src/HOL/Word/WordArith.thy
author nipkow
Fri Mar 06 17:38:47 2009 +0100 (2009-03-06)
changeset 30313 b2441b0c8d38
parent 29668 33ba3faeaa0e
child 30509 e19d5b459a61
permissions -rw-r--r--
added lemmas
kleing@24333
     1
(* 
kleing@24333
     2
    Author:     Jeremy Dawson and Gerwin Klein, NICTA
kleing@24333
     3
kleing@24333
     4
  contains arithmetic theorems for word, instantiations to
kleing@24333
     5
  arithmetic type classes and tactics for reducing word arithmetic
kleing@24333
     6
  to linear arithmetic on int or nat
kleing@24333
     7
*) 
kleing@24333
     8
huffman@24350
     9
header {* Word Arithmetic *}
huffman@24350
    10
haftmann@26560
    11
theory WordArith
haftmann@26560
    12
imports WordDefinition
haftmann@26560
    13
begin
huffman@24465
    14
huffman@24465
    15
lemma word_less_alt: "(a < b) = (uint a < uint b)"
huffman@24465
    16
  unfolding word_less_def word_le_def
huffman@24465
    17
  by (auto simp del: word_uint.Rep_inject 
huffman@24465
    18
           simp: word_uint.Rep_inject [symmetric])
huffman@24465
    19
huffman@24465
    20
lemma signed_linorder: "linorder word_sle word_sless"
haftmann@28823
    21
proof
haftmann@28823
    22
qed (unfold word_sle_def word_sless_def, auto)
huffman@24465
    23
haftmann@29509
    24
interpretation signed!: linorder "word_sle" "word_sless"
huffman@24465
    25
  by (rule signed_linorder)
huffman@24465
    26
haftmann@25762
    27
lemmas word_arith_wis = 
kleing@24333
    28
  word_add_def word_mult_def word_minus_def 
kleing@24333
    29
  word_succ_def word_pred_def word_0_wi word_1_wi
kleing@24333
    30
huffman@24465
    31
lemma udvdI: 
huffman@24465
    32
  "0 \<le> n ==> uint b = n * uint a ==> a udvd b"
huffman@24465
    33
  by (auto simp: udvd_def)
huffman@24465
    34
huffman@24465
    35
lemmas word_div_no [simp] = 
wenzelm@25350
    36
  word_div_def [of "number_of a" "number_of b", standard]
huffman@24465
    37
huffman@24465
    38
lemmas word_mod_no [simp] = 
wenzelm@25350
    39
  word_mod_def [of "number_of a" "number_of b", standard]
huffman@24465
    40
huffman@24465
    41
lemmas word_less_no [simp] = 
wenzelm@25350
    42
  word_less_def [of "number_of a" "number_of b", standard]
huffman@24465
    43
huffman@24465
    44
lemmas word_le_no [simp] = 
wenzelm@25350
    45
  word_le_def [of "number_of a" "number_of b", standard]
huffman@24465
    46
huffman@24465
    47
lemmas word_sless_no [simp] = 
wenzelm@25350
    48
  word_sless_def [of "number_of a" "number_of b", standard]
huffman@24465
    49
huffman@24465
    50
lemmas word_sle_no [simp] = 
wenzelm@25350
    51
  word_sle_def [of "number_of a" "number_of b", standard]
huffman@24465
    52
kleing@24333
    53
(* following two are available in class number_ring, 
kleing@24333
    54
  but convenient to have them here here;
kleing@24333
    55
  note - the number_ring versions, numeral_0_eq_0 and numeral_1_eq_1
kleing@24333
    56
  are in the default simpset, so to use the automatic simplifications for
kleing@24333
    57
  (eg) sint (number_of bin) on sint 1, must do
kleing@24333
    58
  (simp add: word_1_no del: numeral_1_eq_1) 
kleing@24333
    59
  *)
kleing@24333
    60
lemmas word_0_wi_Pls = word_0_wi [folded Pls_def]
kleing@24333
    61
lemmas word_0_no = word_0_wi_Pls [folded word_no_wi]
kleing@24333
    62
haftmann@25919
    63
lemma int_one_bin: "(1 :: int) == (Int.Pls BIT bit.B1)"
kleing@24333
    64
  unfolding Pls_def Bit_def by auto
kleing@24333
    65
kleing@24333
    66
lemma word_1_no: 
haftmann@25919
    67
  "(1 :: 'a :: len0 word) == number_of (Int.Pls BIT bit.B1)"
kleing@24333
    68
  unfolding word_1_wi word_number_of_def int_one_bin by auto
kleing@24333
    69
kleing@24333
    70
lemma word_m1_wi: "-1 == word_of_int -1" 
kleing@24333
    71
  by (rule word_number_of_alt)
kleing@24333
    72
haftmann@25919
    73
lemma word_m1_wi_Min: "-1 = word_of_int Int.Min"
kleing@24333
    74
  by (simp add: word_m1_wi number_of_eq)
kleing@24333
    75
huffman@24465
    76
lemma word_0_bl: "of_bl [] = 0" 
huffman@24465
    77
  unfolding word_0_wi of_bl_def by (simp add : Pls_def)
huffman@24465
    78
huffman@24465
    79
lemma word_1_bl: "of_bl [True] = 1" 
huffman@24465
    80
  unfolding word_1_wi of_bl_def
huffman@24465
    81
  by (simp add : bl_to_bin_def Bit_def Pls_def)
huffman@24465
    82
kleing@24333
    83
lemma uint_0 [simp] : "(uint 0 = 0)" 
kleing@24333
    84
  unfolding word_0_wi
kleing@24333
    85
  by (simp add: word_ubin.eq_norm Pls_def [symmetric])
kleing@24333
    86
huffman@24465
    87
lemma of_bl_0 [simp] : "of_bl (replicate n False) = 0"
huffman@24465
    88
  by (simp add : word_0_wi of_bl_def bl_to_bin_rep_False Pls_def)
huffman@24465
    89
huffman@24465
    90
lemma to_bl_0: 
huffman@24465
    91
  "to_bl (0::'a::len0 word) = replicate (len_of TYPE('a)) False"
huffman@24465
    92
  unfolding uint_bl
huffman@24465
    93
  by (simp add : word_size bin_to_bl_Pls Pls_def [symmetric])
huffman@24465
    94
kleing@24333
    95
lemma uint_0_iff: "(uint x = 0) = (x = 0)"
kleing@24333
    96
  by (auto intro!: word_uint.Rep_eqD)
kleing@24333
    97
kleing@24333
    98
lemma unat_0_iff: "(unat x = 0) = (x = 0)"
kleing@24333
    99
  unfolding unat_def by (auto simp add : nat_eq_iff uint_0_iff)
kleing@24333
   100
kleing@24333
   101
lemma unat_0 [simp]: "unat 0 = 0"
kleing@24333
   102
  unfolding unat_def by auto
kleing@24333
   103
huffman@24465
   104
lemma size_0_same': "size w = 0 ==> w = (v :: 'a :: len0 word)"
kleing@24333
   105
  apply (unfold word_size)
kleing@24333
   106
  apply (rule box_equals)
kleing@24333
   107
    defer
kleing@24333
   108
    apply (rule word_uint.Rep_inverse)+
kleing@24333
   109
  apply (rule word_ubin.norm_eq_iff [THEN iffD1])
kleing@24333
   110
  apply simp
kleing@24333
   111
  done
kleing@24333
   112
kleing@24333
   113
lemmas size_0_same = size_0_same' [folded word_size]
kleing@24333
   114
kleing@24333
   115
lemmas unat_eq_0 = unat_0_iff
kleing@24333
   116
lemmas unat_eq_zero = unat_0_iff
kleing@24333
   117
kleing@24333
   118
lemma unat_gt_0: "(0 < unat x) = (x ~= 0)"
nipkow@25134
   119
by (auto simp: unat_0_iff [symmetric])
kleing@24333
   120
kleing@24333
   121
lemma ucast_0 [simp] : "ucast 0 = 0"
nipkow@25134
   122
unfolding ucast_def
nipkow@25134
   123
by simp (simp add: word_0_wi)
kleing@24333
   124
kleing@24333
   125
lemma sint_0 [simp] : "sint 0 = 0"
nipkow@25134
   126
unfolding sint_uint
nipkow@25134
   127
by (simp add: Pls_def [symmetric])
kleing@24333
   128
kleing@24333
   129
lemma scast_0 [simp] : "scast 0 = 0"
nipkow@25134
   130
apply (unfold scast_def)
nipkow@25134
   131
apply simp
nipkow@25134
   132
apply (simp add: word_0_wi)
nipkow@25134
   133
done
kleing@24333
   134
kleing@24333
   135
lemma sint_n1 [simp] : "sint -1 = -1"
nipkow@25134
   136
apply (unfold word_m1_wi_Min)
nipkow@25134
   137
apply (simp add: word_sbin.eq_norm)
nipkow@25134
   138
apply (unfold Min_def number_of_eq)
nipkow@25134
   139
apply simp
nipkow@25134
   140
done
kleing@24333
   141
kleing@24333
   142
lemma scast_n1 [simp] : "scast -1 = -1"
kleing@24333
   143
  apply (unfold scast_def sint_n1)
kleing@24333
   144
  apply (unfold word_number_of_alt)
kleing@24333
   145
  apply (rule refl)
kleing@24333
   146
  done
kleing@24333
   147
huffman@24465
   148
lemma uint_1 [simp] : "uint (1 :: 'a :: len word) = 1"
kleing@24333
   149
  unfolding word_1_wi
kleing@24333
   150
  by (simp add: word_ubin.eq_norm int_one_bin bintrunc_minus_simps)
kleing@24333
   151
huffman@24465
   152
lemma unat_1 [simp] : "unat (1 :: 'a :: len word) = 1"
kleing@24333
   153
  by (unfold unat_def uint_1) auto
kleing@24333
   154
huffman@24465
   155
lemma ucast_1 [simp] : "ucast (1 :: 'a :: len word) = 1"
kleing@24333
   156
  unfolding ucast_def word_1_wi
kleing@24333
   157
  by (simp add: word_ubin.eq_norm int_one_bin bintrunc_minus_simps)
kleing@24333
   158
kleing@24333
   159
(* abstraction preserves the operations
kleing@24333
   160
  (the definitions tell this for bins in range uint) *)
kleing@24333
   161
kleing@24333
   162
lemmas arths = 
kleing@24333
   163
  bintr_ariths [THEN word_ubin.norm_eq_iff [THEN iffD1],
kleing@24333
   164
                folded word_ubin.eq_norm, standard]
kleing@24333
   165
kleing@24333
   166
lemma wi_homs: 
kleing@24333
   167
  shows
kleing@24333
   168
  wi_hom_add: "word_of_int a + word_of_int b = word_of_int (a + b)" and
kleing@24333
   169
  wi_hom_mult: "word_of_int a * word_of_int b = word_of_int (a * b)" and
kleing@24333
   170
  wi_hom_neg: "- word_of_int a = word_of_int (- a)" and
haftmann@25919
   171
  wi_hom_succ: "word_succ (word_of_int a) = word_of_int (Int.succ a)" and
haftmann@25919
   172
  wi_hom_pred: "word_pred (word_of_int a) = word_of_int (Int.pred a)"
kleing@24333
   173
  by (auto simp: word_arith_wis arths)
kleing@24333
   174
kleing@24333
   175
lemmas wi_hom_syms = wi_homs [symmetric]
kleing@24333
   176
huffman@24465
   177
lemma word_sub_def: "a - b == a + - (b :: 'a :: len0 word)"
huffman@24465
   178
  unfolding word_sub_wi diff_def
huffman@24465
   179
  by (simp only : word_uint.Rep_inverse wi_hom_syms)
kleing@24333
   180
    
kleing@24333
   181
lemmas word_diff_minus = word_sub_def [THEN meta_eq_to_obj_eq, standard]
kleing@24333
   182
kleing@24333
   183
lemma word_of_int_sub_hom:
kleing@24333
   184
  "(word_of_int a) - word_of_int b = word_of_int (a - b)"
kleing@24333
   185
  unfolding word_sub_def diff_def by (simp only : wi_homs)
kleing@24333
   186
kleing@24333
   187
lemmas new_word_of_int_homs = 
kleing@24333
   188
  word_of_int_sub_hom wi_homs word_0_wi word_1_wi 
kleing@24333
   189
kleing@24333
   190
lemmas new_word_of_int_hom_syms = new_word_of_int_homs [symmetric, standard]
kleing@24333
   191
kleing@24333
   192
lemmas word_of_int_hom_syms =
kleing@24333
   193
  new_word_of_int_hom_syms [unfolded succ_def pred_def]
kleing@24333
   194
kleing@24333
   195
lemmas word_of_int_homs =
kleing@24333
   196
  new_word_of_int_homs [unfolded succ_def pred_def]
kleing@24333
   197
kleing@24333
   198
lemmas word_of_int_add_hom = word_of_int_homs (2)
kleing@24333
   199
lemmas word_of_int_mult_hom = word_of_int_homs (3)
kleing@24333
   200
lemmas word_of_int_minus_hom = word_of_int_homs (4)
kleing@24333
   201
lemmas word_of_int_succ_hom = word_of_int_homs (5)
kleing@24333
   202
lemmas word_of_int_pred_hom = word_of_int_homs (6)
kleing@24333
   203
lemmas word_of_int_0_hom = word_of_int_homs (7)
kleing@24333
   204
lemmas word_of_int_1_hom = word_of_int_homs (8)
kleing@24333
   205
kleing@24333
   206
(* now, to get the weaker results analogous to word_div/mod_def *)
kleing@24333
   207
kleing@24333
   208
lemmas word_arith_alts = 
haftmann@25762
   209
  word_sub_wi [unfolded succ_def pred_def, standard]
kleing@24333
   210
  word_arith_wis [unfolded succ_def pred_def, standard]
kleing@24333
   211
kleing@24333
   212
lemmas word_sub_alt = word_arith_alts (1)
kleing@24333
   213
lemmas word_add_alt = word_arith_alts (2)
kleing@24333
   214
lemmas word_mult_alt = word_arith_alts (3)
kleing@24333
   215
lemmas word_minus_alt = word_arith_alts (4)
kleing@24333
   216
lemmas word_succ_alt = word_arith_alts (5)
kleing@24333
   217
lemmas word_pred_alt = word_arith_alts (6)
kleing@24333
   218
lemmas word_0_alt = word_arith_alts (7)
kleing@24333
   219
lemmas word_1_alt = word_arith_alts (8)
kleing@24333
   220
huffman@24350
   221
subsection  "Transferring goals from words to ints"
kleing@24333
   222
kleing@24333
   223
lemma word_ths:  
kleing@24333
   224
  shows
kleing@24333
   225
  word_succ_p1:   "word_succ a = a + 1" and
kleing@24333
   226
  word_pred_m1:   "word_pred a = a - 1" and
kleing@24333
   227
  word_pred_succ: "word_pred (word_succ a) = a" and
kleing@24333
   228
  word_succ_pred: "word_succ (word_pred a) = a" and
kleing@24333
   229
  word_mult_succ: "word_succ a * b = b + a * b"
kleing@24333
   230
  by (rule word_uint.Abs_cases [of b],
kleing@24333
   231
      rule word_uint.Abs_cases [of a],
kleing@24333
   232
      simp add: pred_def succ_def add_commute mult_commute 
kleing@24333
   233
                ring_distribs new_word_of_int_homs)+
kleing@24333
   234
kleing@24333
   235
lemmas uint_cong = arg_cong [where f = uint]
kleing@24333
   236
kleing@24333
   237
lemmas uint_word_ariths = 
kleing@24333
   238
  word_arith_alts [THEN trans [OF uint_cong int_word_uint], standard]
kleing@24333
   239
kleing@24333
   240
lemmas uint_word_arith_bintrs = uint_word_ariths [folded bintrunc_mod2p]
kleing@24333
   241
kleing@24333
   242
(* similar expressions for sint (arith operations) *)
kleing@24333
   243
lemmas sint_word_ariths = uint_word_arith_bintrs
kleing@24333
   244
  [THEN uint_sint [symmetric, THEN trans],
kleing@24333
   245
  unfolded uint_sint bintr_arith1s bintr_ariths 
huffman@24465
   246
    len_gt_0 [THEN bin_sbin_eq_iff'] word_sbin.norm_Rep, standard]
huffman@24465
   247
huffman@24465
   248
lemmas uint_div_alt = word_div_def
haftmann@25762
   249
  [THEN trans [OF uint_cong int_word_uint], standard]
huffman@24465
   250
lemmas uint_mod_alt = word_mod_def
haftmann@25762
   251
  [THEN trans [OF uint_cong int_word_uint], standard]
kleing@24333
   252
kleing@24333
   253
lemma word_pred_0_n1: "word_pred 0 = word_of_int -1"
kleing@24333
   254
  unfolding word_pred_def number_of_eq
kleing@24333
   255
  by (simp add : pred_def word_no_wi)
kleing@24333
   256
haftmann@25919
   257
lemma word_pred_0_Min: "word_pred 0 = word_of_int Int.Min"
kleing@24333
   258
  by (simp add: word_pred_0_n1 number_of_eq)
kleing@24333
   259
haftmann@25919
   260
lemma word_m1_Min: "- 1 = word_of_int Int.Min"
kleing@24333
   261
  unfolding Min_def by (simp only: word_of_int_hom_syms)
kleing@24333
   262
kleing@24333
   263
lemma succ_pred_no [simp]:
haftmann@25919
   264
  "word_succ (number_of bin) = number_of (Int.succ bin) & 
haftmann@25919
   265
    word_pred (number_of bin) = number_of (Int.pred bin)"
kleing@24333
   266
  unfolding word_number_of_def by (simp add : new_word_of_int_homs)
kleing@24333
   267
kleing@24333
   268
lemma word_sp_01 [simp] : 
kleing@24333
   269
  "word_succ -1 = 0 & word_succ 0 = 1 & word_pred 0 = -1 & word_pred 1 = 0"
kleing@24333
   270
  by (unfold word_0_no word_1_no) auto
kleing@24333
   271
kleing@24333
   272
(* alternative approach to lifting arithmetic equalities *)
kleing@24333
   273
lemma word_of_int_Ex:
kleing@24333
   274
  "\<exists>y. x = word_of_int y"
kleing@24333
   275
  by (rule_tac x="uint x" in exI) simp
kleing@24333
   276
huffman@24465
   277
lemma word_arith_eqs:
huffman@24465
   278
  fixes a :: "'a::len0 word"
huffman@24465
   279
  fixes b :: "'a::len0 word"
huffman@24465
   280
  shows
huffman@24465
   281
  word_add_0: "0 + a = a" and
huffman@24465
   282
  word_add_0_right: "a + 0 = a" and
huffman@24465
   283
  word_mult_1: "1 * a = a" and
huffman@24465
   284
  word_mult_1_right: "a * 1 = a" and
huffman@24465
   285
  word_add_commute: "a + b = b + a" and
huffman@24465
   286
  word_add_assoc: "a + b + c = a + (b + c)" and
huffman@24465
   287
  word_add_left_commute: "a + (b + c) = b + (a + c)" and
huffman@24465
   288
  word_mult_commute: "a * b = b * a" and
huffman@24465
   289
  word_mult_assoc: "a * b * c = a * (b * c)" and
huffman@24465
   290
  word_mult_left_commute: "a * (b * c) = b * (a * c)" and
huffman@24465
   291
  word_left_distrib: "(a + b) * c = a * c + b * c" and
huffman@24465
   292
  word_right_distrib: "a * (b + c) = a * b + a * c" and
huffman@24465
   293
  word_left_minus: "- a + a = 0" and
huffman@24465
   294
  word_diff_0_right: "a - 0 = a" and
huffman@24465
   295
  word_diff_self: "a - a = 0"
huffman@24465
   296
  using word_of_int_Ex [of a] 
huffman@24465
   297
        word_of_int_Ex [of b] 
huffman@24465
   298
        word_of_int_Ex [of c]
huffman@24465
   299
  by (auto simp: word_of_int_hom_syms [symmetric]
huffman@24465
   300
                 zadd_0_right add_commute add_assoc add_left_commute
huffman@24465
   301
                 mult_commute mult_assoc mult_left_commute
haftmann@28059
   302
                 left_distrib right_distrib)
huffman@24465
   303
  
huffman@24465
   304
lemmas word_add_ac = word_add_commute word_add_assoc word_add_left_commute
huffman@24465
   305
lemmas word_mult_ac = word_mult_commute word_mult_assoc word_mult_left_commute
huffman@24465
   306
  
huffman@24465
   307
lemmas word_plus_ac0 = word_add_0 word_add_0_right word_add_ac
huffman@24465
   308
lemmas word_times_ac1 = word_mult_1 word_mult_1_right word_mult_ac
huffman@24465
   309
huffman@24465
   310
huffman@24350
   311
subsection "Order on fixed-length words"
kleing@24333
   312
huffman@24465
   313
lemma word_order_trans: "x <= y ==> y <= z ==> x <= (z :: 'a :: len0 word)"
kleing@24333
   314
  unfolding word_le_def by auto
kleing@24333
   315
huffman@24465
   316
lemma word_order_refl: "z <= (z :: 'a :: len0 word)"
kleing@24333
   317
  unfolding word_le_def by auto
kleing@24333
   318
huffman@24465
   319
lemma word_order_antisym: "x <= y ==> y <= x ==> x = (y :: 'a :: len0 word)"
kleing@24333
   320
  unfolding word_le_def by (auto intro!: word_uint.Rep_eqD)
kleing@24333
   321
kleing@24333
   322
lemma word_order_linear:
huffman@24465
   323
  "y <= x | x <= (y :: 'a :: len0 word)"
kleing@24333
   324
  unfolding word_le_def by auto
kleing@24333
   325
kleing@24333
   326
lemma word_zero_le [simp] :
huffman@24465
   327
  "0 <= (y :: 'a :: len0 word)"
kleing@24333
   328
  unfolding word_le_def by auto
huffman@24465
   329
  
huffman@24465
   330
instance word :: (len0) semigroup_add
huffman@24465
   331
  by intro_classes (simp add: word_add_assoc)
kleing@24333
   332
huffman@24465
   333
instance word :: (len0) linorder
kleing@24333
   334
  by intro_classes (auto simp: word_less_def word_le_def)
kleing@24333
   335
huffman@24465
   336
instance word :: (len0) ring
huffman@24465
   337
  by intro_classes
huffman@24465
   338
     (auto simp: word_arith_eqs word_diff_minus 
huffman@24465
   339
                 word_diff_self [unfolded word_diff_minus])
huffman@24465
   340
kleing@24333
   341
lemma word_m1_ge [simp] : "word_pred 0 >= y"
kleing@24333
   342
  unfolding word_le_def
kleing@24333
   343
  by (simp only : word_pred_0_n1 word_uint.eq_norm m1mod2k) auto
kleing@24333
   344
kleing@24333
   345
lemmas word_n1_ge [simp]  = word_m1_ge [simplified word_sp_01]
kleing@24333
   346
kleing@24333
   347
lemmas word_not_simps [simp] = 
kleing@24333
   348
  word_zero_le [THEN leD] word_m1_ge [THEN leD] word_n1_ge [THEN leD]
kleing@24333
   349
huffman@24465
   350
lemma word_gt_0: "0 < y = (0 ~= (y :: 'a :: len0 word))"
kleing@24333
   351
  unfolding word_less_def by auto
kleing@24333
   352
wenzelm@25350
   353
lemmas word_gt_0_no [simp] = word_gt_0 [of "number_of y", standard]
kleing@24333
   354
kleing@24333
   355
lemma word_sless_alt: "(a <s b) == (sint a < sint b)"
kleing@24333
   356
  unfolding word_sle_def word_sless_def
haftmann@27682
   357
  by (auto simp add: less_le)
kleing@24333
   358
kleing@24333
   359
lemma word_le_nat_alt: "(a <= b) = (unat a <= unat b)"
kleing@24333
   360
  unfolding unat_def word_le_def
kleing@24333
   361
  by (rule nat_le_eq_zle [symmetric]) simp
kleing@24333
   362
kleing@24333
   363
lemma word_less_nat_alt: "(a < b) = (unat a < unat b)"
kleing@24333
   364
  unfolding unat_def word_less_alt
kleing@24333
   365
  by (rule nat_less_eq_zless [symmetric]) simp
kleing@24333
   366
  
kleing@24333
   367
lemma wi_less: 
huffman@24465
   368
  "(word_of_int n < (word_of_int m :: 'a :: len0 word)) = 
huffman@24465
   369
    (n mod 2 ^ len_of TYPE('a) < m mod 2 ^ len_of TYPE('a))"
kleing@24333
   370
  unfolding word_less_alt by (simp add: word_uint.eq_norm)
kleing@24333
   371
kleing@24333
   372
lemma wi_le: 
huffman@24465
   373
  "(word_of_int n <= (word_of_int m :: 'a :: len0 word)) = 
huffman@24465
   374
    (n mod 2 ^ len_of TYPE('a) <= m mod 2 ^ len_of TYPE('a))"
kleing@24333
   375
  unfolding word_le_def by (simp add: word_uint.eq_norm)
kleing@24333
   376
kleing@24333
   377
lemma udvd_nat_alt: "a udvd b = (EX n>=0. unat b = n * unat a)"
kleing@24333
   378
  apply (unfold udvd_def)
kleing@24333
   379
  apply safe
kleing@24333
   380
   apply (simp add: unat_def nat_mult_distrib)
kleing@24333
   381
  apply (simp add: uint_nat int_mult)
kleing@24333
   382
  apply (rule exI)
kleing@24333
   383
  apply safe
kleing@24333
   384
   prefer 2
kleing@24333
   385
   apply (erule notE)
kleing@24333
   386
   apply (rule refl)
kleing@24333
   387
  apply force
kleing@24333
   388
  done
kleing@24333
   389
kleing@24333
   390
lemma udvd_iff_dvd: "x udvd y <-> unat x dvd unat y"
kleing@24333
   391
  unfolding dvd_def udvd_nat_alt by force
kleing@24333
   392
huffman@24465
   393
lemmas unat_mono = word_less_nat_alt [THEN iffD1, standard]
huffman@24378
   394
huffman@24465
   395
lemma word_zero_neq_one: "0 < len_of TYPE ('a :: len0) ==> (0 :: 'a word) ~= 1";
kleing@24333
   396
  unfolding word_arith_wis
huffman@28959
   397
  by (auto simp add: word_ubin.norm_eq_iff [symmetric] gr0_conv_Suc)
kleing@24333
   398
huffman@24465
   399
lemmas lenw1_zero_neq_one = len_gt_0 [THEN word_zero_neq_one]
kleing@24333
   400
kleing@24333
   401
lemma no_no [simp] : "number_of (number_of b) = number_of b"
kleing@24333
   402
  by (simp add: number_of_eq)
kleing@24333
   403
kleing@24333
   404
lemma unat_minus_one: "x ~= 0 ==> unat (x - 1) = unat x - 1"
kleing@24333
   405
  apply (unfold unat_def)
kleing@24333
   406
  apply (simp only: int_word_uint word_arith_alts rdmods)
kleing@24333
   407
  apply (subgoal_tac "uint x >= 1")
kleing@24333
   408
   prefer 2
kleing@24333
   409
   apply (drule contrapos_nn)
kleing@24333
   410
    apply (erule word_uint.Rep_inverse' [symmetric])
kleing@24333
   411
   apply (insert uint_ge_0 [of x])[1]
kleing@24333
   412
   apply arith
kleing@24333
   413
  apply (rule box_equals)
kleing@24333
   414
    apply (rule nat_diff_distrib)
kleing@24333
   415
     prefer 2
kleing@24333
   416
     apply assumption
kleing@24333
   417
    apply simp
kleing@24333
   418
   apply (subst mod_pos_pos_trivial)
kleing@24333
   419
     apply arith
kleing@24333
   420
    apply (insert uint_lt2p [of x])[1]
kleing@24333
   421
    apply arith
kleing@24333
   422
   apply (rule refl)
kleing@24333
   423
  apply simp
kleing@24333
   424
  done
kleing@24333
   425
    
kleing@24333
   426
lemma measure_unat: "p ~= 0 ==> unat (p - 1) < unat p"
kleing@24333
   427
  by (simp add: unat_minus_one) (simp add: unat_0_iff [symmetric])
kleing@24333
   428
  
kleing@24333
   429
lemmas uint_add_ge0 [simp] =
kleing@24333
   430
  add_nonneg_nonneg [OF uint_ge_0 uint_ge_0, standard]
kleing@24333
   431
lemmas uint_mult_ge0 [simp] =
kleing@24333
   432
  mult_nonneg_nonneg [OF uint_ge_0 uint_ge_0, standard]
kleing@24333
   433
kleing@24333
   434
lemma uint_sub_lt2p [simp]: 
huffman@24465
   435
  "uint (x :: 'a :: len0 word) - uint (y :: 'b :: len0 word) < 
huffman@24465
   436
    2 ^ len_of TYPE('a)"
kleing@24333
   437
  using uint_ge_0 [of y] uint_lt2p [of x] by arith
kleing@24333
   438
kleing@24333
   439
huffman@24350
   440
subsection "Conditions for the addition (etc) of two words to overflow"
kleing@24333
   441
kleing@24333
   442
lemma uint_add_lem: 
huffman@24465
   443
  "(uint x + uint y < 2 ^ len_of TYPE('a)) = 
huffman@24465
   444
    (uint (x + y :: 'a :: len0 word) = uint x + uint y)"
kleing@24333
   445
  by (unfold uint_word_ariths) (auto intro!: trans [OF _ int_mod_lem])
kleing@24333
   446
kleing@24333
   447
lemma uint_mult_lem: 
huffman@24465
   448
  "(uint x * uint y < 2 ^ len_of TYPE('a)) = 
huffman@24465
   449
    (uint (x * y :: 'a :: len0 word) = uint x * uint y)"
kleing@24333
   450
  by (unfold uint_word_ariths) (auto intro!: trans [OF _ int_mod_lem])
kleing@24333
   451
kleing@24333
   452
lemma uint_sub_lem: 
kleing@24333
   453
  "(uint x >= uint y) = (uint (x - y) = uint x - uint y)"
kleing@24333
   454
  by (unfold uint_word_ariths) (auto intro!: trans [OF _ int_mod_lem])
kleing@24333
   455
kleing@24333
   456
lemma uint_add_le: "uint (x + y) <= uint x + uint y"
kleing@24333
   457
  unfolding uint_word_ariths by (auto simp: mod_add_if_z)
kleing@24333
   458
kleing@24333
   459
lemma uint_sub_ge: "uint (x - y) >= uint x - uint y"
kleing@24333
   460
  unfolding uint_word_ariths by (auto simp: mod_sub_if_z)
kleing@24333
   461
kleing@24333
   462
lemmas uint_sub_if' =
kleing@24333
   463
  trans [OF uint_word_ariths(1) mod_sub_if_z, simplified, standard]
kleing@24333
   464
lemmas uint_plus_if' =
kleing@24333
   465
  trans [OF uint_word_ariths(2) mod_add_if_z, simplified, standard]
kleing@24333
   466
kleing@24333
   467
huffman@24350
   468
subsection {* Definition of uint\_arith *}
kleing@24333
   469
kleing@24333
   470
lemma word_of_int_inverse:
huffman@24465
   471
  "word_of_int r = a ==> 0 <= r ==> r < 2 ^ len_of TYPE('a) ==> 
huffman@24465
   472
   uint (a::'a::len0 word) = r"
kleing@24333
   473
  apply (erule word_uint.Abs_inverse' [rotated])
kleing@24333
   474
  apply (simp add: uints_num)
kleing@24333
   475
  done
kleing@24333
   476
kleing@24333
   477
lemma uint_split:
huffman@24465
   478
  fixes x::"'a::len0 word"
kleing@24333
   479
  shows "P (uint x) = 
huffman@24465
   480
         (ALL i. word_of_int i = x & 0 <= i & i < 2^len_of TYPE('a) --> P i)"
kleing@24333
   481
  apply (fold word_int_case_def)
kleing@24333
   482
  apply (auto dest!: word_of_int_inverse simp: int_word_uint int_mod_eq'
kleing@24333
   483
              split: word_int_split)
kleing@24333
   484
  done
kleing@24333
   485
kleing@24333
   486
lemma uint_split_asm:
huffman@24465
   487
  fixes x::"'a::len0 word"
kleing@24333
   488
  shows "P (uint x) = 
huffman@24465
   489
         (~(EX i. word_of_int i = x & 0 <= i & i < 2^len_of TYPE('a) & ~ P i))"
kleing@24333
   490
  by (auto dest!: word_of_int_inverse 
kleing@24333
   491
           simp: int_word_uint int_mod_eq'
kleing@24333
   492
           split: uint_split)
kleing@24333
   493
kleing@24333
   494
lemmas uint_splits = uint_split uint_split_asm
kleing@24333
   495
kleing@24333
   496
lemmas uint_arith_simps = 
kleing@24333
   497
  word_le_def word_less_alt
kleing@24333
   498
  word_uint.Rep_inject [symmetric] 
kleing@24333
   499
  uint_sub_if' uint_plus_if'
kleing@24333
   500
huffman@24465
   501
(* use this to stop, eg, 2 ^ len_of TYPE (32) being simplified *)
kleing@24333
   502
lemma power_False_cong: "False ==> a ^ b = c ^ d" 
kleing@24333
   503
  by auto
kleing@24333
   504
kleing@24333
   505
(* uint_arith_tac: reduce to arithmetic on int, try to solve by arith *)
kleing@24333
   506
ML {*
kleing@24333
   507
fun uint_arith_ss_of ss = 
kleing@24333
   508
  ss addsimps @{thms uint_arith_simps}
kleing@24333
   509
     delsimps @{thms word_uint.Rep_inject}
kleing@24333
   510
     addsplits @{thms split_if_asm} 
kleing@24333
   511
     addcongs @{thms power_False_cong}
kleing@24333
   512
kleing@24333
   513
fun uint_arith_tacs ctxt = 
kleing@24333
   514
  let fun arith_tac' n t = arith_tac ctxt n t handle COOPER => Seq.empty  
kleing@24333
   515
  in 
kleing@24333
   516
    [ CLASET' clarify_tac 1,
kleing@24333
   517
      SIMPSET' (full_simp_tac o uint_arith_ss_of) 1,
kleing@24333
   518
      ALLGOALS (full_simp_tac (HOL_ss addsplits @{thms uint_splits} 
kleing@24333
   519
                                      addcongs @{thms power_False_cong})),
kleing@24333
   520
      rewrite_goals_tac @{thms word_size}, 
kleing@24333
   521
      ALLGOALS  (fn n => REPEAT (resolve_tac [allI, impI] n) THEN      
kleing@24333
   522
                         REPEAT (etac conjE n) THEN
kleing@24333
   523
                         REPEAT (dtac @{thm word_of_int_inverse} n 
kleing@24333
   524
                                 THEN atac n 
kleing@24333
   525
                                 THEN atac n)),
kleing@24333
   526
      TRYALL arith_tac' ]
kleing@24333
   527
  end
kleing@24333
   528
kleing@24333
   529
fun uint_arith_tac ctxt = SELECT_GOAL (EVERY (uint_arith_tacs ctxt))
kleing@24333
   530
*}
kleing@24333
   531
kleing@24333
   532
method_setup uint_arith = 
kleing@24333
   533
  "Method.ctxt_args (fn ctxt => Method.SIMPLE_METHOD (uint_arith_tac ctxt 1))" 
kleing@24333
   534
  "solving word arithmetic via integers and arith"
kleing@24333
   535
kleing@24333
   536
huffman@24350
   537
subsection "More on overflows and monotonicity"
kleing@24333
   538
kleing@24333
   539
lemma no_plus_overflow_uint_size: 
huffman@24465
   540
  "((x :: 'a :: len0 word) <= x + y) = (uint x + uint y < 2 ^ size x)"
kleing@24333
   541
  unfolding word_size by uint_arith
kleing@24333
   542
kleing@24333
   543
lemmas no_olen_add = no_plus_overflow_uint_size [unfolded word_size]
kleing@24333
   544
huffman@24465
   545
lemma no_ulen_sub: "((x :: 'a :: len0 word) >= x - y) = (uint y <= uint x)"
kleing@24333
   546
  by uint_arith
kleing@24333
   547
kleing@24333
   548
lemma no_olen_add':
huffman@24465
   549
  fixes x :: "'a::len0 word"
huffman@24465
   550
  shows "(x \<le> y + x) = (uint y + uint x < 2 ^ len_of TYPE('a))"
huffman@24465
   551
  by (simp add: word_add_ac add_ac no_olen_add)
kleing@24333
   552
kleing@24333
   553
lemmas olen_add_eqv = trans [OF no_olen_add no_olen_add' [symmetric], standard]
kleing@24333
   554
kleing@24333
   555
lemmas uint_plus_simple_iff = trans [OF no_olen_add uint_add_lem, standard]
kleing@24333
   556
lemmas uint_plus_simple = uint_plus_simple_iff [THEN iffD1, standard]
kleing@24333
   557
lemmas uint_minus_simple_iff = trans [OF no_ulen_sub uint_sub_lem, standard]
kleing@24333
   558
lemmas uint_minus_simple_alt = uint_sub_lem [folded word_le_def]
kleing@24333
   559
lemmas word_sub_le_iff = no_ulen_sub [folded word_le_def]
kleing@24333
   560
lemmas word_sub_le = word_sub_le_iff [THEN iffD2, standard]
kleing@24333
   561
kleing@24333
   562
lemma word_less_sub1: 
huffman@24465
   563
  "(x :: 'a :: len word) ~= 0 ==> (1 < x) = (0 < x - 1)"
kleing@24333
   564
  by uint_arith
kleing@24333
   565
kleing@24333
   566
lemma word_le_sub1: 
huffman@24465
   567
  "(x :: 'a :: len word) ~= 0 ==> (1 <= x) = (0 <= x - 1)"
kleing@24333
   568
  by uint_arith
kleing@24333
   569
kleing@24333
   570
lemma sub_wrap_lt: 
huffman@24465
   571
  "((x :: 'a :: len0 word) < x - z) = (x < z)"
kleing@24333
   572
  by uint_arith
kleing@24333
   573
kleing@24333
   574
lemma sub_wrap: 
huffman@24465
   575
  "((x :: 'a :: len0 word) <= x - z) = (z = 0 | x < z)"
kleing@24333
   576
  by uint_arith
kleing@24333
   577
kleing@24333
   578
lemma plus_minus_not_NULL_ab: 
huffman@24465
   579
  "(x :: 'a :: len0 word) <= ab - c ==> c <= ab ==> c ~= 0 ==> x + c ~= 0"
kleing@24333
   580
  by uint_arith
kleing@24333
   581
kleing@24333
   582
lemma plus_minus_no_overflow_ab: 
huffman@24465
   583
  "(x :: 'a :: len0 word) <= ab - c ==> c <= ab ==> x <= x + c" 
kleing@24333
   584
  by uint_arith
kleing@24333
   585
kleing@24333
   586
lemma le_minus': 
huffman@24465
   587
  "(a :: 'a :: len0 word) + c <= b ==> a <= a + c ==> c <= b - a"
kleing@24333
   588
  by uint_arith
kleing@24333
   589
kleing@24333
   590
lemma le_plus': 
huffman@24465
   591
  "(a :: 'a :: len0 word) <= b ==> c <= b - a ==> a + c <= b"
kleing@24333
   592
  by uint_arith
kleing@24333
   593
kleing@24333
   594
lemmas le_plus = le_plus' [rotated]
kleing@24333
   595
kleing@24333
   596
lemmas le_minus = leD [THEN thin_rl, THEN le_minus', standard]
kleing@24333
   597
kleing@24333
   598
lemma word_plus_mono_right: 
huffman@24465
   599
  "(y :: 'a :: len0 word) <= z ==> x <= x + z ==> x + y <= x + z"
kleing@24333
   600
  by uint_arith
kleing@24333
   601
kleing@24333
   602
lemma word_less_minus_cancel: 
huffman@24465
   603
  "y - x < z - x ==> x <= z ==> (y :: 'a :: len0 word) < z"
kleing@24333
   604
  by uint_arith
kleing@24333
   605
kleing@24333
   606
lemma word_less_minus_mono_left: 
huffman@24465
   607
  "(y :: 'a :: len0 word) < z ==> x <= y ==> y - x < z - x"
kleing@24333
   608
  by uint_arith
kleing@24333
   609
kleing@24333
   610
lemma word_less_minus_mono:  
kleing@24333
   611
  "a < c ==> d < b ==> a - b < a ==> c - d < c 
huffman@24465
   612
  ==> a - b < c - (d::'a::len word)"
kleing@24333
   613
  by uint_arith
kleing@24333
   614
kleing@24333
   615
lemma word_le_minus_cancel: 
huffman@24465
   616
  "y - x <= z - x ==> x <= z ==> (y :: 'a :: len0 word) <= z"
kleing@24333
   617
  by uint_arith
kleing@24333
   618
kleing@24333
   619
lemma word_le_minus_mono_left: 
huffman@24465
   620
  "(y :: 'a :: len0 word) <= z ==> x <= y ==> y - x <= z - x"
kleing@24333
   621
  by uint_arith
kleing@24333
   622
kleing@24333
   623
lemma word_le_minus_mono:  
kleing@24333
   624
  "a <= c ==> d <= b ==> a - b <= a ==> c - d <= c 
huffman@24465
   625
  ==> a - b <= c - (d::'a::len word)"
kleing@24333
   626
  by uint_arith
kleing@24333
   627
kleing@24333
   628
lemma plus_le_left_cancel_wrap: 
huffman@24465
   629
  "(x :: 'a :: len0 word) + y' < x ==> x + y < x ==> (x + y' < x + y) = (y' < y)"
kleing@24333
   630
  by uint_arith
kleing@24333
   631
kleing@24333
   632
lemma plus_le_left_cancel_nowrap: 
huffman@24465
   633
  "(x :: 'a :: len0 word) <= x + y' ==> x <= x + y ==> 
kleing@24333
   634
    (x + y' < x + y) = (y' < y)" 
kleing@24333
   635
  by uint_arith
kleing@24333
   636
kleing@24333
   637
lemma word_plus_mono_right2: 
huffman@24465
   638
  "(a :: 'a :: len0 word) <= a + b ==> c <= b ==> a <= a + c"
kleing@24333
   639
  by uint_arith
kleing@24333
   640
kleing@24333
   641
lemma word_less_add_right: 
huffman@24465
   642
  "(x :: 'a :: len0 word) < y - z ==> z <= y ==> x + z < y"
kleing@24333
   643
  by uint_arith
kleing@24333
   644
kleing@24333
   645
lemma word_less_sub_right: 
huffman@24465
   646
  "(x :: 'a :: len0 word) < y + z ==> y <= x ==> x - y < z"
kleing@24333
   647
  by uint_arith
kleing@24333
   648
kleing@24333
   649
lemma word_le_plus_either: 
huffman@24465
   650
  "(x :: 'a :: len0 word) <= y | x <= z ==> y <= y + z ==> x <= y + z"
kleing@24333
   651
  by uint_arith
kleing@24333
   652
kleing@24333
   653
lemma word_less_nowrapI: 
huffman@24465
   654
  "(x :: 'a :: len0 word) < z - k ==> k <= z ==> 0 < k ==> x < x + k"
kleing@24333
   655
  by uint_arith
kleing@24333
   656
huffman@24465
   657
lemma inc_le: "(i :: 'a :: len word) < m ==> i + 1 <= m"
kleing@24333
   658
  by uint_arith
kleing@24333
   659
kleing@24333
   660
lemma inc_i: 
huffman@24465
   661
  "(1 :: 'a :: len word) <= i ==> i < m ==> 1 <= (i + 1) & i + 1 <= m"
kleing@24333
   662
  by uint_arith
kleing@24333
   663
kleing@24333
   664
lemma udvd_incr_lem:
kleing@24333
   665
  "up < uq ==> up = ua + n * uint K ==> 
kleing@24333
   666
    uq = ua + n' * uint K ==> up + uint K <= uq"
kleing@24333
   667
  apply clarsimp
kleing@24333
   668
  apply (drule less_le_mult)
kleing@24333
   669
  apply safe
kleing@24333
   670
  done
kleing@24333
   671
kleing@24333
   672
lemma udvd_incr': 
kleing@24333
   673
  "p < q ==> uint p = ua + n * uint K ==> 
kleing@24333
   674
    uint q = ua + n' * uint K ==> p + K <= q" 
kleing@24333
   675
  apply (unfold word_less_alt word_le_def)
kleing@24333
   676
  apply (drule (2) udvd_incr_lem)
kleing@24333
   677
  apply (erule uint_add_le [THEN order_trans])
kleing@24333
   678
  done
kleing@24333
   679
kleing@24333
   680
lemma udvd_decr': 
kleing@24333
   681
  "p < q ==> uint p = ua + n * uint K ==> 
kleing@24333
   682
    uint q = ua + n' * uint K ==> p <= q - K"
kleing@24333
   683
  apply (unfold word_less_alt word_le_def)
kleing@24333
   684
  apply (drule (2) udvd_incr_lem)
kleing@24333
   685
  apply (drule le_diff_eq [THEN iffD2])
kleing@24333
   686
  apply (erule order_trans)
kleing@24333
   687
  apply (rule uint_sub_ge)
kleing@24333
   688
  done
kleing@24333
   689
kleing@24333
   690
lemmas udvd_incr_lem0 = udvd_incr_lem [where ua=0, simplified]
kleing@24333
   691
lemmas udvd_incr0 = udvd_incr' [where ua=0, simplified]
kleing@24333
   692
lemmas udvd_decr0 = udvd_decr' [where ua=0, simplified]
kleing@24333
   693
kleing@24333
   694
lemma udvd_minus_le': 
kleing@24333
   695
  "xy < k ==> z udvd xy ==> z udvd k ==> xy <= k - z"
kleing@24333
   696
  apply (unfold udvd_def)
kleing@24333
   697
  apply clarify
kleing@24333
   698
  apply (erule (2) udvd_decr0)
kleing@24333
   699
  done
kleing@24333
   700
kleing@24333
   701
lemma udvd_incr2_K: 
kleing@24333
   702
  "p < a + s ==> a <= a + s ==> K udvd s ==> K udvd p - a ==> a <= p ==> 
kleing@24333
   703
    0 < K ==> p <= p + K & p + K <= a + s"
kleing@24333
   704
  apply (unfold udvd_def)
kleing@24333
   705
  apply clarify
kleing@24333
   706
  apply (simp add: uint_arith_simps split: split_if_asm)
kleing@24333
   707
   prefer 2 
kleing@24333
   708
   apply (insert uint_range' [of s])[1]
kleing@24333
   709
   apply arith
kleing@24333
   710
  apply (drule add_commute [THEN xtr1])
kleing@24333
   711
  apply (simp add: diff_less_eq [symmetric])
kleing@24333
   712
  apply (drule less_le_mult)
kleing@24333
   713
   apply arith
kleing@24333
   714
  apply simp
kleing@24333
   715
  done
kleing@24333
   716
huffman@24465
   717
(* links with rbl operations *)
huffman@24465
   718
lemma word_succ_rbl:
huffman@24465
   719
  "to_bl w = bl ==> to_bl (word_succ w) = (rev (rbl_succ (rev bl)))"
huffman@24465
   720
  apply (unfold word_succ_def)
huffman@24465
   721
  apply clarify
huffman@24465
   722
  apply (simp add: to_bl_of_bin)
huffman@24465
   723
  apply (simp add: to_bl_def rbl_succ)
huffman@24465
   724
  done
huffman@24465
   725
huffman@24465
   726
lemma word_pred_rbl:
huffman@24465
   727
  "to_bl w = bl ==> to_bl (word_pred w) = (rev (rbl_pred (rev bl)))"
huffman@24465
   728
  apply (unfold word_pred_def)
huffman@24465
   729
  apply clarify
huffman@24465
   730
  apply (simp add: to_bl_of_bin)
huffman@24465
   731
  apply (simp add: to_bl_def rbl_pred)
huffman@24465
   732
  done
huffman@24465
   733
huffman@24465
   734
lemma word_add_rbl:
huffman@24465
   735
  "to_bl v = vbl ==> to_bl w = wbl ==> 
huffman@24465
   736
    to_bl (v + w) = (rev (rbl_add (rev vbl) (rev wbl)))"
huffman@24465
   737
  apply (unfold word_add_def)
huffman@24465
   738
  apply clarify
huffman@24465
   739
  apply (simp add: to_bl_of_bin)
huffman@24465
   740
  apply (simp add: to_bl_def rbl_add)
huffman@24465
   741
  done
huffman@24465
   742
huffman@24465
   743
lemma word_mult_rbl:
huffman@24465
   744
  "to_bl v = vbl ==> to_bl w = wbl ==> 
huffman@24465
   745
    to_bl (v * w) = (rev (rbl_mult (rev vbl) (rev wbl)))"
huffman@24465
   746
  apply (unfold word_mult_def)
huffman@24465
   747
  apply clarify
huffman@24465
   748
  apply (simp add: to_bl_of_bin)
huffman@24465
   749
  apply (simp add: to_bl_def rbl_mult)
huffman@24465
   750
  done
huffman@24465
   751
huffman@24465
   752
lemma rtb_rbl_ariths:
huffman@24465
   753
  "rev (to_bl w) = ys \<Longrightarrow> rev (to_bl (word_succ w)) = rbl_succ ys"
huffman@24465
   754
huffman@24465
   755
  "rev (to_bl w) = ys \<Longrightarrow> rev (to_bl (word_pred w)) = rbl_pred ys"
huffman@24465
   756
huffman@24465
   757
  "[| rev (to_bl v) = ys; rev (to_bl w) = xs |] 
huffman@24465
   758
  ==> rev (to_bl (v * w)) = rbl_mult ys xs"
huffman@24465
   759
huffman@24465
   760
  "[| rev (to_bl v) = ys; rev (to_bl w) = xs |] 
huffman@24465
   761
  ==> rev (to_bl (v + w)) = rbl_add ys xs"
huffman@24465
   762
  by (auto simp: rev_swap [symmetric] word_succ_rbl 
huffman@24465
   763
                 word_pred_rbl word_mult_rbl word_add_rbl)
huffman@24465
   764
huffman@24465
   765
huffman@24350
   766
subsection "Arithmetic type class instantiations"
kleing@24333
   767
huffman@24465
   768
instance word :: (len0) comm_monoid_add ..
huffman@24465
   769
huffman@24465
   770
instance word :: (len0) comm_monoid_mult
huffman@24465
   771
  apply (intro_classes)
huffman@24465
   772
   apply (simp add: word_mult_commute)
huffman@24465
   773
  apply (simp add: word_mult_1)
huffman@24465
   774
  done
huffman@24465
   775
huffman@24465
   776
instance word :: (len0) comm_semiring 
huffman@24465
   777
  by (intro_classes) (simp add : word_left_distrib)
huffman@24465
   778
huffman@24465
   779
instance word :: (len0) ab_group_add ..
huffman@24465
   780
huffman@24465
   781
instance word :: (len0) comm_ring ..
huffman@24465
   782
huffman@24465
   783
instance word :: (len) comm_semiring_1 
huffman@24465
   784
  by (intro_classes) (simp add: lenw1_zero_neq_one)
huffman@24465
   785
huffman@24465
   786
instance word :: (len) comm_ring_1 ..
huffman@24465
   787
huffman@24465
   788
instance word :: (len0) comm_semiring_0 ..
huffman@24465
   789
huffman@24465
   790
instance word :: (len0) order ..
huffman@24465
   791
huffman@24465
   792
instance word :: (len) recpower
haftmann@25762
   793
  by (intro_classes) simp_all
huffman@24465
   794
kleing@24333
   795
(* note that iszero_def is only for class comm_semiring_1_cancel,
huffman@24465
   796
   which requires word length >= 1, ie 'a :: len word *) 
kleing@24333
   797
lemma zero_bintrunc:
huffman@24465
   798
  "iszero (number_of x :: 'a :: len word) = 
haftmann@25919
   799
    (bintrunc (len_of TYPE('a)) x = Int.Pls)"
kleing@24333
   800
  apply (unfold iszero_def word_0_wi word_no_wi)
kleing@24333
   801
  apply (rule word_ubin.norm_eq_iff [symmetric, THEN trans])
kleing@24333
   802
  apply (simp add : Pls_def [symmetric])
kleing@24333
   803
  done
kleing@24333
   804
kleing@24333
   805
lemmas word_le_0_iff [simp] =
kleing@24333
   806
  word_zero_le [THEN leD, THEN linorder_antisym_conv1]
kleing@24333
   807
kleing@24333
   808
lemma word_of_nat: "of_nat n = word_of_int (int n)"
kleing@24333
   809
  by (induct n) (auto simp add : word_of_int_hom_syms)
kleing@24333
   810
kleing@24333
   811
lemma word_of_int: "of_int = word_of_int"
kleing@24333
   812
  apply (rule ext)
huffman@24465
   813
  apply (unfold of_int_def)
huffman@24465
   814
  apply (rule contentsI)
huffman@24465
   815
  apply safe
huffman@24465
   816
  apply (simp_all add: word_of_nat word_of_int_homs)
huffman@24465
   817
   defer
huffman@24465
   818
   apply (rule Rep_Integ_ne [THEN nonemptyE])
huffman@24465
   819
   apply (rule bexI)
huffman@24465
   820
    prefer 2
huffman@24465
   821
    apply assumption
huffman@24465
   822
   apply (auto simp add: RI_eq_diff)
kleing@24333
   823
  done
kleing@24333
   824
kleing@24333
   825
lemma word_of_int_nat: 
kleing@24333
   826
  "0 <= x ==> word_of_int x = of_nat (nat x)"
kleing@24333
   827
  by (simp add: of_nat_nat word_of_int)
kleing@24333
   828
kleing@24333
   829
lemma word_number_of_eq: 
huffman@24465
   830
  "number_of w = (of_int w :: 'a :: len word)"
kleing@24333
   831
  unfolding word_number_of_def word_of_int by auto
kleing@24333
   832
huffman@24465
   833
instance word :: (len) number_ring
kleing@24333
   834
  by (intro_classes) (simp add : word_number_of_eq)
kleing@24333
   835
kleing@24333
   836
lemma iszero_word_no [simp] : 
huffman@24465
   837
  "iszero (number_of bin :: 'a :: len word) = 
huffman@24465
   838
    iszero (number_of (bintrunc (len_of TYPE('a)) bin) :: int)"
huffman@24368
   839
  apply (simp add: zero_bintrunc number_of_is_id)
kleing@24333
   840
  apply (unfold iszero_def Pls_def)
kleing@24333
   841
  apply (rule refl)
kleing@24333
   842
  done
kleing@24333
   843
    
kleing@24333
   844
huffman@24350
   845
subsection "Word and nat"
kleing@24333
   846
kleing@24333
   847
lemma td_ext_unat':
huffman@24465
   848
  "n = len_of TYPE ('a :: len) ==> 
kleing@24333
   849
    td_ext (unat :: 'a word => nat) of_nat 
kleing@24333
   850
    (unats n) (%i. i mod 2 ^ n)"
kleing@24333
   851
  apply (unfold td_ext_def' unat_def word_of_nat unats_uints)
kleing@24333
   852
  apply (auto intro!: imageI simp add : word_of_int_hom_syms)
kleing@24333
   853
  apply (erule word_uint.Abs_inverse [THEN arg_cong])
kleing@24333
   854
  apply (simp add: int_word_uint nat_mod_distrib nat_power_eq)
kleing@24333
   855
  done
kleing@24333
   856
kleing@24333
   857
lemmas td_ext_unat = refl [THEN td_ext_unat']
kleing@24333
   858
lemmas unat_of_nat = td_ext_unat [THEN td_ext.eq_norm, standard]
kleing@24333
   859
ballarin@29235
   860
interpretation word_unat!:
ballarin@29235
   861
  td_ext "unat::'a::len word => nat" 
ballarin@29235
   862
         of_nat 
ballarin@29235
   863
         "unats (len_of TYPE('a::len))"
ballarin@29235
   864
         "%i. i mod 2 ^ len_of TYPE('a::len)"
kleing@24333
   865
  by (rule td_ext_unat)
kleing@24333
   866
kleing@24333
   867
lemmas td_unat = word_unat.td_thm
kleing@24333
   868
kleing@24333
   869
lemmas unat_lt2p [iff] = word_unat.Rep [unfolded unats_def mem_Collect_eq]
kleing@24333
   870
huffman@24465
   871
lemma unat_le: "y <= unat (z :: 'a :: len word) ==> y : unats (len_of TYPE ('a))"
kleing@24333
   872
  apply (unfold unats_def)
kleing@24333
   873
  apply clarsimp
kleing@24333
   874
  apply (rule xtrans, rule unat_lt2p, assumption) 
kleing@24333
   875
  done
kleing@24333
   876
kleing@24333
   877
lemma word_nchotomy:
huffman@24465
   878
  "ALL w. EX n. (w :: 'a :: len word) = of_nat n & n < 2 ^ len_of TYPE ('a)"
kleing@24333
   879
  apply (rule allI)
kleing@24333
   880
  apply (rule word_unat.Abs_cases)
kleing@24333
   881
  apply (unfold unats_def)
kleing@24333
   882
  apply auto
kleing@24333
   883
  done
kleing@24333
   884
kleing@24333
   885
lemma of_nat_eq:
huffman@24465
   886
  fixes w :: "'a::len word"
huffman@24465
   887
  shows "(of_nat n = w) = (\<exists>q. n = unat w + q * 2 ^ len_of TYPE('a))"
kleing@24333
   888
  apply (rule trans)
kleing@24333
   889
   apply (rule word_unat.inverse_norm)
kleing@24333
   890
  apply (rule iffI)
kleing@24333
   891
   apply (rule mod_eqD)
kleing@24333
   892
   apply simp
kleing@24333
   893
  apply clarsimp
kleing@24333
   894
  done
kleing@24333
   895
kleing@24333
   896
lemma of_nat_eq_size: 
kleing@24333
   897
  "(of_nat n = w) = (EX q. n = unat w + q * 2 ^ size w)"
kleing@24333
   898
  unfolding word_size by (rule of_nat_eq)
kleing@24333
   899
kleing@24333
   900
lemma of_nat_0:
huffman@24465
   901
  "(of_nat m = (0::'a::len word)) = (\<exists>q. m = q * 2 ^ len_of TYPE('a))"
kleing@24333
   902
  by (simp add: of_nat_eq)
kleing@24333
   903
kleing@24333
   904
lemmas of_nat_2p = mult_1 [symmetric, THEN iffD2 [OF of_nat_0 exI]]
kleing@24333
   905
kleing@24333
   906
lemma of_nat_gt_0: "of_nat k ~= 0 ==> 0 < k"
kleing@24333
   907
  by (cases k) auto
kleing@24333
   908
kleing@24333
   909
lemma of_nat_neq_0: 
huffman@24465
   910
  "0 < k ==> k < 2 ^ len_of TYPE ('a :: len) ==> of_nat k ~= (0 :: 'a word)"
kleing@24333
   911
  by (clarsimp simp add : of_nat_0)
kleing@24333
   912
kleing@24333
   913
lemma Abs_fnat_hom_add:
kleing@24333
   914
  "of_nat a + of_nat b = of_nat (a + b)"
kleing@24333
   915
  by simp
kleing@24333
   916
kleing@24333
   917
lemma Abs_fnat_hom_mult:
huffman@24465
   918
  "of_nat a * of_nat b = (of_nat (a * b) :: 'a :: len word)"
kleing@24333
   919
  by (simp add: word_of_nat word_of_int_mult_hom zmult_int)
kleing@24333
   920
kleing@24333
   921
lemma Abs_fnat_hom_Suc:
kleing@24333
   922
  "word_succ (of_nat a) = of_nat (Suc a)"
kleing@24333
   923
  by (simp add: word_of_nat word_of_int_succ_hom add_ac)
kleing@24333
   924
huffman@24465
   925
lemma Abs_fnat_hom_0: "(0::'a::len word) = of_nat 0"
kleing@24333
   926
  by (simp add: word_of_nat word_0_wi)
kleing@24333
   927
huffman@24465
   928
lemma Abs_fnat_hom_1: "(1::'a::len word) = of_nat (Suc 0)"
kleing@24333
   929
  by (simp add: word_of_nat word_1_wi)
kleing@24333
   930
kleing@24333
   931
lemmas Abs_fnat_homs = 
kleing@24333
   932
  Abs_fnat_hom_add Abs_fnat_hom_mult Abs_fnat_hom_Suc 
kleing@24333
   933
  Abs_fnat_hom_0 Abs_fnat_hom_1
kleing@24333
   934
kleing@24333
   935
lemma word_arith_nat_add:
kleing@24333
   936
  "a + b = of_nat (unat a + unat b)" 
kleing@24333
   937
  by simp
kleing@24333
   938
kleing@24333
   939
lemma word_arith_nat_mult:
kleing@24333
   940
  "a * b = of_nat (unat a * unat b)"
kleing@24333
   941
  by (simp add: Abs_fnat_hom_mult [symmetric])
kleing@24333
   942
    
kleing@24333
   943
lemma word_arith_nat_Suc:
kleing@24333
   944
  "word_succ a = of_nat (Suc (unat a))"
kleing@24333
   945
  by (subst Abs_fnat_hom_Suc [symmetric]) simp
kleing@24333
   946
kleing@24333
   947
lemma word_arith_nat_div:
kleing@24333
   948
  "a div b = of_nat (unat a div unat b)"
kleing@24333
   949
  by (simp add: word_div_def word_of_nat zdiv_int uint_nat)
kleing@24333
   950
kleing@24333
   951
lemma word_arith_nat_mod:
kleing@24333
   952
  "a mod b = of_nat (unat a mod unat b)"
kleing@24333
   953
  by (simp add: word_mod_def word_of_nat zmod_int uint_nat)
kleing@24333
   954
kleing@24333
   955
lemmas word_arith_nat_defs =
kleing@24333
   956
  word_arith_nat_add word_arith_nat_mult
kleing@24333
   957
  word_arith_nat_Suc Abs_fnat_hom_0
kleing@24333
   958
  Abs_fnat_hom_1 word_arith_nat_div
kleing@24333
   959
  word_arith_nat_mod 
kleing@24333
   960
kleing@24333
   961
lemmas unat_cong = arg_cong [where f = "unat"]
kleing@24333
   962
  
kleing@24333
   963
lemmas unat_word_ariths = word_arith_nat_defs
kleing@24333
   964
  [THEN trans [OF unat_cong unat_of_nat], standard]
kleing@24333
   965
kleing@24333
   966
lemmas word_sub_less_iff = word_sub_le_iff
kleing@24333
   967
  [simplified linorder_not_less [symmetric], simplified]
kleing@24333
   968
kleing@24333
   969
lemma unat_add_lem: 
huffman@24465
   970
  "(unat x + unat y < 2 ^ len_of TYPE('a)) = 
huffman@24465
   971
    (unat (x + y :: 'a :: len word) = unat x + unat y)"
kleing@24333
   972
  unfolding unat_word_ariths
kleing@24333
   973
  by (auto intro!: trans [OF _ nat_mod_lem])
kleing@24333
   974
kleing@24333
   975
lemma unat_mult_lem: 
huffman@24465
   976
  "(unat x * unat y < 2 ^ len_of TYPE('a)) = 
huffman@24465
   977
    (unat (x * y :: 'a :: len word) = unat x * unat y)"
kleing@24333
   978
  unfolding unat_word_ariths
kleing@24333
   979
  by (auto intro!: trans [OF _ nat_mod_lem])
kleing@24333
   980
kleing@24333
   981
lemmas unat_plus_if' = 
kleing@24333
   982
  trans [OF unat_word_ariths(1) mod_nat_add, simplified, standard]
kleing@24333
   983
kleing@24333
   984
lemma le_no_overflow: 
huffman@24465
   985
  "x <= b ==> a <= a + b ==> x <= a + (b :: 'a :: len0 word)"
kleing@24333
   986
  apply (erule order_trans)
kleing@24333
   987
  apply (erule olen_add_eqv [THEN iffD1])
kleing@24333
   988
  done
kleing@24333
   989
kleing@24333
   990
lemmas un_ui_le = trans 
kleing@24333
   991
  [OF word_le_nat_alt [symmetric] 
haftmann@25762
   992
      word_le_def, 
kleing@24333
   993
   standard]
kleing@24333
   994
kleing@24333
   995
lemma unat_sub_if_size:
kleing@24333
   996
  "unat (x - y) = (if unat y <= unat x 
kleing@24333
   997
   then unat x - unat y 
kleing@24333
   998
   else unat x + 2 ^ size x - unat y)"
kleing@24333
   999
  apply (unfold word_size)
kleing@24333
  1000
  apply (simp add: un_ui_le)
kleing@24333
  1001
  apply (auto simp add: unat_def uint_sub_if')
kleing@24333
  1002
   apply (rule nat_diff_distrib)
kleing@24333
  1003
    prefer 3
nipkow@29667
  1004
    apply (simp add: algebra_simps)
kleing@24333
  1005
    apply (rule nat_diff_distrib [THEN trans])
kleing@24333
  1006
      prefer 3
kleing@24333
  1007
      apply (subst nat_add_distrib)
kleing@24333
  1008
        prefer 3
kleing@24333
  1009
        apply (simp add: nat_power_eq)
kleing@24333
  1010
       apply auto
kleing@24333
  1011
  apply uint_arith
kleing@24333
  1012
  done
kleing@24333
  1013
kleing@24333
  1014
lemmas unat_sub_if' = unat_sub_if_size [unfolded word_size]
kleing@24333
  1015
huffman@24465
  1016
lemma unat_div: "unat ((x :: 'a :: len word) div y) = unat x div unat y"
kleing@24333
  1017
  apply (simp add : unat_word_ariths)
kleing@24333
  1018
  apply (rule unat_lt2p [THEN xtr7, THEN nat_mod_eq'])
kleing@24333
  1019
  apply (rule div_le_dividend)
kleing@24333
  1020
  done
kleing@24333
  1021
huffman@24465
  1022
lemma unat_mod: "unat ((x :: 'a :: len word) mod y) = unat x mod unat y"
kleing@24333
  1023
  apply (clarsimp simp add : unat_word_ariths)
kleing@24333
  1024
  apply (cases "unat y")
kleing@24333
  1025
   prefer 2
kleing@24333
  1026
   apply (rule unat_lt2p [THEN xtr7, THEN nat_mod_eq'])
kleing@24333
  1027
   apply (rule mod_le_divisor)
kleing@24333
  1028
   apply auto
kleing@24333
  1029
  done
kleing@24333
  1030
huffman@24465
  1031
lemma uint_div: "uint ((x :: 'a :: len word) div y) = uint x div uint y"
kleing@24333
  1032
  unfolding uint_nat by (simp add : unat_div zdiv_int)
kleing@24333
  1033
huffman@24465
  1034
lemma uint_mod: "uint ((x :: 'a :: len word) mod y) = uint x mod uint y"
kleing@24333
  1035
  unfolding uint_nat by (simp add : unat_mod zmod_int)
kleing@24333
  1036
kleing@24333
  1037
huffman@24350
  1038
subsection {* Definition of unat\_arith tactic *}
kleing@24333
  1039
kleing@24333
  1040
lemma unat_split:
huffman@24465
  1041
  fixes x::"'a::len word"
kleing@24333
  1042
  shows "P (unat x) = 
huffman@24465
  1043
         (ALL n. of_nat n = x & n < 2^len_of TYPE('a) --> P n)"
kleing@24333
  1044
  by (auto simp: unat_of_nat)
kleing@24333
  1045
kleing@24333
  1046
lemma unat_split_asm:
huffman@24465
  1047
  fixes x::"'a::len word"
kleing@24333
  1048
  shows "P (unat x) = 
huffman@24465
  1049
         (~(EX n. of_nat n = x & n < 2^len_of TYPE('a) & ~ P n))"
kleing@24333
  1050
  by (auto simp: unat_of_nat)
kleing@24333
  1051
kleing@24333
  1052
lemmas of_nat_inverse = 
kleing@24333
  1053
  word_unat.Abs_inverse' [rotated, unfolded unats_def, simplified]
kleing@24333
  1054
kleing@24333
  1055
lemmas unat_splits = unat_split unat_split_asm
kleing@24333
  1056
kleing@24333
  1057
lemmas unat_arith_simps =
kleing@24333
  1058
  word_le_nat_alt word_less_nat_alt
kleing@24333
  1059
  word_unat.Rep_inject [symmetric]
kleing@24333
  1060
  unat_sub_if' unat_plus_if' unat_div unat_mod
kleing@24333
  1061
kleing@24333
  1062
(* unat_arith_tac: tactic to reduce word arithmetic to nat, 
kleing@24333
  1063
   try to solve via arith *)
kleing@24333
  1064
ML {*
kleing@24333
  1065
fun unat_arith_ss_of ss = 
kleing@24333
  1066
  ss addsimps @{thms unat_arith_simps}
kleing@24333
  1067
     delsimps @{thms word_unat.Rep_inject}
kleing@24333
  1068
     addsplits @{thms split_if_asm}
kleing@24333
  1069
     addcongs @{thms power_False_cong}
kleing@24333
  1070
kleing@24333
  1071
fun unat_arith_tacs ctxt =   
kleing@24333
  1072
  let fun arith_tac' n t = arith_tac ctxt n t handle COOPER => Seq.empty  
kleing@24333
  1073
  in 
kleing@24333
  1074
    [ CLASET' clarify_tac 1,
kleing@24333
  1075
      SIMPSET' (full_simp_tac o unat_arith_ss_of) 1,
kleing@24333
  1076
      ALLGOALS (full_simp_tac (HOL_ss addsplits @{thms unat_splits} 
kleing@24333
  1077
                                       addcongs @{thms power_False_cong})),
kleing@24333
  1078
      rewrite_goals_tac @{thms word_size}, 
kleing@24333
  1079
      ALLGOALS  (fn n => REPEAT (resolve_tac [allI, impI] n) THEN      
kleing@24333
  1080
                         REPEAT (etac conjE n) THEN
kleing@24333
  1081
                         REPEAT (dtac @{thm of_nat_inverse} n THEN atac n)),
kleing@24333
  1082
      TRYALL arith_tac' ] 
kleing@24333
  1083
  end
kleing@24333
  1084
kleing@24333
  1085
fun unat_arith_tac ctxt = SELECT_GOAL (EVERY (unat_arith_tacs ctxt))
kleing@24333
  1086
*}
kleing@24333
  1087
kleing@24333
  1088
method_setup unat_arith = 
kleing@24333
  1089
  "Method.ctxt_args (fn ctxt => Method.SIMPLE_METHOD (unat_arith_tac ctxt 1))" 
kleing@24333
  1090
  "solving word arithmetic via natural numbers and arith"
kleing@24333
  1091
kleing@24333
  1092
lemma no_plus_overflow_unat_size: 
huffman@24465
  1093
  "((x :: 'a :: len word) <= x + y) = (unat x + unat y < 2 ^ size x)" 
kleing@24333
  1094
  unfolding word_size by unat_arith
kleing@24333
  1095
huffman@24465
  1096
lemma unat_sub: "b <= a ==> unat (a - b) = unat a - unat (b :: 'a :: len word)"
kleing@24333
  1097
  by unat_arith
kleing@24333
  1098
kleing@24333
  1099
lemmas no_olen_add_nat = no_plus_overflow_unat_size [unfolded word_size]
kleing@24333
  1100
kleing@24333
  1101
lemmas unat_plus_simple = trans [OF no_olen_add_nat unat_add_lem, standard]
kleing@24333
  1102
kleing@24333
  1103
lemma word_div_mult: 
huffman@24465
  1104
  "(0 :: 'a :: len word) < y ==> unat x * unat y < 2 ^ len_of TYPE('a) ==> 
kleing@24333
  1105
    x * y div y = x"
kleing@24333
  1106
  apply unat_arith
kleing@24333
  1107
  apply clarsimp
kleing@24333
  1108
  apply (subst unat_mult_lem [THEN iffD1])
kleing@24333
  1109
  apply auto
kleing@24333
  1110
  done
kleing@24333
  1111
huffman@24465
  1112
lemma div_lt': "(i :: 'a :: len word) <= k div x ==> 
huffman@24465
  1113
    unat i * unat x < 2 ^ len_of TYPE('a)"
kleing@24333
  1114
  apply unat_arith
kleing@24333
  1115
  apply clarsimp
kleing@24333
  1116
  apply (drule mult_le_mono1)
kleing@24333
  1117
  apply (erule order_le_less_trans)
kleing@24333
  1118
  apply (rule xtr7 [OF unat_lt2p div_mult_le])
kleing@24333
  1119
  done
kleing@24333
  1120
kleing@24333
  1121
lemmas div_lt'' = order_less_imp_le [THEN div_lt']
kleing@24333
  1122
huffman@24465
  1123
lemma div_lt_mult: "(i :: 'a :: len word) < k div x ==> 0 < x ==> i * x < k"
kleing@24333
  1124
  apply (frule div_lt'' [THEN unat_mult_lem [THEN iffD1]])
kleing@24333
  1125
  apply (simp add: unat_arith_simps)
kleing@24333
  1126
  apply (drule (1) mult_less_mono1)
kleing@24333
  1127
  apply (erule order_less_le_trans)
kleing@24333
  1128
  apply (rule div_mult_le)
kleing@24333
  1129
  done
kleing@24333
  1130
kleing@24333
  1131
lemma div_le_mult: 
huffman@24465
  1132
  "(i :: 'a :: len word) <= k div x ==> 0 < x ==> i * x <= k"
kleing@24333
  1133
  apply (frule div_lt' [THEN unat_mult_lem [THEN iffD1]])
kleing@24333
  1134
  apply (simp add: unat_arith_simps)
kleing@24333
  1135
  apply (drule mult_le_mono1)
kleing@24333
  1136
  apply (erule order_trans)
kleing@24333
  1137
  apply (rule div_mult_le)
kleing@24333
  1138
  done
kleing@24333
  1139
kleing@24333
  1140
lemma div_lt_uint': 
huffman@24465
  1141
  "(i :: 'a :: len word) <= k div x ==> uint i * uint x < 2 ^ len_of TYPE('a)"
kleing@24333
  1142
  apply (unfold uint_nat)
kleing@24333
  1143
  apply (drule div_lt')
kleing@24333
  1144
  apply (simp add: zmult_int zless_nat_eq_int_zless [symmetric] 
kleing@24333
  1145
                   nat_power_eq)
kleing@24333
  1146
  done
kleing@24333
  1147
kleing@24333
  1148
lemmas div_lt_uint'' = order_less_imp_le [THEN div_lt_uint']
kleing@24333
  1149
kleing@24333
  1150
lemma word_le_exists': 
huffman@24465
  1151
  "(x :: 'a :: len0 word) <= y ==> 
huffman@24465
  1152
    (EX z. y = x + z & uint x + uint z < 2 ^ len_of TYPE('a))"
kleing@24333
  1153
  apply (rule exI)
kleing@24333
  1154
  apply (rule conjI)
kleing@24333
  1155
  apply (rule zadd_diff_inverse)
kleing@24333
  1156
  apply uint_arith
kleing@24333
  1157
  done
kleing@24333
  1158
kleing@24333
  1159
lemmas plus_minus_not_NULL = order_less_imp_le [THEN plus_minus_not_NULL_ab]
kleing@24333
  1160
kleing@24333
  1161
lemmas plus_minus_no_overflow =
kleing@24333
  1162
  order_less_imp_le [THEN plus_minus_no_overflow_ab]
kleing@24333
  1163
  
kleing@24333
  1164
lemmas mcs = word_less_minus_cancel word_less_minus_mono_left
kleing@24333
  1165
  word_le_minus_cancel word_le_minus_mono_left
kleing@24333
  1166
wenzelm@25350
  1167
lemmas word_l_diffs = mcs [where y = "w + x", unfolded add_diff_cancel, standard]
wenzelm@25350
  1168
lemmas word_diff_ls = mcs [where z = "w + x", unfolded add_diff_cancel, standard]
kleing@24333
  1169
lemmas word_plus_mcs = word_diff_ls 
wenzelm@25350
  1170
  [where y = "v + x", unfolded add_diff_cancel, standard]
kleing@24333
  1171
kleing@24333
  1172
lemmas le_unat_uoi = unat_le [THEN word_unat.Abs_inverse]
kleing@24333
  1173
kleing@24333
  1174
lemmas thd = refl [THEN [2] split_div_lemma [THEN iffD2], THEN conjunct1]
kleing@24333
  1175
kleing@24333
  1176
lemma thd1:
kleing@24333
  1177
  "a div b * b \<le> (a::nat)"
kleing@24333
  1178
  using gt_or_eq_0 [of b]
kleing@24333
  1179
  apply (rule disjE)
kleing@24333
  1180
   apply (erule xtr4 [OF thd mult_commute])
kleing@24333
  1181
  apply clarsimp
kleing@24333
  1182
  done
kleing@24333
  1183
kleing@24333
  1184
lemmas uno_simps [THEN le_unat_uoi, standard] =
kleing@24333
  1185
  mod_le_divisor div_le_dividend thd1 
kleing@24333
  1186
kleing@24333
  1187
lemma word_mod_div_equality:
huffman@24465
  1188
  "(n div b) * b + (n mod b) = (n :: 'a :: len word)"
kleing@24333
  1189
  apply (unfold word_less_nat_alt word_arith_nat_defs)
kleing@24333
  1190
  apply (cut_tac y="unat b" in gt_or_eq_0)
kleing@24333
  1191
  apply (erule disjE)
kleing@24333
  1192
   apply (simp add: mod_div_equality uno_simps)
kleing@24333
  1193
  apply simp
kleing@24333
  1194
  done
kleing@24333
  1195
huffman@24465
  1196
lemma word_div_mult_le: "a div b * b <= (a::'a::len word)"
kleing@24333
  1197
  apply (unfold word_le_nat_alt word_arith_nat_defs)
kleing@24333
  1198
  apply (cut_tac y="unat b" in gt_or_eq_0)
kleing@24333
  1199
  apply (erule disjE)
kleing@24333
  1200
   apply (simp add: div_mult_le uno_simps)
kleing@24333
  1201
  apply simp
kleing@24333
  1202
  done
kleing@24333
  1203
huffman@24465
  1204
lemma word_mod_less_divisor: "0 < n ==> m mod n < (n :: 'a :: len word)"
kleing@24333
  1205
  apply (simp only: word_less_nat_alt word_arith_nat_defs)
kleing@24333
  1206
  apply (clarsimp simp add : uno_simps)
kleing@24333
  1207
  done
kleing@24333
  1208
kleing@24333
  1209
lemma word_of_int_power_hom: 
huffman@24465
  1210
  "word_of_int a ^ n = (word_of_int (a ^ n) :: 'a :: len word)"
kleing@24333
  1211
  by (induct n) (simp_all add : word_of_int_hom_syms power_Suc)
kleing@24333
  1212
kleing@24333
  1213
lemma word_arith_power_alt: 
huffman@24465
  1214
  "a ^ n = (word_of_int (uint a ^ n) :: 'a :: len word)"
kleing@24333
  1215
  by (simp add : word_of_int_power_hom [symmetric])
kleing@24333
  1216
huffman@24465
  1217
lemma of_bl_length_less: 
huffman@24465
  1218
  "length x = k ==> k < len_of TYPE('a) ==> (of_bl x :: 'a :: len word) < 2 ^ k"
huffman@24465
  1219
  apply (unfold of_bl_no [unfolded word_number_of_def]
huffman@24465
  1220
                word_less_alt word_number_of_alt)
huffman@24465
  1221
  apply safe
huffman@24465
  1222
  apply (simp (no_asm) add: word_of_int_power_hom word_uint.eq_norm 
huffman@24465
  1223
                       del: word_of_int_bin)
huffman@24465
  1224
  apply (simp add: mod_pos_pos_trivial)
huffman@24465
  1225
  apply (subst mod_pos_pos_trivial)
huffman@24465
  1226
    apply (rule bl_to_bin_ge0)
huffman@24465
  1227
   apply (rule order_less_trans)
huffman@24465
  1228
    apply (rule bl_to_bin_lt2p)
huffman@24465
  1229
   apply simp
huffman@24465
  1230
  apply (rule bl_to_bin_lt2p)    
huffman@24465
  1231
  done
huffman@24465
  1232
kleing@24333
  1233
huffman@24350
  1234
subsection "Cardinality, finiteness of set of words"
kleing@24333
  1235
kleing@24333
  1236
lemmas card_lessThan' = card_lessThan [unfolded lessThan_def]
kleing@24333
  1237
kleing@24333
  1238
lemmas card_eq = word_unat.Abs_inj_on [THEN card_image,
kleing@24333
  1239
  unfolded word_unat.image, unfolded unats_def, standard]
kleing@24333
  1240
kleing@24333
  1241
lemmas card_word = trans [OF card_eq card_lessThan', standard]
kleing@24333
  1242
huffman@24465
  1243
lemma finite_word_UNIV: "finite (UNIV :: 'a :: len word set)"
nipkow@25134
  1244
apply (rule contrapos_np)
nipkow@25134
  1245
 prefer 2
nipkow@25134
  1246
 apply (erule card_infinite)
nipkow@25134
  1247
apply (simp add: card_word)
nipkow@25134
  1248
done
kleing@24333
  1249
kleing@24333
  1250
lemma card_word_size: 
huffman@24465
  1251
  "card (UNIV :: 'a :: len word set) = (2 ^ size (x :: 'a word))"
nipkow@25134
  1252
unfolding word_size by (rule card_word)
kleing@24333
  1253
kleing@24333
  1254
end