diff --git a/thys/Buchi_Complementation/Ranking.thy b/thys/Buchi_Complementation/Ranking.thy
--- a/thys/Buchi_Complementation/Ranking.thy
+++ b/thys/Buchi_Complementation/Ranking.thy
@@ -1,481 +1,481 @@
 section \<open>Rankings\<close>
 
 theory Ranking
 imports
   "Alternate"
   "Graph"
 begin
 
   subsection \<open>Rankings\<close>
 
   type_synonym 'state ranking = "'state node \<Rightarrow> nat"
 
   definition ranking :: "('label, 'state) nba \<Rightarrow> 'label stream \<Rightarrow> 'state ranking \<Rightarrow> bool" where
     "ranking A w f \<equiv>
       (\<forall> v \<in> gunodes A w. f v \<le> 2 * card (nodes A)) \<and>
       (\<forall> v \<in> gunodes A w. \<forall> u \<in> gusuccessors A w v. f u \<le> f v) \<and>
       (\<forall> v \<in> gunodes A w. gaccepting A v \<longrightarrow> even (f v)) \<and>
       (\<forall> v \<in> gunodes A w. \<forall> r k. gurun A w r v \<longrightarrow> smap f (gtrace r v) = sconst k \<longrightarrow> odd k)"
 
   subsection \<open>Ranking Implies Word not in Language\<close>
 
   lemma ranking_stuck:
     assumes "ranking A w f"
     assumes "v \<in> gunodes A w" "gurun A w r v"
     obtains n k
     where "smap f (gtrace (sdrop n r) (gtarget (stake n r) v)) = sconst k"
   proof -
     have 0: "f u \<le> f v" if "v \<in> gunodes A w" "u \<in> gusuccessors A w v" for v u
       using assms(1) that unfolding ranking_def by auto
     have 1: "shd (v ## gtrace r v) \<in> gunodes A w" using assms(2) by auto
     have 2: "sdescending (smap f (v ## gtrace r v))"
     using 1 assms(3)
     proof (coinduction arbitrary: r v rule: sdescending.coinduct)
       case sdescending
       obtain u s where 1: "r = u ## s" using stream.exhaust by blast
       have 2: "v \<in> gunodes A w" using sdescending(1) by simp
       have 3: "gurun A w (u ## s) v" using sdescending(2) 1 by auto
       have 4: "u \<in> gusuccessors A w v" using 3 by auto
       have 5: "u \<in> gureachable A w v" using graph.reachable_successors 4 by blast
       show ?case
       unfolding 1
       proof (intro exI conjI disjI1)
         show "f u \<le> f v" using 0 2 4 by this
         show "shd (u ## gtrace s u) \<in> gunodes A w" using 2 5 by auto
         show "gurun A w s u" using 3 by auto
       qed auto
     qed
     obtain n k where 3: "sdrop n (smap f (v ## gtrace r v)) = sconst k"
       using sdescending_stuck[OF 2] by metis
     have "gtrace (sdrop (Suc n) r) (gtarget (stake (Suc n) r) v) = sdrop (Suc n) (gtrace r v)"
       using sscan_sdrop by rule
     also have "smap f \<dots> = sdrop n (smap f (v ## gtrace r v))"
       by (auto, metis 3 id_apply sdrop_smap sdrop_stl siterate.simps(2)
         sscan_const stream.map stream.map_sel(2) stream.sel(2))
     also have "\<dots> = sconst k" using 3 by this
     finally show ?thesis using that by blast
   qed
 
   lemma ranking_stuck_odd:
     assumes "ranking A w f"
     assumes "v \<in> gunodes A w" "gurun A w r v"
     obtains n
     where "sset (smap f (gtrace (sdrop n r) (gtarget (stake n r) v))) \<subseteq> Collect odd"
   proof -
     obtain n k where 1: "smap f (gtrace (sdrop n r) (gtarget (stake n r) v)) = sconst k"
       using ranking_stuck assms by this
     have 2: "gtarget (stake n r) v \<in> gunodes A w"
       using assms(2, 3) by (simp add: graph.nodes_target graph.run_stake)
     have 3: "gurun A w (sdrop n r) (gtarget (stake n r) v)"
       using assms(2, 3) by (simp add: graph.run_sdrop)
     have 4: "odd k" using 1 2 3 assms(1) unfolding ranking_def by meson
     have "sset (smap f (gtrace (sdrop n r) (gtarget (stake n r) v))) = sset (sconst k)"
       unfolding 1 by rule
     also have "\<dots> \<subseteq> Collect odd" using 4 by simp
     finally show ?thesis using that by simp
   qed
 
   lemma ranking_language:
     assumes "ranking A w f"
     shows "w \<notin> language A"
   proof
     assume 1: "w \<in> language A"
     obtain r p where 2: "run A (w ||| r) p" "p \<in> initial A" "infs (accepting A) (trace (w ||| r) p)"
       using 1 by rule
     let ?r = "fromN 1 ||| r"
     let ?v = "(0, p)"
     have 3: "?v \<in> gunodes A w" "gurun A w ?r ?v" using 2(1, 2) by (auto intro: run_grun)
 
     obtain n where 4: "sset (smap f (gtrace (sdrop n ?r) (gtarget (stake n ?r) ?v))) \<subseteq> {a. odd a}"
       using ranking_stuck_odd assms 3 by this
     let ?s = "stake n ?r"
     let ?t = "sdrop n ?r"
     let ?u = "gtarget ?s ?v"
 
     have "sset (gtrace ?t ?u) \<subseteq> gureachable A w ?v"
     proof (intro graph.reachable_trace graph.reachable_target graph.reachable.reflexive)
       show "gupath A w ?s ?v" using graph.run_stake 3(2) by this
       show "gurun A w ?t ?u" using graph.run_sdrop 3(2) by this
     qed
     also have "\<dots> \<subseteq> gunodes A w" using 3(1) by blast
     finally have 7: "sset (gtrace ?t ?u) \<subseteq> gunodes A w" by this
     have 8: "\<And> p. p \<in> gunodes A w \<Longrightarrow> gaccepting A p \<Longrightarrow> even (f p)"
       using assms unfolding ranking_def by auto
     have 9: "\<And> p. p \<in> sset (gtrace ?t ?u) \<Longrightarrow> gaccepting A p \<Longrightarrow> even (f p)" using 7 8 by auto
 
     have 19: "infs (accepting A) (smap snd ?r)" using 2(3) unfolding trace_alt_def by simp
-    have 18: "infs (gaccepting A) ?r" using 19 by force
+    have 18: "infs (gaccepting A) ?r" using 19 by (force simp: comp_def)
     have 17: "infs (gaccepting A) (gtrace ?r ?v)" using 18 unfolding gtrace_alt_def by this
     have 16: "infs (gaccepting A) (gtrace (?s @- ?t) ?v)" using 17 unfolding stake_sdrop by this
     have 15: "infs (gaccepting A) (gtrace ?t ?u)" using 16 by simp
     have 13: "infs (even \<circ> f) (gtrace ?t ?u)" using infs_mono[OF _ 15] 9 by simp
-    have 12: "infs even (smap f (gtrace ?t ?u))" using 13 by simp
+    have 12: "infs even (smap f (gtrace ?t ?u))" using 13 by (simp add: comp_def)
     have 11: "Bex (sset (smap f (gtrace ?t ?u))) even" using 12 infs_any by metis
 
     show False using 4 11 by auto
   qed
 
   subsection \<open>Word not in Language implies Ranking\<close>
 
   subsubsection \<open>Removal of Endangered Nodes\<close>
 
   definition clean :: "('label, 'state) nba \<Rightarrow> 'label stream \<Rightarrow> 'state node set \<Rightarrow> 'state node set" where
     "clean A w V \<equiv> {v \<in> V. infinite (greachable A w V v)}"
 
   lemma clean_decreasing: "clean A w V \<subseteq> V" unfolding clean_def by auto
   lemma clean_successors:
     assumes "v \<in> V" "u \<in> gusuccessors A w v"
     shows "u \<in> clean A w V \<Longrightarrow> v \<in> clean A w V"
   proof -
     assume 1: "u \<in> clean A w V"
     have 2: "u \<in> V" "infinite (greachable A w V u)" using 1 unfolding clean_def by auto
     have 3: "u \<in> greachable A w V v" using graph.reachable.execute assms(2) 2(1) by blast
     have 4: "greachable A w V u \<subseteq> greachable A w V v" using 3 by blast
     have 5: "infinite (greachable A w V v)" using 2(2) 4 by (simp add: infinite_super)
     show "v \<in> clean A w V" unfolding clean_def using assms(1) 5 by simp
   qed
 
   subsubsection \<open>Removal of Safe Nodes\<close>
 
   definition prune :: "('label, 'state) nba \<Rightarrow> 'label stream \<Rightarrow> 'state node set \<Rightarrow> 'state node set" where
     "prune A w V \<equiv> {v \<in> V. \<exists> u \<in> greachable A w V v. gaccepting A u}"
 
   lemma prune_decreasing: "prune A w V \<subseteq> V" unfolding prune_def by auto
   lemma prune_successors:
     assumes "v \<in> V" "u \<in> gusuccessors A w v"
     shows "u \<in> prune A w V \<Longrightarrow> v \<in> prune A w V"
   proof -
     assume 1: "u \<in> prune A w V"
     have 2: "u \<in> V" "\<exists> x \<in> greachable A w V u. gaccepting A x" using 1 unfolding prune_def by auto
     have 3: "u \<in> greachable A w V v" using graph.reachable.execute assms(2) 2(1) by blast
     have 4: "greachable A w V u \<subseteq> greachable A w V v" using 3 by blast
     show "v \<in> prune A w V" unfolding prune_def using assms(1) 2(2) 4 by auto
   qed
 
   subsubsection \<open>Run Graph Interation\<close>
 
   definition graph :: "('label, 'state) nba \<Rightarrow> 'label stream \<Rightarrow> nat \<Rightarrow> 'state node set" where
     "graph A w k \<equiv> alternate (clean A w) (prune A w) k (gunodes A w)"
 
   abbreviation "level A w k l \<equiv> {v \<in> graph A w k. fst v = l}"
 
   lemma graph_0[simp]: "graph A w 0 = gunodes A w" unfolding graph_def by simp
   lemma graph_Suc[simp]: "graph A w (Suc k) = (if even k then clean A w else prune A w) (graph A w k)"
     unfolding graph_def by simp
 
   lemma graph_antimono: "antimono (graph A w)"
     using alternate_antimono clean_decreasing prune_decreasing
     unfolding antimono_def le_fun_def graph_def
     by metis
   lemma graph_nodes: "graph A w k \<subseteq> gunodes A w" using graph_0 graph_antimono le0 antimonoD by metis
   lemma graph_successors:
     assumes "v \<in> gunodes A w" "u \<in> gusuccessors A w v"
     shows "u \<in> graph A w k \<Longrightarrow> v \<in> graph A w k"
   using assms
   proof (induct k arbitrary: u v)
     case 0
     show ?case using 0(2) by simp
   next
     case (Suc k)
     have 1: "v \<in> graph A w k" using Suc using antimono_iff_le_Suc graph_antimono rev_subsetD by blast
     show ?case using Suc(2) clean_successors[OF 1 Suc(4)] prune_successors[OF 1 Suc(4)] by auto
   qed
 
   lemma graph_level_finite:
     assumes "finite (nodes A)"
     shows "finite (level A w k l)"
   proof -
     have "level A w k l \<subseteq> {v \<in> gunodes A w. fst v = l}" by (simp add: graph_nodes subset_CollectI)
     also have "{v \<in> gunodes A w. fst v = l} \<subseteq> {l} \<times> nodes A" using gnodes_nodes by force
     also have "finite ({l} \<times> nodes A)" using assms(1) by simp
     finally show ?thesis by this
   qed
 
   lemma find_safe:
     assumes "w \<notin> language A"
     assumes "V \<noteq> {}" "V \<subseteq> gunodes A w"
     assumes "\<And> v. v \<in> V \<Longrightarrow> gsuccessors A w V v \<noteq> {}"
     obtains v
     where "v \<in> V" "\<forall> u \<in> greachable A w V v. \<not> gaccepting A u"
   proof (rule ccontr)
     assume 1: "\<not> thesis"
     have 2: "\<And> v. v \<in> V \<Longrightarrow> \<exists> u \<in> greachable A w V v. gaccepting A u" using that 1 by auto
     have 3: "\<And> r v. v \<in> initial A \<Longrightarrow> run A (w ||| r) v \<Longrightarrow> \<not> infs (accepting A) (trace (w ||| r) v)"
       using assms(1) by auto
     obtain v where 4: "v \<in> V" using assms(2) by force
     obtain x where 5: "x \<in> greachable A w V v" "gaccepting A x" using 2 4 by blast
     obtain y where 50: "gpath A w V y v" "x = gtarget y v" using 5(1) by rule
     obtain r where 6: "grun A w V r x" "infs (\<lambda> x. x \<in> V \<and> gaccepting A x) r"
     proof (rule graph.recurring_condition)
       show "x \<in> V \<and> gaccepting A x" using greachable_subset 4 5 by blast
     next
       fix v
       assume 1: "v \<in> V \<and> gaccepting A v"
       obtain v' where 20: "v' \<in> gsuccessors A w V v" using assms(4) 1 by (meson IntE equals0I)
       have 21: "v' \<in> V" using 20 by auto
       have 22: "\<exists> u \<in> greachable A w V v'. u \<in> V \<and> gaccepting A u"
         using greachable_subset 2 21 by blast
       obtain r where 30: "gpath A w V r v'" "gtarget r v' \<in> V \<and> gaccepting A (gtarget r v')"
         using 22 by blast
       show "\<exists> r. r \<noteq> [] \<and> gpath A w V r v \<and> gtarget r v \<in> V \<and> gaccepting A (gtarget r v)"
       proof (intro exI conjI)
         show "v' # r \<noteq> []" by simp
         show "gpath A w V (v' # r) v" using 20 30 by auto
         show "gtarget (v' # r) v \<in> V" using 30 by simp
         show "gaccepting A (gtarget (v' # r) v)" using 30 by simp
       qed
     qed auto
     obtain u where 100: "u \<in> ginitial A" "v \<in> gureachable A w u" using 4 assms(3) by blast
     have 101: "gupath A w y v" using gpath_subset 50(1) subset_UNIV by this
     have 102: "gurun A w r x" using grun_subset 6(1) subset_UNIV by this
     obtain t where 103: "gupath A w t u" "v = gtarget t u" using 100(2) by rule
     have 104: "gurun A w (t @- y @- r) u" using 101 102 103 50(2) by auto
     obtain s q where 7: "t @- y @- r = fromN (Suc 0) ||| s" "u = (0, q)"
       using grun_elim[OF 104] 100(1) by blast
     have 8: "run A (w ||| s) q" using grun_run[OF 104[unfolded 7]] by simp
     have 9: "q \<in> initial A" using 100(1) 7(2) by auto
     have 91: "sset (trace (w ||| s) q) \<subseteq> reachable A q"
       using nba.reachable_trace nba.reachable.reflexive 8 by this
     have 10: "\<not> infs (accepting A) (trace (w ||| s) q)" using 3 9 8 by this
     have 11: "\<not> infs (accepting A) s" using 10 unfolding trace_alt_def by simp
     have 12: "infs (gaccepting A) r" using infs_mono[OF _ 6(2)] by simp
     have "s = smap snd (t @- y @- r)" unfolding 7(1) by simp
-    also have "infs (accepting A) \<dots>" using 12 by simp
+    also have "infs (accepting A) \<dots>" using 12 by (simp add: comp_def)
     finally have 13: "infs (accepting A) s" by this
     show False using 11 13 by simp
   qed
 
   lemma remove_run:
     assumes "finite (nodes A)" "w \<notin> language A"
     assumes "V \<subseteq> gunodes A w" "clean A w V \<noteq> {}"
     obtains v r
     where
       "grun A w V r v"
       "sset (gtrace r v) \<subseteq> clean A w V"
       "sset (gtrace r v) \<subseteq> - prune A w (clean A w V)"
   proof -
     obtain u where 1: "u \<in> clean A w V" "\<forall> x \<in> greachable A w (clean A w V) u. \<not> gaccepting A x"
     proof (rule find_safe)
       show "w \<notin> language A" using assms(2) by this
       show "clean A w V \<noteq> {}" using assms(4) by this
       show "clean A w V \<subseteq> gunodes A w" using assms(3) by (meson clean_decreasing subset_iff)
     next
       fix v
       assume 1: "v \<in> clean A w V"
       have 2: "v \<in> V" using 1 clean_decreasing by blast
       have 3: "infinite (greachable A w V v)" using 1 clean_def by auto
       have "gsuccessors A w V v \<subseteq> gusuccessors A w v" by auto
       also have "finite \<dots>" using 2 assms(1, 3) finite_nodes_gsuccessors by blast
       finally have 4: "finite (gsuccessors A w V v)" by this
       have 5: "infinite (insert v (\<Union>((greachable A w V) ` (gsuccessors A w V v))))"
         using graph.reachable_step 3 by metis
       obtain u where 6: "u \<in> gsuccessors A w V v" "infinite (greachable A w V u)" using 4 5 by auto
       have 7: "u \<in> clean A w V" using 6 unfolding clean_def by auto
       show "gsuccessors A w (clean A w V) v \<noteq> {}" using 6(1) 7 by auto
     qed auto
     have 2: "u \<in> V" using 1(1) unfolding clean_def by auto
     have 3: "infinite (greachable A w V u)" using 1(1) unfolding clean_def by simp
     have 4: "finite (gsuccessors A w V v)" if "v \<in> greachable A w V u" for v
     proof -
       have 1: "v \<in> V" using that greachable_subset 2 by blast
       have "gsuccessors A w V v \<subseteq> gusuccessors A w v" by auto
       also have "finite \<dots>" using 1 assms(1, 3) finite_nodes_gsuccessors by blast
       finally show ?thesis by this
     qed
     obtain r where 5: "grun A w V r u" using graph.koenig[OF 3 4] by this
     have 6: "greachable A w V u \<subseteq> V" using 2 greachable_subset by blast
     have 7: "sset (gtrace r u) \<subseteq> V"
       using graph.reachable_trace[OF graph.reachable.reflexive 5(1)] 6 by blast
     have 8: "sset (gtrace r u) \<subseteq> clean A w V"
       unfolding clean_def using 7 infinite_greachable_gtrace[OF 5(1)] by auto
     have 9: "sset (gtrace r u) \<subseteq> greachable A w (clean A w V) u"
       using 5 8 by (metis graph.reachable.reflexive graph.reachable_trace grun_subset)
     show ?thesis
     proof
       show "grun A w V r u" using 5(1) by this
       show "sset (gtrace r u) \<subseteq> clean A w V" using 8 by this
       show "sset (gtrace r u) \<subseteq> - prune A w (clean A w V)"
       proof (intro subsetI ComplI)
         fix p
         assume 10: "p \<in> sset (gtrace r u)" "p \<in> prune A w (clean A w V)"
         have 20: "\<exists> x \<in> greachable A w (clean A w V) p. gaccepting A x"
           using 10(2) unfolding prune_def by auto
         have 30: "greachable A w (clean A w V) p \<subseteq> greachable A w (clean A w V) u"
           using 10(1) 9 by blast
         show "False" using 1(2) 20 30 by force
       qed
     qed
   qed
 
   lemma level_bounded:
     assumes "finite (nodes A)" "w \<notin> language A"
     obtains n
     where "\<And> l. l \<ge> n \<Longrightarrow> card (level A w (2 * k) l) \<le> card (nodes A) - k"
   proof (induct k arbitrary: thesis)
     case (0)
     show ?case
     proof (rule 0)
       fix l :: nat
       have "finite ({l} \<times> nodes A)" using assms(1) by simp
       also have "level A w 0 l \<subseteq> {l} \<times> nodes A" using gnodes_nodes by force
       also (card_mono) have "card \<dots> = card (nodes A)" using assms(1) by simp
       finally show "card (level A w (2 * 0) l) \<le> card (nodes A) - 0" by simp
     qed
   next
     case (Suc k)
     show ?case
     proof (cases "graph A w (Suc (2 * k)) = {}")
       case True
       have 3: "graph A w (2 * Suc k) = {}" using True prune_decreasing by simp blast
       show ?thesis using Suc(2) 3 by simp
     next
       case False
       obtain v r where 1:
         "grun A w (graph A w (2 * k)) r v"
         "sset (gtrace r v) \<subseteq> graph A w (Suc (2 * k))"
         "sset (gtrace r v) \<subseteq> - graph A w (Suc (Suc (2 * k)))"
       proof (rule remove_run)
         show "finite (nodes A)" "w \<notin> language A" using assms by this
         show "clean A w (graph A w (2 * k)) \<noteq> {}" using False by simp
         show "graph A w (2 * k) \<subseteq> gunodes A w" using graph_nodes by this
       qed auto
       obtain l q where 2: "v = (l, q)" by force
       obtain n where 90: "\<And> l. n \<le> l \<Longrightarrow> card (level A w (2 * k) l) \<le> card (nodes A) - k"
         using Suc(1) by blast
       show ?thesis
       proof (rule Suc(2))
         fix j
         assume 100: "n + Suc l \<le> j"
         have 6: "graph A w (Suc (Suc (2 * k))) \<subseteq> graph A w (Suc (2 * k))"
           using graph_antimono antimono_iff_le_Suc by blast
         have 101: "gtrace r v !! (j - Suc l) \<in> graph A w (Suc (2 * k))" using 1(2) snth_sset by auto
         have 102: "gtrace r v !! (j - Suc l) \<notin> graph A w (Suc (Suc (2 * k)))" using 1(3) snth_sset by blast
         have 103: "gtrace r v !! (j - Suc l) \<in> level A w (Suc (2 * k)) j"
           using 1(1) 100 101 2 by (auto elim: grun_elim)
         have 104: "gtrace r v !! (j - Suc l) \<notin> level A w (Suc (Suc (2 * k))) j" using 100 102 by simp
         have "level A w (2 * Suc k) j = level A w (Suc (Suc (2 * k))) j" by simp
         also have "\<dots> \<subset> level A w (Suc (2 * k)) j" using 103 104 6 by blast
         also have "\<dots> \<subseteq> level A w (2 * k) j" by (simp add: Collect_mono clean_def)
         finally have 105: "level A w (2 * Suc k) j \<subset> level A w (2 * k) j" by this
         have "card (level A w (2 * Suc k) j) < card (level A w (2 * k) j)"
           using assms(1) 105 by (simp add: graph_level_finite psubset_card_mono)
         also have "\<dots> \<le> card (nodes A) - k" using 90 100 by simp
         finally show "card (level A w (2 * Suc k) j) \<le> card (nodes A) - Suc k" by simp
       qed
     qed
   qed
   lemma graph_empty:
     assumes "finite (nodes A)" "w \<notin> language A"
     shows "graph A w (Suc (2 * card (nodes A))) = {}"
   proof -
     obtain n where 1: "\<And> l. l \<ge> n \<Longrightarrow> card (level A w (2 * card (nodes A)) l) = 0"
       using level_bounded[OF assms(1, 2), of "card (nodes A)"] by auto
     have "graph A w (2 * card (nodes A)) =
       (\<Union> l \<in> {..< n}. level A w (2 * card (nodes A)) l) \<union>
       (\<Union> l \<in> {n ..}. level A w (2 * card (nodes A)) l)"
       by auto
     also have "(\<Union> l \<in> {n ..}. level A w (2 * card (nodes A)) l) = {}"
       using graph_level_finite assms(1) 1 by fastforce
     also have "finite ((\<Union> l \<in> {..< n}. level A w (2 * card (nodes A)) l) \<union> {})"
       using graph_level_finite assms(1) by auto
     finally have 100: "finite (graph A w (2 * card (nodes A)))" by this
     have 101: "finite (greachable A w (graph A w (2 * card (nodes A))) v)" for v
       using 100 greachable_subset[of A w "graph A w (2 * card (nodes A))" v]
       using finite_insert infinite_super by auto
     show ?thesis using 101 by (simp add: clean_def)
   qed
   lemma graph_le:
     assumes "finite (nodes A)" "w \<notin> language A"
     assumes "v \<in> graph A w k"
     shows "k \<le> 2 * card (nodes A)"
     using graph_empty graph_antimono assms
     by (metis (no_types, lifting) Suc_leI antimono_def basic_trans_rules(30) empty_iff not_le_imp_less)
 
   subsection \<open>Node Ranks\<close>
 
   definition rank :: "('label, 'state) nba \<Rightarrow> 'label stream \<Rightarrow> 'state node \<Rightarrow> nat" where
     "rank A w v \<equiv> GREATEST k. v \<in> graph A w k"
 
   lemma rank_member:
     assumes "finite (nodes A)" "w \<notin> language A" "v \<in> gunodes A w"
     shows "v \<in> graph A w (rank A w v)"
   unfolding rank_def
   proof (rule GreatestI_nat)
     show "v \<in> graph A w 0" using assms(3) by simp
     show "\<forall> k. v \<in> graph A w k \<longrightarrow> k \<le> 2 * card (nodes A)" using graph_le assms(1, 2) by blast
   qed
   lemma rank_removed:
     assumes "finite (nodes A)" "w \<notin> language A"
     shows "v \<notin> graph A w (Suc (rank A w v))"
   proof
     assume "v \<in> graph A w (Suc (rank A w v))"
     then have 2: "Suc (rank A w v) \<le> rank A w v"
       unfolding rank_def using Greatest_le_nat graph_le assms by metis
     then show "False" by auto
   qed
   lemma rank_le:
     assumes "finite (nodes A)" "w \<notin> language A"
     assumes "v \<in> gunodes A w" "u \<in> gusuccessors A w v"
     shows "rank A w u \<le> rank A w v"
   unfolding rank_def
   proof (rule Greatest_le_nat)
     have 1: "u \<in> gureachable A w v" using graph.reachable_successors assms(4) by blast
     have 2: "u \<in> gunodes A w" using assms(3) 1 by auto
     show "v \<in> graph A w (GREATEST k. u \<in> graph A w k)"
     unfolding rank_def[symmetric]
     proof (rule graph_successors)
       show "v \<in> gunodes A w" using assms(3) by this
       show "u \<in> gusuccessors A w v" using assms(4) by this
       show "u \<in> graph A w (rank A w u)" using rank_member assms(1, 2) 2 by this
     qed
     show "\<forall> k. v \<in> graph A w k \<longrightarrow> k \<le> 2 * card (nodes A)" using graph_le assms(1, 2) by blast
   qed
 
   lemma language_ranking:
     assumes "finite (nodes A)" "w \<notin> language A"
     shows "ranking A w (rank A w)"
   unfolding ranking_def
   proof (intro conjI ballI allI impI)
     fix v
     assume 1: "v \<in> gunodes A w"
     have 2: "v \<in> graph A w (rank A w v)" using rank_member assms 1 by this
     show "rank A w v \<le> 2 * card (nodes A)" using graph_le assms 2 by this
   next
     fix v u
     assume 1: "v \<in> gunodes A w" "u \<in> gusuccessors A w v"
     show "rank A w u \<le> rank A w v" using rank_le assms 1 by this
   next
     fix v
     assume 1: "v \<in> gunodes A w" "gaccepting A v"
     have 2: "v \<in> graph A w (rank A w v)" using rank_member assms 1(1) by this
     have 3: "v \<notin> graph A w (Suc (rank A w v))" using rank_removed assms by this
     have 4: "v \<in> prune A w (graph A w (rank A w v))" using 2 1(2) unfolding prune_def by auto
     have 5: "graph A w (Suc (rank A w v)) \<noteq> prune A w (graph A w (rank A w v))" using 3 4 by blast
     show "even (rank A w v)" using 5 by auto
   next
     fix v r k
     assume 1: "v \<in> gunodes A w" "gurun A w r v" "smap (rank A w) (gtrace r v) = sconst k"
     have "sset (gtrace r v) \<subseteq> gureachable A w v"
       using 1(2) by (metis graph.reachable.reflexive graph.reachable_trace)
     then have 6: "sset (gtrace r v) \<subseteq> gunodes A w" using 1(1) by blast
     have 60: "rank A w ` sset (gtrace r v) \<subseteq> {k}"
       using 1(3) by (metis equalityD1 sset_sconst stream.set_map)
     have 50: "sset (gtrace r v) \<subseteq> graph A w k"
       using rank_member[OF assms] subsetD[OF 6] 60 unfolding image_subset_iff by auto
     have 70: "grun A w (graph A w k) r v" using grun_subset 1(2) 50 by this
     have 7: "sset (gtrace r v) \<subseteq> clean A w (graph A w k)"
       unfolding clean_def using 50 infinite_greachable_gtrace[OF 70] by auto
     have 8: "sset (gtrace r v) \<inter> graph A w (Suc k) = {}" using rank_removed[OF assms] 60 by blast
     have 9: "sset (gtrace r v) \<noteq> {}" using stream.set_sel(1) by auto
     have 10: "graph A w (Suc k) \<noteq> clean A w (graph A w k)" using 7 8 9 by blast
     show "odd k" using 10 unfolding graph_Suc by auto
   qed
 
   subsection \<open>Correctness Theorem\<close>
 
   theorem language_ranking_iff:
     assumes "finite (nodes A)"
     shows "w \<notin> language A \<longleftrightarrow> (\<exists> f. ranking A w f)"
     using ranking_language language_ranking assms by blast
 
 end
diff --git a/thys/Transition_Systems_and_Automata/Automata/DBA/DBA_Combine.thy b/thys/Transition_Systems_and_Automata/Automata/DBA/DBA_Combine.thy
--- a/thys/Transition_Systems_and_Automata/Automata/DBA/DBA_Combine.thy
+++ b/thys/Transition_Systems_and_Automata/Automata/DBA/DBA_Combine.thy
@@ -1,302 +1,303 @@
 section \<open>Deterministic Büchi Automata Combinations\<close>
 
 theory DBA_Combine
 imports "DBA" "DGBA"
 begin
 
   definition dbgail :: "('label, 'state) dba list \<Rightarrow> ('label, 'state list) dgba" where
     "dbgail AA \<equiv> dgba
       (INTER (set AA) dba.alphabet)
       (map dba.initial AA)
       (\<lambda> a pp. map2 (\<lambda> A p. dba.succ A a p) AA pp)
       (map (\<lambda> k pp. dba.accepting (AA ! k) (pp ! k)) [0 ..< length AA])"
 
   lemma dbgail_trace_smap:
     assumes "length pp = length AA" "k < length AA"
     shows "smap (\<lambda> pp. pp ! k) (dgba.trace (dbgail AA) w pp) = dba.trace (AA ! k) w (pp ! k)"
     using assms unfolding dbgail_def by (coinduction arbitrary: w pp) (force)
   lemma dbgail_nodes_length:
     assumes "pp \<in> DGBA.nodes (dbgail AA)"
     shows "length pp = length AA"
     using assms unfolding dbgail_def by induct auto
   lemma dbgail_nodes[intro]:
     assumes "pp \<in> DGBA.nodes (dbgail AA)" "k < length pp"
     shows "pp ! k \<in> DBA.nodes (AA ! k)"
     using assms unfolding dbgail_def by induct auto
 
   lemma dbgail_nodes_finite[intro]:
     assumes "list_all (finite \<circ> DBA.nodes) AA"
     shows "finite (DGBA.nodes (dbgail AA))"
   proof (rule finite_subset)
     show "DGBA.nodes (dbgail AA) \<subseteq> listset (map DBA.nodes AA)"
       by (force simp: listset_member list_all2_conv_all_nth dbgail_nodes_length)
     have "finite (listset (map DBA.nodes AA)) \<longleftrightarrow> list_all finite (map DBA.nodes AA)"
       by (rule listset_finite) (auto simp: list_all_iff)
     then show "finite (listset (map DBA.nodes AA))" using assms by (simp add: list.pred_map)
   qed
   lemma dbgail_nodes_card:
     assumes "list_all (finite \<circ> DBA.nodes) AA"
     shows "card (DGBA.nodes (dbgail AA)) \<le> prod_list (map (card \<circ> DBA.nodes) AA)"
   proof -
     have "card (DGBA.nodes (dbgail AA)) \<le> card (listset (map DBA.nodes AA))"
     proof (rule card_mono)
       have "finite (listset (map DBA.nodes AA)) \<longleftrightarrow> list_all finite (map DBA.nodes AA)"
         by (rule listset_finite) (auto simp: list_all_iff)
       then show "finite (listset (map DBA.nodes AA))" using assms by (simp add: list.pred_map)
       show "DGBA.nodes (dbgail AA) \<subseteq> listset (map DBA.nodes AA)"
         by (force simp: listset_member list_all2_conv_all_nth dbgail_nodes_length)
     qed
     also have "\<dots> = prod_list (map (card \<circ> DBA.nodes) AA)" by simp
     finally show ?thesis by this
   qed
 
   lemma dbgail_language[simp]: "DGBA.language (dbgail AA) = INTER (set AA) DBA.language"
   proof safe
     fix w A
     assume 1: "w \<in> DGBA.language (dbgail AA)" "A \<in> set AA"
     obtain 2:
       "dgba.run (dbgail AA) w (dgba.initial (dbgail AA))"
       "gen infs (dgba.accepting (dbgail AA)) (dgba.trace (dbgail AA) w (dgba.initial (dbgail AA)))"
       using 1(1) by rule
     obtain k where 3: "A = AA ! k" "k < length AA" using 1(2) unfolding in_set_conv_nth by auto
     have 4: "(\<lambda> pp. dba.accepting A (pp ! k)) \<in> set (dgba.accepting (dbgail AA))"
       using 3 unfolding dbgail_def by auto
     show "w \<in> DBA.language A"
     proof
       show "dba.run A w (dba.initial A)"
         using 1(2) 2(1) unfolding DBA.run_alt_def DGBA.run_alt_def dbgail_def by auto
       have "True \<longleftrightarrow> infs (\<lambda> pp. dba.accepting A (pp ! k)) (dgba.trace (dbgail AA) w (map dba.initial AA))"
         using 2(2) 4 unfolding dbgail_def by auto
       also have "\<dots> \<longleftrightarrow> infs (dba.accepting A) (smap (\<lambda> pp. pp ! k)
         (dgba.trace (dbgail AA) w (map dba.initial AA)))" by (simp add: comp_def)
       also have "smap (\<lambda> pp. pp ! k) (dgba.trace (dbgail AA) w (map dba.initial AA)) =
         dba.trace (AA ! k) w (map dba.initial AA ! k)" using 3(2) by (fastforce intro: dbgail_trace_smap)
       also have "\<dots> = dba.trace A w (dba.initial A)" using 3 by auto
       finally show "infs (dba.accepting A) (dba.trace A w (dba.initial A))" by simp
     qed
   next
     fix w
     assume 1: "w \<in> INTER (set AA) DBA.language"
     have 2: "dba.run A w (dba.initial A)" "infs (dba.accepting A) (dba.trace A w (dba.initial A))"
       if "A \<in> set AA" for A using 1 that by auto
     show "w \<in> DGBA.language (dbgail AA)"
     proof (intro DGBA.language ballI gen)
       show "dgba.run (dbgail AA) w (dgba.initial (dbgail AA))"
         using 2(1) unfolding DBA.run_alt_def DGBA.run_alt_def dbgail_def by auto
     next
       fix P
       assume 3: "P \<in> set (dgba.accepting (dbgail AA))"
       obtain k where 4: "P = (\<lambda> pp. dba.accepting (AA ! k) (pp ! k))" "k < length AA"
         using 3 unfolding dbgail_def by auto
       have "True \<longleftrightarrow> infs (dba.accepting (AA ! k)) (dba.trace (AA ! k) w (map dba.initial AA ! k))"
         using 2(2) 4(2) by auto
       also have "dba.trace (AA ! k) w (map dba.initial AA ! k) =
         smap (\<lambda> pp. pp ! k) (dgba.trace (dbgail AA) w (map dba.initial AA))"
         using 4(2) by (fastforce intro: dbgail_trace_smap[symmetric])
       also have "infs (dba.accepting (AA ! k)) \<dots> \<longleftrightarrow> infs P (dgba.trace (dbgail AA) w (map dba.initial AA))"
         unfolding 4(1) by (simp add: comp_def)
       also have "map dba.initial AA = dgba.initial (dbgail AA)" unfolding dbgail_def by simp
       finally show "infs P (dgba.trace (dbgail AA) w (dgba.initial (dbgail AA)))" by simp
     qed
   qed
 
   definition dbail :: "('label, 'state) dba list \<Rightarrow> ('label, 'state list degen) dba" where
     "dbail = degen \<circ> dbgail"
 
   lemma dbail_nodes_finite[intro]:
     assumes "list_all (finite \<circ> DBA.nodes) AA"
     shows "finite (DBA.nodes (dbail AA))"
     using dbgail_nodes_finite assms unfolding dbail_def by auto
   lemma dbail_nodes_card:
     assumes"list_all (finite \<circ> DBA.nodes) AA"
     shows "card (DBA.nodes (dbail AA)) \<le> max 1 (length AA) * prod_list (map (card \<circ> DBA.nodes) AA)"
   proof -
     have "card (DBA.nodes (dbail AA)) \<le>
       max 1 (length (dgba.accepting (dbgail AA))) * card (DGBA.nodes (dbgail AA))"
       unfolding dbail_def using degen_nodes_card by simp
     also have "length (dgba.accepting (dbgail AA)) = length AA" unfolding dbgail_def by simp
     also have "card (DGBA.nodes (dbgail AA)) \<le> prod_list (map (card \<circ> DBA.nodes) AA)"
       using dbgail_nodes_card assms by this
     finally show ?thesis by simp
   qed
 
   lemma dbail_language[simp]: "DBA.language (dbail AA) = INTER (set AA) DBA.language"
     unfolding dbail_def using degen_language dbgail_language by auto
 
   definition dbau :: "('label, 'state\<^sub>1) dba \<Rightarrow> ('label, 'state\<^sub>2) dba \<Rightarrow>
     ('label, 'state\<^sub>1 \<times> 'state\<^sub>2) dba" where
     "dbau A B \<equiv> dba
       (dba.alphabet A \<union> dba.alphabet B)
       (dba.initial A, dba.initial B)
       (\<lambda> a (p, q). (dba.succ A a p, dba.succ B a q))
       (\<lambda> (p, q). dba.accepting A p \<or> dba.accepting B q)"
 
+  (* TODO: can these be extracted as more general theorems about sscan? *)
   lemma dbau_fst[iff]: "infs (P \<circ> fst) (dba.trace (dbau A B) w (p, q)) \<longleftrightarrow> infs P (dba.trace A w p)"
   proof -
     let ?t = "dba.trace (dbau A B) w (p, q)"
-    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by simp
+    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by (simp add: comp_def)
     also have "smap fst ?t = dba.trace A w p" unfolding dbau_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dbau_snd[iff]: "infs (P \<circ> snd) (dba.trace (dbau A B) w (p, q)) \<longleftrightarrow> infs P (dba.trace B w q)"
   proof -
     let ?t = "dba.trace (dbau A B) w (p, q)"
-    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by simp
+    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by (simp add: comp_def)
     also have "smap snd ?t = dba.trace B w q" unfolding dbau_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dbau_nodes_fst[intro]:
     assumes "dba.alphabet A = dba.alphabet B"
     shows "fst ` DBA.nodes (dbau A B) \<subseteq> DBA.nodes A"
   proof (rule subsetI, erule imageE)
     fix pq p
     assume "pq \<in> DBA.nodes (dbau A B)" "p = fst pq"
     then show "p \<in> DBA.nodes A" using assms unfolding dbau_def by (induct arbitrary: p) (auto)
   qed
   lemma dbau_nodes_snd[intro]:
     assumes "dba.alphabet A = dba.alphabet B"
     shows "snd ` DBA.nodes (dbau A B) \<subseteq> DBA.nodes B"
   proof (rule subsetI, erule imageE)
     fix pq q
     assume "pq \<in> DBA.nodes (dbau A B)" "q = snd pq"
     then show "q \<in> DBA.nodes B" using assms unfolding dbau_def by (induct arbitrary: q) (auto)
   qed
 
   lemma dbau_nodes_finite[intro]:
     assumes "dba.alphabet A = dba.alphabet B"
     assumes "finite (DBA.nodes A)" "finite (DBA.nodes B)"
     shows "finite (DBA.nodes (dbau A B))"
   proof (rule finite_subset)
     show "DBA.nodes (dbau A B) \<subseteq> DBA.nodes A \<times> DBA.nodes B"
       using dbau_nodes_fst[OF assms(1)] dbau_nodes_snd[OF assms(1)] unfolding image_subset_iff by force
     show "finite (DBA.nodes A \<times> DBA.nodes B)" using assms(2, 3) by simp
   qed
   lemma dbau_nodes_card[intro]:
     assumes "dba.alphabet A = dba.alphabet B"
     assumes "finite (DBA.nodes A)" "finite (DBA.nodes B)"
     shows "card (DBA.nodes (dbau A B)) \<le> card (DBA.nodes A) * card (DBA.nodes B)"
   proof -
     have "card (DBA.nodes (dbau A B)) \<le> card (DBA.nodes A \<times> DBA.nodes B)"
     proof (rule card_mono)
       show "finite (DBA.nodes A \<times> DBA.nodes B)" using assms(2, 3) by simp
       show "DBA.nodes (dbau A B) \<subseteq> DBA.nodes A \<times> DBA.nodes B"
         using dbau_nodes_fst[OF assms(1)] dbau_nodes_snd[OF assms(1)] unfolding image_subset_iff by force
     qed
     also have "\<dots> = card (DBA.nodes A) * card (DBA.nodes B)" using card_cartesian_product by this
     finally show ?thesis by this
   qed
 
   lemma dbau_language[simp]:
     assumes "dba.alphabet A = dba.alphabet B"
     shows "DBA.language (dbau A B) = DBA.language A \<union> DBA.language B"
   proof -
     have 1: "dba.alphabet (dbau A B) = dba.alphabet A \<union> dba.alphabet B" unfolding dbau_def by simp
     have 2: "dba.initial (dbau A B) = (dba.initial A, dba.initial B)" unfolding dbau_def by simp
     have 3: "dba.accepting (dbau A B) = (\<lambda> pq. (dba.accepting A \<circ> fst) pq \<or> (dba.accepting B \<circ> snd) pq)"
       unfolding dbau_def by auto
     have 4: "infs (dba.accepting (dbau A B)) (DBA.trace (dbau A B) w (p, q)) \<longleftrightarrow>
       infs (dba.accepting A) (DBA.trace A w p) \<or> infs (dba.accepting B) (DBA.trace B w q)" for w p q
       unfolding 3 by blast
     show ?thesis using assms unfolding DBA.language_def DBA.run_alt_def 1 2 4 by auto
   qed
 
   definition dbaul :: "('label, 'state) dba list \<Rightarrow> ('label, 'state list) dba" where
     "dbaul AA \<equiv> dba
       (UNION (set AA) dba.alphabet)
       (map dba.initial AA)
       (\<lambda> a pp. map2 (\<lambda> A p. dba.succ A a p) AA pp)
       (\<lambda> pp. \<exists> k < length AA. dba.accepting (AA ! k) (pp ! k))"
 
   lemma dbaul_trace_smap:
     assumes "length pp = length AA" "k < length AA"
     shows "smap (\<lambda> pp. pp ! k) (dba.trace (dbaul AA) w pp) = dba.trace (AA ! k) w (pp ! k)"
     using assms unfolding dbaul_def by (coinduction arbitrary: w pp) (force)
   lemma dbaul_nodes_length:
     assumes "pp \<in> DBA.nodes (dbaul AA)"
     shows "length pp = length AA"
     using assms unfolding dbaul_def by induct auto
   lemma dbaul_nodes[intro]:
     assumes "INTER (set AA) dba.alphabet = UNION (set AA) dba.alphabet"
     assumes "pp \<in> DBA.nodes (dbaul AA)" "k < length pp"
     shows "pp ! k \<in> DBA.nodes (AA ! k)"
     using assms(2, 3, 1) unfolding dbaul_def by induct force+
 
   lemma dbaul_nodes_finite[intro]:
     assumes "INTER (set AA) dba.alphabet = UNION (set AA) dba.alphabet"
     assumes "list_all (finite \<circ> DBA.nodes) AA"
     shows "finite (DBA.nodes (dbaul AA))"
   proof (rule finite_subset)
     show "DBA.nodes (dbaul AA) \<subseteq> listset (map DBA.nodes AA)"
       using assms(1) by (force simp: listset_member list_all2_conv_all_nth dbaul_nodes_length)
     have "finite (listset (map DBA.nodes AA)) \<longleftrightarrow> list_all finite (map DBA.nodes AA)"
       by (rule listset_finite) (auto simp: list_all_iff)
     then show "finite (listset (map DBA.nodes AA))" using assms(2) by (simp add: list.pred_map)
   qed
   lemma dbaul_nodes_card:
     assumes "INTER (set AA) dba.alphabet = UNION (set AA) dba.alphabet"
     assumes "list_all (finite \<circ> DBA.nodes) AA"
     shows "card (DBA.nodes (dbaul AA)) \<le> prod_list (map (card \<circ> DBA.nodes) AA)"
   proof -
     have "card (DBA.nodes (dbaul AA)) \<le> card (listset (map DBA.nodes AA))"
     proof (rule card_mono)
       have "finite (listset (map DBA.nodes AA)) \<longleftrightarrow> list_all finite (map DBA.nodes AA)"
         by (rule listset_finite) (auto simp: list_all_iff)
       then show "finite (listset (map DBA.nodes AA))" using assms(2) by (simp add: list.pred_map)
       show "DBA.nodes (dbaul AA) \<subseteq> listset (map DBA.nodes AA)"
         using assms(1) by (force simp: listset_member list_all2_conv_all_nth dbaul_nodes_length)
     qed
     also have "\<dots> = prod_list (map (card \<circ> DBA.nodes) AA)" by simp
     finally show ?thesis by this
   qed
 
   lemma dbaul_language[simp]:
     assumes "INTER (set AA) dba.alphabet = UNION (set AA) dba.alphabet"
     shows "DBA.language (dbaul AA) = UNION (set AA) DBA.language"
   proof safe
     fix w
     assume 1: "w \<in> DBA.language (dbaul AA)"
     obtain 2:
       "dba.run (dbaul AA) w (dba.initial (dbaul AA))"
       "infs (dba.accepting (dbaul AA)) (dba.trace (dbaul AA) w (dba.initial (dbaul AA)))"
       using 1 by rule
     obtain k where 3:
       "k < length AA"
       "infs (\<lambda> pp. dba.accepting (AA ! k) (pp ! k)) (dba.trace (dbaul AA) w (map dba.initial AA))"
       using 2(2) unfolding dbaul_def by auto
     show "w \<in> UNION (set AA) DBA.language"
     proof (intro UN_I DBA.language)
       show "AA ! k \<in> set AA" using 3(1) by simp
       show "dba.run (AA ! k) w (dba.initial (AA ! k))"
         using assms 2(1) 3(1) unfolding DBA.run_alt_def DGBA.run_alt_def dbaul_def by force
       have "True \<longleftrightarrow> infs (\<lambda> pp. dba.accepting (AA ! k) (pp ! k))
         (dba.trace (dbaul AA) w (map dba.initial AA))" using 3(2) by auto
       also have "\<dots> \<longleftrightarrow> infs (dba.accepting (AA ! k))
         (smap (\<lambda> pp. pp ! k) (dba.trace (dbaul AA) w (map dba.initial AA)))" by (simp add: comp_def)
       also have "smap (\<lambda> pp. pp ! k) (dba.trace (dbaul AA) w (map dba.initial AA)) =
         dba.trace (AA ! k) w (map dba.initial AA ! k)" using 3(1) by (fastforce intro: dbaul_trace_smap)
       also have "\<dots> = dba.trace (AA ! k) w (dba.initial (AA ! k))" using 3 by auto
       finally show "infs (dba.accepting (AA ! k)) (dba.trace (AA ! k) w (dba.initial (AA ! k)))" by simp
     qed
   next
     fix A w
     assume 1: "A \<in> set AA" "w \<in> DBA.language A"
     obtain 2: "dba.run A w (dba.initial A)" "infs (dba.accepting A) (dba.trace A w (dba.initial A))"
       using 1(2) by rule
     obtain k where 3: "A = AA ! k" "k < length AA" using 1(1) unfolding in_set_conv_nth by auto
     show "w \<in> DBA.language (dbaul AA)"
     proof
       show "dba.run (dbaul AA) w (dba.initial (dbaul AA))"
         using 1(1) 2(1) unfolding DBA.run_alt_def DGBA.run_alt_def dbaul_def by auto
       have "True \<longleftrightarrow> infs (dba.accepting (AA ! k)) (dba.trace (AA ! k) w (map dba.initial AA ! k))"
         using 2(2) 3 by auto
       also have "dba.trace (AA ! k) w (map dba.initial AA ! k) =
         smap (\<lambda> pp. pp ! k) (dba.trace (dbaul AA) w (map dba.initial AA))"
         using 3(2) by (fastforce intro: dbaul_trace_smap[symmetric])
       also have "infs (dba.accepting (AA ! k)) \<dots> \<longleftrightarrow> infs (\<lambda> pp. dba.accepting (AA ! k) (pp ! k))
         (dba.trace (dbaul AA) w (map dba.initial AA))" by (simp add: comp_def)
       finally show "infs (dba.accepting (dbaul AA)) (dba.trace (dbaul AA) w (dba.initial (dbaul AA)))"
         using 3(2) unfolding dbaul_def by auto
     qed
   qed
 
 end
\ No newline at end of file
diff --git a/thys/Transition_Systems_and_Automata/Automata/DCA/DCA_Combine.thy b/thys/Transition_Systems_and_Automata/Automata/DCA/DCA_Combine.thy
--- a/thys/Transition_Systems_and_Automata/Automata/DCA/DCA_Combine.thy
+++ b/thys/Transition_Systems_and_Automata/Automata/DCA/DCA_Combine.thy
@@ -1,298 +1,298 @@
 section \<open>Deterministic Co-Büchi Automata Combinations\<close>
 
 theory DCA_Combine
 imports "DCA" "DGCA"
 begin
 
   definition dcai :: "('label, 'state\<^sub>1) dca \<Rightarrow> ('label, 'state\<^sub>2) dca \<Rightarrow>
     ('label, 'state\<^sub>1 \<times> 'state\<^sub>2) dca" where
     "dcai A B \<equiv> dca
       (dca.alphabet A \<inter> dca.alphabet B)
       (dca.initial A, dca.initial B)
       (\<lambda> a (p, q). (dca.succ A a p, dca.succ B a q))
       (\<lambda> (p, q). dca.rejecting A p \<or> dca.rejecting B q)"
 
   lemma dcai_fst[iff]: "infs (P \<circ> fst) (dca.trace (dcai A B) w (p, q)) \<longleftrightarrow> infs P (dca.trace A w p)"
   proof -
     let ?t = "dca.trace (dcai A B) w (p, q)"
-    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by simp
+    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by (simp add: comp_def)
     also have "smap fst ?t = dca.trace A w p" unfolding dcai_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dcai_snd[iff]: "infs (P \<circ> snd) (dca.trace (dcai A B) w (p, q)) \<longleftrightarrow> infs P (dca.trace B w q)"
   proof -
     let ?t = "dca.trace (dcai A B) w (p, q)"
-    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by simp
+    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by (simp add: comp_def)
     also have "smap snd ?t = dca.trace B w q" unfolding dcai_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dcai_nodes_fst[intro]: "fst ` DCA.nodes (dcai A B) \<subseteq> DCA.nodes A"
   proof (rule subsetI, erule imageE)
     fix pq p
     assume "pq \<in> DCA.nodes (dcai A B)" "p = fst pq"
     then show "p \<in> DCA.nodes A" unfolding dcai_def by (induct arbitrary: p) (auto)
   qed
   lemma dcai_nodes_snd[intro]: "snd ` DCA.nodes (dcai A B) \<subseteq> DCA.nodes B"
   proof (rule subsetI, erule imageE)
     fix pq q
     assume "pq \<in> DCA.nodes (dcai A B)" "q = snd pq"
     then show "q \<in> DCA.nodes B" unfolding dcai_def by (induct arbitrary: q) (auto)
   qed
 
   lemma dcai_nodes_finite[intro]:
     assumes "finite (DCA.nodes A)" "finite (DCA.nodes B)"
     shows "finite (DCA.nodes (dcai A B))"
   proof (rule finite_subset)
     show "DCA.nodes (dcai A B) \<subseteq> DCA.nodes A \<times> DCA.nodes B"
       using dcai_nodes_fst dcai_nodes_snd unfolding image_subset_iff by force
     show "finite (DCA.nodes A \<times> DCA.nodes B)" using assms by simp
   qed
   lemma dcai_nodes_card[intro]:
     assumes "finite (DCA.nodes A)" "finite (DCA.nodes B)"
     shows "card (DCA.nodes (dcai A B)) \<le> card (DCA.nodes A) * card (DCA.nodes B)"
   proof -
     have "card (DCA.nodes (dcai A B)) \<le> card (DCA.nodes A \<times> DCA.nodes B)"
     proof (rule card_mono)
       show "finite (DCA.nodes A \<times> DCA.nodes B)" using assms by simp
       show "DCA.nodes (dcai A B) \<subseteq> DCA.nodes A \<times> DCA.nodes B"
         using dcai_nodes_fst dcai_nodes_snd unfolding image_subset_iff by force
     qed
     also have "\<dots> = card (DCA.nodes A) * card (DCA.nodes B)" using card_cartesian_product by this
     finally show ?thesis by this
   qed
 
   lemma dcai_language[simp]: "DCA.language (dcai A B) = DCA.language A \<inter> DCA.language B"
   proof -
     have 1: "dca.alphabet (dcai A B) = dca.alphabet A \<inter> dca.alphabet B" unfolding dcai_def by simp
     have 2: "dca.initial (dcai A B) = (dca.initial A, dca.initial B)" unfolding dcai_def by simp
     have 3: "dca.rejecting (dcai A B) = (\<lambda> pq. (dca.rejecting A \<circ> fst) pq \<or> (dca.rejecting B \<circ> snd) pq)"
       unfolding dcai_def by auto
     have 4: "infs (dca.rejecting (dcai A B)) (DCA.trace (dcai A B) w (p, q)) \<longleftrightarrow>
       infs (dca.rejecting A) (DCA.trace A w p) \<or> infs (dca.rejecting B) (DCA.trace B w q)" for w p q
       unfolding 3 by blast
     show ?thesis unfolding DCA.language_def DCA.run_alt_def 1 2 4 by auto
   qed
 
   definition dcail :: "('label, 'state) dca list \<Rightarrow> ('label, 'state list) dca" where
     "dcail AA \<equiv> dca
       (INTER (set AA) dca.alphabet)
       (map dca.initial AA)
       (\<lambda> a pp. map2 (\<lambda> A p. dca.succ A a p) AA pp)
       (\<lambda> pp. \<exists> k < length AA. dca.rejecting (AA ! k) (pp ! k))"
 
   lemma dcail_trace_smap:
     assumes "length pp = length AA" "k < length AA"
     shows "smap (\<lambda> pp. pp ! k) (dca.trace (dcail AA) w pp) = dca.trace (AA ! k) w (pp ! k)"
     using assms unfolding dcail_def by (coinduction arbitrary: w pp) (force)
   lemma dcail_nodes_length:
     assumes "pp \<in> DCA.nodes (dcail AA)"
     shows "length pp = length AA"
     using assms unfolding dcail_def by induct auto
   lemma dcail_nodes[intro]:
     assumes "pp \<in> DCA.nodes (dcail AA)" "k < length pp"
     shows "pp ! k \<in> DCA.nodes (AA ! k)"
     using assms unfolding dcail_def by induct auto
 
   lemma dcail_finite[intro]:
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "finite (DCA.nodes (dcail AA))"
   proof (rule finite_subset)
     show "DCA.nodes (dcail AA) \<subseteq> listset (map DCA.nodes AA)"
       by (force simp: listset_member list_all2_conv_all_nth dcail_nodes_length)
     have "finite (listset (map DCA.nodes AA)) \<longleftrightarrow> list_all finite (map DCA.nodes AA)"
       by (rule listset_finite) (auto simp: list_all_iff)
     then show "finite (listset (map DCA.nodes AA))" using assms by (simp add: list.pred_map)
   qed
   lemma dcail_nodes_card:
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "card (DCA.nodes (dcail AA)) \<le> prod_list (map (card \<circ> DCA.nodes) AA)"
   proof -
     have "card (DCA.nodes (dcail AA)) \<le> card (listset (map DCA.nodes AA))"
     proof (rule card_mono)
       have "finite (listset (map DCA.nodes AA)) \<longleftrightarrow> list_all finite (map DCA.nodes AA)"
         by (rule listset_finite) (auto simp: list_all_iff)
       then show "finite (listset (map DCA.nodes AA))" using assms by (simp add: list.pred_map)
       show "DCA.nodes (dcail AA) \<subseteq> listset (map DCA.nodes AA)"
         by (force simp: listset_member list_all2_conv_all_nth dcail_nodes_length)
     qed
     also have "\<dots> = prod_list (map (card \<circ> DCA.nodes) AA)" by simp
     finally show ?thesis by this
   qed
 
   lemma dcail_language[simp]: "DCA.language (dcail AA) = INTER (set AA) DCA.language"
   proof safe
     fix A w
     assume 1: "w \<in> DCA.language (dcail AA)" "A \<in> set AA"
     obtain 2:
       "dca.run (dcail AA) w (dca.initial (dcail AA))"
       "\<not> infs (dca.rejecting (dcail AA)) (dca.trace (dcail AA) w (dca.initial (dcail AA)))"
       using 1(1) by rule
     obtain k where 3: "A = AA ! k" "k < length AA" using 1(2) unfolding in_set_conv_nth by auto
     have 4: "\<not> infs (\<lambda> pp. dca.rejecting A (pp ! k)) (dca.trace (dcail AA) w (map dca.initial AA))"
       using 2(2) 3 unfolding dcail_def by auto
     show "w \<in> DCA.language A"
     proof
       show "dca.run A w (dca.initial A)"
         using 1(2) 2(1) unfolding DCA.run_alt_def dcail_def by auto
       have "True \<longleftrightarrow> \<not> infs (\<lambda> pp. dca.rejecting A (pp ! k)) (dca.trace (dcail AA) w (map dca.initial AA))"
         using 4 by simp
       also have "\<dots> \<longleftrightarrow> \<not> infs (dca.rejecting A) (smap (\<lambda> pp. pp ! k)
         (dca.trace (dcail AA) w (map dca.initial AA)))" by (simp add: comp_def)
       also have "smap (\<lambda> pp. pp ! k) (dca.trace (dcail AA) w (map dca.initial AA)) =
         dca.trace (AA ! k) w (map dca.initial AA ! k)" using 3(2) by (fastforce intro: dcail_trace_smap)
       also have "\<dots> = dca.trace A w (dca.initial A)" using 3 by auto
       finally show "\<not> infs (dca.rejecting A) (DCA.trace A w (dca.initial A))" by simp
     qed
   next
     fix w
     assume 1: "w \<in> INTER (set AA) DCA.language"
     have 2: "dca.run A w (dca.initial A)" "\<not> infs (dca.rejecting A) (dca.trace A w (dca.initial A))"
       if "A \<in> set AA" for A using 1 that by auto
     have 3: "\<not> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k)) (dca.trace (dcail AA) w (map dca.initial AA))"
       if "k < length AA" for k
     proof -
       have "True \<longleftrightarrow> \<not> infs (dca.rejecting (AA ! k)) (dca.trace (AA ! k) w (map dca.initial AA ! k))"
         using 2(2) that by auto
       also have "dca.trace (AA ! k) w (map dca.initial AA ! k) =
         smap (\<lambda> pp. pp ! k) (dca.trace (dcail AA) w (map dca.initial AA))"
         using that by (fastforce intro: dcail_trace_smap[symmetric])
       also have "infs (dca.rejecting (AA ! k)) \<dots> \<longleftrightarrow> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k))
         (dca.trace (dcail AA) w (map dca.initial AA))" by (simp add: comp_def)
       finally show ?thesis by simp
     qed
     show "w \<in> DCA.language (dcail AA)"
     proof
       show "dca.run (dcail AA) w (dca.initial (dcail AA))"
         using 2(1) unfolding DCA.run_alt_def dcail_def by auto
       show "\<not> infs (dca.rejecting (dcail AA)) (dca.trace (dcail AA) w (dca.initial (dcail AA)))"
         using 3 unfolding dcail_def by auto
     qed
   qed
 
   definition dcgaul :: "('label, 'state) dca list \<Rightarrow> ('label, 'state list) dgca" where
     "dcgaul AA \<equiv> dgca
       (UNION (set AA) dca.alphabet)
       (map dca.initial AA)
       (\<lambda> a pp. map2 (\<lambda> A p. dca.succ A a p) AA pp)
       (map (\<lambda> k pp. dca.rejecting (AA ! k) (pp ! k)) [0 ..< length AA])"
 
   lemma dcgaul_trace_smap:
     assumes "length pp = length AA" "k < length AA"
     shows "smap (\<lambda> pp. pp ! k) (dgca.trace (dcgaul AA) w pp) = dca.trace (AA ! k) w (pp ! k)"
     using assms unfolding dcgaul_def by (coinduction arbitrary: w pp) (force)
   lemma dcgaul_nodes_length:
     assumes "pp \<in> DGCA.nodes (dcgaul AA)"
     shows "length pp = length AA"
     using assms unfolding dcgaul_def by induct auto
   lemma dcgaul_nodes[intro]:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     assumes "pp \<in> DGCA.nodes (dcgaul AA)" "k < length pp"
     shows "pp ! k \<in> DCA.nodes (AA ! k)"
     using assms(2, 3, 1) unfolding dcgaul_def by induct force+
 
   lemma dcgaul_nodes_finite[intro]:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "finite (DGCA.nodes (dcgaul AA))"
   proof (rule finite_subset)
     show "DGCA.nodes (dcgaul AA) \<subseteq> listset (map DCA.nodes AA)"
       using assms(1) by (force simp: listset_member list_all2_conv_all_nth dcgaul_nodes_length)
     have "finite (listset (map DCA.nodes AA)) \<longleftrightarrow> list_all finite (map DCA.nodes AA)"
       by (rule listset_finite) (auto simp: list_all_iff)
     then show "finite (listset (map DCA.nodes AA))" using assms(2) by (simp add: list.pred_map)
   qed
   lemma dcgaul_nodes_card:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "card (DGCA.nodes (dcgaul AA)) \<le> prod_list (map (card \<circ> DCA.nodes) AA)"
   proof -
     have "card (DGCA.nodes (dcgaul AA)) \<le> card (listset (map DCA.nodes AA))"
     proof (rule card_mono)
       have "finite (listset (map DCA.nodes AA)) \<longleftrightarrow> list_all finite (map DCA.nodes AA)"
         by (rule listset_finite) (auto simp: list_all_iff)
       then show "finite (listset (map DCA.nodes AA))" using assms(2) by (simp add: list.pred_map)
       show "DGCA.nodes (dcgaul AA) \<subseteq> listset (map DCA.nodes AA)"
         using assms(1) by (force simp: listset_member list_all2_conv_all_nth dcgaul_nodes_length)
     qed
     also have "\<dots> = prod_list (map (card \<circ> DCA.nodes) AA)" by simp
     finally show ?thesis by this
   qed
 
   lemma dcgaul_language[simp]:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     shows "DGCA.language (dcgaul AA) = UNION (set AA) DCA.language"
   proof safe
     fix w
     assume 1: "w \<in> DGCA.language (dcgaul AA)"
     obtain k where 2:
       "dgca.run (dcgaul AA) w (dgca.initial (dcgaul AA))"
       "k < length AA"
       "\<not> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k)) (dgca.trace (dcgaul AA) w (dgca.initial (dcgaul AA)))"
       using 1 unfolding dcgaul_def by force
     show "w \<in> UNION (set AA) DCA.language"
     proof (intro UN_I DCA.language)
       show "AA ! k \<in> set AA" using 2(2) by simp
       show "dca.run (AA ! k) w (dca.initial (AA ! k))"
         using assms 2(1, 2) unfolding DCA.run_alt_def DGCA.run_alt_def dcgaul_def by force
       have "True \<longleftrightarrow> \<not> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k))
         (dgca.trace (dcgaul AA) w (map dca.initial AA))" using 2(3) unfolding dcgaul_def by auto
       also have "\<dots> \<longleftrightarrow> \<not> infs (dca.rejecting (AA ! k))
         (smap (\<lambda> pp. pp ! k) (dgca.trace (dcgaul AA) w (map dca.initial AA)))" by (simp add: comp_def)
       also have "smap (\<lambda> pp. pp ! k) (dgca.trace (dcgaul AA) w (map dca.initial AA)) =
         dca.trace (AA ! k) w (map dca.initial AA ! k)" using 2(2) by (fastforce intro: dcgaul_trace_smap)
       also have "\<dots> = dca.trace (AA ! k) w (dca.initial (AA ! k))" using 2(2) by auto
       finally show "\<not> infs (dca.rejecting (AA ! k)) (dca.trace (AA ! k) w (dca.initial (AA ! k)))" by simp
     qed
   next
     fix A w
     assume 1: "A \<in> set AA" "w \<in> DCA.language A"
     obtain 2: "dca.run A w (dca.initial A)" "\<not> infs (dca.rejecting A) (dca.trace A w (dca.initial A))"
       using 1(2) by rule
     obtain k where 3: "A = AA ! k" "k < length AA" using 1(1) unfolding in_set_conv_nth by auto
     show "w \<in> DGCA.language (dcgaul AA)"
     proof (intro DGCA.language bexI cogen)
       show "dgca.run (dcgaul AA) w (dgca.initial (dcgaul AA))"
         using 1(1) 2(1) unfolding DCA.run_alt_def DGCA.run_alt_def dcgaul_def by auto
       have "True \<longleftrightarrow> \<not> infs (dca.rejecting (AA ! k)) (dca.trace (AA ! k) w (map dca.initial AA ! k))"
         using 2(2) 3 by auto
       also have "dca.trace (AA ! k) w (map dca.initial AA ! k) =
         smap (\<lambda> pp. pp ! k) (dgca.trace (dcgaul AA) w (map dca.initial AA))"
         using 3(2) by (fastforce intro: dcgaul_trace_smap[symmetric])
       also have "\<not> infs (dca.rejecting (AA ! k)) \<dots> \<longleftrightarrow> \<not> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k))
         (dgca.trace (dcgaul AA) w (map dca.initial AA))" by (simp add: comp_def)
       also have "map dca.initial AA = dgca.initial (dcgaul AA)" unfolding dcgaul_def by simp
       finally show "\<not> infs (\<lambda> pp. dca.rejecting (AA ! k) (pp ! k)) (dgca.trace (dcgaul AA) w (dgca.initial (dcgaul AA)))"
         by simp
       show "(\<lambda> pp. dca.rejecting (AA ! k) (pp ! k)) \<in> set (dgca.rejecting (dcgaul AA))"
         unfolding dcgaul_def using 3(2) by simp
     qed
   qed
 
   definition dcaul :: "('label, 'state) dca list \<Rightarrow> ('label, 'state list degen) dca" where
     "dcaul = degen \<circ> dcgaul"
 
   lemma dcaul_nodes_finite[intro]:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "finite (DCA.nodes (dcaul AA))"
     using dcgaul_nodes_finite assms unfolding dcaul_def by auto
   lemma dcaul_nodes_card:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     assumes "list_all (finite \<circ> DCA.nodes) AA"
     shows "card (DCA.nodes (dcaul AA)) \<le> max 1 (length AA) * prod_list (map (card \<circ> DCA.nodes) AA)"
   proof -
     have "card (DCA.nodes (dcaul AA)) \<le>
       max 1 (length (dgca.rejecting (dcgaul AA))) * card (DGCA.nodes (dcgaul AA))"
       unfolding dcaul_def using degen_nodes_card by simp
     also have "length (dgca.rejecting (dcgaul AA)) = length AA" unfolding dcgaul_def by simp
     also have "card (DGCA.nodes (dcgaul AA)) \<le> prod_list (map (card \<circ> DCA.nodes) AA)"
       using dcgaul_nodes_card assms by this
     finally show ?thesis by simp
   qed
 
   lemma dcaul_language[simp]:
     assumes "INTER (set AA) dca.alphabet = UNION (set AA) dca.alphabet"
     shows "DCA.language (dcaul AA) = UNION (set AA) DCA.language"
     unfolding dcaul_def using degen_language dcgaul_language[OF assms] by auto
 
 end
\ No newline at end of file
diff --git a/thys/Transition_Systems_and_Automata/Automata/DRA/DRA_Combine.thy b/thys/Transition_Systems_and_Automata/Automata/DRA/DRA_Combine.thy
--- a/thys/Transition_Systems_and_Automata/Automata/DRA/DRA_Combine.thy
+++ b/thys/Transition_Systems_and_Automata/Automata/DRA/DRA_Combine.thy
@@ -1,223 +1,223 @@
 section \<open>Deterministic Rabin Automata Combinations\<close>
 
 theory DRA_Combine
 imports "DRA" "../DBA/DBA" "../DCA/DCA"
 begin
 
   definition from_dba :: "('label, 'state) dba \<Rightarrow> ('label, 'state) dra" where
     "from_dba A \<equiv> dra (dba.alphabet A) (dba.initial A) (dba.succ A) [(dba.accepting A, bot)]"
 
   lemma from_dba_language[simp]: "DRA.language (from_dba A) = DBA.language A"
     unfolding DBA.language_def DRA.language_def from_dba_def DBA.run_def DRA.run_def by (auto 0 3)
 
   definition from_dca :: "('label, 'state) dca \<Rightarrow> ('label, 'state) dra" where
     "from_dca A \<equiv> dra (dca.alphabet A) (dca.initial A) (dca.succ A) [(top, dca.rejecting A)]"
 
   lemma from_dca_language[simp]: "DRA.language (from_dca A) = DCA.language A"
     unfolding DCA.language_def DRA.language_def from_dca_def DCA.run_def DRA.run_def by (auto 0 3)
 
   definition dbcrai :: "('label, 'state\<^sub>1) dba \<Rightarrow> ('label, 'state\<^sub>2) dca \<Rightarrow> ('label, 'state\<^sub>1 \<times> 'state\<^sub>2) dra" where
     "dbcrai A B \<equiv> dra
       (dba.alphabet A \<inter> dca.alphabet B)
       (dba.initial A, dca.initial B)
       (\<lambda> a (p, q). (dba.succ A a p, dca.succ B a q))
       [(dba.accepting A \<circ> fst, dca.rejecting B \<circ> snd)]"
 
   lemma dbcrai_fst[iff]: "infs (P \<circ> fst) (dra.trace (dbcrai A B) w (p, q)) \<longleftrightarrow> infs P (dba.trace A w p)"
   proof -
     let ?t = "dra.trace (dbcrai A B) w (p, q)"
-    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by simp
+    have "infs (P \<circ> fst) ?t \<longleftrightarrow> infs P (smap fst ?t)" by (simp add: comp_def)
     also have "smap fst ?t = dba.trace A w p" unfolding dbcrai_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dbcrai_snd[iff]: "infs (P \<circ> snd) (dra.trace (dbcrai A B) w (p, q)) \<longleftrightarrow> infs P (dca.trace B w q)"
   proof -
     let ?t = "dra.trace (dbcrai A B) w (p, q)"
-    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by simp
+    have "infs (P \<circ> snd) ?t \<longleftrightarrow> infs P (smap snd ?t)" by (simp add: comp_def)
     also have "smap snd ?t = dca.trace B w q" unfolding dbcrai_def by (coinduction arbitrary: w p q) (auto)
     finally show ?thesis by this
   qed
   lemma dbcrai_nodes_fst[intro]: "fst ` DRA.nodes (dbcrai A B) \<subseteq> DBA.nodes A"
   proof (rule subsetI, erule imageE)
     fix pq p
     assume "pq \<in> DRA.nodes (dbcrai A B)" "p = fst pq"
     then show "p \<in> DBA.nodes A" unfolding dbcrai_def by (induct arbitrary: p) (auto)
   qed
   lemma dbcrai_nodes_snd[intro]: "snd ` DRA.nodes (dbcrai A B) \<subseteq> DCA.nodes B"
   proof (rule subsetI, erule imageE)
     fix pq q
     assume "pq \<in> DRA.nodes (dbcrai A B)" "q = snd pq"
     then show "q \<in> DCA.nodes B" unfolding dbcrai_def by (induct arbitrary: q) (auto)
   qed
 
   lemma dbcrai_nodes_finite[intro]:
     assumes "finite (DBA.nodes A)" "finite (DCA.nodes B)"
     shows "finite (DRA.nodes (dbcrai A B))"
   proof (rule finite_subset)
     show "DRA.nodes (dbcrai A B) \<subseteq> DBA.nodes A \<times> DCA.nodes B"
       using dbcrai_nodes_fst dbcrai_nodes_snd unfolding image_subset_iff by force
     show "finite (DBA.nodes A \<times> DCA.nodes B)" using assms by simp
   qed
   lemma dbcrai_nodes_card[intro]:
     assumes "finite (DBA.nodes A)" "finite (DCA.nodes B)"
     shows "card (DRA.nodes (dbcrai A B)) \<le> card (DBA.nodes A) * card (DCA.nodes B)"
   proof -
     have "card (DRA.nodes (dbcrai A B)) \<le> card (DBA.nodes A \<times> DCA.nodes B)"
     proof (rule card_mono)
       show "finite (DBA.nodes A \<times> DCA.nodes B)" using assms by simp
       show "DRA.nodes (dbcrai A B) \<subseteq> DBA.nodes A \<times> DCA.nodes B"
         using dbcrai_nodes_fst dbcrai_nodes_snd unfolding image_subset_iff by force
     qed
     also have "\<dots> = card (DBA.nodes A) * card (DCA.nodes B)" using card_cartesian_product by this
     finally show ?thesis by this
   qed
 
   lemma dbcrai_language[simp]: "DRA.language (dbcrai A B) = DBA.language A \<inter> DCA.language B"
   proof -
     have 1: "dra.alphabet (dbcrai A B) = dba.alphabet A \<inter> dca.alphabet B" unfolding dbcrai_def by simp
     have 2: "dra.initial (dbcrai A B) = (dba.initial A, dca.initial B)" unfolding dbcrai_def by simp
     have 3: "dra.accepting (dbcrai A B) = [(dba.accepting A \<circ> fst, dca.rejecting B \<circ> snd)]"
       unfolding dbcrai_def by simp
     have 4: "cogen rabin (dra.accepting (dbcrai A B)) (DRA.trace (dbcrai A B) w (p, q)) \<longleftrightarrow>
       infs (dba.accepting A) (DBA.trace A w p) \<and> fins (rejecting B) (DCA.trace B w q)" for w p q
       unfolding cogen_def rabin_def 3 by simp
     show ?thesis
       unfolding DRA.language_def DBA.language_def DCA.language_def
       unfolding DRA.run_alt_def DBA.run_alt_def DCA.run_alt_def
       unfolding 1 2 4 by auto
   qed
 
   abbreviation (input) "get k pp \<equiv> pp ! k"
 
   definition draul :: "('label, 'state) dra list \<Rightarrow> ('label, 'state list) dra" where
     "draul AA \<equiv> dra
       (UNION (set AA) dra.alphabet)
       (map dra.initial AA)
       (\<lambda> a pp. map2 (\<lambda> A p. dra.succ A a p) AA pp)
       (do { k \<leftarrow> [0 ..< length AA]; (f, g) \<leftarrow> dra.accepting (AA ! k); [(f \<circ> get k, g \<circ> get k)] })"
 
   lemma draul_get:
     assumes "length pp = length AA" "k < length AA"
     shows "infs (P \<circ> get k) (dra.trace (draul AA) w pp) \<longleftrightarrow>
       infs P (dra.trace (AA ! k) w (pp ! k))"
   proof -
     have "infs (P \<circ> get k) (dra.trace (draul AA) w pp) \<longleftrightarrow>
-      infs P (smap (get k) (dra.trace (draul AA) w pp))" by simp
+      infs P (smap (get k) (dra.trace (draul AA) w pp))" by (simp add: comp_def)
     also have "smap (get k) (dra.trace (draul AA) w pp) = dra.trace (AA ! k) w (pp ! k)"
       using assms unfolding draul_def by (coinduction arbitrary: w pp) (force)
     finally show ?thesis by this
   qed
   lemma draul_nodes_length:
     assumes "pp \<in> DRA.nodes (draul AA)"
     shows "length pp = length AA"
     using assms unfolding draul_def by induct auto
   lemma draul_nodes[intro]:
     assumes "INTER (set AA) dra.alphabet = UNION (set AA) dra.alphabet"
     assumes "pp \<in> DRA.nodes (draul AA)" "k < length pp"
     shows "pp ! k \<in> DRA.nodes (AA ! k)"
     using assms(2, 3, 1) unfolding draul_def by induct force+
 
   lemma draul_nodes_finite[intro]:
     assumes "INTER (set AA) dra.alphabet = UNION (set AA) dra.alphabet"
     assumes "list_all (finite \<circ> DRA.nodes) AA"
     shows "finite (DRA.nodes (draul AA))"
   proof (rule finite_subset)
     show "DRA.nodes (draul AA) \<subseteq> listset (map DRA.nodes AA)"
       using assms(1) by (force simp: listset_member list_all2_conv_all_nth draul_nodes_length)
     have "finite (listset (map DRA.nodes AA)) \<longleftrightarrow> list_all finite (map DRA.nodes AA)"
       by (rule listset_finite) (auto simp: list_all_iff)
     then show "finite (listset (map DRA.nodes AA))" using assms(2) by (simp add: list.pred_map)
   qed
   lemma draul_nodes_card:
     assumes "INTER (set AA) dra.alphabet = UNION (set AA) dra.alphabet"
     assumes "list_all (finite \<circ> DRA.nodes) AA"
     shows "card (DRA.nodes (draul AA)) \<le> prod_list (map (card \<circ> DRA.nodes) AA)"
   proof -
     have "card (DRA.nodes (draul AA)) \<le> card (listset (map DRA.nodes AA))"
     proof (rule card_mono)
       have "finite (listset (map DRA.nodes AA)) \<longleftrightarrow> list_all finite (map DRA.nodes AA)"
         by (rule listset_finite) (auto simp: list_all_iff)
       then show "finite (listset (map DRA.nodes AA))" using assms(2) by (simp add: list.pred_map)
       show "DRA.nodes (draul AA) \<subseteq> listset (map DRA.nodes AA)"
         using assms(1) by (force simp: listset_member list_all2_conv_all_nth draul_nodes_length)
     qed
     also have "\<dots> = prod_list (map (card \<circ> DRA.nodes) AA)" by simp
     finally show ?thesis by this
   qed
 
   lemma draul_language[simp]:
     assumes "INTER (set AA) dra.alphabet = UNION (set AA) dra.alphabet"
     shows "DRA.language (draul AA) = UNION (set AA) DRA.language"
   proof safe
     fix w
     assume 1: "w \<in> DRA.language (draul AA)"
     obtain 2:
       "dra.run (draul AA) w (dra.initial (draul AA))"
       "cogen rabin (dra.accepting (draul AA)) (dra.trace (draul AA) w (dra.initial (draul AA)))"
       using 1 by rule
     obtain I F where 3:
       "(I, F) \<in> set (dra.accepting (draul AA))"
       "infs I (dra.trace (draul AA) w (dra.initial (draul AA)))"
       "fins F (dra.trace (draul AA) w (dra.initial (draul AA)))"
       using 2(2) by blast
     obtain k P Q where 4:
       "k < length AA" "I = P \<circ> get k" "F = Q \<circ> get k" "(P, Q) \<in> set (dra.accepting (AA ! k))"
       using 3(1) unfolding draul_def List.bind_def by (auto simp: comp_def)
     show "w \<in> UNION (set AA) DRA.language"
     proof (intro UN_I DRA.language cogen rabin)
       show "AA ! k \<in> set AA" using 4(1) by auto
       show "DRA.run (AA ! k) w (dra.initial (AA ! k))"
         using assms 2(1) 4(1) unfolding DRA.run_alt_def draul_def by force
       show "(P, Q) \<in> set (dra.accepting (AA ! k))" using 4(4) by this
       show "(P, Q) = (P, Q)" by rule
       have "True \<longleftrightarrow> infs (P \<circ> get k) (dra.trace (draul AA) w (map dra.initial AA))"
         using 3(2) unfolding draul_def 4(2) by simp
       also have "\<dots> \<longleftrightarrow> infs P (dra.trace (AA ! k) w (map dra.initial AA ! k))"
         using 4(1) by (force intro!: draul_get)
       also have "map dra.initial AA ! k = dra.initial (AA ! k)" using 4(1) by simp
       finally show "infs P (dra.trace (AA ! k) w (dra.initial (AA ! k)))" by simp
       have "False \<longleftrightarrow> infs (Q \<circ> get k) (dra.trace (draul AA) w (map dra.initial AA))"
         using 3(3) unfolding draul_def 4(3) by simp
       also have "\<dots> \<longleftrightarrow> infs Q (dra.trace (AA ! k) w (map dra.initial AA ! k))"
         using 4(1) by (force intro!: draul_get)
       also have "map dra.initial AA ! k = dra.initial (AA ! k)" using 4(1) by simp
       finally show "fins Q (dra.trace (AA ! k) w (dra.initial (AA ! k)))" by simp
     qed
   next
     fix A w
     assume 1: "A \<in> set AA" "w \<in> DRA.language A"
     obtain 2:
       "dra.run A w (dra.initial A)"
       "cogen rabin (dra.accepting A) (dra.trace A w (dra.initial A))"
       using 1(2) by rule
     obtain I F where 3:
       "(I, F) \<in> set (dra.accepting A)"
       "infs I (dra.trace A w (dra.initial A))"
       "fins F (dra.trace A w (dra.initial A))"
       using 2(2) by blast
     obtain k where 4: "A = AA ! k" "k < length AA" using 1(1) unfolding in_set_conv_nth by auto
     show "w \<in> DRA.language (draul AA)"
     proof (intro DRA.language cogen rabin)
       show "dra.run (draul AA) w (dra.initial (draul AA))"
         using 1(1) 2(1) unfolding DRA.run_alt_def draul_def by auto
       show "(I \<circ> get k, F \<circ> get k) \<in> set (dra.accepting (draul AA))"
         unfolding draul_def List.bind_def using 3(1) 4 by (force simp: comp_def)
       show "(I \<circ> get k, F \<circ> get k) = (I \<circ> get k, F \<circ> get k)" by rule
       have "infs (I \<circ> get k) (dra.trace (draul AA) w (dra.initial (draul AA))) \<longleftrightarrow>
         infs (I \<circ> get k) (dra.trace (draul AA) w (map dra.initial AA))"
         unfolding draul_def by simp
       also have "\<dots> \<longleftrightarrow> infs I (dra.trace (AA ! k) w (map dra.initial AA ! k))"
         using 4(2) by (force intro!: draul_get)
       also have "\<dots> \<longleftrightarrow> True" using 3(2) 4 by simp
       finally show "infs (I \<circ> get k) (dra.trace (draul AA) w (dra.initial (draul AA)))" by simp
       have "infs (F \<circ> get k) (dra.trace (draul AA) w (dra.initial (draul AA))) \<longleftrightarrow>
         infs (F \<circ> get k) (dra.trace (draul AA) w (map dra.initial AA))"
         unfolding draul_def by simp
       also have "\<dots> \<longleftrightarrow> infs F (dra.trace (AA ! k) w (map dra.initial AA ! k))"
         using 4(2) by (force intro!: draul_get)
       also have "\<dots> \<longleftrightarrow> False" using 3(3) 4 by simp
       finally show "fins (F \<circ> get k) (dra.trace (draul AA) w (dra.initial (draul AA)))" by simp
     qed
   qed
 
 end
\ No newline at end of file
diff --git a/thys/Transition_Systems_and_Automata/Basic/Acceptance.thy b/thys/Transition_Systems_and_Automata/Basic/Acceptance.thy
--- a/thys/Transition_Systems_and_Automata/Basic/Acceptance.thy
+++ b/thys/Transition_Systems_and_Automata/Basic/Acceptance.thy
@@ -1,48 +1,51 @@
 theory Acceptance
-imports "Sequence_LTL"
+imports Sequence_LTL
 begin
 
   type_synonym 'a pred = "'a \<Rightarrow> bool"
   type_synonym 'a rabin = "'a pred \<times> 'a pred"
   type_synonym 'a gen = "'a list"
+  (* TODO: move to degeneralization theory *)
   type_synonym 'a degen = "'a \<times> nat"
 
   definition rabin :: "'a rabin \<Rightarrow> 'a stream pred" where
     "rabin \<equiv> \<lambda> (I, F) w. infs I w \<and> fins F w"
 
   lemma rabin[intro]:
     assumes "IF = (I, F)" "infs I w" "fins F w"
     shows "rabin IF w"
     using assms unfolding rabin_def by auto
   lemma rabin_elim[elim]:
     assumes "rabin IF w"
     obtains I F
     where "IF = (I, F)" "infs I w" "fins F w"
     using assms unfolding rabin_def by auto
 
   definition gen :: "('a \<Rightarrow> 'b pred) \<Rightarrow> ('a gen \<Rightarrow> 'b pred)" where
-    "gen P xs w \<equiv> \<forall> x \<in> set xs. P x w"
+    "gen P cs w \<equiv> \<forall> c \<in> set cs. P c w"
 
   lemma gen[intro]:
-    assumes "\<And> x. x \<in> set xs \<Longrightarrow> P x w"
-    shows "gen P xs w"
+    assumes "\<And> c. c \<in> set cs \<Longrightarrow> P c w"
+    shows "gen P cs w"
     using assms unfolding gen_def by auto
   lemma gen_elim[elim]:
-    assumes "gen P xs w"
-    obtains "\<And> x. x \<in> set xs \<Longrightarrow> P x w"
+    assumes "gen P cs w"
+    obtains "\<And> c. c \<in> set cs \<Longrightarrow> P c w"
     using assms unfolding gen_def by auto
 
   definition cogen :: "('a \<Rightarrow> 'b pred) \<Rightarrow> ('a gen \<Rightarrow> 'b pred)" where
-    "cogen P xs w \<equiv> \<exists> x \<in> set xs. P x w"
+    "cogen P cs w \<equiv> \<exists> c \<in> set cs. P c w"
 
   lemma cogen[intro]:
-    assumes "x \<in> set xs" "P x w"
-    shows "cogen P xs w"
+    assumes "c \<in> set cs" "P c w"
+    shows "cogen P cs w"
     using assms unfolding cogen_def by auto
   lemma cogen_elim[elim]:
-    assumes "cogen P xs w"
-    obtains x
-    where "x \<in> set xs" "P x w"
+    assumes "cogen P cs w"
+    obtains c
+    where "c \<in> set cs" "P c w"
     using assms unfolding cogen_def by auto
 
+  lemma cogen_alt_def: "cogen P cs w \<longleftrightarrow> \<not> gen (\<lambda> c w. Not (P c w)) cs w" by auto
+
 end
\ No newline at end of file
diff --git a/thys/Transition_Systems_and_Automata/Basic/Basic.thy b/thys/Transition_Systems_and_Automata/Basic/Basic.thy
--- a/thys/Transition_Systems_and_Automata/Basic/Basic.thy
+++ b/thys/Transition_Systems_and_Automata/Basic/Basic.thy
@@ -1,32 +1,31 @@
 section \<open>Basics\<close>
 
 theory Basic
 imports Main
 begin
 
   subsection \<open>Miscellaneous\<close>
 
   abbreviation (input) "const x \<equiv> \<lambda> _. x"
 
   lemmas [simp] = map_prod.id map_prod.comp[symmetric]
   lemma prod_UNIV[iff]: "A \<times> B = UNIV \<longleftrightarrow> A = UNIV \<and> B = UNIV" by auto
 
   lemma infinite_subset[trans]: "infinite A \<Longrightarrow> A \<subseteq> B \<Longrightarrow> infinite B" using infinite_super by this
   lemma finite_subset[trans]: "A \<subseteq> B \<Longrightarrow> finite B \<Longrightarrow> finite A" using finite_subset by this
 
   declare infinite_coinduct[case_names infinite, coinduct pred: infinite]
   lemma infinite_psubset_coinduct[case_names infinite, consumes 1]:
     assumes "R A"
     assumes "\<And> A. R A \<Longrightarrow> \<exists> B \<subset> A. R B"
     shows "infinite A"
   proof
-    assume "finite A"
-    then show "False" using assms by (induct rule: finite_psubset_induct) (auto)
+    show "False" if "finite A" using that assms by (induct rule: finite_psubset_induct) (auto)
   qed
 
   (* TODO: why are there two copies of this theorem? *)
   thm inj_on_subset subset_inj_on
 
   lemma inj_inj_on[dest]: "inj f \<Longrightarrow> inj_on f S" using inj_on_subset by auto
 
 end
diff --git a/thys/Transition_Systems_and_Automata/Basic/Sequence.thy b/thys/Transition_Systems_and_Automata/Basic/Sequence.thy
--- a/thys/Transition_Systems_and_Automata/Basic/Sequence.thy
+++ b/thys/Transition_Systems_and_Automata/Basic/Sequence.thy
@@ -1,433 +1,436 @@
 section \<open>Finite and Infinite Sequences\<close>
 
 theory Sequence
 imports
   "Basic"
   "HOL-Library.Stream"
   "HOL-Library.Monad_Syntax"
 begin
 
   subsection \<open>List Basics\<close>
 
   declare upt_Suc[simp del]
   declare last.simps[simp del]
   declare butlast.simps[simp del]
   declare Cons_nth_drop_Suc[simp]
   declare list.pred_True[simp]
 
   lemma list_pred_cases:
     assumes "list_all P xs"
     obtains (nil) "xs = []" | (cons) y ys where "xs = y # ys" "P y" "list_all P ys"
     using assms by (cases xs) (auto)
 
   lemma lists_iff_set: "w \<in> lists A \<longleftrightarrow> set w \<subseteq> A" by auto
 
   lemma fold_const: "fold const xs a = last (a # xs)"
     by (induct xs arbitrary: a) (auto simp: last.simps)
 
   lemma take_Suc: "take (Suc n) xs = (if xs = [] then [] else hd xs # take n (tl xs))"
     by (simp add: take_Suc)
 
   lemma bind_map[simp]: "map f xs \<bind> g = xs \<bind> g \<circ> f" unfolding List.bind_def by simp
 
   lemma listset_member: "ys \<in> listset XS \<longleftrightarrow> list_all2 (\<in>) ys XS"
     by (induct XS arbitrary: ys) (auto simp: set_Cons_def list_all2_Cons2)
   lemma listset_empty[iff]: "listset XS = {} \<longleftrightarrow> \<not> list_all (\<lambda> A. A \<noteq> {}) XS"
     by (induct XS) (auto simp: set_Cons_def)
   lemma listset_finite[iff]:
     assumes "list_all (\<lambda> A. A \<noteq> {}) XS"
     shows "finite (listset XS) \<longleftrightarrow> list_all finite XS"
   using assms
   proof (induct XS)
     case Nil
     show ?case by simp
   next
     case (Cons A XS)
     note [simp] = finite_image_iff finite_cartesian_product_iff
     have "listset (A # XS) = case_prod Cons ` (A \<times> listset XS)" by (auto simp: set_Cons_def)
     also have "finite \<dots> \<longleftrightarrow> finite (A \<times> listset XS)" by (simp add: inj_on_def)
     also have "\<dots> \<longleftrightarrow> finite A \<and> finite (listset XS)" using Cons(2) by simp
     also have "finite (listset XS) \<longleftrightarrow> list_all finite XS" using Cons by simp
     also have "finite A \<and> \<dots> \<longleftrightarrow> list_all finite (A # XS)" by simp
     finally show ?case by this
   qed
   lemma listset_card[simp]: "card (listset XS) = prod_list (map card XS)"
   proof (induct XS)
     case Nil
     show ?case by simp
   next
     case (Cons A XS)
     have 1: "inj (case_prod Cons)" unfolding inj_def by simp
     have "listset (A # XS) = case_prod Cons ` (A \<times> listset XS)" by (auto simp: set_Cons_def)
     also have "card \<dots> = card (A \<times> listset XS)" using card_image 1 by auto
     also have "\<dots> = card A * card (listset XS)" using card_cartesian_product by this
     also have "card (listset XS) = prod_list (map card XS)" using Cons by this
     also have "card A * \<dots> = prod_list (map card (A # XS))" by simp
     finally show ?case by this
   qed
 
   subsection \<open>Stream Basics\<close>
 
   declare stream.map_id[simp]
   declare stream.set_map[simp]
   declare stream.set_sel(1)[intro!, simp]
   declare stream.pred_True[simp]
   declare stream.pred_map[iff]
   declare stream.rel_map[iff]
   declare shift_simps[simp del]
   declare stake_sdrop[simp]
   declare stake_siterate[simp del]
   declare sdrop_snth[simp]
 
   lemma stream_pred_cases:
     assumes "pred_stream P xs"
     obtains (scons) y ys where "xs = y ## ys" "P y" "pred_stream P ys"
     using assms by (cases xs) (auto)
 
   lemma stream_rel_coinduct[case_names stream_rel, coinduct pred: stream_all2]:
     assumes "R u v"
     assumes "\<And> a u b v. R (a ## u) (b ## v) \<Longrightarrow> P a b \<and> R u v"
     shows "stream_all2 P u v"
     using assms by (coinduct) (metis stream.collapse)
   lemma stream_rel_coinduct_shift[case_names stream_rel, consumes 1]:
     assumes "R u v"
     assumes "\<And> u v. R u v \<Longrightarrow>
       \<exists> u\<^sub>1 u\<^sub>2 v\<^sub>1 v\<^sub>2. u = u\<^sub>1 @- u\<^sub>2 \<and> v = v\<^sub>1 @- v\<^sub>2 \<and> u\<^sub>1 \<noteq> [] \<and> v\<^sub>1 \<noteq> [] \<and> list_all2 P u\<^sub>1 v\<^sub>1 \<and> R u\<^sub>2 v\<^sub>2"
     shows "stream_all2 P u v"
   proof -
     have "\<exists> u\<^sub>1 u\<^sub>2 v\<^sub>1 v\<^sub>2. u = u\<^sub>1 @- u\<^sub>2 \<and> v = v\<^sub>1 @- v\<^sub>2 \<and> list_all2 P u\<^sub>1 v\<^sub>1 \<and> R u\<^sub>2 v\<^sub>2"
       using assms(1) by force
     then show ?thesis using assms(2) by (coinduct) (force elim: list.rel_cases)
   qed
 
   lemma stream_pred_coinduct[case_names stream_pred, coinduct pred: pred_stream]:
     assumes "R w"
     assumes "\<And> a w. R (a ## w) \<Longrightarrow> P a \<and> R w"
     shows "pred_stream P w"
     using assms unfolding stream.pred_rel eq_onp_def by (coinduction arbitrary: w) (auto)
   lemma stream_pred_coinduct_shift[case_names stream_pred, consumes 1]:
     assumes "R w"
     assumes "\<And> w. R w \<Longrightarrow> \<exists> u v. w = u @- v \<and> u \<noteq> [] \<and> list_all P u \<and> R v"
     shows "pred_stream P w"
   proof -
     have "\<exists> u v. w = u @- v \<and> list_all P u \<and> R v"
       using assms(1) by (metis list_all_simps(2) shift.simps(1))
     then show ?thesis using assms(2) by (coinduct) (force elim: list_pred_cases)
   qed
   lemma stream_pred_flat_coinduct[case_names stream_pred, consumes 1]:
     assumes "R ws"
     assumes "\<And> w ws. R (w ## ws) \<Longrightarrow> w \<noteq> [] \<and> list_all P w \<and> R ws"
     shows "pred_stream P (flat ws)"
     using assms
     by (coinduction arbitrary: ws rule: stream_pred_coinduct_shift) (metis stream.exhaust flat_Stream)
 
   lemmas stream_eq_coinduct[case_names stream_eq, coinduct pred: HOL.eq] =
     stream_rel_coinduct[where ?P = HOL.eq, unfolded stream.rel_eq]
   lemmas stream_eq_coinduct_shift[case_names stream_eq, consumes 1] =
     stream_rel_coinduct_shift[where ?P = HOL.eq, unfolded stream.rel_eq list.rel_eq]
 
   lemma stream_pred_shift[iff]: "pred_stream P (u @- v) \<longleftrightarrow> list_all P u \<and> pred_stream P v"
     by (induct u) (auto)
   lemma stream_rel_shift[iff]:
     assumes "length u\<^sub>1 = length v\<^sub>1"
     shows "stream_all2 P (u\<^sub>1 @- u\<^sub>2) (v\<^sub>1 @- v\<^sub>2) \<longleftrightarrow> list_all2 P u\<^sub>1 v\<^sub>1 \<and> stream_all2 P u\<^sub>2 v\<^sub>2"
     using assms by (induct rule: list_induct2) (auto)
 
   lemma sset_subset_stream_pred: "sset w \<subseteq> A \<longleftrightarrow> pred_stream (\<lambda> a. a \<in> A) w"
     unfolding stream.pred_set by auto
 
   lemma eq_scons: "w = a ## v \<longleftrightarrow> a = shd w \<and> v = stl w" by auto
   lemma scons_eq: "a ## v = w \<longleftrightarrow> shd w = a \<and> stl w = v" by auto
   lemma eq_shift: "w = u @- v \<longleftrightarrow> stake (length u) w = u \<and> sdrop (length u) w = v"
     by (induct u arbitrary: w) (force+)
   lemma shift_eq: "u @- v = w \<longleftrightarrow> u = stake (length u) w \<and> v = sdrop (length u) w"
     by (induct u arbitrary: w) (force+)
   lemma scons_eq_shift: "a ## w = u @- v \<longleftrightarrow> ([] = u \<and> a ## w = v) \<or> (\<exists> u'. a # u' = u \<and> w = u' @- v)"
     by (cases u) (auto)
   lemma shift_eq_scons: "u @- v = a ## w \<longleftrightarrow> (u = [] \<and> v = a ## w) \<or> (\<exists> u'. u = a # u' \<and> u' @- v = w)"
     by (cases u) (auto)
 
   lemma stream_all2_sset1:
     assumes "stream_all2 P xs ys"
     shows "\<forall> x \<in> sset xs. \<exists> y \<in> sset ys. P x y"
   proof -
     have "pred_stream (\<lambda> x. \<exists> y \<in> S. P x y) xs" if "sset ys \<subseteq> S" for S
       using assms that by (coinduction arbitrary: xs ys) (force elim: stream.rel_cases)
     then show ?thesis unfolding stream.pred_set by auto
   qed
   lemma stream_all2_sset2:
     assumes "stream_all2 P xs ys"
     shows "\<forall> y \<in> sset ys. \<exists> x \<in> sset xs. P x y"
   proof -
     have "pred_stream (\<lambda> y. \<exists> x \<in> S. P x y) ys" if "sset xs \<subseteq> S" for S
       using assms that by (coinduction arbitrary: xs ys) (force elim: stream.rel_cases)
     then show ?thesis unfolding stream.pred_set by auto
   qed
 
   lemma smap_eq_scons[iff]: "smap f xs = y ## ys \<longleftrightarrow> f (shd xs) = y \<and> smap f (stl xs) = ys"
     using smap_ctr by metis
   lemma scons_eq_smap[iff]: "y ## ys = smap f xs \<longleftrightarrow> y = f (shd xs) \<and> ys = smap f (stl xs)"
     using smap_ctr by metis
   lemma smap_eq_shift[iff]:
     "smap f w = u @- v \<longleftrightarrow> (\<exists> w\<^sub>1 w\<^sub>2. w = w\<^sub>1 @- w\<^sub>2 \<and> map f w\<^sub>1 = u \<and> smap f w\<^sub>2 = v)"
     using sdrop_smap eq_shift stake_sdrop stake_smap by metis
   lemma shift_eq_smap[iff]:
     "u @- v = smap f w \<longleftrightarrow> (\<exists> w\<^sub>1 w\<^sub>2. w = w\<^sub>1 @- w\<^sub>2 \<and> u = map f w\<^sub>1 \<and> v = smap f w\<^sub>2)"
     using sdrop_smap eq_shift stake_sdrop stake_smap by metis
 
   lemma szip_eq_scons[iff]: "szip xs ys = z ## zs \<longleftrightarrow> (shd xs, shd ys) = z \<and> szip (stl xs) (stl ys) = zs"
     using szip.ctr stream.inject by metis
   lemma scons_eq_szip[iff]: "z ## zs = szip xs ys \<longleftrightarrow> z = (shd xs, shd ys) \<and> zs = szip (stl xs) (stl ys)"
     using szip.ctr stream.inject by metis
 
   lemma siterate_eq_scons[iff]: "siterate f s = a ## w \<longleftrightarrow> s = a \<and> siterate f (f s) = w"
     using siterate.ctr stream.inject by metis
   lemma scons_eq_siterate[iff]: "a ## w = siterate f s \<longleftrightarrow> a = s \<and> w = siterate f (f s)"
     using siterate.ctr stream.inject by metis
 
   lemma snth_0: "(a ## w) !! 0 = a" by simp
   lemma eqI_snth:
     assumes "\<And> i. u !! i = v !! i"
     shows "u = v"
     using assms by (coinduction arbitrary: u v) (metis stream.sel snth.simps)
 
   lemma stream_pred_snth: "pred_stream P w \<longleftrightarrow> (\<forall> i. P (w !! i))"
     unfolding stream.pred_set sset_range by simp
   lemma stream_rel_snth: "stream_all2 P u v \<longleftrightarrow> (\<forall> i. P (u !! i) (v !! i))"
   proof safe
     show "P (u !! i) (v !! i)" if "stream_all2 P u v" for i
       using that by (induct i arbitrary: u v) (auto elim: stream.rel_cases)
     show "stream_all2 P u v" if "\<forall> i. P (u !! i) (v !! i)"
       using that by (coinduct) (metis snth_0 snth_Stream)
   qed
 
   lemma stream_rel_pred_szip: "stream_all2 P u v \<longleftrightarrow> pred_stream (case_prod P) (szip u v)"
     unfolding stream_pred_snth stream_rel_snth by simp
 
   lemma sconst_eq[iff]: "sconst x = sconst y \<longleftrightarrow> x = y" by (auto) (metis siterate.simps(1))
   lemma stream_pred__sconst[iff]: "pred_stream P (sconst x) \<longleftrightarrow> P x"
     unfolding stream_pred_snth by simp
   lemma stream_rel_sconst[iff]: "stream_all2 P (sconst x) (sconst y) \<longleftrightarrow> P x y"
     unfolding stream_rel_snth by simp
 
   lemma set_sset_stake[intro!, simp]: "set (stake n xs) \<subseteq> sset xs"
     by (metis sset_shift stake_sdrop sup_ge1)
   lemma sset_sdrop[intro!, simp]: "sset (sdrop n xs) \<subseteq> sset xs"
     by (metis sset_shift stake_sdrop sup_ge2)
 
   lemma set_stake_snth: "x \<in> set (stake n xs) \<longleftrightarrow> (\<exists> i < n. xs !! i = x)"
     unfolding in_set_conv_nth by auto
 
   (* TODO: these should be generated by the transfer option on the primcorec definitions *)
   (* TODO: transfer_prover cannot handle corecursive definitions due to the \<lambda>(s1, s2). undefined
     abortion term that is never used *)
   lemma szip_transfer[transfer_rule]:
     includes lifting_syntax
     shows "(stream_all2 A ===> stream_all2 B ===> stream_all2 (rel_prod A B)) szip szip"
     by (intro rel_funI, coinduction) (force elim: stream.rel_cases)
   lemma siterate_transfer[transfer_rule]:
     includes lifting_syntax
     shows "((A ===> A) ===> A ===> stream_all2 A) siterate siterate"
     by (intro rel_funI, coinduction) (force dest: rel_funD)
 
   lemma split_stream_first:
     assumes "A \<inter> sset xs \<noteq> {}"
     obtains ys a zs
     where "xs = ys @- a ## zs" "A \<inter> set ys = {}" "a \<in> A"
   proof
     let ?n = "LEAST n. xs !! n \<in> A"
     have 1: "xs !! n \<notin> A" if "n < ?n" for n using that by (metis (full_types) not_less_Least)
     show "xs = stake ?n xs @- (xs !! ?n) ## sdrop (Suc ?n) xs" using id_stake_snth_sdrop by blast
     show "A \<inter> set (stake ?n xs) = {}" using 1 by (metis (no_types, lifting) disjoint_iff_not_equal set_stake_snth)
     show "xs !! ?n \<in> A" using assms unfolding sset_range by (auto intro: LeastI)
   qed
   lemma split_stream_first':
     assumes "x \<in> sset xs"
     obtains ys zs
     where "xs = ys @- x ## zs" "x \<notin> set ys"
   proof
     let ?n = "LEAST n. xs !! n = x"
     have 1: "xs !! ?n = x" using assms unfolding sset_range by (auto intro: LeastI)
     have 2: "xs !! n \<noteq> x" if "n < ?n" for n using that by (metis (full_types) not_less_Least)
     show "xs = stake ?n xs @- x ## sdrop (Suc ?n) xs" using 1 by (metis id_stake_snth_sdrop)
     show "x \<notin> set (stake ?n xs)" using 2 by (meson set_stake_snth)
   qed
 
   lemma streams_UNIV[iff]: "streams A = UNIV \<longleftrightarrow> A = UNIV"
   proof
     show "A = UNIV \<Longrightarrow> streams A = UNIV" by simp
   next
     assume "streams A = UNIV"
     then have "w \<in> streams A" for w by simp
     then have "sset w \<subseteq> A" for w unfolding streams_iff_sset by this
     then have "sset (sconst a) \<subseteq> A" for a by blast
     then have "a \<in> A" for a by simp
     then show "A = UNIV" by auto
   qed
 
   lemma pred_list_listsp[pred_set_conv]: "list_all = listsp"
     unfolding list.pred_set by auto
   lemma pred_stream_streamsp[pred_set_conv]: "pred_stream = streamsp"
     unfolding stream.pred_set streams_iff_sset[to_pred] by auto
 
-  subsection \<open>The @{term scan} Function\<close>
+  subsection \<open>The scan Function\<close>
 
   primrec (transfer) scan :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'a list \<Rightarrow> 'b \<Rightarrow> 'b list" where
     "scan f [] a = []" | "scan f (x # xs) a = f x a # scan f xs (f x a)"
 
   lemma scan_append[simp]: "scan f (xs @ ys) a = scan f xs a @ scan f ys (fold f xs a)"
     by (induct xs arbitrary: a) (auto)
 
   lemma scan_eq_nil[iff]: "scan f xs a = [] \<longleftrightarrow> xs = []" by (cases xs) (auto)
   lemma scan_eq_cons[iff]:
     "scan f xs a = b # w \<longleftrightarrow> (\<exists> y ys. xs = y # ys \<and> f y a = b \<and> scan f ys (f y a) = w)"
     by (cases xs) (auto)
   lemma scan_eq_append[iff]:
     "scan f xs a = u @ v \<longleftrightarrow> (\<exists> ys zs. xs = ys @ zs \<and> scan f ys a = u \<and> scan f zs (fold f ys a) = v)"
     by (induct u arbitrary: xs a) (auto, metis append_Cons fold_simps(2), blast)
 
   lemma scan_length[simp]: "length (scan f xs a) = length xs"
     by (induct xs arbitrary: a) (auto)
+  (* TODO: figure out how this is used, should it be a simp rule? or flipped? also target_alt_def *)
   lemma scan_last: "last (a # scan f xs a) = fold f xs a"
     by (induct xs arbitrary: a) (auto simp: last.simps)
+  lemma scan_butlast[simp]: "scan f (butlast xs) a = butlast (scan f xs a)"
+    by (induct xs arbitrary: a) (auto simp: butlast.simps)
 
   lemma scan_const[simp]: "scan const xs a = xs"
     by (induct xs arbitrary: a) (auto)
   lemma scan_nth[simp]:
     assumes "i < length (scan f xs a)"
     shows "scan f xs a ! i = fold f (take (Suc i) xs) a"
     using assms by (cases xs, simp, induct i arbitrary: xs a, auto simp: take_Suc neq_Nil_conv)
   lemma scan_map[simp]: "scan f (map g xs) a = scan (f \<circ> g) xs a"
     by (induct xs arbitrary: a) (auto)
   lemma scan_take[simp]: "take k (scan f xs a) = scan f (take k xs) a"
     by (induct k arbitrary: xs a) (auto simp: take_Suc neq_Nil_conv)
   lemma scan_drop[simp]: "drop k (scan f xs a) = scan f (drop k xs) (fold f (take k xs) a)"
     by (induct k arbitrary: xs a) (auto simp: take_Suc neq_Nil_conv)
 
   primcorec (transfer) sscan :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> 'a stream \<Rightarrow> 'b \<Rightarrow> 'b stream" where
     "sscan f xs a = f (shd xs) a ## sscan f (stl xs) (f (shd xs) a)"
 
   lemma sscan_scons[simp]: "sscan f (x ## xs) a = f x a ## sscan f xs (f x a)"
     by (simp add: stream.expand)
   lemma sscan_shift[simp]: "sscan f (xs @- ys) a = scan f xs a @- sscan f ys (fold f xs a)"
     by (induct xs arbitrary: a) (auto)
 
   lemma sscan_eq_scons[iff]:
     "sscan f xs a = b ## w \<longleftrightarrow> f (shd xs) a = b \<and> sscan f (stl xs) (f (shd xs) a) = w"
     using sscan.ctr stream.inject by metis
   lemma scons_eq_sscan[iff]:
     "b ## w = sscan f xs a \<longleftrightarrow> b = f (shd xs) a \<and> w = sscan f (stl xs) (f (shd xs) a)"
     using sscan.ctr stream.inject by metis
 
   lemma sscan_const[simp]: "sscan const xs a = xs"
     by (coinduction arbitrary: xs a) (auto)
   lemma sscan_snth[simp]: "sscan f xs a !! i = fold f (stake (Suc i) xs) a"
     by (induct i arbitrary: xs a) (auto)
   lemma sscan_scons_snth[simp]: "(a ## sscan f xs a) !! i = fold f (stake i xs) a"
     by (induct i arbitrary: xs a) (auto)
   lemma sscan_smap[simp]: "sscan f (smap g xs) a = sscan (f \<circ> g) xs a"
     by (coinduction arbitrary: xs a) (auto)
   lemma sscan_stake[simp]: "stake k (sscan f xs a) = scan f (stake k xs) a"
     by (induct k arbitrary: a xs) (auto)
   lemma sscan_sdrop[simp]: "sdrop k (sscan f xs a) = sscan f (sdrop k xs) (fold f (stake k xs) a)"
     by (induct k arbitrary: a xs) (auto)
 
   subsection \<open>Distinct Streams\<close>
 
   coinductive sdistinct :: "'a stream \<Rightarrow> bool" where
     scons[intro!]: "x \<notin> sset xs \<Longrightarrow> sdistinct xs \<Longrightarrow> sdistinct (x ## xs)"
 
   lemma sdistinct_scons_elim[elim!]:
     assumes "sdistinct (x ## xs)"
     obtains "x \<notin> sset xs" "sdistinct xs"
     using assms by (auto elim: sdistinct.cases)
 
   lemma sdistinct_coinduct[case_names sdistinct, coinduct pred: sdistinct]:
     assumes "P xs"
     assumes "\<And> x xs. P (x ## xs) \<Longrightarrow> x \<notin> sset xs \<and> P xs"
     shows "sdistinct xs"
     using stream.collapse sdistinct.coinduct assms by metis
 
   lemma sdistinct_shift[intro!]:
     assumes "distinct xs" "sdistinct ys" "set xs \<inter> sset ys = {}"
     shows "sdistinct (xs @- ys)"
     using assms by (induct xs) (auto)
   lemma sdistinct_shift_elim[elim!]:
     assumes "sdistinct (xs @- ys)"
     obtains "distinct xs" "sdistinct ys" "set xs \<inter> sset ys = {}"
     using assms by (induct xs) (auto)
 
   lemma sdistinct_infinite_sset:
     assumes "sdistinct w"
     shows "infinite (sset w)"
     using assms by (coinduction arbitrary: w) (force elim: sdistinct.cases)
 
   lemma not_sdistinct_decomp:
     assumes "\<not> sdistinct w"
     obtains u v a w'
     where "w = u @- a ## v @- a ## w'"
   proof (rule ccontr)
     assume 1: "\<not> thesis"
     assume 2: "w = u @- a ## v @- a ## w' \<Longrightarrow> thesis" for u a v w'
     have 3: "\<forall> u v a w'. w \<noteq> u @- a ## v @- a ## w'" using 1 2 by auto
     have 4: "sdistinct w" using 3 by (coinduct) (metis id_stake_snth_sdrop imageE shift.simps sset_range)
     show False using assms 4 by auto
   qed
 
   subsection \<open>Sorted Streams\<close>
 
   coinductive (in order) sascending :: "'a stream \<Rightarrow> bool" where
     "a \<le> b \<Longrightarrow> sascending (b ## w) \<Longrightarrow> sascending (a ## b ## w)"
 
   coinductive (in order) sdescending :: "'a stream \<Rightarrow> bool" where
     "a \<ge> b \<Longrightarrow> sdescending (b ## w) \<Longrightarrow> sdescending (a ## b ## w)"
 
   lemma sdescending_coinduct[case_names sdescending, coinduct pred: sdescending]:
     assumes "P w"
     assumes "\<And> a b w. P (a ## b ## w) \<Longrightarrow> a \<ge> b \<and> P (b ## w)"
     shows "sdescending w"
     using stream.collapse sdescending.coinduct assms by (metis (no_types))
 
   lemma sdescending_sdrop:
     assumes "sdescending w"
     shows "sdescending (sdrop k w)"
     using assms by (induct k) (auto, metis sdescending.cases sdrop_stl stream.sel(2))
 
   lemma sdescending_snth_antimono:
     assumes "sdescending w"
     shows "antimono (snth w)"
   unfolding antimono_iff_le_Suc
   proof
     fix k
     have "sdescending (sdrop k w)" using sdescending_sdrop assms by this
     then obtain a b v where 2: "sdrop k w = a ## b ## v" "a \<ge> b" by rule
     then show "w !! k \<ge> w !! Suc k" by (metis sdrop_simps stream.sel)
   qed
 
   lemma sdescending_stuck:
     fixes w :: "'a :: wellorder stream"
     assumes "sdescending w"
     obtains k
     where "sdrop k w = sconst (w !! k)"
   using assms
   proof (induct "w !! 0" arbitrary: w thesis rule: less_induct)
     case less
     show ?case
     proof (cases "w = sconst (w !! 0)")
       case True
       show ?thesis using less(2)[of 0] True by simp
     next
       case False
       obtain k where 1: "w !! k \<noteq> w !! 0"
         using False by (metis empty_iff eqI_snth insert_iff snth_sset sset_sconst)
       have 2: "antimono (snth w)" using sdescending_snth_antimono less(3) by this
       have 3: "w !! k \<le> w !! 0" using 1 2 by (blast dest: antimonoD)
       have 4: "sdrop k w !! 0 < w !! 0" using 1 3 by auto
       have 5: "sdescending (sdrop k w)" using sdescending_sdrop less(3) by this
       obtain l where 5: "sdrop l (sdrop k w) = sconst (sdrop k w !! l)"
         using less(1)[OF 4 _ 5] by this
       show ?thesis using less(2) 5 by simp
     qed
   qed
 
 end
diff --git a/thys/Transition_Systems_and_Automata/Basic/Sequence_LTL.thy b/thys/Transition_Systems_and_Automata/Basic/Sequence_LTL.thy
--- a/thys/Transition_Systems_and_Automata/Basic/Sequence_LTL.thy
+++ b/thys/Transition_Systems_and_Automata/Basic/Sequence_LTL.thy
@@ -1,112 +1,114 @@
 section \<open>Linear Temporal Logic on Streams\<close>
 
 theory Sequence_LTL
 imports
   "Sequence"
   "HOL-Library.Linear_Temporal_Logic_on_Streams"
 begin
 
   subsection \<open>Basics\<close>
 
-  text \<open>Avoid destroying the constant @{term holds} prematurely.\<close>
+  text \<open>Avoid destroying the constant @{const holds} prematurely.\<close>
   lemmas [simp del] = holds.simps holds_eq1 holds_eq2 not_holds_eq
 
+  lemma ev_smap[iff]: "ev P (smap f w) \<longleftrightarrow> ev (P \<circ> smap f) w" using ev_smap unfolding comp_apply by this
+  lemma alw_smap[iff]: "alw P (smap f w) \<longleftrightarrow> alw (P \<circ> smap f) w" using alw_smap unfolding comp_apply by this
   lemma holds_smap[iff]: "holds P (smap f w) \<longleftrightarrow> holds (P \<circ> f) w" unfolding holds.simps by simp
 
-  lemmas [iff] = ev_sconst alw_sconst ev_smap alw_smap hld_smap'
+  lemmas [iff] = ev_sconst alw_sconst hld_smap'
 
   lemmas [iff] = alw_ev_stl
   lemma alw_ev_sdrop[iff]: "alw (ev P) (sdrop n w) \<longleftrightarrow> alw (ev P) w"
     using alw_ev_sdrop alw_sdrop by blast
   lemma alw_ev_scons[iff]: "alw (ev P) (a ## w) \<longleftrightarrow> alw (ev P) w" by (metis alw_ev_stl stream.sel(2))
   lemma alw_ev_shift[iff]: "alw (ev P) (u @- v) \<longleftrightarrow> alw (ev P) v" by (induct u) (auto)
 
   lemmas [simp del, iff] = ev_alw_stl
   lemma ev_alw_sdrop[iff]: "ev (alw P) (sdrop n w) \<longleftrightarrow> ev (alw P) w"
     using alwD alw_alw alw_sdrop ev_alw_imp_alw_ev not_ev_iff by metis
   lemma ev_alw_scons[iff]: "ev (alw P) (a ## w) \<longleftrightarrow> ev (alw P) w" by (metis ev_alw_stl stream.sel(2))
   lemma ev_alw_shift[iff]: "ev (alw P) (u @- v) \<longleftrightarrow> ev (alw P) v" by (induct u) (auto)
 
   lemma holds_sconst[iff]: "holds P (sconst a) \<longleftrightarrow> P a" unfolding holds.simps by simp
   lemma HLD_sconst[iff]: "HLD A (sconst a) \<longleftrightarrow> a \<in> A" unfolding HLD_def holds.simps by simp
 
   lemma ev_alt_def: "ev \<phi> w \<longleftrightarrow> (\<exists> u v. w = u @- v \<and> \<phi> v)"
     using ev.base ev_shift ev_imp_shift by metis
   lemma ev_stl_alt_def: "ev \<phi> (stl w) \<longleftrightarrow> (\<exists> u v. w = u @- v \<and> u \<noteq> [] \<and> \<phi> v)"
     unfolding ev_alt_def by (cases w) (force simp: scons_eq)
 
   lemma ev_HLD_sset: "ev (HLD A) w \<longleftrightarrow> sset w \<inter> A \<noteq> {}" unfolding HLD_def ev_holds_sset by auto
 
   lemma alw_ev_coinduct[case_names alw_ev, consumes 1]:
     assumes "R w"
     assumes "\<And> w. R w \<Longrightarrow> ev \<phi> w \<and> ev R (stl w)"
     shows "alw (ev \<phi>) w"
   proof -
     have "ev R w" using assms(1) by rule
     then show ?thesis using assms(2) by (coinduct) (metis alw_sdrop not_ev_iff sdrop_stl sdrop_wait)
   qed
 
   subsection \<open>Infinite Occurrence\<close>
 
   abbreviation "infs P w \<equiv> alw (ev (holds P)) w"
   abbreviation "fins P w \<equiv> \<not> infs P w"
 
   lemma infs_suffix: "infs P w \<longleftrightarrow> (\<forall> u v. w = u @- v \<longrightarrow> Bex (sset v) P)"
     using alwD alw_iff_sdrop alw_shift ev_holds_sset stake_sdrop by (metis (mono_tags, hide_lams))
   lemma infs_snth: "infs P w \<longleftrightarrow> (\<forall> n. \<exists> k \<ge> n. P (w !! k))"
     by (auto simp: alw_iff_sdrop ev_iff_sdrop holds.simps intro: le_add1 dest: le_Suc_ex)
   lemma infs_infm: "infs P w \<longleftrightarrow> (\<exists>\<^sub>\<infinity> i. P (w !! i))"
     unfolding infs_snth INFM_nat_le by rule
 
   lemma infs_coinduct[case_names infs, coinduct pred: infs]:
     assumes "R w"
     assumes "\<And> w. R w \<Longrightarrow> Bex (sset w) P \<and> ev R (stl w)"
     shows "infs P w"
     using assms by (coinduct rule: alw_ev_coinduct) (auto simp: ev_holds_sset)
   lemma infs_set_coinduct[case_names infs_set, consumes 1]:
     assumes "R w"
     assumes "\<And> w. R w \<Longrightarrow> \<exists> u v. w = u @- v \<and> Bex (set u) P \<and> R v"
     shows "infs P w"
     using assms by (coinduct) (force simp: ev_stl_alt_def)
   lemma infs_flat_coinduct[case_names infs_flat, consumes 1]:
     assumes "R w"
     assumes "\<And> u v. R (u ## v) \<Longrightarrow> Bex (set u) P \<and> R v"
     shows "infs P (flat w)"
     using assms by (coinduction arbitrary: w rule: infs_set_coinduct)
       (metis empty_iff flat_Stream list.set(1) stream.exhaust)
 
   lemma infs_mono: "(\<And> a. a \<in> sset w \<Longrightarrow> P a \<Longrightarrow> Q a) \<Longrightarrow> infs P w \<Longrightarrow> infs Q w"
     unfolding infs_snth by force
   lemma infs_mono_strong: "stream_all2 (\<lambda> a b. P a \<longrightarrow> Q b) u v \<Longrightarrow> infs P u \<Longrightarrow> infs Q v"
     unfolding stream_rel_snth infs_snth by blast
 
   lemma infs_all: "Ball (sset w) P \<Longrightarrow> infs P w" unfolding infs_snth by auto
   lemma infs_any: "infs P w \<Longrightarrow> Bex (sset w) P" unfolding ev_holds_sset by auto
 
   lemma infs_bot[iff]: "infs bot w \<longleftrightarrow> False" using infs_any by auto
   lemma infs_top[iff]: "infs top w \<longleftrightarrow> True" by (simp add: infs_all)
   lemma infs_disj[iff]: "infs (\<lambda> a. P a \<or> Q a) w \<longleftrightarrow> infs P w \<or> infs Q w"
     unfolding infs_snth using le_trans le_cases by metis
   lemma infs_bex[iff]:
     assumes "finite S"
     shows "infs (\<lambda> a. \<exists> x \<in> S. P x a) w \<longleftrightarrow> (\<exists> x \<in> S. infs (P x) w)"
     using assms infs_any by induct auto
   lemma infs_bex_le_nat[iff]: "infs (\<lambda> a. \<exists> k < n :: nat. P k a) w \<longleftrightarrow> (\<exists> k < n. infs (P k) w)"
   proof -
     have "infs (\<lambda> a. \<exists> k < n. P k a) w \<longleftrightarrow> infs (\<lambda> a. \<exists> k \<in> {k. k < n}. P k a) w" by simp
     also have "\<dots> \<longleftrightarrow> (\<exists> k \<in> {k. k < n}. infs (P k) w)" by blast
     also have "\<dots> \<longleftrightarrow> (\<exists> k < n. infs (P k) w)" by simp
     finally show ?thesis by this
   qed
 
   lemma infs_cycle[iff]:
     assumes "w \<noteq> []"
     shows "infs P (cycle w) \<longleftrightarrow> Bex (set w) P"
   proof
     show "infs P (cycle w) \<Longrightarrow> Bex (set w) P"
       using assms by (auto simp: ev_holds_sset dest: alwD)
     show "Bex (set w) P \<Longrightarrow> infs P (cycle w)"
       using assms by (coinduction rule: infs_set_coinduct) (blast dest: cycle_decomp)
   qed
 
 end
\ No newline at end of file