "xs \<approx>2 ys"
+shows "card_list xs = card_list ys"
+using a
+apply(induct)
+apply(auto simp add: card_list_def)
+apply(metis insert_commute)
+apply(metis list_eq2_set)
+done
+lemma list_eq2_equiv1:
+assumes a: "xs \<approx>2 ys"
+shows "xs \<approx> ys"
+using a by (induct) (auto)
 lemma cons_delete_list_eq2:
-shows "list_eq2 (a # (removeAll a A)) (if memb a A then A else a # A)"
+shows "(a # (removeAll a A)) \<approx>2 (if memb a A then A else a # A)"
 apply (induct A)
 apply (simp add: memb_def list_eq2_refl)
 apply (case_tac "memb a (aa # A)")
 apply (simp_all only: memb_def)
 apply (case_tac [!] "a = aa")
 apply (auto simp add: list_eq2_refl memb_def)
 done
 lemma memb_delete_list_eq2:
 assumes a: "memb e r"
-shows "list_eq2 (e # removeAll e r) r"
+shows "(e # removeAll e r) \<approx>2 r"
 using a cons_delete_list_eq2[of e r]
 by simp
+(*
+lemma list_eq2_equiv2:
+assumes a: "xs \<approx> ys"
+shows "xs \<approx>2 ys"
+using a
+apply(induct xs arbitrary: ys taking: "card o set" rule: measure_induct)
+apply(simp)
+apply(case_tac x)
+apply(simp)
+apply(auto intro: list_eq2.intros)[1]
+apply(simp)
+apply(case_tac "a \<in> set list")
+apply(simp add: insert_absorb)
+apply(drule_tac x="removeAll a ys" in spec)
+apply(drule mp)
+apply(simp)
+apply(subgoal_tac "0 < card (set ys)")
+apply(simp)
+apply(metis length_pos_if_in_set length_remdups_card_conv set_remdups)
+apply(simp)
+apply(clarify)
+apply(drule_tac x="removeAll a list" in spec)
+apply(drule mp)
+apply(simp)
+oops
+*)
 lemma list_eq2_equiv:
 "(l \<approx> r) \<longleftrightarrow> (list_eq2 l r)"
 proof
 show "list_eq2 l r \<Longrightarrow> l \<approx> r" by (induct rule: list_eq2.induct) auto
 next
 {
 fix n
 assume a: "card_list l = n" and b: "l \<approx> r"
-have "list_eq2 l r"
+have "l \<approx>2 r"
 using a b
 proof (induct n arbitrary: l r)
 case 0
 have "card_list l = 0" by fact
 then have "\<forall>x. \<not> memb x l" unfolding card_list_def memb_def by auto
 	unfolding memb_def by auto
 have f: "card_list (removeAll a l) = m" using e d by (simp add: card_list_def memb_def)
 have g: "removeAll a l \<approx> removeAll a r" using removeAll_rsp b by simp
 have "list_eq2 (removeAll a l) (removeAll a r)" by (rule Suc.hyps[OF f g])
 then have h: "list_eq2 (a # removeAll a l) (a # removeAll a r)" by (rule list_eq2.intros(5))
 have i: "list_eq2 l (a # removeAll a l)"
 by (rule list_eq2.intros(3)[OF memb_delete_list_eq2[OF e]])
 have "list_eq2 l (a # removeAll a r)" by (rule list_eq2.intros(6)[OF i h])
 then show ?case using list_eq2.intros(6)[OF _ memb_delete_list_eq2[OF e']] by simp
 qed
 }
 then show "l \<approx> r \<Longrightarrow> list_eq2 l r" by blast
-qed
-section {* Lifted theorems *}
-subsection {* fin *}
-lemma not_fin_fnil:
-shows "x |\<notin>| {||}"
-by (descending) (simp add: memb_def)
-lemma fin_set:
-shows "x |\<in>| S \<longleftrightarrow> x \<in> fset S"
-by (descending) (simp add: memb_def)
-lemma fnotin_set:
-shows "x |\<notin>| S \<longleftrightarrow> x \<notin> fset S"
-by (descending) (simp add: memb_def)
-lemma fset_eq_iff:
-shows "S = T \<longleftrightarrow> (\<forall>x. (x |\<in>| S) = (x |\<in>| T))"
-by (descending) (auto simp add: memb_def)
-lemma none_fin_fempty:
-shows "(\<forall>x. x |\<notin>| S) \<longleftrightarrow> S = {||}"
-by (descending) (simp add: memb_def)
-subsection {* finsert *}
-lemma fin_finsert_iff[simp]:
-shows "x |\<in>| finsert y S \<longleftrightarrow> x = y \<or> x |\<in>| S"
-by (descending) (simp add: memb_def)
-lemma
-shows finsertI1: "x |\<in>| finsert x S"
-and   finsertI2: "x |\<in>| S \<Longrightarrow> x |\<in>| finsert y S"
-by (descending, simp add: memb_def)+
-lemma finsert_absorb[simp]:
-shows "x |\<in>| S \<Longrightarrow> finsert x S = S"
-by (descending) (auto simp add: memb_def)
-lemma fempty_not_finsert[simp]:
-shows "{||} \<noteq> finsert x S"
-and   "finsert x S \<noteq> {||}"
-by (descending, simp)+
-lemma finsert_left_comm:
-shows "finsert x (finsert y S) = finsert y (finsert x S)"
-by (descending) (auto)
-lemma finsert_left_idem:
-shows "finsert x (finsert x S) = finsert x S"
-by (descending) (auto)
-lemma fsingleton_eq[simp]:
-shows "{|x|} = {|y|} \<longleftrightarrow> x = y"
-by (descending) (auto)
-(* FIXME: is this in any case a useful lemma *)
-lemma fin_mdef:
-shows "x |\<in>| F \<longleftrightarrow> x |\<notin>| (F - {|x|}) \<and> F = finsert x (F - {|x|})"
-by (descending) (auto simp add: memb_def diff_list_def)
-subsection {* fset *}
-lemma fset_simps[simp]:
-"fset {||} = ({} :: 'a set)"
-"fset (finsert (x :: 'a) S) = insert x (fset S)"
-by (lifting set.simps)
-lemma finite_fset [simp]:
-shows "finite (fset S)"
-by (descending) (simp)
-lemma fset_cong:
-shows "fset S = fset T \<longleftrightarrow> S = T"
-by (descending) (simp)
-lemma ffilter_set [simp]:
-shows "fset (ffilter P xs) = P \<inter> fset xs"
-by (descending) (auto simp add: mem_def)
-lemma fdelete_set [simp]:
-shows "fset (fdelete x xs) = fset xs - {x}"
-by (descending) (simp)
-lemma finter_set [simp]:
-shows "fset (xs |\<inter>| ys) = fset xs \<inter> fset ys"
-by (descending) (auto simp add: inter_list_def)
-lemma funion_set [simp]:
-shows "fset (xs |\<union>| ys) = fset xs \<union> fset ys"
-by (lifting set_append)
-lemma fminus_set [simp]:
-shows "fset (xs - ys) = fset xs - fset ys"
-by (descending) (auto simp add: diff_list_def)
-subsection {* funion *}
-lemmas [simp] =
-sup_bot_left[where 'a="'a fset", standard]
-sup_bot_right[where 'a="'a fset", standard]
-lemma funion_finsert[simp]:
-shows "finsert x S |\<union>| T = finsert x (S |\<union>| T)"
-by (lifting append.simps(2))
-lemma singleton_funion_left:
-shows "{|a|} |\<union>| S = finsert a S"
-by simp
-lemma singleton_funion_right:
-shows "S |\<union>| {|a|} = finsert a S"
-by (subst sup.commute) simp
-lemma fin_funion:
-shows "x |\<in>| S |\<union>| T \<longleftrightarrow> x |\<in>| S \<or> x |\<in>| T"
-by (descending) (simp add: memb_def)
-subsection {* fminus *}
-lemma fminus_fin:
-shows "x |\<in>| (xs - ys) \<longleftrightarrow> x |\<in>| xs \<and> x |\<notin>| ys"
-by (descending) (simp add: diff_list_def memb_def)
-lemma fminus_red:
-shows "finsert x xs - ys = (if x |\<in>| ys then xs - ys else finsert x (xs - ys))"
-by (descending) (auto simp add: diff_list_def memb_def)
-lemma fminus_red_fin[simp]:
-shows "x |\<in>| ys \<Longrightarrow> finsert x xs - ys = xs - ys"
-by (simp add: fminus_red)
-lemma fminus_red_fnotin[simp]:
-shows "x |\<notin>| ys \<Longrightarrow> finsert x xs - ys = finsert x (xs - ys)"
-by (simp add: fminus_red)
-lemma fin_fminus_fnotin:
-shows "x |\<in>| F - S \<Longrightarrow> x |\<notin>| S"
-unfolding fin_set fminus_set
-by blast
-lemma fin_fnotin_fminus:
-shows "x |\<in>| S \<Longrightarrow> x |\<notin>| F - S"
-unfolding fin_set fminus_set
-by blast
-section {* fdelete *}
-lemma fin_fdelete:
-shows "x |\<in>| fdelete y S \<longleftrightarrow> x |\<in>| S \<and> x \<noteq> y"
-by (descending) (simp add: memb_def)
-lemma fnotin_fdelete:
-shows "x |\<notin>| fdelete x S"
-by (descending) (simp add: memb_def)
-lemma fnotin_fdelete_ident:
-shows "x |\<notin>| S \<Longrightarrow> fdelete x S = S"
-by (descending) (simp add: memb_def)
-lemma fset_fdelete_cases:
-shows "S = {||} \<or> (\<exists>x. x |\<in>| S \<and> S = finsert x (fdelete x S))"
-by (descending) (auto simp add: memb_def insert_absorb)
-section {* finter *}
-lemma finter_empty_l:
-shows "{||} |\<inter>| S = {||}"
-by simp
-lemma finter_empty_r:
-shows "S |\<inter>| {||} = {||}"
-by simp
-lemma finter_finsert:
-shows "finsert x S |\<inter>| T = (if x |\<in>| T then finsert x (S |\<inter>| T) else S |\<inter>| T)"
-by (descending) (auto simp add: inter_list_def memb_def)
-lemma fin_finter:
-shows "x |\<in>| (S |\<inter>| T) \<longleftrightarrow> x |\<in>| S \<and> x |\<in>| T"
-by (descending) (simp add: inter_list_def memb_def)
-subsection {* fsubset *}
-lemma fsubseteq_set:
-shows "xs |\<subseteq>| ys \<longleftrightarrow> fset xs \<subseteq> fset ys"
-by (descending) (simp add: sub_list_def)
-lemma fsubset_set:
-shows "xs |\<subset>| ys \<longleftrightarrow> fset xs \<subset> fset ys"
-unfolding less_fset_def
-by (descending) (auto simp add: sub_list_def)
-lemma fsubseteq_finsert:
-shows "(finsert x xs) |\<subseteq>| ys \<longleftrightarrow> x |\<in>| ys \<and> xs |\<subseteq>| ys"
-by (descending) (simp add: sub_list_def memb_def)
-lemma fsubset_fin:
-shows "xs |\<subseteq>| ys = (\<forall>x. x |\<in>| xs \<longrightarrow> x |\<in>| ys)"
-by (descending) (auto simp add: sub_list_def memb_def)
-(* FIXME: no type ord *)
-(*
-lemma fsubset_finsert:
-shows "(finsert x xs) |\<subset>| ys \<longleftrightarrow> x |\<in>| ys \<and> xs |\<subset>| ys"
-by (descending) (simp add: sub_list_def memb_def)
-*)
-lemma fsubseteq_fempty:
-shows "xs |\<subseteq>| {||} \<longleftrightarrow> xs = {||}"
-by (descending) (simp add: sub_list_def)
-(* also problem with ord *)
-lemma not_fsubset_fnil:
-shows "\<not> xs |\<subset>| {||}"
-by (metis fset_simps(1) fsubset_set not_psubset_empty)
-section {* fmap *}
-lemma fmap_simps [simp]:
-shows "fmap f {||} = {||}"
-and   "fmap f (finsert x S) = finsert (f x) (fmap f S)"
-by (descending, simp)+
-lemma fmap_set_image [simp]:
-shows "fset (fmap f S) = f ` (fset S)"
-by (descending) (simp)
-lemma inj_fmap_eq_iff:
-shows "inj f \<Longrightarrow> fmap f S = fmap f T \<longleftrightarrow> S = T"
-by (descending) (metis inj_vimage_image_eq list_eq.simps set_map)
-lemma fmap_funion:
-shows "fmap f (S |\<union>| T) = fmap f S |\<union>| fmap f T"
-by (descending) (simp)
-subsection {* fcard *}
-lemma fcard_set:
-shows "fcard xs = card (fset xs)"
-by (lifting card_list_def)
-lemma fcard_finsert_if [simp]:
-shows "fcard (finsert x S) = (if x |\<in>| S then fcard S else Suc (fcard S))"
-by (descending) (auto simp add: card_list_def memb_def insert_absorb)
-lemma fcard_0[simp]:
-shows "fcard S = 0 \<longleftrightarrow> S = {||}"
-by (descending) (simp add: card_list_def)
-lemma fcard_fempty[simp]:
-shows "fcard {||} = 0"
-by (simp add: fcard_0)
-lemma fcard_1:
-shows "fcard S = 1 \<longleftrightarrow> (\<exists>x. S = {|x|})"
-by (descending) (auto simp add: card_list_def card_Suc_eq)
-lemma fcard_gt_0:
-shows "x \<in> fset S \<Longrightarrow> 0 < fcard S"
-by (descending) (auto simp add: card_list_def card_gt_0_iff)
-lemma fcard_not_fin:
-shows "(x |\<notin>| S) = (fcard (finsert x S) = Suc (fcard S))"
-by (descending) (auto simp add: memb_def card_list_def insert_absorb)
-lemma fcard_suc:
-shows "fcard S = Suc n \<Longrightarrow> \<exists>x T. x |\<notin>| T \<and> S = finsert x T \<and> fcard T = n"
-apply(descending)
-apply(auto simp add: card_list_def memb_def)
-apply(drule card_eq_SucD)
-apply(auto)
-apply(rule_tac x="b" in exI)
-apply(rule_tac x="removeAll b S" in exI)
-apply(auto)
-done
-lemma fcard_delete:
-shows "fcard (fdelete y S) = (if y |\<in>| S then fcard S - 1 else fcard S)"
-by (descending) (simp add: card_list_def memb_def)
-lemma fcard_suc_memb:
-shows "fcard A = Suc n \<Longrightarrow> \<exists>a. a |\<in>| A"
-apply(descending)
-apply(simp add: card_list_def memb_def)
-apply(drule card_eq_SucD)
-apply(auto)
-done
-lemma fin_fcard_not_0:
-shows "a |\<in>| A \<Longrightarrow> fcard A \<noteq> 0"
-by (descending) (auto simp add: card_list_def memb_def)
-lemma fcard_mono:
-shows "xs |\<subseteq>| ys \<Longrightarrow> fcard xs \<le> fcard ys"
-unfolding fcard_set fsubseteq_set
-by (simp add: card_mono[OF finite_fset])
-lemma fcard_fsubset_eq:
-shows "xs |\<subseteq>| ys \<Longrightarrow> fcard ys \<le> fcard xs \<Longrightarrow> xs = ys"
-unfolding fcard_set fsubseteq_set
-by (auto dest: card_seteq[OF finite_fset] simp add: fset_cong)
-lemma psubset_fcard_mono:
-shows "xs |\<subset>| ys \<Longrightarrow> fcard xs < fcard ys"
-unfolding fcard_set fsubset_set
-by (rule psubset_card_mono[OF finite_fset])
-lemma fcard_funion_finter:
-shows "fcard xs + fcard ys = fcard (xs |\<union>| ys) + fcard (xs |\<inter>| ys)"
-unfolding fcard_set funion_set finter_set
-by (rule card_Un_Int[OF finite_fset finite_fset])
-lemma fcard_funion_disjoint:
-shows "xs |\<inter>| ys = {||} \<Longrightarrow> fcard (xs |\<union>| ys) = fcard xs + fcard ys"
-unfolding fcard_set funion_set
-apply (rule card_Un_disjoint[OF finite_fset finite_fset])
-by (metis finter_set fset_simps(1))
-lemma fcard_delete1_less:
-shows "x |\<in>| xs \<Longrightarrow> fcard (fdelete x xs) < fcard xs"
-unfolding fcard_set fin_set fdelete_set
-by (rule card_Diff1_less[OF finite_fset])
-lemma fcard_delete2_less:
-shows "x |\<in>| xs \<Longrightarrow> y |\<in>| xs \<Longrightarrow> fcard (fdelete y (fdelete x xs)) < fcard xs"
-unfolding fcard_set fdelete_set fin_set
-by (rule card_Diff2_less[OF finite_fset])
-lemma fcard_delete1_le:
-shows "fcard (fdelete x xs) \<le> fcard xs"
-unfolding fdelete_set fcard_set
-by (rule card_Diff1_le[OF finite_fset])
-lemma fcard_psubset:
-shows "ys |\<subseteq>| xs \<Longrightarrow> fcard ys < fcard xs \<Longrightarrow> ys |\<subset>| xs"
-unfolding fcard_set fsubseteq_set fsubset_set
-by (rule card_psubset[OF finite_fset])
-lemma fcard_fmap_le:
-shows "fcard (fmap f xs) \<le> fcard xs"
-unfolding fcard_set fmap_set_image
-by (rule card_image_le[OF finite_fset])
-lemma fcard_fminus_finsert[simp]:
-assumes "a |\<in>| A" and "a |\<notin>| B"
-shows "fcard (A - finsert a B) = fcard (A - B) - 1"
-using assms
-unfolding fin_set fcard_set fminus_set
-by (simp add: card_Diff_insert[OF finite_fset])
-lemma fcard_fminus_fsubset:
-assumes "B |\<subseteq>| A"
-shows "fcard (A - B) = fcard A - fcard B"
-using assms
-unfolding fsubseteq_set fcard_set fminus_set
-by (rule card_Diff_subset[OF finite_fset])
-lemma fcard_fminus_subset_finter:
-shows "fcard (A - B) = fcard A - fcard (A |\<inter>| B)"
-unfolding finter_set fcard_set fminus_set
-by (rule card_Diff_subset_Int) (simp)
-section {* fconcat *}
-lemma fconcat_fempty:
-shows "fconcat {||} = {||}"
-by (lifting concat.simps(1))
-lemma fconcat_finsert:
-shows "fconcat (finsert x S) = x |\<union>| fconcat S"
-by (lifting concat.simps(2))
-lemma fconcat_finter:
-shows "fconcat (xs |\<union>| ys) = fconcat xs |\<union>| fconcat ys"
-by (lifting concat_append)
-section {* ffilter *}
-lemma subseteq_filter:
-shows "ffilter P xs <= ffilter Q xs = (\<forall> x. x |\<in>| xs \<longrightarrow> P x \<longrightarrow> Q x)"
-by  (descending) (auto simp add: memb_def sub_list_def)
-lemma eq_ffilter:
-shows "(ffilter P xs = ffilter Q xs) = (\<forall>x. x |\<in>| xs \<longrightarrow> P x = Q x)"
-by (descending) (auto simp add: memb_def)
-lemma subset_ffilter:
-shows "(\<And>x. x |\<in>| xs \<Longrightarrow> P x \<Longrightarrow> Q x) \<Longrightarrow> (x |\<in>| xs & \<not> P x & Q x) \<Longrightarrow> ffilter P xs < ffilter Q xs"
-unfolding less_fset_def by (auto simp add: subseteq_filter eq_ffilter)
-subsection {* ffold *}
-lemma ffold_nil:
-shows "ffold f z {||} = z"
-by (descending) (simp)
-lemma ffold_finsert: "ffold f z (finsert a A) =
-(if rsp_fold f then if a |\<in>| A then ffold f z A else f a (ffold f z A) else z)"
-by (descending) (simp add: memb_def)
-lemma fin_commute_ffold:
-"\<lbrakk>rsp_fold f; h |\<in>| b\<rbrakk> \<Longrightarrow> ffold f z b = f h (ffold f z (fdelete h b))"
-by (descending) (simp add: memb_def memb_commute_ffold_raw)
-subsection {* Choice in fsets *}
-lemma fset_choice:
-assumes a: "\<forall>x. x |\<in>| A \<longrightarrow> (\<exists>y. P x y)"
-shows "\<exists>f. \<forall>x. x |\<in>| A \<longrightarrow> P x (f x)"
-using a
-apply(descending)
-using finite_set_choice
-by (auto simp add: memb_def Ball_def)
-(* FIXME: is that in any way useful *)
-section {* Induction and Cases rules for fsets *}
-lemma fset_strong_cases:
-obtains "xs = {||}"
-| x ys where "x |\<notin>| ys" and "xs = finsert x ys"
-by (lifting fset_raw_strong_cases)
-lemma fset_exhaust[case_names fempty finsert, cases type: fset]:
-shows "\<lbrakk>S = {||} \<Longrightarrow> P; \<And>x S'. S = finsert x S' \<Longrightarrow> P\<rbrakk> \<Longrightarrow> P"
-by (lifting list.exhaust)
-lemma fset_induct_weak[case_names fempty finsert]:
-shows "\<lbrakk>P {||}; \<And>x S. P S \<Longrightarrow> P (finsert x S)\<rbrakk> \<Longrightarrow> P S"
-by (lifting list.induct)
-lemma fset_induct[case_names fempty finsert, induct type: fset]:
-assumes prem1: "P {||}"
-and     prem2: "\<And>x S. \<lbrakk>x |\<notin>| S; P S\<rbrakk> \<Longrightarrow> P (finsert x S)"
-shows "P S"
-proof(induct S rule: fset_induct_weak)
-case fempty
-show "P {||}" by (rule prem1)
-next
-case (finsert x S)
-have asm: "P S" by fact
-show "P (finsert x S)"
-by (cases "x |\<in>| S") (simp_all add: asm prem2)
-qed
-lemma fset_induct2:
-"P {||} {||} \<Longrightarrow>
-(\<And>x xs. x |\<notin>| xs \<Longrightarrow> P (finsert x xs) {||}) \<Longrightarrow>
-(\<And>y ys. y |\<notin>| ys \<Longrightarrow> P {||} (finsert y ys)) \<Longrightarrow>
-(\<And>x xs y ys. \<lbrakk>P xs ys; x |\<notin>| xs; y |\<notin>| ys\<rbrakk> \<Longrightarrow> P (finsert x xs) (finsert y ys)) \<Longrightarrow>
-P xsa ysa"
-apply (induct xsa arbitrary: ysa)
-apply (induct_tac x rule: fset_induct)
-apply simp_all
-apply (induct_tac xa rule: fset_induct)
-apply simp_all
-done
-lemma fset_fcard_induct:
-assumes a: "P {||}"
-and     b: "\<And>xs ys. Suc (fcard xs) = (fcard ys) \<Longrightarrow> P xs \<Longrightarrow> P ys"
-shows "P zs"
-proof (induct zs)
-show "P {||}" by (rule a)
-next
-fix x :: 'a and zs :: "'a fset"
-assume h: "P zs"
-assume "x |\<notin>| zs"
-then have H1: "Suc (fcard zs) = fcard (finsert x zs)" using fcard_suc by auto
-then show "P (finsert x zs)" using b h by simp
 qed
 (* We cannot write it as "assumes .. shows" since Isabelle changes
 the quantifiers to schematic variables and reintroduces them in
 and "\<And>xs ys a. \<lbrakk>xs = ys; P xs ys\<rbrakk> \<Longrightarrow> P (finsert a xs) (finsert a ys)"
 and "\<And>xs1 xs2 xs3. \<lbrakk>xs1 = xs2; P xs1 xs2; xs2 = xs3; P xs2 xs3\<rbrakk> \<Longrightarrow> P xs1 xs3"
 shows "P x1 x2"
 using assms
 by (lifting list_eq2.induct[simplified list_eq2_equiv[symmetric]])
-section {* lemmas transferred from Finite_Set theory *}
-text {* finiteness for finite sets holds *}
 lemma list_all2_refl:
 assumes q: "equivp R"
 shows "(list_all2 R) r r"
 | dest_fsetT T = raise TYPE ("dest_fsetT: fset type expected", [T], []);
 *}
 no_notation
 list_eq (infix "\<approx>" 50)
+and list_eq2 (infix "\<approx>2" 50)
 end

changeset 2539	a8f5611dbd65
parent 2538	c9deccd12476
child 2540	135ac0fb2686