src/ZF/Integ/Int.thy
author paulson
Mon Sep 06 15:57:58 2004 +0200 (2004-09-06)
changeset 15182 5cea84e10f3e
parent 14565 c6dc17aab88a
child 16417 9bc16273c2d4
permissions -rw-r--r--
new "respects" syntax for the congruent operator
paulson@5561
     1
(*  Title:      ZF/Integ/Int.thy
paulson@5561
     2
    ID:         $Id$
paulson@5561
     3
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@5561
     4
    Copyright   1993  University of Cambridge
paulson@5561
     5
paulson@5561
     6
*)
paulson@5561
     7
paulson@13560
     8
header{*The Integers as Equivalence Classes Over Pairs of Natural Numbers*}
paulson@13560
     9
paulson@13560
    10
theory Int = EquivClass + ArithSimp:
paulson@9496
    11
paulson@9496
    12
constdefs
paulson@9496
    13
  intrel :: i
paulson@13560
    14
    "intrel == {p : (nat*nat)*(nat*nat).                 
paulson@14511
    15
                \<exists>x1 y1 x2 y2. p=<<x1,y1>,<x2,y2>> & x1#+y2 = x2#+y1}"
paulson@5561
    16
paulson@9496
    17
  int :: i
paulson@9496
    18
    "int == (nat*nat)//intrel"  
paulson@9496
    19
paulson@13560
    20
  int_of :: "i=>i" --{*coercion from nat to int*}    ("$# _" [80] 80)
paulson@9496
    21
    "$# m == intrel `` {<natify(m), 0>}"
paulson@9496
    22
paulson@13560
    23
  intify :: "i=>i" --{*coercion from ANYTHING to int*}
paulson@9496
    24
    "intify(m) == if m : int then m else $#0"
paulson@5561
    25
paulson@13560
    26
  raw_zminus :: "i=>i"
paulson@14511
    27
    "raw_zminus(z) == \<Union><x,y>\<in>z. intrel``{<y,x>}"
paulson@9496
    28
paulson@13560
    29
  zminus :: "i=>i"                                 ("$- _" [80] 80)
paulson@9548
    30
    "$- z == raw_zminus (intify(z))"
paulson@5561
    31
paulson@13560
    32
  znegative   ::      "i=>o"
paulson@14511
    33
    "znegative(z) == \<exists>x y. x<y & y\<in>nat & <x,y>\<in>z"
paulson@9570
    34
paulson@13560
    35
  iszero      ::      "i=>o"
paulson@9570
    36
    "iszero(z) == z = $# 0"
paulson@9570
    37
    
paulson@13560
    38
  raw_nat_of  :: "i=>i"
paulson@14511
    39
  "raw_nat_of(z) == natify (\<Union><x,y>\<in>z. x#-y)"
paulson@9883
    40
paulson@13560
    41
  nat_of  :: "i=>i"
paulson@9883
    42
  "nat_of(z) == raw_nat_of (intify(z))"
paulson@9883
    43
paulson@13560
    44
  zmagnitude  ::      "i=>i"
paulson@13560
    45
  --{*could be replaced by an absolute value function from int to int?*}
paulson@9496
    46
    "zmagnitude(z) ==
paulson@14511
    47
     THE m. m\<in>nat & ((~ znegative(z) & z = $# m) |
paulson@9548
    48
		       (znegative(z) & $- z = $# m))"
paulson@9496
    49
paulson@13560
    50
  raw_zmult   ::      "[i,i]=>i"
paulson@9496
    51
    (*Cannot use UN<x1,y2> here or in zadd because of the form of congruent2.
paulson@5561
    52
      Perhaps a "curried" or even polymorphic congruent predicate would be
paulson@5561
    53
      better.*)
paulson@9496
    54
     "raw_zmult(z1,z2) == 
paulson@14511
    55
       \<Union>p1\<in>z1. \<Union>p2\<in>z2.  split(%x1 y1. split(%x2 y2.        
paulson@9496
    56
                   intrel``{<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}, p2), p1)"
paulson@9496
    57
paulson@13560
    58
  zmult       ::      "[i,i]=>i"      (infixl "$*" 70)
paulson@9496
    59
     "z1 $* z2 == raw_zmult (intify(z1),intify(z2))"
paulson@9496
    60
paulson@13560
    61
  raw_zadd    ::      "[i,i]=>i"
paulson@9496
    62
     "raw_zadd (z1, z2) == 
paulson@14511
    63
       \<Union>z1\<in>z1. \<Union>z2\<in>z2. let <x1,y1>=z1; <x2,y2>=z2                 
paulson@5561
    64
                           in intrel``{<x1#+x2, y1#+y2>}"
paulson@9496
    65
paulson@13560
    66
  zadd        ::      "[i,i]=>i"      (infixl "$+" 65)
paulson@9496
    67
     "z1 $+ z2 == raw_zadd (intify(z1),intify(z2))"
paulson@9496
    68
paulson@13560
    69
  zdiff        ::      "[i,i]=>i"      (infixl "$-" 65)
paulson@9496
    70
     "z1 $- z2 == z1 $+ zminus(z2)"
paulson@9496
    71
paulson@13560
    72
  zless        ::      "[i,i]=>o"      (infixl "$<" 50)
paulson@9496
    73
     "z1 $< z2 == znegative(z1 $- z2)"
paulson@9496
    74
  
paulson@13560
    75
  zle          ::      "[i,i]=>o"      (infixl "$<=" 50)
paulson@9570
    76
     "z1 $<= z2 == z1 $< z2 | intify(z1)=intify(z2)"
paulson@9548
    77
  
paulson@9654
    78
wenzelm@12114
    79
syntax (xsymbols)
paulson@13560
    80
  zmult :: "[i,i]=>i"          (infixl "$\<times>" 70)
paulson@13560
    81
  zle   :: "[i,i]=>o"          (infixl "$\<le>" 50)  --{*less than or equals*}
paulson@9654
    82
wenzelm@9964
    83
syntax (HTML output)
paulson@13560
    84
  zmult :: "[i,i]=>i"          (infixl "$\<times>" 70)
kleing@14565
    85
  zle   :: "[i,i]=>o"          (infixl "$\<le>" 50)
paulson@13560
    86
paulson@13560
    87
paulson@13560
    88
declare quotientE [elim!]
paulson@13560
    89
paulson@13560
    90
subsection{*Proving that @{term intrel} is an equivalence relation*}
paulson@13560
    91
paulson@13560
    92
(** Natural deduction for intrel **)
paulson@13560
    93
paulson@13560
    94
lemma intrel_iff [simp]: 
paulson@13560
    95
    "<<x1,y1>,<x2,y2>>: intrel <->  
paulson@14511
    96
     x1\<in>nat & y1\<in>nat & x2\<in>nat & y2\<in>nat & x1#+y2 = x2#+y1"
paulson@14511
    97
by (simp add: intrel_def)
paulson@13560
    98
paulson@13560
    99
lemma intrelI [intro!]: 
paulson@14511
   100
    "[| x1#+y2 = x2#+y1; x1\<in>nat; y1\<in>nat; x2\<in>nat; y2\<in>nat |]   
paulson@13560
   101
     ==> <<x1,y1>,<x2,y2>>: intrel"
paulson@14511
   102
by (simp add: intrel_def)
paulson@13560
   103
paulson@13560
   104
lemma intrelE [elim!]:
paulson@13560
   105
  "[| p: intrel;   
paulson@13560
   106
      !!x1 y1 x2 y2. [| p = <<x1,y1>,<x2,y2>>;  x1#+y2 = x2#+y1;  
paulson@14511
   107
                        x1\<in>nat; y1\<in>nat; x2\<in>nat; y2\<in>nat |] ==> Q |]  
paulson@13560
   108
   ==> Q"
paulson@14511
   109
by (simp add: intrel_def, blast) 
paulson@13560
   110
paulson@13560
   111
lemma int_trans_lemma:
paulson@13560
   112
     "[| x1 #+ y2 = x2 #+ y1; x2 #+ y3 = x3 #+ y2 |] ==> x1 #+ y3 = x3 #+ y1"
paulson@13560
   113
apply (rule sym)
paulson@13560
   114
apply (erule add_left_cancel)+
paulson@13560
   115
apply (simp_all (no_asm_simp))
paulson@13560
   116
done
paulson@13560
   117
paulson@13560
   118
lemma equiv_intrel: "equiv(nat*nat, intrel)"
paulson@14511
   119
apply (simp add: equiv_def refl_def sym_def trans_def)
paulson@13560
   120
apply (fast elim!: sym int_trans_lemma)
paulson@13560
   121
done
paulson@13560
   122
paulson@14511
   123
lemma image_intrel_int: "[| m\<in>nat; n\<in>nat |] ==> intrel `` {<m,n>} : int"
paulson@14511
   124
by (simp add: int_def)
paulson@13560
   125
paulson@13560
   126
declare equiv_intrel [THEN eq_equiv_class_iff, simp]
paulson@13560
   127
declare conj_cong [cong]
paulson@13560
   128
paulson@13560
   129
lemmas eq_intrelD = eq_equiv_class [OF _ equiv_intrel]
paulson@13560
   130
paulson@13560
   131
(** int_of: the injection from nat to int **)
paulson@13560
   132
paulson@13560
   133
lemma int_of_type [simp,TC]: "$#m : int"
paulson@14511
   134
by (simp add: int_def quotient_def int_of_def, auto)
paulson@13560
   135
paulson@13560
   136
lemma int_of_eq [iff]: "($# m = $# n) <-> natify(m)=natify(n)"
paulson@14511
   137
by (simp add: int_of_def)
paulson@13560
   138
paulson@14511
   139
lemma int_of_inject: "[| $#m = $#n;  m\<in>nat;  n\<in>nat |] ==> m=n"
paulson@13560
   140
by (drule int_of_eq [THEN iffD1], auto)
paulson@13560
   141
paulson@13560
   142
paulson@13560
   143
(** intify: coercion from anything to int **)
paulson@13560
   144
paulson@13560
   145
lemma intify_in_int [iff,TC]: "intify(x) : int"
paulson@13560
   146
by (simp add: intify_def)
paulson@13560
   147
paulson@13560
   148
lemma intify_ident [simp]: "n : int ==> intify(n) = n"
paulson@13560
   149
by (simp add: intify_def)
paulson@13560
   150
paulson@13560
   151
paulson@13560
   152
subsection{*Collapsing rules: to remove @{term intify}
paulson@13560
   153
            from arithmetic expressions*}
paulson@13560
   154
paulson@13560
   155
lemma intify_idem [simp]: "intify(intify(x)) = intify(x)"
paulson@13560
   156
by simp
paulson@13560
   157
paulson@13560
   158
lemma int_of_natify [simp]: "$# (natify(m)) = $# m"
paulson@13560
   159
by (simp add: int_of_def)
paulson@13560
   160
paulson@13560
   161
lemma zminus_intify [simp]: "$- (intify(m)) = $- m"
paulson@13560
   162
by (simp add: zminus_def)
paulson@13560
   163
paulson@13560
   164
(** Addition **)
paulson@13560
   165
paulson@13560
   166
lemma zadd_intify1 [simp]: "intify(x) $+ y = x $+ y"
paulson@13560
   167
by (simp add: zadd_def)
paulson@13560
   168
paulson@13560
   169
lemma zadd_intify2 [simp]: "x $+ intify(y) = x $+ y"
paulson@13560
   170
by (simp add: zadd_def)
paulson@13560
   171
paulson@13560
   172
(** Subtraction **)
paulson@13560
   173
paulson@13560
   174
lemma zdiff_intify1 [simp]:"intify(x) $- y = x $- y"
paulson@13560
   175
by (simp add: zdiff_def)
paulson@13560
   176
paulson@13560
   177
lemma zdiff_intify2 [simp]:"x $- intify(y) = x $- y"
paulson@13560
   178
by (simp add: zdiff_def)
paulson@13560
   179
paulson@13560
   180
(** Multiplication **)
paulson@13560
   181
paulson@13560
   182
lemma zmult_intify1 [simp]:"intify(x) $* y = x $* y"
paulson@13560
   183
by (simp add: zmult_def)
paulson@13560
   184
paulson@13560
   185
lemma zmult_intify2 [simp]:"x $* intify(y) = x $* y"
paulson@13560
   186
by (simp add: zmult_def)
paulson@13560
   187
paulson@13560
   188
(** Orderings **)
paulson@13560
   189
paulson@13560
   190
lemma zless_intify1 [simp]:"intify(x) $< y <-> x $< y"
paulson@13560
   191
by (simp add: zless_def)
paulson@13560
   192
paulson@13560
   193
lemma zless_intify2 [simp]:"x $< intify(y) <-> x $< y"
paulson@13560
   194
by (simp add: zless_def)
paulson@13560
   195
paulson@13560
   196
lemma zle_intify1 [simp]:"intify(x) $<= y <-> x $<= y"
paulson@13560
   197
by (simp add: zle_def)
paulson@13560
   198
paulson@13560
   199
lemma zle_intify2 [simp]:"x $<= intify(y) <-> x $<= y"
paulson@13560
   200
by (simp add: zle_def)
paulson@13560
   201
paulson@13560
   202
paulson@13560
   203
subsection{*@{term zminus}: unary negation on @{term int}*}
paulson@13560
   204
paulson@15182
   205
lemma zminus_congruent: "(%<x,y>. intrel``{<y,x>}) respects intrel"
paulson@14511
   206
by (auto simp add: congruent_def add_ac)
paulson@13560
   207
paulson@13560
   208
lemma raw_zminus_type: "z : int ==> raw_zminus(z) : int"
paulson@14511
   209
apply (simp add: int_def raw_zminus_def)
paulson@13560
   210
apply (typecheck add: UN_equiv_class_type [OF equiv_intrel zminus_congruent])
paulson@13560
   211
done
paulson@13560
   212
paulson@13560
   213
lemma zminus_type [TC,iff]: "$-z : int"
paulson@14511
   214
by (simp add: zminus_def raw_zminus_type)
paulson@13560
   215
paulson@13560
   216
lemma raw_zminus_inject: 
paulson@13560
   217
     "[| raw_zminus(z) = raw_zminus(w);  z: int;  w: int |] ==> z=w"
paulson@14511
   218
apply (simp add: int_def raw_zminus_def)
paulson@13560
   219
apply (erule UN_equiv_class_inject [OF equiv_intrel zminus_congruent], safe)
paulson@13560
   220
apply (auto dest: eq_intrelD simp add: add_ac)
paulson@13560
   221
done
paulson@13560
   222
paulson@13560
   223
lemma zminus_inject_intify [dest!]: "$-z = $-w ==> intify(z) = intify(w)"
paulson@14511
   224
apply (simp add: zminus_def)
paulson@13560
   225
apply (blast dest!: raw_zminus_inject)
paulson@13560
   226
done
paulson@13560
   227
paulson@13560
   228
lemma zminus_inject: "[| $-z = $-w;  z: int;  w: int |] ==> z=w"
paulson@13560
   229
by auto
paulson@13560
   230
paulson@13560
   231
lemma raw_zminus: 
paulson@14511
   232
    "[| x\<in>nat;  y\<in>nat |] ==> raw_zminus(intrel``{<x,y>}) = intrel `` {<y,x>}"
paulson@14511
   233
apply (simp add: raw_zminus_def UN_equiv_class [OF equiv_intrel zminus_congruent])
paulson@13560
   234
done
paulson@13560
   235
paulson@13560
   236
lemma zminus: 
paulson@14511
   237
    "[| x\<in>nat;  y\<in>nat |]  
paulson@13560
   238
     ==> $- (intrel``{<x,y>}) = intrel `` {<y,x>}"
paulson@14511
   239
by (simp add: zminus_def raw_zminus image_intrel_int)
paulson@13560
   240
paulson@13560
   241
lemma raw_zminus_zminus: "z : int ==> raw_zminus (raw_zminus(z)) = z"
paulson@14511
   242
by (auto simp add: int_def raw_zminus)
paulson@13560
   243
paulson@13560
   244
lemma zminus_zminus_intify [simp]: "$- ($- z) = intify(z)"
paulson@13560
   245
by (simp add: zminus_def raw_zminus_type raw_zminus_zminus)
paulson@13560
   246
paulson@13560
   247
lemma zminus_int0 [simp]: "$- ($#0) = $#0"
paulson@14511
   248
by (simp add: int_of_def zminus)
paulson@13560
   249
paulson@13560
   250
lemma zminus_zminus: "z : int ==> $- ($- z) = z"
paulson@13560
   251
by simp
paulson@13560
   252
paulson@13560
   253
paulson@13560
   254
subsection{*@{term znegative}: the test for negative integers*}
paulson@13560
   255
paulson@14511
   256
lemma znegative: "[| x\<in>nat; y\<in>nat |] ==> znegative(intrel``{<x,y>}) <-> x<y"
paulson@14511
   257
apply (cases "x<y") 
paulson@14511
   258
apply (auto simp add: znegative_def not_lt_iff_le)
paulson@14511
   259
apply (subgoal_tac "y #+ x2 < x #+ y2", force) 
paulson@14511
   260
apply (rule add_le_lt_mono, auto) 
paulson@14511
   261
done
paulson@14511
   262
paulson@13560
   263
(*No natural number is negative!*)
paulson@13560
   264
lemma not_znegative_int_of [iff]: "~ znegative($# n)"
paulson@14511
   265
by (simp add: znegative int_of_def) 
paulson@13560
   266
paulson@13560
   267
lemma znegative_zminus_int_of [simp]: "znegative($- $# succ(n))"
paulson@14511
   268
by (simp add: znegative int_of_def zminus natify_succ)
paulson@13560
   269
paulson@13560
   270
lemma not_znegative_imp_zero: "~ znegative($- $# n) ==> natify(n)=0"
paulson@14511
   271
by (simp add: znegative int_of_def zminus Ord_0_lt_iff [THEN iff_sym])
paulson@13560
   272
paulson@13560
   273
paulson@13560
   274
subsection{*@{term nat_of}: Coercion of an Integer to a Natural Number*}
paulson@13560
   275
paulson@13560
   276
lemma nat_of_intify [simp]: "nat_of(intify(z)) = nat_of(z)"
paulson@14511
   277
by (simp add: nat_of_def)
paulson@14511
   278
paulson@15182
   279
lemma nat_of_congruent: "(\<lambda>x. (\<lambda>\<langle>x,y\<rangle>. x #- y)(x)) respects intrel"
paulson@14511
   280
by (auto simp add: congruent_def split add: nat_diff_split)
paulson@14511
   281
paulson@14511
   282
lemma raw_nat_of: 
paulson@14511
   283
    "[| x\<in>nat;  y\<in>nat |] ==> raw_nat_of(intrel``{<x,y>}) = x#-y"
paulson@14511
   284
by (simp add: raw_nat_of_def UN_equiv_class [OF equiv_intrel nat_of_congruent])
paulson@14511
   285
paulson@14511
   286
lemma raw_nat_of_int_of: "raw_nat_of($# n) = natify(n)"
paulson@14511
   287
by (simp add: int_of_def raw_nat_of)
paulson@13560
   288
paulson@13560
   289
lemma nat_of_int_of [simp]: "nat_of($# n) = natify(n)"
paulson@14511
   290
by (simp add: raw_nat_of_int_of nat_of_def)
paulson@13560
   291
paulson@14511
   292
lemma raw_nat_of_type: "raw_nat_of(z) \<in> nat"
paulson@14511
   293
by (simp add: raw_nat_of_def)
paulson@13560
   294
paulson@14511
   295
lemma nat_of_type [iff,TC]: "nat_of(z) \<in> nat"
paulson@14511
   296
by (simp add: nat_of_def raw_nat_of_type)
paulson@13560
   297
paulson@13560
   298
subsection{*zmagnitude: magnitide of an integer, as a natural number*}
paulson@13560
   299
paulson@13560
   300
lemma zmagnitude_int_of [simp]: "zmagnitude($# n) = natify(n)"
paulson@14511
   301
by (auto simp add: zmagnitude_def int_of_eq)
paulson@13560
   302
paulson@13560
   303
lemma natify_int_of_eq: "natify(x)=n ==> $#x = $# n"
paulson@13560
   304
apply (drule sym)
paulson@13560
   305
apply (simp (no_asm_simp) add: int_of_eq)
paulson@13560
   306
done
paulson@13560
   307
paulson@13560
   308
lemma zmagnitude_zminus_int_of [simp]: "zmagnitude($- $# n) = natify(n)"
paulson@14511
   309
apply (simp add: zmagnitude_def)
paulson@13560
   310
apply (rule the_equality)
paulson@13560
   311
apply (auto dest!: not_znegative_imp_zero natify_int_of_eq
paulson@13560
   312
            iff del: int_of_eq, auto)
paulson@13560
   313
done
paulson@13560
   314
paulson@14511
   315
lemma zmagnitude_type [iff,TC]: "zmagnitude(z)\<in>nat"
paulson@14511
   316
apply (simp add: zmagnitude_def)
paulson@13560
   317
apply (rule theI2, auto)
paulson@13560
   318
done
paulson@13560
   319
paulson@13560
   320
lemma not_zneg_int_of: 
paulson@14511
   321
     "[| z: int; ~ znegative(z) |] ==> \<exists>n\<in>nat. z = $# n"
paulson@14511
   322
apply (auto simp add: int_def znegative int_of_def not_lt_iff_le)
paulson@14511
   323
apply (rename_tac x y) 
paulson@14511
   324
apply (rule_tac x="x#-y" in bexI) 
paulson@14511
   325
apply (auto simp add: add_diff_inverse2) 
paulson@13560
   326
done
paulson@13560
   327
paulson@13560
   328
lemma not_zneg_mag [simp]:
paulson@13560
   329
     "[| z: int; ~ znegative(z) |] ==> $# (zmagnitude(z)) = z"
paulson@13560
   330
by (drule not_zneg_int_of, auto)
paulson@13560
   331
paulson@13560
   332
lemma zneg_int_of: 
paulson@14511
   333
     "[| znegative(z); z: int |] ==> \<exists>n\<in>nat. z = $- ($# succ(n))"
paulson@14511
   334
by (auto simp add: int_def znegative zminus int_of_def dest!: less_imp_succ_add)
paulson@13560
   335
paulson@13560
   336
lemma zneg_mag [simp]:
paulson@13560
   337
     "[| znegative(z); z: int |] ==> $# (zmagnitude(z)) = $- z"
paulson@14511
   338
by (drule zneg_int_of, auto)
paulson@13560
   339
paulson@14511
   340
lemma int_cases: "z : int ==> \<exists>n\<in>nat. z = $# n | z = $- ($# succ(n))"
paulson@13560
   341
apply (case_tac "znegative (z) ")
paulson@13560
   342
prefer 2 apply (blast dest: not_zneg_mag sym)
paulson@13560
   343
apply (blast dest: zneg_int_of)
paulson@13560
   344
done
paulson@13560
   345
paulson@13560
   346
lemma not_zneg_raw_nat_of:
paulson@13560
   347
     "[| ~ znegative(z); z: int |] ==> $# (raw_nat_of(z)) = z"
paulson@13560
   348
apply (drule not_zneg_int_of)
paulson@14511
   349
apply (auto simp add: raw_nat_of_type raw_nat_of_int_of)
paulson@13560
   350
done
paulson@13560
   351
paulson@13560
   352
lemma not_zneg_nat_of_intify:
paulson@13560
   353
     "~ znegative(intify(z)) ==> $# (nat_of(z)) = intify(z)"
paulson@13560
   354
by (simp (no_asm_simp) add: nat_of_def not_zneg_raw_nat_of)
paulson@13560
   355
paulson@13560
   356
lemma not_zneg_nat_of: "[| ~ znegative(z); z: int |] ==> $# (nat_of(z)) = z"
paulson@13560
   357
apply (simp (no_asm_simp) add: not_zneg_nat_of_intify)
paulson@13560
   358
done
paulson@13560
   359
paulson@13560
   360
lemma zneg_nat_of [simp]: "znegative(intify(z)) ==> nat_of(z) = 0"
paulson@14511
   361
apply (subgoal_tac "intify(z) \<in> int")
paulson@14511
   362
apply (simp add: int_def) 
paulson@14511
   363
apply (auto simp add: znegative nat_of_def raw_nat_of 
paulson@14511
   364
            split add: nat_diff_split) 
paulson@14511
   365
done
paulson@13560
   366
paulson@13560
   367
paulson@13560
   368
subsection{*@{term zadd}: addition on int*}
paulson@13560
   369
paulson@13560
   370
text{*Congruence Property for Addition*}
paulson@13560
   371
lemma zadd_congruent2: 
paulson@15182
   372
    "(%z1 z2. let <x1,y1>=z1; <x2,y2>=z2                  
paulson@15182
   373
                            in intrel``{<x1#+x2, y1#+y2>})
paulson@15182
   374
     respects2 intrel"
paulson@14511
   375
apply (simp add: congruent2_def)
paulson@13560
   376
(*Proof via congruent2_commuteI seems longer*)
paulson@13560
   377
apply safe
paulson@13560
   378
apply (simp (no_asm_simp) add: add_assoc Let_def)
paulson@13560
   379
(*The rest should be trivial, but rearranging terms is hard
paulson@13560
   380
  add_ac does not help rewriting with the assumptions.*)
paulson@13560
   381
apply (rule_tac m1 = x1a in add_left_commute [THEN ssubst])
paulson@13560
   382
apply (rule_tac m1 = x2a in add_left_commute [THEN ssubst])
paulson@13560
   383
apply (simp (no_asm_simp) add: add_assoc [symmetric])
paulson@13560
   384
done
paulson@13560
   385
paulson@13560
   386
lemma raw_zadd_type: "[| z: int;  w: int |] ==> raw_zadd(z,w) : int"
paulson@14511
   387
apply (simp add: int_def raw_zadd_def)
paulson@13560
   388
apply (rule UN_equiv_class_type2 [OF equiv_intrel zadd_congruent2], assumption+)
paulson@13560
   389
apply (simp add: Let_def)
paulson@13560
   390
done
paulson@13560
   391
paulson@13560
   392
lemma zadd_type [iff,TC]: "z $+ w : int"
paulson@13560
   393
by (simp add: zadd_def raw_zadd_type)
paulson@13560
   394
paulson@13560
   395
lemma raw_zadd: 
paulson@14511
   396
  "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]               
paulson@13560
   397
   ==> raw_zadd (intrel``{<x1,y1>}, intrel``{<x2,y2>}) =   
paulson@13560
   398
       intrel `` {<x1#+x2, y1#+y2>}"
paulson@15182
   399
apply (simp add: raw_zadd_def 
paulson@15182
   400
             UN_equiv_class2 [OF equiv_intrel equiv_intrel zadd_congruent2])
paulson@13560
   401
apply (simp add: Let_def)
paulson@13560
   402
done
paulson@13560
   403
paulson@13560
   404
lemma zadd: 
paulson@14511
   405
  "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]          
paulson@13560
   406
   ==> (intrel``{<x1,y1>}) $+ (intrel``{<x2,y2>}) =   
paulson@13560
   407
       intrel `` {<x1#+x2, y1#+y2>}"
paulson@14511
   408
by (simp add: zadd_def raw_zadd image_intrel_int)
paulson@13560
   409
paulson@13560
   410
lemma raw_zadd_int0: "z : int ==> raw_zadd ($#0,z) = z"
paulson@14511
   411
by (auto simp add: int_def int_of_def raw_zadd)
paulson@13560
   412
paulson@13560
   413
lemma zadd_int0_intify [simp]: "$#0 $+ z = intify(z)"
paulson@13560
   414
by (simp add: zadd_def raw_zadd_int0)
paulson@13560
   415
paulson@13560
   416
lemma zadd_int0: "z: int ==> $#0 $+ z = z"
paulson@13560
   417
by simp
paulson@13560
   418
paulson@13560
   419
lemma raw_zminus_zadd_distrib: 
paulson@13560
   420
     "[| z: int;  w: int |] ==> $- raw_zadd(z,w) = raw_zadd($- z, $- w)"
paulson@14511
   421
by (auto simp add: zminus raw_zadd int_def)
paulson@13560
   422
paulson@13560
   423
lemma zminus_zadd_distrib [simp]: "$- (z $+ w) = $- z $+ $- w"
paulson@13560
   424
by (simp add: zadd_def raw_zminus_zadd_distrib)
paulson@13560
   425
paulson@13560
   426
lemma raw_zadd_commute:
paulson@13560
   427
     "[| z: int;  w: int |] ==> raw_zadd(z,w) = raw_zadd(w,z)"
paulson@14511
   428
by (auto simp add: raw_zadd add_ac int_def)
paulson@13560
   429
paulson@13560
   430
lemma zadd_commute: "z $+ w = w $+ z"
paulson@13560
   431
by (simp add: zadd_def raw_zadd_commute)
paulson@13560
   432
paulson@13560
   433
lemma raw_zadd_assoc: 
paulson@13560
   434
    "[| z1: int;  z2: int;  z3: int |]    
paulson@13560
   435
     ==> raw_zadd (raw_zadd(z1,z2),z3) = raw_zadd(z1,raw_zadd(z2,z3))"
paulson@14511
   436
by (auto simp add: int_def raw_zadd add_assoc)
paulson@13560
   437
paulson@13560
   438
lemma zadd_assoc: "(z1 $+ z2) $+ z3 = z1 $+ (z2 $+ z3)"
paulson@13560
   439
by (simp add: zadd_def raw_zadd_type raw_zadd_assoc)
paulson@13560
   440
paulson@13560
   441
(*For AC rewriting*)
paulson@13560
   442
lemma zadd_left_commute: "z1$+(z2$+z3) = z2$+(z1$+z3)"
paulson@13560
   443
apply (simp add: zadd_assoc [symmetric])
paulson@13560
   444
apply (simp add: zadd_commute)
paulson@13560
   445
done
paulson@13560
   446
paulson@13560
   447
(*Integer addition is an AC operator*)
paulson@13560
   448
lemmas zadd_ac = zadd_assoc zadd_commute zadd_left_commute
paulson@13560
   449
paulson@13560
   450
lemma int_of_add: "$# (m #+ n) = ($#m) $+ ($#n)"
paulson@14511
   451
by (simp add: int_of_def zadd)
paulson@13560
   452
paulson@13560
   453
lemma int_succ_int_1: "$# succ(m) = $# 1 $+ ($# m)"
paulson@13560
   454
by (simp add: int_of_add [symmetric] natify_succ)
paulson@13560
   455
paulson@13560
   456
lemma int_of_diff: 
paulson@14511
   457
     "[| m\<in>nat;  n le m |] ==> $# (m #- n) = ($#m) $- ($#n)"
paulson@14511
   458
apply (simp add: int_of_def zdiff_def)
paulson@13560
   459
apply (frule lt_nat_in_nat)
paulson@13560
   460
apply (simp_all add: zadd zminus add_diff_inverse2)
paulson@13560
   461
done
paulson@13560
   462
paulson@13560
   463
lemma raw_zadd_zminus_inverse: "z : int ==> raw_zadd (z, $- z) = $#0"
paulson@14511
   464
by (auto simp add: int_def int_of_def zminus raw_zadd add_commute)
paulson@13560
   465
paulson@13560
   466
lemma zadd_zminus_inverse [simp]: "z $+ ($- z) = $#0"
paulson@13560
   467
apply (simp add: zadd_def)
paulson@13560
   468
apply (subst zminus_intify [symmetric])
paulson@13560
   469
apply (rule intify_in_int [THEN raw_zadd_zminus_inverse])
paulson@13560
   470
done
paulson@13560
   471
paulson@13560
   472
lemma zadd_zminus_inverse2 [simp]: "($- z) $+ z = $#0"
paulson@13560
   473
by (simp add: zadd_commute zadd_zminus_inverse)
paulson@13560
   474
paulson@13560
   475
lemma zadd_int0_right_intify [simp]: "z $+ $#0 = intify(z)"
paulson@13560
   476
by (rule trans [OF zadd_commute zadd_int0_intify])
paulson@13560
   477
paulson@13560
   478
lemma zadd_int0_right: "z:int ==> z $+ $#0 = z"
paulson@13560
   479
by simp
paulson@13560
   480
paulson@13560
   481
paulson@13560
   482
subsection{*@{term zmult}: Integer Multiplication*}
paulson@13560
   483
paulson@13560
   484
text{*Congruence property for multiplication*}
paulson@13560
   485
lemma zmult_congruent2:
paulson@15182
   486
    "(%p1 p2. split(%x1 y1. split(%x2 y2.      
paulson@15182
   487
                    intrel``{<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}, p2), p1))
paulson@15182
   488
     respects2 intrel"
paulson@13560
   489
apply (rule equiv_intrel [THEN congruent2_commuteI], auto)
paulson@13560
   490
(*Proof that zmult is congruent in one argument*)
paulson@13560
   491
apply (rename_tac x y)
paulson@13560
   492
apply (frule_tac t = "%u. x#*u" in sym [THEN subst_context])
paulson@13560
   493
apply (drule_tac t = "%u. y#*u" in subst_context)
paulson@13560
   494
apply (erule add_left_cancel)+
paulson@13560
   495
apply (simp_all add: add_mult_distrib_left)
paulson@13560
   496
done
paulson@13560
   497
paulson@13560
   498
paulson@13560
   499
lemma raw_zmult_type: "[| z: int;  w: int |] ==> raw_zmult(z,w) : int"
paulson@14511
   500
apply (simp add: int_def raw_zmult_def)
paulson@13560
   501
apply (rule UN_equiv_class_type2 [OF equiv_intrel zmult_congruent2], assumption+)
paulson@13560
   502
apply (simp add: Let_def)
paulson@13560
   503
done
paulson@13560
   504
paulson@13560
   505
lemma zmult_type [iff,TC]: "z $* w : int"
paulson@13560
   506
by (simp add: zmult_def raw_zmult_type)
paulson@13560
   507
paulson@13560
   508
lemma raw_zmult: 
paulson@14511
   509
     "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]     
paulson@13560
   510
      ==> raw_zmult(intrel``{<x1,y1>}, intrel``{<x2,y2>}) =      
paulson@13560
   511
          intrel `` {<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}"
paulson@15182
   512
by (simp add: raw_zmult_def 
paulson@15182
   513
           UN_equiv_class2 [OF equiv_intrel equiv_intrel zmult_congruent2])
paulson@13560
   514
paulson@13560
   515
lemma zmult: 
paulson@14511
   516
     "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]     
paulson@13560
   517
      ==> (intrel``{<x1,y1>}) $* (intrel``{<x2,y2>}) =      
paulson@13560
   518
          intrel `` {<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}"
paulson@14511
   519
by (simp add: zmult_def raw_zmult image_intrel_int)
paulson@13560
   520
paulson@13560
   521
lemma raw_zmult_int0: "z : int ==> raw_zmult ($#0,z) = $#0"
paulson@14511
   522
by (auto simp add: int_def int_of_def raw_zmult)
paulson@13560
   523
paulson@13560
   524
lemma zmult_int0 [simp]: "$#0 $* z = $#0"
paulson@13560
   525
by (simp add: zmult_def raw_zmult_int0)
paulson@13560
   526
paulson@13560
   527
lemma raw_zmult_int1: "z : int ==> raw_zmult ($#1,z) = z"
paulson@14511
   528
by (auto simp add: int_def int_of_def raw_zmult)
paulson@13560
   529
paulson@13560
   530
lemma zmult_int1_intify [simp]: "$#1 $* z = intify(z)"
paulson@13560
   531
by (simp add: zmult_def raw_zmult_int1)
paulson@13560
   532
paulson@13560
   533
lemma zmult_int1: "z : int ==> $#1 $* z = z"
paulson@13560
   534
by simp
paulson@13560
   535
paulson@13560
   536
lemma raw_zmult_commute:
paulson@13560
   537
     "[| z: int;  w: int |] ==> raw_zmult(z,w) = raw_zmult(w,z)"
paulson@14511
   538
by (auto simp add: int_def raw_zmult add_ac mult_ac)
paulson@13560
   539
paulson@13560
   540
lemma zmult_commute: "z $* w = w $* z"
paulson@13560
   541
by (simp add: zmult_def raw_zmult_commute)
paulson@13560
   542
paulson@13560
   543
lemma raw_zmult_zminus: 
paulson@13560
   544
     "[| z: int;  w: int |] ==> raw_zmult($- z, w) = $- raw_zmult(z, w)"
paulson@14511
   545
by (auto simp add: int_def zminus raw_zmult add_ac)
paulson@13560
   546
paulson@13560
   547
lemma zmult_zminus [simp]: "($- z) $* w = $- (z $* w)"
paulson@13560
   548
apply (simp add: zmult_def raw_zmult_zminus)
paulson@13560
   549
apply (subst zminus_intify [symmetric], rule raw_zmult_zminus, auto)
paulson@13560
   550
done
paulson@13560
   551
paulson@13560
   552
lemma zmult_zminus_right [simp]: "w $* ($- z) = $- (w $* z)"
paulson@13560
   553
by (simp add: zmult_commute [of w])
paulson@13560
   554
paulson@13560
   555
lemma raw_zmult_assoc: 
paulson@13560
   556
    "[| z1: int;  z2: int;  z3: int |]    
paulson@13560
   557
     ==> raw_zmult (raw_zmult(z1,z2),z3) = raw_zmult(z1,raw_zmult(z2,z3))"
paulson@14511
   558
by (auto simp add: int_def raw_zmult add_mult_distrib_left add_ac mult_ac)
paulson@13560
   559
paulson@13560
   560
lemma zmult_assoc: "(z1 $* z2) $* z3 = z1 $* (z2 $* z3)"
paulson@13560
   561
by (simp add: zmult_def raw_zmult_type raw_zmult_assoc)
paulson@13560
   562
paulson@13560
   563
(*For AC rewriting*)
paulson@13560
   564
lemma zmult_left_commute: "z1$*(z2$*z3) = z2$*(z1$*z3)"
paulson@13560
   565
apply (simp add: zmult_assoc [symmetric])
paulson@13560
   566
apply (simp add: zmult_commute)
paulson@13560
   567
done
paulson@13560
   568
paulson@13560
   569
(*Integer multiplication is an AC operator*)
paulson@13560
   570
lemmas zmult_ac = zmult_assoc zmult_commute zmult_left_commute
paulson@13560
   571
paulson@13560
   572
lemma raw_zadd_zmult_distrib: 
paulson@13560
   573
    "[| z1: int;  z2: int;  w: int |]   
paulson@13560
   574
     ==> raw_zmult(raw_zadd(z1,z2), w) =  
paulson@13560
   575
         raw_zadd (raw_zmult(z1,w), raw_zmult(z2,w))"
paulson@14511
   576
by (auto simp add: int_def raw_zadd raw_zmult add_mult_distrib_left add_ac mult_ac)
paulson@13560
   577
paulson@13560
   578
lemma zadd_zmult_distrib: "(z1 $+ z2) $* w = (z1 $* w) $+ (z2 $* w)"
paulson@13560
   579
by (simp add: zmult_def zadd_def raw_zadd_type raw_zmult_type 
paulson@13560
   580
              raw_zadd_zmult_distrib)
paulson@13560
   581
paulson@13560
   582
lemma zadd_zmult_distrib2: "w $* (z1 $+ z2) = (w $* z1) $+ (w $* z2)"
paulson@13560
   583
by (simp add: zmult_commute [of w] zadd_zmult_distrib)
paulson@13560
   584
paulson@13560
   585
lemmas int_typechecks = 
paulson@13560
   586
  int_of_type zminus_type zmagnitude_type zadd_type zmult_type
paulson@13560
   587
paulson@13560
   588
paulson@13560
   589
(*** Subtraction laws ***)
paulson@13560
   590
paulson@13560
   591
lemma zdiff_type [iff,TC]: "z $- w : int"
paulson@13560
   592
by (simp add: zdiff_def)
paulson@13560
   593
paulson@13560
   594
lemma zminus_zdiff_eq [simp]: "$- (z $- y) = y $- z"
paulson@13560
   595
by (simp add: zdiff_def zadd_commute)
paulson@13560
   596
paulson@13560
   597
lemma zdiff_zmult_distrib: "(z1 $- z2) $* w = (z1 $* w) $- (z2 $* w)"
paulson@14511
   598
apply (simp add: zdiff_def)
paulson@13560
   599
apply (subst zadd_zmult_distrib)
paulson@13560
   600
apply (simp add: zmult_zminus)
paulson@13560
   601
done
paulson@13560
   602
paulson@13560
   603
lemma zdiff_zmult_distrib2: "w $* (z1 $- z2) = (w $* z1) $- (w $* z2)"
paulson@13560
   604
by (simp add: zmult_commute [of w] zdiff_zmult_distrib)
paulson@13560
   605
paulson@13560
   606
lemma zadd_zdiff_eq: "x $+ (y $- z) = (x $+ y) $- z"
paulson@13560
   607
by (simp add: zdiff_def zadd_ac)
paulson@13560
   608
paulson@13560
   609
lemma zdiff_zadd_eq: "(x $- y) $+ z = (x $+ z) $- y"
paulson@13560
   610
by (simp add: zdiff_def zadd_ac)
paulson@13560
   611
paulson@13560
   612
paulson@13560
   613
subsection{*The "Less Than" Relation*}
paulson@13560
   614
paulson@13560
   615
(*"Less than" is a linear ordering*)
paulson@13560
   616
lemma zless_linear_lemma: 
paulson@13560
   617
     "[| z: int; w: int |] ==> z$<w | z=w | w$<z"
paulson@14511
   618
apply (simp add: int_def zless_def znegative_def zdiff_def, auto)
paulson@13560
   619
apply (simp add: zadd zminus image_iff Bex_def)
paulson@13560
   620
apply (rule_tac i = "xb#+ya" and j = "xc #+ y" in Ord_linear_lt)
paulson@13560
   621
apply (force dest!: spec simp add: add_ac)+
paulson@13560
   622
done
paulson@13560
   623
paulson@13560
   624
lemma zless_linear: "z$<w | intify(z)=intify(w) | w$<z"
paulson@13560
   625
apply (cut_tac z = " intify (z) " and w = " intify (w) " in zless_linear_lemma)
paulson@13560
   626
apply auto
paulson@13560
   627
done
paulson@13560
   628
paulson@13560
   629
lemma zless_not_refl [iff]: "~ (z$<z)"
paulson@14511
   630
by (auto simp add: zless_def znegative_def int_of_def zdiff_def)
paulson@13560
   631
paulson@13560
   632
lemma neq_iff_zless: "[| x: int; y: int |] ==> (x ~= y) <-> (x $< y | y $< x)"
paulson@13560
   633
by (cut_tac z = x and w = y in zless_linear, auto)
paulson@13560
   634
paulson@13560
   635
lemma zless_imp_intify_neq: "w $< z ==> intify(w) ~= intify(z)"
paulson@13560
   636
apply auto
paulson@13560
   637
apply (subgoal_tac "~ (intify (w) $< intify (z))")
paulson@13560
   638
apply (erule_tac [2] ssubst)
paulson@13560
   639
apply (simp (no_asm_use))
paulson@13560
   640
apply auto
paulson@13560
   641
done
paulson@13560
   642
paulson@13560
   643
(*This lemma allows direct proofs of other <-properties*)
paulson@13560
   644
lemma zless_imp_succ_zadd_lemma: 
paulson@14511
   645
    "[| w $< z; w: int; z: int |] ==> (\<exists>n\<in>nat. z = w $+ $#(succ(n)))"
paulson@14511
   646
apply (simp add: zless_def znegative_def zdiff_def int_def)
paulson@13560
   647
apply (auto dest!: less_imp_succ_add simp add: zadd zminus int_of_def)
paulson@13560
   648
apply (rule_tac x = k in bexI)
paulson@13560
   649
apply (erule add_left_cancel, auto)
paulson@13560
   650
done
paulson@13560
   651
paulson@13560
   652
lemma zless_imp_succ_zadd:
paulson@14511
   653
     "w $< z ==> (\<exists>n\<in>nat. w $+ $#(succ(n)) = intify(z))"
paulson@13560
   654
apply (subgoal_tac "intify (w) $< intify (z) ")
paulson@13560
   655
apply (drule_tac w = "intify (w) " in zless_imp_succ_zadd_lemma)
paulson@13560
   656
apply auto
paulson@13560
   657
done
paulson@13560
   658
paulson@13560
   659
lemma zless_succ_zadd_lemma: 
paulson@13560
   660
    "w : int ==> w $< w $+ $# succ(n)"
paulson@14511
   661
apply (simp add: zless_def znegative_def zdiff_def int_def)
paulson@13560
   662
apply (auto simp add: zadd zminus int_of_def image_iff)
paulson@13560
   663
apply (rule_tac x = 0 in exI, auto)
paulson@13560
   664
done
paulson@13560
   665
paulson@13560
   666
lemma zless_succ_zadd: "w $< w $+ $# succ(n)"
paulson@13560
   667
by (cut_tac intify_in_int [THEN zless_succ_zadd_lemma], auto)
paulson@13560
   668
paulson@13560
   669
lemma zless_iff_succ_zadd:
paulson@14511
   670
     "w $< z <-> (\<exists>n\<in>nat. w $+ $#(succ(n)) = intify(z))"
paulson@13560
   671
apply (rule iffI)
paulson@13560
   672
apply (erule zless_imp_succ_zadd, auto)
paulson@13560
   673
apply (rename_tac "n")
paulson@13560
   674
apply (cut_tac w = w and n = n in zless_succ_zadd, auto)
paulson@13560
   675
done
paulson@13560
   676
paulson@14511
   677
lemma zless_int_of [simp]: "[| m\<in>nat; n\<in>nat |] ==> ($#m $< $#n) <-> (m<n)"
paulson@13560
   678
apply (simp add: less_iff_succ_add zless_iff_succ_zadd int_of_add [symmetric])
paulson@13560
   679
apply (blast intro: sym)
paulson@13560
   680
done
paulson@13560
   681
paulson@13560
   682
lemma zless_trans_lemma: 
paulson@13560
   683
    "[| x $< y; y $< z; x: int; y : int; z: int |] ==> x $< z"
paulson@14511
   684
apply (simp add: zless_def znegative_def zdiff_def int_def)
paulson@13560
   685
apply (auto simp add: zadd zminus image_iff)
paulson@13560
   686
apply (rename_tac x1 x2 y1 y2)
paulson@13560
   687
apply (rule_tac x = "x1#+x2" in exI)
paulson@13560
   688
apply (rule_tac x = "y1#+y2" in exI)
paulson@13560
   689
apply (auto simp add: add_lt_mono)
paulson@13560
   690
apply (rule sym)
paulson@13560
   691
apply (erule add_left_cancel)+
paulson@13560
   692
apply auto
paulson@13560
   693
done
paulson@13560
   694
paulson@13560
   695
lemma zless_trans: "[| x $< y; y $< z |] ==> x $< z"
paulson@13560
   696
apply (subgoal_tac "intify (x) $< intify (z) ")
paulson@13560
   697
apply (rule_tac [2] y = "intify (y) " in zless_trans_lemma)
paulson@13560
   698
apply auto
paulson@13560
   699
done
paulson@13560
   700
paulson@13560
   701
lemma zless_not_sym: "z $< w ==> ~ (w $< z)"
paulson@13560
   702
by (blast dest: zless_trans)
paulson@13560
   703
paulson@13560
   704
(* [| z $< w; ~ P ==> w $< z |] ==> P *)
paulson@13560
   705
lemmas zless_asym = zless_not_sym [THEN swap, standard]
paulson@13560
   706
paulson@13560
   707
lemma zless_imp_zle: "z $< w ==> z $<= w"
paulson@14511
   708
by (simp add: zle_def)
paulson@13560
   709
paulson@13560
   710
lemma zle_linear: "z $<= w | w $<= z"
paulson@13560
   711
apply (simp add: zle_def)
paulson@13560
   712
apply (cut_tac zless_linear, blast)
paulson@13560
   713
done
paulson@13560
   714
paulson@13560
   715
paulson@13560
   716
subsection{*Less Than or Equals*}
paulson@13560
   717
paulson@13560
   718
lemma zle_refl: "z $<= z"
paulson@14511
   719
by (simp add: zle_def)
paulson@13560
   720
paulson@13560
   721
lemma zle_eq_refl: "x=y ==> x $<= y"
paulson@13560
   722
by (simp add: zle_refl)
paulson@13560
   723
paulson@13560
   724
lemma zle_anti_sym_intify: "[| x $<= y; y $<= x |] ==> intify(x) = intify(y)"
paulson@14511
   725
apply (simp add: zle_def, auto)
paulson@13560
   726
apply (blast dest: zless_trans)
paulson@13560
   727
done
paulson@13560
   728
paulson@13560
   729
lemma zle_anti_sym: "[| x $<= y; y $<= x; x: int; y: int |] ==> x=y"
paulson@13560
   730
by (drule zle_anti_sym_intify, auto)
paulson@13560
   731
paulson@13560
   732
lemma zle_trans_lemma:
paulson@13560
   733
     "[| x: int; y: int; z: int; x $<= y; y $<= z |] ==> x $<= z"
paulson@14511
   734
apply (simp add: zle_def, auto)
paulson@13560
   735
apply (blast intro: zless_trans)
paulson@13560
   736
done
paulson@13560
   737
paulson@13560
   738
lemma zle_trans: "[| x $<= y; y $<= z |] ==> x $<= z"
paulson@13560
   739
apply (subgoal_tac "intify (x) $<= intify (z) ")
paulson@13560
   740
apply (rule_tac [2] y = "intify (y) " in zle_trans_lemma)
paulson@13560
   741
apply auto
paulson@13560
   742
done
paulson@13560
   743
paulson@13560
   744
lemma zle_zless_trans: "[| i $<= j; j $< k |] ==> i $< k"
paulson@13560
   745
apply (auto simp add: zle_def)
paulson@13560
   746
apply (blast intro: zless_trans)
paulson@13560
   747
apply (simp add: zless_def zdiff_def zadd_def)
paulson@13560
   748
done
paulson@13560
   749
paulson@13560
   750
lemma zless_zle_trans: "[| i $< j; j $<= k |] ==> i $< k"
paulson@13560
   751
apply (auto simp add: zle_def)
paulson@13560
   752
apply (blast intro: zless_trans)
paulson@13560
   753
apply (simp add: zless_def zdiff_def zminus_def)
paulson@13560
   754
done
paulson@13560
   755
paulson@13560
   756
lemma not_zless_iff_zle: "~ (z $< w) <-> (w $<= z)"
paulson@13560
   757
apply (cut_tac z = z and w = w in zless_linear)
paulson@13560
   758
apply (auto dest: zless_trans simp add: zle_def)
paulson@13560
   759
apply (auto dest!: zless_imp_intify_neq)
paulson@13560
   760
done
paulson@13560
   761
paulson@13560
   762
lemma not_zle_iff_zless: "~ (z $<= w) <-> (w $< z)"
paulson@13560
   763
by (simp add: not_zless_iff_zle [THEN iff_sym])
paulson@13560
   764
paulson@13560
   765
paulson@13560
   766
subsection{*More subtraction laws (for @{text zcompare_rls})*}
paulson@13560
   767
paulson@13560
   768
lemma zdiff_zdiff_eq: "(x $- y) $- z = x $- (y $+ z)"
paulson@13560
   769
by (simp add: zdiff_def zadd_ac)
paulson@13560
   770
paulson@13560
   771
lemma zdiff_zdiff_eq2: "x $- (y $- z) = (x $+ z) $- y"
paulson@13560
   772
by (simp add: zdiff_def zadd_ac)
paulson@13560
   773
paulson@13560
   774
lemma zdiff_zless_iff: "(x$-y $< z) <-> (x $< z $+ y)"
paulson@14511
   775
by (simp add: zless_def zdiff_def zadd_ac)
paulson@13560
   776
paulson@13560
   777
lemma zless_zdiff_iff: "(x $< z$-y) <-> (x $+ y $< z)"
paulson@14511
   778
by (simp add: zless_def zdiff_def zadd_ac)
paulson@13560
   779
paulson@13560
   780
lemma zdiff_eq_iff: "[| x: int; z: int |] ==> (x$-y = z) <-> (x = z $+ y)"
paulson@14511
   781
by (auto simp add: zdiff_def zadd_assoc)
paulson@13560
   782
paulson@13560
   783
lemma eq_zdiff_iff: "[| x: int; z: int |] ==> (x = z$-y) <-> (x $+ y = z)"
paulson@14511
   784
by (auto simp add: zdiff_def zadd_assoc)
paulson@13560
   785
paulson@13560
   786
lemma zdiff_zle_iff_lemma:
paulson@13560
   787
     "[| x: int; z: int |] ==> (x$-y $<= z) <-> (x $<= z $+ y)"
paulson@14511
   788
by (auto simp add: zle_def zdiff_eq_iff zdiff_zless_iff)
paulson@13560
   789
paulson@13560
   790
lemma zdiff_zle_iff: "(x$-y $<= z) <-> (x $<= z $+ y)"
paulson@13560
   791
by (cut_tac zdiff_zle_iff_lemma [OF intify_in_int intify_in_int], simp)
paulson@13560
   792
paulson@13560
   793
lemma zle_zdiff_iff_lemma:
paulson@13560
   794
     "[| x: int; z: int |] ==>(x $<= z$-y) <-> (x $+ y $<= z)"
paulson@14511
   795
apply (auto simp add: zle_def zdiff_eq_iff zless_zdiff_iff)
paulson@13560
   796
apply (auto simp add: zdiff_def zadd_assoc)
paulson@13560
   797
done
paulson@13560
   798
paulson@13560
   799
lemma zle_zdiff_iff: "(x $<= z$-y) <-> (x $+ y $<= z)"
paulson@13560
   800
by (cut_tac zle_zdiff_iff_lemma [ OF intify_in_int intify_in_int], simp)
paulson@13560
   801
paulson@13560
   802
text{*This list of rewrites simplifies (in)equalities by bringing subtractions
paulson@13560
   803
  to the top and then moving negative terms to the other side.  
paulson@13560
   804
  Use with @{text zadd_ac}*}
paulson@13560
   805
lemmas zcompare_rls =
paulson@13560
   806
     zdiff_def [symmetric]
paulson@13560
   807
     zadd_zdiff_eq zdiff_zadd_eq zdiff_zdiff_eq zdiff_zdiff_eq2 
paulson@13560
   808
     zdiff_zless_iff zless_zdiff_iff zdiff_zle_iff zle_zdiff_iff 
paulson@13560
   809
     zdiff_eq_iff eq_zdiff_iff
paulson@13560
   810
paulson@13560
   811
paulson@13560
   812
subsection{*Monotonicity and Cancellation Results for Instantiation
paulson@13560
   813
     of the CancelNumerals Simprocs*}
paulson@13560
   814
paulson@13560
   815
lemma zadd_left_cancel:
paulson@13560
   816
     "[| w: int; w': int |] ==> (z $+ w' = z $+ w) <-> (w' = w)"
paulson@13560
   817
apply safe
paulson@13560
   818
apply (drule_tac t = "%x. x $+ ($-z) " in subst_context)
paulson@13560
   819
apply (simp add: zadd_ac)
paulson@13560
   820
done
paulson@13560
   821
paulson@13560
   822
lemma zadd_left_cancel_intify [simp]:
paulson@13560
   823
     "(z $+ w' = z $+ w) <-> intify(w') = intify(w)"
paulson@13560
   824
apply (rule iff_trans)
paulson@13560
   825
apply (rule_tac [2] zadd_left_cancel, auto)
paulson@13560
   826
done
paulson@13560
   827
paulson@13560
   828
lemma zadd_right_cancel:
paulson@13560
   829
     "[| w: int; w': int |] ==> (w' $+ z = w $+ z) <-> (w' = w)"
paulson@13560
   830
apply safe
paulson@13560
   831
apply (drule_tac t = "%x. x $+ ($-z) " in subst_context)
paulson@13560
   832
apply (simp add: zadd_ac)
paulson@13560
   833
done
paulson@13560
   834
paulson@13560
   835
lemma zadd_right_cancel_intify [simp]:
paulson@13560
   836
     "(w' $+ z = w $+ z) <-> intify(w') = intify(w)"
paulson@13560
   837
apply (rule iff_trans)
paulson@13560
   838
apply (rule_tac [2] zadd_right_cancel, auto)
paulson@13560
   839
done
paulson@13560
   840
paulson@13560
   841
lemma zadd_right_cancel_zless [simp]: "(w' $+ z $< w $+ z) <-> (w' $< w)"
paulson@14511
   842
by (simp add: zdiff_zless_iff [THEN iff_sym] zdiff_def zadd_assoc)
paulson@13560
   843
paulson@13560
   844
lemma zadd_left_cancel_zless [simp]: "(z $+ w' $< z $+ w) <-> (w' $< w)"
paulson@13560
   845
by (simp add: zadd_commute [of z] zadd_right_cancel_zless)
paulson@13560
   846
paulson@13560
   847
lemma zadd_right_cancel_zle [simp]: "(w' $+ z $<= w $+ z) <-> w' $<= w"
paulson@13560
   848
by (simp add: zle_def)
paulson@13560
   849
paulson@13560
   850
lemma zadd_left_cancel_zle [simp]: "(z $+ w' $<= z $+ w) <->  w' $<= w"
paulson@13560
   851
by (simp add: zadd_commute [of z]  zadd_right_cancel_zle)
paulson@13560
   852
paulson@13560
   853
paulson@13560
   854
(*"v $<= w ==> v$+z $<= w$+z"*)
paulson@13560
   855
lemmas zadd_zless_mono1 = zadd_right_cancel_zless [THEN iffD2, standard]
paulson@13560
   856
paulson@13560
   857
(*"v $<= w ==> z$+v $<= z$+w"*)
paulson@13560
   858
lemmas zadd_zless_mono2 = zadd_left_cancel_zless [THEN iffD2, standard]
paulson@13560
   859
paulson@13560
   860
(*"v $<= w ==> v$+z $<= w$+z"*)
paulson@13560
   861
lemmas zadd_zle_mono1 = zadd_right_cancel_zle [THEN iffD2, standard]
paulson@13560
   862
paulson@13560
   863
(*"v $<= w ==> z$+v $<= z$+w"*)
paulson@13560
   864
lemmas zadd_zle_mono2 = zadd_left_cancel_zle [THEN iffD2, standard]
paulson@13560
   865
paulson@13560
   866
lemma zadd_zle_mono: "[| w' $<= w; z' $<= z |] ==> w' $+ z' $<= w $+ z"
paulson@13560
   867
by (erule zadd_zle_mono1 [THEN zle_trans], simp)
paulson@13560
   868
paulson@13560
   869
lemma zadd_zless_mono: "[| w' $< w; z' $<= z |] ==> w' $+ z' $< w $+ z"
paulson@13560
   870
by (erule zadd_zless_mono1 [THEN zless_zle_trans], simp)
paulson@13560
   871
paulson@13560
   872
paulson@13560
   873
subsection{*Comparison laws*}
paulson@13560
   874
paulson@13560
   875
lemma zminus_zless_zminus [simp]: "($- x $< $- y) <-> (y $< x)"
paulson@13560
   876
by (simp add: zless_def zdiff_def zadd_ac)
paulson@13560
   877
paulson@13560
   878
lemma zminus_zle_zminus [simp]: "($- x $<= $- y) <-> (y $<= x)"
paulson@13560
   879
by (simp add: not_zless_iff_zle [THEN iff_sym])
paulson@13560
   880
paulson@13560
   881
subsubsection{*More inequality lemmas*}
paulson@13560
   882
paulson@13560
   883
lemma equation_zminus: "[| x: int;  y: int |] ==> (x = $- y) <-> (y = $- x)"
paulson@13560
   884
by auto
paulson@13560
   885
paulson@13560
   886
lemma zminus_equation: "[| x: int;  y: int |] ==> ($- x = y) <-> ($- y = x)"
paulson@13560
   887
by auto
paulson@13560
   888
paulson@13560
   889
lemma equation_zminus_intify: "(intify(x) = $- y) <-> (intify(y) = $- x)"
paulson@13560
   890
apply (cut_tac x = "intify (x) " and y = "intify (y) " in equation_zminus)
paulson@13560
   891
apply auto
paulson@13560
   892
done
paulson@13560
   893
paulson@13560
   894
lemma zminus_equation_intify: "($- x = intify(y)) <-> ($- y = intify(x))"
paulson@13560
   895
apply (cut_tac x = "intify (x) " and y = "intify (y) " in zminus_equation)
paulson@13560
   896
apply auto
paulson@13560
   897
done
paulson@13560
   898
paulson@13560
   899
paulson@13560
   900
subsubsection{*The next several equations are permutative: watch out!*}
paulson@13560
   901
paulson@13560
   902
lemma zless_zminus: "(x $< $- y) <-> (y $< $- x)"
paulson@13560
   903
by (simp add: zless_def zdiff_def zadd_ac)
paulson@13560
   904
paulson@13560
   905
lemma zminus_zless: "($- x $< y) <-> ($- y $< x)"
paulson@13560
   906
by (simp add: zless_def zdiff_def zadd_ac)
paulson@13560
   907
paulson@13560
   908
lemma zle_zminus: "(x $<= $- y) <-> (y $<= $- x)"
paulson@13560
   909
by (simp add: not_zless_iff_zle [THEN iff_sym] zminus_zless)
paulson@13560
   910
paulson@13560
   911
lemma zminus_zle: "($- x $<= y) <-> ($- y $<= x)"
paulson@13560
   912
by (simp add: not_zless_iff_zle [THEN iff_sym] zless_zminus)
paulson@13560
   913
paulson@13560
   914
ML
paulson@13560
   915
{*
paulson@13560
   916
val zdiff_def = thm "zdiff_def";
paulson@13560
   917
val int_of_type = thm "int_of_type";
paulson@13560
   918
val int_of_eq = thm "int_of_eq";
paulson@13560
   919
val int_of_inject = thm "int_of_inject";
paulson@13560
   920
val intify_in_int = thm "intify_in_int";
paulson@13560
   921
val intify_ident = thm "intify_ident";
paulson@13560
   922
val intify_idem = thm "intify_idem";
paulson@13560
   923
val int_of_natify = thm "int_of_natify";
paulson@13560
   924
val zminus_intify = thm "zminus_intify";
paulson@13560
   925
val zadd_intify1 = thm "zadd_intify1";
paulson@13560
   926
val zadd_intify2 = thm "zadd_intify2";
paulson@13560
   927
val zdiff_intify1 = thm "zdiff_intify1";
paulson@13560
   928
val zdiff_intify2 = thm "zdiff_intify2";
paulson@13560
   929
val zmult_intify1 = thm "zmult_intify1";
paulson@13560
   930
val zmult_intify2 = thm "zmult_intify2";
paulson@13560
   931
val zless_intify1 = thm "zless_intify1";
paulson@13560
   932
val zless_intify2 = thm "zless_intify2";
paulson@13560
   933
val zle_intify1 = thm "zle_intify1";
paulson@13560
   934
val zle_intify2 = thm "zle_intify2";
paulson@13560
   935
val zminus_congruent = thm "zminus_congruent";
paulson@13560
   936
val zminus_type = thm "zminus_type";
paulson@13560
   937
val zminus_inject_intify = thm "zminus_inject_intify";
paulson@13560
   938
val zminus_inject = thm "zminus_inject";
paulson@13560
   939
val zminus = thm "zminus";
paulson@13560
   940
val zminus_zminus_intify = thm "zminus_zminus_intify";
paulson@13560
   941
val zminus_int0 = thm "zminus_int0";
paulson@13560
   942
val zminus_zminus = thm "zminus_zminus";
paulson@13560
   943
val not_znegative_int_of = thm "not_znegative_int_of";
paulson@13560
   944
val znegative_zminus_int_of = thm "znegative_zminus_int_of";
paulson@13560
   945
val not_znegative_imp_zero = thm "not_znegative_imp_zero";
paulson@13560
   946
val nat_of_intify = thm "nat_of_intify";
paulson@13560
   947
val nat_of_int_of = thm "nat_of_int_of";
paulson@13560
   948
val nat_of_type = thm "nat_of_type";
paulson@13560
   949
val zmagnitude_int_of = thm "zmagnitude_int_of";
paulson@13560
   950
val natify_int_of_eq = thm "natify_int_of_eq";
paulson@13560
   951
val zmagnitude_zminus_int_of = thm "zmagnitude_zminus_int_of";
paulson@13560
   952
val zmagnitude_type = thm "zmagnitude_type";
paulson@13560
   953
val not_zneg_int_of = thm "not_zneg_int_of";
paulson@13560
   954
val not_zneg_mag = thm "not_zneg_mag";
paulson@13560
   955
val zneg_int_of = thm "zneg_int_of";
paulson@13560
   956
val zneg_mag = thm "zneg_mag";
paulson@13560
   957
val int_cases = thm "int_cases";
paulson@13560
   958
val not_zneg_nat_of_intify = thm "not_zneg_nat_of_intify";
paulson@13560
   959
val not_zneg_nat_of = thm "not_zneg_nat_of";
paulson@13560
   960
val zneg_nat_of = thm "zneg_nat_of";
paulson@13560
   961
val zadd_congruent2 = thm "zadd_congruent2";
paulson@13560
   962
val zadd_type = thm "zadd_type";
paulson@13560
   963
val zadd = thm "zadd";
paulson@13560
   964
val zadd_int0_intify = thm "zadd_int0_intify";
paulson@13560
   965
val zadd_int0 = thm "zadd_int0";
paulson@13560
   966
val zminus_zadd_distrib = thm "zminus_zadd_distrib";
paulson@13560
   967
val zadd_commute = thm "zadd_commute";
paulson@13560
   968
val zadd_assoc = thm "zadd_assoc";
paulson@13560
   969
val zadd_left_commute = thm "zadd_left_commute";
paulson@13560
   970
val zadd_ac = thms "zadd_ac";
paulson@13560
   971
val int_of_add = thm "int_of_add";
paulson@13560
   972
val int_succ_int_1 = thm "int_succ_int_1";
paulson@13560
   973
val int_of_diff = thm "int_of_diff";
paulson@13560
   974
val zadd_zminus_inverse = thm "zadd_zminus_inverse";
paulson@13560
   975
val zadd_zminus_inverse2 = thm "zadd_zminus_inverse2";
paulson@13560
   976
val zadd_int0_right_intify = thm "zadd_int0_right_intify";
paulson@13560
   977
val zadd_int0_right = thm "zadd_int0_right";
paulson@13560
   978
val zmult_congruent2 = thm "zmult_congruent2";
paulson@13560
   979
val zmult_type = thm "zmult_type";
paulson@13560
   980
val zmult = thm "zmult";
paulson@13560
   981
val zmult_int0 = thm "zmult_int0";
paulson@13560
   982
val zmult_int1_intify = thm "zmult_int1_intify";
paulson@13560
   983
val zmult_int1 = thm "zmult_int1";
paulson@13560
   984
val zmult_commute = thm "zmult_commute";
paulson@13560
   985
val zmult_zminus = thm "zmult_zminus";
paulson@13560
   986
val zmult_zminus_right = thm "zmult_zminus_right";
paulson@13560
   987
val zmult_assoc = thm "zmult_assoc";
paulson@13560
   988
val zmult_left_commute = thm "zmult_left_commute";
paulson@13560
   989
val zmult_ac = thms "zmult_ac";
paulson@13560
   990
val zadd_zmult_distrib = thm "zadd_zmult_distrib";
paulson@13560
   991
val zadd_zmult_distrib2 = thm "zadd_zmult_distrib2";
paulson@13560
   992
val int_typechecks = thms "int_typechecks";
paulson@13560
   993
val zdiff_type = thm "zdiff_type";
paulson@13560
   994
val zminus_zdiff_eq = thm "zminus_zdiff_eq";
paulson@13560
   995
val zdiff_zmult_distrib = thm "zdiff_zmult_distrib";
paulson@13560
   996
val zdiff_zmult_distrib2 = thm "zdiff_zmult_distrib2";
paulson@13560
   997
val zadd_zdiff_eq = thm "zadd_zdiff_eq";
paulson@13560
   998
val zdiff_zadd_eq = thm "zdiff_zadd_eq";
paulson@13560
   999
val zless_linear = thm "zless_linear";
paulson@13560
  1000
val zless_not_refl = thm "zless_not_refl";
paulson@13560
  1001
val neq_iff_zless = thm "neq_iff_zless";
paulson@13560
  1002
val zless_imp_intify_neq = thm "zless_imp_intify_neq";
paulson@13560
  1003
val zless_imp_succ_zadd = thm "zless_imp_succ_zadd";
paulson@13560
  1004
val zless_succ_zadd = thm "zless_succ_zadd";
paulson@13560
  1005
val zless_iff_succ_zadd = thm "zless_iff_succ_zadd";
paulson@13560
  1006
val zless_int_of = thm "zless_int_of";
paulson@13560
  1007
val zless_trans = thm "zless_trans";
paulson@13560
  1008
val zless_not_sym = thm "zless_not_sym";
paulson@13560
  1009
val zless_asym = thm "zless_asym";
paulson@13560
  1010
val zless_imp_zle = thm "zless_imp_zle";
paulson@13560
  1011
val zle_linear = thm "zle_linear";
paulson@13560
  1012
val zle_refl = thm "zle_refl";
paulson@13560
  1013
val zle_eq_refl = thm "zle_eq_refl";
paulson@13560
  1014
val zle_anti_sym_intify = thm "zle_anti_sym_intify";
paulson@13560
  1015
val zle_anti_sym = thm "zle_anti_sym";
paulson@13560
  1016
val zle_trans = thm "zle_trans";
paulson@13560
  1017
val zle_zless_trans = thm "zle_zless_trans";
paulson@13560
  1018
val zless_zle_trans = thm "zless_zle_trans";
paulson@13560
  1019
val not_zless_iff_zle = thm "not_zless_iff_zle";
paulson@13560
  1020
val not_zle_iff_zless = thm "not_zle_iff_zless";
paulson@13560
  1021
val zdiff_zdiff_eq = thm "zdiff_zdiff_eq";
paulson@13560
  1022
val zdiff_zdiff_eq2 = thm "zdiff_zdiff_eq2";
paulson@13560
  1023
val zdiff_zless_iff = thm "zdiff_zless_iff";
paulson@13560
  1024
val zless_zdiff_iff = thm "zless_zdiff_iff";
paulson@13560
  1025
val zdiff_eq_iff = thm "zdiff_eq_iff";
paulson@13560
  1026
val eq_zdiff_iff = thm "eq_zdiff_iff";
paulson@13560
  1027
val zdiff_zle_iff = thm "zdiff_zle_iff";
paulson@13560
  1028
val zle_zdiff_iff = thm "zle_zdiff_iff";
paulson@13560
  1029
val zcompare_rls = thms "zcompare_rls";
paulson@13560
  1030
val zadd_left_cancel = thm "zadd_left_cancel";
paulson@13560
  1031
val zadd_left_cancel_intify = thm "zadd_left_cancel_intify";
paulson@13560
  1032
val zadd_right_cancel = thm "zadd_right_cancel";
paulson@13560
  1033
val zadd_right_cancel_intify = thm "zadd_right_cancel_intify";
paulson@13560
  1034
val zadd_right_cancel_zless = thm "zadd_right_cancel_zless";
paulson@13560
  1035
val zadd_left_cancel_zless = thm "zadd_left_cancel_zless";
paulson@13560
  1036
val zadd_right_cancel_zle = thm "zadd_right_cancel_zle";
paulson@13560
  1037
val zadd_left_cancel_zle = thm "zadd_left_cancel_zle";
paulson@13560
  1038
val zadd_zless_mono1 = thm "zadd_zless_mono1";
paulson@13560
  1039
val zadd_zless_mono2 = thm "zadd_zless_mono2";
paulson@13560
  1040
val zadd_zle_mono1 = thm "zadd_zle_mono1";
paulson@13560
  1041
val zadd_zle_mono2 = thm "zadd_zle_mono2";
paulson@13560
  1042
val zadd_zle_mono = thm "zadd_zle_mono";
paulson@13560
  1043
val zadd_zless_mono = thm "zadd_zless_mono";
paulson@13560
  1044
val zminus_zless_zminus = thm "zminus_zless_zminus";
paulson@13560
  1045
val zminus_zle_zminus = thm "zminus_zle_zminus";
paulson@13560
  1046
val equation_zminus = thm "equation_zminus";
paulson@13560
  1047
val zminus_equation = thm "zminus_equation";
paulson@13560
  1048
val equation_zminus_intify = thm "equation_zminus_intify";
paulson@13560
  1049
val zminus_equation_intify = thm "zminus_equation_intify";
paulson@13560
  1050
val zless_zminus = thm "zless_zminus";
paulson@13560
  1051
val zminus_zless = thm "zminus_zless";
paulson@13560
  1052
val zle_zminus = thm "zle_zminus";
paulson@13560
  1053
val zminus_zle = thm "zminus_zle";
paulson@13560
  1054
*}
paulson@13560
  1055
paulson@13560
  1056
paulson@9496
  1057
end