src/HOL/Complex/ex/MIR.thy
author chaieb
Mon Jun 11 11:06:11 2007 +0200 (2007-06-11)
changeset 23316 26c978a475de
parent 23264 324622260d29
child 23464 bc2563c37b1a
permissions -rw-r--r--
tuned Proof and Document
     1 (*  Title:      Complex/ex/MIR.thy
     2     Author:     Amine Chaieb
     3 *)
     4 
     5 header {* Quatifier elimination for R(0,1,+,floor,<) *}
     6 
     7 theory MIR
     8   imports Real GCD
     9   uses ("mireif.ML") ("mirtac.ML")
    10   begin
    11 
    12 declare real_of_int_floor_cancel [simp del]
    13 
    14   (* All pairs from two lists *)
    15 
    16 lemma allpairs_set: "set (allpairs Pair xs ys) = {(x,y). x\<in> set xs \<and> y \<in> set ys}"
    17 by (induct xs) auto
    18 
    19 fun alluopairs:: "'a list \<Rightarrow> ('a \<times> 'a) list" where 
    20   "alluopairs [] = []"
    21 | "alluopairs (x#xs) = (map (Pair x) (x#xs))@(alluopairs xs)"
    22 
    23 lemma alluopairs_set1: "set (alluopairs xs) \<le> {(x,y). x\<in> set xs \<and> y\<in> set xs}"
    24 by (induct xs, auto)
    25 
    26 lemma alluopairs_set:
    27   "\<lbrakk>x\<in> set xs ; y \<in> set xs\<rbrakk> \<Longrightarrow> (x,y) \<in> set (alluopairs xs) \<or> (y,x) \<in> set (alluopairs xs) "
    28 by (induct xs, auto)
    29 
    30 lemma alluopairs_ex:
    31   assumes Pc: "\<forall> x y. P x y = P y x"
    32   shows "(\<exists> x \<in> set xs. \<exists> y \<in> set xs. P x y) = (\<exists> (x,y) \<in> set (alluopairs xs). P x y)"
    33 proof
    34   assume "\<exists>x\<in>set xs. \<exists>y\<in>set xs. P x y"
    35   then obtain x y where x: "x \<in> set xs" and y:"y \<in> set xs" and P: "P x y"  by blast
    36   from alluopairs_set[OF x y] P Pc show"\<exists>(x, y)\<in>set (alluopairs xs). P x y" 
    37     by auto
    38 next
    39   assume "\<exists>(x, y)\<in>set (alluopairs xs). P x y"
    40   then obtain "x" and "y"  where xy:"(x,y) \<in> set (alluopairs xs)" and P: "P x y" by blast+
    41   from xy have "x \<in> set xs \<and> y\<in> set xs" using alluopairs_set1 by blast
    42   with P show "\<exists>x\<in>set xs. \<exists>y\<in>set xs. P x y" by blast
    43 qed
    44 
    45   (* generate a list from i to j*)
    46 consts iupt :: "int \<times> int \<Rightarrow> int list"
    47 recdef iupt "measure (\<lambda> (i,j). nat (j-i +1))" 
    48   "iupt (i,j) = (if j <i then [] else (i# iupt(i+1, j)))"
    49 
    50 lemma iupt_set: "set (iupt(i,j)) = {i .. j}"
    51 proof(induct rule: iupt.induct)
    52   case (1 a b)
    53   show ?case
    54     using prems by (simp add: simp_from_to)
    55 qed
    56 
    57 lemma nth_pos2: "0 < n \<Longrightarrow> (x#xs) ! n = xs ! (n - 1)"
    58 using Nat.gr0_conv_Suc
    59 by clarsimp
    60 
    61 
    62 lemma myl: "\<forall> (a::'a::{pordered_ab_group_add}) (b::'a). (a \<le> b) = (0 \<le> b - a)" 
    63 proof(clarify)
    64   fix x y ::"'a"
    65   have "(x \<le> y) = (x - y \<le> 0)" by (simp only: le_iff_diff_le_0[where a="x" and b="y"])
    66   also have "\<dots> = (- (y - x) \<le> 0)" by simp
    67   also have "\<dots> = (0 \<le> y - x)" by (simp only: neg_le_0_iff_le[where a="y-x"])
    68   finally show "(x \<le> y) = (0 \<le> y - x)" .
    69 qed
    70 
    71 lemma myless: "\<forall> (a::'a::{pordered_ab_group_add}) (b::'a). (a < b) = (0 < b - a)" 
    72 proof(clarify)
    73   fix x y ::"'a"
    74   have "(x < y) = (x - y < 0)" by (simp only: less_iff_diff_less_0[where a="x" and b="y"])
    75   also have "\<dots> = (- (y - x) < 0)" by simp
    76   also have "\<dots> = (0 < y - x)" by (simp only: neg_less_0_iff_less[where a="y-x"])
    77   finally show "(x < y) = (0 < y - x)" .
    78 qed
    79 
    80 lemma myeq: "\<forall> (a::'a::{pordered_ab_group_add}) (b::'a). (a = b) = (0 = b - a)"
    81   by auto
    82 
    83   (* Maybe should be added to the library \<dots> *)
    84 lemma floor_int_eq: "(real n\<le> x \<and> x < real (n+1)) = (floor x = n)"
    85 proof( auto)
    86   assume lb: "real n \<le> x"
    87     and ub: "x < real n + 1"
    88   have "real (floor x) \<le> x" by simp 
    89   hence "real (floor x) < real (n + 1) " using ub by arith
    90   hence "floor x < n+1" by simp
    91   moreover from lb have "n \<le> floor x" using floor_mono2[where x="real n" and y="x"] 
    92     by simp ultimately show "floor x = n" by simp
    93 qed
    94 
    95 (* Periodicity of dvd *)
    96 lemma dvd_period:
    97   assumes advdd: "(a::int) dvd d"
    98   shows "(a dvd (x + t)) = (a dvd ((x+ c*d) + t))"
    99   using advdd  
   100 proof-
   101   {fix x k
   102     from inf_period(3)[OF advdd, rule_format, where x=x and k="-k"]  
   103     have " ((a::int) dvd (x + t)) = (a dvd (x+k*d + t))" by simp}
   104   hence "\<forall>x.\<forall>k. ((a::int) dvd (x + t)) = (a dvd (x+k*d + t))"  by simp
   105   then show ?thesis by simp
   106 qed
   107 
   108   (* The Divisibility relation between reals *)	
   109 consts rdvd:: "real \<Rightarrow> real \<Rightarrow> bool" (infixl 50)
   110 defs rdvd_def: "x rdvd y \<equiv> \<exists> (k::int). y=x*(real k)"
   111 
   112 lemma int_rdvd_real: 
   113   shows "real (i::int) rdvd x = (i dvd (floor x) \<and> real (floor x) = x)" (is "?l = ?r")
   114 proof
   115   assume "?l" 
   116   hence th: "\<exists> k. x=real (i*k)" by (simp add: rdvd_def)
   117   hence th': "real (floor x) = x" by (auto simp del: real_of_int_mult)
   118   with th have "\<exists> k. real (floor x) = real (i*k)" by simp
   119   hence "\<exists> k. floor x = i*k" by (simp only: real_of_int_inject)
   120   thus ?r  using th' by (simp add: dvd_def) 
   121 next
   122   assume "?r" hence "(i\<Colon>int) dvd \<lfloor>x\<Colon>real\<rfloor>" ..
   123   hence "\<exists> k. real (floor x) = real (i*k)" 
   124     by (simp only: real_of_int_inject) (simp add: dvd_def)
   125   thus ?l using prems by (simp add: rdvd_def)
   126 qed
   127 
   128 lemma int_rdvd_iff: "(real (i::int) rdvd real t) = (i dvd t)"
   129 by (auto simp add: rdvd_def dvd_def) (rule_tac x="k" in exI, simp only :real_of_int_mult[symmetric])
   130 
   131 
   132 lemma rdvd_abs1: 
   133   "(abs (real d) rdvd t) = (real (d ::int) rdvd t)"
   134 proof
   135   assume d: "real d rdvd t"
   136   from d int_rdvd_real have d2: "d dvd (floor t)" and ti: "real (floor t) = t" by auto
   137 
   138   from iffD1[OF zdvd_abs1] d2 have "(abs d) dvd (floor t)" by blast
   139   with ti int_rdvd_real[symmetric] have "real (abs d) rdvd t" by blast 
   140   thus "abs (real d) rdvd t" by simp
   141 next
   142   assume "abs (real d) rdvd t" hence "real (abs d) rdvd t" by simp
   143   with int_rdvd_real[where i="abs d" and x="t"] have d2: "abs d dvd floor t" and ti: "real (floor t) =t" by auto
   144   from iffD2[OF zdvd_abs1] d2 have "d dvd floor t" by blast
   145   with ti int_rdvd_real[symmetric] show "real d rdvd t" by blast
   146 qed
   147 
   148 lemma rdvd_minus: "(real (d::int) rdvd t) = (real d rdvd -t)"
   149   apply (auto simp add: rdvd_def)
   150   apply (rule_tac x="-k" in exI, simp) 
   151   apply (rule_tac x="-k" in exI, simp)
   152 done
   153 
   154 lemma rdvd_left_0_eq: "(0 rdvd t) = (t=0)"
   155 by (auto simp add: rdvd_def)
   156 
   157 lemma rdvd_mult: 
   158   assumes knz: "k\<noteq>0"
   159   shows "(real (n::int) * real (k::int) rdvd x * real k) = (real n rdvd x)"
   160 using knz by (simp add:rdvd_def)
   161 
   162 lemma rdvd_trans: assumes mn:"m rdvd n" and  nk:"n rdvd k" 
   163   shows "m rdvd k"
   164 proof-
   165   from rdvd_def mn obtain c where nmc:"n = m * real (c::int)" by auto
   166   from rdvd_def nk obtain c' where nkc:"k = n * real (c'::int)" by auto
   167   hence "k = m * real (c * c')" using nmc by simp
   168   thus ?thesis using rdvd_def by blast
   169 qed
   170 
   171   (*********************************************************************************)
   172   (****                            SHADOW SYNTAX AND SEMANTICS                  ****)
   173   (*********************************************************************************)
   174 
   175 datatype num = C int | Bound nat | CN nat int num | Neg num | Add num num| Sub num num 
   176   | Mul int num | Floor num| CF int num num
   177 
   178   (* A size for num to make inductive proofs simpler*)
   179 fun num_size :: "num \<Rightarrow> nat" where
   180  "num_size (C c) = 1"
   181 | "num_size (Bound n) = 1"
   182 | "num_size (Neg a) = 1 + num_size a"
   183 | "num_size (Add a b) = 1 + num_size a + num_size b"
   184 | "num_size (Sub a b) = 3 + num_size a + num_size b"
   185 | "num_size (CN n c a) = 4 + num_size a "
   186 | "num_size (CF c a b) = 4 + num_size a + num_size b"
   187 | "num_size (Mul c a) = 1 + num_size a"
   188 | "num_size (Floor a) = 1 + num_size a"
   189 
   190   (* Semantics of numeral terms (num) *)
   191 fun Inum :: "real list \<Rightarrow> num \<Rightarrow> real" where
   192   "Inum bs (C c) = (real c)"
   193 | "Inum bs (Bound n) = bs!n"
   194 | "Inum bs (CN n c a) = (real c) * (bs!n) + (Inum bs a)"
   195 | "Inum bs (Neg a) = -(Inum bs a)"
   196 | "Inum bs (Add a b) = Inum bs a + Inum bs b"
   197 | "Inum bs (Sub a b) = Inum bs a - Inum bs b"
   198 | "Inum bs (Mul c a) = (real c) * Inum bs a"
   199 | "Inum bs (Floor a) = real (floor (Inum bs a))"
   200 | "Inum bs (CF c a b) = real c * real (floor (Inum bs a)) + Inum bs b"
   201 definition "isint t bs \<equiv> real (floor (Inum bs t)) = Inum bs t"
   202 
   203 lemma isint_iff: "isint n bs = (real (floor (Inum bs n)) = Inum bs n)"
   204 by (simp add: isint_def)
   205 
   206 lemma isint_Floor: "isint (Floor n) bs"
   207   by (simp add: isint_iff)
   208 
   209 lemma isint_Mul: "isint e bs \<Longrightarrow> isint (Mul c e) bs"
   210 proof-
   211   let ?e = "Inum bs e"
   212   let ?fe = "floor ?e"
   213   assume be: "isint e bs" hence efe:"real ?fe = ?e" by (simp add: isint_iff)
   214   have "real ((floor (Inum bs (Mul c e)))) = real (floor (real (c * ?fe)))" using efe by simp
   215   also have "\<dots> = real (c* ?fe)" by (simp only: floor_real_of_int) 
   216   also have "\<dots> = real c * ?e" using efe by simp
   217   finally show ?thesis using isint_iff by simp
   218 qed
   219 
   220 lemma isint_neg: "isint e bs \<Longrightarrow> isint (Neg e) bs"
   221 proof-
   222   let ?I = "\<lambda> t. Inum bs t"
   223   assume ie: "isint e bs"
   224   hence th: "real (floor (?I e)) = ?I e" by (simp add: isint_def)  
   225   have "real (floor (?I (Neg e))) = real (floor (- (real (floor (?I e)))))" by (simp add: th)
   226   also have "\<dots> = - real (floor (?I e))" by(simp add: floor_minus_real_of_int) 
   227   finally show "isint (Neg e) bs" by (simp add: isint_def th)
   228 qed
   229 
   230 lemma isint_sub: 
   231   assumes ie: "isint e bs" shows "isint (Sub (C c) e) bs"
   232 proof-
   233   let ?I = "\<lambda> t. Inum bs t"
   234   from ie have th: "real (floor (?I e)) = ?I e" by (simp add: isint_def)  
   235   have "real (floor (?I (Sub (C c) e))) = real (floor ((real (c -floor (?I e)))))" by (simp add: th)
   236   also have "\<dots> = real (c- floor (?I e))" by(simp add: floor_minus_real_of_int) 
   237   finally show "isint (Sub (C c) e) bs" by (simp add: isint_def th)
   238 qed
   239 
   240 lemma isint_add: assumes
   241   ai:"isint a bs" and bi: "isint b bs" shows "isint (Add a b) bs"
   242 proof-
   243   let ?a = "Inum bs a"
   244   let ?b = "Inum bs b"
   245   from ai bi isint_iff have "real (floor (?a + ?b)) = real (floor (real (floor ?a) + real (floor ?b)))" by simp
   246   also have "\<dots> = real (floor ?a) + real (floor ?b)" by simp
   247   also have "\<dots> = ?a + ?b" using ai bi isint_iff by simp
   248   finally show "isint (Add a b) bs" by (simp add: isint_iff)
   249 qed
   250 
   251 lemma isint_c: "isint (C j) bs"
   252   by (simp add: isint_iff)
   253 
   254 
   255     (* FORMULAE *)
   256 datatype fm  = 
   257   T| F| Lt num| Le num| Gt num| Ge num| Eq num| NEq num| Dvd int num| NDvd int num|
   258   NOT fm| And fm fm|  Or fm fm| Imp fm fm| Iff fm fm| E fm| A fm
   259 
   260 
   261   (* A size for fm *)
   262 fun fmsize :: "fm \<Rightarrow> nat" where
   263  "fmsize (NOT p) = 1 + fmsize p"
   264 | "fmsize (And p q) = 1 + fmsize p + fmsize q"
   265 | "fmsize (Or p q) = 1 + fmsize p + fmsize q"
   266 | "fmsize (Imp p q) = 3 + fmsize p + fmsize q"
   267 | "fmsize (Iff p q) = 3 + 2*(fmsize p + fmsize q)"
   268 | "fmsize (E p) = 1 + fmsize p"
   269 | "fmsize (A p) = 4+ fmsize p"
   270 | "fmsize (Dvd i t) = 2"
   271 | "fmsize (NDvd i t) = 2"
   272 | "fmsize p = 1"
   273   (* several lemmas about fmsize *)
   274 lemma fmsize_pos: "fmsize p > 0"	
   275 by (induct p rule: fmsize.induct) simp_all
   276 
   277   (* Semantics of formulae (fm) *)
   278 fun Ifm ::"real list \<Rightarrow> fm \<Rightarrow> bool" where
   279   "Ifm bs T = True"
   280 | "Ifm bs F = False"
   281 | "Ifm bs (Lt a) = (Inum bs a < 0)"
   282 | "Ifm bs (Gt a) = (Inum bs a > 0)"
   283 | "Ifm bs (Le a) = (Inum bs a \<le> 0)"
   284 | "Ifm bs (Ge a) = (Inum bs a \<ge> 0)"
   285 | "Ifm bs (Eq a) = (Inum bs a = 0)"
   286 | "Ifm bs (NEq a) = (Inum bs a \<noteq> 0)"
   287 | "Ifm bs (Dvd i b) = (real i rdvd Inum bs b)"
   288 | "Ifm bs (NDvd i b) = (\<not>(real i rdvd Inum bs b))"
   289 | "Ifm bs (NOT p) = (\<not> (Ifm bs p))"
   290 | "Ifm bs (And p q) = (Ifm bs p \<and> Ifm bs q)"
   291 | "Ifm bs (Or p q) = (Ifm bs p \<or> Ifm bs q)"
   292 | "Ifm bs (Imp p q) = ((Ifm bs p) \<longrightarrow> (Ifm bs q))"
   293 | "Ifm bs (Iff p q) = (Ifm bs p = Ifm bs q)"
   294 | "Ifm bs (E p) = (\<exists> x. Ifm (x#bs) p)"
   295 | "Ifm bs (A p) = (\<forall> x. Ifm (x#bs) p)"
   296 
   297 consts prep :: "fm \<Rightarrow> fm"
   298 recdef prep "measure fmsize"
   299   "prep (E T) = T"
   300   "prep (E F) = F"
   301   "prep (E (Or p q)) = Or (prep (E p)) (prep (E q))"
   302   "prep (E (Imp p q)) = Or (prep (E (NOT p))) (prep (E q))"
   303   "prep (E (Iff p q)) = Or (prep (E (And p q))) (prep (E (And (NOT p) (NOT q))))" 
   304   "prep (E (NOT (And p q))) = Or (prep (E (NOT p))) (prep (E(NOT q)))"
   305   "prep (E (NOT (Imp p q))) = prep (E (And p (NOT q)))"
   306   "prep (E (NOT (Iff p q))) = Or (prep (E (And p (NOT q)))) (prep (E(And (NOT p) q)))"
   307   "prep (E p) = E (prep p)"
   308   "prep (A (And p q)) = And (prep (A p)) (prep (A q))"
   309   "prep (A p) = prep (NOT (E (NOT p)))"
   310   "prep (NOT (NOT p)) = prep p"
   311   "prep (NOT (And p q)) = Or (prep (NOT p)) (prep (NOT q))"
   312   "prep (NOT (A p)) = prep (E (NOT p))"
   313   "prep (NOT (Or p q)) = And (prep (NOT p)) (prep (NOT q))"
   314   "prep (NOT (Imp p q)) = And (prep p) (prep (NOT q))"
   315   "prep (NOT (Iff p q)) = Or (prep (And p (NOT q))) (prep (And (NOT p) q))"
   316   "prep (NOT p) = NOT (prep p)"
   317   "prep (Or p q) = Or (prep p) (prep q)"
   318   "prep (And p q) = And (prep p) (prep q)"
   319   "prep (Imp p q) = prep (Or (NOT p) q)"
   320   "prep (Iff p q) = Or (prep (And p q)) (prep (And (NOT p) (NOT q)))"
   321   "prep p = p"
   322 (hints simp add: fmsize_pos)
   323 lemma prep: "\<And> bs. Ifm bs (prep p) = Ifm bs p"
   324 by (induct p rule: prep.induct, auto)
   325 
   326 
   327   (* Quantifier freeness *)
   328 consts qfree:: "fm \<Rightarrow> bool"
   329 recdef qfree "measure size"
   330   "qfree (E p) = False"
   331   "qfree (A p) = False"
   332   "qfree (NOT p) = qfree p" 
   333   "qfree (And p q) = (qfree p \<and> qfree q)" 
   334   "qfree (Or  p q) = (qfree p \<and> qfree q)" 
   335   "qfree (Imp p q) = (qfree p \<and> qfree q)" 
   336   "qfree (Iff p q) = (qfree p \<and> qfree q)"
   337   "qfree p = True"
   338 
   339   (* Boundedness and substitution *)
   340 consts 
   341   numbound0:: "num \<Rightarrow> bool" (* a num is INDEPENDENT of Bound 0 *)
   342   bound0:: "fm \<Rightarrow> bool" (* A Formula is independent of Bound 0 *)
   343   numsubst0:: "num \<Rightarrow> num \<Rightarrow> num" (* substitute a num into a num for Bound 0 *)
   344   subst0:: "num \<Rightarrow> fm \<Rightarrow> fm" (* substitue a num into a formula for Bound 0 *)
   345 primrec
   346   "numbound0 (C c) = True"
   347   "numbound0 (Bound n) = (n>0)"
   348   "numbound0 (CN n i a) = (n > 0 \<and> numbound0 a)"
   349   "numbound0 (Neg a) = numbound0 a"
   350   "numbound0 (Add a b) = (numbound0 a \<and> numbound0 b)"
   351   "numbound0 (Sub a b) = (numbound0 a \<and> numbound0 b)" 
   352   "numbound0 (Mul i a) = numbound0 a"
   353   "numbound0 (Floor a) = numbound0 a"
   354   "numbound0 (CF c a b) = (numbound0 a \<and> numbound0 b)" 
   355 lemma numbound0_I:
   356   assumes nb: "numbound0 a"
   357   shows "Inum (b#bs) a = Inum (b'#bs) a"
   358 using nb
   359 by (induct a rule: numbound0.induct) (auto simp add: nth_pos2)
   360 
   361 
   362 lemma numbound0_gen: 
   363   assumes nb: "numbound0 t" and ti: "isint t (x#bs)"
   364   shows "\<forall> y. isint t (y#bs)"
   365 using nb ti 
   366 proof(clarify)
   367   fix y
   368   from numbound0_I[OF nb, where bs="bs" and b="y" and b'="x"] ti[simplified isint_def]
   369   show "isint t (y#bs)"
   370     by (simp add: isint_def)
   371 qed
   372 
   373 primrec
   374   "bound0 T = True"
   375   "bound0 F = True"
   376   "bound0 (Lt a) = numbound0 a"
   377   "bound0 (Le a) = numbound0 a"
   378   "bound0 (Gt a) = numbound0 a"
   379   "bound0 (Ge a) = numbound0 a"
   380   "bound0 (Eq a) = numbound0 a"
   381   "bound0 (NEq a) = numbound0 a"
   382   "bound0 (Dvd i a) = numbound0 a"
   383   "bound0 (NDvd i a) = numbound0 a"
   384   "bound0 (NOT p) = bound0 p"
   385   "bound0 (And p q) = (bound0 p \<and> bound0 q)"
   386   "bound0 (Or p q) = (bound0 p \<and> bound0 q)"
   387   "bound0 (Imp p q) = ((bound0 p) \<and> (bound0 q))"
   388   "bound0 (Iff p q) = (bound0 p \<and> bound0 q)"
   389   "bound0 (E p) = False"
   390   "bound0 (A p) = False"
   391 
   392 lemma bound0_I:
   393   assumes bp: "bound0 p"
   394   shows "Ifm (b#bs) p = Ifm (b'#bs) p"
   395 using bp numbound0_I[where b="b" and bs="bs" and b'="b'"]
   396 by (induct p rule: bound0.induct) (auto simp add: nth_pos2)
   397 
   398 primrec
   399   "numsubst0 t (C c) = (C c)"
   400   "numsubst0 t (Bound n) = (if n=0 then t else Bound n)"
   401   "numsubst0 t (CN n i a) = (if n=0 then Add (Mul i t) (numsubst0 t a) else CN n i (numsubst0 t a))"
   402   "numsubst0 t (CF i a b) = CF i (numsubst0 t a) (numsubst0 t b)"
   403   "numsubst0 t (Neg a) = Neg (numsubst0 t a)"
   404   "numsubst0 t (Add a b) = Add (numsubst0 t a) (numsubst0 t b)"
   405   "numsubst0 t (Sub a b) = Sub (numsubst0 t a) (numsubst0 t b)" 
   406   "numsubst0 t (Mul i a) = Mul i (numsubst0 t a)"
   407   "numsubst0 t (Floor a) = Floor (numsubst0 t a)"
   408 
   409 lemma numsubst0_I:
   410   shows "Inum (b#bs) (numsubst0 a t) = Inum ((Inum (b#bs) a)#bs) t"
   411   by (induct t) (simp_all add: nth_pos2)
   412 
   413 lemma numsubst0_I':
   414   assumes nb: "numbound0 a"
   415   shows "Inum (b#bs) (numsubst0 a t) = Inum ((Inum (b'#bs) a)#bs) t"
   416   by (induct t) (simp_all add: nth_pos2 numbound0_I[OF nb, where b="b" and b'="b'"])
   417 
   418 
   419 primrec
   420   "subst0 t T = T"
   421   "subst0 t F = F"
   422   "subst0 t (Lt a) = Lt (numsubst0 t a)"
   423   "subst0 t (Le a) = Le (numsubst0 t a)"
   424   "subst0 t (Gt a) = Gt (numsubst0 t a)"
   425   "subst0 t (Ge a) = Ge (numsubst0 t a)"
   426   "subst0 t (Eq a) = Eq (numsubst0 t a)"
   427   "subst0 t (NEq a) = NEq (numsubst0 t a)"
   428   "subst0 t (Dvd i a) = Dvd i (numsubst0 t a)"
   429   "subst0 t (NDvd i a) = NDvd i (numsubst0 t a)"
   430   "subst0 t (NOT p) = NOT (subst0 t p)"
   431   "subst0 t (And p q) = And (subst0 t p) (subst0 t q)"
   432   "subst0 t (Or p q) = Or (subst0 t p) (subst0 t q)"
   433   "subst0 t (Imp p q) = Imp (subst0 t p) (subst0 t q)"
   434   "subst0 t (Iff p q) = Iff (subst0 t p) (subst0 t q)"
   435 
   436 lemma subst0_I: assumes qfp: "qfree p"
   437   shows "Ifm (b#bs) (subst0 a p) = Ifm ((Inum (b#bs) a)#bs) p"
   438   using qfp numsubst0_I[where b="b" and bs="bs" and a="a"]
   439   by (induct p) (simp_all add: nth_pos2 )
   440 
   441 consts 
   442   decrnum:: "num \<Rightarrow> num" 
   443   decr :: "fm \<Rightarrow> fm"
   444 
   445 recdef decrnum "measure size"
   446   "decrnum (Bound n) = Bound (n - 1)"
   447   "decrnum (Neg a) = Neg (decrnum a)"
   448   "decrnum (Add a b) = Add (decrnum a) (decrnum b)"
   449   "decrnum (Sub a b) = Sub (decrnum a) (decrnum b)"
   450   "decrnum (Mul c a) = Mul c (decrnum a)"
   451   "decrnum (Floor a) = Floor (decrnum a)"
   452   "decrnum (CN n c a) = CN (n - 1) c (decrnum a)"
   453   "decrnum (CF c a b) = CF c (decrnum a) (decrnum b)"
   454   "decrnum a = a"
   455 
   456 recdef decr "measure size"
   457   "decr (Lt a) = Lt (decrnum a)"
   458   "decr (Le a) = Le (decrnum a)"
   459   "decr (Gt a) = Gt (decrnum a)"
   460   "decr (Ge a) = Ge (decrnum a)"
   461   "decr (Eq a) = Eq (decrnum a)"
   462   "decr (NEq a) = NEq (decrnum a)"
   463   "decr (Dvd i a) = Dvd i (decrnum a)"
   464   "decr (NDvd i a) = NDvd i (decrnum a)"
   465   "decr (NOT p) = NOT (decr p)" 
   466   "decr (And p q) = And (decr p) (decr q)"
   467   "decr (Or p q) = Or (decr p) (decr q)"
   468   "decr (Imp p q) = Imp (decr p) (decr q)"
   469   "decr (Iff p q) = Iff (decr p) (decr q)"
   470   "decr p = p"
   471 
   472 lemma decrnum: assumes nb: "numbound0 t"
   473   shows "Inum (x#bs) t = Inum bs (decrnum t)"
   474   using nb by (induct t rule: decrnum.induct, simp_all add: nth_pos2)
   475 
   476 lemma decr: assumes nb: "bound0 p"
   477   shows "Ifm (x#bs) p = Ifm bs (decr p)"
   478   using nb 
   479   by (induct p rule: decr.induct, simp_all add: nth_pos2 decrnum)
   480 
   481 lemma decr_qf: "bound0 p \<Longrightarrow> qfree (decr p)"
   482 by (induct p, simp_all)
   483 
   484 consts 
   485   isatom :: "fm \<Rightarrow> bool" (* test for atomicity *)
   486 recdef isatom "measure size"
   487   "isatom T = True"
   488   "isatom F = True"
   489   "isatom (Lt a) = True"
   490   "isatom (Le a) = True"
   491   "isatom (Gt a) = True"
   492   "isatom (Ge a) = True"
   493   "isatom (Eq a) = True"
   494   "isatom (NEq a) = True"
   495   "isatom (Dvd i b) = True"
   496   "isatom (NDvd i b) = True"
   497   "isatom p = False"
   498 
   499 lemma numsubst0_numbound0: assumes nb: "numbound0 t"
   500   shows "numbound0 (numsubst0 t a)"
   501 using nb by (induct a rule: numsubst0.induct, auto)
   502 
   503 lemma subst0_bound0: assumes qf: "qfree p" and nb: "numbound0 t"
   504   shows "bound0 (subst0 t p)"
   505 using qf numsubst0_numbound0[OF nb] by (induct p  rule: subst0.induct, auto)
   506 
   507 lemma bound0_qf: "bound0 p \<Longrightarrow> qfree p"
   508 by (induct p, simp_all)
   509 
   510 
   511 constdefs djf:: "('a \<Rightarrow> fm) \<Rightarrow> 'a \<Rightarrow> fm \<Rightarrow> fm"
   512   "djf f p q \<equiv> (if q=T then T else if q=F then f p else 
   513   (let fp = f p in case fp of T \<Rightarrow> T | F \<Rightarrow> q | _ \<Rightarrow> Or fp q))"
   514 constdefs evaldjf:: "('a \<Rightarrow> fm) \<Rightarrow> 'a list \<Rightarrow> fm"
   515   "evaldjf f ps \<equiv> foldr (djf f) ps F"
   516 
   517 lemma djf_Or: "Ifm bs (djf f p q) = Ifm bs (Or (f p) q)"
   518 by (cases "q=T", simp add: djf_def,cases "q=F",simp add: djf_def) 
   519 (cases "f p", simp_all add: Let_def djf_def) 
   520 
   521 lemma evaldjf_ex: "Ifm bs (evaldjf f ps) = (\<exists> p \<in> set ps. Ifm bs (f p))"
   522   by(induct ps, simp_all add: evaldjf_def djf_Or)
   523 
   524 lemma evaldjf_bound0: 
   525   assumes nb: "\<forall> x\<in> set xs. bound0 (f x)"
   526   shows "bound0 (evaldjf f xs)"
   527   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   528 
   529 lemma evaldjf_qf: 
   530   assumes nb: "\<forall> x\<in> set xs. qfree (f x)"
   531   shows "qfree (evaldjf f xs)"
   532   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   533 
   534 consts 
   535   disjuncts :: "fm \<Rightarrow> fm list" 
   536   conjuncts :: "fm \<Rightarrow> fm list"
   537 recdef disjuncts "measure size"
   538   "disjuncts (Or p q) = (disjuncts p) @ (disjuncts q)"
   539   "disjuncts F = []"
   540   "disjuncts p = [p]"
   541 
   542 recdef conjuncts "measure size"
   543   "conjuncts (And p q) = (conjuncts p) @ (conjuncts q)"
   544   "conjuncts T = []"
   545   "conjuncts p = [p]"
   546 lemma disjuncts: "(\<exists> q\<in> set (disjuncts p). Ifm bs q) = Ifm bs p"
   547 by(induct p rule: disjuncts.induct, auto)
   548 lemma conjuncts: "(\<forall> q\<in> set (conjuncts p). Ifm bs q) = Ifm bs p"
   549 by(induct p rule: conjuncts.induct, auto)
   550 
   551 lemma disjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). bound0 q"
   552 proof-
   553   assume nb: "bound0 p"
   554   hence "list_all bound0 (disjuncts p)" by (induct p rule:disjuncts.induct,auto)
   555   thus ?thesis by (simp only: list_all_iff)
   556 qed
   557 lemma conjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). bound0 q"
   558 proof-
   559   assume nb: "bound0 p"
   560   hence "list_all bound0 (conjuncts p)" by (induct p rule:conjuncts.induct,auto)
   561   thus ?thesis by (simp only: list_all_iff)
   562 qed
   563 
   564 lemma disjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). qfree q"
   565 proof-
   566   assume qf: "qfree p"
   567   hence "list_all qfree (disjuncts p)"
   568     by (induct p rule: disjuncts.induct, auto)
   569   thus ?thesis by (simp only: list_all_iff)
   570 qed
   571 lemma conjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). qfree q"
   572 proof-
   573   assume qf: "qfree p"
   574   hence "list_all qfree (conjuncts p)"
   575     by (induct p rule: conjuncts.induct, auto)
   576   thus ?thesis by (simp only: list_all_iff)
   577 qed
   578 
   579 constdefs DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm"
   580   "DJ f p \<equiv> evaldjf f (disjuncts p)"
   581 
   582 lemma DJ: assumes fdj: "\<forall> p q. f (Or p q) = Or (f p) (f q)"
   583   and fF: "f F = F"
   584   shows "Ifm bs (DJ f p) = Ifm bs (f p)"
   585 proof-
   586   have "Ifm bs (DJ f p) = (\<exists> q \<in> set (disjuncts p). Ifm bs (f q))"
   587     by (simp add: DJ_def evaldjf_ex) 
   588   also have "\<dots> = Ifm bs (f p)" using fdj fF by (induct p rule: disjuncts.induct, auto)
   589   finally show ?thesis .
   590 qed
   591 
   592 lemma DJ_qf: assumes 
   593   fqf: "\<forall> p. qfree p \<longrightarrow> qfree (f p)"
   594   shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p) "
   595 proof(clarify)
   596   fix  p assume qf: "qfree p"
   597   have th: "DJ f p = evaldjf f (disjuncts p)" by (simp add: DJ_def)
   598   from disjuncts_qf[OF qf] have "\<forall> q\<in> set (disjuncts p). qfree q" .
   599   with fqf have th':"\<forall> q\<in> set (disjuncts p). qfree (f q)" by blast
   600   
   601   from evaldjf_qf[OF th'] th show "qfree (DJ f p)" by simp
   602 qed
   603 
   604 lemma DJ_qe: assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
   605   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (DJ qe p) \<and> (Ifm bs ((DJ qe p)) = Ifm bs (E p))"
   606 proof(clarify)
   607   fix p::fm and bs
   608   assume qf: "qfree p"
   609   from qe have qth: "\<forall> p. qfree p \<longrightarrow> qfree (qe p)" by blast
   610   from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)" by auto
   611   have "Ifm bs (DJ qe p) = (\<exists> q\<in> set (disjuncts p). Ifm bs (qe q))"
   612     by (simp add: DJ_def evaldjf_ex)
   613   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). Ifm bs (E q))" using qe disjuncts_qf[OF qf] by auto
   614   also have "\<dots> = Ifm bs (E p)" by (induct p rule: disjuncts.induct, auto)
   615   finally show "qfree (DJ qe p) \<and> Ifm bs (DJ qe p) = Ifm bs (E p)" using qfth by blast
   616 qed
   617   (* Simplification *)
   618 
   619   (* Algebraic simplifications for nums *)
   620 consts bnds:: "num \<Rightarrow> nat list"
   621   lex_ns:: "nat list \<times> nat list \<Rightarrow> bool"
   622 recdef bnds "measure size"
   623   "bnds (Bound n) = [n]"
   624   "bnds (CN n c a) = n#(bnds a)"
   625   "bnds (Neg a) = bnds a"
   626   "bnds (Add a b) = (bnds a)@(bnds b)"
   627   "bnds (Sub a b) = (bnds a)@(bnds b)"
   628   "bnds (Mul i a) = bnds a"
   629   "bnds (Floor a) = bnds a"
   630   "bnds (CF c a b) = (bnds a)@(bnds b)"
   631   "bnds a = []"
   632 recdef lex_ns "measure (\<lambda> (xs,ys). length xs + length ys)"
   633   "lex_ns ([], ms) = True"
   634   "lex_ns (ns, []) = False"
   635   "lex_ns (n#ns, m#ms) = (n<m \<or> ((n = m) \<and> lex_ns (ns,ms))) "
   636 constdefs lex_bnd :: "num \<Rightarrow> num \<Rightarrow> bool"
   637   "lex_bnd t s \<equiv> lex_ns (bnds t, bnds s)"
   638 
   639 consts 
   640   numgcd :: "num \<Rightarrow> int"
   641   numgcdh:: "num \<Rightarrow> int \<Rightarrow> int"
   642   reducecoeffh:: "num \<Rightarrow> int \<Rightarrow> num"
   643   reducecoeff :: "num \<Rightarrow> num"
   644   dvdnumcoeff:: "num \<Rightarrow> int \<Rightarrow> bool"
   645 consts maxcoeff:: "num \<Rightarrow> int"
   646 recdef maxcoeff "measure size"
   647   "maxcoeff (C i) = abs i"
   648   "maxcoeff (CN n c t) = max (abs c) (maxcoeff t)"
   649   "maxcoeff (CF c t s) = max (abs c) (maxcoeff s)"
   650   "maxcoeff t = 1"
   651 
   652 lemma maxcoeff_pos: "maxcoeff t \<ge> 0"
   653   apply (induct t rule: maxcoeff.induct, auto) 
   654   done
   655 
   656 recdef numgcdh "measure size"
   657   "numgcdh (C i) = (\<lambda>g. igcd i g)"
   658   "numgcdh (CN n c t) = (\<lambda>g. igcd c (numgcdh t g))"
   659   "numgcdh (CF c s t) = (\<lambda>g. igcd c (numgcdh t g))"
   660   "numgcdh t = (\<lambda>g. 1)"
   661 defs numgcd_def: "numgcd t \<equiv> numgcdh t (maxcoeff t)"
   662 
   663 recdef reducecoeffh "measure size"
   664   "reducecoeffh (C i) = (\<lambda> g. C (i div g))"
   665   "reducecoeffh (CN n c t) = (\<lambda> g. CN n (c div g) (reducecoeffh t g))"
   666   "reducecoeffh (CF c s t) = (\<lambda> g. CF (c div g)  s (reducecoeffh t g))"
   667   "reducecoeffh t = (\<lambda>g. t)"
   668 
   669 defs reducecoeff_def: "reducecoeff t \<equiv> 
   670   (let g = numgcd t in 
   671   if g = 0 then C 0 else if g=1 then t else reducecoeffh t g)"
   672 
   673 recdef dvdnumcoeff "measure size"
   674   "dvdnumcoeff (C i) = (\<lambda> g. g dvd i)"
   675   "dvdnumcoeff (CN n c t) = (\<lambda> g. g dvd c \<and> (dvdnumcoeff t g))"
   676   "dvdnumcoeff (CF c s t) = (\<lambda> g. g dvd c \<and> (dvdnumcoeff t g))"
   677   "dvdnumcoeff t = (\<lambda>g. False)"
   678 
   679 lemma dvdnumcoeff_trans: 
   680   assumes gdg: "g dvd g'" and dgt':"dvdnumcoeff t g'"
   681   shows "dvdnumcoeff t g"
   682   using dgt' gdg 
   683   by (induct t rule: dvdnumcoeff.induct, simp_all add: gdg zdvd_trans[OF gdg])
   684 
   685 declare zdvd_trans [trans add]
   686 
   687 lemma natabs0: "(nat (abs x) = 0) = (x = 0)"
   688 by arith
   689 
   690 lemma numgcd0:
   691   assumes g0: "numgcd t = 0"
   692   shows "Inum bs t = 0"
   693 proof-
   694   have "\<And>x. numgcdh t x= 0 \<Longrightarrow> Inum bs t = 0"
   695     by (induct t rule: numgcdh.induct, auto simp add: igcd_def gcd_zero natabs0 max_def maxcoeff_pos)
   696   thus ?thesis using g0[simplified numgcd_def] by blast
   697 qed
   698 
   699 lemma numgcdh_pos: assumes gp: "g \<ge> 0" shows "numgcdh t g \<ge> 0"
   700   using gp
   701   by (induct t rule: numgcdh.induct, auto simp add: igcd_def)
   702 
   703 lemma numgcd_pos: "numgcd t \<ge>0"
   704   by (simp add: numgcd_def numgcdh_pos maxcoeff_pos)
   705 
   706 lemma reducecoeffh:
   707   assumes gt: "dvdnumcoeff t g" and gp: "g > 0" 
   708   shows "real g *(Inum bs (reducecoeffh t g)) = Inum bs t"
   709   using gt
   710 proof(induct t rule: reducecoeffh.induct) 
   711   case (1 i) hence gd: "g dvd i" by simp
   712   from gp have gnz: "g \<noteq> 0" by simp
   713   from prems show ?case by (simp add: real_of_int_div[OF gnz gd])
   714 next
   715   case (2 n c t)  hence gd: "g dvd c" by simp
   716   from gp have gnz: "g \<noteq> 0" by simp
   717   from prems show ?case by (simp add: real_of_int_div[OF gnz gd] ring_eq_simps)
   718 next
   719   case (3 c s t)  hence gd: "g dvd c" by simp
   720   from gp have gnz: "g \<noteq> 0" by simp
   721   from prems show ?case by (simp add: real_of_int_div[OF gnz gd] ring_eq_simps) 
   722 qed (auto simp add: numgcd_def gp)
   723 consts ismaxcoeff:: "num \<Rightarrow> int \<Rightarrow> bool"
   724 recdef ismaxcoeff "measure size"
   725   "ismaxcoeff (C i) = (\<lambda> x. abs i \<le> x)"
   726   "ismaxcoeff (CN n c t) = (\<lambda>x. abs c \<le> x \<and> (ismaxcoeff t x))"
   727   "ismaxcoeff (CF c s t) = (\<lambda>x. abs c \<le> x \<and> (ismaxcoeff t x))"
   728   "ismaxcoeff t = (\<lambda>x. True)"
   729 
   730 lemma ismaxcoeff_mono: "ismaxcoeff t c \<Longrightarrow> c \<le> c' \<Longrightarrow> ismaxcoeff t c'"
   731 by (induct t rule: ismaxcoeff.induct, auto)
   732 
   733 lemma maxcoeff_ismaxcoeff: "ismaxcoeff t (maxcoeff t)"
   734 proof (induct t rule: maxcoeff.induct)
   735   case (2 n c t)
   736   hence H:"ismaxcoeff t (maxcoeff t)" .
   737   have thh: "maxcoeff t \<le> max (abs c) (maxcoeff t)" by (simp add: le_maxI2)
   738   from ismaxcoeff_mono[OF H thh] show ?case by (simp add: le_maxI1)
   739 next
   740   case (3 c t s) 
   741   hence H1:"ismaxcoeff s (maxcoeff s)" by auto
   742   have thh1: "maxcoeff s \<le> max \<bar>c\<bar> (maxcoeff s)" by (simp add: max_def)
   743   from ismaxcoeff_mono[OF H1 thh1] show ?case by (simp add: le_maxI1)
   744 qed simp_all
   745 
   746 lemma igcd_gt1: "igcd i j > 1 \<Longrightarrow> ((abs i > 1 \<and> abs j > 1) \<or> (abs i = 0 \<and> abs j > 1) \<or> (abs i > 1 \<and> abs j = 0))"
   747   apply (unfold igcd_def)
   748   apply (cases "i = 0", simp_all)
   749   apply (cases "j = 0", simp_all)
   750   apply (cases "abs i = 1", simp_all)
   751   apply (cases "abs j = 1", simp_all)
   752   apply auto
   753   done
   754 lemma numgcdh0:"numgcdh t m = 0 \<Longrightarrow>  m =0"
   755   by (induct t rule: numgcdh.induct, auto simp add:igcd0)
   756 
   757 lemma dvdnumcoeff_aux:
   758   assumes "ismaxcoeff t m" and mp:"m \<ge> 0" and "numgcdh t m > 1"
   759   shows "dvdnumcoeff t (numgcdh t m)"
   760 using prems
   761 proof(induct t rule: numgcdh.induct)
   762   case (2 n c t) 
   763   let ?g = "numgcdh t m"
   764   from prems have th:"igcd c ?g > 1" by simp
   765   from igcd_gt1[OF th] numgcdh_pos[OF mp, where t="t"]
   766   have "(abs c > 1 \<and> ?g > 1) \<or> (abs c = 0 \<and> ?g > 1) \<or> (abs c > 1 \<and> ?g = 0)" by simp
   767   moreover {assume "abs c > 1" and gp: "?g > 1" with prems
   768     have th: "dvdnumcoeff t ?g" by simp
   769     have th': "igcd c ?g dvd ?g" by (simp add:igcd_dvd2)
   770     from dvdnumcoeff_trans[OF th' th] have ?case by (simp add: igcd_dvd1)}
   771   moreover {assume "abs c = 0 \<and> ?g > 1"
   772     with prems have th: "dvdnumcoeff t ?g" by simp
   773     have th': "igcd c ?g dvd ?g" by (simp add:igcd_dvd2)
   774     from dvdnumcoeff_trans[OF th' th] have ?case by (simp add: igcd_dvd1)
   775     hence ?case by simp }
   776   moreover {assume "abs c > 1" and g0:"?g = 0" 
   777     from numgcdh0[OF g0] have "m=0". with prems   have ?case by simp }
   778   ultimately show ?case by blast
   779 next
   780   case (3 c s t) 
   781   let ?g = "numgcdh t m"
   782   from prems have th:"igcd c ?g > 1" by simp
   783   from igcd_gt1[OF th] numgcdh_pos[OF mp, where t="t"]
   784   have "(abs c > 1 \<and> ?g > 1) \<or> (abs c = 0 \<and> ?g > 1) \<or> (abs c > 1 \<and> ?g = 0)" by simp
   785   moreover {assume "abs c > 1" and gp: "?g > 1" with prems
   786     have th: "dvdnumcoeff t ?g" by simp
   787     have th': "igcd c ?g dvd ?g" by (simp add:igcd_dvd2)
   788     from dvdnumcoeff_trans[OF th' th] have ?case by (simp add: igcd_dvd1)}
   789   moreover {assume "abs c = 0 \<and> ?g > 1"
   790     with prems have th: "dvdnumcoeff t ?g" by simp
   791     have th': "igcd c ?g dvd ?g" by (simp add:igcd_dvd2)
   792     from dvdnumcoeff_trans[OF th' th] have ?case by (simp add: igcd_dvd1)
   793     hence ?case by simp }
   794   moreover {assume "abs c > 1" and g0:"?g = 0" 
   795     from numgcdh0[OF g0] have "m=0". with prems   have ?case by simp }
   796   ultimately show ?case by blast
   797 qed(auto simp add: igcd_dvd1)
   798 
   799 lemma dvdnumcoeff_aux2:
   800   assumes "numgcd t > 1" shows "dvdnumcoeff t (numgcd t) \<and> numgcd t > 0"
   801   using prems 
   802 proof (simp add: numgcd_def)
   803   let ?mc = "maxcoeff t"
   804   let ?g = "numgcdh t ?mc"
   805   have th1: "ismaxcoeff t ?mc" by (rule maxcoeff_ismaxcoeff)
   806   have th2: "?mc \<ge> 0" by (rule maxcoeff_pos)
   807   assume H: "numgcdh t ?mc > 1"
   808   from dvdnumcoeff_aux[OF th1 th2 H]  show "dvdnumcoeff t ?g" .
   809 qed
   810 
   811 lemma reducecoeff: "real (numgcd t) * (Inum bs (reducecoeff t)) = Inum bs t"
   812 proof-
   813   let ?g = "numgcd t"
   814   have "?g \<ge> 0"  by (simp add: numgcd_pos)
   815   hence	"?g = 0 \<or> ?g = 1 \<or> ?g > 1" by auto
   816   moreover {assume "?g = 0" hence ?thesis by (simp add: numgcd0)} 
   817   moreover {assume "?g = 1" hence ?thesis by (simp add: reducecoeff_def)} 
   818   moreover { assume g1:"?g > 1"
   819     from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff t ?g" and g0: "?g > 0" by blast+
   820     from reducecoeffh[OF th1 g0, where bs="bs"] g1 have ?thesis 
   821       by (simp add: reducecoeff_def Let_def)} 
   822   ultimately show ?thesis by blast
   823 qed
   824 
   825 lemma reducecoeffh_numbound0: "numbound0 t \<Longrightarrow> numbound0 (reducecoeffh t g)"
   826 by (induct t rule: reducecoeffh.induct, auto)
   827 
   828 lemma reducecoeff_numbound0: "numbound0 t \<Longrightarrow> numbound0 (reducecoeff t)"
   829 using reducecoeffh_numbound0 by (simp add: reducecoeff_def Let_def)
   830 
   831 consts
   832   simpnum:: "num \<Rightarrow> num"
   833   numadd:: "num \<times> num \<Rightarrow> num"
   834   nummul:: "num \<Rightarrow> int \<Rightarrow> num"
   835   numfloor:: "num \<Rightarrow> num"
   836 
   837 recdef numadd "measure (\<lambda> (t,s). size t + size s)"
   838   "numadd (CN n1 c1 r1,CN n2 c2 r2) =
   839   (if n1=n2 then 
   840   (let c = c1 + c2
   841   in (if c=0 then numadd(r1,r2) else CN n1 c (numadd (r1,r2))))
   842   else if n1 \<le> n2 then CN n1 c1 (numadd (r1,CN n2 c2 r2))
   843   else (CN n2 c2 (numadd (CN n1 c1 r1,r2))))"
   844   "numadd (CN n1 c1 r1,t) = CN n1 c1 (numadd (r1, t))"  
   845   "numadd (t,CN n2 c2 r2) = CN n2 c2 (numadd (t,r2))" 
   846   "numadd (CF c1 t1 r1,CF c2 t2 r2) = 
   847    (if t1 = t2 then 
   848     (let c=c1+c2; s= numadd(r1,r2) in (if c=0 then s else CF c t1 s))
   849    else if lex_bnd t1 t2 then CF c1 t1 (numadd(r1,CF c2 t2 r2))
   850    else CF c2 t2 (numadd(CF c1 t1 r1,r2)))"
   851   "numadd (CF c1 t1 r1,C c) = CF c1 t1 (numadd (r1, C c))"
   852   "numadd (C c,CF c1 t1 r1) = CF c1 t1 (numadd (r1, C c))"
   853   "numadd (C b1, C b2) = C (b1+b2)"
   854   "numadd (a,b) = Add a b"
   855 
   856 lemma numadd[simp]: "Inum bs (numadd (t,s)) = Inum bs (Add t s)"
   857 apply (induct t s rule: numadd.induct, simp_all add: Let_def)
   858 apply (case_tac "c1+c2 = 0",case_tac "n1 \<le> n2", simp_all)
   859 apply (case_tac "n1 = n2", simp_all add: ring_eq_simps)
   860 apply (simp only: ring_eq_simps(1)[symmetric]) 
   861 apply simp
   862 apply (case_tac "lex_bnd t1 t2", simp_all)
   863 apply (case_tac "c1+c2 = 0")
   864 by (case_tac "t1 = t2", simp_all add: ring_eq_simps left_distrib[symmetric] real_of_int_mult[symmetric] real_of_int_add[symmetric]del: real_of_int_mult real_of_int_add left_distrib)
   865 
   866 lemma numadd_nb[simp]: "\<lbrakk> numbound0 t ; numbound0 s\<rbrakk> \<Longrightarrow> numbound0 (numadd (t,s))"
   867 by (induct t s rule: numadd.induct, auto simp add: Let_def)
   868 
   869 recdef nummul "measure size"
   870   "nummul (C j) = (\<lambda> i. C (i*j))"
   871   "nummul (CN n c t) = (\<lambda> i. CN n (c*i) (nummul t i))"
   872   "nummul (CF c t s) = (\<lambda> i. CF (c*i) t (nummul s i))"
   873   "nummul (Mul c t) = (\<lambda> i. nummul t (i*c))"
   874   "nummul t = (\<lambda> i. Mul i t)"
   875 
   876 lemma nummul[simp]: "\<And> i. Inum bs (nummul t i) = Inum bs (Mul i t)"
   877 by (induct t rule: nummul.induct, auto simp add: ring_eq_simps)
   878 
   879 lemma nummul_nb[simp]: "\<And> i. numbound0 t \<Longrightarrow> numbound0 (nummul t i)"
   880 by (induct t rule: nummul.induct, auto)
   881 
   882 constdefs numneg :: "num \<Rightarrow> num"
   883   "numneg t \<equiv> nummul t (- 1)"
   884 
   885 constdefs numsub :: "num \<Rightarrow> num \<Rightarrow> num"
   886   "numsub s t \<equiv> (if s = t then C 0 else numadd (s,numneg t))"
   887 
   888 lemma numneg[simp]: "Inum bs (numneg t) = Inum bs (Neg t)"
   889 using numneg_def nummul by simp
   890 
   891 lemma numneg_nb[simp]: "numbound0 t \<Longrightarrow> numbound0 (numneg t)"
   892 using numneg_def by simp
   893 
   894 lemma numsub[simp]: "Inum bs (numsub a b) = Inum bs (Sub a b)"
   895 using numsub_def by simp
   896 
   897 lemma numsub_nb[simp]: "\<lbrakk> numbound0 t ; numbound0 s\<rbrakk> \<Longrightarrow> numbound0 (numsub t s)"
   898 using numsub_def by simp
   899 
   900 lemma isint_CF: assumes si: "isint s bs" shows "isint (CF c t s) bs"
   901 proof-
   902   have cti: "isint (Mul c (Floor t)) bs" by (simp add: isint_Mul isint_Floor)
   903   
   904   have "?thesis = isint (Add (Mul c (Floor t)) s) bs" by (simp add: isint_def)
   905   also have "\<dots>" by (simp add: isint_add cti si)
   906   finally show ?thesis .
   907 qed
   908 
   909 consts split_int:: "num \<Rightarrow> num\<times>num"
   910 recdef split_int "measure num_size"
   911   "split_int (C c) = (C 0, C c)"
   912   "split_int (CN n c b) = 
   913      (let (bv,bi) = split_int b 
   914        in (CN n c bv, bi))"
   915   "split_int (CF c a b) = 
   916      (let (bv,bi) = split_int b 
   917        in (bv, CF c a bi))"
   918   "split_int a = (a,C 0)"
   919 
   920 lemma split_int:"\<And> tv ti. split_int t = (tv,ti) \<Longrightarrow> (Inum bs (Add tv ti) = Inum bs t) \<and> isint ti bs"
   921 proof (induct t rule: split_int.induct)
   922   case (2 c n b tv ti)
   923   let ?bv = "fst (split_int b)"
   924   let ?bi = "snd (split_int b)"
   925   have "split_int b = (?bv,?bi)" by simp
   926   with prems(1) have b:"Inum bs (Add ?bv ?bi) = Inum bs b" and bii: "isint ?bi bs" by blast+
   927   from prems(2) have tibi: "ti = ?bi" by (simp add: Let_def split_def)
   928   from prems(2) b[symmetric] bii show ?case by (auto simp add: Let_def split_def)
   929 next
   930   case (3 c a b tv ti) 
   931   let ?bv = "fst (split_int b)"
   932   let ?bi = "snd (split_int b)"
   933   have "split_int b = (?bv,?bi)" by simp
   934   with prems(1) have b:"Inum bs (Add ?bv ?bi) = Inum bs b" and bii: "isint ?bi bs" by blast+
   935   from prems(2) have tibi: "ti = CF c a ?bi" by (simp add: Let_def split_def)
   936   from prems(2) b[symmetric] bii show ?case by (auto simp add: Let_def split_def isint_Floor isint_add isint_Mul isint_CF)
   937 qed (auto simp add: Let_def isint_iff isint_Floor isint_add isint_Mul split_def ring_eq_simps)
   938 
   939 lemma split_int_nb: "numbound0 t \<Longrightarrow> numbound0 (fst (split_int t)) \<and> numbound0 (snd (split_int t)) "
   940 by (induct t rule: split_int.induct, auto simp add: Let_def split_def)
   941 
   942 defs numfloor_def: "numfloor t \<equiv> (let (tv,ti) = split_int t in 
   943   (case tv of C i \<Rightarrow> numadd (tv,ti) 
   944   | _ \<Rightarrow> numadd(CF 1 tv (C 0),ti)))"
   945 
   946 lemma numfloor[simp]: "Inum bs (numfloor t) = Inum bs (Floor t)" (is "?n t = ?N (Floor t)")
   947 proof-
   948   let ?tv = "fst (split_int t)"
   949   let ?ti = "snd (split_int t)"
   950   have tvti:"split_int t = (?tv,?ti)" by simp
   951   {assume H: "\<forall> v. ?tv \<noteq> C v"
   952     hence th1: "?n t = ?N (Add (Floor ?tv) ?ti)" 
   953       by (cases ?tv, auto simp add: numfloor_def Let_def split_def numadd)
   954     from split_int[OF tvti] have "?N (Floor t) = ?N (Floor(Add ?tv ?ti))" and tii:"isint ?ti bs" by simp+
   955     hence "?N (Floor t) = real (floor (?N (Add ?tv ?ti)))" by simp 
   956     also have "\<dots> = real (floor (?N ?tv) + (floor (?N ?ti)))"
   957       by (simp,subst tii[simplified isint_iff, symmetric]) simp
   958     also have "\<dots> = ?N (Add (Floor ?tv) ?ti)" by (simp add: tii[simplified isint_iff])
   959     finally have ?thesis using th1 by simp}
   960   moreover {fix v assume H:"?tv = C v" 
   961     from split_int[OF tvti] have "?N (Floor t) = ?N (Floor(Add ?tv ?ti))" and tii:"isint ?ti bs" by simp+
   962     hence "?N (Floor t) = real (floor (?N (Add ?tv ?ti)))" by simp 
   963     also have "\<dots> = real (floor (?N ?tv) + (floor (?N ?ti)))"
   964       by (simp,subst tii[simplified isint_iff, symmetric]) simp
   965     also have "\<dots> = ?N (Add (Floor ?tv) ?ti)" by (simp add: tii[simplified isint_iff])
   966     finally have ?thesis by (simp add: H numfloor_def Let_def split_def numadd) }
   967   ultimately show ?thesis by auto
   968 qed
   969 
   970 lemma numfloor_nb[simp]: "numbound0 t \<Longrightarrow> numbound0 (numfloor t)"
   971   using split_int_nb[where t="t"]
   972   by (cases "fst(split_int t)" , auto simp add: numfloor_def Let_def split_def  numadd_nb)
   973 
   974 recdef simpnum "measure num_size"
   975   "simpnum (C j) = C j"
   976   "simpnum (Bound n) = CN n 1 (C 0)"
   977   "simpnum (Neg t) = numneg (simpnum t)"
   978   "simpnum (Add t s) = numadd (simpnum t,simpnum s)"
   979   "simpnum (Sub t s) = numsub (simpnum t) (simpnum s)"
   980   "simpnum (Mul i t) = (if i = 0 then (C 0) else nummul (simpnum t) i)"
   981   "simpnum (Floor t) = numfloor (simpnum t)"
   982   "simpnum (CN n c t) = (if c=0 then simpnum t else CN n c (simpnum t))"
   983   "simpnum (CF c t s) = simpnum(Add (Mul c (Floor t)) s)"
   984 
   985 lemma simpnum_ci[simp]: "Inum bs (simpnum t) = Inum bs t"
   986 by (induct t rule: simpnum.induct, auto)
   987 
   988 lemma simpnum_numbound0[simp]: 
   989   "numbound0 t \<Longrightarrow> numbound0 (simpnum t)"
   990 by (induct t rule: simpnum.induct, auto)
   991 
   992 consts nozerocoeff:: "num \<Rightarrow> bool"
   993 recdef nozerocoeff "measure size"
   994   "nozerocoeff (C c) = True"
   995   "nozerocoeff (CN n c t) = (c\<noteq>0 \<and> nozerocoeff t)"
   996   "nozerocoeff (CF c s t) = (c \<noteq> 0 \<and> nozerocoeff t)"
   997   "nozerocoeff (Mul c t) = (c\<noteq>0 \<and> nozerocoeff t)"
   998   "nozerocoeff t = True"
   999 
  1000 lemma numadd_nz : "nozerocoeff a \<Longrightarrow> nozerocoeff b \<Longrightarrow> nozerocoeff (numadd (a,b))"
  1001 by (induct a b rule: numadd.induct,auto simp add: Let_def)
  1002 
  1003 lemma nummul_nz : "\<And> i. i\<noteq>0 \<Longrightarrow> nozerocoeff a \<Longrightarrow> nozerocoeff (nummul a i)"
  1004   by (induct a rule: nummul.induct,auto simp add: Let_def numadd_nz)
  1005 
  1006 lemma numneg_nz : "nozerocoeff a \<Longrightarrow> nozerocoeff (numneg a)"
  1007 by (simp add: numneg_def nummul_nz)
  1008 
  1009 lemma numsub_nz: "nozerocoeff a \<Longrightarrow> nozerocoeff b \<Longrightarrow> nozerocoeff (numsub a b)"
  1010 by (simp add: numsub_def numneg_nz numadd_nz)
  1011 
  1012 lemma split_int_nz: "nozerocoeff t \<Longrightarrow> nozerocoeff (fst (split_int t)) \<and> nozerocoeff (snd (split_int t))"
  1013 by (induct t rule: split_int.induct,auto simp add: Let_def split_def)
  1014 
  1015 lemma numfloor_nz: "nozerocoeff t \<Longrightarrow> nozerocoeff (numfloor t)"
  1016 by (simp add: numfloor_def Let_def split_def)
  1017 (cases "fst (split_int t)", simp_all add: split_int_nz numadd_nz)
  1018 
  1019 lemma simpnum_nz: "nozerocoeff (simpnum t)"
  1020 by(induct t rule: simpnum.induct, auto simp add: numadd_nz numneg_nz numsub_nz nummul_nz numfloor_nz)
  1021 
  1022 lemma maxcoeff_nz: "nozerocoeff t \<Longrightarrow> maxcoeff t = 0 \<Longrightarrow> t = C 0"
  1023 proof (induct t rule: maxcoeff.induct)
  1024   case (2 n c t)
  1025   hence cnz: "c \<noteq>0" and mx: "max (abs c) (maxcoeff t) = 0" by simp+
  1026   have "max (abs c) (maxcoeff t) \<ge> abs c" by (simp add: le_maxI1)
  1027   with cnz have "max (abs c) (maxcoeff t) > 0" by arith
  1028   with prems show ?case by simp
  1029 next
  1030   case (3 c s t) 
  1031   hence cnz: "c \<noteq>0" and mx: "max (abs c) (maxcoeff t) = 0" by simp+
  1032   have "max (abs c) (maxcoeff t) \<ge> abs c" by (simp add: le_maxI1)
  1033   with cnz have "max (abs c) (maxcoeff t) > 0" by arith
  1034   with prems show ?case by simp
  1035 qed auto
  1036 
  1037 lemma numgcd_nz: assumes nz: "nozerocoeff t" and g0: "numgcd t = 0" shows "t = C 0"
  1038 proof-
  1039   from g0 have th:"numgcdh t (maxcoeff t) = 0" by (simp add: numgcd_def)
  1040   from numgcdh0[OF th]  have th:"maxcoeff t = 0" .
  1041   from maxcoeff_nz[OF nz th] show ?thesis .
  1042 qed
  1043 
  1044 constdefs simp_num_pair:: "(num \<times> int) \<Rightarrow> num \<times> int"
  1045   "simp_num_pair \<equiv> (\<lambda> (t,n). (if n = 0 then (C 0, 0) else
  1046    (let t' = simpnum t ; g = numgcd t' in 
  1047       if g > 1 then (let g' = igcd n g in 
  1048         if g' = 1 then (t',n) 
  1049         else (reducecoeffh t' g', n div g')) 
  1050       else (t',n))))"
  1051 
  1052 lemma simp_num_pair_ci:
  1053   shows "((\<lambda> (t,n). Inum bs t / real n) (simp_num_pair (t,n))) = ((\<lambda> (t,n). Inum bs t / real n) (t,n))"
  1054   (is "?lhs = ?rhs")
  1055 proof-
  1056   let ?t' = "simpnum t"
  1057   let ?g = "numgcd ?t'"
  1058   let ?g' = "igcd n ?g"
  1059   {assume nz: "n = 0" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
  1060   moreover
  1061   { assume nnz: "n \<noteq> 0"
  1062     {assume "\<not> ?g > 1" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
  1063     moreover
  1064     {assume g1:"?g>1" hence g0: "?g > 0" by simp
  1065       from igcd0 g1 nnz have gp0: "?g' \<noteq> 0" by simp
  1066       hence g'p: "?g' > 0" using igcd_pos[where i="n" and j="numgcd ?t'"] by arith
  1067       hence "?g'= 1 \<or> ?g' > 1" by arith
  1068       moreover {assume "?g'=1" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
  1069       moreover {assume g'1:"?g'>1"
  1070 	from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff ?t' ?g" ..
  1071 	let ?tt = "reducecoeffh ?t' ?g'"
  1072 	let ?t = "Inum bs ?tt"
  1073 	have gpdg: "?g' dvd ?g" by (simp add: igcd_dvd2)
  1074 	have gpdd: "?g' dvd n" by (simp add: igcd_dvd1) 
  1075 	have gpdgp: "?g' dvd ?g'" by simp
  1076 	from reducecoeffh[OF dvdnumcoeff_trans[OF gpdg th1] g'p] 
  1077 	have th2:"real ?g' * ?t = Inum bs ?t'" by simp
  1078 	from prems have "?lhs = ?t / real (n div ?g')" by (simp add: simp_num_pair_def Let_def)
  1079 	also have "\<dots> = (real ?g' * ?t) / (real ?g' * (real (n div ?g')))" by simp
  1080 	also have "\<dots> = (Inum bs ?t' / real n)"
  1081 	  using real_of_int_div[OF gp0 gpdd] th2 gp0 by simp
  1082 	finally have "?lhs = Inum bs t / real n" by simp
  1083 	then have ?thesis using prems by (simp add: simp_num_pair_def)}
  1084       ultimately have ?thesis by blast}
  1085     ultimately have ?thesis by blast} 
  1086   ultimately show ?thesis by blast
  1087 qed
  1088 
  1089 lemma simp_num_pair_l: assumes tnb: "numbound0 t" and np: "n >0" and tn: "simp_num_pair (t,n) = (t',n')"
  1090   shows "numbound0 t' \<and> n' >0"
  1091 proof-
  1092     let ?t' = "simpnum t"
  1093   let ?g = "numgcd ?t'"
  1094   let ?g' = "igcd n ?g"
  1095   {assume nz: "n = 0" hence ?thesis using prems by (simp add: Let_def simp_num_pair_def)}
  1096   moreover
  1097   { assume nnz: "n \<noteq> 0"
  1098     {assume "\<not> ?g > 1" hence ?thesis  using prems by (auto simp add: Let_def simp_num_pair_def)}
  1099     moreover
  1100     {assume g1:"?g>1" hence g0: "?g > 0" by simp
  1101       from igcd0 g1 nnz have gp0: "?g' \<noteq> 0" by simp
  1102       hence g'p: "?g' > 0" using igcd_pos[where i="n" and j="numgcd ?t'"] by arith
  1103       hence "?g'= 1 \<or> ?g' > 1" by arith
  1104       moreover {assume "?g'=1" hence ?thesis using prems 
  1105 	  by (auto simp add: Let_def simp_num_pair_def)}
  1106       moreover {assume g'1:"?g'>1"
  1107 	have gpdg: "?g' dvd ?g" by (simp add: igcd_dvd2)
  1108 	have gpdd: "?g' dvd n" by (simp add: igcd_dvd1) 
  1109 	have gpdgp: "?g' dvd ?g'" by simp
  1110 	from zdvd_imp_le[OF gpdd np] have g'n: "?g' \<le> n" .
  1111 	from zdiv_mono1[OF g'n g'p, simplified zdiv_self[OF gp0]]
  1112 	have "n div ?g' >0" by simp
  1113 	hence ?thesis using prems 
  1114 	  by(auto simp add: simp_num_pair_def Let_def reducecoeffh_numbound0)}
  1115       ultimately have ?thesis by blast}
  1116     ultimately have ?thesis by blast} 
  1117   ultimately show ?thesis by blast
  1118 qed
  1119 
  1120 consts not:: "fm \<Rightarrow> fm"
  1121 recdef not "measure size"
  1122   "not (NOT p) = p"
  1123   "not T = F"
  1124   "not F = T"
  1125   "not (Lt t) = Ge t"
  1126   "not (Le t) = Gt t"
  1127   "not (Gt t) = Le t"
  1128   "not (Ge t) = Lt t"
  1129   "not (Eq t) = NEq t"
  1130   "not (NEq t) = Eq t"
  1131   "not (Dvd i t) = NDvd i t"
  1132   "not (NDvd i t) = Dvd i t"
  1133   "not (And p q) = Or (not p) (not q)"
  1134   "not (Or p q) = And (not p) (not q)"
  1135   "not p = NOT p"
  1136 lemma not[simp]: "Ifm bs (not p) = Ifm bs (NOT p)"
  1137 by (induct p) auto
  1138 lemma not_qf[simp]: "qfree p \<Longrightarrow> qfree (not p)"
  1139 by (induct p, auto)
  1140 lemma not_nb[simp]: "bound0 p \<Longrightarrow> bound0 (not p)"
  1141 by (induct p, auto)
  1142 
  1143 constdefs conj :: "fm \<Rightarrow> fm \<Rightarrow> fm"
  1144   "conj p q \<equiv> (if (p = F \<or> q=F) then F else if p=T then q else if q=T then p else 
  1145    if p = q then p else And p q)"
  1146 lemma conj[simp]: "Ifm bs (conj p q) = Ifm bs (And p q)"
  1147 by (cases "p=F \<or> q=F",simp_all add: conj_def) (cases p,simp_all)
  1148 
  1149 lemma conj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (conj p q)"
  1150 using conj_def by auto 
  1151 lemma conj_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (conj p q)"
  1152 using conj_def by auto 
  1153 
  1154 constdefs disj :: "fm \<Rightarrow> fm \<Rightarrow> fm"
  1155   "disj p q \<equiv> (if (p = T \<or> q=T) then T else if p=F then q else if q=F then p 
  1156        else if p=q then p else Or p q)"
  1157 
  1158 lemma disj[simp]: "Ifm bs (disj p q) = Ifm bs (Or p q)"
  1159 by (cases "p=T \<or> q=T",simp_all add: disj_def) (cases p,simp_all)
  1160 lemma disj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (disj p q)"
  1161 using disj_def by auto 
  1162 lemma disj_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (disj p q)"
  1163 using disj_def by auto 
  1164 
  1165 constdefs   imp :: "fm \<Rightarrow> fm \<Rightarrow> fm"
  1166   "imp p q \<equiv> (if (p = F \<or> q=T \<or> p=q) then T else if p=T then q else if q=F then not p 
  1167     else Imp p q)"
  1168 lemma imp[simp]: "Ifm bs (imp p q) = Ifm bs (Imp p q)"
  1169 by (cases "p=F \<or> q=T",simp_all add: imp_def)
  1170 lemma imp_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (imp p q)"
  1171 using imp_def by (cases "p=F \<or> q=T",simp_all add: imp_def)
  1172 lemma imp_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (imp p q)"
  1173 using imp_def by (cases "p=F \<or> q=T \<or> p=q",simp_all add: imp_def) 
  1174 
  1175 constdefs   iff :: "fm \<Rightarrow> fm \<Rightarrow> fm"
  1176   "iff p q \<equiv> (if (p = q) then T else if (p = not q \<or> not p = q) then F else 
  1177        if p=F then not q else if q=F then not p else if p=T then q else if q=T then p else 
  1178   Iff p q)"
  1179 lemma iff[simp]: "Ifm bs (iff p q) = Ifm bs (Iff p q)"
  1180   by (unfold iff_def,cases "p=q", simp,cases "p=not q", simp add:not) 
  1181 (cases "not p= q", auto simp add:not)
  1182 lemma iff_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (iff p q)"
  1183   by (unfold iff_def,cases "p=q", auto)
  1184 lemma iff_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (iff p q)"
  1185 using iff_def by (unfold iff_def,cases "p=q", auto)
  1186 
  1187 consts check_int:: "num \<Rightarrow> bool"
  1188 recdef check_int "measure size"
  1189   "check_int (C i) = True"
  1190   "check_int (Floor t) = True"
  1191   "check_int (Mul i t) = check_int t"
  1192   "check_int (Add t s) = (check_int t \<and> check_int s)"
  1193   "check_int (Neg t) = check_int t"
  1194   "check_int (CF c t s) = check_int s"
  1195   "check_int t = False"
  1196 lemma check_int: "check_int t \<Longrightarrow> isint t bs"
  1197 by (induct t, auto simp add: isint_add isint_Floor isint_Mul isint_neg isint_c isint_CF)
  1198 
  1199 lemma rdvd_left1_int: "real \<lfloor>t\<rfloor> = t \<Longrightarrow> 1 rdvd t"
  1200   by (simp add: rdvd_def,rule_tac x="\<lfloor>t\<rfloor>" in exI) simp
  1201 
  1202 lemma rdvd_reduce: 
  1203   assumes gd:"g dvd d" and gc:"g dvd c" and gp: "g > 0"
  1204   shows "real (d::int) rdvd real (c::int)*t = (real (d div g) rdvd real (c div g)*t)"
  1205 proof
  1206   assume d: "real d rdvd real c * t"
  1207   from d rdvd_def obtain k where k_def: "real c * t = real d* real (k::int)" by auto
  1208   from gd dvd_def obtain kd where kd_def: "d = g * kd" by auto
  1209   from gc dvd_def obtain kc where kc_def: "c = g * kc" by auto
  1210   from k_def kd_def kc_def have "real g * real kc * t = real g * real kd * real k" by simp
  1211   hence "real kc * t = real kd * real k" using gp by simp
  1212   hence th:"real kd rdvd real kc * t" using rdvd_def by blast
  1213   from kd_def gp have th':"kd = d div g" by simp
  1214   from kc_def gp have "kc = c div g" by simp
  1215   with th th' show "real (d div g) rdvd real (c div g) * t" by simp
  1216 next
  1217   assume d: "real (d div g) rdvd real (c div g) * t"
  1218   from gp have gnz: "g \<noteq> 0" by simp
  1219   thus "real d rdvd real c * t" using d rdvd_mult[OF gnz, where n="d div g" and x="real (c div g) * t"] real_of_int_div[OF gnz gd] real_of_int_div[OF gnz gc] by simp
  1220 qed
  1221 
  1222 constdefs simpdvd:: "int \<Rightarrow> num \<Rightarrow> (int \<times> num)"
  1223   "simpdvd d t \<equiv> 
  1224    (let g = numgcd t in 
  1225       if g > 1 then (let g' = igcd d g in 
  1226         if g' = 1 then (d, t) 
  1227         else (d div g',reducecoeffh t g')) 
  1228       else (d, t))"
  1229 lemma simpdvd: 
  1230   assumes tnz: "nozerocoeff t" and dnz: "d \<noteq> 0"
  1231   shows "Ifm bs (Dvd (fst (simpdvd d t)) (snd (simpdvd d t))) = Ifm bs (Dvd d t)"
  1232 proof-
  1233   let ?g = "numgcd t"
  1234   let ?g' = "igcd d ?g"
  1235   {assume "\<not> ?g > 1" hence ?thesis by (simp add: Let_def simpdvd_def)}
  1236   moreover
  1237   {assume g1:"?g>1" hence g0: "?g > 0" by simp
  1238     from igcd0 g1 dnz have gp0: "?g' \<noteq> 0" by simp
  1239     hence g'p: "?g' > 0" using igcd_pos[where i="d" and j="numgcd t"] by arith
  1240     hence "?g'= 1 \<or> ?g' > 1" by arith
  1241     moreover {assume "?g'=1" hence ?thesis by (simp add: Let_def simpdvd_def)}
  1242     moreover {assume g'1:"?g'>1"
  1243       from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff t ?g" ..
  1244       let ?tt = "reducecoeffh t ?g'"
  1245       let ?t = "Inum bs ?tt"
  1246       have gpdg: "?g' dvd ?g" by (simp add: igcd_dvd2)
  1247       have gpdd: "?g' dvd d" by (simp add: igcd_dvd1) 
  1248       have gpdgp: "?g' dvd ?g'" by simp
  1249       from reducecoeffh[OF dvdnumcoeff_trans[OF gpdg th1] g'p] 
  1250       have th2:"real ?g' * ?t = Inum bs t" by simp
  1251       from prems have "Ifm bs (Dvd (fst (simpdvd d t)) (snd(simpdvd d t))) = Ifm bs (Dvd (d div ?g') ?tt)"
  1252 	by (simp add: simpdvd_def Let_def)
  1253       also have "\<dots> = (real d rdvd (Inum bs t))"
  1254 	using rdvd_reduce[OF gpdd gpdgp g'p, where t="?t", simplified zdiv_self[OF gp0]] 
  1255 	  th2[symmetric] by simp
  1256       finally have ?thesis by simp  }
  1257     ultimately have ?thesis by blast
  1258   }
  1259   ultimately show ?thesis by blast
  1260 qed
  1261 
  1262 consts simpfm :: "fm \<Rightarrow> fm"
  1263 recdef simpfm "measure fmsize"
  1264   "simpfm (And p q) = conj (simpfm p) (simpfm q)"
  1265   "simpfm (Or p q) = disj (simpfm p) (simpfm q)"
  1266   "simpfm (Imp p q) = imp (simpfm p) (simpfm q)"
  1267   "simpfm (Iff p q) = iff (simpfm p) (simpfm q)"
  1268   "simpfm (NOT p) = not (simpfm p)"
  1269   "simpfm (Lt a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v < 0) then T else F 
  1270   | _ \<Rightarrow> Lt (reducecoeff a'))"
  1271   "simpfm (Le a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<le> 0)  then T else F | _ \<Rightarrow> Le (reducecoeff a'))"
  1272   "simpfm (Gt a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v > 0)  then T else F | _ \<Rightarrow> Gt (reducecoeff a'))"
  1273   "simpfm (Ge a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<ge> 0)  then T else F | _ \<Rightarrow> Ge (reducecoeff a'))"
  1274   "simpfm (Eq a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v = 0)  then T else F | _ \<Rightarrow> Eq (reducecoeff a'))"
  1275   "simpfm (NEq a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<noteq> 0)  then T else F | _ \<Rightarrow> NEq (reducecoeff a'))"
  1276   "simpfm (Dvd i a) = (if i=0 then simpfm (Eq a)
  1277              else if (abs i = 1) \<and> check_int a then T
  1278              else let a' = simpnum a in case a' of C v \<Rightarrow> if (i dvd v)  then T else F | _ \<Rightarrow> (let (d,t) = simpdvd i a' in Dvd d t))"
  1279   "simpfm (NDvd i a) = (if i=0 then simpfm (NEq a) 
  1280              else if (abs i = 1) \<and> check_int a then F
  1281              else let a' = simpnum a in case a' of C v \<Rightarrow> if (\<not>(i dvd v)) then T else F | _ \<Rightarrow> (let (d,t) = simpdvd i a' in NDvd d t))"
  1282   "simpfm p = p"
  1283 
  1284 lemma simpfm[simp]: "Ifm bs (simpfm p) = Ifm bs p"
  1285 proof(induct p rule: simpfm.induct)
  1286   case (6 a) let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1287   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1288   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1289     let ?g = "numgcd ?sa"
  1290     let ?rsa = "reducecoeff ?sa"
  1291     let ?r = "Inum bs ?rsa"
  1292     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1293     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1294     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1295     hence gp: "real ?g > 0" by simp
  1296     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1297     with sa have "Inum bs a < 0 = (real ?g * ?r < real ?g * 0)" by simp
  1298     also have "\<dots> = (?r < 0)" using gp
  1299       by (simp only: mult_less_cancel_left) simp
  1300     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1301   ultimately show ?case by blast
  1302 next
  1303   case (7 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1304   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1305   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1306     let ?g = "numgcd ?sa"
  1307     let ?rsa = "reducecoeff ?sa"
  1308     let ?r = "Inum bs ?rsa"
  1309     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1310     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1311     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1312     hence gp: "real ?g > 0" by simp
  1313     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1314     with sa have "Inum bs a \<le> 0 = (real ?g * ?r \<le> real ?g * 0)" by simp
  1315     also have "\<dots> = (?r \<le> 0)" using gp
  1316       by (simp only: mult_le_cancel_left) simp
  1317     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1318   ultimately show ?case by blast
  1319 next
  1320   case (8 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1321   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1322   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1323     let ?g = "numgcd ?sa"
  1324     let ?rsa = "reducecoeff ?sa"
  1325     let ?r = "Inum bs ?rsa"
  1326     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1327     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1328     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1329     hence gp: "real ?g > 0" by simp
  1330     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1331     with sa have "Inum bs a > 0 = (real ?g * ?r > real ?g * 0)" by simp
  1332     also have "\<dots> = (?r > 0)" using gp
  1333       by (simp only: mult_less_cancel_left) simp
  1334     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1335   ultimately show ?case by blast
  1336 next
  1337   case (9 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1338   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1339   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1340     let ?g = "numgcd ?sa"
  1341     let ?rsa = "reducecoeff ?sa"
  1342     let ?r = "Inum bs ?rsa"
  1343     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1344     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1345     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1346     hence gp: "real ?g > 0" by simp
  1347     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1348     with sa have "Inum bs a \<ge> 0 = (real ?g * ?r \<ge> real ?g * 0)" by simp
  1349     also have "\<dots> = (?r \<ge> 0)" using gp
  1350       by (simp only: mult_le_cancel_left) simp
  1351     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1352   ultimately show ?case by blast
  1353 next
  1354   case (10 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1355   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1356   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1357     let ?g = "numgcd ?sa"
  1358     let ?rsa = "reducecoeff ?sa"
  1359     let ?r = "Inum bs ?rsa"
  1360     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1361     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1362     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1363     hence gp: "real ?g > 0" by simp
  1364     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1365     with sa have "Inum bs a = 0 = (real ?g * ?r = 0)" by simp
  1366     also have "\<dots> = (?r = 0)" using gp
  1367       by (simp add: mult_eq_0_iff)
  1368     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1369   ultimately show ?case by blast
  1370 next
  1371   case (11 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1372   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1373   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1374     let ?g = "numgcd ?sa"
  1375     let ?rsa = "reducecoeff ?sa"
  1376     let ?r = "Inum bs ?rsa"
  1377     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1378     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1379     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1380     hence gp: "real ?g > 0" by simp
  1381     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1382     with sa have "Inum bs a \<noteq> 0 = (real ?g * ?r \<noteq> 0)" by simp
  1383     also have "\<dots> = (?r \<noteq> 0)" using gp
  1384       by (simp add: mult_eq_0_iff)
  1385     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1386   ultimately show ?case by blast
  1387 next
  1388   case (12 i a)  let ?sa = "simpnum a"   have sa: "Inum bs ?sa = Inum bs a" by simp
  1389   have "i=0 \<or> (abs i = 1 \<and> check_int a) \<or> (i\<noteq>0 \<and> ((abs i \<noteq> 1) \<or> (\<not> check_int a)))" by auto
  1390   {assume "i=0" hence ?case using "12.hyps" by (simp add: rdvd_left_0_eq Let_def)}
  1391   moreover 
  1392   {assume ai1: "abs i = 1" and ai: "check_int a" 
  1393     hence "i=1 \<or> i= - 1" by arith
  1394     moreover {assume i1: "i = 1" 
  1395       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1396       have ?case using i1 ai by simp }
  1397     moreover {assume i1: "i = - 1" 
  1398       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1399 	rdvd_abs1[where d="- 1" and t="Inum bs a"]
  1400       have ?case using i1 ai by simp }
  1401     ultimately have ?case by blast}
  1402   moreover   
  1403   {assume inz: "i\<noteq>0" and cond: "(abs i \<noteq> 1) \<or> (\<not> check_int a)"
  1404     {fix v assume "?sa = C v" hence ?case using sa[symmetric] inz cond
  1405 	by (cases "abs i = 1", auto simp add: int_rdvd_iff) }
  1406     moreover {assume H:"\<not> (\<exists> v. ?sa = C v)" 
  1407       hence th: "simpfm (Dvd i a) = Dvd (fst (simpdvd i ?sa)) (snd (simpdvd i ?sa))" using inz cond by (cases ?sa, auto simp add: Let_def split_def)
  1408       from simpnum_nz have nz:"nozerocoeff ?sa" by simp
  1409       from simpdvd [OF nz inz] th have ?case using sa by simp}
  1410     ultimately have ?case by blast}
  1411   ultimately show ?case by blast
  1412 next
  1413   case (13 i a)  let ?sa = "simpnum a"   have sa: "Inum bs ?sa = Inum bs a" by simp
  1414   have "i=0 \<or> (abs i = 1 \<and> check_int a) \<or> (i\<noteq>0 \<and> ((abs i \<noteq> 1) \<or> (\<not> check_int a)))" by auto
  1415   {assume "i=0" hence ?case using "13.hyps" by (simp add: rdvd_left_0_eq Let_def)}
  1416   moreover 
  1417   {assume ai1: "abs i = 1" and ai: "check_int a" 
  1418     hence "i=1 \<or> i= - 1" by arith
  1419     moreover {assume i1: "i = 1" 
  1420       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1421       have ?case using i1 ai by simp }
  1422     moreover {assume i1: "i = - 1" 
  1423       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1424 	rdvd_abs1[where d="- 1" and t="Inum bs a"]
  1425       have ?case using i1 ai by simp }
  1426     ultimately have ?case by blast}
  1427   moreover   
  1428   {assume inz: "i\<noteq>0" and cond: "(abs i \<noteq> 1) \<or> (\<not> check_int a)"
  1429     {fix v assume "?sa = C v" hence ?case using sa[symmetric] inz cond
  1430 	by (cases "abs i = 1", auto simp add: int_rdvd_iff) }
  1431     moreover {assume H:"\<not> (\<exists> v. ?sa = C v)" 
  1432       hence th: "simpfm (NDvd i a) = NDvd (fst (simpdvd i ?sa)) (snd (simpdvd i ?sa))" using inz cond 
  1433 	by (cases ?sa, auto simp add: Let_def split_def)
  1434       from simpnum_nz have nz:"nozerocoeff ?sa" by simp
  1435       from simpdvd [OF nz inz] th have ?case using sa by simp}
  1436     ultimately have ?case by blast}
  1437   ultimately show ?case by blast
  1438 qed (induct p rule: simpfm.induct, simp_all)
  1439 
  1440 lemma simpdvd_numbound0: "numbound0 t \<Longrightarrow> numbound0 (snd (simpdvd d t))"
  1441   by (simp add: simpdvd_def Let_def split_def reducecoeffh_numbound0)
  1442 
  1443 lemma simpfm_bound0[simp]: "bound0 p \<Longrightarrow> bound0 (simpfm p)"
  1444 proof(induct p rule: simpfm.induct)
  1445   case (6 a) hence nb: "numbound0 a" by simp
  1446   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1447   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1448 next
  1449   case (7 a) hence nb: "numbound0 a" by simp
  1450   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1451   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1452 next
  1453   case (8 a) hence nb: "numbound0 a" by simp
  1454   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1455   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1456 next
  1457   case (9 a) hence nb: "numbound0 a" by simp
  1458   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1459   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1460 next
  1461   case (10 a) hence nb: "numbound0 a" by simp
  1462   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1463   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1464 next
  1465   case (11 a) hence nb: "numbound0 a" by simp
  1466   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1467   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1468 next
  1469   case (12 i a) hence nb: "numbound0 a" by simp
  1470   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1471   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0 simpdvd_numbound0 split_def)
  1472 next
  1473   case (13 i a) hence nb: "numbound0 a" by simp
  1474   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1475   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0 simpdvd_numbound0 split_def)
  1476 qed(auto simp add: disj_def imp_def iff_def conj_def)
  1477 
  1478 lemma simpfm_qf[simp]: "qfree p \<Longrightarrow> qfree (simpfm p)"
  1479 by (induct p rule: simpfm.induct, auto simp add: Let_def)
  1480 (case_tac "simpnum a",auto simp add: split_def Let_def)+
  1481 
  1482 
  1483   (* Generic quantifier elimination *)
  1484 
  1485 constdefs list_conj :: "fm list \<Rightarrow> fm"
  1486   "list_conj ps \<equiv> foldr conj ps T"
  1487 lemma list_conj: "Ifm bs (list_conj ps) = (\<forall>p\<in> set ps. Ifm bs p)"
  1488   by (induct ps, auto simp add: list_conj_def)
  1489 lemma list_conj_qf: " \<forall>p\<in> set ps. qfree p \<Longrightarrow> qfree (list_conj ps)"
  1490   by (induct ps, auto simp add: list_conj_def)
  1491 lemma list_conj_nb: " \<forall>p\<in> set ps. bound0 p \<Longrightarrow> bound0 (list_conj ps)"
  1492   by (induct ps, auto simp add: list_conj_def)
  1493 constdefs CJNB:: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm"
  1494   "CJNB f p \<equiv> (let cjs = conjuncts p ; (yes,no) = partition bound0 cjs
  1495                    in conj (decr (list_conj yes)) (f (list_conj no)))"
  1496 
  1497 lemma CJNB_qe: 
  1498   assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
  1499   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (CJNB qe p) \<and> (Ifm bs ((CJNB qe p)) = Ifm bs (E p))"
  1500 proof(clarify)
  1501   fix bs p
  1502   assume qfp: "qfree p"
  1503   let ?cjs = "conjuncts p"
  1504   let ?yes = "fst (partition bound0 ?cjs)"
  1505   let ?no = "snd (partition bound0 ?cjs)"
  1506   let ?cno = "list_conj ?no"
  1507   let ?cyes = "list_conj ?yes"
  1508   have part: "partition bound0 ?cjs = (?yes,?no)" by simp
  1509   from partition_P[OF part] have "\<forall> q\<in> set ?yes. bound0 q" by blast 
  1510   hence yes_nb: "bound0 ?cyes" by (simp add: list_conj_nb) 
  1511   hence yes_qf: "qfree (decr ?cyes )" by (simp add: decr_qf)
  1512   from conjuncts_qf[OF qfp] partition_set[OF part] 
  1513   have " \<forall>q\<in> set ?no. qfree q" by auto
  1514   hence no_qf: "qfree ?cno"by (simp add: list_conj_qf)
  1515   with qe have cno_qf:"qfree (qe ?cno )" 
  1516     and noE: "Ifm bs (qe ?cno) = Ifm bs (E ?cno)" by blast+
  1517   from cno_qf yes_qf have qf: "qfree (CJNB qe p)" 
  1518     by (simp add: CJNB_def Let_def conj_qf split_def)
  1519   {fix bs
  1520     from conjuncts have "Ifm bs p = (\<forall>q\<in> set ?cjs. Ifm bs q)" by blast
  1521     also have "\<dots> = ((\<forall>q\<in> set ?yes. Ifm bs q) \<and> (\<forall>q\<in> set ?no. Ifm bs q))"
  1522       using partition_set[OF part] by auto
  1523     finally have "Ifm bs p = ((Ifm bs ?cyes) \<and> (Ifm bs ?cno))" using list_conj by simp}
  1524   hence "Ifm bs (E p) = (\<exists>x. (Ifm (x#bs) ?cyes) \<and> (Ifm (x#bs) ?cno))" by simp
  1525   also have "\<dots> = (\<exists>x. (Ifm (y#bs) ?cyes) \<and> (Ifm (x#bs) ?cno))"
  1526     using bound0_I[OF yes_nb, where bs="bs" and b'="y"] by blast
  1527   also have "\<dots> = (Ifm bs (decr ?cyes) \<and> Ifm bs (E ?cno))"
  1528     by (auto simp add: decr[OF yes_nb])
  1529   also have "\<dots> = (Ifm bs (conj (decr ?cyes) (qe ?cno)))"
  1530     using qe[rule_format, OF no_qf] by auto
  1531   finally have "Ifm bs (E p) = Ifm bs (CJNB qe p)" 
  1532     by (simp add: Let_def CJNB_def split_def)
  1533   with qf show "qfree (CJNB qe p) \<and> Ifm bs (CJNB qe p) = Ifm bs (E p)" by blast
  1534 qed
  1535 
  1536 consts qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm"
  1537 recdef qelim "measure fmsize"
  1538   "qelim (E p) = (\<lambda> qe. DJ (CJNB qe) (qelim p qe))"
  1539   "qelim (A p) = (\<lambda> qe. not (qe ((qelim (NOT p) qe))))"
  1540   "qelim (NOT p) = (\<lambda> qe. not (qelim p qe))"
  1541   "qelim (And p q) = (\<lambda> qe. conj (qelim p qe) (qelim q qe))" 
  1542   "qelim (Or  p q) = (\<lambda> qe. disj (qelim p qe) (qelim q qe))" 
  1543   "qelim (Imp p q) = (\<lambda> qe. disj (qelim (NOT p) qe) (qelim q qe))"
  1544   "qelim (Iff p q) = (\<lambda> qe. iff (qelim p qe) (qelim q qe))"
  1545   "qelim p = (\<lambda> y. simpfm p)"
  1546 
  1547 lemma qelim_ci:
  1548   assumes qe_inv: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
  1549   shows "\<And> bs. qfree (qelim p qe) \<and> (Ifm bs (qelim p qe) = Ifm bs p)"
  1550 using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]] 
  1551 by(induct p rule: qelim.induct) 
  1552 (auto simp del: simpfm.simps)
  1553 
  1554 
  1555 text {* The @{text "\<int>"} Part *}
  1556 text{* Linearity for fm where Bound 0 ranges over @{text "\<int>"} *}
  1557 consts
  1558   zsplit0 :: "num \<Rightarrow> int \<times> num" (* splits the bounded from the unbounded part*)
  1559 recdef zsplit0 "measure num_size"
  1560   "zsplit0 (C c) = (0,C c)"
  1561   "zsplit0 (Bound n) = (if n=0 then (1, C 0) else (0,Bound n))"
  1562   "zsplit0 (CN n c a) = zsplit0 (Add (Mul c (Bound n)) a)"
  1563   "zsplit0 (CF c a b) = zsplit0 (Add (Mul c (Floor a)) b)"
  1564   "zsplit0 (Neg a) = (let (i',a') =  zsplit0 a in (-i', Neg a'))"
  1565   "zsplit0 (Add a b) = (let (ia,a') =  zsplit0 a ; 
  1566                             (ib,b') =  zsplit0 b 
  1567                             in (ia+ib, Add a' b'))"
  1568   "zsplit0 (Sub a b) = (let (ia,a') =  zsplit0 a ; 
  1569                             (ib,b') =  zsplit0 b 
  1570                             in (ia-ib, Sub a' b'))"
  1571   "zsplit0 (Mul i a) = (let (i',a') =  zsplit0 a in (i*i', Mul i a'))"
  1572   "zsplit0 (Floor a) = (let (i',a') =  zsplit0 a in (i',Floor a'))"
  1573 (hints simp add: Let_def)
  1574 
  1575 lemma zsplit0_I:
  1576   shows "\<And> n a. zsplit0 t = (n,a) \<Longrightarrow> (Inum ((real (x::int)) #bs) (CN 0 n a) = Inum (real x #bs) t) \<and> numbound0 a"
  1577   (is "\<And> n a. ?S t = (n,a) \<Longrightarrow> (?I x (CN 0 n a) = ?I x t) \<and> ?N a")
  1578 proof(induct t rule: zsplit0.induct)
  1579   case (1 c n a) thus ?case by auto 
  1580 next
  1581   case (2 m n a) thus ?case by (cases "m=0") auto
  1582 next
  1583   case (3 n i a n a') thus ?case by auto
  1584 next 
  1585   case (4 c a b n a') thus ?case by auto
  1586 next
  1587   case (5 t n a)
  1588   let ?nt = "fst (zsplit0 t)"
  1589   let ?at = "snd (zsplit0 t)"
  1590   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a=Neg ?at \<and> n=-?nt" using prems 
  1591     by (simp add: Let_def split_def)
  1592   from abj prems  have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1593   from th2[simplified] th[simplified] show ?case by simp
  1594 next
  1595   case (6 s t n a)
  1596   let ?ns = "fst (zsplit0 s)"
  1597   let ?as = "snd (zsplit0 s)"
  1598   let ?nt = "fst (zsplit0 t)"
  1599   let ?at = "snd (zsplit0 t)"
  1600   have abjs: "zsplit0 s = (?ns,?as)" by simp 
  1601   moreover have abjt:  "zsplit0 t = (?nt,?at)" by simp 
  1602   ultimately have th: "a=Add ?as ?at \<and> n=?ns + ?nt" using prems 
  1603     by (simp add: Let_def split_def)
  1604   from abjs[symmetric] have bluddy: "\<exists> x y. (x,y) = zsplit0 s" by blast
  1605   from prems have "(\<exists> x y. (x,y) = zsplit0 s) \<longrightarrow> (\<forall>xa xb. zsplit0 t = (xa, xb) \<longrightarrow> Inum (real x # bs) (CN 0 xa xb) = Inum (real x # bs) t \<and> numbound0 xb)" by simp
  1606   with bluddy abjt have th3: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1607   from abjs prems  have th2: "(?I x (CN 0 ?ns ?as) = ?I x s) \<and> ?N ?as" by blast
  1608   from th3[simplified] th2[simplified] th[simplified] show ?case 
  1609     by (simp add: left_distrib)
  1610 next
  1611   case (7 s t n a)
  1612   let ?ns = "fst (zsplit0 s)"
  1613   let ?as = "snd (zsplit0 s)"
  1614   let ?nt = "fst (zsplit0 t)"
  1615   let ?at = "snd (zsplit0 t)"
  1616   have abjs: "zsplit0 s = (?ns,?as)" by simp 
  1617   moreover have abjt:  "zsplit0 t = (?nt,?at)" by simp 
  1618   ultimately have th: "a=Sub ?as ?at \<and> n=?ns - ?nt" using prems 
  1619     by (simp add: Let_def split_def)
  1620   from abjs[symmetric] have bluddy: "\<exists> x y. (x,y) = zsplit0 s" by blast
  1621   from prems have "(\<exists> x y. (x,y) = zsplit0 s) \<longrightarrow> (\<forall>xa xb. zsplit0 t = (xa, xb) \<longrightarrow> Inum (real x # bs) (CN 0 xa xb) = Inum (real x # bs) t \<and> numbound0 xb)" by simp
  1622   with bluddy abjt have th3: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1623   from abjs prems  have th2: "(?I x (CN 0 ?ns ?as) = ?I x s) \<and> ?N ?as" by blast
  1624   from th3[simplified] th2[simplified] th[simplified] show ?case 
  1625     by (simp add: left_diff_distrib)
  1626 next
  1627   case (8 i t n a)
  1628   let ?nt = "fst (zsplit0 t)"
  1629   let ?at = "snd (zsplit0 t)"
  1630   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a=Mul i ?at \<and> n=i*?nt" using prems 
  1631     by (simp add: Let_def split_def)
  1632   from abj prems  have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1633   hence " ?I x (Mul i t) = (real i) * ?I x (CN 0 ?nt ?at)" by simp
  1634   also have "\<dots> = ?I x (CN 0 (i*?nt) (Mul i ?at))" by (simp add: right_distrib)
  1635   finally show ?case using th th2 by simp
  1636 next
  1637   case (9 t n a)
  1638   let ?nt = "fst (zsplit0 t)"
  1639   let ?at = "snd (zsplit0 t)"
  1640   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a= Floor ?at \<and> n=?nt" using prems 
  1641     by (simp add: Let_def split_def)
  1642   from abj prems  have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1643   hence na: "?N a" using th by simp
  1644   have th': "(real ?nt)*(real x) = real (?nt * x)" by simp
  1645   have "?I x (Floor t) = ?I x (Floor (CN 0 ?nt ?at))" using th2 by simp
  1646   also have "\<dots> = real (floor ((real ?nt)* real(x) + ?I x ?at))" by simp
  1647   also have "\<dots> = real (floor (?I x ?at + real (?nt* x)))" by (simp add: add_ac)
  1648   also have "\<dots> = real (floor (?I x ?at) + (?nt* x))" 
  1649     using floor_add[where x="?I x ?at" and a="?nt* x"] by simp 
  1650   also have "\<dots> = real (?nt)*(real x) + real (floor (?I x ?at))" by (simp add: add_ac)
  1651   finally have "?I x (Floor t) = ?I x (CN 0 n a)" using th by simp
  1652   with na show ?case by simp
  1653 qed
  1654 
  1655 consts
  1656   iszlfm :: "fm \<Rightarrow> real list \<Rightarrow> bool"   (* Linearity test for fm *)
  1657   zlfm :: "fm \<Rightarrow> fm"       (* Linearity transformation for fm *)
  1658 recdef iszlfm "measure size"
  1659   "iszlfm (And p q) = (\<lambda> bs. iszlfm p bs \<and> iszlfm q bs)" 
  1660   "iszlfm (Or p q) = (\<lambda> bs. iszlfm p bs \<and> iszlfm q bs)" 
  1661   "iszlfm (Eq  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1662   "iszlfm (NEq (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1663   "iszlfm (Lt  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1664   "iszlfm (Le  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1665   "iszlfm (Gt  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1666   "iszlfm (Ge  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1667   "iszlfm (Dvd i (CN 0 c e)) = 
  1668                  (\<lambda> bs. c>0 \<and> i>0 \<and> numbound0 e \<and> isint e bs)"
  1669   "iszlfm (NDvd i (CN 0 c e))= 
  1670                  (\<lambda> bs. c>0 \<and> i>0 \<and> numbound0 e \<and> isint e bs)"
  1671   "iszlfm p = (\<lambda> bs. isatom p \<and> (bound0 p))"
  1672 
  1673 lemma zlin_qfree: "iszlfm p bs \<Longrightarrow> qfree p"
  1674   by (induct p rule: iszlfm.induct) auto
  1675 
  1676 lemma iszlfm_gen:
  1677   assumes lp: "iszlfm p (x#bs)"
  1678   shows "\<forall> y. iszlfm p (y#bs)"
  1679 proof
  1680   fix y
  1681   show "iszlfm p (y#bs)"
  1682     using lp
  1683   by(induct p rule: iszlfm.induct, simp_all add: numbound0_gen[rule_format, where x="x" and y="y"])
  1684 qed
  1685 
  1686 lemma conj_zl[simp]: "iszlfm p bs \<Longrightarrow> iszlfm q bs \<Longrightarrow> iszlfm (conj p q) bs"
  1687   using conj_def by (cases p,auto)
  1688 lemma disj_zl[simp]: "iszlfm p bs \<Longrightarrow> iszlfm q bs \<Longrightarrow> iszlfm (disj p q) bs"
  1689   using disj_def by (cases p,auto)
  1690 lemma not_zl[simp]: "iszlfm p bs \<Longrightarrow> iszlfm (not p) bs"
  1691   by (induct p rule:iszlfm.induct ,auto)
  1692 
  1693 recdef zlfm "measure fmsize"
  1694   "zlfm (And p q) = conj (zlfm p) (zlfm q)"
  1695   "zlfm (Or p q) = disj (zlfm p) (zlfm q)"
  1696   "zlfm (Imp p q) = disj (zlfm (NOT p)) (zlfm q)"
  1697   "zlfm (Iff p q) = disj (conj (zlfm p) (zlfm q)) (conj (zlfm (NOT p)) (zlfm (NOT q)))"
  1698   "zlfm (Lt a) = (let (c,r) = zsplit0 a in 
  1699      if c=0 then Lt r else 
  1700      if c>0 then Or (Lt (CN 0 c (Neg (Floor (Neg r))))) (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Lt (Add (Floor (Neg r)) r))) 
  1701      else Or (Gt (CN 0 (-c) (Floor(Neg r)))) (And (Eq(CN 0 (-c) (Floor(Neg r)))) (Lt (Add (Floor (Neg r)) r))))"
  1702   "zlfm (Le a) = (let (c,r) = zsplit0 a in 
  1703      if c=0 then Le r else 
  1704      if c>0 then Or (Le (CN 0 c (Neg (Floor (Neg r))))) (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Lt (Add (Floor (Neg r)) r))) 
  1705      else Or (Ge (CN 0 (-c) (Floor(Neg r)))) (And (Eq(CN 0 (-c) (Floor(Neg r)))) (Lt (Add (Floor (Neg r)) r))))"
  1706   "zlfm (Gt a) = (let (c,r) = zsplit0 a in 
  1707      if c=0 then Gt r else 
  1708      if c>0 then Or (Gt (CN 0 c (Floor r))) (And (Eq (CN 0 c (Floor r))) (Lt (Sub (Floor r) r))) 
  1709      else Or (Lt (CN 0 (-c) (Neg (Floor r)))) (And (Eq(CN 0 (-c) (Neg (Floor r)))) (Lt (Sub (Floor r) r))))"
  1710   "zlfm (Ge a) = (let (c,r) = zsplit0 a in 
  1711      if c=0 then Ge r else 
  1712      if c>0 then Or (Ge (CN 0 c (Floor r))) (And (Eq (CN 0 c (Floor r))) (Lt (Sub (Floor r) r))) 
  1713      else Or (Le (CN 0 (-c) (Neg (Floor r)))) (And (Eq(CN 0 (-c) (Neg (Floor r)))) (Lt (Sub (Floor r) r))))"
  1714   "zlfm (Eq a) = (let (c,r) = zsplit0 a in 
  1715               if c=0 then Eq r else 
  1716       if c>0 then (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Eq (Add (Floor (Neg r)) r)))
  1717       else (And (Eq (CN 0 (-c) (Floor (Neg r)))) (Eq (Add (Floor (Neg r)) r))))"
  1718   "zlfm (NEq a) = (let (c,r) = zsplit0 a in 
  1719               if c=0 then NEq r else 
  1720       if c>0 then (Or (NEq (CN 0 c (Neg (Floor (Neg r))))) (NEq (Add (Floor (Neg r)) r)))
  1721       else (Or (NEq (CN 0 (-c) (Floor (Neg r)))) (NEq (Add (Floor (Neg r)) r))))"
  1722   "zlfm (Dvd i a) = (if i=0 then zlfm (Eq a) 
  1723   else (let (c,r) = zsplit0 a in 
  1724               if c=0 then Dvd (abs i) r else 
  1725       if c>0 then And (Eq (Sub (Floor r) r)) (Dvd (abs i) (CN 0 c (Floor r))) 
  1726       else And (Eq (Sub (Floor r) r)) (Dvd (abs i) (CN 0 (-c) (Neg (Floor r))))))"
  1727   "zlfm (NDvd i a) = (if i=0 then zlfm (NEq a) 
  1728   else (let (c,r) = zsplit0 a in 
  1729               if c=0 then NDvd (abs i) r else 
  1730       if c>0 then Or (NEq (Sub (Floor r) r)) (NDvd (abs i) (CN 0 c (Floor r))) 
  1731       else Or (NEq (Sub (Floor r) r)) (NDvd (abs i) (CN 0 (-c) (Neg (Floor r))))))"
  1732   "zlfm (NOT (And p q)) = disj (zlfm (NOT p)) (zlfm (NOT q))"
  1733   "zlfm (NOT (Or p q)) = conj (zlfm (NOT p)) (zlfm (NOT q))"
  1734   "zlfm (NOT (Imp p q)) = conj (zlfm p) (zlfm (NOT q))"
  1735   "zlfm (NOT (Iff p q)) = disj (conj(zlfm p) (zlfm(NOT q))) (conj (zlfm(NOT p)) (zlfm q))"
  1736   "zlfm (NOT (NOT p)) = zlfm p"
  1737   "zlfm (NOT T) = F"
  1738   "zlfm (NOT F) = T"
  1739   "zlfm (NOT (Lt a)) = zlfm (Ge a)"
  1740   "zlfm (NOT (Le a)) = zlfm (Gt a)"
  1741   "zlfm (NOT (Gt a)) = zlfm (Le a)"
  1742   "zlfm (NOT (Ge a)) = zlfm (Lt a)"
  1743   "zlfm (NOT (Eq a)) = zlfm (NEq a)"
  1744   "zlfm (NOT (NEq a)) = zlfm (Eq a)"
  1745   "zlfm (NOT (Dvd i a)) = zlfm (NDvd i a)"
  1746   "zlfm (NOT (NDvd i a)) = zlfm (Dvd i a)"
  1747   "zlfm p = p" (hints simp add: fmsize_pos)
  1748 
  1749 lemma split_int_less_real: 
  1750   "(real (a::int) < b) = (a < floor b \<or> (a = floor b \<and> real (floor b) < b))"
  1751 proof( auto)
  1752   assume alb: "real a < b" and agb: "\<not> a < floor b"
  1753   from agb have "floor b \<le> a" by simp hence th: "b < real a + 1" by (simp only: floor_le_eq)
  1754   from floor_eq[OF alb th] show "a= floor b" by simp 
  1755 next
  1756   assume alb: "a < floor b"
  1757   hence "real a < real (floor b)" by simp
  1758   moreover have "real (floor b) \<le> b" by simp ultimately show  "real a < b" by arith 
  1759 qed
  1760 
  1761 lemma split_int_less_real': 
  1762   "(real (a::int) + b < 0) = (real a - real (floor(-b)) < 0 \<or> (real a - real (floor (-b)) = 0 \<and> real (floor (-b)) + b < 0))"
  1763 proof- 
  1764   have "(real a + b <0) = (real a < -b)" by arith
  1765   with split_int_less_real[where a="a" and b="-b"] show ?thesis by arith  
  1766 qed
  1767 
  1768 lemma split_int_gt_real': 
  1769   "(real (a::int) + b > 0) = (real a + real (floor b) > 0 \<or> (real a + real (floor b) = 0 \<and> real (floor b) - b < 0))"
  1770 proof- 
  1771   have th: "(real a + b >0) = (real (-a) + (-b)< 0)" by arith
  1772   show ?thesis using myless[rule_format, where b="real (floor b)"] 
  1773     by (simp only:th split_int_less_real'[where a="-a" and b="-b"]) 
  1774     (simp add: ring_eq_simps diff_def[symmetric],arith)
  1775 qed
  1776 
  1777 lemma split_int_le_real: 
  1778   "(real (a::int) \<le> b) = (a \<le> floor b \<or> (a = floor b \<and> real (floor b) < b))"
  1779 proof( auto)
  1780   assume alb: "real a \<le> b" and agb: "\<not> a \<le> floor b"
  1781   from alb have "floor (real a) \<le> floor b " by (simp only: floor_mono2) 
  1782   hence "a \<le> floor b" by simp with agb show "False" by simp
  1783 next
  1784   assume alb: "a \<le> floor b"
  1785   hence "real a \<le> real (floor b)" by (simp only: floor_mono2)
  1786   also have "\<dots>\<le> b" by simp  finally show  "real a \<le> b" . 
  1787 qed
  1788 
  1789 lemma split_int_le_real': 
  1790   "(real (a::int) + b \<le> 0) = (real a - real (floor(-b)) \<le> 0 \<or> (real a - real (floor (-b)) = 0 \<and> real (floor (-b)) + b < 0))"
  1791 proof- 
  1792   have "(real a + b \<le>0) = (real a \<le> -b)" by arith
  1793   with split_int_le_real[where a="a" and b="-b"] show ?thesis by arith  
  1794 qed
  1795 
  1796 lemma split_int_ge_real': 
  1797   "(real (a::int) + b \<ge> 0) = (real a + real (floor b) \<ge> 0 \<or> (real a + real (floor b) = 0 \<and> real (floor b) - b < 0))"
  1798 proof- 
  1799   have th: "(real a + b \<ge>0) = (real (-a) + (-b) \<le> 0)" by arith
  1800   show ?thesis by (simp only: th split_int_le_real'[where a="-a" and b="-b"])
  1801     (simp add: ring_eq_simps diff_def[symmetric],arith)
  1802 qed
  1803 
  1804 lemma split_int_eq_real: "(real (a::int) = b) = ( a = floor b \<and> b = real (floor b))" (is "?l = ?r")
  1805 by auto
  1806 
  1807 lemma split_int_eq_real': "(real (a::int) + b = 0) = ( a - floor (-b) = 0 \<and> real (floor (-b)) + b = 0)" (is "?l = ?r")
  1808 proof-
  1809   have "?l = (real a = -b)" by arith
  1810   with split_int_eq_real[where a="a" and b="-b"] show ?thesis by simp arith
  1811 qed
  1812 
  1813 lemma zlfm_I:
  1814   assumes qfp: "qfree p"
  1815   shows "(Ifm (real i #bs) (zlfm p) = Ifm (real i# bs) p) \<and> iszlfm (zlfm p) (real (i::int) #bs)"
  1816   (is "(?I (?l p) = ?I p) \<and> ?L (?l p)")
  1817 using qfp
  1818 proof(induct p rule: zlfm.induct)
  1819   case (5 a) 
  1820   let ?c = "fst (zsplit0 a)"
  1821   let ?r = "snd (zsplit0 a)"
  1822   have spl: "zsplit0 a = (?c,?r)" by simp
  1823   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1824   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1825   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1826   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1827   moreover
  1828   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1829       by (cases "?r", simp_all add: Let_def split_def,case_tac "nat", simp_all)}
  1830   moreover
  1831   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Lt a))" 
  1832       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1833     have "?I (Lt a) = (real (?c * i) + (?N ?r) < 0)" using Ia by (simp add: Let_def split_def)
  1834     also have "\<dots> = (?I (?l (Lt a)))" apply (simp only: split_int_less_real'[where a="?c*i" and b="?N ?r"]) by (simp add: Ia cp cnz Let_def split_def diff_def)
  1835     finally have ?case using l by simp}
  1836   moreover
  1837   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Lt a))" 
  1838       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1839     have "?I (Lt a) = (real (?c * i) + (?N ?r) < 0)" using Ia by (simp add: Let_def split_def)
  1840     also from cn cnz have "\<dots> = (?I (?l (Lt a)))" by (simp only: split_int_less_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_def[symmetric] add_ac, arith)
  1841     finally have ?case using l by simp}
  1842   ultimately show ?case by blast
  1843 next
  1844   case (6 a)
  1845   let ?c = "fst (zsplit0 a)"
  1846   let ?r = "snd (zsplit0 a)"
  1847   have spl: "zsplit0 a = (?c,?r)" by simp
  1848   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1849   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1850   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1851   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1852   moreover
  1853   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1854       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat",simp_all)}
  1855   moreover
  1856   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Le a))" 
  1857       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1858     have "?I (Le a) = (real (?c * i) + (?N ?r) \<le> 0)" using Ia by (simp add: Let_def split_def)
  1859     also have "\<dots> = (?I (?l (Le a)))" by (simp only: split_int_le_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_def)
  1860     finally have ?case using l by simp}
  1861   moreover
  1862   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Le a))" 
  1863       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1864     have "?I (Le a) = (real (?c * i) + (?N ?r) \<le> 0)" using Ia by (simp add: Let_def split_def)
  1865     also from cn cnz have "\<dots> = (?I (?l (Le a)))" by (simp only: split_int_le_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_def[symmetric] add_ac ,arith)
  1866     finally have ?case using l by simp}
  1867   ultimately show ?case by blast
  1868 next
  1869   case (7 a) 
  1870   let ?c = "fst (zsplit0 a)"
  1871   let ?r = "snd (zsplit0 a)"
  1872   have spl: "zsplit0 a = (?c,?r)" by simp
  1873   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1874   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1875   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1876   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1877   moreover
  1878   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1879       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1880   moreover
  1881   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Gt a))" 
  1882       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1883     have "?I (Gt a) = (real (?c * i) + (?N ?r) > 0)" using Ia by (simp add: Let_def split_def)
  1884     also have "\<dots> = (?I (?l (Gt a)))" by (simp only: split_int_gt_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_def)
  1885     finally have ?case using l by simp}
  1886   moreover
  1887   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Gt a))" 
  1888       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1889     have "?I (Gt a) = (real (?c * i) + (?N ?r) > 0)" using Ia by (simp add: Let_def split_def)
  1890     also from cn cnz have "\<dots> = (?I (?l (Gt a)))" by (simp only: split_int_gt_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_def[symmetric] add_ac, arith)
  1891     finally have ?case using l by simp}
  1892   ultimately show ?case by blast
  1893 next
  1894   case (8 a)
  1895    let ?c = "fst (zsplit0 a)"
  1896   let ?r = "snd (zsplit0 a)"
  1897   have spl: "zsplit0 a = (?c,?r)" by simp
  1898   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1899   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1900   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1901   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1902   moreover
  1903   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1904       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1905   moreover
  1906   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Ge a))" 
  1907       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1908     have "?I (Ge a) = (real (?c * i) + (?N ?r) \<ge> 0)" using Ia by (simp add: Let_def split_def)
  1909     also have "\<dots> = (?I (?l (Ge a)))" by (simp only: split_int_ge_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_def)
  1910     finally have ?case using l by simp}
  1911   moreover
  1912   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Ge a))" 
  1913       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1914     have "?I (Ge a) = (real (?c * i) + (?N ?r) \<ge> 0)" using Ia by (simp add: Let_def split_def)
  1915     also from cn cnz have "\<dots> = (?I (?l (Ge a)))" by (simp only: split_int_ge_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_def[symmetric] add_ac, arith)
  1916     finally have ?case using l by simp}
  1917   ultimately show ?case by blast
  1918 next
  1919   case (9 a)
  1920   let ?c = "fst (zsplit0 a)"
  1921   let ?r = "snd (zsplit0 a)"
  1922   have spl: "zsplit0 a = (?c,?r)" by simp
  1923   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1924   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1925   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1926   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1927   moreover
  1928   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1929       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1930   moreover
  1931   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Eq a))" 
  1932       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1933     have "?I (Eq a) = (real (?c * i) + (?N ?r) = 0)" using Ia by (simp add: Let_def split_def)
  1934     also have "\<dots> = (?I (?l (Eq a)))" using cp cnz  by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult)
  1935     finally have ?case using l by simp}
  1936   moreover
  1937   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Eq a))" 
  1938       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1939     have "?I (Eq a) = (real (?c * i) + (?N ?r) = 0)" using Ia by (simp add: Let_def split_def)
  1940     also from cn cnz have "\<dots> = (?I (?l (Eq a)))" by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult,arith)
  1941     finally have ?case using l by simp}
  1942   ultimately show ?case by blast
  1943 next
  1944   case (10 a)
  1945   let ?c = "fst (zsplit0 a)"
  1946   let ?r = "snd (zsplit0 a)"
  1947   have spl: "zsplit0 a = (?c,?r)" by simp
  1948   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1949   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1950   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1951   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1952   moreover
  1953   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1954       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1955   moreover
  1956   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (NEq a))" 
  1957       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1958     have "?I (NEq a) = (real (?c * i) + (?N ?r) \<noteq> 0)" using Ia by (simp add: Let_def split_def)
  1959     also have "\<dots> = (?I (?l (NEq a)))" using cp cnz  by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult)
  1960     finally have ?case using l by simp}
  1961   moreover
  1962   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (NEq a))" 
  1963       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1964     have "?I (NEq a) = (real (?c * i) + (?N ?r) \<noteq> 0)" using Ia by (simp add: Let_def split_def)
  1965     also from cn cnz have "\<dots> = (?I (?l (NEq a)))" by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult,arith)
  1966     finally have ?case using l by simp}
  1967   ultimately show ?case by blast
  1968 next
  1969   case (11 j a)
  1970   let ?c = "fst (zsplit0 a)"
  1971   let ?r = "snd (zsplit0 a)"
  1972   have spl: "zsplit0 a = (?c,?r)" by simp
  1973   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1974   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1975   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1976   have "j=0 \<or> (j\<noteq>0 \<and> ?c = 0) \<or> (j\<noteq>0 \<and> ?c >0 \<and> ?c\<noteq>0) \<or> (j\<noteq> 0 \<and> ?c<0 \<and> ?c\<noteq>0)" by arith
  1977   moreover
  1978   {assume "j=0" hence z: "zlfm (Dvd j a) = (zlfm (Eq a))" by (simp add: Let_def) 
  1979     hence ?case using prems by (simp del: zlfm.simps add: rdvd_left_0_eq)}
  1980   moreover
  1981   {assume "?c=0" and "j\<noteq>0" hence ?case 
  1982       using zsplit0_I[OF spl, where x="i" and bs="bs"] rdvd_abs1[where d="j"]
  1983       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1984   moreover
  1985   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (Dvd j a))" 
  1986       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1987     have "?I (Dvd j a) = (real j rdvd (real (?c * i) + (?N ?r)))" 
  1988       using Ia by (simp add: Let_def split_def)
  1989     also have "\<dots> = (real (abs j) rdvd real (?c*i) + (?N ?r))" 
  1990       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  1991     also have "\<dots> = ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  1992        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r))))" 
  1993       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  1994     also have "\<dots> = (?I (?l (Dvd j a)))" using cp cnz jnz  
  1995       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  1996 	del: real_of_int_mult) (auto simp add: add_ac)
  1997     finally have ?case using l jnz  by simp }
  1998   moreover
  1999   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (Dvd j a))" 
  2000       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  2001     have "?I (Dvd j a) = (real j rdvd (real (?c * i) + (?N ?r)))" 
  2002       using Ia by (simp add: Let_def split_def)
  2003     also have "\<dots> = (real (abs j) rdvd real (?c*i) + (?N ?r))" 
  2004       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  2005     also have "\<dots> = ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  2006        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r))))" 
  2007       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  2008     also have "\<dots> = (?I (?l (Dvd j a)))" using cn cnz jnz
  2009       using rdvd_minus [where d="abs j" and t="real (?c*i + floor (?N ?r))", simplified, symmetric]
  2010       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  2011 	del: real_of_int_mult) (auto simp add: add_ac)
  2012     finally have ?case using l jnz by blast }
  2013   ultimately show ?case by blast
  2014 next
  2015   case (12 j a)
  2016   let ?c = "fst (zsplit0 a)"
  2017   let ?r = "snd (zsplit0 a)"
  2018   have spl: "zsplit0 a = (?c,?r)" by simp
  2019   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  2020   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  2021   let ?N = "\<lambda> t. Inum (real i#bs) t"
  2022   have "j=0 \<or> (j\<noteq>0 \<and> ?c = 0) \<or> (j\<noteq>0 \<and> ?c >0 \<and> ?c\<noteq>0) \<or> (j\<noteq> 0 \<and> ?c<0 \<and> ?c\<noteq>0)" by arith
  2023   moreover
  2024   {assume "j=0" hence z: "zlfm (NDvd j a) = (zlfm (NEq a))" by (simp add: Let_def) 
  2025     hence ?case using prems by (simp del: zlfm.simps add: rdvd_left_0_eq)}
  2026   moreover
  2027   {assume "?c=0" and "j\<noteq>0" hence ?case 
  2028       using zsplit0_I[OF spl, where x="i" and bs="bs"] rdvd_abs1[where d="j"]
  2029       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  2030   moreover
  2031   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (NDvd j a))" 
  2032       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  2033     have "?I (NDvd j a) = (\<not> (real j rdvd (real (?c * i) + (?N ?r))))" 
  2034       using Ia by (simp add: Let_def split_def)
  2035     also have "\<dots> = (\<not> (real (abs j) rdvd real (?c*i) + (?N ?r)))" 
  2036       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  2037     also have "\<dots> = (\<not> ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  2038        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r)))))" 
  2039       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  2040     also have "\<dots> = (?I (?l (NDvd j a)))" using cp cnz jnz  
  2041       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  2042 	del: real_of_int_mult) (auto simp add: add_ac)
  2043     finally have ?case using l jnz  by simp }
  2044   moreover
  2045   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (NDvd j a))" 
  2046       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  2047     have "?I (NDvd j a) = (\<not> (real j rdvd (real (?c * i) + (?N ?r))))" 
  2048       using Ia by (simp add: Let_def split_def)
  2049     also have "\<dots> = (\<not> (real (abs j) rdvd real (?c*i) + (?N ?r)))" 
  2050       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  2051     also have "\<dots> = (\<not> ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  2052        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r)))))" 
  2053       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  2054     also have "\<dots> = (?I (?l (NDvd j a)))" using cn cnz jnz
  2055       using rdvd_minus [where d="abs j" and t="real (?c*i + floor (?N ?r))", simplified, symmetric]
  2056       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  2057 	del: real_of_int_mult) (auto simp add: add_ac)
  2058     finally have ?case using l jnz by blast }
  2059   ultimately show ?case by blast
  2060 qed auto
  2061 
  2062 text{* plusinf : Virtual substitution of @{text "+\<infinity>"}
  2063        minusinf: Virtual substitution of @{text "-\<infinity>"}
  2064        @{text "\<delta>"} Compute lcm @{text "d| Dvd d  c*x+t \<in> p"}
  2065        @{text "d\<delta>"} checks if a given l divides all the ds above*}
  2066 
  2067 consts 
  2068   plusinf:: "fm \<Rightarrow> fm" 
  2069   minusinf:: "fm \<Rightarrow> fm"
  2070   \<delta> :: "fm \<Rightarrow> int" 
  2071   d\<delta> :: "fm \<Rightarrow> int \<Rightarrow> bool"
  2072 
  2073 recdef minusinf "measure size"
  2074   "minusinf (And p q) = conj (minusinf p) (minusinf q)" 
  2075   "minusinf (Or p q) = disj (minusinf p) (minusinf q)" 
  2076   "minusinf (Eq  (CN 0 c e)) = F"
  2077   "minusinf (NEq (CN 0 c e)) = T"
  2078   "minusinf (Lt  (CN 0 c e)) = T"
  2079   "minusinf (Le  (CN 0 c e)) = T"
  2080   "minusinf (Gt  (CN 0 c e)) = F"
  2081   "minusinf (Ge  (CN 0 c e)) = F"
  2082   "minusinf p = p"
  2083 
  2084 lemma minusinf_qfree: "qfree p \<Longrightarrow> qfree (minusinf p)"
  2085   by (induct p rule: minusinf.induct, auto)
  2086 
  2087 recdef plusinf "measure size"
  2088   "plusinf (And p q) = conj (plusinf p) (plusinf q)" 
  2089   "plusinf (Or p q) = disj (plusinf p) (plusinf q)" 
  2090   "plusinf (Eq  (CN 0 c e)) = F"
  2091   "plusinf (NEq (CN 0 c e)) = T"
  2092   "plusinf (Lt  (CN 0 c e)) = F"
  2093   "plusinf (Le  (CN 0 c e)) = F"
  2094   "plusinf (Gt  (CN 0 c e)) = T"
  2095   "plusinf (Ge  (CN 0 c e)) = T"
  2096   "plusinf p = p"
  2097 
  2098 recdef \<delta> "measure size"
  2099   "\<delta> (And p q) = ilcm (\<delta> p) (\<delta> q)" 
  2100   "\<delta> (Or p q) = ilcm (\<delta> p) (\<delta> q)" 
  2101   "\<delta> (Dvd i (CN 0 c e)) = i"
  2102   "\<delta> (NDvd i (CN 0 c e)) = i"
  2103   "\<delta> p = 1"
  2104 
  2105 recdef d\<delta> "measure size"
  2106   "d\<delta> (And p q) = (\<lambda> d. d\<delta> p d \<and> d\<delta> q d)" 
  2107   "d\<delta> (Or p q) = (\<lambda> d. d\<delta> p d \<and> d\<delta> q d)" 
  2108   "d\<delta> (Dvd i (CN 0 c e)) = (\<lambda> d. i dvd d)"
  2109   "d\<delta> (NDvd i (CN 0 c e)) = (\<lambda> d. i dvd d)"
  2110   "d\<delta> p = (\<lambda> d. True)"
  2111 
  2112 lemma delta_mono: 
  2113   assumes lin: "iszlfm p bs"
  2114   and d: "d dvd d'"
  2115   and ad: "d\<delta> p d"
  2116   shows "d\<delta> p d'"
  2117   using lin ad d
  2118 proof(induct p rule: iszlfm.induct)
  2119   case (9 i c e)  thus ?case using d
  2120     by (simp add: zdvd_trans[where m="i" and n="d" and k="d'"])
  2121 next
  2122   case (10 i c e) thus ?case using d
  2123     by (simp add: zdvd_trans[where m="i" and n="d" and k="d'"])
  2124 qed simp_all
  2125 
  2126 lemma \<delta> : assumes lin:"iszlfm p bs"
  2127   shows "d\<delta> p (\<delta> p) \<and> \<delta> p >0"
  2128 using lin
  2129 proof (induct p rule: iszlfm.induct)
  2130   case (1 p q) 
  2131   let ?d = "\<delta> (And p q)"
  2132   from prems ilcm_pos have dp: "?d >0" by simp
  2133   have d1: "\<delta> p dvd \<delta> (And p q)" using prems ilcm_dvd1 by simp 
  2134    hence th: "d\<delta> p ?d" using delta_mono prems by auto
  2135   have "\<delta> q dvd \<delta> (And p q)" using prems ilcm_dvd2 by simp 
  2136   hence th': "d\<delta> q ?d" using delta_mono prems by auto
  2137   from th th' dp show ?case by simp 
  2138 next
  2139   case (2 p q)  
  2140   let ?d = "\<delta> (And p q)"
  2141   from prems ilcm_pos have dp: "?d >0" by simp
  2142   have "\<delta> p dvd \<delta> (And p q)" using prems ilcm_dvd1 by simp hence th: "d\<delta> p ?d" using delta_mono prems by auto
  2143   have "\<delta> q dvd \<delta> (And p q)" using prems ilcm_dvd2 by simp hence th': "d\<delta> q ?d" using delta_mono prems by auto
  2144   from th th' dp show ?case by simp 
  2145 qed simp_all
  2146 
  2147 
  2148 lemma minusinf_inf:
  2149   assumes linp: "iszlfm p (a # bs)"
  2150   shows "\<exists> (z::int). \<forall> x < z. Ifm ((real x)#bs) (minusinf p) = Ifm ((real x)#bs) p"
  2151   (is "?P p" is "\<exists> (z::int). \<forall> x < z. ?I x (?M p) = ?I x p")
  2152 using linp
  2153 proof (induct p rule: minusinf.induct)
  2154   case (1 f g)
  2155   from prems have "?P f" by simp
  2156   then obtain z1 where z1_def: "\<forall> x < z1. ?I x (?M f) = ?I x f" by blast
  2157   from prems have "?P g" by simp
  2158   then obtain z2 where z2_def: "\<forall> x < z2. ?I x (?M g) = ?I x g" by blast
  2159   let ?z = "min z1 z2"
  2160   from z1_def z2_def have "\<forall> x < ?z. ?I x (?M (And f g)) = ?I x (And f g)" by simp
  2161   thus ?case by blast
  2162 next
  2163   case (2 f g)   from prems have "?P f" by simp
  2164   then obtain z1 where z1_def: "\<forall> x < z1. ?I x (?M f) = ?I x f" by blast
  2165   from prems have "?P g" by simp
  2166   then obtain z2 where z2_def: "\<forall> x < z2. ?I x (?M g) = ?I x g" by blast
  2167   let ?z = "min z1 z2"
  2168   from z1_def z2_def have "\<forall> x < ?z. ?I x (?M (Or f g)) = ?I x (Or f g)" by simp
  2169   thus ?case by blast
  2170 next
  2171   case (3 c e) 
  2172   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2173   from prems have nbe: "numbound0 e" by simp
  2174   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Eq (CN 0 c e))) = ?I x (Eq (CN 0 c e))"
  2175   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2176     fix x
  2177     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2178     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2179     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2180       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2181     hence "real c * real x + Inum (y # bs) e \<noteq> 0"using rcpos  by simp
  2182     thus "real c * real x + Inum (real x # bs) e \<noteq> 0" 
  2183       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"]  by simp
  2184   qed
  2185   thus ?case by blast
  2186 next
  2187   case (4 c e) 
  2188   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2189   from prems have nbe: "numbound0 e" by simp
  2190   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (NEq (CN 0 c e))) = ?I x (NEq (CN 0 c e))"
  2191   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2192     fix x
  2193     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2194     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2195     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2196       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2197     hence "real c * real x + Inum (y # bs) e \<noteq> 0"using rcpos  by simp
  2198     thus "real c * real x + Inum (real x # bs) e \<noteq> 0" 
  2199       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"]  by simp
  2200   qed
  2201   thus ?case by blast
  2202 next
  2203   case (5 c e) 
  2204   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2205   from prems have nbe: "numbound0 e" by simp
  2206   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Lt (CN 0 c e))) = ?I x (Lt (CN 0 c e))"
  2207   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2208     fix x
  2209     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2210     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2211     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2212       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2213     thus "real c * real x + Inum (real x # bs) e < 0" 
  2214       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2215   qed
  2216   thus ?case by blast
  2217 next
  2218   case (6 c e) 
  2219   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2220   from prems have nbe: "numbound0 e" by simp
  2221   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Le (CN 0 c e))) = ?I x (Le (CN 0 c e))"
  2222   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2223     fix x
  2224     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2225     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2226     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2227       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2228     thus "real c * real x + Inum (real x # bs) e \<le> 0" 
  2229       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2230   qed
  2231   thus ?case by blast
  2232 next
  2233   case (7 c e) 
  2234   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2235   from prems have nbe: "numbound0 e" by simp
  2236   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Gt (CN 0 c e))) = ?I x (Gt (CN 0 c e))"
  2237   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2238     fix x
  2239     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2240     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2241     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2242       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2243     thus "\<not> (real c * real x + Inum (real x # bs) e>0)" 
  2244       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2245   qed
  2246   thus ?case by blast
  2247 next
  2248   case (8 c e) 
  2249   from prems have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2250   from prems have nbe: "numbound0 e" by simp
  2251   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Ge (CN 0 c e))) = ?I x (Ge (CN 0 c e))"
  2252   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2253     fix x
  2254     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2255     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2256     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2257       by (simp only:  real_mult_less_mono2[OF rcpos th1])
  2258     thus "\<not> real c * real x + Inum (real x # bs) e \<ge> 0" 
  2259       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2260   qed
  2261   thus ?case by blast
  2262 qed simp_all
  2263 
  2264 lemma minusinf_repeats:
  2265   assumes d: "d\<delta> p d" and linp: "iszlfm p (a # bs)"
  2266   shows "Ifm ((real(x - k*d))#bs) (minusinf p) = Ifm (real x #bs) (minusinf p)"
  2267 using linp d
  2268 proof(induct p rule: iszlfm.induct) 
  2269   case (9 i c e) hence nbe: "numbound0 e"  and id: "i dvd d" by simp+
  2270     hence "\<exists> k. d=i*k" by (simp add: dvd_def)
  2271     then obtain "di" where di_def: "d=i*di" by blast
  2272     show ?case 
  2273     proof(simp add: numbound0_I[OF nbe,where bs="bs" and b="real x - real k * real d" and b'="real x"] right_diff_distrib, rule iffI)
  2274       assume 
  2275 	"real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e"
  2276       (is "?ri rdvd ?rc*?rx - ?rc*(?rk*?rd) + ?I x e" is "?ri rdvd ?rt")
  2277       hence "\<exists> (l::int). ?rt = ?ri * (real l)" by (simp add: rdvd_def)
  2278       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real l)+?rc*(?rk * (real i) * (real di))" 
  2279 	by (simp add: ring_eq_simps di_def)
  2280       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real (l + c*k*di))"
  2281 	by (simp add: ring_eq_simps)
  2282       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri* (real l)" by blast
  2283       thus "real i rdvd real c * real x + Inum (real x # bs) e" using rdvd_def by simp
  2284     next
  2285       assume 
  2286 	"real i rdvd real c * real x + Inum (real x # bs) e" (is "?ri rdvd ?rc*?rx+?e")
  2287       hence "\<exists> (l::int). ?rc*?rx+?e = ?ri * (real l)" by (simp add: rdvd_def)
  2288       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real d)" by simp
  2289       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real i * real di)" by (simp add: di_def)
  2290       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real (l - c*k*di))" by (simp add: ring_eq_simps)
  2291       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l)"
  2292 	by blast
  2293       thus "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e" using rdvd_def by simp
  2294     qed
  2295 next
  2296   case (10 i c e) hence nbe: "numbound0 e"  and id: "i dvd d" by simp+
  2297     hence "\<exists> k. d=i*k" by (simp add: dvd_def)
  2298     then obtain "di" where di_def: "d=i*di" by blast
  2299     show ?case 
  2300     proof(simp add: numbound0_I[OF nbe,where bs="bs" and b="real x - real k * real d" and b'="real x"] right_diff_distrib, rule iffI)
  2301       assume 
  2302 	"real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e"
  2303       (is "?ri rdvd ?rc*?rx - ?rc*(?rk*?rd) + ?I x e" is "?ri rdvd ?rt")
  2304       hence "\<exists> (l::int). ?rt = ?ri * (real l)" by (simp add: rdvd_def)
  2305       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real l)+?rc*(?rk * (real i) * (real di))" 
  2306 	by (simp add: ring_eq_simps di_def)
  2307       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real (l + c*k*di))"
  2308 	by (simp add: ring_eq_simps)
  2309       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri* (real l)" by blast
  2310       thus "real i rdvd real c * real x + Inum (real x # bs) e" using rdvd_def by simp
  2311     next
  2312       assume 
  2313 	"real i rdvd real c * real x + Inum (real x # bs) e" (is "?ri rdvd ?rc*?rx+?e")
  2314       hence "\<exists> (l::int). ?rc*?rx+?e = ?ri * (real l)" by (simp add: rdvd_def)
  2315       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real d)" by simp
  2316       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real i * real di)" by (simp add: di_def)
  2317       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real (l - c*k*di))" by (simp add: ring_eq_simps)
  2318       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l)"
  2319 	by blast
  2320       thus "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e" using rdvd_def by simp
  2321     qed
  2322 qed (auto simp add: nth_pos2 numbound0_I[where bs="bs" and b="real(x - k*d)" and b'="real x"] simp del: real_of_int_mult real_of_int_diff)
  2323 
  2324 lemma minusinf_ex:
  2325   assumes lin: "iszlfm p (real (a::int) #bs)"
  2326   and exmi: "\<exists> (x::int). Ifm (real x#bs) (minusinf p)" (is "\<exists> x. ?P1 x")
  2327   shows "\<exists> (x::int). Ifm (real x#bs) p" (is "\<exists> x. ?P x")
  2328 proof-
  2329   let ?d = "\<delta> p"
  2330   from \<delta> [OF lin] have dpos: "?d >0" by simp
  2331   from \<delta> [OF lin] have alld: "d\<delta> p ?d" by simp
  2332   from minusinf_repeats[OF alld lin] have th1:"\<forall> x k. ?P1 x = ?P1 (x - (k * ?d))" by simp
  2333   from minusinf_inf[OF lin] have th2:"\<exists> z. \<forall> x. x<z \<longrightarrow> (?P x = ?P1 x)" by blast
  2334   from minusinfinity [OF dpos th1 th2] exmi show ?thesis by blast
  2335 qed
  2336 
  2337 lemma minusinf_bex:
  2338   assumes lin: "iszlfm p (real (a::int) #bs)"
  2339   shows "(\<exists> (x::int). Ifm (real x#bs) (minusinf p)) = 
  2340          (\<exists> (x::int)\<in> {1..\<delta> p}. Ifm (real x#bs) (minusinf p))"
  2341   (is "(\<exists> x. ?P x) = _")
  2342 proof-
  2343   let ?d = "\<delta> p"
  2344   from \<delta> [OF lin] have dpos: "?d >0" by simp
  2345   from \<delta> [OF lin] have alld: "d\<delta> p ?d" by simp
  2346   from minusinf_repeats[OF alld lin] have th1:"\<forall> x k. ?P x = ?P (x - (k * ?d))" by simp
  2347   from periodic_finite_ex[OF dpos th1] show ?thesis by blast
  2348 qed
  2349 
  2350 lemma dvd1_eq1: "x >0 \<Longrightarrow> (x::int) dvd 1 = (x = 1)" by auto
  2351 
  2352 consts 
  2353   a\<beta> :: "fm \<Rightarrow> int \<Rightarrow> fm" (* adjusts the coeffitients of a formula *)
  2354   d\<beta> :: "fm \<Rightarrow> int \<Rightarrow> bool" (* tests if all coeffs c of c divide a given l*)
  2355   \<zeta>  :: "fm \<Rightarrow> int" (* computes the lcm of all coefficients of x*)
  2356   \<beta> :: "fm \<Rightarrow> num list"
  2357   \<alpha> :: "fm \<Rightarrow> num list"
  2358 
  2359 recdef a\<beta> "measure size"
  2360   "a\<beta> (And p q) = (\<lambda> k. And (a\<beta> p k) (a\<beta> q k))" 
  2361   "a\<beta> (Or p q) = (\<lambda> k. Or (a\<beta> p k) (a\<beta> q k))" 
  2362   "a\<beta> (Eq  (CN 0 c e)) = (\<lambda> k. Eq (CN 0 1 (Mul (k div c) e)))"
  2363   "a\<beta> (NEq (CN 0 c e)) = (\<lambda> k. NEq (CN 0 1 (Mul (k div c) e)))"
  2364   "a\<beta> (Lt  (CN 0 c e)) = (\<lambda> k. Lt (CN 0 1 (Mul (k div c) e)))"
  2365   "a\<beta> (Le  (CN 0 c e)) = (\<lambda> k. Le (CN 0 1 (Mul (k div c) e)))"
  2366   "a\<beta> (Gt  (CN 0 c e)) = (\<lambda> k. Gt (CN 0 1 (Mul (k div c) e)))"
  2367   "a\<beta> (Ge  (CN 0 c e)) = (\<lambda> k. Ge (CN 0 1 (Mul (k div c) e)))"
  2368   "a\<beta> (Dvd i (CN 0 c e)) =(\<lambda> k. Dvd ((k div c)*i) (CN 0 1 (Mul (k div c) e)))"
  2369   "a\<beta> (NDvd i (CN 0 c e))=(\<lambda> k. NDvd ((k div c)*i) (CN 0 1 (Mul (k div c) e)))"
  2370   "a\<beta> p = (\<lambda> k. p)"
  2371 
  2372 recdef d\<beta> "measure size"
  2373   "d\<beta> (And p q) = (\<lambda> k. (d\<beta> p k) \<and> (d\<beta> q k))" 
  2374   "d\<beta> (Or p q) = (\<lambda> k. (d\<beta> p k) \<and> (d\<beta> q k))" 
  2375   "d\<beta> (Eq  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2376   "d\<beta> (NEq (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2377   "d\<beta> (Lt  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2378   "d\<beta> (Le  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2379   "d\<beta> (Gt  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2380   "d\<beta> (Ge  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2381   "d\<beta> (Dvd i (CN 0 c e)) =(\<lambda> k. c dvd k)"
  2382   "d\<beta> (NDvd i (CN 0 c e))=(\<lambda> k. c dvd k)"
  2383   "d\<beta> p = (\<lambda> k. True)"
  2384 
  2385 recdef \<zeta> "measure size"
  2386   "\<zeta> (And p q) = ilcm (\<zeta> p) (\<zeta> q)" 
  2387   "\<zeta> (Or p q) = ilcm (\<zeta> p) (\<zeta> q)" 
  2388   "\<zeta> (Eq  (CN 0 c e)) = c"
  2389   "\<zeta> (NEq (CN 0 c e)) = c"
  2390   "\<zeta> (Lt  (CN 0 c e)) = c"
  2391   "\<zeta> (Le  (CN 0 c e)) = c"
  2392   "\<zeta> (Gt  (CN 0 c e)) = c"
  2393   "\<zeta> (Ge  (CN 0 c e)) = c"
  2394   "\<zeta> (Dvd i (CN 0 c e)) = c"
  2395   "\<zeta> (NDvd i (CN 0 c e))= c"
  2396   "\<zeta> p = 1"
  2397 
  2398 recdef \<beta> "measure size"
  2399   "\<beta> (And p q) = (\<beta> p @ \<beta> q)" 
  2400   "\<beta> (Or p q) = (\<beta> p @ \<beta> q)" 
  2401   "\<beta> (Eq  (CN 0 c e)) = [Sub (C -1) e]"
  2402   "\<beta> (NEq (CN 0 c e)) = [Neg e]"
  2403   "\<beta> (Lt  (CN 0 c e)) = []"
  2404   "\<beta> (Le  (CN 0 c e)) = []"
  2405   "\<beta> (Gt  (CN 0 c e)) = [Neg e]"
  2406   "\<beta> (Ge  (CN 0 c e)) = [Sub (C -1) e]"
  2407   "\<beta> p = []"
  2408 
  2409 recdef \<alpha> "measure size"
  2410   "\<alpha> (And p q) = (\<alpha> p @ \<alpha> q)" 
  2411   "\<alpha> (Or p q) = (\<alpha> p @ \<alpha> q)" 
  2412   "\<alpha> (Eq  (CN 0 c e)) = [Add (C -1) e]"
  2413   "\<alpha> (NEq (CN 0 c e)) = [e]"
  2414   "\<alpha> (Lt  (CN 0 c e)) = [e]"
  2415   "\<alpha> (Le  (CN 0 c e)) = [Add (C -1) e]"
  2416   "\<alpha> (Gt  (CN 0 c e)) = []"
  2417   "\<alpha> (Ge  (CN 0 c e)) = []"
  2418   "\<alpha> p = []"
  2419 consts mirror :: "fm \<Rightarrow> fm"
  2420 recdef mirror "measure size"
  2421   "mirror (And p q) = And (mirror p) (mirror q)" 
  2422   "mirror (Or p q) = Or (mirror p) (mirror q)" 
  2423   "mirror (Eq  (CN 0 c e)) = Eq (CN 0 c (Neg e))"
  2424   "mirror (NEq (CN 0 c e)) = NEq (CN 0 c (Neg e))"
  2425   "mirror (Lt  (CN 0 c e)) = Gt (CN 0 c (Neg e))"
  2426   "mirror (Le  (CN 0 c e)) = Ge (CN 0 c (Neg e))"
  2427   "mirror (Gt  (CN 0 c e)) = Lt (CN 0 c (Neg e))"
  2428   "mirror (Ge  (CN 0 c e)) = Le (CN 0 c (Neg e))"
  2429   "mirror (Dvd i (CN 0 c e)) = Dvd i (CN 0 c (Neg e))"
  2430   "mirror (NDvd i (CN 0 c e)) = NDvd i (CN 0 c (Neg e))"
  2431   "mirror p = p"
  2432 
  2433 lemma mirror\<alpha>\<beta>:
  2434   assumes lp: "iszlfm p (a#bs)"
  2435   shows "(Inum (real (i::int)#bs)) ` set (\<alpha> p) = (Inum (real i#bs)) ` set (\<beta> (mirror p))"
  2436 using lp
  2437 by (induct p rule: mirror.induct, auto)
  2438 
  2439 lemma mirror: 
  2440   assumes lp: "iszlfm p (a#bs)"
  2441   shows "Ifm (real (x::int)#bs) (mirror p) = Ifm (real (- x)#bs) p" 
  2442 using lp
  2443 proof(induct p rule: iszlfm.induct)
  2444   case (9 j c e)
  2445   have th: "(real j rdvd real c * real x - Inum (real x # bs) e) =
  2446        (real j rdvd - (real c * real x - Inum (real x # bs) e))"
  2447     by (simp only: rdvd_minus[symmetric])
  2448   from prems show  ?case
  2449     by (simp add: ring_eq_simps th[simplified ring_eq_simps diff_def]
  2450       numbound0_I[where bs="bs" and b'="real x" and b="- real x"])
  2451 next
  2452     case (10 j c e)
  2453   have th: "(real j rdvd real c * real x - Inum (real x # bs) e) =
  2454        (real j rdvd - (real c * real x - Inum (real x # bs) e))"
  2455     by (simp only: rdvd_minus[symmetric])
  2456   from prems show  ?case
  2457     by (simp add: ring_eq_simps th[simplified ring_eq_simps diff_def]
  2458       numbound0_I[where bs="bs" and b'="real x" and b="- real x"])
  2459 qed (auto simp add: numbound0_I[where bs="bs" and b="real x" and b'="- real x"] nth_pos2)
  2460 
  2461 lemma mirror_l: "iszlfm p (a#bs) \<Longrightarrow> iszlfm (mirror p) (a#bs)"
  2462 by (induct p rule: mirror.induct, auto simp add: isint_neg)
  2463 
  2464 lemma mirror_d\<beta>: "iszlfm p (a#bs) \<and> d\<beta> p 1 
  2465   \<Longrightarrow> iszlfm (mirror p) (a#bs) \<and> d\<beta> (mirror p) 1"
  2466 by (induct p rule: mirror.induct, auto simp add: isint_neg)
  2467 
  2468 lemma mirror_\<delta>: "iszlfm p (a#bs) \<Longrightarrow> \<delta> (mirror p) = \<delta> p"
  2469 by (induct p rule: mirror.induct,auto)
  2470 
  2471 
  2472 lemma mirror_ex: 
  2473   assumes lp: "iszlfm p (real (i::int)#bs)"
  2474   shows "(\<exists> (x::int). Ifm (real x#bs) (mirror p)) = (\<exists> (x::int). Ifm (real x#bs) p)"
  2475   (is "(\<exists> x. ?I x ?mp) = (\<exists> x. ?I x p)")
  2476 proof(auto)
  2477   fix x assume "?I x ?mp" hence "?I (- x) p" using mirror[OF lp] by blast
  2478   thus "\<exists> x. ?I x p" by blast
  2479 next
  2480   fix x assume "?I x p" hence "?I (- x) ?mp" 
  2481     using mirror[OF lp, where x="- x", symmetric] by auto
  2482   thus "\<exists> x. ?I x ?mp" by blast
  2483 qed
  2484 
  2485 lemma \<beta>_numbound0: assumes lp: "iszlfm p bs"
  2486   shows "\<forall> b\<in> set (\<beta> p). numbound0 b"
  2487   using lp by (induct p rule: \<beta>.induct,auto)
  2488 
  2489 lemma d\<beta>_mono: 
  2490   assumes linp: "iszlfm p (a #bs)"
  2491   and dr: "d\<beta> p l"
  2492   and d: "l dvd l'"
  2493   shows "d\<beta> p l'"
  2494 using dr linp zdvd_trans[where n="l" and k="l'", simplified d]
  2495 by (induct p rule: iszlfm.induct) simp_all
  2496 
  2497 lemma \<alpha>_l: assumes lp: "iszlfm p (a#bs)"
  2498   shows "\<forall> b\<in> set (\<alpha> p). numbound0 b \<and> isint b (a#bs)"
  2499 using lp
  2500 by(induct p rule: \<alpha>.induct, auto simp add: isint_add isint_c)
  2501 
  2502 lemma \<zeta>: 
  2503   assumes linp: "iszlfm p (a #bs)"
  2504   shows "\<zeta> p > 0 \<and> d\<beta> p (\<zeta> p)"
  2505 using linp
  2506 proof(induct p rule: iszlfm.induct)
  2507   case (1 p q)
  2508   from prems have dl1: "\<zeta> p dvd ilcm (\<zeta> p) (\<zeta> q)" 
  2509     by (simp add: ilcm_dvd1[where a="\<zeta> p" and b="\<zeta> q"])
  2510   from prems have dl2: "\<zeta> q dvd ilcm (\<zeta> p) (\<zeta> q)" 
  2511     by (simp add: ilcm_dvd2[where a="\<zeta> p" and b="\<zeta> q"])
  2512   from prems d\<beta>_mono[where p = "p" and l="\<zeta> p" and l'="ilcm (\<zeta> p) (\<zeta> q)"] 
  2513     d\<beta>_mono[where p = "q" and l="\<zeta> q" and l'="ilcm (\<zeta> p) (\<zeta> q)"] 
  2514     dl1 dl2 show ?case by (auto simp add: ilcm_pos)
  2515 next
  2516   case (2 p q)
  2517   from prems have dl1: "\<zeta> p dvd ilcm (\<zeta> p) (\<zeta> q)" 
  2518     by (simp add: ilcm_dvd1[where a="\<zeta> p" and b="\<zeta> q"])
  2519   from prems have dl2: "\<zeta> q dvd ilcm (\<zeta> p) (\<zeta> q)" 
  2520     by (simp add: ilcm_dvd2[where a="\<zeta> p" and b="\<zeta> q"])
  2521   from prems d\<beta>_mono[where p = "p" and l="\<zeta> p" and l'="ilcm (\<zeta> p) (\<zeta> q)"] 
  2522     d\<beta>_mono[where p = "q" and l="\<zeta> q" and l'="ilcm (\<zeta> p) (\<zeta> q)"] 
  2523     dl1 dl2 show ?case by (auto simp add: ilcm_pos)
  2524 qed (auto simp add: ilcm_pos)
  2525 
  2526 lemma a\<beta>: assumes linp: "iszlfm p (a #bs)" and d: "d\<beta> p l" and lp: "l > 0"
  2527   shows "iszlfm (a\<beta> p l) (a #bs) \<and> d\<beta> (a\<beta> p l) 1 \<and> (Ifm (real (l * x) #bs) (a\<beta> p l) = Ifm ((real x)#bs) p)"
  2528 using linp d
  2529 proof (induct p rule: iszlfm.induct)
  2530   case (5 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2531     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2532     from cp have cnz: "c \<noteq> 0" by simp
  2533     have "c div c\<le> l div c"
  2534       by (simp add: zdiv_mono1[OF clel cp])
  2535     then have ldcp:"0 < l div c" 
  2536       by (simp add: zdiv_self[OF cnz])
  2537     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2538     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2539       by simp
  2540     hence "(real l * real x + real (l div c) * Inum (real x # bs) e < (0\<Colon>real)) =
  2541           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e < 0)"
  2542       by simp
  2543     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) < (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2544     also have "\<dots> = (real c * real x + Inum (real x # bs) e < 0)"
  2545     using mult_less_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2546   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] be  isint_Mul[OF ei] by simp
  2547 next
  2548   case (6 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2549     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2550     from cp have cnz: "c \<noteq> 0" by simp
  2551     have "c div c\<le> l div c"
  2552       by (simp add: zdiv_mono1[OF clel cp])
  2553     then have ldcp:"0 < l div c" 
  2554       by (simp add: zdiv_self[OF cnz])
  2555     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2556     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2557       by simp
  2558     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<le> (0\<Colon>real)) =
  2559           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<le> 0)"
  2560       by simp
  2561     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<le> (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2562     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<le> 0)"
  2563     using mult_le_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2564   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2565 next
  2566   case (7 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2567     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2568     from cp have cnz: "c \<noteq> 0" by simp
  2569     have "c div c\<le> l div c"
  2570       by (simp add: zdiv_mono1[OF clel cp])
  2571     then have ldcp:"0 < l div c" 
  2572       by (simp add: zdiv_self[OF cnz])
  2573     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2574     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2575       by simp
  2576     hence "(real l * real x + real (l div c) * Inum (real x # bs) e > (0\<Colon>real)) =
  2577           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e > 0)"
  2578       by simp
  2579     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) > (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2580     also have "\<dots> = (real c * real x + Inum (real x # bs) e > 0)"
  2581     using zero_less_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2582   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2583 next
  2584   case (8 c e) hence cp: "c>0" and be: "numbound0 e"  and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2585     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2586     from cp have cnz: "c \<noteq> 0" by simp
  2587     have "c div c\<le> l div c"
  2588       by (simp add: zdiv_mono1[OF clel cp])
  2589     then have ldcp:"0 < l div c" 
  2590       by (simp add: zdiv_self[OF cnz])
  2591     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2592     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2593       by simp
  2594     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<ge> (0\<Colon>real)) =
  2595           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<ge> 0)"
  2596       by simp
  2597     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<ge> (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2598     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<ge> 0)"
  2599     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2600   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2601 next
  2602   case (3 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2603     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2604     from cp have cnz: "c \<noteq> 0" by simp
  2605     have "c div c\<le> l div c"
  2606       by (simp add: zdiv_mono1[OF clel cp])
  2607     then have ldcp:"0 < l div c" 
  2608       by (simp add: zdiv_self[OF cnz])
  2609     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2610     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2611       by simp
  2612     hence "(real l * real x + real (l div c) * Inum (real x # bs) e = (0\<Colon>real)) =
  2613           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = 0)"
  2614       by simp
  2615     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) = (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2616     also have "\<dots> = (real c * real x + Inum (real x # bs) e = 0)"
  2617     using mult_eq_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2618   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2619 next
  2620   case (4 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2621     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2622     from cp have cnz: "c \<noteq> 0" by simp
  2623     have "c div c\<le> l div c"
  2624       by (simp add: zdiv_mono1[OF clel cp])
  2625     then have ldcp:"0 < l div c" 
  2626       by (simp add: zdiv_self[OF cnz])
  2627     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2628     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2629       by simp
  2630     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<noteq> (0\<Colon>real)) =
  2631           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<noteq> 0)"
  2632       by simp
  2633     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<noteq> (real (l div c)) * 0)" by (simp add: ring_eq_simps)
  2634     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<noteq> 0)"
  2635     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2636   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2637 next
  2638   case (9 j c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and jp: "j > 0" and d': "c dvd l" by simp+
  2639     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2640     from cp have cnz: "c \<noteq> 0" by simp
  2641     have "c div c\<le> l div c"
  2642       by (simp add: zdiv_mono1[OF clel cp])
  2643     then have ldcp:"0 < l div c" 
  2644       by (simp add: zdiv_self[OF cnz])
  2645     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2646     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2647       by simp
  2648     hence "(\<exists> (k::int). real l * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k) = (\<exists> (k::int). real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k)"  by simp
  2649     also have "\<dots> = (\<exists> (k::int). real (l div c) * (real c * real x + Inum (real x # bs) e - real j * real k) = real (l div c)*0)" by (simp add: ring_eq_simps)
  2650     also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e - real j * real k = 0)"
  2651     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e - real j * real k"] ldcp by simp
  2652   also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e = real j * real k)" by simp
  2653   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] rdvd_def  be  isint_Mul[OF ei] mult_strict_mono[OF ldcp jp ldcp ] by simp 
  2654 next
  2655   case (10 j c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and jp: "j > 0" and d': "c dvd l" by simp+
  2656     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2657     from cp have cnz: "c \<noteq> 0" by simp
  2658     have "c div c\<le> l div c"
  2659       by (simp add: zdiv_mono1[OF clel cp])
  2660     then have ldcp:"0 < l div c" 
  2661       by (simp add: zdiv_self[OF cnz])
  2662     have "c * (l div c) = c* (l div c) + l mod c" using d' zdvd_iff_zmod_eq_0[where m="c" and n="l"] by simp
  2663     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2664       by simp
  2665     hence "(\<exists> (k::int). real l * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k) = (\<exists> (k::int). real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k)"  by simp
  2666     also have "\<dots> = (\<exists> (k::int). real (l div c) * (real c * real x + Inum (real x # bs) e - real j * real k) = real (l div c)*0)" by (simp add: ring_eq_simps)
  2667     also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e - real j * real k = 0)"
  2668     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e - real j * real k"] ldcp by simp
  2669   also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e = real j * real k)" by simp
  2670   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] rdvd_def  be  isint_Mul[OF ei]  mult_strict_mono[OF ldcp jp ldcp ] by simp
  2671 qed (simp_all add: nth_pos2 numbound0_I[where bs="bs" and b="real (l * x)" and b'="real x"] isint_Mul del: real_of_int_mult)
  2672 
  2673 lemma a\<beta>_ex: assumes linp: "iszlfm p (a#bs)" and d: "d\<beta> p l" and lp: "l>0"
  2674   shows "(\<exists> x. l dvd x \<and> Ifm (real x #bs) (a\<beta> p l)) = (\<exists> (x::int). Ifm (real x#bs) p)"
  2675   (is "(\<exists> x. l dvd x \<and> ?P x) = (\<exists> x. ?P' x)")
  2676 proof-
  2677   have "(\<exists> x. l dvd x \<and> ?P x) = (\<exists> (x::int). ?P (l*x))"
  2678     using unity_coeff_ex[where l="l" and P="?P", simplified] by simp
  2679   also have "\<dots> = (\<exists> (x::int). ?P' x)" using a\<beta>[OF linp d lp] by simp
  2680   finally show ?thesis  . 
  2681 qed
  2682 
  2683 lemma \<beta>:
  2684   assumes lp: "iszlfm p (a#bs)"
  2685   and u: "d\<beta> p 1"
  2686   and d: "d\<delta> p d"
  2687   and dp: "d > 0"
  2688   and nob: "\<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> (Inum (a#bs)) ` set(\<beta> p). real x = b + real j)"
  2689   and p: "Ifm (real x#bs) p" (is "?P x")
  2690   shows "?P (x - d)"
  2691 using lp u d dp nob p
  2692 proof(induct p rule: iszlfm.induct)
  2693   case (5 c e) hence c1: "c=1" and  bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2694     with dp p c1 numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] prems
  2695     show ?case by (simp del: real_of_int_minus)
  2696 next
  2697   case (6 c e)  hence c1: "c=1" and  bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2698     with dp p c1 numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] prems
  2699     show ?case by (simp del: real_of_int_minus)
  2700 next
  2701   case (7 c e) hence p: "Ifm (real x #bs) (Gt (CN 0 c e))" and c1: "c=1" and bn:"numbound0 e" and ie1:"isint e (a#bs)" using dvd1_eq1[where x="c"] by simp+
  2702     let ?e = "Inum (real x # bs) e"
  2703     from ie1 have ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="a#bs"]
  2704       numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]
  2705       by (simp add: isint_iff)
  2706     {assume "real (x-d) +?e > 0" hence ?case using c1 
  2707       numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"]
  2708 	by (simp del: real_of_int_minus)}
  2709     moreover
  2710     {assume H: "\<not> real (x-d) + ?e > 0" 
  2711       let ?v="Neg e"
  2712       have vb: "?v \<in> set (\<beta> (Gt (CN 0 c e)))" by simp
  2713       from prems(11)[simplified simp_thms Inum.simps \<beta>.simps set.simps bex_simps numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]] 
  2714       have nob: "\<not> (\<exists> j\<in> {1 ..d}. real x =  - ?e + real j)" by auto 
  2715       from H p have "real x + ?e > 0 \<and> real x + ?e \<le> real d" by (simp add: c1)
  2716       hence "real (x + floor ?e) > real (0::int) \<and> real (x + floor ?e) \<le> real d"
  2717 	using ie by simp
  2718       hence "x + floor ?e \<ge> 1 \<and> x + floor ?e \<le> d"  by simp
  2719       hence "\<exists> (j::int) \<in> {1 .. d}. j = x + floor ?e" by simp
  2720       hence "\<exists> (j::int) \<in> {1 .. d}. real x = real (- floor ?e + j)" 
  2721 	by (simp only: real_of_int_inject) (simp add: ring_eq_simps)
  2722       hence "\<exists> (j::int) \<in> {1 .. d}. real x = - ?e + real j" 
  2723 	by (simp add: ie[simplified isint_iff])
  2724       with nob have ?case by auto}
  2725     ultimately show ?case by blast
  2726 next
  2727   case (8 c e) hence p: "Ifm (real x #bs) (Ge (CN 0 c e))" and c1: "c=1" and bn:"numbound0 e" 
  2728     and ie1:"isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2729     let ?e = "Inum (real x # bs) e"
  2730     from ie1 have ie: "real (floor ?e) = ?e" using numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"] isint_iff[where n="e" and bs="(real x)#bs"]
  2731       by (simp add: isint_iff)
  2732     {assume "real (x-d) +?e \<ge> 0" hence ?case using  c1 
  2733       numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"]
  2734 	by (simp del: real_of_int_minus)}
  2735     moreover
  2736     {assume H: "\<not> real (x-d) + ?e \<ge> 0" 
  2737       let ?v="Sub (C -1) e"
  2738       have vb: "?v \<in> set (\<beta> (Ge (CN 0 c e)))" by simp
  2739       from prems(11)[simplified simp_thms Inum.simps \<beta>.simps set.simps bex_simps numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]] 
  2740       have nob: "\<not> (\<exists> j\<in> {1 ..d}. real x =  - ?e - 1 + real j)" by auto 
  2741       from H p have "real x + ?e \<ge> 0 \<and> real x + ?e < real d" by (simp add: c1)
  2742       hence "real (x + floor ?e) \<ge> real (0::int) \<and> real (x + floor ?e) < real d"
  2743 	using ie by simp
  2744       hence "x + floor ?e +1 \<ge> 1 \<and> x + floor ?e + 1 \<le> d"  by simp
  2745       hence "\<exists> (j::int) \<in> {1 .. d}. j = x + floor ?e + 1" by simp
  2746       hence "\<exists> (j::int) \<in> {1 .. d}. x= - floor ?e - 1 + j" by (simp add: ring_eq_simps)
  2747       hence "\<exists> (j::int) \<in> {1 .. d}. real x= real (- floor ?e - 1 + j)" 
  2748 	by (simp only: real_of_int_inject)
  2749       hence "\<exists> (j::int) \<in> {1 .. d}. real x= - ?e - 1 + real j" 
  2750 	by (simp add: ie[simplified isint_iff])
  2751       with nob have ?case by simp }
  2752     ultimately show ?case by blast
  2753 next
  2754   case (3 c e) hence p: "Ifm (real x #bs) (Eq (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2755     and bn:"numbound0 e" and ie1: "isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2756     let ?e = "Inum (real x # bs) e"
  2757     let ?v="(Sub (C -1) e)"
  2758     have vb: "?v \<in> set (\<beta> (Eq (CN 0 c e)))" by simp
  2759     from p have "real x= - ?e" by (simp add: c1) with prems(11) show ?case using dp
  2760       by simp (erule ballE[where x="1"],
  2761 	simp_all add:ring_eq_simps numbound0_I[OF bn,where b="real x"and b'="a"and bs="bs"])
  2762 next
  2763   case (4 c e)hence p: "Ifm (real x #bs) (NEq (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2764     and bn:"numbound0 e" and ie1: "isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2765     let ?e = "Inum (real x # bs) e"
  2766     let ?v="Neg e"
  2767     have vb: "?v \<in> set (\<beta> (NEq (CN 0 c e)))" by simp
  2768     {assume "real x - real d + Inum ((real (x -d)) # bs) e \<noteq> 0" 
  2769       hence ?case by (simp add: c1)}
  2770     moreover
  2771     {assume H: "real x - real d + Inum ((real (x -d)) # bs) e = 0"
  2772       hence "real x = - Inum ((real (x -d)) # bs) e + real d" by simp
  2773       hence "real x = - Inum (a # bs) e + real d"
  2774 	by (simp add: numbound0_I[OF bn,where b="real x - real d"and b'="a"and bs="bs"])
  2775        with prems(11) have ?case using dp by simp}
  2776   ultimately show ?case by blast
  2777 next 
  2778   case (9 j c e) hence p: "Ifm (real x #bs) (Dvd j (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2779     and bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2780     let ?e = "Inum (real x # bs) e"
  2781     from prems have "isint e (a #bs)"  by simp 
  2782     hence ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="(real x)#bs"] numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"]
  2783       by (simp add: isint_iff)
  2784     from prems have id: "j dvd d" by simp
  2785     from c1 ie[symmetric] have "?p x = (real j rdvd real (x+ floor ?e))" by simp
  2786     also have "\<dots> = (j dvd x + floor ?e)" 
  2787       using int_rdvd_real[where i="j" and x="real (x+ floor ?e)"] by simp
  2788     also have "\<dots> = (j dvd x - d + floor ?e)" 
  2789       using dvd_period[OF id, where x="x" and c="-1" and t="floor ?e"] by simp
  2790     also have "\<dots> = (real j rdvd real (x - d + floor ?e))" 
  2791       using int_rdvd_real[where i="j" and x="real (x-d + floor ?e)",symmetric, simplified]
  2792       ie by simp
  2793     also have "\<dots> = (real j rdvd real x - real d + ?e)" 
  2794       using ie by simp
  2795     finally show ?case 
  2796       using numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] c1 p by simp
  2797 next
  2798   case (10 j c e) hence p: "Ifm (real x #bs) (NDvd j (CN 0 c e))" (is "?p x") and c1: "c=1" and bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2799     let ?e = "Inum (real x # bs) e"
  2800     from prems have "isint e (a#bs)"  by simp 
  2801     hence ie: "real (floor ?e) = ?e" using numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"] isint_iff[where n="e" and bs="(real x)#bs"]
  2802       by (simp add: isint_iff)
  2803     from prems have id: "j dvd d" by simp
  2804     from c1 ie[symmetric] have "?p x = (\<not> real j rdvd real (x+ floor ?e))" by simp
  2805     also have "\<dots> = (\<not> j dvd x + floor ?e)" 
  2806       using int_rdvd_real[where i="j" and x="real (x+ floor ?e)"] by simp
  2807     also have "\<dots> = (\<not> j dvd x - d + floor ?e)" 
  2808       using dvd_period[OF id, where x="x" and c="-1" and t="floor ?e"] by simp
  2809     also have "\<dots> = (\<not> real j rdvd real (x - d + floor ?e))" 
  2810       using int_rdvd_real[where i="j" and x="real (x-d + floor ?e)",symmetric, simplified]
  2811       ie by simp
  2812     also have "\<dots> = (\<not> real j rdvd real x - real d + ?e)" 
  2813       using ie by simp
  2814     finally show ?case using numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] c1 p by simp
  2815 qed (auto simp add: numbound0_I[where bs="bs" and b="real (x - d)" and b'="real x"] nth_pos2 simp del: real_of_int_diff)
  2816 
  2817 lemma \<beta>':   
  2818   assumes lp: "iszlfm p (a #bs)"
  2819   and u: "d\<beta> p 1"
  2820   and d: "d\<delta> p d"
  2821   and dp: "d > 0"
  2822   shows "\<forall> x. \<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> set(\<beta> p). Ifm ((Inum (a#bs) b + real j) #bs) p) \<longrightarrow> Ifm (real x#bs) p \<longrightarrow> Ifm (real (x - d)#bs) p" (is "\<forall> x. ?b \<longrightarrow> ?P x \<longrightarrow> ?P (x - d)")
  2823 proof(clarify)
  2824   fix x 
  2825   assume nb:"?b" and px: "?P x" 
  2826   hence nb2: "\<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> (Inum (a#bs)) ` set(\<beta> p). real x = b + real j)"
  2827     by auto
  2828   from  \<beta>[OF lp u d dp nb2 px] show "?P (x -d )" .
  2829 qed
  2830 
  2831 lemma \<beta>_int: assumes lp: "iszlfm p bs"
  2832   shows "\<forall> b\<in> set (\<beta> p). isint b bs"
  2833 using lp by (induct p rule: iszlfm.induct) (auto simp add: isint_neg isint_sub)
  2834 
  2835 lemma cpmi_eq: "0 < D \<Longrightarrow> (EX z::int. ALL x. x < z --> (P x = P1 x))
  2836 ==> ALL x.~(EX (j::int) : {1..D}. EX (b::int) : B. P(b+j)) --> P (x) --> P (x - D) 
  2837 ==> (ALL (x::int). ALL (k::int). ((P1 x)= (P1 (x-k*D))))
  2838 ==> (EX (x::int). P(x)) = ((EX (j::int) : {1..D} . (P1(j))) | (EX (j::int) : {1..D}. EX (b::int) : B. P (b+j)))"
  2839 apply(rule iffI)
  2840 prefer 2
  2841 apply(drule minusinfinity)
  2842 apply assumption+
  2843 apply(fastsimp)
  2844 apply clarsimp
  2845 apply(subgoal_tac "!!k. 0<=k \<Longrightarrow> !x. P x \<longrightarrow> P (x - k*D)")
  2846 apply(frule_tac x = x and z=z in decr_lemma)
  2847 apply(subgoal_tac "P1(x - (\<bar>x - z\<bar> + 1) * D)")
  2848 prefer 2
  2849 apply(subgoal_tac "0 <= (\<bar>x - z\<bar> + 1)")
  2850 prefer 2 apply arith
  2851  apply fastsimp
  2852 apply(drule (1)  periodic_finite_ex)
  2853 apply blast
  2854 apply(blast dest:decr_mult_lemma)
  2855 done
  2856 
  2857 
  2858 theorem cp_thm:
  2859   assumes lp: "iszlfm p (a #bs)"
  2860   and u: "d\<beta> p 1"
  2861   and d: "d\<delta> p d"
  2862   and dp: "d > 0"
  2863   shows "(\<exists> (x::int). Ifm (real x #bs) p) = (\<exists> j\<in> {1.. d}. Ifm (real j #bs) (minusinf p) \<or> (\<exists> b \<in> set (\<beta> p). Ifm ((Inum (a#bs) b + real j) #bs) p))"
  2864   (is "(\<exists> (x::int). ?P (real x)) = (\<exists> j\<in> ?D. ?M j \<or> (\<exists> b\<in> ?B. ?P (?I b + real j)))")
  2865 proof-
  2866   from minusinf_inf[OF lp] 
  2867   have th: "\<exists>(z::int). \<forall>x<z. ?P (real x) = ?M x" by blast
  2868   let ?B' = "{floor (?I b) | b. b\<in> ?B}"
  2869   from \<beta>_int[OF lp] isint_iff[where bs="a # bs"] have B: "\<forall> b\<in> ?B. real (floor (?I b)) = ?I b" by simp
  2870   from B[rule_format] 
  2871   have "(\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (?I b + real j)) = (\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (real (floor (?I b)) + real j))" 
  2872     by simp
  2873   also have "\<dots> = (\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (real (floor (?I b) + j)))" by simp
  2874   also have"\<dots> = (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j)))"  by blast
  2875   finally have BB': 
  2876     "(\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (?I b + real j)) = (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j)))" 
  2877     by blast 
  2878   hence th2: "\<forall> x. \<not> (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j))) \<longrightarrow> ?P (real x) \<longrightarrow> ?P (real (x - d))" using \<beta>'[OF lp u d dp] by blast
  2879   from minusinf_repeats[OF d lp]
  2880   have th3: "\<forall> x k. ?M x = ?M (x-k*d)" by simp
  2881   from cpmi_eq[OF dp th th2 th3] BB' show ?thesis by blast
  2882 qed
  2883 
  2884     (* Reddy and Loveland *)
  2885 
  2886 
  2887 consts 
  2888   \<rho> :: "fm \<Rightarrow> (num \<times> int) list" (* Compute the Reddy and Loveland Bset*)
  2889   \<sigma>\<rho>:: "fm \<Rightarrow> num \<times> int \<Rightarrow> fm" (* Performs the modified substitution of Reddy and Loveland*)
  2890   \<alpha>\<rho> :: "fm \<Rightarrow> (num\<times>int) list"
  2891   a\<rho> :: "fm \<Rightarrow> int \<Rightarrow> fm"
  2892 recdef \<rho> "measure size"
  2893   "\<rho> (And p q) = (\<rho> p @ \<rho> q)" 
  2894   "\<rho> (Or p q) = (\<rho> p @ \<rho> q)" 
  2895   "\<rho> (Eq  (CN 0 c e)) = [(Sub (C -1) e,c)]"
  2896   "\<rho> (NEq (CN 0 c e)) = [(Neg e,c)]"
  2897   "\<rho> (Lt  (CN 0 c e)) = []"
  2898   "\<rho> (Le  (CN 0 c e)) = []"
  2899   "\<rho> (Gt  (CN 0 c e)) = [(Neg e, c)]"
  2900   "\<rho> (Ge  (CN 0 c e)) = [(Sub (C (-1)) e, c)]"
  2901   "\<rho> p = []"
  2902 
  2903 recdef \<sigma>\<rho> "measure size"
  2904   "\<sigma>\<rho> (And p q) = (\<lambda> (t,k). And (\<sigma>\<rho> p (t,k)) (\<sigma>\<rho> q (t,k)))" 
  2905   "\<sigma>\<rho> (Or p q) = (\<lambda> (t,k). Or (\<sigma>\<rho> p (t,k)) (\<sigma>\<rho> q (t,k)))" 
  2906   "\<sigma>\<rho> (Eq  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Eq (Add (Mul (c div k) t) e)) 
  2907                                             else (Eq (Add (Mul c t) (Mul k e))))"
  2908   "\<sigma>\<rho> (NEq (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (NEq (Add (Mul (c div k) t) e)) 
  2909                                             else (NEq (Add (Mul c t) (Mul k e))))"
  2910   "\<sigma>\<rho> (Lt  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Lt (Add (Mul (c div k) t) e)) 
  2911                                             else (Lt (Add (Mul c t) (Mul k e))))"
  2912   "\<sigma>\<rho> (Le  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Le (Add (Mul (c div k) t) e)) 
  2913                                             else (Le (Add (Mul c t) (Mul k e))))"
  2914   "\<sigma>\<rho> (Gt  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Gt (Add (Mul (c div k) t) e)) 
  2915                                             else (Gt (Add (Mul c t) (Mul k e))))"
  2916   "\<sigma>\<rho> (Ge  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Ge (Add (Mul (c div k) t) e)) 
  2917                                             else (Ge (Add (Mul c t) (Mul k e))))"
  2918   "\<sigma>\<rho> (Dvd i (CN 0 c e)) =(\<lambda> (t,k). if k dvd c then (Dvd i (Add (Mul (c div k) t) e)) 
  2919                                             else (Dvd (i*k) (Add (Mul c t) (Mul k e))))"
  2920   "\<sigma>\<rho> (NDvd i (CN 0 c e))=(\<lambda> (t,k). if k dvd c then (NDvd i (Add (Mul (c div k) t) e)) 
  2921                                             else (NDvd (i*k) (Add (Mul c t) (Mul k e))))"
  2922   "\<sigma>\<rho> p = (\<lambda> (t,k). p)"
  2923 
  2924 recdef \<alpha>\<rho> "measure size"
  2925   "\<alpha>\<rho> (And p q) = (\<alpha>\<rho> p @ \<alpha>\<rho> q)" 
  2926   "\<alpha>\<rho> (Or p q) = (\<alpha>\<rho> p @ \<alpha>\<rho> q)" 
  2927   "\<alpha>\<rho> (Eq  (CN 0 c e)) = [(Add (C -1) e,c)]"
  2928   "\<alpha>\<rho> (NEq (CN 0 c e)) = [(e,c)]"
  2929   "\<alpha>\<rho> (Lt  (CN 0 c e)) = [(e,c)]"
  2930   "\<alpha>\<rho> (Le  (CN 0 c e)) = [(Add (C -1) e,c)]"
  2931   "\<alpha>\<rho> p = []"
  2932 
  2933     (* Simulates normal substituion by modifying the formula see correctness theorem *)
  2934 
  2935 recdef a\<rho> "measure size"
  2936   "a\<rho> (And p q) = (\<lambda> k. And (a\<rho> p k) (a\<rho> q k))" 
  2937   "a\<rho> (Or p q) = (\<lambda> k. Or (a\<rho> p k) (a\<rho> q k))" 
  2938   "a\<rho> (Eq (CN 0 c e)) = (\<lambda> k. if k dvd c then (Eq (CN 0 (c div k) e)) 
  2939                                            else (Eq (CN 0 c (Mul k e))))"
  2940   "a\<rho> (NEq (CN 0 c e)) = (\<lambda> k. if k dvd c then (NEq (CN 0 (c div k) e)) 
  2941                                            else (NEq (CN 0 c (Mul k e))))"
  2942   "a\<rho> (Lt (CN 0 c e)) = (\<lambda> k. if k dvd c then (Lt (CN 0 (c div k) e)) 
  2943                                            else (Lt (CN 0 c (Mul k e))))"
  2944   "a\<rho> (Le (CN 0 c e)) = (\<lambda> k. if k dvd c then (Le (CN 0 (c div k) e)) 
  2945                                            else (Le (CN 0 c (Mul k e))))"
  2946   "a\<rho> (Gt (CN 0 c e)) = (\<lambda> k. if k dvd c then (Gt (CN 0 (c div k) e)) 
  2947                                            else (Gt (CN 0 c (Mul k e))))"
  2948   "a\<rho> (Ge (CN 0 c e)) = (\<lambda> k. if k dvd c then (Ge (CN 0 (c div k) e)) 
  2949                                             else (Ge (CN 0 c (Mul k e))))"
  2950   "a\<rho> (Dvd i (CN 0 c e)) = (\<lambda> k. if k dvd c then (Dvd i (CN 0 (c div k) e)) 
  2951                                             else (Dvd (i*k) (CN 0 c (Mul k e))))"
  2952   "a\<rho> (NDvd i (CN 0 c e)) = (\<lambda> k. if k dvd c then (NDvd i (CN 0 (c div k) e)) 
  2953                                             else (NDvd (i*k) (CN 0 c (Mul k e))))"
  2954   "a\<rho> p = (\<lambda> k. p)"
  2955 
  2956 constdefs \<sigma> :: "fm \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  2957   "\<sigma> p k t \<equiv> And (Dvd k t) (\<sigma>\<rho> p (t,k))"
  2958 
  2959 lemma \<sigma>\<rho>:
  2960   assumes linp: "iszlfm p (real (x::int)#bs)"
  2961   and kpos: "real k > 0"
  2962   and tnb: "numbound0 t"
  2963   and tint: "isint t (real x#bs)"
  2964   and kdt: "k dvd floor (Inum (b'#bs) t)"
  2965   shows "Ifm (real x#bs) (\<sigma>\<rho> p (t,k)) = 
  2966   (Ifm ((real ((floor (Inum (b'#bs) t)) div k))#bs) p)" 
  2967   (is "?I (real x) (?s p) = (?I (real ((floor (?N b' t)) div k)) p)" is "_ = (?I ?tk p)")
  2968 using linp kpos tnb
  2969 proof(induct p rule: \<sigma>\<rho>.induct)
  2970   case (3 c e) 
  2971   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  2972     {assume kdc: "k dvd c" 
  2973       from kpos have knz: "k\<noteq>0" by simp
  2974       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2975       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2976 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2977       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2978     moreover 
  2979     {assume "\<not> k dvd c"
  2980       from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  2981       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2982       from prems have "?I (real x) (?s (Eq (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k = 0)"
  2983 	using real_of_int_div[OF knz kdt]
  2984 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2985 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  2986       also have "\<dots> = (?I ?tk (Eq (CN 0 c e)))" using nonzero_eq_divide_eq[OF knz', where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2987 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2988 	by (simp add: ti)
  2989       finally have ?case . }
  2990     ultimately show ?case by blast 
  2991 next
  2992   case (4 c e)  
  2993   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  2994     {assume kdc: "k dvd c" 
  2995       from kpos have knz: "k\<noteq>0" by simp
  2996       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2997       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2998 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2999       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3000     moreover 
  3001     {assume "\<not> k dvd c"
  3002       from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3003       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3004       from prems have "?I (real x) (?s (NEq (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<noteq> 0)"
  3005 	using real_of_int_div[OF knz kdt]
  3006 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3007 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3008       also have "\<dots> = (?I ?tk (NEq (CN 0 c e)))" using nonzero_eq_divide_eq[OF knz', where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3009 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3010 	by (simp add: ti)
  3011       finally have ?case . }
  3012     ultimately show ?case by blast 
  3013 next
  3014   case (5 c e) 
  3015   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3016     {assume kdc: "k dvd c" 
  3017       from kpos have knz: "k\<noteq>0" by simp
  3018       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3019       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3020 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3021       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3022     moreover 
  3023     {assume "\<not> k dvd c"
  3024       from kpos have knz: "k\<noteq>0" by simp
  3025       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3026       from prems have "?I (real x) (?s (Lt (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k < 0)"
  3027 	using real_of_int_div[OF knz kdt]
  3028 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3029 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3030       also have "\<dots> = (?I ?tk (Lt (CN 0 c e)))" using pos_less_divide_eq[OF kpos, where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3031 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3032 	by (simp add: ti)
  3033       finally have ?case . }
  3034     ultimately show ?case by blast 
  3035 next
  3036   case (6 c e)  
  3037   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3038     {assume kdc: "k dvd c" 
  3039       from kpos have knz: "k\<noteq>0" by simp
  3040       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3041       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3042 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3043       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3044     moreover 
  3045     {assume "\<not> k dvd c"
  3046       from kpos have knz: "k\<noteq>0" by simp
  3047       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3048       from prems have "?I (real x) (?s (Le (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<le> 0)"
  3049 	using real_of_int_div[OF knz kdt]
  3050 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3051 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3052       also have "\<dots> = (?I ?tk (Le (CN 0 c e)))" using pos_le_divide_eq[OF kpos, where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3053 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3054 	by (simp add: ti)
  3055       finally have ?case . }
  3056     ultimately show ?case by blast 
  3057 next
  3058   case (7 c e) 
  3059   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3060     {assume kdc: "k dvd c" 
  3061       from kpos have knz: "k\<noteq>0" by simp
  3062       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3063       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3064 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3065       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3066     moreover 
  3067     {assume "\<not> k dvd c"
  3068       from kpos have knz: "k\<noteq>0" by simp
  3069       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3070       from prems have "?I (real x) (?s (Gt (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k > 0)"
  3071 	using real_of_int_div[OF knz kdt]
  3072 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3073 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3074       also have "\<dots> = (?I ?tk (Gt (CN 0 c e)))" using pos_divide_less_eq[OF kpos, where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3075 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3076 	by (simp add: ti)
  3077       finally have ?case . }
  3078     ultimately show ?case by blast 
  3079 next
  3080   case (8 c e)  
  3081   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3082     {assume kdc: "k dvd c" 
  3083       from kpos have knz: "k\<noteq>0" by simp
  3084       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3085       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3086 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3087       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3088     moreover 
  3089     {assume "\<not> k dvd c"
  3090       from kpos have knz: "k\<noteq>0" by simp
  3091       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3092       from prems have "?I (real x) (?s (Ge (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<ge> 0)"
  3093 	using real_of_int_div[OF knz kdt]
  3094 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3095 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3096       also have "\<dots> = (?I ?tk (Ge (CN 0 c e)))" using pos_divide_le_eq[OF kpos, where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3097 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3098 	by (simp add: ti)
  3099       finally have ?case . }
  3100     ultimately show ?case by blast 
  3101 next
  3102   case (9 i c e)   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3103     {assume kdc: "k dvd c" 
  3104       from kpos have knz: "k\<noteq>0" by simp
  3105       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3106       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3107 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3108       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3109     moreover 
  3110     {assume "\<not> k dvd c"
  3111       from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3112       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3113       from prems have "?I (real x) (?s (Dvd i (CN 0 c e))) = (real i * real k rdvd (real c * (?N (real x) t / real k) + ?N (real x) e)* real k)"
  3114 	using real_of_int_div[OF knz kdt]
  3115 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3116 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3117       also have "\<dots> = (?I ?tk (Dvd i (CN 0 c e)))" using rdvd_mult[OF knz, where n="i"] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3118 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3119 	by (simp add: ti)
  3120       finally have ?case . }
  3121     ultimately show ?case by blast 
  3122 next
  3123   case (10 i c e)    from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3124     {assume kdc: "k dvd c" 
  3125       from kpos have knz: "k\<noteq>0" by simp
  3126       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3127       from prems have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3128 	numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3129       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3130     moreover 
  3131     {assume "\<not> k dvd c"
  3132       from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3133       from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3134       from prems have "?I (real x) (?s (NDvd i (CN 0 c e))) = (\<not> (real i * real k rdvd (real c * (?N (real x) t / real k) + ?N (real x) e)* real k))"
  3135 	using real_of_int_div[OF knz kdt]
  3136 	  numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3137 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti ring_eq_simps)
  3138       also have "\<dots> = (?I ?tk (NDvd i (CN 0 c e)))" using rdvd_mult[OF knz, where n="i"] real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3139 	  numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3140 	by (simp add: ti)
  3141       finally have ?case . }
  3142     ultimately show ?case by blast 
  3143 qed (simp_all add: nth_pos2 bound0_I[where bs="bs" and b="real ((floor (?N b' t)) div k)" and b'="real x"] numbound0_I[where bs="bs" and b="real ((floor (?N b' t)) div k)" and b'="real x"])
  3144 
  3145 
  3146 lemma a\<rho>: 
  3147   assumes lp: "iszlfm p (real (x::int)#bs)" and kp: "real k > 0" 
  3148   shows "Ifm (real (x*k)#bs) (a\<rho> p k) = Ifm (real x#bs) p" (is "?I (x*k) (?f p k) = ?I x p")
  3149 using lp bound0_I[where bs="bs" and b="real (x*k)" and b'="real x"] numbound0_I[where bs="bs" and b="real (x*k)" and b'="real x"]
  3150 proof(induct p rule: a\<rho>.induct)
  3151   case (3 c e)  
  3152   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3153   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3154     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3155     moreover 
  3156     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] nonzero_eq_divide_eq[OF knz', where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3157     ultimately show ?case by blast 
  3158 next
  3159   case (4 c e)   
  3160   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3161   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3162     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3163     moreover 
  3164     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] nonzero_eq_divide_eq[OF knz', where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3165     ultimately show ?case by blast 
  3166 next
  3167   case (5 c e)   
  3168   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3169   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3170     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3171     moreover 
  3172     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] pos_less_divide_eq[OF kp, where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3173     ultimately show ?case by blast 
  3174 next
  3175   case (6 c e)    
  3176   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3177   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3178     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3179     moreover 
  3180     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] pos_le_divide_eq[OF kp, where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3181     ultimately show ?case by blast 
  3182 next
  3183   case (7 c e)    
  3184   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3185   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3186     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3187     moreover 
  3188     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] pos_divide_less_eq[OF kp, where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3189     ultimately show ?case by blast 
  3190 next
  3191   case (8 c e)    
  3192   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3193   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3194     {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3195     moreover 
  3196     {assume nkdc: "\<not> k dvd c" hence ?case using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] pos_divide_le_eq[OF kp, where b="0" and a="real c * real x + Inum (real x # bs) e", symmetric] by (simp add: ring_eq_simps)}
  3197     ultimately show ?case by blast 
  3198 next
  3199   case (9 i c e)
  3200   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3201   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3202   {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3203   moreover 
  3204   {assume "\<not> k dvd c"
  3205     hence "Ifm (real (x*k)#bs) (a\<rho> (Dvd i (CN 0 c e)) k) = 
  3206       (real i * real k rdvd (real c * real x + Inum (real x#bs) e) * real k)" 
  3207       using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] 
  3208       by (simp add: ring_eq_simps)
  3209     also have "\<dots> = (Ifm (real x#bs) (Dvd i (CN 0 c e)))" by (simp add: rdvd_mult[OF knz, where n="i"])
  3210     finally have ?case . }
  3211   ultimately show ?case by blast 
  3212 next
  3213   case (10 i c e) 
  3214   from prems have cp: "c > 0" and nb: "numbound0 e" by auto
  3215   from kp have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3216   {assume kdc: "k dvd c" from prems have  ?case using real_of_int_div[OF knz kdc] by simp } 
  3217   moreover 
  3218   {assume "\<not> k dvd c"
  3219     hence "Ifm (real (x*k)#bs) (a\<rho> (NDvd i (CN 0 c e)) k) = 
  3220       (\<not> (real i * real k rdvd (real c * real x + Inum (real x#bs) e) * real k))" 
  3221       using numbound0_I[OF nb, where bs="bs" and b="real (x*k)" and b'="real x"] 
  3222       by (simp add: ring_eq_simps)
  3223     also have "\<dots> = (Ifm (real x#bs) (NDvd i (CN 0 c e)))" by (simp add: rdvd_mult[OF knz, where n="i"])
  3224     finally have ?case . }
  3225   ultimately show ?case by blast 
  3226 qed (simp_all add: nth_pos2)
  3227 
  3228 lemma a\<rho>_ex: 
  3229   assumes lp: "iszlfm p (real (x::int)#bs)" and kp: "k > 0"
  3230   shows "(\<exists> (x::int). real k rdvd real x \<and> Ifm (real x#bs) (a\<rho> p k)) = 
  3231   (\<exists> (x::int). Ifm (real x#bs) p)" (is "(\<exists> x. ?D x \<and> ?P' x) = (\<exists> x. ?P x)")
  3232 proof-
  3233   have "(\<exists> x. ?D x \<and> ?P' x) = (\<exists> x. k dvd x \<and> ?P' x)" using int_rdvd_iff by simp
  3234   also have "\<dots> = (\<exists>x. ?P' (x*k))" using unity_coeff_ex[where P="?P'" and l="k", simplified]
  3235     by (simp add: ring_eq_simps)
  3236   also have "\<dots> = (\<exists> x. ?P x)" using a\<rho> iszlfm_gen[OF lp] kp by auto
  3237   finally show ?thesis .
  3238 qed
  3239 
  3240 lemma \<sigma>\<rho>': assumes lp: "iszlfm p (real (x::int)#bs)" and kp: "k > 0" and nb: "numbound0 t"
  3241   shows "Ifm (real x#bs) (\<sigma>\<rho> p (t,k)) = Ifm ((Inum (real x#bs) t)#bs) (a\<rho> p k)"
  3242 using lp 
  3243 by(induct p rule: \<sigma>\<rho>.induct, simp_all add: 
  3244   numbound0_I[OF nb, where bs="bs" and b="Inum (real x#bs) t" and b'="real x"] 
  3245   numbound0_I[where bs="bs" and b="Inum (real x#bs) t" and b'="real x"] 
  3246   bound0_I[where bs="bs" and b="Inum (real x#bs) t" and b'="real x"] nth_pos2 cong: imp_cong)
  3247 
  3248 lemma \<sigma>\<rho>_nb: assumes lp:"iszlfm p (a#bs)" and nb: "numbound0 t"
  3249   shows "bound0 (\<sigma>\<rho> p (t,k))"
  3250   using lp
  3251   by (induct p rule: iszlfm.induct, auto simp add: nb)
  3252 
  3253 lemma \<rho>_l:
  3254   assumes lp: "iszlfm p (real (i::int)#bs)"
  3255   shows "\<forall> (b,k) \<in> set (\<rho> p). k >0 \<and> numbound0 b \<and> isint b (real i#bs)"
  3256 using lp by (induct p rule: \<rho>.induct, auto simp add: isint_sub isint_neg)
  3257 
  3258 lemma \<alpha>\<rho>_l:
  3259   assumes lp: "iszlfm p (real (i::int)#bs)"
  3260   shows "\<forall> (b,k) \<in> set (\<alpha>\<rho> p). k >0 \<and> numbound0 b \<and> isint b (real i#bs)"
  3261 using lp isint_add [OF isint_c[where j="- 1"],where bs="real i#bs"]
  3262  by (induct p rule: \<alpha>\<rho>.induct, auto)
  3263 
  3264 lemma zminusinf_\<rho>:
  3265   assumes lp: "iszlfm p (real (i::int)#bs)"
  3266   and nmi: "\<not> (Ifm (real i#bs) (minusinf p))" (is "\<not> (Ifm (real i#bs) (?M p))")
  3267   and ex: "Ifm (real i#bs) p" (is "?I i p")
  3268   shows "\<exists> (e,c) \<in> set (\<rho> p). real (c*i) > Inum (real i#bs) e" (is "\<exists> (e,c) \<in> ?R p. real (c*i) > ?N i e")
  3269   using lp nmi ex
  3270 by (induct p rule: minusinf.induct, auto)
  3271 
  3272 
  3273 lemma \<sigma>_And: "Ifm bs (\<sigma> (And p q) k t)  = Ifm bs (And (\<sigma> p k t) (\<sigma> q k t))"
  3274 using \<sigma>_def by auto
  3275 lemma \<sigma>_Or: "Ifm bs (\<sigma> (Or p q) k t)  = Ifm bs (Or (\<sigma> p k t) (\<sigma> q k t))"
  3276 using \<sigma>_def by auto
  3277 
  3278 lemma \<rho>: assumes lp: "iszlfm p (real (i::int) #bs)"
  3279   and pi: "Ifm (real i#bs) p"
  3280   and d: "d\<delta> p d"
  3281   and dp: "d > 0"
  3282   and nob: "\<forall>(e,c) \<in> set (\<rho> p). \<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> Inum (real i#bs) e + real j"
  3283   (is "\<forall>(e,c) \<in> set (\<rho> p). \<forall> j\<in> {1 .. c*d}. _ \<noteq> ?N i e + _")
  3284   shows "Ifm (real(i - d)#bs) p"
  3285   using lp pi d nob
  3286 proof(induct p rule: iszlfm.induct)
  3287   case (3 c e) hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3288     and pi: "real (c*i) = - 1 -  ?N i e + real (1::int)" and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> -1 - ?N i e + real j"
  3289     by simp+
  3290   from mult_strict_left_mono[OF dp cp]  have one:"1 \<in> {1 .. c*d}" by auto
  3291   from nob[rule_format, where j="1", OF one] pi show ?case by simp
  3292 next
  3293   case (4 c e)  
  3294   hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3295     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - ?N i e + real j"
  3296     by simp+
  3297   {assume "real (c*i) \<noteq> - ?N i e + real (c*d)"
  3298     with numbound0_I[OF nb, where bs="bs" and b="real i - real d" and b'="real i"]
  3299     have ?case by (simp add: ring_eq_simps)}
  3300   moreover
  3301   {assume pi: "real (c*i) = - ?N i e + real (c*d)"
  3302     from mult_strict_left_mono[OF dp cp] have d: "(c*d) \<in> {1 .. c*d}" by simp
  3303     from nob[rule_format, where j="c*d", OF d] pi have ?case by simp }
  3304   ultimately show ?case by blast
  3305 next
  3306   case (5 c e) hence cp: "c > 0" by simp
  3307   from prems mult_strict_left_mono[OF dp cp, simplified real_of_int_less_iff[symmetric] 
  3308     real_of_int_mult]
  3309   show ?case using prems dp 
  3310     by (simp add: add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"] 
  3311       ring_eq_simps)
  3312 next
  3313   case (6 c e)  hence cp: "c > 0" by simp
  3314   from prems mult_strict_left_mono[OF dp cp, simplified real_of_int_less_iff[symmetric] 
  3315     real_of_int_mult]
  3316   show ?case using prems dp 
  3317     by (simp add: add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"] 
  3318       ring_eq_simps)
  3319 next
  3320   case (7 c e) hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3321     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - ?N i e + real j"
  3322     and pi: "real (c*i) + ?N i e > 0" and cp': "real c >0"
  3323     by simp+
  3324   let ?fe = "floor (?N i e)"
  3325   from pi cp have th:"(real i +?N i e / real c)*real c > 0" by (simp add: ring_eq_simps)
  3326   from pi ei[simplified isint_iff] have "real (c*i + ?fe) > real (0::int)" by simp
  3327   hence pi': "c*i + ?fe > 0" by (simp only: real_of_int_less_iff[symmetric])
  3328   have "real (c*i) + ?N i e > real (c*d) \<or> real (c*i) + ?N i e \<le> real (c*d)" by auto
  3329   moreover
  3330   {assume "real (c*i) + ?N i e > real (c*d)" hence ?case
  3331       by (simp add: ring_eq_simps 
  3332 	numbound0_I[OF nb,where bs="bs" and b="real i - real d" and b'="real i"])} 
  3333   moreover 
  3334   {assume H:"real (c*i) + ?N i e \<le> real (c*d)"
  3335     with ei[simplified isint_iff] have "real (c*i + ?fe) \<le> real (c*d)" by simp
  3336     hence pid: "c*i + ?fe \<le> c*d" by (simp only: real_of_int_le_iff)
  3337     with pi' have "\<exists> j1\<in> {1 .. c*d}. c*i + ?fe = j1" by auto
  3338     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = - ?N i e + real j1" 
  3339       by (simp only: diff_def[symmetric] real_of_int_mult real_of_int_add real_of_int_inject[symmetric] ei[simplified isint_iff] ring_eq_simps)
  3340     with nob  have ?case by blast }
  3341   ultimately show ?case by blast
  3342 next
  3343   case (8 c e)  hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3344     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - 1 - ?N i e + real j"
  3345     and pi: "real (c*i) + ?N i e \<ge> 0" and cp': "real c >0"
  3346     by simp+
  3347   let ?fe = "floor (?N i e)"
  3348   from pi cp have th:"(real i +?N i e / real c)*real c \<ge> 0" by (simp add: ring_eq_simps)
  3349   from pi ei[simplified isint_iff] have "real (c*i + ?fe) \<ge> real (0::int)" by simp
  3350   hence pi': "c*i + 1 + ?fe \<ge> 1" by (simp only: real_of_int_le_iff[symmetric])
  3351   have "real (c*i) + ?N i e \<ge> real (c*d) \<or> real (c*i) + ?N i e < real (c*d)" by auto
  3352   moreover
  3353   {assume "real (c*i) + ?N i e \<ge> real (c*d)" hence ?case
  3354       by (simp add: ring_eq_simps 
  3355 	numbound0_I[OF nb,where bs="bs" and b="real i - real d" and b'="real i"])} 
  3356   moreover 
  3357   {assume H:"real (c*i) + ?N i e < real (c*d)"
  3358     with ei[simplified isint_iff] have "real (c*i + ?fe) < real (c*d)" by simp
  3359     hence pid: "c*i + 1 + ?fe \<le> c*d" by (simp only: real_of_int_le_iff)
  3360     with pi' have "\<exists> j1\<in> {1 .. c*d}. c*i + 1+ ?fe = j1" by auto
  3361     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) + 1= - ?N i e + real j1"
  3362       by (simp only: diff_def[symmetric] real_of_int_mult real_of_int_add real_of_int_inject[symmetric] ei[simplified isint_iff] ring_eq_simps real_of_one) 
  3363     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = (- ?N i e + real j1) - 1"
  3364       by (simp only: ring_eq_simps diff_def[symmetric])
  3365         hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = - 1 - ?N i e + real j1"
  3366 	  by (simp only: add_ac diff_def)
  3367     with nob  have ?case by blast }
  3368   ultimately show ?case by blast
  3369 next
  3370   case (9 j c e)  hence p: "real j rdvd real (c*i) + ?N i e" (is "?p x") and cp: "c > 0" and bn:"numbound0 e"  by simp+
  3371     let ?e = "Inum (real i # bs) e"
  3372     from prems have "isint e (real i #bs)"  by simp 
  3373     hence ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="(real i)#bs"] numbound0_I[OF bn,where b="real i" and b'="real i" and bs="bs"]
  3374       by (simp add: isint_iff)
  3375     from prems have id: "j dvd d" by simp
  3376     from ie[symmetric] have "?p i = (real j rdvd real (c*i+ floor ?e))" by simp
  3377     also have "\<dots> = (j dvd c*i + floor ?e)" 
  3378       using int_rdvd_iff [where i="j" and t="c*i+ floor ?e"] by simp
  3379     also have "\<dots> = (j dvd c*i - c*d + floor ?e)" 
  3380       using dvd_period[OF id, where x="c*i" and c="-c" and t="floor ?e"] by simp
  3381     also have "\<dots> = (real j rdvd real (c*i - c*d + floor ?e))" 
  3382       using int_rdvd_iff[where i="j" and t="(c*i - c*d + floor ?e)",symmetric, simplified]
  3383       ie by simp
  3384     also have "\<dots> = (real j rdvd real (c*(i - d)) + ?e)" 
  3385       using ie by (simp add:ring_eq_simps)
  3386     finally show ?case 
  3387       using numbound0_I[OF bn,where b="real i - real d" and b'="real i" and bs="bs"] p 
  3388       by (simp add: ring_eq_simps)
  3389 next
  3390   case (10 j c e)   hence p: "\<not> (real j rdvd real (c*i) + ?N i e)" (is "?p x") and cp: "c > 0" and bn:"numbound0 e"  by simp+
  3391     let ?e = "Inum (real i # bs) e"
  3392     from prems have "isint e (real i #bs)"  by simp 
  3393     hence ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="(real i)#bs"] numbound0_I[OF bn,where b="real i" and b'="real i" and bs="bs"]
  3394       by (simp add: isint_iff)
  3395     from prems have id: "j dvd d" by simp
  3396     from ie[symmetric] have "?p i = (\<not> (real j rdvd real (c*i+ floor ?e)))" by simp
  3397     also have "\<dots> = Not (j dvd c*i + floor ?e)" 
  3398       using int_rdvd_iff [where i="j" and t="c*i+ floor ?e"] by simp
  3399     also have "\<dots> = Not (j dvd c*i - c*d + floor ?e)" 
  3400       using dvd_period[OF id, where x="c*i" and c="-c" and t="floor ?e"] by simp
  3401     also have "\<dots> = Not (real j rdvd real (c*i - c*d + floor ?e))" 
  3402       using int_rdvd_iff[where i="j" and t="(c*i - c*d + floor ?e)",symmetric, simplified]
  3403       ie by simp
  3404     also have "\<dots> = Not (real j rdvd real (c*(i - d)) + ?e)" 
  3405       using ie by (simp add:ring_eq_simps)
  3406     finally show ?case 
  3407       using numbound0_I[OF bn,where b="real i - real d" and b'="real i" and bs="bs"] p 
  3408       by (simp add: ring_eq_simps)
  3409 qed(auto simp add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"] nth_pos2)
  3410 
  3411 lemma \<sigma>_nb: assumes lp: "iszlfm p (a#bs)" and nb: "numbound0 t"
  3412   shows "bound0 (\<sigma> p k t)"
  3413   using \<sigma>\<rho>_nb[OF lp nb] nb by (simp add: \<sigma>_def)
  3414   
  3415 lemma \<rho>':   assumes lp: "iszlfm p (a #bs)"
  3416   and d: "d\<delta> p d"
  3417   and dp: "d > 0"
  3418   shows "\<forall> x. \<not>(\<exists> (e,c) \<in> set(\<rho> p). \<exists>(j::int) \<in> {1 .. c*d}. Ifm (a #bs) (\<sigma> p c (Add e (C j)))) \<longrightarrow> Ifm (real x#bs) p \<longrightarrow> Ifm (real (x - d)#bs) p" (is "\<forall> x. ?b x \<longrightarrow> ?P x \<longrightarrow> ?P (x - d)")
  3419 proof(clarify)
  3420   fix x 
  3421   assume nob1:"?b x" and px: "?P x" 
  3422   from iszlfm_gen[OF lp, rule_format, where y="real x"] have lp': "iszlfm p (real x#bs)".
  3423   have nob: "\<forall>(e, c)\<in>set (\<rho> p). \<forall>j\<in>{1..c * d}. real (c * x) \<noteq> Inum (real x # bs) e + real j" 
  3424   proof(clarify)
  3425     fix e c j assume ecR: "(e,c) \<in> set (\<rho> p)" and jD: "j\<in> {1 .. c*d}"
  3426       and cx: "real (c*x) = Inum (real x#bs) e + real j"
  3427     let ?e = "Inum (real x#bs) e"
  3428     let ?fe = "floor ?e"
  3429     from \<rho>_l[OF lp'] ecR have ei:"isint e (real x#bs)" and cp:"c>0" and nb:"numbound0 e"
  3430       by auto
  3431     from numbound0_gen [OF nb ei, rule_format,where y="a"] have "isint e (a#bs)" .
  3432     from cx ei[simplified isint_iff] have "real (c*x) = real (?fe + j)" by simp
  3433     hence cx: "c*x = ?fe + j" by (simp only: real_of_int_inject)
  3434     hence cdej:"c dvd ?fe + j" by (simp add: dvd_def) (rule_tac x="x" in exI, simp)
  3435     hence "real c rdvd real (?fe + j)" by (simp only: int_rdvd_iff)
  3436     hence rcdej: "real c rdvd ?e + real j" by (simp add: ei[simplified isint_iff])
  3437     from cx have "(c*x) div c = (?fe + j) div c" by simp
  3438     with cp have "x = (?fe + j) div c" by simp
  3439     with px have th: "?P ((?fe + j) div c)" by auto
  3440     from cp have cp': "real c > 0" by simp
  3441     from cdej have cdej': "c dvd floor (Inum (real x#bs) (Add e (C j)))" by simp
  3442     from nb have nb': "numbound0 (Add e (C j))" by simp
  3443     have ji: "isint (C j) (real x#bs)" by (simp add: isint_def)
  3444     from isint_add[OF ei ji] have ei':"isint (Add e (C j)) (real x#bs)" .
  3445     from th \<sigma>\<rho>[where b'="real x", OF lp' cp' nb' ei' cdej',symmetric]
  3446     have "Ifm (real x#bs) (\<sigma>\<rho> p (Add e (C j), c))" by simp
  3447     with rcdej have th: "Ifm (real x#bs) (\<sigma> p c (Add e (C j)))" by (simp add: \<sigma>_def)
  3448     from th bound0_I[OF \<sigma>_nb[OF lp nb', where k="c"],where bs="bs" and b="real x" and b'="a"]
  3449     have "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" by blast
  3450       with ecR jD nob1    show "False" by blast
  3451   qed
  3452   from \<rho>[OF lp' px d dp nob] show "?P (x -d )" . 
  3453 qed
  3454 
  3455 
  3456 lemma rl_thm: 
  3457   assumes lp: "iszlfm p (real (i::int)#bs)"
  3458   shows "(\<exists> (x::int). Ifm (real x#bs) p) = ((\<exists> j\<in> {1 .. \<delta> p}. Ifm (real j#bs) (minusinf p)) \<or> (\<exists> (e,c) \<in> set (\<rho> p). \<exists> j\<in> {1 .. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j)))))"
  3459   (is "(\<exists>(x::int). ?P x) = ((\<exists> j\<in> {1.. \<delta> p}. ?MP j)\<or>(\<exists> (e,c) \<in> ?R. \<exists> j\<in> _. ?SP c e j))" 
  3460     is "?lhs = (?MD \<or> ?RD)"  is "?lhs = ?rhs")
  3461 proof-
  3462   let ?d= "\<delta> p"
  3463   from \<delta>[OF lp] have d:"d\<delta> p ?d" and dp: "?d > 0" by auto
  3464   { assume H:"?MD" hence th:"\<exists> (x::int). ?MP x" by blast
  3465     from H minusinf_ex[OF lp th] have ?thesis  by blast}
  3466   moreover
  3467   { fix e c j assume exR:"(e,c) \<in> ?R" and jD:"j\<in> {1 .. c*?d}" and spx:"?SP c e j"
  3468     from exR \<rho>_l[OF lp] have nb: "numbound0 e" and ei:"isint e (real i#bs)" and cp: "c > 0"
  3469       by auto
  3470     have "isint (C j) (real i#bs)" by (simp add: isint_iff)
  3471     with isint_add[OF numbound0_gen[OF nb ei,rule_format, where y="real i"]]
  3472     have eji:"isint (Add e (C j)) (real i#bs)" by simp
  3473     from nb have nb': "numbound0 (Add e (C j))" by simp
  3474     from spx bound0_I[OF \<sigma>_nb[OF lp nb', where k="c"], where bs="bs" and b="a" and b'="real i"]
  3475     have spx': "Ifm (real i # bs) (\<sigma> p c (Add e (C j)))" by blast
  3476     from spx' have rcdej:"real c rdvd (Inum (real i#bs) (Add e (C j)))" 
  3477       and sr:"Ifm (real i#bs) (\<sigma>\<rho> p (Add e (C j),c))" by (simp add: \<sigma>_def)+
  3478     from rcdej eji[simplified isint_iff] 
  3479     have "real c rdvd real (floor (Inum (real i#bs) (Add e (C j))))" by simp
  3480     hence cdej:"c dvd floor (Inum (real i#bs) (Add e (C j)))" by (simp only: int_rdvd_iff)
  3481     from cp have cp': "real c > 0" by simp
  3482     from \<sigma>\<rho>[OF lp cp' nb' eji cdej] spx' have "?P (\<lfloor>Inum (real i # bs) (Add e (C j))\<rfloor> div c)"
  3483       by (simp add: \<sigma>_def)
  3484     hence ?lhs by blast
  3485     with exR jD spx have ?thesis by blast}
  3486   moreover
  3487   { fix x assume px: "?P x" and nob: "\<not> ?RD"
  3488     from iszlfm_gen [OF lp,rule_format, where y="a"] have lp':"iszlfm p (a#bs)" .
  3489     from \<rho>'[OF lp' d dp, rule_format, OF nob] have th:"\<forall> x. ?P x \<longrightarrow> ?P (x - ?d)" by blast
  3490     from minusinf_inf[OF lp] obtain z where z:"\<forall> x<z. ?MP x = ?P x" by blast
  3491     have zp: "abs (x - z) + 1 \<ge> 0" by arith
  3492     from decr_lemma[OF dp,where x="x" and z="z"] 
  3493       decr_mult_lemma[OF dp th zp, rule_format, OF px] z have th:"\<exists> x. ?MP x" by auto
  3494     with minusinf_bex[OF lp] px nob have ?thesis by blast}
  3495   ultimately show ?thesis by blast
  3496 qed
  3497 
  3498 lemma mirror_\<alpha>\<rho>:   assumes lp: "iszlfm p (a#bs)"
  3499   shows "(\<lambda> (t,k). (Inum (a#bs) t, k)) ` set (\<alpha>\<rho> p) = (\<lambda> (t,k). (Inum (a#bs) t,k)) ` set (\<rho> (mirror p))"
  3500 using lp
  3501 by (induct p rule: mirror.induct, simp_all add: split_def image_Un )
  3502   
  3503 text {* The @{text "\<real>"} part*}
  3504 
  3505 text{* Linearity for fm where Bound 0 ranges over @{text "\<real>"}*}
  3506 consts
  3507   isrlfm :: "fm \<Rightarrow> bool"   (* Linearity test for fm *)
  3508 recdef isrlfm "measure size"
  3509   "isrlfm (And p q) = (isrlfm p \<and> isrlfm q)" 
  3510   "isrlfm (Or p q) = (isrlfm p \<and> isrlfm q)" 
  3511   "isrlfm (Eq  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3512   "isrlfm (NEq (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3513   "isrlfm (Lt  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3514   "isrlfm (Le  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3515   "isrlfm (Gt  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3516   "isrlfm (Ge  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3517   "isrlfm p = (isatom p \<and> (bound0 p))"
  3518 
  3519 constdefs fp :: "fm \<Rightarrow> int \<Rightarrow> num \<Rightarrow> int \<Rightarrow> fm"
  3520   "fp p n s j \<equiv> (if n > 0 then 
  3521             (And p (And (Ge (CN 0 n (Sub s (Add (Floor s) (C j)))))
  3522                         (Lt (CN 0 n (Sub s (Add (Floor s) (C (j+1))))))))
  3523             else 
  3524             (And p (And (Le (CN 0 (-n) (Add (Neg s) (Add (Floor s) (C j))))) 
  3525                         (Gt (CN 0 (-n) (Add (Neg s) (Add (Floor s) (C (j + 1)))))))))"
  3526 
  3527   (* splits the bounded from the unbounded part*)
  3528 consts rsplit0 :: "num \<Rightarrow> (fm \<times> int \<times> num) list" 
  3529 recdef rsplit0 "measure num_size"
  3530   "rsplit0 (Bound 0) = [(T,1,C 0)]"
  3531   "rsplit0 (Add a b) = (let acs = rsplit0 a ; bcs = rsplit0 b 
  3532               in map (\<lambda> ((p,n,t),(q,m,s)). (And p q, n+m, Add t s)) (allpairs Pair acs bcs))"
  3533   "rsplit0 (Sub a b) = rsplit0 (Add a (Neg b))"
  3534   "rsplit0 (Neg a) = map (\<lambda> (p,n,s). (p,-n,Neg s)) (rsplit0 a)"
  3535   "rsplit0 (Floor a) = foldl (op @) [] (map 
  3536       (\<lambda> (p,n,s). if n=0 then [(p,0,Floor s)]
  3537           else (map (\<lambda> j. (fp p n s j, 0, Add (Floor s) (C j))) (if n > 0 then iupt (0,n) else iupt(n,0))))
  3538        (rsplit0 a))"
  3539   "rsplit0 (CN 0 c a) = map (\<lambda> (p,n,s). (p,n+c,s)) (rsplit0 a)"
  3540   "rsplit0 (CN m c a) = map (\<lambda> (p,n,s). (p,n,CN m c s)) (rsplit0 a)"
  3541   "rsplit0 (CF c t s) = rsplit0 (Add (Mul c (Floor t)) s)"
  3542   "rsplit0 (Mul c a) = map (\<lambda> (p,n,s). (p,c*n,Mul c s)) (rsplit0 a)"
  3543   "rsplit0 t = [(T,0,t)]"
  3544 
  3545 lemma not_rl[simp]: "isrlfm p \<Longrightarrow> isrlfm (not p)"
  3546   by (induct p rule: isrlfm.induct, auto)
  3547 lemma conj_rl[simp]: "isrlfm p \<Longrightarrow> isrlfm q \<Longrightarrow> isrlfm (conj p q)"
  3548   using conj_def by (cases p, auto)
  3549 lemma disj_rl[simp]: "isrlfm p \<Longrightarrow> isrlfm q \<Longrightarrow> isrlfm (disj p q)"
  3550   using disj_def by (cases p, auto)
  3551 
  3552 
  3553 lemma rsplit0_cs:
  3554   shows "\<forall> (p,n,s) \<in> set (rsplit0 t). 
  3555   (Ifm (x#bs) p \<longrightarrow>  (Inum (x#bs) t = Inum (x#bs) (CN 0 n s))) \<and> numbound0 s \<and> isrlfm p" 
  3556   (is "\<forall> (p,n,s) \<in> ?SS t. (?I p \<longrightarrow> ?N t = ?N (CN 0 n s)) \<and> _ \<and> _ ")
  3557 proof(induct t rule: rsplit0.induct)
  3558   case (5 a) 
  3559   let ?p = "\<lambda> (p,n,s) j. fp p n s j"
  3560   let ?f = "(\<lambda> (p,n,s) j. (?p (p,n,s) j, (0::int),Add (Floor s) (C j)))"
  3561   let ?J = "\<lambda> n. if n>0 then iupt (0,n) else iupt (n,0)"
  3562   let ?ff=" (\<lambda> (p,n,s). if n= 0 then [(p,0,Floor s)] else map (?f (p,n,s)) (?J n))"
  3563   have int_cases: "\<forall> (i::int). i= 0 \<or> i < 0 \<or> i > 0" by arith
  3564   have U1: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3565     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)]))" by auto
  3566   have U2': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0}. 
  3567     ?ff (p,n,s) = map (?f(p,n,s)) (iupt(0,n))" by auto
  3568   hence U2: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3569     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). 
  3570     set (map (?f(p,n,s)) (iupt(0,n)))))"
  3571   proof-
  3572     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3573     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3574     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3575       by (auto simp add: split_def)
  3576   qed
  3577   have U3': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0}. ?ff (p,n,s) = map (?f(p,n,s)) (iupt(n,0))"
  3578     by auto
  3579   hence U3: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3580     (UNION {(p,n,s). (p,n,s)\<in> ?SS a\<and>n<0} (\<lambda>(p,n,s). set (map (?f(p,n,s)) (iupt(n,0)))))"
  3581       proof-
  3582     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3583     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3584     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3585       by (auto simp add: split_def)
  3586   qed
  3587   from foldl_append_map_Nil_set[where xs="rsplit0 a" and f="?ff"]
  3588   have "?SS (Floor a) = UNION (?SS a) (\<lambda>x. set (?ff x))" by auto
  3589   also have "\<dots> = UNION (?SS a) (\<lambda> (p,n,s). set (?ff (p,n,s)))" by auto
  3590   also have "\<dots> = 
  3591     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3592     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3593     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))))" 
  3594     using int_cases[rule_format] by blast
  3595   also have "\<dots> =  
  3596     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)])) Un 
  3597    (UNION {(p,n,s). (p,n,s)\<in> ?SS a\<and>n>0} (\<lambda>(p,n,s). set(map(?f(p,n,s)) (iupt(0,n))))) Un 
  3598    (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). 
  3599     set (map (?f(p,n,s)) (iupt(n,0))))))" by (simp only: U1 U2 U3)
  3600   also have "\<dots> =  
  3601     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3602     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {0 .. n})) Un 
  3603     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {n .. 0})))"
  3604     by (simp only: set_map iupt_set set.simps)
  3605   also have "\<dots> =   
  3606     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3607     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3608     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))" by blast
  3609   finally 
  3610   have FS: "?SS (Floor a) =   
  3611     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3612     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3613     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))"    by blast
  3614   show ?case
  3615     proof(simp only: FS, clarsimp simp del: Ifm.simps Inum.simps, -)
  3616       fix p n s
  3617       let ?ths = "(?I p \<longrightarrow> (?N (Floor a) = ?N (CN 0 n s))) \<and> numbound0 s \<and> isrlfm p"
  3618       assume "(\<exists>ba. (p, 0, ba) \<in> set (rsplit0 a) \<and> n = 0 \<and> s = Floor ba) \<or>
  3619        (\<exists>ab ac ba.
  3620            (ab, ac, ba) \<in> set (rsplit0 a) \<and>
  3621            0 < ac \<and>
  3622            (\<exists>j. p = fp ab ac ba j \<and>
  3623                 n = 0 \<and> s = Add (Floor ba) (C j) \<and> 0 \<le> j \<and> j \<le> ac)) \<or>
  3624        (\<exists>ab ac ba.
  3625            (ab, ac, ba) \<in> set (rsplit0 a) \<and>
  3626            ac < 0 \<and>
  3627            (\<exists>j. p = fp ab ac ba j \<and>
  3628                 n = 0 \<and> s = Add (Floor ba) (C j) \<and> ac \<le> j \<and> j \<le> 0))"
  3629       moreover 
  3630       {fix s'
  3631 	assume "(p, 0, s') \<in> ?SS a" and "n = 0" and "s = Floor s'"
  3632 	hence ?ths using prems by auto}
  3633       moreover
  3634       {	fix p' n' s' j
  3635 	assume pns: "(p', n', s') \<in> ?SS a" 
  3636 	  and np: "0 < n'" 
  3637 	  and p_def: "p = ?p (p',n',s') j" 
  3638 	  and n0: "n = 0" 
  3639 	  and s_def: "s = (Add (Floor s') (C j))" 
  3640 	  and jp: "0 \<le> j" and jn: "j \<le> n'"
  3641 	from prems pns have H:"(Ifm ((x\<Colon>real) # (bs\<Colon>real list)) p' \<longrightarrow>
  3642           Inum (x # bs) a = Inum (x # bs) (CN 0 n' s')) \<and>
  3643           numbound0 s' \<and> isrlfm p'" by blast
  3644 	hence nb: "numbound0 s'" by simp
  3645 	from H have nf: "isrlfm (?p (p',n',s') j)" using fp_def np by (simp add: numsub_nb)
  3646 	let ?nxs = "CN 0 n' s'"
  3647 	let ?l = "floor (?N s') + j"
  3648 	from H 
  3649 	have "?I (?p (p',n',s') j) \<longrightarrow> 
  3650 	  (((?N ?nxs \<ge> real ?l) \<and> (?N ?nxs < real (?l + 1))) \<and> (?N a = ?N ?nxs ))" 
  3651 	  by (simp add: fp_def np ring_eq_simps numsub numadd numfloor)
  3652 	also have "\<dots> \<longrightarrow> ((floor (?N ?nxs) = ?l) \<and> (?N a = ?N ?nxs ))"
  3653 	  using floor_int_eq[where x="?N ?nxs" and n="?l"] by simp
  3654 	moreover
  3655 	have "\<dots> \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))" by simp
  3656 	ultimately have "?I (?p (p',n',s') j) \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"
  3657 	  by blast
  3658 	with s_def n0 p_def nb nf have ?ths by auto}
  3659       moreover
  3660       {fix p' n' s' j
  3661 	assume pns: "(p', n', s') \<in> ?SS a" 
  3662 	  and np: "n' < 0" 
  3663 	  and p_def: "p = ?p (p',n',s') j" 
  3664 	  and n0: "n = 0" 
  3665 	  and s_def: "s = (Add (Floor s') (C j))" 
  3666 	  and jp: "n' \<le> j" and jn: "j \<le> 0"
  3667 	from prems pns have H:"(Ifm ((x\<Colon>real) # (bs\<Colon>real list)) p' \<longrightarrow>
  3668           Inum (x # bs) a = Inum (x # bs) (CN 0 n' s')) \<and>
  3669           numbound0 s' \<and> isrlfm p'" by blast
  3670 	hence nb: "numbound0 s'" by simp
  3671 	from H have nf: "isrlfm (?p (p',n',s') j)" using fp_def np by (simp add: numneg_nb)
  3672 	let ?nxs = "CN 0 n' s'"
  3673 	let ?l = "floor (?N s') + j"
  3674 	from H 
  3675 	have "?I (?p (p',n',s') j) \<longrightarrow> 
  3676 	  (((?N ?nxs \<ge> real ?l) \<and> (?N ?nxs < real (?l + 1))) \<and> (?N a = ?N ?nxs ))" 
  3677 	  by (simp add: np fp_def ring_eq_simps numneg numfloor numadd numsub)
  3678 	also have "\<dots> \<longrightarrow> ((floor (?N ?nxs) = ?l) \<and> (?N a = ?N ?nxs ))"
  3679 	  using floor_int_eq[where x="?N ?nxs" and n="?l"] by simp
  3680 	moreover
  3681 	have "\<dots> \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"  by simp
  3682 	ultimately have "?I (?p (p',n',s') j) \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"
  3683 	  by blast
  3684 	with s_def n0 p_def nb nf have ?ths by auto}
  3685       ultimately show ?ths by auto
  3686     qed
  3687 next
  3688   case (3 a b) thus ?case by auto 
  3689 qed (auto simp add: Let_def allpairs_set split_def ring_eq_simps conj_rl)
  3690 
  3691 lemma real_in_int_intervals: 
  3692   assumes xb: "real m \<le> x \<and> x < real ((n::int) + 1)"
  3693   shows "\<exists> j\<in> {m.. n}. real j \<le> x \<and> x < real (j+1)" (is "\<exists> j\<in> ?N. ?P j")
  3694 by (rule bexI[where P="?P" and x="floor x" and A="?N"]) 
  3695 (auto simp add: floor_less_eq[where x="x" and a="n+1", simplified] xb[simplified] floor_mono2[where x="real m" and y="x", OF conjunct1[OF xb], simplified floor_real_of_int[where n="m"]])
  3696 
  3697 lemma rsplit0_complete:
  3698   assumes xp:"0 \<le> x" and x1:"x < 1"
  3699   shows "\<exists> (p,n,s) \<in> set (rsplit0 t). Ifm (x#bs) p" (is "\<exists> (p,n,s) \<in> ?SS t. ?I p")
  3700 proof(induct t rule: rsplit0.induct)
  3701   case (2 a b) 
  3702   from prems have "\<exists> (pa,na,sa) \<in> ?SS a. ?I pa" by simp
  3703   then obtain "pa" "na" "sa" where pa: "(pa,na,sa)\<in> ?SS a \<and> ?I pa" by blast
  3704   from prems have "\<exists> (pb,nb,sb) \<in> ?SS b. ?I pb" by simp
  3705   then obtain "pb" "nb" "sb" where pb: "(pb,nb,sb)\<in> ?SS b \<and> ?I pb" by blast
  3706   from pa pb have th: "((pa,na,sa),(pb,nb,sb)) \<in> set (allpairs Pair (rsplit0 a) (rsplit0 b))"
  3707     by (auto simp add: allpairs_set)
  3708   let ?f="(\<lambda> ((p,n,t),(q,m,s)). (And p q, n+m, Add t s))"
  3709   from imageI[OF th, where f="?f"] have "?f ((pa,na,sa),(pb,nb,sb)) \<in> ?SS (Add a b)"
  3710     by (simp add: Let_def)
  3711   hence "(And pa pb, na +nb, Add sa sb) \<in> ?SS (Add a b)" by simp
  3712   moreover from pa pb have "?I (And pa pb)" by simp
  3713   ultimately show ?case by blast
  3714 next
  3715   case (5 a) 
  3716   let ?p = "\<lambda> (p,n,s) j. fp p n s j"
  3717   let ?f = "(\<lambda> (p,n,s) j. (?p (p,n,s) j, (0::int),(Add (Floor s) (C j))))"
  3718   let ?J = "\<lambda> n. if n>0 then iupt (0,n) else iupt (n,0)"
  3719   let ?ff=" (\<lambda> (p,n,s). if n= 0 then [(p,0,Floor s)] else map (?f (p,n,s)) (?J n))"
  3720   have int_cases: "\<forall> (i::int). i= 0 \<or> i < 0 \<or> i > 0" by arith
  3721   have U1: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)]))" by auto
  3722   have U2': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0}. ?ff (p,n,s) = map (?f(p,n,s)) (iupt(0,n))"
  3723     by auto
  3724   hence U2: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) (iupt(0,n)))))"
  3725   proof-
  3726     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3727     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3728     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3729       by (auto simp add: split_def)
  3730   qed
  3731   have U3': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0}. ?ff (p,n,s) = map (?f(p,n,s)) (iupt(n,0))"
  3732     by auto
  3733   hence U3: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) (iupt(n,0)))))"
  3734   proof-
  3735     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3736     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3737     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3738       by (auto simp add: split_def)
  3739   qed
  3740   from foldl_append_map_Nil_set[where xs="rsplit0 a" and f="?ff"]
  3741   have "?SS (Floor a) = UNION (?SS a) (\<lambda>x. set (?ff x))" by auto
  3742   also have "\<dots> = UNION (?SS a) (\<lambda> (p,n,s). set (?ff (p,n,s)))" by auto
  3743   also have "\<dots> = 
  3744     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3745     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3746     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))))" 
  3747     using int_cases[rule_format] by blast
  3748   also have "\<dots> =  
  3749     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)])) Un 
  3750     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) (iupt(0,n))))) Un 
  3751     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) (iupt(n,0))))))" by (simp only: U1 U2 U3)
  3752   also have "\<dots> =  
  3753     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3754     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {0 .. n})) Un 
  3755     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {n .. 0})))"
  3756     by (simp only: set_map iupt_set set.simps)
  3757   also have "\<dots> =   
  3758     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3759     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3760     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))" by blast
  3761   finally 
  3762   have FS: "?SS (Floor a) =   
  3763     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3764     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3765     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))"    by blast
  3766   from prems have "\<exists> (p,n,s) \<in> ?SS a. ?I p" by simp
  3767   then obtain "p" "n" "s" where pns: "(p,n,s) \<in> ?SS a \<and> ?I p" by blast
  3768   let ?N = "\<lambda> t. Inum (x#bs) t"
  3769   from rsplit0_cs[rule_format] pns have ans:"(?N a = ?N (CN 0 n s)) \<and> numbound0 s \<and> isrlfm p"
  3770     by auto
  3771   
  3772   have "n=0 \<or> n >0 \<or> n <0" by arith
  3773   moreover {assume "n=0" hence ?case using pns by (simp only: FS) auto }
  3774   moreover
  3775   {
  3776     assume np: "n > 0"
  3777     from real_of_int_floor_le[where r="?N s"] have "?N (Floor s) \<le> ?N s" by simp
  3778     also from mult_left_mono[OF xp] np have "?N s \<le> real n * x + ?N s" by simp
  3779     finally have "?N (Floor s) \<le> real n * x + ?N s" .
  3780     moreover
  3781     {from mult_strict_left_mono[OF x1] np 
  3782       have "real n *x + ?N s < real n + ?N s" by simp
  3783       also from real_of_int_floor_add_one_gt[where r="?N s"] 
  3784       have "\<dots> < real n + ?N (Floor s) + 1" by simp
  3785       finally have "real n *x + ?N s < ?N (Floor s) + real (n+1)" by simp}
  3786     ultimately have "?N (Floor s) \<le> real n *x + ?N s\<and> real n *x + ?N s < ?N (Floor s) + real (n+1)" by simp
  3787     hence th: "0 \<le> real n *x + ?N s - ?N (Floor s) \<and> real n *x + ?N s - ?N (Floor s) < real (n+1)" by simp
  3788     from real_in_int_intervals th have  "\<exists> j\<in> {0 .. n}. real j \<le> real n *x + ?N s - ?N (Floor s)\<and> real n *x + ?N s - ?N (Floor s) < real (j+1)" by simp
  3789     
  3790     hence "\<exists> j\<in> {0 .. n}. 0 \<le> real n *x + ?N s - ?N (Floor s) - real j \<and> real n *x + ?N s - ?N (Floor s) - real (j+1) < 0"
  3791       by(simp only: myl[rule_format, where b="real n * x + Inum (x # bs) s - Inum (x # bs) (Floor s)"] less_iff_diff_less_0[where a="real n *x + ?N s - ?N (Floor s)"]) 
  3792     hence "\<exists> j\<in> {0.. n}. ?I (?p (p,n,s) j)"
  3793       using pns by (simp add: fp_def np ring_eq_simps numsub numadd)
  3794     then obtain "j" where j_def: "j\<in> {0 .. n} \<and> ?I (?p (p,n,s) j)" by blast
  3795     hence "\<exists>x \<in> {?p (p,n,s) j |j. 0\<le> j \<and> j \<le> n }. ?I x" by auto
  3796     hence ?case using pns 
  3797       by (simp only: FS,simp add: bex_Un) 
  3798     (rule disjI2, rule disjI1,rule exI [where x="p"],
  3799       rule exI [where x="n"],rule exI [where x="s"],simp_all add: np)
  3800   }
  3801   moreover
  3802   { assume nn: "n < 0" hence np: "-n >0" by simp
  3803     from real_of_int_floor_le[where r="?N s"] have "?N (Floor s) + 1 > ?N s" by simp
  3804     moreover from mult_left_mono_neg[OF xp] nn have "?N s \<ge> real n * x + ?N s" by simp
  3805     ultimately have "?N (Floor s) + 1 > real n * x + ?N s" by arith 
  3806     moreover
  3807     {from mult_strict_left_mono_neg[OF x1, where c="real n"] nn
  3808       have "real n *x + ?N s \<ge> real n + ?N s" by simp 
  3809       moreover from real_of_int_floor_le[where r="?N s"]  have "real n + ?N s \<ge> real n + ?N (Floor s)" by simp
  3810       ultimately have "real n *x + ?N s \<ge> ?N (Floor s) + real n" 
  3811 	by (simp only: ring_eq_simps)}
  3812     ultimately have "?N (Floor s) + real n \<le> real n *x + ?N s\<and> real n *x + ?N s < ?N (Floor s) + real (1::int)" by simp
  3813     hence th: "real n \<le> real n *x + ?N s - ?N (Floor s) \<and> real n *x + ?N s - ?N (Floor s) < real (1::int)" by simp
  3814     have th1: "\<forall> (a::real). (- a > 0) = (a < 0)" by auto
  3815     have th2: "\<forall> (a::real). (0 \<ge> - a) = (a \<ge> 0)" by auto
  3816     from real_in_int_intervals th  have  "\<exists> j\<in> {n .. 0}. real j \<le> real n *x + ?N s - ?N (Floor s)\<and> real n *x + ?N s - ?N (Floor s) < real (j+1)" by simp
  3817     
  3818     hence "\<exists> j\<in> {n .. 0}. 0 \<le> real n *x + ?N s - ?N (Floor s) - real j \<and> real n *x + ?N s - ?N (Floor s) - real (j+1) < 0"
  3819       by(simp only: myl[rule_format, where b="real n * x + Inum (x # bs) s - Inum (x # bs) (Floor s)"] less_iff_diff_less_0[where a="real n *x + ?N s - ?N (Floor s)"]) 
  3820     hence "\<exists> j\<in> {n .. 0}. 0 \<ge> - (real n *x + ?N s - ?N (Floor s) - real j) \<and> - (real n *x + ?N s - ?N (Floor s) - real (j+1)) > 0" by (simp only: th1[rule_format] th2[rule_format])
  3821     hence "\<exists> j\<in> {n.. 0}. ?I (?p (p,n,s) j)"
  3822       using pns by (simp add: fp_def nn diff_def add_ac mult_ac numfloor numadd numneg
  3823 	del: diff_less_0_iff_less diff_le_0_iff_le) 
  3824     then obtain "j" where j_def: "j\<in> {n .. 0} \<and> ?I (?p (p,n,s) j)" by blast
  3825     hence "\<exists>x \<in> {?p (p,n,s) j |j. n\<le> j \<and> j \<le> 0 }. ?I x" by auto
  3826     hence ?case using pns 
  3827       by (simp only: FS,simp add: bex_Un) 
  3828     (rule disjI2, rule disjI2,rule exI [where x="p"],
  3829       rule exI [where x="n"],rule exI [where x="s"],simp_all add: np)
  3830   }
  3831   ultimately show ?case by blast
  3832 qed (auto simp add: Let_def split_def)
  3833 
  3834     (* Linearize a formula where Bound 0 ranges over [0,1) *)
  3835 
  3836 constdefs rsplit :: "(int \<Rightarrow> num \<Rightarrow> fm) \<Rightarrow> num \<Rightarrow> fm"
  3837   "rsplit f a \<equiv> foldr disj (map (\<lambda> (\<phi>, n, s). conj \<phi> (f n s)) (rsplit0 a)) F"
  3838 
  3839 lemma foldr_disj_map: "Ifm bs (foldr disj (map f xs) F) = (\<exists> x \<in> set xs. Ifm bs (f x))"
  3840 by(induct xs, simp_all)
  3841 
  3842 lemma foldr_conj_map: "Ifm bs (foldr conj (map f xs) T) = (\<forall> x \<in> set xs. Ifm bs (f x))"
  3843 by(induct xs, simp_all)
  3844 
  3845 lemma foldr_disj_map_rlfm: 
  3846   assumes lf: "\<forall> n s. numbound0 s \<longrightarrow> isrlfm (f n s)"
  3847   and \<phi>: "\<forall> (\<phi>,n,s) \<in> set xs. numbound0 s \<and> isrlfm \<phi>"
  3848   shows "isrlfm (foldr disj (map (\<lambda> (\<phi>, n, s). conj \<phi> (f n s)) xs) F)"
  3849 using lf \<phi> by (induct xs, auto)
  3850 
  3851 lemma rsplit_ex: "Ifm bs (rsplit f a) = (\<exists> (\<phi>,n,s) \<in> set (rsplit0 a). Ifm bs (conj \<phi> (f n s)))"
  3852 using foldr_disj_map[where xs="rsplit0 a"] rsplit_def by (simp add: split_def)
  3853 
  3854 lemma rsplit_l: assumes lf: "\<forall> n s. numbound0 s \<longrightarrow> isrlfm (f n s)"
  3855   shows "isrlfm (rsplit f a)"
  3856 proof-
  3857   from rsplit0_cs[where t="a"] have th: "\<forall> (\<phi>,n,s) \<in> set (rsplit0 a). numbound0 s \<and> isrlfm \<phi>" by blast
  3858   from foldr_disj_map_rlfm[OF lf th] rsplit_def show ?thesis by simp
  3859 qed
  3860 
  3861 lemma rsplit: 
  3862   assumes xp: "x \<ge> 0" and x1: "x < 1"
  3863   and f: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> (Ifm (x#bs) (f n s) = Ifm (x#bs) (g a))"
  3864   shows "Ifm (x#bs) (rsplit f a) = Ifm (x#bs) (g a)"
  3865 proof(auto)
  3866   let ?I = "\<lambda>x p. Ifm (x#bs) p"
  3867   let ?N = "\<lambda> x t. Inum (x#bs) t"
  3868   assume "?I x (rsplit f a)"
  3869   hence "\<exists> (\<phi>,n,s) \<in> set (rsplit0 a). ?I x (And \<phi> (f n s))" using rsplit_ex by simp
  3870   then obtain "\<phi>" "n" "s" where fnsS:"(\<phi>,n,s) \<in> set (rsplit0 a)" and "?I x (And \<phi> (f n s))" by blast
  3871   hence \<phi>: "?I x \<phi>" and fns: "?I x (f n s)" by auto
  3872   from rsplit0_cs[where t="a" and bs="bs" and x="x", rule_format, OF fnsS] \<phi> 
  3873   have th: "(?N x a = ?N x (CN 0 n s)) \<and> numbound0 s" by auto
  3874   from f[rule_format, OF th] fns show "?I x (g a)" by simp
  3875 next
  3876   let ?I = "\<lambda>x p. Ifm (x#bs) p"
  3877   let ?N = "\<lambda> x t. Inum (x#bs) t"
  3878   assume ga: "?I x (g a)"
  3879   from rsplit0_complete[OF xp x1, where bs="bs" and t="a"] 
  3880   obtain "\<phi>" "n" "s" where fnsS:"(\<phi>,n,s) \<in> set (rsplit0 a)" and fx: "?I x \<phi>" by blast
  3881   from rsplit0_cs[where t="a" and x="x" and bs="bs"] fnsS fx
  3882   have ans: "?N x a = ?N x (CN 0 n s)" and nb: "numbound0 s" by auto
  3883   with ga f have "?I x (f n s)" by auto
  3884   with rsplit_ex fnsS fx show "?I x (rsplit f a)" by auto
  3885 qed
  3886 
  3887 consts 
  3888   lt :: "int \<Rightarrow> num \<Rightarrow> fm"
  3889   le :: "int \<Rightarrow> num \<Rightarrow> fm"
  3890   gt :: "int \<Rightarrow> num \<Rightarrow> fm"
  3891   ge :: "int \<Rightarrow> num \<Rightarrow> fm"
  3892   eq :: "int \<Rightarrow> num \<Rightarrow> fm"
  3893   neq :: "int \<Rightarrow> num \<Rightarrow> fm"
  3894 
  3895 defs lt_def: "lt c t \<equiv> (if c = 0 then (Lt t) else if c > 0 then (Lt (CN 0 c t)) 
  3896                         else (Gt (CN 0 (-c) (Neg t))))"
  3897 defs le_def: "le c t \<equiv> (if c = 0 then (Le t) else if c > 0 then (Le (CN 0 c t)) 
  3898                         else (Ge (CN 0 (-c) (Neg t))))"
  3899 defs gt_def: "gt c t \<equiv> (if c = 0 then (Gt t) else if c > 0 then (Gt (CN 0 c t)) 
  3900                         else (Lt (CN 0 (-c) (Neg t))))"
  3901 defs ge_def: "ge c t \<equiv> (if c = 0 then (Ge t) else if c > 0 then (Ge (CN 0 c t)) 
  3902                         else (Le (CN 0 (-c) (Neg t))))"
  3903 defs eq_def: "eq c t \<equiv> (if c = 0 then (Eq t) else if c > 0 then (Eq (CN 0 c t)) 
  3904                         else (Eq (CN 0 (-c) (Neg t))))"
  3905 defs neq_def: "neq c t \<equiv> (if c = 0 then (NEq t) else if c > 0 then (NEq (CN 0 c t)) 
  3906                         else (NEq (CN 0 (-c) (Neg t))))"
  3907 
  3908 lemma lt_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (lt n s) = Ifm (x#bs) (Lt a)"
  3909   (is "\<forall> a n s . ?N a = ?N (CN 0 n s) \<and> _\<longrightarrow> ?I (lt n s) = ?I (Lt a)")
  3910 proof(clarify)
  3911   fix a n s
  3912   assume H: "?N a = ?N (CN 0 n s)"
  3913   show "?I (lt n s) = ?I (Lt a)" using H by (cases "n=0", (simp add: lt_def))
  3914   (cases "n > 0", simp_all add: lt_def ring_eq_simps myless[rule_format, where b="0"])
  3915 qed
  3916 
  3917 lemma lt_l: "isrlfm (rsplit lt a)"
  3918   by (rule rsplit_l[where f="lt" and a="a"], auto simp add: lt_def,
  3919     case_tac s, simp_all, case_tac "nat", simp_all)
  3920 
  3921 lemma le_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (le n s) = Ifm (x#bs) (Le a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (le n s) = ?I (Le a)")
  3922 proof(clarify)
  3923   fix a n s
  3924   assume H: "?N a = ?N (CN 0 n s)"
  3925   show "?I (le n s) = ?I (Le a)" using H by (cases "n=0", (simp add: le_def))
  3926   (cases "n > 0", simp_all add: le_def ring_eq_simps myl[rule_format, where b="0"])
  3927 qed
  3928 
  3929 lemma le_l: "isrlfm (rsplit le a)"
  3930   by (rule rsplit_l[where f="le" and a="a"], auto simp add: le_def) 
  3931 (case_tac s, simp_all, case_tac "nat",simp_all)
  3932 
  3933 lemma gt_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (gt n s) = Ifm (x#bs) (Gt a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (gt n s) = ?I (Gt a)")
  3934 proof(clarify)
  3935   fix a n s
  3936   assume H: "?N a = ?N (CN 0 n s)"
  3937   show "?I (gt n s) = ?I (Gt a)" using H by (cases "n=0", (simp add: gt_def))
  3938   (cases "n > 0", simp_all add: gt_def ring_eq_simps myless[rule_format, where b="0"])
  3939 qed
  3940 lemma gt_l: "isrlfm (rsplit gt a)"
  3941   by (rule rsplit_l[where f="gt" and a="a"], auto simp add: gt_def) 
  3942 (case_tac s, simp_all, case_tac "nat", simp_all)
  3943 
  3944 lemma ge_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (ge n s) = Ifm (x#bs) (Ge a)" (is "\<forall> a n s . ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (ge n s) = ?I (Ge a)")
  3945 proof(clarify)
  3946   fix a n s 
  3947   assume H: "?N a = ?N (CN 0 n s)"
  3948   show "?I (ge n s) = ?I (Ge a)" using H by (cases "n=0", (simp add: ge_def))
  3949   (cases "n > 0", simp_all add: ge_def ring_eq_simps myl[rule_format, where b="0"])
  3950 qed
  3951 lemma ge_l: "isrlfm (rsplit ge a)"
  3952   by (rule rsplit_l[where f="ge" and a="a"], auto simp add: ge_def) 
  3953 (case_tac s, simp_all, case_tac "nat", simp_all)
  3954 
  3955 lemma eq_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (eq n s) = Ifm (x#bs) (Eq a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (eq n s) = ?I (Eq a)")
  3956 proof(clarify)
  3957   fix a n s 
  3958   assume H: "?N a = ?N (CN 0 n s)"
  3959   show "?I (eq n s) = ?I (Eq a)" using H by (auto simp add: eq_def ring_eq_simps)
  3960 qed
  3961 lemma eq_l: "isrlfm (rsplit eq a)"
  3962   by (rule rsplit_l[where f="eq" and a="a"], auto simp add: eq_def) 
  3963 (case_tac s, simp_all, case_tac"nat", simp_all)
  3964 
  3965 lemma neq_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (neq n s) = Ifm (x#bs) (NEq a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (neq n s) = ?I (NEq a)")
  3966 proof(clarify)
  3967   fix a n s bs
  3968   assume H: "?N a = ?N (CN 0 n s)"
  3969   show "?I (neq n s) = ?I (NEq a)" using H by (auto simp add: neq_def ring_eq_simps)
  3970 qed
  3971 
  3972 lemma neq_l: "isrlfm (rsplit neq a)"
  3973   by (rule rsplit_l[where f="neq" and a="a"], auto simp add: neq_def) 
  3974 (case_tac s, simp_all, case_tac"nat", simp_all)
  3975 
  3976 consts
  3977   DVD :: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3978   DVDJ:: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3979   NDVD :: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3980   NDVDJ:: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3981 
  3982 lemma small_le: 
  3983   assumes u0:"0 \<le> u" and u1: "u < 1"
  3984   shows "(-u \<le> real (n::int)) = (0 \<le> n)"
  3985 using u0 u1  by auto
  3986 
  3987 lemma small_lt: 
  3988   assumes u0:"0 \<le> u" and u1: "u < 1"
  3989   shows "(real (n::int) < real (m::int) - u) = (n < m)"
  3990 using u0 u1  by auto
  3991 
  3992 lemma rdvd01_cs: 
  3993   assumes up: "u \<ge> 0" and u1: "u<1" and np: "real n > 0"
  3994   shows "(real (i::int) rdvd real (n::int) * u - s) = (\<exists> j\<in> {0 .. n - 1}. real n * u = s - real (floor s) + real j \<and> real i rdvd real (j - floor s))" (is "?lhs = ?rhs")
  3995 proof-
  3996   let ?ss = "s - real (floor s)"
  3997   from real_of_int_floor_add_one_gt[where r="s", simplified myless[rule_format,where a="s"]] 
  3998     real_of_int_floor_le[where r="s"]  have ss0:"?ss \<ge> 0" and ss1:"?ss < 1" 
  3999     by (auto simp add: myl[rule_format, where b="s", symmetric] myless[rule_format, where a="?ss"])
  4000   from np have n0: "real n \<ge> 0" by simp
  4001   from mult_left_mono[OF up n0] mult_strict_left_mono[OF u1 np] 
  4002   have nu0:"real n * u - s \<ge> -s" and nun:"real n * u -s < real n - s" by auto  
  4003   from int_rdvd_real[where i="i" and x="real (n::int) * u - s"] 
  4004   have "real i rdvd real n * u - s = 
  4005     (i dvd floor (real n * u -s) \<and> (real (floor (real n * u - s)) = real n * u - s ))" 
  4006     (is "_ = (?DE)" is "_ = (?D \<and> ?E)") by simp
  4007   also have "\<dots> = (?DE \<and> real(floor (real n * u - s) + floor s)\<ge> -?ss 
  4008     \<and> real(floor (real n * u - s) + floor s)< real n - ?ss)" (is "_=(?DE \<and>real ?a \<ge> _ \<and> real ?a < _)")
  4009     using nu0 nun  by auto
  4010   also have "\<dots> = (?DE \<and> ?a \<ge> 0 \<and> ?a < n)" by(simp only: small_le[OF ss0 ss1] small_lt[OF ss0 ss1])
  4011   also have "\<dots> = (?DE \<and> (\<exists> j\<in> {0 .. (n - 1)}. ?a = j))" by simp
  4012   also have "\<dots> = (?DE \<and> (\<exists> j\<in> {0 .. (n - 1)}. real (\<lfloor>real n * u - s\<rfloor>) = real j - real \<lfloor>s\<rfloor> ))"
  4013     by (simp only: ring_eq_simps real_of_int_diff[symmetric] real_of_int_inject del: real_of_int_diff)
  4014   also have "\<dots> = ((\<exists> j\<in> {0 .. (n - 1)}. real n * u - s = real j - real \<lfloor>s\<rfloor> \<and> real i rdvd real n * u - s))" using int_rdvd_iff[where i="i" and t="\<lfloor>real n * u - s\<rfloor>"]
  4015     by (auto cong: conj_cong)
  4016   also have "\<dots> = ?rhs" by(simp cong: conj_cong) (simp add: ring_eq_simps )
  4017   finally show ?thesis .
  4018 qed
  4019 
  4020 defs DVDJ_def: "DVDJ i n s \<equiv> (foldr disj (map (\<lambda> j. conj (Eq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (Dvd i (Sub (C j) (Floor (Neg s))))) (iupt(0,n - 1))) F)"
  4021 defs NDVDJ_def: "NDVDJ i n s \<equiv> (foldr conj (map (\<lambda> j. disj (NEq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (NDvd i (Sub (C j) (Floor (Neg s))))) (iupt(0,n - 1))) T)"
  4022 
  4023 lemma DVDJ_DVD: 
  4024   assumes xp:"x\<ge> 0" and x1: "x < 1" and np:"real n > 0"
  4025   shows "Ifm (x#bs) (DVDJ i n s) = Ifm (x#bs) (Dvd i (CN 0 n s))"
  4026 proof-
  4027   let ?f = "\<lambda> j. conj (Eq(CN 0 n (Add s (Sub(Floor (Neg s)) (C j))))) (Dvd i (Sub (C j) (Floor (Neg s))))"
  4028   let ?s= "Inum (x#bs) s"
  4029   from foldr_disj_map[where xs="iupt(0,n - 1)" and bs="x#bs" and f="?f"]
  4030   have "Ifm (x#bs) (DVDJ i n s) = (\<exists> j\<in> {0 .. (n - 1)}. Ifm (x#bs) (?f j))" 
  4031     by (simp add: iupt_set np DVDJ_def del: iupt.simps)
  4032   also have "\<dots> = (\<exists> j\<in> {0 .. (n - 1)}. real n * x = (- ?s) - real (floor (- ?s)) + real j \<and> real i rdvd real (j - floor (- ?s)))" by (simp add: ring_eq_simps diff_def[symmetric])
  4033   also from rdvd01_cs[OF xp x1 np, where i="i" and s="-?s"] 
  4034   have "\<dots> = (real i rdvd real n * x - (-?s))" by simp
  4035   finally show ?thesis by simp
  4036 qed
  4037 
  4038 lemma NDVDJ_NDVD: 
  4039   assumes xp:"x\<ge> 0" and x1: "x < 1" and np:"real n > 0"
  4040   shows "Ifm (x#bs) (NDVDJ i n s) = Ifm (x#bs) (NDvd i (CN 0 n s))"
  4041 proof-
  4042   let ?f = "\<lambda> j. disj(NEq(CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (NDvd i (Sub (C j) (Floor(Neg s))))"
  4043   let ?s= "Inum (x#bs) s"
  4044   from foldr_conj_map[where xs="iupt(0,n - 1)" and bs="x#bs" and f="?f"]
  4045   have "Ifm (x#bs) (NDVDJ i n s) = (\<forall> j\<in> {0 .. (n - 1)}. Ifm (x#bs) (?f j))" 
  4046     by (simp add: iupt_set np NDVDJ_def del: iupt.simps)
  4047   also have "\<dots> = (\<not> (\<exists> j\<in> {0 .. (n - 1)}. real n * x = (- ?s) - real (floor (- ?s)) + real j \<and> real i rdvd real (j - floor (- ?s))))" by (simp add: ring_eq_simps diff_def[symmetric])
  4048   also from rdvd01_cs[OF xp x1 np, where i="i" and s="-?s"] 
  4049   have "\<dots> = (\<not> (real i rdvd real n * x - (-?s)))" by simp
  4050   finally show ?thesis by simp
  4051 qed  
  4052 
  4053 lemma foldr_disj_map_rlfm2: 
  4054   assumes lf: "\<forall> n . isrlfm (f n)"
  4055   shows "isrlfm (foldr disj (map f xs) F)"
  4056 using lf by (induct xs, auto)
  4057 lemma foldr_And_map_rlfm2: 
  4058   assumes lf: "\<forall> n . isrlfm (f n)"
  4059   shows "isrlfm (foldr conj (map f xs) T)"
  4060 using lf by (induct xs, auto)
  4061 
  4062 lemma DVDJ_l: assumes ip: "i >0" and np: "n>0" and nb: "numbound0 s"
  4063   shows "isrlfm (DVDJ i n s)"
  4064 proof-
  4065   let ?f="\<lambda>j. conj (Eq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j)))))
  4066                          (Dvd i (Sub (C j) (Floor (Neg s))))"
  4067   have th: "\<forall> j. isrlfm (?f j)" using nb np by auto
  4068   from DVDJ_def foldr_disj_map_rlfm2[OF th] show ?thesis by simp 
  4069 qed
  4070 
  4071 lemma NDVDJ_l: assumes ip: "i >0" and np: "n>0" and nb: "numbound0 s"
  4072   shows "isrlfm (NDVDJ i n s)"
  4073 proof-
  4074   let ?f="\<lambda>j. disj (NEq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j)))))
  4075                       (NDvd i (Sub (C j) (Floor (Neg s))))"
  4076   have th: "\<forall> j. isrlfm (?f j)" using nb np by auto
  4077   from NDVDJ_def foldr_And_map_rlfm2[OF th] show ?thesis by auto
  4078 qed
  4079 
  4080 defs DVD_def: "DVD i c t \<equiv> 
  4081   (if i=0 then eq c t else 
  4082   if c = 0 then (Dvd i t) else if c >0 then DVDJ (abs i) c t else DVDJ (abs i) (-c) (Neg t))"
  4083 defs NDVD_def: "NDVD i c t \<equiv> 
  4084   (if i=0 then neq c t else 
  4085   if c = 0 then (NDvd i t) else if c >0 then NDVDJ (abs i) c t else NDVDJ (abs i) (-c) (Neg t))"
  4086 
  4087 lemma DVD_mono: 
  4088   assumes xp: "0\<le> x" and x1: "x < 1" 
  4089   shows "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (DVD i n s) = Ifm (x#bs) (Dvd i a)"
  4090   (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (DVD i n s) = ?I (Dvd i a)")
  4091 proof(clarify)
  4092   fix a n s 
  4093   assume H: "?N a = ?N (CN 0 n s)" and nb: "numbound0 s"
  4094   let ?th = "?I (DVD i n s) = ?I (Dvd i a)"
  4095   have "i=0 \<or> (i\<noteq>0 \<and> n=0) \<or> (i\<noteq>0 \<and> n < 0) \<or> (i\<noteq>0 \<and> n > 0)" by arith
  4096   moreover {assume iz: "i=0" hence ?th using eq_mono[rule_format, OF conjI[OF H nb]] 
  4097       by (simp add: DVD_def rdvd_left_0_eq)}
  4098   moreover {assume inz: "i\<noteq>0" and "n=0" hence ?th by (simp add: H DVD_def) } 
  4099   moreover {assume inz: "i\<noteq>0" and "n<0" hence ?th 
  4100       by (simp add: DVD_def H DVDJ_DVD[OF xp x1] rdvd_abs1 
  4101 	rdvd_minus[where d="i" and t="real n * x + Inum (x # bs) s"]) } 
  4102   moreover {assume inz: "i\<noteq>0" and "n>0" hence ?th by (simp add:DVD_def H DVDJ_DVD[OF xp x1] rdvd_abs1)}
  4103   ultimately show ?th by blast
  4104 qed
  4105 
  4106 lemma NDVD_mono:   assumes xp: "0\<le> x" and x1: "x < 1" 
  4107   shows "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (NDVD i n s) = Ifm (x#bs) (NDvd i a)"
  4108   (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (NDVD i n s) = ?I (NDvd i a)")
  4109 proof(clarify)
  4110   fix a n s 
  4111   assume H: "?N a = ?N (CN 0 n s)" and nb: "numbound0 s"
  4112   let ?th = "?I (NDVD i n s) = ?I (NDvd i a)"
  4113   have "i=0 \<or> (i\<noteq>0 \<and> n=0) \<or> (i\<noteq>0 \<and> n < 0) \<or> (i\<noteq>0 \<and> n > 0)" by arith
  4114   moreover {assume iz: "i=0" hence ?th using neq_mono[rule_format, OF conjI[OF H nb]] 
  4115       by (simp add: NDVD_def rdvd_left_0_eq)}
  4116   moreover {assume inz: "i\<noteq>0" and "n=0" hence ?th by (simp add: H NDVD_def) } 
  4117   moreover {assume inz: "i\<noteq>0" and "n<0" hence ?th 
  4118       by (simp add: NDVD_def H NDVDJ_NDVD[OF xp x1] rdvd_abs1 
  4119 	rdvd_minus[where d="i" and t="real n * x + Inum (x # bs) s"]) } 
  4120   moreover {assume inz: "i\<noteq>0" and "n>0" hence ?th 
  4121       by (simp add:NDVD_def H NDVDJ_NDVD[OF xp x1] rdvd_abs1)}
  4122   ultimately show ?th by blast
  4123 qed
  4124 
  4125 lemma DVD_l: "isrlfm (rsplit (DVD i) a)"
  4126   by (rule rsplit_l[where f="DVD i" and a="a"], auto simp add: DVD_def eq_def DVDJ_l) 
  4127 (case_tac s, simp_all, case_tac "nat", simp_all)
  4128 
  4129 lemma NDVD_l: "isrlfm (rsplit (NDVD i) a)"
  4130   by (rule rsplit_l[where f="NDVD i" and a="a"], auto simp add: NDVD_def neq_def NDVDJ_l) 
  4131 (case_tac s, simp_all, case_tac "nat", simp_all)
  4132 
  4133 consts rlfm :: "fm \<Rightarrow> fm"
  4134 recdef rlfm "measure fmsize"
  4135   "rlfm (And p q) = conj (rlfm p) (rlfm q)"
  4136   "rlfm (Or p q) = disj (rlfm p) (rlfm q)"
  4137   "rlfm (Imp p q) = disj (rlfm (NOT p)) (rlfm q)"
  4138   "rlfm (Iff p q) = disj (conj(rlfm p) (rlfm q)) (conj(rlfm (NOT p)) (rlfm (NOT q)))"
  4139   "rlfm (Lt a) = rsplit lt a"
  4140   "rlfm (Le a) = rsplit le a"
  4141   "rlfm (Gt a) = rsplit gt a"
  4142   "rlfm (Ge a) = rsplit ge a"
  4143   "rlfm (Eq a) = rsplit eq a"
  4144   "rlfm (NEq a) = rsplit neq a"
  4145   "rlfm (Dvd i a) = rsplit (\<lambda> t. DVD i t) a"
  4146   "rlfm (NDvd i a) = rsplit (\<lambda> t. NDVD i t) a"
  4147   "rlfm (NOT (And p q)) = disj (rlfm (NOT p)) (rlfm (NOT q))"
  4148   "rlfm (NOT (Or p q)) = conj (rlfm (NOT p)) (rlfm (NOT q))"
  4149   "rlfm (NOT (Imp p q)) = conj (rlfm p) (rlfm (NOT q))"
  4150   "rlfm (NOT (Iff p q)) = disj (conj(rlfm p) (rlfm(NOT q))) (conj(rlfm(NOT p)) (rlfm q))"
  4151   "rlfm (NOT (NOT p)) = rlfm p"
  4152   "rlfm (NOT T) = F"
  4153   "rlfm (NOT F) = T"
  4154   "rlfm (NOT (Lt a)) = simpfm (rlfm (Ge a))"
  4155   "rlfm (NOT (Le a)) = simpfm (rlfm (Gt a))"
  4156   "rlfm (NOT (Gt a)) = simpfm (rlfm (Le a))"
  4157   "rlfm (NOT (Ge a)) = simpfm (rlfm (Lt a))"
  4158   "rlfm (NOT (Eq a)) = simpfm (rlfm (NEq a))"
  4159   "rlfm (NOT (NEq a)) = simpfm (rlfm (Eq a))"
  4160   "rlfm (NOT (Dvd i a)) = simpfm (rlfm (NDvd i a))"
  4161   "rlfm (NOT (NDvd i a)) = simpfm (rlfm (Dvd i a))"
  4162   "rlfm p = p" (hints simp add: fmsize_pos)
  4163 
  4164 lemma bound0at_l : "\<lbrakk>isatom p ; bound0 p\<rbrakk> \<Longrightarrow> isrlfm p"
  4165   by (induct p rule: isrlfm.induct, auto)
  4166 lemma igcd_le1: assumes ip: "0 < i" shows "igcd i j \<le> i"
  4167 proof-
  4168   from igcd_dvd1 have th: "igcd i j dvd i" by blast
  4169   from zdvd_imp_le[OF th ip] show ?thesis .
  4170 qed
  4171 
  4172 
  4173 lemma simpfm_rl: "isrlfm p \<Longrightarrow> isrlfm (simpfm p)"
  4174 proof (induct p)
  4175   case (Lt a) 
  4176   hence "bound0 (Lt a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4177     by (cases a,simp_all, case_tac "nat", simp_all)
  4178   moreover
  4179   {assume "bound0 (Lt a)" hence bn:"bound0 (simpfm (Lt a))"  
  4180       using simpfm_bound0 by blast
  4181     have "isatom (simpfm (Lt a))" by (cases "simpnum a", auto simp add: Let_def)
  4182     with bn bound0at_l have ?case by blast}
  4183   moreover 
  4184   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4185     {
  4186       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4187       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4188       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4189       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4190 	by (simp add: numgcd_def igcd_le1)
  4191       from prems have th': "c\<noteq>0" by auto
  4192       from prems have cp: "c \<ge> 0" by simp
  4193       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4194 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4195     }
  4196     with prems have ?case
  4197       by (simp add: Let_def reducecoeff_def reducecoeffh_numbound0)}
  4198   ultimately show ?case by blast
  4199 next
  4200   case (Le a)   
  4201   hence "bound0 (Le a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4202     by (cases a,simp_all, case_tac "nat", simp_all)
  4203   moreover
  4204   {assume "bound0 (Le a)" hence bn:"bound0 (simpfm (Le a))"  
  4205       using simpfm_bound0 by blast
  4206     have "isatom (simpfm (Le a))" by (cases "simpnum a", auto simp add: Let_def)
  4207     with bn bound0at_l have ?case by blast}
  4208   moreover 
  4209   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4210     {
  4211       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4212       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4213       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4214       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4215 	by (simp add: numgcd_def igcd_le1)
  4216       from prems have th': "c\<noteq>0" by auto
  4217       from prems have cp: "c \<ge> 0" by simp
  4218       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4219 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4220     }
  4221     with prems have ?case
  4222       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4223   ultimately show ?case by blast
  4224 next
  4225   case (Gt a)   
  4226   hence "bound0 (Gt a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4227     by (cases a,simp_all, case_tac "nat", simp_all)
  4228   moreover
  4229   {assume "bound0 (Gt a)" hence bn:"bound0 (simpfm (Gt a))"  
  4230       using simpfm_bound0 by blast
  4231     have "isatom (simpfm (Gt a))" by (cases "simpnum a", auto simp add: Let_def)
  4232     with bn bound0at_l have ?case by blast}
  4233   moreover 
  4234   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4235     {
  4236       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4237       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4238       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4239       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4240 	by (simp add: numgcd_def igcd_le1)
  4241       from prems have th': "c\<noteq>0" by auto
  4242       from prems have cp: "c \<ge> 0" by simp
  4243       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4244 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4245     }
  4246     with prems have ?case
  4247       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4248   ultimately show ?case by blast
  4249 next
  4250   case (Ge a)   
  4251   hence "bound0 (Ge a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4252     by (cases a,simp_all, case_tac "nat", simp_all)
  4253   moreover
  4254   {assume "bound0 (Ge a)" hence bn:"bound0 (simpfm (Ge a))"  
  4255       using simpfm_bound0 by blast
  4256     have "isatom (simpfm (Ge a))" by (cases "simpnum a", auto simp add: Let_def)
  4257     with bn bound0at_l have ?case by blast}
  4258   moreover 
  4259   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4260     {
  4261       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4262       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4263       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4264       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4265 	by (simp add: numgcd_def igcd_le1)
  4266       from prems have th': "c\<noteq>0" by auto
  4267       from prems have cp: "c \<ge> 0" by simp
  4268       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4269 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4270     }
  4271     with prems have ?case
  4272       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4273   ultimately show ?case by blast
  4274 next
  4275   case (Eq a)   
  4276   hence "bound0 (Eq a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4277     by (cases a,simp_all, case_tac "nat", simp_all)
  4278   moreover
  4279   {assume "bound0 (Eq a)" hence bn:"bound0 (simpfm (Eq a))"  
  4280       using simpfm_bound0 by blast
  4281     have "isatom (simpfm (Eq a))" by (cases "simpnum a", auto simp add: Let_def)
  4282     with bn bound0at_l have ?case by blast}
  4283   moreover 
  4284   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4285     {
  4286       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4287       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4288       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4289       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4290 	by (simp add: numgcd_def igcd_le1)
  4291       from prems have th': "c\<noteq>0" by auto
  4292       from prems have cp: "c \<ge> 0" by simp
  4293       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4294 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4295     }
  4296     with prems have ?case
  4297       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4298   ultimately show ?case by blast
  4299 next
  4300   case (NEq a)  
  4301   hence "bound0 (NEq a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4302     by (cases a,simp_all, case_tac "nat", simp_all)
  4303   moreover
  4304   {assume "bound0 (NEq a)" hence bn:"bound0 (simpfm (NEq a))"  
  4305       using simpfm_bound0 by blast
  4306     have "isatom (simpfm (NEq a))" by (cases "simpnum a", auto simp add: Let_def)
  4307     with bn bound0at_l have ?case by blast}
  4308   moreover 
  4309   {fix c e assume "a = CN 0 c e" and "c>0" and "numbound0 e"
  4310     {
  4311       assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4312       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4313       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4314       from prems have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4315 	by (simp add: numgcd_def igcd_le1)
  4316       from prems have th': "c\<noteq>0" by auto
  4317       from prems have cp: "c \<ge> 0" by simp
  4318       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4319 	have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4320     }
  4321     with prems have ?case
  4322       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4323   ultimately show ?case by blast
  4324 next
  4325   case (Dvd i a) hence "bound0 (Dvd i a)" by auto hence bn:"bound0 (simpfm (Dvd i a))"  
  4326     using simpfm_bound0 by blast
  4327   have "isatom (simpfm (Dvd i a))" by (cases "simpnum a", auto simp add: Let_def split_def)
  4328   with bn bound0at_l show ?case by blast
  4329 next
  4330   case (NDvd i a)  hence "bound0 (NDvd i a)" by auto hence bn:"bound0 (simpfm (NDvd i a))"  
  4331     using simpfm_bound0 by blast
  4332   have "isatom (simpfm (NDvd i a))" by (cases "simpnum a", auto simp add: Let_def split_def)
  4333   with bn bound0at_l show ?case by blast
  4334 qed(auto simp add: conj_def imp_def disj_def iff_def Let_def simpfm_bound0 numadd_nb numneg_nb)
  4335 
  4336 
  4337 
  4338 lemma rlfm_I:
  4339   assumes qfp: "qfree p"
  4340   and xp: "0 \<le> x" and x1: "x < 1"
  4341   shows "(Ifm (x#bs) (rlfm p) = Ifm (x# bs) p) \<and> isrlfm (rlfm p)"
  4342   using qfp 
  4343 by (induct p rule: rlfm.induct) 
  4344 (auto simp add: rsplit[OF xp x1 lt_mono] lt_l rsplit[OF xp x1 le_mono] le_l rsplit[OF xp x1 gt_mono] gt_l
  4345                rsplit[OF xp x1 ge_mono] ge_l rsplit[OF xp x1 eq_mono] eq_l rsplit[OF xp x1 neq_mono] neq_l
  4346                rsplit[OF xp x1 DVD_mono[OF xp x1]] DVD_l rsplit[OF xp x1 NDVD_mono[OF xp x1]] NDVD_l simpfm_rl)
  4347 lemma rlfm_l:
  4348   assumes qfp: "qfree p"
  4349   shows "isrlfm (rlfm p)"
  4350   using qfp lt_l gt_l ge_l le_l eq_l neq_l DVD_l NDVD_l 
  4351 by (induct p rule: rlfm.induct,auto simp add: simpfm_rl)
  4352 
  4353     (* Operations needed for Ferrante and Rackoff *)
  4354 lemma rminusinf_inf:
  4355   assumes lp: "isrlfm p"
  4356   shows "\<exists> z. \<forall> x < z. Ifm (x#bs) (minusinf p) = Ifm (x#bs) p" (is "\<exists> z. \<forall> x. ?P z x p")
  4357 using lp
  4358 proof (induct p rule: minusinf.induct)
  4359   case (1 p q) thus ?case by (auto,rule_tac x= "min z za" in exI) auto
  4360 next
  4361   case (2 p q) thus ?case by (auto,rule_tac x= "min z za" in exI) auto
  4362 next
  4363   case (3 c e) 
  4364   from prems have nb: "numbound0 e" by simp
  4365   from prems have cp: "real c > 0" by simp
  4366   let ?e="Inum (a#bs) e"
  4367   let ?z = "(- ?e) / real c"
  4368   {fix x
  4369     assume xz: "x < ?z"
  4370     hence "(real c * x < - ?e)" 
  4371       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4372     hence "real c * x + ?e < 0" by arith
  4373     hence "real c * x + ?e \<noteq> 0" by simp
  4374     with xz have "?P ?z x (Eq (CN 0 c e))"
  4375       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp  }
  4376   hence "\<forall> x < ?z. ?P ?z x (Eq (CN 0 c e))" by simp
  4377   thus ?case by blast
  4378 next
  4379   case (4 c e)   
  4380   from prems have nb: "numbound0 e" by simp
  4381   from prems have cp: "real c > 0" by simp
  4382   let ?e="Inum (a#bs) e"
  4383   let ?z = "(- ?e) / real c"
  4384   {fix x
  4385     assume xz: "x < ?z"
  4386     hence "(real c * x < - ?e)" 
  4387       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4388     hence "real c * x + ?e < 0" by arith
  4389     hence "real c * x + ?e \<noteq> 0" by simp
  4390     with xz have "?P ?z x (NEq (CN 0 c e))"
  4391       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4392   hence "\<forall> x < ?z. ?P ?z x (NEq (CN 0 c e))" by simp
  4393   thus ?case by blast
  4394 next
  4395   case (5 c e) 
  4396     from prems have nb: "numbound0 e" by simp
  4397   from prems have cp: "real c > 0" by simp
  4398   let ?e="Inum (a#bs) e"
  4399   let ?z = "(- ?e) / real c"
  4400   {fix x
  4401     assume xz: "x < ?z"
  4402     hence "(real c * x < - ?e)" 
  4403       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4404     hence "real c * x + ?e < 0" by arith
  4405     with xz have "?P ?z x (Lt (CN 0 c e))"
  4406       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"]  by simp }
  4407   hence "\<forall> x < ?z. ?P ?z x (Lt (CN 0 c e))" by simp
  4408   thus ?case by blast
  4409 next
  4410   case (6 c e)  
  4411     from prems have nb: "numbound0 e" by simp
  4412   from prems have cp: "real c > 0" by simp
  4413   let ?e="Inum (a#bs) e"
  4414   let ?z = "(- ?e) / real c"
  4415   {fix x
  4416     assume xz: "x < ?z"
  4417     hence "(real c * x < - ?e)" 
  4418       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4419     hence "real c * x + ?e < 0" by arith
  4420     with xz have "?P ?z x (Le (CN 0 c e))"
  4421       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4422   hence "\<forall> x < ?z. ?P ?z x (Le (CN 0 c e))" by simp
  4423   thus ?case by blast
  4424 next
  4425   case (7 c e)  
  4426     from prems have nb: "numbound0 e" by simp
  4427   from prems have cp: "real c > 0" by simp
  4428   let ?e="Inum (a#bs) e"
  4429   let ?z = "(- ?e) / real c"
  4430   {fix x
  4431     assume xz: "x < ?z"
  4432     hence "(real c * x < - ?e)" 
  4433       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4434     hence "real c * x + ?e < 0" by arith
  4435     with xz have "?P ?z x (Gt (CN 0 c e))"
  4436       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4437   hence "\<forall> x < ?z. ?P ?z x (Gt (CN 0 c e))" by simp
  4438   thus ?case by blast
  4439 next
  4440   case (8 c e)  
  4441     from prems have nb: "numbound0 e" by simp
  4442   from prems have cp: "real c > 0" by simp
  4443   let ?e="Inum (a#bs) e"
  4444   let ?z = "(- ?e) / real c"
  4445   {fix x
  4446     assume xz: "x < ?z"
  4447     hence "(real c * x < - ?e)" 
  4448       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4449     hence "real c * x + ?e < 0" by arith
  4450     with xz have "?P ?z x (Ge (CN 0 c e))"
  4451       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4452   hence "\<forall> x < ?z. ?P ?z x (Ge (CN 0 c e))" by simp
  4453   thus ?case by blast
  4454 qed simp_all
  4455 
  4456 lemma rplusinf_inf:
  4457   assumes lp: "isrlfm p"
  4458   shows "\<exists> z. \<forall> x > z. Ifm (x#bs) (plusinf p) = Ifm (x#bs) p" (is "\<exists> z. \<forall> x. ?P z x p")
  4459 using lp
  4460 proof (induct p rule: isrlfm.induct)
  4461   case (1 p q) thus ?case by (auto,rule_tac x= "max z za" in exI) auto
  4462 next
  4463   case (2 p q) thus ?case by (auto,rule_tac x= "max z za" in exI) auto
  4464 next
  4465   case (3 c e) 
  4466   from prems have nb: "numbound0 e" by simp
  4467   from prems have cp: "real c > 0" by simp
  4468   let ?e="Inum (a#bs) e"
  4469   let ?z = "(- ?e) / real c"
  4470   {fix x
  4471     assume xz: "x > ?z"
  4472     with mult_strict_right_mono [OF xz cp] cp
  4473     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4474     hence "real c * x + ?e > 0" by arith
  4475     hence "real c * x + ?e \<noteq> 0" by simp
  4476     with xz have "?P ?z x (Eq (CN 0 c e))"
  4477       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4478   hence "\<forall> x > ?z. ?P ?z x (Eq (CN 0 c e))" by simp
  4479   thus ?case by blast
  4480 next
  4481   case (4 c e) 
  4482   from prems have nb: "numbound0 e" by simp
  4483   from prems have cp: "real c > 0" by simp
  4484   let ?e="Inum (a#bs) e"
  4485   let ?z = "(- ?e) / real c"
  4486   {fix x
  4487     assume xz: "x > ?z"
  4488     with mult_strict_right_mono [OF xz cp] cp
  4489     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4490     hence "real c * x + ?e > 0" by arith
  4491     hence "real c * x + ?e \<noteq> 0" by simp
  4492     with xz have "?P ?z x (NEq (CN 0 c e))"
  4493       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4494   hence "\<forall> x > ?z. ?P ?z x (NEq (CN 0 c e))" by simp
  4495   thus ?case by blast
  4496 next
  4497   case (5 c e) 
  4498   from prems have nb: "numbound0 e" by simp
  4499   from prems have cp: "real c > 0" by simp
  4500   let ?e="Inum (a#bs) e"
  4501   let ?z = "(- ?e) / real c"
  4502   {fix x
  4503     assume xz: "x > ?z"
  4504     with mult_strict_right_mono [OF xz cp] cp
  4505     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4506     hence "real c * x + ?e > 0" by arith
  4507     with xz have "?P ?z x (Lt (CN 0 c e))"
  4508       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4509   hence "\<forall> x > ?z. ?P ?z x (Lt (CN 0 c e))" by simp
  4510   thus ?case by blast
  4511 next
  4512   case (6 c e) 
  4513   from prems have nb: "numbound0 e" by simp
  4514   from prems have cp: "real c > 0" by simp
  4515   let ?e="Inum (a#bs) e"
  4516   let ?z = "(- ?e) / real c"
  4517   {fix x
  4518     assume xz: "x > ?z"
  4519     with mult_strict_right_mono [OF xz cp] cp
  4520     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4521     hence "real c * x + ?e > 0" by arith
  4522     with xz have "?P ?z x (Le (CN 0 c e))"
  4523       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4524   hence "\<forall> x > ?z. ?P ?z x (Le (CN 0 c e))" by simp
  4525   thus ?case by blast
  4526 next
  4527   case (7 c e) 
  4528   from prems have nb: "numbound0 e" by simp
  4529   from prems have cp: "real c > 0" by simp
  4530   let ?e="Inum (a#bs) e"
  4531   let ?z = "(- ?e) / real c"
  4532   {fix x
  4533     assume xz: "x > ?z"
  4534     with mult_strict_right_mono [OF xz cp] cp
  4535     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4536     hence "real c * x + ?e > 0" by arith
  4537     with xz have "?P ?z x (Gt (CN 0 c e))"
  4538       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4539   hence "\<forall> x > ?z. ?P ?z x (Gt (CN 0 c e))" by simp
  4540   thus ?case by blast
  4541 next
  4542   case (8 c e) 
  4543   from prems have nb: "numbound0 e" by simp
  4544   from prems have cp: "real c > 0" by simp
  4545   let ?e="Inum (a#bs) e"
  4546   let ?z = "(- ?e) / real c"
  4547   {fix x
  4548     assume xz: "x > ?z"
  4549     with mult_strict_right_mono [OF xz cp] cp
  4550     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4551     hence "real c * x + ?e > 0" by arith
  4552     with xz have "?P ?z x (Ge (CN 0 c e))"
  4553       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"]   by simp }
  4554   hence "\<forall> x > ?z. ?P ?z x (Ge (CN 0 c e))" by simp
  4555   thus ?case by blast
  4556 qed simp_all
  4557 
  4558 lemma rminusinf_bound0:
  4559   assumes lp: "isrlfm p"
  4560   shows "bound0 (minusinf p)"
  4561   using lp
  4562   by (induct p rule: minusinf.induct) simp_all
  4563 
  4564 lemma rplusinf_bound0:
  4565   assumes lp: "isrlfm p"
  4566   shows "bound0 (plusinf p)"
  4567   using lp
  4568   by (induct p rule: plusinf.induct) simp_all
  4569 
  4570 lemma rminusinf_ex:
  4571   assumes lp: "isrlfm p"
  4572   and ex: "Ifm (a#bs) (minusinf p)"
  4573   shows "\<exists> x. Ifm (x#bs) p"
  4574 proof-
  4575   from bound0_I [OF rminusinf_bound0[OF lp], where b="a" and bs ="bs"] ex
  4576   have th: "\<forall> x. Ifm (x#bs) (minusinf p)" by auto
  4577   from rminusinf_inf[OF lp, where bs="bs"] 
  4578   obtain z where z_def: "\<forall>x<z. Ifm (x # bs) (minusinf p) = Ifm (x # bs) p" by blast
  4579   from th have "Ifm ((z - 1)#bs) (minusinf p)" by simp
  4580   moreover have "z - 1 < z" by simp
  4581   ultimately show ?thesis using z_def by auto
  4582 qed
  4583 
  4584 lemma rplusinf_ex:
  4585   assumes lp: "isrlfm p"
  4586   and ex: "Ifm (a#bs) (plusinf p)"
  4587   shows "\<exists> x. Ifm (x#bs) p"
  4588 proof-
  4589   from bound0_I [OF rplusinf_bound0[OF lp], where b="a" and bs ="bs"] ex
  4590   have th: "\<forall> x. Ifm (x#bs) (plusinf p)" by auto
  4591   from rplusinf_inf[OF lp, where bs="bs"] 
  4592   obtain z where z_def: "\<forall>x>z. Ifm (x # bs) (plusinf p) = Ifm (x # bs) p" by blast
  4593   from th have "Ifm ((z + 1)#bs) (plusinf p)" by simp
  4594   moreover have "z + 1 > z" by simp
  4595   ultimately show ?thesis using z_def by auto
  4596 qed
  4597 
  4598 consts 
  4599   \<Upsilon>:: "fm \<Rightarrow> (num \<times> int) list"
  4600   \<upsilon> :: "fm \<Rightarrow> (num \<times> int) \<Rightarrow> fm "
  4601 recdef \<Upsilon> "measure size"
  4602   "\<Upsilon> (And p q) = (\<Upsilon> p @ \<Upsilon> q)" 
  4603   "\<Upsilon> (Or p q) = (\<Upsilon> p @ \<Upsilon> q)" 
  4604   "\<Upsilon> (Eq  (CN 0 c e)) = [(Neg e,c)]"
  4605   "\<Upsilon> (NEq (CN 0 c e)) = [(Neg e,c)]"
  4606   "\<Upsilon> (Lt  (CN 0 c e)) = [(Neg e,c)]"
  4607   "\<Upsilon> (Le  (CN 0 c e)) = [(Neg e,c)]"
  4608   "\<Upsilon> (Gt  (CN 0 c e)) = [(Neg e,c)]"
  4609   "\<Upsilon> (Ge  (CN 0 c e)) = [(Neg e,c)]"
  4610   "\<Upsilon> p = []"
  4611 
  4612 recdef \<upsilon> "measure size"
  4613   "\<upsilon> (And p q) = (\<lambda> (t,n). And (\<upsilon> p (t,n)) (\<upsilon> q (t,n)))"
  4614   "\<upsilon> (Or p q) = (\<lambda> (t,n). Or (\<upsilon> p (t,n)) (\<upsilon> q (t,n)))"
  4615   "\<upsilon> (Eq (CN 0 c e)) = (\<lambda> (t,n). Eq (Add (Mul c t) (Mul n e)))"
  4616   "\<upsilon> (NEq (CN 0 c e)) = (\<lambda> (t,n). NEq (Add (Mul c t) (Mul n e)))"
  4617   "\<upsilon> (Lt (CN 0 c e)) = (\<lambda> (t,n). Lt (Add (Mul c t) (Mul n e)))"
  4618   "\<upsilon> (Le (CN 0 c e)) = (\<lambda> (t,n). Le (Add (Mul c t) (Mul n e)))"
  4619   "\<upsilon> (Gt (CN 0 c e)) = (\<lambda> (t,n). Gt (Add (Mul c t) (Mul n e)))"
  4620   "\<upsilon> (Ge (CN 0 c e)) = (\<lambda> (t,n). Ge (Add (Mul c t) (Mul n e)))"
  4621   "\<upsilon> p = (\<lambda> (t,n). p)"
  4622 
  4623 lemma \<upsilon>_I: assumes lp: "isrlfm p"
  4624   and np: "real n > 0" and nbt: "numbound0 t"
  4625   shows "(Ifm (x#bs) (\<upsilon> p (t,n)) = Ifm (((Inum (x#bs) t)/(real n))#bs) p) \<and> bound0 (\<upsilon> p (t,n))" (is "(?I x (\<upsilon> p (t,n)) = ?I ?u p) \<and> ?B p" is "(_ = ?I (?t/?n) p) \<and> _" is "(_ = ?I (?N x t /_) p) \<and> _")
  4626   using lp
  4627 proof(induct p rule: \<upsilon>.induct)
  4628   case (5 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4629   have "?I ?u (Lt (CN 0 c e)) = (real c *(?t/?n) + (?N x e) < 0)"
  4630     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4631   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) < 0)"
  4632     by (simp only: pos_less_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4633       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4634   also have "\<dots> = (real c *?t + ?n* (?N x e) < 0)"
  4635     using np by simp 
  4636   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4637 next
  4638   case (6 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4639   have "?I ?u (Le (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<le> 0)"
  4640     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4641   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<le> 0)"
  4642     by (simp only: pos_le_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4643       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4644   also have "\<dots> = (real c *?t + ?n* (?N x e) \<le> 0)"
  4645     using np by simp 
  4646   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4647 next
  4648   case (7 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4649   have "?I ?u (Gt (CN 0 c e)) = (real c *(?t/?n) + (?N x e) > 0)"
  4650     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4651   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) > 0)"
  4652     by (simp only: pos_divide_less_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4653       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4654   also have "\<dots> = (real c *?t + ?n* (?N x e) > 0)"
  4655     using np by simp 
  4656   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4657 next
  4658   case (8 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4659   have "?I ?u (Ge (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<ge> 0)"
  4660     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4661   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<ge> 0)"
  4662     by (simp only: pos_divide_le_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4663       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4664   also have "\<dots> = (real c *?t + ?n* (?N x e) \<ge> 0)"
  4665     using np by simp 
  4666   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4667 next
  4668   case (3 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4669   from np have np: "real n \<noteq> 0" by simp
  4670   have "?I ?u (Eq (CN 0 c e)) = (real c *(?t/?n) + (?N x e) = 0)"
  4671     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4672   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) = 0)"
  4673     by (simp only: nonzero_eq_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4674       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4675   also have "\<dots> = (real c *?t + ?n* (?N x e) = 0)"
  4676     using np by simp 
  4677   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4678 next
  4679   case (4 c e) from prems have cp: "c >0" and nb: "numbound0 e" by simp+
  4680   from np have np: "real n \<noteq> 0" by simp
  4681   have "?I ?u (NEq (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<noteq> 0)"
  4682     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4683   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<noteq> 0)"
  4684     by (simp only: nonzero_eq_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4685       and b="0", simplified divide_zero_left]) (simp only: ring_eq_simps)
  4686   also have "\<dots> = (real c *?t + ?n* (?N x e) \<noteq> 0)"
  4687     using np by simp 
  4688   finally show ?case using nbt nb by (simp add: ring_eq_simps)
  4689 qed(simp_all add: nbt numbound0_I[where bs ="bs" and b="(Inum (x#bs) t)/ real n" and b'="x"] nth_pos2)
  4690 
  4691 lemma \<Upsilon>_l:
  4692   assumes lp: "isrlfm p"
  4693   shows "\<forall> (t,k) \<in> set (\<Upsilon> p). numbound0 t \<and> k >0"
  4694 using lp
  4695 by(induct p rule: \<Upsilon>.induct)  auto
  4696 
  4697 lemma rminusinf_\<Upsilon>:
  4698   assumes lp: "isrlfm p"
  4699   and nmi: "\<not> (Ifm (a#bs) (minusinf p))" (is "\<not> (Ifm (a#bs) (?M p))")
  4700   and ex: "Ifm (x#bs) p" (is "?I x p")
  4701   shows "\<exists> (s,m) \<in> set (\<Upsilon> p). x \<ge> Inum (a#bs) s / real m" (is "\<exists> (s,m) \<in> ?U p. x \<ge> ?N a s / real m")
  4702 proof-
  4703   have "\<exists> (s,m) \<in> set (\<Upsilon> p). real m * x \<ge> Inum (a#bs) s " (is "\<exists> (s,m) \<in> ?U p. real m *x \<ge> ?N a s")
  4704     using lp nmi ex
  4705     by (induct p rule: minusinf.induct, auto simp add:numbound0_I[where bs="bs" and b="a" and b'="x"] nth_pos2)
  4706   then obtain s m where smU: "(s,m) \<in> set (\<Upsilon> p)" and mx: "real m * x \<ge> ?N a s" by blast
  4707   from \<Upsilon>_l[OF lp] smU have mp: "real m > 0" by auto
  4708   from pos_divide_le_eq[OF mp, where a="x" and b="?N a s", symmetric] mx have "x \<ge> ?N a s / real m" 
  4709     by (auto simp add: mult_commute)
  4710   thus ?thesis using smU by auto
  4711 qed
  4712 
  4713 lemma rplusinf_\<Upsilon>:
  4714   assumes lp: "isrlfm p"
  4715   and nmi: "\<not> (Ifm (a#bs) (plusinf p))" (is "\<not> (Ifm (a#bs) (?M p))")
  4716   and ex: "Ifm (x#bs) p" (is "?I x p")
  4717   shows "\<exists> (s,m) \<in> set (\<Upsilon> p). x \<le> Inum (a#bs) s / real m" (is "\<exists> (s,m) \<in> ?U p. x \<le> ?N a s / real m")
  4718 proof-
  4719   have "\<exists> (s,m) \<in> set (\<Upsilon> p). real m * x \<le> Inum (a#bs) s " (is "\<exists> (s,m) \<in> ?U p. real m *x \<le> ?N a s")
  4720     using lp nmi ex
  4721     by (induct p rule: minusinf.induct, auto simp add:numbound0_I[where bs="bs" and b="a" and b'="x"] nth_pos2)
  4722   then obtain s m where smU: "(s,m) \<in> set (\<Upsilon> p)" and mx: "real m * x \<le> ?N a s" by blast
  4723   from \<Upsilon>_l[OF lp] smU have mp: "real m > 0" by auto
  4724   from pos_le_divide_eq[OF mp, where a="x" and b="?N a s", symmetric] mx have "x \<le> ?N a s / real m" 
  4725     by (auto simp add: mult_commute)
  4726   thus ?thesis using smU by auto
  4727 qed
  4728 
  4729 lemma lin_dense: 
  4730   assumes lp: "isrlfm p"
  4731   and noS: "\<forall> t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda> (t,n). Inum (x#bs) t / real n) ` set (\<Upsilon> p)" 
  4732   (is "\<forall> t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda> (t,n). ?N x t / real n ) ` (?U p)")
  4733   and lx: "l < x" and xu:"x < u" and px:" Ifm (x#bs) p"
  4734   and ly: "l < y" and yu: "y < u"
  4735   shows "Ifm (y#bs) p"
  4736 using lp px noS
  4737 proof (induct p rule: isrlfm.induct)
  4738   case (5 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp+
  4739     from prems have "x * real c + ?N x e < 0" by (simp add: ring_eq_simps)
  4740     hence pxc: "x < (- ?N x e) / real c" 
  4741       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="-?N x e"])
  4742     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4743     with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4744     hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4745     moreover {assume y: "y < (-?N x e)/ real c"
  4746       hence "y * real c < - ?N x e"
  4747 	by (simp add: pos_less_divide_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4748       hence "real c * y + ?N x e < 0" by (simp add: ring_eq_simps)
  4749       hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4750     moreover {assume y: "y > (- ?N x e) / real c" 
  4751       with yu have eu: "u > (- ?N x e) / real c" by auto
  4752       with noSc ly yu have "(- ?N x e) / real c \<le> l" by (cases "(- ?N x e) / real c > l", auto)
  4753       with lx pxc have "False" by auto
  4754       hence ?case by simp }
  4755     ultimately show ?case by blast
  4756 next
  4757   case (6 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp +
  4758     from prems have "x * real c + ?N x e \<le> 0" by (simp add: ring_eq_simps)
  4759     hence pxc: "x \<le> (- ?N x e) / real c" 
  4760       by (simp only: pos_le_divide_eq[OF cp, where a="x" and b="-?N x e"])
  4761     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4762     with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4763     hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4764     moreover {assume y: "y < (-?N x e)/ real c"
  4765       hence "y * real c < - ?N x e"
  4766 	by (simp add: pos_less_divide_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4767       hence "real c * y + ?N x e < 0" by (simp add: ring_eq_simps)
  4768       hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4769     moreover {assume y: "y > (- ?N x e) / real c" 
  4770       with yu have eu: "u > (- ?N x e) / real c" by auto
  4771       with noSc ly yu have "(- ?N x e) / real c \<le> l" by (cases "(- ?N x e) / real c > l", auto)
  4772       with lx pxc have "False" by auto
  4773       hence ?case by simp }
  4774     ultimately show ?case by blast
  4775 next
  4776   case (7 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp+
  4777     from prems have "x * real c + ?N x e > 0" by (simp add: ring_eq_simps)
  4778     hence pxc: "x > (- ?N x e) / real c" 
  4779       by (simp only: pos_divide_less_eq[OF cp, where a="x" and b="-?N x e"])
  4780     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4781     with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4782     hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4783     moreover {assume y: "y > (-?N x e)/ real c"
  4784       hence "y * real c > - ?N x e"
  4785 	by (simp add: pos_divide_less_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4786       hence "real c * y + ?N x e > 0" by (simp add: ring_eq_simps)
  4787       hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4788     moreover {assume y: "y < (- ?N x e) / real c" 
  4789       with ly have eu: "l < (- ?N x e) / real c" by auto
  4790       with noSc ly yu have "(- ?N x e) / real c \<ge> u" by (cases "(- ?N x e) / real c > l", auto)
  4791       with xu pxc have "False" by auto
  4792       hence ?case by simp }
  4793     ultimately show ?case by blast
  4794 next
  4795   case (8 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp+
  4796     from prems have "x * real c + ?N x e \<ge> 0" by (simp add: ring_eq_simps)
  4797     hence pxc: "x \<ge> (- ?N x e) / real c" 
  4798       by (simp only: pos_divide_le_eq[OF cp, where a="x" and b="-?N x e"])
  4799     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4800     with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4801     hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4802     moreover {assume y: "y > (-?N x e)/ real c"
  4803       hence "y * real c > - ?N x e"
  4804 	by (simp add: pos_divide_less_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4805       hence "real c * y + ?N x e > 0" by (simp add: ring_eq_simps)
  4806       hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4807     moreover {assume y: "y < (- ?N x e) / real c" 
  4808       with ly have eu: "l < (- ?N x e) / real c" by auto
  4809       with noSc ly yu have "(- ?N x e) / real c \<ge> u" by (cases "(- ?N x e) / real c > l", auto)
  4810       with xu pxc have "False" by auto
  4811       hence ?case by simp }
  4812     ultimately show ?case by blast
  4813 next
  4814   case (3 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp+
  4815     from cp have cnz: "real c \<noteq> 0" by simp
  4816     from prems have "x * real c + ?N x e = 0" by (simp add: ring_eq_simps)
  4817     hence pxc: "x = (- ?N x e) / real c" 
  4818       by (simp only: nonzero_eq_divide_eq[OF cnz, where a="x" and b="-?N x e"])
  4819     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4820     with lx xu have yne: "x \<noteq> - ?N x e / real c" by auto
  4821     with pxc show ?case by simp
  4822 next
  4823   case (4 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp+
  4824     from cp have cnz: "real c \<noteq> 0" by simp
  4825     from prems have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4826     with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4827     hence "y* real c \<noteq> -?N x e"      
  4828       by (simp only: nonzero_eq_divide_eq[OF cnz, where a="y" and b="-?N x e"]) simp
  4829     hence "y* real c + ?N x e \<noteq> 0" by (simp add: ring_eq_simps)
  4830     thus ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] 
  4831       by (simp add: ring_eq_simps)
  4832 qed (auto simp add: nth_pos2 numbound0_I[where bs="bs" and b="y" and b'="x"])
  4833 
  4834 lemma finite_set_intervals:
  4835   assumes px: "P (x::real)" 
  4836   and lx: "l \<le> x" and xu: "x \<le> u"
  4837   and linS: "l\<in> S" and uinS: "u \<in> S"
  4838   and fS:"finite S" and lS: "\<forall> x\<in> S. l \<le> x" and Su: "\<forall> x\<in> S. x \<le> u"
  4839   shows "\<exists> a \<in> S. \<exists> b \<in> S. (\<forall> y. a < y \<and> y < b \<longrightarrow> y \<notin> S) \<and> a \<le> x \<and> x \<le> b \<and> P x"
  4840 proof-
  4841   let ?Mx = "{y. y\<in> S \<and> y \<le> x}"
  4842   let ?xM = "{y. y\<in> S \<and> x \<le> y}"
  4843   let ?a = "Max ?Mx"
  4844   let ?b = "Min ?xM"
  4845   have MxS: "?Mx \<subseteq> S" by blast
  4846   hence fMx: "finite ?Mx" using fS finite_subset by auto
  4847   from lx linS have linMx: "l \<in> ?Mx" by blast
  4848   hence Mxne: "?Mx \<noteq> {}" by blast
  4849   have xMS: "?xM \<subseteq> S" by blast
  4850   hence fxM: "finite ?xM" using fS finite_subset by auto
  4851   from xu uinS have linxM: "u \<in> ?xM" by blast
  4852   hence xMne: "?xM \<noteq> {}" by blast
  4853   have ax:"?a \<le> x" using Mxne fMx by auto
  4854   have xb:"x \<le> ?b" using xMne fxM by auto
  4855   have "?a \<in> ?Mx" using Max_in[OF fMx Mxne] by simp hence ainS: "?a \<in> S" using MxS by blast
  4856   have "?b \<in> ?xM" using Min_in[OF fxM xMne] by simp hence binS: "?b \<in> S" using xMS by blast
  4857   have noy:"\<forall> y. ?a < y \<and> y < ?b \<longrightarrow> y \<notin> S"
  4858   proof(clarsimp)
  4859     fix y
  4860     assume ay: "?a < y" and yb: "y < ?b" and yS: "y \<in> S"
  4861     from yS have "y\<in> ?Mx \<or> y\<in> ?xM" by auto
  4862     moreover {assume "y \<in> ?Mx" hence "y \<le> ?a" using Mxne fMx by auto with ay have "False" by simp}
  4863     moreover {assume "y \<in> ?xM" hence "y \<ge> ?b" using xMne fxM by auto with yb have "False" by simp}
  4864     ultimately show "False" by blast
  4865   qed
  4866   from ainS binS noy ax xb px show ?thesis by blast
  4867 qed
  4868 
  4869 lemma finite_set_intervals2:
  4870   assumes px: "P (x::real)" 
  4871   and lx: "l \<le> x" and xu: "x \<le> u"
  4872   and linS: "l\<in> S" and uinS: "u \<in> S"
  4873   and fS:"finite S" and lS: "\<forall> x\<in> S. l \<le> x" and Su: "\<forall> x\<in> S. x \<le> u"
  4874   shows "(\<exists> s\<in> S. P s) \<or> (\<exists> a \<in> S. \<exists> b \<in> S. (\<forall> y. a < y \<and> y < b \<longrightarrow> y \<notin> S) \<and> a < x \<and> x < b \<and> P x)"
  4875 proof-
  4876   from finite_set_intervals[where P="P", OF px lx xu linS uinS fS lS Su]
  4877   obtain a and b where 
  4878     as: "a\<in> S" and bs: "b\<in> S" and noS:"\<forall>y. a < y \<and> y < b \<longrightarrow> y \<notin> S" and axb: "a \<le> x \<and> x \<le> b \<and> P x"  by auto
  4879   from axb have "x= a \<or> x= b \<or> (a < x \<and> x < b)" by auto
  4880   thus ?thesis using px as bs noS by blast 
  4881 qed
  4882 
  4883 lemma rinf_\<Upsilon>:
  4884   assumes lp: "isrlfm p"
  4885   and nmi: "\<not> (Ifm (x#bs) (minusinf p))" (is "\<not> (Ifm (x#bs) (?M p))")
  4886   and npi: "\<not> (Ifm (x#bs) (plusinf p))" (is "\<not> (Ifm (x#bs) (?P p))")
  4887   and ex: "\<exists> x.  Ifm (x#bs) p" (is "\<exists> x. ?I x p")
  4888   shows "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). ?I ((Inum (x#bs) l / real n + Inum (x#bs) s / real m) / 2) p" 
  4889 proof-
  4890   let ?N = "\<lambda> x t. Inum (x#bs) t"
  4891   let ?U = "set (\<Upsilon> p)"
  4892   from ex obtain a where pa: "?I a p" by blast
  4893   from bound0_I[OF rminusinf_bound0[OF lp], where bs="bs" and b="x" and b'="a"] nmi
  4894   have nmi': "\<not> (?I a (?M p))" by simp
  4895   from bound0_I[OF rplusinf_bound0[OF lp], where bs="bs" and b="x" and b'="a"] npi
  4896   have npi': "\<not> (?I a (?P p))" by simp
  4897   have "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). ?I ((?N a l/real n + ?N a s /real m) / 2) p"
  4898   proof-
  4899     let ?M = "(\<lambda> (t,c). ?N a t / real c) ` ?U"
  4900     have fM: "finite ?M" by auto
  4901     from rminusinf_\<Upsilon>[OF lp nmi pa] rplusinf_\<Upsilon>[OF lp npi pa] 
  4902     have "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). a \<le> ?N x l / real n \<and> a \<ge> ?N x s / real m" by blast
  4903     then obtain "t" "n" "s" "m" where 
  4904       tnU: "(t,n) \<in> ?U" and smU: "(s,m) \<in> ?U" 
  4905       and xs1: "a \<le> ?N x s / real m" and tx1: "a \<ge> ?N x t / real n" by blast
  4906     from \<Upsilon>_l[OF lp] tnU smU numbound0_I[where bs="bs" and b="x" and b'="a"] xs1 tx1 have xs: "a \<le> ?N a s / real m" and tx: "a \<ge> ?N a t / real n" by auto
  4907     from tnU have Mne: "?M \<noteq> {}" by auto
  4908     hence Une: "?U \<noteq> {}" by simp
  4909     let ?l = "Min ?M"
  4910     let ?u = "Max ?M"
  4911     have linM: "?l \<in> ?M" using fM Mne by simp
  4912     have uinM: "?u \<in> ?M" using fM Mne by simp
  4913     have tnM: "?N a t / real n \<in> ?M" using tnU by auto
  4914     have smM: "?N a s / real m \<in> ?M" using smU by auto 
  4915     have lM: "\<forall> t\<in> ?M. ?l \<le> t" using Mne fM by auto
  4916     have Mu: "\<forall> t\<in> ?M. t \<le> ?u" using Mne fM by auto
  4917     have "?l \<le> ?N a t / real n" using tnM Mne by simp hence lx: "?l \<le> a" using tx by simp
  4918     have "?N a s / real m \<le> ?u" using smM Mne by simp hence xu: "a \<le> ?u" using xs by simp
  4919     from finite_set_intervals2[where P="\<lambda> x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
  4920     have "(\<exists> s\<in> ?M. ?I s p) \<or> 
  4921       (\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p)" .
  4922     moreover { fix u assume um: "u\<in> ?M" and pu: "?I u p"
  4923       hence "\<exists> (tu,nu) \<in> ?U. u = ?N a tu / real nu" by auto
  4924       then obtain "tu" "nu" where tuU: "(tu,nu) \<in> ?U" and tuu:"u= ?N a tu / real nu" by blast
  4925       have "(u + u) / 2 = u" by auto with pu tuu 
  4926       have "?I (((?N a tu / real nu) + (?N a tu / real nu)) / 2) p" by simp
  4927       with tuU have ?thesis by blast}
  4928     moreover{
  4929       assume "\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p"
  4930       then obtain t1 and t2 where t1M: "t1 \<in> ?M" and t2M: "t2\<in> ?M" 
  4931 	and noM: "\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M" and t1x: "t1 < a" and xt2: "a < t2" and px: "?I a p"
  4932 	by blast
  4933       from t1M have "\<exists> (t1u,t1n) \<in> ?U. t1 = ?N a t1u / real t1n" by auto
  4934       then obtain "t1u" "t1n" where t1uU: "(t1u,t1n) \<in> ?U" and t1u: "t1 = ?N a t1u / real t1n" by blast
  4935       from t2M have "\<exists> (t2u,t2n) \<in> ?U. t2 = ?N a t2u / real t2n" by auto
  4936       then obtain "t2u" "t2n" where t2uU: "(t2u,t2n) \<in> ?U" and t2u: "t2 = ?N a t2u / real t2n" by blast
  4937       from t1x xt2 have t1t2: "t1 < t2" by simp
  4938       let ?u = "(t1 + t2) / 2"
  4939       from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2" by auto
  4940       from lin_dense[OF lp noM t1x xt2 px t1lu ut2] have "?I ?u p" .
  4941       with t1uU t2uU t1u t2u have ?thesis by blast}
  4942     ultimately show ?thesis by blast
  4943   qed
  4944   then obtain "l" "n" "s"  "m" where lnU: "(l,n) \<in> ?U" and smU:"(s,m) \<in> ?U" 
  4945     and pu: "?I ((?N a l / real n + ?N a s / real m) / 2) p" by blast
  4946   from lnU smU \<Upsilon>_l[OF lp] have nbl: "numbound0 l" and nbs: "numbound0 s" by auto
  4947   from numbound0_I[OF nbl, where bs="bs" and b="a" and b'="x"] 
  4948     numbound0_I[OF nbs, where bs="bs" and b="a" and b'="x"] pu
  4949   have "?I ((?N x l / real n + ?N x s / real m) / 2) p" by simp
  4950   with lnU smU
  4951   show ?thesis by auto
  4952 qed
  4953     (* The Ferrante - Rackoff Theorem *)
  4954 
  4955 theorem fr_eq: 
  4956   assumes lp: "isrlfm p"
  4957   shows "(\<exists> x. Ifm (x#bs) p) = ((Ifm (x#bs) (minusinf p)) \<or> (Ifm (x#bs) (plusinf p)) \<or> (\<exists> (t,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). Ifm ((((Inum (x#bs) t)/  real n + (Inum (x#bs) s) / real m) /2)#bs) p))"
  4958   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  4959 proof
  4960   assume px: "\<exists> x. ?I x p"
  4961   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  4962   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  4963   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  4964     from rinf_\<Upsilon>[OF lp nmi npi] have "?F" using px by blast hence "?D" by blast}
  4965   ultimately show "?D" by blast
  4966 next
  4967   assume "?D" 
  4968   moreover {assume m:"?M" from rminusinf_ex[OF lp m] have "?E" .}
  4969   moreover {assume p: "?P" from rplusinf_ex[OF lp p] have "?E" . }
  4970   moreover {assume f:"?F" hence "?E" by blast}
  4971   ultimately show "?E" by blast
  4972 qed
  4973 
  4974 
  4975 lemma fr_eq\<upsilon>: 
  4976   assumes lp: "isrlfm p"
  4977   shows "(\<exists> x. Ifm (x#bs) p) = ((Ifm (x#bs) (minusinf p)) \<or> (Ifm (x#bs) (plusinf p)) \<or> (\<exists> (t,k) \<in> set (\<Upsilon> p). \<exists> (s,l) \<in> set (\<Upsilon> p). Ifm (x#bs) (\<upsilon> p (Add(Mul l t) (Mul k s) , 2*k*l))))"
  4978   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  4979 proof
  4980   assume px: "\<exists> x. ?I x p"
  4981   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  4982   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  4983   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  4984     let ?f ="\<lambda> (t,n). Inum (x#bs) t / real n"
  4985     let ?N = "\<lambda> t. Inum (x#bs) t"
  4986     {fix t n s m assume "(t,n)\<in> set (\<Upsilon> p)" and "(s,m) \<in> set (\<Upsilon> p)"
  4987       with \<Upsilon>_l[OF lp] have tnb: "numbound0 t" and np:"real n > 0" and snb: "numbound0 s" and mp:"real m > 0"
  4988 	by auto
  4989       let ?st = "Add (Mul m t) (Mul n s)"
  4990       from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  4991 	by (simp add: mult_commute)
  4992       from tnb snb have st_nb: "numbound0 ?st" by simp
  4993       have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4994 	using mnp mp np by (simp add: ring_eq_simps add_divide_distrib)
  4995       from \<upsilon>_I[OF lp mnp st_nb, where x="x" and bs="bs"] 
  4996       have "?I x (\<upsilon> p (?st,2*n*m)) = ?I ((?N t / real n + ?N s / real m) /2) p" by (simp only: st[symmetric])}
  4997     with rinf_\<Upsilon>[OF lp nmi npi px] have "?F" by blast hence "?D" by blast}
  4998   ultimately show "?D" by blast
  4999 next
  5000   assume "?D" 
  5001   moreover {assume m:"?M" from rminusinf_ex[OF lp m] have "?E" .}
  5002   moreover {assume p: "?P" from rplusinf_ex[OF lp p] have "?E" . }
  5003   moreover {fix t k s l assume "(t,k) \<in> set (\<Upsilon> p)" and "(s,l) \<in> set (\<Upsilon> p)" 
  5004     and px:"?I x (\<upsilon> p (Add (Mul l t) (Mul k s), 2*k*l))"
  5005     with \<Upsilon>_l[OF lp] have tnb: "numbound0 t" and np:"real k > 0" and snb: "numbound0 s" and mp:"real l > 0" by auto
  5006     let ?st = "Add (Mul l t) (Mul k s)"
  5007     from mult_pos_pos[OF np mp] have mnp: "real (2*k*l) > 0" 
  5008       by (simp add: mult_commute)
  5009     from tnb snb have st_nb: "numbound0 ?st" by simp
  5010     from \<upsilon>_I[OF lp mnp st_nb, where bs="bs"] px have "?E" by auto}
  5011   ultimately show "?E" by blast
  5012 qed
  5013 
  5014 text{* The overall Part *}
  5015 
  5016 lemma real_ex_int_real01:
  5017   shows "(\<exists> (x::real). P x) = (\<exists> (i::int) (u::real). 0\<le> u \<and> u< 1 \<and> P (real i + u))"
  5018 proof(auto)
  5019   fix x
  5020   assume Px: "P x"
  5021   let ?i = "floor x"
  5022   let ?u = "x - real ?i"
  5023   have "x = real ?i + ?u" by simp
  5024   hence "P (real ?i + ?u)" using Px by simp
  5025   moreover have "real ?i \<le> x" using real_of_int_floor_le by simp hence "0 \<le> ?u" by arith
  5026   moreover have "?u < 1" using real_of_int_floor_add_one_gt[where r="x"] by arith 
  5027   ultimately show "(\<exists> (i::int) (u::real). 0\<le> u \<and> u< 1 \<and> P (real i + u))" by blast
  5028 qed
  5029 
  5030 consts exsplitnum :: "num \<Rightarrow> num"
  5031   exsplit :: "fm \<Rightarrow> fm"
  5032 recdef exsplitnum "measure size"
  5033   "exsplitnum (C c) = (C c)"
  5034   "exsplitnum (Bound 0) = Add (Bound 0) (Bound 1)"
  5035   "exsplitnum (Bound n) = Bound (n+1)"
  5036   "exsplitnum (Neg a) = Neg (exsplitnum a)"
  5037   "exsplitnum (Add a b) = Add (exsplitnum a) (exsplitnum b) "
  5038   "exsplitnum (Sub a b) = Sub (exsplitnum a) (exsplitnum b) "
  5039   "exsplitnum (Mul c a) = Mul c (exsplitnum a)"
  5040   "exsplitnum (Floor a) = Floor (exsplitnum a)"
  5041   "exsplitnum (CN 0 c a) = CN 0 c (Add (Mul c (Bound 1)) (exsplitnum a))"
  5042   "exsplitnum (CN n c a) = CN (n+1) c (exsplitnum a)"
  5043   "exsplitnum (CF c s t) = CF c (exsplitnum s) (exsplitnum t)"
  5044 
  5045 recdef exsplit "measure size"
  5046   "exsplit (Lt a) = Lt (exsplitnum a)"
  5047   "exsplit (Le a) = Le (exsplitnum a)"
  5048   "exsplit (Gt a) = Gt (exsplitnum a)"
  5049   "exsplit (Ge a) = Ge (exsplitnum a)"
  5050   "exsplit (Eq a) = Eq (exsplitnum a)"
  5051   "exsplit (NEq a) = NEq (exsplitnum a)"
  5052   "exsplit (Dvd i a) = Dvd i (exsplitnum a)"
  5053   "exsplit (NDvd i a) = NDvd i (exsplitnum a)"
  5054   "exsplit (And p q) = And (exsplit p) (exsplit q)"
  5055   "exsplit (Or p q) = Or (exsplit p) (exsplit q)"
  5056   "exsplit (Imp p q) = Imp (exsplit p) (exsplit q)"
  5057   "exsplit (Iff p q) = Iff (exsplit p) (exsplit q)"
  5058   "exsplit (NOT p) = NOT (exsplit p)"
  5059   "exsplit p = p"
  5060 
  5061 lemma exsplitnum: 
  5062   "Inum (x#y#bs) (exsplitnum t) = Inum ((x+y) #bs) t"
  5063   by(induct t rule: exsplitnum.induct) (simp_all add: ring_eq_simps)
  5064 
  5065 lemma exsplit: 
  5066   assumes qfp: "qfree p"
  5067   shows "Ifm (x#y#bs) (exsplit p) = Ifm ((x+y)#bs) p"
  5068 using qfp exsplitnum[where x="x" and y="y" and bs="bs"]
  5069 by(induct p rule: exsplit.induct) simp_all
  5070 
  5071 lemma splitex:
  5072   assumes qf: "qfree p"
  5073   shows "(Ifm bs (E p)) = (\<exists> (i::int). Ifm (real i#bs) (E (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) (exsplit p))))" (is "?lhs = ?rhs")
  5074 proof-
  5075   have "?rhs = (\<exists> (i::int). \<exists> x. 0\<le> x \<and> x < 1 \<and> Ifm (x#(real i)#bs) (exsplit p))"
  5076     by (simp add: myless[rule_format, where b="1"] myless[rule_format, where b="0"] add_ac diff_def)
  5077   also have "\<dots> = (\<exists> (i::int). \<exists> x. 0\<le> x \<and> x < 1 \<and> Ifm ((real i + x) #bs) p)"
  5078     by (simp only: exsplit[OF qf] add_ac)
  5079   also have "\<dots> = (\<exists> x. Ifm (x#bs) p)" 
  5080     by (simp only: real_ex_int_real01[where P="\<lambda> x. Ifm (x#bs) p"])
  5081   finally show ?thesis by simp
  5082 qed
  5083 
  5084     (* Implement the right hand sides of Cooper's theorem and Ferrante and Rackoff. *)
  5085 
  5086 constdefs ferrack01:: "fm \<Rightarrow> fm"
  5087   "ferrack01 p \<equiv> (let p' = rlfm(And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p);
  5088                     U = remdups(map simp_num_pair 
  5089                      (map (\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m))
  5090                            (alluopairs (\<Upsilon> p')))) 
  5091   in decr (evaldjf (\<upsilon> p') U ))"
  5092 
  5093 lemma fr_eq_01: 
  5094   assumes qf: "qfree p"
  5095   shows "(\<exists> x. Ifm (x#bs) (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) = (\<exists> (t,n) \<in> set (\<Upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p))). \<exists> (s,m) \<in> set (\<Upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p))). Ifm (x#bs) (\<upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) (Add (Mul m t) (Mul n s), 2*n*m)))"
  5096   (is "(\<exists> x. ?I x ?q) = ?F")
  5097 proof-
  5098   let ?rq = "rlfm ?q"
  5099   let ?M = "?I x (minusinf ?rq)"
  5100   let ?P = "?I x (plusinf ?rq)"
  5101   have MF: "?M = False"
  5102     apply (simp add: Let_def reducecoeff_def numgcd_def igcd_def rsplit_def ge_def lt_def conj_def disj_def)
  5103     by (cases "rlfm p = And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C -1)))", simp_all)
  5104   have PF: "?P = False" apply (simp add: Let_def reducecoeff_def numgcd_def igcd_def rsplit_def ge_def lt_def conj_def disj_def)
  5105     by (cases "rlfm p = And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C -1)))", simp_all)
  5106   have "(\<exists> x. ?I x ?q ) = 
  5107     ((?I x (minusinf ?rq)) \<or> (?I x (plusinf ?rq )) \<or> (\<exists> (t,n) \<in> set (\<Upsilon> ?rq). \<exists> (s,m) \<in> set (\<Upsilon> ?rq ). ?I x (\<upsilon> ?rq (Add (Mul m t) (Mul n s), 2*n*m))))"
  5108     (is "(\<exists> x. ?I x ?q) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  5109   proof
  5110     assume "\<exists> x. ?I x ?q"  
  5111     then obtain x where qx: "?I x ?q" by blast
  5112     hence xp: "0\<le> x" and x1: "x< 1" and px: "?I x p" 
  5113       by (auto simp add: rsplit_def lt_def ge_def rlfm_I[OF qf])
  5114     from qx have "?I x ?rq " 
  5115       by (simp add: rsplit_def lt_def ge_def rlfm_I[OF qf xp x1])
  5116     hence lqx: "?I x ?rq " using simpfm[where p="?rq" and bs="x#bs"] by auto
  5117     from qf have qfq:"isrlfm ?rq"  
  5118       by (auto simp add: rsplit_def lt_def ge_def rlfm_I[OF qf xp x1])
  5119     with lqx fr_eq\<upsilon>[OF qfq] show "?M \<or> ?P \<or> ?F" by blast
  5120   next
  5121     assume D: "?D"
  5122     let ?U = "set (\<Upsilon> ?rq )"
  5123     from MF PF D have "?F" by auto
  5124     then obtain t n s m where aU:"(t,n) \<in> ?U" and bU:"(s,m)\<in> ?U" and rqx: "?I x (\<upsilon> ?rq (Add (Mul m t) (Mul n s), 2*n*m))" by blast
  5125     from qf have lrq:"isrlfm ?rq"using rlfm_l[OF qf] 
  5126       by (auto simp add: rsplit_def lt_def ge_def)
  5127     from aU bU \<Upsilon>_l[OF lrq] have tnb: "numbound0 t" and np:"real n > 0" and snb: "numbound0 s" and mp:"real m > 0" by (auto simp add: split_def)
  5128     let ?st = "Add (Mul m t) (Mul n s)"
  5129     from tnb snb have stnb: "numbound0 ?st" by simp
  5130     from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  5131       by (simp add: mult_commute)
  5132     from conjunct1[OF \<upsilon>_I[OF lrq mnp stnb, where bs="bs" and x="x"], symmetric] rqx
  5133     have "\<exists> x. ?I x ?rq" by auto
  5134     thus "?E" 
  5135       using rlfm_I[OF qf] by (auto simp add: rsplit_def lt_def ge_def)
  5136   qed
  5137   with MF PF show ?thesis by blast
  5138 qed
  5139 
  5140 lemma \<Upsilon>_cong_aux:
  5141   assumes Ul: "\<forall> (t,n) \<in> set U. numbound0 t \<and> n >0"
  5142   shows "((\<lambda> (t,n). Inum (x#bs) t /real n) ` (set (map (\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m)) (alluopairs U)))) = ((\<lambda> ((t,n),(s,m)). (Inum (x#bs) t /real n + Inum (x#bs) s /real m)/2) ` (set U \<times> set U))"
  5143   (is "?lhs = ?rhs")
  5144 proof(auto)
  5145   fix t n s m
  5146   assume "((t,n),(s,m)) \<in> set (alluopairs U)"
  5147   hence th: "((t,n),(s,m)) \<in> (set U \<times> set U)"
  5148     using alluopairs_set1[where xs="U"] by blast
  5149   let ?N = "\<lambda> t. Inum (x#bs) t"
  5150   let ?st= "Add (Mul m t) (Mul n s)"
  5151   from Ul th have mnz: "m \<noteq> 0" by auto
  5152   from Ul th have  nnz: "n \<noteq> 0" by auto  
  5153   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  5154    using mnz nnz by (simp add: ring_eq_simps add_divide_distrib)
  5155  
  5156   thus "(real m *  Inum (x # bs) t + real n * Inum (x # bs) s) /
  5157        (2 * real n * real m)
  5158        \<in> (\<lambda>((t, n), s, m).
  5159              (Inum (x # bs) t / real n + Inum (x # bs) s / real m) / 2) `
  5160          (set U \<times> set U)"using mnz nnz th  
  5161     apply (auto simp add: th add_divide_distrib ring_eq_simps split_def image_def)
  5162     by (rule_tac x="(s,m)" in bexI,simp_all) 
  5163   (rule_tac x="(t,n)" in bexI,simp_all)
  5164 next
  5165   fix t n s m
  5166   assume tnU: "(t,n) \<in> set U" and smU:"(s,m) \<in> set U" 
  5167   let ?N = "\<lambda> t. Inum (x#bs) t"
  5168   let ?st= "Add (Mul m t) (Mul n s)"
  5169   from Ul smU have mnz: "m \<noteq> 0" by auto
  5170   from Ul tnU have  nnz: "n \<noteq> 0" by auto  
  5171   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  5172    using mnz nnz by (simp add: ring_eq_simps add_divide_distrib)
  5173  let ?P = "\<lambda> (t',n') (s',m'). (Inum (x # bs) t / real n + Inum (x # bs) s / real m)/2 = (Inum (x # bs) t' / real n' + Inum (x # bs) s' / real m')/2"
  5174  have Pc:"\<forall> a b. ?P a b = ?P b a"
  5175    by auto
  5176  from Ul alluopairs_set1 have Up:"\<forall> ((t,n),(s,m)) \<in> set (alluopairs U). n \<noteq> 0 \<and> m \<noteq> 0" by blast
  5177  from alluopairs_ex[OF Pc, where xs="U"] tnU smU
  5178  have th':"\<exists> ((t',n'),(s',m')) \<in> set (alluopairs U). ?P (t',n') (s',m')"
  5179    by blast
  5180  then obtain t' n' s' m' where ts'_U: "((t',n'),(s',m')) \<in> set (alluopairs U)" 
  5181    and Pts': "?P (t',n') (s',m')" by blast
  5182  from ts'_U Up have mnz': "m' \<noteq> 0" and nnz': "n'\<noteq> 0" by auto
  5183  let ?st' = "Add (Mul m' t') (Mul n' s')"
  5184    have st': "(?N t' / real n' + ?N s' / real m')/2 = ?N ?st' / real (2*n'*m')"
  5185    using mnz' nnz' by (simp add: ring_eq_simps add_divide_distrib)
  5186  from Pts' have 
  5187    "(Inum (x # bs) t / real n + Inum (x # bs) s / real m)/2 = (Inum (x # bs) t' / real n' + Inum (x # bs) s' / real m')/2" by simp
  5188  also have "\<dots> = ((\<lambda>(t, n). Inum (x # bs) t / real n) ((\<lambda>((t, n), s, m). (Add (Mul m t) (Mul n s), 2 * n * m)) ((t',n'),(s',m'))))" by (simp add: st')
  5189  finally show "(Inum (x # bs) t / real n + Inum (x # bs) s / real m) / 2
  5190           \<in> (\<lambda>(t, n). Inum (x # bs) t / real n) `
  5191             (\<lambda>((t, n), s, m). (Add (Mul m t) (Mul n s), 2 * n * m)) `
  5192             set (alluopairs U)"
  5193    using ts'_U by blast
  5194 qed
  5195 
  5196 lemma \<Upsilon>_cong:
  5197   assumes lp: "isrlfm p"
  5198   and UU': "((\<lambda> (t,n). Inum (x#bs) t /real n) ` U') = ((\<lambda> ((t,n),(s,m)). (Inum (x#bs) t /real n + Inum (x#bs) s /real m)/2) ` (U \<times> U))" (is "?f ` U' = ?g ` (U\<times>U)")
  5199   and U: "\<forall> (t,n) \<in> U. numbound0 t \<and> n > 0"
  5200   and U': "\<forall> (t,n) \<in> U'. numbound0 t \<and> n > 0"
  5201   shows "(\<exists> (t,n) \<in> U. \<exists> (s,m) \<in> U. Ifm (x#bs) (\<upsilon> p (Add (Mul m t) (Mul n s),2*n*m))) = (\<exists> (t,n) \<in> U'. Ifm (x#bs) (\<upsilon> p (t,n)))"
  5202   (is "?lhs = ?rhs")
  5203 proof
  5204   assume ?lhs
  5205   then obtain t n s m where tnU: "(t,n) \<in> U" and smU:"(s,m) \<in> U" and 
  5206     Pst: "Ifm (x#bs) (\<upsilon> p (Add (Mul m t) (Mul n s),2*n*m))" by blast
  5207   let ?N = "\<lambda> t. Inum (x#bs) t"
  5208   from tnU smU U have tnb: "numbound0 t" and np: "n > 0" 
  5209     and snb: "numbound0 s" and mp:"m > 0"  by auto
  5210   let ?st= "Add (Mul m t) (Mul n s)"
  5211   from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  5212       by (simp add: mult_commute real_of_int_mult[symmetric] del: real_of_int_mult)
  5213     from tnb snb have stnb: "numbound0 ?st" by simp
  5214   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  5215    using mp np by (simp add: ring_eq_simps add_divide_distrib)
  5216   from tnU smU UU' have "?g ((t,n),(s,m)) \<in> ?f ` U'" by blast
  5217   hence "\<exists> (t',n') \<in> U'. ?g ((t,n),(s,m)) = ?f (t',n')"
  5218     by auto (rule_tac x="(a,b)" in bexI, auto)
  5219   then obtain t' n' where tnU': "(t',n') \<in> U'" and th: "?g ((t,n),(s,m)) = ?f (t',n')" by blast
  5220   from U' tnU' have tnb': "numbound0 t'" and np': "real n' > 0" by auto
  5221   from \<upsilon>_I[OF lp mnp stnb, where bs="bs" and x="x"] Pst 
  5222   have Pst2: "Ifm (Inum (x # bs) (Add (Mul m t) (Mul n s)) / real (2 * n * m) # bs) p" by simp
  5223   from conjunct1[OF \<upsilon>_I[OF lp np' tnb', where bs="bs" and x="x"], symmetric] th[simplified split_def fst_conv snd_conv,symmetric] Pst2[simplified st[symmetric]]
  5224   have "Ifm (x # bs) (\<upsilon> p (t', n')) " by (simp only: st) 
  5225   then show ?rhs using tnU' by auto 
  5226 next
  5227   assume ?rhs
  5228   then obtain t' n' where tnU': "(t',n') \<in> U'" and Pt': "Ifm (x # bs) (\<upsilon> p (t', n'))" 
  5229     by blast
  5230   from tnU' UU' have "?f (t',n') \<in> ?g ` (U\<times>U)" by blast
  5231   hence "\<exists> ((t,n),(s,m)) \<in> (U\<times>U). ?f (t',n') = ?g ((t,n),(s,m))" 
  5232     by auto (rule_tac x="(a,b)" in bexI, auto)
  5233   then obtain t n s m where tnU: "(t,n) \<in> U" and smU:"(s,m) \<in> U" and 
  5234     th: "?f (t',n') = ?g((t,n),(s,m)) "by blast
  5235     let ?N = "\<lambda> t. Inum (x#bs) t"
  5236   from tnU smU U have tnb: "numbound0 t" and np: "n > 0" 
  5237     and snb: "numbound0 s" and mp:"m > 0"  by auto
  5238   let ?st= "Add (Mul m t) (Mul n s)"
  5239   from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  5240       by (simp add: mult_commute real_of_int_mult[symmetric] del: real_of_int_mult)
  5241     from tnb snb have stnb: "numbound0 ?st" by simp
  5242   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  5243    using mp np by (simp add: ring_eq_simps add_divide_distrib)
  5244   from U' tnU' have tnb': "numbound0 t'" and np': "real n' > 0" by auto
  5245   from \<upsilon>_I[OF lp np' tnb', where bs="bs" and x="x",simplified th[simplified split_def fst_conv snd_conv] st] Pt'
  5246   have Pst2: "Ifm (Inum (x # bs) (Add (Mul m t) (Mul n s)) / real (2 * n * m) # bs) p" by simp
  5247   with \<upsilon>_I[OF lp mnp stnb, where x="x" and bs="bs"] tnU smU show ?lhs by blast
  5248 qed
  5249   
  5250 lemma ferrack01: 
  5251   assumes qf: "qfree p"
  5252   shows "((\<exists> x. Ifm (x#bs) (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) = (Ifm bs (ferrack01 p))) \<and> qfree (ferrack01 p)" (is "(?lhs = ?rhs) \<and> _")
  5253 proof-
  5254   let ?I = "\<lambda> x p. Ifm (x#bs) p"
  5255   let ?N = "\<lambda> t. Inum (x#bs) t"
  5256   let ?q = "rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)"
  5257   let ?U = "\<Upsilon> ?q"
  5258   let ?Up = "alluopairs ?U"
  5259   let ?g = "\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m)"
  5260   let ?S = "map ?g ?Up"
  5261   let ?SS = "map simp_num_pair ?S"
  5262   let ?Y = "remdups ?SS"
  5263   let ?f= "(\<lambda> (t,n). ?N t / real n)"
  5264   let ?h = "\<lambda> ((t,n),(s,m)). (?N t/real n + ?N s/ real m) /2"
  5265   let ?F = "\<lambda> p. \<exists> a \<in> set (\<Upsilon> p). \<exists> b \<in> set (\<Upsilon> p). ?I x (\<upsilon> p (?g(a,b)))"
  5266   let ?ep = "evaldjf (\<upsilon> ?q) ?Y"
  5267   from rlfm_l[OF qf] have lq: "isrlfm ?q" 
  5268     by (simp add: rsplit_def lt_def ge_def conj_def disj_def Let_def reducecoeff_def numgcd_def igcd_def)
  5269   from alluopairs_set1[where xs="?U"] have UpU: "set ?Up \<le> (set ?U \<times> set ?U)" by simp
  5270   from \<Upsilon>_l[OF lq] have U_l: "\<forall> (t,n) \<in> set ?U. numbound0 t \<and> n > 0" .
  5271   from U_l UpU 
  5272   have Up_: "\<forall> ((t,n),(s,m)) \<in> set ?Up. numbound0 t \<and> n> 0 \<and> numbound0 s \<and> m > 0" by auto
  5273   hence Snb: "\<forall> (t,n) \<in> set ?S. numbound0 t \<and> n > 0 "
  5274     by (auto simp add: mult_pos_pos)
  5275   have Y_l: "\<forall> (t,n) \<in> set ?Y. numbound0 t \<and> n > 0" 
  5276   proof-
  5277     { fix t n assume tnY: "(t,n) \<in> set ?Y" 
  5278       hence "(t,n) \<in> set ?SS" by simp
  5279       hence "\<exists> (t',n') \<in> set ?S. simp_num_pair (t',n') = (t,n)"
  5280 	by (auto simp add: split_def) (rule_tac x="((aa,ba),(ab,bb))" in bexI, simp_all)
  5281       then obtain t' n' where tn'S: "(t',n') \<in> set ?S" and tns: "simp_num_pair (t',n') = (t,n)" by blast
  5282       from tn'S Snb have tnb: "numbound0 t'" and np: "n' > 0" by auto
  5283       from simp_num_pair_l[OF tnb np tns]
  5284       have "numbound0 t \<and> n > 0" . }
  5285     thus ?thesis by blast
  5286   qed
  5287 
  5288   have YU: "(?f ` set ?Y) = (?h ` (set ?U \<times> set ?U))"
  5289   proof-
  5290      from simp_num_pair_ci[where bs="x#bs"] have 
  5291     "\<forall>x. (?f o simp_num_pair) x = ?f x" by auto
  5292      hence th: "?f o simp_num_pair = ?f" using ext by blast
  5293     have "(?f ` set ?Y) = ((?f o simp_num_pair) ` set ?S)" by (simp add: image_compose)
  5294     also have "\<dots> = (?f ` set ?S)" by (simp add: th)
  5295     also have "\<dots> = ((?f o ?g) ` set ?Up)" 
  5296       by (simp only: set_map o_def image_compose[symmetric])
  5297     also have "\<dots> = (?h ` (set ?U \<times> set ?U))"
  5298       using \<Upsilon>_cong_aux[OF U_l, where x="x" and bs="bs", simplified set_map image_compose[symmetric]] by blast
  5299     finally show ?thesis .
  5300   qed
  5301   have "\<forall> (t,n) \<in> set ?Y. bound0 (\<upsilon> ?q (t,n))"
  5302   proof-
  5303     { fix t n assume tnY: "(t,n) \<in> set ?Y"
  5304       with Y_l have tnb: "numbound0 t" and np: "real n > 0" by auto
  5305       from \<upsilon>_I[OF lq np tnb]
  5306     have "bound0 (\<upsilon> ?q (t,n))"  by simp}
  5307     thus ?thesis by blast
  5308   qed
  5309   hence ep_nb: "bound0 ?ep"  using evaldjf_bound0[where xs="?Y" and f="\<upsilon> ?q"]
  5310     by auto
  5311 
  5312   from fr_eq_01[OF qf, where bs="bs" and x="x"] have "?lhs = ?F ?q"
  5313     by (simp only: split_def fst_conv snd_conv)
  5314   also have "\<dots> = (\<exists> (t,n) \<in> set ?Y. ?I x (\<upsilon> ?q (t,n)))" using \<Upsilon>_cong[OF lq YU U_l Y_l]
  5315     by (simp only: split_def fst_conv snd_conv) 
  5316   also have "\<dots> = (Ifm (x#bs) ?ep)" 
  5317     using evaldjf_ex[where ps="?Y" and bs = "x#bs" and f="\<upsilon> ?q",symmetric]
  5318     by (simp only: split_def pair_collapse)
  5319   also have "\<dots> = (Ifm bs (decr ?ep))" using decr[OF ep_nb] by blast
  5320   finally have lr: "?lhs = ?rhs" by (simp only: ferrack01_def Let_def)
  5321   from decr_qf[OF ep_nb] have "qfree (ferrack01 p)" by (simp only: Let_def ferrack01_def)
  5322   with lr show ?thesis by blast
  5323 qed
  5324 
  5325 lemma cp_thm': 
  5326   assumes lp: "iszlfm p (real (i::int)#bs)"
  5327   and up: "d\<beta> p 1" and dd: "d\<delta> p d" and dp: "d > 0"
  5328   shows "(\<exists> (x::int). Ifm (real x#bs) p) = ((\<exists> j\<in> {1 .. d}. Ifm (real j#bs) (minusinf p)) \<or> (\<exists> j\<in> {1.. d}. \<exists> b\<in> (Inum (real i#bs)) ` set (\<beta> p). Ifm ((b+real j)#bs) p))"
  5329   using cp_thm[OF lp up dd dp] by auto
  5330 
  5331 constdefs unit:: "fm \<Rightarrow> fm \<times> num list \<times> int"
  5332   "unit p \<equiv> (let p' = zlfm p ; l = \<zeta> p' ; q = And (Dvd l (CN 0 1 (C 0))) (a\<beta> p' l); d = \<delta> q;
  5333              B = remdups (map simpnum (\<beta> q)) ; a = remdups (map simpnum (\<alpha> q))
  5334              in if length B \<le> length a then (q,B,d) else (mirror q, a,d))"
  5335 
  5336 lemma unit: assumes qf: "qfree p"
  5337   shows "\<And> q B d. unit p = (q,B,d) \<Longrightarrow> ((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and> (Inum (real i#bs)) ` set B = (Inum (real i#bs)) ` set (\<beta> q) \<and> d\<beta> q 1 \<and> d\<delta> q d \<and> d >0 \<and> iszlfm q (real (i::int)#bs) \<and> (\<forall> b\<in> set B. numbound0 b)"
  5338 proof-
  5339   fix q B d 
  5340   assume qBd: "unit p = (q,B,d)"
  5341   let ?thes = "((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and>
  5342     Inum (real i#bs) ` set B = Inum (real i#bs) ` set (\<beta> q) \<and>
  5343     d\<beta> q 1 \<and> d\<delta> q d \<and> 0 < d \<and> iszlfm q (real i # bs) \<and> (\<forall> b\<in> set B. numbound0 b)"
  5344   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5345   let ?p' = "zlfm p"
  5346   let ?l = "\<zeta> ?p'"
  5347   let ?q = "And (Dvd ?l (CN 0 1 (C 0))) (a\<beta> ?p' ?l)"
  5348   let ?d = "\<delta> ?q"
  5349   let ?B = "set (\<beta> ?q)"
  5350   let ?B'= "remdups (map simpnum (\<beta> ?q))"
  5351   let ?A = "set (\<alpha> ?q)"
  5352   let ?A'= "remdups (map simpnum (\<alpha> ?q))"
  5353   from conjunct1[OF zlfm_I[OF qf, where bs="bs"]] 
  5354   have pp': "\<forall> i. ?I i ?p' = ?I i p" by auto
  5355   from iszlfm_gen[OF conjunct2[OF zlfm_I[OF qf, where bs="bs" and i="i"]]]
  5356   have lp': "\<forall> (i::int). iszlfm ?p' (real i#bs)" by simp 
  5357   hence lp'': "iszlfm ?p' (real (i::int)#bs)" by simp
  5358   from lp' \<zeta>[where p="?p'" and bs="bs"] have lp: "?l >0" and dl: "d\<beta> ?p' ?l" by auto
  5359   from a\<beta>_ex[where p="?p'" and l="?l" and bs="bs", OF lp'' dl lp] pp'
  5360   have pq_ex:"(\<exists> (x::int). ?I x p) = (\<exists> x. ?I x ?q)" by (simp add: int_rdvd_iff) 
  5361   from lp'' lp a\<beta>[OF lp'' dl lp] have lq:"iszlfm ?q (real i#bs)" and uq: "d\<beta> ?q 1" 
  5362     by (auto simp add: isint_def)
  5363   from \<delta>[OF lq] have dp:"?d >0" and dd: "d\<delta> ?q ?d" by blast+
  5364   let ?N = "\<lambda> t. Inum (real (i::int)#bs) t"
  5365   have "?N ` set ?B' = ((?N o simpnum) ` ?B)" by (simp add:image_compose) 
  5366   also have "\<dots> = ?N ` ?B" using simpnum_ci[where bs="real i #bs"] by auto
  5367   finally have BB': "?N ` set ?B' = ?N ` ?B" .
  5368   have "?N ` set ?A' = ((?N o simpnum) ` ?A)" by (simp add:image_compose) 
  5369   also have "\<dots> = ?N ` ?A" using simpnum_ci[where bs="real i #bs"] by auto
  5370   finally have AA': "?N ` set ?A' = ?N ` ?A" .
  5371   from \<beta>_numbound0[OF lq] have B_nb:"\<forall> b\<in> set ?B'. numbound0 b"
  5372     by (simp add: simpnum_numbound0)
  5373   from \<alpha>_l[OF lq] have A_nb: "\<forall> b\<in> set ?A'. numbound0 b"
  5374     by (simp add: simpnum_numbound0)
  5375     {assume "length ?B' \<le> length ?A'"
  5376     hence q:"q=?q" and "B = ?B'" and d:"d = ?d"
  5377       using qBd by (auto simp add: Let_def unit_def)
  5378     with BB' B_nb have b: "?N ` (set B) = ?N ` set (\<beta> q)" 
  5379       and bn: "\<forall>b\<in> set B. numbound0 b" by simp+ 
  5380   with pq_ex dp uq dd lq q d have ?thes by simp}
  5381   moreover 
  5382   {assume "\<not> (length ?B' \<le> length ?A')"
  5383     hence q:"q=mirror ?q" and "B = ?A'" and d:"d = ?d"
  5384       using qBd by (auto simp add: Let_def unit_def)
  5385     with AA' mirror\<alpha>\<beta>[OF lq] A_nb have b:"?N ` (set B) = ?N ` set (\<beta> q)" 
  5386       and bn: "\<forall>b\<in> set B. numbound0 b" by simp+
  5387     from mirror_ex[OF lq] pq_ex q 
  5388     have pqm_eq:"(\<exists> (x::int). ?I x p) = (\<exists> (x::int). ?I x q)" by simp
  5389     from lq uq q mirror_d\<beta> [where p="?q" and bs="bs" and a="real i"]
  5390     have lq': "iszlfm q (real i#bs)" and uq: "d\<beta> q 1" by auto
  5391     from \<delta>[OF lq'] mirror_\<delta>[OF lq] q d have dq:"d\<delta> q d " by auto
  5392     from pqm_eq b bn uq lq' dp dq q dp d have ?thes by simp
  5393   }
  5394   ultimately show ?thes by blast
  5395 qed
  5396     (* Cooper's Algorithm *)
  5397 
  5398 constdefs cooper :: "fm \<Rightarrow> fm"
  5399   "cooper p \<equiv> 
  5400   (let (q,B,d) = unit p; js = iupt (1,d);
  5401        mq = simpfm (minusinf q);
  5402        md = evaldjf (\<lambda> j. simpfm (subst0 (C j) mq)) js
  5403    in if md = T then T else
  5404     (let qd = evaldjf (\<lambda> t. simpfm (subst0 t q)) 
  5405                                (remdups (map (\<lambda> (b,j). simpnum (Add b (C j))) 
  5406                                             (allpairs Pair B js)))
  5407      in decr (disj md qd)))"
  5408 lemma cooper: assumes qf: "qfree p"
  5409   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (cooper p))) \<and> qfree (cooper p)" 
  5410   (is "(?lhs = ?rhs) \<and> _")
  5411 proof-
  5412 
  5413   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5414   let ?q = "fst (unit p)"
  5415   let ?B = "fst (snd(unit p))"
  5416   let ?d = "snd (snd (unit p))"
  5417   let ?js = "iupt (1,?d)"
  5418   let ?mq = "minusinf ?q"
  5419   let ?smq = "simpfm ?mq"
  5420   let ?md = "evaldjf (\<lambda> j. simpfm (subst0 (C j) ?smq)) ?js"
  5421   let ?N = "\<lambda> t. Inum (real (i::int)#bs) t"
  5422   let ?bjs = "allpairs Pair ?B ?js"
  5423   let ?sbjs = "map (\<lambda> (b,j). simpnum (Add b (C j))) (allpairs Pair ?B ?js)"
  5424   let ?qd = "evaldjf (\<lambda> t. simpfm (subst0 t ?q)) (remdups ?sbjs)"
  5425   have qbf:"unit p = (?q,?B,?d)" by simp
  5426   from unit[OF qf qbf] have pq_ex: "(\<exists>(x::int). ?I x p) = (\<exists> (x::int). ?I x ?q)" and 
  5427     B:"?N ` set ?B = ?N ` set (\<beta> ?q)" and 
  5428     uq:"d\<beta> ?q 1" and dd: "d\<delta> ?q ?d" and dp: "?d > 0" and 
  5429     lq: "iszlfm ?q (real i#bs)" and 
  5430     Bn: "\<forall> b\<in> set ?B. numbound0 b" by auto
  5431   from zlin_qfree[OF lq] have qfq: "qfree ?q" .
  5432   from simpfm_qf[OF minusinf_qfree[OF qfq]] have qfmq: "qfree ?smq".
  5433   have jsnb: "\<forall> j \<in> set ?js. numbound0 (C j)" by simp
  5434   hence "\<forall> j\<in> set ?js. bound0 (subst0 (C j) ?smq)" 
  5435     by (auto simp only: subst0_bound0[OF qfmq])
  5436   hence th: "\<forall> j\<in> set ?js. bound0 (simpfm (subst0 (C j) ?smq))"
  5437     by (auto simp add: simpfm_bound0)
  5438   from evaldjf_bound0[OF th] have mdb: "bound0 ?md" by simp 
  5439   from Bn jsnb have "\<forall> (b,j) \<in> set (allpairs Pair ?B ?js). numbound0 (Add b (C j))"
  5440     by (simp add: allpairs_set)
  5441   hence "\<forall> (b,j) \<in> set (allpairs Pair ?B ?js). numbound0 (simpnum (Add b (C j)))"
  5442     using simpnum_numbound0 by blast 
  5443   hence "\<forall> t \<in> set ?sbjs. numbound0 t" by simp
  5444   hence "\<forall> t \<in> set (remdups ?sbjs). bound0 (subst0 t ?q)"
  5445     using subst0_bound0[OF qfq] by auto 
  5446   hence th': "\<forall> t \<in> set (remdups ?sbjs). bound0 (simpfm (subst0 t ?q))"
  5447     using simpfm_bound0 by blast
  5448   from evaldjf_bound0 [OF th'] have qdb: "bound0 ?qd" by simp
  5449   from mdb qdb 
  5450   have mdqdb: "bound0 (disj ?md ?qd)" by (simp only: disj_def, cases "?md=T \<or> ?qd=T", simp_all)
  5451   from trans [OF pq_ex cp_thm'[OF lq uq dd dp]] B
  5452   have "?lhs = (\<exists> j\<in> {1.. ?d}. ?I j ?mq \<or> (\<exists> b\<in> ?N ` set ?B. Ifm ((b+ real j)#bs) ?q))" by auto
  5453   also have "\<dots> = ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> (b,j) \<in> (?N ` set ?B \<times> set ?js). Ifm ((b+ real j)#bs) ?q))" apply (simp only: iupt_set simpfm) by auto
  5454   also have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> (\<lambda> (b,j). ?N (Add b (C j))) ` set (allpairs Pair ?B ?js). Ifm (t #bs) ?q))" by (simp only: allpairs_set) simp
  5455   also have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> (\<lambda> (b,j). ?N (simpnum (Add b (C j)))) ` set (allpairs Pair ?B ?js). Ifm (t #bs) ?q))" by (simp only: simpnum_ci)
  5456   also  have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> set ?sbjs. Ifm (?N t #bs) ?q))" 
  5457     by (auto simp add: split_def) 
  5458   also have "\<dots> = ((\<exists> j\<in> set ?js. (\<lambda> j. ?I i (simpfm (subst0 (C j) ?smq))) j) \<or> (\<exists> t \<in> set (remdups ?sbjs). (\<lambda> t. ?I i (simpfm (subst0 t ?q))) t))" by (simp only: simpfm subst0_I[OF qfq] simpfm Inum.simps subst0_I[OF qfmq] set_remdups)
  5459   also have "\<dots> = ((?I i (evaldjf (\<lambda> j. simpfm (subst0 (C j) ?smq)) ?js)) \<or> (?I i (evaldjf (\<lambda> t. simpfm (subst0 t ?q)) (remdups ?sbjs))))" by (simp only: evaldjf_ex)
  5460   finally have mdqd: "?lhs = (?I i (disj ?md ?qd))" by (simp add: disj) 
  5461   hence mdqd2: "?lhs = (Ifm bs (decr (disj ?md ?qd)))" using decr [OF mdqdb] by simp
  5462   {assume mdT: "?md = T"
  5463     hence cT:"cooper p = T" 
  5464       by (simp only: cooper_def unit_def split_def Let_def if_True) simp
  5465     from mdT mdqd have lhs:"?lhs" by (auto simp add: disj)
  5466     from mdT have "?rhs" by (simp add: cooper_def unit_def split_def)
  5467     with lhs cT have ?thesis by simp }
  5468   moreover
  5469   {assume mdT: "?md \<noteq> T" hence "cooper p = decr (disj ?md ?qd)" 
  5470       by (simp only: cooper_def unit_def split_def Let_def if_False) 
  5471     with mdqd2 decr_qf[OF mdqdb] have ?thesis by simp }
  5472   ultimately show ?thesis by blast
  5473 qed
  5474 
  5475 lemma DJcooper: 
  5476   assumes qf: "qfree p"
  5477   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (DJ cooper p))) \<and> qfree (DJ cooper p)"
  5478 proof-
  5479   from cooper have cqf: "\<forall> p. qfree p \<longrightarrow> qfree (cooper p)" by  blast
  5480   from DJ_qf[OF cqf] qf have thqf:"qfree (DJ cooper p)" by blast
  5481   have "Ifm bs (DJ cooper p) = (\<exists> q\<in> set (disjuncts p). Ifm bs (cooper q))" 
  5482      by (simp add: DJ_def evaldjf_ex)
  5483   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). \<exists> (x::int). Ifm (real x#bs)  q)" 
  5484     using cooper disjuncts_qf[OF qf] by blast
  5485   also have "\<dots> = (\<exists> (x::int). Ifm (real x#bs) p)" by (induct p rule: disjuncts.induct, auto)
  5486   finally show ?thesis using thqf by blast
  5487 qed
  5488 
  5489     (* Redy and Loveland *)
  5490 
  5491 lemma \<sigma>\<rho>_cong: assumes lp: "iszlfm p (a#bs)" and tt': "Inum (a#bs) t = Inum (a#bs) t'"
  5492   shows "Ifm (a#bs) (\<sigma>\<rho> p (t,c)) = Ifm (a#bs) (\<sigma>\<rho> p (t',c))"
  5493   using lp 
  5494   by (induct p rule: iszlfm.induct, auto simp add: tt')
  5495 
  5496 lemma \<sigma>_cong: assumes lp: "iszlfm p (a#bs)" and tt': "Inum (a#bs) t = Inum (a#bs) t'"
  5497   shows "Ifm (a#bs) (\<sigma> p c t) = Ifm (a#bs) (\<sigma> p c t')"
  5498   by (simp add: \<sigma>_def tt' \<sigma>\<rho>_cong[OF lp tt'])
  5499 
  5500 lemma \<rho>_cong: assumes lp: "iszlfm p (a#bs)" 
  5501   and RR: "(\<lambda>(b,k). (Inum (a#bs) b,k)) ` R =  (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)"
  5502   shows "(\<exists> (e,c) \<in> R. \<exists> j\<in> {1.. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j)))) = (\<exists> (e,c) \<in> set (\<rho> p). \<exists> j\<in> {1.. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j))))"
  5503   (is "?lhs = ?rhs")
  5504 proof
  5505   let ?d = "\<delta> p"
  5506   assume ?lhs then obtain e c j where ecR: "(e,c) \<in> R" and jD:"j \<in> {1 .. c*?d}" 
  5507     and px: "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" (is "?sp c e j") by blast
  5508   from ecR have "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` R" by auto
  5509   hence "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)" using RR by simp
  5510   hence "\<exists> (e',c') \<in> set (\<rho> p). Inum (a#bs) e = Inum (a#bs) e' \<and> c = c'" by auto
  5511   then obtain e' c' where ecRo:"(e',c') \<in> set (\<rho> p)" and ee':"Inum (a#bs) e = Inum (a#bs) e'"
  5512     and cc':"c = c'" by blast
  5513   from ee' have tt': "Inum (a#bs) (Add e (C j)) = Inum (a#bs) (Add e' (C j))" by simp
  5514   
  5515   from \<sigma>_cong[OF lp tt', where c="c"] px have px':"?sp c e' j" by simp
  5516   from ecRo jD px' cc'  show ?rhs apply auto 
  5517     by (rule_tac x="(e', c')" in bexI,simp_all)
  5518   (rule_tac x="j" in bexI, simp_all add: cc'[symmetric])
  5519 next
  5520   let ?d = "\<delta> p"
  5521   assume ?rhs then obtain e c j where ecR: "(e,c) \<in> set (\<rho> p)" and jD:"j \<in> {1 .. c*?d}" 
  5522     and px: "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" (is "?sp c e j") by blast
  5523   from ecR have "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)" by auto
  5524   hence "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` R" using RR by simp
  5525   hence "\<exists> (e',c') \<in> R. Inum (a#bs) e = Inum (a#bs) e' \<and> c = c'" by auto
  5526   then obtain e' c' where ecRo:"(e',c') \<in> R" and ee':"Inum (a#bs) e = Inum (a#bs) e'"
  5527     and cc':"c = c'" by blast
  5528   from ee' have tt': "Inum (a#bs) (Add e (C j)) = Inum (a#bs) (Add e' (C j))" by simp
  5529   from \<sigma>_cong[OF lp tt', where c="c"] px have px':"?sp c e' j" by simp
  5530   from ecRo jD px' cc'  show ?lhs apply auto