src/HOL/Decision_Procs/MIR.thy
author haftmann
Fri Jan 06 10:19:48 2012 +0100 (2012-01-06)
changeset 46130 4821af078cd6
parent 45740 132a3e1c0fe5
child 46670 e9aa6d151329
permissions -rw-r--r--
prefer concat over foldl append []
     1 (*  Title:      HOL/Decision_Procs/MIR.thy
     2     Author:     Amine Chaieb
     3 *)
     4 
     5 theory MIR
     6 imports Complex_Main Dense_Linear_Order DP_Library
     7   "~~/src/HOL/Library/Efficient_Nat" "~~/src/HOL/Library/Old_Recdef"
     8 uses ("mir_tac.ML")
     9 begin
    10 
    11 section {* Quantifier elimination for @{text "\<real> (0, 1, +, floor, <)"} *}
    12 
    13 declare real_of_int_floor_cancel [simp del]
    14 
    15 lemma myle: fixes a b :: "'a::{ordered_ab_group_add}"
    16   shows "(a \<le> b) = (0 \<le> b - a)"
    17 by (metis add_0_left add_le_cancel_right diff_add_cancel)
    18 
    19 lemma myless: fixes a b :: "'a::{ordered_ab_group_add}"
    20   shows "(a < b) = (0 < b - a)"
    21 by (metis le_iff_diff_le_0 less_le_not_le myle)
    22 
    23   (* Maybe should be added to the library \<dots> *)
    24 lemma floor_int_eq: "(real n\<le> x \<and> x < real (n+1)) = (floor x = n)"
    25 proof( auto)
    26   assume lb: "real n \<le> x"
    27     and ub: "x < real n + 1"
    28   have "real (floor x) \<le> x" by simp 
    29   hence "real (floor x) < real (n + 1) " using ub by arith
    30   hence "floor x < n+1" by simp
    31   moreover from lb have "n \<le> floor x" using floor_mono[where x="real n" and y="x"] 
    32     by simp ultimately show "floor x = n" by simp
    33 qed
    34 
    35 (* Periodicity of dvd *)
    36 lemma dvd_period:
    37   assumes advdd: "(a::int) dvd d"
    38   shows "(a dvd (x + t)) = (a dvd ((x+ c*d) + t))"
    39   using advdd  
    40 proof-
    41   {fix x k
    42     from inf_period(3)[OF advdd, rule_format, where x=x and k="-k"]  
    43     have " ((a::int) dvd (x + t)) = (a dvd (x+k*d + t))" by simp}
    44   hence "\<forall>x.\<forall>k. ((a::int) dvd (x + t)) = (a dvd (x+k*d + t))"  by simp
    45   then show ?thesis by simp
    46 qed
    47 
    48 (* The Divisibility relation between reals *)
    49 definition
    50   rdvd:: "real \<Rightarrow> real \<Rightarrow> bool" (infixl "rdvd" 50)
    51 where
    52   rdvd_def: "x rdvd y \<longleftrightarrow> (\<exists>k\<Colon>int. y = x * real k)"
    53 
    54 lemma int_rdvd_real: 
    55   shows "real (i::int) rdvd x = (i dvd (floor x) \<and> real (floor x) = x)" (is "?l = ?r")
    56 proof
    57   assume "?l" 
    58   hence th: "\<exists> k. x=real (i*k)" by (simp add: rdvd_def)
    59   hence th': "real (floor x) = x" by (auto simp del: real_of_int_mult)
    60   with th have "\<exists> k. real (floor x) = real (i*k)" by simp
    61   hence "\<exists> k. floor x = i*k" by (simp only: real_of_int_inject)
    62   thus ?r  using th' by (simp add: dvd_def) 
    63 next
    64   assume "?r" hence "(i\<Colon>int) dvd \<lfloor>x\<Colon>real\<rfloor>" ..
    65   hence "\<exists> k. real (floor x) = real (i*k)" 
    66     by (simp only: real_of_int_inject) (simp add: dvd_def)
    67   thus ?l using `?r` by (simp add: rdvd_def)
    68 qed
    69 
    70 lemma int_rdvd_iff: "(real (i::int) rdvd real t) = (i dvd t)"
    71 by (auto simp add: rdvd_def dvd_def) (rule_tac x="k" in exI, simp only :real_of_int_mult[symmetric])
    72 
    73 
    74 lemma rdvd_abs1: 
    75   "(abs (real d) rdvd t) = (real (d ::int) rdvd t)"
    76 proof
    77   assume d: "real d rdvd t"
    78   from d int_rdvd_real have d2: "d dvd (floor t)" and ti: "real (floor t) = t" by auto
    79 
    80   from iffD2[OF abs_dvd_iff] d2 have "(abs d) dvd (floor t)" by blast
    81   with ti int_rdvd_real[symmetric] have "real (abs d) rdvd t" by blast 
    82   thus "abs (real d) rdvd t" by simp
    83 next
    84   assume "abs (real d) rdvd t" hence "real (abs d) rdvd t" by simp
    85   with int_rdvd_real[where i="abs d" and x="t"] have d2: "abs d dvd floor t" and ti: "real (floor t) =t" by auto
    86   from iffD1[OF abs_dvd_iff] d2 have "d dvd floor t" by blast
    87   with ti int_rdvd_real[symmetric] show "real d rdvd t" by blast
    88 qed
    89 
    90 lemma rdvd_minus: "(real (d::int) rdvd t) = (real d rdvd -t)"
    91   apply (auto simp add: rdvd_def)
    92   apply (rule_tac x="-k" in exI, simp) 
    93   apply (rule_tac x="-k" in exI, simp)
    94 done
    95 
    96 lemma rdvd_left_0_eq: "(0 rdvd t) = (t=0)"
    97 by (auto simp add: rdvd_def)
    98 
    99 lemma rdvd_mult: 
   100   assumes knz: "k\<noteq>0"
   101   shows "(real (n::int) * real (k::int) rdvd x * real k) = (real n rdvd x)"
   102 using knz by (simp add:rdvd_def)
   103 
   104   (*********************************************************************************)
   105   (****                            SHADOW SYNTAX AND SEMANTICS                  ****)
   106   (*********************************************************************************)
   107 
   108 datatype num = C int | Bound nat | CN nat int num | Neg num | Add num num| Sub num num 
   109   | Mul int num | Floor num| CF int num num
   110 
   111   (* A size for num to make inductive proofs simpler*)
   112 primrec num_size :: "num \<Rightarrow> nat" where
   113  "num_size (C c) = 1"
   114 | "num_size (Bound n) = 1"
   115 | "num_size (Neg a) = 1 + num_size a"
   116 | "num_size (Add a b) = 1 + num_size a + num_size b"
   117 | "num_size (Sub a b) = 3 + num_size a + num_size b"
   118 | "num_size (CN n c a) = 4 + num_size a "
   119 | "num_size (CF c a b) = 4 + num_size a + num_size b"
   120 | "num_size (Mul c a) = 1 + num_size a"
   121 | "num_size (Floor a) = 1 + num_size a"
   122 
   123   (* Semantics of numeral terms (num) *)
   124 primrec Inum :: "real list \<Rightarrow> num \<Rightarrow> real" where
   125   "Inum bs (C c) = (real c)"
   126 | "Inum bs (Bound n) = bs!n"
   127 | "Inum bs (CN n c a) = (real c) * (bs!n) + (Inum bs a)"
   128 | "Inum bs (Neg a) = -(Inum bs a)"
   129 | "Inum bs (Add a b) = Inum bs a + Inum bs b"
   130 | "Inum bs (Sub a b) = Inum bs a - Inum bs b"
   131 | "Inum bs (Mul c a) = (real c) * Inum bs a"
   132 | "Inum bs (Floor a) = real (floor (Inum bs a))"
   133 | "Inum bs (CF c a b) = real c * real (floor (Inum bs a)) + Inum bs b"
   134 definition "isint t bs \<equiv> real (floor (Inum bs t)) = Inum bs t"
   135 
   136 lemma isint_iff: "isint n bs = (real (floor (Inum bs n)) = Inum bs n)"
   137 by (simp add: isint_def)
   138 
   139 lemma isint_Floor: "isint (Floor n) bs"
   140   by (simp add: isint_iff)
   141 
   142 lemma isint_Mul: "isint e bs \<Longrightarrow> isint (Mul c e) bs"
   143 proof-
   144   let ?e = "Inum bs e"
   145   let ?fe = "floor ?e"
   146   assume be: "isint e bs" hence efe:"real ?fe = ?e" by (simp add: isint_iff)
   147   have "real ((floor (Inum bs (Mul c e)))) = real (floor (real (c * ?fe)))" using efe by simp
   148   also have "\<dots> = real (c* ?fe)" by (simp only: floor_real_of_int) 
   149   also have "\<dots> = real c * ?e" using efe by simp
   150   finally show ?thesis using isint_iff by simp
   151 qed
   152 
   153 lemma isint_neg: "isint e bs \<Longrightarrow> isint (Neg e) bs"
   154 proof-
   155   let ?I = "\<lambda> t. Inum bs t"
   156   assume ie: "isint e bs"
   157   hence th: "real (floor (?I e)) = ?I e" by (simp add: isint_def)  
   158   have "real (floor (?I (Neg e))) = real (floor (- (real (floor (?I e)))))" by (simp add: th)
   159   also have "\<dots> = - real (floor (?I e))" by(simp add: floor_minus_real_of_int) 
   160   finally show "isint (Neg e) bs" by (simp add: isint_def th)
   161 qed
   162 
   163 lemma isint_sub: 
   164   assumes ie: "isint e bs" shows "isint (Sub (C c) e) bs"
   165 proof-
   166   let ?I = "\<lambda> t. Inum bs t"
   167   from ie have th: "real (floor (?I e)) = ?I e" by (simp add: isint_def)  
   168   have "real (floor (?I (Sub (C c) e))) = real (floor ((real (c -floor (?I e)))))" by (simp add: th)
   169   also have "\<dots> = real (c- floor (?I e))" by(simp add: floor_minus_real_of_int) 
   170   finally show "isint (Sub (C c) e) bs" by (simp add: isint_def th)
   171 qed
   172 
   173 lemma isint_add: assumes
   174   ai:"isint a bs" and bi: "isint b bs" shows "isint (Add a b) bs"
   175 proof-
   176   let ?a = "Inum bs a"
   177   let ?b = "Inum bs b"
   178   from ai bi isint_iff have "real (floor (?a + ?b)) = real (floor (real (floor ?a) + real (floor ?b)))" by simp
   179   also have "\<dots> = real (floor ?a) + real (floor ?b)" by simp
   180   also have "\<dots> = ?a + ?b" using ai bi isint_iff by simp
   181   finally show "isint (Add a b) bs" by (simp add: isint_iff)
   182 qed
   183 
   184 lemma isint_c: "isint (C j) bs"
   185   by (simp add: isint_iff)
   186 
   187 
   188     (* FORMULAE *)
   189 datatype fm  = 
   190   T| F| Lt num| Le num| Gt num| Ge num| Eq num| NEq num| Dvd int num| NDvd int num|
   191   NOT fm| And fm fm|  Or fm fm| Imp fm fm| Iff fm fm| E fm| A fm
   192 
   193 
   194   (* A size for fm *)
   195 fun fmsize :: "fm \<Rightarrow> nat" where
   196  "fmsize (NOT p) = 1 + fmsize p"
   197 | "fmsize (And p q) = 1 + fmsize p + fmsize q"
   198 | "fmsize (Or p q) = 1 + fmsize p + fmsize q"
   199 | "fmsize (Imp p q) = 3 + fmsize p + fmsize q"
   200 | "fmsize (Iff p q) = 3 + 2*(fmsize p + fmsize q)"
   201 | "fmsize (E p) = 1 + fmsize p"
   202 | "fmsize (A p) = 4+ fmsize p"
   203 | "fmsize (Dvd i t) = 2"
   204 | "fmsize (NDvd i t) = 2"
   205 | "fmsize p = 1"
   206   (* several lemmas about fmsize *)
   207 lemma fmsize_pos: "fmsize p > 0"
   208 by (induct p rule: fmsize.induct) simp_all
   209 
   210   (* Semantics of formulae (fm) *)
   211 primrec Ifm ::"real list \<Rightarrow> fm \<Rightarrow> bool" where
   212   "Ifm bs T = True"
   213 | "Ifm bs F = False"
   214 | "Ifm bs (Lt a) = (Inum bs a < 0)"
   215 | "Ifm bs (Gt a) = (Inum bs a > 0)"
   216 | "Ifm bs (Le a) = (Inum bs a \<le> 0)"
   217 | "Ifm bs (Ge a) = (Inum bs a \<ge> 0)"
   218 | "Ifm bs (Eq a) = (Inum bs a = 0)"
   219 | "Ifm bs (NEq a) = (Inum bs a \<noteq> 0)"
   220 | "Ifm bs (Dvd i b) = (real i rdvd Inum bs b)"
   221 | "Ifm bs (NDvd i b) = (\<not>(real i rdvd Inum bs b))"
   222 | "Ifm bs (NOT p) = (\<not> (Ifm bs p))"
   223 | "Ifm bs (And p q) = (Ifm bs p \<and> Ifm bs q)"
   224 | "Ifm bs (Or p q) = (Ifm bs p \<or> Ifm bs q)"
   225 | "Ifm bs (Imp p q) = ((Ifm bs p) \<longrightarrow> (Ifm bs q))"
   226 | "Ifm bs (Iff p q) = (Ifm bs p = Ifm bs q)"
   227 | "Ifm bs (E p) = (\<exists> x. Ifm (x#bs) p)"
   228 | "Ifm bs (A p) = (\<forall> x. Ifm (x#bs) p)"
   229 
   230 consts prep :: "fm \<Rightarrow> fm"
   231 recdef prep "measure fmsize"
   232   "prep (E T) = T"
   233   "prep (E F) = F"
   234   "prep (E (Or p q)) = Or (prep (E p)) (prep (E q))"
   235   "prep (E (Imp p q)) = Or (prep (E (NOT p))) (prep (E q))"
   236   "prep (E (Iff p q)) = Or (prep (E (And p q))) (prep (E (And (NOT p) (NOT q))))" 
   237   "prep (E (NOT (And p q))) = Or (prep (E (NOT p))) (prep (E(NOT q)))"
   238   "prep (E (NOT (Imp p q))) = prep (E (And p (NOT q)))"
   239   "prep (E (NOT (Iff p q))) = Or (prep (E (And p (NOT q)))) (prep (E(And (NOT p) q)))"
   240   "prep (E p) = E (prep p)"
   241   "prep (A (And p q)) = And (prep (A p)) (prep (A q))"
   242   "prep (A p) = prep (NOT (E (NOT p)))"
   243   "prep (NOT (NOT p)) = prep p"
   244   "prep (NOT (And p q)) = Or (prep (NOT p)) (prep (NOT q))"
   245   "prep (NOT (A p)) = prep (E (NOT p))"
   246   "prep (NOT (Or p q)) = And (prep (NOT p)) (prep (NOT q))"
   247   "prep (NOT (Imp p q)) = And (prep p) (prep (NOT q))"
   248   "prep (NOT (Iff p q)) = Or (prep (And p (NOT q))) (prep (And (NOT p) q))"
   249   "prep (NOT p) = NOT (prep p)"
   250   "prep (Or p q) = Or (prep p) (prep q)"
   251   "prep (And p q) = And (prep p) (prep q)"
   252   "prep (Imp p q) = prep (Or (NOT p) q)"
   253   "prep (Iff p q) = Or (prep (And p q)) (prep (And (NOT p) (NOT q)))"
   254   "prep p = p"
   255 (hints simp add: fmsize_pos)
   256 lemma prep: "\<And> bs. Ifm bs (prep p) = Ifm bs p"
   257 by (induct p rule: prep.induct, auto)
   258 
   259 
   260   (* Quantifier freeness *)
   261 fun qfree:: "fm \<Rightarrow> bool" where
   262   "qfree (E p) = False"
   263   | "qfree (A p) = False"
   264   | "qfree (NOT p) = qfree p" 
   265   | "qfree (And p q) = (qfree p \<and> qfree q)" 
   266   | "qfree (Or  p q) = (qfree p \<and> qfree q)" 
   267   | "qfree (Imp p q) = (qfree p \<and> qfree q)" 
   268   | "qfree (Iff p q) = (qfree p \<and> qfree q)"
   269   | "qfree p = True"
   270 
   271   (* Boundedness and substitution *)
   272 primrec numbound0 :: "num \<Rightarrow> bool" (* a num is INDEPENDENT of Bound 0 *) where
   273   "numbound0 (C c) = True"
   274   | "numbound0 (Bound n) = (n>0)"
   275   | "numbound0 (CN n i a) = (n > 0 \<and> numbound0 a)"
   276   | "numbound0 (Neg a) = numbound0 a"
   277   | "numbound0 (Add a b) = (numbound0 a \<and> numbound0 b)"
   278   | "numbound0 (Sub a b) = (numbound0 a \<and> numbound0 b)" 
   279   | "numbound0 (Mul i a) = numbound0 a"
   280   | "numbound0 (Floor a) = numbound0 a"
   281   | "numbound0 (CF c a b) = (numbound0 a \<and> numbound0 b)" 
   282 
   283 lemma numbound0_I:
   284   assumes nb: "numbound0 a"
   285   shows "Inum (b#bs) a = Inum (b'#bs) a"
   286   using nb by (induct a) auto
   287 
   288 lemma numbound0_gen: 
   289   assumes nb: "numbound0 t" and ti: "isint t (x#bs)"
   290   shows "\<forall> y. isint t (y#bs)"
   291 using nb ti 
   292 proof(clarify)
   293   fix y
   294   from numbound0_I[OF nb, where bs="bs" and b="y" and b'="x"] ti[simplified isint_def]
   295   show "isint t (y#bs)"
   296     by (simp add: isint_def)
   297 qed
   298 
   299 primrec bound0:: "fm \<Rightarrow> bool" (* A Formula is independent of Bound 0 *) where
   300   "bound0 T = True"
   301   | "bound0 F = True"
   302   | "bound0 (Lt a) = numbound0 a"
   303   | "bound0 (Le a) = numbound0 a"
   304   | "bound0 (Gt a) = numbound0 a"
   305   | "bound0 (Ge a) = numbound0 a"
   306   | "bound0 (Eq a) = numbound0 a"
   307   | "bound0 (NEq a) = numbound0 a"
   308   | "bound0 (Dvd i a) = numbound0 a"
   309   | "bound0 (NDvd i a) = numbound0 a"
   310   | "bound0 (NOT p) = bound0 p"
   311   | "bound0 (And p q) = (bound0 p \<and> bound0 q)"
   312   | "bound0 (Or p q) = (bound0 p \<and> bound0 q)"
   313   | "bound0 (Imp p q) = ((bound0 p) \<and> (bound0 q))"
   314   | "bound0 (Iff p q) = (bound0 p \<and> bound0 q)"
   315   | "bound0 (E p) = False"
   316   | "bound0 (A p) = False"
   317 
   318 lemma bound0_I:
   319   assumes bp: "bound0 p"
   320   shows "Ifm (b#bs) p = Ifm (b'#bs) p"
   321  using bp numbound0_I [where b="b" and bs="bs" and b'="b'"]
   322   by (induct p) auto
   323 
   324 primrec numsubst0:: "num \<Rightarrow> num \<Rightarrow> num" (* substitute a num into a num for Bound 0 *) where
   325   "numsubst0 t (C c) = (C c)"
   326   | "numsubst0 t (Bound n) = (if n=0 then t else Bound n)"
   327   | "numsubst0 t (CN n i a) = (if n=0 then Add (Mul i t) (numsubst0 t a) else CN n i (numsubst0 t a))"
   328   | "numsubst0 t (CF i a b) = CF i (numsubst0 t a) (numsubst0 t b)"
   329   | "numsubst0 t (Neg a) = Neg (numsubst0 t a)"
   330   | "numsubst0 t (Add a b) = Add (numsubst0 t a) (numsubst0 t b)"
   331   | "numsubst0 t (Sub a b) = Sub (numsubst0 t a) (numsubst0 t b)" 
   332   | "numsubst0 t (Mul i a) = Mul i (numsubst0 t a)"
   333   | "numsubst0 t (Floor a) = Floor (numsubst0 t a)"
   334 
   335 lemma numsubst0_I:
   336   shows "Inum (b#bs) (numsubst0 a t) = Inum ((Inum (b#bs) a)#bs) t"
   337   by (induct t) simp_all
   338 
   339 primrec subst0:: "num \<Rightarrow> fm \<Rightarrow> fm" (* substitue a num into a formula for Bound 0 *) where
   340   "subst0 t T = T"
   341   | "subst0 t F = F"
   342   | "subst0 t (Lt a) = Lt (numsubst0 t a)"
   343   | "subst0 t (Le a) = Le (numsubst0 t a)"
   344   | "subst0 t (Gt a) = Gt (numsubst0 t a)"
   345   | "subst0 t (Ge a) = Ge (numsubst0 t a)"
   346   | "subst0 t (Eq a) = Eq (numsubst0 t a)"
   347   | "subst0 t (NEq a) = NEq (numsubst0 t a)"
   348   | "subst0 t (Dvd i a) = Dvd i (numsubst0 t a)"
   349   | "subst0 t (NDvd i a) = NDvd i (numsubst0 t a)"
   350   | "subst0 t (NOT p) = NOT (subst0 t p)"
   351   | "subst0 t (And p q) = And (subst0 t p) (subst0 t q)"
   352   | "subst0 t (Or p q) = Or (subst0 t p) (subst0 t q)"
   353   | "subst0 t (Imp p q) = Imp (subst0 t p) (subst0 t q)"
   354   | "subst0 t (Iff p q) = Iff (subst0 t p) (subst0 t q)"
   355 
   356 lemma subst0_I: assumes qfp: "qfree p"
   357   shows "Ifm (b#bs) (subst0 a p) = Ifm ((Inum (b#bs) a)#bs) p"
   358   using qfp numsubst0_I[where b="b" and bs="bs" and a="a"]
   359   by (induct p) simp_all
   360 
   361 fun decrnum:: "num \<Rightarrow> num" where
   362   "decrnum (Bound n) = Bound (n - 1)"
   363 | "decrnum (Neg a) = Neg (decrnum a)"
   364 | "decrnum (Add a b) = Add (decrnum a) (decrnum b)"
   365 | "decrnum (Sub a b) = Sub (decrnum a) (decrnum b)"
   366 | "decrnum (Mul c a) = Mul c (decrnum a)"
   367 | "decrnum (Floor a) = Floor (decrnum a)"
   368 | "decrnum (CN n c a) = CN (n - 1) c (decrnum a)"
   369 | "decrnum (CF c a b) = CF c (decrnum a) (decrnum b)"
   370 | "decrnum a = a"
   371 
   372 fun decr :: "fm \<Rightarrow> fm" where
   373   "decr (Lt a) = Lt (decrnum a)"
   374 | "decr (Le a) = Le (decrnum a)"
   375 | "decr (Gt a) = Gt (decrnum a)"
   376 | "decr (Ge a) = Ge (decrnum a)"
   377 | "decr (Eq a) = Eq (decrnum a)"
   378 | "decr (NEq a) = NEq (decrnum a)"
   379 | "decr (Dvd i a) = Dvd i (decrnum a)"
   380 | "decr (NDvd i a) = NDvd i (decrnum a)"
   381 | "decr (NOT p) = NOT (decr p)" 
   382 | "decr (And p q) = And (decr p) (decr q)"
   383 | "decr (Or p q) = Or (decr p) (decr q)"
   384 | "decr (Imp p q) = Imp (decr p) (decr q)"
   385 | "decr (Iff p q) = Iff (decr p) (decr q)"
   386 | "decr p = p"
   387 
   388 lemma decrnum: assumes nb: "numbound0 t"
   389   shows "Inum (x#bs) t = Inum bs (decrnum t)"
   390   using nb by (induct t rule: decrnum.induct, simp_all)
   391 
   392 lemma decr: assumes nb: "bound0 p"
   393   shows "Ifm (x#bs) p = Ifm bs (decr p)"
   394   using nb 
   395   by (induct p rule: decr.induct, simp_all add: decrnum)
   396 
   397 lemma decr_qf: "bound0 p \<Longrightarrow> qfree (decr p)"
   398 by (induct p, simp_all)
   399 
   400 fun isatom :: "fm \<Rightarrow> bool" (* test for atomicity *) where
   401   "isatom T = True"
   402 | "isatom F = True"
   403 | "isatom (Lt a) = True"
   404 | "isatom (Le a) = True"
   405 | "isatom (Gt a) = True"
   406 | "isatom (Ge a) = True"
   407 | "isatom (Eq a) = True"
   408 | "isatom (NEq a) = True"
   409 | "isatom (Dvd i b) = True"
   410 | "isatom (NDvd i b) = True"
   411 | "isatom p = False"
   412 
   413 lemma numsubst0_numbound0: assumes nb: "numbound0 t"
   414   shows "numbound0 (numsubst0 t a)"
   415 using nb by (induct a, auto)
   416 
   417 lemma subst0_bound0: assumes qf: "qfree p" and nb: "numbound0 t"
   418   shows "bound0 (subst0 t p)"
   419 using qf numsubst0_numbound0[OF nb] by (induct p, auto)
   420 
   421 lemma bound0_qf: "bound0 p \<Longrightarrow> qfree p"
   422 by (induct p, simp_all)
   423 
   424 
   425 definition djf:: "('a \<Rightarrow> fm) \<Rightarrow> 'a \<Rightarrow> fm \<Rightarrow> fm" where
   426   "djf f p q = (if q=T then T else if q=F then f p else 
   427   (let fp = f p in case fp of T \<Rightarrow> T | F \<Rightarrow> q | _ \<Rightarrow> Or fp q))"
   428 
   429 definition evaldjf:: "('a \<Rightarrow> fm) \<Rightarrow> 'a list \<Rightarrow> fm" where
   430   "evaldjf f ps = foldr (djf f) ps F"
   431 
   432 lemma djf_Or: "Ifm bs (djf f p q) = Ifm bs (Or (f p) q)"
   433 by (cases "q=T", simp add: djf_def,cases "q=F",simp add: djf_def) 
   434 (cases "f p", simp_all add: Let_def djf_def) 
   435 
   436 lemma evaldjf_ex: "Ifm bs (evaldjf f ps) = (\<exists> p \<in> set ps. Ifm bs (f p))"
   437   by(induct ps, simp_all add: evaldjf_def djf_Or)
   438 
   439 lemma evaldjf_bound0: 
   440   assumes nb: "\<forall> x\<in> set xs. bound0 (f x)"
   441   shows "bound0 (evaldjf f xs)"
   442   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   443 
   444 lemma evaldjf_qf: 
   445   assumes nb: "\<forall> x\<in> set xs. qfree (f x)"
   446   shows "qfree (evaldjf f xs)"
   447   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   448 
   449 fun disjuncts :: "fm \<Rightarrow> fm list" where
   450   "disjuncts (Or p q) = (disjuncts p) @ (disjuncts q)"
   451 | "disjuncts F = []"
   452 | "disjuncts p = [p]"
   453 
   454 fun conjuncts :: "fm \<Rightarrow> fm list" where
   455   "conjuncts (And p q) = (conjuncts p) @ (conjuncts q)"
   456 | "conjuncts T = []"
   457 | "conjuncts p = [p]"
   458 
   459 lemma conjuncts: "(\<forall> q\<in> set (conjuncts p). Ifm bs q) = Ifm bs p"
   460 by(induct p rule: conjuncts.induct, auto)
   461 
   462 lemma disjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). qfree q"
   463 proof-
   464   assume qf: "qfree p"
   465   hence "list_all qfree (disjuncts p)"
   466     by (induct p rule: disjuncts.induct, auto)
   467   thus ?thesis by (simp only: list_all_iff)
   468 qed
   469 lemma conjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). qfree q"
   470 proof-
   471   assume qf: "qfree p"
   472   hence "list_all qfree (conjuncts p)"
   473     by (induct p rule: conjuncts.induct, auto)
   474   thus ?thesis by (simp only: list_all_iff)
   475 qed
   476 
   477 definition DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
   478   "DJ f p \<equiv> evaldjf f (disjuncts p)"
   479 
   480 lemma DJ: assumes fdj: "\<forall> p q. f (Or p q) = Or (f p) (f q)"
   481   and fF: "f F = F"
   482   shows "Ifm bs (DJ f p) = Ifm bs (f p)"
   483 proof-
   484   have "Ifm bs (DJ f p) = (\<exists> q \<in> set (disjuncts p). Ifm bs (f q))"
   485     by (simp add: DJ_def evaldjf_ex) 
   486   also have "\<dots> = Ifm bs (f p)" using fdj fF by (induct p rule: disjuncts.induct, auto)
   487   finally show ?thesis .
   488 qed
   489 
   490 lemma DJ_qf: assumes 
   491   fqf: "\<forall> p. qfree p \<longrightarrow> qfree (f p)"
   492   shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p) "
   493 proof(clarify)
   494   fix  p assume qf: "qfree p"
   495   have th: "DJ f p = evaldjf f (disjuncts p)" by (simp add: DJ_def)
   496   from disjuncts_qf[OF qf] have "\<forall> q\<in> set (disjuncts p). qfree q" .
   497   with fqf have th':"\<forall> q\<in> set (disjuncts p). qfree (f q)" by blast
   498   
   499   from evaldjf_qf[OF th'] th show "qfree (DJ f p)" by simp
   500 qed
   501 
   502 lemma DJ_qe: assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
   503   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (DJ qe p) \<and> (Ifm bs ((DJ qe p)) = Ifm bs (E p))"
   504 proof(clarify)
   505   fix p::fm and bs
   506   assume qf: "qfree p"
   507   from qe have qth: "\<forall> p. qfree p \<longrightarrow> qfree (qe p)" by blast
   508   from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)" by auto
   509   have "Ifm bs (DJ qe p) = (\<exists> q\<in> set (disjuncts p). Ifm bs (qe q))"
   510     by (simp add: DJ_def evaldjf_ex)
   511   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). Ifm bs (E q))" using qe disjuncts_qf[OF qf] by auto
   512   also have "\<dots> = Ifm bs (E p)" by (induct p rule: disjuncts.induct, auto)
   513   finally show "qfree (DJ qe p) \<and> Ifm bs (DJ qe p) = Ifm bs (E p)" using qfth by blast
   514 qed
   515   (* Simplification *)
   516 
   517   (* Algebraic simplifications for nums *)
   518 fun bnds:: "num \<Rightarrow> nat list" where
   519   "bnds (Bound n) = [n]"
   520 | "bnds (CN n c a) = n#(bnds a)"
   521 | "bnds (Neg a) = bnds a"
   522 | "bnds (Add a b) = (bnds a)@(bnds b)"
   523 | "bnds (Sub a b) = (bnds a)@(bnds b)"
   524 | "bnds (Mul i a) = bnds a"
   525 | "bnds (Floor a) = bnds a"
   526 | "bnds (CF c a b) = (bnds a)@(bnds b)"
   527 | "bnds a = []"
   528 fun lex_ns:: "nat list \<Rightarrow> nat list \<Rightarrow> bool" where
   529   "lex_ns [] ms = True"
   530 | "lex_ns ns [] = False"
   531 | "lex_ns (n#ns) (m#ms) = (n<m \<or> ((n = m) \<and> lex_ns ns ms)) "
   532 definition lex_bnd :: "num \<Rightarrow> num \<Rightarrow> bool" where
   533   "lex_bnd t s \<equiv> lex_ns (bnds t) (bnds s)"
   534 
   535 fun maxcoeff:: "num \<Rightarrow> int" where
   536   "maxcoeff (C i) = abs i"
   537 | "maxcoeff (CN n c t) = max (abs c) (maxcoeff t)"
   538 | "maxcoeff (CF c t s) = max (abs c) (maxcoeff s)"
   539 | "maxcoeff t = 1"
   540 
   541 lemma maxcoeff_pos: "maxcoeff t \<ge> 0"
   542   apply (induct t rule: maxcoeff.induct, auto) 
   543   done
   544 
   545 fun numgcdh:: "num \<Rightarrow> int \<Rightarrow> int" where
   546   "numgcdh (C i) = (\<lambda>g. gcd i g)"
   547 | "numgcdh (CN n c t) = (\<lambda>g. gcd c (numgcdh t g))"
   548 | "numgcdh (CF c s t) = (\<lambda>g. gcd c (numgcdh t g))"
   549 | "numgcdh t = (\<lambda>g. 1)"
   550 
   551 definition
   552   numgcd :: "num \<Rightarrow> int"
   553 where
   554   numgcd_def: "numgcd t = numgcdh t (maxcoeff t)"
   555 
   556 fun reducecoeffh:: "num \<Rightarrow> int \<Rightarrow> num" where
   557   "reducecoeffh (C i) = (\<lambda> g. C (i div g))"
   558 | "reducecoeffh (CN n c t) = (\<lambda> g. CN n (c div g) (reducecoeffh t g))"
   559 | "reducecoeffh (CF c s t) = (\<lambda> g. CF (c div g)  s (reducecoeffh t g))"
   560 | "reducecoeffh t = (\<lambda>g. t)"
   561 
   562 definition
   563   reducecoeff :: "num \<Rightarrow> num"
   564 where
   565   reducecoeff_def: "reducecoeff t =
   566   (let g = numgcd t in 
   567   if g = 0 then C 0 else if g=1 then t else reducecoeffh t g)"
   568 
   569 fun dvdnumcoeff:: "num \<Rightarrow> int \<Rightarrow> bool" where
   570   "dvdnumcoeff (C i) = (\<lambda> g. g dvd i)"
   571 | "dvdnumcoeff (CN n c t) = (\<lambda> g. g dvd c \<and> (dvdnumcoeff t g))"
   572 | "dvdnumcoeff (CF c s t) = (\<lambda> g. g dvd c \<and> (dvdnumcoeff t g))"
   573 | "dvdnumcoeff t = (\<lambda>g. False)"
   574 
   575 lemma dvdnumcoeff_trans: 
   576   assumes gdg: "g dvd g'" and dgt':"dvdnumcoeff t g'"
   577   shows "dvdnumcoeff t g"
   578   using dgt' gdg 
   579   by (induct t rule: dvdnumcoeff.induct, simp_all add: gdg dvd_trans[OF gdg])
   580 
   581 declare dvd_trans [trans add]
   582 
   583 lemma numgcd0:
   584   assumes g0: "numgcd t = 0"
   585   shows "Inum bs t = 0"
   586 proof-
   587   have "\<And>x. numgcdh t x= 0 \<Longrightarrow> Inum bs t = 0"
   588     by (induct t rule: numgcdh.induct, auto)
   589   thus ?thesis using g0[simplified numgcd_def] by blast
   590 qed
   591 
   592 lemma numgcdh_pos: assumes gp: "g \<ge> 0" shows "numgcdh t g \<ge> 0"
   593   using gp
   594   by (induct t rule: numgcdh.induct, auto)
   595 
   596 lemma numgcd_pos: "numgcd t \<ge>0"
   597   by (simp add: numgcd_def numgcdh_pos maxcoeff_pos)
   598 
   599 lemma reducecoeffh:
   600   assumes gt: "dvdnumcoeff t g" and gp: "g > 0" 
   601   shows "real g *(Inum bs (reducecoeffh t g)) = Inum bs t"
   602   using gt
   603 proof(induct t rule: reducecoeffh.induct) 
   604   case (1 i) hence gd: "g dvd i" by simp
   605   from gp have gnz: "g \<noteq> 0" by simp
   606   from assms 1 show ?case by (simp add: real_of_int_div[OF gnz gd])
   607 next
   608   case (2 n c t)  hence gd: "g dvd c" by simp
   609   from gp have gnz: "g \<noteq> 0" by simp
   610   from assms 2 show ?case by (simp add: real_of_int_div[OF gnz gd] algebra_simps)
   611 next
   612   case (3 c s t)  hence gd: "g dvd c" by simp
   613   from gp have gnz: "g \<noteq> 0" by simp
   614   from assms 3 show ?case by (simp add: real_of_int_div[OF gnz gd] algebra_simps) 
   615 qed (auto simp add: numgcd_def gp)
   616 
   617 fun ismaxcoeff:: "num \<Rightarrow> int \<Rightarrow> bool" where
   618   "ismaxcoeff (C i) = (\<lambda> x. abs i \<le> x)"
   619 | "ismaxcoeff (CN n c t) = (\<lambda>x. abs c \<le> x \<and> (ismaxcoeff t x))"
   620 | "ismaxcoeff (CF c s t) = (\<lambda>x. abs c \<le> x \<and> (ismaxcoeff t x))"
   621 | "ismaxcoeff t = (\<lambda>x. True)"
   622 
   623 lemma ismaxcoeff_mono: "ismaxcoeff t c \<Longrightarrow> c \<le> c' \<Longrightarrow> ismaxcoeff t c'"
   624 by (induct t rule: ismaxcoeff.induct, auto)
   625 
   626 lemma maxcoeff_ismaxcoeff: "ismaxcoeff t (maxcoeff t)"
   627 proof (induct t rule: maxcoeff.induct)
   628   case (2 n c t)
   629   hence H:"ismaxcoeff t (maxcoeff t)" .
   630   have thh: "maxcoeff t \<le> max (abs c) (maxcoeff t)" by simp
   631   from ismaxcoeff_mono[OF H thh] show ?case by (simp add: le_maxI1)
   632 next
   633   case (3 c t s) 
   634   hence H1:"ismaxcoeff s (maxcoeff s)" by auto
   635   have thh1: "maxcoeff s \<le> max \<bar>c\<bar> (maxcoeff s)" by (simp add: max_def)
   636   from ismaxcoeff_mono[OF H1 thh1] show ?case by (simp add: le_maxI1)
   637 qed simp_all
   638 
   639 lemma zgcd_gt1: "gcd i j > (1::int) \<Longrightarrow> ((abs i > 1 \<and> abs j > 1) \<or> (abs i = 0 \<and> abs j > 1) \<or> (abs i > 1 \<and> abs j = 0))"
   640   apply (unfold gcd_int_def)
   641   apply (cases "i = 0", simp_all)
   642   apply (cases "j = 0", simp_all)
   643   apply (cases "abs i = 1", simp_all)
   644   apply (cases "abs j = 1", simp_all)
   645   apply auto
   646   done
   647 lemma numgcdh0:"numgcdh t m = 0 \<Longrightarrow>  m =0"
   648   by (induct t rule: numgcdh.induct) auto
   649 
   650 lemma dvdnumcoeff_aux:
   651   assumes "ismaxcoeff t m" and mp:"m \<ge> 0" and "numgcdh t m > 1"
   652   shows "dvdnumcoeff t (numgcdh t m)"
   653 using assms
   654 proof(induct t rule: numgcdh.induct)
   655   case (2 n c t) 
   656   let ?g = "numgcdh t m"
   657   from 2 have th:"gcd c ?g > 1" by simp
   658   from zgcd_gt1[OF th] numgcdh_pos[OF mp, where t="t"]
   659   have "(abs c > 1 \<and> ?g > 1) \<or> (abs c = 0 \<and> ?g > 1) \<or> (abs c > 1 \<and> ?g = 0)" by simp
   660   moreover {assume "abs c > 1" and gp: "?g > 1" with 2
   661     have th: "dvdnumcoeff t ?g" by simp
   662     have th': "gcd c ?g dvd ?g" by simp
   663     from dvdnumcoeff_trans[OF th' th] have ?case by simp }
   664   moreover {assume "abs c = 0 \<and> ?g > 1"
   665     with 2 have th: "dvdnumcoeff t ?g" by simp
   666     have th': "gcd c ?g dvd ?g" by simp
   667     from dvdnumcoeff_trans[OF th' th] have ?case by simp
   668     hence ?case by simp }
   669   moreover {assume "abs c > 1" and g0:"?g = 0" 
   670     from numgcdh0[OF g0] have "m=0". with 2 g0 have ?case by simp }
   671   ultimately show ?case by blast
   672 next
   673   case (3 c s t) 
   674   let ?g = "numgcdh t m"
   675   from 3 have th:"gcd c ?g > 1" by simp
   676   from zgcd_gt1[OF th] numgcdh_pos[OF mp, where t="t"]
   677   have "(abs c > 1 \<and> ?g > 1) \<or> (abs c = 0 \<and> ?g > 1) \<or> (abs c > 1 \<and> ?g = 0)" by simp
   678   moreover {assume "abs c > 1" and gp: "?g > 1" with 3
   679     have th: "dvdnumcoeff t ?g" by simp
   680     have th': "gcd c ?g dvd ?g" by simp
   681     from dvdnumcoeff_trans[OF th' th] have ?case by simp }
   682   moreover {assume "abs c = 0 \<and> ?g > 1"
   683     with 3 have th: "dvdnumcoeff t ?g" by simp
   684     have th': "gcd c ?g dvd ?g" by simp
   685     from dvdnumcoeff_trans[OF th' th] have ?case by simp
   686     hence ?case by simp }
   687   moreover {assume "abs c > 1" and g0:"?g = 0" 
   688     from numgcdh0[OF g0] have "m=0". with 3 g0 have ?case by simp }
   689   ultimately show ?case by blast
   690 qed auto
   691 
   692 lemma dvdnumcoeff_aux2:
   693   assumes "numgcd t > 1" shows "dvdnumcoeff t (numgcd t) \<and> numgcd t > 0"
   694   using assms 
   695 proof (simp add: numgcd_def)
   696   let ?mc = "maxcoeff t"
   697   let ?g = "numgcdh t ?mc"
   698   have th1: "ismaxcoeff t ?mc" by (rule maxcoeff_ismaxcoeff)
   699   have th2: "?mc \<ge> 0" by (rule maxcoeff_pos)
   700   assume H: "numgcdh t ?mc > 1"
   701   from dvdnumcoeff_aux[OF th1 th2 H] show "dvdnumcoeff t ?g" .
   702 qed
   703 
   704 lemma reducecoeff: "real (numgcd t) * (Inum bs (reducecoeff t)) = Inum bs t"
   705 proof-
   706   let ?g = "numgcd t"
   707   have "?g \<ge> 0"  by (simp add: numgcd_pos)
   708   hence "?g = 0 \<or> ?g = 1 \<or> ?g > 1" by auto
   709   moreover {assume "?g = 0" hence ?thesis by (simp add: numgcd0)} 
   710   moreover {assume "?g = 1" hence ?thesis by (simp add: reducecoeff_def)} 
   711   moreover { assume g1:"?g > 1"
   712     from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff t ?g" and g0: "?g > 0" by blast+
   713     from reducecoeffh[OF th1 g0, where bs="bs"] g1 have ?thesis 
   714       by (simp add: reducecoeff_def Let_def)} 
   715   ultimately show ?thesis by blast
   716 qed
   717 
   718 lemma reducecoeffh_numbound0: "numbound0 t \<Longrightarrow> numbound0 (reducecoeffh t g)"
   719 by (induct t rule: reducecoeffh.induct, auto)
   720 
   721 lemma reducecoeff_numbound0: "numbound0 t \<Longrightarrow> numbound0 (reducecoeff t)"
   722 using reducecoeffh_numbound0 by (simp add: reducecoeff_def Let_def)
   723 
   724 consts
   725   numadd:: "num \<times> num \<Rightarrow> num"
   726 
   727 recdef numadd "measure (\<lambda> (t,s). size t + size s)"
   728   "numadd (CN n1 c1 r1,CN n2 c2 r2) =
   729   (if n1=n2 then 
   730   (let c = c1 + c2
   731   in (if c=0 then numadd(r1,r2) else CN n1 c (numadd (r1,r2))))
   732   else if n1 \<le> n2 then CN n1 c1 (numadd (r1,CN n2 c2 r2))
   733   else (CN n2 c2 (numadd (CN n1 c1 r1,r2))))"
   734   "numadd (CN n1 c1 r1,t) = CN n1 c1 (numadd (r1, t))"  
   735   "numadd (t,CN n2 c2 r2) = CN n2 c2 (numadd (t,r2))" 
   736   "numadd (CF c1 t1 r1,CF c2 t2 r2) = 
   737    (if t1 = t2 then 
   738     (let c=c1+c2; s= numadd(r1,r2) in (if c=0 then s else CF c t1 s))
   739    else if lex_bnd t1 t2 then CF c1 t1 (numadd(r1,CF c2 t2 r2))
   740    else CF c2 t2 (numadd(CF c1 t1 r1,r2)))"
   741   "numadd (CF c1 t1 r1,C c) = CF c1 t1 (numadd (r1, C c))"
   742   "numadd (C c,CF c1 t1 r1) = CF c1 t1 (numadd (r1, C c))"
   743   "numadd (C b1, C b2) = C (b1+b2)"
   744   "numadd (a,b) = Add a b"
   745 
   746 lemma numadd[simp]: "Inum bs (numadd (t,s)) = Inum bs (Add t s)"
   747 apply (induct t s rule: numadd.induct, simp_all add: Let_def)
   748  apply (case_tac "c1+c2 = 0",case_tac "n1 \<le> n2", simp_all)
   749   apply (case_tac "n1 = n2", simp_all add: algebra_simps)
   750   apply (simp only: left_distrib[symmetric])
   751  apply simp
   752 apply (case_tac "lex_bnd t1 t2", simp_all)
   753  apply (case_tac "c1+c2 = 0")
   754   by (case_tac "t1 = t2", simp_all add: algebra_simps left_distrib[symmetric] real_of_int_mult[symmetric] real_of_int_add[symmetric]del: real_of_int_mult real_of_int_add left_distrib)
   755 
   756 lemma numadd_nb[simp]: "\<lbrakk> numbound0 t ; numbound0 s\<rbrakk> \<Longrightarrow> numbound0 (numadd (t,s))"
   757 by (induct t s rule: numadd.induct, auto simp add: Let_def)
   758 
   759 fun nummul:: "num \<Rightarrow> int \<Rightarrow> num" where
   760   "nummul (C j) = (\<lambda> i. C (i*j))"
   761 | "nummul (CN n c t) = (\<lambda> i. CN n (c*i) (nummul t i))"
   762 | "nummul (CF c t s) = (\<lambda> i. CF (c*i) t (nummul s i))"
   763 | "nummul (Mul c t) = (\<lambda> i. nummul t (i*c))"
   764 | "nummul t = (\<lambda> i. Mul i t)"
   765 
   766 lemma nummul[simp]: "\<And> i. Inum bs (nummul t i) = Inum bs (Mul i t)"
   767 by (induct t rule: nummul.induct, auto simp add: algebra_simps)
   768 
   769 lemma nummul_nb[simp]: "\<And> i. numbound0 t \<Longrightarrow> numbound0 (nummul t i)"
   770 by (induct t rule: nummul.induct, auto)
   771 
   772 definition numneg :: "num \<Rightarrow> num" where
   773   "numneg t \<equiv> nummul t (- 1)"
   774 
   775 definition numsub :: "num \<Rightarrow> num \<Rightarrow> num" where
   776   "numsub s t \<equiv> (if s = t then C 0 else numadd (s,numneg t))"
   777 
   778 lemma numneg[simp]: "Inum bs (numneg t) = Inum bs (Neg t)"
   779 using numneg_def nummul by simp
   780 
   781 lemma numneg_nb[simp]: "numbound0 t \<Longrightarrow> numbound0 (numneg t)"
   782 using numneg_def by simp
   783 
   784 lemma numsub[simp]: "Inum bs (numsub a b) = Inum bs (Sub a b)"
   785 using numsub_def by simp
   786 
   787 lemma numsub_nb[simp]: "\<lbrakk> numbound0 t ; numbound0 s\<rbrakk> \<Longrightarrow> numbound0 (numsub t s)"
   788 using numsub_def by simp
   789 
   790 lemma isint_CF: assumes si: "isint s bs" shows "isint (CF c t s) bs"
   791 proof-
   792   have cti: "isint (Mul c (Floor t)) bs" by (simp add: isint_Mul isint_Floor)
   793   
   794   have "?thesis = isint (Add (Mul c (Floor t)) s) bs" by (simp add: isint_def)
   795   also have "\<dots>" by (simp add: isint_add cti si)
   796   finally show ?thesis .
   797 qed
   798 
   799 fun split_int:: "num \<Rightarrow> num \<times> num" where
   800   "split_int (C c) = (C 0, C c)"
   801 | "split_int (CN n c b) = 
   802      (let (bv,bi) = split_int b 
   803        in (CN n c bv, bi))"
   804 | "split_int (CF c a b) = 
   805      (let (bv,bi) = split_int b 
   806        in (bv, CF c a bi))"
   807 | "split_int a = (a,C 0)"
   808 
   809 lemma split_int: "\<And>tv ti. split_int t = (tv,ti) \<Longrightarrow> (Inum bs (Add tv ti) = Inum bs t) \<and> isint ti bs"
   810 proof (induct t rule: split_int.induct)
   811   case (2 c n b tv ti)
   812   let ?bv = "fst (split_int b)"
   813   let ?bi = "snd (split_int b)"
   814   have "split_int b = (?bv,?bi)" by simp
   815   with 2(1) have b:"Inum bs (Add ?bv ?bi) = Inum bs b" and bii: "isint ?bi bs" by blast+
   816   from 2(2) have tibi: "ti = ?bi" by (simp add: Let_def split_def)
   817   from 2(2) b[symmetric] bii show ?case by (auto simp add: Let_def split_def)
   818 next
   819   case (3 c a b tv ti) 
   820   let ?bv = "fst (split_int b)"
   821   let ?bi = "snd (split_int b)"
   822   have "split_int b = (?bv,?bi)" by simp
   823   with 3(1) have b:"Inum bs (Add ?bv ?bi) = Inum bs b" and bii: "isint ?bi bs" by blast+
   824   from 3(2) have tibi: "ti = CF c a ?bi"
   825     by (simp add: Let_def split_def)
   826   from 3(2) b[symmetric] bii show ?case
   827     by (auto simp add: Let_def split_def isint_Floor isint_add isint_Mul isint_CF)
   828 qed (auto simp add: Let_def isint_iff isint_Floor isint_add isint_Mul split_def algebra_simps)
   829 
   830 lemma split_int_nb: "numbound0 t \<Longrightarrow> numbound0 (fst (split_int t)) \<and> numbound0 (snd (split_int t)) "
   831   by (induct t rule: split_int.induct) (auto simp add: Let_def split_def)
   832 
   833 definition numfloor:: "num \<Rightarrow> num"
   834 where
   835   "numfloor t = (let (tv,ti) = split_int t in 
   836   (case tv of C i \<Rightarrow> numadd (tv,ti) 
   837   | _ \<Rightarrow> numadd(CF 1 tv (C 0),ti)))"
   838 
   839 lemma numfloor[simp]: "Inum bs (numfloor t) = Inum bs (Floor t)" (is "?n t = ?N (Floor t)")
   840 proof-
   841   let ?tv = "fst (split_int t)"
   842   let ?ti = "snd (split_int t)"
   843   have tvti:"split_int t = (?tv,?ti)" by simp
   844   {assume H: "\<forall> v. ?tv \<noteq> C v"
   845     hence th1: "?n t = ?N (Add (Floor ?tv) ?ti)" 
   846       by (cases ?tv, auto simp add: numfloor_def Let_def split_def numadd)
   847     from split_int[OF tvti] have "?N (Floor t) = ?N (Floor(Add ?tv ?ti))" and tii:"isint ?ti bs" by simp+
   848     hence "?N (Floor t) = real (floor (?N (Add ?tv ?ti)))" by simp 
   849     also have "\<dots> = real (floor (?N ?tv) + (floor (?N ?ti)))"
   850       by (simp,subst tii[simplified isint_iff, symmetric]) simp
   851     also have "\<dots> = ?N (Add (Floor ?tv) ?ti)" by (simp add: tii[simplified isint_iff])
   852     finally have ?thesis using th1 by simp}
   853   moreover {fix v assume H:"?tv = C v" 
   854     from split_int[OF tvti] have "?N (Floor t) = ?N (Floor(Add ?tv ?ti))" and tii:"isint ?ti bs" by simp+
   855     hence "?N (Floor t) = real (floor (?N (Add ?tv ?ti)))" by simp 
   856     also have "\<dots> = real (floor (?N ?tv) + (floor (?N ?ti)))"
   857       by (simp,subst tii[simplified isint_iff, symmetric]) simp
   858     also have "\<dots> = ?N (Add (Floor ?tv) ?ti)" by (simp add: tii[simplified isint_iff])
   859     finally have ?thesis by (simp add: H numfloor_def Let_def split_def numadd) }
   860   ultimately show ?thesis by auto
   861 qed
   862 
   863 lemma numfloor_nb[simp]: "numbound0 t \<Longrightarrow> numbound0 (numfloor t)"
   864   using split_int_nb[where t="t"]
   865   by (cases "fst(split_int t)" , auto simp add: numfloor_def Let_def split_def  numadd_nb)
   866 
   867 function simpnum:: "num \<Rightarrow> num" where
   868   "simpnum (C j) = C j"
   869 | "simpnum (Bound n) = CN n 1 (C 0)"
   870 | "simpnum (Neg t) = numneg (simpnum t)"
   871 | "simpnum (Add t s) = numadd (simpnum t,simpnum s)"
   872 | "simpnum (Sub t s) = numsub (simpnum t) (simpnum s)"
   873 | "simpnum (Mul i t) = (if i = 0 then (C 0) else nummul (simpnum t) i)"
   874 | "simpnum (Floor t) = numfloor (simpnum t)"
   875 | "simpnum (CN n c t) = (if c=0 then simpnum t else CN n c (simpnum t))"
   876 | "simpnum (CF c t s) = simpnum(Add (Mul c (Floor t)) s)"
   877 by pat_completeness auto
   878 termination by (relation "measure num_size") auto
   879 
   880 lemma simpnum_ci[simp]: "Inum bs (simpnum t) = Inum bs t"
   881 by (induct t rule: simpnum.induct, auto)
   882 
   883 lemma simpnum_numbound0[simp]: 
   884   "numbound0 t \<Longrightarrow> numbound0 (simpnum t)"
   885 by (induct t rule: simpnum.induct, auto)
   886 
   887 fun nozerocoeff:: "num \<Rightarrow> bool" where
   888   "nozerocoeff (C c) = True"
   889 | "nozerocoeff (CN n c t) = (c\<noteq>0 \<and> nozerocoeff t)"
   890 | "nozerocoeff (CF c s t) = (c \<noteq> 0 \<and> nozerocoeff t)"
   891 | "nozerocoeff (Mul c t) = (c\<noteq>0 \<and> nozerocoeff t)"
   892 | "nozerocoeff t = True"
   893 
   894 lemma numadd_nz : "nozerocoeff a \<Longrightarrow> nozerocoeff b \<Longrightarrow> nozerocoeff (numadd (a,b))"
   895 by (induct a b rule: numadd.induct,auto simp add: Let_def)
   896 
   897 lemma nummul_nz : "\<And> i. i\<noteq>0 \<Longrightarrow> nozerocoeff a \<Longrightarrow> nozerocoeff (nummul a i)"
   898   by (induct a rule: nummul.induct,auto simp add: Let_def numadd_nz)
   899 
   900 lemma numneg_nz : "nozerocoeff a \<Longrightarrow> nozerocoeff (numneg a)"
   901 by (simp add: numneg_def nummul_nz)
   902 
   903 lemma numsub_nz: "nozerocoeff a \<Longrightarrow> nozerocoeff b \<Longrightarrow> nozerocoeff (numsub a b)"
   904 by (simp add: numsub_def numneg_nz numadd_nz)
   905 
   906 lemma split_int_nz: "nozerocoeff t \<Longrightarrow> nozerocoeff (fst (split_int t)) \<and> nozerocoeff (snd (split_int t))"
   907 by (induct t rule: split_int.induct,auto simp add: Let_def split_def)
   908 
   909 lemma numfloor_nz: "nozerocoeff t \<Longrightarrow> nozerocoeff (numfloor t)"
   910 by (simp add: numfloor_def Let_def split_def)
   911 (cases "fst (split_int t)", simp_all add: split_int_nz numadd_nz)
   912 
   913 lemma simpnum_nz: "nozerocoeff (simpnum t)"
   914 by(induct t rule: simpnum.induct, auto simp add: numadd_nz numneg_nz numsub_nz nummul_nz numfloor_nz)
   915 
   916 lemma maxcoeff_nz: "nozerocoeff t \<Longrightarrow> maxcoeff t = 0 \<Longrightarrow> t = C 0"
   917 proof (induct t rule: maxcoeff.induct)
   918   case (2 n c t)
   919   hence cnz: "c \<noteq>0" and mx: "max (abs c) (maxcoeff t) = 0" by simp+
   920   have "max (abs c) (maxcoeff t) \<ge> abs c" by (simp add: le_maxI1)
   921   with cnz have "max (abs c) (maxcoeff t) > 0" by arith
   922   with 2 show ?case by simp
   923 next
   924   case (3 c s t) 
   925   hence cnz: "c \<noteq>0" and mx: "max (abs c) (maxcoeff t) = 0" by simp+
   926   have "max (abs c) (maxcoeff t) \<ge> abs c" by (simp add: le_maxI1)
   927   with cnz have "max (abs c) (maxcoeff t) > 0" by arith
   928   with 3 show ?case by simp
   929 qed auto
   930 
   931 lemma numgcd_nz: assumes nz: "nozerocoeff t" and g0: "numgcd t = 0" shows "t = C 0"
   932 proof-
   933   from g0 have th:"numgcdh t (maxcoeff t) = 0" by (simp add: numgcd_def)
   934   from numgcdh0[OF th]  have th:"maxcoeff t = 0" .
   935   from maxcoeff_nz[OF nz th] show ?thesis .
   936 qed
   937 
   938 definition simp_num_pair :: "(num \<times> int) \<Rightarrow> num \<times> int" where
   939   "simp_num_pair \<equiv> (\<lambda> (t,n). (if n = 0 then (C 0, 0) else
   940    (let t' = simpnum t ; g = numgcd t' in 
   941       if g > 1 then (let g' = gcd n g in 
   942         if g' = 1 then (t',n) 
   943         else (reducecoeffh t' g', n div g')) 
   944       else (t',n))))"
   945 
   946 lemma simp_num_pair_ci:
   947   shows "((\<lambda> (t,n). Inum bs t / real n) (simp_num_pair (t,n))) = ((\<lambda> (t,n). Inum bs t / real n) (t,n))"
   948   (is "?lhs = ?rhs")
   949 proof-
   950   let ?t' = "simpnum t"
   951   let ?g = "numgcd ?t'"
   952   let ?g' = "gcd n ?g"
   953   {assume nz: "n = 0" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
   954   moreover
   955   { assume nnz: "n \<noteq> 0"
   956     {assume "\<not> ?g > 1" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
   957     moreover
   958     {assume g1:"?g>1" hence g0: "?g > 0" by simp
   959       from g1 nnz have gp0: "?g' \<noteq> 0" by simp
   960       hence g'p: "?g' > 0" using gcd_ge_0_int[where x="n" and y="numgcd ?t'"] by arith
   961       hence "?g'= 1 \<or> ?g' > 1" by arith
   962       moreover {assume "?g'=1" hence ?thesis by (simp add: Let_def simp_num_pair_def)}
   963       moreover {assume g'1:"?g'>1"
   964         from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff ?t' ?g" ..
   965         let ?tt = "reducecoeffh ?t' ?g'"
   966         let ?t = "Inum bs ?tt"
   967         have gpdg: "?g' dvd ?g" by simp
   968         have gpdd: "?g' dvd n" by simp
   969         have gpdgp: "?g' dvd ?g'" by simp
   970         from reducecoeffh[OF dvdnumcoeff_trans[OF gpdg th1] g'p] 
   971         have th2:"real ?g' * ?t = Inum bs ?t'" by simp
   972         from nnz g1 g'1 have "?lhs = ?t / real (n div ?g')" by (simp add: simp_num_pair_def Let_def)
   973         also have "\<dots> = (real ?g' * ?t) / (real ?g' * (real (n div ?g')))" by simp
   974         also have "\<dots> = (Inum bs ?t' / real n)"
   975           using real_of_int_div[OF gp0 gpdd] th2 gp0 by simp
   976         finally have "?lhs = Inum bs t / real n" by simp
   977         then have ?thesis using nnz g1 g'1 by (simp add: simp_num_pair_def) }
   978       ultimately have ?thesis by blast }
   979     ultimately have ?thesis by blast }
   980   ultimately show ?thesis by blast
   981 qed
   982 
   983 lemma simp_num_pair_l:
   984   assumes tnb: "numbound0 t" and np: "n >0" and tn: "simp_num_pair (t,n) = (t',n')"
   985   shows "numbound0 t' \<and> n' >0"
   986 proof-
   987   let ?t' = "simpnum t"
   988   let ?g = "numgcd ?t'"
   989   let ?g' = "gcd n ?g"
   990   { assume nz: "n = 0" hence ?thesis using assms by (simp add: Let_def simp_num_pair_def) }
   991   moreover
   992   { assume nnz: "n \<noteq> 0"
   993     {assume "\<not> ?g > 1" hence ?thesis using assms by (auto simp add: Let_def simp_num_pair_def) }
   994     moreover
   995     {assume g1:"?g>1" hence g0: "?g > 0" by simp
   996       from g1 nnz have gp0: "?g' \<noteq> 0" by simp
   997       hence g'p: "?g' > 0" using gcd_ge_0_int[where x="n" and y="numgcd ?t'"] by arith
   998       hence "?g'= 1 \<or> ?g' > 1" by arith
   999       moreover {assume "?g'=1" hence ?thesis using assms g1 g0
  1000           by (auto simp add: Let_def simp_num_pair_def) }
  1001       moreover {assume g'1:"?g'>1"
  1002         have gpdg: "?g' dvd ?g" by simp
  1003         have gpdd: "?g' dvd n" by simp
  1004         have gpdgp: "?g' dvd ?g'" by simp
  1005         from zdvd_imp_le[OF gpdd np] have g'n: "?g' \<le> n" .
  1006         from zdiv_mono1[OF g'n g'p, simplified zdiv_self[OF gp0]]
  1007         have "n div ?g' >0" by simp
  1008         hence ?thesis using assms g1 g'1
  1009           by(auto simp add: simp_num_pair_def Let_def reducecoeffh_numbound0)}
  1010       ultimately have ?thesis by blast }
  1011     ultimately have ?thesis by blast } 
  1012   ultimately show ?thesis by blast
  1013 qed
  1014 
  1015 fun not:: "fm \<Rightarrow> fm" where
  1016   "not (NOT p) = p"
  1017 | "not T = F"
  1018 | "not F = T"
  1019 | "not (Lt t) = Ge t"
  1020 | "not (Le t) = Gt t"
  1021 | "not (Gt t) = Le t"
  1022 | "not (Ge t) = Lt t"
  1023 | "not (Eq t) = NEq t"
  1024 | "not (NEq t) = Eq t"
  1025 | "not (Dvd i t) = NDvd i t"
  1026 | "not (NDvd i t) = Dvd i t"
  1027 | "not (And p q) = Or (not p) (not q)"
  1028 | "not (Or p q) = And (not p) (not q)"
  1029 | "not p = NOT p"
  1030 lemma not[simp]: "Ifm bs (not p) = Ifm bs (NOT p)"
  1031   by (induct p) auto
  1032 lemma not_qf[simp]: "qfree p \<Longrightarrow> qfree (not p)"
  1033   by (induct p) auto
  1034 lemma not_nb[simp]: "bound0 p \<Longrightarrow> bound0 (not p)"
  1035   by (induct p) auto
  1036 
  1037 definition conj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
  1038   "conj p q \<equiv> (if (p = F \<or> q=F) then F else if p=T then q else if q=T then p else 
  1039    if p = q then p else And p q)"
  1040 lemma conj[simp]: "Ifm bs (conj p q) = Ifm bs (And p q)"
  1041   by (cases "p=F \<or> q=F", simp_all add: conj_def) (cases p, simp_all)
  1042 
  1043 lemma conj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (conj p q)"
  1044   using conj_def by auto 
  1045 lemma conj_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (conj p q)"
  1046   using conj_def by auto 
  1047 
  1048 definition disj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
  1049   "disj p q \<equiv> (if (p = T \<or> q=T) then T else if p=F then q else if q=F then p 
  1050        else if p=q then p else Or p q)"
  1051 
  1052 lemma disj[simp]: "Ifm bs (disj p q) = Ifm bs (Or p q)"
  1053   by (cases "p=T \<or> q=T",simp_all add: disj_def) (cases p,simp_all)
  1054 lemma disj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (disj p q)"
  1055   using disj_def by auto 
  1056 lemma disj_nb[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (disj p q)"
  1057   using disj_def by auto 
  1058 
  1059 definition imp :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
  1060   "imp p q \<equiv> (if (p = F \<or> q=T \<or> p=q) then T else if p=T then q else if q=F then not p 
  1061     else Imp p q)"
  1062 lemma imp[simp]: "Ifm bs (imp p q) = Ifm bs (Imp p q)"
  1063   by (cases "p=F \<or> q=T",simp_all add: imp_def)
  1064 lemma imp_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (imp p q)"
  1065   using imp_def by (cases "p=F \<or> q=T",simp_all add: imp_def)
  1066 
  1067 definition iff :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
  1068   "iff p q \<equiv> (if (p = q) then T else if (p = not q \<or> not p = q) then F else 
  1069        if p=F then not q else if q=F then not p else if p=T then q else if q=T then p else 
  1070   Iff p q)"
  1071 lemma iff[simp]: "Ifm bs (iff p q) = Ifm bs (Iff p q)"
  1072   by (unfold iff_def,cases "p=q", simp,cases "p=not q", simp add:not) 
  1073 (cases "not p= q", auto simp add:not)
  1074 lemma iff_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (iff p q)"
  1075   by (unfold iff_def,cases "p=q", auto)
  1076 
  1077 fun check_int:: "num \<Rightarrow> bool" where
  1078   "check_int (C i) = True"
  1079 | "check_int (Floor t) = True"
  1080 | "check_int (Mul i t) = check_int t"
  1081 | "check_int (Add t s) = (check_int t \<and> check_int s)"
  1082 | "check_int (Neg t) = check_int t"
  1083 | "check_int (CF c t s) = check_int s"
  1084 | "check_int t = False"
  1085 lemma check_int: "check_int t \<Longrightarrow> isint t bs"
  1086 by (induct t, auto simp add: isint_add isint_Floor isint_Mul isint_neg isint_c isint_CF)
  1087 
  1088 lemma rdvd_left1_int: "real \<lfloor>t\<rfloor> = t \<Longrightarrow> 1 rdvd t"
  1089   by (simp add: rdvd_def,rule_tac x="\<lfloor>t\<rfloor>" in exI) simp
  1090 
  1091 lemma rdvd_reduce: 
  1092   assumes gd:"g dvd d" and gc:"g dvd c" and gp: "g > 0"
  1093   shows "real (d::int) rdvd real (c::int)*t = (real (d div g) rdvd real (c div g)*t)"
  1094 proof
  1095   assume d: "real d rdvd real c * t"
  1096   from d rdvd_def obtain k where k_def: "real c * t = real d* real (k::int)" by auto
  1097   from gd dvd_def obtain kd where kd_def: "d = g * kd" by auto
  1098   from gc dvd_def obtain kc where kc_def: "c = g * kc" by auto
  1099   from k_def kd_def kc_def have "real g * real kc * t = real g * real kd * real k" by simp
  1100   hence "real kc * t = real kd * real k" using gp by simp
  1101   hence th:"real kd rdvd real kc * t" using rdvd_def by blast
  1102   from kd_def gp have th':"kd = d div g" by simp
  1103   from kc_def gp have "kc = c div g" by simp
  1104   with th th' show "real (d div g) rdvd real (c div g) * t" by simp
  1105 next
  1106   assume d: "real (d div g) rdvd real (c div g) * t"
  1107   from gp have gnz: "g \<noteq> 0" by simp
  1108   thus "real d rdvd real c * t" using d rdvd_mult[OF gnz, where n="d div g" and x="real (c div g) * t"] real_of_int_div[OF gnz gd] real_of_int_div[OF gnz gc] by simp
  1109 qed
  1110 
  1111 definition simpdvd :: "int \<Rightarrow> num \<Rightarrow> (int \<times> num)" where
  1112   "simpdvd d t \<equiv> 
  1113    (let g = numgcd t in 
  1114       if g > 1 then (let g' = gcd d g in 
  1115         if g' = 1 then (d, t) 
  1116         else (d div g',reducecoeffh t g')) 
  1117       else (d, t))"
  1118 lemma simpdvd: 
  1119   assumes tnz: "nozerocoeff t" and dnz: "d \<noteq> 0"
  1120   shows "Ifm bs (Dvd (fst (simpdvd d t)) (snd (simpdvd d t))) = Ifm bs (Dvd d t)"
  1121 proof-
  1122   let ?g = "numgcd t"
  1123   let ?g' = "gcd d ?g"
  1124   {assume "\<not> ?g > 1" hence ?thesis by (simp add: Let_def simpdvd_def)}
  1125   moreover
  1126   {assume g1:"?g>1" hence g0: "?g > 0" by simp
  1127     from g1 dnz have gp0: "?g' \<noteq> 0" by simp
  1128     hence g'p: "?g' > 0" using gcd_ge_0_int[where x="d" and y="numgcd t"] by arith
  1129     hence "?g'= 1 \<or> ?g' > 1" by arith
  1130     moreover {assume "?g'=1" hence ?thesis by (simp add: Let_def simpdvd_def)}
  1131     moreover {assume g'1:"?g'>1"
  1132       from dvdnumcoeff_aux2[OF g1] have th1:"dvdnumcoeff t ?g" ..
  1133       let ?tt = "reducecoeffh t ?g'"
  1134       let ?t = "Inum bs ?tt"
  1135       have gpdg: "?g' dvd ?g" by simp
  1136       have gpdd: "?g' dvd d" by simp
  1137       have gpdgp: "?g' dvd ?g'" by simp
  1138       from reducecoeffh[OF dvdnumcoeff_trans[OF gpdg th1] g'p] 
  1139       have th2:"real ?g' * ?t = Inum bs t" by simp
  1140       from assms g1 g0 g'1
  1141       have "Ifm bs (Dvd (fst (simpdvd d t)) (snd(simpdvd d t))) = Ifm bs (Dvd (d div ?g') ?tt)"
  1142         by (simp add: simpdvd_def Let_def)
  1143       also have "\<dots> = (real d rdvd (Inum bs t))"
  1144         using rdvd_reduce[OF gpdd gpdgp g'p, where t="?t", simplified zdiv_self[OF gp0]] 
  1145           th2[symmetric] by simp
  1146       finally have ?thesis by simp  }
  1147     ultimately have ?thesis by blast
  1148   }
  1149   ultimately show ?thesis by blast
  1150 qed
  1151 
  1152 function (sequential) simpfm :: "fm \<Rightarrow> fm" where
  1153   "simpfm (And p q) = conj (simpfm p) (simpfm q)"
  1154 | "simpfm (Or p q) = disj (simpfm p) (simpfm q)"
  1155 | "simpfm (Imp p q) = imp (simpfm p) (simpfm q)"
  1156 | "simpfm (Iff p q) = iff (simpfm p) (simpfm q)"
  1157 | "simpfm (NOT p) = not (simpfm p)"
  1158 | "simpfm (Lt a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v < 0) then T else F 
  1159   | _ \<Rightarrow> Lt (reducecoeff a'))"
  1160 | "simpfm (Le a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<le> 0)  then T else F | _ \<Rightarrow> Le (reducecoeff a'))"
  1161 | "simpfm (Gt a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v > 0)  then T else F | _ \<Rightarrow> Gt (reducecoeff a'))"
  1162 | "simpfm (Ge a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<ge> 0)  then T else F | _ \<Rightarrow> Ge (reducecoeff a'))"
  1163 | "simpfm (Eq a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v = 0)  then T else F | _ \<Rightarrow> Eq (reducecoeff a'))"
  1164 | "simpfm (NEq a) = (let a' = simpnum a in case a' of C v \<Rightarrow> if (v \<noteq> 0)  then T else F | _ \<Rightarrow> NEq (reducecoeff a'))"
  1165 | "simpfm (Dvd i a) = (if i=0 then simpfm (Eq a)
  1166              else if (abs i = 1) \<and> check_int a then T
  1167              else let a' = simpnum a in case a' of C v \<Rightarrow> if (i dvd v)  then T else F | _ \<Rightarrow> (let (d,t) = simpdvd i a' in Dvd d t))"
  1168 | "simpfm (NDvd i a) = (if i=0 then simpfm (NEq a) 
  1169              else if (abs i = 1) \<and> check_int a then F
  1170              else let a' = simpnum a in case a' of C v \<Rightarrow> if (\<not>(i dvd v)) then T else F | _ \<Rightarrow> (let (d,t) = simpdvd i a' in NDvd d t))"
  1171 | "simpfm p = p"
  1172 by pat_completeness auto
  1173 termination by (relation "measure fmsize") auto
  1174 
  1175 lemma simpfm[simp]: "Ifm bs (simpfm p) = Ifm bs p"
  1176 proof(induct p rule: simpfm.induct)
  1177   case (6 a) let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1178   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1179   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1180     let ?g = "numgcd ?sa"
  1181     let ?rsa = "reducecoeff ?sa"
  1182     let ?r = "Inum bs ?rsa"
  1183     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1184     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1185     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1186     hence gp: "real ?g > 0" by simp
  1187     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1188     with sa have "Inum bs a < 0 = (real ?g * ?r < real ?g * 0)" by simp
  1189     also have "\<dots> = (?r < 0)" using gp
  1190       by (simp only: mult_less_cancel_left) simp
  1191     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1192   ultimately show ?case by blast
  1193 next
  1194   case (7 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1195   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1196   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1197     let ?g = "numgcd ?sa"
  1198     let ?rsa = "reducecoeff ?sa"
  1199     let ?r = "Inum bs ?rsa"
  1200     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1201     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1202     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1203     hence gp: "real ?g > 0" by simp
  1204     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1205     with sa have "Inum bs a \<le> 0 = (real ?g * ?r \<le> real ?g * 0)" by simp
  1206     also have "\<dots> = (?r \<le> 0)" using gp
  1207       by (simp only: mult_le_cancel_left) simp
  1208     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1209   ultimately show ?case by blast
  1210 next
  1211   case (8 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1212   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1213   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1214     let ?g = "numgcd ?sa"
  1215     let ?rsa = "reducecoeff ?sa"
  1216     let ?r = "Inum bs ?rsa"
  1217     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1218     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1219     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1220     hence gp: "real ?g > 0" by simp
  1221     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1222     with sa have "Inum bs a > 0 = (real ?g * ?r > real ?g * 0)" by simp
  1223     also have "\<dots> = (?r > 0)" using gp
  1224       by (simp only: mult_less_cancel_left) simp
  1225     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1226   ultimately show ?case by blast
  1227 next
  1228   case (9 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1229   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1230   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1231     let ?g = "numgcd ?sa"
  1232     let ?rsa = "reducecoeff ?sa"
  1233     let ?r = "Inum bs ?rsa"
  1234     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1235     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1236     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1237     hence gp: "real ?g > 0" by simp
  1238     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1239     with sa have "Inum bs a \<ge> 0 = (real ?g * ?r \<ge> real ?g * 0)" by simp
  1240     also have "\<dots> = (?r \<ge> 0)" using gp
  1241       by (simp only: mult_le_cancel_left) simp
  1242     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1243   ultimately show ?case by blast
  1244 next
  1245   case (10 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1246   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1247   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1248     let ?g = "numgcd ?sa"
  1249     let ?rsa = "reducecoeff ?sa"
  1250     let ?r = "Inum bs ?rsa"
  1251     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1252     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1253     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1254     hence gp: "real ?g > 0" by simp
  1255     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1256     with sa have "Inum bs a = 0 = (real ?g * ?r = 0)" by simp
  1257     also have "\<dots> = (?r = 0)" using gp
  1258       by (simp add: mult_eq_0_iff)
  1259     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1260   ultimately show ?case by blast
  1261 next
  1262   case (11 a)  let ?sa = "simpnum a" have sa: "Inum bs ?sa = Inum bs a" by simp
  1263   {fix v assume "?sa = C v" hence ?case using sa by simp }
  1264   moreover {assume H:"\<not> (\<exists> v. ?sa = C v)"
  1265     let ?g = "numgcd ?sa"
  1266     let ?rsa = "reducecoeff ?sa"
  1267     let ?r = "Inum bs ?rsa"
  1268     have sa_nz: "nozerocoeff ?sa" by (rule simpnum_nz)
  1269     {assume gz: "?g=0" from numgcd_nz[OF sa_nz gz] H have "False" by auto}
  1270     with numgcd_pos[where t="?sa"] have "?g > 0" by (cases "?g=0", auto)
  1271     hence gp: "real ?g > 0" by simp
  1272     have "Inum bs ?sa = real ?g* ?r" by (simp add: reducecoeff)
  1273     with sa have "Inum bs a \<noteq> 0 = (real ?g * ?r \<noteq> 0)" by simp
  1274     also have "\<dots> = (?r \<noteq> 0)" using gp
  1275       by (simp add: mult_eq_0_iff)
  1276     finally have ?case using H by (cases "?sa" , simp_all add: Let_def)}
  1277   ultimately show ?case by blast
  1278 next
  1279   case (12 i a)  let ?sa = "simpnum a"   have sa: "Inum bs ?sa = Inum bs a" by simp
  1280   have "i=0 \<or> (abs i = 1 \<and> check_int a) \<or> (i\<noteq>0 \<and> ((abs i \<noteq> 1) \<or> (\<not> check_int a)))" by auto
  1281   {assume "i=0" hence ?case using "12.hyps" by (simp add: rdvd_left_0_eq Let_def)}
  1282   moreover 
  1283   {assume ai1: "abs i = 1" and ai: "check_int a" 
  1284     hence "i=1 \<or> i= - 1" by arith
  1285     moreover {assume i1: "i = 1" 
  1286       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1287       have ?case using i1 ai by simp }
  1288     moreover {assume i1: "i = - 1" 
  1289       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1290         rdvd_abs1[where d="- 1" and t="Inum bs a"]
  1291       have ?case using i1 ai by simp }
  1292     ultimately have ?case by blast}
  1293   moreover   
  1294   {assume inz: "i\<noteq>0" and cond: "(abs i \<noteq> 1) \<or> (\<not> check_int a)"
  1295     {fix v assume "?sa = C v" hence ?case using sa[symmetric] inz cond
  1296         by (cases "abs i = 1", auto simp add: int_rdvd_iff) }
  1297     moreover {assume H:"\<not> (\<exists> v. ?sa = C v)" 
  1298       hence th: "simpfm (Dvd i a) = Dvd (fst (simpdvd i ?sa)) (snd (simpdvd i ?sa))" using inz cond by (cases ?sa, auto simp add: Let_def split_def)
  1299       from simpnum_nz have nz:"nozerocoeff ?sa" by simp
  1300       from simpdvd [OF nz inz] th have ?case using sa by simp}
  1301     ultimately have ?case by blast}
  1302   ultimately show ?case by blast
  1303 next
  1304   case (13 i a)  let ?sa = "simpnum a"   have sa: "Inum bs ?sa = Inum bs a" by simp
  1305   have "i=0 \<or> (abs i = 1 \<and> check_int a) \<or> (i\<noteq>0 \<and> ((abs i \<noteq> 1) \<or> (\<not> check_int a)))" by auto
  1306   {assume "i=0" hence ?case using "13.hyps" by (simp add: rdvd_left_0_eq Let_def)}
  1307   moreover 
  1308   {assume ai1: "abs i = 1" and ai: "check_int a" 
  1309     hence "i=1 \<or> i= - 1" by arith
  1310     moreover {assume i1: "i = 1" 
  1311       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1312       have ?case using i1 ai by simp }
  1313     moreover {assume i1: "i = - 1" 
  1314       from rdvd_left1_int[OF check_int[OF ai, simplified isint_iff]] 
  1315         rdvd_abs1[where d="- 1" and t="Inum bs a"]
  1316       have ?case using i1 ai by simp }
  1317     ultimately have ?case by blast}
  1318   moreover   
  1319   {assume inz: "i\<noteq>0" and cond: "(abs i \<noteq> 1) \<or> (\<not> check_int a)"
  1320     {fix v assume "?sa = C v" hence ?case using sa[symmetric] inz cond
  1321         by (cases "abs i = 1", auto simp add: int_rdvd_iff) }
  1322     moreover {assume H:"\<not> (\<exists> v. ?sa = C v)" 
  1323       hence th: "simpfm (NDvd i a) = NDvd (fst (simpdvd i ?sa)) (snd (simpdvd i ?sa))" using inz cond 
  1324         by (cases ?sa, auto simp add: Let_def split_def)
  1325       from simpnum_nz have nz:"nozerocoeff ?sa" by simp
  1326       from simpdvd [OF nz inz] th have ?case using sa by simp}
  1327     ultimately have ?case by blast}
  1328   ultimately show ?case by blast
  1329 qed (induct p rule: simpfm.induct, simp_all)
  1330 
  1331 lemma simpdvd_numbound0: "numbound0 t \<Longrightarrow> numbound0 (snd (simpdvd d t))"
  1332   by (simp add: simpdvd_def Let_def split_def reducecoeffh_numbound0)
  1333 
  1334 lemma simpfm_bound0[simp]: "bound0 p \<Longrightarrow> bound0 (simpfm p)"
  1335 proof(induct p rule: simpfm.induct)
  1336   case (6 a) hence nb: "numbound0 a" by simp
  1337   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1338   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1339 next
  1340   case (7 a) hence nb: "numbound0 a" by simp
  1341   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1342   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1343 next
  1344   case (8 a) hence nb: "numbound0 a" by simp
  1345   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1346   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1347 next
  1348   case (9 a) hence nb: "numbound0 a" by simp
  1349   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1350   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1351 next
  1352   case (10 a) hence nb: "numbound0 a" by simp
  1353   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1354   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1355 next
  1356   case (11 a) hence nb: "numbound0 a" by simp
  1357   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1358   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0)
  1359 next
  1360   case (12 i a) hence nb: "numbound0 a" by simp
  1361   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1362   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0 simpdvd_numbound0 split_def)
  1363 next
  1364   case (13 i a) hence nb: "numbound0 a" by simp
  1365   hence "numbound0 (simpnum a)" by (simp only: simpnum_numbound0[OF nb])
  1366   thus ?case by (cases "simpnum a", auto simp add: Let_def reducecoeff_numbound0 simpdvd_numbound0 split_def)
  1367 qed(auto simp add: disj_def imp_def iff_def conj_def)
  1368 
  1369 lemma simpfm_qf[simp]: "qfree p \<Longrightarrow> qfree (simpfm p)"
  1370 by (induct p rule: simpfm.induct, auto simp add: Let_def)
  1371 (case_tac "simpnum a",auto simp add: split_def Let_def)+
  1372 
  1373 
  1374   (* Generic quantifier elimination *)
  1375 
  1376 definition list_conj :: "fm list \<Rightarrow> fm" where
  1377   "list_conj ps \<equiv> foldr conj ps T"
  1378 lemma list_conj: "Ifm bs (list_conj ps) = (\<forall>p\<in> set ps. Ifm bs p)"
  1379   by (induct ps, auto simp add: list_conj_def)
  1380 lemma list_conj_qf: " \<forall>p\<in> set ps. qfree p \<Longrightarrow> qfree (list_conj ps)"
  1381   by (induct ps, auto simp add: list_conj_def)
  1382 lemma list_conj_nb: " \<forall>p\<in> set ps. bound0 p \<Longrightarrow> bound0 (list_conj ps)"
  1383   by (induct ps, auto simp add: list_conj_def)
  1384 definition CJNB :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
  1385   "CJNB f p \<equiv> (let cjs = conjuncts p ; (yes,no) = List.partition bound0 cjs
  1386                    in conj (decr (list_conj yes)) (f (list_conj no)))"
  1387 
  1388 lemma CJNB_qe: 
  1389   assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
  1390   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (CJNB qe p) \<and> (Ifm bs ((CJNB qe p)) = Ifm bs (E p))"
  1391 proof(clarify)
  1392   fix bs p
  1393   assume qfp: "qfree p"
  1394   let ?cjs = "conjuncts p"
  1395   let ?yes = "fst (List.partition bound0 ?cjs)"
  1396   let ?no = "snd (List.partition bound0 ?cjs)"
  1397   let ?cno = "list_conj ?no"
  1398   let ?cyes = "list_conj ?yes"
  1399   have part: "List.partition bound0 ?cjs = (?yes,?no)" by simp
  1400   from partition_P[OF part] have "\<forall> q\<in> set ?yes. bound0 q" by blast 
  1401   hence yes_nb: "bound0 ?cyes" by (simp add: list_conj_nb) 
  1402   hence yes_qf: "qfree (decr ?cyes )" by (simp add: decr_qf)
  1403   from conjuncts_qf[OF qfp] partition_set[OF part] 
  1404   have " \<forall>q\<in> set ?no. qfree q" by auto
  1405   hence no_qf: "qfree ?cno"by (simp add: list_conj_qf)
  1406   with qe have cno_qf:"qfree (qe ?cno )" 
  1407     and noE: "Ifm bs (qe ?cno) = Ifm bs (E ?cno)" by blast+
  1408   from cno_qf yes_qf have qf: "qfree (CJNB qe p)" 
  1409     by (simp add: CJNB_def Let_def conj_qf split_def)
  1410   {fix bs
  1411     from conjuncts have "Ifm bs p = (\<forall>q\<in> set ?cjs. Ifm bs q)" by blast
  1412     also have "\<dots> = ((\<forall>q\<in> set ?yes. Ifm bs q) \<and> (\<forall>q\<in> set ?no. Ifm bs q))"
  1413       using partition_set[OF part] by auto
  1414     finally have "Ifm bs p = ((Ifm bs ?cyes) \<and> (Ifm bs ?cno))" using list_conj by simp}
  1415   hence "Ifm bs (E p) = (\<exists>x. (Ifm (x#bs) ?cyes) \<and> (Ifm (x#bs) ?cno))" by simp
  1416   also fix y have "\<dots> = (\<exists>x. (Ifm (y#bs) ?cyes) \<and> (Ifm (x#bs) ?cno))"
  1417     using bound0_I[OF yes_nb, where bs="bs" and b'="y"] by blast
  1418   also have "\<dots> = (Ifm bs (decr ?cyes) \<and> Ifm bs (E ?cno))"
  1419     by (auto simp add: decr[OF yes_nb] simp del: partition_filter_conv)
  1420   also have "\<dots> = (Ifm bs (conj (decr ?cyes) (qe ?cno)))"
  1421     using qe[rule_format, OF no_qf] by auto
  1422   finally have "Ifm bs (E p) = Ifm bs (CJNB qe p)" 
  1423     by (simp add: Let_def CJNB_def split_def)
  1424   with qf show "qfree (CJNB qe p) \<and> Ifm bs (CJNB qe p) = Ifm bs (E p)" by blast
  1425 qed
  1426 
  1427 function (sequential) qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm" where
  1428   "qelim (E p) = (\<lambda> qe. DJ (CJNB qe) (qelim p qe))"
  1429 | "qelim (A p) = (\<lambda> qe. not (qe ((qelim (NOT p) qe))))"
  1430 | "qelim (NOT p) = (\<lambda> qe. not (qelim p qe))"
  1431 | "qelim (And p q) = (\<lambda> qe. conj (qelim p qe) (qelim q qe))" 
  1432 | "qelim (Or  p q) = (\<lambda> qe. disj (qelim p qe) (qelim q qe))" 
  1433 | "qelim (Imp p q) = (\<lambda> qe. disj (qelim (NOT p) qe) (qelim q qe))"
  1434 | "qelim (Iff p q) = (\<lambda> qe. iff (qelim p qe) (qelim q qe))"
  1435 | "qelim p = (\<lambda> y. simpfm p)"
  1436 by pat_completeness auto
  1437 termination by (relation "measure fmsize") auto
  1438 
  1439 lemma qelim_ci:
  1440   assumes qe_inv: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm bs (qe p) = Ifm bs (E p))"
  1441   shows "\<And> bs. qfree (qelim p qe) \<and> (Ifm bs (qelim p qe) = Ifm bs p)"
  1442   using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]] 
  1443   by (induct p rule: qelim.induct) (auto simp del: simpfm.simps)
  1444 
  1445 
  1446 text {* The @{text "\<int>"} Part *}
  1447 text{* Linearity for fm where Bound 0 ranges over @{text "\<int>"} *}
  1448 
  1449 function zsplit0 :: "num \<Rightarrow> int \<times> num" (* splits the bounded from the unbounded part*) where
  1450   "zsplit0 (C c) = (0,C c)"
  1451 | "zsplit0 (Bound n) = (if n=0 then (1, C 0) else (0,Bound n))"
  1452 | "zsplit0 (CN n c a) = zsplit0 (Add (Mul c (Bound n)) a)"
  1453 | "zsplit0 (CF c a b) = zsplit0 (Add (Mul c (Floor a)) b)"
  1454 | "zsplit0 (Neg a) = (let (i',a') =  zsplit0 a in (-i', Neg a'))"
  1455 | "zsplit0 (Add a b) = (let (ia,a') =  zsplit0 a ; 
  1456                             (ib,b') =  zsplit0 b 
  1457                             in (ia+ib, Add a' b'))"
  1458 | "zsplit0 (Sub a b) = (let (ia,a') =  zsplit0 a ; 
  1459                             (ib,b') =  zsplit0 b 
  1460                             in (ia-ib, Sub a' b'))"
  1461 | "zsplit0 (Mul i a) = (let (i',a') =  zsplit0 a in (i*i', Mul i a'))"
  1462 | "zsplit0 (Floor a) = (let (i',a') =  zsplit0 a in (i',Floor a'))"
  1463 by pat_completeness auto
  1464 termination by (relation "measure num_size") auto
  1465 
  1466 lemma zsplit0_I:
  1467   shows "\<And> n a. zsplit0 t = (n,a) \<Longrightarrow> (Inum ((real (x::int)) #bs) (CN 0 n a) = Inum (real x #bs) t) \<and> numbound0 a"
  1468   (is "\<And> n a. ?S t = (n,a) \<Longrightarrow> (?I x (CN 0 n a) = ?I x t) \<and> ?N a")
  1469 proof(induct t rule: zsplit0.induct)
  1470   case (1 c n a) thus ?case by auto 
  1471 next
  1472   case (2 m n a) thus ?case by (cases "m=0") auto
  1473 next
  1474   case (3 n i a n a') thus ?case by auto
  1475 next 
  1476   case (4 c a b n a') thus ?case by auto
  1477 next
  1478   case (5 t n a)
  1479   let ?nt = "fst (zsplit0 t)"
  1480   let ?at = "snd (zsplit0 t)"
  1481   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a=Neg ?at \<and> n=-?nt" using 5 
  1482     by (simp add: Let_def split_def)
  1483   from abj 5 have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1484   from th2[simplified] th[simplified] show ?case by simp
  1485 next
  1486   case (6 s t n a)
  1487   let ?ns = "fst (zsplit0 s)"
  1488   let ?as = "snd (zsplit0 s)"
  1489   let ?nt = "fst (zsplit0 t)"
  1490   let ?at = "snd (zsplit0 t)"
  1491   have abjs: "zsplit0 s = (?ns,?as)" by simp 
  1492   moreover have abjt:  "zsplit0 t = (?nt,?at)" by simp 
  1493   ultimately have th: "a=Add ?as ?at \<and> n=?ns + ?nt" using 6
  1494     by (simp add: Let_def split_def)
  1495   from abjs[symmetric] have bluddy: "\<exists> x y. (x,y) = zsplit0 s" by blast
  1496   from 6 have "(\<exists> x y. (x,y) = zsplit0 s) \<longrightarrow> (\<forall>xa xb. zsplit0 t = (xa, xb) \<longrightarrow> Inum (real x # bs) (CN 0 xa xb) = Inum (real x # bs) t \<and> numbound0 xb)" by blast (*FIXME*)
  1497   with bluddy abjt have th3: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1498   from abjs 6  have th2: "(?I x (CN 0 ?ns ?as) = ?I x s) \<and> ?N ?as" by blast
  1499   from th3[simplified] th2[simplified] th[simplified] show ?case 
  1500     by (simp add: left_distrib)
  1501 next
  1502   case (7 s t n a)
  1503   let ?ns = "fst (zsplit0 s)"
  1504   let ?as = "snd (zsplit0 s)"
  1505   let ?nt = "fst (zsplit0 t)"
  1506   let ?at = "snd (zsplit0 t)"
  1507   have abjs: "zsplit0 s = (?ns,?as)" by simp 
  1508   moreover have abjt:  "zsplit0 t = (?nt,?at)" by simp 
  1509   ultimately have th: "a=Sub ?as ?at \<and> n=?ns - ?nt" using 7
  1510     by (simp add: Let_def split_def)
  1511   from abjs[symmetric] have bluddy: "\<exists> x y. (x,y) = zsplit0 s" by blast
  1512   from 7 have "(\<exists> x y. (x,y) = zsplit0 s) \<longrightarrow> (\<forall>xa xb. zsplit0 t = (xa, xb) \<longrightarrow> Inum (real x # bs) (CN 0 xa xb) = Inum (real x # bs) t \<and> numbound0 xb)" by blast (*FIXME*)
  1513   with bluddy abjt have th3: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1514   from abjs 7 have th2: "(?I x (CN 0 ?ns ?as) = ?I x s) \<and> ?N ?as" by blast
  1515   from th3[simplified] th2[simplified] th[simplified] show ?case 
  1516     by (simp add: left_diff_distrib)
  1517 next
  1518   case (8 i t n a)
  1519   let ?nt = "fst (zsplit0 t)"
  1520   let ?at = "snd (zsplit0 t)"
  1521   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a=Mul i ?at \<and> n=i*?nt" using 8
  1522     by (simp add: Let_def split_def)
  1523   from abj 8 have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1524   hence "?I x (Mul i t) = (real i) * ?I x (CN 0 ?nt ?at)" by simp
  1525   also have "\<dots> = ?I x (CN 0 (i*?nt) (Mul i ?at))" by (simp add: right_distrib)
  1526   finally show ?case using th th2 by simp
  1527 next
  1528   case (9 t n a)
  1529   let ?nt = "fst (zsplit0 t)"
  1530   let ?at = "snd (zsplit0 t)"
  1531   have abj: "zsplit0 t = (?nt,?at)" by simp hence th: "a= Floor ?at \<and> n=?nt" using 9
  1532     by (simp add: Let_def split_def)
  1533   from abj 9 have th2: "(?I x (CN 0 ?nt ?at) = ?I x t) \<and> ?N ?at" by blast
  1534   hence na: "?N a" using th by simp
  1535   have th': "(real ?nt)*(real x) = real (?nt * x)" by simp
  1536   have "?I x (Floor t) = ?I x (Floor (CN 0 ?nt ?at))" using th2 by simp
  1537   also have "\<dots> = real (floor ((real ?nt)* real(x) + ?I x ?at))" by simp
  1538   also have "\<dots> = real (floor (?I x ?at + real (?nt* x)))" by (simp add: add_ac)
  1539   also have "\<dots> = real (floor (?I x ?at) + (?nt* x))" 
  1540     using floor_add[where x="?I x ?at" and a="?nt* x"] by simp 
  1541   also have "\<dots> = real (?nt)*(real x) + real (floor (?I x ?at))" by (simp add: add_ac)
  1542   finally have "?I x (Floor t) = ?I x (CN 0 n a)" using th by simp
  1543   with na show ?case by simp
  1544 qed
  1545 
  1546 consts
  1547   iszlfm :: "fm \<Rightarrow> real list \<Rightarrow> bool"   (* Linearity test for fm *)
  1548   zlfm :: "fm \<Rightarrow> fm"       (* Linearity transformation for fm *)
  1549 recdef iszlfm "measure size"
  1550   "iszlfm (And p q) = (\<lambda> bs. iszlfm p bs \<and> iszlfm q bs)" 
  1551   "iszlfm (Or p q) = (\<lambda> bs. iszlfm p bs \<and> iszlfm q bs)" 
  1552   "iszlfm (Eq  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1553   "iszlfm (NEq (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1554   "iszlfm (Lt  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1555   "iszlfm (Le  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1556   "iszlfm (Gt  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1557   "iszlfm (Ge  (CN 0 c e)) = (\<lambda> bs. c>0 \<and> numbound0 e \<and> isint e bs)"
  1558   "iszlfm (Dvd i (CN 0 c e)) = 
  1559                  (\<lambda> bs. c>0 \<and> i>0 \<and> numbound0 e \<and> isint e bs)"
  1560   "iszlfm (NDvd i (CN 0 c e))= 
  1561                  (\<lambda> bs. c>0 \<and> i>0 \<and> numbound0 e \<and> isint e bs)"
  1562   "iszlfm p = (\<lambda> bs. isatom p \<and> (bound0 p))"
  1563 
  1564 lemma zlin_qfree: "iszlfm p bs \<Longrightarrow> qfree p"
  1565   by (induct p rule: iszlfm.induct) auto
  1566 
  1567 lemma iszlfm_gen:
  1568   assumes lp: "iszlfm p (x#bs)"
  1569   shows "\<forall> y. iszlfm p (y#bs)"
  1570 proof
  1571   fix y
  1572   show "iszlfm p (y#bs)"
  1573     using lp
  1574   by(induct p rule: iszlfm.induct, simp_all add: numbound0_gen[rule_format, where x="x" and y="y"])
  1575 qed
  1576 
  1577 lemma conj_zl[simp]: "iszlfm p bs \<Longrightarrow> iszlfm q bs \<Longrightarrow> iszlfm (conj p q) bs"
  1578   using conj_def by (cases p,auto)
  1579 lemma disj_zl[simp]: "iszlfm p bs \<Longrightarrow> iszlfm q bs \<Longrightarrow> iszlfm (disj p q) bs"
  1580   using disj_def by (cases p,auto)
  1581 
  1582 recdef zlfm "measure fmsize"
  1583   "zlfm (And p q) = conj (zlfm p) (zlfm q)"
  1584   "zlfm (Or p q) = disj (zlfm p) (zlfm q)"
  1585   "zlfm (Imp p q) = disj (zlfm (NOT p)) (zlfm q)"
  1586   "zlfm (Iff p q) = disj (conj (zlfm p) (zlfm q)) (conj (zlfm (NOT p)) (zlfm (NOT q)))"
  1587   "zlfm (Lt a) = (let (c,r) = zsplit0 a in 
  1588      if c=0 then Lt r else 
  1589      if c>0 then Or (Lt (CN 0 c (Neg (Floor (Neg r))))) (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Lt (Add (Floor (Neg r)) r))) 
  1590      else Or (Gt (CN 0 (-c) (Floor(Neg r)))) (And (Eq(CN 0 (-c) (Floor(Neg r)))) (Lt (Add (Floor (Neg r)) r))))"
  1591   "zlfm (Le a) = (let (c,r) = zsplit0 a in 
  1592      if c=0 then Le r else 
  1593      if c>0 then Or (Le (CN 0 c (Neg (Floor (Neg r))))) (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Lt (Add (Floor (Neg r)) r))) 
  1594      else Or (Ge (CN 0 (-c) (Floor(Neg r)))) (And (Eq(CN 0 (-c) (Floor(Neg r)))) (Lt (Add (Floor (Neg r)) r))))"
  1595   "zlfm (Gt a) = (let (c,r) = zsplit0 a in 
  1596      if c=0 then Gt r else 
  1597      if c>0 then Or (Gt (CN 0 c (Floor r))) (And (Eq (CN 0 c (Floor r))) (Lt (Sub (Floor r) r))) 
  1598      else Or (Lt (CN 0 (-c) (Neg (Floor r)))) (And (Eq(CN 0 (-c) (Neg (Floor r)))) (Lt (Sub (Floor r) r))))"
  1599   "zlfm (Ge a) = (let (c,r) = zsplit0 a in 
  1600      if c=0 then Ge r else 
  1601      if c>0 then Or (Ge (CN 0 c (Floor r))) (And (Eq (CN 0 c (Floor r))) (Lt (Sub (Floor r) r))) 
  1602      else Or (Le (CN 0 (-c) (Neg (Floor r)))) (And (Eq(CN 0 (-c) (Neg (Floor r)))) (Lt (Sub (Floor r) r))))"
  1603   "zlfm (Eq a) = (let (c,r) = zsplit0 a in 
  1604               if c=0 then Eq r else 
  1605       if c>0 then (And (Eq (CN 0 c (Neg (Floor (Neg r))))) (Eq (Add (Floor (Neg r)) r)))
  1606       else (And (Eq (CN 0 (-c) (Floor (Neg r)))) (Eq (Add (Floor (Neg r)) r))))"
  1607   "zlfm (NEq a) = (let (c,r) = zsplit0 a in 
  1608               if c=0 then NEq r else 
  1609       if c>0 then (Or (NEq (CN 0 c (Neg (Floor (Neg r))))) (NEq (Add (Floor (Neg r)) r)))
  1610       else (Or (NEq (CN 0 (-c) (Floor (Neg r)))) (NEq (Add (Floor (Neg r)) r))))"
  1611   "zlfm (Dvd i a) = (if i=0 then zlfm (Eq a) 
  1612   else (let (c,r) = zsplit0 a in 
  1613               if c=0 then Dvd (abs i) r else 
  1614       if c>0 then And (Eq (Sub (Floor r) r)) (Dvd (abs i) (CN 0 c (Floor r))) 
  1615       else And (Eq (Sub (Floor r) r)) (Dvd (abs i) (CN 0 (-c) (Neg (Floor r))))))"
  1616   "zlfm (NDvd i a) = (if i=0 then zlfm (NEq a) 
  1617   else (let (c,r) = zsplit0 a in 
  1618               if c=0 then NDvd (abs i) r else 
  1619       if c>0 then Or (NEq (Sub (Floor r) r)) (NDvd (abs i) (CN 0 c (Floor r))) 
  1620       else Or (NEq (Sub (Floor r) r)) (NDvd (abs i) (CN 0 (-c) (Neg (Floor r))))))"
  1621   "zlfm (NOT (And p q)) = disj (zlfm (NOT p)) (zlfm (NOT q))"
  1622   "zlfm (NOT (Or p q)) = conj (zlfm (NOT p)) (zlfm (NOT q))"
  1623   "zlfm (NOT (Imp p q)) = conj (zlfm p) (zlfm (NOT q))"
  1624   "zlfm (NOT (Iff p q)) = disj (conj(zlfm p) (zlfm(NOT q))) (conj (zlfm(NOT p)) (zlfm q))"
  1625   "zlfm (NOT (NOT p)) = zlfm p"
  1626   "zlfm (NOT T) = F"
  1627   "zlfm (NOT F) = T"
  1628   "zlfm (NOT (Lt a)) = zlfm (Ge a)"
  1629   "zlfm (NOT (Le a)) = zlfm (Gt a)"
  1630   "zlfm (NOT (Gt a)) = zlfm (Le a)"
  1631   "zlfm (NOT (Ge a)) = zlfm (Lt a)"
  1632   "zlfm (NOT (Eq a)) = zlfm (NEq a)"
  1633   "zlfm (NOT (NEq a)) = zlfm (Eq a)"
  1634   "zlfm (NOT (Dvd i a)) = zlfm (NDvd i a)"
  1635   "zlfm (NOT (NDvd i a)) = zlfm (Dvd i a)"
  1636   "zlfm p = p" (hints simp add: fmsize_pos)
  1637 
  1638 lemma split_int_less_real: 
  1639   "(real (a::int) < b) = (a < floor b \<or> (a = floor b \<and> real (floor b) < b))"
  1640 proof( auto)
  1641   assume alb: "real a < b" and agb: "\<not> a < floor b"
  1642   from agb have "floor b \<le> a" by simp hence th: "b < real a + 1" by (simp only: floor_le_eq)
  1643   from floor_eq[OF alb th] show "a= floor b" by simp 
  1644 next
  1645   assume alb: "a < floor b"
  1646   hence "real a < real (floor b)" by simp
  1647   moreover have "real (floor b) \<le> b" by simp ultimately show  "real a < b" by arith 
  1648 qed
  1649 
  1650 lemma split_int_less_real': 
  1651   "(real (a::int) + b < 0) = (real a - real (floor(-b)) < 0 \<or> (real a - real (floor (-b)) = 0 \<and> real (floor (-b)) + b < 0))"
  1652 proof- 
  1653   have "(real a + b <0) = (real a < -b)" by arith
  1654   with split_int_less_real[where a="a" and b="-b"] show ?thesis by arith  
  1655 qed
  1656 
  1657 lemma split_int_gt_real': 
  1658   "(real (a::int) + b > 0) = (real a + real (floor b) > 0 \<or> (real a + real (floor b) = 0 \<and> real (floor b) - b < 0))"
  1659 proof- 
  1660   have th: "(real a + b >0) = (real (-a) + (-b)< 0)" by arith
  1661   show ?thesis using myless[of _ "real (floor b)"] 
  1662     by (simp only:th split_int_less_real'[where a="-a" and b="-b"]) 
  1663     (simp add: algebra_simps diff_minus[symmetric],arith)
  1664 qed
  1665 
  1666 lemma split_int_le_real: 
  1667   "(real (a::int) \<le> b) = (a \<le> floor b \<or> (a = floor b \<and> real (floor b) < b))"
  1668 proof( auto)
  1669   assume alb: "real a \<le> b" and agb: "\<not> a \<le> floor b"
  1670   from alb have "floor (real a) \<le> floor b " by (simp only: floor_mono) 
  1671   hence "a \<le> floor b" by simp with agb show "False" by simp
  1672 next
  1673   assume alb: "a \<le> floor b"
  1674   hence "real a \<le> real (floor b)" by (simp only: floor_mono)
  1675   also have "\<dots>\<le> b" by simp  finally show  "real a \<le> b" . 
  1676 qed
  1677 
  1678 lemma split_int_le_real': 
  1679   "(real (a::int) + b \<le> 0) = (real a - real (floor(-b)) \<le> 0 \<or> (real a - real (floor (-b)) = 0 \<and> real (floor (-b)) + b < 0))"
  1680 proof- 
  1681   have "(real a + b \<le>0) = (real a \<le> -b)" by arith
  1682   with split_int_le_real[where a="a" and b="-b"] show ?thesis by arith  
  1683 qed
  1684 
  1685 lemma split_int_ge_real': 
  1686   "(real (a::int) + b \<ge> 0) = (real a + real (floor b) \<ge> 0 \<or> (real a + real (floor b) = 0 \<and> real (floor b) - b < 0))"
  1687 proof- 
  1688   have th: "(real a + b \<ge>0) = (real (-a) + (-b) \<le> 0)" by arith
  1689   show ?thesis by (simp only: th split_int_le_real'[where a="-a" and b="-b"])
  1690     (simp add: algebra_simps diff_minus[symmetric],arith)
  1691 qed
  1692 
  1693 lemma split_int_eq_real: "(real (a::int) = b) = ( a = floor b \<and> b = real (floor b))" (is "?l = ?r")
  1694 by auto
  1695 
  1696 lemma split_int_eq_real': "(real (a::int) + b = 0) = ( a - floor (-b) = 0 \<and> real (floor (-b)) + b = 0)" (is "?l = ?r")
  1697 proof-
  1698   have "?l = (real a = -b)" by arith
  1699   with split_int_eq_real[where a="a" and b="-b"] show ?thesis by simp arith
  1700 qed
  1701 
  1702 lemma zlfm_I:
  1703   assumes qfp: "qfree p"
  1704   shows "(Ifm (real i #bs) (zlfm p) = Ifm (real i# bs) p) \<and> iszlfm (zlfm p) (real (i::int) #bs)"
  1705   (is "(?I (?l p) = ?I p) \<and> ?L (?l p)")
  1706 using qfp
  1707 proof(induct p rule: zlfm.induct)
  1708   case (5 a) 
  1709   let ?c = "fst (zsplit0 a)"
  1710   let ?r = "snd (zsplit0 a)"
  1711   have spl: "zsplit0 a = (?c,?r)" by simp
  1712   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1713   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1714   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1715   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1716   moreover
  1717   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1718       by (cases "?r", simp_all add: Let_def split_def,case_tac "nat", simp_all)}
  1719   moreover
  1720   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Lt a))" 
  1721       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1722     have "?I (Lt a) = (real (?c * i) + (?N ?r) < 0)" using Ia by (simp add: Let_def split_def)
  1723     also have "\<dots> = (?I (?l (Lt a)))" apply (simp only: split_int_less_real'[where a="?c*i" and b="?N ?r"]) by (simp add: Ia cp cnz Let_def split_def diff_minus)
  1724     finally have ?case using l by simp}
  1725   moreover
  1726   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Lt a))" 
  1727       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1728     have "?I (Lt a) = (real (?c * i) + (?N ?r) < 0)" using Ia by (simp add: Let_def split_def)
  1729     also from cn cnz have "\<dots> = (?I (?l (Lt a)))" by (simp only: split_int_less_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_minus[symmetric] add_ac, arith)
  1730     finally have ?case using l by simp}
  1731   ultimately show ?case by blast
  1732 next
  1733   case (6 a)
  1734   let ?c = "fst (zsplit0 a)"
  1735   let ?r = "snd (zsplit0 a)"
  1736   have spl: "zsplit0 a = (?c,?r)" by simp
  1737   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1738   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1739   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1740   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1741   moreover
  1742   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1743       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat",simp_all)}
  1744   moreover
  1745   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Le a))" 
  1746       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1747     have "?I (Le a) = (real (?c * i) + (?N ?r) \<le> 0)" using Ia by (simp add: Let_def split_def)
  1748     also have "\<dots> = (?I (?l (Le a)))" by (simp only: split_int_le_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_minus)
  1749     finally have ?case using l by simp}
  1750   moreover
  1751   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Le a))" 
  1752       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1753     have "?I (Le a) = (real (?c * i) + (?N ?r) \<le> 0)" using Ia by (simp add: Let_def split_def)
  1754     also from cn cnz have "\<dots> = (?I (?l (Le a)))" by (simp only: split_int_le_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_minus[symmetric] add_ac ,arith)
  1755     finally have ?case using l by simp}
  1756   ultimately show ?case by blast
  1757 next
  1758   case (7 a) 
  1759   let ?c = "fst (zsplit0 a)"
  1760   let ?r = "snd (zsplit0 a)"
  1761   have spl: "zsplit0 a = (?c,?r)" by simp
  1762   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1763   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1764   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1765   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1766   moreover
  1767   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1768       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1769   moreover
  1770   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Gt a))" 
  1771       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1772     have "?I (Gt a) = (real (?c * i) + (?N ?r) > 0)" using Ia by (simp add: Let_def split_def)
  1773     also have "\<dots> = (?I (?l (Gt a)))" by (simp only: split_int_gt_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_minus)
  1774     finally have ?case using l by simp}
  1775   moreover
  1776   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Gt a))" 
  1777       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1778     have "?I (Gt a) = (real (?c * i) + (?N ?r) > 0)" using Ia by (simp add: Let_def split_def)
  1779     also from cn cnz have "\<dots> = (?I (?l (Gt a)))" by (simp only: split_int_gt_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_minus[symmetric] add_ac, arith)
  1780     finally have ?case using l by simp}
  1781   ultimately show ?case by blast
  1782 next
  1783   case (8 a)
  1784    let ?c = "fst (zsplit0 a)"
  1785   let ?r = "snd (zsplit0 a)"
  1786   have spl: "zsplit0 a = (?c,?r)" by simp
  1787   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1788   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1789   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1790   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1791   moreover
  1792   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1793       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1794   moreover
  1795   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Ge a))" 
  1796       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1797     have "?I (Ge a) = (real (?c * i) + (?N ?r) \<ge> 0)" using Ia by (simp add: Let_def split_def)
  1798     also have "\<dots> = (?I (?l (Ge a)))" by (simp only: split_int_ge_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia cp cnz Let_def split_def diff_minus)
  1799     finally have ?case using l by simp}
  1800   moreover
  1801   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Ge a))" 
  1802       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1803     have "?I (Ge a) = (real (?c * i) + (?N ?r) \<ge> 0)" using Ia by (simp add: Let_def split_def)
  1804     also from cn cnz have "\<dots> = (?I (?l (Ge a)))" by (simp only: split_int_ge_real'[where a="?c*i" and b="?N ?r"]) (simp add: Ia Let_def split_def diff_minus[symmetric] add_ac, arith)
  1805     finally have ?case using l by simp}
  1806   ultimately show ?case by blast
  1807 next
  1808   case (9 a)
  1809   let ?c = "fst (zsplit0 a)"
  1810   let ?r = "snd (zsplit0 a)"
  1811   have spl: "zsplit0 a = (?c,?r)" by simp
  1812   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1813   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1814   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1815   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1816   moreover
  1817   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1818       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1819   moreover
  1820   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Eq a))" 
  1821       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1822     have "?I (Eq a) = (real (?c * i) + (?N ?r) = 0)" using Ia by (simp add: Let_def split_def)
  1823     also have "\<dots> = (?I (?l (Eq a)))" using cp cnz  by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult)
  1824     finally have ?case using l by simp}
  1825   moreover
  1826   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (Eq a))" 
  1827       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1828     have "?I (Eq a) = (real (?c * i) + (?N ?r) = 0)" using Ia by (simp add: Let_def split_def)
  1829     also from cn cnz have "\<dots> = (?I (?l (Eq a)))" by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult,arith)
  1830     finally have ?case using l by simp}
  1831   ultimately show ?case by blast
  1832 next
  1833   case (10 a)
  1834   let ?c = "fst (zsplit0 a)"
  1835   let ?r = "snd (zsplit0 a)"
  1836   have spl: "zsplit0 a = (?c,?r)" by simp
  1837   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1838   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1839   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1840   have "?c = 0 \<or> (?c >0 \<and> ?c\<noteq>0) \<or> (?c<0 \<and> ?c\<noteq>0)" by arith
  1841   moreover
  1842   {assume "?c=0" hence ?case using zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1843       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1844   moreover
  1845   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (NEq a))" 
  1846       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1847     have "?I (NEq a) = (real (?c * i) + (?N ?r) \<noteq> 0)" using Ia by (simp add: Let_def split_def)
  1848     also have "\<dots> = (?I (?l (NEq a)))" using cp cnz  by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult)
  1849     finally have ?case using l by simp}
  1850   moreover
  1851   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" hence l: "?L (?l (NEq a))" 
  1852       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1853     have "?I (NEq a) = (real (?c * i) + (?N ?r) \<noteq> 0)" using Ia by (simp add: Let_def split_def)
  1854     also from cn cnz have "\<dots> = (?I (?l (NEq a)))" by (simp only: split_int_eq_real'[where a="?c*i" and b="?N ?r"]) (simp add: Let_def split_def Ia real_of_int_mult[symmetric] del: real_of_int_mult,arith)
  1855     finally have ?case using l by simp}
  1856   ultimately show ?case by blast
  1857 next
  1858   case (11 j a)
  1859   let ?c = "fst (zsplit0 a)"
  1860   let ?r = "snd (zsplit0 a)"
  1861   have spl: "zsplit0 a = (?c,?r)" by simp
  1862   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1863   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1864   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1865   have "j=0 \<or> (j\<noteq>0 \<and> ?c = 0) \<or> (j\<noteq>0 \<and> ?c >0 \<and> ?c\<noteq>0) \<or> (j\<noteq> 0 \<and> ?c<0 \<and> ?c\<noteq>0)" by arith
  1866   moreover
  1867   { assume j: "j=0" hence z: "zlfm (Dvd j a) = (zlfm (Eq a))" by (simp add: Let_def) 
  1868     hence ?case using 11 j by (simp del: zlfm.simps add: rdvd_left_0_eq)}
  1869   moreover
  1870   {assume "?c=0" and "j\<noteq>0" hence ?case 
  1871       using zsplit0_I[OF spl, where x="i" and bs="bs"] rdvd_abs1[where d="j"]
  1872       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1873   moreover
  1874   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (Dvd j a))" 
  1875       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1876     have "?I (Dvd j a) = (real j rdvd (real (?c * i) + (?N ?r)))" 
  1877       using Ia by (simp add: Let_def split_def)
  1878     also have "\<dots> = (real (abs j) rdvd real (?c*i) + (?N ?r))" 
  1879       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  1880     also have "\<dots> = ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  1881        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r))))" 
  1882       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  1883     also have "\<dots> = (?I (?l (Dvd j a)))" using cp cnz jnz  
  1884       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  1885         del: real_of_int_mult) (auto simp add: add_ac)
  1886     finally have ?case using l jnz  by simp }
  1887   moreover
  1888   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (Dvd j a))" 
  1889       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1890     have "?I (Dvd j a) = (real j rdvd (real (?c * i) + (?N ?r)))" 
  1891       using Ia by (simp add: Let_def split_def)
  1892     also have "\<dots> = (real (abs j) rdvd real (?c*i) + (?N ?r))" 
  1893       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  1894     also have "\<dots> = ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  1895        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r))))" 
  1896       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  1897     also have "\<dots> = (?I (?l (Dvd j a)))" using cn cnz jnz
  1898       using rdvd_minus [where d="abs j" and t="real (?c*i + floor (?N ?r))", simplified, symmetric]
  1899       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  1900         del: real_of_int_mult) (auto simp add: add_ac)
  1901     finally have ?case using l jnz by blast }
  1902   ultimately show ?case by blast
  1903 next
  1904   case (12 j a)
  1905   let ?c = "fst (zsplit0 a)"
  1906   let ?r = "snd (zsplit0 a)"
  1907   have spl: "zsplit0 a = (?c,?r)" by simp
  1908   from zsplit0_I[OF spl, where x="i" and bs="bs"] 
  1909   have Ia:"Inum (real i # bs) a = Inum (real i #bs) (CN 0 ?c ?r)" and nb: "numbound0 ?r" by auto 
  1910   let ?N = "\<lambda> t. Inum (real i#bs) t"
  1911   have "j=0 \<or> (j\<noteq>0 \<and> ?c = 0) \<or> (j\<noteq>0 \<and> ?c >0 \<and> ?c\<noteq>0) \<or> (j\<noteq> 0 \<and> ?c<0 \<and> ?c\<noteq>0)" by arith
  1912   moreover
  1913   {assume j: "j=0" hence z: "zlfm (NDvd j a) = (zlfm (NEq a))" by (simp add: Let_def) 
  1914     hence ?case using 12 j by (simp del: zlfm.simps add: rdvd_left_0_eq)}
  1915   moreover
  1916   {assume "?c=0" and "j\<noteq>0" hence ?case 
  1917       using zsplit0_I[OF spl, where x="i" and bs="bs"] rdvd_abs1[where d="j"]
  1918       by (cases "?r", simp_all add: Let_def split_def, case_tac "nat", simp_all)}
  1919   moreover
  1920   {assume cp: "?c > 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (NDvd j a))" 
  1921       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1922     have "?I (NDvd j a) = (\<not> (real j rdvd (real (?c * i) + (?N ?r))))" 
  1923       using Ia by (simp add: Let_def split_def)
  1924     also have "\<dots> = (\<not> (real (abs j) rdvd real (?c*i) + (?N ?r)))" 
  1925       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  1926     also have "\<dots> = (\<not> ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  1927        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r)))))" 
  1928       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  1929     also have "\<dots> = (?I (?l (NDvd j a)))" using cp cnz jnz  
  1930       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  1931         del: real_of_int_mult) (auto simp add: add_ac)
  1932     finally have ?case using l jnz  by simp }
  1933   moreover
  1934   {assume cn: "?c < 0" and cnz: "?c\<noteq>0" and jnz: "j\<noteq>0" hence l: "?L (?l (NDvd j a))" 
  1935       by (simp add: nb Let_def split_def isint_Floor isint_neg)
  1936     have "?I (NDvd j a) = (\<not> (real j rdvd (real (?c * i) + (?N ?r))))" 
  1937       using Ia by (simp add: Let_def split_def)
  1938     also have "\<dots> = (\<not> (real (abs j) rdvd real (?c*i) + (?N ?r)))" 
  1939       by (simp only: rdvd_abs1[where d="j" and t="real (?c*i) + ?N ?r", symmetric]) simp
  1940     also have "\<dots> = (\<not> ((abs j) dvd (floor ((?N ?r) + real (?c*i))) \<and> 
  1941        (real (floor ((?N ?r) + real (?c*i))) = (real (?c*i) + (?N ?r)))))" 
  1942       by(simp only: int_rdvd_real[where i="abs j" and x="real (?c*i) + (?N ?r)"]) (simp only: add_ac)
  1943     also have "\<dots> = (?I (?l (NDvd j a)))" using cn cnz jnz
  1944       using rdvd_minus [where d="abs j" and t="real (?c*i + floor (?N ?r))", simplified, symmetric]
  1945       by (simp add: Let_def split_def int_rdvd_iff[symmetric]  
  1946         del: real_of_int_mult) (auto simp add: add_ac)
  1947     finally have ?case using l jnz by blast }
  1948   ultimately show ?case by blast
  1949 qed auto
  1950 
  1951 text{* plusinf : Virtual substitution of @{text "+\<infinity>"}
  1952        minusinf: Virtual substitution of @{text "-\<infinity>"}
  1953        @{text "\<delta>"} Compute lcm @{text "d| Dvd d  c*x+t \<in> p"}
  1954        @{text "d\<delta>"} checks if a given l divides all the ds above*}
  1955 
  1956 fun minusinf:: "fm \<Rightarrow> fm" where
  1957   "minusinf (And p q) = conj (minusinf p) (minusinf q)" 
  1958 | "minusinf (Or p q) = disj (minusinf p) (minusinf q)" 
  1959 | "minusinf (Eq  (CN 0 c e)) = F"
  1960 | "minusinf (NEq (CN 0 c e)) = T"
  1961 | "minusinf (Lt  (CN 0 c e)) = T"
  1962 | "minusinf (Le  (CN 0 c e)) = T"
  1963 | "minusinf (Gt  (CN 0 c e)) = F"
  1964 | "minusinf (Ge  (CN 0 c e)) = F"
  1965 | "minusinf p = p"
  1966 
  1967 lemma minusinf_qfree: "qfree p \<Longrightarrow> qfree (minusinf p)"
  1968   by (induct p rule: minusinf.induct, auto)
  1969 
  1970 fun plusinf:: "fm \<Rightarrow> fm" where
  1971   "plusinf (And p q) = conj (plusinf p) (plusinf q)" 
  1972 | "plusinf (Or p q) = disj (plusinf p) (plusinf q)" 
  1973 | "plusinf (Eq  (CN 0 c e)) = F"
  1974 | "plusinf (NEq (CN 0 c e)) = T"
  1975 | "plusinf (Lt  (CN 0 c e)) = F"
  1976 | "plusinf (Le  (CN 0 c e)) = F"
  1977 | "plusinf (Gt  (CN 0 c e)) = T"
  1978 | "plusinf (Ge  (CN 0 c e)) = T"
  1979 | "plusinf p = p"
  1980 
  1981 fun \<delta> :: "fm \<Rightarrow> int" where
  1982   "\<delta> (And p q) = lcm (\<delta> p) (\<delta> q)" 
  1983 | "\<delta> (Or p q) = lcm (\<delta> p) (\<delta> q)" 
  1984 | "\<delta> (Dvd i (CN 0 c e)) = i"
  1985 | "\<delta> (NDvd i (CN 0 c e)) = i"
  1986 | "\<delta> p = 1"
  1987 
  1988 fun d\<delta> :: "fm \<Rightarrow> int \<Rightarrow> bool" where
  1989   "d\<delta> (And p q) = (\<lambda> d. d\<delta> p d \<and> d\<delta> q d)" 
  1990 | "d\<delta> (Or p q) = (\<lambda> d. d\<delta> p d \<and> d\<delta> q d)" 
  1991 | "d\<delta> (Dvd i (CN 0 c e)) = (\<lambda> d. i dvd d)"
  1992 | "d\<delta> (NDvd i (CN 0 c e)) = (\<lambda> d. i dvd d)"
  1993 | "d\<delta> p = (\<lambda> d. True)"
  1994 
  1995 lemma delta_mono: 
  1996   assumes lin: "iszlfm p bs"
  1997   and d: "d dvd d'"
  1998   and ad: "d\<delta> p d"
  1999   shows "d\<delta> p d'"
  2000   using lin ad d
  2001 proof(induct p rule: iszlfm.induct)
  2002   case (9 i c e)  thus ?case using d
  2003     by (simp add: dvd_trans[of "i" "d" "d'"])
  2004 next
  2005   case (10 i c e) thus ?case using d
  2006     by (simp add: dvd_trans[of "i" "d" "d'"])
  2007 qed simp_all
  2008 
  2009 lemma \<delta> : assumes lin:"iszlfm p bs"
  2010   shows "d\<delta> p (\<delta> p) \<and> \<delta> p >0"
  2011 using lin
  2012 proof (induct p rule: iszlfm.induct)
  2013   case (1 p q) 
  2014   let ?d = "\<delta> (And p q)"
  2015   from 1 lcm_pos_int have dp: "?d >0" by simp
  2016   have d1: "\<delta> p dvd \<delta> (And p q)" using 1 by simp 
  2017   hence th: "d\<delta> p ?d" 
  2018     using delta_mono 1 by (simp only: iszlfm.simps) blast
  2019   have "\<delta> q dvd \<delta> (And p q)" using 1 by simp 
  2020   hence th': "d\<delta> q ?d" using delta_mono 1 by (simp only: iszlfm.simps) blast
  2021   from th th' dp show ?case by simp 
  2022 next
  2023   case (2 p q)  
  2024   let ?d = "\<delta> (And p q)"
  2025   from 2 lcm_pos_int have dp: "?d >0" by simp
  2026   have "\<delta> p dvd \<delta> (And p q)" using 2 by simp
  2027   hence th: "d\<delta> p ?d" using delta_mono 2 by (simp only: iszlfm.simps) blast
  2028   have "\<delta> q dvd \<delta> (And p q)" using 2 by simp
  2029   hence th': "d\<delta> q ?d" using delta_mono 2 by (simp only: iszlfm.simps) blast
  2030   from th th' dp show ?case by simp
  2031 qed simp_all
  2032 
  2033 
  2034 lemma minusinf_inf:
  2035   assumes linp: "iszlfm p (a # bs)"
  2036   shows "\<exists> (z::int). \<forall> x < z. Ifm ((real x)#bs) (minusinf p) = Ifm ((real x)#bs) p"
  2037   (is "?P p" is "\<exists> (z::int). \<forall> x < z. ?I x (?M p) = ?I x p")
  2038 using linp
  2039 proof (induct p rule: minusinf.induct)
  2040   case (1 f g)
  2041   then have "?P f" by simp
  2042   then obtain z1 where z1_def: "\<forall> x < z1. ?I x (?M f) = ?I x f" by blast
  2043   with 1 have "?P g" by simp
  2044   then obtain z2 where z2_def: "\<forall> x < z2. ?I x (?M g) = ?I x g" by blast
  2045   let ?z = "min z1 z2"
  2046   from z1_def z2_def have "\<forall> x < ?z. ?I x (?M (And f g)) = ?I x (And f g)" by simp
  2047   thus ?case by blast
  2048 next
  2049   case (2 f g)
  2050   then have "?P f" by simp
  2051   then obtain z1 where z1_def: "\<forall> x < z1. ?I x (?M f) = ?I x f" by blast
  2052   with 2 have "?P g" by simp
  2053   then obtain z2 where z2_def: "\<forall> x < z2. ?I x (?M g) = ?I x g" by blast
  2054   let ?z = "min z1 z2"
  2055   from z1_def z2_def have "\<forall> x < ?z. ?I x (?M (Or f g)) = ?I x (Or f g)" by simp
  2056   thus ?case by blast
  2057 next
  2058   case (3 c e) 
  2059   then have "c > 0" by simp
  2060   hence rcpos: "real c > 0" by simp
  2061   from 3 have nbe: "numbound0 e" by simp
  2062   fix y
  2063   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Eq (CN 0 c e))) = ?I x (Eq (CN 0 c e))"
  2064   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2065     fix x
  2066     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2067     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2068     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2069       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2070     hence "real c * real x + Inum (y # bs) e \<noteq> 0"using rcpos  by simp
  2071     thus "real c * real x + Inum (real x # bs) e \<noteq> 0" 
  2072       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"]  by simp
  2073   qed
  2074   thus ?case by blast
  2075 next
  2076   case (4 c e) 
  2077   then have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2078   from 4 have nbe: "numbound0 e" by simp
  2079   fix y
  2080   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (NEq (CN 0 c e))) = ?I x (NEq (CN 0 c e))"
  2081   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2082     fix x
  2083     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2084     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2085     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2086       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2087     hence "real c * real x + Inum (y # bs) e \<noteq> 0"using rcpos  by simp
  2088     thus "real c * real x + Inum (real x # bs) e \<noteq> 0" 
  2089       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"]  by simp
  2090   qed
  2091   thus ?case by blast
  2092 next
  2093   case (5 c e) 
  2094   then have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2095   from 5 have nbe: "numbound0 e" by simp
  2096   fix y
  2097   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Lt (CN 0 c e))) = ?I x (Lt (CN 0 c e))"
  2098   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2099     fix x
  2100     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2101     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2102     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2103       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2104     thus "real c * real x + Inum (real x # bs) e < 0" 
  2105       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2106   qed
  2107   thus ?case by blast
  2108 next
  2109   case (6 c e) 
  2110   then have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2111   from 6 have nbe: "numbound0 e" by simp
  2112   fix y
  2113   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Le (CN 0 c e))) = ?I x (Le (CN 0 c e))"
  2114   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2115     fix x
  2116     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2117     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2118     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2119       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2120     thus "real c * real x + Inum (real x # bs) e \<le> 0" 
  2121       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2122   qed
  2123   thus ?case by blast
  2124 next
  2125   case (7 c e) 
  2126   then have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2127   from 7 have nbe: "numbound0 e" by simp
  2128   fix y
  2129   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Gt (CN 0 c e))) = ?I x (Gt (CN 0 c e))"
  2130   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2131     fix x
  2132     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2133     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2134     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2135       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2136     thus "\<not> (real c * real x + Inum (real x # bs) e>0)" 
  2137       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2138   qed
  2139   thus ?case by blast
  2140 next
  2141   case (8 c e) 
  2142   then have "c > 0" by simp hence rcpos: "real c > 0" by simp
  2143   from 8 have nbe: "numbound0 e" by simp
  2144   fix y
  2145   have "\<forall> x < (floor (- (Inum (y#bs) e) / (real c))). ?I x (?M (Ge (CN 0 c e))) = ?I x (Ge (CN 0 c e))"
  2146   proof (simp add: less_floor_eq , rule allI, rule impI) 
  2147     fix x
  2148     assume A: "real x + (1\<Colon>real) \<le> - (Inum (y # bs) e / real c)"
  2149     hence th1:"real x < - (Inum (y # bs) e / real c)" by simp
  2150     with rcpos  have "(real c)*(real  x) < (real c)*(- (Inum (y # bs) e / real c))"
  2151       by (simp only: mult_strict_left_mono [OF th1 rcpos])
  2152     thus "\<not> real c * real x + Inum (real x # bs) e \<ge> 0" 
  2153       using numbound0_I[OF nbe, where b="y" and bs="bs" and b'="real x"] rcpos by simp
  2154   qed
  2155   thus ?case by blast
  2156 qed simp_all
  2157 
  2158 lemma minusinf_repeats:
  2159   assumes d: "d\<delta> p d" and linp: "iszlfm p (a # bs)"
  2160   shows "Ifm ((real(x - k*d))#bs) (minusinf p) = Ifm (real x #bs) (minusinf p)"
  2161 using linp d
  2162 proof(induct p rule: iszlfm.induct) 
  2163   case (9 i c e) hence nbe: "numbound0 e"  and id: "i dvd d" by simp+
  2164     hence "\<exists> k. d=i*k" by (simp add: dvd_def)
  2165     then obtain "di" where di_def: "d=i*di" by blast
  2166     show ?case 
  2167     proof(simp add: numbound0_I[OF nbe,where bs="bs" and b="real x - real k * real d" and b'="real x"] right_diff_distrib, rule iffI)
  2168       assume 
  2169         "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e"
  2170       (is "?ri rdvd ?rc*?rx - ?rc*(?rk*?rd) + ?I x e" is "?ri rdvd ?rt")
  2171       hence "\<exists> (l::int). ?rt = ?ri * (real l)" by (simp add: rdvd_def)
  2172       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real l)+?rc*(?rk * (real i) * (real di))" 
  2173         by (simp add: algebra_simps di_def)
  2174       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real (l + c*k*di))"
  2175         by (simp add: algebra_simps)
  2176       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri* (real l)" by blast
  2177       thus "real i rdvd real c * real x + Inum (real x # bs) e" using rdvd_def by simp
  2178     next
  2179       assume 
  2180         "real i rdvd real c * real x + Inum (real x # bs) e" (is "?ri rdvd ?rc*?rx+?e")
  2181       hence "\<exists> (l::int). ?rc*?rx+?e = ?ri * (real l)" by (simp add: rdvd_def)
  2182       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real d)" by simp
  2183       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real i * real di)" by (simp add: di_def)
  2184       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real (l - c*k*di))" by (simp add: algebra_simps)
  2185       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l)"
  2186         by blast
  2187       thus "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e" using rdvd_def by simp
  2188     qed
  2189 next
  2190   case (10 i c e) hence nbe: "numbound0 e"  and id: "i dvd d" by simp+
  2191     hence "\<exists> k. d=i*k" by (simp add: dvd_def)
  2192     then obtain "di" where di_def: "d=i*di" by blast
  2193     show ?case 
  2194     proof(simp add: numbound0_I[OF nbe,where bs="bs" and b="real x - real k * real d" and b'="real x"] right_diff_distrib, rule iffI)
  2195       assume 
  2196         "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e"
  2197       (is "?ri rdvd ?rc*?rx - ?rc*(?rk*?rd) + ?I x e" is "?ri rdvd ?rt")
  2198       hence "\<exists> (l::int). ?rt = ?ri * (real l)" by (simp add: rdvd_def)
  2199       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real l)+?rc*(?rk * (real i) * (real di))" 
  2200         by (simp add: algebra_simps di_def)
  2201       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri*(real (l + c*k*di))"
  2202         by (simp add: algebra_simps)
  2203       hence "\<exists> (l::int). ?rc*?rx+ ?I x e = ?ri* (real l)" by blast
  2204       thus "real i rdvd real c * real x + Inum (real x # bs) e" using rdvd_def by simp
  2205     next
  2206       assume 
  2207         "real i rdvd real c * real x + Inum (real x # bs) e" (is "?ri rdvd ?rc*?rx+?e")
  2208       hence "\<exists> (l::int). ?rc*?rx+?e = ?ri * (real l)" by (simp add: rdvd_def)
  2209       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real d)" by simp
  2210       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l) - real c * (real k * real i * real di)" by (simp add: di_def)
  2211       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real (l - c*k*di))" by (simp add: algebra_simps)
  2212       hence "\<exists> (l::int). ?rc*?rx - real c * (real k * real d) +?e = ?ri * (real l)"
  2213         by blast
  2214       thus "real i rdvd real c * real x - real c * (real k * real d) + Inum (real x # bs) e" using rdvd_def by simp
  2215     qed
  2216 qed (auto simp add: numbound0_I[where bs="bs" and b="real(x - k*d)" and b'="real x"] simp del: real_of_int_mult real_of_int_diff)
  2217 
  2218 lemma minusinf_ex:
  2219   assumes lin: "iszlfm p (real (a::int) #bs)"
  2220   and exmi: "\<exists> (x::int). Ifm (real x#bs) (minusinf p)" (is "\<exists> x. ?P1 x")
  2221   shows "\<exists> (x::int). Ifm (real x#bs) p" (is "\<exists> x. ?P x")
  2222 proof-
  2223   let ?d = "\<delta> p"
  2224   from \<delta> [OF lin] have dpos: "?d >0" by simp
  2225   from \<delta> [OF lin] have alld: "d\<delta> p ?d" by simp
  2226   from minusinf_repeats[OF alld lin] have th1:"\<forall> x k. ?P1 x = ?P1 (x - (k * ?d))" by simp
  2227   from minusinf_inf[OF lin] have th2:"\<exists> z. \<forall> x. x<z \<longrightarrow> (?P x = ?P1 x)" by blast
  2228   from minusinfinity [OF dpos th1 th2] exmi show ?thesis by blast
  2229 qed
  2230 
  2231 lemma minusinf_bex:
  2232   assumes lin: "iszlfm p (real (a::int) #bs)"
  2233   shows "(\<exists> (x::int). Ifm (real x#bs) (minusinf p)) = 
  2234          (\<exists> (x::int)\<in> {1..\<delta> p}. Ifm (real x#bs) (minusinf p))"
  2235   (is "(\<exists> x. ?P x) = _")
  2236 proof-
  2237   let ?d = "\<delta> p"
  2238   from \<delta> [OF lin] have dpos: "?d >0" by simp
  2239   from \<delta> [OF lin] have alld: "d\<delta> p ?d" by simp
  2240   from minusinf_repeats[OF alld lin] have th1:"\<forall> x k. ?P x = ?P (x - (k * ?d))" by simp
  2241   from periodic_finite_ex[OF dpos th1] show ?thesis by blast
  2242 qed
  2243 
  2244 lemma dvd1_eq1: "x >0 \<Longrightarrow> (x::int) dvd 1 = (x = 1)" by auto
  2245 
  2246 consts 
  2247   a\<beta> :: "fm \<Rightarrow> int \<Rightarrow> fm" (* adjusts the coeffitients of a formula *)
  2248   d\<beta> :: "fm \<Rightarrow> int \<Rightarrow> bool" (* tests if all coeffs c of c divide a given l*)
  2249   \<zeta>  :: "fm \<Rightarrow> int" (* computes the lcm of all coefficients of x*)
  2250   \<beta> :: "fm \<Rightarrow> num list"
  2251   \<alpha> :: "fm \<Rightarrow> num list"
  2252 
  2253 recdef a\<beta> "measure size"
  2254   "a\<beta> (And p q) = (\<lambda> k. And (a\<beta> p k) (a\<beta> q k))" 
  2255   "a\<beta> (Or p q) = (\<lambda> k. Or (a\<beta> p k) (a\<beta> q k))" 
  2256   "a\<beta> (Eq  (CN 0 c e)) = (\<lambda> k. Eq (CN 0 1 (Mul (k div c) e)))"
  2257   "a\<beta> (NEq (CN 0 c e)) = (\<lambda> k. NEq (CN 0 1 (Mul (k div c) e)))"
  2258   "a\<beta> (Lt  (CN 0 c e)) = (\<lambda> k. Lt (CN 0 1 (Mul (k div c) e)))"
  2259   "a\<beta> (Le  (CN 0 c e)) = (\<lambda> k. Le (CN 0 1 (Mul (k div c) e)))"
  2260   "a\<beta> (Gt  (CN 0 c e)) = (\<lambda> k. Gt (CN 0 1 (Mul (k div c) e)))"
  2261   "a\<beta> (Ge  (CN 0 c e)) = (\<lambda> k. Ge (CN 0 1 (Mul (k div c) e)))"
  2262   "a\<beta> (Dvd i (CN 0 c e)) =(\<lambda> k. Dvd ((k div c)*i) (CN 0 1 (Mul (k div c) e)))"
  2263   "a\<beta> (NDvd i (CN 0 c e))=(\<lambda> k. NDvd ((k div c)*i) (CN 0 1 (Mul (k div c) e)))"
  2264   "a\<beta> p = (\<lambda> k. p)"
  2265 
  2266 recdef d\<beta> "measure size"
  2267   "d\<beta> (And p q) = (\<lambda> k. (d\<beta> p k) \<and> (d\<beta> q k))" 
  2268   "d\<beta> (Or p q) = (\<lambda> k. (d\<beta> p k) \<and> (d\<beta> q k))" 
  2269   "d\<beta> (Eq  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2270   "d\<beta> (NEq (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2271   "d\<beta> (Lt  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2272   "d\<beta> (Le  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2273   "d\<beta> (Gt  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2274   "d\<beta> (Ge  (CN 0 c e)) = (\<lambda> k. c dvd k)"
  2275   "d\<beta> (Dvd i (CN 0 c e)) =(\<lambda> k. c dvd k)"
  2276   "d\<beta> (NDvd i (CN 0 c e))=(\<lambda> k. c dvd k)"
  2277   "d\<beta> p = (\<lambda> k. True)"
  2278 
  2279 recdef \<zeta> "measure size"
  2280   "\<zeta> (And p q) = lcm (\<zeta> p) (\<zeta> q)" 
  2281   "\<zeta> (Or p q) = lcm (\<zeta> p) (\<zeta> q)" 
  2282   "\<zeta> (Eq  (CN 0 c e)) = c"
  2283   "\<zeta> (NEq (CN 0 c e)) = c"
  2284   "\<zeta> (Lt  (CN 0 c e)) = c"
  2285   "\<zeta> (Le  (CN 0 c e)) = c"
  2286   "\<zeta> (Gt  (CN 0 c e)) = c"
  2287   "\<zeta> (Ge  (CN 0 c e)) = c"
  2288   "\<zeta> (Dvd i (CN 0 c e)) = c"
  2289   "\<zeta> (NDvd i (CN 0 c e))= c"
  2290   "\<zeta> p = 1"
  2291 
  2292 recdef \<beta> "measure size"
  2293   "\<beta> (And p q) = (\<beta> p @ \<beta> q)" 
  2294   "\<beta> (Or p q) = (\<beta> p @ \<beta> q)" 
  2295   "\<beta> (Eq  (CN 0 c e)) = [Sub (C -1) e]"
  2296   "\<beta> (NEq (CN 0 c e)) = [Neg e]"
  2297   "\<beta> (Lt  (CN 0 c e)) = []"
  2298   "\<beta> (Le  (CN 0 c e)) = []"
  2299   "\<beta> (Gt  (CN 0 c e)) = [Neg e]"
  2300   "\<beta> (Ge  (CN 0 c e)) = [Sub (C -1) e]"
  2301   "\<beta> p = []"
  2302 
  2303 recdef \<alpha> "measure size"
  2304   "\<alpha> (And p q) = (\<alpha> p @ \<alpha> q)" 
  2305   "\<alpha> (Or p q) = (\<alpha> p @ \<alpha> q)" 
  2306   "\<alpha> (Eq  (CN 0 c e)) = [Add (C -1) e]"
  2307   "\<alpha> (NEq (CN 0 c e)) = [e]"
  2308   "\<alpha> (Lt  (CN 0 c e)) = [e]"
  2309   "\<alpha> (Le  (CN 0 c e)) = [Add (C -1) e]"
  2310   "\<alpha> (Gt  (CN 0 c e)) = []"
  2311   "\<alpha> (Ge  (CN 0 c e)) = []"
  2312   "\<alpha> p = []"
  2313 consts mirror :: "fm \<Rightarrow> fm"
  2314 recdef mirror "measure size"
  2315   "mirror (And p q) = And (mirror p) (mirror q)" 
  2316   "mirror (Or p q) = Or (mirror p) (mirror q)" 
  2317   "mirror (Eq  (CN 0 c e)) = Eq (CN 0 c (Neg e))"
  2318   "mirror (NEq (CN 0 c e)) = NEq (CN 0 c (Neg e))"
  2319   "mirror (Lt  (CN 0 c e)) = Gt (CN 0 c (Neg e))"
  2320   "mirror (Le  (CN 0 c e)) = Ge (CN 0 c (Neg e))"
  2321   "mirror (Gt  (CN 0 c e)) = Lt (CN 0 c (Neg e))"
  2322   "mirror (Ge  (CN 0 c e)) = Le (CN 0 c (Neg e))"
  2323   "mirror (Dvd i (CN 0 c e)) = Dvd i (CN 0 c (Neg e))"
  2324   "mirror (NDvd i (CN 0 c e)) = NDvd i (CN 0 c (Neg e))"
  2325   "mirror p = p"
  2326 
  2327 lemma mirror\<alpha>\<beta>:
  2328   assumes lp: "iszlfm p (a#bs)"
  2329   shows "(Inum (real (i::int)#bs)) ` set (\<alpha> p) = (Inum (real i#bs)) ` set (\<beta> (mirror p))"
  2330 using lp
  2331 by (induct p rule: mirror.induct, auto)
  2332 
  2333 lemma mirror: 
  2334   assumes lp: "iszlfm p (a#bs)"
  2335   shows "Ifm (real (x::int)#bs) (mirror p) = Ifm (real (- x)#bs) p" 
  2336 using lp
  2337 proof(induct p rule: iszlfm.induct)
  2338   case (9 j c e)
  2339   have th: "(real j rdvd real c * real x - Inum (real x # bs) e) =
  2340        (real j rdvd - (real c * real x - Inum (real x # bs) e))"
  2341     by (simp only: rdvd_minus[symmetric])
  2342   from 9 th show ?case
  2343     by (simp add: algebra_simps
  2344       numbound0_I[where bs="bs" and b'="real x" and b="- real x"])
  2345 next
  2346   case (10 j c e)
  2347   have th: "(real j rdvd real c * real x - Inum (real x # bs) e) =
  2348        (real j rdvd - (real c * real x - Inum (real x # bs) e))"
  2349     by (simp only: rdvd_minus[symmetric])
  2350   from 10 th show  ?case
  2351     by (simp add: algebra_simps
  2352       numbound0_I[where bs="bs" and b'="real x" and b="- real x"])
  2353 qed (auto simp add: numbound0_I[where bs="bs" and b="real x" and b'="- real x"])
  2354 
  2355 lemma mirror_l: "iszlfm p (a#bs) \<Longrightarrow> iszlfm (mirror p) (a#bs)"
  2356 by (induct p rule: mirror.induct, auto simp add: isint_neg)
  2357 
  2358 lemma mirror_d\<beta>: "iszlfm p (a#bs) \<and> d\<beta> p 1 
  2359   \<Longrightarrow> iszlfm (mirror p) (a#bs) \<and> d\<beta> (mirror p) 1"
  2360 by (induct p rule: mirror.induct, auto simp add: isint_neg)
  2361 
  2362 lemma mirror_\<delta>: "iszlfm p (a#bs) \<Longrightarrow> \<delta> (mirror p) = \<delta> p"
  2363 by (induct p rule: mirror.induct,auto)
  2364 
  2365 
  2366 lemma mirror_ex: 
  2367   assumes lp: "iszlfm p (real (i::int)#bs)"
  2368   shows "(\<exists> (x::int). Ifm (real x#bs) (mirror p)) = (\<exists> (x::int). Ifm (real x#bs) p)"
  2369   (is "(\<exists> x. ?I x ?mp) = (\<exists> x. ?I x p)")
  2370 proof(auto)
  2371   fix x assume "?I x ?mp" hence "?I (- x) p" using mirror[OF lp] by blast
  2372   thus "\<exists> x. ?I x p" by blast
  2373 next
  2374   fix x assume "?I x p" hence "?I (- x) ?mp" 
  2375     using mirror[OF lp, where x="- x", symmetric] by auto
  2376   thus "\<exists> x. ?I x ?mp" by blast
  2377 qed
  2378 
  2379 lemma \<beta>_numbound0: assumes lp: "iszlfm p bs"
  2380   shows "\<forall> b\<in> set (\<beta> p). numbound0 b"
  2381   using lp by (induct p rule: \<beta>.induct,auto)
  2382 
  2383 lemma d\<beta>_mono: 
  2384   assumes linp: "iszlfm p (a #bs)"
  2385   and dr: "d\<beta> p l"
  2386   and d: "l dvd l'"
  2387   shows "d\<beta> p l'"
  2388 using dr linp dvd_trans[of _ "l" "l'", simplified d]
  2389 by (induct p rule: iszlfm.induct) simp_all
  2390 
  2391 lemma \<alpha>_l: assumes lp: "iszlfm p (a#bs)"
  2392   shows "\<forall> b\<in> set (\<alpha> p). numbound0 b \<and> isint b (a#bs)"
  2393 using lp
  2394 by(induct p rule: \<alpha>.induct, auto simp add: isint_add isint_c)
  2395 
  2396 lemma \<zeta>: 
  2397   assumes linp: "iszlfm p (a #bs)"
  2398   shows "\<zeta> p > 0 \<and> d\<beta> p (\<zeta> p)"
  2399 using linp
  2400 proof(induct p rule: iszlfm.induct)
  2401   case (1 p q)
  2402   then  have dl1: "\<zeta> p dvd lcm (\<zeta> p) (\<zeta> q)" by simp
  2403   from 1 have dl2: "\<zeta> q dvd lcm (\<zeta> p) (\<zeta> q)" by simp
  2404   from 1 d\<beta>_mono[where p = "p" and l="\<zeta> p" and l'="lcm (\<zeta> p) (\<zeta> q)"] 
  2405     d\<beta>_mono[where p = "q" and l="\<zeta> q" and l'="lcm (\<zeta> p) (\<zeta> q)"] 
  2406     dl1 dl2 show ?case by (auto simp add: lcm_pos_int)
  2407 next
  2408   case (2 p q)
  2409   then have dl1: "\<zeta> p dvd lcm (\<zeta> p) (\<zeta> q)" by simp
  2410   from 2 have dl2: "\<zeta> q dvd lcm (\<zeta> p) (\<zeta> q)" by simp
  2411   from 2 d\<beta>_mono[where p = "p" and l="\<zeta> p" and l'="lcm (\<zeta> p) (\<zeta> q)"] 
  2412     d\<beta>_mono[where p = "q" and l="\<zeta> q" and l'="lcm (\<zeta> p) (\<zeta> q)"] 
  2413     dl1 dl2 show ?case by (auto simp add: lcm_pos_int)
  2414 qed (auto simp add: lcm_pos_int)
  2415 
  2416 lemma a\<beta>: assumes linp: "iszlfm p (a #bs)" and d: "d\<beta> p l" and lp: "l > 0"
  2417   shows "iszlfm (a\<beta> p l) (a #bs) \<and> d\<beta> (a\<beta> p l) 1 \<and> (Ifm (real (l * x) #bs) (a\<beta> p l) = Ifm ((real x)#bs) p)"
  2418 using linp d
  2419 proof (induct p rule: iszlfm.induct)
  2420   case (5 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2421     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2422     from cp have cnz: "c \<noteq> 0" by simp
  2423     have "c div c\<le> l div c"
  2424       by (simp add: zdiv_mono1[OF clel cp])
  2425     then have ldcp:"0 < l div c" 
  2426       by (simp add: zdiv_self[OF cnz])
  2427     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2428     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2429       by simp
  2430     hence "(real l * real x + real (l div c) * Inum (real x # bs) e < (0\<Colon>real)) =
  2431           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e < 0)"
  2432       by simp
  2433     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) < (real (l div c)) * 0)" by (simp add: algebra_simps)
  2434     also have "\<dots> = (real c * real x + Inum (real x # bs) e < 0)"
  2435     using mult_less_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2436   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] be  isint_Mul[OF ei] by simp
  2437 next
  2438   case (6 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2439     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2440     from cp have cnz: "c \<noteq> 0" by simp
  2441     have "c div c\<le> l div c"
  2442       by (simp add: zdiv_mono1[OF clel cp])
  2443     then have ldcp:"0 < l div c" 
  2444       by (simp add: zdiv_self[OF cnz])
  2445     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2446     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2447       by simp
  2448     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<le> (0\<Colon>real)) =
  2449           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<le> 0)"
  2450       by simp
  2451     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<le> (real (l div c)) * 0)" by (simp add: algebra_simps)
  2452     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<le> 0)"
  2453     using mult_le_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2454   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2455 next
  2456   case (7 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2457     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2458     from cp have cnz: "c \<noteq> 0" by simp
  2459     have "c div c\<le> l div c"
  2460       by (simp add: zdiv_mono1[OF clel cp])
  2461     then have ldcp:"0 < l div c" 
  2462       by (simp add: zdiv_self[OF cnz])
  2463     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2464     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2465       by simp
  2466     hence "(real l * real x + real (l div c) * Inum (real x # bs) e > (0\<Colon>real)) =
  2467           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e > 0)"
  2468       by simp
  2469     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) > (real (l div c)) * 0)" by (simp add: algebra_simps)
  2470     also have "\<dots> = (real c * real x + Inum (real x # bs) e > 0)"
  2471     using zero_less_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2472   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2473 next
  2474   case (8 c e) hence cp: "c>0" and be: "numbound0 e"  and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2475     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2476     from cp have cnz: "c \<noteq> 0" by simp
  2477     have "c div c\<le> l div c"
  2478       by (simp add: zdiv_mono1[OF clel cp])
  2479     then have ldcp:"0 < l div c" 
  2480       by (simp add: zdiv_self[OF cnz])
  2481     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2482     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2483       by simp
  2484     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<ge> (0\<Colon>real)) =
  2485           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<ge> 0)"
  2486       by simp
  2487     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<ge> (real (l div c)) * 0)" by (simp add: algebra_simps)
  2488     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<ge> 0)"
  2489     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2490   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2491 next
  2492   case (3 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2493     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2494     from cp have cnz: "c \<noteq> 0" by simp
  2495     have "c div c\<le> l div c"
  2496       by (simp add: zdiv_mono1[OF clel cp])
  2497     then have ldcp:"0 < l div c" 
  2498       by (simp add: zdiv_self[OF cnz])
  2499     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2500     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2501       by simp
  2502     hence "(real l * real x + real (l div c) * Inum (real x # bs) e = (0\<Colon>real)) =
  2503           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = 0)"
  2504       by simp
  2505     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) = (real (l div c)) * 0)" by (simp add: algebra_simps)
  2506     also have "\<dots> = (real c * real x + Inum (real x # bs) e = 0)"
  2507     using mult_eq_0_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2508   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2509 next
  2510   case (4 c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and d': "c dvd l" by simp+
  2511     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2512     from cp have cnz: "c \<noteq> 0" by simp
  2513     have "c div c\<le> l div c"
  2514       by (simp add: zdiv_mono1[OF clel cp])
  2515     then have ldcp:"0 < l div c" 
  2516       by (simp add: zdiv_self[OF cnz])
  2517     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2518     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2519       by simp
  2520     hence "(real l * real x + real (l div c) * Inum (real x # bs) e \<noteq> (0\<Colon>real)) =
  2521           (real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e \<noteq> 0)"
  2522       by simp
  2523     also have "\<dots> = (real (l div c) * (real c * real x + Inum (real x # bs) e) \<noteq> (real (l div c)) * 0)" by (simp add: algebra_simps)
  2524     also have "\<dots> = (real c * real x + Inum (real x # bs) e \<noteq> 0)"
  2525     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e"] ldcp by simp
  2526   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"]  be  isint_Mul[OF ei] by simp
  2527 next
  2528   case (9 j c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and jp: "j > 0" and d': "c dvd l" by simp+
  2529     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2530     from cp have cnz: "c \<noteq> 0" by simp
  2531     have "c div c\<le> l div c"
  2532       by (simp add: zdiv_mono1[OF clel cp])
  2533     then have ldcp:"0 < l div c" 
  2534       by (simp add: zdiv_self[OF cnz])
  2535     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2536     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2537       by simp
  2538     hence "(\<exists> (k::int). real l * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k) = (\<exists> (k::int). real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k)"  by simp
  2539     also have "\<dots> = (\<exists> (k::int). real (l div c) * (real c * real x + Inum (real x # bs) e - real j * real k) = real (l div c)*0)" by (simp add: algebra_simps)
  2540     also fix k have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e - real j * real k = 0)"
  2541     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e - real j * real k"] ldcp by simp
  2542   also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e = real j * real k)" by simp
  2543   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] rdvd_def  be  isint_Mul[OF ei] mult_strict_mono[OF ldcp jp ldcp ] by simp 
  2544 next
  2545   case (10 j c e) hence cp: "c>0" and be: "numbound0 e" and ei:"isint e (a#bs)" and jp: "j > 0" and d': "c dvd l" by simp+
  2546     from lp cp have clel: "c\<le>l" by (simp add: zdvd_imp_le [OF d' lp])
  2547     from cp have cnz: "c \<noteq> 0" by simp
  2548     have "c div c\<le> l div c"
  2549       by (simp add: zdiv_mono1[OF clel cp])
  2550     then have ldcp:"0 < l div c" 
  2551       by (simp add: zdiv_self[OF cnz])
  2552     have "c * (l div c) = c* (l div c) + l mod c" using d' dvd_eq_mod_eq_0[of "c" "l"] by simp
  2553     hence cl:"c * (l div c) =l" using zmod_zdiv_equality[where a="l" and b="c", symmetric] 
  2554       by simp
  2555     hence "(\<exists> (k::int). real l * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k) = (\<exists> (k::int). real (c * (l div c)) * real x + real (l div c) * Inum (real x # bs) e = (real (l div c) * real j) * real k)"  by simp
  2556     also have "\<dots> = (\<exists> (k::int). real (l div c) * (real c * real x + Inum (real x # bs) e - real j * real k) = real (l div c)*0)" by (simp add: algebra_simps)
  2557     also fix k have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e - real j * real k = 0)"
  2558     using zero_le_mult_iff [where a="real (l div c)" and b="real c * real x + Inum (real x # bs) e - real j * real k"] ldcp by simp
  2559   also have "\<dots> = (\<exists> (k::int). real c * real x + Inum (real x # bs) e = real j * real k)" by simp
  2560   finally show ?case using numbound0_I[OF be,where b="real (l * x)" and b'="real x" and bs="bs"] rdvd_def  be  isint_Mul[OF ei]  mult_strict_mono[OF ldcp jp ldcp ] by simp
  2561 qed (simp_all add: numbound0_I[where bs="bs" and b="real (l * x)" and b'="real x"] isint_Mul del: real_of_int_mult)
  2562 
  2563 lemma a\<beta>_ex: assumes linp: "iszlfm p (a#bs)" and d: "d\<beta> p l" and lp: "l>0"
  2564   shows "(\<exists> x. l dvd x \<and> Ifm (real x #bs) (a\<beta> p l)) = (\<exists> (x::int). Ifm (real x#bs) p)"
  2565   (is "(\<exists> x. l dvd x \<and> ?P x) = (\<exists> x. ?P' x)")
  2566 proof-
  2567   have "(\<exists> x. l dvd x \<and> ?P x) = (\<exists> (x::int). ?P (l*x))"
  2568     using unity_coeff_ex[where l="l" and P="?P", simplified] by simp
  2569   also have "\<dots> = (\<exists> (x::int). ?P' x)" using a\<beta>[OF linp d lp] by simp
  2570   finally show ?thesis  . 
  2571 qed
  2572 
  2573 lemma \<beta>:
  2574   assumes lp: "iszlfm p (a#bs)"
  2575   and u: "d\<beta> p 1"
  2576   and d: "d\<delta> p d"
  2577   and dp: "d > 0"
  2578   and nob: "\<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> (Inum (a#bs)) ` set(\<beta> p). real x = b + real j)"
  2579   and p: "Ifm (real x#bs) p" (is "?P x")
  2580   shows "?P (x - d)"
  2581 using lp u d dp nob p
  2582 proof(induct p rule: iszlfm.induct)
  2583   case (5 c e) hence c1: "c=1" and  bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp_all
  2584   with dp p c1 numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] 5
  2585   show ?case by (simp del: real_of_int_minus)
  2586 next
  2587   case (6 c e)  hence c1: "c=1" and  bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp_all
  2588   with dp p c1 numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] 6
  2589   show ?case by (simp del: real_of_int_minus)
  2590 next
  2591   case (7 c e) hence p: "Ifm (real x #bs) (Gt (CN 0 c e))" and c1: "c=1"
  2592     and bn:"numbound0 e" and ie1:"isint e (a#bs)" using dvd1_eq1[where x="c"] by simp_all
  2593   let ?e = "Inum (real x # bs) e"
  2594   from ie1 have ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="a#bs"]
  2595       numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]
  2596     by (simp add: isint_iff)
  2597     {assume "real (x-d) +?e > 0" hence ?case using c1 
  2598       numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"]
  2599         by (simp del: real_of_int_minus)}
  2600     moreover
  2601     {assume H: "\<not> real (x-d) + ?e > 0" 
  2602       let ?v="Neg e"
  2603       have vb: "?v \<in> set (\<beta> (Gt (CN 0 c e)))" by simp
  2604       from 7(5)[simplified simp_thms Inum.simps \<beta>.simps set.simps bex_simps numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]] 
  2605       have nob: "\<not> (\<exists> j\<in> {1 ..d}. real x =  - ?e + real j)" by auto 
  2606       from H p have "real x + ?e > 0 \<and> real x + ?e \<le> real d" by (simp add: c1)
  2607       hence "real (x + floor ?e) > real (0::int) \<and> real (x + floor ?e) \<le> real d"
  2608         using ie by simp
  2609       hence "x + floor ?e \<ge> 1 \<and> x + floor ?e \<le> d"  by simp
  2610       hence "\<exists> (j::int) \<in> {1 .. d}. j = x + floor ?e" by simp
  2611       hence "\<exists> (j::int) \<in> {1 .. d}. real x = real (- floor ?e + j)" 
  2612         by (simp only: real_of_int_inject) (simp add: algebra_simps)
  2613       hence "\<exists> (j::int) \<in> {1 .. d}. real x = - ?e + real j" 
  2614         by (simp add: ie[simplified isint_iff])
  2615       with nob have ?case by auto}
  2616     ultimately show ?case by blast
  2617 next
  2618   case (8 c e) hence p: "Ifm (real x #bs) (Ge (CN 0 c e))" and c1: "c=1" and bn:"numbound0 e" 
  2619     and ie1:"isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2620     let ?e = "Inum (real x # bs) e"
  2621     from ie1 have ie: "real (floor ?e) = ?e" using numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"] isint_iff[where n="e" and bs="(real x)#bs"]
  2622       by (simp add: isint_iff)
  2623     {assume "real (x-d) +?e \<ge> 0" hence ?case using  c1 
  2624       numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"]
  2625         by (simp del: real_of_int_minus)}
  2626     moreover
  2627     {assume H: "\<not> real (x-d) + ?e \<ge> 0" 
  2628       let ?v="Sub (C -1) e"
  2629       have vb: "?v \<in> set (\<beta> (Ge (CN 0 c e)))" by simp
  2630       from 8(5)[simplified simp_thms Inum.simps \<beta>.simps set.simps bex_simps numbound0_I[OF bn,where b="a" and b'="real x" and bs="bs"]] 
  2631       have nob: "\<not> (\<exists> j\<in> {1 ..d}. real x =  - ?e - 1 + real j)" by auto 
  2632       from H p have "real x + ?e \<ge> 0 \<and> real x + ?e < real d" by (simp add: c1)
  2633       hence "real (x + floor ?e) \<ge> real (0::int) \<and> real (x + floor ?e) < real d"
  2634         using ie by simp
  2635       hence "x + floor ?e +1 \<ge> 1 \<and> x + floor ?e + 1 \<le> d"  by simp
  2636       hence "\<exists> (j::int) \<in> {1 .. d}. j = x + floor ?e + 1" by simp
  2637       hence "\<exists> (j::int) \<in> {1 .. d}. x= - floor ?e - 1 + j" by (simp add: algebra_simps)
  2638       hence "\<exists> (j::int) \<in> {1 .. d}. real x= real (- floor ?e - 1 + j)" 
  2639         by (simp only: real_of_int_inject)
  2640       hence "\<exists> (j::int) \<in> {1 .. d}. real x= - ?e - 1 + real j" 
  2641         by (simp add: ie[simplified isint_iff])
  2642       with nob have ?case by simp }
  2643     ultimately show ?case by blast
  2644 next
  2645   case (3 c e) hence p: "Ifm (real x #bs) (Eq (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2646     and bn:"numbound0 e" and ie1: "isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2647     let ?e = "Inum (real x # bs) e"
  2648     let ?v="(Sub (C -1) e)"
  2649     have vb: "?v \<in> set (\<beta> (Eq (CN 0 c e)))" by simp
  2650     from p have "real x= - ?e" by (simp add: c1) with 3(5) show ?case using dp
  2651       by simp (erule ballE[where x="1"],
  2652         simp_all add:algebra_simps numbound0_I[OF bn,where b="real x"and b'="a"and bs="bs"])
  2653 next
  2654   case (4 c e)hence p: "Ifm (real x #bs) (NEq (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2655     and bn:"numbound0 e" and ie1: "isint e (a #bs)" using dvd1_eq1[where x="c"] by simp+
  2656     let ?e = "Inum (real x # bs) e"
  2657     let ?v="Neg e"
  2658     have vb: "?v \<in> set (\<beta> (NEq (CN 0 c e)))" by simp
  2659     {assume "real x - real d + Inum ((real (x -d)) # bs) e \<noteq> 0" 
  2660       hence ?case by (simp add: c1)}
  2661     moreover
  2662     {assume H: "real x - real d + Inum ((real (x -d)) # bs) e = 0"
  2663       hence "real x = - Inum ((real (x -d)) # bs) e + real d" by simp
  2664       hence "real x = - Inum (a # bs) e + real d"
  2665         by (simp add: numbound0_I[OF bn,where b="real x - real d"and b'="a"and bs="bs"])
  2666        with 4(5) have ?case using dp by simp}
  2667   ultimately show ?case by blast
  2668 next 
  2669   case (9 j c e) hence p: "Ifm (real x #bs) (Dvd j (CN 0 c e))" (is "?p x") and c1: "c=1" 
  2670     and bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2671   let ?e = "Inum (real x # bs) e"
  2672   from 9 have "isint e (a #bs)"  by simp 
  2673   hence ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="(real x)#bs"] numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"]
  2674     by (simp add: isint_iff)
  2675   from 9 have id: "j dvd d" by simp
  2676   from c1 ie[symmetric] have "?p x = (real j rdvd real (x+ floor ?e))" by simp
  2677   also have "\<dots> = (j dvd x + floor ?e)" 
  2678     using int_rdvd_real[where i="j" and x="real (x+ floor ?e)"] by simp
  2679   also have "\<dots> = (j dvd x - d + floor ?e)" 
  2680     using dvd_period[OF id, where x="x" and c="-1" and t="floor ?e"] by simp
  2681   also have "\<dots> = (real j rdvd real (x - d + floor ?e))" 
  2682     using int_rdvd_real[where i="j" and x="real (x-d + floor ?e)",symmetric, simplified]
  2683       ie by simp
  2684   also have "\<dots> = (real j rdvd real x - real d + ?e)" 
  2685     using ie by simp
  2686   finally show ?case 
  2687     using numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] c1 p by simp
  2688 next
  2689   case (10 j c e) hence p: "Ifm (real x #bs) (NDvd j (CN 0 c e))" (is "?p x") and c1: "c=1" and bn:"numbound0 e" using dvd1_eq1[where x="c"] by simp+
  2690   let ?e = "Inum (real x # bs) e"
  2691   from 10 have "isint e (a#bs)"  by simp 
  2692   hence ie: "real (floor ?e) = ?e" using numbound0_I[OF bn,where b="real x" and b'="a" and bs="bs"] isint_iff[where n="e" and bs="(real x)#bs"]
  2693     by (simp add: isint_iff)
  2694   from 10 have id: "j dvd d" by simp
  2695   from c1 ie[symmetric] have "?p x = (\<not> real j rdvd real (x+ floor ?e))" by simp
  2696   also have "\<dots> = (\<not> j dvd x + floor ?e)" 
  2697     using int_rdvd_real[where i="j" and x="real (x+ floor ?e)"] by simp
  2698   also have "\<dots> = (\<not> j dvd x - d + floor ?e)" 
  2699     using dvd_period[OF id, where x="x" and c="-1" and t="floor ?e"] by simp
  2700   also have "\<dots> = (\<not> real j rdvd real (x - d + floor ?e))" 
  2701     using int_rdvd_real[where i="j" and x="real (x-d + floor ?e)",symmetric, simplified]
  2702       ie by simp
  2703   also have "\<dots> = (\<not> real j rdvd real x - real d + ?e)" 
  2704     using ie by simp
  2705   finally show ?case
  2706     using numbound0_I[OF bn,where b="real (x-d)" and b'="real x" and bs="bs"] c1 p by simp
  2707 qed (auto simp add: numbound0_I[where bs="bs" and b="real (x - d)" and b'="real x"]
  2708   simp del: real_of_int_diff)
  2709 
  2710 lemma \<beta>':   
  2711   assumes lp: "iszlfm p (a #bs)"
  2712   and u: "d\<beta> p 1"
  2713   and d: "d\<delta> p d"
  2714   and dp: "d > 0"
  2715   shows "\<forall> x. \<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> set(\<beta> p). Ifm ((Inum (a#bs) b + real j) #bs) p) \<longrightarrow> Ifm (real x#bs) p \<longrightarrow> Ifm (real (x - d)#bs) p" (is "\<forall> x. ?b \<longrightarrow> ?P x \<longrightarrow> ?P (x - d)")
  2716 proof(clarify)
  2717   fix x 
  2718   assume nb:"?b" and px: "?P x" 
  2719   hence nb2: "\<not>(\<exists>(j::int) \<in> {1 .. d}. \<exists> b\<in> (Inum (a#bs)) ` set(\<beta> p). real x = b + real j)"
  2720     by auto
  2721   from  \<beta>[OF lp u d dp nb2 px] show "?P (x -d )" .
  2722 qed
  2723 
  2724 lemma \<beta>_int: assumes lp: "iszlfm p bs"
  2725   shows "\<forall> b\<in> set (\<beta> p). isint b bs"
  2726 using lp by (induct p rule: iszlfm.induct) (auto simp add: isint_neg isint_sub)
  2727 
  2728 lemma cpmi_eq: "0 < D \<Longrightarrow> (EX z::int. ALL x. x < z --> (P x = P1 x))
  2729 ==> ALL x.~(EX (j::int) : {1..D}. EX (b::int) : B. P(b+j)) --> P (x) --> P (x - D) 
  2730 ==> (ALL (x::int). ALL (k::int). ((P1 x)= (P1 (x-k*D))))
  2731 ==> (EX (x::int). P(x)) = ((EX (j::int) : {1..D} . (P1(j))) | (EX (j::int) : {1..D}. EX (b::int) : B. P (b+j)))"
  2732 apply(rule iffI)
  2733 prefer 2
  2734 apply(drule minusinfinity)
  2735 apply assumption+
  2736 apply(fastforce)
  2737 apply clarsimp
  2738 apply(subgoal_tac "!!k. 0<=k \<Longrightarrow> !x. P x \<longrightarrow> P (x - k*D)")
  2739 apply(frule_tac x = x and z=z in decr_lemma)
  2740 apply(subgoal_tac "P1(x - (\<bar>x - z\<bar> + 1) * D)")
  2741 prefer 2
  2742 apply(subgoal_tac "0 <= (\<bar>x - z\<bar> + 1)")
  2743 prefer 2 apply arith
  2744  apply fastforce
  2745 apply(drule (1)  periodic_finite_ex)
  2746 apply blast
  2747 apply(blast dest:decr_mult_lemma)
  2748 done
  2749 
  2750 
  2751 theorem cp_thm:
  2752   assumes lp: "iszlfm p (a #bs)"
  2753   and u: "d\<beta> p 1"
  2754   and d: "d\<delta> p d"
  2755   and dp: "d > 0"
  2756   shows "(\<exists> (x::int). Ifm (real x #bs) p) = (\<exists> j\<in> {1.. d}. Ifm (real j #bs) (minusinf p) \<or> (\<exists> b \<in> set (\<beta> p). Ifm ((Inum (a#bs) b + real j) #bs) p))"
  2757   (is "(\<exists> (x::int). ?P (real x)) = (\<exists> j\<in> ?D. ?M j \<or> (\<exists> b\<in> ?B. ?P (?I b + real j)))")
  2758 proof-
  2759   from minusinf_inf[OF lp] 
  2760   have th: "\<exists>(z::int). \<forall>x<z. ?P (real x) = ?M x" by blast
  2761   let ?B' = "{floor (?I b) | b. b\<in> ?B}"
  2762   from \<beta>_int[OF lp] isint_iff[where bs="a # bs"] have B: "\<forall> b\<in> ?B. real (floor (?I b)) = ?I b" by simp
  2763   from B[rule_format] 
  2764   have "(\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (?I b + real j)) = (\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (real (floor (?I b)) + real j))" 
  2765     by simp
  2766   also have "\<dots> = (\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (real (floor (?I b) + j)))" by simp
  2767   also have"\<dots> = (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j)))"  by blast
  2768   finally have BB': 
  2769     "(\<exists>j\<in>?D. \<exists>b\<in> ?B. ?P (?I b + real j)) = (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j)))" 
  2770     by blast 
  2771   hence th2: "\<forall> x. \<not> (\<exists> j \<in> ?D. \<exists> b \<in> ?B'. ?P (real (b + j))) \<longrightarrow> ?P (real x) \<longrightarrow> ?P (real (x - d))" using \<beta>'[OF lp u d dp] by blast
  2772   from minusinf_repeats[OF d lp]
  2773   have th3: "\<forall> x k. ?M x = ?M (x-k*d)" by simp
  2774   from cpmi_eq[OF dp th th2 th3] BB' show ?thesis by blast
  2775 qed
  2776 
  2777     (* Reddy and Loveland *)
  2778 
  2779 
  2780 consts 
  2781   \<rho> :: "fm \<Rightarrow> (num \<times> int) list" (* Compute the Reddy and Loveland Bset*)
  2782   \<sigma>\<rho>:: "fm \<Rightarrow> num \<times> int \<Rightarrow> fm" (* Performs the modified substitution of Reddy and Loveland*)
  2783   \<alpha>\<rho> :: "fm \<Rightarrow> (num\<times>int) list"
  2784   a\<rho> :: "fm \<Rightarrow> int \<Rightarrow> fm"
  2785 recdef \<rho> "measure size"
  2786   "\<rho> (And p q) = (\<rho> p @ \<rho> q)" 
  2787   "\<rho> (Or p q) = (\<rho> p @ \<rho> q)" 
  2788   "\<rho> (Eq  (CN 0 c e)) = [(Sub (C -1) e,c)]"
  2789   "\<rho> (NEq (CN 0 c e)) = [(Neg e,c)]"
  2790   "\<rho> (Lt  (CN 0 c e)) = []"
  2791   "\<rho> (Le  (CN 0 c e)) = []"
  2792   "\<rho> (Gt  (CN 0 c e)) = [(Neg e, c)]"
  2793   "\<rho> (Ge  (CN 0 c e)) = [(Sub (C (-1)) e, c)]"
  2794   "\<rho> p = []"
  2795 
  2796 recdef \<sigma>\<rho> "measure size"
  2797   "\<sigma>\<rho> (And p q) = (\<lambda> (t,k). And (\<sigma>\<rho> p (t,k)) (\<sigma>\<rho> q (t,k)))" 
  2798   "\<sigma>\<rho> (Or p q) = (\<lambda> (t,k). Or (\<sigma>\<rho> p (t,k)) (\<sigma>\<rho> q (t,k)))" 
  2799   "\<sigma>\<rho> (Eq  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Eq (Add (Mul (c div k) t) e)) 
  2800                                             else (Eq (Add (Mul c t) (Mul k e))))"
  2801   "\<sigma>\<rho> (NEq (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (NEq (Add (Mul (c div k) t) e)) 
  2802                                             else (NEq (Add (Mul c t) (Mul k e))))"
  2803   "\<sigma>\<rho> (Lt  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Lt (Add (Mul (c div k) t) e)) 
  2804                                             else (Lt (Add (Mul c t) (Mul k e))))"
  2805   "\<sigma>\<rho> (Le  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Le (Add (Mul (c div k) t) e)) 
  2806                                             else (Le (Add (Mul c t) (Mul k e))))"
  2807   "\<sigma>\<rho> (Gt  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Gt (Add (Mul (c div k) t) e)) 
  2808                                             else (Gt (Add (Mul c t) (Mul k e))))"
  2809   "\<sigma>\<rho> (Ge  (CN 0 c e)) = (\<lambda> (t,k). if k dvd c then (Ge (Add (Mul (c div k) t) e)) 
  2810                                             else (Ge (Add (Mul c t) (Mul k e))))"
  2811   "\<sigma>\<rho> (Dvd i (CN 0 c e)) =(\<lambda> (t,k). if k dvd c then (Dvd i (Add (Mul (c div k) t) e)) 
  2812                                             else (Dvd (i*k) (Add (Mul c t) (Mul k e))))"
  2813   "\<sigma>\<rho> (NDvd i (CN 0 c e))=(\<lambda> (t,k). if k dvd c then (NDvd i (Add (Mul (c div k) t) e)) 
  2814                                             else (NDvd (i*k) (Add (Mul c t) (Mul k e))))"
  2815   "\<sigma>\<rho> p = (\<lambda> (t,k). p)"
  2816 
  2817 recdef \<alpha>\<rho> "measure size"
  2818   "\<alpha>\<rho> (And p q) = (\<alpha>\<rho> p @ \<alpha>\<rho> q)" 
  2819   "\<alpha>\<rho> (Or p q) = (\<alpha>\<rho> p @ \<alpha>\<rho> q)" 
  2820   "\<alpha>\<rho> (Eq  (CN 0 c e)) = [(Add (C -1) e,c)]"
  2821   "\<alpha>\<rho> (NEq (CN 0 c e)) = [(e,c)]"
  2822   "\<alpha>\<rho> (Lt  (CN 0 c e)) = [(e,c)]"
  2823   "\<alpha>\<rho> (Le  (CN 0 c e)) = [(Add (C -1) e,c)]"
  2824   "\<alpha>\<rho> p = []"
  2825 
  2826     (* Simulates normal substituion by modifying the formula see correctness theorem *)
  2827 
  2828 definition \<sigma> :: "fm \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm" where
  2829   "\<sigma> p k t \<equiv> And (Dvd k t) (\<sigma>\<rho> p (t,k))"
  2830 
  2831 lemma \<sigma>\<rho>:
  2832   assumes linp: "iszlfm p (real (x::int)#bs)"
  2833   and kpos: "real k > 0"
  2834   and tnb: "numbound0 t"
  2835   and tint: "isint t (real x#bs)"
  2836   and kdt: "k dvd floor (Inum (b'#bs) t)"
  2837   shows "Ifm (real x#bs) (\<sigma>\<rho> p (t,k)) = 
  2838   (Ifm ((real ((floor (Inum (b'#bs) t)) div k))#bs) p)" 
  2839   (is "?I (real x) (?s p) = (?I (real ((floor (?N b' t)) div k)) p)" is "_ = (?I ?tk p)")
  2840 using linp kpos tnb
  2841 proof(induct p rule: \<sigma>\<rho>.induct)
  2842   case (3 c e) 
  2843   from 3 have cp: "c > 0" and nb: "numbound0 e" by auto
  2844   { assume kdc: "k dvd c" 
  2845     from kpos have knz: "k\<noteq>0" by simp
  2846     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2847     from kdc have ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2848       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2849       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2850   moreover 
  2851   { assume *: "\<not> k dvd c"
  2852     from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  2853     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t"
  2854       using isint_def by simp
  2855     from assms * have "?I (real x) (?s (Eq (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k = 0)"
  2856       using real_of_int_div[OF knz kdt]
  2857         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2858         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2859       by (simp add: ti algebra_simps)
  2860       also have "\<dots> = (?I ?tk (Eq (CN 0 c e)))"
  2861         using nonzero_eq_divide_eq[OF knz',
  2862             where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2863           real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2864           numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2865         by (simp add: ti)
  2866       finally have ?case . }
  2867     ultimately show ?case by blast 
  2868 next
  2869   case (4 c e)  
  2870   then have cp: "c > 0" and nb: "numbound0 e" by auto
  2871   { assume kdc: "k dvd c" 
  2872     from kpos have knz: "k\<noteq>0" by simp
  2873     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2874     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2875       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2876       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2877   moreover 
  2878   { assume *: "\<not> k dvd c"
  2879     from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  2880     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2881     from assms * have "?I (real x) (?s (NEq (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<noteq> 0)"
  2882       using real_of_int_div[OF knz kdt]
  2883         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2884         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2885       by (simp add: ti algebra_simps)
  2886     also have "\<dots> = (?I ?tk (NEq (CN 0 c e)))"
  2887       using nonzero_eq_divide_eq[OF knz',
  2888           where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2889         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2890         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2891       by (simp add: ti)
  2892     finally have ?case . }
  2893   ultimately show ?case by blast 
  2894 next
  2895   case (5 c e) 
  2896   then have cp: "c > 0" and nb: "numbound0 e" by auto
  2897   { assume kdc: "k dvd c" 
  2898     from kpos have knz: "k\<noteq>0" by simp
  2899     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2900     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2901       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2902       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2903   moreover 
  2904   { assume *: "\<not> k dvd c"
  2905     from kpos have knz: "k\<noteq>0" by simp
  2906     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2907     from assms * have "?I (real x) (?s (Lt (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k < 0)"
  2908       using real_of_int_div[OF knz kdt]
  2909         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2910         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2911       by (simp add: ti algebra_simps)
  2912     also have "\<dots> = (?I ?tk (Lt (CN 0 c e)))"
  2913       using pos_less_divide_eq[OF kpos,
  2914           where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2915         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2916         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2917       by (simp add: ti)
  2918     finally have ?case . }
  2919   ultimately show ?case by blast 
  2920 next
  2921   case (6 c e)  
  2922   then have cp: "c > 0" and nb: "numbound0 e" by auto
  2923   { assume kdc: "k dvd c" 
  2924     from kpos have knz: "k\<noteq>0" by simp
  2925     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2926     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2927       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2928       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2929   moreover 
  2930   { assume *: "\<not> k dvd c"
  2931     from kpos have knz: "k\<noteq>0" by simp
  2932     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2933     from assms * have "?I (real x) (?s (Le (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<le> 0)"
  2934       using real_of_int_div[OF knz kdt]
  2935         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2936         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2937       by (simp add: ti algebra_simps)
  2938     also have "\<dots> = (?I ?tk (Le (CN 0 c e)))"
  2939       using pos_le_divide_eq[OF kpos,
  2940           where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2941         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2942         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2943       by (simp add: ti)
  2944     finally have ?case . }
  2945   ultimately show ?case by blast 
  2946 next
  2947   case (7 c e) 
  2948   then have cp: "c > 0" and nb: "numbound0 e" by auto
  2949   { assume kdc: "k dvd c" 
  2950     from kpos have knz: "k\<noteq>0" by simp
  2951     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2952     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2953       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2954       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2955   moreover 
  2956   { assume *: "\<not> k dvd c"
  2957     from kpos have knz: "k\<noteq>0" by simp
  2958     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2959     from assms * have "?I (real x) (?s (Gt (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k > 0)"
  2960       using real_of_int_div[OF knz kdt]
  2961         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2962         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2963       by (simp add: ti algebra_simps)
  2964     also have "\<dots> = (?I ?tk (Gt (CN 0 c e)))"
  2965       using pos_divide_less_eq[OF kpos,
  2966           where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2967         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2968         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2969       by (simp add: ti)
  2970     finally have ?case . }
  2971   ultimately show ?case by blast 
  2972 next
  2973   case (8 c e)  
  2974   then have cp: "c > 0" and nb: "numbound0 e" by auto
  2975   { assume kdc: "k dvd c" 
  2976     from kpos have knz: "k\<noteq>0" by simp
  2977     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2978     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  2979       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2980       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  2981   moreover 
  2982   { assume *: "\<not> k dvd c"
  2983     from kpos have knz: "k\<noteq>0" by simp
  2984     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  2985     from assms * have "?I (real x) (?s (Ge (CN 0 c e))) = ((real c * (?N (real x) t / real k) + ?N (real x) e)* real k \<ge> 0)"
  2986       using real_of_int_div[OF knz kdt]
  2987         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2988         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2989       by (simp add: ti algebra_simps)
  2990     also have "\<dots> = (?I ?tk (Ge (CN 0 c e)))"
  2991       using pos_divide_le_eq[OF kpos,
  2992           where a="real c * (?N (real x) t / real k) + ?N (real x) e" and b="0", symmetric]
  2993         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  2994         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  2995       by (simp add: ti)
  2996     finally have ?case . }
  2997   ultimately show ?case by blast 
  2998 next
  2999   case (9 i c e)
  3000   then have cp: "c > 0" and nb: "numbound0 e" by auto
  3001   { assume kdc: "k dvd c" 
  3002     from kpos have knz: "k\<noteq>0" by simp
  3003     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3004     from kdc have ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3005       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3006       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3007   moreover 
  3008   { assume *: "\<not> k dvd c"
  3009     from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3010     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3011     from assms * have "?I (real x) (?s (Dvd i (CN 0 c e))) = (real i * real k rdvd (real c * (?N (real x) t / real k) + ?N (real x) e)* real k)"
  3012       using real_of_int_div[OF knz kdt]
  3013         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3014         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3015       by (simp add: ti algebra_simps)
  3016     also have "\<dots> = (?I ?tk (Dvd i (CN 0 c e)))"
  3017       using rdvd_mult[OF knz, where n="i"]
  3018         real_of_int_div[OF knz kdt] numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3019         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3020       by (simp add: ti)
  3021     finally have ?case . }
  3022   ultimately show ?case by blast 
  3023 next
  3024   case (10 i c e)
  3025   then have cp: "c > 0" and nb: "numbound0 e" by auto
  3026   { assume kdc: "k dvd c" 
  3027     from kpos have knz: "k\<noteq>0" by simp
  3028     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3029     from kdc have  ?case using real_of_int_div[OF knz kdc] real_of_int_div[OF knz kdt]
  3030       numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3031       numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"] by (simp add: ti) } 
  3032   moreover 
  3033   { assume *: "\<not> k dvd c"
  3034     from kpos have knz: "k\<noteq>0" by simp hence knz': "real k \<noteq> 0" by simp
  3035     from tint have ti: "real (floor (?N (real x) t)) = ?N (real x) t" using isint_def by simp
  3036     from assms * have "?I (real x) (?s (NDvd i (CN 0 c e))) = (\<not> (real i * real k rdvd (real c * (?N (real x) t / real k) + ?N (real x) e)* real k))"
  3037       using real_of_int_div[OF knz kdt]
  3038         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3039         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3040       by (simp add: ti algebra_simps)
  3041     also have "\<dots> = (?I ?tk (NDvd i (CN 0 c e)))"
  3042       using rdvd_mult[OF knz, where n="i"] real_of_int_div[OF knz kdt]
  3043         numbound0_I[OF tnb, where bs="bs" and b="b'" and b'="real x"]
  3044         numbound0_I[OF nb, where bs="bs" and b="?tk" and b'="real x"]
  3045       by (simp add: ti)
  3046     finally have ?case . }
  3047   ultimately show ?case by blast 
  3048 qed (simp_all add: bound0_I[where bs="bs" and b="real ((floor (?N b' t)) div k)" and b'="real x"]
  3049   numbound0_I[where bs="bs" and b="real ((floor (?N b' t)) div k)" and b'="real x"])
  3050 
  3051 
  3052 lemma \<sigma>\<rho>_nb: assumes lp:"iszlfm p (a#bs)" and nb: "numbound0 t"
  3053   shows "bound0 (\<sigma>\<rho> p (t,k))"
  3054   using lp
  3055   by (induct p rule: iszlfm.induct, auto simp add: nb)
  3056 
  3057 lemma \<rho>_l:
  3058   assumes lp: "iszlfm p (real (i::int)#bs)"
  3059   shows "\<forall> (b,k) \<in> set (\<rho> p). k >0 \<and> numbound0 b \<and> isint b (real i#bs)"
  3060 using lp by (induct p rule: \<rho>.induct, auto simp add: isint_sub isint_neg)
  3061 
  3062 lemma \<alpha>\<rho>_l:
  3063   assumes lp: "iszlfm p (real (i::int)#bs)"
  3064   shows "\<forall> (b,k) \<in> set (\<alpha>\<rho> p). k >0 \<and> numbound0 b \<and> isint b (real i#bs)"
  3065 using lp isint_add [OF isint_c[where j="- 1"],where bs="real i#bs"]
  3066  by (induct p rule: \<alpha>\<rho>.induct, auto)
  3067 
  3068 lemma \<rho>: assumes lp: "iszlfm p (real (i::int) #bs)"
  3069   and pi: "Ifm (real i#bs) p"
  3070   and d: "d\<delta> p d"
  3071   and dp: "d > 0"
  3072   and nob: "\<forall>(e,c) \<in> set (\<rho> p). \<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> Inum (real i#bs) e + real j"
  3073   (is "\<forall>(e,c) \<in> set (\<rho> p). \<forall> j\<in> {1 .. c*d}. _ \<noteq> ?N i e + _")
  3074   shows "Ifm (real(i - d)#bs) p"
  3075   using lp pi d nob
  3076 proof(induct p rule: iszlfm.induct)
  3077   case (3 c e) hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3078     and pi: "real (c*i) = - 1 -  ?N i e + real (1::int)" and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> -1 - ?N i e + real j"
  3079     by simp+
  3080   from mult_strict_left_mono[OF dp cp]  have one:"1 \<in> {1 .. c*d}" by auto
  3081   from nob[rule_format, where j="1", OF one] pi show ?case by simp
  3082 next
  3083   case (4 c e)  
  3084   hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3085     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - ?N i e + real j"
  3086     by simp+
  3087   {assume "real (c*i) \<noteq> - ?N i e + real (c*d)"
  3088     with numbound0_I[OF nb, where bs="bs" and b="real i - real d" and b'="real i"]
  3089     have ?case by (simp add: algebra_simps)}
  3090   moreover
  3091   {assume pi: "real (c*i) = - ?N i e + real (c*d)"
  3092     from mult_strict_left_mono[OF dp cp] have d: "(c*d) \<in> {1 .. c*d}" by simp
  3093     from nob[rule_format, where j="c*d", OF d] pi have ?case by simp }
  3094   ultimately show ?case by blast
  3095 next
  3096   case (5 c e) hence cp: "c > 0" by simp
  3097   from 5 mult_strict_left_mono[OF dp cp, simplified real_of_int_less_iff[symmetric] 
  3098     real_of_int_mult]
  3099   show ?case using 5 dp 
  3100     by (simp add: add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"] 
  3101       algebra_simps)
  3102 next
  3103   case (6 c e) hence cp: "c > 0" by simp
  3104   from 6 mult_strict_left_mono[OF dp cp, simplified real_of_int_less_iff[symmetric] 
  3105     real_of_int_mult]
  3106   show ?case using 6 dp 
  3107     by (simp add: add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"] 
  3108       algebra_simps)
  3109 next
  3110   case (7 c e) hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3111     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - ?N i e + real j"
  3112     and pi: "real (c*i) + ?N i e > 0" and cp': "real c >0"
  3113     by simp+
  3114   let ?fe = "floor (?N i e)"
  3115   from pi cp have th:"(real i +?N i e / real c)*real c > 0" by (simp add: algebra_simps)
  3116   from pi ei[simplified isint_iff] have "real (c*i + ?fe) > real (0::int)" by simp
  3117   hence pi': "c*i + ?fe > 0" by (simp only: real_of_int_less_iff[symmetric])
  3118   have "real (c*i) + ?N i e > real (c*d) \<or> real (c*i) + ?N i e \<le> real (c*d)" by auto
  3119   moreover
  3120   {assume "real (c*i) + ?N i e > real (c*d)" hence ?case
  3121       by (simp add: algebra_simps 
  3122         numbound0_I[OF nb,where bs="bs" and b="real i - real d" and b'="real i"])} 
  3123   moreover 
  3124   {assume H:"real (c*i) + ?N i e \<le> real (c*d)"
  3125     with ei[simplified isint_iff] have "real (c*i + ?fe) \<le> real (c*d)" by simp
  3126     hence pid: "c*i + ?fe \<le> c*d" by (simp only: real_of_int_le_iff)
  3127     with pi' have "\<exists> j1\<in> {1 .. c*d}. c*i + ?fe = j1" by auto
  3128     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = - ?N i e + real j1" 
  3129       by (simp only: diff_minus[symmetric] real_of_int_mult real_of_int_add real_of_int_inject[symmetric] ei[simplified isint_iff] algebra_simps)
  3130     with nob  have ?case by blast }
  3131   ultimately show ?case by blast
  3132 next
  3133   case (8 c e)  hence cp: "c >0" and nb: "numbound0 e" and ei: "isint e (real i#bs)"
  3134     and nob: "\<forall> j\<in> {1 .. c*d}. real (c*i) \<noteq> - 1 - ?N i e + real j"
  3135     and pi: "real (c*i) + ?N i e \<ge> 0" and cp': "real c >0"
  3136     by simp+
  3137   let ?fe = "floor (?N i e)"
  3138   from pi cp have th:"(real i +?N i e / real c)*real c \<ge> 0" by (simp add: algebra_simps)
  3139   from pi ei[simplified isint_iff] have "real (c*i + ?fe) \<ge> real (0::int)" by simp
  3140   hence pi': "c*i + 1 + ?fe \<ge> 1" by (simp only: real_of_int_le_iff[symmetric])
  3141   have "real (c*i) + ?N i e \<ge> real (c*d) \<or> real (c*i) + ?N i e < real (c*d)" by auto
  3142   moreover
  3143   {assume "real (c*i) + ?N i e \<ge> real (c*d)" hence ?case
  3144       by (simp add: algebra_simps 
  3145         numbound0_I[OF nb,where bs="bs" and b="real i - real d" and b'="real i"])} 
  3146   moreover 
  3147   {assume H:"real (c*i) + ?N i e < real (c*d)"
  3148     with ei[simplified isint_iff] have "real (c*i + ?fe) < real (c*d)" by simp
  3149     hence pid: "c*i + 1 + ?fe \<le> c*d" by (simp only: real_of_int_le_iff)
  3150     with pi' have "\<exists> j1\<in> {1 .. c*d}. c*i + 1+ ?fe = j1" by auto
  3151     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) + 1= - ?N i e + real j1"
  3152       by (simp only: diff_minus[symmetric] real_of_int_mult real_of_int_add real_of_int_inject[symmetric] ei[simplified isint_iff] algebra_simps real_of_one) 
  3153     hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = (- ?N i e + real j1) - 1"
  3154       by (simp only: algebra_simps diff_minus[symmetric])
  3155         hence "\<exists> j1\<in> {1 .. c*d}. real (c*i) = - 1 - ?N i e + real j1"
  3156           by (simp only: add_ac diff_minus)
  3157     with nob  have ?case by blast }
  3158   ultimately show ?case by blast
  3159 next
  3160   case (9 j c e)  hence p: "real j rdvd real (c*i) + ?N i e" (is "?p x") and cp: "c > 0" and bn:"numbound0 e"  by simp+
  3161   let ?e = "Inum (real i # bs) e"
  3162   from 9 have "isint e (real i #bs)"  by simp 
  3163   hence ie: "real (floor ?e) = ?e" using isint_iff[where n="e" and bs="(real i)#bs"] numbound0_I[OF bn,where b="real i" and b'="real i" and bs="bs"]
  3164     by (simp add: isint_iff)
  3165   from 9 have id: "j dvd d" by simp
  3166   from ie[symmetric] have "?p i = (real j rdvd real (c*i+ floor ?e))" by simp
  3167   also have "\<dots> = (j dvd c*i + floor ?e)" 
  3168     using int_rdvd_iff [where i="j" and t="c*i+ floor ?e"] by simp
  3169   also have "\<dots> = (j dvd c*i - c*d + floor ?e)" 
  3170     using dvd_period[OF id, where x="c*i" and c="-c" and t="floor ?e"] by simp
  3171   also have "\<dots> = (real j rdvd real (c*i - c*d + floor ?e))" 
  3172     using int_rdvd_iff[where i="j" and t="(c*i - c*d + floor ?e)",symmetric, simplified]
  3173       ie by simp
  3174   also have "\<dots> = (real j rdvd real (c*(i - d)) + ?e)" 
  3175     using ie by (simp add:algebra_simps)
  3176   finally show ?case 
  3177     using numbound0_I[OF bn,where b="real i - real d" and b'="real i" and bs="bs"] p 
  3178     by (simp add: algebra_simps)
  3179 next
  3180   case (10 j c e)
  3181   hence p: "\<not> (real j rdvd real (c*i) + ?N i e)" (is "?p x") and cp: "c > 0" and bn:"numbound0 e"
  3182     by simp+
  3183   let ?e = "Inum (real i # bs) e"
  3184   from 10 have "isint e (real i #bs)"  by simp 
  3185   hence ie: "real (floor ?e) = ?e"
  3186     using isint_iff[where n="e" and bs="(real i)#bs"] numbound0_I[OF bn,where b="real i" and b'="real i" and bs="bs"]
  3187     by (simp add: isint_iff)
  3188   from 10 have id: "j dvd d" by simp
  3189   from ie[symmetric] have "?p i = (\<not> (real j rdvd real (c*i+ floor ?e)))" by simp
  3190   also have "\<dots> = Not (j dvd c*i + floor ?e)" 
  3191     using int_rdvd_iff [where i="j" and t="c*i+ floor ?e"] by simp
  3192   also have "\<dots> = Not (j dvd c*i - c*d + floor ?e)" 
  3193     using dvd_period[OF id, where x="c*i" and c="-c" and t="floor ?e"] by simp
  3194   also have "\<dots> = Not (real j rdvd real (c*i - c*d + floor ?e))" 
  3195     using int_rdvd_iff[where i="j" and t="(c*i - c*d + floor ?e)",symmetric, simplified]
  3196       ie by simp
  3197   also have "\<dots> = Not (real j rdvd real (c*(i - d)) + ?e)" 
  3198     using ie by (simp add:algebra_simps)
  3199   finally show ?case 
  3200     using numbound0_I[OF bn,where b="real i - real d" and b'="real i" and bs="bs"] p 
  3201     by (simp add: algebra_simps)
  3202 qed (auto simp add: numbound0_I[where bs="bs" and b="real i - real d" and b'="real i"])
  3203 
  3204 lemma \<sigma>_nb: assumes lp: "iszlfm p (a#bs)" and nb: "numbound0 t"
  3205   shows "bound0 (\<sigma> p k t)"
  3206   using \<sigma>\<rho>_nb[OF lp nb] nb by (simp add: \<sigma>_def)
  3207   
  3208 lemma \<rho>':   assumes lp: "iszlfm p (a #bs)"
  3209   and d: "d\<delta> p d"
  3210   and dp: "d > 0"
  3211   shows "\<forall> x. \<not>(\<exists> (e,c) \<in> set(\<rho> p). \<exists>(j::int) \<in> {1 .. c*d}. Ifm (a #bs) (\<sigma> p c (Add e (C j)))) \<longrightarrow> Ifm (real x#bs) p \<longrightarrow> Ifm (real (x - d)#bs) p" (is "\<forall> x. ?b x \<longrightarrow> ?P x \<longrightarrow> ?P (x - d)")
  3212 proof(clarify)
  3213   fix x 
  3214   assume nob1:"?b x" and px: "?P x" 
  3215   from iszlfm_gen[OF lp, rule_format, where y="real x"] have lp': "iszlfm p (real x#bs)".
  3216   have nob: "\<forall>(e, c)\<in>set (\<rho> p). \<forall>j\<in>{1..c * d}. real (c * x) \<noteq> Inum (real x # bs) e + real j" 
  3217   proof(clarify)
  3218     fix e c j assume ecR: "(e,c) \<in> set (\<rho> p)" and jD: "j\<in> {1 .. c*d}"
  3219       and cx: "real (c*x) = Inum (real x#bs) e + real j"
  3220     let ?e = "Inum (real x#bs) e"
  3221     let ?fe = "floor ?e"
  3222     from \<rho>_l[OF lp'] ecR have ei:"isint e (real x#bs)" and cp:"c>0" and nb:"numbound0 e"
  3223       by auto
  3224     from numbound0_gen [OF nb ei, rule_format,where y="a"] have "isint e (a#bs)" .
  3225     from cx ei[simplified isint_iff] have "real (c*x) = real (?fe + j)" by simp
  3226     hence cx: "c*x = ?fe + j" by (simp only: real_of_int_inject)
  3227     hence cdej:"c dvd ?fe + j" by (simp add: dvd_def) (rule_tac x="x" in exI, simp)
  3228     hence "real c rdvd real (?fe + j)" by (simp only: int_rdvd_iff)
  3229     hence rcdej: "real c rdvd ?e + real j" by (simp add: ei[simplified isint_iff])
  3230     from cx have "(c*x) div c = (?fe + j) div c" by simp
  3231     with cp have "x = (?fe + j) div c" by simp
  3232     with px have th: "?P ((?fe + j) div c)" by auto
  3233     from cp have cp': "real c > 0" by simp
  3234     from cdej have cdej': "c dvd floor (Inum (real x#bs) (Add e (C j)))" by simp
  3235     from nb have nb': "numbound0 (Add e (C j))" by simp
  3236     have ji: "isint (C j) (real x#bs)" by (simp add: isint_def)
  3237     from isint_add[OF ei ji] have ei':"isint (Add e (C j)) (real x#bs)" .
  3238     from th \<sigma>\<rho>[where b'="real x", OF lp' cp' nb' ei' cdej',symmetric]
  3239     have "Ifm (real x#bs) (\<sigma>\<rho> p (Add e (C j), c))" by simp
  3240     with rcdej have th: "Ifm (real x#bs) (\<sigma> p c (Add e (C j)))" by (simp add: \<sigma>_def)
  3241     from th bound0_I[OF \<sigma>_nb[OF lp nb', where k="c"],where bs="bs" and b="real x" and b'="a"]
  3242     have "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" by blast
  3243       with ecR jD nob1    show "False" by blast
  3244   qed
  3245   from \<rho>[OF lp' px d dp nob] show "?P (x -d )" . 
  3246 qed
  3247 
  3248 
  3249 lemma rl_thm: 
  3250   assumes lp: "iszlfm p (real (i::int)#bs)"
  3251   shows "(\<exists> (x::int). Ifm (real x#bs) p) = ((\<exists> j\<in> {1 .. \<delta> p}. Ifm (real j#bs) (minusinf p)) \<or> (\<exists> (e,c) \<in> set (\<rho> p). \<exists> j\<in> {1 .. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j)))))"
  3252   (is "(\<exists>(x::int). ?P x) = ((\<exists> j\<in> {1.. \<delta> p}. ?MP j)\<or>(\<exists> (e,c) \<in> ?R. \<exists> j\<in> _. ?SP c e j))" 
  3253     is "?lhs = (?MD \<or> ?RD)"  is "?lhs = ?rhs")
  3254 proof-
  3255   let ?d= "\<delta> p"
  3256   from \<delta>[OF lp] have d:"d\<delta> p ?d" and dp: "?d > 0" by auto
  3257   { assume H:"?MD" hence th:"\<exists> (x::int). ?MP x" by blast
  3258     from H minusinf_ex[OF lp th] have ?thesis  by blast}
  3259   moreover
  3260   { fix e c j assume exR:"(e,c) \<in> ?R" and jD:"j\<in> {1 .. c*?d}" and spx:"?SP c e j"
  3261     from exR \<rho>_l[OF lp] have nb: "numbound0 e" and ei:"isint e (real i#bs)" and cp: "c > 0"
  3262       by auto
  3263     have "isint (C j) (real i#bs)" by (simp add: isint_iff)
  3264     with isint_add[OF numbound0_gen[OF nb ei,rule_format, where y="real i"]]
  3265     have eji:"isint (Add e (C j)) (real i#bs)" by simp
  3266     from nb have nb': "numbound0 (Add e (C j))" by simp
  3267     from spx bound0_I[OF \<sigma>_nb[OF lp nb', where k="c"], where bs="bs" and b="a" and b'="real i"]
  3268     have spx': "Ifm (real i # bs) (\<sigma> p c (Add e (C j)))" by blast
  3269     from spx' have rcdej:"real c rdvd (Inum (real i#bs) (Add e (C j)))" 
  3270       and sr:"Ifm (real i#bs) (\<sigma>\<rho> p (Add e (C j),c))" by (simp add: \<sigma>_def)+
  3271     from rcdej eji[simplified isint_iff] 
  3272     have "real c rdvd real (floor (Inum (real i#bs) (Add e (C j))))" by simp
  3273     hence cdej:"c dvd floor (Inum (real i#bs) (Add e (C j)))" by (simp only: int_rdvd_iff)
  3274     from cp have cp': "real c > 0" by simp
  3275     from \<sigma>\<rho>[OF lp cp' nb' eji cdej] spx' have "?P (\<lfloor>Inum (real i # bs) (Add e (C j))\<rfloor> div c)"
  3276       by (simp add: \<sigma>_def)
  3277     hence ?lhs by blast
  3278     with exR jD spx have ?thesis by blast}
  3279   moreover
  3280   { fix x assume px: "?P x" and nob: "\<not> ?RD"
  3281     from iszlfm_gen [OF lp,rule_format, where y="a"] have lp':"iszlfm p (a#bs)" .
  3282     from \<rho>'[OF lp' d dp, rule_format, OF nob] have th:"\<forall> x. ?P x \<longrightarrow> ?P (x - ?d)" by blast
  3283     from minusinf_inf[OF lp] obtain z where z:"\<forall> x<z. ?MP x = ?P x" by blast
  3284     have zp: "abs (x - z) + 1 \<ge> 0" by arith
  3285     from decr_lemma[OF dp,where x="x" and z="z"] 
  3286       decr_mult_lemma[OF dp th zp, rule_format, OF px] z have th:"\<exists> x. ?MP x" by auto
  3287     with minusinf_bex[OF lp] px nob have ?thesis by blast}
  3288   ultimately show ?thesis by blast
  3289 qed
  3290 
  3291 lemma mirror_\<alpha>\<rho>:   assumes lp: "iszlfm p (a#bs)"
  3292   shows "(\<lambda> (t,k). (Inum (a#bs) t, k)) ` set (\<alpha>\<rho> p) = (\<lambda> (t,k). (Inum (a#bs) t,k)) ` set (\<rho> (mirror p))"
  3293 using lp
  3294 by (induct p rule: mirror.induct, simp_all add: split_def image_Un )
  3295   
  3296 text {* The @{text "\<real>"} part*}
  3297 
  3298 text{* Linearity for fm where Bound 0 ranges over @{text "\<real>"}*}
  3299 consts
  3300   isrlfm :: "fm \<Rightarrow> bool"   (* Linearity test for fm *)
  3301 recdef isrlfm "measure size"
  3302   "isrlfm (And p q) = (isrlfm p \<and> isrlfm q)" 
  3303   "isrlfm (Or p q) = (isrlfm p \<and> isrlfm q)" 
  3304   "isrlfm (Eq  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3305   "isrlfm (NEq (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3306   "isrlfm (Lt  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3307   "isrlfm (Le  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3308   "isrlfm (Gt  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3309   "isrlfm (Ge  (CN 0 c e)) = (c>0 \<and> numbound0 e)"
  3310   "isrlfm p = (isatom p \<and> (bound0 p))"
  3311 
  3312 definition fp :: "fm \<Rightarrow> int \<Rightarrow> num \<Rightarrow> int \<Rightarrow> fm" where
  3313   "fp p n s j \<equiv> (if n > 0 then 
  3314             (And p (And (Ge (CN 0 n (Sub s (Add (Floor s) (C j)))))
  3315                         (Lt (CN 0 n (Sub s (Add (Floor s) (C (j+1))))))))
  3316             else 
  3317             (And p (And (Le (CN 0 (-n) (Add (Neg s) (Add (Floor s) (C j))))) 
  3318                         (Gt (CN 0 (-n) (Add (Neg s) (Add (Floor s) (C (j + 1)))))))))"
  3319 
  3320   (* splits the bounded from the unbounded part*)
  3321 function (sequential) rsplit0 :: "num \<Rightarrow> (fm \<times> int \<times> num) list" where
  3322   "rsplit0 (Bound 0) = [(T,1,C 0)]"
  3323 | "rsplit0 (Add a b) = (let acs = rsplit0 a ; bcs = rsplit0 b 
  3324               in map (\<lambda> ((p,n,t),(q,m,s)). (And p q, n+m, Add t s)) [(a,b). a\<leftarrow>acs,b\<leftarrow>bcs])"
  3325 | "rsplit0 (Sub a b) = rsplit0 (Add a (Neg b))"
  3326 | "rsplit0 (Neg a) = map (\<lambda> (p,n,s). (p,-n,Neg s)) (rsplit0 a)"
  3327 | "rsplit0 (Floor a) = concat (map 
  3328       (\<lambda> (p,n,s). if n=0 then [(p,0,Floor s)]
  3329           else (map (\<lambda> j. (fp p n s j, 0, Add (Floor s) (C j))) (if n > 0 then [0 .. n] else [n .. 0])))
  3330        (rsplit0 a))"
  3331 | "rsplit0 (CN 0 c a) = map (\<lambda> (p,n,s). (p,n+c,s)) (rsplit0 a)"
  3332 | "rsplit0 (CN m c a) = map (\<lambda> (p,n,s). (p,n,CN m c s)) (rsplit0 a)"
  3333 | "rsplit0 (CF c t s) = rsplit0 (Add (Mul c (Floor t)) s)"
  3334 | "rsplit0 (Mul c a) = map (\<lambda> (p,n,s). (p,c*n,Mul c s)) (rsplit0 a)"
  3335 | "rsplit0 t = [(T,0,t)]"
  3336 by pat_completeness auto
  3337 termination by (relation "measure num_size") auto
  3338 
  3339 lemma conj_rl[simp]: "isrlfm p \<Longrightarrow> isrlfm q \<Longrightarrow> isrlfm (conj p q)"
  3340   using conj_def by (cases p, auto)
  3341 lemma disj_rl[simp]: "isrlfm p \<Longrightarrow> isrlfm q \<Longrightarrow> isrlfm (disj p q)"
  3342   using disj_def by (cases p, auto)
  3343 
  3344 
  3345 lemma rsplit0_cs:
  3346   shows "\<forall> (p,n,s) \<in> set (rsplit0 t). 
  3347   (Ifm (x#bs) p \<longrightarrow>  (Inum (x#bs) t = Inum (x#bs) (CN 0 n s))) \<and> numbound0 s \<and> isrlfm p" 
  3348   (is "\<forall> (p,n,s) \<in> ?SS t. (?I p \<longrightarrow> ?N t = ?N (CN 0 n s)) \<and> _ \<and> _ ")
  3349 proof(induct t rule: rsplit0.induct)
  3350   case (5 a) 
  3351   let ?p = "\<lambda> (p,n,s) j. fp p n s j"
  3352   let ?f = "(\<lambda> (p,n,s) j. (?p (p,n,s) j, (0::int),Add (Floor s) (C j)))"
  3353   let ?J = "\<lambda> n. if n>0 then [0..n] else [n..0]"
  3354   let ?ff=" (\<lambda> (p,n,s). if n= 0 then [(p,0,Floor s)] else map (?f (p,n,s)) (?J n))"
  3355   have int_cases: "\<forall> (i::int). i= 0 \<or> i < 0 \<or> i > 0" by arith
  3356   have U1: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3357     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)]))" by auto
  3358   have U2': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0}. 
  3359     ?ff (p,n,s) = map (?f(p,n,s)) [0..n]" by auto
  3360   hence U2: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3361     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). 
  3362     set (map (?f(p,n,s)) [0..n])))"
  3363   proof-
  3364     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3365     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3366     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3367       by (auto simp add: split_def)
  3368   qed
  3369   have U3': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0}. ?ff (p,n,s) = map (?f(p,n,s)) [n..0]"
  3370     by auto
  3371   hence U3: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = 
  3372     (UNION {(p,n,s). (p,n,s)\<in> ?SS a\<and>n<0} (\<lambda>(p,n,s). set (map (?f(p,n,s)) [n..0])))"
  3373       proof-
  3374     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3375     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3376     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3377       by (auto simp add: split_def)
  3378   qed
  3379   have "?SS (Floor a) = UNION (?SS a) (\<lambda>x. set (?ff x))"
  3380     by auto
  3381   also have "\<dots> = UNION (?SS a) (\<lambda> (p,n,s). set (?ff (p,n,s)))" by blast
  3382   also have "\<dots> = 
  3383     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3384     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3385     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))))" 
  3386     using int_cases[rule_format] by blast
  3387   also have "\<dots> =  
  3388     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)])) Un 
  3389    (UNION {(p,n,s). (p,n,s)\<in> ?SS a\<and>n>0} (\<lambda>(p,n,s). set(map(?f(p,n,s)) [0..n]))) Un 
  3390    (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). 
  3391     set (map (?f(p,n,s)) [n..0]))))" by (simp only: U1 U2 U3)
  3392   also have "\<dots> =  
  3393     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3394     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {0 .. n})) Un 
  3395     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {n .. 0})))"
  3396     by (simp only: set_map set_upto set.simps)
  3397   also have "\<dots> =   
  3398     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3399     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3400     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))" by blast
  3401   finally 
  3402   have FS: "?SS (Floor a) =   
  3403     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3404     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3405     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))"    by blast
  3406   show ?case
  3407   proof(simp only: FS, clarsimp simp del: Ifm.simps Inum.simps, -)
  3408     fix p n s
  3409     let ?ths = "(?I p \<longrightarrow> (?N (Floor a) = ?N (CN 0 n s))) \<and> numbound0 s \<and> isrlfm p"
  3410     assume "(\<exists>ba. (p, 0, ba) \<in> set (rsplit0 a) \<and> n = 0 \<and> s = Floor ba) \<or>
  3411        (\<exists>ab ac ba.
  3412            (ab, ac, ba) \<in> set (rsplit0 a) \<and>
  3413            0 < ac \<and>
  3414            (\<exists>j. p = fp ab ac ba j \<and>
  3415                 n = 0 \<and> s = Add (Floor ba) (C j) \<and> 0 \<le> j \<and> j \<le> ac)) \<or>
  3416        (\<exists>ab ac ba.
  3417            (ab, ac, ba) \<in> set (rsplit0 a) \<and>
  3418            ac < 0 \<and>
  3419            (\<exists>j. p = fp ab ac ba j \<and>
  3420                 n = 0 \<and> s = Add (Floor ba) (C j) \<and> ac \<le> j \<and> j \<le> 0))"
  3421     moreover 
  3422     { fix s'
  3423       assume "(p, 0, s') \<in> ?SS a" and "n = 0" and "s = Floor s'"
  3424       hence ?ths using 5(1) by auto }
  3425     moreover
  3426     { fix p' n' s' j
  3427       assume pns: "(p', n', s') \<in> ?SS a" 
  3428         and np: "0 < n'" 
  3429         and p_def: "p = ?p (p',n',s') j" 
  3430         and n0: "n = 0" 
  3431         and s_def: "s = (Add (Floor s') (C j))" 
  3432         and jp: "0 \<le> j" and jn: "j \<le> n'"
  3433       from 5 pns have H:"(Ifm ((x\<Colon>real) # (bs\<Colon>real list)) p' \<longrightarrow>
  3434           Inum (x # bs) a = Inum (x # bs) (CN 0 n' s')) \<and>
  3435           numbound0 s' \<and> isrlfm p'" by blast
  3436       hence nb: "numbound0 s'" by simp
  3437       from H have nf: "isrlfm (?p (p',n',s') j)" using fp_def np by (simp add: numsub_nb)
  3438       let ?nxs = "CN 0 n' s'"
  3439       let ?l = "floor (?N s') + j"
  3440       from H 
  3441       have "?I (?p (p',n',s') j) \<longrightarrow> 
  3442           (((?N ?nxs \<ge> real ?l) \<and> (?N ?nxs < real (?l + 1))) \<and> (?N a = ?N ?nxs ))" 
  3443         by (simp add: fp_def np algebra_simps numsub numadd numfloor)
  3444       also have "\<dots> \<longrightarrow> ((floor (?N ?nxs) = ?l) \<and> (?N a = ?N ?nxs ))"
  3445         using floor_int_eq[where x="?N ?nxs" and n="?l"] by simp
  3446       moreover
  3447       have "\<dots> \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))" by simp
  3448       ultimately have "?I (?p (p',n',s') j) \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"
  3449         by blast
  3450       with s_def n0 p_def nb nf have ?ths by auto}
  3451     moreover
  3452     { fix p' n' s' j
  3453       assume pns: "(p', n', s') \<in> ?SS a" 
  3454         and np: "n' < 0" 
  3455         and p_def: "p = ?p (p',n',s') j" 
  3456         and n0: "n = 0" 
  3457         and s_def: "s = (Add (Floor s') (C j))" 
  3458         and jp: "n' \<le> j" and jn: "j \<le> 0"
  3459       from 5 pns have H:"(Ifm ((x\<Colon>real) # (bs\<Colon>real list)) p' \<longrightarrow>
  3460           Inum (x # bs) a = Inum (x # bs) (CN 0 n' s')) \<and>
  3461           numbound0 s' \<and> isrlfm p'" by blast
  3462       hence nb: "numbound0 s'" by simp
  3463       from H have nf: "isrlfm (?p (p',n',s') j)" using fp_def np by (simp add: numneg_nb)
  3464       let ?nxs = "CN 0 n' s'"
  3465       let ?l = "floor (?N s') + j"
  3466       from H 
  3467       have "?I (?p (p',n',s') j) \<longrightarrow> 
  3468           (((?N ?nxs \<ge> real ?l) \<and> (?N ?nxs < real (?l + 1))) \<and> (?N a = ?N ?nxs ))" 
  3469         by (simp add: np fp_def algebra_simps numneg numfloor numadd numsub)
  3470       also have "\<dots> \<longrightarrow> ((floor (?N ?nxs) = ?l) \<and> (?N a = ?N ?nxs ))"
  3471         using floor_int_eq[where x="?N ?nxs" and n="?l"] by simp
  3472       moreover
  3473       have "\<dots> \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"  by simp
  3474       ultimately have "?I (?p (p',n',s') j) \<longrightarrow> (?N (Floor a) = ?N ((Add (Floor s') (C j))))"
  3475         by blast
  3476       with s_def n0 p_def nb nf have ?ths by auto}
  3477     ultimately show ?ths by auto
  3478   qed
  3479 next
  3480   case (3 a b) then show ?case
  3481     apply auto
  3482     apply (erule_tac x = "(aa, aaa, ba)" in ballE) apply simp_all
  3483     apply (erule_tac x = "(ab, ac, baa)" in ballE) apply simp_all
  3484     done
  3485 qed (auto simp add: Let_def split_def algebra_simps conj_rl)
  3486 
  3487 lemma real_in_int_intervals: 
  3488   assumes xb: "real m \<le> x \<and> x < real ((n::int) + 1)"
  3489   shows "\<exists> j\<in> {m.. n}. real j \<le> x \<and> x < real (j+1)" (is "\<exists> j\<in> ?N. ?P j")
  3490 by (rule bexI[where P="?P" and x="floor x" and A="?N"]) 
  3491 (auto simp add: floor_less_eq[where x="x" and a="n+1", simplified] xb[simplified] floor_mono[where x="real m" and y="x", OF conjunct1[OF xb], simplified floor_real_of_int[where n="m"]])
  3492 
  3493 lemma rsplit0_complete:
  3494   assumes xp:"0 \<le> x" and x1:"x < 1"
  3495   shows "\<exists> (p,n,s) \<in> set (rsplit0 t). Ifm (x#bs) p" (is "\<exists> (p,n,s) \<in> ?SS t. ?I p")
  3496 proof(induct t rule: rsplit0.induct)
  3497   case (2 a b) 
  3498   then have "\<exists> (pa,na,sa) \<in> ?SS a. ?I pa" by auto
  3499   then obtain "pa" "na" "sa" where pa: "(pa,na,sa)\<in> ?SS a \<and> ?I pa" by blast
  3500   with 2 have "\<exists> (pb,nb,sb) \<in> ?SS b. ?I pb" by blast
  3501   then obtain "pb" "nb" "sb" where pb: "(pb,nb,sb)\<in> ?SS b \<and> ?I pb" by blast
  3502   from pa pb have th: "((pa,na,sa),(pb,nb,sb)) \<in> set[(x,y). x\<leftarrow>rsplit0 a, y\<leftarrow>rsplit0 b]"
  3503     by (auto)
  3504   let ?f="(\<lambda> ((p,n,t),(q,m,s)). (And p q, n+m, Add t s))"
  3505   from imageI[OF th, where f="?f"] have "?f ((pa,na,sa),(pb,nb,sb)) \<in> ?SS (Add a b)"
  3506     by (simp add: Let_def)
  3507   hence "(And pa pb, na +nb, Add sa sb) \<in> ?SS (Add a b)" by simp
  3508   moreover from pa pb have "?I (And pa pb)" by simp
  3509   ultimately show ?case by blast
  3510 next
  3511   case (5 a) 
  3512   let ?p = "\<lambda> (p,n,s) j. fp p n s j"
  3513   let ?f = "(\<lambda> (p,n,s) j. (?p (p,n,s) j, (0::int),(Add (Floor s) (C j))))"
  3514   let ?J = "\<lambda> n. if n>0 then [0..n] else [n..0]"
  3515   let ?ff=" (\<lambda> (p,n,s). if n= 0 then [(p,0,Floor s)] else map (?f (p,n,s)) (?J n))"
  3516   have int_cases: "\<forall> (i::int). i= 0 \<or> i < 0 \<or> i > 0" by arith
  3517   have U1: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)]))" by auto
  3518   have U2': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0}. ?ff (p,n,s) = map (?f(p,n,s)) [0..n]"
  3519     by auto
  3520   hence U2: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) [0..n])))"
  3521   proof-
  3522     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3523     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3524     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3525       by (auto simp add: split_def)
  3526   qed
  3527   have U3': "\<forall> (p,n,s) \<in> {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0}. ?ff (p,n,s) = map (?f(p,n,s)) [n..0]"
  3528     by auto
  3529   hence U3: "(UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) = (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) [n..0])))"
  3530   proof-
  3531     fix M :: "('a\<times>'b\<times>'c) set" and f :: "('a\<times>'b\<times>'c) \<Rightarrow> 'd list" and g
  3532     assume "\<forall> (a,b,c) \<in> M. f (a,b,c) = g a b c"
  3533     thus "(UNION M (\<lambda> (a,b,c). set (f (a,b,c)))) = (UNION M (\<lambda> (a,b,c). set (g a b c)))"
  3534       by (auto simp add: split_def)
  3535   qed
  3536 
  3537   have "?SS (Floor a) = UNION (?SS a) (\<lambda>x. set (?ff x))" by auto
  3538   also have "\<dots> = UNION (?SS a) (\<lambda> (p,n,s). set (?ff (p,n,s)))" by blast
  3539   also have "\<dots> = 
  3540     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3541     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (?ff (p,n,s)))) Un 
  3542     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (?ff (p,n,s)))))" 
  3543     using int_cases[rule_format] by blast
  3544   also have "\<dots> =  
  3545     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). set [(p,0,Floor s)])) Un 
  3546     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) [0..n]))) Un 
  3547     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). set (map (?f(p,n,s)) [n..0]))))" by (simp only: U1 U2 U3)
  3548   also have "\<dots> =  
  3549     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3550     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {0 .. n})) Un 
  3551     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s). (?f(p,n,s)) ` {n .. 0})))"
  3552     by (simp only: set_map set_upto set.simps)
  3553   also have "\<dots> =   
  3554     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3555     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3556     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))" by blast
  3557   finally 
  3558   have FS: "?SS (Floor a) =   
  3559     ((UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n=0} (\<lambda> (p,n,s). {(p,0,Floor s)})) Un 
  3560     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n>0} (\<lambda> (p,n,s). {?f(p,n,s) j| j. j\<in> {0 .. n}})) Un 
  3561     (UNION {(p,n,s). (p,n,s) \<in> ?SS a \<and> n<0} (\<lambda> (p,n,s).  {?f(p,n,s) j| j. j\<in> {n .. 0}})))"
  3562     by blast
  3563   from 5 have "\<exists> (p,n,s) \<in> ?SS a. ?I p" by auto
  3564   then obtain "p" "n" "s" where pns: "(p,n,s) \<in> ?SS a \<and> ?I p" by blast
  3565   let ?N = "\<lambda> t. Inum (x#bs) t"
  3566   from rsplit0_cs[rule_format] pns have ans:"(?N a = ?N (CN 0 n s)) \<and> numbound0 s \<and> isrlfm p"
  3567     by auto
  3568   
  3569   have "n=0 \<or> n >0 \<or> n <0" by arith
  3570   moreover {assume "n=0" hence ?case using pns by (simp only: FS) auto }
  3571   moreover
  3572   {
  3573     assume np: "n > 0"
  3574     from real_of_int_floor_le[where r="?N s"] have "?N (Floor s) \<le> ?N s" by simp
  3575     also from mult_left_mono[OF xp] np have "?N s \<le> real n * x + ?N s" by simp
  3576     finally have "?N (Floor s) \<le> real n * x + ?N s" .
  3577     moreover
  3578     {from x1 np have "real n *x + ?N s < real n + ?N s" by simp
  3579       also from real_of_int_floor_add_one_gt[where r="?N s"] 
  3580       have "\<dots> < real n + ?N (Floor s) + 1" by simp
  3581       finally have "real n *x + ?N s < ?N (Floor s) + real (n+1)" by simp}
  3582     ultimately have "?N (Floor s) \<le> real n *x + ?N s\<and> real n *x + ?N s < ?N (Floor s) + real (n+1)" by simp
  3583     hence th: "0 \<le> real n *x + ?N s - ?N (Floor s) \<and> real n *x + ?N s - ?N (Floor s) < real (n+1)" by simp
  3584     from real_in_int_intervals th have  "\<exists> j\<in> {0 .. n}. real j \<le> real n *x + ?N s - ?N (Floor s)\<and> real n *x + ?N s - ?N (Floor s) < real (j+1)" by simp
  3585     
  3586     hence "\<exists> j\<in> {0 .. n}. 0 \<le> real n *x + ?N s - ?N (Floor s) - real j \<and> real n *x + ?N s - ?N (Floor s) - real (j+1) < 0"
  3587       by(simp only: myle[of _ "real n * x + Inum (x # bs) s - Inum (x # bs) (Floor s)"] less_iff_diff_less_0[where a="real n *x + ?N s - ?N (Floor s)"]) 
  3588     hence "\<exists> j\<in> {0.. n}. ?I (?p (p,n,s) j)"
  3589       using pns by (simp add: fp_def np algebra_simps numsub numadd)
  3590     then obtain "j" where j_def: "j\<in> {0 .. n} \<and> ?I (?p (p,n,s) j)" by blast
  3591     hence "\<exists>x \<in> {?p (p,n,s) j |j. 0\<le> j \<and> j \<le> n }. ?I x" by auto
  3592     hence ?case using pns 
  3593       by (simp only: FS,simp add: bex_Un) 
  3594     (rule disjI2, rule disjI1,rule exI [where x="p"],
  3595       rule exI [where x="n"],rule exI [where x="s"],simp_all add: np)
  3596   }
  3597   moreover
  3598   { assume nn: "n < 0" hence np: "-n >0" by simp
  3599     from real_of_int_floor_le[where r="?N s"] have "?N (Floor s) + 1 > ?N s" by simp
  3600     moreover from mult_left_mono_neg[OF xp] nn have "?N s \<ge> real n * x + ?N s" by simp
  3601     ultimately have "?N (Floor s) + 1 > real n * x + ?N s" by arith 
  3602     moreover
  3603     {from x1 nn have "real n *x + ?N s \<ge> real n + ?N s" by simp
  3604       moreover from real_of_int_floor_le[where r="?N s"]  have "real n + ?N s \<ge> real n + ?N (Floor s)" by simp
  3605       ultimately have "real n *x + ?N s \<ge> ?N (Floor s) + real n" 
  3606         by (simp only: algebra_simps)}
  3607     ultimately have "?N (Floor s) + real n \<le> real n *x + ?N s\<and> real n *x + ?N s < ?N (Floor s) + real (1::int)" by simp
  3608     hence th: "real n \<le> real n *x + ?N s - ?N (Floor s) \<and> real n *x + ?N s - ?N (Floor s) < real (1::int)" by simp
  3609     have th1: "\<forall> (a::real). (- a > 0) = (a < 0)" by auto
  3610     have th2: "\<forall> (a::real). (0 \<ge> - a) = (a \<ge> 0)" by auto
  3611     from real_in_int_intervals th  have  "\<exists> j\<in> {n .. 0}. real j \<le> real n *x + ?N s - ?N (Floor s)\<and> real n *x + ?N s - ?N (Floor s) < real (j+1)" by simp
  3612     
  3613     hence "\<exists> j\<in> {n .. 0}. 0 \<le> real n *x + ?N s - ?N (Floor s) - real j \<and> real n *x + ?N s - ?N (Floor s) - real (j+1) < 0"
  3614       by(simp only: myle[of _ "real n * x + Inum (x # bs) s - Inum (x # bs) (Floor s)"] less_iff_diff_less_0[where a="real n *x + ?N s - ?N (Floor s)"]) 
  3615     hence "\<exists> j\<in> {n .. 0}. 0 \<ge> - (real n *x + ?N s - ?N (Floor s) - real j) \<and> - (real n *x + ?N s - ?N (Floor s) - real (j+1)) > 0" by (simp only: th1[rule_format] th2[rule_format])
  3616     hence "\<exists> j\<in> {n.. 0}. ?I (?p (p,n,s) j)"
  3617       using pns by (simp add: fp_def nn diff_minus add_ac mult_ac numfloor numadd numneg
  3618         del: diff_less_0_iff_less diff_le_0_iff_le) 
  3619     then obtain "j" where j_def: "j\<in> {n .. 0} \<and> ?I (?p (p,n,s) j)" by blast
  3620     hence "\<exists>x \<in> {?p (p,n,s) j |j. n\<le> j \<and> j \<le> 0 }. ?I x" by auto
  3621     hence ?case using pns 
  3622       by (simp only: FS,simp add: bex_Un)
  3623     (rule disjI2, rule disjI2,rule exI [where x="p"],
  3624       rule exI [where x="n"],rule exI [where x="s"],simp_all add: nn)
  3625   }
  3626   ultimately show ?case by blast
  3627 qed (auto simp add: Let_def split_def)
  3628 
  3629     (* Linearize a formula where Bound 0 ranges over [0,1) *)
  3630 
  3631 definition rsplit :: "(int \<Rightarrow> num \<Rightarrow> fm) \<Rightarrow> num \<Rightarrow> fm" where
  3632   "rsplit f a \<equiv> foldr disj (map (\<lambda> (\<phi>, n, s). conj \<phi> (f n s)) (rsplit0 a)) F"
  3633 
  3634 lemma foldr_disj_map: "Ifm bs (foldr disj (map f xs) F) = (\<exists> x \<in> set xs. Ifm bs (f x))"
  3635 by(induct xs, simp_all)
  3636 
  3637 lemma foldr_conj_map: "Ifm bs (foldr conj (map f xs) T) = (\<forall> x \<in> set xs. Ifm bs (f x))"
  3638 by(induct xs, simp_all)
  3639 
  3640 lemma foldr_disj_map_rlfm: 
  3641   assumes lf: "\<forall> n s. numbound0 s \<longrightarrow> isrlfm (f n s)"
  3642   and \<phi>: "\<forall> (\<phi>,n,s) \<in> set xs. numbound0 s \<and> isrlfm \<phi>"
  3643   shows "isrlfm (foldr disj (map (\<lambda> (\<phi>, n, s). conj \<phi> (f n s)) xs) F)"
  3644 using lf \<phi> by (induct xs, auto)
  3645 
  3646 lemma rsplit_ex: "Ifm bs (rsplit f a) = (\<exists> (\<phi>,n,s) \<in> set (rsplit0 a). Ifm bs (conj \<phi> (f n s)))"
  3647 using foldr_disj_map[where xs="rsplit0 a"] rsplit_def by (simp add: split_def)
  3648 
  3649 lemma rsplit_l: assumes lf: "\<forall> n s. numbound0 s \<longrightarrow> isrlfm (f n s)"
  3650   shows "isrlfm (rsplit f a)"
  3651 proof-
  3652   from rsplit0_cs[where t="a"] have th: "\<forall> (\<phi>,n,s) \<in> set (rsplit0 a). numbound0 s \<and> isrlfm \<phi>" by blast
  3653   from foldr_disj_map_rlfm[OF lf th] rsplit_def show ?thesis by simp
  3654 qed
  3655 
  3656 lemma rsplit: 
  3657   assumes xp: "x \<ge> 0" and x1: "x < 1"
  3658   and f: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> (Ifm (x#bs) (f n s) = Ifm (x#bs) (g a))"
  3659   shows "Ifm (x#bs) (rsplit f a) = Ifm (x#bs) (g a)"
  3660 proof(auto)
  3661   let ?I = "\<lambda>x p. Ifm (x#bs) p"
  3662   let ?N = "\<lambda> x t. Inum (x#bs) t"
  3663   assume "?I x (rsplit f a)"
  3664   hence "\<exists> (\<phi>,n,s) \<in> set (rsplit0 a). ?I x (And \<phi> (f n s))" using rsplit_ex by simp
  3665   then obtain "\<phi>" "n" "s" where fnsS:"(\<phi>,n,s) \<in> set (rsplit0 a)" and "?I x (And \<phi> (f n s))" by blast
  3666   hence \<phi>: "?I x \<phi>" and fns: "?I x (f n s)" by auto
  3667   from rsplit0_cs[where t="a" and bs="bs" and x="x", rule_format, OF fnsS] \<phi> 
  3668   have th: "(?N x a = ?N x (CN 0 n s)) \<and> numbound0 s" by auto
  3669   from f[rule_format, OF th] fns show "?I x (g a)" by simp
  3670 next
  3671   let ?I = "\<lambda>x p. Ifm (x#bs) p"
  3672   let ?N = "\<lambda> x t. Inum (x#bs) t"
  3673   assume ga: "?I x (g a)"
  3674   from rsplit0_complete[OF xp x1, where bs="bs" and t="a"] 
  3675   obtain "\<phi>" "n" "s" where fnsS:"(\<phi>,n,s) \<in> set (rsplit0 a)" and fx: "?I x \<phi>" by blast
  3676   from rsplit0_cs[where t="a" and x="x" and bs="bs"] fnsS fx
  3677   have ans: "?N x a = ?N x (CN 0 n s)" and nb: "numbound0 s" by auto
  3678   with ga f have "?I x (f n s)" by auto
  3679   with rsplit_ex fnsS fx show "?I x (rsplit f a)" by auto
  3680 qed
  3681 
  3682 definition lt :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3683   lt_def: "lt c t = (if c = 0 then (Lt t) else if c > 0 then (Lt (CN 0 c t)) 
  3684                         else (Gt (CN 0 (-c) (Neg t))))"
  3685 
  3686 definition  le :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3687   le_def: "le c t = (if c = 0 then (Le t) else if c > 0 then (Le (CN 0 c t)) 
  3688                         else (Ge (CN 0 (-c) (Neg t))))"
  3689 
  3690 definition  gt :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3691   gt_def: "gt c t = (if c = 0 then (Gt t) else if c > 0 then (Gt (CN 0 c t)) 
  3692                         else (Lt (CN 0 (-c) (Neg t))))"
  3693 
  3694 definition  ge :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3695   ge_def: "ge c t = (if c = 0 then (Ge t) else if c > 0 then (Ge (CN 0 c t)) 
  3696                         else (Le (CN 0 (-c) (Neg t))))"
  3697 
  3698 definition  eq :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3699   eq_def: "eq c t = (if c = 0 then (Eq t) else if c > 0 then (Eq (CN 0 c t)) 
  3700                         else (Eq (CN 0 (-c) (Neg t))))"
  3701 
  3702 definition neq :: "int \<Rightarrow> num \<Rightarrow> fm" where
  3703   neq_def: "neq c t = (if c = 0 then (NEq t) else if c > 0 then (NEq (CN 0 c t)) 
  3704                         else (NEq (CN 0 (-c) (Neg t))))"
  3705 
  3706 lemma lt_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (lt n s) = Ifm (x#bs) (Lt a)"
  3707   (is "\<forall> a n s . ?N a = ?N (CN 0 n s) \<and> _\<longrightarrow> ?I (lt n s) = ?I (Lt a)")
  3708 proof(clarify)
  3709   fix a n s
  3710   assume H: "?N a = ?N (CN 0 n s)"
  3711   show "?I (lt n s) = ?I (Lt a)" using H by (cases "n=0", (simp add: lt_def))
  3712   (cases "n > 0", simp_all add: lt_def algebra_simps myless[of _ "0"])
  3713 qed
  3714 
  3715 lemma lt_l: "isrlfm (rsplit lt a)"
  3716   by (rule rsplit_l[where f="lt" and a="a"], auto simp add: lt_def,
  3717     case_tac s, simp_all, case_tac "nat", simp_all)
  3718 
  3719 lemma le_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (le n s) = Ifm (x#bs) (Le a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (le n s) = ?I (Le a)")
  3720 proof(clarify)
  3721   fix a n s
  3722   assume H: "?N a = ?N (CN 0 n s)"
  3723   show "?I (le n s) = ?I (Le a)" using H by (cases "n=0", (simp add: le_def))
  3724   (cases "n > 0", simp_all add: le_def algebra_simps myle[of _ "0"])
  3725 qed
  3726 
  3727 lemma le_l: "isrlfm (rsplit le a)"
  3728   by (rule rsplit_l[where f="le" and a="a"], auto simp add: le_def) 
  3729 (case_tac s, simp_all, case_tac "nat",simp_all)
  3730 
  3731 lemma gt_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (gt n s) = Ifm (x#bs) (Gt a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (gt n s) = ?I (Gt a)")
  3732 proof(clarify)
  3733   fix a n s
  3734   assume H: "?N a = ?N (CN 0 n s)"
  3735   show "?I (gt n s) = ?I (Gt a)" using H by (cases "n=0", (simp add: gt_def))
  3736   (cases "n > 0", simp_all add: gt_def algebra_simps myless[of _ "0"])
  3737 qed
  3738 lemma gt_l: "isrlfm (rsplit gt a)"
  3739   by (rule rsplit_l[where f="gt" and a="a"], auto simp add: gt_def) 
  3740 (case_tac s, simp_all, case_tac "nat", simp_all)
  3741 
  3742 lemma ge_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (ge n s) = Ifm (x#bs) (Ge a)" (is "\<forall> a n s . ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (ge n s) = ?I (Ge a)")
  3743 proof(clarify)
  3744   fix a n s 
  3745   assume H: "?N a = ?N (CN 0 n s)"
  3746   show "?I (ge n s) = ?I (Ge a)" using H by (cases "n=0", (simp add: ge_def))
  3747   (cases "n > 0", simp_all add: ge_def algebra_simps myle[of _ "0"])
  3748 qed
  3749 lemma ge_l: "isrlfm (rsplit ge a)"
  3750   by (rule rsplit_l[where f="ge" and a="a"], auto simp add: ge_def) 
  3751 (case_tac s, simp_all, case_tac "nat", simp_all)
  3752 
  3753 lemma eq_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (eq n s) = Ifm (x#bs) (Eq a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (eq n s) = ?I (Eq a)")
  3754 proof(clarify)
  3755   fix a n s 
  3756   assume H: "?N a = ?N (CN 0 n s)"
  3757   show "?I (eq n s) = ?I (Eq a)" using H by (auto simp add: eq_def algebra_simps)
  3758 qed
  3759 lemma eq_l: "isrlfm (rsplit eq a)"
  3760   by (rule rsplit_l[where f="eq" and a="a"], auto simp add: eq_def) 
  3761 (case_tac s, simp_all, case_tac"nat", simp_all)
  3762 
  3763 lemma neq_mono: "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (neq n s) = Ifm (x#bs) (NEq a)" (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (neq n s) = ?I (NEq a)")
  3764 proof(clarify)
  3765   fix a n s bs
  3766   assume H: "?N a = ?N (CN 0 n s)"
  3767   show "?I (neq n s) = ?I (NEq a)" using H by (auto simp add: neq_def algebra_simps)
  3768 qed
  3769 
  3770 lemma neq_l: "isrlfm (rsplit neq a)"
  3771   by (rule rsplit_l[where f="neq" and a="a"], auto simp add: neq_def) 
  3772 (case_tac s, simp_all, case_tac"nat", simp_all)
  3773 
  3774 lemma small_le: 
  3775   assumes u0:"0 \<le> u" and u1: "u < 1"
  3776   shows "(-u \<le> real (n::int)) = (0 \<le> n)"
  3777 using u0 u1  by auto
  3778 
  3779 lemma small_lt: 
  3780   assumes u0:"0 \<le> u" and u1: "u < 1"
  3781   shows "(real (n::int) < real (m::int) - u) = (n < m)"
  3782 using u0 u1  by auto
  3783 
  3784 lemma rdvd01_cs: 
  3785   assumes up: "u \<ge> 0" and u1: "u<1" and np: "real n > 0"
  3786   shows "(real (i::int) rdvd real (n::int) * u - s) = (\<exists> j\<in> {0 .. n - 1}. real n * u = s - real (floor s) + real j \<and> real i rdvd real (j - floor s))" (is "?lhs = ?rhs")
  3787 proof-
  3788   let ?ss = "s - real (floor s)"
  3789   from real_of_int_floor_add_one_gt[where r="s", simplified myless[of "s"]] 
  3790     real_of_int_floor_le[where r="s"]  have ss0:"?ss \<ge> 0" and ss1:"?ss < 1" 
  3791     by (auto simp add: myle[of _ "s", symmetric] myless[of "?ss"])
  3792   from np have n0: "real n \<ge> 0" by simp
  3793   from mult_left_mono[OF up n0] mult_strict_left_mono[OF u1 np] 
  3794   have nu0:"real n * u - s \<ge> -s" and nun:"real n * u -s < real n - s" by auto  
  3795   from int_rdvd_real[where i="i" and x="real (n::int) * u - s"] 
  3796   have "real i rdvd real n * u - s = 
  3797     (i dvd floor (real n * u -s) \<and> (real (floor (real n * u - s)) = real n * u - s ))" 
  3798     (is "_ = (?DE)" is "_ = (?D \<and> ?E)") by simp
  3799   also have "\<dots> = (?DE \<and> real(floor (real n * u - s) + floor s)\<ge> -?ss 
  3800     \<and> real(floor (real n * u - s) + floor s)< real n - ?ss)" (is "_=(?DE \<and>real ?a \<ge> _ \<and> real ?a < _)")
  3801     using nu0 nun  by auto
  3802   also have "\<dots> = (?DE \<and> ?a \<ge> 0 \<and> ?a < n)" by(simp only: small_le[OF ss0 ss1] small_lt[OF ss0 ss1])
  3803   also have "\<dots> = (?DE \<and> (\<exists> j\<in> {0 .. (n - 1)}. ?a = j))" by simp
  3804   also have "\<dots> = (?DE \<and> (\<exists> j\<in> {0 .. (n - 1)}. real (\<lfloor>real n * u - s\<rfloor>) = real j - real \<lfloor>s\<rfloor> ))"
  3805     by (simp only: algebra_simps real_of_int_diff[symmetric] real_of_int_inject del: real_of_int_diff)
  3806   also have "\<dots> = ((\<exists> j\<in> {0 .. (n - 1)}. real n * u - s = real j - real \<lfloor>s\<rfloor> \<and> real i rdvd real n * u - s))" using int_rdvd_iff[where i="i" and t="\<lfloor>real n * u - s\<rfloor>"]
  3807     by (auto cong: conj_cong)
  3808   also have "\<dots> = ?rhs" by(simp cong: conj_cong) (simp add: algebra_simps )
  3809   finally show ?thesis .
  3810 qed
  3811 
  3812 definition
  3813   DVDJ:: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3814 where
  3815   DVDJ_def: "DVDJ i n s = (foldr disj (map (\<lambda> j. conj (Eq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (Dvd i (Sub (C j) (Floor (Neg s))))) [0..n - 1]) F)"
  3816 
  3817 definition
  3818   NDVDJ:: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm"
  3819 where
  3820   NDVDJ_def: "NDVDJ i n s = (foldr conj (map (\<lambda> j. disj (NEq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (NDvd i (Sub (C j) (Floor (Neg s))))) [0..n - 1]) T)"
  3821 
  3822 lemma DVDJ_DVD: 
  3823   assumes xp:"x\<ge> 0" and x1: "x < 1" and np:"real n > 0"
  3824   shows "Ifm (x#bs) (DVDJ i n s) = Ifm (x#bs) (Dvd i (CN 0 n s))"
  3825 proof-
  3826   let ?f = "\<lambda> j. conj (Eq(CN 0 n (Add s (Sub(Floor (Neg s)) (C j))))) (Dvd i (Sub (C j) (Floor (Neg s))))"
  3827   let ?s= "Inum (x#bs) s"
  3828   from foldr_disj_map[where xs="[0..n - 1]" and bs="x#bs" and f="?f"]
  3829   have "Ifm (x#bs) (DVDJ i n s) = (\<exists> j\<in> {0 .. (n - 1)}. Ifm (x#bs) (?f j))" 
  3830     by (simp add: np DVDJ_def)
  3831   also have "\<dots> = (\<exists> j\<in> {0 .. (n - 1)}. real n * x = (- ?s) - real (floor (- ?s)) + real j \<and> real i rdvd real (j - floor (- ?s)))" by (simp add: algebra_simps diff_minus[symmetric])
  3832   also from rdvd01_cs[OF xp x1 np, where i="i" and s="-?s"] 
  3833   have "\<dots> = (real i rdvd real n * x - (-?s))" by simp
  3834   finally show ?thesis by simp
  3835 qed
  3836 
  3837 lemma NDVDJ_NDVD: 
  3838   assumes xp:"x\<ge> 0" and x1: "x < 1" and np:"real n > 0"
  3839   shows "Ifm (x#bs) (NDVDJ i n s) = Ifm (x#bs) (NDvd i (CN 0 n s))"
  3840 proof-
  3841   let ?f = "\<lambda> j. disj(NEq(CN 0 n (Add s (Sub (Floor (Neg s)) (C j))))) (NDvd i (Sub (C j) (Floor(Neg s))))"
  3842   let ?s= "Inum (x#bs) s"
  3843   from foldr_conj_map[where xs="[0..n - 1]" and bs="x#bs" and f="?f"]
  3844   have "Ifm (x#bs) (NDVDJ i n s) = (\<forall> j\<in> {0 .. (n - 1)}. Ifm (x#bs) (?f j))" 
  3845     by (simp add: np NDVDJ_def)
  3846   also have "\<dots> = (\<not> (\<exists> j\<in> {0 .. (n - 1)}. real n * x = (- ?s) - real (floor (- ?s)) + real j \<and> real i rdvd real (j - floor (- ?s))))" by (simp add: algebra_simps diff_minus[symmetric])
  3847   also from rdvd01_cs[OF xp x1 np, where i="i" and s="-?s"] 
  3848   have "\<dots> = (\<not> (real i rdvd real n * x - (-?s)))" by simp
  3849   finally show ?thesis by simp
  3850 qed  
  3851 
  3852 lemma foldr_disj_map_rlfm2: 
  3853   assumes lf: "\<forall> n . isrlfm (f n)"
  3854   shows "isrlfm (foldr disj (map f xs) F)"
  3855 using lf by (induct xs, auto)
  3856 lemma foldr_And_map_rlfm2: 
  3857   assumes lf: "\<forall> n . isrlfm (f n)"
  3858   shows "isrlfm (foldr conj (map f xs) T)"
  3859 using lf by (induct xs, auto)
  3860 
  3861 lemma DVDJ_l: assumes ip: "i >0" and np: "n>0" and nb: "numbound0 s"
  3862   shows "isrlfm (DVDJ i n s)"
  3863 proof-
  3864   let ?f="\<lambda>j. conj (Eq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j)))))
  3865                          (Dvd i (Sub (C j) (Floor (Neg s))))"
  3866   have th: "\<forall> j. isrlfm (?f j)" using nb np by auto
  3867   from DVDJ_def foldr_disj_map_rlfm2[OF th] show ?thesis by simp 
  3868 qed
  3869 
  3870 lemma NDVDJ_l: assumes ip: "i >0" and np: "n>0" and nb: "numbound0 s"
  3871   shows "isrlfm (NDVDJ i n s)"
  3872 proof-
  3873   let ?f="\<lambda>j. disj (NEq (CN 0 n (Add s (Sub (Floor (Neg s)) (C j)))))
  3874                       (NDvd i (Sub (C j) (Floor (Neg s))))"
  3875   have th: "\<forall> j. isrlfm (?f j)" using nb np by auto
  3876   from NDVDJ_def foldr_And_map_rlfm2[OF th] show ?thesis by auto
  3877 qed
  3878 
  3879 definition DVD :: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm" where
  3880   DVD_def: "DVD i c t =
  3881   (if i=0 then eq c t else 
  3882   if c = 0 then (Dvd i t) else if c >0 then DVDJ (abs i) c t else DVDJ (abs i) (-c) (Neg t))"
  3883 
  3884 definition  NDVD :: "int \<Rightarrow> int \<Rightarrow> num \<Rightarrow> fm" where
  3885   "NDVD i c t =
  3886   (if i=0 then neq c t else 
  3887   if c = 0 then (NDvd i t) else if c >0 then NDVDJ (abs i) c t else NDVDJ (abs i) (-c) (Neg t))"
  3888 
  3889 lemma DVD_mono: 
  3890   assumes xp: "0\<le> x" and x1: "x < 1" 
  3891   shows "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (DVD i n s) = Ifm (x#bs) (Dvd i a)"
  3892   (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (DVD i n s) = ?I (Dvd i a)")
  3893 proof(clarify)
  3894   fix a n s 
  3895   assume H: "?N a = ?N (CN 0 n s)" and nb: "numbound0 s"
  3896   let ?th = "?I (DVD i n s) = ?I (Dvd i a)"
  3897   have "i=0 \<or> (i\<noteq>0 \<and> n=0) \<or> (i\<noteq>0 \<and> n < 0) \<or> (i\<noteq>0 \<and> n > 0)" by arith
  3898   moreover {assume iz: "i=0" hence ?th using eq_mono[rule_format, OF conjI[OF H nb]] 
  3899       by (simp add: DVD_def rdvd_left_0_eq)}
  3900   moreover {assume inz: "i\<noteq>0" and "n=0" hence ?th by (simp add: H DVD_def) } 
  3901   moreover {assume inz: "i\<noteq>0" and "n<0" hence ?th 
  3902       by (simp add: DVD_def H DVDJ_DVD[OF xp x1] rdvd_abs1 
  3903         rdvd_minus[where d="i" and t="real n * x + Inum (x # bs) s"]) } 
  3904   moreover {assume inz: "i\<noteq>0" and "n>0" hence ?th by (simp add:DVD_def H DVDJ_DVD[OF xp x1] rdvd_abs1)}
  3905   ultimately show ?th by blast
  3906 qed
  3907 
  3908 lemma NDVD_mono:   assumes xp: "0\<le> x" and x1: "x < 1" 
  3909   shows "\<forall> a n s. Inum (x#bs) a = Inum (x#bs) (CN 0 n s) \<and> numbound0 s \<longrightarrow> Ifm (x#bs) (NDVD i n s) = Ifm (x#bs) (NDvd i a)"
  3910   (is "\<forall> a n s. ?N a = ?N (CN 0 n s) \<and> _ \<longrightarrow> ?I (NDVD i n s) = ?I (NDvd i a)")
  3911 proof(clarify)
  3912   fix a n s 
  3913   assume H: "?N a = ?N (CN 0 n s)" and nb: "numbound0 s"
  3914   let ?th = "?I (NDVD i n s) = ?I (NDvd i a)"
  3915   have "i=0 \<or> (i\<noteq>0 \<and> n=0) \<or> (i\<noteq>0 \<and> n < 0) \<or> (i\<noteq>0 \<and> n > 0)" by arith
  3916   moreover {assume iz: "i=0" hence ?th using neq_mono[rule_format, OF conjI[OF H nb]] 
  3917       by (simp add: NDVD_def rdvd_left_0_eq)}
  3918   moreover {assume inz: "i\<noteq>0" and "n=0" hence ?th by (simp add: H NDVD_def) } 
  3919   moreover {assume inz: "i\<noteq>0" and "n<0" hence ?th 
  3920       by (simp add: NDVD_def H NDVDJ_NDVD[OF xp x1] rdvd_abs1 
  3921         rdvd_minus[where d="i" and t="real n * x + Inum (x # bs) s"]) } 
  3922   moreover {assume inz: "i\<noteq>0" and "n>0" hence ?th 
  3923       by (simp add:NDVD_def H NDVDJ_NDVD[OF xp x1] rdvd_abs1)}
  3924   ultimately show ?th by blast
  3925 qed
  3926 
  3927 lemma DVD_l: "isrlfm (rsplit (DVD i) a)"
  3928   by (rule rsplit_l[where f="DVD i" and a="a"], auto simp add: DVD_def eq_def DVDJ_l) 
  3929 (case_tac s, simp_all, case_tac "nat", simp_all)
  3930 
  3931 lemma NDVD_l: "isrlfm (rsplit (NDVD i) a)"
  3932   by (rule rsplit_l[where f="NDVD i" and a="a"], auto simp add: NDVD_def neq_def NDVDJ_l) 
  3933 (case_tac s, simp_all, case_tac "nat", simp_all)
  3934 
  3935 consts rlfm :: "fm \<Rightarrow> fm"
  3936 recdef rlfm "measure fmsize"
  3937   "rlfm (And p q) = conj (rlfm p) (rlfm q)"
  3938   "rlfm (Or p q) = disj (rlfm p) (rlfm q)"
  3939   "rlfm (Imp p q) = disj (rlfm (NOT p)) (rlfm q)"
  3940   "rlfm (Iff p q) = disj (conj(rlfm p) (rlfm q)) (conj(rlfm (NOT p)) (rlfm (NOT q)))"
  3941   "rlfm (Lt a) = rsplit lt a"
  3942   "rlfm (Le a) = rsplit le a"
  3943   "rlfm (Gt a) = rsplit gt a"
  3944   "rlfm (Ge a) = rsplit ge a"
  3945   "rlfm (Eq a) = rsplit eq a"
  3946   "rlfm (NEq a) = rsplit neq a"
  3947   "rlfm (Dvd i a) = rsplit (\<lambda> t. DVD i t) a"
  3948   "rlfm (NDvd i a) = rsplit (\<lambda> t. NDVD i t) a"
  3949   "rlfm (NOT (And p q)) = disj (rlfm (NOT p)) (rlfm (NOT q))"
  3950   "rlfm (NOT (Or p q)) = conj (rlfm (NOT p)) (rlfm (NOT q))"
  3951   "rlfm (NOT (Imp p q)) = conj (rlfm p) (rlfm (NOT q))"
  3952   "rlfm (NOT (Iff p q)) = disj (conj(rlfm p) (rlfm(NOT q))) (conj(rlfm(NOT p)) (rlfm q))"
  3953   "rlfm (NOT (NOT p)) = rlfm p"
  3954   "rlfm (NOT T) = F"
  3955   "rlfm (NOT F) = T"
  3956   "rlfm (NOT (Lt a)) = simpfm (rlfm (Ge a))"
  3957   "rlfm (NOT (Le a)) = simpfm (rlfm (Gt a))"
  3958   "rlfm (NOT (Gt a)) = simpfm (rlfm (Le a))"
  3959   "rlfm (NOT (Ge a)) = simpfm (rlfm (Lt a))"
  3960   "rlfm (NOT (Eq a)) = simpfm (rlfm (NEq a))"
  3961   "rlfm (NOT (NEq a)) = simpfm (rlfm (Eq a))"
  3962   "rlfm (NOT (Dvd i a)) = simpfm (rlfm (NDvd i a))"
  3963   "rlfm (NOT (NDvd i a)) = simpfm (rlfm (Dvd i a))"
  3964   "rlfm p = p" (hints simp add: fmsize_pos)
  3965 
  3966 lemma bound0at_l : "\<lbrakk>isatom p ; bound0 p\<rbrakk> \<Longrightarrow> isrlfm p"
  3967   by (induct p rule: isrlfm.induct, auto)
  3968 
  3969 lemma simpfm_rl: "isrlfm p \<Longrightarrow> isrlfm (simpfm p)"
  3970 proof (induct p)
  3971   case (Lt a) 
  3972   hence "bound0 (Lt a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  3973     by (cases a,simp_all, case_tac "nat", simp_all)
  3974   moreover
  3975   {assume "bound0 (Lt a)" hence bn:"bound0 (simpfm (Lt a))"  
  3976       using simpfm_bound0 by blast
  3977     have "isatom (simpfm (Lt a))" by (cases "simpnum a", auto simp add: Let_def)
  3978     with bn bound0at_l have ?case by blast}
  3979   moreover 
  3980   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  3981     { assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  3982       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  3983       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  3984       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  3985         by (simp add: numgcd_def)
  3986       from `c > 0` have th': "c\<noteq>0" by auto
  3987       from `c > 0` have cp: "c \<ge> 0" by simp
  3988       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  3989       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  3990     }
  3991     with Lt a have ?case
  3992       by (simp add: Let_def reducecoeff_def reducecoeffh_numbound0)}
  3993   ultimately show ?case by blast
  3994 next
  3995   case (Le a)   
  3996   hence "bound0 (Le a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  3997     by (cases a,simp_all, case_tac "nat", simp_all)
  3998   moreover
  3999   { assume "bound0 (Le a)" hence bn:"bound0 (simpfm (Le a))"  
  4000       using simpfm_bound0 by blast
  4001     have "isatom (simpfm (Le a))" by (cases "simpnum a", auto simp add: Let_def)
  4002     with bn bound0at_l have ?case by blast}
  4003   moreover 
  4004   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  4005     { assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4006       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4007       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4008       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4009         by (simp add: numgcd_def)
  4010       from `c > 0` have th': "c\<noteq>0" by auto
  4011       from `c > 0` have cp: "c \<ge> 0" by simp
  4012       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4013       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4014     }
  4015     with Le a have ?case
  4016       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4017   ultimately show ?case by blast
  4018 next
  4019   case (Gt a)   
  4020   hence "bound0 (Gt a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4021     by (cases a,simp_all, case_tac "nat", simp_all)
  4022   moreover
  4023   {assume "bound0 (Gt a)" hence bn:"bound0 (simpfm (Gt a))"  
  4024       using simpfm_bound0 by blast
  4025     have "isatom (simpfm (Gt a))" by (cases "simpnum a", auto simp add: Let_def)
  4026     with bn bound0at_l have ?case by blast}
  4027   moreover 
  4028   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  4029     { assume cn1: "numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4030       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4031       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4032       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4033         by (simp add: numgcd_def)
  4034       from `c > 0` have th': "c\<noteq>0" by auto
  4035       from `c > 0` have cp: "c \<ge> 0" by simp
  4036       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4037       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4038     }
  4039     with Gt a have ?case
  4040       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4041   ultimately show ?case by blast
  4042 next
  4043   case (Ge a)   
  4044   hence "bound0 (Ge a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4045     by (cases a,simp_all, case_tac "nat", simp_all)
  4046   moreover
  4047   { assume "bound0 (Ge a)" hence bn:"bound0 (simpfm (Ge a))"  
  4048       using simpfm_bound0 by blast
  4049     have "isatom (simpfm (Ge a))" by (cases "simpnum a", auto simp add: Let_def)
  4050     with bn bound0at_l have ?case by blast}
  4051   moreover 
  4052   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  4053     { assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4054       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4055       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4056       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4057         by (simp add: numgcd_def)
  4058       from `c > 0` have th': "c\<noteq>0" by auto
  4059       from `c > 0` have cp: "c \<ge> 0" by simp
  4060       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4061       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4062     }
  4063     with Ge a have ?case
  4064       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4065   ultimately show ?case by blast
  4066 next
  4067   case (Eq a)   
  4068   hence "bound0 (Eq a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4069     by (cases a,simp_all, case_tac "nat", simp_all)
  4070   moreover
  4071   { assume "bound0 (Eq a)" hence bn:"bound0 (simpfm (Eq a))"  
  4072       using simpfm_bound0 by blast
  4073     have "isatom (simpfm (Eq a))" by (cases "simpnum a", auto simp add: Let_def)
  4074     with bn bound0at_l have ?case by blast}
  4075   moreover 
  4076   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  4077     { assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4078       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4079       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4080       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4081         by (simp add: numgcd_def)
  4082       from `c > 0` have th': "c\<noteq>0" by auto
  4083       from `c > 0` have cp: "c \<ge> 0" by simp
  4084       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4085       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4086     }
  4087     with Eq a have ?case
  4088       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4089   ultimately show ?case by blast
  4090 next
  4091   case (NEq a)  
  4092   hence "bound0 (NEq a) \<or> (\<exists> c e. a = CN 0 c e \<and> c > 0 \<and> numbound0 e)"
  4093     by (cases a,simp_all, case_tac "nat", simp_all)
  4094   moreover
  4095   {assume "bound0 (NEq a)" hence bn:"bound0 (simpfm (NEq a))"  
  4096       using simpfm_bound0 by blast
  4097     have "isatom (simpfm (NEq a))" by (cases "simpnum a", auto simp add: Let_def)
  4098     with bn bound0at_l have ?case by blast}
  4099   moreover 
  4100   { fix c e assume a: "a = CN 0 c e" and "c>0" and "numbound0 e"
  4101     { assume cn1:"numgcd (CN 0 c (simpnum e)) \<noteq> 1" and cnz:"numgcd (CN 0 c (simpnum e)) \<noteq> 0"
  4102       with numgcd_pos[where t="CN 0 c (simpnum e)"]
  4103       have th1:"numgcd (CN 0 c (simpnum e)) > 0" by simp
  4104       from `c > 0` have th:"numgcd (CN 0 c (simpnum e)) \<le> c" 
  4105         by (simp add: numgcd_def)
  4106       from `c > 0` have th': "c\<noteq>0" by auto
  4107       from `c > 0` have cp: "c \<ge> 0" by simp
  4108       from zdiv_mono2[OF cp th1 th, simplified zdiv_self[OF th']]
  4109       have "0 < c div numgcd (CN 0 c (simpnum e))" by simp
  4110     }
  4111     with NEq a have ?case
  4112       by (simp add: Let_def reducecoeff_def simpnum_numbound0 reducecoeffh_numbound0)}
  4113   ultimately show ?case by blast
  4114 next
  4115   case (Dvd i a) hence "bound0 (Dvd i a)" by auto hence bn:"bound0 (simpfm (Dvd i a))"  
  4116     using simpfm_bound0 by blast
  4117   have "isatom (simpfm (Dvd i a))" by (cases "simpnum a", auto simp add: Let_def split_def)
  4118   with bn bound0at_l show ?case by blast
  4119 next
  4120   case (NDvd i a)  hence "bound0 (NDvd i a)" by auto hence bn:"bound0 (simpfm (NDvd i a))"  
  4121     using simpfm_bound0 by blast
  4122   have "isatom (simpfm (NDvd i a))" by (cases "simpnum a", auto simp add: Let_def split_def)
  4123   with bn bound0at_l show ?case by blast
  4124 qed(auto simp add: conj_def imp_def disj_def iff_def Let_def simpfm_bound0 numadd_nb numneg_nb)
  4125 
  4126 lemma rlfm_I:
  4127   assumes qfp: "qfree p"
  4128   and xp: "0 \<le> x" and x1: "x < 1"
  4129   shows "(Ifm (x#bs) (rlfm p) = Ifm (x# bs) p) \<and> isrlfm (rlfm p)"
  4130   using qfp 
  4131 by (induct p rule: rlfm.induct) 
  4132 (auto simp add: rsplit[OF xp x1 lt_mono] lt_l rsplit[OF xp x1 le_mono] le_l rsplit[OF xp x1 gt_mono] gt_l
  4133                rsplit[OF xp x1 ge_mono] ge_l rsplit[OF xp x1 eq_mono] eq_l rsplit[OF xp x1 neq_mono] neq_l
  4134                rsplit[OF xp x1 DVD_mono[OF xp x1]] DVD_l rsplit[OF xp x1 NDVD_mono[OF xp x1]] NDVD_l simpfm_rl)
  4135 lemma rlfm_l:
  4136   assumes qfp: "qfree p"
  4137   shows "isrlfm (rlfm p)"
  4138   using qfp lt_l gt_l ge_l le_l eq_l neq_l DVD_l NDVD_l 
  4139 by (induct p rule: rlfm.induct,auto simp add: simpfm_rl)
  4140 
  4141     (* Operations needed for Ferrante and Rackoff *)
  4142 lemma rminusinf_inf:
  4143   assumes lp: "isrlfm p"
  4144   shows "\<exists> z. \<forall> x < z. Ifm (x#bs) (minusinf p) = Ifm (x#bs) p" (is "\<exists> z. \<forall> x. ?P z x p")
  4145 using lp
  4146 proof (induct p rule: minusinf.induct)
  4147   case (1 p q) thus ?case by (auto,rule_tac x= "min z za" in exI) auto
  4148 next
  4149   case (2 p q) thus ?case by (auto,rule_tac x= "min z za" in exI) auto
  4150 next
  4151   case (3 c e) 
  4152   from 3 have nb: "numbound0 e" by simp
  4153   from 3 have cp: "real c > 0" by simp
  4154   fix a
  4155   let ?e="Inum (a#bs) e"
  4156   let ?z = "(- ?e) / real c"
  4157   {fix x
  4158     assume xz: "x < ?z"
  4159     hence "(real c * x < - ?e)" 
  4160       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4161     hence "real c * x + ?e < 0" by arith
  4162     hence "real c * x + ?e \<noteq> 0" by simp
  4163     with xz have "?P ?z x (Eq (CN 0 c e))"
  4164       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp  }
  4165   hence "\<forall> x < ?z. ?P ?z x (Eq (CN 0 c e))" by simp
  4166   thus ?case by blast
  4167 next
  4168   case (4 c e)   
  4169   from 4 have nb: "numbound0 e" by simp
  4170   from 4 have cp: "real c > 0" by simp
  4171   fix a
  4172   let ?e="Inum (a#bs) e"
  4173   let ?z = "(- ?e) / real c"
  4174   {fix x
  4175     assume xz: "x < ?z"
  4176     hence "(real c * x < - ?e)" 
  4177       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4178     hence "real c * x + ?e < 0" by arith
  4179     hence "real c * x + ?e \<noteq> 0" by simp
  4180     with xz have "?P ?z x (NEq (CN 0 c e))"
  4181       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4182   hence "\<forall> x < ?z. ?P ?z x (NEq (CN 0 c e))" by simp
  4183   thus ?case by blast
  4184 next
  4185   case (5 c e) 
  4186   from 5 have nb: "numbound0 e" by simp
  4187   from 5 have cp: "real c > 0" by simp
  4188   fix a
  4189   let ?e="Inum (a#bs) e"
  4190   let ?z = "(- ?e) / real c"
  4191   {fix x
  4192     assume xz: "x < ?z"
  4193     hence "(real c * x < - ?e)" 
  4194       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4195     hence "real c * x + ?e < 0" by arith
  4196     with xz have "?P ?z x (Lt (CN 0 c e))"
  4197       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"]  by simp }
  4198   hence "\<forall> x < ?z. ?P ?z x (Lt (CN 0 c e))" by simp
  4199   thus ?case by blast
  4200 next
  4201   case (6 c e)  
  4202   from 6 have nb: "numbound0 e" by simp
  4203   from 6 have cp: "real c > 0" by simp
  4204   fix a
  4205   let ?e="Inum (a#bs) e"
  4206   let ?z = "(- ?e) / real c"
  4207   {fix x
  4208     assume xz: "x < ?z"
  4209     hence "(real c * x < - ?e)" 
  4210       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4211     hence "real c * x + ?e < 0" by arith
  4212     with xz have "?P ?z x (Le (CN 0 c e))"
  4213       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4214   hence "\<forall> x < ?z. ?P ?z x (Le (CN 0 c e))" by simp
  4215   thus ?case by blast
  4216 next
  4217   case (7 c e)  
  4218   from 7 have nb: "numbound0 e" by simp
  4219   from 7 have cp: "real c > 0" by simp
  4220   fix a
  4221   let ?e="Inum (a#bs) e"
  4222   let ?z = "(- ?e) / real c"
  4223   {fix x
  4224     assume xz: "x < ?z"
  4225     hence "(real c * x < - ?e)" 
  4226       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4227     hence "real c * x + ?e < 0" by arith
  4228     with xz have "?P ?z x (Gt (CN 0 c e))"
  4229       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4230   hence "\<forall> x < ?z. ?P ?z x (Gt (CN 0 c e))" by simp
  4231   thus ?case by blast
  4232 next
  4233   case (8 c e)  
  4234   from 8 have nb: "numbound0 e" by simp
  4235   from 8 have cp: "real c > 0" by simp
  4236   fix a
  4237   let ?e="Inum (a#bs) e"
  4238   let ?z = "(- ?e) / real c"
  4239   {fix x
  4240     assume xz: "x < ?z"
  4241     hence "(real c * x < - ?e)" 
  4242       by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="- ?e"] mult_ac) 
  4243     hence "real c * x + ?e < 0" by arith
  4244     with xz have "?P ?z x (Ge (CN 0 c e))"
  4245       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4246   hence "\<forall> x < ?z. ?P ?z x (Ge (CN 0 c e))" by simp
  4247   thus ?case by blast
  4248 qed simp_all
  4249 
  4250 lemma rplusinf_inf:
  4251   assumes lp: "isrlfm p"
  4252   shows "\<exists> z. \<forall> x > z. Ifm (x#bs) (plusinf p) = Ifm (x#bs) p" (is "\<exists> z. \<forall> x. ?P z x p")
  4253 using lp
  4254 proof (induct p rule: isrlfm.induct)
  4255   case (1 p q) thus ?case by (auto,rule_tac x= "max z za" in exI) auto
  4256 next
  4257   case (2 p q) thus ?case by (auto,rule_tac x= "max z za" in exI) auto
  4258 next
  4259   case (3 c e) 
  4260   from 3 have nb: "numbound0 e" by simp
  4261   from 3 have cp: "real c > 0" by simp
  4262   fix a
  4263   let ?e="Inum (a#bs) e"
  4264   let ?z = "(- ?e) / real c"
  4265   {fix x
  4266     assume xz: "x > ?z"
  4267     with mult_strict_right_mono [OF xz cp] cp
  4268     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4269     hence "real c * x + ?e > 0" by arith
  4270     hence "real c * x + ?e \<noteq> 0" by simp
  4271     with xz have "?P ?z x (Eq (CN 0 c e))"
  4272       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4273   hence "\<forall> x > ?z. ?P ?z x (Eq (CN 0 c e))" by simp
  4274   thus ?case by blast
  4275 next
  4276   case (4 c e) 
  4277   from 4 have nb: "numbound0 e" by simp
  4278   from 4 have cp: "real c > 0" by simp
  4279   fix a
  4280   let ?e="Inum (a#bs) e"
  4281   let ?z = "(- ?e) / real c"
  4282   {fix x
  4283     assume xz: "x > ?z"
  4284     with mult_strict_right_mono [OF xz cp] cp
  4285     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4286     hence "real c * x + ?e > 0" by arith
  4287     hence "real c * x + ?e \<noteq> 0" by simp
  4288     with xz have "?P ?z x (NEq (CN 0 c e))"
  4289       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4290   hence "\<forall> x > ?z. ?P ?z x (NEq (CN 0 c e))" by simp
  4291   thus ?case by blast
  4292 next
  4293   case (5 c e) 
  4294   from 5 have nb: "numbound0 e" by simp
  4295   from 5 have cp: "real c > 0" by simp
  4296   fix a
  4297   let ?e="Inum (a#bs) e"
  4298   let ?z = "(- ?e) / real c"
  4299   {fix x
  4300     assume xz: "x > ?z"
  4301     with mult_strict_right_mono [OF xz cp] cp
  4302     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4303     hence "real c * x + ?e > 0" by arith
  4304     with xz have "?P ?z x (Lt (CN 0 c e))"
  4305       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4306   hence "\<forall> x > ?z. ?P ?z x (Lt (CN 0 c e))" by simp
  4307   thus ?case by blast
  4308 next
  4309   case (6 c e) 
  4310   from 6 have nb: "numbound0 e" by simp
  4311   from 6 have cp: "real c > 0" by simp
  4312   fix a
  4313   let ?e="Inum (a#bs) e"
  4314   let ?z = "(- ?e) / real c"
  4315   {fix x
  4316     assume xz: "x > ?z"
  4317     with mult_strict_right_mono [OF xz cp] cp
  4318     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4319     hence "real c * x + ?e > 0" by arith
  4320     with xz have "?P ?z x (Le (CN 0 c e))"
  4321       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4322   hence "\<forall> x > ?z. ?P ?z x (Le (CN 0 c e))" by simp
  4323   thus ?case by blast
  4324 next
  4325   case (7 c e) 
  4326   from 7 have nb: "numbound0 e" by simp
  4327   from 7 have cp: "real c > 0" by simp
  4328   fix a
  4329   let ?e="Inum (a#bs) e"
  4330   let ?z = "(- ?e) / real c"
  4331   {fix x
  4332     assume xz: "x > ?z"
  4333     with mult_strict_right_mono [OF xz cp] cp
  4334     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4335     hence "real c * x + ?e > 0" by arith
  4336     with xz have "?P ?z x (Gt (CN 0 c e))"
  4337       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"] by simp }
  4338   hence "\<forall> x > ?z. ?P ?z x (Gt (CN 0 c e))" by simp
  4339   thus ?case by blast
  4340 next
  4341   case (8 c e) 
  4342   from 8 have nb: "numbound0 e" by simp
  4343   from 8 have cp: "real c > 0" by simp
  4344   fix a
  4345   let ?e="Inum (a#bs) e"
  4346   let ?z = "(- ?e) / real c"
  4347   {fix x
  4348     assume xz: "x > ?z"
  4349     with mult_strict_right_mono [OF xz cp] cp
  4350     have "(real c * x > - ?e)" by (simp add: mult_ac)
  4351     hence "real c * x + ?e > 0" by arith
  4352     with xz have "?P ?z x (Ge (CN 0 c e))"
  4353       using numbound0_I[OF nb, where b="x" and bs="bs" and b'="a"]   by simp }
  4354   hence "\<forall> x > ?z. ?P ?z x (Ge (CN 0 c e))" by simp
  4355   thus ?case by blast
  4356 qed simp_all
  4357 
  4358 lemma rminusinf_bound0:
  4359   assumes lp: "isrlfm p"
  4360   shows "bound0 (minusinf p)"
  4361   using lp
  4362   by (induct p rule: minusinf.induct) simp_all
  4363 
  4364 lemma rplusinf_bound0:
  4365   assumes lp: "isrlfm p"
  4366   shows "bound0 (plusinf p)"
  4367   using lp
  4368   by (induct p rule: plusinf.induct) simp_all
  4369 
  4370 lemma rminusinf_ex:
  4371   assumes lp: "isrlfm p"
  4372   and ex: "Ifm (a#bs) (minusinf p)"
  4373   shows "\<exists> x. Ifm (x#bs) p"
  4374 proof-
  4375   from bound0_I [OF rminusinf_bound0[OF lp], where b="a" and bs ="bs"] ex
  4376   have th: "\<forall> x. Ifm (x#bs) (minusinf p)" by auto
  4377   from rminusinf_inf[OF lp, where bs="bs"] 
  4378   obtain z where z_def: "\<forall>x<z. Ifm (x # bs) (minusinf p) = Ifm (x # bs) p" by blast
  4379   from th have "Ifm ((z - 1)#bs) (minusinf p)" by simp
  4380   moreover have "z - 1 < z" by simp
  4381   ultimately show ?thesis using z_def by auto
  4382 qed
  4383 
  4384 lemma rplusinf_ex:
  4385   assumes lp: "isrlfm p"
  4386   and ex: "Ifm (a#bs) (plusinf p)"
  4387   shows "\<exists> x. Ifm (x#bs) p"
  4388 proof-
  4389   from bound0_I [OF rplusinf_bound0[OF lp], where b="a" and bs ="bs"] ex
  4390   have th: "\<forall> x. Ifm (x#bs) (plusinf p)" by auto
  4391   from rplusinf_inf[OF lp, where bs="bs"] 
  4392   obtain z where z_def: "\<forall>x>z. Ifm (x # bs) (plusinf p) = Ifm (x # bs) p" by blast
  4393   from th have "Ifm ((z + 1)#bs) (plusinf p)" by simp
  4394   moreover have "z + 1 > z" by simp
  4395   ultimately show ?thesis using z_def by auto
  4396 qed
  4397 
  4398 consts 
  4399   \<Upsilon>:: "fm \<Rightarrow> (num \<times> int) list"
  4400   \<upsilon> :: "fm \<Rightarrow> (num \<times> int) \<Rightarrow> fm "
  4401 recdef \<Upsilon> "measure size"
  4402   "\<Upsilon> (And p q) = (\<Upsilon> p @ \<Upsilon> q)" 
  4403   "\<Upsilon> (Or p q) = (\<Upsilon> p @ \<Upsilon> q)" 
  4404   "\<Upsilon> (Eq  (CN 0 c e)) = [(Neg e,c)]"
  4405   "\<Upsilon> (NEq (CN 0 c e)) = [(Neg e,c)]"
  4406   "\<Upsilon> (Lt  (CN 0 c e)) = [(Neg e,c)]"
  4407   "\<Upsilon> (Le  (CN 0 c e)) = [(Neg e,c)]"
  4408   "\<Upsilon> (Gt  (CN 0 c e)) = [(Neg e,c)]"
  4409   "\<Upsilon> (Ge  (CN 0 c e)) = [(Neg e,c)]"
  4410   "\<Upsilon> p = []"
  4411 
  4412 recdef \<upsilon> "measure size"
  4413   "\<upsilon> (And p q) = (\<lambda> (t,n). And (\<upsilon> p (t,n)) (\<upsilon> q (t,n)))"
  4414   "\<upsilon> (Or p q) = (\<lambda> (t,n). Or (\<upsilon> p (t,n)) (\<upsilon> q (t,n)))"
  4415   "\<upsilon> (Eq (CN 0 c e)) = (\<lambda> (t,n). Eq (Add (Mul c t) (Mul n e)))"
  4416   "\<upsilon> (NEq (CN 0 c e)) = (\<lambda> (t,n). NEq (Add (Mul c t) (Mul n e)))"
  4417   "\<upsilon> (Lt (CN 0 c e)) = (\<lambda> (t,n). Lt (Add (Mul c t) (Mul n e)))"
  4418   "\<upsilon> (Le (CN 0 c e)) = (\<lambda> (t,n). Le (Add (Mul c t) (Mul n e)))"
  4419   "\<upsilon> (Gt (CN 0 c e)) = (\<lambda> (t,n). Gt (Add (Mul c t) (Mul n e)))"
  4420   "\<upsilon> (Ge (CN 0 c e)) = (\<lambda> (t,n). Ge (Add (Mul c t) (Mul n e)))"
  4421   "\<upsilon> p = (\<lambda> (t,n). p)"
  4422 
  4423 lemma \<upsilon>_I: assumes lp: "isrlfm p"
  4424   and np: "real n > 0" and nbt: "numbound0 t"
  4425   shows "(Ifm (x#bs) (\<upsilon> p (t,n)) = Ifm (((Inum (x#bs) t)/(real n))#bs) p) \<and> bound0 (\<upsilon> p (t,n))" (is "(?I x (\<upsilon> p (t,n)) = ?I ?u p) \<and> ?B p" is "(_ = ?I (?t/?n) p) \<and> _" is "(_ = ?I (?N x t /_) p) \<and> _")
  4426   using lp
  4427 proof(induct p rule: \<upsilon>.induct)
  4428   case (5 c e)
  4429   from 5 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4430   have "?I ?u (Lt (CN 0 c e)) = (real c *(?t/?n) + (?N x e) < 0)"
  4431     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4432   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) < 0)"
  4433     by (simp only: pos_less_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4434       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4435   also have "\<dots> = (real c *?t + ?n* (?N x e) < 0)"
  4436     using np by simp 
  4437   finally show ?case using nbt nb by (simp add: algebra_simps)
  4438 next
  4439   case (6 c e)
  4440   from 6 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4441   have "?I ?u (Le (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<le> 0)"
  4442     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4443   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<le> 0)"
  4444     by (simp only: pos_le_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4445       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4446   also have "\<dots> = (real c *?t + ?n* (?N x e) \<le> 0)"
  4447     using np by simp 
  4448   finally show ?case using nbt nb by (simp add: algebra_simps)
  4449 next
  4450   case (7 c e)
  4451   from 7 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4452   have "?I ?u (Gt (CN 0 c e)) = (real c *(?t/?n) + (?N x e) > 0)"
  4453     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4454   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) > 0)"
  4455     by (simp only: pos_divide_less_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4456       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4457   also have "\<dots> = (real c *?t + ?n* (?N x e) > 0)"
  4458     using np by simp 
  4459   finally show ?case using nbt nb by (simp add: algebra_simps)
  4460 next
  4461   case (8 c e)
  4462   from 8 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4463   have "?I ?u (Ge (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<ge> 0)"
  4464     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4465   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<ge> 0)"
  4466     by (simp only: pos_divide_le_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4467       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4468   also have "\<dots> = (real c *?t + ?n* (?N x e) \<ge> 0)"
  4469     using np by simp 
  4470   finally show ?case using nbt nb by (simp add: algebra_simps)
  4471 next
  4472   case (3 c e)
  4473   from 3 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4474   from np have np: "real n \<noteq> 0" by simp
  4475   have "?I ?u (Eq (CN 0 c e)) = (real c *(?t/?n) + (?N x e) = 0)"
  4476     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4477   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) = 0)"
  4478     by (simp only: nonzero_eq_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4479       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4480   also have "\<dots> = (real c *?t + ?n* (?N x e) = 0)"
  4481     using np by simp 
  4482   finally show ?case using nbt nb by (simp add: algebra_simps)
  4483 next
  4484   case (4 c e)
  4485   from 4 have cp: "c >0" and nb: "numbound0 e" by simp_all
  4486   from np have np: "real n \<noteq> 0" by simp
  4487   have "?I ?u (NEq (CN 0 c e)) = (real c *(?t/?n) + (?N x e) \<noteq> 0)"
  4488     using numbound0_I[OF nb, where bs="bs" and b="?u" and b'="x"] by simp
  4489   also have "\<dots> = (?n*(real c *(?t/?n)) + ?n*(?N x e) \<noteq> 0)"
  4490     by (simp only: nonzero_eq_divide_eq[OF np, where a="real c *(?t/?n) + (?N x e)" 
  4491       and b="0", simplified divide_zero_left]) (simp only: algebra_simps)
  4492   also have "\<dots> = (real c *?t + ?n* (?N x e) \<noteq> 0)"
  4493     using np by simp 
  4494   finally show ?case using nbt nb by (simp add: algebra_simps)
  4495 qed(simp_all add: nbt numbound0_I[where bs ="bs" and b="(Inum (x#bs) t)/ real n" and b'="x"])
  4496 
  4497 lemma \<Upsilon>_l:
  4498   assumes lp: "isrlfm p"
  4499   shows "\<forall> (t,k) \<in> set (\<Upsilon> p). numbound0 t \<and> k >0"
  4500 using lp
  4501 by(induct p rule: \<Upsilon>.induct)  auto
  4502 
  4503 lemma rminusinf_\<Upsilon>:
  4504   assumes lp: "isrlfm p"
  4505   and nmi: "\<not> (Ifm (a#bs) (minusinf p))" (is "\<not> (Ifm (a#bs) (?M p))")
  4506   and ex: "Ifm (x#bs) p" (is "?I x p")
  4507   shows "\<exists> (s,m) \<in> set (\<Upsilon> p). x \<ge> Inum (a#bs) s / real m" (is "\<exists> (s,m) \<in> ?U p. x \<ge> ?N a s / real m")
  4508 proof-
  4509   have "\<exists> (s,m) \<in> set (\<Upsilon> p). real m * x \<ge> Inum (a#bs) s " (is "\<exists> (s,m) \<in> ?U p. real m *x \<ge> ?N a s")
  4510     using lp nmi ex
  4511     by (induct p rule: minusinf.induct, auto simp add:numbound0_I[where bs="bs" and b="a" and b'="x"])
  4512   then obtain s m where smU: "(s,m) \<in> set (\<Upsilon> p)" and mx: "real m * x \<ge> ?N a s" by blast
  4513   from \<Upsilon>_l[OF lp] smU have mp: "real m > 0" by auto
  4514   from pos_divide_le_eq[OF mp, where a="x" and b="?N a s", symmetric] mx have "x \<ge> ?N a s / real m" 
  4515     by (auto simp add: mult_commute)
  4516   thus ?thesis using smU by auto
  4517 qed
  4518 
  4519 lemma rplusinf_\<Upsilon>:
  4520   assumes lp: "isrlfm p"
  4521   and nmi: "\<not> (Ifm (a#bs) (plusinf p))" (is "\<not> (Ifm (a#bs) (?M p))")
  4522   and ex: "Ifm (x#bs) p" (is "?I x p")
  4523   shows "\<exists> (s,m) \<in> set (\<Upsilon> p). x \<le> Inum (a#bs) s / real m" (is "\<exists> (s,m) \<in> ?U p. x \<le> ?N a s / real m")
  4524 proof-
  4525   have "\<exists> (s,m) \<in> set (\<Upsilon> p). real m * x \<le> Inum (a#bs) s " (is "\<exists> (s,m) \<in> ?U p. real m *x \<le> ?N a s")
  4526     using lp nmi ex
  4527     by (induct p rule: minusinf.induct, auto simp add:numbound0_I[where bs="bs" and b="a" and b'="x"])
  4528   then obtain s m where smU: "(s,m) \<in> set (\<Upsilon> p)" and mx: "real m * x \<le> ?N a s" by blast
  4529   from \<Upsilon>_l[OF lp] smU have mp: "real m > 0" by auto
  4530   from pos_le_divide_eq[OF mp, where a="x" and b="?N a s", symmetric] mx have "x \<le> ?N a s / real m" 
  4531     by (auto simp add: mult_commute)
  4532   thus ?thesis using smU by auto
  4533 qed
  4534 
  4535 lemma lin_dense: 
  4536   assumes lp: "isrlfm p"
  4537   and noS: "\<forall> t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda> (t,n). Inum (x#bs) t / real n) ` set (\<Upsilon> p)" 
  4538   (is "\<forall> t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda> (t,n). ?N x t / real n ) ` (?U p)")
  4539   and lx: "l < x" and xu:"x < u" and px:" Ifm (x#bs) p"
  4540   and ly: "l < y" and yu: "y < u"
  4541   shows "Ifm (y#bs) p"
  4542 using lp px noS
  4543 proof (induct p rule: isrlfm.induct)
  4544   case (5 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4545   from 5 have "x * real c + ?N x e < 0" by (simp add: algebra_simps)
  4546   hence pxc: "x < (- ?N x e) / real c" 
  4547     by (simp only: pos_less_divide_eq[OF cp, where a="x" and b="-?N x e"])
  4548   from 5 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4549   with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4550   hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4551   moreover {assume y: "y < (-?N x e)/ real c"
  4552     hence "y * real c < - ?N x e"
  4553       by (simp add: pos_less_divide_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4554     hence "real c * y + ?N x e < 0" by (simp add: algebra_simps)
  4555     hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4556   moreover {assume y: "y > (- ?N x e) / real c" 
  4557     with yu have eu: "u > (- ?N x e) / real c" by auto
  4558     with noSc ly yu have "(- ?N x e) / real c \<le> l" by (cases "(- ?N x e) / real c > l", auto)
  4559     with lx pxc have "False" by auto
  4560     hence ?case by simp }
  4561   ultimately show ?case by blast
  4562 next
  4563   case (6 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4564   from 6 have "x * real c + ?N x e \<le> 0" by (simp add: algebra_simps)
  4565   hence pxc: "x \<le> (- ?N x e) / real c" 
  4566     by (simp only: pos_le_divide_eq[OF cp, where a="x" and b="-?N x e"])
  4567   from 6 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4568   with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4569   hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4570   moreover {assume y: "y < (-?N x e)/ real c"
  4571     hence "y * real c < - ?N x e"
  4572       by (simp add: pos_less_divide_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4573     hence "real c * y + ?N x e < 0" by (simp add: algebra_simps)
  4574     hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4575   moreover {assume y: "y > (- ?N x e) / real c" 
  4576     with yu have eu: "u > (- ?N x e) / real c" by auto
  4577     with noSc ly yu have "(- ?N x e) / real c \<le> l" by (cases "(- ?N x e) / real c > l", auto)
  4578     with lx pxc have "False" by auto
  4579     hence ?case by simp }
  4580   ultimately show ?case by blast
  4581 next
  4582   case (7 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4583   from 7 have "x * real c + ?N x e > 0" by (simp add: algebra_simps)
  4584   hence pxc: "x > (- ?N x e) / real c" 
  4585     by (simp only: pos_divide_less_eq[OF cp, where a="x" and b="-?N x e"])
  4586   from 7 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4587   with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4588   hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4589   moreover {assume y: "y > (-?N x e)/ real c"
  4590     hence "y * real c > - ?N x e"
  4591       by (simp add: pos_divide_less_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4592     hence "real c * y + ?N x e > 0" by (simp add: algebra_simps)
  4593     hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4594   moreover {assume y: "y < (- ?N x e) / real c" 
  4595     with ly have eu: "l < (- ?N x e) / real c" by auto
  4596     with noSc ly yu have "(- ?N x e) / real c \<ge> u" by (cases "(- ?N x e) / real c > l", auto)
  4597     with xu pxc have "False" by auto
  4598     hence ?case by simp }
  4599   ultimately show ?case by blast
  4600 next
  4601   case (8 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4602   from 8 have "x * real c + ?N x e \<ge> 0" by (simp add: algebra_simps)
  4603   hence pxc: "x \<ge> (- ?N x e) / real c" 
  4604     by (simp only: pos_divide_le_eq[OF cp, where a="x" and b="-?N x e"])
  4605   from 8 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4606   with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4607   hence "y < (- ?N x e) / real c \<or> y > (-?N x e) / real c" by auto
  4608   moreover {assume y: "y > (-?N x e)/ real c"
  4609     hence "y * real c > - ?N x e"
  4610       by (simp add: pos_divide_less_eq[OF cp, where a="y" and b="-?N x e", symmetric])
  4611     hence "real c * y + ?N x e > 0" by (simp add: algebra_simps)
  4612     hence ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] by simp}
  4613   moreover {assume y: "y < (- ?N x e) / real c" 
  4614     with ly have eu: "l < (- ?N x e) / real c" by auto
  4615     with noSc ly yu have "(- ?N x e) / real c \<ge> u" by (cases "(- ?N x e) / real c > l", auto)
  4616     with xu pxc have "False" by auto
  4617     hence ?case by simp }
  4618   ultimately show ?case by blast
  4619 next
  4620   case (3 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4621   from cp have cnz: "real c \<noteq> 0" by simp
  4622   from 3 have "x * real c + ?N x e = 0" by (simp add: algebra_simps)
  4623   hence pxc: "x = (- ?N x e) / real c" 
  4624     by (simp only: nonzero_eq_divide_eq[OF cnz, where a="x" and b="-?N x e"])
  4625   from 3 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4626   with lx xu have yne: "x \<noteq> - ?N x e / real c" by auto
  4627   with pxc show ?case by simp
  4628 next
  4629   case (4 c e) hence cp: "real c > 0" and nb: "numbound0 e" by simp_all
  4630   from cp have cnz: "real c \<noteq> 0" by simp
  4631   from 4 have noSc:"\<forall> t. l < t \<and> t < u \<longrightarrow> t \<noteq> (- ?N x e) / real c" by auto
  4632   with ly yu have yne: "y \<noteq> - ?N x e / real c" by auto
  4633   hence "y* real c \<noteq> -?N x e"      
  4634     by (simp only: nonzero_eq_divide_eq[OF cnz, where a="y" and b="-?N x e"]) simp
  4635   hence "y* real c + ?N x e \<noteq> 0" by (simp add: algebra_simps)
  4636   thus ?case using numbound0_I[OF nb, where bs="bs" and b="x" and b'="y"] 
  4637     by (simp add: algebra_simps)
  4638 qed (auto simp add: numbound0_I[where bs="bs" and b="y" and b'="x"])
  4639 
  4640 lemma rinf_\<Upsilon>:
  4641   assumes lp: "isrlfm p"
  4642   and nmi: "\<not> (Ifm (x#bs) (minusinf p))" (is "\<not> (Ifm (x#bs) (?M p))")
  4643   and npi: "\<not> (Ifm (x#bs) (plusinf p))" (is "\<not> (Ifm (x#bs) (?P p))")
  4644   and ex: "\<exists> x.  Ifm (x#bs) p" (is "\<exists> x. ?I x p")
  4645   shows "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p).
  4646     ?I ((Inum (x#bs) l / real n + Inum (x#bs) s / real m) / 2) p" 
  4647 proof-
  4648   let ?N = "\<lambda> x t. Inum (x#bs) t"
  4649   let ?U = "set (\<Upsilon> p)"
  4650   from ex obtain a where pa: "?I a p" by blast
  4651   from bound0_I[OF rminusinf_bound0[OF lp], where bs="bs" and b="x" and b'="a"] nmi
  4652   have nmi': "\<not> (?I a (?M p))" by simp
  4653   from bound0_I[OF rplusinf_bound0[OF lp], where bs="bs" and b="x" and b'="a"] npi
  4654   have npi': "\<not> (?I a (?P p))" by simp
  4655   have "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). ?I ((?N a l/real n + ?N a s /real m) / 2) p"
  4656   proof-
  4657     let ?M = "(\<lambda> (t,c). ?N a t / real c) ` ?U"
  4658     have fM: "finite ?M" by auto
  4659     from rminusinf_\<Upsilon>[OF lp nmi pa] rplusinf_\<Upsilon>[OF lp npi pa] 
  4660     have "\<exists> (l,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). a \<le> ?N x l / real n \<and> a \<ge> ?N x s / real m" by blast
  4661     then obtain "t" "n" "s" "m" where 
  4662       tnU: "(t,n) \<in> ?U" and smU: "(s,m) \<in> ?U" 
  4663       and xs1: "a \<le> ?N x s / real m" and tx1: "a \<ge> ?N x t / real n" by blast
  4664     from \<Upsilon>_l[OF lp] tnU smU numbound0_I[where bs="bs" and b="x" and b'="a"] xs1 tx1 have xs: "a \<le> ?N a s / real m" and tx: "a \<ge> ?N a t / real n" by auto
  4665     from tnU have Mne: "?M \<noteq> {}" by auto
  4666     hence Une: "?U \<noteq> {}" by simp
  4667     let ?l = "Min ?M"
  4668     let ?u = "Max ?M"
  4669     have linM: "?l \<in> ?M" using fM Mne by simp
  4670     have uinM: "?u \<in> ?M" using fM Mne by simp
  4671     have tnM: "?N a t / real n \<in> ?M" using tnU by auto
  4672     have smM: "?N a s / real m \<in> ?M" using smU by auto 
  4673     have lM: "\<forall> t\<in> ?M. ?l \<le> t" using Mne fM by auto
  4674     have Mu: "\<forall> t\<in> ?M. t \<le> ?u" using Mne fM by auto
  4675     have "?l \<le> ?N a t / real n" using tnM Mne by simp hence lx: "?l \<le> a" using tx by simp
  4676     have "?N a s / real m \<le> ?u" using smM Mne by simp hence xu: "a \<le> ?u" using xs by simp
  4677     from finite_set_intervals2[where P="\<lambda> x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
  4678     have "(\<exists> s\<in> ?M. ?I s p) \<or> 
  4679       (\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p)" .
  4680     moreover { fix u assume um: "u\<in> ?M" and pu: "?I u p"
  4681       hence "\<exists> (tu,nu) \<in> ?U. u = ?N a tu / real nu" by auto
  4682       then obtain "tu" "nu" where tuU: "(tu,nu) \<in> ?U" and tuu:"u= ?N a tu / real nu" by blast
  4683       have "(u + u) / 2 = u" by auto with pu tuu 
  4684       have "?I (((?N a tu / real nu) + (?N a tu / real nu)) / 2) p" by simp
  4685       with tuU have ?thesis by blast}
  4686     moreover{
  4687       assume "\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p"
  4688       then obtain t1 and t2 where t1M: "t1 \<in> ?M" and t2M: "t2\<in> ?M" 
  4689         and noM: "\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M" and t1x: "t1 < a" and xt2: "a < t2" and px: "?I a p"
  4690         by blast
  4691       from t1M have "\<exists> (t1u,t1n) \<in> ?U. t1 = ?N a t1u / real t1n" by auto
  4692       then obtain "t1u" "t1n" where t1uU: "(t1u,t1n) \<in> ?U" and t1u: "t1 = ?N a t1u / real t1n" by blast
  4693       from t2M have "\<exists> (t2u,t2n) \<in> ?U. t2 = ?N a t2u / real t2n" by auto
  4694       then obtain "t2u" "t2n" where t2uU: "(t2u,t2n) \<in> ?U" and t2u: "t2 = ?N a t2u / real t2n" by blast
  4695       from t1x xt2 have t1t2: "t1 < t2" by simp
  4696       let ?u = "(t1 + t2) / 2"
  4697       from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2" by auto
  4698       from lin_dense[OF lp noM t1x xt2 px t1lu ut2] have "?I ?u p" .
  4699       with t1uU t2uU t1u t2u have ?thesis by blast}
  4700     ultimately show ?thesis by blast
  4701   qed
  4702   then obtain "l" "n" "s"  "m" where lnU: "(l,n) \<in> ?U" and smU:"(s,m) \<in> ?U" 
  4703     and pu: "?I ((?N a l / real n + ?N a s / real m) / 2) p" by blast
  4704   from lnU smU \<Upsilon>_l[OF lp] have nbl: "numbound0 l" and nbs: "numbound0 s" by auto
  4705   from numbound0_I[OF nbl, where bs="bs" and b="a" and b'="x"] 
  4706     numbound0_I[OF nbs, where bs="bs" and b="a" and b'="x"] pu
  4707   have "?I ((?N x l / real n + ?N x s / real m) / 2) p" by simp
  4708   with lnU smU
  4709   show ?thesis by auto
  4710 qed
  4711     (* The Ferrante - Rackoff Theorem *)
  4712 
  4713 theorem fr_eq: 
  4714   assumes lp: "isrlfm p"
  4715   shows "(\<exists> x. Ifm (x#bs) p) = ((Ifm (x#bs) (minusinf p)) \<or> (Ifm (x#bs) (plusinf p)) \<or> (\<exists> (t,n) \<in> set (\<Upsilon> p). \<exists> (s,m) \<in> set (\<Upsilon> p). Ifm ((((Inum (x#bs) t)/  real n + (Inum (x#bs) s) / real m) /2)#bs) p))"
  4716   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  4717 proof
  4718   assume px: "\<exists> x. ?I x p"
  4719   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  4720   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  4721   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  4722     from rinf_\<Upsilon>[OF lp nmi npi] have "?F" using px by blast hence "?D" by blast}
  4723   ultimately show "?D" by blast
  4724 next
  4725   assume "?D" 
  4726   moreover {assume m:"?M" from rminusinf_ex[OF lp m] have "?E" .}
  4727   moreover {assume p: "?P" from rplusinf_ex[OF lp p] have "?E" . }
  4728   moreover {assume f:"?F" hence "?E" by blast}
  4729   ultimately show "?E" by blast
  4730 qed
  4731 
  4732 
  4733 lemma fr_eq\<upsilon>: 
  4734   assumes lp: "isrlfm p"
  4735   shows "(\<exists> x. Ifm (x#bs) p) = ((Ifm (x#bs) (minusinf p)) \<or> (Ifm (x#bs) (plusinf p)) \<or> (\<exists> (t,k) \<in> set (\<Upsilon> p). \<exists> (s,l) \<in> set (\<Upsilon> p). Ifm (x#bs) (\<upsilon> p (Add(Mul l t) (Mul k s) , 2*k*l))))"
  4736   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  4737 proof
  4738   assume px: "\<exists> x. ?I x p"
  4739   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  4740   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  4741   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  4742     let ?f ="\<lambda> (t,n). Inum (x#bs) t / real n"
  4743     let ?N = "\<lambda> t. Inum (x#bs) t"
  4744     {fix t n s m assume "(t,n)\<in> set (\<Upsilon> p)" and "(s,m) \<in> set (\<Upsilon> p)"
  4745       with \<Upsilon>_l[OF lp] have tnb: "numbound0 t" and np:"real n > 0" and snb: "numbound0 s" and mp:"real m > 0"
  4746         by auto
  4747       let ?st = "Add (Mul m t) (Mul n s)"
  4748       from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  4749         by (simp add: mult_commute)
  4750       from tnb snb have st_nb: "numbound0 ?st" by simp
  4751       have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4752         using mnp mp np by (simp add: algebra_simps add_divide_distrib)
  4753       from \<upsilon>_I[OF lp mnp st_nb, where x="x" and bs="bs"] 
  4754       have "?I x (\<upsilon> p (?st,2*n*m)) = ?I ((?N t / real n + ?N s / real m) /2) p" by (simp only: st[symmetric])}
  4755     with rinf_\<Upsilon>[OF lp nmi npi px] have "?F" by blast hence "?D" by blast}
  4756   ultimately show "?D" by blast
  4757 next
  4758   assume "?D" 
  4759   moreover {assume m:"?M" from rminusinf_ex[OF lp m] have "?E" .}
  4760   moreover {assume p: "?P" from rplusinf_ex[OF lp p] have "?E" . }
  4761   moreover {fix t k s l assume "(t,k) \<in> set (\<Upsilon> p)" and "(s,l) \<in> set (\<Upsilon> p)" 
  4762     and px:"?I x (\<upsilon> p (Add (Mul l t) (Mul k s), 2*k*l))"
  4763     with \<Upsilon>_l[OF lp] have tnb: "numbound0 t" and np:"real k > 0" and snb: "numbound0 s" and mp:"real l > 0" by auto
  4764     let ?st = "Add (Mul l t) (Mul k s)"
  4765     from mult_pos_pos[OF np mp] have mnp: "real (2*k*l) > 0" 
  4766       by (simp add: mult_commute)
  4767     from tnb snb have st_nb: "numbound0 ?st" by simp
  4768     from \<upsilon>_I[OF lp mnp st_nb, where bs="bs"] px have "?E" by auto}
  4769   ultimately show "?E" by blast
  4770 qed
  4771 
  4772 text{* The overall Part *}
  4773 
  4774 lemma real_ex_int_real01:
  4775   shows "(\<exists> (x::real). P x) = (\<exists> (i::int) (u::real). 0\<le> u \<and> u< 1 \<and> P (real i + u))"
  4776 proof(auto)
  4777   fix x
  4778   assume Px: "P x"
  4779   let ?i = "floor x"
  4780   let ?u = "x - real ?i"
  4781   have "x = real ?i + ?u" by simp
  4782   hence "P (real ?i + ?u)" using Px by simp
  4783   moreover have "real ?i \<le> x" using real_of_int_floor_le by simp hence "0 \<le> ?u" by arith
  4784   moreover have "?u < 1" using real_of_int_floor_add_one_gt[where r="x"] by arith 
  4785   ultimately show "(\<exists> (i::int) (u::real). 0\<le> u \<and> u< 1 \<and> P (real i + u))" by blast
  4786 qed
  4787 
  4788 fun exsplitnum :: "num \<Rightarrow> num" where
  4789   "exsplitnum (C c) = (C c)"
  4790 | "exsplitnum (Bound 0) = Add (Bound 0) (Bound 1)"
  4791 | "exsplitnum (Bound n) = Bound (n+1)"
  4792 | "exsplitnum (Neg a) = Neg (exsplitnum a)"
  4793 | "exsplitnum (Add a b) = Add (exsplitnum a) (exsplitnum b) "
  4794 | "exsplitnum (Sub a b) = Sub (exsplitnum a) (exsplitnum b) "
  4795 | "exsplitnum (Mul c a) = Mul c (exsplitnum a)"
  4796 | "exsplitnum (Floor a) = Floor (exsplitnum a)"
  4797 | "exsplitnum (CN 0 c a) = CN 0 c (Add (Mul c (Bound 1)) (exsplitnum a))"
  4798 | "exsplitnum (CN n c a) = CN (n+1) c (exsplitnum a)"
  4799 | "exsplitnum (CF c s t) = CF c (exsplitnum s) (exsplitnum t)"
  4800 
  4801 fun exsplit :: "fm \<Rightarrow> fm" where
  4802   "exsplit (Lt a) = Lt (exsplitnum a)"
  4803 | "exsplit (Le a) = Le (exsplitnum a)"
  4804 | "exsplit (Gt a) = Gt (exsplitnum a)"
  4805 | "exsplit (Ge a) = Ge (exsplitnum a)"
  4806 | "exsplit (Eq a) = Eq (exsplitnum a)"
  4807 | "exsplit (NEq a) = NEq (exsplitnum a)"
  4808 | "exsplit (Dvd i a) = Dvd i (exsplitnum a)"
  4809 | "exsplit (NDvd i a) = NDvd i (exsplitnum a)"
  4810 | "exsplit (And p q) = And (exsplit p) (exsplit q)"
  4811 | "exsplit (Or p q) = Or (exsplit p) (exsplit q)"
  4812 | "exsplit (Imp p q) = Imp (exsplit p) (exsplit q)"
  4813 | "exsplit (Iff p q) = Iff (exsplit p) (exsplit q)"
  4814 | "exsplit (NOT p) = NOT (exsplit p)"
  4815 | "exsplit p = p"
  4816 
  4817 lemma exsplitnum: 
  4818   "Inum (x#y#bs) (exsplitnum t) = Inum ((x+y) #bs) t"
  4819   by(induct t rule: exsplitnum.induct) (simp_all add: algebra_simps)
  4820 
  4821 lemma exsplit: 
  4822   assumes qfp: "qfree p"
  4823   shows "Ifm (x#y#bs) (exsplit p) = Ifm ((x+y)#bs) p"
  4824 using qfp exsplitnum[where x="x" and y="y" and bs="bs"]
  4825 by(induct p rule: exsplit.induct) simp_all
  4826 
  4827 lemma splitex:
  4828   assumes qf: "qfree p"
  4829   shows "(Ifm bs (E p)) = (\<exists> (i::int). Ifm (real i#bs) (E (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) (exsplit p))))" (is "?lhs = ?rhs")
  4830 proof-
  4831   have "?rhs = (\<exists> (i::int). \<exists> x. 0\<le> x \<and> x < 1 \<and> Ifm (x#(real i)#bs) (exsplit p))"
  4832     by (simp add: myless[of _ "1"] myless[of _ "0"] add_ac diff_minus)
  4833   also have "\<dots> = (\<exists> (i::int). \<exists> x. 0\<le> x \<and> x < 1 \<and> Ifm ((real i + x) #bs) p)"
  4834     by (simp only: exsplit[OF qf] add_ac)
  4835   also have "\<dots> = (\<exists> x. Ifm (x#bs) p)" 
  4836     by (simp only: real_ex_int_real01[where P="\<lambda> x. Ifm (x#bs) p"])
  4837   finally show ?thesis by simp
  4838 qed
  4839 
  4840     (* Implement the right hand sides of Cooper's theorem and Ferrante and Rackoff. *)
  4841 
  4842 definition ferrack01 :: "fm \<Rightarrow> fm" where
  4843   "ferrack01 p \<equiv> (let p' = rlfm(And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p);
  4844                     U = remdups(map simp_num_pair 
  4845                      (map (\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m))
  4846                            (alluopairs (\<Upsilon> p')))) 
  4847   in decr (evaldjf (\<upsilon> p') U ))"
  4848 
  4849 lemma fr_eq_01: 
  4850   assumes qf: "qfree p"
  4851   shows "(\<exists> x. Ifm (x#bs) (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) = (\<exists> (t,n) \<in> set (\<Upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p))). \<exists> (s,m) \<in> set (\<Upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p))). Ifm (x#bs) (\<upsilon> (rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) (Add (Mul m t) (Mul n s), 2*n*m)))"
  4852   (is "(\<exists> x. ?I x ?q) = ?F")
  4853 proof-
  4854   let ?rq = "rlfm ?q"
  4855   let ?M = "?I x (minusinf ?rq)"
  4856   let ?P = "?I x (plusinf ?rq)"
  4857   have MF: "?M = False"
  4858     apply (simp add: Let_def reducecoeff_def numgcd_def rsplit_def ge_def lt_def conj_def disj_def)
  4859     by (cases "rlfm p = And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C -1)))", simp_all)
  4860   have PF: "?P = False" apply (simp add: Let_def reducecoeff_def numgcd_def rsplit_def ge_def lt_def conj_def disj_def)
  4861     by (cases "rlfm p = And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C -1)))", simp_all)
  4862   have "(\<exists> x. ?I x ?q ) = 
  4863     ((?I x (minusinf ?rq)) \<or> (?I x (plusinf ?rq )) \<or> (\<exists> (t,n) \<in> set (\<Upsilon> ?rq). \<exists> (s,m) \<in> set (\<Upsilon> ?rq ). ?I x (\<upsilon> ?rq (Add (Mul m t) (Mul n s), 2*n*m))))"
  4864     (is "(\<exists> x. ?I x ?q) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  4865   proof
  4866     assume "\<exists> x. ?I x ?q"  
  4867     then obtain x where qx: "?I x ?q" by blast
  4868     hence xp: "0\<le> x" and x1: "x< 1" and px: "?I x p" 
  4869       by (auto simp add: rsplit_def lt_def ge_def rlfm_I[OF qf])
  4870     from qx have "?I x ?rq " 
  4871       by (simp add: rsplit_def lt_def ge_def rlfm_I[OF qf xp x1])
  4872     hence lqx: "?I x ?rq " using simpfm[where p="?rq" and bs="x#bs"] by auto
  4873     from qf have qfq:"isrlfm ?rq"  
  4874       by (auto simp add: rsplit_def lt_def ge_def rlfm_I[OF qf xp x1])
  4875     with lqx fr_eq\<upsilon>[OF qfq] show "?M \<or> ?P \<or> ?F" by blast
  4876   next
  4877     assume D: "?D"
  4878     let ?U = "set (\<Upsilon> ?rq )"
  4879     from MF PF D have "?F" by auto
  4880     then obtain t n s m where aU:"(t,n) \<in> ?U" and bU:"(s,m)\<in> ?U" and rqx: "?I x (\<upsilon> ?rq (Add (Mul m t) (Mul n s), 2*n*m))" by blast
  4881     from qf have lrq:"isrlfm ?rq"using rlfm_l[OF qf] 
  4882       by (auto simp add: rsplit_def lt_def ge_def)
  4883     from aU bU \<Upsilon>_l[OF lrq] have tnb: "numbound0 t" and np:"real n > 0" and snb: "numbound0 s" and mp:"real m > 0" by (auto simp add: split_def)
  4884     let ?st = "Add (Mul m t) (Mul n s)"
  4885     from tnb snb have stnb: "numbound0 ?st" by simp
  4886     from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  4887       by (simp add: mult_commute)
  4888     from conjunct1[OF \<upsilon>_I[OF lrq mnp stnb, where bs="bs" and x="x"], symmetric] rqx
  4889     have "\<exists> x. ?I x ?rq" by auto
  4890     thus "?E" 
  4891       using rlfm_I[OF qf] by (auto simp add: rsplit_def lt_def ge_def)
  4892   qed
  4893   with MF PF show ?thesis by blast
  4894 qed
  4895 
  4896 lemma \<Upsilon>_cong_aux:
  4897   assumes Ul: "\<forall> (t,n) \<in> set U. numbound0 t \<and> n >0"
  4898   shows "((\<lambda> (t,n). Inum (x#bs) t /real n) ` (set (map (\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m)) (alluopairs U)))) = ((\<lambda> ((t,n),(s,m)). (Inum (x#bs) t /real n + Inum (x#bs) s /real m)/2) ` (set U \<times> set U))"
  4899   (is "?lhs = ?rhs")
  4900 proof(auto)
  4901   fix t n s m
  4902   assume "((t,n),(s,m)) \<in> set (alluopairs U)"
  4903   hence th: "((t,n),(s,m)) \<in> (set U \<times> set U)"
  4904     using alluopairs_set1[where xs="U"] by blast
  4905   let ?N = "\<lambda> t. Inum (x#bs) t"
  4906   let ?st= "Add (Mul m t) (Mul n s)"
  4907   from Ul th have mnz: "m \<noteq> 0" by auto
  4908   from Ul th have  nnz: "n \<noteq> 0" by auto  
  4909   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4910    using mnz nnz by (simp add: algebra_simps add_divide_distrib)
  4911  
  4912   thus "(real m *  Inum (x # bs) t + real n * Inum (x # bs) s) /
  4913        (2 * real n * real m)
  4914        \<in> (\<lambda>((t, n), s, m).
  4915              (Inum (x # bs) t / real n + Inum (x # bs) s / real m) / 2) `
  4916          (set U \<times> set U)"using mnz nnz th  
  4917     apply (auto simp add: th add_divide_distrib algebra_simps split_def image_def)
  4918     by (rule_tac x="(s,m)" in bexI,simp_all) 
  4919   (rule_tac x="(t,n)" in bexI,simp_all)
  4920 next
  4921   fix t n s m
  4922   assume tnU: "(t,n) \<in> set U" and smU:"(s,m) \<in> set U" 
  4923   let ?N = "\<lambda> t. Inum (x#bs) t"
  4924   let ?st= "Add (Mul m t) (Mul n s)"
  4925   from Ul smU have mnz: "m \<noteq> 0" by auto
  4926   from Ul tnU have  nnz: "n \<noteq> 0" by auto  
  4927   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4928    using mnz nnz by (simp add: algebra_simps add_divide_distrib)
  4929  let ?P = "\<lambda> (t',n') (s',m'). (Inum (x # bs) t / real n + Inum (x # bs) s / real m)/2 = (Inum (x # bs) t' / real n' + Inum (x # bs) s' / real m')/2"
  4930  have Pc:"\<forall> a b. ?P a b = ?P b a"
  4931    by auto
  4932  from Ul alluopairs_set1 have Up:"\<forall> ((t,n),(s,m)) \<in> set (alluopairs U). n \<noteq> 0 \<and> m \<noteq> 0" by blast
  4933  from alluopairs_ex[OF Pc, where xs="U"] tnU smU
  4934  have th':"\<exists> ((t',n'),(s',m')) \<in> set (alluopairs U). ?P (t',n') (s',m')"
  4935    by blast
  4936  then obtain t' n' s' m' where ts'_U: "((t',n'),(s',m')) \<in> set (alluopairs U)" 
  4937    and Pts': "?P (t',n') (s',m')" by blast
  4938  from ts'_U Up have mnz': "m' \<noteq> 0" and nnz': "n'\<noteq> 0" by auto
  4939  let ?st' = "Add (Mul m' t') (Mul n' s')"
  4940    have st': "(?N t' / real n' + ?N s' / real m')/2 = ?N ?st' / real (2*n'*m')"
  4941    using mnz' nnz' by (simp add: algebra_simps add_divide_distrib)
  4942  from Pts' have 
  4943    "(Inum (x # bs) t / real n + Inum (x # bs) s / real m)/2 = (Inum (x # bs) t' / real n' + Inum (x # bs) s' / real m')/2" by simp
  4944  also have "\<dots> = ((\<lambda>(t, n). Inum (x # bs) t / real n) ((\<lambda>((t, n), s, m). (Add (Mul m t) (Mul n s), 2 * n * m)) ((t',n'),(s',m'))))" by (simp add: st')
  4945  finally show "(Inum (x # bs) t / real n + Inum (x # bs) s / real m) / 2
  4946           \<in> (\<lambda>(t, n). Inum (x # bs) t / real n) `
  4947             (\<lambda>((t, n), s, m). (Add (Mul m t) (Mul n s), 2 * n * m)) `
  4948             set (alluopairs U)"
  4949    using ts'_U by blast
  4950 qed
  4951 
  4952 lemma \<Upsilon>_cong:
  4953   assumes lp: "isrlfm p"
  4954   and UU': "((\<lambda> (t,n). Inum (x#bs) t /real n) ` U') = ((\<lambda> ((t,n),(s,m)). (Inum (x#bs) t /real n + Inum (x#bs) s /real m)/2) ` (U \<times> U))" (is "?f ` U' = ?g ` (U\<times>U)")
  4955   and U: "\<forall> (t,n) \<in> U. numbound0 t \<and> n > 0"
  4956   and U': "\<forall> (t,n) \<in> U'. numbound0 t \<and> n > 0"
  4957   shows "(\<exists> (t,n) \<in> U. \<exists> (s,m) \<in> U. Ifm (x#bs) (\<upsilon> p (Add (Mul m t) (Mul n s),2*n*m))) = (\<exists> (t,n) \<in> U'. Ifm (x#bs) (\<upsilon> p (t,n)))"
  4958   (is "?lhs = ?rhs")
  4959 proof
  4960   assume ?lhs
  4961   then obtain t n s m where tnU: "(t,n) \<in> U" and smU:"(s,m) \<in> U" and 
  4962     Pst: "Ifm (x#bs) (\<upsilon> p (Add (Mul m t) (Mul n s),2*n*m))" by blast
  4963   let ?N = "\<lambda> t. Inum (x#bs) t"
  4964   from tnU smU U have tnb: "numbound0 t" and np: "n > 0" 
  4965     and snb: "numbound0 s" and mp:"m > 0"  by auto
  4966   let ?st= "Add (Mul m t) (Mul n s)"
  4967   from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  4968       by (simp add: mult_commute real_of_int_mult[symmetric] del: real_of_int_mult)
  4969     from tnb snb have stnb: "numbound0 ?st" by simp
  4970   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4971    using mp np by (simp add: algebra_simps add_divide_distrib)
  4972   from tnU smU UU' have "?g ((t,n),(s,m)) \<in> ?f ` U'" by blast
  4973   hence "\<exists> (t',n') \<in> U'. ?g ((t,n),(s,m)) = ?f (t',n')"
  4974     by auto (rule_tac x="(a,b)" in bexI, auto)
  4975   then obtain t' n' where tnU': "(t',n') \<in> U'" and th: "?g ((t,n),(s,m)) = ?f (t',n')" by blast
  4976   from U' tnU' have tnb': "numbound0 t'" and np': "real n' > 0" by auto
  4977   from \<upsilon>_I[OF lp mnp stnb, where bs="bs" and x="x"] Pst 
  4978   have Pst2: "Ifm (Inum (x # bs) (Add (Mul m t) (Mul n s)) / real (2 * n * m) # bs) p" by simp
  4979   from conjunct1[OF \<upsilon>_I[OF lp np' tnb', where bs="bs" and x="x"], symmetric] th[simplified split_def fst_conv snd_conv,symmetric] Pst2[simplified st[symmetric]]
  4980   have "Ifm (x # bs) (\<upsilon> p (t', n')) " by (simp only: st) 
  4981   then show ?rhs using tnU' by auto 
  4982 next
  4983   assume ?rhs
  4984   then obtain t' n' where tnU': "(t',n') \<in> U'" and Pt': "Ifm (x # bs) (\<upsilon> p (t', n'))" 
  4985     by blast
  4986   from tnU' UU' have "?f (t',n') \<in> ?g ` (U\<times>U)" by blast
  4987   hence "\<exists> ((t,n),(s,m)) \<in> (U\<times>U). ?f (t',n') = ?g ((t,n),(s,m))" 
  4988     by auto (rule_tac x="(a,b)" in bexI, auto)
  4989   then obtain t n s m where tnU: "(t,n) \<in> U" and smU:"(s,m) \<in> U" and 
  4990     th: "?f (t',n') = ?g((t,n),(s,m)) "by blast
  4991     let ?N = "\<lambda> t. Inum (x#bs) t"
  4992   from tnU smU U have tnb: "numbound0 t" and np: "n > 0" 
  4993     and snb: "numbound0 s" and mp:"m > 0"  by auto
  4994   let ?st= "Add (Mul m t) (Mul n s)"
  4995   from mult_pos_pos[OF np mp] have mnp: "real (2*n*m) > 0" 
  4996       by (simp add: mult_commute real_of_int_mult[symmetric] del: real_of_int_mult)
  4997     from tnb snb have stnb: "numbound0 ?st" by simp
  4998   have st: "(?N t / real n + ?N s / real m)/2 = ?N ?st / real (2*n*m)"
  4999    using mp np by (simp add: algebra_simps add_divide_distrib)
  5000   from U' tnU' have tnb': "numbound0 t'" and np': "real n' > 0" by auto
  5001   from \<upsilon>_I[OF lp np' tnb', where bs="bs" and x="x",simplified th[simplified split_def fst_conv snd_conv] st] Pt'
  5002   have Pst2: "Ifm (Inum (x # bs) (Add (Mul m t) (Mul n s)) / real (2 * n * m) # bs) p" by simp
  5003   with \<upsilon>_I[OF lp mnp stnb, where x="x" and bs="bs"] tnU smU show ?lhs by blast
  5004 qed
  5005   
  5006 lemma ferrack01: 
  5007   assumes qf: "qfree p"
  5008   shows "((\<exists> x. Ifm (x#bs) (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)) = (Ifm bs (ferrack01 p))) \<and> qfree (ferrack01 p)" (is "(?lhs = ?rhs) \<and> _")
  5009 proof-
  5010   let ?I = "\<lambda> x p. Ifm (x#bs) p"
  5011   fix x
  5012   let ?N = "\<lambda> t. Inum (x#bs) t"
  5013   let ?q = "rlfm (And (And (Ge(CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) p)"
  5014   let ?U = "\<Upsilon> ?q"
  5015   let ?Up = "alluopairs ?U"
  5016   let ?g = "\<lambda> ((t,n),(s,m)). (Add (Mul m t) (Mul n s) , 2*n*m)"
  5017   let ?S = "map ?g ?Up"
  5018   let ?SS = "map simp_num_pair ?S"
  5019   let ?Y = "remdups ?SS"
  5020   let ?f= "(\<lambda> (t,n). ?N t / real n)"
  5021   let ?h = "\<lambda> ((t,n),(s,m)). (?N t/real n + ?N s/ real m) /2"
  5022   let ?F = "\<lambda> p. \<exists> a \<in> set (\<Upsilon> p). \<exists> b \<in> set (\<Upsilon> p). ?I x (\<upsilon> p (?g(a,b)))"
  5023   let ?ep = "evaldjf (\<upsilon> ?q) ?Y"
  5024   from rlfm_l[OF qf] have lq: "isrlfm ?q" 
  5025     by (simp add: rsplit_def lt_def ge_def conj_def disj_def Let_def reducecoeff_def numgcd_def)
  5026   from alluopairs_set1[where xs="?U"] have UpU: "set ?Up \<le> (set ?U \<times> set ?U)" by simp
  5027   from \<Upsilon>_l[OF lq] have U_l: "\<forall> (t,n) \<in> set ?U. numbound0 t \<and> n > 0" .
  5028   from U_l UpU 
  5029   have Up_: "\<forall> ((t,n),(s,m)) \<in> set ?Up. numbound0 t \<and> n> 0 \<and> numbound0 s \<and> m > 0" by auto
  5030   hence Snb: "\<forall> (t,n) \<in> set ?S. numbound0 t \<and> n > 0 "
  5031     by (auto simp add: mult_pos_pos)
  5032   have Y_l: "\<forall> (t,n) \<in> set ?Y. numbound0 t \<and> n > 0" 
  5033   proof-
  5034     { fix t n assume tnY: "(t,n) \<in> set ?Y" 
  5035       hence "(t,n) \<in> set ?SS" by simp
  5036       hence "\<exists> (t',n') \<in> set ?S. simp_num_pair (t',n') = (t,n)"
  5037         by (auto simp add: split_def simp del: map_map)
  5038            (rule_tac x="((aa,ba),(ab,bb))" in bexI, simp_all)
  5039       then obtain t' n' where tn'S: "(t',n') \<in> set ?S" and tns: "simp_num_pair (t',n') = (t,n)" by blast
  5040       from tn'S Snb have tnb: "numbound0 t'" and np: "n' > 0" by auto
  5041       from simp_num_pair_l[OF tnb np tns]
  5042       have "numbound0 t \<and> n > 0" . }
  5043     thus ?thesis by blast
  5044   qed
  5045 
  5046   have YU: "(?f ` set ?Y) = (?h ` (set ?U \<times> set ?U))"
  5047   proof-
  5048      from simp_num_pair_ci[where bs="x#bs"] have 
  5049     "\<forall>x. (?f o simp_num_pair) x = ?f x" by auto
  5050      hence th: "?f o simp_num_pair = ?f" using ext by blast
  5051     have "(?f ` set ?Y) = ((?f o simp_num_pair) ` set ?S)" by (simp add: image_compose)
  5052     also have "\<dots> = (?f ` set ?S)" by (simp add: th)
  5053     also have "\<dots> = ((?f o ?g) ` set ?Up)" 
  5054       by (simp only: set_map o_def image_compose[symmetric])
  5055     also have "\<dots> = (?h ` (set ?U \<times> set ?U))"
  5056       using \<Upsilon>_cong_aux[OF U_l, where x="x" and bs="bs", simplified set_map image_compose[symmetric]] by blast
  5057     finally show ?thesis .
  5058   qed
  5059   have "\<forall> (t,n) \<in> set ?Y. bound0 (\<upsilon> ?q (t,n))"
  5060   proof-
  5061     { fix t n assume tnY: "(t,n) \<in> set ?Y"
  5062       with Y_l have tnb: "numbound0 t" and np: "real n > 0" by auto
  5063       from \<upsilon>_I[OF lq np tnb]
  5064     have "bound0 (\<upsilon> ?q (t,n))"  by simp}
  5065     thus ?thesis by blast
  5066   qed
  5067   hence ep_nb: "bound0 ?ep"  using evaldjf_bound0[where xs="?Y" and f="\<upsilon> ?q"]
  5068     by auto
  5069 
  5070   from fr_eq_01[OF qf, where bs="bs" and x="x"] have "?lhs = ?F ?q"
  5071     by (simp only: split_def fst_conv snd_conv)
  5072   also have "\<dots> = (\<exists> (t,n) \<in> set ?Y. ?I x (\<upsilon> ?q (t,n)))" using \<Upsilon>_cong[OF lq YU U_l Y_l]
  5073     by (simp only: split_def fst_conv snd_conv) 
  5074   also have "\<dots> = (Ifm (x#bs) ?ep)" 
  5075     using evaldjf_ex[where ps="?Y" and bs = "x#bs" and f="\<upsilon> ?q",symmetric]
  5076     by (simp only: split_def pair_collapse)
  5077   also have "\<dots> = (Ifm bs (decr ?ep))" using decr[OF ep_nb] by blast
  5078   finally have lr: "?lhs = ?rhs" by (simp only: ferrack01_def Let_def)
  5079   from decr_qf[OF ep_nb] have "qfree (ferrack01 p)" by (simp only: Let_def ferrack01_def)
  5080   with lr show ?thesis by blast
  5081 qed
  5082 
  5083 lemma cp_thm': 
  5084   assumes lp: "iszlfm p (real (i::int)#bs)"
  5085   and up: "d\<beta> p 1" and dd: "d\<delta> p d" and dp: "d > 0"
  5086   shows "(\<exists> (x::int). Ifm (real x#bs) p) = ((\<exists> j\<in> {1 .. d}. Ifm (real j#bs) (minusinf p)) \<or> (\<exists> j\<in> {1.. d}. \<exists> b\<in> (Inum (real i#bs)) ` set (\<beta> p). Ifm ((b+real j)#bs) p))"
  5087   using cp_thm[OF lp up dd dp] by auto
  5088 
  5089 definition unit :: "fm \<Rightarrow> fm \<times> num list \<times> int" where
  5090   "unit p \<equiv> (let p' = zlfm p ; l = \<zeta> p' ; q = And (Dvd l (CN 0 1 (C 0))) (a\<beta> p' l); d = \<delta> q;
  5091              B = remdups (map simpnum (\<beta> q)) ; a = remdups (map simpnum (\<alpha> q))
  5092              in if length B \<le> length a then (q,B,d) else (mirror q, a,d))"
  5093 
  5094 lemma unit: assumes qf: "qfree p"
  5095   shows "\<And> q B d. unit p = (q,B,d) \<Longrightarrow> ((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and> (Inum (real i#bs)) ` set B = (Inum (real i#bs)) ` set (\<beta> q) \<and> d\<beta> q 1 \<and> d\<delta> q d \<and> d >0 \<and> iszlfm q (real (i::int)#bs) \<and> (\<forall> b\<in> set B. numbound0 b)"
  5096 proof-
  5097   fix q B d 
  5098   assume qBd: "unit p = (q,B,d)"
  5099   let ?thes = "((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and>
  5100     Inum (real i#bs) ` set B = Inum (real i#bs) ` set (\<beta> q) \<and>
  5101     d\<beta> q 1 \<and> d\<delta> q d \<and> 0 < d \<and> iszlfm q (real i # bs) \<and> (\<forall> b\<in> set B. numbound0 b)"
  5102   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5103   let ?p' = "zlfm p"
  5104   let ?l = "\<zeta> ?p'"
  5105   let ?q = "And (Dvd ?l (CN 0 1 (C 0))) (a\<beta> ?p' ?l)"
  5106   let ?d = "\<delta> ?q"
  5107   let ?B = "set (\<beta> ?q)"
  5108   let ?B'= "remdups (map simpnum (\<beta> ?q))"
  5109   let ?A = "set (\<alpha> ?q)"
  5110   let ?A'= "remdups (map simpnum (\<alpha> ?q))"
  5111   from conjunct1[OF zlfm_I[OF qf, where bs="bs"]] 
  5112   have pp': "\<forall> i. ?I i ?p' = ?I i p" by auto
  5113   from iszlfm_gen[OF conjunct2[OF zlfm_I[OF qf, where bs="bs" and i="i"]]]
  5114   have lp': "\<forall> (i::int). iszlfm ?p' (real i#bs)" by simp 
  5115   hence lp'': "iszlfm ?p' (real (i::int)#bs)" by simp
  5116   from lp' \<zeta>[where p="?p'" and bs="bs"] have lp: "?l >0" and dl: "d\<beta> ?p' ?l" by auto
  5117   from a\<beta>_ex[where p="?p'" and l="?l" and bs="bs", OF lp'' dl lp] pp'
  5118   have pq_ex:"(\<exists> (x::int). ?I x p) = (\<exists> x. ?I x ?q)" by (simp add: int_rdvd_iff) 
  5119   from lp'' lp a\<beta>[OF lp'' dl lp] have lq:"iszlfm ?q (real i#bs)" and uq: "d\<beta> ?q 1" 
  5120     by (auto simp add: isint_def)
  5121   from \<delta>[OF lq] have dp:"?d >0" and dd: "d\<delta> ?q ?d" by blast+
  5122   let ?N = "\<lambda> t. Inum (real (i::int)#bs) t"
  5123   have "?N ` set ?B' = ((?N o simpnum) ` ?B)" by (simp add:image_compose) 
  5124   also have "\<dots> = ?N ` ?B" using simpnum_ci[where bs="real i #bs"] by auto
  5125   finally have BB': "?N ` set ?B' = ?N ` ?B" .
  5126   have "?N ` set ?A' = ((?N o simpnum) ` ?A)" by (simp add:image_compose) 
  5127   also have "\<dots> = ?N ` ?A" using simpnum_ci[where bs="real i #bs"] by auto
  5128   finally have AA': "?N ` set ?A' = ?N ` ?A" .
  5129   from \<beta>_numbound0[OF lq] have B_nb:"\<forall> b\<in> set ?B'. numbound0 b"
  5130     by (simp add: simpnum_numbound0)
  5131   from \<alpha>_l[OF lq] have A_nb: "\<forall> b\<in> set ?A'. numbound0 b"
  5132     by (simp add: simpnum_numbound0)
  5133     {assume "length ?B' \<le> length ?A'"
  5134     hence q:"q=?q" and "B = ?B'" and d:"d = ?d"
  5135       using qBd by (auto simp add: Let_def unit_def)
  5136     with BB' B_nb have b: "?N ` (set B) = ?N ` set (\<beta> q)" 
  5137       and bn: "\<forall>b\<in> set B. numbound0 b" by simp+ 
  5138   with pq_ex dp uq dd lq q d have ?thes by simp}
  5139   moreover 
  5140   {assume "\<not> (length ?B' \<le> length ?A')"
  5141     hence q:"q=mirror ?q" and "B = ?A'" and d:"d = ?d"
  5142       using qBd by (auto simp add: Let_def unit_def)
  5143     with AA' mirror\<alpha>\<beta>[OF lq] A_nb have b:"?N ` (set B) = ?N ` set (\<beta> q)" 
  5144       and bn: "\<forall>b\<in> set B. numbound0 b" by simp+
  5145     from mirror_ex[OF lq] pq_ex q 
  5146     have pqm_eq:"(\<exists> (x::int). ?I x p) = (\<exists> (x::int). ?I x q)" by simp
  5147     from lq uq q mirror_d\<beta> [where p="?q" and bs="bs" and a="real i"]
  5148     have lq': "iszlfm q (real i#bs)" and uq: "d\<beta> q 1" by auto
  5149     from \<delta>[OF lq'] mirror_\<delta>[OF lq] q d have dq:"d\<delta> q d " by auto
  5150     from pqm_eq b bn uq lq' dp dq q dp d have ?thes by simp
  5151   }
  5152   ultimately show ?thes by blast
  5153 qed
  5154     (* Cooper's Algorithm *)
  5155 
  5156 definition cooper :: "fm \<Rightarrow> fm" where
  5157   "cooper p \<equiv> 
  5158   (let (q,B,d) = unit p; js = [1..d];
  5159        mq = simpfm (minusinf q);
  5160        md = evaldjf (\<lambda> j. simpfm (subst0 (C j) mq)) js
  5161    in if md = T then T else
  5162     (let qd = evaldjf (\<lambda> t. simpfm (subst0 t q)) 
  5163                                (remdups (map (\<lambda> (b,j). simpnum (Add b (C j))) 
  5164                                             [(b,j). b\<leftarrow>B,j\<leftarrow>js]))
  5165      in decr (disj md qd)))"
  5166 lemma cooper: assumes qf: "qfree p"
  5167   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (cooper p))) \<and> qfree (cooper p)" 
  5168   (is "(?lhs = ?rhs) \<and> _")
  5169 proof-
  5170 
  5171   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5172   let ?q = "fst (unit p)"
  5173   let ?B = "fst (snd(unit p))"
  5174   let ?d = "snd (snd (unit p))"
  5175   let ?js = "[1..?d]"
  5176   let ?mq = "minusinf ?q"
  5177   let ?smq = "simpfm ?mq"
  5178   let ?md = "evaldjf (\<lambda> j. simpfm (subst0 (C j) ?smq)) ?js"
  5179   fix i
  5180   let ?N = "\<lambda> t. Inum (real (i::int)#bs) t"
  5181   let ?bjs = "[(b,j). b\<leftarrow>?B,j\<leftarrow>?js]"
  5182   let ?sbjs = "map (\<lambda> (b,j). simpnum (Add b (C j))) ?bjs"
  5183   let ?qd = "evaldjf (\<lambda> t. simpfm (subst0 t ?q)) (remdups ?sbjs)"
  5184   have qbf:"unit p = (?q,?B,?d)" by simp
  5185   from unit[OF qf qbf] have pq_ex: "(\<exists>(x::int). ?I x p) = (\<exists> (x::int). ?I x ?q)" and 
  5186     B:"?N ` set ?B = ?N ` set (\<beta> ?q)" and 
  5187     uq:"d\<beta> ?q 1" and dd: "d\<delta> ?q ?d" and dp: "?d > 0" and 
  5188     lq: "iszlfm ?q (real i#bs)" and 
  5189     Bn: "\<forall> b\<in> set ?B. numbound0 b" by auto
  5190   from zlin_qfree[OF lq] have qfq: "qfree ?q" .
  5191   from simpfm_qf[OF minusinf_qfree[OF qfq]] have qfmq: "qfree ?smq".
  5192   have jsnb: "\<forall> j \<in> set ?js. numbound0 (C j)" by simp
  5193   hence "\<forall> j\<in> set ?js. bound0 (subst0 (C j) ?smq)" 
  5194     by (auto simp only: subst0_bound0[OF qfmq])
  5195   hence th: "\<forall> j\<in> set ?js. bound0 (simpfm (subst0 (C j) ?smq))"
  5196     by (auto simp add: simpfm_bound0)
  5197   from evaldjf_bound0[OF th] have mdb: "bound0 ?md" by simp 
  5198   from Bn jsnb have "\<forall> (b,j) \<in> set ?bjs. numbound0 (Add b (C j))"
  5199     by simp
  5200   hence "\<forall> (b,j) \<in> set ?bjs. numbound0 (simpnum (Add b (C j)))"
  5201     using simpnum_numbound0 by blast
  5202   hence "\<forall> t \<in> set ?sbjs. numbound0 t" by simp
  5203   hence "\<forall> t \<in> set (remdups ?sbjs). bound0 (subst0 t ?q)"
  5204     using subst0_bound0[OF qfq] by auto 
  5205   hence th': "\<forall> t \<in> set (remdups ?sbjs). bound0 (simpfm (subst0 t ?q))"
  5206     using simpfm_bound0 by blast
  5207   from evaldjf_bound0 [OF th'] have qdb: "bound0 ?qd" by simp
  5208   from mdb qdb 
  5209   have mdqdb: "bound0 (disj ?md ?qd)" by (simp only: disj_def, cases "?md=T \<or> ?qd=T", simp_all)
  5210   from trans [OF pq_ex cp_thm'[OF lq uq dd dp]] B
  5211   have "?lhs = (\<exists> j\<in> {1.. ?d}. ?I j ?mq \<or> (\<exists> b\<in> ?N ` set ?B. Ifm ((b+ real j)#bs) ?q))" by auto
  5212   also have "\<dots> = ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> (b,j) \<in> (?N ` set ?B \<times> set ?js). Ifm ((b+ real j)#bs) ?q))" by auto
  5213   also have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> (\<lambda> (b,j). ?N (Add b (C j))) ` set ?bjs. Ifm (t #bs) ?q))" by simp
  5214   also have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> (\<lambda> (b,j). ?N (simpnum (Add b (C j)))) ` set ?bjs. Ifm (t #bs) ?q))" by (simp only: simpnum_ci)
  5215   also  have "\<dots>= ((\<exists> j\<in> set ?js. ?I j ?smq) \<or> (\<exists> t \<in> set ?sbjs. Ifm (?N t #bs) ?q))" 
  5216     by (auto simp add: split_def) 
  5217   also have "\<dots> = ((\<exists> j\<in> set ?js. (\<lambda> j. ?I i (simpfm (subst0 (C j) ?smq))) j) \<or> (\<exists> t \<in> set (remdups ?sbjs). (\<lambda> t. ?I i (simpfm (subst0 t ?q))) t))" by (simp only: simpfm subst0_I[OF qfq] simpfm Inum.simps subst0_I[OF qfmq] set_remdups)
  5218   also have "\<dots> = ((?I i (evaldjf (\<lambda> j. simpfm (subst0 (C j) ?smq)) ?js)) \<or> (?I i (evaldjf (\<lambda> t. simpfm (subst0 t ?q)) (remdups ?sbjs))))" by (simp only: evaldjf_ex)
  5219   finally have mdqd: "?lhs = (?I i (disj ?md ?qd))" by (simp add: disj) 
  5220   hence mdqd2: "?lhs = (Ifm bs (decr (disj ?md ?qd)))" using decr [OF mdqdb] by simp
  5221   {assume mdT: "?md = T"
  5222     hence cT:"cooper p = T" 
  5223       by (simp only: cooper_def unit_def split_def Let_def if_True) simp
  5224     from mdT mdqd have lhs:"?lhs" by (auto simp add: disj)
  5225     from mdT have "?rhs" by (simp add: cooper_def unit_def split_def)
  5226     with lhs cT have ?thesis by simp }
  5227   moreover
  5228   {assume mdT: "?md \<noteq> T" hence "cooper p = decr (disj ?md ?qd)" 
  5229       by (simp only: cooper_def unit_def split_def Let_def if_False) 
  5230     with mdqd2 decr_qf[OF mdqdb] have ?thesis by simp }
  5231   ultimately show ?thesis by blast
  5232 qed
  5233 
  5234 lemma DJcooper: 
  5235   assumes qf: "qfree p"
  5236   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (DJ cooper p))) \<and> qfree (DJ cooper p)"
  5237 proof-
  5238   from cooper have cqf: "\<forall> p. qfree p \<longrightarrow> qfree (cooper p)" by  blast
  5239   from DJ_qf[OF cqf] qf have thqf:"qfree (DJ cooper p)" by blast
  5240   have "Ifm bs (DJ cooper p) = (\<exists> q\<in> set (disjuncts p). Ifm bs (cooper q))" 
  5241      by (simp add: DJ_def evaldjf_ex)
  5242   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). \<exists> (x::int). Ifm (real x#bs)  q)" 
  5243     using cooper disjuncts_qf[OF qf] by blast
  5244   also have "\<dots> = (\<exists> (x::int). Ifm (real x#bs) p)" by (induct p rule: disjuncts.induct, auto)
  5245   finally show ?thesis using thqf by blast
  5246 qed
  5247 
  5248     (* Redy and Loveland *)
  5249 
  5250 lemma \<sigma>\<rho>_cong: assumes lp: "iszlfm p (a#bs)" and tt': "Inum (a#bs) t = Inum (a#bs) t'"
  5251   shows "Ifm (a#bs) (\<sigma>\<rho> p (t,c)) = Ifm (a#bs) (\<sigma>\<rho> p (t',c))"
  5252   using lp 
  5253   by (induct p rule: iszlfm.induct, auto simp add: tt')
  5254 
  5255 lemma \<sigma>_cong: assumes lp: "iszlfm p (a#bs)" and tt': "Inum (a#bs) t = Inum (a#bs) t'"
  5256   shows "Ifm (a#bs) (\<sigma> p c t) = Ifm (a#bs) (\<sigma> p c t')"
  5257   by (simp add: \<sigma>_def tt' \<sigma>\<rho>_cong[OF lp tt'])
  5258 
  5259 lemma \<rho>_cong: assumes lp: "iszlfm p (a#bs)" 
  5260   and RR: "(\<lambda>(b,k). (Inum (a#bs) b,k)) ` R =  (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)"
  5261   shows "(\<exists> (e,c) \<in> R. \<exists> j\<in> {1.. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j)))) = (\<exists> (e,c) \<in> set (\<rho> p). \<exists> j\<in> {1.. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j))))"
  5262   (is "?lhs = ?rhs")
  5263 proof
  5264   let ?d = "\<delta> p"
  5265   assume ?lhs then obtain e c j where ecR: "(e,c) \<in> R" and jD:"j \<in> {1 .. c*?d}" 
  5266     and px: "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" (is "?sp c e j") by blast
  5267   from ecR have "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` R" by auto
  5268   hence "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)" using RR by simp
  5269   hence "\<exists> (e',c') \<in> set (\<rho> p). Inum (a#bs) e = Inum (a#bs) e' \<and> c = c'" by auto
  5270   then obtain e' c' where ecRo:"(e',c') \<in> set (\<rho> p)" and ee':"Inum (a#bs) e = Inum (a#bs) e'"
  5271     and cc':"c = c'" by blast
  5272   from ee' have tt': "Inum (a#bs) (Add e (C j)) = Inum (a#bs) (Add e' (C j))" by simp
  5273   
  5274   from \<sigma>_cong[OF lp tt', where c="c"] px have px':"?sp c e' j" by simp
  5275   from ecRo jD px' cc'  show ?rhs apply auto 
  5276     by (rule_tac x="(e', c')" in bexI,simp_all)
  5277   (rule_tac x="j" in bexI, simp_all add: cc'[symmetric])
  5278 next
  5279   let ?d = "\<delta> p"
  5280   assume ?rhs then obtain e c j where ecR: "(e,c) \<in> set (\<rho> p)" and jD:"j \<in> {1 .. c*?d}" 
  5281     and px: "Ifm (a#bs) (\<sigma> p c (Add e (C j)))" (is "?sp c e j") by blast
  5282   from ecR have "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)" by auto
  5283   hence "(Inum (a#bs) e,c) \<in> (\<lambda>(b,k). (Inum (a#bs) b,k)) ` R" using RR by simp
  5284   hence "\<exists> (e',c') \<in> R. Inum (a#bs) e = Inum (a#bs) e' \<and> c = c'" by auto
  5285   then obtain e' c' where ecRo:"(e',c') \<in> R" and ee':"Inum (a#bs) e = Inum (a#bs) e'"
  5286     and cc':"c = c'" by blast
  5287   from ee' have tt': "Inum (a#bs) (Add e (C j)) = Inum (a#bs) (Add e' (C j))" by simp
  5288   from \<sigma>_cong[OF lp tt', where c="c"] px have px':"?sp c e' j" by simp
  5289   from ecRo jD px' cc'  show ?lhs apply auto 
  5290     by (rule_tac x="(e', c')" in bexI,simp_all)
  5291   (rule_tac x="j" in bexI, simp_all add: cc'[symmetric])
  5292 qed
  5293 
  5294 lemma rl_thm': 
  5295   assumes lp: "iszlfm p (real (i::int)#bs)" 
  5296   and R: "(\<lambda>(b,k). (Inum (a#bs) b,k)) ` R =  (\<lambda>(b,k). (Inum (a#bs) b,k)) ` set (\<rho> p)"
  5297   shows "(\<exists> (x::int). Ifm (real x#bs) p) = ((\<exists> j\<in> {1 .. \<delta> p}. Ifm (real j#bs) (minusinf p)) \<or> (\<exists> (e,c) \<in> R. \<exists> j\<in> {1.. c*(\<delta> p)}. Ifm (a#bs) (\<sigma> p c (Add e (C j)))))"
  5298   using rl_thm[OF lp] \<rho>_cong[OF iszlfm_gen[OF lp, rule_format, where y="a"] R] by simp 
  5299 
  5300 definition chooset :: "fm \<Rightarrow> fm \<times> ((num\<times>int) list) \<times> int" where
  5301   "chooset p \<equiv> (let q = zlfm p ; d = \<delta> q;
  5302              B = remdups (map (\<lambda> (t,k). (simpnum t,k)) (\<rho> q)) ; 
  5303              a = remdups (map (\<lambda> (t,k). (simpnum t,k)) (\<alpha>\<rho> q))
  5304              in if length B \<le> length a then (q,B,d) else (mirror q, a,d))"
  5305 
  5306 lemma chooset: assumes qf: "qfree p"
  5307   shows "\<And> q B d. chooset p = (q,B,d) \<Longrightarrow> ((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and> ((\<lambda>(t,k). (Inum (real i#bs) t,k)) ` set B = (\<lambda>(t,k). (Inum (real i#bs) t,k)) ` set (\<rho> q)) \<and> (\<delta> q = d) \<and> d >0 \<and> iszlfm q (real (i::int)#bs) \<and> (\<forall> (e,c)\<in> set B. numbound0 e \<and> c>0)"
  5308 proof-
  5309   fix q B d 
  5310   assume qBd: "chooset p = (q,B,d)"
  5311   let ?thes = "((\<exists> (x::int). Ifm (real x#bs) p) = (\<exists> (x::int). Ifm (real x#bs) q)) \<and> ((\<lambda>(t,k). (Inum (real i#bs) t,k)) ` set B = (\<lambda>(t,k). (Inum (real i#bs) t,k)) ` set (\<rho> q)) \<and> (\<delta> q = d) \<and> d >0 \<and> iszlfm q (real (i::int)#bs) \<and> (\<forall> (e,c)\<in> set B. numbound0 e \<and> c>0)" 
  5312   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5313   let ?q = "zlfm p"
  5314   let ?d = "\<delta> ?q"
  5315   let ?B = "set (\<rho> ?q)"
  5316   let ?f = "\<lambda> (t,k). (simpnum t,k)"
  5317   let ?B'= "remdups (map ?f (\<rho> ?q))"
  5318   let ?A = "set (\<alpha>\<rho> ?q)"
  5319   let ?A'= "remdups (map ?f (\<alpha>\<rho> ?q))"
  5320   from conjunct1[OF zlfm_I[OF qf, where bs="bs"]] 
  5321   have pp': "\<forall> i. ?I i ?q = ?I i p" by auto
  5322   hence pq_ex:"(\<exists> (x::int). ?I x p) = (\<exists> x. ?I x ?q)" by simp 
  5323   from iszlfm_gen[OF conjunct2[OF zlfm_I[OF qf, where bs="bs" and i="i"]], rule_format, where y="real i"]
  5324   have lq: "iszlfm ?q (real (i::int)#bs)" . 
  5325   from \<delta>[OF lq] have dp:"?d >0" by blast
  5326   let ?N = "\<lambda> (t,c). (Inum (real (i::int)#bs) t,c)"
  5327   have "?N ` set ?B' = ((?N o ?f) ` ?B)" by (simp add: split_def image_compose)
  5328   also have "\<dots> = ?N ` ?B"
  5329     by(simp add: split_def image_compose simpnum_ci[where bs="real i #bs"] image_def)
  5330   finally have BB': "?N ` set ?B' = ?N ` ?B" .
  5331   have "?N ` set ?A' = ((?N o ?f) ` ?A)" by (simp add: split_def image_compose) 
  5332   also have "\<dots> = ?N ` ?A" using simpnum_ci[where bs="real i #bs"]
  5333     by(simp add: split_def image_compose simpnum_ci[where bs="real i #bs"] image_def) 
  5334   finally have AA': "?N ` set ?A' = ?N ` ?A" .
  5335   from \<rho>_l[OF lq] have B_nb:"\<forall> (e,c)\<in> set ?B'. numbound0 e \<and> c > 0"
  5336     by (simp add: simpnum_numbound0 split_def)
  5337   from \<alpha>\<rho>_l[OF lq] have A_nb: "\<forall> (e,c)\<in> set ?A'. numbound0 e \<and> c > 0"
  5338     by (simp add: simpnum_numbound0 split_def)
  5339     {assume "length ?B' \<le> length ?A'"
  5340     hence q:"q=?q" and "B = ?B'" and d:"d = ?d"
  5341       using qBd by (auto simp add: Let_def chooset_def)
  5342     with BB' B_nb have b: "?N ` (set B) = ?N ` set (\<rho> q)" 
  5343       and bn: "\<forall>(e,c)\<in> set B. numbound0 e \<and> c > 0" by auto
  5344   with pq_ex dp lq q d have ?thes by simp}
  5345   moreover 
  5346   {assume "\<not> (length ?B' \<le> length ?A')"
  5347     hence q:"q=mirror ?q" and "B = ?A'" and d:"d = ?d"
  5348       using qBd by (auto simp add: Let_def chooset_def)
  5349     with AA' mirror_\<alpha>\<rho>[OF lq] A_nb have b:"?N ` (set B) = ?N ` set (\<rho> q)" 
  5350       and bn: "\<forall>(e,c)\<in> set B. numbound0 e \<and> c > 0" by auto 
  5351     from mirror_ex[OF lq] pq_ex q 
  5352     have pqm_eq:"(\<exists> (x::int). ?I x p) = (\<exists> (x::int). ?I x q)" by simp
  5353     from lq q mirror_l [where p="?q" and bs="bs" and a="real i"]
  5354     have lq': "iszlfm q (real i#bs)" by auto
  5355     from mirror_\<delta>[OF lq] pqm_eq b bn lq' dp q dp d have ?thes by simp
  5356   }
  5357   ultimately show ?thes by blast
  5358 qed
  5359 
  5360 definition stage :: "fm \<Rightarrow> int \<Rightarrow> (num \<times> int) \<Rightarrow> fm" where
  5361   "stage p d \<equiv> (\<lambda> (e,c). evaldjf (\<lambda> j. simpfm (\<sigma> p c (Add e (C j)))) [1..c*d])"
  5362 lemma stage:
  5363   shows "Ifm bs (stage p d (e,c)) = (\<exists> j\<in>{1 .. c*d}. Ifm bs (\<sigma> p c (Add e (C j))))"
  5364   by (unfold stage_def split_def ,simp only: evaldjf_ex simpfm) simp
  5365 
  5366 lemma stage_nb: assumes lp: "iszlfm p (a#bs)" and cp: "c >0" and nb:"numbound0 e"
  5367   shows "bound0 (stage p d (e,c))"
  5368 proof-
  5369   let ?f = "\<lambda> j. simpfm (\<sigma> p c (Add e (C j)))"
  5370   have th: "\<forall> j\<in> set [1..c*d]. bound0 (?f j)"
  5371   proof
  5372     fix j
  5373     from nb have nb':"numbound0 (Add e (C j))" by simp
  5374     from simpfm_bound0[OF \<sigma>_nb[OF lp nb', where k="c"]]
  5375     show "bound0 (simpfm (\<sigma> p c (Add e (C j))))" .
  5376   qed
  5377   from evaldjf_bound0[OF th] show ?thesis by (unfold stage_def split_def) simp
  5378 qed
  5379 
  5380 definition redlove :: "fm \<Rightarrow> fm" where
  5381   "redlove p \<equiv> 
  5382   (let (q,B,d) = chooset p;
  5383        mq = simpfm (minusinf q);
  5384        md = evaldjf (\<lambda> j. simpfm (subst0 (C j) mq)) [1..d]
  5385    in if md = T then T else
  5386     (let qd = evaldjf (stage q d) B
  5387      in decr (disj md qd)))"
  5388 
  5389 lemma redlove: assumes qf: "qfree p"
  5390   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (redlove p))) \<and> qfree (redlove p)" 
  5391   (is "(?lhs = ?rhs) \<and> _")
  5392 proof-
  5393 
  5394   let ?I = "\<lambda> (x::int) p. Ifm (real x#bs) p"
  5395   let ?q = "fst (chooset p)"
  5396   let ?B = "fst (snd(chooset p))"
  5397   let ?d = "snd (snd (chooset p))"
  5398   let ?js = "[1..?d]"
  5399   let ?mq = "minusinf ?q"
  5400   let ?smq = "simpfm ?mq"
  5401   let ?md = "evaldjf (\<lambda> j. simpfm (subst0 (C j) ?smq)) ?js"
  5402   fix i
  5403   let ?N = "\<lambda> (t,k). (Inum (real (i::int)#bs) t,k)"
  5404   let ?qd = "evaldjf (stage ?q ?d) ?B"
  5405   have qbf:"chooset p = (?q,?B,?d)" by simp
  5406   from chooset[OF qf qbf] have pq_ex: "(\<exists>(x::int). ?I x p) = (\<exists> (x::int). ?I x ?q)" and 
  5407     B:"?N ` set ?B = ?N ` set (\<rho> ?q)" and dd: "\<delta> ?q = ?d" and dp: "?d > 0" and 
  5408     lq: "iszlfm ?q (real i#bs)" and 
  5409     Bn: "\<forall> (e,c)\<in> set ?B. numbound0 e \<and> c > 0" by auto
  5410   from zlin_qfree[OF lq] have qfq: "qfree ?q" .
  5411   from simpfm_qf[OF minusinf_qfree[OF qfq]] have qfmq: "qfree ?smq".
  5412   have jsnb: "\<forall> j \<in> set ?js. numbound0 (C j)" by simp
  5413   hence "\<forall> j\<in> set ?js. bound0 (subst0 (C j) ?smq)" 
  5414     by (auto simp only: subst0_bound0[OF qfmq])
  5415   hence th: "\<forall> j\<in> set ?js. bound0 (simpfm (subst0 (C j) ?smq))"
  5416     by (auto simp add: simpfm_bound0)
  5417   from evaldjf_bound0[OF th] have mdb: "bound0 ?md" by simp 
  5418   from Bn stage_nb[OF lq] have th:"\<forall> x \<in> set ?B. bound0 (stage ?q ?d x)" by auto
  5419   from evaldjf_bound0[OF th]  have qdb: "bound0 ?qd" .
  5420   from mdb qdb 
  5421   have mdqdb: "bound0 (disj ?md ?qd)" by (simp only: disj_def, cases "?md=T \<or> ?qd=T", simp_all)
  5422   from trans [OF pq_ex rl_thm'[OF lq B]] dd
  5423   have "?lhs = ((\<exists> j\<in> {1.. ?d}. ?I j ?mq) \<or> (\<exists> (e,c)\<in> set ?B. \<exists> j\<in> {1 .. c*?d}. Ifm (real i#bs) (\<sigma> ?q c (Add e (C j)))))" by auto
  5424   also have "\<dots> = ((\<exists> j\<in> {1.. ?d}. ?I j ?smq) \<or> (\<exists> (e,c)\<in> set ?B. ?I i (stage ?q ?d (e,c) )))" 
  5425     by (simp add: simpfm stage split_def)
  5426   also have "\<dots> = ((\<exists> j\<in> {1 .. ?d}. ?I i (subst0 (C j) ?smq))  \<or> ?I i ?qd)"
  5427     by (simp add: evaldjf_ex subst0_I[OF qfmq])
  5428   finally have mdqd:"?lhs = (?I i ?md \<or> ?I i ?qd)" by (simp only: evaldjf_ex set_upto simpfm) 
  5429   also have "\<dots> = (?I i (disj ?md ?qd))" by (simp add: disj)
  5430   also have "\<dots> = (Ifm bs (decr (disj ?md ?qd)))" by (simp only: decr [OF mdqdb]) 
  5431   finally have mdqd2: "?lhs = (Ifm bs (decr (disj ?md ?qd)))" . 
  5432   {assume mdT: "?md = T"
  5433     hence cT:"redlove p = T" by (simp add: redlove_def Let_def chooset_def split_def)
  5434     from mdT have lhs:"?lhs" using mdqd by simp 
  5435     from mdT have "?rhs" by (simp add: redlove_def chooset_def split_def)
  5436     with lhs cT have ?thesis by simp }
  5437   moreover
  5438   {assume mdT: "?md \<noteq> T" hence "redlove p = decr (disj ?md ?qd)" 
  5439       by (simp add: redlove_def chooset_def split_def Let_def)
  5440     with mdqd2 decr_qf[OF mdqdb] have ?thesis by simp }
  5441   ultimately show ?thesis by blast
  5442 qed
  5443 
  5444 lemma DJredlove: 
  5445   assumes qf: "qfree p"
  5446   shows "((\<exists> (x::int). Ifm (real x#bs) p) = (Ifm bs (DJ redlove p))) \<and> qfree (DJ redlove p)"
  5447 proof-
  5448   from redlove have cqf: "\<forall> p. qfree p \<longrightarrow> qfree (redlove p)" by  blast
  5449   from DJ_qf[OF cqf] qf have thqf:"qfree (DJ redlove p)" by blast
  5450   have "Ifm bs (DJ redlove p) = (\<exists> q\<in> set (disjuncts p). Ifm bs (redlove q))" 
  5451      by (simp add: DJ_def evaldjf_ex)
  5452   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). \<exists> (x::int). Ifm (real x#bs)  q)" 
  5453     using redlove disjuncts_qf[OF qf] by blast
  5454   also have "\<dots> = (\<exists> (x::int). Ifm (real x#bs) p)" by (induct p rule: disjuncts.induct, auto)
  5455   finally show ?thesis using thqf by blast
  5456 qed
  5457 
  5458 
  5459 lemma exsplit_qf: assumes qf: "qfree p"
  5460   shows "qfree (exsplit p)"
  5461 using qf by (induct p rule: exsplit.induct, auto)
  5462 
  5463 definition mircfr :: "fm \<Rightarrow> fm" where
  5464   "mircfr = DJ cooper o ferrack01 o simpfm o exsplit"
  5465 
  5466 definition mirlfr :: "fm \<Rightarrow> fm" where
  5467   "mirlfr = DJ redlove o ferrack01 o simpfm o exsplit"
  5468 
  5469 lemma mircfr: "\<forall> bs p. qfree p \<longrightarrow> qfree (mircfr p) \<and> Ifm bs (mircfr p) = Ifm bs (E p)"
  5470 proof(clarsimp simp del: Ifm.simps)
  5471   fix bs p
  5472   assume qf: "qfree p"
  5473   show "qfree (mircfr p)\<and>(Ifm bs (mircfr p) = Ifm bs (E p))" (is "_ \<and> (?lhs = ?rhs)")
  5474   proof-
  5475     let ?es = "(And (And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) (simpfm (exsplit p)))"
  5476     have "?rhs = (\<exists> (i::int). \<exists> x. Ifm (x#real i#bs) ?es)" 
  5477       using splitex[OF qf] by simp
  5478     with ferrack01[OF simpfm_qf[OF exsplit_qf[OF qf]]] have th1: "?rhs = (\<exists> (i::int). Ifm (real i#bs) (ferrack01 (simpfm (exsplit p))))" and qf':"qfree (ferrack01 (simpfm (exsplit p)))" by simp+
  5479     with DJcooper[OF qf'] show ?thesis by (simp add: mircfr_def)
  5480   qed
  5481 qed
  5482   
  5483 lemma mirlfr: "\<forall> bs p. qfree p \<longrightarrow> qfree(mirlfr p) \<and> Ifm bs (mirlfr p) = Ifm bs (E p)"
  5484 proof(clarsimp simp del: Ifm.simps)
  5485   fix bs p
  5486   assume qf: "qfree p"
  5487   show "qfree (mirlfr p)\<and>(Ifm bs (mirlfr p) = Ifm bs (E p))" (is "_ \<and> (?lhs = ?rhs)")
  5488   proof-
  5489     let ?es = "(And (And (Ge (CN 0 1 (C 0))) (Lt (CN 0 1 (C (- 1))))) (simpfm (exsplit p)))"
  5490     have "?rhs = (\<exists> (i::int). \<exists> x. Ifm (x#real i#bs) ?es)" 
  5491       using splitex[OF qf] by simp
  5492     with ferrack01[OF simpfm_qf[OF exsplit_qf[OF qf]]] have th1: "?rhs = (\<exists> (i::int). Ifm (real i#bs) (ferrack01 (simpfm (exsplit p))))" and qf':"qfree (ferrack01 (simpfm (exsplit p)))" by simp+
  5493     with DJredlove[OF qf'] show ?thesis by (simp add: mirlfr_def)
  5494   qed
  5495 qed
  5496   
  5497 definition mircfrqe:: "fm \<Rightarrow> fm" where
  5498   "mircfrqe p = qelim (prep p) mircfr"
  5499 
  5500 definition mirlfrqe:: "fm \<Rightarrow> fm" where
  5501   "mirlfrqe p = qelim (prep p) mirlfr"
  5502 
  5503 theorem mircfrqe: "(Ifm bs (mircfrqe p) = Ifm bs p) \<and> qfree (mircfrqe p)"
  5504   using qelim_ci[OF mircfr] prep by (auto simp add: mircfrqe_def)
  5505 
  5506 theorem mirlfrqe: "(Ifm bs (mirlfrqe p) = Ifm bs p) \<and> qfree (mirlfrqe p)"
  5507   using qelim_ci[OF mirlfr] prep by (auto simp add: mirlfrqe_def)
  5508 
  5509 definition
  5510   "problem1 = A (And (Le (Sub (Floor (Bound 0)) (Bound 0))) (Le (Add (Bound 0) (Floor (Neg (Bound 0))))))"
  5511 
  5512 definition
  5513   "problem2 = A (Iff (Eq (Add (Floor (Bound 0)) (Floor (Neg (Bound 0))))) (Eq (Sub (Floor (Bound 0)) (Bound 0))))"
  5514 
  5515 definition
  5516   "problem3 = A (And (Le (Sub (Floor (Bound 0)) (Bound 0))) (Le (Add (Bound 0) (Floor (Neg (Bound 0))))))"
  5517 
  5518 definition
  5519   "problem4 = E (And (Ge (Sub (Bound 1) (Bound 0))) (Eq (Add (Floor (Bound 1)) (Floor (Neg (Bound 0))))))"
  5520 
  5521 ML {* @{code mircfrqe} @{code problem1} *}
  5522 ML {* @{code mirlfrqe} @{code problem1} *}  
  5523 ML {* @{code mircfrqe} @{code problem2} *}
  5524 ML {* @{code mirlfrqe} @{code problem2} *}  
  5525 ML {* @{code mircfrqe} @{code problem3} *}
  5526 ML {* @{code mirlfrqe} @{code problem3} *}  
  5527 ML {* @{code mircfrqe} @{code problem4} *}
  5528 ML {* @{code mirlfrqe} @{code problem4} *}
  5529 
  5530 (*code_reflect Mir
  5531   functions mircfrqe mirlfrqe
  5532   file "mir.ML"*)
  5533 
  5534 oracle mirfr_oracle = {* fn (proofs, ct) =>
  5535 let
  5536 
  5537 fun num_of_term vs (t as Free (xn, xT)) = (case AList.lookup (op =) vs t
  5538      of NONE => error "Variable not found in the list!"
  5539       | SOME n => @{code Bound} n)
  5540   | num_of_term vs @{term "real (0::int)"} = @{code C} 0
  5541   | num_of_term vs @{term "real (1::int)"} = @{code C} 1
  5542   | num_of_term vs @{term "0::real"} = @{code C} 0
  5543   | num_of_term vs @{term "1::real"} = @{code C} 1
  5544   | num_of_term vs (Bound i) = @{code Bound} i
  5545   | num_of_term vs (@{term "uminus :: real \<Rightarrow> real"} $ t') = @{code Neg} (num_of_term vs t')
  5546   | num_of_term vs (@{term "op + :: real \<Rightarrow> real \<Rightarrow> real"} $ t1 $ t2) =
  5547       @{code Add} (num_of_term vs t1, num_of_term vs t2)
  5548   | num_of_term vs (@{term "op - :: real \<Rightarrow> real \<Rightarrow> real"} $ t1 $ t2) =
  5549       @{code Sub} (num_of_term vs t1, num_of_term vs t2)
  5550   | num_of_term vs (@{term "op * :: real \<Rightarrow> real \<Rightarrow> real"} $ t1 $ t2) =
  5551       (case (num_of_term vs t1)
  5552        of @{code C} i => @{code Mul} (i, num_of_term vs t2)
  5553         | _ => error "num_of_term: unsupported Multiplication")
  5554   | num_of_term vs (@{term "real :: int \<Rightarrow> real"} $ (@{term "number_of :: int \<Rightarrow> int"} $ t')) =
  5555       @{code C} (HOLogic.dest_numeral t')
  5556   | num_of_term vs (@{term "real :: int \<Rightarrow> real"} $ (@{term "floor :: real \<Rightarrow> int"} $ t')) =
  5557       @{code Floor} (num_of_term vs t')
  5558   | num_of_term vs (@{term "real :: int \<Rightarrow> real"} $ (@{term "ceiling :: real \<Rightarrow> int"} $ t')) =
  5559       @{code Neg} (@{code Floor} (@{code Neg} (num_of_term vs t')))
  5560   | num_of_term vs