src/HOL/ex/Word_Type.thy
author haftmann
Sun Oct 16 09:31:05 2016 +0200 (2016-10-16)
changeset 64242 93c6f0da5c70
parent 64114 45e065eea984
child 64593 50c715579715
permissions -rw-r--r--
more standardized theorem names for facts involving the div and mod identity
haftmann@64015
     1
(*  Author:  Florian Haftmann, TUM
haftmann@64015
     2
*)
haftmann@64015
     3
haftmann@64015
     4
section \<open>Proof of concept for algebraically founded bit word types\<close>
haftmann@64015
     5
haftmann@64015
     6
theory Word_Type
haftmann@64015
     7
  imports
haftmann@64015
     8
    Main
haftmann@64015
     9
    "~~/src/HOL/Library/Type_Length"
haftmann@64015
    10
begin
haftmann@64015
    11
haftmann@64015
    12
subsection \<open>Truncating bit representations of numeric types\<close>
haftmann@64015
    13
haftmann@64015
    14
class semiring_bits = semiring_div_parity +
haftmann@64015
    15
  assumes semiring_bits: "(1 + 2 * a) mod of_nat (2 * n) = 1 + 2 * (a mod of_nat n)"
haftmann@64015
    16
begin
haftmann@64015
    17
haftmann@64114
    18
definition bitrunc :: "nat \<Rightarrow> 'a \<Rightarrow> 'a"
haftmann@64114
    19
  where bitrunc_eq_mod: "bitrunc n a = a mod of_nat (2 ^ n)"
haftmann@64015
    20
haftmann@64114
    21
lemma bitrunc_bitrunc [simp]:
haftmann@64114
    22
  "bitrunc n (bitrunc n a) = bitrunc n a"
haftmann@64114
    23
  by (simp add: bitrunc_eq_mod)
haftmann@64015
    24
  
haftmann@64114
    25
lemma bitrunc_0 [simp]:
haftmann@64114
    26
  "bitrunc 0 a = 0"
haftmann@64114
    27
  by (simp add: bitrunc_eq_mod)
haftmann@64015
    28
haftmann@64114
    29
lemma bitrunc_Suc [simp]:
haftmann@64114
    30
  "bitrunc (Suc n) a = bitrunc n (a div 2) * 2 + a mod 2"
haftmann@64015
    31
proof -
haftmann@64015
    32
  define b and c
haftmann@64015
    33
    where "b = a div 2" and "c = a mod 2"
haftmann@64015
    34
  then have a: "a = b * 2 + c" 
haftmann@64015
    35
    and "c = 0 \<or> c = 1"
haftmann@64242
    36
    by (simp_all add: div_mult_mod_eq parity)
haftmann@64015
    37
  from \<open>c = 0 \<or> c = 1\<close>
haftmann@64114
    38
  have "bitrunc (Suc n) (b * 2 + c) = bitrunc n b * 2 + c"
haftmann@64015
    39
  proof
haftmann@64015
    40
    assume "c = 0"
haftmann@64015
    41
    moreover have "(2 * b) mod (2 * 2 ^ n) = 2 * (b mod 2 ^ n)"
haftmann@64015
    42
      by (simp add: mod_mult_mult1)
haftmann@64015
    43
    ultimately show ?thesis
haftmann@64114
    44
      by (simp add: bitrunc_eq_mod ac_simps)
haftmann@64015
    45
  next
haftmann@64015
    46
    assume "c = 1"
haftmann@64015
    47
    with semiring_bits [of b "2 ^ n"] show ?thesis
haftmann@64114
    48
      by (simp add: bitrunc_eq_mod ac_simps)
haftmann@64015
    49
  qed
haftmann@64015
    50
  with a show ?thesis
haftmann@64015
    51
    by (simp add: b_def c_def)
haftmann@64015
    52
qed
haftmann@64015
    53
haftmann@64114
    54
lemma bitrunc_of_0 [simp]:
haftmann@64114
    55
  "bitrunc n 0 = 0"
haftmann@64114
    56
  by (simp add: bitrunc_eq_mod)
haftmann@64015
    57
haftmann@64114
    58
lemma bitrunc_plus:
haftmann@64114
    59
  "bitrunc n (bitrunc n a + bitrunc n b) = bitrunc n (a + b)"
haftmann@64114
    60
  by (simp add: bitrunc_eq_mod mod_add_eq [symmetric])
haftmann@64015
    61
haftmann@64114
    62
lemma bitrunc_of_1_eq_0_iff [simp]:
haftmann@64114
    63
  "bitrunc n 1 = 0 \<longleftrightarrow> n = 0"
haftmann@64015
    64
  by (induct n) simp_all
haftmann@64015
    65
haftmann@64015
    66
end
haftmann@64015
    67
haftmann@64015
    68
instance nat :: semiring_bits
haftmann@64015
    69
  by standard (simp add: mod_Suc Suc_double_not_eq_double)
haftmann@64015
    70
haftmann@64015
    71
instance int :: semiring_bits
haftmann@64015
    72
  by standard (simp add: pos_zmod_mult_2)
haftmann@64015
    73
haftmann@64114
    74
lemma bitrunc_uminus:
haftmann@64015
    75
  fixes k :: int
haftmann@64114
    76
  shows "bitrunc n (- (bitrunc n k)) = bitrunc n (- k)"
haftmann@64114
    77
  by (simp add: bitrunc_eq_mod mod_minus_eq [symmetric])
haftmann@64015
    78
haftmann@64114
    79
lemma bitrunc_minus:
haftmann@64015
    80
  fixes k l :: int
haftmann@64114
    81
  shows "bitrunc n (bitrunc n k - bitrunc n l) = bitrunc n (k - l)"
haftmann@64114
    82
  by (simp add: bitrunc_eq_mod mod_diff_eq [symmetric])
haftmann@64015
    83
haftmann@64114
    84
lemma bitrunc_nonnegative [simp]:
haftmann@64015
    85
  fixes k :: int
haftmann@64114
    86
  shows "bitrunc n k \<ge> 0"
haftmann@64114
    87
  by (simp add: bitrunc_eq_mod)
haftmann@64015
    88
haftmann@64114
    89
definition signed_bitrunc :: "nat \<Rightarrow> int \<Rightarrow> int"
haftmann@64114
    90
  where signed_bitrunc_eq_bitrunc:
haftmann@64114
    91
    "signed_bitrunc n k = bitrunc (Suc n) (k + 2 ^ n) - 2 ^ n"
haftmann@64015
    92
haftmann@64114
    93
lemma signed_bitrunc_eq_bitrunc':
haftmann@64015
    94
  assumes "n > 0"
haftmann@64114
    95
  shows "signed_bitrunc (n - Suc 0) k = bitrunc n (k + 2 ^ (n - 1)) - 2 ^ (n - 1)"
haftmann@64114
    96
  using assms by (simp add: signed_bitrunc_eq_bitrunc)
haftmann@64015
    97
  
haftmann@64114
    98
lemma signed_bitrunc_0 [simp]:
haftmann@64114
    99
  "signed_bitrunc 0 k = - (k mod 2)"
haftmann@64015
   100
proof (cases "even k")
haftmann@64015
   101
  case True
haftmann@64015
   102
  then have "odd (k + 1)"
haftmann@64015
   103
    by simp
haftmann@64015
   104
  then have "(k + 1) mod 2 = 1"
haftmann@64015
   105
    by (simp add: even_iff_mod_2_eq_zero)
haftmann@64015
   106
  with True show ?thesis
haftmann@64114
   107
    by (simp add: signed_bitrunc_eq_bitrunc)
haftmann@64015
   108
next
haftmann@64015
   109
  case False
haftmann@64015
   110
  then show ?thesis
haftmann@64114
   111
    by (simp add: signed_bitrunc_eq_bitrunc odd_iff_mod_2_eq_one)
haftmann@64015
   112
qed
haftmann@64015
   113
haftmann@64114
   114
lemma signed_bitrunc_Suc [simp]:
haftmann@64114
   115
  "signed_bitrunc (Suc n) k = signed_bitrunc n (k div 2) * 2 + k mod 2"
haftmann@64114
   116
  using zero_not_eq_two by (simp add: signed_bitrunc_eq_bitrunc algebra_simps)
haftmann@64015
   117
haftmann@64114
   118
lemma signed_bitrunc_of_0 [simp]:
haftmann@64114
   119
  "signed_bitrunc n 0 = 0"
haftmann@64114
   120
  by (simp add: signed_bitrunc_eq_bitrunc bitrunc_eq_mod)
haftmann@64015
   121
haftmann@64114
   122
lemma signed_bitrunc_of_minus_1 [simp]:
haftmann@64114
   123
  "signed_bitrunc n (- 1) = - 1"
haftmann@64015
   124
  by (induct n) simp_all
haftmann@64015
   125
haftmann@64114
   126
lemma signed_bitrunc_eq_iff_bitrunc_eq:
haftmann@64015
   127
  assumes "n > 0"
haftmann@64114
   128
  shows "signed_bitrunc (n - Suc 0) k = signed_bitrunc (n - Suc 0) l \<longleftrightarrow> bitrunc n k = bitrunc n l" (is "?P \<longleftrightarrow> ?Q")
haftmann@64015
   129
proof -
haftmann@64015
   130
  from assms obtain m where m: "n = Suc m"
haftmann@64015
   131
    by (cases n) auto
haftmann@64015
   132
  show ?thesis
haftmann@64015
   133
  proof 
haftmann@64015
   134
    assume ?Q
haftmann@64114
   135
    have "bitrunc (Suc m) (k + 2 ^ m) =
haftmann@64114
   136
      bitrunc (Suc m) (bitrunc (Suc m) k + bitrunc (Suc m) (2 ^ m))"
haftmann@64114
   137
      by (simp only: bitrunc_plus)
haftmann@64015
   138
    also have "\<dots> =
haftmann@64114
   139
      bitrunc (Suc m) (bitrunc (Suc m) l + bitrunc (Suc m) (2 ^ m))"
haftmann@64015
   140
      by (simp only: \<open>?Q\<close> m [symmetric])
haftmann@64114
   141
    also have "\<dots> = bitrunc (Suc m) (l + 2 ^ m)"
haftmann@64114
   142
      by (simp only: bitrunc_plus)
haftmann@64015
   143
    finally show ?P
haftmann@64114
   144
      by (simp only: signed_bitrunc_eq_bitrunc m) simp
haftmann@64015
   145
  next
haftmann@64015
   146
    assume ?P
haftmann@64015
   147
    with assms have "(k + 2 ^ (n - Suc 0)) mod 2 ^ n = (l + 2 ^ (n - Suc 0)) mod 2 ^ n"
haftmann@64114
   148
      by (simp add: signed_bitrunc_eq_bitrunc' bitrunc_eq_mod)
haftmann@64015
   149
    then have "(i + (k + 2 ^ (n - Suc 0))) mod 2 ^ n = (i + (l + 2 ^ (n - Suc 0))) mod 2 ^ n" for i
haftmann@64015
   150
      by (metis mod_add_eq)
haftmann@64015
   151
    then have "k mod 2 ^ n = l mod 2 ^ n"
haftmann@64015
   152
      by (metis add_diff_cancel_right' uminus_add_conv_diff)
haftmann@64015
   153
    then show ?Q
haftmann@64114
   154
      by (simp add: bitrunc_eq_mod)
haftmann@64015
   155
  qed
haftmann@64015
   156
qed 
haftmann@64015
   157
haftmann@64015
   158
haftmann@64015
   159
subsection \<open>Bit strings as quotient type\<close>
haftmann@64015
   160
haftmann@64015
   161
subsubsection \<open>Basic properties\<close>
haftmann@64015
   162
haftmann@64114
   163
quotient_type (overloaded) 'a word = int / "\<lambda>k l. bitrunc LENGTH('a) k = bitrunc LENGTH('a::len0) l"
haftmann@64015
   164
  by (auto intro!: equivpI reflpI sympI transpI)
haftmann@64015
   165
haftmann@64015
   166
instantiation word :: (len0) "{semiring_numeral, comm_semiring_0, comm_ring}"
haftmann@64015
   167
begin
haftmann@64015
   168
haftmann@64015
   169
lift_definition zero_word :: "'a word"
haftmann@64015
   170
  is 0
haftmann@64015
   171
  .
haftmann@64015
   172
haftmann@64015
   173
lift_definition one_word :: "'a word"
haftmann@64015
   174
  is 1
haftmann@64015
   175
  .
haftmann@64015
   176
haftmann@64015
   177
lift_definition plus_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word"
haftmann@64015
   178
  is plus
haftmann@64114
   179
  by (subst bitrunc_plus [symmetric]) (simp add: bitrunc_plus)
haftmann@64015
   180
haftmann@64015
   181
lift_definition uminus_word :: "'a word \<Rightarrow> 'a word"
haftmann@64015
   182
  is uminus
haftmann@64114
   183
  by (subst bitrunc_uminus [symmetric]) (simp add: bitrunc_uminus)
haftmann@64015
   184
haftmann@64015
   185
lift_definition minus_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word"
haftmann@64015
   186
  is minus
haftmann@64114
   187
  by (subst bitrunc_minus [symmetric]) (simp add: bitrunc_minus)
haftmann@64015
   188
haftmann@64015
   189
lift_definition times_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word"
haftmann@64015
   190
  is times
haftmann@64114
   191
  by (auto simp add: bitrunc_eq_mod intro: mod_mult_cong)
haftmann@64015
   192
haftmann@64015
   193
instance
haftmann@64015
   194
  by standard (transfer; simp add: algebra_simps)+
haftmann@64015
   195
haftmann@64015
   196
end
haftmann@64015
   197
haftmann@64015
   198
instance word :: (len) comm_ring_1
haftmann@64015
   199
  by standard (transfer; simp)+
haftmann@64015
   200
haftmann@64015
   201
haftmann@64015
   202
subsubsection \<open>Conversions\<close>
haftmann@64015
   203
haftmann@64015
   204
lemma [transfer_rule]:
haftmann@64015
   205
  "rel_fun HOL.eq pcr_word int of_nat"
haftmann@64015
   206
proof -
haftmann@64015
   207
  note transfer_rule_of_nat [transfer_rule]
haftmann@64015
   208
  show ?thesis by transfer_prover
haftmann@64015
   209
qed
haftmann@64015
   210
  
haftmann@64015
   211
lemma [transfer_rule]:
haftmann@64015
   212
  "rel_fun HOL.eq pcr_word (\<lambda>k. k) of_int"
haftmann@64015
   213
proof -
haftmann@64015
   214
  note transfer_rule_of_int [transfer_rule]
haftmann@64015
   215
  have "rel_fun HOL.eq pcr_word (of_int :: int \<Rightarrow> int) (of_int :: int \<Rightarrow> 'a word)"
haftmann@64015
   216
    by transfer_prover
haftmann@64015
   217
  then show ?thesis by (simp add: id_def)
haftmann@64015
   218
qed
haftmann@64015
   219
haftmann@64015
   220
context semiring_1
haftmann@64015
   221
begin
haftmann@64015
   222
haftmann@64015
   223
lift_definition unsigned :: "'b::len0 word \<Rightarrow> 'a"
haftmann@64114
   224
  is "of_nat \<circ> nat \<circ> bitrunc LENGTH('b)"
haftmann@64015
   225
  by simp
haftmann@64015
   226
haftmann@64015
   227
lemma unsigned_0 [simp]:
haftmann@64015
   228
  "unsigned 0 = 0"
haftmann@64015
   229
  by transfer simp
haftmann@64015
   230
haftmann@64015
   231
end
haftmann@64015
   232
haftmann@64015
   233
context semiring_char_0
haftmann@64015
   234
begin
haftmann@64015
   235
haftmann@64015
   236
lemma word_eq_iff_unsigned:
haftmann@64015
   237
  "a = b \<longleftrightarrow> unsigned a = unsigned b"
haftmann@64015
   238
  by safe (transfer; simp add: eq_nat_nat_iff)
haftmann@64015
   239
haftmann@64015
   240
end
haftmann@64015
   241
haftmann@64015
   242
context ring_1
haftmann@64015
   243
begin
haftmann@64015
   244
haftmann@64015
   245
lift_definition signed :: "'b::len word \<Rightarrow> 'a"
haftmann@64114
   246
  is "of_int \<circ> signed_bitrunc (LENGTH('b) - 1)"
haftmann@64114
   247
  by (simp add: signed_bitrunc_eq_iff_bitrunc_eq [symmetric])
haftmann@64015
   248
haftmann@64015
   249
lemma signed_0 [simp]:
haftmann@64015
   250
  "signed 0 = 0"
haftmann@64015
   251
  by transfer simp
haftmann@64015
   252
haftmann@64015
   253
end
haftmann@64015
   254
haftmann@64015
   255
lemma unsigned_of_nat [simp]:
haftmann@64114
   256
  "unsigned (of_nat n :: 'a word) = bitrunc LENGTH('a::len) n"
haftmann@64114
   257
  by transfer (simp add: nat_eq_iff bitrunc_eq_mod zmod_int)
haftmann@64015
   258
haftmann@64015
   259
lemma of_nat_unsigned [simp]:
haftmann@64015
   260
  "of_nat (unsigned a) = a"
haftmann@64015
   261
  by transfer simp
haftmann@64015
   262
haftmann@64015
   263
lemma of_int_unsigned [simp]:
haftmann@64015
   264
  "of_int (unsigned a) = a"
haftmann@64015
   265
  by transfer simp
haftmann@64015
   266
haftmann@64015
   267
context ring_char_0
haftmann@64015
   268
begin
haftmann@64015
   269
haftmann@64015
   270
lemma word_eq_iff_signed:
haftmann@64015
   271
  "a = b \<longleftrightarrow> signed a = signed b"
haftmann@64114
   272
  by safe (transfer; auto simp add: signed_bitrunc_eq_iff_bitrunc_eq)
haftmann@64015
   273
haftmann@64015
   274
end
haftmann@64015
   275
haftmann@64015
   276
lemma signed_of_int [simp]:
haftmann@64114
   277
  "signed (of_int k :: 'a word) = signed_bitrunc (LENGTH('a::len) - 1) k"
haftmann@64015
   278
  by transfer simp
haftmann@64015
   279
haftmann@64015
   280
lemma of_int_signed [simp]:
haftmann@64015
   281
  "of_int (signed a) = a"
haftmann@64114
   282
  by transfer (simp add: signed_bitrunc_eq_bitrunc bitrunc_eq_mod zdiff_zmod_left)
haftmann@64015
   283
haftmann@64015
   284
haftmann@64015
   285
subsubsection \<open>Properties\<close>
haftmann@64015
   286
haftmann@64015
   287
haftmann@64015
   288
subsubsection \<open>Division\<close>
haftmann@64015
   289
haftmann@64015
   290
instantiation word :: (len0) modulo
haftmann@64015
   291
begin
haftmann@64015
   292
haftmann@64015
   293
lift_definition divide_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word"
haftmann@64114
   294
  is "\<lambda>a b. bitrunc LENGTH('a) a div bitrunc LENGTH('a) b"
haftmann@64015
   295
  by simp
haftmann@64015
   296
haftmann@64015
   297
lift_definition modulo_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word"
haftmann@64114
   298
  is "\<lambda>a b. bitrunc LENGTH('a) a mod bitrunc LENGTH('a) b"
haftmann@64015
   299
  by simp
haftmann@64015
   300
haftmann@64015
   301
instance ..
haftmann@64015
   302
haftmann@64015
   303
end
haftmann@64015
   304
haftmann@64015
   305
haftmann@64015
   306
subsubsection \<open>Orderings\<close>
haftmann@64015
   307
haftmann@64015
   308
instantiation word :: (len0) linorder
haftmann@64015
   309
begin
haftmann@64015
   310
haftmann@64015
   311
lift_definition less_eq_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> bool"
haftmann@64114
   312
  is "\<lambda>a b. bitrunc LENGTH('a) a \<le> bitrunc LENGTH('a) b"
haftmann@64015
   313
  by simp
haftmann@64015
   314
haftmann@64015
   315
lift_definition less_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> bool"
haftmann@64114
   316
  is "\<lambda>a b. bitrunc LENGTH('a) a < bitrunc LENGTH('a) b"
haftmann@64015
   317
  by simp
haftmann@64015
   318
haftmann@64015
   319
instance
haftmann@64015
   320
  by standard (transfer; auto)+
haftmann@64015
   321
haftmann@64015
   322
end
haftmann@64015
   323
haftmann@64015
   324
context linordered_semidom
haftmann@64015
   325
begin
haftmann@64015
   326
haftmann@64015
   327
lemma word_less_eq_iff_unsigned:
haftmann@64015
   328
  "a \<le> b \<longleftrightarrow> unsigned a \<le> unsigned b"
haftmann@64015
   329
  by (transfer fixing: less_eq) (simp add: nat_le_eq_zle)
haftmann@64015
   330
haftmann@64015
   331
lemma word_less_iff_unsigned:
haftmann@64015
   332
  "a < b \<longleftrightarrow> unsigned a < unsigned b"
haftmann@64114
   333
  by (transfer fixing: less) (auto dest: preorder_class.le_less_trans [OF bitrunc_nonnegative])
haftmann@64015
   334
haftmann@64015
   335
end
haftmann@64015
   336
haftmann@64015
   337
end