src/HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy
author webertj
Fri Oct 19 15:12:52 2012 +0200 (2012-10-19)
changeset 49962 a8cc904a6820
parent 48562 f6d6d58fa318
child 50045 2214bc566f88
permissions -rw-r--r--
Renamed {left,right}_distrib to distrib_{right,left}.
     1 (*  Title:      HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy
     2     Author:     Amine Chaieb
     3 *)
     4 
     5 header{* A formalization of Ferrante and Rackoff's procedure with polynomial parameters, see Paper in CALCULEMUS 2008 *}
     6 
     7 theory Parametric_Ferrante_Rackoff
     8 imports Reflected_Multivariate_Polynomial Dense_Linear_Order DP_Library
     9   "~~/src/HOL/Library/Efficient_Nat" "~~/src/HOL/Library/Old_Recdef"
    10 begin
    11 
    12 subsection {* Terms *}
    13 
    14 datatype tm = CP poly | Bound nat | Add tm tm | Mul poly tm 
    15   | Neg tm | Sub tm tm | CNP nat poly tm
    16   (* A size for poly to make inductive proofs simpler*)
    17 
    18 primrec tmsize :: "tm \<Rightarrow> nat" where
    19   "tmsize (CP c) = polysize c"
    20 | "tmsize (Bound n) = 1"
    21 | "tmsize (Neg a) = 1 + tmsize a"
    22 | "tmsize (Add a b) = 1 + tmsize a + tmsize b"
    23 | "tmsize (Sub a b) = 3 + tmsize a + tmsize b"
    24 | "tmsize (Mul c a) = 1 + polysize c + tmsize a"
    25 | "tmsize (CNP n c a) = 3 + polysize c + tmsize a "
    26 
    27   (* Semantics of terms tm *)
    28 primrec Itm :: "'a::{field_char_0, field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> tm \<Rightarrow> 'a" where
    29   "Itm vs bs (CP c) = (Ipoly vs c)"
    30 | "Itm vs bs (Bound n) = bs!n"
    31 | "Itm vs bs (Neg a) = -(Itm vs bs a)"
    32 | "Itm vs bs (Add a b) = Itm vs bs a + Itm vs bs b"
    33 | "Itm vs bs (Sub a b) = Itm vs bs a - Itm vs bs b"
    34 | "Itm vs bs (Mul c a) = (Ipoly vs c) * Itm vs bs a"
    35 | "Itm vs bs (CNP n c t) = (Ipoly vs c)*(bs!n) + Itm vs bs t"   
    36 
    37 
    38 fun allpolys:: "(poly \<Rightarrow> bool) \<Rightarrow> tm \<Rightarrow> bool"  where
    39   "allpolys P (CP c) = P c"
    40 | "allpolys P (CNP n c p) = (P c \<and> allpolys P p)"
    41 | "allpolys P (Mul c p) = (P c \<and> allpolys P p)"
    42 | "allpolys P (Neg p) = allpolys P p"
    43 | "allpolys P (Add p q) = (allpolys P p \<and> allpolys P q)"
    44 | "allpolys P (Sub p q) = (allpolys P p \<and> allpolys P q)"
    45 | "allpolys P p = True"
    46 
    47 primrec tmboundslt:: "nat \<Rightarrow> tm \<Rightarrow> bool" where
    48   "tmboundslt n (CP c) = True"
    49 | "tmboundslt n (Bound m) = (m < n)"
    50 | "tmboundslt n (CNP m c a) = (m < n \<and> tmboundslt n a)"
    51 | "tmboundslt n (Neg a) = tmboundslt n a"
    52 | "tmboundslt n (Add a b) = (tmboundslt n a \<and> tmboundslt n b)"
    53 | "tmboundslt n (Sub a b) = (tmboundslt n a \<and> tmboundslt n b)" 
    54 | "tmboundslt n (Mul i a) = tmboundslt n a"
    55 
    56 primrec tmbound0:: "tm \<Rightarrow> bool" (* a tm is INDEPENDENT of Bound 0 *) where
    57   "tmbound0 (CP c) = True"
    58 | "tmbound0 (Bound n) = (n>0)"
    59 | "tmbound0 (CNP n c a) = (n\<noteq>0 \<and> tmbound0 a)"
    60 | "tmbound0 (Neg a) = tmbound0 a"
    61 | "tmbound0 (Add a b) = (tmbound0 a \<and> tmbound0 b)"
    62 | "tmbound0 (Sub a b) = (tmbound0 a \<and> tmbound0 b)" 
    63 | "tmbound0 (Mul i a) = tmbound0 a"
    64 lemma tmbound0_I:
    65   assumes nb: "tmbound0 a"
    66   shows "Itm vs (b#bs) a = Itm vs (b'#bs) a"
    67 using nb
    68 by (induct a rule: tm.induct,auto)
    69 
    70 primrec tmbound:: "nat \<Rightarrow> tm \<Rightarrow> bool" (* a tm is INDEPENDENT of Bound n *) where
    71   "tmbound n (CP c) = True"
    72 | "tmbound n (Bound m) = (n \<noteq> m)"
    73 | "tmbound n (CNP m c a) = (n\<noteq>m \<and> tmbound n a)"
    74 | "tmbound n (Neg a) = tmbound n a"
    75 | "tmbound n (Add a b) = (tmbound n a \<and> tmbound n b)"
    76 | "tmbound n (Sub a b) = (tmbound n a \<and> tmbound n b)" 
    77 | "tmbound n (Mul i a) = tmbound n a"
    78 lemma tmbound0_tmbound_iff: "tmbound 0 t = tmbound0 t" by (induct t, auto)
    79 
    80 lemma tmbound_I: 
    81   assumes bnd: "tmboundslt (length bs) t" and nb: "tmbound n t" and le: "n \<le> length bs"
    82   shows "Itm vs (bs[n:=x]) t = Itm vs bs t"
    83   using nb le bnd
    84   by (induct t rule: tm.induct , auto)
    85 
    86 fun decrtm0:: "tm \<Rightarrow> tm" where
    87   "decrtm0 (Bound n) = Bound (n - 1)"
    88 | "decrtm0 (Neg a) = Neg (decrtm0 a)"
    89 | "decrtm0 (Add a b) = Add (decrtm0 a) (decrtm0 b)"
    90 | "decrtm0 (Sub a b) = Sub (decrtm0 a) (decrtm0 b)"
    91 | "decrtm0 (Mul c a) = Mul c (decrtm0 a)"
    92 | "decrtm0 (CNP n c a) = CNP (n - 1) c (decrtm0 a)"
    93 | "decrtm0 a = a"
    94 
    95 fun incrtm0:: "tm \<Rightarrow> tm" where
    96   "incrtm0 (Bound n) = Bound (n + 1)"
    97 | "incrtm0 (Neg a) = Neg (incrtm0 a)"
    98 | "incrtm0 (Add a b) = Add (incrtm0 a) (incrtm0 b)"
    99 | "incrtm0 (Sub a b) = Sub (incrtm0 a) (incrtm0 b)"
   100 | "incrtm0 (Mul c a) = Mul c (incrtm0 a)"
   101 | "incrtm0 (CNP n c a) = CNP (n + 1) c (incrtm0 a)"
   102 | "incrtm0 a = a"
   103 
   104 lemma decrtm0: assumes nb: "tmbound0 t"
   105   shows "Itm vs (x#bs) t = Itm vs bs (decrtm0 t)"
   106   using nb by (induct t rule: decrtm0.induct, simp_all)
   107 
   108 lemma incrtm0: "Itm vs (x#bs) (incrtm0 t) = Itm vs bs t"
   109   by (induct t rule: decrtm0.induct, simp_all)
   110 
   111 primrec decrtm:: "nat \<Rightarrow> tm \<Rightarrow> tm" where
   112   "decrtm m (CP c) = (CP c)"
   113 | "decrtm m (Bound n) = (if n < m then Bound n else Bound (n - 1))"
   114 | "decrtm m (Neg a) = Neg (decrtm m a)"
   115 | "decrtm m (Add a b) = Add (decrtm m a) (decrtm m b)"
   116 | "decrtm m (Sub a b) = Sub (decrtm m a) (decrtm m b)"
   117 | "decrtm m (Mul c a) = Mul c (decrtm m a)"
   118 | "decrtm m (CNP n c a) = (if n < m then CNP n c (decrtm m a) else CNP (n - 1) c (decrtm m a))"
   119 
   120 primrec removen:: "nat \<Rightarrow> 'a list \<Rightarrow> 'a list" where
   121   "removen n [] = []"
   122 | "removen n (x#xs) = (if n=0 then xs else (x#(removen (n - 1) xs)))"
   123 
   124 lemma removen_same: "n \<ge> length xs \<Longrightarrow> removen n xs = xs"
   125   by (induct xs arbitrary: n, auto)
   126 
   127 lemma nth_length_exceeds: "n \<ge> length xs \<Longrightarrow> xs!n = []!(n - length xs)"
   128   by (induct xs arbitrary: n, auto)
   129 
   130 lemma removen_length: "length (removen n xs) = (if n \<ge> length xs then length xs else length xs - 1)"
   131   by (induct xs arbitrary: n, auto)
   132 lemma removen_nth: "(removen n xs)!m = (if n \<ge> length xs then xs!m 
   133   else if m < n then xs!m else if m \<le> length xs then xs!(Suc m) else []!(m - (length xs - 1)))"
   134 proof(induct xs arbitrary: n m)
   135   case Nil thus ?case by simp
   136 next
   137   case (Cons x xs n m)
   138   {assume nxs: "n \<ge> length (x#xs)" hence ?case using removen_same[OF nxs] by simp}
   139   moreover
   140   {assume nxs: "\<not> (n \<ge> length (x#xs))" 
   141     {assume mln: "m < n" hence ?case using Cons by (cases m, auto)}
   142     moreover
   143     {assume mln: "\<not> (m < n)" 
   144       {assume mxs: "m \<le> length (x#xs)" hence ?case using Cons by (cases m, auto)}
   145       moreover
   146       {assume mxs: "\<not> (m \<le> length (x#xs))" 
   147         have th: "length (removen n (x#xs)) = length xs" 
   148           using removen_length[where n="n" and xs="x#xs"] nxs by simp
   149         with mxs have mxs':"m \<ge> length (removen n (x#xs))" by auto
   150         hence "(removen n (x#xs))!m = [] ! (m - length xs)" 
   151           using th nth_length_exceeds[OF mxs'] by auto
   152         hence th: "(removen n (x#xs))!m = [] ! (m - (length (x#xs) - 1))" 
   153           by auto
   154         hence ?case using nxs mln mxs by auto }
   155       ultimately have ?case by blast
   156     }
   157     ultimately have ?case by blast
   158   } ultimately show ?case by blast
   159 qed
   160 
   161 lemma decrtm: assumes bnd: "tmboundslt (length bs) t" and nb: "tmbound m t" 
   162   and nle: "m \<le> length bs" 
   163   shows "Itm vs (removen m bs) (decrtm m t) = Itm vs bs t"
   164   using bnd nb nle by (induct t rule: tm.induct) (auto simp add: removen_nth)
   165 
   166 primrec tmsubst0:: "tm \<Rightarrow> tm \<Rightarrow> tm" where
   167   "tmsubst0 t (CP c) = CP c"
   168 | "tmsubst0 t (Bound n) = (if n=0 then t else Bound n)"
   169 | "tmsubst0 t (CNP n c a) = (if n=0 then Add (Mul c t) (tmsubst0 t a) else CNP n c (tmsubst0 t a))"
   170 | "tmsubst0 t (Neg a) = Neg (tmsubst0 t a)"
   171 | "tmsubst0 t (Add a b) = Add (tmsubst0 t a) (tmsubst0 t b)"
   172 | "tmsubst0 t (Sub a b) = Sub (tmsubst0 t a) (tmsubst0 t b)" 
   173 | "tmsubst0 t (Mul i a) = Mul i (tmsubst0 t a)"
   174 lemma tmsubst0:
   175   shows "Itm vs (x#bs) (tmsubst0 t a) = Itm vs ((Itm vs (x#bs) t)#bs) a"
   176   by (induct a rule: tm.induct) auto
   177 
   178 lemma tmsubst0_nb: "tmbound0 t \<Longrightarrow> tmbound0 (tmsubst0 t a)"
   179   by (induct a rule: tm.induct) auto
   180 
   181 primrec tmsubst:: "nat \<Rightarrow> tm \<Rightarrow> tm \<Rightarrow> tm" where
   182   "tmsubst n t (CP c) = CP c"
   183 | "tmsubst n t (Bound m) = (if n=m then t else Bound m)"
   184 | "tmsubst n t (CNP m c a) = (if n=m then Add (Mul c t) (tmsubst n t a) 
   185              else CNP m c (tmsubst n t a))"
   186 | "tmsubst n t (Neg a) = Neg (tmsubst n t a)"
   187 | "tmsubst n t (Add a b) = Add (tmsubst n t a) (tmsubst n t b)"
   188 | "tmsubst n t (Sub a b) = Sub (tmsubst n t a) (tmsubst n t b)" 
   189 | "tmsubst n t (Mul i a) = Mul i (tmsubst n t a)"
   190 
   191 lemma tmsubst: assumes nb: "tmboundslt (length bs) a" and nlt: "n \<le> length bs"
   192   shows "Itm vs bs (tmsubst n t a) = Itm vs (bs[n:= Itm vs bs t]) a"
   193 using nb nlt
   194 by (induct a rule: tm.induct,auto)
   195 
   196 lemma tmsubst_nb0: assumes tnb: "tmbound0 t"
   197 shows "tmbound0 (tmsubst 0 t a)"
   198 using tnb
   199 by (induct a rule: tm.induct, auto)
   200 
   201 lemma tmsubst_nb: assumes tnb: "tmbound m t"
   202 shows "tmbound m (tmsubst m t a)"
   203 using tnb
   204 by (induct a rule: tm.induct, auto)
   205 lemma incrtm0_tmbound: "tmbound n t \<Longrightarrow> tmbound (Suc n) (incrtm0 t)"
   206   by (induct t, auto)
   207   (* Simplification *)
   208 
   209 consts
   210   tmadd:: "tm \<times> tm \<Rightarrow> tm"
   211 recdef tmadd "measure (\<lambda> (t,s). size t + size s)"
   212   "tmadd (CNP n1 c1 r1,CNP n2 c2 r2) =
   213   (if n1=n2 then 
   214   (let c = c1 +\<^sub>p c2
   215   in if c = 0\<^sub>p then tmadd(r1,r2) else CNP n1 c (tmadd (r1,r2)))
   216   else if n1 \<le> n2 then (CNP n1 c1 (tmadd (r1,CNP n2 c2 r2))) 
   217   else (CNP n2 c2 (tmadd (CNP n1 c1 r1,r2))))"
   218   "tmadd (CNP n1 c1 r1,t) = CNP n1 c1 (tmadd (r1, t))"  
   219   "tmadd (t,CNP n2 c2 r2) = CNP n2 c2 (tmadd (t,r2))" 
   220   "tmadd (CP b1, CP b2) = CP (b1 +\<^sub>p b2)"
   221   "tmadd (a,b) = Add a b"
   222 
   223 lemma tmadd[simp]: "Itm vs bs (tmadd (t,s)) = Itm vs bs (Add t s)"
   224 apply (induct t s rule: tmadd.induct, simp_all add: Let_def)
   225 apply (case_tac "c1 +\<^sub>p c2 = 0\<^sub>p",case_tac "n1 \<le> n2", simp_all)
   226 apply (case_tac "n1 = n2", simp_all add: field_simps)
   227 apply (simp only: distrib_left[symmetric]) 
   228 by (auto simp del: polyadd simp add: polyadd[symmetric])
   229 
   230 lemma tmadd_nb0[simp]: "\<lbrakk> tmbound0 t ; tmbound0 s\<rbrakk> \<Longrightarrow> tmbound0 (tmadd (t,s))"
   231 by (induct t s rule: tmadd.induct, auto simp add: Let_def)
   232 
   233 lemma tmadd_nb[simp]: "\<lbrakk> tmbound n t ; tmbound n s\<rbrakk> \<Longrightarrow> tmbound n (tmadd (t,s))"
   234 by (induct t s rule: tmadd.induct, auto simp add: Let_def)
   235 lemma tmadd_blt[simp]: "\<lbrakk>tmboundslt n t ; tmboundslt n s\<rbrakk> \<Longrightarrow> tmboundslt n (tmadd (t,s))"
   236 by (induct t s rule: tmadd.induct, auto simp add: Let_def)
   237 
   238 lemma tmadd_allpolys_npoly[simp]: "allpolys isnpoly t \<Longrightarrow> allpolys isnpoly s \<Longrightarrow> allpolys isnpoly (tmadd(t,s))" by (induct t s rule: tmadd.induct, simp_all add: Let_def polyadd_norm)
   239 
   240 fun tmmul:: "tm \<Rightarrow> poly \<Rightarrow> tm" where
   241   "tmmul (CP j) = (\<lambda> i. CP (i *\<^sub>p j))"
   242 | "tmmul (CNP n c a) = (\<lambda> i. CNP n (i *\<^sub>p c) (tmmul a i))"
   243 | "tmmul t = (\<lambda> i. Mul i t)"
   244 
   245 lemma tmmul[simp]: "Itm vs bs (tmmul t i) = Itm vs bs (Mul i t)"
   246 by (induct t arbitrary: i rule: tmmul.induct, simp_all add: field_simps)
   247 
   248 lemma tmmul_nb0[simp]: "tmbound0 t \<Longrightarrow> tmbound0 (tmmul t i)"
   249 by (induct t arbitrary: i rule: tmmul.induct, auto )
   250 
   251 lemma tmmul_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (tmmul t i)"
   252 by (induct t arbitrary: n rule: tmmul.induct, auto )
   253 lemma tmmul_blt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (tmmul t i)"
   254 by (induct t arbitrary: i rule: tmmul.induct, auto simp add: Let_def)
   255 
   256 lemma tmmul_allpolys_npoly[simp]: 
   257   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   258   shows "allpolys isnpoly t \<Longrightarrow> isnpoly c \<Longrightarrow> allpolys isnpoly (tmmul t c)" by (induct t rule: tmmul.induct, simp_all add: Let_def polymul_norm)
   259 
   260 definition tmneg :: "tm \<Rightarrow> tm" where
   261   "tmneg t \<equiv> tmmul t (C (- 1,1))"
   262 
   263 definition tmsub :: "tm \<Rightarrow> tm \<Rightarrow> tm" where
   264   "tmsub s t \<equiv> (if s = t then CP 0\<^sub>p else tmadd (s,tmneg t))"
   265 
   266 lemma tmneg[simp]: "Itm vs bs (tmneg t) = Itm vs bs (Neg t)"
   267 using tmneg_def[of t] 
   268 apply simp
   269 done
   270 
   271 lemma tmneg_nb0[simp]: "tmbound0 t \<Longrightarrow> tmbound0 (tmneg t)"
   272 using tmneg_def by simp
   273 
   274 lemma tmneg_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (tmneg t)"
   275 using tmneg_def by simp
   276 lemma tmneg_blt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (tmneg t)"
   277 using tmneg_def by simp
   278 lemma [simp]: "isnpoly (C (-1,1))" unfolding isnpoly_def by simp
   279 lemma tmneg_allpolys_npoly[simp]: 
   280   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   281   shows "allpolys isnpoly t \<Longrightarrow> allpolys isnpoly (tmneg t)" 
   282   unfolding tmneg_def by auto
   283 
   284 lemma tmsub[simp]: "Itm vs bs (tmsub a b) = Itm vs bs (Sub a b)"
   285 using tmsub_def by simp
   286 
   287 lemma tmsub_nb0[simp]: "\<lbrakk> tmbound0 t ; tmbound0 s\<rbrakk> \<Longrightarrow> tmbound0 (tmsub t s)"
   288 using tmsub_def by simp
   289 lemma tmsub_nb[simp]: "\<lbrakk> tmbound n t ; tmbound n s\<rbrakk> \<Longrightarrow> tmbound n (tmsub t s)"
   290 using tmsub_def by simp
   291 lemma tmsub_blt[simp]: "\<lbrakk>tmboundslt n t ; tmboundslt n s\<rbrakk> \<Longrightarrow> tmboundslt n (tmsub t s )"
   292 using tmsub_def by simp
   293 lemma tmsub_allpolys_npoly[simp]: 
   294   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   295   shows "allpolys isnpoly t \<Longrightarrow> allpolys isnpoly s \<Longrightarrow> allpolys isnpoly (tmsub t s)" 
   296   unfolding tmsub_def by (simp add: isnpoly_def)
   297 
   298 fun simptm:: "tm \<Rightarrow> tm" where
   299   "simptm (CP j) = CP (polynate j)"
   300 | "simptm (Bound n) = CNP n 1\<^sub>p (CP 0\<^sub>p)"
   301 | "simptm (Neg t) = tmneg (simptm t)"
   302 | "simptm (Add t s) = tmadd (simptm t,simptm s)"
   303 | "simptm (Sub t s) = tmsub (simptm t) (simptm s)"
   304 | "simptm (Mul i t) = (let i' = polynate i in if i' = 0\<^sub>p then CP 0\<^sub>p else tmmul (simptm t) i')"
   305 | "simptm (CNP n c t) = (let c' = polynate c in if c' = 0\<^sub>p then simptm t else tmadd (CNP n c' (CP 0\<^sub>p ), simptm t))"
   306 
   307 lemma polynate_stupid: 
   308   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   309   shows "polynate t = 0\<^sub>p \<Longrightarrow> Ipoly bs t = (0::'a)"
   310 apply (subst polynate[symmetric])
   311 apply simp
   312 done
   313 
   314 lemma simptm_ci[simp]: "Itm vs bs (simptm t) = Itm vs bs t"
   315 by (induct t rule: simptm.induct, auto simp add: tmneg tmadd tmsub tmmul Let_def polynate_stupid) 
   316 
   317 lemma simptm_tmbound0[simp]: 
   318   "tmbound0 t \<Longrightarrow> tmbound0 (simptm t)"
   319 by (induct t rule: simptm.induct, auto simp add: Let_def)
   320 
   321 lemma simptm_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (simptm t)"
   322 by (induct t rule: simptm.induct, auto simp add: Let_def)
   323 lemma simptm_nlt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (simptm t)"
   324 by (induct t rule: simptm.induct, auto simp add: Let_def)
   325 
   326 lemma [simp]: "isnpoly 0\<^sub>p" and [simp]: "isnpoly (C(1,1))" 
   327   by (simp_all add: isnpoly_def)
   328 lemma simptm_allpolys_npoly[simp]: 
   329   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   330   shows "allpolys isnpoly (simptm p)"
   331   by (induct p rule: simptm.induct, auto simp add: Let_def)
   332 
   333 declare let_cong[fundef_cong del]
   334 
   335 fun split0 :: "tm \<Rightarrow> (poly \<times> tm)" where
   336   "split0 (Bound 0) = (1\<^sub>p, CP 0\<^sub>p)"
   337 | "split0 (CNP 0 c t) = (let (c',t') = split0 t in (c +\<^sub>p c',t'))"
   338 | "split0 (Neg t) = (let (c,t') = split0 t in (~\<^sub>p c,Neg t'))"
   339 | "split0 (CNP n c t) = (let (c',t') = split0 t in (c',CNP n c t'))"
   340 | "split0 (Add s t) = (let (c1,s') = split0 s ; (c2,t') = split0 t in (c1 +\<^sub>p c2, Add s' t'))"
   341 | "split0 (Sub s t) = (let (c1,s') = split0 s ; (c2,t') = split0 t in (c1 -\<^sub>p c2, Sub s' t'))"
   342 | "split0 (Mul c t) = (let (c',t') = split0 t in (c *\<^sub>p c', Mul c t'))"
   343 | "split0 t = (0\<^sub>p, t)"
   344 
   345 declare let_cong[fundef_cong]
   346 
   347 lemma split0_stupid[simp]: "\<exists>x y. (x,y) = split0 p"
   348   apply (rule exI[where x="fst (split0 p)"])
   349   apply (rule exI[where x="snd (split0 p)"])
   350   by simp
   351 
   352 lemma split0:
   353   "tmbound 0 (snd (split0 t)) \<and> (Itm vs bs (CNP 0 (fst (split0 t)) (snd (split0 t))) = Itm vs bs t)"
   354   apply (induct t rule: split0.induct)
   355   apply simp
   356   apply (simp add: Let_def split_def field_simps)
   357   apply (simp add: Let_def split_def field_simps)
   358   apply (simp add: Let_def split_def field_simps)
   359   apply (simp add: Let_def split_def field_simps)
   360   apply (simp add: Let_def split_def field_simps)
   361   apply (simp add: Let_def split_def mult_assoc distrib_left[symmetric])
   362   apply (simp add: Let_def split_def field_simps)
   363   apply (simp add: Let_def split_def field_simps)
   364   done
   365 
   366 lemma split0_ci: "split0 t = (c',t') \<Longrightarrow> Itm vs bs t = Itm vs bs (CNP 0 c' t')"
   367 proof-
   368   fix c' t'
   369   assume "split0 t = (c', t')" hence "c' = fst (split0 t)" and "t' = snd (split0 t)" by auto
   370   with split0[where t="t" and bs="bs"] show "Itm vs bs t = Itm vs bs (CNP 0 c' t')" by simp
   371 qed
   372 
   373 lemma split0_nb0: 
   374   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   375   shows "split0 t = (c',t') \<Longrightarrow>  tmbound 0 t'"
   376 proof-
   377   fix c' t'
   378   assume "split0 t = (c', t')" hence "c' = fst (split0 t)" and "t' = snd (split0 t)" by auto
   379   with conjunct1[OF split0[where t="t"]] show "tmbound 0 t'" by simp
   380 qed
   381 
   382 lemma split0_nb0'[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   383   shows "tmbound0 (snd (split0 t))"
   384   using split0_nb0[of t "fst (split0 t)" "snd (split0 t)"] by (simp add: tmbound0_tmbound_iff)
   385 
   386 
   387 lemma split0_nb: assumes nb:"tmbound n t" shows "tmbound n (snd (split0 t))"
   388   using nb by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
   389 
   390 lemma split0_blt: assumes nb:"tmboundslt n t" shows "tmboundslt n (snd (split0 t))"
   391   using nb by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
   392 
   393 lemma tmbound_split0: "tmbound 0 t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0"
   394  by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
   395 
   396 lemma tmboundslt_split0: "tmboundslt n t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0 \<or> n > 0"
   397 by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
   398 
   399 lemma tmboundslt0_split0: "tmboundslt 0 t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0"
   400  by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
   401 
   402 lemma allpolys_split0: "allpolys isnpoly p \<Longrightarrow> allpolys isnpoly (snd (split0 p))"
   403 by (induct p rule: split0.induct, auto simp  add: isnpoly_def Let_def split_def split0_stupid)
   404 
   405 lemma isnpoly_fst_split0:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   406   shows 
   407   "allpolys isnpoly p \<Longrightarrow> isnpoly (fst (split0 p))"
   408   by (induct p rule: split0.induct, 
   409     auto simp  add: polyadd_norm polysub_norm polyneg_norm polymul_norm 
   410     Let_def split_def split0_stupid)
   411 
   412 subsection{* Formulae *}
   413 
   414 datatype fm  =  T| F| Le tm | Lt tm | Eq tm | NEq tm|
   415   NOT fm| And fm fm|  Or fm fm| Imp fm fm| Iff fm fm| E fm| A fm
   416 
   417 
   418   (* A size for fm *)
   419 fun fmsize :: "fm \<Rightarrow> nat" where
   420   "fmsize (NOT p) = 1 + fmsize p"
   421 | "fmsize (And p q) = 1 + fmsize p + fmsize q"
   422 | "fmsize (Or p q) = 1 + fmsize p + fmsize q"
   423 | "fmsize (Imp p q) = 3 + fmsize p + fmsize q"
   424 | "fmsize (Iff p q) = 3 + 2*(fmsize p + fmsize q)"
   425 | "fmsize (E p) = 1 + fmsize p"
   426 | "fmsize (A p) = 4+ fmsize p"
   427 | "fmsize p = 1"
   428   (* several lemmas about fmsize *)
   429 lemma fmsize_pos[termination_simp]: "fmsize p > 0"        
   430 by (induct p rule: fmsize.induct) simp_all
   431 
   432   (* Semantics of formulae (fm) *)
   433 primrec Ifm ::"'a::{linordered_field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> fm \<Rightarrow> bool" where
   434   "Ifm vs bs T = True"
   435 | "Ifm vs bs F = False"
   436 | "Ifm vs bs (Lt a) = (Itm vs bs a < 0)"
   437 | "Ifm vs bs (Le a) = (Itm vs bs a \<le> 0)"
   438 | "Ifm vs bs (Eq a) = (Itm vs bs a = 0)"
   439 | "Ifm vs bs (NEq a) = (Itm vs bs a \<noteq> 0)"
   440 | "Ifm vs bs (NOT p) = (\<not> (Ifm vs bs p))"
   441 | "Ifm vs bs (And p q) = (Ifm vs bs p \<and> Ifm vs bs q)"
   442 | "Ifm vs bs (Or p q) = (Ifm vs bs p \<or> Ifm vs bs q)"
   443 | "Ifm vs bs (Imp p q) = ((Ifm vs bs p) \<longrightarrow> (Ifm vs bs q))"
   444 | "Ifm vs bs (Iff p q) = (Ifm vs bs p = Ifm vs bs q)"
   445 | "Ifm vs bs (E p) = (\<exists> x. Ifm vs (x#bs) p)"
   446 | "Ifm vs bs (A p) = (\<forall> x. Ifm vs (x#bs) p)"
   447 
   448 fun not:: "fm \<Rightarrow> fm" where
   449   "not (NOT (NOT p)) = not p"
   450 | "not (NOT p) = p"
   451 | "not T = F"
   452 | "not F = T"
   453 | "not (Lt t) = Le (tmneg t)"
   454 | "not (Le t) = Lt (tmneg t)"
   455 | "not (Eq t) = NEq t"
   456 | "not (NEq t) = Eq t"
   457 | "not p = NOT p"
   458 lemma not[simp]: "Ifm vs bs (not p) = Ifm vs bs (NOT p)"
   459 by (induct p rule: not.induct) auto
   460 
   461 definition conj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
   462   "conj p q \<equiv> (if (p = F \<or> q=F) then F else if p=T then q else if q=T then p else 
   463    if p = q then p else And p q)"
   464 lemma conj[simp]: "Ifm vs bs (conj p q) = Ifm vs bs (And p q)"
   465 by (cases "p=F \<or> q=F",simp_all add: conj_def) (cases p,simp_all)
   466 
   467 definition disj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
   468   "disj p q \<equiv> (if (p = T \<or> q=T) then T else if p=F then q else if q=F then p 
   469        else if p=q then p else Or p q)"
   470 
   471 lemma disj[simp]: "Ifm vs bs (disj p q) = Ifm vs bs (Or p q)"
   472 by (cases "p=T \<or> q=T",simp_all add: disj_def) (cases p,simp_all)
   473 
   474 definition imp :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
   475   "imp p q \<equiv> (if (p = F \<or> q=T \<or> p=q) then T else if p=T then q else if q=F then not p 
   476     else Imp p q)"
   477 lemma imp[simp]: "Ifm vs bs (imp p q) = Ifm vs bs (Imp p q)"
   478 by (cases "p=F \<or> q=T",simp_all add: imp_def) 
   479 
   480 definition iff :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
   481   "iff p q \<equiv> (if (p = q) then T else if (p = NOT q \<or> NOT p = q) then F else 
   482        if p=F then not q else if q=F then not p else if p=T then q else if q=T then p else 
   483   Iff p q)"
   484 lemma iff[simp]: "Ifm vs bs (iff p q) = Ifm vs bs (Iff p q)"
   485   by (unfold iff_def,cases "p=q", simp,cases "p=NOT q", simp) (cases "NOT p= q", auto)
   486 
   487   (* Quantifier freeness *)
   488 fun qfree:: "fm \<Rightarrow> bool" where
   489   "qfree (E p) = False"
   490 | "qfree (A p) = False"
   491 | "qfree (NOT p) = qfree p" 
   492 | "qfree (And p q) = (qfree p \<and> qfree q)" 
   493 | "qfree (Or  p q) = (qfree p \<and> qfree q)" 
   494 | "qfree (Imp p q) = (qfree p \<and> qfree q)" 
   495 | "qfree (Iff p q) = (qfree p \<and> qfree q)"
   496 | "qfree p = True"
   497 
   498   (* Boundedness and substitution *)
   499 
   500 primrec boundslt :: "nat \<Rightarrow> fm \<Rightarrow> bool" where
   501   "boundslt n T = True"
   502 | "boundslt n F = True"
   503 | "boundslt n (Lt t) = (tmboundslt n t)"
   504 | "boundslt n (Le t) = (tmboundslt n t)"
   505 | "boundslt n (Eq t) = (tmboundslt n t)"
   506 | "boundslt n (NEq t) = (tmboundslt n t)"
   507 | "boundslt n (NOT p) = boundslt n p"
   508 | "boundslt n (And p q) = (boundslt n p \<and> boundslt n q)"
   509 | "boundslt n (Or p q) = (boundslt n p \<and> boundslt n q)"
   510 | "boundslt n (Imp p q) = ((boundslt n p) \<and> (boundslt n q))"
   511 | "boundslt n (Iff p q) = (boundslt n p \<and> boundslt n q)"
   512 | "boundslt n (E p) = boundslt (Suc n) p"
   513 | "boundslt n (A p) = boundslt (Suc n) p"
   514 
   515 fun bound0:: "fm \<Rightarrow> bool" (* A Formula is independent of Bound 0 *) where
   516   "bound0 T = True"
   517 | "bound0 F = True"
   518 | "bound0 (Lt a) = tmbound0 a"
   519 | "bound0 (Le a) = tmbound0 a"
   520 | "bound0 (Eq a) = tmbound0 a"
   521 | "bound0 (NEq a) = tmbound0 a"
   522 | "bound0 (NOT p) = bound0 p"
   523 | "bound0 (And p q) = (bound0 p \<and> bound0 q)"
   524 | "bound0 (Or p q) = (bound0 p \<and> bound0 q)"
   525 | "bound0 (Imp p q) = ((bound0 p) \<and> (bound0 q))"
   526 | "bound0 (Iff p q) = (bound0 p \<and> bound0 q)"
   527 | "bound0 p = False"
   528 lemma bound0_I:
   529   assumes bp: "bound0 p"
   530   shows "Ifm vs (b#bs) p = Ifm vs (b'#bs) p"
   531 using bp tmbound0_I[where b="b" and bs="bs" and b'="b'"]
   532 by (induct p rule: bound0.induct,auto)
   533 
   534 primrec bound:: "nat \<Rightarrow> fm \<Rightarrow> bool" (* A Formula is independent of Bound n *) where
   535   "bound m T = True"
   536 | "bound m F = True"
   537 | "bound m (Lt t) = tmbound m t"
   538 | "bound m (Le t) = tmbound m t"
   539 | "bound m (Eq t) = tmbound m t"
   540 | "bound m (NEq t) = tmbound m t"
   541 | "bound m (NOT p) = bound m p"
   542 | "bound m (And p q) = (bound m p \<and> bound m q)"
   543 | "bound m (Or p q) = (bound m p \<and> bound m q)"
   544 | "bound m (Imp p q) = ((bound m p) \<and> (bound m q))"
   545 | "bound m (Iff p q) = (bound m p \<and> bound m q)"
   546 | "bound m (E p) = bound (Suc m) p"
   547 | "bound m (A p) = bound (Suc m) p"
   548 
   549 lemma bound_I:
   550   assumes bnd: "boundslt (length bs) p" and nb: "bound n p" and le: "n \<le> length bs"
   551   shows "Ifm vs (bs[n:=x]) p = Ifm vs bs p"
   552   using bnd nb le tmbound_I[where bs=bs and vs = vs]
   553 proof(induct p arbitrary: bs n rule: fm.induct)
   554   case (E p bs n) 
   555   {fix y
   556     from E have bnd: "boundslt (length (y#bs)) p" 
   557       and nb: "bound (Suc n) p" and le: "Suc n \<le> length (y#bs)" by simp+
   558     from E.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .   }
   559   thus ?case by simp 
   560 next
   561   case (A p bs n) {fix y
   562     from A have bnd: "boundslt (length (y#bs)) p" 
   563       and nb: "bound (Suc n) p" and le: "Suc n \<le> length (y#bs)" by simp+
   564     from A.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .   }
   565   thus ?case by simp 
   566 qed auto
   567 
   568 fun decr0 :: "fm \<Rightarrow> fm" where
   569   "decr0 (Lt a) = Lt (decrtm0 a)"
   570 | "decr0 (Le a) = Le (decrtm0 a)"
   571 | "decr0 (Eq a) = Eq (decrtm0 a)"
   572 | "decr0 (NEq a) = NEq (decrtm0 a)"
   573 | "decr0 (NOT p) = NOT (decr0 p)" 
   574 | "decr0 (And p q) = conj (decr0 p) (decr0 q)"
   575 | "decr0 (Or p q) = disj (decr0 p) (decr0 q)"
   576 | "decr0 (Imp p q) = imp (decr0 p) (decr0 q)"
   577 | "decr0 (Iff p q) = iff (decr0 p) (decr0 q)"
   578 | "decr0 p = p"
   579 
   580 lemma decr0: assumes nb: "bound0 p"
   581   shows "Ifm vs (x#bs) p = Ifm vs bs (decr0 p)"
   582   using nb 
   583   by (induct p rule: decr0.induct, simp_all add: decrtm0)
   584 
   585 primrec decr :: "nat \<Rightarrow> fm \<Rightarrow> fm" where
   586   "decr m T = T"
   587 | "decr m F = F"
   588 | "decr m (Lt t) = (Lt (decrtm m t))"
   589 | "decr m (Le t) = (Le (decrtm m t))"
   590 | "decr m (Eq t) = (Eq (decrtm m t))"
   591 | "decr m (NEq t) = (NEq (decrtm m t))"
   592 | "decr m (NOT p) = NOT (decr m p)" 
   593 | "decr m (And p q) = conj (decr m p) (decr m q)"
   594 | "decr m (Or p q) = disj (decr m p) (decr m q)"
   595 | "decr m (Imp p q) = imp (decr m p) (decr m q)"
   596 | "decr m (Iff p q) = iff (decr m p) (decr m q)"
   597 | "decr m (E p) = E (decr (Suc m) p)"
   598 | "decr m (A p) = A (decr (Suc m) p)"
   599 
   600 lemma decr: assumes  bnd: "boundslt (length bs) p" and nb: "bound m p" 
   601   and nle: "m < length bs" 
   602   shows "Ifm vs (removen m bs) (decr m p) = Ifm vs bs p"
   603   using bnd nb nle
   604 proof(induct p arbitrary: bs m rule: fm.induct)
   605   case (E p bs m) 
   606   {fix x
   607     from E have bnd: "boundslt (length (x#bs)) p" and nb: "bound (Suc m) p" 
   608   and nle: "Suc m < length (x#bs)" by auto
   609     from E(1)[OF bnd nb nle] have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p".
   610   } thus ?case by auto 
   611 next
   612   case (A p bs m)  
   613   {fix x
   614     from A have bnd: "boundslt (length (x#bs)) p" and nb: "bound (Suc m) p" 
   615   and nle: "Suc m < length (x#bs)" by auto
   616     from A(1)[OF bnd nb nle] have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p".
   617   } thus ?case by auto
   618 qed (auto simp add: decrtm removen_nth)
   619 
   620 primrec subst0:: "tm \<Rightarrow> fm \<Rightarrow> fm" where
   621   "subst0 t T = T"
   622 | "subst0 t F = F"
   623 | "subst0 t (Lt a) = Lt (tmsubst0 t a)"
   624 | "subst0 t (Le a) = Le (tmsubst0 t a)"
   625 | "subst0 t (Eq a) = Eq (tmsubst0 t a)"
   626 | "subst0 t (NEq a) = NEq (tmsubst0 t a)"
   627 | "subst0 t (NOT p) = NOT (subst0 t p)"
   628 | "subst0 t (And p q) = And (subst0 t p) (subst0 t q)"
   629 | "subst0 t (Or p q) = Or (subst0 t p) (subst0 t q)"
   630 | "subst0 t (Imp p q) = Imp (subst0 t p)  (subst0 t q)"
   631 | "subst0 t (Iff p q) = Iff (subst0 t p) (subst0 t q)"
   632 | "subst0 t (E p) = E p"
   633 | "subst0 t (A p) = A p"
   634 
   635 lemma subst0: assumes qf: "qfree p"
   636   shows "Ifm vs (x#bs) (subst0 t p) = Ifm vs ((Itm vs (x#bs) t)#bs) p"
   637 using qf tmsubst0[where x="x" and bs="bs" and t="t"]
   638 by (induct p rule: fm.induct, auto)
   639 
   640 lemma subst0_nb:
   641   assumes bp: "tmbound0 t" and qf: "qfree p"
   642   shows "bound0 (subst0 t p)"
   643 using qf tmsubst0_nb[OF bp] bp
   644 by (induct p rule: fm.induct, auto)
   645 
   646 primrec subst:: "nat \<Rightarrow> tm \<Rightarrow> fm \<Rightarrow> fm" where
   647   "subst n t T = T"
   648 | "subst n t F = F"
   649 | "subst n t (Lt a) = Lt (tmsubst n t a)"
   650 | "subst n t (Le a) = Le (tmsubst n t a)"
   651 | "subst n t (Eq a) = Eq (tmsubst n t a)"
   652 | "subst n t (NEq a) = NEq (tmsubst n t a)"
   653 | "subst n t (NOT p) = NOT (subst n t p)"
   654 | "subst n t (And p q) = And (subst n t p) (subst n t q)"
   655 | "subst n t (Or p q) = Or (subst n t p) (subst n t q)"
   656 | "subst n t (Imp p q) = Imp (subst n t p)  (subst n t q)"
   657 | "subst n t (Iff p q) = Iff (subst n t p) (subst n t q)"
   658 | "subst n t (E p) = E (subst (Suc n) (incrtm0 t) p)"
   659 | "subst n t (A p) = A (subst (Suc n) (incrtm0 t) p)"
   660 
   661 lemma subst: assumes nb: "boundslt (length bs) p" and nlm: "n \<le> length bs"
   662   shows "Ifm vs bs (subst n t p) = Ifm vs (bs[n:= Itm vs bs t]) p"
   663   using nb nlm
   664 proof (induct p arbitrary: bs n t rule: fm.induct)
   665   case (E p bs n) 
   666   {fix x 
   667     from E have bn: "boundslt (length (x#bs)) p" by simp 
   668     from E have nlm: "Suc n \<le> length (x#bs)" by simp
   669     from E(1)[OF bn nlm] have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p" by simp 
   670     hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
   671     by (simp add: incrtm0[where x="x" and bs="bs" and t="t"]) }  
   672 thus ?case by simp 
   673 next
   674   case (A p bs n)   
   675   {fix x 
   676     from A have bn: "boundslt (length (x#bs)) p" by simp 
   677     from A have nlm: "Suc n \<le> length (x#bs)" by simp
   678     from A(1)[OF bn nlm] have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p" by simp 
   679     hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
   680     by (simp add: incrtm0[where x="x" and bs="bs" and t="t"]) }  
   681 thus ?case by simp 
   682 qed(auto simp add: tmsubst)
   683 
   684 lemma subst_nb: assumes tnb: "tmbound m t"
   685 shows "bound m (subst m t p)"
   686 using tnb tmsubst_nb incrtm0_tmbound
   687 by (induct p arbitrary: m t rule: fm.induct, auto)
   688 
   689 lemma not_qf[simp]: "qfree p \<Longrightarrow> qfree (not p)"
   690 by (induct p rule: not.induct, auto)
   691 lemma not_bn0[simp]: "bound0 p \<Longrightarrow> bound0 (not p)"
   692 by (induct p rule: not.induct, auto)
   693 lemma not_nb[simp]: "bound n p \<Longrightarrow> bound n (not p)"
   694 by (induct p rule: not.induct, auto)
   695 lemma not_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n (not p)"
   696  by (induct p rule: not.induct, auto)
   697 
   698 lemma conj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (conj p q)"
   699 using conj_def by auto 
   700 lemma conj_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (conj p q)"
   701 using conj_def by auto 
   702 lemma conj_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (conj p q)"
   703 using conj_def by auto 
   704 lemma conj_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (conj p q)"
   705 using conj_def by auto 
   706 
   707 lemma disj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (disj p q)"
   708 using disj_def by auto 
   709 lemma disj_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (disj p q)"
   710 using disj_def by auto 
   711 lemma disj_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (disj p q)"
   712 using disj_def by auto 
   713 lemma disj_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (disj p q)"
   714 using disj_def by auto 
   715 
   716 lemma imp_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (imp p q)"
   717 using imp_def by (cases "p=F \<or> q=T",simp_all add: imp_def)
   718 lemma imp_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (imp p q)"
   719 using imp_def by (cases "p=F \<or> q=T \<or> p=q",simp_all add: imp_def)
   720 lemma imp_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (imp p q)"
   721 using imp_def by (cases "p=F \<or> q=T \<or> p=q",simp_all add: imp_def)
   722 lemma imp_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (imp p q)"
   723 using imp_def by auto 
   724 
   725 lemma iff_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (iff p q)"
   726   by (unfold iff_def,cases "p=q", auto)
   727 lemma iff_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (iff p q)"
   728 using iff_def by (unfold iff_def,cases "p=q", auto)
   729 lemma iff_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (iff p q)"
   730 using iff_def by (unfold iff_def,cases "p=q", auto)
   731 lemma iff_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (iff p q)"
   732 using iff_def by auto 
   733 lemma decr0_qf: "bound0 p \<Longrightarrow> qfree (decr0 p)"
   734 by (induct p, simp_all)
   735 
   736 fun isatom :: "fm \<Rightarrow> bool" (* test for atomicity *) where
   737   "isatom T = True"
   738 | "isatom F = True"
   739 | "isatom (Lt a) = True"
   740 | "isatom (Le a) = True"
   741 | "isatom (Eq a) = True"
   742 | "isatom (NEq a) = True"
   743 | "isatom p = False"
   744 
   745 lemma bound0_qf: "bound0 p \<Longrightarrow> qfree p"
   746 by (induct p, simp_all)
   747 
   748 definition djf :: "('a \<Rightarrow> fm) \<Rightarrow> 'a \<Rightarrow> fm \<Rightarrow> fm" where
   749   "djf f p q \<equiv> (if q=T then T else if q=F then f p else 
   750   (let fp = f p in case fp of T \<Rightarrow> T | F \<Rightarrow> q | _ \<Rightarrow> Or (f p) q))"
   751 definition evaldjf :: "('a \<Rightarrow> fm) \<Rightarrow> 'a list \<Rightarrow> fm" where
   752   "evaldjf f ps \<equiv> foldr (djf f) ps F"
   753 
   754 lemma djf_Or: "Ifm vs bs (djf f p q) = Ifm vs bs (Or (f p) q)"
   755 by (cases "q=T", simp add: djf_def,cases "q=F",simp add: djf_def) 
   756 (cases "f p", simp_all add: Let_def djf_def) 
   757 
   758 lemma evaldjf_ex: "Ifm vs bs (evaldjf f ps) = (\<exists> p \<in> set ps. Ifm vs bs (f p))"
   759   by(induct ps, simp_all add: evaldjf_def djf_Or)
   760 
   761 lemma evaldjf_bound0: 
   762   assumes nb: "\<forall> x\<in> set xs. bound0 (f x)"
   763   shows "bound0 (evaldjf f xs)"
   764   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   765 
   766 lemma evaldjf_qf: 
   767   assumes nb: "\<forall> x\<in> set xs. qfree (f x)"
   768   shows "qfree (evaldjf f xs)"
   769   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto) 
   770 
   771 fun disjuncts :: "fm \<Rightarrow> fm list" where
   772   "disjuncts (Or p q) = (disjuncts p) @ (disjuncts q)"
   773 | "disjuncts F = []"
   774 | "disjuncts p = [p]"
   775 
   776 lemma disjuncts: "(\<exists> q\<in> set (disjuncts p). Ifm vs bs q) = Ifm vs bs p"
   777 by(induct p rule: disjuncts.induct, auto)
   778 
   779 lemma disjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). bound0 q"
   780 proof-
   781   assume nb: "bound0 p"
   782   hence "list_all bound0 (disjuncts p)" by (induct p rule:disjuncts.induct,auto)
   783   thus ?thesis by (simp only: list_all_iff)
   784 qed
   785 
   786 lemma disjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). qfree q"
   787 proof-
   788   assume qf: "qfree p"
   789   hence "list_all qfree (disjuncts p)"
   790     by (induct p rule: disjuncts.induct, auto)
   791   thus ?thesis by (simp only: list_all_iff)
   792 qed
   793 
   794 definition DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
   795   "DJ f p \<equiv> evaldjf f (disjuncts p)"
   796 
   797 lemma DJ: assumes fdj: "\<forall> p q. Ifm vs bs (f (Or p q)) = Ifm vs bs (Or (f p) (f q))"
   798   and fF: "f F = F"
   799   shows "Ifm vs bs (DJ f p) = Ifm vs bs (f p)"
   800 proof-
   801   have "Ifm vs bs (DJ f p) = (\<exists> q \<in> set (disjuncts p). Ifm vs bs (f q))"
   802     by (simp add: DJ_def evaldjf_ex) 
   803   also have "\<dots> = Ifm vs bs (f p)" using fdj fF by (induct p rule: disjuncts.induct, auto)
   804   finally show ?thesis .
   805 qed
   806 
   807 lemma DJ_qf: assumes 
   808   fqf: "\<forall> p. qfree p \<longrightarrow> qfree (f p)"
   809   shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p) "
   810 proof(clarify)
   811   fix  p assume qf: "qfree p"
   812   have th: "DJ f p = evaldjf f (disjuncts p)" by (simp add: DJ_def)
   813   from disjuncts_qf[OF qf] have "\<forall> q\<in> set (disjuncts p). qfree q" .
   814   with fqf have th':"\<forall> q\<in> set (disjuncts p). qfree (f q)" by blast
   815   
   816   from evaldjf_qf[OF th'] th show "qfree (DJ f p)" by simp
   817 qed
   818 
   819 lemma DJ_qe: assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
   820   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (DJ qe p) \<and> (Ifm vs bs ((DJ qe p)) = Ifm vs bs (E p))"
   821 proof(clarify)
   822   fix p::fm and bs
   823   assume qf: "qfree p"
   824   from qe have qth: "\<forall> p. qfree p \<longrightarrow> qfree (qe p)" by blast
   825   from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)" by auto
   826   have "Ifm vs bs (DJ qe p) = (\<exists> q\<in> set (disjuncts p). Ifm vs bs (qe q))"
   827     by (simp add: DJ_def evaldjf_ex)
   828   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). Ifm vs bs (E q))" using qe disjuncts_qf[OF qf] by auto
   829   also have "\<dots> = Ifm vs bs (E p)" by (induct p rule: disjuncts.induct, auto)
   830   finally show "qfree (DJ qe p) \<and> Ifm vs bs (DJ qe p) = Ifm vs bs (E p)" using qfth by blast
   831 qed
   832 
   833 fun conjuncts :: "fm \<Rightarrow> fm list" where
   834   "conjuncts (And p q) = (conjuncts p) @ (conjuncts q)"
   835 | "conjuncts T = []"
   836 | "conjuncts p = [p]"
   837 
   838 definition list_conj :: "fm list \<Rightarrow> fm" where
   839   "list_conj ps \<equiv> foldr conj ps T"
   840 
   841 definition CJNB :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
   842   "CJNB f p \<equiv> (let cjs = conjuncts p ; (yes,no) = partition bound0 cjs
   843                    in conj (decr0 (list_conj yes)) (f (list_conj no)))"
   844 
   845 lemma conjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). qfree q"
   846 proof-
   847   assume qf: "qfree p"
   848   hence "list_all qfree (conjuncts p)"
   849     by (induct p rule: conjuncts.induct, auto)
   850   thus ?thesis by (simp only: list_all_iff)
   851 qed
   852 
   853 lemma conjuncts: "(\<forall> q\<in> set (conjuncts p). Ifm vs bs q) = Ifm vs bs p"
   854 by(induct p rule: conjuncts.induct, auto)
   855 
   856 lemma conjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). bound0 q"
   857 proof-
   858   assume nb: "bound0 p"
   859   hence "list_all bound0 (conjuncts p)" by (induct p rule:conjuncts.induct,auto)
   860   thus ?thesis by (simp only: list_all_iff)
   861 qed
   862 
   863 fun islin :: "fm \<Rightarrow> bool" where
   864   "islin (And p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
   865 | "islin (Or p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
   866 | "islin (Eq (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
   867 | "islin (NEq (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
   868 | "islin (Lt (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
   869 | "islin (Le (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
   870 | "islin (NOT p) = False"
   871 | "islin (Imp p q) = False"
   872 | "islin (Iff p q) = False"
   873 | "islin p = bound0 p"
   874 
   875 lemma islin_stupid: assumes nb: "tmbound0 p"
   876   shows "islin (Lt p)" and "islin (Le p)" and "islin (Eq p)" and "islin (NEq p)"
   877   using nb by (cases p, auto, case_tac nat, auto)+
   878 
   879 definition "lt p = (case p of CP (C c) \<Rightarrow> if 0>\<^sub>N c then T else F| _ \<Rightarrow> Lt p)"
   880 definition "le p = (case p of CP (C c) \<Rightarrow> if 0\<ge>\<^sub>N c then T else F | _ \<Rightarrow> Le p)"
   881 definition eq where "eq p = (case p of CP (C c) \<Rightarrow> if c = 0\<^sub>N then T else F | _ \<Rightarrow> Eq p)"
   882 definition "neq p = not (eq p)"
   883 
   884 lemma lt: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (lt p) = Ifm vs bs (Lt p)"
   885   apply(simp add: lt_def)
   886   apply(cases p, simp_all)
   887   apply (case_tac poly, simp_all add: isnpoly_def)
   888   done
   889 
   890 lemma le: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (le p) = Ifm vs bs (Le p)"
   891   apply(simp add: le_def)
   892   apply(cases p, simp_all)
   893   apply (case_tac poly, simp_all add: isnpoly_def)
   894   done
   895 
   896 lemma eq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (eq p) = Ifm vs bs (Eq p)"
   897   apply(simp add: eq_def)
   898   apply(cases p, simp_all)
   899   apply (case_tac poly, simp_all add: isnpoly_def)
   900   done
   901 
   902 lemma neq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (neq p) = Ifm vs bs (NEq p)"
   903   by(simp add: neq_def eq)
   904 
   905 lemma lt_lin: "tmbound0 p \<Longrightarrow> islin (lt p)"
   906   apply (simp add: lt_def)
   907   apply (cases p, simp_all)
   908   apply (case_tac poly, simp_all)
   909   apply (case_tac nat, simp_all)
   910   done
   911 
   912 lemma le_lin: "tmbound0 p \<Longrightarrow> islin (le p)"
   913   apply (simp add: le_def)
   914   apply (cases p, simp_all)
   915   apply (case_tac poly, simp_all)
   916   apply (case_tac nat, simp_all)
   917   done
   918 
   919 lemma eq_lin: "tmbound0 p \<Longrightarrow> islin (eq p)"
   920   apply (simp add: eq_def)
   921   apply (cases p, simp_all)
   922   apply (case_tac poly, simp_all)
   923   apply (case_tac nat, simp_all)
   924   done
   925 
   926 lemma neq_lin: "tmbound0 p \<Longrightarrow> islin (neq p)"
   927   apply (simp add: neq_def eq_def)
   928   apply (cases p, simp_all)
   929   apply (case_tac poly, simp_all)
   930   apply (case_tac nat, simp_all)
   931   done
   932 
   933 definition "simplt t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then lt s else Lt (CNP 0 c s))"
   934 definition "simple t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then le s else Le (CNP 0 c s))"
   935 definition "simpeq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then eq s else Eq (CNP 0 c s))"
   936 definition "simpneq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then neq s else NEq (CNP 0 c s))"
   937 
   938 lemma simplt_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   939   shows "islin (simplt t)"
   940   unfolding simplt_def 
   941   using split0_nb0'
   942 by (auto simp add: lt_lin Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly])
   943   
   944 lemma simple_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   945   shows "islin (simple t)"
   946   unfolding simple_def 
   947   using split0_nb0'
   948 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] le_lin)
   949 lemma simpeq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   950   shows "islin (simpeq t)"
   951   unfolding simpeq_def 
   952   using split0_nb0'
   953 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] eq_lin)
   954 
   955 lemma simpneq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   956   shows "islin (simpneq t)"
   957   unfolding simpneq_def 
   958   using split0_nb0'
   959 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] neq_lin)
   960 
   961 lemma really_stupid: "\<not> (\<forall>c1 s'. (c1, s') \<noteq> split0 s)"
   962   by (cases "split0 s", auto)
   963 lemma split0_npoly:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   964   and n: "allpolys isnpoly t"
   965   shows "isnpoly (fst (split0 t))" and "allpolys isnpoly (snd (split0 t))"
   966   using n
   967   by (induct t rule: split0.induct, auto simp add: Let_def split_def polyadd_norm polymul_norm polyneg_norm polysub_norm really_stupid)
   968 lemma simplt[simp]:
   969   shows "Ifm vs bs (simplt t) = Ifm vs bs (Lt t)"
   970 proof-
   971   have n: "allpolys isnpoly (simptm t)" by simp
   972   let ?t = "simptm t"
   973   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   974       using split0[of "simptm t" vs bs] lt[OF split0_npoly(2)[OF n], of vs bs]
   975       by (simp add: simplt_def Let_def split_def lt)}
   976   moreover
   977   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   978     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simplt_def Let_def split_def)
   979   }
   980   ultimately show ?thesis by blast
   981 qed
   982 
   983 lemma simple[simp]:
   984   shows "Ifm vs bs (simple t) = Ifm vs bs (Le t)"
   985 proof-
   986   have n: "allpolys isnpoly (simptm t)" by simp
   987   let ?t = "simptm t"
   988   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   989       using split0[of "simptm t" vs bs] le[OF split0_npoly(2)[OF n], of vs bs]
   990       by (simp add: simple_def Let_def split_def le)}
   991   moreover
   992   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   993     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simple_def Let_def split_def)
   994   }
   995   ultimately show ?thesis by blast
   996 qed
   997 
   998 lemma simpeq[simp]:
   999   shows "Ifm vs bs (simpeq t) = Ifm vs bs (Eq t)"
  1000 proof-
  1001   have n: "allpolys isnpoly (simptm t)" by simp
  1002   let ?t = "simptm t"
  1003   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
  1004       using split0[of "simptm t" vs bs] eq[OF split0_npoly(2)[OF n], of vs bs]
  1005       by (simp add: simpeq_def Let_def split_def)}
  1006   moreover
  1007   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
  1008     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpeq_def Let_def split_def)
  1009   }
  1010   ultimately show ?thesis by blast
  1011 qed
  1012 
  1013 lemma simpneq[simp]:
  1014   shows "Ifm vs bs (simpneq t) = Ifm vs bs (NEq t)"
  1015 proof-
  1016   have n: "allpolys isnpoly (simptm t)" by simp
  1017   let ?t = "simptm t"
  1018   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
  1019       using split0[of "simptm t" vs bs] neq[OF split0_npoly(2)[OF n], of vs bs]
  1020       by (simp add: simpneq_def Let_def split_def )}
  1021   moreover
  1022   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
  1023     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpneq_def Let_def split_def)
  1024   }
  1025   ultimately show ?thesis by blast
  1026 qed
  1027 
  1028 lemma lt_nb: "tmbound0 t \<Longrightarrow> bound0 (lt t)"
  1029   apply (simp add: lt_def)
  1030   apply (cases t, auto)
  1031   apply (case_tac poly, auto)
  1032   done
  1033 
  1034 lemma le_nb: "tmbound0 t \<Longrightarrow> bound0 (le t)"
  1035   apply (simp add: le_def)
  1036   apply (cases t, auto)
  1037   apply (case_tac poly, auto)
  1038   done
  1039 
  1040 lemma eq_nb: "tmbound0 t \<Longrightarrow> bound0 (eq t)"
  1041   apply (simp add: eq_def)
  1042   apply (cases t, auto)
  1043   apply (case_tac poly, auto)
  1044   done
  1045 
  1046 lemma neq_nb: "tmbound0 t \<Longrightarrow> bound0 (neq t)"
  1047   apply (simp add: neq_def eq_def)
  1048   apply (cases t, auto)
  1049   apply (case_tac poly, auto)
  1050   done
  1051 
  1052 lemma simplt_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1053   shows "tmbound0 t \<Longrightarrow> bound0 (simplt t)"
  1054   using split0 [of "simptm t" "vs::'a list" bs]
  1055 proof(simp add: simplt_def Let_def split_def)
  1056   assume nb: "tmbound0 t"
  1057   hence nb': "tmbound0 (simptm t)" by simp
  1058   let ?c = "fst (split0 (simptm t))"
  1059   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
  1060   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
  1061   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
  1062   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
  1063   from iffD1[OF isnpolyh_unique[OF ths] th]
  1064   have "fst (split0 (simptm t)) = 0\<^sub>p" . 
  1065   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (lt (snd (split0 (simptm t))))) \<and>
  1066        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def lt_nb)
  1067 qed
  1068 
  1069 lemma simple_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1070   shows "tmbound0 t \<Longrightarrow> bound0 (simple t)"
  1071   using split0 [of "simptm t" "vs::'a list" bs]
  1072 proof(simp add: simple_def Let_def split_def)
  1073   assume nb: "tmbound0 t"
  1074   hence nb': "tmbound0 (simptm t)" by simp
  1075   let ?c = "fst (split0 (simptm t))"
  1076   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
  1077   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
  1078   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
  1079   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
  1080   from iffD1[OF isnpolyh_unique[OF ths] th]
  1081   have "fst (split0 (simptm t)) = 0\<^sub>p" . 
  1082   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (le (snd (split0 (simptm t))))) \<and>
  1083        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def le_nb)
  1084 qed
  1085 
  1086 lemma simpeq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1087   shows "tmbound0 t \<Longrightarrow> bound0 (simpeq t)"
  1088   using split0 [of "simptm t" "vs::'a list" bs]
  1089 proof(simp add: simpeq_def Let_def split_def)
  1090   assume nb: "tmbound0 t"
  1091   hence nb': "tmbound0 (simptm t)" by simp
  1092   let ?c = "fst (split0 (simptm t))"
  1093   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
  1094   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
  1095   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
  1096   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
  1097   from iffD1[OF isnpolyh_unique[OF ths] th]
  1098   have "fst (split0 (simptm t)) = 0\<^sub>p" . 
  1099   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (eq (snd (split0 (simptm t))))) \<and>
  1100        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpeq_def Let_def split_def eq_nb)
  1101 qed
  1102 
  1103 lemma simpneq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1104   shows "tmbound0 t \<Longrightarrow> bound0 (simpneq t)"
  1105   using split0 [of "simptm t" "vs::'a list" bs]
  1106 proof(simp add: simpneq_def Let_def split_def)
  1107   assume nb: "tmbound0 t"
  1108   hence nb': "tmbound0 (simptm t)" by simp
  1109   let ?c = "fst (split0 (simptm t))"
  1110   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
  1111   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
  1112   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
  1113   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
  1114   from iffD1[OF isnpolyh_unique[OF ths] th]
  1115   have "fst (split0 (simptm t)) = 0\<^sub>p" . 
  1116   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (neq (snd (split0 (simptm t))))) \<and>
  1117        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpneq_def Let_def split_def neq_nb)
  1118 qed
  1119 
  1120 fun conjs   :: "fm \<Rightarrow> fm list" where
  1121   "conjs (And p q) = (conjs p)@(conjs q)"
  1122 | "conjs T = []"
  1123 | "conjs p = [p]"
  1124 lemma conjs_ci: "(\<forall> q \<in> set (conjs p). Ifm vs bs q) = Ifm vs bs p"
  1125 by (induct p rule: conjs.induct, auto)
  1126 definition list_disj :: "fm list \<Rightarrow> fm" where
  1127   "list_disj ps \<equiv> foldr disj ps F"
  1128 
  1129 lemma list_conj: "Ifm vs bs (list_conj ps) = (\<forall>p\<in> set ps. Ifm vs bs p)"
  1130   by (induct ps, auto simp add: list_conj_def)
  1131 lemma list_conj_qf: " \<forall>p\<in> set ps. qfree p \<Longrightarrow> qfree (list_conj ps)"
  1132   by (induct ps, auto simp add: list_conj_def conj_qf)
  1133 lemma list_disj: "Ifm vs bs (list_disj ps) = (\<exists>p\<in> set ps. Ifm vs bs p)"
  1134   by (induct ps, auto simp add: list_disj_def)
  1135 
  1136 lemma conj_boundslt: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (conj p q)"
  1137   unfolding conj_def by auto
  1138 
  1139 lemma conjs_nb: "bound n p \<Longrightarrow> \<forall>q\<in> set (conjs p). bound n q"
  1140   apply (induct p rule: conjs.induct) 
  1141   apply (unfold conjs.simps)
  1142   apply (unfold set_append)
  1143   apply (unfold ball_Un)
  1144   apply (unfold bound.simps)
  1145   apply auto
  1146   done
  1147 
  1148 lemma conjs_boundslt: "boundslt n p \<Longrightarrow> \<forall>q\<in> set (conjs p). boundslt n q"
  1149   apply (induct p rule: conjs.induct) 
  1150   apply (unfold conjs.simps)
  1151   apply (unfold set_append)
  1152   apply (unfold ball_Un)
  1153   apply (unfold boundslt.simps)
  1154   apply blast
  1155 by simp_all
  1156 
  1157 lemma list_conj_boundslt: " \<forall>p\<in> set ps. boundslt n p \<Longrightarrow> boundslt n (list_conj ps)"
  1158   unfolding list_conj_def
  1159   by (induct ps, auto simp add: conj_boundslt)
  1160 
  1161 lemma list_conj_nb: assumes bnd: "\<forall>p\<in> set ps. bound n p"
  1162   shows "bound n (list_conj ps)"
  1163   using bnd
  1164   unfolding list_conj_def
  1165   by (induct ps, auto simp add: conj_nb)
  1166 
  1167 lemma list_conj_nb': "\<forall>p\<in>set ps. bound0 p \<Longrightarrow> bound0 (list_conj ps)"
  1168 unfolding list_conj_def by (induct ps , auto)
  1169 
  1170 lemma CJNB_qe: 
  1171   assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
  1172   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (CJNB qe p) \<and> (Ifm vs bs ((CJNB qe p)) = Ifm vs bs (E p))"
  1173 proof(clarify)
  1174   fix bs p
  1175   assume qfp: "qfree p"
  1176   let ?cjs = "conjuncts p"
  1177   let ?yes = "fst (partition bound0 ?cjs)"
  1178   let ?no = "snd (partition bound0 ?cjs)"
  1179   let ?cno = "list_conj ?no"
  1180   let ?cyes = "list_conj ?yes"
  1181   have part: "partition bound0 ?cjs = (?yes,?no)" by simp
  1182   from partition_P[OF part] have "\<forall> q\<in> set ?yes. bound0 q" by blast 
  1183   hence yes_nb: "bound0 ?cyes" by (simp add: list_conj_nb') 
  1184   hence yes_qf: "qfree (decr0 ?cyes )" by (simp add: decr0_qf)
  1185   from conjuncts_qf[OF qfp] partition_set[OF part] 
  1186   have " \<forall>q\<in> set ?no. qfree q" by auto
  1187   hence no_qf: "qfree ?cno"by (simp add: list_conj_qf)
  1188   with qe have cno_qf:"qfree (qe ?cno )" 
  1189     and noE: "Ifm vs bs (qe ?cno) = Ifm vs bs (E ?cno)" by blast+
  1190   from cno_qf yes_qf have qf: "qfree (CJNB qe p)" 
  1191     by (simp add: CJNB_def Let_def conj_qf split_def)
  1192   {fix bs
  1193     from conjuncts have "Ifm vs bs p = (\<forall>q\<in> set ?cjs. Ifm vs bs q)" by blast
  1194     also have "\<dots> = ((\<forall>q\<in> set ?yes. Ifm vs bs q) \<and> (\<forall>q\<in> set ?no. Ifm vs bs q))"
  1195       using partition_set[OF part] by auto
  1196     finally have "Ifm vs bs p = ((Ifm vs bs ?cyes) \<and> (Ifm vs bs ?cno))" using list_conj[of vs bs] by simp}
  1197   hence "Ifm vs bs (E p) = (\<exists>x. (Ifm vs (x#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))" by simp
  1198   also have "\<dots> = (\<exists>x. (Ifm vs (y#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))"
  1199     using bound0_I[OF yes_nb, where bs="bs" and b'="y"] by blast
  1200   also have "\<dots> = (Ifm vs bs (decr0 ?cyes) \<and> Ifm vs bs (E ?cno))"
  1201     by (auto simp add: decr0[OF yes_nb] simp del: partition_filter_conv)
  1202   also have "\<dots> = (Ifm vs bs (conj (decr0 ?cyes) (qe ?cno)))"
  1203     using qe[rule_format, OF no_qf] by auto
  1204   finally have "Ifm vs bs (E p) = Ifm vs bs (CJNB qe p)" 
  1205     by (simp add: Let_def CJNB_def split_def)
  1206   with qf show "qfree (CJNB qe p) \<and> Ifm vs bs (CJNB qe p) = Ifm vs bs (E p)" by blast
  1207 qed
  1208 
  1209 consts simpfm :: "fm \<Rightarrow> fm"
  1210 recdef simpfm "measure fmsize"
  1211   "simpfm (Lt t) = simplt (simptm t)"
  1212   "simpfm (Le t) = simple (simptm t)"
  1213   "simpfm (Eq t) = simpeq(simptm t)"
  1214   "simpfm (NEq t) = simpneq(simptm t)"
  1215   "simpfm (And p q) = conj (simpfm p) (simpfm q)"
  1216   "simpfm (Or p q) = disj (simpfm p) (simpfm q)"
  1217   "simpfm (Imp p q) = disj (simpfm (NOT p)) (simpfm q)"
  1218   "simpfm (Iff p q) = disj (conj (simpfm p) (simpfm q)) (conj (simpfm (NOT p)) (simpfm (NOT q)))"
  1219   "simpfm (NOT (And p q)) = disj (simpfm (NOT p)) (simpfm (NOT q))"
  1220   "simpfm (NOT (Or p q)) = conj (simpfm (NOT p)) (simpfm (NOT q))"
  1221   "simpfm (NOT (Imp p q)) = conj (simpfm p) (simpfm (NOT q))"
  1222   "simpfm (NOT (Iff p q)) = disj (conj (simpfm p) (simpfm (NOT q))) (conj (simpfm (NOT p)) (simpfm q))"
  1223   "simpfm (NOT (Eq t)) = simpneq t"
  1224   "simpfm (NOT (NEq t)) = simpeq t"
  1225   "simpfm (NOT (Le t)) = simplt (Neg t)"
  1226   "simpfm (NOT (Lt t)) = simple (Neg t)"
  1227   "simpfm (NOT (NOT p)) = simpfm p"
  1228   "simpfm (NOT T) = F"
  1229   "simpfm (NOT F) = T"
  1230   "simpfm p = p"
  1231 
  1232 lemma simpfm[simp]: "Ifm vs bs (simpfm p) = Ifm vs bs p"
  1233 by(induct p arbitrary: bs rule: simpfm.induct, auto)
  1234 
  1235 lemma simpfm_bound0:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1236   shows "bound0 p \<Longrightarrow> bound0 (simpfm p)"
  1237 by (induct p rule: simpfm.induct, auto)
  1238 
  1239 lemma lt_qf[simp]: "qfree (lt t)"
  1240   apply (cases t, auto simp add: lt_def)
  1241   by (case_tac poly, auto)
  1242 
  1243 lemma le_qf[simp]: "qfree (le t)"
  1244   apply (cases t, auto simp add: le_def)
  1245   by (case_tac poly, auto)
  1246 
  1247 lemma eq_qf[simp]: "qfree (eq t)"
  1248   apply (cases t, auto simp add: eq_def)
  1249   by (case_tac poly, auto)
  1250 
  1251 lemma neq_qf[simp]: "qfree (neq t)" by (simp add: neq_def)
  1252 
  1253 lemma simplt_qf[simp]: "qfree (simplt t)" by (simp add: simplt_def Let_def split_def)
  1254 lemma simple_qf[simp]: "qfree (simple t)" by (simp add: simple_def Let_def split_def)
  1255 lemma simpeq_qf[simp]: "qfree (simpeq t)" by (simp add: simpeq_def Let_def split_def)
  1256 lemma simpneq_qf[simp]: "qfree (simpneq t)" by (simp add: simpneq_def Let_def split_def)
  1257 
  1258 lemma simpfm_qf[simp]: "qfree p \<Longrightarrow> qfree (simpfm p)"
  1259 by (induct p rule: simpfm.induct, auto simp add: disj_qf imp_qf iff_qf conj_qf not_qf Let_def)
  1260 
  1261 lemma disj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (disj p q)" by (simp add: disj_def)
  1262 lemma conj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (conj p q)" by (simp add: conj_def)
  1263 
  1264 lemma   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1265   shows "qfree p \<Longrightarrow> islin (simpfm p)" 
  1266   apply (induct p rule: simpfm.induct)
  1267   apply (simp_all add: conj_lin disj_lin)
  1268   done
  1269 
  1270 consts prep :: "fm \<Rightarrow> fm"
  1271 recdef prep "measure fmsize"
  1272   "prep (E T) = T"
  1273   "prep (E F) = F"
  1274   "prep (E (Or p q)) = disj (prep (E p)) (prep (E q))"
  1275   "prep (E (Imp p q)) = disj (prep (E (NOT p))) (prep (E q))"
  1276   "prep (E (Iff p q)) = disj (prep (E (And p q))) (prep (E (And (NOT p) (NOT q))))" 
  1277   "prep (E (NOT (And p q))) = disj (prep (E (NOT p))) (prep (E(NOT q)))"
  1278   "prep (E (NOT (Imp p q))) = prep (E (And p (NOT q)))"
  1279   "prep (E (NOT (Iff p q))) = disj (prep (E (And p (NOT q)))) (prep (E(And (NOT p) q)))"
  1280   "prep (E p) = E (prep p)"
  1281   "prep (A (And p q)) = conj (prep (A p)) (prep (A q))"
  1282   "prep (A p) = prep (NOT (E (NOT p)))"
  1283   "prep (NOT (NOT p)) = prep p"
  1284   "prep (NOT (And p q)) = disj (prep (NOT p)) (prep (NOT q))"
  1285   "prep (NOT (A p)) = prep (E (NOT p))"
  1286   "prep (NOT (Or p q)) = conj (prep (NOT p)) (prep (NOT q))"
  1287   "prep (NOT (Imp p q)) = conj (prep p) (prep (NOT q))"
  1288   "prep (NOT (Iff p q)) = disj (prep (And p (NOT q))) (prep (And (NOT p) q))"
  1289   "prep (NOT p) = not (prep p)"
  1290   "prep (Or p q) = disj (prep p) (prep q)"
  1291   "prep (And p q) = conj (prep p) (prep q)"
  1292   "prep (Imp p q) = prep (Or (NOT p) q)"
  1293   "prep (Iff p q) = disj (prep (And p q)) (prep (And (NOT p) (NOT q)))"
  1294   "prep p = p"
  1295 (hints simp add: fmsize_pos)
  1296 lemma prep: "Ifm vs bs (prep p) = Ifm vs bs p"
  1297 by (induct p arbitrary: bs rule: prep.induct, auto)
  1298 
  1299 
  1300 
  1301   (* Generic quantifier elimination *)
  1302 function (sequential) qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm" where
  1303   "qelim (E p) = (\<lambda> qe. DJ (CJNB qe) (qelim p qe))"
  1304 | "qelim (A p) = (\<lambda> qe. not (qe ((qelim (NOT p) qe))))"
  1305 | "qelim (NOT p) = (\<lambda> qe. not (qelim p qe))"
  1306 | "qelim (And p q) = (\<lambda> qe. conj (qelim p qe) (qelim q qe))" 
  1307 | "qelim (Or  p q) = (\<lambda> qe. disj (qelim p qe) (qelim q qe))" 
  1308 | "qelim (Imp p q) = (\<lambda> qe. imp (qelim p qe) (qelim q qe))"
  1309 | "qelim (Iff p q) = (\<lambda> qe. iff (qelim p qe) (qelim q qe))"
  1310 | "qelim p = (\<lambda> y. simpfm p)"
  1311 by pat_completeness simp_all
  1312 termination by (relation "measure fmsize") auto
  1313 
  1314 lemma qelim:
  1315   assumes qe_inv: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
  1316   shows "\<And> bs. qfree (qelim p qe) \<and> (Ifm vs bs (qelim p qe) = Ifm vs bs p)"
  1317 using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]]
  1318 by (induct p rule: qelim.induct) auto
  1319 
  1320 subsection{* Core Procedure *}
  1321 
  1322 fun minusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of -\<infinity>*) where
  1323   "minusinf (And p q) = conj (minusinf p) (minusinf q)" 
  1324 | "minusinf (Or p q) = disj (minusinf p) (minusinf q)" 
  1325 | "minusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
  1326 | "minusinf (NEq (CNP 0 c e)) = disj (not (eq e)) (not (eq (CP c)))"
  1327 | "minusinf (Lt  (CNP 0 c e)) = disj (conj (eq (CP c)) (lt e)) (lt (CP (~\<^sub>p c)))"
  1328 | "minusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP (~\<^sub>p c)))"
  1329 | "minusinf p = p"
  1330 
  1331 fun plusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of +\<infinity>*) where
  1332   "plusinf (And p q) = conj (plusinf p) (plusinf q)" 
  1333 | "plusinf (Or p q) = disj (plusinf p) (plusinf q)" 
  1334 | "plusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
  1335 | "plusinf (NEq (CNP 0 c e)) = disj (not (eq e)) (not (eq (CP c)))"
  1336 | "plusinf (Lt  (CNP 0 c e)) = disj (conj (eq (CP c)) (lt e)) (lt (CP c))"
  1337 | "plusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP c))"
  1338 | "plusinf p = p"
  1339 
  1340 lemma minusinf_inf: assumes lp:"islin p"
  1341   shows "\<exists>z. \<forall>x < z. Ifm vs (x#bs) (minusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
  1342   using lp
  1343 proof (induct p rule: minusinf.induct)
  1344   case 1 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
  1345 next
  1346   case 2 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
  1347 next
  1348   case (3 c e) hence nbe: "tmbound0 e" by simp
  1349   from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1350   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1351   let ?c = "Ipoly vs c"
  1352   let ?e = "Itm vs (y#bs) e"
  1353   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1354   moreover {assume "?c = 0" hence ?case 
  1355       using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
  1356   moreover {assume cp: "?c > 0"
  1357     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1358         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1359       hence "?c * x + ?e < 0" by simp
  1360       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1361         using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
  1362   moreover {assume cp: "?c < 0"
  1363     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1364         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1365       hence "?c * x + ?e > 0" by simp
  1366       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1367         using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
  1368   ultimately show ?case by blast
  1369 next
  1370   case (4 c e)  hence nbe: "tmbound0 e" by simp
  1371   from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1372   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1373   let ?c = "Ipoly vs c"
  1374   let ?e = "Itm vs (y#bs) e"
  1375   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1376   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1377   moreover {assume cp: "?c > 0"
  1378     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1379         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1380       hence "?c * x + ?e < 0" by simp
  1381       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1382         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1383   moreover {assume cp: "?c < 0"
  1384     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1385         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1386       hence "?c * x + ?e > 0" by simp
  1387       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1388         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1389   ultimately show ?case by blast
  1390 next
  1391   case (5 c e)  hence nbe: "tmbound0 e" by simp
  1392   from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1393   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1394   note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1395   let ?c = "Ipoly vs c"
  1396   let ?e = "Itm vs (y#bs) e"
  1397   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1398   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1399   moreover {assume cp: "?c > 0"
  1400     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1401         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1402       hence "?c * x + ?e < 0" by simp
  1403       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1404         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1405   moreover {assume cp: "?c < 0"
  1406     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1407         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1408       hence "?c * x + ?e > 0" by simp
  1409       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1410         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
  1411   ultimately show ?case by blast
  1412 next
  1413   case (6 c e)  hence nbe: "tmbound0 e" by simp
  1414   from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1415   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1416   note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
  1417   let ?c = "Ipoly vs c"
  1418   let ?e = "Itm vs (y#bs) e"
  1419   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1420   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1421   moreover {assume cp: "?c > 0"
  1422     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1423         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1424       hence "?c * x + ?e < 0" by simp
  1425       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1426         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1427   moreover {assume cp: "?c < 0"
  1428     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1429         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1430       hence "?c * x + ?e > 0" by simp
  1431       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1432         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1433   ultimately show ?case by blast
  1434 qed (auto)
  1435 
  1436 lemma plusinf_inf: assumes lp:"islin p"
  1437   shows "\<exists>z. \<forall>x > z. Ifm vs (x#bs) (plusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
  1438   using lp
  1439 proof (induct p rule: plusinf.induct)
  1440   case 1 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
  1441 next
  1442   case 2 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
  1443 next
  1444   case (3 c e) hence nbe: "tmbound0 e" by simp
  1445   from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1446   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1447   let ?c = "Ipoly vs c"
  1448   let ?e = "Itm vs (y#bs) e"
  1449   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1450   moreover {assume "?c = 0" hence ?case 
  1451       using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
  1452   moreover {assume cp: "?c > 0"
  1453     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e" 
  1454         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1455       hence "?c * x + ?e > 0" by simp
  1456       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1457         using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
  1458   moreover {assume cp: "?c < 0"
  1459     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1460         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1461       hence "?c * x + ?e < 0" by simp
  1462       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1463         using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
  1464   ultimately show ?case by blast
  1465 next
  1466   case (4 c e) hence nbe: "tmbound0 e" by simp
  1467   from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1468   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1469   let ?c = "Ipoly vs c"
  1470   let ?e = "Itm vs (y#bs) e"
  1471   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1472   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1473   moreover {assume cp: "?c > 0"
  1474     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1475         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1476       hence "?c * x + ?e > 0" by simp
  1477       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1478         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1479   moreover {assume cp: "?c < 0"
  1480     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1481         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1482       hence "?c * x + ?e < 0" by simp
  1483       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1484         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1485   ultimately show ?case by blast
  1486 next
  1487   case (5 c e) hence nbe: "tmbound0 e" by simp
  1488   from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1489   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1490   note eqs = lt[OF nc(1), where ?'a = 'a] lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1491   let ?c = "Ipoly vs c"
  1492   let ?e = "Itm vs (y#bs) e"
  1493   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1494   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1495   moreover {assume cp: "?c > 0"
  1496     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1497         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1498       hence "?c * x + ?e > 0" by simp
  1499       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1500         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1501   moreover {assume cp: "?c < 0"
  1502     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1503         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1504       hence "?c * x + ?e < 0" by simp
  1505       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1506         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
  1507   ultimately show ?case by blast
  1508 next
  1509   case (6 c e)  hence nbe: "tmbound0 e" by simp
  1510   from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1511   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1512   note eqs = lt[OF nc(1), where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
  1513   let ?c = "Ipoly vs c"
  1514   let ?e = "Itm vs (y#bs) e"
  1515   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1516   moreover {assume "?c = 0" hence ?case using eqs by auto}
  1517   moreover {assume cp: "?c > 0"
  1518     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1519         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1520       hence "?c * x + ?e > 0" by simp
  1521       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1522         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1523   moreover {assume cp: "?c < 0"
  1524     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1525         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1526       hence "?c * x + ?e < 0" by simp
  1527       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1528         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1529   ultimately show ?case by blast
  1530 qed (auto)
  1531 
  1532 lemma minusinf_nb: "islin p \<Longrightarrow> bound0 (minusinf p)" 
  1533   by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
  1534 lemma plusinf_nb: "islin p \<Longrightarrow> bound0 (plusinf p)" 
  1535   by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
  1536 
  1537 lemma minusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (minusinf p)"
  1538   shows "\<exists>x. Ifm vs (x#bs) p"
  1539 proof-
  1540   from bound0_I [OF minusinf_nb[OF lp], where b="a" and bs ="bs"] ex
  1541   have th: "\<forall> x. Ifm vs (x#bs) (minusinf p)" by auto
  1542   from minusinf_inf[OF lp, where bs="bs"] 
  1543   obtain z where z_def: "\<forall>x<z. Ifm vs (x # bs) (minusinf p) = Ifm vs (x # bs) p" by blast
  1544   from th have "Ifm vs ((z - 1)#bs) (minusinf p)" by simp
  1545   moreover have "z - 1 < z" by simp
  1546   ultimately show ?thesis using z_def by auto
  1547 qed
  1548 
  1549 lemma plusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (plusinf p)"
  1550   shows "\<exists>x. Ifm vs (x#bs) p"
  1551 proof-
  1552   from bound0_I [OF plusinf_nb[OF lp], where b="a" and bs ="bs"] ex
  1553   have th: "\<forall> x. Ifm vs (x#bs) (plusinf p)" by auto
  1554   from plusinf_inf[OF lp, where bs="bs"] 
  1555   obtain z where z_def: "\<forall>x>z. Ifm vs (x # bs) (plusinf p) = Ifm vs (x # bs) p" by blast
  1556   from th have "Ifm vs ((z + 1)#bs) (plusinf p)" by simp
  1557   moreover have "z + 1 > z" by simp
  1558   ultimately show ?thesis using z_def by auto
  1559 qed
  1560 
  1561 fun uset :: "fm \<Rightarrow> (poly \<times> tm) list" where
  1562   "uset (And p q) = uset p @ uset q"
  1563 | "uset (Or p q) = uset p @ uset q"
  1564 | "uset (Eq (CNP 0 a e))  = [(a,e)]"
  1565 | "uset (Le (CNP 0 a e))  = [(a,e)]"
  1566 | "uset (Lt (CNP 0 a e))  = [(a,e)]"
  1567 | "uset (NEq (CNP 0 a e)) = [(a,e)]"
  1568 | "uset p = []"
  1569 
  1570 lemma uset_l:
  1571   assumes lp: "islin p"
  1572   shows "\<forall> (c,s) \<in> set (uset p). isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  1573 using lp by(induct p rule: uset.induct,auto)
  1574 
  1575 lemma minusinf_uset0:
  1576   assumes lp: "islin p"
  1577   and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))"
  1578   and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1579   shows "\<exists> (c,s) \<in> set (uset p). x \<ge> - Itm vs (x#bs) s / Ipoly vs c" 
  1580 proof-
  1581   have "\<exists> (c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)" 
  1582     using lp nmi ex
  1583     apply (induct p rule: minusinf.induct, auto simp add: eq le lt polyneg_norm)
  1584     apply (auto simp add: linorder_not_less order_le_less)
  1585     done 
  1586   then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)" by blast
  1587   hence "x \<ge> (- Itm vs (x#bs) s) / Ipoly vs c"
  1588     using divide_le_eq[of "- Itm vs (x#bs) s" "Ipoly vs c" x]
  1589     by (auto simp add: mult_commute del: divide_minus_left)
  1590   thus ?thesis using csU by auto
  1591 qed
  1592 
  1593 lemma minusinf_uset:
  1594   assumes lp: "islin p"
  1595   and nmi: "\<not> (Ifm vs (a#bs) (minusinf p))"
  1596   and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1597   shows "\<exists> (c,s) \<in> set (uset p). x \<ge> - Itm vs (a#bs) s / Ipoly vs c" 
  1598 proof-
  1599   from nmi have nmi': "\<not> (Ifm vs (x#bs) (minusinf p))" 
  1600     by (simp add: bound0_I[OF minusinf_nb[OF lp], where b=x and b'=a])
  1601   from minusinf_uset0[OF lp nmi' ex] 
  1602   obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<ge> - Itm vs (x#bs) s / Ipoly vs c" by blast
  1603   from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
  1604   from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
  1605 qed
  1606 
  1607 
  1608 lemma plusinf_uset0:
  1609   assumes lp: "islin p"
  1610   and nmi: "\<not> (Ifm vs (x#bs) (plusinf p))"
  1611   and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1612   shows "\<exists> (c,s) \<in> set (uset p). x \<le> - Itm vs (x#bs) s / Ipoly vs c" 
  1613 proof-
  1614   have "\<exists> (c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)" 
  1615     using lp nmi ex
  1616     apply (induct p rule: minusinf.induct, auto simp add: eq le lt polyneg_norm)
  1617     apply (auto simp add: linorder_not_less order_le_less)
  1618     done 
  1619   then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)" by blast
  1620   hence "x \<le> (- Itm vs (x#bs) s) / Ipoly vs c"
  1621     using le_divide_eq[of x "- Itm vs (x#bs) s" "Ipoly vs c"]
  1622     by (auto simp add: mult_commute del: divide_minus_left)
  1623   thus ?thesis using csU by auto
  1624 qed
  1625 
  1626 lemma plusinf_uset:
  1627   assumes lp: "islin p"
  1628   and nmi: "\<not> (Ifm vs (a#bs) (plusinf p))"
  1629   and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1630   shows "\<exists> (c,s) \<in> set (uset p). x \<le> - Itm vs (a#bs) s / Ipoly vs c" 
  1631 proof-
  1632   from nmi have nmi': "\<not> (Ifm vs (x#bs) (plusinf p))" 
  1633     by (simp add: bound0_I[OF plusinf_nb[OF lp], where b=x and b'=a])
  1634   from plusinf_uset0[OF lp nmi' ex] 
  1635   obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<le> - Itm vs (x#bs) s / Ipoly vs c" by blast
  1636   from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
  1637   from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
  1638 qed
  1639 
  1640 lemma lin_dense: 
  1641   assumes lp: "islin p"
  1642   and noS: "\<forall> t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda> (c,t). - Itm vs (x#bs) t / Ipoly vs c) ` set (uset p)" 
  1643   (is "\<forall> t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda> (c,t). - ?Nt x t / ?N c) ` ?U p")
  1644   and lx: "l < x" and xu:"x < u" and px:" Ifm vs (x#bs) p"
  1645   and ly: "l < y" and yu: "y < u"
  1646   shows "Ifm vs (y#bs) p"
  1647 using lp px noS
  1648 proof (induct p rule: islin.induct) 
  1649   case (5 c s)
  1650   from "5.prems" 
  1651   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1652     and px: "Ifm vs (x # bs) (Lt (CNP 0 c s))"
  1653     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1654   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1655   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1656   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1657   moreover
  1658   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1659   moreover
  1660   {assume c: "?N c > 0"
  1661       from px pos_less_divide_eq[OF c, where a="x" and b="-?Nt x s"]  
  1662       have px': "x < - ?Nt x s / ?N c" 
  1663         by (auto simp add: not_less field_simps) 
  1664     {assume y: "y < - ?Nt x s / ?N c" 
  1665       hence "y * ?N c < - ?Nt x s"
  1666         by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1667       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1668       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1669     moreover
  1670     {assume y: "y > -?Nt x s / ?N c" 
  1671       with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1672       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1673       with lx px' have "False" by simp  hence ?case by simp }
  1674     ultimately have ?case using ycs by blast
  1675   }
  1676   moreover
  1677   {assume c: "?N c < 0"
  1678       from px neg_divide_less_eq[OF c, where a="x" and b="-?Nt x s"]  
  1679       have px': "x > - ?Nt x s / ?N c" 
  1680         by (auto simp add: not_less field_simps) 
  1681     {assume y: "y > - ?Nt x s / ?N c" 
  1682       hence "y * ?N c < - ?Nt x s"
  1683         by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1684       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1685       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1686     moreover
  1687     {assume y: "y < -?Nt x s / ?N c" 
  1688       with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1689       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1690       with xu px' have "False" by simp  hence ?case by simp }
  1691     ultimately have ?case using ycs by blast
  1692   }
  1693   ultimately show ?case by blast
  1694 next
  1695   case (6 c s)
  1696   from "6.prems" 
  1697   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1698     and px: "Ifm vs (x # bs) (Le (CNP 0 c s))"
  1699     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1700   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1701   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1702   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1703   moreover
  1704   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1705   moreover
  1706   {assume c: "?N c > 0"
  1707       from px pos_le_divide_eq[OF c, where a="x" and b="-?Nt x s"]  
  1708       have px': "x <= - ?Nt x s / ?N c" by (simp add: not_less field_simps) 
  1709     {assume y: "y < - ?Nt x s / ?N c" 
  1710       hence "y * ?N c < - ?Nt x s"
  1711         by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1712       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1713       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1714     moreover
  1715     {assume y: "y > -?Nt x s / ?N c" 
  1716       with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1717       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1718       with lx px' have "False" by simp  hence ?case by simp }
  1719     ultimately have ?case using ycs by blast
  1720   }
  1721   moreover
  1722   {assume c: "?N c < 0"
  1723       from px neg_divide_le_eq[OF c, where a="x" and b="-?Nt x s"]  
  1724       have px': "x >= - ?Nt x s / ?N c" by (simp add: field_simps) 
  1725     {assume y: "y > - ?Nt x s / ?N c" 
  1726       hence "y * ?N c < - ?Nt x s"
  1727         by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1728       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1729       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1730     moreover
  1731     {assume y: "y < -?Nt x s / ?N c" 
  1732       with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1733       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1734       with xu px' have "False" by simp  hence ?case by simp }
  1735     ultimately have ?case using ycs by blast
  1736   }
  1737   ultimately show ?case by blast
  1738 next
  1739     case (3 c s)
  1740   from "3.prems" 
  1741   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1742     and px: "Ifm vs (x # bs) (Eq (CNP 0 c s))"
  1743     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1744   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1745   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1746   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1747   moreover
  1748   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1749   moreover
  1750   {assume c: "?N c > 0" hence cnz: "?N c \<noteq> 0" by simp
  1751     from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
  1752     have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
  1753     {assume y: "y < -?Nt x s / ?N c" 
  1754       with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1755       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1756       with xu px' have "False" by simp  hence ?case by simp }
  1757     moreover
  1758     {assume y: "y > -?Nt x s / ?N c" 
  1759       with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1760       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1761       with lx px' have "False" by simp  hence ?case by simp }
  1762     ultimately have ?case using ycs by blast
  1763   }
  1764   moreover
  1765   {assume c: "?N c < 0" hence cnz: "?N c \<noteq> 0" by simp
  1766     from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
  1767     have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
  1768     {assume y: "y < -?Nt x s / ?N c" 
  1769       with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1770       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1771       with xu px' have "False" by simp  hence ?case by simp }
  1772     moreover
  1773     {assume y: "y > -?Nt x s / ?N c" 
  1774       with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1775       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1776       with lx px' have "False" by simp  hence ?case by simp }
  1777     ultimately have ?case using ycs by blast
  1778   }
  1779   ultimately show ?case by blast
  1780 next
  1781     case (4 c s)
  1782   from "4.prems" 
  1783   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1784     and px: "Ifm vs (x # bs) (NEq (CNP 0 c s))"
  1785     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1786   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1787   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1788   have ccs: "?N c = 0 \<or> ?N c \<noteq> 0" by dlo
  1789   moreover
  1790   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1791   moreover
  1792   {assume c: "?N c \<noteq> 0"
  1793     from yne c eq_divide_eq[of "y" "- ?Nt x s" "?N c"] have ?case
  1794       by (simp add: field_simps tmbound0_I[OF lin(3), of vs x bs y] sum_eq[symmetric]) }
  1795   ultimately show ?case by blast
  1796 qed (auto simp add: tmbound0_I[where vs=vs and bs="bs" and b="y" and b'="x"] bound0_I[where vs=vs and bs="bs" and b="y" and b'="x"])
  1797 
  1798 lemma inf_uset:
  1799   assumes lp: "islin p"
  1800   and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))" (is "\<not> (Ifm vs (x#bs) (?M p))")
  1801   and npi: "\<not> (Ifm vs (x#bs) (plusinf p))" (is "\<not> (Ifm vs (x#bs) (?P p))")
  1802   and ex: "\<exists> x.  Ifm vs (x#bs) p" (is "\<exists> x. ?I x p")
  1803   shows "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). ?I ((- Itm vs (x#bs) t / Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2) p" 
  1804 proof-
  1805   let ?Nt = "\<lambda> x t. Itm vs (x#bs) t"
  1806   let ?N = "Ipoly vs"
  1807   let ?U = "set (uset p)"
  1808   from ex obtain a where pa: "?I a p" by blast
  1809   from bound0_I[OF minusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] nmi
  1810   have nmi': "\<not> (?I a (?M p))" by simp
  1811   from bound0_I[OF plusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] npi
  1812   have npi': "\<not> (?I a (?P p))" by simp
  1813   have "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). ?I ((- ?Nt a t/?N c + - ?Nt a s /?N d) / 2) p"
  1814   proof-
  1815     let ?M = "(\<lambda> (c,t). - ?Nt a t / ?N c) ` ?U"
  1816     have fM: "finite ?M" by auto
  1817     from minusinf_uset[OF lp nmi pa] plusinf_uset[OF lp npi pa] 
  1818     have "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). a \<le> - ?Nt x t / ?N c \<and> a \<ge> - ?Nt x s / ?N d" by blast
  1819     then obtain "c" "t" "d" "s" where 
  1820       ctU: "(c,t) \<in> ?U" and dsU: "(d,s) \<in> ?U" 
  1821       and xs1: "a \<le> - ?Nt x s / ?N d" and tx1: "a \<ge> - ?Nt x t / ?N c" by blast
  1822     from uset_l[OF lp] ctU dsU tmbound0_I[where bs="bs" and b="x" and b'="a"] xs1 tx1 
  1823     have xs: "a \<le> - ?Nt a s / ?N d" and tx: "a \<ge> - ?Nt a t / ?N c" by auto
  1824     from ctU have Mne: "?M \<noteq> {}" by auto
  1825     hence Une: "?U \<noteq> {}" by simp
  1826     let ?l = "Min ?M"
  1827     let ?u = "Max ?M"
  1828     have linM: "?l \<in> ?M" using fM Mne by simp
  1829     have uinM: "?u \<in> ?M" using fM Mne by simp
  1830     have ctM: "- ?Nt a t / ?N c \<in> ?M" using ctU by auto
  1831     have dsM: "- ?Nt a s / ?N d \<in> ?M" using dsU by auto 
  1832     have lM: "\<forall> t\<in> ?M. ?l \<le> t" using Mne fM by auto
  1833     have Mu: "\<forall> t\<in> ?M. t \<le> ?u" using Mne fM by auto
  1834     have "?l \<le> - ?Nt a t / ?N c" using ctM Mne by simp hence lx: "?l \<le> a" using tx by simp
  1835     have "- ?Nt a s / ?N d \<le> ?u" using dsM Mne by simp hence xu: "a \<le> ?u" using xs by simp
  1836     from finite_set_intervals2[where P="\<lambda> x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
  1837     have "(\<exists> s\<in> ?M. ?I s p) \<or> 
  1838       (\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p)" .
  1839     moreover {fix u assume um: "u\<in> ?M" and pu: "?I u p"
  1840       hence "\<exists> (nu,tu) \<in> ?U. u = - ?Nt a tu / ?N nu" by auto
  1841       then obtain "tu" "nu" where tuU: "(nu,tu) \<in> ?U" and tuu:"u= - ?Nt a tu / ?N nu" by blast
  1842       from pu tuu
  1843       have "?I (((- ?Nt a tu / ?N nu) + (- ?Nt a tu / ?N nu)) / 2) p" by simp
  1844       with tuU have ?thesis by blast}
  1845     moreover{
  1846       assume "\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p"
  1847       then obtain t1 and t2 where t1M: "t1 \<in> ?M" and t2M: "t2\<in> ?M" 
  1848         and noM: "\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M" and t1x: "t1 < a" and xt2: "a < t2" and px: "?I a p"
  1849         by blast
  1850       from t1M have "\<exists> (t1n,t1u) \<in> ?U. t1 = - ?Nt a t1u / ?N t1n" by auto
  1851       then obtain "t1u" "t1n" where t1uU: "(t1n,t1u) \<in> ?U" and t1u: "t1 = - ?Nt a t1u / ?N t1n" by blast
  1852       from t2M have "\<exists> (t2n,t2u) \<in> ?U. t2 = - ?Nt a t2u / ?N t2n" by auto
  1853       then obtain "t2u" "t2n" where t2uU: "(t2n,t2u) \<in> ?U" and t2u: "t2 = - ?Nt a t2u / ?N t2n" by blast
  1854       from t1x xt2 have t1t2: "t1 < t2" by simp
  1855       let ?u = "(t1 + t2) / 2"
  1856       from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2" by auto
  1857       from lin_dense[OF lp noM t1x xt2 px t1lu ut2] have "?I ?u p" .
  1858       with t1uU t2uU t1u t2u have ?thesis by blast}
  1859     ultimately show ?thesis by blast
  1860   qed
  1861   then obtain "l" "n" "s"  "m" where lnU: "(n,l) \<in> ?U" and smU:"(m,s) \<in> ?U" 
  1862     and pu: "?I ((- ?Nt a l / ?N n + - ?Nt a s / ?N m) / 2) p" by blast
  1863   from lnU smU uset_l[OF lp] have nbl: "tmbound0 l" and nbs: "tmbound0 s" by auto
  1864   from tmbound0_I[OF nbl, where bs="bs" and b="a" and b'="x"] 
  1865     tmbound0_I[OF nbs, where bs="bs" and b="a" and b'="x"] pu
  1866   have "?I ((- ?Nt x l / ?N n + - ?Nt x s / ?N m) / 2) p" by simp
  1867   with lnU smU
  1868   show ?thesis by auto
  1869 qed
  1870 
  1871     (* The Ferrante - Rackoff Theorem *)
  1872 
  1873 theorem fr_eq: 
  1874   assumes lp: "islin p"
  1875   shows "(\<exists> x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists> (n,t) \<in> set (uset p). \<exists> (m,s) \<in> set (uset p). Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) / 2)#bs) p))"
  1876   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  1877 proof
  1878   assume px: "\<exists> x. ?I x p"
  1879   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  1880   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  1881   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  1882     from inf_uset[OF lp nmi npi] have "?F" using px by blast hence "?D" by blast}
  1883   ultimately show "?D" by blast
  1884 next
  1885   assume "?D" 
  1886   moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
  1887   moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
  1888   moreover {assume f:"?F" hence "?E" by blast}
  1889   ultimately show "?E" by blast
  1890 qed
  1891 
  1892 section{* First implementation : Naive by encoding all case splits locally *}
  1893 definition "msubsteq c t d s a r = 
  1894   evaldjf (split conj) 
  1895   [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  1896    (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  1897    (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  1898    (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]"
  1899 
  1900 lemma msubsteq_nb: assumes lp: "islin (Eq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1901   shows "bound0 (msubsteq c t d s a r)"
  1902 proof-
  1903   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  1904    (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  1905    (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  1906    (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]. bound0 (split conj x)"
  1907     using lp by (simp add: Let_def t s )
  1908   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubsteq_def)
  1909 qed
  1910 
  1911 lemma msubsteq: assumes lp: "islin (Eq (CNP 0 a r))"
  1912   shows "Ifm vs (x#bs) (msubsteq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2)#bs) (Eq (CNP 0 a r))" (is "?lhs = ?rhs")
  1913 proof-
  1914   let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
  1915   let ?N = "\<lambda>p. Ipoly vs p"
  1916   let ?c = "?N c"
  1917   let ?d = "?N d"
  1918   let ?t = "?Nt x t"
  1919   let ?s = "?Nt x s"
  1920   let ?a = "?N a"
  1921   let ?r = "?Nt x r"
  1922   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  1923   note r= tmbound0_I[OF lin(3), of vs _ bs x]
  1924   have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
  1925   moreover
  1926   {assume c: "?c = 0" and d: "?d=0"
  1927     hence ?thesis  by (simp add: r[of 0] msubsteq_def Let_def evaldjf_ex)}
  1928   moreover 
  1929   {assume c: "?c = 0" and d: "?d\<noteq>0"
  1930     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2*?d)" by simp
  1931     have "?rhs = Ifm vs (-?s / (2*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1932     also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r = 0" by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  1933     also have "\<dots> \<longleftrightarrow> 2*?d * (?a * (-?s / (2*?d)) + ?r) = 0"
  1934       using d mult_cancel_left[of "2*?d" "(?a * (-?s / (2*?d)) + ?r)" 0] by simp
  1935     also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * (2*?d / (2*?d)) + 2*?d*?r= 0"
  1936       by (simp add: field_simps distrib_left[of "2*?d"] del: distrib_left)
  1937     
  1938     also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r = 0" using d by simp 
  1939     finally have ?thesis using c d 
  1940       by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubsteq_def Let_def evaldjf_ex)
  1941   }
  1942   moreover
  1943   {assume c: "?c \<noteq> 0" and d: "?d=0"
  1944     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2*?c)" by simp
  1945     have "?rhs = Ifm vs (-?t / (2*?c) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1946     also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r = 0" by (simp add: r[of "- (?t/ (2 * ?c))"])
  1947     also have "\<dots> \<longleftrightarrow> 2*?c * (?a * (-?t / (2*?c)) + ?r) = 0" 
  1948       using c mult_cancel_left[of "2*?c" "(?a * (-?t / (2*?c)) + ?r)" 0] by simp
  1949     also have "\<dots> \<longleftrightarrow> (?a * -?t)* (2*?c) / (2*?c) + 2*?c*?r= 0"
  1950       by (simp add: field_simps distrib_left[of "2*?c"] del: distrib_left)
  1951     also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2*?c*?r = 0" using c by simp 
  1952     finally have ?thesis using c d 
  1953       by (simp add: r[of "- (?t/ (2*?c))"] msubsteq_def Let_def evaldjf_ex)
  1954   }
  1955   moreover
  1956   {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *2 \<noteq> 0" by simp
  1957     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1958     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  1959       by (simp add: field_simps)
  1960     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1961     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r = 0" 
  1962       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  1963     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) =0 "
  1964       using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  1965     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r =0" 
  1966       using nonzero_mult_divide_cancel_left [OF dc] c d
  1967       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1968     finally  have ?thesis using c d 
  1969       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubsteq_def Let_def evaldjf_ex field_simps)
  1970   }
  1971   ultimately show ?thesis by blast
  1972 qed
  1973 
  1974 
  1975 definition "msubstneq c t d s a r = 
  1976   evaldjf (split conj) 
  1977   [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  1978    (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  1979    (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  1980    (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]"
  1981 
  1982 lemma msubstneq_nb: assumes lp: "islin (NEq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1983   shows "bound0 (msubstneq c t d s a r)"
  1984 proof-
  1985   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))), 
  1986     (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  1987     (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  1988     (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]. bound0 (split conj x)"
  1989     using lp by (simp add: Let_def t s )
  1990   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstneq_def)
  1991 qed
  1992 
  1993 lemma msubstneq: assumes lp: "islin (Eq (CNP 0 a r))"
  1994   shows "Ifm vs (x#bs) (msubstneq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (NEq (CNP 0 a r))" (is "?lhs = ?rhs")
  1995 proof-
  1996   let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
  1997   let ?N = "\<lambda>p. Ipoly vs p"
  1998   let ?c = "?N c"
  1999   let ?d = "?N d"
  2000   let ?t = "?Nt x t"
  2001   let ?s = "?Nt x s"
  2002   let ?a = "?N a"
  2003   let ?r = "?Nt x r"
  2004   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  2005   note r= tmbound0_I[OF lin(3), of vs _ bs x]
  2006   have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
  2007   moreover
  2008   {assume c: "?c = 0" and d: "?d=0"
  2009     hence ?thesis  by (simp add: r[of 0] msubstneq_def Let_def evaldjf_ex)}
  2010   moreover 
  2011   {assume c: "?c = 0" and d: "?d\<noteq>0"
  2012     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2*?d)" by simp
  2013     have "?rhs = Ifm vs (-?s / (2*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  2014     also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r \<noteq> 0" by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  2015     also have "\<dots> \<longleftrightarrow> 2*?d * (?a * (-?s / (2*?d)) + ?r) \<noteq> 0" 
  2016       using d mult_cancel_left[of "2*?d" "(?a * (-?s / (2*?d)) + ?r)" 0] by simp
  2017     also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * (2*?d / (2*?d)) + 2*?d*?r\<noteq> 0"
  2018       by (simp add: field_simps distrib_left[of "2*?d"] del: distrib_left)
  2019     
  2020     also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r \<noteq> 0" using d by simp 
  2021     finally have ?thesis using c d 
  2022       by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubstneq_def Let_def evaldjf_ex)
  2023   }
  2024   moreover
  2025   {assume c: "?c \<noteq> 0" and d: "?d=0"
  2026     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2*?c)" by simp
  2027     have "?rhs = Ifm vs (-?t / (2*?c) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  2028     also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r \<noteq> 0" by (simp add: r[of "- (?t/ (2 * ?c))"])
  2029     also have "\<dots> \<longleftrightarrow> 2*?c * (?a * (-?t / (2*?c)) + ?r) \<noteq> 0" 
  2030       using c mult_cancel_left[of "2*?c" "(?a * (-?t / (2*?c)) + ?r)" 0] by simp
  2031     also have "\<dots> \<longleftrightarrow> (?a * -?t)* (2*?c) / (2*?c) + 2*?c*?r \<noteq> 0"
  2032       by (simp add: field_simps distrib_left[of "2*?c"] del: distrib_left)
  2033     also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2*?c*?r \<noteq> 0" using c by simp 
  2034     finally have ?thesis using c d 
  2035       by (simp add: r[of "- (?t/ (2*?c))"] msubstneq_def Let_def evaldjf_ex)
  2036   }
  2037   moreover
  2038   {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *2 \<noteq> 0" by simp
  2039     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  2040     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  2041       by (simp add: field_simps)
  2042     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  2043     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r \<noteq> 0" 
  2044       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  2045     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) \<noteq> 0 "
  2046       using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  2047     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r \<noteq> 0" 
  2048       using nonzero_mult_divide_cancel_left[OF dc] c d
  2049       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  2050     finally  have ?thesis using c d 
  2051       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstneq_def Let_def evaldjf_ex field_simps)
  2052   }
  2053   ultimately show ?thesis by blast
  2054 qed
  2055 
  2056 definition "msubstlt c t d s a r = 
  2057   evaldjf (split conj) 
  2058   [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2059   (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2060    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2061    (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2062    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2063    (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2064    (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]"
  2065 
  2066 lemma msubstlt_nb: assumes lp: "islin (Lt (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  2067   shows "bound0 (msubstlt c t d s a r)"
  2068 proof-
  2069   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2070   (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2071    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2072    (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2073    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2074    (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2075    (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]. bound0 (split conj x)"
  2076     using lp by (simp add: Let_def t s lt_nb )
  2077   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstlt_def)
  2078 qed
  2079 
  2080 
  2081 lemma msubstlt: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Lt (CNP 0 a r))" 
  2082   shows "Ifm vs (x#bs) (msubstlt c t d s a r) \<longleftrightarrow> 
  2083   Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Lt (CNP 0 a r))" (is "?lhs = ?rhs")
  2084 proof-
  2085   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  2086   let ?N = "\<lambda>p. Ipoly vs p"
  2087   let ?c = "?N c"
  2088   let ?d = "?N d"
  2089   let ?t = "?Nt x t"
  2090   let ?s = "?Nt x s"
  2091   let ?a = "?N a"
  2092   let ?r = "?Nt x r"
  2093   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  2094   note r= tmbound0_I[OF lin(3), of vs _ bs x]
  2095   have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
  2096   moreover
  2097   {assume c: "?c=0" and d: "?d=0"
  2098     hence ?thesis  using nc nd by (simp add: polyneg_norm lt r[of 0] msubstlt_def Let_def evaldjf_ex)}
  2099   moreover
  2100   {assume dc: "?c*?d > 0" 
  2101     from dc have dc': "2*?c *?d > 0" by simp
  2102     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  2103     from dc' have dc'': "\<not> 2*?c *?d < 0" by simp
  2104     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  2105     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  2106       by (simp add: field_simps)
  2107     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2108     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r < 0" 
  2109       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  2110     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) < 0"
  2111       
  2112       using dc' dc'' mult_less_cancel_left_disj[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  2113     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r < 0" 
  2114       using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  2115       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  2116     finally  have ?thesis using dc c d  nc nd dc'
  2117       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm) 
  2118   }
  2119   moreover
  2120   {assume dc: "?c*?d < 0" 
  2121 
  2122     from dc have dc': "2*?c *?d < 0"
  2123       by (simp add: mult_less_0_iff field_simps) 
  2124     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  2125     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  2126     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  2127       by (simp add: field_simps)
  2128     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2129     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r < 0" 
  2130       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  2131 
  2132     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) > 0"
  2133       
  2134       using dc' order_less_not_sym[OF dc'] mult_less_cancel_left_disj[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"] by simp
  2135     also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2*?c*?d*?r < 0" 
  2136       using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  2137       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  2138     finally  have ?thesis using dc c d  nc nd
  2139       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm) 
  2140   }
  2141   moreover
  2142   {assume c: "?c > 0" and d: "?d=0"  
  2143     from c have c'': "2*?c > 0" by (simp add: zero_less_mult_iff)
  2144     from c have c': "2*?c \<noteq> 0" by simp
  2145     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  2146     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2147     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r < 0" by (simp add: r[of "- (?t / (2*?c))"])
  2148     also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) < 0"
  2149       using c mult_less_cancel_left_disj[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
  2150     also have "\<dots> \<longleftrightarrow> - ?a*?t+  2*?c *?r < 0" 
  2151       using nonzero_mult_divide_cancel_left[OF c'] c
  2152       by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  2153     finally have ?thesis using c d nc nd 
  2154       by(simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2155   }
  2156   moreover
  2157   {assume c: "?c < 0" and d: "?d=0"  hence c': "2*?c \<noteq> 0" by simp
  2158     from c have c'': "2*?c < 0" by (simp add: mult_less_0_iff)
  2159     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  2160     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2161     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r < 0" by (simp add: r[of "- (?t / (2*?c))"])
  2162     also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) > 0"
  2163       using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_less_cancel_left_disj[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"] by simp
  2164     also have "\<dots> \<longleftrightarrow> ?a*?t -  2*?c *?r < 0" 
  2165       using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  2166         by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  2167     finally have ?thesis using c d nc nd 
  2168       by(simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2169   }
  2170   moreover
  2171   moreover
  2172   {assume c: "?c = 0" and d: "?d>0"  
  2173     from d have d'': "2*?d > 0" by (simp add: zero_less_mult_iff)
  2174     from d have d': "2*?d \<noteq> 0" by simp
  2175     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  2176     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2177     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r < 0" by (simp add: r[of "- (?s / (2*?d))"])
  2178     also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) < 0"
  2179       using d mult_less_cancel_left_disj[of "2 * ?d" "?a* (- ?s / (2*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
  2180     also have "\<dots> \<longleftrightarrow> - ?a*?s+  2*?d *?r < 0" 
  2181       using nonzero_mult_divide_cancel_left[OF d'] d
  2182       by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  2183     finally have ?thesis using c d nc nd 
  2184       by(simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2185   }
  2186   moreover
  2187   {assume c: "?c = 0" and d: "?d<0"  hence d': "2*?d \<noteq> 0" by simp
  2188     from d have d'': "2*?d < 0" by (simp add: mult_less_0_iff)
  2189     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  2190     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  2191     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r < 0" by (simp add: r[of "- (?s / (2*?d))"])
  2192     also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) > 0"
  2193       using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_less_cancel_left_disj[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"] by simp
  2194     also have "\<dots> \<longleftrightarrow> ?a*?s -  2*?d *?r < 0" 
  2195       using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  2196         by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  2197     finally have ?thesis using c d nc nd 
  2198       by(simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2199   }
  2200 ultimately show ?thesis by blast
  2201 qed
  2202 
  2203 definition "msubstle c t d s a r = 
  2204   evaldjf (split conj) 
  2205   [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2206   (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2207    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2208    (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2209    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2210    (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2211    (conj (Eq (CP c)) (Eq (CP d)) , Le r)]"
  2212 
  2213 lemma msubstle_nb: assumes lp: "islin (Le (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  2214   shows "bound0 (msubstle c t d s a r)"
  2215 proof-
  2216   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2217   (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
  2218    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2219    (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
  2220    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2221    (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
  2222    (conj (Eq (CP c)) (Eq (CP d)) , Le r)]. bound0 (split conj x)"
  2223     using lp by (simp add: Let_def t s lt_nb )
  2224   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstle_def)
  2225 qed
  2226 
  2227 lemma msubstle: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Le (CNP 0 a r))" 
  2228   shows "Ifm vs (x#bs) (msubstle c t d s a r) \<longleftrightarrow> 
  2229   Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Le (CNP 0 a r))" (is "?lhs = ?rhs")
  2230 proof-
  2231   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  2232   let ?N = "\<lambda>p. Ipoly vs p"
  2233   let ?c = "?N c"
  2234   let ?d = "?N d"
  2235   let ?t = "?Nt x t"
  2236   let ?s = "?Nt x s"
  2237   let ?a = "?N a"
  2238   let ?r = "?Nt x r"
  2239   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  2240   note r= tmbound0_I[OF lin(3), of vs _ bs x]
  2241   have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
  2242   moreover
  2243   {assume c: "?c=0" and d: "?d=0"
  2244     hence ?thesis  using nc nd by (simp add: polyneg_norm polymul_norm lt r[of 0] msubstle_def Let_def evaldjf_ex)}
  2245   moreover
  2246   {assume dc: "?c*?d > 0" 
  2247     from dc have dc': "2*?c *?d > 0" by simp
  2248     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  2249     from dc' have dc'': "\<not> 2*?c *?d < 0" by simp
  2250     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  2251     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  2252       by (simp add: field_simps)
  2253     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2254     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r <= 0" 
  2255       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  2256     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) <= 0"
  2257       
  2258       using dc' dc'' mult_le_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  2259     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r <= 0" 
  2260       using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  2261       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  2262     finally  have ?thesis using dc c d  nc nd dc'
  2263       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm) 
  2264   }
  2265   moreover
  2266   {assume dc: "?c*?d < 0" 
  2267 
  2268     from dc have dc': "2*?c *?d < 0"
  2269       by (simp add: mult_less_0_iff field_simps add_neg_neg add_pos_pos)
  2270     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  2271     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  2272     have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)" 
  2273       by (simp add: field_simps)
  2274     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2275     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r <= 0" 
  2276       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"])
  2277 
  2278     also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) >= 0"
  2279       
  2280       using dc' order_less_not_sym[OF dc'] mult_le_cancel_left[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"] by simp
  2281     also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2*?c*?d*?r <= 0" 
  2282       using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  2283       by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  2284     finally  have ?thesis using dc c d  nc nd
  2285       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm) 
  2286   }
  2287   moreover
  2288   {assume c: "?c > 0" and d: "?d=0"  
  2289     from c have c'': "2*?c > 0" by (simp add: zero_less_mult_iff)
  2290     from c have c': "2*?c \<noteq> 0" by simp
  2291     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  2292     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2293     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r <= 0" by (simp add: r[of "- (?t / (2*?c))"])
  2294     also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) <= 0"
  2295       using c mult_le_cancel_left[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
  2296     also have "\<dots> \<longleftrightarrow> - ?a*?t+  2*?c *?r <= 0" 
  2297       using nonzero_mult_divide_cancel_left[OF c'] c
  2298       by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  2299     finally have ?thesis using c d nc nd 
  2300       by(simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2301   }
  2302   moreover
  2303   {assume c: "?c < 0" and d: "?d=0"  hence c': "2*?c \<noteq> 0" by simp
  2304     from c have c'': "2*?c < 0" by (simp add: mult_less_0_iff)
  2305     from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  2306     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2307     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r <= 0" by (simp add: r[of "- (?t / (2*?c))"])
  2308     also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) >= 0"
  2309       using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_le_cancel_left[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"] by simp
  2310     also have "\<dots> \<longleftrightarrow> ?a*?t -  2*?c *?r <= 0" 
  2311       using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  2312         by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  2313     finally have ?thesis using c d nc nd 
  2314       by(simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2315   }
  2316   moreover
  2317   moreover
  2318   {assume c: "?c = 0" and d: "?d>0"  
  2319     from d have d'': "2*?d > 0" by (simp add: zero_less_mult_iff)
  2320     from d have d': "2*?d \<noteq> 0" by simp
  2321     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  2322     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2323     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r <= 0" by (simp add: r[of "- (?s / (2*?d))"])
  2324     also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) <= 0"
  2325       using d mult_le_cancel_left[of "2 * ?d" "?a* (- ?s / (2*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
  2326     also have "\<dots> \<longleftrightarrow> - ?a*?s+  2*?d *?r <= 0" 
  2327       using nonzero_mult_divide_cancel_left[OF d'] d
  2328       by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  2329     finally have ?thesis using c d nc nd 
  2330       by(simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2331   }
  2332   moreover
  2333   {assume c: "?c = 0" and d: "?d<0"  hence d': "2*?d \<noteq> 0" by simp
  2334     from d have d'': "2*?d < 0" by (simp add: mult_less_0_iff)
  2335     from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  2336     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  2337     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r <= 0" by (simp add: r[of "- (?s / (2*?d))"])
  2338     also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) >= 0"
  2339       using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_le_cancel_left[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"] by simp
  2340     also have "\<dots> \<longleftrightarrow> ?a*?s -  2*?d *?r <= 0" 
  2341       using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  2342         by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  2343     finally have ?thesis using c d nc nd 
  2344       by(simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  2345   }
  2346 ultimately show ?thesis by blast
  2347 qed
  2348 
  2349 
  2350 fun msubst :: "fm \<Rightarrow> (poly \<times> tm) \<times> (poly \<times> tm) \<Rightarrow> fm" where
  2351   "msubst (And p q) ((c,t), (d,s)) = conj (msubst p ((c,t),(d,s))) (msubst q ((c,t),(d,s)))"
  2352 | "msubst (Or p q) ((c,t), (d,s)) = disj (msubst p ((c,t),(d,s))) (msubst q ((c,t), (d,s)))"
  2353 | "msubst (Eq (CNP 0 a r)) ((c,t),(d,s)) = msubsteq c t d s a r"
  2354 | "msubst (NEq (CNP 0 a r)) ((c,t),(d,s)) = msubstneq c t d s a r"
  2355 | "msubst (Lt (CNP 0 a r)) ((c,t),(d,s)) = msubstlt c t d s a r"
  2356 | "msubst (Le (CNP 0 a r)) ((c,t),(d,s)) = msubstle c t d s a r"
  2357 | "msubst p ((c,t),(d,s)) = p"
  2358 
  2359 lemma msubst_I: assumes lp: "islin p" and nc: "isnpoly c" and nd: "isnpoly d"
  2360   shows "Ifm vs (x#bs) (msubst p ((c,t),(d,s))) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) p"
  2361   using lp
  2362 by (induct p rule: islin.induct, auto simp add: tmbound0_I[where b="(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) + - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) / 2" and b'=x and bs = bs and vs=vs] bound0_I[where b="(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) + - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) / 2" and b'=x and bs = bs and vs=vs] msubsteq msubstneq msubstlt[OF nc nd] msubstle[OF nc nd])
  2363 
  2364 lemma msubst_nb: assumes lp: "islin p" and t: "tmbound0 t" and s: "tmbound0 s"
  2365   shows "bound0 (msubst p ((c,t),(d,s)))"
  2366   using lp t s
  2367   by (induct p rule: islin.induct, auto simp add: msubsteq_nb msubstneq_nb msubstlt_nb msubstle_nb)
  2368 
  2369 lemma fr_eq_msubst: 
  2370   assumes lp: "islin p"
  2371   shows "(\<exists> x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst p ((c,t),(d,s)))))"
  2372   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  2373 proof-
  2374 from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
  2375 {fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)" 
  2376   and pts: "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  2377   from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
  2378   from msubst_I[OF lp norm, of vs x bs t s] pts
  2379   have "Ifm vs (x # bs) (msubst p ((c, t), d, s))" ..}
  2380 moreover
  2381 {fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)" 
  2382   and pts: "Ifm vs (x # bs) (msubst p ((c, t), d, s))"
  2383   from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
  2384   from msubst_I[OF lp norm, of vs x bs t s] pts
  2385   have "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p" ..}
  2386 ultimately have th': "(\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p) \<longleftrightarrow> ?F" by blast
  2387 from fr_eq[OF lp, of vs bs x, simplified th'] show ?thesis .
  2388 qed 
  2389 
  2390 lemma simpfm_lin:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  2391   shows "qfree p \<Longrightarrow> islin (simpfm p)"
  2392   by (induct p rule: simpfm.induct, auto simp add: conj_lin disj_lin)
  2393 
  2394 definition 
  2395   "ferrack p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
  2396   in if (mp = T \<or> pp = T) then T 
  2397      else (let U = alluopairs (remdups (uset  q))
  2398            in decr0 (disj mp (disj pp (evaldjf (simpfm o (msubst q)) U ))))"
  2399 
  2400 lemma ferrack: 
  2401   assumes qf: "qfree p"
  2402   shows "qfree (ferrack p) \<and> ((Ifm vs bs (ferrack p)) = (Ifm vs bs (E p)))"
  2403   (is "_ \<and> (?rhs = ?lhs)")
  2404 proof-
  2405   let ?I = "\<lambda> x p. Ifm vs (x#bs) p"
  2406   let ?N = "\<lambda> t. Ipoly vs t"
  2407   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  2408   let ?q = "simpfm p" 
  2409   let ?U = "remdups(uset ?q)"
  2410   let ?Up = "alluopairs ?U"
  2411   let ?mp = "minusinf ?q"
  2412   let ?pp = "plusinf ?q"
  2413   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  2414   from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
  2415   from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
  2416   from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
  2417   from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  2418     by simp
  2419   {fix c t d s assume ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U"
  2420     from U_l ctU dsU have norm: "isnpoly c" "isnpoly d" by auto
  2421     from msubst_I[OF lq norm, of vs x bs t s] msubst_I[OF lq norm(2,1), of vs x bs s t]
  2422     have "?I (msubst ?q ((c,t),(d,s))) = ?I (msubst ?q ((d,s),(c,t)))" by (simp add: field_simps)}
  2423   hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (msubst ?q (x, y)) \<longleftrightarrow> ?I (msubst ?q (y, x))" by clarsimp
  2424   {fix x assume xUp: "x \<in> set ?Up" 
  2425     then  obtain c t d s where ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U" 
  2426       and x: "x = ((c,t),(d,s))" using alluopairs_set1[of ?U] by auto  
  2427     from U_l[rule_format, OF ctU] U_l[rule_format, OF dsU] 
  2428     have nbs: "tmbound0 t" "tmbound0 s" by simp_all
  2429     from simpfm_bound0[OF msubst_nb[OF lq nbs, of c d]] 
  2430     have "bound0 ((simpfm o (msubst (simpfm p))) x)" using x by simp}
  2431   with evaldjf_bound0[of ?Up "(simpfm o (msubst (simpfm p)))"]
  2432   have "bound0 (evaldjf (simpfm o (msubst (simpfm p))) ?Up)" by blast
  2433   with mp_nb pp_nb 
  2434   have th1: "bound0 (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up )))" by (simp add: disj_nb)
  2435   from decr0_qf[OF th1] have thqf: "qfree (ferrack p)" by (simp add: ferrack_def Let_def)
  2436   have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
  2437   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists>(c, t)\<in>set ?U. \<exists>(d, s)\<in>set ?U. ?I (msubst (simpfm p) ((c, t), d, s)))" using fr_eq_msubst[OF lq, of vs bs x] by simp
  2438   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists> (x,y) \<in> set ?Up. ?I ((simpfm o (msubst ?q)) (x,y)))" using alluopairs_bex[OF th0] by simp
  2439   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (evaldjf (simpfm o (msubst ?q)) ?Up)" 
  2440     by (simp add: evaldjf_ex)
  2441   also have "\<dots> \<longleftrightarrow> ?I (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up)))" by simp
  2442   also have "\<dots> \<longleftrightarrow> ?rhs" using decr0[OF th1, of vs x bs]
  2443     apply (simp add: ferrack_def Let_def)
  2444     by (cases "?mp = T \<or> ?pp = T", auto)
  2445   finally show ?thesis using thqf by blast
  2446 qed
  2447 
  2448 definition "frpar p = simpfm (qelim p ferrack)"
  2449 lemma frpar: "qfree (frpar p) \<and> (Ifm vs bs (frpar p) \<longleftrightarrow> Ifm vs bs p)"
  2450 proof-
  2451   from ferrack have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack p) \<and> Ifm vs bs (ferrack p) = Ifm vs bs (E p)" by blast
  2452   from qelim[OF th, of p bs] show ?thesis  unfolding frpar_def by auto
  2453 qed
  2454 
  2455 
  2456 section{* Second implemenation: Case splits not local *}
  2457 
  2458 lemma fr_eq2:  assumes lp: "islin p"
  2459   shows "(\<exists> x. Ifm vs (x#bs) p) \<longleftrightarrow> 
  2460    ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> 
  2461     (Ifm vs (0#bs) p) \<or> 
  2462     (\<exists> (n,t) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ifm vs ((- Itm vs (x#bs) t /  (Ipoly vs n * 2))#bs) p) \<or> 
  2463     (\<exists> (n,t) \<in> set (uset p). \<exists> (m,s) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ipoly vs m \<noteq> 0 \<and> Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) /2)#bs) p))"
  2464   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?Z \<or> ?U \<or> ?F)" is "?E = ?D")
  2465 proof
  2466   assume px: "\<exists> x. ?I x p"
  2467   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  2468   moreover {assume "?M \<or> ?P" hence "?D" by blast}
  2469   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  2470     from inf_uset[OF lp nmi npi, OF px] 
  2471     obtain c t d s where ct: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)" "?I ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / ((1\<Colon>'a) + (1\<Colon>'a))) p"
  2472       by auto
  2473     let ?c = "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  2474     let ?d = "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  2475     let ?s = "Itm vs (x # bs) s"
  2476     let ?t = "Itm vs (x # bs) t"
  2477     have eq2: "\<And>(x::'a). x + x = 2 * x"
  2478       by  (simp add: field_simps)
  2479     {assume "?c = 0 \<and> ?d = 0"
  2480       with ct have ?D by simp}
  2481     moreover
  2482     {assume z: "?c = 0" "?d \<noteq> 0"
  2483       from z have ?D using ct by auto}
  2484     moreover
  2485     {assume z: "?c \<noteq> 0" "?d = 0"
  2486       with ct have ?D by auto }
  2487     moreover
  2488     {assume z: "?c \<noteq> 0" "?d \<noteq> 0"
  2489       from z have ?F using ct
  2490         apply - apply (rule bexI[where x = "(c,t)"], simp_all)
  2491         by (rule bexI[where x = "(d,s)"], simp_all)
  2492       hence ?D by blast}
  2493     ultimately have ?D by auto}
  2494   ultimately show "?D" by blast
  2495 next
  2496   assume "?D" 
  2497   moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
  2498   moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
  2499   moreover {assume f:"?F" hence "?E" by blast}
  2500   ultimately show "?E" by blast
  2501 qed
  2502 
  2503 definition "msubsteq2 c t a b = Eq (Add (Mul a t) (Mul c b))"
  2504 definition "msubstltpos c t a b = Lt (Add (Mul a t) (Mul c b))"
  2505 definition "msubstlepos c t a b = Le (Add (Mul a t) (Mul c b))"
  2506 definition "msubstltneg c t a b = Lt (Neg (Add (Mul a t) (Mul c b)))"
  2507 definition "msubstleneg c t a b = Le (Neg (Add (Mul a t) (Mul c b)))"
  2508 
  2509 lemma msubsteq2: 
  2510   assumes nz: "Ipoly vs c \<noteq> 0" and l: "islin (Eq (CNP 0 a b))"
  2511   shows "Ifm vs (x#bs) (msubsteq2 c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Eq (CNP 0 a b))" (is "?lhs = ?rhs")
  2512   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  2513   by (simp add: msubsteq2_def field_simps)
  2514 
  2515 lemma msubstltpos: 
  2516   assumes nz: "Ipoly vs c > 0" and l: "islin (Lt (CNP 0 a b))"
  2517   shows "Ifm vs (x#bs) (msubstltpos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
  2518   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  2519   by (simp add: msubstltpos_def field_simps)
  2520 
  2521 lemma msubstlepos: 
  2522   assumes nz: "Ipoly vs c > 0" and l: "islin (Le (CNP 0 a b))"
  2523   shows "Ifm vs (x#bs) (msubstlepos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
  2524   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  2525   by (simp add: msubstlepos_def field_simps)
  2526 
  2527 lemma msubstltneg: 
  2528   assumes nz: "Ipoly vs c < 0" and l: "islin (Lt (CNP 0 a b))"
  2529   shows "Ifm vs (x#bs) (msubstltneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
  2530   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  2531   by (simp add: msubstltneg_def field_simps del: minus_add_distrib)
  2532 
  2533 lemma msubstleneg: 
  2534   assumes nz: "Ipoly vs c < 0" and l: "islin (Le (CNP 0 a b))"
  2535   shows "Ifm vs (x#bs) (msubstleneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
  2536   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  2537   by (simp add: msubstleneg_def field_simps del: minus_add_distrib)
  2538 
  2539 fun msubstpos :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
  2540   "msubstpos (And p q) c t = And (msubstpos p c t) (msubstpos q c t)"
  2541 | "msubstpos (Or p q) c t = Or (msubstpos p c t) (msubstpos q c t)"
  2542 | "msubstpos (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
  2543 | "msubstpos (NEq (CNP 0 a r)) c t = NOT (msubsteq2 c t a r)"
  2544 | "msubstpos (Lt (CNP 0 a r)) c t = msubstltpos c t a r"
  2545 | "msubstpos (Le (CNP 0 a r)) c t = msubstlepos c t a r"
  2546 | "msubstpos p c t = p"
  2547     
  2548 lemma msubstpos_I: 
  2549   assumes lp: "islin p" and pos: "Ipoly vs c > 0"
  2550   shows "Ifm vs (x#bs) (msubstpos p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  2551   using lp pos
  2552   by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltpos[OF pos] msubstlepos[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  2553 
  2554 fun msubstneg :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
  2555   "msubstneg (And p q) c t = And (msubstneg p c t) (msubstneg q c t)"
  2556 | "msubstneg (Or p q) c t = Or (msubstneg p c t) (msubstneg q c t)"
  2557 | "msubstneg (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
  2558 | "msubstneg (NEq (CNP 0 a r)) c t = NOT (msubsteq2 c t a r)"
  2559 | "msubstneg (Lt (CNP 0 a r)) c t = msubstltneg c t a r"
  2560 | "msubstneg (Le (CNP 0 a r)) c t = msubstleneg c t a r"
  2561 | "msubstneg p c t = p"
  2562 
  2563 lemma msubstneg_I: 
  2564   assumes lp: "islin p" and pos: "Ipoly vs c < 0"
  2565   shows "Ifm vs (x#bs) (msubstneg p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  2566   using lp pos
  2567   by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltneg[OF pos] msubstleneg[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  2568 
  2569 
  2570 definition "msubst2 p c t = disj (conj (lt (CP (polyneg c))) (simpfm (msubstpos p c t))) (conj (lt (CP c)) (simpfm (msubstneg p c t)))"
  2571 
  2572 lemma msubst2: assumes lp: "islin p" and nc: "isnpoly c" and nz: "Ipoly vs c \<noteq> 0"
  2573   shows "Ifm vs (x#bs) (msubst2 p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  2574 proof-
  2575   let ?c = "Ipoly vs c"
  2576   from nc have anc: "allpolys isnpoly (CP c)" "allpolys isnpoly (CP (~\<^sub>p c))" 
  2577     by (simp_all add: polyneg_norm)
  2578   from nz have "?c > 0 \<or> ?c < 0" by arith
  2579   moreover
  2580   {assume c: "?c < 0"
  2581     from c msubstneg_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
  2582     have ?thesis by (auto simp add: msubst2_def)}
  2583   moreover
  2584   {assume c: "?c > 0"
  2585     from c msubstpos_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
  2586     have ?thesis by (auto simp add: msubst2_def)}
  2587   ultimately show ?thesis by blast
  2588 qed
  2589 
  2590 term msubsteq2
  2591 lemma msubsteq2_nb: "tmbound0 t \<Longrightarrow> islin (Eq (CNP 0 a r)) \<Longrightarrow> bound0 (msubsteq2 c t a r)"
  2592   by (simp add: msubsteq2_def)
  2593 
  2594 lemma msubstltpos_nb: "tmbound0 t \<Longrightarrow> islin (Lt (CNP 0 a r)) \<Longrightarrow> bound0 (msubstltpos c t a r)"
  2595   by (simp add: msubstltpos_def)
  2596 lemma msubstltneg_nb: "tmbound0 t \<Longrightarrow> islin (Lt (CNP 0 a r)) \<Longrightarrow> bound0 (msubstltneg c t a r)"
  2597   by (simp add: msubstltneg_def)
  2598 
  2599 lemma msubstlepos_nb: "tmbound0 t \<Longrightarrow> islin (Le (CNP 0 a r)) \<Longrightarrow> bound0 (msubstlepos c t a r)"
  2600   by (simp add: msubstlepos_def)
  2601 lemma msubstleneg_nb: "tmbound0 t \<Longrightarrow> islin (Le (CNP 0 a r)) \<Longrightarrow> bound0 (msubstleneg c t a r)"
  2602   by (simp add: msubstleneg_def)
  2603 
  2604 lemma msubstpos_nb: assumes lp: "islin p" and tnb: "tmbound0 t"
  2605   shows "bound0 (msubstpos p c t)"
  2606 using lp tnb
  2607 by (induct p c t rule: msubstpos.induct, auto simp add: msubsteq2_nb msubstltpos_nb msubstlepos_nb)
  2608 
  2609 lemma msubstneg_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
  2610   shows "bound0 (msubstneg p c t)"
  2611 using lp tnb
  2612 by (induct p c t rule: msubstneg.induct, auto simp add: msubsteq2_nb msubstltneg_nb msubstleneg_nb)
  2613 
  2614 lemma msubst2_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
  2615   shows "bound0 (msubst2 p c t)"
  2616 using lp tnb
  2617 by (simp add: msubst2_def msubstneg_nb msubstpos_nb conj_nb disj_nb lt_nb simpfm_bound0)
  2618 
  2619 lemma mult_minus2_left: "-2 * (x::'a::comm_ring_1) = - (2 * x)"
  2620   by simp
  2621 
  2622 lemma mult_minus2_right: "(x::'a::comm_ring_1) * -2 = - (x * 2)"
  2623   by simp
  2624 
  2625 lemma islin_qf: "islin p \<Longrightarrow> qfree p"
  2626   by (induct p rule: islin.induct, auto simp add: bound0_qf)
  2627 lemma fr_eq_msubst2: 
  2628   assumes lp: "islin p"
  2629   shows "(\<exists> x. Ifm vs (x#bs) p) \<longleftrightarrow> ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> Ifm vs (x#bs) (subst0 (CP 0\<^sub>p) p) \<or> (\<exists>(n, t)\<in>set (uset p). Ifm vs (x# bs) (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<or> (\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))))"
  2630   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?Pz \<or> ?PU \<or> ?F)" is "?E = ?D")
  2631 proof-
  2632   from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
  2633   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  2634   have n2: "isnpoly (C (-2,1))" by (simp add: isnpoly_def)
  2635   note eq0 = subst0[OF islin_qf[OF lp], of vs x bs "CP 0\<^sub>p", simplified]
  2636   
  2637   have eq1: "(\<exists>(n, t)\<in>set (uset p). ?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p)"
  2638   proof-
  2639     {fix n t assume H: "(n, t)\<in>set (uset p)" "?I(msubst2 p (n *\<^sub>p C (-2, 1)) t)"
  2640       from H(1) th have "isnpoly n" by blast
  2641       hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" by (simp_all add: polymul_norm n2)
  2642       have nn': "allpolys isnpoly (CP (~\<^sub>p (n *\<^sub>p C (-2, 1))))"
  2643         by (simp add: polyneg_norm nn)
  2644       hence nn2: "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>n \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" using H(2) nn' nn 
  2645         by (auto simp add: msubst2_def lt zero_less_mult_iff mult_less_0_iff)
  2646       from msubst2[OF lp nn nn2(1), of x bs t]
  2647       have "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p"
  2648         using H(2) nn2 by (simp add: mult_minus2_right)}
  2649     moreover
  2650     {fix n t assume H: "(n, t)\<in>set (uset p)" "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p"
  2651       from H(1) th have "isnpoly n" by blast
  2652       hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  2653         using H(2) by (simp_all add: polymul_norm n2)
  2654       from msubst2[OF lp nn, of x bs t] have "?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)" using H(2,3) by (simp add: mult_minus2_right)}
  2655     ultimately show ?thesis by blast
  2656   qed
  2657   have eq2: "(\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p).
  2658      \<exists>(m, s)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p)" 
  2659   proof-
  2660     {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)" 
  2661      "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))"
  2662       from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
  2663       hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)" 
  2664         by (simp_all add: polymul_norm n2)
  2665       have stupid: "allpolys isnpoly (CP (~\<^sub>p (C (-2, 1) *\<^sub>p c *\<^sub>p d)))" "allpolys isnpoly (CP ((C (-2, 1) *\<^sub>p c *\<^sub>p d)))"
  2666         by (simp_all add: polyneg_norm nn)
  2667       have nn': "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  2668         using H(3) by (auto simp add: msubst2_def lt[OF stupid(1)]  lt[OF stupid(2)] zero_less_mult_iff mult_less_0_iff)
  2669       from msubst2[OF lp nn nn'(1), of x bs ] H(3) nn'
  2670       have "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  2671         apply (simp add: add_divide_distrib mult_minus2_left)
  2672         by (simp add: mult_commute)}
  2673     moreover
  2674     {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)" 
  2675       "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  2676      from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
  2677       hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)" "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  2678         using H(3,4) by (simp_all add: polymul_norm n2)
  2679       from msubst2[OF lp nn, of x bs ] H(3,4,5) 
  2680       have "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))" apply (simp add: add_divide_distrib mult_minus2_left) by (simp add: mult_commute)}
  2681     ultimately show ?thesis by blast
  2682   qed
  2683   from fr_eq2[OF lp, of vs bs x] show ?thesis
  2684     unfolding eq0 eq1 eq2 by blast  
  2685 qed
  2686 
  2687 definition 
  2688 "ferrack2 p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
  2689  in if (mp = T \<or> pp = T) then T 
  2690   else (let U = remdups (uset  q)
  2691     in decr0 (list_disj [mp, pp, simpfm (subst0 (CP 0\<^sub>p) q), evaldjf (\<lambda>(c,t). msubst2 q (c *\<^sub>p C (-2, 1)) t) U, 
  2692    evaldjf (\<lambda>((b,a),(d,c)). msubst2 q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs U)]))"
  2693 
  2694 definition "frpar2 p = simpfm (qelim (prep p) ferrack2)"
  2695 
  2696 lemma ferrack2: assumes qf: "qfree p"
  2697   shows "qfree (ferrack2 p) \<and> ((Ifm vs bs (ferrack2 p)) = (Ifm vs bs (E p)))"
  2698   (is "_ \<and> (?rhs = ?lhs)")
  2699 proof-
  2700   let ?J = "\<lambda> x p. Ifm vs (x#bs) p"
  2701   let ?N = "\<lambda> t. Ipoly vs t"
  2702   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  2703   let ?q = "simpfm p" 
  2704   let ?qz = "subst0 (CP 0\<^sub>p) ?q"
  2705   let ?U = "remdups(uset ?q)"
  2706   let ?Up = "alluopairs ?U"
  2707   let ?mp = "minusinf ?q"
  2708   let ?pp = "plusinf ?q"
  2709   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  2710   from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
  2711   from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
  2712   from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
  2713   from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  2714     by simp
  2715   have bnd0: "\<forall>x \<in> set ?U. bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) x)" 
  2716   proof-
  2717     {fix c t assume ct: "(c,t) \<in> set ?U"
  2718       hence tnb: "tmbound0 t" using U_l by blast
  2719       from msubst2_nb[OF lq tnb]
  2720       have "bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) (c,t))" by simp}
  2721     thus ?thesis by auto
  2722   qed
  2723   have bnd1: "\<forall>x \<in> set ?Up. bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) x)" 
  2724   proof-
  2725     {fix b a d c assume badc: "((b,a),(d,c)) \<in> set ?Up"
  2726       from badc U_l alluopairs_set1[of ?U] 
  2727       have nb: "tmbound0 (Add (Mul d a) (Mul b c))" by auto
  2728       from msubst2_nb[OF lq nb] have "bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) ((b,a),(d,c)))" by simp}
  2729     thus ?thesis by auto
  2730   qed
  2731   have stupid: "bound0 F" by simp
  2732   let ?R = "list_disj [?mp, ?pp, simpfm (subst0 (CP 0\<^sub>p) ?q), evaldjf (\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) ?U, 
  2733    evaldjf (\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs ?U)]"
  2734   from subst0_nb[of "CP 0\<^sub>p" ?q] q_qf evaldjf_bound0[OF bnd1] evaldjf_bound0[OF bnd0] mp_nb pp_nb stupid
  2735   have nb: "bound0 ?R "
  2736     by (simp add: list_disj_def disj_nb0 simpfm_bound0)
  2737   let ?s = "\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))"
  2738 
  2739   {fix b a d c assume baU: "(b,a) \<in> set ?U" and dcU: "(d,c) \<in> set ?U"
  2740     from U_l baU dcU have norm: "isnpoly b" "isnpoly d" "isnpoly (C (-2, 1))" 
  2741       by auto (simp add: isnpoly_def)
  2742     have norm2: "isnpoly (C (-2, 1) *\<^sub>p b*\<^sub>p d)" "isnpoly (C (-2, 1) *\<^sub>p d*\<^sub>p b)"
  2743       using norm by (simp_all add: polymul_norm)
  2744     have stupid: "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p b*\<^sub>p d))" "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p d*\<^sub>p b))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p b*\<^sub>p d)))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p d*\<^sub>p b)))"
  2745       by (simp_all add: polyneg_norm norm2)
  2746     have "?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) = ?I (msubst2 ?q (C (-2, 1) *\<^sub>p d*\<^sub>p b) (Add (Mul b c) (Mul d a)))" (is "?lhs \<longleftrightarrow> ?rhs")
  2747     proof
  2748       assume H: ?lhs
  2749       hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" 
  2750         by (auto simp add: msubst2_def lt[OF stupid(3)] lt[OF stupid(1)] mult_less_0_iff zero_less_mult_iff)
  2751       from msubst2[OF lq norm2(1) z(1), of x bs] 
  2752         msubst2[OF lq norm2(2) z(2), of x bs] H 
  2753       show ?rhs by (simp add: field_simps)
  2754     next
  2755       assume H: ?rhs
  2756       hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" 
  2757         by (auto simp add: msubst2_def lt[OF stupid(4)] lt[OF stupid(2)] mult_less_0_iff zero_less_mult_iff)
  2758       from msubst2[OF lq norm2(1) z(1), of x bs] 
  2759         msubst2[OF lq norm2(2) z(2), of x bs] H 
  2760       show ?lhs by (simp add: field_simps)
  2761     qed}
  2762   hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (?s (x, y)) \<longleftrightarrow> ?I (?s (y, x))"
  2763     by clarsimp
  2764 
  2765   have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
  2766   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists>(b, a)\<in>set ?U. \<exists>(d, c)\<in>set ?U. ?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))))"
  2767     using fr_eq_msubst2[OF lq, of vs bs x] by simp
  2768   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists> x\<in>set ?U. \<exists> y \<in>set ?U. ?I (?s (x,y)))"
  2769     by (simp add: split_def)
  2770   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists> (x,y) \<in> set ?Up. ?I (?s (x,y)))"
  2771     using alluopairs_bex[OF th0] by simp 
  2772   also have "\<dots> \<longleftrightarrow> ?I ?R" 
  2773     by (simp add: list_disj_def evaldjf_ex split_def)
  2774   also have "\<dots> \<longleftrightarrow> ?rhs"
  2775     unfolding ferrack2_def
  2776     apply (cases "?mp = T") 
  2777     apply (simp add: list_disj_def)
  2778     apply (cases "?pp = T") 
  2779     apply (simp add: list_disj_def)
  2780     by (simp_all add: Let_def decr0[OF nb])
  2781   finally show ?thesis using decr0_qf[OF nb]  
  2782     by (simp  add: ferrack2_def Let_def)
  2783 qed
  2784 
  2785 lemma frpar2: "qfree (frpar2 p) \<and> (Ifm vs bs (frpar2 p) \<longleftrightarrow> Ifm vs bs p)"
  2786 proof-
  2787   from ferrack2 have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack2 p) \<and> Ifm vs bs (ferrack2 p) = Ifm vs bs (E p)" by blast
  2788   from qelim[OF th, of "prep p" bs] 
  2789 show ?thesis  unfolding frpar2_def by (auto simp add: prep)
  2790 qed
  2791 
  2792 ML {* 
  2793 structure ReflectedFRPar = 
  2794 struct
  2795 
  2796 val bT = HOLogic.boolT;
  2797 fun num rT x = HOLogic.mk_number rT x;
  2798 fun rrelT rT = [rT,rT] ---> rT;
  2799 fun rrT rT = [rT, rT] ---> bT;
  2800 fun divt rT = Const(@{const_name Fields.divide},rrelT rT);
  2801 fun timest rT = Const(@{const_name Groups.times},rrelT rT);
  2802 fun plust rT = Const(@{const_name Groups.plus},rrelT rT);
  2803 fun minust rT = Const(@{const_name Groups.minus},rrelT rT);
  2804 fun uminust rT = Const(@{const_name Groups.uminus}, rT --> rT);
  2805 fun powt rT = Const(@{const_name "power"}, [rT,@{typ "nat"}] ---> rT);
  2806 val brT = [bT, bT] ---> bT;
  2807 val nott = @{term "Not"};
  2808 val conjt = @{term HOL.conj};
  2809 val disjt = @{term HOL.disj};
  2810 val impt = @{term HOL.implies};
  2811 val ifft = @{term "op = :: bool => _"}
  2812 fun llt rT = Const(@{const_name Orderings.less},rrT rT);
  2813 fun lle rT = Const(@{const_name Orderings.less},rrT rT);
  2814 fun eqt rT = Const(@{const_name HOL.eq},rrT rT);
  2815 fun rz rT = Const(@{const_name Groups.zero},rT);
  2816 
  2817 fun dest_nat t = case t of
  2818   Const (@{const_name Suc}, _) $ t' => 1 + dest_nat t'
  2819 | _ => (snd o HOLogic.dest_number) t;
  2820 
  2821 fun num_of_term m t = 
  2822  case t of
  2823    Const(@{const_name Groups.uminus},_)$t => @{code poly.Neg} (num_of_term m t)
  2824  | Const(@{const_name Groups.plus},_)$a$b => @{code poly.Add} (num_of_term m a, num_of_term m b)
  2825  | Const(@{const_name Groups.minus},_)$a$b => @{code poly.Sub} (num_of_term m a, num_of_term m b)
  2826  | Const(@{const_name Groups.times},_)$a$b => @{code poly.Mul} (num_of_term m a, num_of_term m b)
  2827  | Const(@{const_name Power.power},_)$a$n => @{code poly.Pw} (num_of_term m a, dest_nat n)
  2828  | Const(@{const_name Fields.divide},_)$a$b => @{code poly.C} (HOLogic.dest_number a |> snd, HOLogic.dest_number b |> snd)
  2829  | _ => (@{code poly.C} (HOLogic.dest_number t |> snd,1) 
  2830          handle TERM _ => @{code poly.Bound} (AList.lookup (op aconv) m t |> the));
  2831 
  2832 fun tm_of_term m m' t = 
  2833  case t of
  2834    Const(@{const_name Groups.uminus},_)$t => @{code Neg} (tm_of_term m m' t)
  2835  | Const(@{const_name Groups.plus},_)$a$b => @{code Add} (tm_of_term m m' a, tm_of_term m m' b)
  2836  | Const(@{const_name Groups.minus},_)$a$b => @{code Sub} (tm_of_term m m' a, tm_of_term m m' b)
  2837  | Const(@{const_name Groups.times},_)$a$b => @{code Mul} (num_of_term m' a, tm_of_term m m' b)
  2838  | _ => (@{code CP} (num_of_term m' t) 
  2839          handle TERM _ => @{code Bound} (AList.lookup (op aconv) m t |> the)
  2840               | Option => @{code Bound} (AList.lookup (op aconv) m t |> the));
  2841 
  2842 fun term_of_num T m t = 
  2843  case t of
  2844   @{code poly.C} (a,b) => (if b = 1 then num T a else if b=0 then (rz T) 
  2845                                         else (divt T) $ num T a $ num T b)
  2846 | @{code poly.Bound} i => AList.lookup (op = : int*int -> bool) m i |> the
  2847 | @{code poly.Add} (a,b) => (plust T)$(term_of_num T m a)$(term_of_num T m b)
  2848 | @{code poly.Mul} (a,b) => (timest T)$(term_of_num T m a)$(term_of_num T m b)
  2849 | @{code poly.Sub} (a,b) => (minust T)$(term_of_num T m a)$(term_of_num T m b)
  2850 | @{code poly.Neg} a => (uminust T)$(term_of_num T m a)
  2851 | @{code poly.Pw} (a,n) => (powt T)$(term_of_num T m t)$(HOLogic.mk_number HOLogic.natT n)
  2852 | @{code poly.CN} (c,n,p) => term_of_num T m (@{code poly.Add} (c, @{code poly.Mul} (@{code poly.Bound} n, p)))
  2853 | _ => error "term_of_num: Unknown term";
  2854 
  2855 fun term_of_tm T m m' t = 
  2856  case t of
  2857   @{code CP} p => term_of_num T m' p
  2858 | @{code Bound} i => AList.lookup (op = : int*int -> bool) m i |> the
  2859 | @{code Add} (a,b) => (plust T)$(term_of_tm T m m' a)$(term_of_tm T m m' b)
  2860 | @{code Mul} (a,b) => (timest T)$(term_of_num T m' a)$(term_of_tm T m m' b)
  2861 | @{code Sub} (a,b) => (minust T)$(term_of_tm T m m' a)$(term_of_tm T m m' b)
  2862 | @{code Neg} a => (uminust T)$(term_of_tm T m m' a)
  2863 | @{code CNP} (n,c,p) => term_of_tm T m m' (@{code Add}
  2864      (@{code Mul} (c, @{code Bound} n), p))
  2865 | _ => error "term_of_tm: Unknown term";
  2866 
  2867 fun fm_of_term m m' fm = 
  2868  case fm of
  2869     Const(@{const_name True},_) => @{code T}
  2870   | Const(@{const_name False},_) => @{code F}
  2871   | Const(@{const_name Not},_)$p => @{code NOT} (fm_of_term m m' p)
  2872   | Const(@{const_name HOL.conj},_)$p$q => @{code And} (fm_of_term m m' p, fm_of_term m m' q)
  2873   | Const(@{const_name HOL.disj},_)$p$q => @{code Or} (fm_of_term m m' p, fm_of_term m m' q)
  2874   | Const(@{const_name HOL.implies},_)$p$q => @{code Imp} (fm_of_term m m' p, fm_of_term m m' q)
  2875   | Const(@{const_name HOL.eq},ty)$p$q => 
  2876        if domain_type ty = bT then @{code Iff} (fm_of_term m m' p, fm_of_term m m' q)
  2877        else @{code Eq} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
  2878   | Const(@{const_name Orderings.less},_)$p$q => 
  2879         @{code Lt} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
  2880   | Const(@{const_name Orderings.less_eq},_)$p$q => 
  2881         @{code Le} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
  2882   | Const(@{const_name Ex},_)$Abs(xn,xT,p) => 
  2883      let val (xn', p') = Syntax_Trans.variant_abs (xn,xT,p)  (* FIXME !? *)
  2884          val x = Free(xn',xT)
  2885          fun incr i = i + 1
  2886          val m0 = (x,0):: (map (apsnd incr) m)
  2887       in @{code E} (fm_of_term m0 m' p') end
  2888   | Const(@{const_name All},_)$Abs(xn,xT,p) => 
  2889      let val (xn', p') = Syntax_Trans.variant_abs (xn,xT,p)  (* FIXME !? *)
  2890          val x = Free(xn',xT)
  2891          fun incr i = i + 1
  2892          val m0 = (x,0):: (map (apsnd incr) m)
  2893       in @{code A} (fm_of_term m0 m' p') end
  2894   | _ => error "fm_of_term";
  2895 
  2896 
  2897 fun term_of_fm T m m' t = 
  2898   case t of
  2899     @{code T} => Const(@{const_name True},bT)
  2900   | @{code F} => Const(@{const_name False},bT)
  2901   | @{code NOT} p => nott $ (term_of_fm T m m' p)
  2902   | @{code And} (p,q) => conjt $ (term_of_fm T m m' p) $ (term_of_fm T m m' q)
  2903   | @{code Or} (p,q) => disjt $ (term_of_fm T m m' p) $ (term_of_fm T m m' q)
  2904   | @{code Imp} (p,q) => impt $ (term_of_fm T m m' p) $ (term_of_fm T m m' q)
  2905   | @{code Iff} (p,q) => ifft $ (term_of_fm T m m' p) $ (term_of_fm T m m' q)
  2906   | @{code Lt} p => (llt T) $ (term_of_tm T m m' p) $ (rz T)
  2907   | @{code Le} p => (lle T) $ (term_of_tm T m m' p) $ (rz T)
  2908   | @{code Eq} p => (eqt T) $ (term_of_tm T m m' p) $ (rz T)
  2909   | @{code NEq} p => nott $ ((eqt T) $ (term_of_tm T m m' p) $ (rz T))
  2910   | _ => error "term_of_fm: quantifiers!!!!???";
  2911 
  2912 fun frpar_oracle (T,m, m', fm) = 
  2913  let 
  2914    val t = HOLogic.dest_Trueprop fm
  2915    val im = 0 upto (length m - 1)
  2916    val im' = 0 upto (length m' - 1)   
  2917  in HOLogic.mk_Trueprop (HOLogic.mk_eq(t, term_of_fm T (im ~~ m) (im' ~~ m')  
  2918                                                      (@{code frpar} (fm_of_term (m ~~ im) (m' ~~ im') t))))
  2919  end;
  2920 
  2921 fun frpar_oracle2 (T,m, m', fm) = 
  2922  let 
  2923    val t = HOLogic.dest_Trueprop fm
  2924    val im = 0 upto (length m - 1)
  2925    val im' = 0 upto (length m' - 1)   
  2926  in HOLogic.mk_Trueprop (HOLogic.mk_eq(t, term_of_fm T (im ~~ m) (im' ~~ m')  
  2927                                                      (@{code frpar2} (fm_of_term (m ~~ im) (m' ~~ im') t))))
  2928  end;
  2929 
  2930 end;
  2931 
  2932 
  2933 *}
  2934 
  2935 oracle frpar_oracle = {* fn (ty, ts, ts', ct) => 
  2936  let 
  2937   val thy = Thm.theory_of_cterm ct
  2938  in cterm_of thy (ReflectedFRPar.frpar_oracle (ty,ts, ts', term_of ct))
  2939  end *}
  2940 
  2941 oracle frpar_oracle2 = {* fn (ty, ts, ts', ct) => 
  2942  let 
  2943   val thy = Thm.theory_of_cterm ct
  2944  in cterm_of thy (ReflectedFRPar.frpar_oracle2 (ty,ts, ts', term_of ct))
  2945  end *}
  2946 
  2947 ML{* 
  2948 structure FRParTac = 
  2949 struct
  2950 
  2951 fun frpar_tac T ps ctxt = 
  2952  Object_Logic.full_atomize_tac
  2953  THEN' CSUBGOAL (fn (g, i) =>
  2954   let
  2955     val thy = Proof_Context.theory_of ctxt
  2956     val fs = subtract (op aconv) (map Free (Term.add_frees (term_of g) [])) ps
  2957     val th = frpar_oracle (T, fs, ps, (* Pattern.eta_long [] *) g)
  2958   in rtac (th RS iffD2) i end);
  2959 
  2960 fun frpar2_tac T ps ctxt = 
  2961  Object_Logic.full_atomize_tac
  2962  THEN' CSUBGOAL (fn (g, i) =>
  2963   let
  2964     val thy = Proof_Context.theory_of ctxt
  2965     val fs = subtract (op aconv) (map Free (Term.add_frees (term_of g) [])) ps
  2966     val th = frpar_oracle2 (T, fs, ps, (* Pattern.eta_long [] *) g)
  2967   in rtac (th RS iffD2) i end);
  2968 
  2969 end;
  2970 
  2971 *}
  2972 
  2973 method_setup frpar = {*
  2974 let
  2975  fun keyword k = Scan.lift (Args.$$$ k -- Args.colon) >> K ()
  2976  fun simple_keyword k = Scan.lift (Args.$$$ k) >> K ()
  2977  val parsN = "pars"
  2978  val typN = "type"
  2979  val any_keyword = keyword parsN || keyword typN
  2980  val thms = Scan.repeat (Scan.unless any_keyword Attrib.multi_thm) >> flat
  2981  val cterms = thms >> map Drule.dest_term;
  2982  val terms = Scan.repeat (Scan.unless any_keyword Args.term)
  2983  val typ = Scan.unless any_keyword Args.typ
  2984 in
  2985  (keyword typN |-- typ) -- (keyword parsN |-- terms) >>
  2986   (fn (T,ps) => fn ctxt => SIMPLE_METHOD' (FRParTac.frpar_tac T ps ctxt))
  2987 end
  2988 *} "parametric QE for linear Arithmetic over fields, Version 1"
  2989 
  2990 method_setup frpar2 = {*
  2991 let
  2992  fun keyword k = Scan.lift (Args.$$$ k -- Args.colon) >> K ()
  2993  fun simple_keyword k = Scan.lift (Args.$$$ k) >> K ()
  2994  val parsN = "pars"
  2995  val typN = "type"
  2996  val any_keyword = keyword parsN || keyword typN
  2997  val thms = Scan.repeat (Scan.unless any_keyword Attrib.multi_thm) >> flat
  2998  val cterms = thms >> map Drule.dest_term;
  2999  val terms = Scan.repeat (Scan.unless any_keyword Args.term)
  3000  val typ = Scan.unless any_keyword Args.typ
  3001 in
  3002  (keyword typN |-- typ) -- (keyword parsN |-- terms) >>
  3003   (fn (T,ps) => fn ctxt => SIMPLE_METHOD' (FRParTac.frpar2_tac T ps ctxt))
  3004 end
  3005 *} "parametric QE for linear Arithmetic over fields, Version 2"
  3006 
  3007 
  3008 lemma "\<exists>(x::'a::{linordered_field_inverse_zero}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
  3009   apply (frpar type: "'a::{linordered_field_inverse_zero}" pars: "y::'a::{linordered_field_inverse_zero}")
  3010   apply (simp add: field_simps)
  3011   apply (rule spec[where x=y])
  3012   apply (frpar type: "'a::{linordered_field_inverse_zero}" pars: "z::'a::{linordered_field_inverse_zero}")
  3013   by simp
  3014 
  3015 text{* Collins/Jones Problem *}
  3016 (*
  3017 lemma "\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0"
  3018 proof-
  3019   have "(\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0) \<longleftrightarrow> (\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < 2 *(a^2 + b^2) - (3*(a^2 + b^2)) * r + (2*a)*r \<and> 2*(a^2 + b^2) - (3*(a^2 + b^2) - 4*a + 1)*r - 2*a < 0)" (is "?lhs \<longleftrightarrow> ?rhs")
  3020 by (simp add: field_simps)
  3021 have "?rhs"
  3022 
  3023   apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "a::'a::{linordered_field_inverse_zero, number_ring}" "b::'a::{linordered_field_inverse_zero, number_ring}")
  3024   apply (simp add: field_simps)
  3025 oops
  3026 *)
  3027 (*
  3028 lemma "ALL (x::'a::{linordered_field_inverse_zero, number_ring}) y. (1 - t)*x \<le> (1+t)*y \<and> (1 - t)*y \<le> (1+t)*x --> 0 \<le> y"
  3029 apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "t::'a::{linordered_field_inverse_zero, number_ring}")
  3030 oops
  3031 *)
  3032 
  3033 lemma "\<exists>(x::'a::{linordered_field_inverse_zero}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
  3034   apply (frpar2 type: "'a::{linordered_field_inverse_zero}" pars: "y::'a::{linordered_field_inverse_zero}")
  3035   apply (simp add: field_simps)
  3036   apply (rule spec[where x=y])
  3037   apply (frpar2 type: "'a::{linordered_field_inverse_zero}" pars: "z::'a::{linordered_field_inverse_zero}")
  3038   by simp
  3039 
  3040 text{* Collins/Jones Problem *}
  3041 
  3042 (*
  3043 lemma "\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0"
  3044 proof-
  3045   have "(\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0) \<longleftrightarrow> (\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < 2 *(a^2 + b^2) - (3*(a^2 + b^2)) * r + (2*a)*r \<and> 2*(a^2 + b^2) - (3*(a^2 + b^2) - 4*a + 1)*r - 2*a < 0)" (is "?lhs \<longleftrightarrow> ?rhs")
  3046 by (simp add: field_simps)
  3047 have "?rhs"
  3048   apply (frpar2 type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "a::'a::{linordered_field_inverse_zero, number_ring}" "b::'a::{linordered_field_inverse_zero, number_ring}")
  3049   apply simp
  3050 oops
  3051 *)
  3052 
  3053 (*
  3054 lemma "ALL (x::'a::{linordered_field_inverse_zero, number_ring}) y. (1 - t)*x \<le> (1+t)*y \<and> (1 - t)*y \<le> (1+t)*x --> 0 \<le> y"
  3055 apply (frpar2 type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "t::'a::{linordered_field_inverse_zero, number_ring}")
  3056 apply (simp add: field_simps linorder_neq_iff[symmetric])
  3057 apply ferrack
  3058 oops
  3059 *)
  3060 end