src/ZF/Int_ZF.thy
author wenzelm
Fri Oct 09 20:26:03 2015 +0200 (2015-10-09)
changeset 61378 3e04c9ca001a
parent 60770 240563fbf41d
child 61395 4f8c2c4a0a8c
permissions -rw-r--r--
discontinued specific HTML syntax;
     1 (*  Title:      ZF/Int_ZF.thy
     2     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     3     Copyright   1993  University of Cambridge
     4 *)
     5 
     6 section\<open>The Integers as Equivalence Classes Over Pairs of Natural Numbers\<close>
     7 
     8 theory Int_ZF imports EquivClass ArithSimp begin
     9 
    10 definition
    11   intrel :: i  where
    12     "intrel == {p \<in> (nat*nat)*(nat*nat).
    13                 \<exists>x1 y1 x2 y2. p=<<x1,y1>,<x2,y2>> & x1#+y2 = x2#+y1}"
    14 
    15 definition
    16   int :: i  where
    17     "int == (nat*nat)//intrel"
    18 
    19 definition
    20   int_of :: "i=>i" --\<open>coercion from nat to int\<close>    ("$# _" [80] 80)  where
    21     "$# m == intrel `` {<natify(m), 0>}"
    22 
    23 definition
    24   intify :: "i=>i" --\<open>coercion from ANYTHING to int\<close>  where
    25     "intify(m) == if m \<in> int then m else $#0"
    26 
    27 definition
    28   raw_zminus :: "i=>i"  where
    29     "raw_zminus(z) == \<Union><x,y>\<in>z. intrel``{<y,x>}"
    30 
    31 definition
    32   zminus :: "i=>i"                                 ("$- _" [80] 80)  where
    33     "$- z == raw_zminus (intify(z))"
    34 
    35 definition
    36   znegative   ::      "i=>o"  where
    37     "znegative(z) == \<exists>x y. x<y & y\<in>nat & <x,y>\<in>z"
    38 
    39 definition
    40   iszero      ::      "i=>o"  where
    41     "iszero(z) == z = $# 0"
    42 
    43 definition
    44   raw_nat_of  :: "i=>i"  where
    45   "raw_nat_of(z) == natify (\<Union><x,y>\<in>z. x#-y)"
    46 
    47 definition
    48   nat_of  :: "i=>i"  where
    49   "nat_of(z) == raw_nat_of (intify(z))"
    50 
    51 definition
    52   zmagnitude  ::      "i=>i"  where
    53   --\<open>could be replaced by an absolute value function from int to int?\<close>
    54     "zmagnitude(z) ==
    55      THE m. m\<in>nat & ((~ znegative(z) & z = $# m) |
    56                        (znegative(z) & $- z = $# m))"
    57 
    58 definition
    59   raw_zmult   ::      "[i,i]=>i"  where
    60     (*Cannot use UN<x1,y2> here or in zadd because of the form of congruent2.
    61       Perhaps a "curried" or even polymorphic congruent predicate would be
    62       better.*)
    63      "raw_zmult(z1,z2) ==
    64        \<Union>p1\<in>z1. \<Union>p2\<in>z2.  split(%x1 y1. split(%x2 y2.
    65                    intrel``{<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}, p2), p1)"
    66 
    67 definition
    68   zmult       ::      "[i,i]=>i"      (infixl "$*" 70)  where
    69      "z1 $* z2 == raw_zmult (intify(z1),intify(z2))"
    70 
    71 definition
    72   raw_zadd    ::      "[i,i]=>i"  where
    73      "raw_zadd (z1, z2) ==
    74        \<Union>z1\<in>z1. \<Union>z2\<in>z2. let <x1,y1>=z1; <x2,y2>=z2
    75                            in intrel``{<x1#+x2, y1#+y2>}"
    76 
    77 definition
    78   zadd        ::      "[i,i]=>i"      (infixl "$+" 65)  where
    79      "z1 $+ z2 == raw_zadd (intify(z1),intify(z2))"
    80 
    81 definition
    82   zdiff        ::      "[i,i]=>i"      (infixl "$-" 65)  where
    83      "z1 $- z2 == z1 $+ zminus(z2)"
    84 
    85 definition
    86   zless        ::      "[i,i]=>o"      (infixl "$<" 50)  where
    87      "z1 $< z2 == znegative(z1 $- z2)"
    88 
    89 definition
    90   zle          ::      "[i,i]=>o"      (infixl "$<=" 50)  where
    91      "z1 $<= z2 == z1 $< z2 | intify(z1)=intify(z2)"
    92 
    93 
    94 notation (xsymbols)
    95   zmult  (infixl "$\<times>" 70) and
    96   zle  (infixl "$\<le>" 50)  --\<open>less than or equals\<close>
    97 
    98 
    99 declare quotientE [elim!]
   100 
   101 subsection\<open>Proving that @{term intrel} is an equivalence relation\<close>
   102 
   103 (** Natural deduction for intrel **)
   104 
   105 lemma intrel_iff [simp]:
   106     "<<x1,y1>,<x2,y2>>: intrel \<longleftrightarrow>
   107      x1\<in>nat & y1\<in>nat & x2\<in>nat & y2\<in>nat & x1#+y2 = x2#+y1"
   108 by (simp add: intrel_def)
   109 
   110 lemma intrelI [intro!]:
   111     "[| x1#+y2 = x2#+y1; x1\<in>nat; y1\<in>nat; x2\<in>nat; y2\<in>nat |]
   112      ==> <<x1,y1>,<x2,y2>>: intrel"
   113 by (simp add: intrel_def)
   114 
   115 lemma intrelE [elim!]:
   116   "[| p \<in> intrel;
   117       !!x1 y1 x2 y2. [| p = <<x1,y1>,<x2,y2>>;  x1#+y2 = x2#+y1;
   118                         x1\<in>nat; y1\<in>nat; x2\<in>nat; y2\<in>nat |] ==> Q |]
   119    ==> Q"
   120 by (simp add: intrel_def, blast)
   121 
   122 lemma int_trans_lemma:
   123      "[| x1 #+ y2 = x2 #+ y1; x2 #+ y3 = x3 #+ y2 |] ==> x1 #+ y3 = x3 #+ y1"
   124 apply (rule sym)
   125 apply (erule add_left_cancel)+
   126 apply (simp_all (no_asm_simp))
   127 done
   128 
   129 lemma equiv_intrel: "equiv(nat*nat, intrel)"
   130 apply (simp add: equiv_def refl_def sym_def trans_def)
   131 apply (fast elim!: sym int_trans_lemma)
   132 done
   133 
   134 lemma image_intrel_int: "[| m\<in>nat; n\<in>nat |] ==> intrel `` {<m,n>} \<in> int"
   135 by (simp add: int_def)
   136 
   137 declare equiv_intrel [THEN eq_equiv_class_iff, simp]
   138 declare conj_cong [cong]
   139 
   140 lemmas eq_intrelD = eq_equiv_class [OF _ equiv_intrel]
   141 
   142 (** int_of: the injection from nat to int **)
   143 
   144 lemma int_of_type [simp,TC]: "$#m \<in> int"
   145 by (simp add: int_def quotient_def int_of_def, auto)
   146 
   147 lemma int_of_eq [iff]: "($# m = $# n) \<longleftrightarrow> natify(m)=natify(n)"
   148 by (simp add: int_of_def)
   149 
   150 lemma int_of_inject: "[| $#m = $#n;  m\<in>nat;  n\<in>nat |] ==> m=n"
   151 by (drule int_of_eq [THEN iffD1], auto)
   152 
   153 
   154 (** intify: coercion from anything to int **)
   155 
   156 lemma intify_in_int [iff,TC]: "intify(x) \<in> int"
   157 by (simp add: intify_def)
   158 
   159 lemma intify_ident [simp]: "n \<in> int ==> intify(n) = n"
   160 by (simp add: intify_def)
   161 
   162 
   163 subsection\<open>Collapsing rules: to remove @{term intify}
   164             from arithmetic expressions\<close>
   165 
   166 lemma intify_idem [simp]: "intify(intify(x)) = intify(x)"
   167 by simp
   168 
   169 lemma int_of_natify [simp]: "$# (natify(m)) = $# m"
   170 by (simp add: int_of_def)
   171 
   172 lemma zminus_intify [simp]: "$- (intify(m)) = $- m"
   173 by (simp add: zminus_def)
   174 
   175 (** Addition **)
   176 
   177 lemma zadd_intify1 [simp]: "intify(x) $+ y = x $+ y"
   178 by (simp add: zadd_def)
   179 
   180 lemma zadd_intify2 [simp]: "x $+ intify(y) = x $+ y"
   181 by (simp add: zadd_def)
   182 
   183 (** Subtraction **)
   184 
   185 lemma zdiff_intify1 [simp]:"intify(x) $- y = x $- y"
   186 by (simp add: zdiff_def)
   187 
   188 lemma zdiff_intify2 [simp]:"x $- intify(y) = x $- y"
   189 by (simp add: zdiff_def)
   190 
   191 (** Multiplication **)
   192 
   193 lemma zmult_intify1 [simp]:"intify(x) $* y = x $* y"
   194 by (simp add: zmult_def)
   195 
   196 lemma zmult_intify2 [simp]:"x $* intify(y) = x $* y"
   197 by (simp add: zmult_def)
   198 
   199 (** Orderings **)
   200 
   201 lemma zless_intify1 [simp]:"intify(x) $< y \<longleftrightarrow> x $< y"
   202 by (simp add: zless_def)
   203 
   204 lemma zless_intify2 [simp]:"x $< intify(y) \<longleftrightarrow> x $< y"
   205 by (simp add: zless_def)
   206 
   207 lemma zle_intify1 [simp]:"intify(x) $<= y \<longleftrightarrow> x $<= y"
   208 by (simp add: zle_def)
   209 
   210 lemma zle_intify2 [simp]:"x $<= intify(y) \<longleftrightarrow> x $<= y"
   211 by (simp add: zle_def)
   212 
   213 
   214 subsection\<open>@{term zminus}: unary negation on @{term int}\<close>
   215 
   216 lemma zminus_congruent: "(%<x,y>. intrel``{<y,x>}) respects intrel"
   217 by (auto simp add: congruent_def add_ac)
   218 
   219 lemma raw_zminus_type: "z \<in> int ==> raw_zminus(z) \<in> int"
   220 apply (simp add: int_def raw_zminus_def)
   221 apply (typecheck add: UN_equiv_class_type [OF equiv_intrel zminus_congruent])
   222 done
   223 
   224 lemma zminus_type [TC,iff]: "$-z \<in> int"
   225 by (simp add: zminus_def raw_zminus_type)
   226 
   227 lemma raw_zminus_inject:
   228      "[| raw_zminus(z) = raw_zminus(w);  z \<in> int;  w \<in> int |] ==> z=w"
   229 apply (simp add: int_def raw_zminus_def)
   230 apply (erule UN_equiv_class_inject [OF equiv_intrel zminus_congruent], safe)
   231 apply (auto dest: eq_intrelD simp add: add_ac)
   232 done
   233 
   234 lemma zminus_inject_intify [dest!]: "$-z = $-w ==> intify(z) = intify(w)"
   235 apply (simp add: zminus_def)
   236 apply (blast dest!: raw_zminus_inject)
   237 done
   238 
   239 lemma zminus_inject: "[| $-z = $-w;  z \<in> int;  w \<in> int |] ==> z=w"
   240 by auto
   241 
   242 lemma raw_zminus:
   243     "[| x\<in>nat;  y\<in>nat |] ==> raw_zminus(intrel``{<x,y>}) = intrel `` {<y,x>}"
   244 apply (simp add: raw_zminus_def UN_equiv_class [OF equiv_intrel zminus_congruent])
   245 done
   246 
   247 lemma zminus:
   248     "[| x\<in>nat;  y\<in>nat |]
   249      ==> $- (intrel``{<x,y>}) = intrel `` {<y,x>}"
   250 by (simp add: zminus_def raw_zminus image_intrel_int)
   251 
   252 lemma raw_zminus_zminus: "z \<in> int ==> raw_zminus (raw_zminus(z)) = z"
   253 by (auto simp add: int_def raw_zminus)
   254 
   255 lemma zminus_zminus_intify [simp]: "$- ($- z) = intify(z)"
   256 by (simp add: zminus_def raw_zminus_type raw_zminus_zminus)
   257 
   258 lemma zminus_int0 [simp]: "$- ($#0) = $#0"
   259 by (simp add: int_of_def zminus)
   260 
   261 lemma zminus_zminus: "z \<in> int ==> $- ($- z) = z"
   262 by simp
   263 
   264 
   265 subsection\<open>@{term znegative}: the test for negative integers\<close>
   266 
   267 lemma znegative: "[| x\<in>nat; y\<in>nat |] ==> znegative(intrel``{<x,y>}) \<longleftrightarrow> x<y"
   268 apply (cases "x<y")
   269 apply (auto simp add: znegative_def not_lt_iff_le)
   270 apply (subgoal_tac "y #+ x2 < x #+ y2", force)
   271 apply (rule add_le_lt_mono, auto)
   272 done
   273 
   274 (*No natural number is negative!*)
   275 lemma not_znegative_int_of [iff]: "~ znegative($# n)"
   276 by (simp add: znegative int_of_def)
   277 
   278 lemma znegative_zminus_int_of [simp]: "znegative($- $# succ(n))"
   279 by (simp add: znegative int_of_def zminus natify_succ)
   280 
   281 lemma not_znegative_imp_zero: "~ znegative($- $# n) ==> natify(n)=0"
   282 by (simp add: znegative int_of_def zminus Ord_0_lt_iff [THEN iff_sym])
   283 
   284 
   285 subsection\<open>@{term nat_of}: Coercion of an Integer to a Natural Number\<close>
   286 
   287 lemma nat_of_intify [simp]: "nat_of(intify(z)) = nat_of(z)"
   288 by (simp add: nat_of_def)
   289 
   290 lemma nat_of_congruent: "(\<lambda>x. (\<lambda>\<langle>x,y\<rangle>. x #- y)(x)) respects intrel"
   291 by (auto simp add: congruent_def split add: nat_diff_split)
   292 
   293 lemma raw_nat_of:
   294     "[| x\<in>nat;  y\<in>nat |] ==> raw_nat_of(intrel``{<x,y>}) = x#-y"
   295 by (simp add: raw_nat_of_def UN_equiv_class [OF equiv_intrel nat_of_congruent])
   296 
   297 lemma raw_nat_of_int_of: "raw_nat_of($# n) = natify(n)"
   298 by (simp add: int_of_def raw_nat_of)
   299 
   300 lemma nat_of_int_of [simp]: "nat_of($# n) = natify(n)"
   301 by (simp add: raw_nat_of_int_of nat_of_def)
   302 
   303 lemma raw_nat_of_type: "raw_nat_of(z) \<in> nat"
   304 by (simp add: raw_nat_of_def)
   305 
   306 lemma nat_of_type [iff,TC]: "nat_of(z) \<in> nat"
   307 by (simp add: nat_of_def raw_nat_of_type)
   308 
   309 subsection\<open>zmagnitude: magnitide of an integer, as a natural number\<close>
   310 
   311 lemma zmagnitude_int_of [simp]: "zmagnitude($# n) = natify(n)"
   312 by (auto simp add: zmagnitude_def int_of_eq)
   313 
   314 lemma natify_int_of_eq: "natify(x)=n ==> $#x = $# n"
   315 apply (drule sym)
   316 apply (simp (no_asm_simp) add: int_of_eq)
   317 done
   318 
   319 lemma zmagnitude_zminus_int_of [simp]: "zmagnitude($- $# n) = natify(n)"
   320 apply (simp add: zmagnitude_def)
   321 apply (rule the_equality)
   322 apply (auto dest!: not_znegative_imp_zero natify_int_of_eq
   323             iff del: int_of_eq, auto)
   324 done
   325 
   326 lemma zmagnitude_type [iff,TC]: "zmagnitude(z)\<in>nat"
   327 apply (simp add: zmagnitude_def)
   328 apply (rule theI2, auto)
   329 done
   330 
   331 lemma not_zneg_int_of:
   332      "[| z \<in> int; ~ znegative(z) |] ==> \<exists>n\<in>nat. z = $# n"
   333 apply (auto simp add: int_def znegative int_of_def not_lt_iff_le)
   334 apply (rename_tac x y)
   335 apply (rule_tac x="x#-y" in bexI)
   336 apply (auto simp add: add_diff_inverse2)
   337 done
   338 
   339 lemma not_zneg_mag [simp]:
   340      "[| z \<in> int; ~ znegative(z) |] ==> $# (zmagnitude(z)) = z"
   341 by (drule not_zneg_int_of, auto)
   342 
   343 lemma zneg_int_of:
   344      "[| znegative(z); z \<in> int |] ==> \<exists>n\<in>nat. z = $- ($# succ(n))"
   345 by (auto simp add: int_def znegative zminus int_of_def dest!: less_imp_succ_add)
   346 
   347 lemma zneg_mag [simp]:
   348      "[| znegative(z); z \<in> int |] ==> $# (zmagnitude(z)) = $- z"
   349 by (drule zneg_int_of, auto)
   350 
   351 lemma int_cases: "z \<in> int ==> \<exists>n\<in>nat. z = $# n | z = $- ($# succ(n))"
   352 apply (case_tac "znegative (z) ")
   353 prefer 2 apply (blast dest: not_zneg_mag sym)
   354 apply (blast dest: zneg_int_of)
   355 done
   356 
   357 lemma not_zneg_raw_nat_of:
   358      "[| ~ znegative(z); z \<in> int |] ==> $# (raw_nat_of(z)) = z"
   359 apply (drule not_zneg_int_of)
   360 apply (auto simp add: raw_nat_of_type raw_nat_of_int_of)
   361 done
   362 
   363 lemma not_zneg_nat_of_intify:
   364      "~ znegative(intify(z)) ==> $# (nat_of(z)) = intify(z)"
   365 by (simp (no_asm_simp) add: nat_of_def not_zneg_raw_nat_of)
   366 
   367 lemma not_zneg_nat_of: "[| ~ znegative(z); z \<in> int |] ==> $# (nat_of(z)) = z"
   368 apply (simp (no_asm_simp) add: not_zneg_nat_of_intify)
   369 done
   370 
   371 lemma zneg_nat_of [simp]: "znegative(intify(z)) ==> nat_of(z) = 0"
   372 apply (subgoal_tac "intify(z) \<in> int")
   373 apply (simp add: int_def)
   374 apply (auto simp add: znegative nat_of_def raw_nat_of
   375             split add: nat_diff_split)
   376 done
   377 
   378 
   379 subsection\<open>@{term zadd}: addition on int\<close>
   380 
   381 text\<open>Congruence Property for Addition\<close>
   382 lemma zadd_congruent2:
   383     "(%z1 z2. let <x1,y1>=z1; <x2,y2>=z2
   384                             in intrel``{<x1#+x2, y1#+y2>})
   385      respects2 intrel"
   386 apply (simp add: congruent2_def)
   387 (*Proof via congruent2_commuteI seems longer*)
   388 apply safe
   389 apply (simp (no_asm_simp) add: add_assoc Let_def)
   390 (*The rest should be trivial, but rearranging terms is hard
   391   add_ac does not help rewriting with the assumptions.*)
   392 apply (rule_tac m1 = x1a in add_left_commute [THEN ssubst])
   393 apply (rule_tac m1 = x2a in add_left_commute [THEN ssubst])
   394 apply (simp (no_asm_simp) add: add_assoc [symmetric])
   395 done
   396 
   397 lemma raw_zadd_type: "[| z \<in> int;  w \<in> int |] ==> raw_zadd(z,w) \<in> int"
   398 apply (simp add: int_def raw_zadd_def)
   399 apply (rule UN_equiv_class_type2 [OF equiv_intrel zadd_congruent2], assumption+)
   400 apply (simp add: Let_def)
   401 done
   402 
   403 lemma zadd_type [iff,TC]: "z $+ w \<in> int"
   404 by (simp add: zadd_def raw_zadd_type)
   405 
   406 lemma raw_zadd:
   407   "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]
   408    ==> raw_zadd (intrel``{<x1,y1>}, intrel``{<x2,y2>}) =
   409        intrel `` {<x1#+x2, y1#+y2>}"
   410 apply (simp add: raw_zadd_def
   411              UN_equiv_class2 [OF equiv_intrel equiv_intrel zadd_congruent2])
   412 apply (simp add: Let_def)
   413 done
   414 
   415 lemma zadd:
   416   "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]
   417    ==> (intrel``{<x1,y1>}) $+ (intrel``{<x2,y2>}) =
   418        intrel `` {<x1#+x2, y1#+y2>}"
   419 by (simp add: zadd_def raw_zadd image_intrel_int)
   420 
   421 lemma raw_zadd_int0: "z \<in> int ==> raw_zadd ($#0,z) = z"
   422 by (auto simp add: int_def int_of_def raw_zadd)
   423 
   424 lemma zadd_int0_intify [simp]: "$#0 $+ z = intify(z)"
   425 by (simp add: zadd_def raw_zadd_int0)
   426 
   427 lemma zadd_int0: "z \<in> int ==> $#0 $+ z = z"
   428 by simp
   429 
   430 lemma raw_zminus_zadd_distrib:
   431      "[| z \<in> int;  w \<in> int |] ==> $- raw_zadd(z,w) = raw_zadd($- z, $- w)"
   432 by (auto simp add: zminus raw_zadd int_def)
   433 
   434 lemma zminus_zadd_distrib [simp]: "$- (z $+ w) = $- z $+ $- w"
   435 by (simp add: zadd_def raw_zminus_zadd_distrib)
   436 
   437 lemma raw_zadd_commute:
   438      "[| z \<in> int;  w \<in> int |] ==> raw_zadd(z,w) = raw_zadd(w,z)"
   439 by (auto simp add: raw_zadd add_ac int_def)
   440 
   441 lemma zadd_commute: "z $+ w = w $+ z"
   442 by (simp add: zadd_def raw_zadd_commute)
   443 
   444 lemma raw_zadd_assoc:
   445     "[| z1: int;  z2: int;  z3: int |]
   446      ==> raw_zadd (raw_zadd(z1,z2),z3) = raw_zadd(z1,raw_zadd(z2,z3))"
   447 by (auto simp add: int_def raw_zadd add_assoc)
   448 
   449 lemma zadd_assoc: "(z1 $+ z2) $+ z3 = z1 $+ (z2 $+ z3)"
   450 by (simp add: zadd_def raw_zadd_type raw_zadd_assoc)
   451 
   452 (*For AC rewriting*)
   453 lemma zadd_left_commute: "z1$+(z2$+z3) = z2$+(z1$+z3)"
   454 apply (simp add: zadd_assoc [symmetric])
   455 apply (simp add: zadd_commute)
   456 done
   457 
   458 (*Integer addition is an AC operator*)
   459 lemmas zadd_ac = zadd_assoc zadd_commute zadd_left_commute
   460 
   461 lemma int_of_add: "$# (m #+ n) = ($#m) $+ ($#n)"
   462 by (simp add: int_of_def zadd)
   463 
   464 lemma int_succ_int_1: "$# succ(m) = $# 1 $+ ($# m)"
   465 by (simp add: int_of_add [symmetric] natify_succ)
   466 
   467 lemma int_of_diff:
   468      "[| m\<in>nat;  n \<le> m |] ==> $# (m #- n) = ($#m) $- ($#n)"
   469 apply (simp add: int_of_def zdiff_def)
   470 apply (frule lt_nat_in_nat)
   471 apply (simp_all add: zadd zminus add_diff_inverse2)
   472 done
   473 
   474 lemma raw_zadd_zminus_inverse: "z \<in> int ==> raw_zadd (z, $- z) = $#0"
   475 by (auto simp add: int_def int_of_def zminus raw_zadd add_commute)
   476 
   477 lemma zadd_zminus_inverse [simp]: "z $+ ($- z) = $#0"
   478 apply (simp add: zadd_def)
   479 apply (subst zminus_intify [symmetric])
   480 apply (rule intify_in_int [THEN raw_zadd_zminus_inverse])
   481 done
   482 
   483 lemma zadd_zminus_inverse2 [simp]: "($- z) $+ z = $#0"
   484 by (simp add: zadd_commute zadd_zminus_inverse)
   485 
   486 lemma zadd_int0_right_intify [simp]: "z $+ $#0 = intify(z)"
   487 by (rule trans [OF zadd_commute zadd_int0_intify])
   488 
   489 lemma zadd_int0_right: "z \<in> int ==> z $+ $#0 = z"
   490 by simp
   491 
   492 
   493 subsection\<open>@{term zmult}: Integer Multiplication\<close>
   494 
   495 text\<open>Congruence property for multiplication\<close>
   496 lemma zmult_congruent2:
   497     "(%p1 p2. split(%x1 y1. split(%x2 y2.
   498                     intrel``{<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}, p2), p1))
   499      respects2 intrel"
   500 apply (rule equiv_intrel [THEN congruent2_commuteI], auto)
   501 (*Proof that zmult is congruent in one argument*)
   502 apply (rename_tac x y)
   503 apply (frule_tac t = "%u. x#*u" in sym [THEN subst_context])
   504 apply (drule_tac t = "%u. y#*u" in subst_context)
   505 apply (erule add_left_cancel)+
   506 apply (simp_all add: add_mult_distrib_left)
   507 done
   508 
   509 
   510 lemma raw_zmult_type: "[| z \<in> int;  w \<in> int |] ==> raw_zmult(z,w) \<in> int"
   511 apply (simp add: int_def raw_zmult_def)
   512 apply (rule UN_equiv_class_type2 [OF equiv_intrel zmult_congruent2], assumption+)
   513 apply (simp add: Let_def)
   514 done
   515 
   516 lemma zmult_type [iff,TC]: "z $* w \<in> int"
   517 by (simp add: zmult_def raw_zmult_type)
   518 
   519 lemma raw_zmult:
   520      "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]
   521       ==> raw_zmult(intrel``{<x1,y1>}, intrel``{<x2,y2>}) =
   522           intrel `` {<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}"
   523 by (simp add: raw_zmult_def
   524            UN_equiv_class2 [OF equiv_intrel equiv_intrel zmult_congruent2])
   525 
   526 lemma zmult:
   527      "[| x1\<in>nat; y1\<in>nat;  x2\<in>nat; y2\<in>nat |]
   528       ==> (intrel``{<x1,y1>}) $* (intrel``{<x2,y2>}) =
   529           intrel `` {<x1#*x2 #+ y1#*y2, x1#*y2 #+ y1#*x2>}"
   530 by (simp add: zmult_def raw_zmult image_intrel_int)
   531 
   532 lemma raw_zmult_int0: "z \<in> int ==> raw_zmult ($#0,z) = $#0"
   533 by (auto simp add: int_def int_of_def raw_zmult)
   534 
   535 lemma zmult_int0 [simp]: "$#0 $* z = $#0"
   536 by (simp add: zmult_def raw_zmult_int0)
   537 
   538 lemma raw_zmult_int1: "z \<in> int ==> raw_zmult ($#1,z) = z"
   539 by (auto simp add: int_def int_of_def raw_zmult)
   540 
   541 lemma zmult_int1_intify [simp]: "$#1 $* z = intify(z)"
   542 by (simp add: zmult_def raw_zmult_int1)
   543 
   544 lemma zmult_int1: "z \<in> int ==> $#1 $* z = z"
   545 by simp
   546 
   547 lemma raw_zmult_commute:
   548      "[| z \<in> int;  w \<in> int |] ==> raw_zmult(z,w) = raw_zmult(w,z)"
   549 by (auto simp add: int_def raw_zmult add_ac mult_ac)
   550 
   551 lemma zmult_commute: "z $* w = w $* z"
   552 by (simp add: zmult_def raw_zmult_commute)
   553 
   554 lemma raw_zmult_zminus:
   555      "[| z \<in> int;  w \<in> int |] ==> raw_zmult($- z, w) = $- raw_zmult(z, w)"
   556 by (auto simp add: int_def zminus raw_zmult add_ac)
   557 
   558 lemma zmult_zminus [simp]: "($- z) $* w = $- (z $* w)"
   559 apply (simp add: zmult_def raw_zmult_zminus)
   560 apply (subst zminus_intify [symmetric], rule raw_zmult_zminus, auto)
   561 done
   562 
   563 lemma zmult_zminus_right [simp]: "w $* ($- z) = $- (w $* z)"
   564 by (simp add: zmult_commute [of w])
   565 
   566 lemma raw_zmult_assoc:
   567     "[| z1: int;  z2: int;  z3: int |]
   568      ==> raw_zmult (raw_zmult(z1,z2),z3) = raw_zmult(z1,raw_zmult(z2,z3))"
   569 by (auto simp add: int_def raw_zmult add_mult_distrib_left add_ac mult_ac)
   570 
   571 lemma zmult_assoc: "(z1 $* z2) $* z3 = z1 $* (z2 $* z3)"
   572 by (simp add: zmult_def raw_zmult_type raw_zmult_assoc)
   573 
   574 (*For AC rewriting*)
   575 lemma zmult_left_commute: "z1$*(z2$*z3) = z2$*(z1$*z3)"
   576 apply (simp add: zmult_assoc [symmetric])
   577 apply (simp add: zmult_commute)
   578 done
   579 
   580 (*Integer multiplication is an AC operator*)
   581 lemmas zmult_ac = zmult_assoc zmult_commute zmult_left_commute
   582 
   583 lemma raw_zadd_zmult_distrib:
   584     "[| z1: int;  z2: int;  w \<in> int |]
   585      ==> raw_zmult(raw_zadd(z1,z2), w) =
   586          raw_zadd (raw_zmult(z1,w), raw_zmult(z2,w))"
   587 by (auto simp add: int_def raw_zadd raw_zmult add_mult_distrib_left add_ac mult_ac)
   588 
   589 lemma zadd_zmult_distrib: "(z1 $+ z2) $* w = (z1 $* w) $+ (z2 $* w)"
   590 by (simp add: zmult_def zadd_def raw_zadd_type raw_zmult_type
   591               raw_zadd_zmult_distrib)
   592 
   593 lemma zadd_zmult_distrib2: "w $* (z1 $+ z2) = (w $* z1) $+ (w $* z2)"
   594 by (simp add: zmult_commute [of w] zadd_zmult_distrib)
   595 
   596 lemmas int_typechecks =
   597   int_of_type zminus_type zmagnitude_type zadd_type zmult_type
   598 
   599 
   600 (*** Subtraction laws ***)
   601 
   602 lemma zdiff_type [iff,TC]: "z $- w \<in> int"
   603 by (simp add: zdiff_def)
   604 
   605 lemma zminus_zdiff_eq [simp]: "$- (z $- y) = y $- z"
   606 by (simp add: zdiff_def zadd_commute)
   607 
   608 lemma zdiff_zmult_distrib: "(z1 $- z2) $* w = (z1 $* w) $- (z2 $* w)"
   609 apply (simp add: zdiff_def)
   610 apply (subst zadd_zmult_distrib)
   611 apply (simp add: zmult_zminus)
   612 done
   613 
   614 lemma zdiff_zmult_distrib2: "w $* (z1 $- z2) = (w $* z1) $- (w $* z2)"
   615 by (simp add: zmult_commute [of w] zdiff_zmult_distrib)
   616 
   617 lemma zadd_zdiff_eq: "x $+ (y $- z) = (x $+ y) $- z"
   618 by (simp add: zdiff_def zadd_ac)
   619 
   620 lemma zdiff_zadd_eq: "(x $- y) $+ z = (x $+ z) $- y"
   621 by (simp add: zdiff_def zadd_ac)
   622 
   623 
   624 subsection\<open>The "Less Than" Relation\<close>
   625 
   626 (*"Less than" is a linear ordering*)
   627 lemma zless_linear_lemma:
   628      "[| z \<in> int; w \<in> int |] ==> z$<w | z=w | w$<z"
   629 apply (simp add: int_def zless_def znegative_def zdiff_def, auto)
   630 apply (simp add: zadd zminus image_iff Bex_def)
   631 apply (rule_tac i = "xb#+ya" and j = "xc #+ y" in Ord_linear_lt)
   632 apply (force dest!: spec simp add: add_ac)+
   633 done
   634 
   635 lemma zless_linear: "z$<w | intify(z)=intify(w) | w$<z"
   636 apply (cut_tac z = " intify (z) " and w = " intify (w) " in zless_linear_lemma)
   637 apply auto
   638 done
   639 
   640 lemma zless_not_refl [iff]: "~ (z$<z)"
   641 by (auto simp add: zless_def znegative_def int_of_def zdiff_def)
   642 
   643 lemma neq_iff_zless: "[| x \<in> int; y \<in> int |] ==> (x \<noteq> y) \<longleftrightarrow> (x $< y | y $< x)"
   644 by (cut_tac z = x and w = y in zless_linear, auto)
   645 
   646 lemma zless_imp_intify_neq: "w $< z ==> intify(w) \<noteq> intify(z)"
   647 apply auto
   648 apply (subgoal_tac "~ (intify (w) $< intify (z))")
   649 apply (erule_tac [2] ssubst)
   650 apply (simp (no_asm_use))
   651 apply auto
   652 done
   653 
   654 (*This lemma allows direct proofs of other <-properties*)
   655 lemma zless_imp_succ_zadd_lemma:
   656     "[| w $< z; w \<in> int; z \<in> int |] ==> (\<exists>n\<in>nat. z = w $+ $#(succ(n)))"
   657 apply (simp add: zless_def znegative_def zdiff_def int_def)
   658 apply (auto dest!: less_imp_succ_add simp add: zadd zminus int_of_def)
   659 apply (rule_tac x = k in bexI)
   660 apply (erule_tac i="succ (v)" for v in add_left_cancel, auto)
   661 done
   662 
   663 lemma zless_imp_succ_zadd:
   664      "w $< z ==> (\<exists>n\<in>nat. w $+ $#(succ(n)) = intify(z))"
   665 apply (subgoal_tac "intify (w) $< intify (z) ")
   666 apply (drule_tac w = "intify (w) " in zless_imp_succ_zadd_lemma)
   667 apply auto
   668 done
   669 
   670 lemma zless_succ_zadd_lemma:
   671     "w \<in> int ==> w $< w $+ $# succ(n)"
   672 apply (simp add: zless_def znegative_def zdiff_def int_def)
   673 apply (auto simp add: zadd zminus int_of_def image_iff)
   674 apply (rule_tac x = 0 in exI, auto)
   675 done
   676 
   677 lemma zless_succ_zadd: "w $< w $+ $# succ(n)"
   678 by (cut_tac intify_in_int [THEN zless_succ_zadd_lemma], auto)
   679 
   680 lemma zless_iff_succ_zadd:
   681      "w $< z \<longleftrightarrow> (\<exists>n\<in>nat. w $+ $#(succ(n)) = intify(z))"
   682 apply (rule iffI)
   683 apply (erule zless_imp_succ_zadd, auto)
   684 apply (rename_tac "n")
   685 apply (cut_tac w = w and n = n in zless_succ_zadd, auto)
   686 done
   687 
   688 lemma zless_int_of [simp]: "[| m\<in>nat; n\<in>nat |] ==> ($#m $< $#n) \<longleftrightarrow> (m<n)"
   689 apply (simp add: less_iff_succ_add zless_iff_succ_zadd int_of_add [symmetric])
   690 apply (blast intro: sym)
   691 done
   692 
   693 lemma zless_trans_lemma:
   694     "[| x $< y; y $< z; x \<in> int; y \<in> int; z \<in> int |] ==> x $< z"
   695 apply (simp add: zless_def znegative_def zdiff_def int_def)
   696 apply (auto simp add: zadd zminus image_iff)
   697 apply (rename_tac x1 x2 y1 y2)
   698 apply (rule_tac x = "x1#+x2" in exI)
   699 apply (rule_tac x = "y1#+y2" in exI)
   700 apply (auto simp add: add_lt_mono)
   701 apply (rule sym)
   702 apply hypsubst_thin
   703 apply (erule add_left_cancel)+
   704 apply auto
   705 done
   706 
   707 lemma zless_trans [trans]: "[| x $< y; y $< z |] ==> x $< z"
   708 apply (subgoal_tac "intify (x) $< intify (z) ")
   709 apply (rule_tac [2] y = "intify (y) " in zless_trans_lemma)
   710 apply auto
   711 done
   712 
   713 lemma zless_not_sym: "z $< w ==> ~ (w $< z)"
   714 by (blast dest: zless_trans)
   715 
   716 (* [| z $< w; ~ P ==> w $< z |] ==> P *)
   717 lemmas zless_asym = zless_not_sym [THEN swap]
   718 
   719 lemma zless_imp_zle: "z $< w ==> z $<= w"
   720 by (simp add: zle_def)
   721 
   722 lemma zle_linear: "z $<= w | w $<= z"
   723 apply (simp add: zle_def)
   724 apply (cut_tac zless_linear, blast)
   725 done
   726 
   727 
   728 subsection\<open>Less Than or Equals\<close>
   729 
   730 lemma zle_refl: "z $<= z"
   731 by (simp add: zle_def)
   732 
   733 lemma zle_eq_refl: "x=y ==> x $<= y"
   734 by (simp add: zle_refl)
   735 
   736 lemma zle_anti_sym_intify: "[| x $<= y; y $<= x |] ==> intify(x) = intify(y)"
   737 apply (simp add: zle_def, auto)
   738 apply (blast dest: zless_trans)
   739 done
   740 
   741 lemma zle_anti_sym: "[| x $<= y; y $<= x; x \<in> int; y \<in> int |] ==> x=y"
   742 by (drule zle_anti_sym_intify, auto)
   743 
   744 lemma zle_trans_lemma:
   745      "[| x \<in> int; y \<in> int; z \<in> int; x $<= y; y $<= z |] ==> x $<= z"
   746 apply (simp add: zle_def, auto)
   747 apply (blast intro: zless_trans)
   748 done
   749 
   750 lemma zle_trans [trans]: "[| x $<= y; y $<= z |] ==> x $<= z"
   751 apply (subgoal_tac "intify (x) $<= intify (z) ")
   752 apply (rule_tac [2] y = "intify (y) " in zle_trans_lemma)
   753 apply auto
   754 done
   755 
   756 lemma zle_zless_trans [trans]: "[| i $<= j; j $< k |] ==> i $< k"
   757 apply (auto simp add: zle_def)
   758 apply (blast intro: zless_trans)
   759 apply (simp add: zless_def zdiff_def zadd_def)
   760 done
   761 
   762 lemma zless_zle_trans [trans]: "[| i $< j; j $<= k |] ==> i $< k"
   763 apply (auto simp add: zle_def)
   764 apply (blast intro: zless_trans)
   765 apply (simp add: zless_def zdiff_def zminus_def)
   766 done
   767 
   768 lemma not_zless_iff_zle: "~ (z $< w) \<longleftrightarrow> (w $<= z)"
   769 apply (cut_tac z = z and w = w in zless_linear)
   770 apply (auto dest: zless_trans simp add: zle_def)
   771 apply (auto dest!: zless_imp_intify_neq)
   772 done
   773 
   774 lemma not_zle_iff_zless: "~ (z $<= w) \<longleftrightarrow> (w $< z)"
   775 by (simp add: not_zless_iff_zle [THEN iff_sym])
   776 
   777 
   778 subsection\<open>More subtraction laws (for @{text zcompare_rls})\<close>
   779 
   780 lemma zdiff_zdiff_eq: "(x $- y) $- z = x $- (y $+ z)"
   781 by (simp add: zdiff_def zadd_ac)
   782 
   783 lemma zdiff_zdiff_eq2: "x $- (y $- z) = (x $+ z) $- y"
   784 by (simp add: zdiff_def zadd_ac)
   785 
   786 lemma zdiff_zless_iff: "(x$-y $< z) \<longleftrightarrow> (x $< z $+ y)"
   787 by (simp add: zless_def zdiff_def zadd_ac)
   788 
   789 lemma zless_zdiff_iff: "(x $< z$-y) \<longleftrightarrow> (x $+ y $< z)"
   790 by (simp add: zless_def zdiff_def zadd_ac)
   791 
   792 lemma zdiff_eq_iff: "[| x \<in> int; z \<in> int |] ==> (x$-y = z) \<longleftrightarrow> (x = z $+ y)"
   793 by (auto simp add: zdiff_def zadd_assoc)
   794 
   795 lemma eq_zdiff_iff: "[| x \<in> int; z \<in> int |] ==> (x = z$-y) \<longleftrightarrow> (x $+ y = z)"
   796 by (auto simp add: zdiff_def zadd_assoc)
   797 
   798 lemma zdiff_zle_iff_lemma:
   799      "[| x \<in> int; z \<in> int |] ==> (x$-y $<= z) \<longleftrightarrow> (x $<= z $+ y)"
   800 by (auto simp add: zle_def zdiff_eq_iff zdiff_zless_iff)
   801 
   802 lemma zdiff_zle_iff: "(x$-y $<= z) \<longleftrightarrow> (x $<= z $+ y)"
   803 by (cut_tac zdiff_zle_iff_lemma [OF intify_in_int intify_in_int], simp)
   804 
   805 lemma zle_zdiff_iff_lemma:
   806      "[| x \<in> int; z \<in> int |] ==>(x $<= z$-y) \<longleftrightarrow> (x $+ y $<= z)"
   807 apply (auto simp add: zle_def zdiff_eq_iff zless_zdiff_iff)
   808 apply (auto simp add: zdiff_def zadd_assoc)
   809 done
   810 
   811 lemma zle_zdiff_iff: "(x $<= z$-y) \<longleftrightarrow> (x $+ y $<= z)"
   812 by (cut_tac zle_zdiff_iff_lemma [ OF intify_in_int intify_in_int], simp)
   813 
   814 text\<open>This list of rewrites simplifies (in)equalities by bringing subtractions
   815   to the top and then moving negative terms to the other side.
   816   Use with @{text zadd_ac}\<close>
   817 lemmas zcompare_rls =
   818      zdiff_def [symmetric]
   819      zadd_zdiff_eq zdiff_zadd_eq zdiff_zdiff_eq zdiff_zdiff_eq2
   820      zdiff_zless_iff zless_zdiff_iff zdiff_zle_iff zle_zdiff_iff
   821      zdiff_eq_iff eq_zdiff_iff
   822 
   823 
   824 subsection\<open>Monotonicity and Cancellation Results for Instantiation
   825      of the CancelNumerals Simprocs\<close>
   826 
   827 lemma zadd_left_cancel:
   828      "[| w \<in> int; w': int |] ==> (z $+ w' = z $+ w) \<longleftrightarrow> (w' = w)"
   829 apply safe
   830 apply (drule_tac t = "%x. x $+ ($-z) " in subst_context)
   831 apply (simp add: zadd_ac)
   832 done
   833 
   834 lemma zadd_left_cancel_intify [simp]:
   835      "(z $+ w' = z $+ w) \<longleftrightarrow> intify(w') = intify(w)"
   836 apply (rule iff_trans)
   837 apply (rule_tac [2] zadd_left_cancel, auto)
   838 done
   839 
   840 lemma zadd_right_cancel:
   841      "[| w \<in> int; w': int |] ==> (w' $+ z = w $+ z) \<longleftrightarrow> (w' = w)"
   842 apply safe
   843 apply (drule_tac t = "%x. x $+ ($-z) " in subst_context)
   844 apply (simp add: zadd_ac)
   845 done
   846 
   847 lemma zadd_right_cancel_intify [simp]:
   848      "(w' $+ z = w $+ z) \<longleftrightarrow> intify(w') = intify(w)"
   849 apply (rule iff_trans)
   850 apply (rule_tac [2] zadd_right_cancel, auto)
   851 done
   852 
   853 lemma zadd_right_cancel_zless [simp]: "(w' $+ z $< w $+ z) \<longleftrightarrow> (w' $< w)"
   854 by (simp add: zdiff_zless_iff [THEN iff_sym] zdiff_def zadd_assoc)
   855 
   856 lemma zadd_left_cancel_zless [simp]: "(z $+ w' $< z $+ w) \<longleftrightarrow> (w' $< w)"
   857 by (simp add: zadd_commute [of z] zadd_right_cancel_zless)
   858 
   859 lemma zadd_right_cancel_zle [simp]: "(w' $+ z $<= w $+ z) \<longleftrightarrow> w' $<= w"
   860 by (simp add: zle_def)
   861 
   862 lemma zadd_left_cancel_zle [simp]: "(z $+ w' $<= z $+ w) \<longleftrightarrow>  w' $<= w"
   863 by (simp add: zadd_commute [of z]  zadd_right_cancel_zle)
   864 
   865 
   866 (*"v $<= w ==> v$+z $<= w$+z"*)
   867 lemmas zadd_zless_mono1 = zadd_right_cancel_zless [THEN iffD2]
   868 
   869 (*"v $<= w ==> z$+v $<= z$+w"*)
   870 lemmas zadd_zless_mono2 = zadd_left_cancel_zless [THEN iffD2]
   871 
   872 (*"v $<= w ==> v$+z $<= w$+z"*)
   873 lemmas zadd_zle_mono1 = zadd_right_cancel_zle [THEN iffD2]
   874 
   875 (*"v $<= w ==> z$+v $<= z$+w"*)
   876 lemmas zadd_zle_mono2 = zadd_left_cancel_zle [THEN iffD2]
   877 
   878 lemma zadd_zle_mono: "[| w' $<= w; z' $<= z |] ==> w' $+ z' $<= w $+ z"
   879 by (erule zadd_zle_mono1 [THEN zle_trans], simp)
   880 
   881 lemma zadd_zless_mono: "[| w' $< w; z' $<= z |] ==> w' $+ z' $< w $+ z"
   882 by (erule zadd_zless_mono1 [THEN zless_zle_trans], simp)
   883 
   884 
   885 subsection\<open>Comparison laws\<close>
   886 
   887 lemma zminus_zless_zminus [simp]: "($- x $< $- y) \<longleftrightarrow> (y $< x)"
   888 by (simp add: zless_def zdiff_def zadd_ac)
   889 
   890 lemma zminus_zle_zminus [simp]: "($- x $<= $- y) \<longleftrightarrow> (y $<= x)"
   891 by (simp add: not_zless_iff_zle [THEN iff_sym])
   892 
   893 subsubsection\<open>More inequality lemmas\<close>
   894 
   895 lemma equation_zminus: "[| x \<in> int;  y \<in> int |] ==> (x = $- y) \<longleftrightarrow> (y = $- x)"
   896 by auto
   897 
   898 lemma zminus_equation: "[| x \<in> int;  y \<in> int |] ==> ($- x = y) \<longleftrightarrow> ($- y = x)"
   899 by auto
   900 
   901 lemma equation_zminus_intify: "(intify(x) = $- y) \<longleftrightarrow> (intify(y) = $- x)"
   902 apply (cut_tac x = "intify (x) " and y = "intify (y) " in equation_zminus)
   903 apply auto
   904 done
   905 
   906 lemma zminus_equation_intify: "($- x = intify(y)) \<longleftrightarrow> ($- y = intify(x))"
   907 apply (cut_tac x = "intify (x) " and y = "intify (y) " in zminus_equation)
   908 apply auto
   909 done
   910 
   911 
   912 subsubsection\<open>The next several equations are permutative: watch out!\<close>
   913 
   914 lemma zless_zminus: "(x $< $- y) \<longleftrightarrow> (y $< $- x)"
   915 by (simp add: zless_def zdiff_def zadd_ac)
   916 
   917 lemma zminus_zless: "($- x $< y) \<longleftrightarrow> ($- y $< x)"
   918 by (simp add: zless_def zdiff_def zadd_ac)
   919 
   920 lemma zle_zminus: "(x $<= $- y) \<longleftrightarrow> (y $<= $- x)"
   921 by (simp add: not_zless_iff_zle [THEN iff_sym] zminus_zless)
   922 
   923 lemma zminus_zle: "($- x $<= y) \<longleftrightarrow> ($- y $<= x)"
   924 by (simp add: not_zless_iff_zle [THEN iff_sym] zless_zminus)
   925 
   926 end