src/HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy
 author krauss Thu Feb 24 20:52:05 2011 +0100 (2011-02-24) changeset 41838 c845adaecf98 parent 41823 81d64ec48427 child 41842 d8f76db6a207 permissions -rw-r--r--
removed unused lemma
1 (*  Title:      HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy
2     Author:     Amine Chaieb
3 *)
5 header{* A formalization of Ferrante and Rackoff's procedure with polynomial parameters, see Paper in CALCULEMUS 2008 *}
7 theory Parametric_Ferrante_Rackoff
8 imports
9   Reflected_Multivariate_Polynomial
10   Dense_Linear_Order
11   "~~/src/HOL/Library/Efficient_Nat"
12 begin
14 subsection {* Terms *}
16 datatype tm = CP poly | Bound nat | Add tm tm | Mul poly tm
17   | Neg tm | Sub tm tm | CNP nat poly tm
18   (* A size for poly to make inductive proofs simpler*)
20 primrec tmsize :: "tm \<Rightarrow> nat" where
21   "tmsize (CP c) = polysize c"
22 | "tmsize (Bound n) = 1"
23 | "tmsize (Neg a) = 1 + tmsize a"
24 | "tmsize (Add a b) = 1 + tmsize a + tmsize b"
25 | "tmsize (Sub a b) = 3 + tmsize a + tmsize b"
26 | "tmsize (Mul c a) = 1 + polysize c + tmsize a"
27 | "tmsize (CNP n c a) = 3 + polysize c + tmsize a "
29   (* Semantics of terms tm *)
30 primrec Itm :: "'a::{field_char_0, field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> tm \<Rightarrow> 'a" where
31   "Itm vs bs (CP c) = (Ipoly vs c)"
32 | "Itm vs bs (Bound n) = bs!n"
33 | "Itm vs bs (Neg a) = -(Itm vs bs a)"
34 | "Itm vs bs (Add a b) = Itm vs bs a + Itm vs bs b"
35 | "Itm vs bs (Sub a b) = Itm vs bs a - Itm vs bs b"
36 | "Itm vs bs (Mul c a) = (Ipoly vs c) * Itm vs bs a"
37 | "Itm vs bs (CNP n c t) = (Ipoly vs c)*(bs!n) + Itm vs bs t"
40 fun allpolys:: "(poly \<Rightarrow> bool) \<Rightarrow> tm \<Rightarrow> bool"  where
41   "allpolys P (CP c) = P c"
42 | "allpolys P (CNP n c p) = (P c \<and> allpolys P p)"
43 | "allpolys P (Mul c p) = (P c \<and> allpolys P p)"
44 | "allpolys P (Neg p) = allpolys P p"
45 | "allpolys P (Add p q) = (allpolys P p \<and> allpolys P q)"
46 | "allpolys P (Sub p q) = (allpolys P p \<and> allpolys P q)"
47 | "allpolys P p = True"
49 primrec tmboundslt:: "nat \<Rightarrow> tm \<Rightarrow> bool" where
50   "tmboundslt n (CP c) = True"
51 | "tmboundslt n (Bound m) = (m < n)"
52 | "tmboundslt n (CNP m c a) = (m < n \<and> tmboundslt n a)"
53 | "tmboundslt n (Neg a) = tmboundslt n a"
54 | "tmboundslt n (Add a b) = (tmboundslt n a \<and> tmboundslt n b)"
55 | "tmboundslt n (Sub a b) = (tmboundslt n a \<and> tmboundslt n b)"
56 | "tmboundslt n (Mul i a) = tmboundslt n a"
58 primrec tmbound0:: "tm \<Rightarrow> bool" (* a tm is INDEPENDENT of Bound 0 *) where
59   "tmbound0 (CP c) = True"
60 | "tmbound0 (Bound n) = (n>0)"
61 | "tmbound0 (CNP n c a) = (n\<noteq>0 \<and> tmbound0 a)"
62 | "tmbound0 (Neg a) = tmbound0 a"
63 | "tmbound0 (Add a b) = (tmbound0 a \<and> tmbound0 b)"
64 | "tmbound0 (Sub a b) = (tmbound0 a \<and> tmbound0 b)"
65 | "tmbound0 (Mul i a) = tmbound0 a"
66 lemma tmbound0_I:
67   assumes nb: "tmbound0 a"
68   shows "Itm vs (b#bs) a = Itm vs (b'#bs) a"
69 using nb
70 by (induct a rule: tm.induct,auto simp add: nth_pos2)
72 primrec tmbound:: "nat \<Rightarrow> tm \<Rightarrow> bool" (* a tm is INDEPENDENT of Bound n *) where
73   "tmbound n (CP c) = True"
74 | "tmbound n (Bound m) = (n \<noteq> m)"
75 | "tmbound n (CNP m c a) = (n\<noteq>m \<and> tmbound n a)"
76 | "tmbound n (Neg a) = tmbound n a"
77 | "tmbound n (Add a b) = (tmbound n a \<and> tmbound n b)"
78 | "tmbound n (Sub a b) = (tmbound n a \<and> tmbound n b)"
79 | "tmbound n (Mul i a) = tmbound n a"
80 lemma tmbound0_tmbound_iff: "tmbound 0 t = tmbound0 t" by (induct t, auto)
82 lemma tmbound_I:
83   assumes bnd: "tmboundslt (length bs) t" and nb: "tmbound n t" and le: "n \<le> length bs"
84   shows "Itm vs (bs[n:=x]) t = Itm vs bs t"
85   using nb le bnd
86   by (induct t rule: tm.induct , auto)
88 fun decrtm0:: "tm \<Rightarrow> tm" where
89   "decrtm0 (Bound n) = Bound (n - 1)"
90 | "decrtm0 (Neg a) = Neg (decrtm0 a)"
91 | "decrtm0 (Add a b) = Add (decrtm0 a) (decrtm0 b)"
92 | "decrtm0 (Sub a b) = Sub (decrtm0 a) (decrtm0 b)"
93 | "decrtm0 (Mul c a) = Mul c (decrtm0 a)"
94 | "decrtm0 (CNP n c a) = CNP (n - 1) c (decrtm0 a)"
95 | "decrtm0 a = a"
97 fun incrtm0:: "tm \<Rightarrow> tm" where
98   "incrtm0 (Bound n) = Bound (n + 1)"
99 | "incrtm0 (Neg a) = Neg (incrtm0 a)"
100 | "incrtm0 (Add a b) = Add (incrtm0 a) (incrtm0 b)"
101 | "incrtm0 (Sub a b) = Sub (incrtm0 a) (incrtm0 b)"
102 | "incrtm0 (Mul c a) = Mul c (incrtm0 a)"
103 | "incrtm0 (CNP n c a) = CNP (n + 1) c (incrtm0 a)"
104 | "incrtm0 a = a"
106 lemma decrtm0: assumes nb: "tmbound0 t"
107   shows "Itm vs (x#bs) t = Itm vs bs (decrtm0 t)"
108   using nb by (induct t rule: decrtm0.induct, simp_all add: nth_pos2)
110 lemma incrtm0: "Itm vs (x#bs) (incrtm0 t) = Itm vs bs t"
111   by (induct t rule: decrtm0.induct, simp_all add: nth_pos2)
113 primrec decrtm:: "nat \<Rightarrow> tm \<Rightarrow> tm" where
114   "decrtm m (CP c) = (CP c)"
115 | "decrtm m (Bound n) = (if n < m then Bound n else Bound (n - 1))"
116 | "decrtm m (Neg a) = Neg (decrtm m a)"
117 | "decrtm m (Add a b) = Add (decrtm m a) (decrtm m b)"
118 | "decrtm m (Sub a b) = Sub (decrtm m a) (decrtm m b)"
119 | "decrtm m (Mul c a) = Mul c (decrtm m a)"
120 | "decrtm m (CNP n c a) = (if n < m then CNP n c (decrtm m a) else CNP (n - 1) c (decrtm m a))"
122 primrec removen:: "nat \<Rightarrow> 'a list \<Rightarrow> 'a list" where
123   "removen n [] = []"
124 | "removen n (x#xs) = (if n=0 then xs else (x#(removen (n - 1) xs)))"
126 lemma removen_same: "n \<ge> length xs \<Longrightarrow> removen n xs = xs"
127   by (induct xs arbitrary: n, auto)
129 lemma nth_length_exceeds: "n \<ge> length xs \<Longrightarrow> xs!n = []!(n - length xs)"
130   by (induct xs arbitrary: n, auto)
132 lemma removen_length: "length (removen n xs) = (if n \<ge> length xs then length xs else length xs - 1)"
133   by (induct xs arbitrary: n, auto)
134 lemma removen_nth: "(removen n xs)!m = (if n \<ge> length xs then xs!m
135   else if m < n then xs!m else if m \<le> length xs then xs!(Suc m) else []!(m - (length xs - 1)))"
136 proof(induct xs arbitrary: n m)
137   case Nil thus ?case by simp
138 next
139   case (Cons x xs n m)
140   {assume nxs: "n \<ge> length (x#xs)" hence ?case using removen_same[OF nxs] by simp}
141   moreover
142   {assume nxs: "\<not> (n \<ge> length (x#xs))"
143     {assume mln: "m < n" hence ?case using Cons by (cases m, auto)}
144     moreover
145     {assume mln: "\<not> (m < n)"
146       {assume mxs: "m \<le> length (x#xs)" hence ?case using Cons by (cases m, auto)}
147       moreover
148       {assume mxs: "\<not> (m \<le> length (x#xs))"
149         have th: "length (removen n (x#xs)) = length xs"
150           using removen_length[where n="n" and xs="x#xs"] nxs by simp
151         with mxs have mxs':"m \<ge> length (removen n (x#xs))" by auto
152         hence "(removen n (x#xs))!m = [] ! (m - length xs)"
153           using th nth_length_exceeds[OF mxs'] by auto
154         hence th: "(removen n (x#xs))!m = [] ! (m - (length (x#xs) - 1))"
155           by auto
156         hence ?case using nxs mln mxs by auto }
157       ultimately have ?case by blast
158     }
159     ultimately have ?case by blast
160   } ultimately show ?case by blast
161 qed
163 lemma decrtm: assumes bnd: "tmboundslt (length bs) t" and nb: "tmbound m t"
164   and nle: "m \<le> length bs"
165   shows "Itm vs (removen m bs) (decrtm m t) = Itm vs bs t"
166   using bnd nb nle by (induct t rule: tm.induct) (auto simp add: removen_nth)
168 primrec tmsubst0:: "tm \<Rightarrow> tm \<Rightarrow> tm" where
169   "tmsubst0 t (CP c) = CP c"
170 | "tmsubst0 t (Bound n) = (if n=0 then t else Bound n)"
171 | "tmsubst0 t (CNP n c a) = (if n=0 then Add (Mul c t) (tmsubst0 t a) else CNP n c (tmsubst0 t a))"
172 | "tmsubst0 t (Neg a) = Neg (tmsubst0 t a)"
173 | "tmsubst0 t (Add a b) = Add (tmsubst0 t a) (tmsubst0 t b)"
174 | "tmsubst0 t (Sub a b) = Sub (tmsubst0 t a) (tmsubst0 t b)"
175 | "tmsubst0 t (Mul i a) = Mul i (tmsubst0 t a)"
176 lemma tmsubst0:
177   shows "Itm vs (x#bs) (tmsubst0 t a) = Itm vs ((Itm vs (x#bs) t)#bs) a"
178   by (induct a rule: tm.induct) (auto simp add: nth_pos2)
180 lemma tmsubst0_nb: "tmbound0 t \<Longrightarrow> tmbound0 (tmsubst0 t a)"
181   by (induct a rule: tm.induct) (auto simp add: nth_pos2)
183 primrec tmsubst:: "nat \<Rightarrow> tm \<Rightarrow> tm \<Rightarrow> tm" where
184   "tmsubst n t (CP c) = CP c"
185 | "tmsubst n t (Bound m) = (if n=m then t else Bound m)"
186 | "tmsubst n t (CNP m c a) = (if n=m then Add (Mul c t) (tmsubst n t a)
187              else CNP m c (tmsubst n t a))"
188 | "tmsubst n t (Neg a) = Neg (tmsubst n t a)"
189 | "tmsubst n t (Add a b) = Add (tmsubst n t a) (tmsubst n t b)"
190 | "tmsubst n t (Sub a b) = Sub (tmsubst n t a) (tmsubst n t b)"
191 | "tmsubst n t (Mul i a) = Mul i (tmsubst n t a)"
193 lemma tmsubst: assumes nb: "tmboundslt (length bs) a" and nlt: "n \<le> length bs"
194   shows "Itm vs bs (tmsubst n t a) = Itm vs (bs[n:= Itm vs bs t]) a"
195 using nb nlt
196 by (induct a rule: tm.induct,auto simp add: nth_pos2)
198 lemma tmsubst_nb0: assumes tnb: "tmbound0 t"
199 shows "tmbound0 (tmsubst 0 t a)"
200 using tnb
201 by (induct a rule: tm.induct, auto)
203 lemma tmsubst_nb: assumes tnb: "tmbound m t"
204 shows "tmbound m (tmsubst m t a)"
205 using tnb
206 by (induct a rule: tm.induct, auto)
207 lemma incrtm0_tmbound: "tmbound n t \<Longrightarrow> tmbound (Suc n) (incrtm0 t)"
208   by (induct t, auto)
209   (* Simplification *)
211 consts
212   tmadd:: "tm \<times> tm \<Rightarrow> tm"
213 recdef tmadd "measure (\<lambda> (t,s). size t + size s)"
214   "tmadd (CNP n1 c1 r1,CNP n2 c2 r2) =
215   (if n1=n2 then
216   (let c = c1 +\<^sub>p c2
217   in if c = 0\<^sub>p then tmadd(r1,r2) else CNP n1 c (tmadd (r1,r2)))
218   else if n1 \<le> n2 then (CNP n1 c1 (tmadd (r1,CNP n2 c2 r2)))
219   else (CNP n2 c2 (tmadd (CNP n1 c1 r1,r2))))"
220   "tmadd (CNP n1 c1 r1,t) = CNP n1 c1 (tmadd (r1, t))"
221   "tmadd (t,CNP n2 c2 r2) = CNP n2 c2 (tmadd (t,r2))"
222   "tmadd (CP b1, CP b2) = CP (b1 +\<^sub>p b2)"
227 apply (case_tac "c1 +\<^sub>p c2 = 0\<^sub>p",case_tac "n1 \<le> n2", simp_all)
228 apply (case_tac "n1 = n2", simp_all add: field_simps)
229 apply (simp only: right_distrib[symmetric])
232 lemma tmadd_nb0[simp]: "\<lbrakk> tmbound0 t ; tmbound0 s\<rbrakk> \<Longrightarrow> tmbound0 (tmadd (t,s))"
235 lemma tmadd_nb[simp]: "\<lbrakk> tmbound n t ; tmbound n s\<rbrakk> \<Longrightarrow> tmbound n (tmadd (t,s))"
237 lemma tmadd_blt[simp]: "\<lbrakk>tmboundslt n t ; tmboundslt n s\<rbrakk> \<Longrightarrow> tmboundslt n (tmadd (t,s))"
242 fun tmmul:: "tm \<Rightarrow> poly \<Rightarrow> tm" where
243   "tmmul (CP j) = (\<lambda> i. CP (i *\<^sub>p j))"
244 | "tmmul (CNP n c a) = (\<lambda> i. CNP n (i *\<^sub>p c) (tmmul a i))"
245 | "tmmul t = (\<lambda> i. Mul i t)"
247 lemma tmmul[simp]: "Itm vs bs (tmmul t i) = Itm vs bs (Mul i t)"
248 by (induct t arbitrary: i rule: tmmul.induct, simp_all add: field_simps)
250 lemma tmmul_nb0[simp]: "tmbound0 t \<Longrightarrow> tmbound0 (tmmul t i)"
251 by (induct t arbitrary: i rule: tmmul.induct, auto )
253 lemma tmmul_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (tmmul t i)"
254 by (induct t arbitrary: n rule: tmmul.induct, auto )
255 lemma tmmul_blt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (tmmul t i)"
256 by (induct t arbitrary: i rule: tmmul.induct, auto simp add: Let_def)
258 lemma tmmul_allpolys_npoly[simp]:
259   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
260   shows "allpolys isnpoly t \<Longrightarrow> isnpoly c \<Longrightarrow> allpolys isnpoly (tmmul t c)" by (induct t rule: tmmul.induct, simp_all add: Let_def polymul_norm)
262 definition tmneg :: "tm \<Rightarrow> tm" where
263   "tmneg t \<equiv> tmmul t (C (- 1,1))"
265 definition tmsub :: "tm \<Rightarrow> tm \<Rightarrow> tm" where
266   "tmsub s t \<equiv> (if s = t then CP 0\<^sub>p else tmadd (s,tmneg t))"
268 lemma tmneg[simp]: "Itm vs bs (tmneg t) = Itm vs bs (Neg t)"
269 using tmneg_def[of t]
270 apply simp
271 apply (subst number_of_Min)
272 apply (simp only: of_int_minus)
273 apply simp
274 done
276 lemma tmneg_nb0[simp]: "tmbound0 t \<Longrightarrow> tmbound0 (tmneg t)"
277 using tmneg_def by simp
279 lemma tmneg_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (tmneg t)"
280 using tmneg_def by simp
281 lemma tmneg_blt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (tmneg t)"
282 using tmneg_def by simp
283 lemma [simp]: "isnpoly (C (-1,1))" unfolding isnpoly_def by simp
284 lemma tmneg_allpolys_npoly[simp]:
285   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
286   shows "allpolys isnpoly t \<Longrightarrow> allpolys isnpoly (tmneg t)"
287   unfolding tmneg_def by auto
289 lemma tmsub[simp]: "Itm vs bs (tmsub a b) = Itm vs bs (Sub a b)"
290 using tmsub_def by simp
292 lemma tmsub_nb0[simp]: "\<lbrakk> tmbound0 t ; tmbound0 s\<rbrakk> \<Longrightarrow> tmbound0 (tmsub t s)"
293 using tmsub_def by simp
294 lemma tmsub_nb[simp]: "\<lbrakk> tmbound n t ; tmbound n s\<rbrakk> \<Longrightarrow> tmbound n (tmsub t s)"
295 using tmsub_def by simp
296 lemma tmsub_blt[simp]: "\<lbrakk>tmboundslt n t ; tmboundslt n s\<rbrakk> \<Longrightarrow> tmboundslt n (tmsub t s )"
297 using tmsub_def by simp
298 lemma tmsub_allpolys_npoly[simp]:
299   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
300   shows "allpolys isnpoly t \<Longrightarrow> allpolys isnpoly s \<Longrightarrow> allpolys isnpoly (tmsub t s)"
301   unfolding tmsub_def by (simp add: isnpoly_def)
303 fun simptm:: "tm \<Rightarrow> tm" where
304   "simptm (CP j) = CP (polynate j)"
305 | "simptm (Bound n) = CNP n 1\<^sub>p (CP 0\<^sub>p)"
306 | "simptm (Neg t) = tmneg (simptm t)"
308 | "simptm (Sub t s) = tmsub (simptm t) (simptm s)"
309 | "simptm (Mul i t) = (let i' = polynate i in if i' = 0\<^sub>p then CP 0\<^sub>p else tmmul (simptm t) i')"
310 | "simptm (CNP n c t) = (let c' = polynate c in if c' = 0\<^sub>p then simptm t else tmadd (CNP n c' (CP 0\<^sub>p ), simptm t))"
312 lemma polynate_stupid:
313   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
314   shows "polynate t = 0\<^sub>p \<Longrightarrow> Ipoly bs t = (0::'a::{field_char_0, field_inverse_zero})"
315 apply (subst polynate[symmetric])
316 apply simp
317 done
319 lemma simptm_ci[simp]: "Itm vs bs (simptm t) = Itm vs bs t"
320 by (induct t rule: simptm.induct, auto simp add: tmneg tmadd tmsub tmmul Let_def polynate_stupid)
322 lemma simptm_tmbound0[simp]:
323   "tmbound0 t \<Longrightarrow> tmbound0 (simptm t)"
324 by (induct t rule: simptm.induct, auto simp add: Let_def)
326 lemma simptm_nb[simp]: "tmbound n t \<Longrightarrow> tmbound n (simptm t)"
327 by (induct t rule: simptm.induct, auto simp add: Let_def)
328 lemma simptm_nlt[simp]: "tmboundslt n t \<Longrightarrow> tmboundslt n (simptm t)"
329 by (induct t rule: simptm.induct, auto simp add: Let_def)
331 lemma [simp]: "isnpoly 0\<^sub>p" and [simp]: "isnpoly (C(1,1))"
333 lemma simptm_allpolys_npoly[simp]:
334   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
335   shows "allpolys isnpoly (simptm p)"
336   by (induct p rule: simptm.induct, auto simp add: Let_def)
338 declare let_cong[fundef_cong del]
340 fun split0 :: "tm \<Rightarrow> (poly \<times> tm)" where
341   "split0 (Bound 0) = (1\<^sub>p, CP 0\<^sub>p)"
342 | "split0 (CNP 0 c t) = (let (c',t') = split0 t in (c +\<^sub>p c',t'))"
343 | "split0 (Neg t) = (let (c,t') = split0 t in (~\<^sub>p c,Neg t'))"
344 | "split0 (CNP n c t) = (let (c',t') = split0 t in (c',CNP n c t'))"
345 | "split0 (Add s t) = (let (c1,s') = split0 s ; (c2,t') = split0 t in (c1 +\<^sub>p c2, Add s' t'))"
346 | "split0 (Sub s t) = (let (c1,s') = split0 s ; (c2,t') = split0 t in (c1 -\<^sub>p c2, Sub s' t'))"
347 | "split0 (Mul c t) = (let (c',t') = split0 t in (c *\<^sub>p c', Mul c t'))"
348 | "split0 t = (0\<^sub>p, t)"
350 declare let_cong[fundef_cong]
352 lemma split0_stupid[simp]: "\<exists>x y. (x,y) = split0 p"
353   apply (rule exI[where x="fst (split0 p)"])
354   apply (rule exI[where x="snd (split0 p)"])
355   by simp
357 lemma split0:
358   "tmbound 0 (snd (split0 t)) \<and> (Itm vs bs (CNP 0 (fst (split0 t)) (snd (split0 t))) = Itm vs bs t)"
359   apply (induct t rule: split0.induct)
360   apply simp
361   apply (simp add: Let_def split_def field_simps)
362   apply (simp add: Let_def split_def field_simps)
363   apply (simp add: Let_def split_def field_simps)
364   apply (simp add: Let_def split_def field_simps)
365   apply (simp add: Let_def split_def field_simps)
366   apply (simp add: Let_def split_def mult_assoc right_distrib[symmetric])
367   apply (simp add: Let_def split_def field_simps)
368   apply (simp add: Let_def split_def field_simps)
369   done
371 lemma split0_ci: "split0 t = (c',t') \<Longrightarrow> Itm vs bs t = Itm vs bs (CNP 0 c' t')"
372 proof-
373   fix c' t'
374   assume "split0 t = (c', t')" hence "c' = fst (split0 t)" and "t' = snd (split0 t)" by auto
375   with split0[where t="t" and bs="bs"] show "Itm vs bs t = Itm vs bs (CNP 0 c' t')" by simp
376 qed
378 lemma split0_nb0:
379   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
380   shows "split0 t = (c',t') \<Longrightarrow>  tmbound 0 t'"
381 proof-
382   fix c' t'
383   assume "split0 t = (c', t')" hence "c' = fst (split0 t)" and "t' = snd (split0 t)" by auto
384   with conjunct1[OF split0[where t="t"]] show "tmbound 0 t'" by simp
385 qed
387 lemma split0_nb0'[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
388   shows "tmbound0 (snd (split0 t))"
389   using split0_nb0[of t "fst (split0 t)" "snd (split0 t)"] by (simp add: tmbound0_tmbound_iff)
392 lemma split0_nb: assumes nb:"tmbound n t" shows "tmbound n (snd (split0 t))"
393   using nb by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
395 lemma split0_blt: assumes nb:"tmboundslt n t" shows "tmboundslt n (snd (split0 t))"
396   using nb by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
398 lemma tmbound_split0: "tmbound 0 t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0"
399  by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
401 lemma tmboundslt_split0: "tmboundslt n t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0 \<or> n > 0"
402 by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
404 lemma tmboundslt0_split0: "tmboundslt 0 t \<Longrightarrow> Ipoly vs (fst(split0 t)) = 0"
405  by (induct t rule: split0.induct, auto simp add: Let_def split_def split0_stupid)
407 lemma allpolys_split0: "allpolys isnpoly p \<Longrightarrow> allpolys isnpoly (snd (split0 p))"
408 by (induct p rule: split0.induct, auto simp  add: isnpoly_def Let_def split_def split0_stupid)
410 lemma isnpoly_fst_split0:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
411   shows
412   "allpolys isnpoly p \<Longrightarrow> isnpoly (fst (split0 p))"
413   by (induct p rule: split0.induct,
415     Let_def split_def split0_stupid)
417 subsection{* Formulae *}
419 datatype fm  =  T| F| Le tm | Lt tm | Eq tm | NEq tm|
420   NOT fm| And fm fm|  Or fm fm| Imp fm fm| Iff fm fm| E fm| A fm
423   (* A size for fm *)
424 fun fmsize :: "fm \<Rightarrow> nat" where
425   "fmsize (NOT p) = 1 + fmsize p"
426 | "fmsize (And p q) = 1 + fmsize p + fmsize q"
427 | "fmsize (Or p q) = 1 + fmsize p + fmsize q"
428 | "fmsize (Imp p q) = 3 + fmsize p + fmsize q"
429 | "fmsize (Iff p q) = 3 + 2*(fmsize p + fmsize q)"
430 | "fmsize (E p) = 1 + fmsize p"
431 | "fmsize (A p) = 4+ fmsize p"
432 | "fmsize p = 1"
433   (* several lemmas about fmsize *)
434 lemma fmsize_pos[termination_simp]: "fmsize p > 0"
435 by (induct p rule: fmsize.induct) simp_all
437   (* Semantics of formulae (fm) *)
438 primrec Ifm ::"'a::{linordered_field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> fm \<Rightarrow> bool" where
439   "Ifm vs bs T = True"
440 | "Ifm vs bs F = False"
441 | "Ifm vs bs (Lt a) = (Itm vs bs a < 0)"
442 | "Ifm vs bs (Le a) = (Itm vs bs a \<le> 0)"
443 | "Ifm vs bs (Eq a) = (Itm vs bs a = 0)"
444 | "Ifm vs bs (NEq a) = (Itm vs bs a \<noteq> 0)"
445 | "Ifm vs bs (NOT p) = (\<not> (Ifm vs bs p))"
446 | "Ifm vs bs (And p q) = (Ifm vs bs p \<and> Ifm vs bs q)"
447 | "Ifm vs bs (Or p q) = (Ifm vs bs p \<or> Ifm vs bs q)"
448 | "Ifm vs bs (Imp p q) = ((Ifm vs bs p) \<longrightarrow> (Ifm vs bs q))"
449 | "Ifm vs bs (Iff p q) = (Ifm vs bs p = Ifm vs bs q)"
450 | "Ifm vs bs (E p) = (\<exists> x. Ifm vs (x#bs) p)"
451 | "Ifm vs bs (A p) = (\<forall> x. Ifm vs (x#bs) p)"
453 fun not:: "fm \<Rightarrow> fm" where
454   "not (NOT (NOT p)) = not p"
455 | "not (NOT p) = p"
456 | "not T = F"
457 | "not F = T"
458 | "not (Lt t) = Le (tmneg t)"
459 | "not (Le t) = Lt (tmneg t)"
460 | "not (Eq t) = NEq t"
461 | "not (NEq t) = Eq t"
462 | "not p = NOT p"
463 lemma not[simp]: "Ifm vs bs (not p) = Ifm vs bs (NOT p)"
464 by (induct p rule: not.induct) auto
466 definition conj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
467   "conj p q \<equiv> (if (p = F \<or> q=F) then F else if p=T then q else if q=T then p else
468    if p = q then p else And p q)"
469 lemma conj[simp]: "Ifm vs bs (conj p q) = Ifm vs bs (And p q)"
470 by (cases "p=F \<or> q=F",simp_all add: conj_def) (cases p,simp_all)
472 definition disj :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
473   "disj p q \<equiv> (if (p = T \<or> q=T) then T else if p=F then q else if q=F then p
474        else if p=q then p else Or p q)"
476 lemma disj[simp]: "Ifm vs bs (disj p q) = Ifm vs bs (Or p q)"
477 by (cases "p=T \<or> q=T",simp_all add: disj_def) (cases p,simp_all)
479 definition imp :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
480   "imp p q \<equiv> (if (p = F \<or> q=T \<or> p=q) then T else if p=T then q else if q=F then not p
481     else Imp p q)"
482 lemma imp[simp]: "Ifm vs bs (imp p q) = Ifm vs bs (Imp p q)"
483 by (cases "p=F \<or> q=T",simp_all add: imp_def)
485 definition iff :: "fm \<Rightarrow> fm \<Rightarrow> fm" where
486   "iff p q \<equiv> (if (p = q) then T else if (p = NOT q \<or> NOT p = q) then F else
487        if p=F then not q else if q=F then not p else if p=T then q else if q=T then p else
488   Iff p q)"
489 lemma iff[simp]: "Ifm vs bs (iff p q) = Ifm vs bs (Iff p q)"
490   by (unfold iff_def,cases "p=q", simp,cases "p=NOT q", simp) (cases "NOT p= q", auto)
492   (* Quantifier freeness *)
493 fun qfree:: "fm \<Rightarrow> bool" where
494   "qfree (E p) = False"
495 | "qfree (A p) = False"
496 | "qfree (NOT p) = qfree p"
497 | "qfree (And p q) = (qfree p \<and> qfree q)"
498 | "qfree (Or  p q) = (qfree p \<and> qfree q)"
499 | "qfree (Imp p q) = (qfree p \<and> qfree q)"
500 | "qfree (Iff p q) = (qfree p \<and> qfree q)"
501 | "qfree p = True"
503   (* Boundedness and substitution *)
505 primrec boundslt :: "nat \<Rightarrow> fm \<Rightarrow> bool" where
506   "boundslt n T = True"
507 | "boundslt n F = True"
508 | "boundslt n (Lt t) = (tmboundslt n t)"
509 | "boundslt n (Le t) = (tmboundslt n t)"
510 | "boundslt n (Eq t) = (tmboundslt n t)"
511 | "boundslt n (NEq t) = (tmboundslt n t)"
512 | "boundslt n (NOT p) = boundslt n p"
513 | "boundslt n (And p q) = (boundslt n p \<and> boundslt n q)"
514 | "boundslt n (Or p q) = (boundslt n p \<and> boundslt n q)"
515 | "boundslt n (Imp p q) = ((boundslt n p) \<and> (boundslt n q))"
516 | "boundslt n (Iff p q) = (boundslt n p \<and> boundslt n q)"
517 | "boundslt n (E p) = boundslt (Suc n) p"
518 | "boundslt n (A p) = boundslt (Suc n) p"
520 fun bound0:: "fm \<Rightarrow> bool" (* A Formula is independent of Bound 0 *) where
521   "bound0 T = True"
522 | "bound0 F = True"
523 | "bound0 (Lt a) = tmbound0 a"
524 | "bound0 (Le a) = tmbound0 a"
525 | "bound0 (Eq a) = tmbound0 a"
526 | "bound0 (NEq a) = tmbound0 a"
527 | "bound0 (NOT p) = bound0 p"
528 | "bound0 (And p q) = (bound0 p \<and> bound0 q)"
529 | "bound0 (Or p q) = (bound0 p \<and> bound0 q)"
530 | "bound0 (Imp p q) = ((bound0 p) \<and> (bound0 q))"
531 | "bound0 (Iff p q) = (bound0 p \<and> bound0 q)"
532 | "bound0 p = False"
533 lemma bound0_I:
534   assumes bp: "bound0 p"
535   shows "Ifm vs (b#bs) p = Ifm vs (b'#bs) p"
536 using bp tmbound0_I[where b="b" and bs="bs" and b'="b'"]
537 by (induct p rule: bound0.induct,auto simp add: nth_pos2)
539 primrec bound:: "nat \<Rightarrow> fm \<Rightarrow> bool" (* A Formula is independent of Bound n *) where
540   "bound m T = True"
541 | "bound m F = True"
542 | "bound m (Lt t) = tmbound m t"
543 | "bound m (Le t) = tmbound m t"
544 | "bound m (Eq t) = tmbound m t"
545 | "bound m (NEq t) = tmbound m t"
546 | "bound m (NOT p) = bound m p"
547 | "bound m (And p q) = (bound m p \<and> bound m q)"
548 | "bound m (Or p q) = (bound m p \<and> bound m q)"
549 | "bound m (Imp p q) = ((bound m p) \<and> (bound m q))"
550 | "bound m (Iff p q) = (bound m p \<and> bound m q)"
551 | "bound m (E p) = bound (Suc m) p"
552 | "bound m (A p) = bound (Suc m) p"
554 lemma bound_I:
555   assumes bnd: "boundslt (length bs) p" and nb: "bound n p" and le: "n \<le> length bs"
556   shows "Ifm vs (bs[n:=x]) p = Ifm vs bs p"
557   using bnd nb le tmbound_I[where bs=bs and vs = vs]
558 proof(induct p arbitrary: bs n rule: fm.induct)
559   case (E p bs n)
560   {fix y
561     from E have bnd: "boundslt (length (y#bs)) p"
562       and nb: "bound (Suc n) p" and le: "Suc n \<le> length (y#bs)" by simp+
563     from E.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .   }
564   thus ?case by simp
565 next
566   case (A p bs n) {fix y
567     from A have bnd: "boundslt (length (y#bs)) p"
568       and nb: "bound (Suc n) p" and le: "Suc n \<le> length (y#bs)" by simp+
569     from A.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .   }
570   thus ?case by simp
571 qed auto
573 fun decr0 :: "fm \<Rightarrow> fm" where
574   "decr0 (Lt a) = Lt (decrtm0 a)"
575 | "decr0 (Le a) = Le (decrtm0 a)"
576 | "decr0 (Eq a) = Eq (decrtm0 a)"
577 | "decr0 (NEq a) = NEq (decrtm0 a)"
578 | "decr0 (NOT p) = NOT (decr0 p)"
579 | "decr0 (And p q) = conj (decr0 p) (decr0 q)"
580 | "decr0 (Or p q) = disj (decr0 p) (decr0 q)"
581 | "decr0 (Imp p q) = imp (decr0 p) (decr0 q)"
582 | "decr0 (Iff p q) = iff (decr0 p) (decr0 q)"
583 | "decr0 p = p"
585 lemma decr0: assumes nb: "bound0 p"
586   shows "Ifm vs (x#bs) p = Ifm vs bs (decr0 p)"
587   using nb
588   by (induct p rule: decr0.induct, simp_all add: decrtm0)
590 primrec decr :: "nat \<Rightarrow> fm \<Rightarrow> fm" where
591   "decr m T = T"
592 | "decr m F = F"
593 | "decr m (Lt t) = (Lt (decrtm m t))"
594 | "decr m (Le t) = (Le (decrtm m t))"
595 | "decr m (Eq t) = (Eq (decrtm m t))"
596 | "decr m (NEq t) = (NEq (decrtm m t))"
597 | "decr m (NOT p) = NOT (decr m p)"
598 | "decr m (And p q) = conj (decr m p) (decr m q)"
599 | "decr m (Or p q) = disj (decr m p) (decr m q)"
600 | "decr m (Imp p q) = imp (decr m p) (decr m q)"
601 | "decr m (Iff p q) = iff (decr m p) (decr m q)"
602 | "decr m (E p) = E (decr (Suc m) p)"
603 | "decr m (A p) = A (decr (Suc m) p)"
605 lemma decr: assumes  bnd: "boundslt (length bs) p" and nb: "bound m p"
606   and nle: "m < length bs"
607   shows "Ifm vs (removen m bs) (decr m p) = Ifm vs bs p"
608   using bnd nb nle
609 proof(induct p arbitrary: bs m rule: fm.induct)
610   case (E p bs m)
611   {fix x
612     from E have bnd: "boundslt (length (x#bs)) p" and nb: "bound (Suc m) p"
613   and nle: "Suc m < length (x#bs)" by auto
614     from E(1)[OF bnd nb nle] have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p".
615   } thus ?case by auto
616 next
617   case (A p bs m)
618   {fix x
619     from A have bnd: "boundslt (length (x#bs)) p" and nb: "bound (Suc m) p"
620   and nle: "Suc m < length (x#bs)" by auto
621     from A(1)[OF bnd nb nle] have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p".
622   } thus ?case by auto
623 qed (auto simp add: decrtm removen_nth)
625 primrec subst0:: "tm \<Rightarrow> fm \<Rightarrow> fm" where
626   "subst0 t T = T"
627 | "subst0 t F = F"
628 | "subst0 t (Lt a) = Lt (tmsubst0 t a)"
629 | "subst0 t (Le a) = Le (tmsubst0 t a)"
630 | "subst0 t (Eq a) = Eq (tmsubst0 t a)"
631 | "subst0 t (NEq a) = NEq (tmsubst0 t a)"
632 | "subst0 t (NOT p) = NOT (subst0 t p)"
633 | "subst0 t (And p q) = And (subst0 t p) (subst0 t q)"
634 | "subst0 t (Or p q) = Or (subst0 t p) (subst0 t q)"
635 | "subst0 t (Imp p q) = Imp (subst0 t p)  (subst0 t q)"
636 | "subst0 t (Iff p q) = Iff (subst0 t p) (subst0 t q)"
637 | "subst0 t (E p) = E p"
638 | "subst0 t (A p) = A p"
640 lemma subst0: assumes qf: "qfree p"
641   shows "Ifm vs (x#bs) (subst0 t p) = Ifm vs ((Itm vs (x#bs) t)#bs) p"
642 using qf tmsubst0[where x="x" and bs="bs" and t="t"]
643 by (induct p rule: fm.induct, auto)
645 lemma subst0_nb:
646   assumes bp: "tmbound0 t" and qf: "qfree p"
647   shows "bound0 (subst0 t p)"
648 using qf tmsubst0_nb[OF bp] bp
649 by (induct p rule: fm.induct, auto)
651 primrec subst:: "nat \<Rightarrow> tm \<Rightarrow> fm \<Rightarrow> fm" where
652   "subst n t T = T"
653 | "subst n t F = F"
654 | "subst n t (Lt a) = Lt (tmsubst n t a)"
655 | "subst n t (Le a) = Le (tmsubst n t a)"
656 | "subst n t (Eq a) = Eq (tmsubst n t a)"
657 | "subst n t (NEq a) = NEq (tmsubst n t a)"
658 | "subst n t (NOT p) = NOT (subst n t p)"
659 | "subst n t (And p q) = And (subst n t p) (subst n t q)"
660 | "subst n t (Or p q) = Or (subst n t p) (subst n t q)"
661 | "subst n t (Imp p q) = Imp (subst n t p)  (subst n t q)"
662 | "subst n t (Iff p q) = Iff (subst n t p) (subst n t q)"
663 | "subst n t (E p) = E (subst (Suc n) (incrtm0 t) p)"
664 | "subst n t (A p) = A (subst (Suc n) (incrtm0 t) p)"
666 lemma subst: assumes nb: "boundslt (length bs) p" and nlm: "n \<le> length bs"
667   shows "Ifm vs bs (subst n t p) = Ifm vs (bs[n:= Itm vs bs t]) p"
668   using nb nlm
669 proof (induct p arbitrary: bs n t rule: fm.induct)
670   case (E p bs n)
671   {fix x
672     from E have bn: "boundslt (length (x#bs)) p" by simp
673     from E have nlm: "Suc n \<le> length (x#bs)" by simp
674     from E(1)[OF bn nlm] have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p" by simp
675     hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
676     by (simp add: incrtm0[where x="x" and bs="bs" and t="t"]) }
677 thus ?case by simp
678 next
679   case (A p bs n)
680   {fix x
681     from A have bn: "boundslt (length (x#bs)) p" by simp
682     from A have nlm: "Suc n \<le> length (x#bs)" by simp
683     from A(1)[OF bn nlm] have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p" by simp
684     hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
685     by (simp add: incrtm0[where x="x" and bs="bs" and t="t"]) }
686 thus ?case by simp
689 lemma subst_nb: assumes tnb: "tmbound m t"
690 shows "bound m (subst m t p)"
691 using tnb tmsubst_nb incrtm0_tmbound
692 by (induct p arbitrary: m t rule: fm.induct, auto)
694 lemma not_qf[simp]: "qfree p \<Longrightarrow> qfree (not p)"
695 by (induct p rule: not.induct, auto)
696 lemma not_bn0[simp]: "bound0 p \<Longrightarrow> bound0 (not p)"
697 by (induct p rule: not.induct, auto)
698 lemma not_nb[simp]: "bound n p \<Longrightarrow> bound n (not p)"
699 by (induct p rule: not.induct, auto)
700 lemma not_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n (not p)"
701  by (induct p rule: not.induct, auto)
703 lemma conj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (conj p q)"
704 using conj_def by auto
705 lemma conj_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (conj p q)"
706 using conj_def by auto
707 lemma conj_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (conj p q)"
708 using conj_def by auto
709 lemma conj_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (conj p q)"
710 using conj_def by auto
712 lemma disj_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (disj p q)"
713 using disj_def by auto
714 lemma disj_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (disj p q)"
715 using disj_def by auto
716 lemma disj_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (disj p q)"
717 using disj_def by auto
718 lemma disj_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (disj p q)"
719 using disj_def by auto
721 lemma imp_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (imp p q)"
722 using imp_def by (cases "p=F \<or> q=T",simp_all add: imp_def)
723 lemma imp_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (imp p q)"
724 using imp_def by (cases "p=F \<or> q=T \<or> p=q",simp_all add: imp_def)
725 lemma imp_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (imp p q)"
726 using imp_def by (cases "p=F \<or> q=T \<or> p=q",simp_all add: imp_def)
727 lemma imp_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (imp p q)"
728 using imp_def by auto
730 lemma iff_qf[simp]: "\<lbrakk>qfree p ; qfree q\<rbrakk> \<Longrightarrow> qfree (iff p q)"
731   by (unfold iff_def,cases "p=q", auto)
732 lemma iff_nb0[simp]: "\<lbrakk>bound0 p ; bound0 q\<rbrakk> \<Longrightarrow> bound0 (iff p q)"
733 using iff_def by (unfold iff_def,cases "p=q", auto)
734 lemma iff_nb[simp]: "\<lbrakk>bound n p ; bound n q\<rbrakk> \<Longrightarrow> bound n (iff p q)"
735 using iff_def by (unfold iff_def,cases "p=q", auto)
736 lemma iff_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (iff p q)"
737 using iff_def by auto
738 lemma decr0_qf: "bound0 p \<Longrightarrow> qfree (decr0 p)"
739 by (induct p, simp_all)
741 fun isatom :: "fm \<Rightarrow> bool" (* test for atomicity *) where
742   "isatom T = True"
743 | "isatom F = True"
744 | "isatom (Lt a) = True"
745 | "isatom (Le a) = True"
746 | "isatom (Eq a) = True"
747 | "isatom (NEq a) = True"
748 | "isatom p = False"
750 lemma bound0_qf: "bound0 p \<Longrightarrow> qfree p"
751 by (induct p, simp_all)
753 definition djf :: "('a \<Rightarrow> fm) \<Rightarrow> 'a \<Rightarrow> fm \<Rightarrow> fm" where
754   "djf f p q \<equiv> (if q=T then T else if q=F then f p else
755   (let fp = f p in case fp of T \<Rightarrow> T | F \<Rightarrow> q | _ \<Rightarrow> Or (f p) q))"
756 definition evaldjf :: "('a \<Rightarrow> fm) \<Rightarrow> 'a list \<Rightarrow> fm" where
757   "evaldjf f ps \<equiv> foldr (djf f) ps F"
759 lemma djf_Or: "Ifm vs bs (djf f p q) = Ifm vs bs (Or (f p) q)"
761 (cases "f p", simp_all add: Let_def djf_def)
763 lemma evaldjf_ex: "Ifm vs bs (evaldjf f ps) = (\<exists> p \<in> set ps. Ifm vs bs (f p))"
764   by(induct ps, simp_all add: evaldjf_def djf_Or)
766 lemma evaldjf_bound0:
767   assumes nb: "\<forall> x\<in> set xs. bound0 (f x)"
768   shows "bound0 (evaldjf f xs)"
769   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto)
771 lemma evaldjf_qf:
772   assumes nb: "\<forall> x\<in> set xs. qfree (f x)"
773   shows "qfree (evaldjf f xs)"
774   using nb by (induct xs, auto simp add: evaldjf_def djf_def Let_def) (case_tac "f a", auto)
776 fun disjuncts :: "fm \<Rightarrow> fm list" where
777   "disjuncts (Or p q) = (disjuncts p) @ (disjuncts q)"
778 | "disjuncts F = []"
779 | "disjuncts p = [p]"
781 lemma disjuncts: "(\<exists> q\<in> set (disjuncts p). Ifm vs bs q) = Ifm vs bs p"
782 by(induct p rule: disjuncts.induct, auto)
784 lemma disjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). bound0 q"
785 proof-
786   assume nb: "bound0 p"
787   hence "list_all bound0 (disjuncts p)" by (induct p rule:disjuncts.induct,auto)
788   thus ?thesis by (simp only: list_all_iff)
789 qed
791 lemma disjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (disjuncts p). qfree q"
792 proof-
793   assume qf: "qfree p"
794   hence "list_all qfree (disjuncts p)"
795     by (induct p rule: disjuncts.induct, auto)
796   thus ?thesis by (simp only: list_all_iff)
797 qed
799 definition DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
800   "DJ f p \<equiv> evaldjf f (disjuncts p)"
802 lemma DJ: assumes fdj: "\<forall> p q. Ifm vs bs (f (Or p q)) = Ifm vs bs (Or (f p) (f q))"
803   and fF: "f F = F"
804   shows "Ifm vs bs (DJ f p) = Ifm vs bs (f p)"
805 proof-
806   have "Ifm vs bs (DJ f p) = (\<exists> q \<in> set (disjuncts p). Ifm vs bs (f q))"
807     by (simp add: DJ_def evaldjf_ex)
808   also have "\<dots> = Ifm vs bs (f p)" using fdj fF by (induct p rule: disjuncts.induct, auto)
809   finally show ?thesis .
810 qed
812 lemma DJ_qf: assumes
813   fqf: "\<forall> p. qfree p \<longrightarrow> qfree (f p)"
814   shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p) "
815 proof(clarify)
816   fix  p assume qf: "qfree p"
817   have th: "DJ f p = evaldjf f (disjuncts p)" by (simp add: DJ_def)
818   from disjuncts_qf[OF qf] have "\<forall> q\<in> set (disjuncts p). qfree q" .
819   with fqf have th':"\<forall> q\<in> set (disjuncts p). qfree (f q)" by blast
821   from evaldjf_qf[OF th'] th show "qfree (DJ f p)" by simp
822 qed
824 lemma DJ_qe: assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
825   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (DJ qe p) \<and> (Ifm vs bs ((DJ qe p)) = Ifm vs bs (E p))"
826 proof(clarify)
827   fix p::fm and bs
828   assume qf: "qfree p"
829   from qe have qth: "\<forall> p. qfree p \<longrightarrow> qfree (qe p)" by blast
830   from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)" by auto
831   have "Ifm vs bs (DJ qe p) = (\<exists> q\<in> set (disjuncts p). Ifm vs bs (qe q))"
832     by (simp add: DJ_def evaldjf_ex)
833   also have "\<dots> = (\<exists> q \<in> set(disjuncts p). Ifm vs bs (E q))" using qe disjuncts_qf[OF qf] by auto
834   also have "\<dots> = Ifm vs bs (E p)" by (induct p rule: disjuncts.induct, auto)
835   finally show "qfree (DJ qe p) \<and> Ifm vs bs (DJ qe p) = Ifm vs bs (E p)" using qfth by blast
836 qed
838 fun conjuncts :: "fm \<Rightarrow> fm list" where
839   "conjuncts (And p q) = (conjuncts p) @ (conjuncts q)"
840 | "conjuncts T = []"
841 | "conjuncts p = [p]"
843 definition list_conj :: "fm list \<Rightarrow> fm" where
844   "list_conj ps \<equiv> foldr conj ps T"
846 definition CJNB :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
847   "CJNB f p \<equiv> (let cjs = conjuncts p ; (yes,no) = partition bound0 cjs
848                    in conj (decr0 (list_conj yes)) (f (list_conj no)))"
850 lemma conjuncts_qf: "qfree p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). qfree q"
851 proof-
852   assume qf: "qfree p"
853   hence "list_all qfree (conjuncts p)"
854     by (induct p rule: conjuncts.induct, auto)
855   thus ?thesis by (simp only: list_all_iff)
856 qed
858 lemma conjuncts: "(\<forall> q\<in> set (conjuncts p). Ifm vs bs q) = Ifm vs bs p"
859 by(induct p rule: conjuncts.induct, auto)
861 lemma conjuncts_nb: "bound0 p \<Longrightarrow> \<forall> q\<in> set (conjuncts p). bound0 q"
862 proof-
863   assume nb: "bound0 p"
864   hence "list_all bound0 (conjuncts p)" by (induct p rule:conjuncts.induct,auto)
865   thus ?thesis by (simp only: list_all_iff)
866 qed
868 fun islin :: "fm \<Rightarrow> bool" where
869   "islin (And p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
870 | "islin (Or p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
871 | "islin (Eq (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
872 | "islin (NEq (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
873 | "islin (Lt (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
874 | "islin (Le (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
875 | "islin (NOT p) = False"
876 | "islin (Imp p q) = False"
877 | "islin (Iff p q) = False"
878 | "islin p = bound0 p"
880 lemma islin_stupid: assumes nb: "tmbound0 p"
881   shows "islin (Lt p)" and "islin (Le p)" and "islin (Eq p)" and "islin (NEq p)"
882   using nb by (cases p, auto, case_tac nat, auto)+
884 definition "lt p = (case p of CP (C c) \<Rightarrow> if 0>\<^sub>N c then T else F| _ \<Rightarrow> Lt p)"
885 definition "le p = (case p of CP (C c) \<Rightarrow> if 0\<ge>\<^sub>N c then T else F | _ \<Rightarrow> Le p)"
886 definition eq where "eq p = (case p of CP (C c) \<Rightarrow> if c = 0\<^sub>N then T else F | _ \<Rightarrow> Eq p)"
887 definition "neq p = not (eq p)"
889 lemma lt: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (lt p) = Ifm vs bs (Lt p)"
891   apply(cases p, simp_all)
892   apply (case_tac poly, simp_all add: isnpoly_def)
893   done
895 lemma le: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (le p) = Ifm vs bs (Le p)"
897   apply(cases p, simp_all)
898   apply (case_tac poly, simp_all add: isnpoly_def)
899   done
901 lemma eq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (eq p) = Ifm vs bs (Eq p)"
903   apply(cases p, simp_all)
904   apply (case_tac poly, simp_all add: isnpoly_def)
905   done
907 lemma neq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (neq p) = Ifm vs bs (NEq p)"
910 lemma lt_lin: "tmbound0 p \<Longrightarrow> islin (lt p)"
912   apply (cases p, simp_all)
913   apply (case_tac poly, simp_all)
914   apply (case_tac nat, simp_all)
915   done
917 lemma le_lin: "tmbound0 p \<Longrightarrow> islin (le p)"
919   apply (cases p, simp_all)
920   apply (case_tac poly, simp_all)
921   apply (case_tac nat, simp_all)
922   done
924 lemma eq_lin: "tmbound0 p \<Longrightarrow> islin (eq p)"
926   apply (cases p, simp_all)
927   apply (case_tac poly, simp_all)
928   apply (case_tac nat, simp_all)
929   done
931 lemma neq_lin: "tmbound0 p \<Longrightarrow> islin (neq p)"
932   apply (simp add: neq_def eq_def)
933   apply (cases p, simp_all)
934   apply (case_tac poly, simp_all)
935   apply (case_tac nat, simp_all)
936   done
938 definition "simplt t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then lt s else Lt (CNP 0 c s))"
939 definition "simple t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then le s else Le (CNP 0 c s))"
940 definition "simpeq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then eq s else Eq (CNP 0 c s))"
941 definition "simpneq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then neq s else NEq (CNP 0 c s))"
943 lemma simplt_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
944   shows "islin (simplt t)"
945   unfolding simplt_def
946   using split0_nb0'
947 by (auto simp add: lt_lin Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly])
949 lemma simple_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
950   shows "islin (simple t)"
951   unfolding simple_def
952   using split0_nb0'
953 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] le_lin)
954 lemma simpeq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
955   shows "islin (simpeq t)"
956   unfolding simpeq_def
957   using split0_nb0'
958 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] eq_lin)
960 lemma simpneq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
961   shows "islin (simpneq t)"
962   unfolding simpneq_def
963   using split0_nb0'
964 by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] neq_lin)
966 lemma really_stupid: "\<not> (\<forall>c1 s'. (c1, s') \<noteq> split0 s)"
967   by (cases "split0 s", auto)
968 lemma split0_npoly:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
969   and n: "allpolys isnpoly t"
970   shows "isnpoly (fst (split0 t))" and "allpolys isnpoly (snd (split0 t))"
971   using n
972   by (induct t rule: split0.induct, auto simp add: Let_def split_def polyadd_norm polymul_norm polyneg_norm polysub_norm really_stupid)
973 lemma simplt[simp]:
974   shows "Ifm vs bs (simplt t) = Ifm vs bs (Lt t)"
975 proof-
976   have n: "allpolys isnpoly (simptm t)" by simp
977   let ?t = "simptm t"
978   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
979       using split0[of "simptm t" vs bs] lt[OF split0_npoly(2)[OF n], of vs bs]
980       by (simp add: simplt_def Let_def split_def lt)}
981   moreover
982   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
983     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simplt_def Let_def split_def)
984   }
985   ultimately show ?thesis by blast
986 qed
988 lemma simple[simp]:
989   shows "Ifm vs bs (simple t) = Ifm vs bs (Le t)"
990 proof-
991   have n: "allpolys isnpoly (simptm t)" by simp
992   let ?t = "simptm t"
993   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
994       using split0[of "simptm t" vs bs] le[OF split0_npoly(2)[OF n], of vs bs]
995       by (simp add: simple_def Let_def split_def le)}
996   moreover
997   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
998     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simple_def Let_def split_def)
999   }
1000   ultimately show ?thesis by blast
1001 qed
1003 lemma simpeq[simp]:
1004   shows "Ifm vs bs (simpeq t) = Ifm vs bs (Eq t)"
1005 proof-
1006   have n: "allpolys isnpoly (simptm t)" by simp
1007   let ?t = "simptm t"
1008   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
1009       using split0[of "simptm t" vs bs] eq[OF split0_npoly(2)[OF n], of vs bs]
1010       by (simp add: simpeq_def Let_def split_def)}
1011   moreover
1012   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
1013     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpeq_def Let_def split_def)
1014   }
1015   ultimately show ?thesis by blast
1016 qed
1018 lemma simpneq[simp]:
1019   shows "Ifm vs bs (simpneq t) = Ifm vs bs (NEq t)"
1020 proof-
1021   have n: "allpolys isnpoly (simptm t)" by simp
1022   let ?t = "simptm t"
1023   {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
1024       using split0[of "simptm t" vs bs] neq[OF split0_npoly(2)[OF n], of vs bs]
1025       by (simp add: simpneq_def Let_def split_def )}
1026   moreover
1027   {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
1028     hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpneq_def Let_def split_def)
1029   }
1030   ultimately show ?thesis by blast
1031 qed
1033 lemma lt_nb: "tmbound0 t \<Longrightarrow> bound0 (lt t)"
1035   apply (cases t, auto)
1036   apply (case_tac poly, auto)
1037   done
1039 lemma le_nb: "tmbound0 t \<Longrightarrow> bound0 (le t)"
1041   apply (cases t, auto)
1042   apply (case_tac poly, auto)
1043   done
1045 lemma eq_nb: "tmbound0 t \<Longrightarrow> bound0 (eq t)"
1047   apply (cases t, auto)
1048   apply (case_tac poly, auto)
1049   done
1051 lemma neq_nb: "tmbound0 t \<Longrightarrow> bound0 (neq t)"
1052   apply (simp add: neq_def eq_def)
1053   apply (cases t, auto)
1054   apply (case_tac poly, auto)
1055   done
1057 lemma simplt_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1058   shows "tmbound0 t \<Longrightarrow> bound0 (simplt t)"
1059   using split0 [of "simptm t" vs bs]
1060 proof(simp add: simplt_def Let_def split_def)
1061   assume nb: "tmbound0 t"
1062   hence nb': "tmbound0 (simptm t)" by simp
1063   let ?c = "fst (split0 (simptm t))"
1064   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
1065   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
1066   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
1067   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
1068   from iffD1[OF isnpolyh_unique[OF ths] th]
1069   have "fst (split0 (simptm t)) = 0\<^sub>p" .
1070   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (lt (snd (split0 (simptm t))))) \<and>
1071        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def lt_nb)
1072 qed
1074 lemma simple_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1075   shows "tmbound0 t \<Longrightarrow> bound0 (simple t)"
1076   using split0 [of "simptm t" vs bs]
1077 proof(simp add: simple_def Let_def split_def)
1078   assume nb: "tmbound0 t"
1079   hence nb': "tmbound0 (simptm t)" by simp
1080   let ?c = "fst (split0 (simptm t))"
1081   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
1082   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
1083   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
1084   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
1085   from iffD1[OF isnpolyh_unique[OF ths] th]
1086   have "fst (split0 (simptm t)) = 0\<^sub>p" .
1087   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (le (snd (split0 (simptm t))))) \<and>
1088        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def le_nb)
1089 qed
1091 lemma simpeq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1092   shows "tmbound0 t \<Longrightarrow> bound0 (simpeq t)"
1093   using split0 [of "simptm t" vs bs]
1094 proof(simp add: simpeq_def Let_def split_def)
1095   assume nb: "tmbound0 t"
1096   hence nb': "tmbound0 (simptm t)" by simp
1097   let ?c = "fst (split0 (simptm t))"
1098   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
1099   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
1100   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
1101   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
1102   from iffD1[OF isnpolyh_unique[OF ths] th]
1103   have "fst (split0 (simptm t)) = 0\<^sub>p" .
1104   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (eq (snd (split0 (simptm t))))) \<and>
1105        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpeq_def Let_def split_def eq_nb)
1106 qed
1108 lemma simpneq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1109   shows "tmbound0 t \<Longrightarrow> bound0 (simpneq t)"
1110   using split0 [of "simptm t" vs bs]
1111 proof(simp add: simpneq_def Let_def split_def)
1112   assume nb: "tmbound0 t"
1113   hence nb': "tmbound0 (simptm t)" by simp
1114   let ?c = "fst (split0 (simptm t))"
1115   from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
1116   have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
1117   from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
1118   have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
1119   from iffD1[OF isnpolyh_unique[OF ths] th]
1120   have "fst (split0 (simptm t)) = 0\<^sub>p" .
1121   thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (neq (snd (split0 (simptm t))))) \<and>
1122        fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpneq_def Let_def split_def neq_nb)
1123 qed
1125 fun conjs   :: "fm \<Rightarrow> fm list" where
1126   "conjs (And p q) = (conjs p)@(conjs q)"
1127 | "conjs T = []"
1128 | "conjs p = [p]"
1129 lemma conjs_ci: "(\<forall> q \<in> set (conjs p). Ifm vs bs q) = Ifm vs bs p"
1130 by (induct p rule: conjs.induct, auto)
1131 definition list_disj :: "fm list \<Rightarrow> fm" where
1132   "list_disj ps \<equiv> foldr disj ps F"
1134 lemma list_conj: "Ifm vs bs (list_conj ps) = (\<forall>p\<in> set ps. Ifm vs bs p)"
1135   by (induct ps, auto simp add: list_conj_def)
1136 lemma list_conj_qf: " \<forall>p\<in> set ps. qfree p \<Longrightarrow> qfree (list_conj ps)"
1137   by (induct ps, auto simp add: list_conj_def conj_qf)
1138 lemma list_disj: "Ifm vs bs (list_disj ps) = (\<exists>p\<in> set ps. Ifm vs bs p)"
1139   by (induct ps, auto simp add: list_disj_def)
1141 lemma conj_boundslt: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (conj p q)"
1142   unfolding conj_def by auto
1144 lemma conjs_nb: "bound n p \<Longrightarrow> \<forall>q\<in> set (conjs p). bound n q"
1145   apply (induct p rule: conjs.induct)
1146   apply (unfold conjs.simps)
1147   apply (unfold set_append)
1148   apply (unfold ball_Un)
1149   apply (unfold bound.simps)
1150   apply auto
1151   done
1153 lemma conjs_boundslt: "boundslt n p \<Longrightarrow> \<forall>q\<in> set (conjs p). boundslt n q"
1154   apply (induct p rule: conjs.induct)
1155   apply (unfold conjs.simps)
1156   apply (unfold set_append)
1157   apply (unfold ball_Un)
1158   apply (unfold boundslt.simps)
1159   apply blast
1160 by simp_all
1162 lemma list_conj_boundslt: " \<forall>p\<in> set ps. boundslt n p \<Longrightarrow> boundslt n (list_conj ps)"
1163   unfolding list_conj_def
1164   by (induct ps, auto simp add: conj_boundslt)
1166 lemma list_conj_nb: assumes bnd: "\<forall>p\<in> set ps. bound n p"
1167   shows "bound n (list_conj ps)"
1168   using bnd
1169   unfolding list_conj_def
1170   by (induct ps, auto simp add: conj_nb)
1172 lemma list_conj_nb': "\<forall>p\<in>set ps. bound0 p \<Longrightarrow> bound0 (list_conj ps)"
1173 unfolding list_conj_def by (induct ps , auto)
1175 lemma CJNB_qe:
1176   assumes qe: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
1177   shows "\<forall> bs p. qfree p \<longrightarrow> qfree (CJNB qe p) \<and> (Ifm vs bs ((CJNB qe p)) = Ifm vs bs (E p))"
1178 proof(clarify)
1179   fix bs p
1180   assume qfp: "qfree p"
1181   let ?cjs = "conjuncts p"
1182   let ?yes = "fst (partition bound0 ?cjs)"
1183   let ?no = "snd (partition bound0 ?cjs)"
1184   let ?cno = "list_conj ?no"
1185   let ?cyes = "list_conj ?yes"
1186   have part: "partition bound0 ?cjs = (?yes,?no)" by simp
1187   from partition_P[OF part] have "\<forall> q\<in> set ?yes. bound0 q" by blast
1188   hence yes_nb: "bound0 ?cyes" by (simp add: list_conj_nb')
1189   hence yes_qf: "qfree (decr0 ?cyes )" by (simp add: decr0_qf)
1190   from conjuncts_qf[OF qfp] partition_set[OF part]
1191   have " \<forall>q\<in> set ?no. qfree q" by auto
1192   hence no_qf: "qfree ?cno"by (simp add: list_conj_qf)
1193   with qe have cno_qf:"qfree (qe ?cno )"
1194     and noE: "Ifm vs bs (qe ?cno) = Ifm vs bs (E ?cno)" by blast+
1195   from cno_qf yes_qf have qf: "qfree (CJNB qe p)"
1196     by (simp add: CJNB_def Let_def conj_qf split_def)
1197   {fix bs
1198     from conjuncts have "Ifm vs bs p = (\<forall>q\<in> set ?cjs. Ifm vs bs q)" by blast
1199     also have "\<dots> = ((\<forall>q\<in> set ?yes. Ifm vs bs q) \<and> (\<forall>q\<in> set ?no. Ifm vs bs q))"
1200       using partition_set[OF part] by auto
1201     finally have "Ifm vs bs p = ((Ifm vs bs ?cyes) \<and> (Ifm vs bs ?cno))" using list_conj[of vs bs] by simp}
1202   hence "Ifm vs bs (E p) = (\<exists>x. (Ifm vs (x#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))" by simp
1203   also have "\<dots> = (\<exists>x. (Ifm vs (y#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))"
1204     using bound0_I[OF yes_nb, where bs="bs" and b'="y"] by blast
1205   also have "\<dots> = (Ifm vs bs (decr0 ?cyes) \<and> Ifm vs bs (E ?cno))"
1206     by (auto simp add: decr0[OF yes_nb] simp del: partition_filter_conv)
1207   also have "\<dots> = (Ifm vs bs (conj (decr0 ?cyes) (qe ?cno)))"
1208     using qe[rule_format, OF no_qf] by auto
1209   finally have "Ifm vs bs (E p) = Ifm vs bs (CJNB qe p)"
1210     by (simp add: Let_def CJNB_def split_def)
1211   with qf show "qfree (CJNB qe p) \<and> Ifm vs bs (CJNB qe p) = Ifm vs bs (E p)" by blast
1212 qed
1214 consts simpfm :: "fm \<Rightarrow> fm"
1215 recdef simpfm "measure fmsize"
1216   "simpfm (Lt t) = simplt (simptm t)"
1217   "simpfm (Le t) = simple (simptm t)"
1218   "simpfm (Eq t) = simpeq(simptm t)"
1219   "simpfm (NEq t) = simpneq(simptm t)"
1220   "simpfm (And p q) = conj (simpfm p) (simpfm q)"
1221   "simpfm (Or p q) = disj (simpfm p) (simpfm q)"
1222   "simpfm (Imp p q) = disj (simpfm (NOT p)) (simpfm q)"
1223   "simpfm (Iff p q) = disj (conj (simpfm p) (simpfm q)) (conj (simpfm (NOT p)) (simpfm (NOT q)))"
1224   "simpfm (NOT (And p q)) = disj (simpfm (NOT p)) (simpfm (NOT q))"
1225   "simpfm (NOT (Or p q)) = conj (simpfm (NOT p)) (simpfm (NOT q))"
1226   "simpfm (NOT (Imp p q)) = conj (simpfm p) (simpfm (NOT q))"
1227   "simpfm (NOT (Iff p q)) = disj (conj (simpfm p) (simpfm (NOT q))) (conj (simpfm (NOT p)) (simpfm q))"
1228   "simpfm (NOT (Eq t)) = simpneq t"
1229   "simpfm (NOT (NEq t)) = simpeq t"
1230   "simpfm (NOT (Le t)) = simplt (Neg t)"
1231   "simpfm (NOT (Lt t)) = simple (Neg t)"
1232   "simpfm (NOT (NOT p)) = simpfm p"
1233   "simpfm (NOT T) = F"
1234   "simpfm (NOT F) = T"
1235   "simpfm p = p"
1237 lemma simpfm[simp]: "Ifm vs bs (simpfm p) = Ifm vs bs p"
1238 by(induct p arbitrary: bs rule: simpfm.induct, auto)
1240 lemma simpfm_bound0:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1241   shows "bound0 p \<Longrightarrow> bound0 (simpfm p)"
1242 by (induct p rule: simpfm.induct, auto)
1244 lemma lt_qf[simp]: "qfree (lt t)"
1245   apply (cases t, auto simp add: lt_def)
1246   by (case_tac poly, auto)
1248 lemma le_qf[simp]: "qfree (le t)"
1249   apply (cases t, auto simp add: le_def)
1250   by (case_tac poly, auto)
1252 lemma eq_qf[simp]: "qfree (eq t)"
1253   apply (cases t, auto simp add: eq_def)
1254   by (case_tac poly, auto)
1256 lemma neq_qf[simp]: "qfree (neq t)" by (simp add: neq_def)
1258 lemma simplt_qf[simp]: "qfree (simplt t)" by (simp add: simplt_def Let_def split_def)
1259 lemma simple_qf[simp]: "qfree (simple t)" by (simp add: simple_def Let_def split_def)
1260 lemma simpeq_qf[simp]: "qfree (simpeq t)" by (simp add: simpeq_def Let_def split_def)
1261 lemma simpneq_qf[simp]: "qfree (simpneq t)" by (simp add: simpneq_def Let_def split_def)
1263 lemma simpfm_qf[simp]: "qfree p \<Longrightarrow> qfree (simpfm p)"
1264 by (induct p rule: simpfm.induct, auto simp add: disj_qf imp_qf iff_qf conj_qf not_qf Let_def)
1266 lemma disj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (disj p q)" by (simp add: disj_def)
1267 lemma conj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (conj p q)" by (simp add: conj_def)
1269 lemma   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
1270   shows "qfree p \<Longrightarrow> islin (simpfm p)"
1271   apply (induct p rule: simpfm.induct)
1272   apply (simp_all add: conj_lin disj_lin)
1273   done
1275 consts prep :: "fm \<Rightarrow> fm"
1276 recdef prep "measure fmsize"
1277   "prep (E T) = T"
1278   "prep (E F) = F"
1279   "prep (E (Or p q)) = disj (prep (E p)) (prep (E q))"
1280   "prep (E (Imp p q)) = disj (prep (E (NOT p))) (prep (E q))"
1281   "prep (E (Iff p q)) = disj (prep (E (And p q))) (prep (E (And (NOT p) (NOT q))))"
1282   "prep (E (NOT (And p q))) = disj (prep (E (NOT p))) (prep (E(NOT q)))"
1283   "prep (E (NOT (Imp p q))) = prep (E (And p (NOT q)))"
1284   "prep (E (NOT (Iff p q))) = disj (prep (E (And p (NOT q)))) (prep (E(And (NOT p) q)))"
1285   "prep (E p) = E (prep p)"
1286   "prep (A (And p q)) = conj (prep (A p)) (prep (A q))"
1287   "prep (A p) = prep (NOT (E (NOT p)))"
1288   "prep (NOT (NOT p)) = prep p"
1289   "prep (NOT (And p q)) = disj (prep (NOT p)) (prep (NOT q))"
1290   "prep (NOT (A p)) = prep (E (NOT p))"
1291   "prep (NOT (Or p q)) = conj (prep (NOT p)) (prep (NOT q))"
1292   "prep (NOT (Imp p q)) = conj (prep p) (prep (NOT q))"
1293   "prep (NOT (Iff p q)) = disj (prep (And p (NOT q))) (prep (And (NOT p) q))"
1294   "prep (NOT p) = not (prep p)"
1295   "prep (Or p q) = disj (prep p) (prep q)"
1296   "prep (And p q) = conj (prep p) (prep q)"
1297   "prep (Imp p q) = prep (Or (NOT p) q)"
1298   "prep (Iff p q) = disj (prep (And p q)) (prep (And (NOT p) (NOT q)))"
1299   "prep p = p"
1301 lemma prep: "Ifm vs bs (prep p) = Ifm vs bs p"
1302 by (induct p arbitrary: bs rule: prep.induct, auto)
1306   (* Generic quantifier elimination *)
1307 function (sequential) qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm" where
1308   "qelim (E p) = (\<lambda> qe. DJ (CJNB qe) (qelim p qe))"
1309 | "qelim (A p) = (\<lambda> qe. not (qe ((qelim (NOT p) qe))))"
1310 | "qelim (NOT p) = (\<lambda> qe. not (qelim p qe))"
1311 | "qelim (And p q) = (\<lambda> qe. conj (qelim p qe) (qelim q qe))"
1312 | "qelim (Or  p q) = (\<lambda> qe. disj (qelim p qe) (qelim q qe))"
1313 | "qelim (Imp p q) = (\<lambda> qe. imp (qelim p qe) (qelim q qe))"
1314 | "qelim (Iff p q) = (\<lambda> qe. iff (qelim p qe) (qelim q qe))"
1315 | "qelim p = (\<lambda> y. simpfm p)"
1316 by pat_completeness simp_all
1317 termination by (relation "measure fmsize") auto
1319 lemma qelim:
1320   assumes qe_inv: "\<forall> bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
1321   shows "\<And> bs. qfree (qelim p qe) \<and> (Ifm vs bs (qelim p qe) = Ifm vs bs p)"
1322 using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]]
1323 by (induct p rule: qelim.induct) auto
1325 subsection{* Core Procedure *}
1327 fun minusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of -\<infinity>*) where
1328   "minusinf (And p q) = conj (minusinf p) (minusinf q)"
1329 | "minusinf (Or p q) = disj (minusinf p) (minusinf q)"
1330 | "minusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
1331 | "minusinf (NEq (CNP 0 c e)) = disj (not (eq e)) (not (eq (CP c)))"
1332 | "minusinf (Lt  (CNP 0 c e)) = disj (conj (eq (CP c)) (lt e)) (lt (CP (~\<^sub>p c)))"
1333 | "minusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP (~\<^sub>p c)))"
1334 | "minusinf p = p"
1336 fun plusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of +\<infinity>*) where
1337   "plusinf (And p q) = conj (plusinf p) (plusinf q)"
1338 | "plusinf (Or p q) = disj (plusinf p) (plusinf q)"
1339 | "plusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
1340 | "plusinf (NEq (CNP 0 c e)) = disj (not (eq e)) (not (eq (CP c)))"
1341 | "plusinf (Lt  (CNP 0 c e)) = disj (conj (eq (CP c)) (lt e)) (lt (CP c))"
1342 | "plusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP c))"
1343 | "plusinf p = p"
1345 lemma minusinf_inf: assumes lp:"islin p"
1346   shows "\<exists>z. \<forall>x < z. Ifm vs (x#bs) (minusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
1347   using lp
1348 proof (induct p rule: minusinf.induct)
1349   case 1 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
1350 next
1351   case 2 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
1352 next
1353   case (3 c e) hence nbe: "tmbound0 e" by simp
1354   from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1355   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
1356   let ?c = "Ipoly vs c"
1357   let ?e = "Itm vs (y#bs) e"
1358   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1359   moreover {assume "?c = 0" hence ?case
1360       using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
1361   moreover {assume cp: "?c > 0"
1362     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
1363         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1364       hence "?c * x + ?e < 0" by simp
1365       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
1366         using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
1367   moreover {assume cp: "?c < 0"
1368     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
1369         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1370       hence "?c * x + ?e > 0" by simp
1371       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
1372         using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
1373   ultimately show ?case by blast
1374 next
1375   case (4 c e)  hence nbe: "tmbound0 e" by simp
1376   from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1377   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
1378   let ?c = "Ipoly vs c"
1379   let ?e = "Itm vs (y#bs) e"
1380   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1381   moreover {assume "?c = 0" hence ?case using eqs by auto}
1382   moreover {assume cp: "?c > 0"
1383     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
1384         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1385       hence "?c * x + ?e < 0" by simp
1386       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
1387         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
1388   moreover {assume cp: "?c < 0"
1389     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
1390         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1391       hence "?c * x + ?e > 0" by simp
1392       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
1393         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
1394   ultimately show ?case by blast
1395 next
1396   case (5 c e)  hence nbe: "tmbound0 e" by simp
1397   from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1398   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
1399   note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
1400   let ?c = "Ipoly vs c"
1401   let ?e = "Itm vs (y#bs) e"
1402   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1403   moreover {assume "?c = 0" hence ?case using eqs by auto}
1404   moreover {assume cp: "?c > 0"
1405     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
1406         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1407       hence "?c * x + ?e < 0" by simp
1408       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
1409         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1410   moreover {assume cp: "?c < 0"
1411     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
1412         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1413       hence "?c * x + ?e > 0" by simp
1414       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
1415         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
1416   ultimately show ?case by blast
1417 next
1418   case (6 c e)  hence nbe: "tmbound0 e" by simp
1419   from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1420   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
1421   note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
1422   let ?c = "Ipoly vs c"
1423   let ?e = "Itm vs (y#bs) e"
1424   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1425   moreover {assume "?c = 0" hence ?case using eqs by auto}
1426   moreover {assume cp: "?c > 0"
1427     {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
1428         using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1429       hence "?c * x + ?e < 0" by simp
1430       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
1431         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1432   moreover {assume cp: "?c < 0"
1433     {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
1434         using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1435       hence "?c * x + ?e > 0" by simp
1436       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
1437         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1438   ultimately show ?case by blast
1439 qed (auto)
1441 lemma plusinf_inf: assumes lp:"islin p"
1442   shows "\<exists>z. \<forall>x > z. Ifm vs (x#bs) (plusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
1443   using lp
1444 proof (induct p rule: plusinf.induct)
1445   case 1 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
1446 next
1447   case 2 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
1448 next
1449   case (3 c e) hence nbe: "tmbound0 e" by simp
1450   from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1451   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
1452   let ?c = "Ipoly vs c"
1453   let ?e = "Itm vs (y#bs) e"
1454   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1455   moreover {assume "?c = 0" hence ?case
1456       using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
1457   moreover {assume cp: "?c > 0"
1458     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
1459         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1460       hence "?c * x + ?e > 0" by simp
1461       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
1462         using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
1463   moreover {assume cp: "?c < 0"
1464     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
1465         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1466       hence "?c * x + ?e < 0" by simp
1467       hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
1468         using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
1469   ultimately show ?case by blast
1470 next
1471   case (4 c e) hence nbe: "tmbound0 e" by simp
1472   from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1473   note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
1474   let ?c = "Ipoly vs c"
1475   let ?e = "Itm vs (y#bs) e"
1476   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1477   moreover {assume "?c = 0" hence ?case using eqs by auto}
1478   moreover {assume cp: "?c > 0"
1479     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
1480         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1481       hence "?c * x + ?e > 0" by simp
1482       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
1483         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
1484   moreover {assume cp: "?c < 0"
1485     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
1486         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1487       hence "?c * x + ?e < 0" by simp
1488       hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
1489         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
1490   ultimately show ?case by blast
1491 next
1492   case (5 c e) hence nbe: "tmbound0 e" by simp
1493   from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1494   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
1495   note eqs = lt[OF nc(1), where ?'a = 'a] lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
1496   let ?c = "Ipoly vs c"
1497   let ?e = "Itm vs (y#bs) e"
1498   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1499   moreover {assume "?c = 0" hence ?case using eqs by auto}
1500   moreover {assume cp: "?c > 0"
1501     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
1502         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1503       hence "?c * x + ?e > 0" by simp
1504       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
1505         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1506   moreover {assume cp: "?c < 0"
1507     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
1508         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1509       hence "?c * x + ?e < 0" by simp
1510       hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
1511         using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
1512   ultimately show ?case by blast
1513 next
1514   case (6 c e)  hence nbe: "tmbound0 e" by simp
1515   from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
1516   hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
1517   note eqs = lt[OF nc(1), where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
1518   let ?c = "Ipoly vs c"
1519   let ?e = "Itm vs (y#bs) e"
1520   have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
1521   moreover {assume "?c = 0" hence ?case using eqs by auto}
1522   moreover {assume cp: "?c > 0"
1523     {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
1524         using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1525       hence "?c * x + ?e > 0" by simp
1526       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
1527         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1528   moreover {assume cp: "?c < 0"
1529     {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
1530         using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
1531       hence "?c * x + ?e < 0" by simp
1532       hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
1533         using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
1534   ultimately show ?case by blast
1535 qed (auto)
1537 lemma minusinf_nb: "islin p \<Longrightarrow> bound0 (minusinf p)"
1538   by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
1539 lemma plusinf_nb: "islin p \<Longrightarrow> bound0 (plusinf p)"
1540   by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
1542 lemma minusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (minusinf p)"
1543   shows "\<exists>x. Ifm vs (x#bs) p"
1544 proof-
1545   from bound0_I [OF minusinf_nb[OF lp], where b="a" and bs ="bs"] ex
1546   have th: "\<forall> x. Ifm vs (x#bs) (minusinf p)" by auto
1547   from minusinf_inf[OF lp, where bs="bs"]
1548   obtain z where z_def: "\<forall>x<z. Ifm vs (x # bs) (minusinf p) = Ifm vs (x # bs) p" by blast
1549   from th have "Ifm vs ((z - 1)#bs) (minusinf p)" by simp
1550   moreover have "z - 1 < z" by simp
1551   ultimately show ?thesis using z_def by auto
1552 qed
1554 lemma plusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (plusinf p)"
1555   shows "\<exists>x. Ifm vs (x#bs) p"
1556 proof-
1557   from bound0_I [OF plusinf_nb[OF lp], where b="a" and bs ="bs"] ex
1558   have th: "\<forall> x. Ifm vs (x#bs) (plusinf p)" by auto
1559   from plusinf_inf[OF lp, where bs="bs"]
1560   obtain z where z_def: "\<forall>x>z. Ifm vs (x # bs) (plusinf p) = Ifm vs (x # bs) p" by blast
1561   from th have "Ifm vs ((z + 1)#bs) (plusinf p)" by simp
1562   moreover have "z + 1 > z" by simp
1563   ultimately show ?thesis using z_def by auto
1564 qed
1566 fun uset :: "fm \<Rightarrow> (poly \<times> tm) list" where
1567   "uset (And p q) = uset p @ uset q"
1568 | "uset (Or p q) = uset p @ uset q"
1569 | "uset (Eq (CNP 0 a e))  = [(a,e)]"
1570 | "uset (Le (CNP 0 a e))  = [(a,e)]"
1571 | "uset (Lt (CNP 0 a e))  = [(a,e)]"
1572 | "uset (NEq (CNP 0 a e)) = [(a,e)]"
1573 | "uset p = []"
1575 lemma uset_l:
1576   assumes lp: "islin p"
1577   shows "\<forall> (c,s) \<in> set (uset p). isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
1578 using lp by(induct p rule: uset.induct,auto)
1580 lemma minusinf_uset0:
1581   assumes lp: "islin p"
1582   and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))"
1583   and ex: "Ifm vs (x#bs) p" (is "?I x p")
1584   shows "\<exists> (c,s) \<in> set (uset p). x \<ge> - Itm vs (x#bs) s / Ipoly vs c"
1585 proof-
1586   have "\<exists> (c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)"
1587     using lp nmi ex
1588     apply (induct p rule: minusinf.induct, auto simp add: eq le lt nth_pos2 polyneg_norm)
1589     apply (auto simp add: linorder_not_less order_le_less)
1590     done
1591   then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)" by blast
1592   hence "x \<ge> (- Itm vs (x#bs) s) / Ipoly vs c"
1593     using divide_le_eq[of "- Itm vs (x#bs) s" "Ipoly vs c" x]
1594     by (auto simp add: mult_commute del: divide_minus_left)
1595   thus ?thesis using csU by auto
1596 qed
1598 lemma minusinf_uset:
1599   assumes lp: "islin p"
1600   and nmi: "\<not> (Ifm vs (a#bs) (minusinf p))"
1601   and ex: "Ifm vs (x#bs) p" (is "?I x p")
1602   shows "\<exists> (c,s) \<in> set (uset p). x \<ge> - Itm vs (a#bs) s / Ipoly vs c"
1603 proof-
1604   from nmi have nmi': "\<not> (Ifm vs (x#bs) (minusinf p))"
1605     by (simp add: bound0_I[OF minusinf_nb[OF lp], where b=x and b'=a])
1606   from minusinf_uset0[OF lp nmi' ex]
1607   obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<ge> - Itm vs (x#bs) s / Ipoly vs c" by blast
1608   from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
1609   from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
1610 qed
1613 lemma plusinf_uset0:
1614   assumes lp: "islin p"
1615   and nmi: "\<not> (Ifm vs (x#bs) (plusinf p))"
1616   and ex: "Ifm vs (x#bs) p" (is "?I x p")
1617   shows "\<exists> (c,s) \<in> set (uset p). x \<le> - Itm vs (x#bs) s / Ipoly vs c"
1618 proof-
1619   have "\<exists> (c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)"
1620     using lp nmi ex
1621     apply (induct p rule: minusinf.induct, auto simp add: eq le lt nth_pos2 polyneg_norm)
1622     apply (auto simp add: linorder_not_less order_le_less)
1623     done
1624   then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)" by blast
1625   hence "x \<le> (- Itm vs (x#bs) s) / Ipoly vs c"
1626     using le_divide_eq[of x "- Itm vs (x#bs) s" "Ipoly vs c"]
1627     by (auto simp add: mult_commute del: divide_minus_left)
1628   thus ?thesis using csU by auto
1629 qed
1631 lemma plusinf_uset:
1632   assumes lp: "islin p"
1633   and nmi: "\<not> (Ifm vs (a#bs) (plusinf p))"
1634   and ex: "Ifm vs (x#bs) p" (is "?I x p")
1635   shows "\<exists> (c,s) \<in> set (uset p). x \<le> - Itm vs (a#bs) s / Ipoly vs c"
1636 proof-
1637   from nmi have nmi': "\<not> (Ifm vs (x#bs) (plusinf p))"
1638     by (simp add: bound0_I[OF plusinf_nb[OF lp], where b=x and b'=a])
1639   from plusinf_uset0[OF lp nmi' ex]
1640   obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<le> - Itm vs (x#bs) s / Ipoly vs c" by blast
1641   from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
1642   from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
1643 qed
1645 lemma lin_dense:
1646   assumes lp: "islin p"
1647   and noS: "\<forall> t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda> (c,t). - Itm vs (x#bs) t / Ipoly vs c) ` set (uset p)"
1648   (is "\<forall> t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda> (c,t). - ?Nt x t / ?N c) ` ?U p")
1649   and lx: "l < x" and xu:"x < u" and px:" Ifm vs (x#bs) p"
1650   and ly: "l < y" and yu: "y < u"
1651   shows "Ifm vs (y#bs) p"
1652 using lp px noS
1653 proof (induct p rule: islin.induct)
1654   case (5 c s)
1655   from "5.prems"
1656   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
1657     and px: "Ifm vs (x # bs) (Lt (CNP 0 c s))"
1658     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
1659   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
1660   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
1661   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
1662   moreover
1663   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
1664   moreover
1665   {assume c: "?N c > 0"
1666       from px pos_less_divide_eq[OF c, where a="x" and b="-?Nt x s"]
1667       have px': "x < - ?Nt x s / ?N c"
1668         by (auto simp add: not_less field_simps)
1669     {assume y: "y < - ?Nt x s / ?N c"
1670       hence "y * ?N c < - ?Nt x s"
1671         by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
1672       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
1673       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
1674     moreover
1675     {assume y: "y > -?Nt x s / ?N c"
1676       with yu have eu: "u > - ?Nt x s / ?N c" by auto
1677       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
1678       with lx px' have "False" by simp  hence ?case by simp }
1679     ultimately have ?case using ycs by blast
1680   }
1681   moreover
1682   {assume c: "?N c < 0"
1683       from px neg_divide_less_eq[OF c, where a="x" and b="-?Nt x s"]
1684       have px': "x > - ?Nt x s / ?N c"
1685         by (auto simp add: not_less field_simps)
1686     {assume y: "y > - ?Nt x s / ?N c"
1687       hence "y * ?N c < - ?Nt x s"
1688         by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
1689       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
1690       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
1691     moreover
1692     {assume y: "y < -?Nt x s / ?N c"
1693       with ly have eu: "l < - ?Nt x s / ?N c" by auto
1694       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
1695       with xu px' have "False" by simp  hence ?case by simp }
1696     ultimately have ?case using ycs by blast
1697   }
1698   ultimately show ?case by blast
1699 next
1700   case (6 c s)
1701   from "6.prems"
1702   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
1703     and px: "Ifm vs (x # bs) (Le (CNP 0 c s))"
1704     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
1705   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
1706   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
1707   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
1708   moreover
1709   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
1710   moreover
1711   {assume c: "?N c > 0"
1712       from px pos_le_divide_eq[OF c, where a="x" and b="-?Nt x s"]
1713       have px': "x <= - ?Nt x s / ?N c" by (simp add: not_less field_simps)
1714     {assume y: "y < - ?Nt x s / ?N c"
1715       hence "y * ?N c < - ?Nt x s"
1716         by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
1717       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
1718       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
1719     moreover
1720     {assume y: "y > -?Nt x s / ?N c"
1721       with yu have eu: "u > - ?Nt x s / ?N c" by auto
1722       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
1723       with lx px' have "False" by simp  hence ?case by simp }
1724     ultimately have ?case using ycs by blast
1725   }
1726   moreover
1727   {assume c: "?N c < 0"
1728       from px neg_divide_le_eq[OF c, where a="x" and b="-?Nt x s"]
1729       have px': "x >= - ?Nt x s / ?N c" by (simp add: field_simps)
1730     {assume y: "y > - ?Nt x s / ?N c"
1731       hence "y * ?N c < - ?Nt x s"
1732         by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
1733       hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
1734       hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
1735     moreover
1736     {assume y: "y < -?Nt x s / ?N c"
1737       with ly have eu: "l < - ?Nt x s / ?N c" by auto
1738       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
1739       with xu px' have "False" by simp  hence ?case by simp }
1740     ultimately have ?case using ycs by blast
1741   }
1742   ultimately show ?case by blast
1743 next
1744     case (3 c s)
1745   from "3.prems"
1746   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
1747     and px: "Ifm vs (x # bs) (Eq (CNP 0 c s))"
1748     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
1749   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
1750   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
1751   have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
1752   moreover
1753   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
1754   moreover
1755   {assume c: "?N c > 0" hence cnz: "?N c \<noteq> 0" by simp
1756     from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
1757     have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
1758     {assume y: "y < -?Nt x s / ?N c"
1759       with ly have eu: "l < - ?Nt x s / ?N c" by auto
1760       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
1761       with xu px' have "False" by simp  hence ?case by simp }
1762     moreover
1763     {assume y: "y > -?Nt x s / ?N c"
1764       with yu have eu: "u > - ?Nt x s / ?N c" by auto
1765       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
1766       with lx px' have "False" by simp  hence ?case by simp }
1767     ultimately have ?case using ycs by blast
1768   }
1769   moreover
1770   {assume c: "?N c < 0" hence cnz: "?N c \<noteq> 0" by simp
1771     from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
1772     have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
1773     {assume y: "y < -?Nt x s / ?N c"
1774       with ly have eu: "l < - ?Nt x s / ?N c" by auto
1775       with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
1776       with xu px' have "False" by simp  hence ?case by simp }
1777     moreover
1778     {assume y: "y > -?Nt x s / ?N c"
1779       with yu have eu: "u > - ?Nt x s / ?N c" by auto
1780       with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
1781       with lx px' have "False" by simp  hence ?case by simp }
1782     ultimately have ?case using ycs by blast
1783   }
1784   ultimately show ?case by blast
1785 next
1786     case (4 c s)
1787   from "4.prems"
1788   have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
1789     and px: "Ifm vs (x # bs) (NEq (CNP 0 c s))"
1790     and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
1791   from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
1792   hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
1793   have ccs: "?N c = 0 \<or> ?N c \<noteq> 0" by dlo
1794   moreover
1795   {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
1796   moreover
1797   {assume c: "?N c \<noteq> 0"
1798     from yne c eq_divide_eq[of "y" "- ?Nt x s" "?N c"] have ?case
1799       by (simp add: field_simps tmbound0_I[OF lin(3), of vs x bs y] sum_eq[symmetric]) }
1800   ultimately show ?case by blast
1801 qed (auto simp add: nth_pos2 tmbound0_I[where vs=vs and bs="bs" and b="y" and b'="x"] bound0_I[where vs=vs and bs="bs" and b="y" and b'="x"])
1803 lemma one_plus_one_pos[simp]: "(1::'a::{linordered_field}) + 1 > 0"
1804 proof-
1805   have op: "(1::'a) > 0" by simp
1806   from add_pos_pos[OF op op] show ?thesis .
1807 qed
1809 lemma one_plus_one_nonzero[simp]: "(1::'a::{linordered_field}) + 1 \<noteq> 0"
1810   using one_plus_one_pos[where ?'a = 'a] by (simp add: less_le)
1812 lemma half_sum_eq: "(u + u) / (1+1) = (u::'a::{linordered_field})"
1813 proof-
1814   have "(u + u) = (1 + 1) * u" by (simp add: field_simps)
1815   hence "(u + u) / (1+1) = (1 + 1)*u / (1 + 1)" by simp
1816   with nonzero_mult_divide_cancel_left[OF one_plus_one_nonzero, of u] show ?thesis by simp
1817 qed
1819 lemma inf_uset:
1820   assumes lp: "islin p"
1821   and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))" (is "\<not> (Ifm vs (x#bs) (?M p))")
1822   and npi: "\<not> (Ifm vs (x#bs) (plusinf p))" (is "\<not> (Ifm vs (x#bs) (?P p))")
1823   and ex: "\<exists> x.  Ifm vs (x#bs) p" (is "\<exists> x. ?I x p")
1824   shows "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). ?I ((- Itm vs (x#bs) t / Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / (1 + 1)) p"
1825 proof-
1826   let ?Nt = "\<lambda> x t. Itm vs (x#bs) t"
1827   let ?N = "Ipoly vs"
1828   let ?U = "set (uset p)"
1829   from ex obtain a where pa: "?I a p" by blast
1830   from bound0_I[OF minusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] nmi
1831   have nmi': "\<not> (?I a (?M p))" by simp
1832   from bound0_I[OF plusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] npi
1833   have npi': "\<not> (?I a (?P p))" by simp
1834   have "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). ?I ((- ?Nt a t/?N c + - ?Nt a s /?N d) / (1 + 1)) p"
1835   proof-
1836     let ?M = "(\<lambda> (c,t). - ?Nt a t / ?N c) ` ?U"
1837     have fM: "finite ?M" by auto
1838     from minusinf_uset[OF lp nmi pa] plusinf_uset[OF lp npi pa]
1839     have "\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). a \<le> - ?Nt x t / ?N c \<and> a \<ge> - ?Nt x s / ?N d" by blast
1840     then obtain "c" "t" "d" "s" where
1841       ctU: "(c,t) \<in> ?U" and dsU: "(d,s) \<in> ?U"
1842       and xs1: "a \<le> - ?Nt x s / ?N d" and tx1: "a \<ge> - ?Nt x t / ?N c" by blast
1843     from uset_l[OF lp] ctU dsU tmbound0_I[where bs="bs" and b="x" and b'="a"] xs1 tx1
1844     have xs: "a \<le> - ?Nt a s / ?N d" and tx: "a \<ge> - ?Nt a t / ?N c" by auto
1845     from ctU have Mne: "?M \<noteq> {}" by auto
1846     hence Une: "?U \<noteq> {}" by simp
1847     let ?l = "Min ?M"
1848     let ?u = "Max ?M"
1849     have linM: "?l \<in> ?M" using fM Mne by simp
1850     have uinM: "?u \<in> ?M" using fM Mne by simp
1851     have ctM: "- ?Nt a t / ?N c \<in> ?M" using ctU by auto
1852     have dsM: "- ?Nt a s / ?N d \<in> ?M" using dsU by auto
1853     have lM: "\<forall> t\<in> ?M. ?l \<le> t" using Mne fM by auto
1854     have Mu: "\<forall> t\<in> ?M. t \<le> ?u" using Mne fM by auto
1855     have "?l \<le> - ?Nt a t / ?N c" using ctM Mne by simp hence lx: "?l \<le> a" using tx by simp
1856     have "- ?Nt a s / ?N d \<le> ?u" using dsM Mne by simp hence xu: "a \<le> ?u" using xs by simp
1857     from finite_set_intervals2[where P="\<lambda> x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
1858     have "(\<exists> s\<in> ?M. ?I s p) \<or>
1859       (\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p)" .
1860     moreover {fix u assume um: "u\<in> ?M" and pu: "?I u p"
1861       hence "\<exists> (nu,tu) \<in> ?U. u = - ?Nt a tu / ?N nu" by auto
1862       then obtain "tu" "nu" where tuU: "(nu,tu) \<in> ?U" and tuu:"u= - ?Nt a tu / ?N nu" by blast
1863       from half_sum_eq[of u] pu tuu
1864       have "?I (((- ?Nt a tu / ?N nu) + (- ?Nt a tu / ?N nu)) / (1 + 1)) p" by simp
1865       with tuU have ?thesis by blast}
1866     moreover{
1867       assume "\<exists> t1\<in> ?M. \<exists> t2 \<in> ?M. (\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p"
1868       then obtain t1 and t2 where t1M: "t1 \<in> ?M" and t2M: "t2\<in> ?M"
1869         and noM: "\<forall> y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M" and t1x: "t1 < a" and xt2: "a < t2" and px: "?I a p"
1870         by blast
1871       from t1M have "\<exists> (t1n,t1u) \<in> ?U. t1 = - ?Nt a t1u / ?N t1n" by auto
1872       then obtain "t1u" "t1n" where t1uU: "(t1n,t1u) \<in> ?U" and t1u: "t1 = - ?Nt a t1u / ?N t1n" by blast
1873       from t2M have "\<exists> (t2n,t2u) \<in> ?U. t2 = - ?Nt a t2u / ?N t2n" by auto
1874       then obtain "t2u" "t2n" where t2uU: "(t2n,t2u) \<in> ?U" and t2u: "t2 = - ?Nt a t2u / ?N t2n" by blast
1875       from t1x xt2 have t1t2: "t1 < t2" by simp
1876       let ?u = "(t1 + t2) / (1 + 1)"
1877       from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2" by auto
1878       from lin_dense[OF lp noM t1x xt2 px t1lu ut2] have "?I ?u p" .
1879       with t1uU t2uU t1u t2u have ?thesis by blast}
1880     ultimately show ?thesis by blast
1881   qed
1882   then obtain "l" "n" "s"  "m" where lnU: "(n,l) \<in> ?U" and smU:"(m,s) \<in> ?U"
1883     and pu: "?I ((- ?Nt a l / ?N n + - ?Nt a s / ?N m) / (1 + 1)) p" by blast
1884   from lnU smU uset_l[OF lp] have nbl: "tmbound0 l" and nbs: "tmbound0 s" by auto
1885   from tmbound0_I[OF nbl, where bs="bs" and b="a" and b'="x"]
1886     tmbound0_I[OF nbs, where bs="bs" and b="a" and b'="x"] pu
1887   have "?I ((- ?Nt x l / ?N n + - ?Nt x s / ?N m) / (1 + 1)) p" by simp
1888   with lnU smU
1889   show ?thesis by auto
1890 qed
1892     (* The Ferrante - Rackoff Theorem *)
1894 theorem fr_eq:
1895   assumes lp: "islin p"
1896   shows "(\<exists> x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists> (n,t) \<in> set (uset p). \<exists> (m,s) \<in> set (uset p). Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) /(1 + 1))#bs) p))"
1897   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
1898 proof
1899   assume px: "\<exists> x. ?I x p"
1900   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
1901   moreover {assume "?M \<or> ?P" hence "?D" by blast}
1902   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
1903     from inf_uset[OF lp nmi npi] have "?F" using px by blast hence "?D" by blast}
1904   ultimately show "?D" by blast
1905 next
1906   assume "?D"
1907   moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
1908   moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
1909   moreover {assume f:"?F" hence "?E" by blast}
1910   ultimately show "?E" by blast
1911 qed
1913 section{* First implementation : Naive by encoding all case splits locally *}
1914 definition "msubsteq c t d s a r =
1915   evaldjf (split conj)
1916   [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
1917    (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
1918    (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
1919    (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]"
1921 lemma msubsteq_nb: assumes lp: "islin (Eq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
1922   shows "bound0 (msubsteq c t d s a r)"
1923 proof-
1924   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
1925    (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
1926    (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
1927    (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]. bound0 (split conj x)"
1928     using lp by (simp add: Let_def t s )
1929   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubsteq_def)
1930 qed
1932 lemma msubsteq: assumes lp: "islin (Eq (CNP 0 a r))"
1933   shows "Ifm vs (x#bs) (msubsteq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /(1 + 1))#bs) (Eq (CNP 0 a r))" (is "?lhs = ?rhs")
1934 proof-
1935   let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
1936   let ?N = "\<lambda>p. Ipoly vs p"
1937   let ?c = "?N c"
1938   let ?d = "?N d"
1939   let ?t = "?Nt x t"
1940   let ?s = "?Nt x s"
1941   let ?a = "?N a"
1942   let ?r = "?Nt x r"
1943   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
1944   note r= tmbound0_I[OF lin(3), of vs _ bs x]
1945   have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
1946   moreover
1947   {assume c: "?c = 0" and d: "?d=0"
1948     hence ?thesis  by (simp add: r[of 0] msubsteq_def Let_def evaldjf_ex)}
1949   moreover
1950   {assume c: "?c = 0" and d: "?d\<noteq>0"
1951     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = -?s / ((1 + 1)*?d)" by simp
1952     have "?rhs = Ifm vs (-?s / ((1 + 1)*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
1953     also have "\<dots> \<longleftrightarrow> ?a * (-?s / ((1 + 1)*?d)) + ?r = 0" by (simp add: r[of "- (Itm vs (x # bs) s / ((1 + 1) * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
1954     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a * (-?s / ((1 + 1)*?d)) + ?r) = 0"
1955       using d mult_cancel_left[of "(1 + 1)*?d" "(?a * (-?s / ((1 + 1)*?d)) + ?r)" 0] by simp
1956     also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * ((1 + 1)*?d / ((1 + 1)*?d)) + (1 + 1)*?d*?r= 0"
1957       by (simp add: field_simps right_distrib[of "(1 + 1)*?d"] del: right_distrib)
1959     also have "\<dots> \<longleftrightarrow> - (?a * ?s) + (1 + 1)*?d*?r = 0" using d by simp
1960     finally have ?thesis using c d
1961       apply (simp add: r[of "- (Itm vs (x # bs) s / ((1 + 1) * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubsteq_def Let_def evaldjf_ex del: one_add_one_is_two)
1963       apply simp
1964       done}
1965   moreover
1966   {assume c: "?c \<noteq> 0" and d: "?d=0"
1967     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = -?t / ((1 + 1)*?c)" by simp
1968     have "?rhs = Ifm vs (-?t / ((1 + 1)*?c) # bs) (Eq (CNP 0 a r))" by (simp only: th)
1969     also have "\<dots> \<longleftrightarrow> ?a * (-?t / ((1 + 1)*?c)) + ?r = 0" by (simp add: r[of "- (?t/ ((1 + 1)* ?c))"])
1970     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a * (-?t / ((1 + 1)*?c)) + ?r) = 0"
1971       using c mult_cancel_left[of "(1 + 1)*?c" "(?a * (-?t / ((1 + 1)*?c)) + ?r)" 0] by simp
1972     also have "\<dots> \<longleftrightarrow> (?a * -?t)* ((1 + 1)*?c) / ((1 + 1)*?c) + (1 + 1)*?c*?r= 0"
1973       by (simp add: field_simps right_distrib[of "(1 + 1)*?c"] del: right_distrib)
1974     also have "\<dots> \<longleftrightarrow> - (?a * ?t) + (1 + 1)*?c*?r = 0" using c by simp
1975     finally have ?thesis using c d
1976       apply (simp add: r[of "- (?t/ ((1 + 1)*?c))"] msubsteq_def Let_def evaldjf_ex del: one_add_one_is_two)
1978       apply simp
1979       done }
1980   moreover
1981   {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *(1 + 1) \<noteq> 0" by simp
1982     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
1983     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
1985     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
1986     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r = 0"
1987       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
1988     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) =0 "
1989       using c d mult_cancel_left[of "(1 + 1) * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r" 0] by simp
1990     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + (1 + 1)*?c*?d*?r =0"
1991       using nonzero_mult_divide_cancel_left [OF dc] c d
1992       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
1993     finally  have ?thesis using c d
1994       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubsteq_def Let_def evaldjf_ex field_simps)
1997       done }
1998   ultimately show ?thesis by blast
1999 qed
2002 definition "msubstneq c t d s a r =
2003   evaldjf (split conj)
2004   [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2005    (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2006    (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2007    (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]"
2009 lemma msubstneq_nb: assumes lp: "islin (NEq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
2010   shows "bound0 (msubstneq c t d s a r)"
2011 proof-
2012   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2013     (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2014     (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2015     (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]. bound0 (split conj x)"
2016     using lp by (simp add: Let_def t s )
2017   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstneq_def)
2018 qed
2020 lemma msubstneq: assumes lp: "islin (Eq (CNP 0 a r))"
2021   shows "Ifm vs (x#bs) (msubstneq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /(1 + 1))#bs) (NEq (CNP 0 a r))" (is "?lhs = ?rhs")
2022 proof-
2023   let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
2024   let ?N = "\<lambda>p. Ipoly vs p"
2025   let ?c = "?N c"
2026   let ?d = "?N d"
2027   let ?t = "?Nt x t"
2028   let ?s = "?Nt x s"
2029   let ?a = "?N a"
2030   let ?r = "?Nt x r"
2031   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
2032   note r= tmbound0_I[OF lin(3), of vs _ bs x]
2033   have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
2034   moreover
2035   {assume c: "?c = 0" and d: "?d=0"
2036     hence ?thesis  by (simp add: r[of 0] msubstneq_def Let_def evaldjf_ex)}
2037   moreover
2038   {assume c: "?c = 0" and d: "?d\<noteq>0"
2039     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = -?s / ((1 + 1)*?d)" by simp
2040     have "?rhs = Ifm vs (-?s / ((1 + 1)*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
2041     also have "\<dots> \<longleftrightarrow> ?a * (-?s / ((1 + 1)*?d)) + ?r \<noteq> 0" by (simp add: r[of "- (Itm vs (x # bs) s / ((1 + 1) * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
2042     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a * (-?s / ((1 + 1)*?d)) + ?r) \<noteq> 0"
2043       using d mult_cancel_left[of "(1 + 1)*?d" "(?a * (-?s / ((1 + 1)*?d)) + ?r)" 0] by simp
2044     also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * ((1 + 1)*?d / ((1 + 1)*?d)) + (1 + 1)*?d*?r\<noteq> 0"
2045       by (simp add: field_simps right_distrib[of "(1 + 1)*?d"] del: right_distrib)
2047     also have "\<dots> \<longleftrightarrow> - (?a * ?s) + (1 + 1)*?d*?r \<noteq> 0" using d by simp
2048     finally have ?thesis using c d
2049       apply (simp add: r[of "- (Itm vs (x # bs) s / ((1 + 1) * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubstneq_def Let_def evaldjf_ex del: one_add_one_is_two)
2051       apply simp
2052       done}
2053   moreover
2054   {assume c: "?c \<noteq> 0" and d: "?d=0"
2055     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = -?t / ((1 + 1)*?c)" by simp
2056     have "?rhs = Ifm vs (-?t / ((1 + 1)*?c) # bs) (NEq (CNP 0 a r))" by (simp only: th)
2057     also have "\<dots> \<longleftrightarrow> ?a * (-?t / ((1 + 1)*?c)) + ?r \<noteq> 0" by (simp add: r[of "- (?t/ ((1 + 1)* ?c))"])
2058     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a * (-?t / ((1 + 1)*?c)) + ?r) \<noteq> 0"
2059       using c mult_cancel_left[of "(1 + 1)*?c" "(?a * (-?t / ((1 + 1)*?c)) + ?r)" 0] by simp
2060     also have "\<dots> \<longleftrightarrow> (?a * -?t)* ((1 + 1)*?c) / ((1 + 1)*?c) + (1 + 1)*?c*?r \<noteq> 0"
2061       by (simp add: field_simps right_distrib[of "(1 + 1)*?c"] del: right_distrib)
2062     also have "\<dots> \<longleftrightarrow> - (?a * ?t) + (1 + 1)*?c*?r \<noteq> 0" using c by simp
2063     finally have ?thesis using c d
2064       apply (simp add: r[of "- (?t/ ((1 + 1)*?c))"] msubstneq_def Let_def evaldjf_ex del: one_add_one_is_two)
2066       apply simp
2067       done }
2068   moreover
2069   {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *(1 + 1) \<noteq> 0" by simp
2070     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
2071     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
2073     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
2074     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r \<noteq> 0"
2075       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
2076     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) \<noteq> 0 "
2077       using c d mult_cancel_left[of "(1 + 1) * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r" 0] by simp
2078     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + (1 + 1)*?c*?d*?r \<noteq> 0"
2079       using nonzero_mult_divide_cancel_left[OF dc] c d
2080       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
2081     finally  have ?thesis using c d
2082       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubstneq_def Let_def evaldjf_ex field_simps)
2085       done }
2086   ultimately show ?thesis by blast
2087 qed
2089 definition "msubstlt c t d s a r =
2090   evaldjf (split conj)
2091   [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2092   (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2093    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2094    (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2095    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2096    (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2097    (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]"
2099 lemma msubstlt_nb: assumes lp: "islin (Lt (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
2100   shows "bound0 (msubstlt c t d s a r)"
2101 proof-
2102   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2103   (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2104    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2105    (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2106    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2107    (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2108    (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]. bound0 (split conj x)"
2109     using lp by (simp add: Let_def t s lt_nb )
2110   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstlt_def)
2111 qed
2114 lemma msubstlt: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Lt (CNP 0 a r))"
2115   shows "Ifm vs (x#bs) (msubstlt c t d s a r) \<longleftrightarrow>
2116   Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /(1 + 1))#bs) (Lt (CNP 0 a r))" (is "?lhs = ?rhs")
2117 proof-
2118   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
2119   let ?N = "\<lambda>p. Ipoly vs p"
2120   let ?c = "?N c"
2121   let ?d = "?N d"
2122   let ?t = "?Nt x t"
2123   let ?s = "?Nt x s"
2124   let ?a = "?N a"
2125   let ?r = "?Nt x r"
2126   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
2127   note r= tmbound0_I[OF lin(3), of vs _ bs x]
2128   have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
2129   moreover
2130   {assume c: "?c=0" and d: "?d=0"
2131     hence ?thesis  using nc nd by (simp add: polyneg_norm lt r[of 0] msubstlt_def Let_def evaldjf_ex)}
2132   moreover
2133   {assume dc: "?c*?d > 0"
2134     from mult_pos_pos[OF one_plus_one_pos dc] have dc': "(1 + 1)*?c *?d > 0" by simp
2135     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
2136     from dc' have dc'': "\<not> (1 + 1)*?c *?d < 0" by simp
2137     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
2138     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
2140     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2141     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r < 0"
2142       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
2143     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) < 0"
2145       using dc' dc'' mult_less_cancel_left_disj[of "(1 + 1) * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r" 0] by simp
2146     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + (1 + 1)*?c*?d*?r < 0"
2147       using nonzero_mult_divide_cancel_left[of "(1 + 1)*?c*?d"] c d
2148       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
2149     finally  have ?thesis using dc c d  nc nd dc'
2150       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2152     by (simp add: field_simps order_less_not_sym[OF dc])}
2153   moreover
2154   {assume dc: "?c*?d < 0"
2156     from dc one_plus_one_pos[where ?'a='a] have dc': "(1 + 1)*?c *?d < 0"
2157       by (simp add: mult_less_0_iff field_simps)
2158     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
2159     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
2160     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
2162     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2163     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r < 0"
2164       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
2166     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) > 0"
2168       using dc' order_less_not_sym[OF dc'] mult_less_cancel_left_disj[of "(1 + 1) * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r"] by simp
2169     also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - (1 + 1)*?c*?d*?r < 0"
2170       using nonzero_mult_divide_cancel_left[of "(1 + 1)*?c*?d"] c d
2171       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
2172     finally  have ?thesis using dc c d  nc nd
2173       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2175       by (simp add: field_simps order_less_not_sym[OF dc]) }
2176   moreover
2177   {assume c: "?c > 0" and d: "?d=0"
2178     from c have c'': "(1 + 1)*?c > 0" by (simp add: zero_less_mult_iff)
2179     from c have c': "(1 + 1)*?c \<noteq> 0" by simp
2180     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?t / ((1 + 1)*?c)"  by (simp add: field_simps)
2181     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / ((1 + 1)*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2182     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / ((1 + 1)*?c))+ ?r < 0" by (simp add: r[of "- (?t / ((1 + 1)*?c))"])
2183     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a* (- ?t / ((1 + 1)*?c))+ ?r) < 0"
2184       using c mult_less_cancel_left_disj[of "(1 + 1) * ?c" "?a* (- ?t / ((1 + 1)*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
2185     also have "\<dots> \<longleftrightarrow> - ?a*?t+  (1 + 1)*?c *?r < 0"
2186       using nonzero_mult_divide_cancel_left[OF c'] c
2187       by (simp add: algebra_simps diff_divide_distrib less_le del: left_distrib)
2188     finally have ?thesis using c d nc nd
2189       apply(simp add: r[of "- (?t / ((1 + 1)*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2191       using c order_less_not_sym[OF c] less_imp_neq[OF c]
2192       by (simp add: field_simps )  }
2193   moreover
2194   {assume c: "?c < 0" and d: "?d=0"  hence c': "(1 + 1)*?c \<noteq> 0" by simp
2195     from c have c'': "(1 + 1)*?c < 0" by (simp add: mult_less_0_iff)
2196     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?t / ((1 + 1)*?c)"  by (simp add: field_simps)
2197     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / ((1 + 1)*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2198     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / ((1 + 1)*?c))+ ?r < 0" by (simp add: r[of "- (?t / ((1 + 1)*?c))"])
2199     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a* (- ?t / ((1 + 1)*?c))+ ?r) > 0"
2200       using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_less_cancel_left_disj[of "(1 + 1) * ?c" 0 "?a* (- ?t / ((1 + 1)*?c))+ ?r"] by simp
2201     also have "\<dots> \<longleftrightarrow> ?a*?t -  (1 + 1)*?c *?r < 0"
2202       using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
2203         by (simp add: algebra_simps diff_divide_distrib del:  left_distrib)
2204     finally have ?thesis using c d nc nd
2205       apply(simp add: r[of "- (?t / ((1 + 1)*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2207       using c order_less_not_sym[OF c] less_imp_neq[OF c]
2208       by (simp add: field_simps )    }
2209   moreover
2210   moreover
2211   {assume c: "?c = 0" and d: "?d>0"
2212     from d have d'': "(1 + 1)*?d > 0" by (simp add: zero_less_mult_iff)
2213     from d have d': "(1 + 1)*?d \<noteq> 0" by simp
2214     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?s / ((1 + 1)*?d)"  by (simp add: field_simps)
2215     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / ((1 + 1)*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2216     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / ((1 + 1)*?d))+ ?r < 0" by (simp add: r[of "- (?s / ((1 + 1)*?d))"])
2217     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a* (- ?s / ((1 + 1)*?d))+ ?r) < 0"
2218       using d mult_less_cancel_left_disj[of "(1 + 1) * ?d" "?a* (- ?s / ((1 + 1)*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
2219     also have "\<dots> \<longleftrightarrow> - ?a*?s+  (1 + 1)*?d *?r < 0"
2220       using nonzero_mult_divide_cancel_left[OF d'] d
2221       by (simp add: algebra_simps diff_divide_distrib less_le del: left_distrib)
2222     finally have ?thesis using c d nc nd
2223       apply(simp add: r[of "- (?s / ((1 + 1)*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2225       using d order_less_not_sym[OF d] less_imp_neq[OF d]
2226       by (simp add: field_simps)  }
2227   moreover
2228   {assume c: "?c = 0" and d: "?d<0"  hence d': "(1 + 1)*?d \<noteq> 0" by simp
2229     from d have d'': "(1 + 1)*?d < 0" by (simp add: mult_less_0_iff)
2230     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?s / ((1 + 1)*?d)"  by (simp add: field_simps)
2231     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / ((1 + 1)*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
2232     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / ((1 + 1)*?d))+ ?r < 0" by (simp add: r[of "- (?s / ((1 + 1)*?d))"])
2233     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a* (- ?s / ((1 + 1)*?d))+ ?r) > 0"
2234       using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_less_cancel_left_disj[of "(1 + 1) * ?d" 0 "?a* (- ?s / ((1 + 1)*?d))+ ?r"] by simp
2235     also have "\<dots> \<longleftrightarrow> ?a*?s -  (1 + 1)*?d *?r < 0"
2236       using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
2237         by (simp add: algebra_simps diff_divide_distrib del:  left_distrib)
2238     finally have ?thesis using c d nc nd
2239       apply(simp add: r[of "- (?s / ((1 + 1)*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2241       using d order_less_not_sym[OF d] less_imp_neq[OF d]
2242       by (simp add: field_simps )    }
2243 ultimately show ?thesis by blast
2244 qed
2246 definition "msubstle c t d s a r =
2247   evaldjf (split conj)
2248   [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2249   (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2250    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2251    (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2252    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2253    (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2254    (conj (Eq (CP c)) (Eq (CP d)) , Le r)]"
2256 lemma msubstle_nb: assumes lp: "islin (Le (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
2257   shows "bound0 (msubstle c t d s a r)"
2258 proof-
2259   have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2260   (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul (2\<^sub>p *\<^sub>p cd) r)))),
2261    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2262    (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul (2\<^sub>p *\<^sub>p c) r))),
2263    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2264    (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul (2\<^sub>p *\<^sub>p d) r))),
2265    (conj (Eq (CP c)) (Eq (CP d)) , Le r)]. bound0 (split conj x)"
2266     using lp by (simp add: Let_def t s lt_nb )
2267   from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstle_def)
2268 qed
2270 lemma msubstle: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Le (CNP 0 a r))"
2271   shows "Ifm vs (x#bs) (msubstle c t d s a r) \<longleftrightarrow>
2272   Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /(1 + 1))#bs) (Le (CNP 0 a r))" (is "?lhs = ?rhs")
2273 proof-
2274   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
2275   let ?N = "\<lambda>p. Ipoly vs p"
2276   let ?c = "?N c"
2277   let ?d = "?N d"
2278   let ?t = "?Nt x t"
2279   let ?s = "?Nt x s"
2280   let ?a = "?N a"
2281   let ?r = "?Nt x r"
2282   from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
2283   note r= tmbound0_I[OF lin(3), of vs _ bs x]
2284   have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
2285   moreover
2286   {assume c: "?c=0" and d: "?d=0"
2287     hence ?thesis  using nc nd by (simp add: polyneg_norm polymul_norm lt r[of 0] msubstle_def Let_def evaldjf_ex)}
2288   moreover
2289   {assume dc: "?c*?d > 0"
2290     from mult_pos_pos[OF one_plus_one_pos dc] have dc': "(1 + 1)*?c *?d > 0" by simp
2291     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
2292     from dc' have dc'': "\<not> (1 + 1)*?c *?d < 0" by simp
2293     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
2294     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
2296     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
2297     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r <= 0"
2298       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
2299     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) <= 0"
2301       using dc' dc'' mult_le_cancel_left[of "(1 + 1) * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r" 0] by simp
2302     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + (1 + 1)*?c*?d*?r <= 0"
2303       using nonzero_mult_divide_cancel_left[of "(1 + 1)*?c*?d"] c d
2304       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
2305     finally  have ?thesis using dc c d  nc nd dc'
2306       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2308     by (simp add: field_simps order_less_not_sym[OF dc])}
2309   moreover
2310   {assume dc: "?c*?d < 0"
2312     from dc one_plus_one_pos[where ?'a='a] have dc': "(1 + 1)*?c *?d < 0"
2314     hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
2315     from add_frac_eq[OF c d, of "- ?t" "- ?s"]
2316     have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)"
2318     have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
2319     also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r <= 0"
2320       by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"])
2322     also have "\<dots> \<longleftrightarrow> ((1 + 1) * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ ((1 + 1)*?c*?d)) + ?r) >= 0"
2324       using dc' order_less_not_sym[OF dc'] mult_le_cancel_left[of "(1 + 1) * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ ((1 + 1)*?c*?d)) + ?r"] by simp
2325     also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - (1 + 1)*?c*?d*?r <= 0"
2326       using nonzero_mult_divide_cancel_left[of "(1 + 1)*?c*?d"] c d
2327       by (simp add: algebra_simps diff_divide_distrib del: left_distrib)
2328     finally  have ?thesis using dc c d  nc nd
2329       apply (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / ((1 + 1) * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2331       by (simp add: field_simps order_less_not_sym[OF dc]) }
2332   moreover
2333   {assume c: "?c > 0" and d: "?d=0"
2334     from c have c'': "(1 + 1)*?c > 0" by (simp add: zero_less_mult_iff)
2335     from c have c': "(1 + 1)*?c \<noteq> 0" by simp
2336     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?t / ((1 + 1)*?c)"  by (simp add: field_simps)
2337     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / ((1 + 1)*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
2338     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / ((1 + 1)*?c))+ ?r <= 0" by (simp add: r[of "- (?t / ((1 + 1)*?c))"])
2339     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a* (- ?t / ((1 + 1)*?c))+ ?r) <= 0"
2340       using c mult_le_cancel_left[of "(1 + 1) * ?c" "?a* (- ?t / ((1 + 1)*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
2341     also have "\<dots> \<longleftrightarrow> - ?a*?t+  (1 + 1)*?c *?r <= 0"
2342       using nonzero_mult_divide_cancel_left[OF c'] c
2343       by (simp add: algebra_simps diff_divide_distrib less_le del: left_distrib)
2344     finally have ?thesis using c d nc nd
2345       apply(simp add: r[of "- (?t / ((1 + 1)*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2347       using c order_less_not_sym[OF c] less_imp_neq[OF c]
2348       by (simp add: field_simps )  }
2349   moreover
2350   {assume c: "?c < 0" and d: "?d=0"  hence c': "(1 + 1)*?c \<noteq> 0" by simp
2351     from c have c'': "(1 + 1)*?c < 0" by (simp add: mult_less_0_iff)
2352     from d have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?t / ((1 + 1)*?c)"  by (simp add: field_simps)
2353     have "?rhs \<longleftrightarrow> Ifm vs (- ?t / ((1 + 1)*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
2354     also have "\<dots> \<longleftrightarrow> ?a* (- ?t / ((1 + 1)*?c))+ ?r <= 0" by (simp add: r[of "- (?t / ((1 + 1)*?c))"])
2355     also have "\<dots> \<longleftrightarrow> (1 + 1)*?c * (?a* (- ?t / ((1 + 1)*?c))+ ?r) >= 0"
2356       using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_le_cancel_left[of "(1 + 1) * ?c" 0 "?a* (- ?t / ((1 + 1)*?c))+ ?r"] by simp
2357     also have "\<dots> \<longleftrightarrow> ?a*?t -  (1 + 1)*?c *?r <= 0"
2358       using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
2359         by (simp add: algebra_simps diff_divide_distrib del:  left_distrib)
2360     finally have ?thesis using c d nc nd
2361       apply(simp add: r[of "- (?t / ((1 + 1)*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2363       using c order_less_not_sym[OF c] less_imp_neq[OF c]
2364       by (simp add: field_simps )    }
2365   moreover
2366   moreover
2367   {assume c: "?c = 0" and d: "?d>0"
2368     from d have d'': "(1 + 1)*?d > 0" by (simp add: zero_less_mult_iff)
2369     from d have d': "(1 + 1)*?d \<noteq> 0" by simp
2370     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?s / ((1 + 1)*?d)"  by (simp add: field_simps)
2371     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / ((1 + 1)*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
2372     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / ((1 + 1)*?d))+ ?r <= 0" by (simp add: r[of "- (?s / ((1 + 1)*?d))"])
2373     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a* (- ?s / ((1 + 1)*?d))+ ?r) <= 0"
2374       using d mult_le_cancel_left[of "(1 + 1) * ?d" "?a* (- ?s / ((1 + 1)*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
2375     also have "\<dots> \<longleftrightarrow> - ?a*?s+  (1 + 1)*?d *?r <= 0"
2376       using nonzero_mult_divide_cancel_left[OF d'] d
2377       by (simp add: algebra_simps diff_divide_distrib less_le del: left_distrib)
2378     finally have ?thesis using c d nc nd
2379       apply(simp add: r[of "- (?s / ((1 + 1)*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2381       using d order_less_not_sym[OF d] less_imp_neq[OF d]
2382       by (simp add: field_simps )  }
2383   moreover
2384   {assume c: "?c = 0" and d: "?d<0"  hence d': "(1 + 1)*?d \<noteq> 0" by simp
2385     from d have d'': "(1 + 1)*?d < 0" by (simp add: mult_less_0_iff)
2386     from c have th: "(- ?t / ?c + - ?s / ?d)/(1 + 1) = - ?s / ((1 + 1)*?d)"  by (simp add: field_simps)
2387     have "?rhs \<longleftrightarrow> Ifm vs (- ?s / ((1 + 1)*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
2388     also have "\<dots> \<longleftrightarrow> ?a* (- ?s / ((1 + 1)*?d))+ ?r <= 0" by (simp add: r[of "- (?s / ((1 + 1)*?d))"])
2389     also have "\<dots> \<longleftrightarrow> (1 + 1)*?d * (?a* (- ?s / ((1 + 1)*?d))+ ?r) >= 0"
2390       using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_le_cancel_left[of "(1 + 1) * ?d" 0 "?a* (- ?s / ((1 + 1)*?d))+ ?r"] by simp
2391     also have "\<dots> \<longleftrightarrow> ?a*?s -  (1 + 1)*?d *?r <= 0"
2392       using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
2393         by (simp add: algebra_simps diff_divide_distrib del:  left_distrib)
2394     finally have ?thesis using c d nc nd
2395       apply(simp add: r[of "- (?s / ((1 + 1)*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
2397       using d order_less_not_sym[OF d] less_imp_neq[OF d]
2398       by (simp add: field_simps )    }
2399 ultimately show ?thesis by blast
2400 qed
2403 fun msubst :: "fm \<Rightarrow> (poly \<times> tm) \<times> (poly \<times> tm) \<Rightarrow> fm" where
2404   "msubst (And p q) ((c,t), (d,s)) = conj (msubst p ((c,t),(d,s))) (msubst q ((c,t),(d,s)))"
2405 | "msubst (Or p q) ((c,t), (d,s)) = disj (msubst p ((c,t),(d,s))) (msubst q ((c,t), (d,s)))"
2406 | "msubst (Eq (CNP 0 a r)) ((c,t),(d,s)) = msubsteq c t d s a r"
2407 | "msubst (NEq (CNP 0 a r)) ((c,t),(d,s)) = msubstneq c t d s a r"
2408 | "msubst (Lt (CNP 0 a r)) ((c,t),(d,s)) = msubstlt c t d s a r"
2409 | "msubst (Le (CNP 0 a r)) ((c,t),(d,s)) = msubstle c t d s a r"
2410 | "msubst p ((c,t),(d,s)) = p"
2412 lemma msubst_I: assumes lp: "islin p" and nc: "isnpoly c" and nd: "isnpoly d"
2413   shows "Ifm vs (x#bs) (msubst p ((c,t),(d,s))) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /(1 + 1))#bs) p"
2414   using lp
2415 by (induct p rule: islin.induct, auto simp add: tmbound0_I[where b="(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) + - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) /(1 + 1)" and b'=x and bs = bs and vs=vs] bound0_I[where b="(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) + - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) /(1 + 1)" and b'=x and bs = bs and vs=vs] msubsteq msubstneq msubstlt[OF nc nd] msubstle[OF nc nd])
2417 lemma msubst_nb: assumes lp: "islin p" and t: "tmbound0 t" and s: "tmbound0 s"
2418   shows "bound0 (msubst p ((c,t),(d,s)))"
2419   using lp t s
2420   by (induct p rule: islin.induct, auto simp add: msubsteq_nb msubstneq_nb msubstlt_nb msubstle_nb)
2422 lemma fr_eq_msubst:
2423   assumes lp: "islin p"
2424   shows "(\<exists> x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst p ((c,t),(d,s)))))"
2425   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
2426 proof-
2427 from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
2428 {fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)"
2429   and pts: "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1+1) # bs) p"
2430   from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
2431   from msubst_I[OF lp norm, of vs x bs t s] pts
2432   have "Ifm vs (x # bs) (msubst p ((c, t), d, s))" ..}
2433 moreover
2434 {fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)"
2435   and pts: "Ifm vs (x # bs) (msubst p ((c, t), d, s))"
2436   from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
2437   from msubst_I[OF lp norm, of vs x bs t s] pts
2438   have "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1+1) # bs) p" ..}
2439 ultimately have th': "(\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1+1) # bs) p) \<longleftrightarrow> ?F" by blast
2440 from fr_eq[OF lp, of vs bs x, simplified th'] show ?thesis .
2441 qed
2443 text {* Rest of the implementation *}
2445 primrec alluopairs:: "'a list \<Rightarrow> ('a \<times> 'a) list" where
2446   "alluopairs [] = []"
2447 | "alluopairs (x#xs) = (map (Pair x) (x#xs))@(alluopairs xs)"
2449 lemma alluopairs_set1: "set (alluopairs xs) \<le> {(x,y). x\<in> set xs \<and> y\<in> set xs}"
2450 by (induct xs, auto)
2452 lemma alluopairs_set:
2453   "\<lbrakk>x\<in> set xs ; y \<in> set xs\<rbrakk> \<Longrightarrow> (x,y) \<in> set (alluopairs xs) \<or> (y,x) \<in> set (alluopairs xs) "
2454 by (induct xs, auto)
2456 lemma alluopairs_ex:
2457   assumes Pc: "\<forall> x \<in> set xs. \<forall>y\<in> set xs. P x y = P y x"
2458   shows "(\<exists> x \<in> set xs. \<exists> y \<in> set xs. P x y) = (\<exists> (x,y) \<in> set (alluopairs xs). P x y)"
2459 proof
2460   assume "\<exists>x\<in>set xs. \<exists>y\<in>set xs. P x y"
2461   then obtain x y where x: "x \<in> set xs" and y:"y \<in> set xs" and P: "P x y"  by blast
2462   from alluopairs_set[OF x y] P Pc x y show"\<exists>(x, y)\<in>set (alluopairs xs). P x y"
2463     by auto
2464 next
2465   assume "\<exists>(x, y)\<in>set (alluopairs xs). P x y"
2466   then obtain "x" and "y"  where xy:"(x,y) \<in> set (alluopairs xs)" and P: "P x y" by blast+
2467   from xy have "x \<in> set xs \<and> y\<in> set xs" using alluopairs_set1 by blast
2468   with P show "\<exists>x\<in>set xs. \<exists>y\<in>set xs. P x y" by blast
2469 qed
2471 lemma nth_pos2: "0 < n \<Longrightarrow> (x#xs) ! n = xs ! (n - 1)"
2472 using Nat.gr0_conv_Suc
2473 by clarsimp
2475 lemma simpfm_lin:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
2476   shows "qfree p \<Longrightarrow> islin (simpfm p)"
2477   by (induct p rule: simpfm.induct, auto simp add: conj_lin disj_lin)
2479 definition
2480   "ferrack p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
2481   in if (mp = T \<or> pp = T) then T
2482      else (let U = alluopairs (remdups (uset  q))
2483            in decr0 (disj mp (disj pp (evaldjf (simpfm o (msubst q)) U ))))"
2485 lemma ferrack:
2486   assumes qf: "qfree p"
2487   shows "qfree (ferrack p) \<and> ((Ifm vs bs (ferrack p)) = (Ifm vs bs (E p)))"
2488   (is "_ \<and> (?rhs = ?lhs)")
2489 proof-
2490   let ?I = "\<lambda> x p. Ifm vs (x#bs) p"
2491   let ?N = "\<lambda> t. Ipoly vs t"
2492   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
2493   let ?q = "simpfm p"
2494   let ?U = "remdups(uset ?q)"
2495   let ?Up = "alluopairs ?U"
2496   let ?mp = "minusinf ?q"
2497   let ?pp = "plusinf ?q"
2498   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
2499   from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
2500   from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
2501   from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
2502   from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
2503     by simp
2504   {fix c t d s assume ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U"
2505     from U_l ctU dsU have norm: "isnpoly c" "isnpoly d" by auto
2506     from msubst_I[OF lq norm, of vs x bs t s] msubst_I[OF lq norm(2,1), of vs x bs s t]
2507     have "?I (msubst ?q ((c,t),(d,s))) = ?I (msubst ?q ((d,s),(c,t)))" by (simp add: field_simps)}
2508   hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (msubst ?q (x, y)) \<longleftrightarrow> ?I (msubst ?q (y, x))" by clarsimp
2509   {fix x assume xUp: "x \<in> set ?Up"
2510     then  obtain c t d s where ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U"
2511       and x: "x = ((c,t),(d,s))" using alluopairs_set1[of ?U] by auto
2512     from U_l[rule_format, OF ctU] U_l[rule_format, OF dsU]
2513     have nbs: "tmbound0 t" "tmbound0 s" by simp_all
2514     from simpfm_bound0[OF msubst_nb[OF lq nbs, of c d]]
2515     have "bound0 ((simpfm o (msubst (simpfm p))) x)" using x by simp}
2516   with evaldjf_bound0[of ?Up "(simpfm o (msubst (simpfm p)))"]
2517   have "bound0 (evaldjf (simpfm o (msubst (simpfm p))) ?Up)" by blast
2518   with mp_nb pp_nb
2519   have th1: "bound0 (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up )))" by (simp add: disj_nb)
2520   from decr0_qf[OF th1] have thqf: "qfree (ferrack p)" by (simp add: ferrack_def Let_def)
2521   have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
2522   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists>(c, t)\<in>set ?U. \<exists>(d, s)\<in>set ?U. ?I (msubst (simpfm p) ((c, t), d, s)))" using fr_eq_msubst[OF lq, of vs bs x] by simp
2523   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists> (x,y) \<in> set ?Up. ?I ((simpfm o (msubst ?q)) (x,y)))" using alluopairs_ex[OF th0] by simp
2524   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (evaldjf (simpfm o (msubst ?q)) ?Up)"
2526   also have "\<dots> \<longleftrightarrow> ?I (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up)))" by simp
2527   also have "\<dots> \<longleftrightarrow> ?rhs" using decr0[OF th1, of vs x bs]
2528     apply (simp add: ferrack_def Let_def)
2529     by (cases "?mp = T \<or> ?pp = T", auto)
2530   finally show ?thesis using thqf by blast
2531 qed
2533 definition "frpar p = simpfm (qelim p ferrack)"
2534 lemma frpar: "qfree (frpar p) \<and> (Ifm vs bs (frpar p) \<longleftrightarrow> Ifm vs bs p)"
2535 proof-
2536   from ferrack have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack p) \<and> Ifm vs bs (ferrack p) = Ifm vs bs (E p)" by blast
2537   from qelim[OF th, of p bs] show ?thesis  unfolding frpar_def by auto
2538 qed
2541 section{* Second implemenation: Case splits not local *}
2543 lemma fr_eq2:  assumes lp: "islin p"
2544   shows "(\<exists> x. Ifm vs (x#bs) p) \<longleftrightarrow>
2545    ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or>
2546     (Ifm vs (0#bs) p) \<or>
2547     (\<exists> (n,t) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ifm vs ((- Itm vs (x#bs) t /  (Ipoly vs n * (1 + 1)))#bs) p) \<or>
2548     (\<exists> (n,t) \<in> set (uset p). \<exists> (m,s) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ipoly vs m \<noteq> 0 \<and> Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) /(1 + 1))#bs) p))"
2549   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?Z \<or> ?U \<or> ?F)" is "?E = ?D")
2550 proof
2551   assume px: "\<exists> x. ?I x p"
2552   have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
2553   moreover {assume "?M \<or> ?P" hence "?D" by blast}
2554   moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
2555     from inf_uset[OF lp nmi npi, OF px]
2556     obtain c t d s where ct: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)" "?I ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / ((1\<Colon>'a) + (1\<Colon>'a))) p"
2557       by auto
2558     let ?c = "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
2559     let ?d = "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
2560     let ?s = "Itm vs (x # bs) s"
2561     let ?t = "Itm vs (x # bs) t"
2562     have eq2: "\<And>(x::'a). x + x = (1 + 1) * x"
2564     {assume "?c = 0 \<and> ?d = 0"
2565       with ct have ?D by simp}
2566     moreover
2567     {assume z: "?c = 0" "?d \<noteq> 0"
2568       from z have ?D using ct by auto}
2569     moreover
2570     {assume z: "?c \<noteq> 0" "?d = 0"
2571       with ct have ?D by auto }
2572     moreover
2573     {assume z: "?c \<noteq> 0" "?d \<noteq> 0"
2574       from z have ?F using ct
2575         apply - apply (rule bexI[where x = "(c,t)"], simp_all)
2576         by (rule bexI[where x = "(d,s)"], simp_all)
2577       hence ?D by blast}
2578     ultimately have ?D by auto}
2579   ultimately show "?D" by blast
2580 next
2581   assume "?D"
2582   moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
2583   moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
2584   moreover {assume f:"?F" hence "?E" by blast}
2585   ultimately show "?E" by blast
2586 qed
2588 definition "msubsteq2 c t a b = Eq (Add (Mul a t) (Mul c b))"
2589 definition "msubstltpos c t a b = Lt (Add (Mul a t) (Mul c b))"
2590 definition "msubstlepos c t a b = Le (Add (Mul a t) (Mul c b))"
2591 definition "msubstltneg c t a b = Lt (Neg (Add (Mul a t) (Mul c b)))"
2592 definition "msubstleneg c t a b = Le (Neg (Add (Mul a t) (Mul c b)))"
2594 lemma msubsteq2:
2595   assumes nz: "Ipoly vs c \<noteq> 0" and l: "islin (Eq (CNP 0 a b))"
2596   shows "Ifm vs (x#bs) (msubsteq2 c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Eq (CNP 0 a b))" (is "?lhs = ?rhs")
2597   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
2598   by (simp add: msubsteq2_def field_simps)
2600 lemma msubstltpos:
2601   assumes nz: "Ipoly vs c > 0" and l: "islin (Lt (CNP 0 a b))"
2602   shows "Ifm vs (x#bs) (msubstltpos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
2603   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
2604   by (simp add: msubstltpos_def field_simps)
2606 lemma msubstlepos:
2607   assumes nz: "Ipoly vs c > 0" and l: "islin (Le (CNP 0 a b))"
2608   shows "Ifm vs (x#bs) (msubstlepos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
2609   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
2610   by (simp add: msubstlepos_def field_simps)
2612 lemma msubstltneg:
2613   assumes nz: "Ipoly vs c < 0" and l: "islin (Lt (CNP 0 a b))"
2614   shows "Ifm vs (x#bs) (msubstltneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
2615   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
2618 lemma msubstleneg:
2619   assumes nz: "Ipoly vs c < 0" and l: "islin (Le (CNP 0 a b))"
2620   shows "Ifm vs (x#bs) (msubstleneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
2621   using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
2624 fun msubstpos :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
2625   "msubstpos (And p q) c t = And (msubstpos p c t) (msubstpos q c t)"
2626 | "msubstpos (Or p q) c t = Or (msubstpos p c t) (msubstpos q c t)"
2627 | "msubstpos (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
2628 | "msubstpos (NEq (CNP 0 a r)) c t = NOT (msubsteq2 c t a r)"
2629 | "msubstpos (Lt (CNP 0 a r)) c t = msubstltpos c t a r"
2630 | "msubstpos (Le (CNP 0 a r)) c t = msubstlepos c t a r"
2631 | "msubstpos p c t = p"
2633 lemma msubstpos_I:
2634   assumes lp: "islin p" and pos: "Ipoly vs c > 0"
2635   shows "Ifm vs (x#bs) (msubstpos p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
2636   using lp pos
2637   by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltpos[OF pos] msubstlepos[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
2639 fun msubstneg :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
2640   "msubstneg (And p q) c t = And (msubstneg p c t) (msubstneg q c t)"
2641 | "msubstneg (Or p q) c t = Or (msubstneg p c t) (msubstneg q c t)"
2642 | "msubstneg (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
2643 | "msubstneg (NEq (CNP 0 a r)) c t = NOT (msubsteq2 c t a r)"
2644 | "msubstneg (Lt (CNP 0 a r)) c t = msubstltneg c t a r"
2645 | "msubstneg (Le (CNP 0 a r)) c t = msubstleneg c t a r"
2646 | "msubstneg p c t = p"
2648 lemma msubstneg_I:
2649   assumes lp: "islin p" and pos: "Ipoly vs c < 0"
2650   shows "Ifm vs (x#bs) (msubstneg p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
2651   using lp pos
2652   by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltneg[OF pos] msubstleneg[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
2655 definition "msubst2 p c t = disj (conj (lt (CP (polyneg c))) (simpfm (msubstpos p c t))) (conj (lt (CP c)) (simpfm (msubstneg p c t)))"
2657 lemma msubst2: assumes lp: "islin p" and nc: "isnpoly c" and nz: "Ipoly vs c \<noteq> 0"
2658   shows "Ifm vs (x#bs) (msubst2 p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
2659 proof-
2660   let ?c = "Ipoly vs c"
2661   from nc have anc: "allpolys isnpoly (CP c)" "allpolys isnpoly (CP (~\<^sub>p c))"
2663   from nz have "?c > 0 \<or> ?c < 0" by arith
2664   moreover
2665   {assume c: "?c < 0"
2666     from c msubstneg_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
2667     have ?thesis by (auto simp add: msubst2_def)}
2668   moreover
2669   {assume c: "?c > 0"
2670     from c msubstpos_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
2671     have ?thesis by (auto simp add: msubst2_def)}
2672   ultimately show ?thesis by blast
2673 qed
2675 term msubsteq2
2676 lemma msubsteq2_nb: "tmbound0 t \<Longrightarrow> islin (Eq (CNP 0 a r)) \<Longrightarrow> bound0 (msubsteq2 c t a r)"
2679 lemma msubstltpos_nb: "tmbound0 t \<Longrightarrow> islin (Lt (CNP 0 a r)) \<Longrightarrow> bound0 (msubstltpos c t a r)"
2681 lemma msubstltneg_nb: "tmbound0 t \<Longrightarrow> islin (Lt (CNP 0 a r)) \<Longrightarrow> bound0 (msubstltneg c t a r)"
2684 lemma msubstlepos_nb: "tmbound0 t \<Longrightarrow> islin (Le (CNP 0 a r)) \<Longrightarrow> bound0 (msubstlepos c t a r)"
2686 lemma msubstleneg_nb: "tmbound0 t \<Longrightarrow> islin (Le (CNP 0 a r)) \<Longrightarrow> bound0 (msubstleneg c t a r)"
2689 lemma msubstpos_nb: assumes lp: "islin p" and tnb: "tmbound0 t"
2690   shows "bound0 (msubstpos p c t)"
2691 using lp tnb
2692 by (induct p c t rule: msubstpos.induct, auto simp add: msubsteq2_nb msubstltpos_nb msubstlepos_nb)
2694 lemma msubstneg_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
2695   shows "bound0 (msubstneg p c t)"
2696 using lp tnb
2697 by (induct p c t rule: msubstneg.induct, auto simp add: msubsteq2_nb msubstltneg_nb msubstleneg_nb)
2699 lemma msubst2_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
2700   shows "bound0 (msubst2 p c t)"
2701 using lp tnb
2702 by (simp add: msubst2_def msubstneg_nb msubstpos_nb conj_nb disj_nb lt_nb simpfm_bound0)
2704 lemma of_int2: "of_int 2 = 1 + 1"
2705 proof-
2706   have "(2::int) = 1 + 1" by simp
2707   hence "of_int 2 = of_int (1 + 1)" by simp
2708   thus ?thesis unfolding of_int_add by simp
2709 qed
2711 lemma of_int_minus2: "of_int (-2) = - (1 + 1)"
2712 proof-
2713   have th: "(-2::int) = - 2" by simp
2714   show ?thesis unfolding th by (simp only: of_int_minus of_int2)
2715 qed
2718 lemma islin_qf: "islin p \<Longrightarrow> qfree p"
2719   by (induct p rule: islin.induct, auto simp add: bound0_qf)
2720 lemma fr_eq_msubst2:
2721   assumes lp: "islin p"
2722   shows "(\<exists> x. Ifm vs (x#bs) p) \<longleftrightarrow> ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> Ifm vs (x#bs) (subst0 (CP 0\<^sub>p) p) \<or> (\<exists>(n, t)\<in>set (uset p). Ifm vs (x# bs) (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<or> (\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))))"
2723   (is "(\<exists> x. ?I x p) = (?M \<or> ?P \<or> ?Pz \<or> ?PU \<or> ?F)" is "?E = ?D")
2724 proof-
2725   from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
2726   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
2727   have n2: "isnpoly (C (-2,1))" by (simp add: isnpoly_def)
2728   note eq0 = subst0[OF islin_qf[OF lp], of vs x bs "CP 0\<^sub>p", simplified]
2730   have eq1: "(\<exists>(n, t)\<in>set (uset p). ?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * (1 + 1)) # bs) p)"
2731   proof-
2732     {fix n t assume H: "(n, t)\<in>set (uset p)" "?I(msubst2 p (n *\<^sub>p C (-2, 1)) t)"
2733       from H(1) th have "isnpoly n" by blast
2734       hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" by (simp_all add: polymul_norm n2)
2735       have nn': "allpolys isnpoly (CP (~\<^sub>p (n *\<^sub>p C (-2, 1))))"
2736         by (simp add: polyneg_norm nn)
2737       hence nn2: "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>n \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" using H(2) nn' nn
2738         by (auto simp add: msubst2_def lt zero_less_mult_iff mult_less_0_iff)
2739       from msubst2[OF lp nn nn2(1), of x bs t]
2740       have "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * (1 + 1)) # bs) p"
2742     moreover
2743     {fix n t assume H: "(n, t)\<in>set (uset p)" "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * (1 + 1)) # bs) p"
2744       from H(1) th have "isnpoly n" by blast
2745       hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
2746         using H(2) by (simp_all add: polymul_norm n2)
2747       from msubst2[OF lp nn, of x bs t] have "?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)" using H(2,3) by (simp add: of_int_minus2 del: minus_add_distrib)}
2748     ultimately show ?thesis by blast
2749   qed
2750   have eq2: "(\<exists> (c,t) \<in> set (uset p). \<exists> (d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p).
2751      \<exists>(m, s)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1 + 1) # bs) p)"
2752   proof-
2753     {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)"
2754      "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))"
2755       from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
2756       hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)"
2757         by (simp_all add: polymul_norm n2)
2758       have stupid: "allpolys isnpoly (CP (~\<^sub>p (C (-2, 1) *\<^sub>p c *\<^sub>p d)))" "allpolys isnpoly (CP ((C (-2, 1) *\<^sub>p c *\<^sub>p d)))"
2759         by (simp_all add: polyneg_norm nn)
2760       have nn': "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
2761         using H(3) by (auto simp add: msubst2_def lt[OF stupid(1)]  lt[OF stupid(2)] zero_less_mult_iff mult_less_0_iff)
2762       from msubst2[OF lp nn nn'(1), of x bs ] H(3) nn'
2763       have "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1 + 1) # bs) p"
2766     moreover
2767     {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)"
2768       "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1 + 1) # bs) p"
2769      from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
2770       hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)" "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
2771         using H(3,4) by (simp_all add: polymul_norm n2)
2772       from msubst2[OF lp nn, of x bs ] H(3,4,5)
2773       have "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))" apply (simp add: add_divide_distrib of_int_minus2 del: minus_add_distrib)by (simp add: mult_commute)}
2774     ultimately show ?thesis by blast
2775   qed
2776   from fr_eq2[OF lp, of vs bs x] show ?thesis
2777     unfolding eq0 eq1 eq2 by blast
2778 qed
2780 definition
2781 "ferrack2 p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
2782  in if (mp = T \<or> pp = T) then T
2783   else (let U = remdups (uset  q)
2784     in decr0 (list_disj [mp, pp, simpfm (subst0 (CP 0\<^sub>p) q), evaldjf (\<lambda>(c,t). msubst2 q (c *\<^sub>p C (-2, 1)) t) U,
2785    evaldjf (\<lambda>((b,a),(d,c)). msubst2 q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs U)]))"
2787 definition "frpar2 p = simpfm (qelim (prep p) ferrack2)"
2789 lemma ferrack2: assumes qf: "qfree p"
2790   shows "qfree (ferrack2 p) \<and> ((Ifm vs bs (ferrack2 p)) = (Ifm vs bs (E p)))"
2791   (is "_ \<and> (?rhs = ?lhs)")
2792 proof-
2793   let ?J = "\<lambda> x p. Ifm vs (x#bs) p"
2794   let ?N = "\<lambda> t. Ipoly vs t"
2795   let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
2796   let ?q = "simpfm p"
2797   let ?qz = "subst0 (CP 0\<^sub>p) ?q"
2798   let ?U = "remdups(uset ?q)"
2799   let ?Up = "alluopairs ?U"
2800   let ?mp = "minusinf ?q"
2801   let ?pp = "plusinf ?q"
2802   let ?I = "\<lambda>p. Ifm vs (x#bs) p"
2803   from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
2804   from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
2805   from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
2806   from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
2807     by simp
2808   have bnd0: "\<forall>x \<in> set ?U. bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) x)"
2809   proof-
2810     {fix c t assume ct: "(c,t) \<in> set ?U"
2811       hence tnb: "tmbound0 t" using U_l by blast
2812       from msubst2_nb[OF lq tnb]
2813       have "bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) (c,t))" by simp}
2814     thus ?thesis by auto
2815   qed
2816   have bnd1: "\<forall>x \<in> set ?Up. bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) x)"
2817   proof-
2818     {fix b a d c assume badc: "((b,a),(d,c)) \<in> set ?Up"
2819       from badc U_l alluopairs_set1[of ?U]
2820       have nb: "tmbound0 (Add (Mul d a) (Mul b c))" by auto
2821       from msubst2_nb[OF lq nb] have "bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) ((b,a),(d,c)))" by simp}
2822     thus ?thesis by auto
2823   qed
2824   have stupid: "bound0 F" by simp
2825   let ?R = "list_disj [?mp, ?pp, simpfm (subst0 (CP 0\<^sub>p) ?q), evaldjf (\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) ?U,
2826    evaldjf (\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs ?U)]"
2827   from subst0_nb[of "CP 0\<^sub>p" ?q] q_qf evaldjf_bound0[OF bnd1] evaldjf_bound0[OF bnd0] mp_nb pp_nb stupid
2828   have nb: "bound0 ?R "
2829     by (simp add: list_disj_def disj_nb0 simpfm_bound0)
2830   let ?s = "\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))"
2832   {fix b a d c assume baU: "(b,a) \<in> set ?U" and dcU: "(d,c) \<in> set ?U"
2833     from U_l baU dcU have norm: "isnpoly b" "isnpoly d" "isnpoly (C (-2, 1))"
2834       by auto (simp add: isnpoly_def)
2835     have norm2: "isnpoly (C (-2, 1) *\<^sub>p b*\<^sub>p d)" "isnpoly (C (-2, 1) *\<^sub>p d*\<^sub>p b)"
2836       using norm by (simp_all add: polymul_norm)
2837     have stupid: "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p b*\<^sub>p d))" "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p d*\<^sub>p b))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p b*\<^sub>p d)))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p d*\<^sub>p b)))"
2838       by (simp_all add: polyneg_norm norm2)
2839     have "?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) = ?I (msubst2 ?q (C (-2, 1) *\<^sub>p d*\<^sub>p b) (Add (Mul b c) (Mul d a)))" (is "?lhs \<longleftrightarrow> ?rhs")
2840     proof
2841       assume H: ?lhs
2842       hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
2843         by (auto simp add: msubst2_def lt[OF stupid(3)] lt[OF stupid(1)] mult_less_0_iff zero_less_mult_iff)
2844       from msubst2[OF lq norm2(1) z(1), of x bs]
2845         msubst2[OF lq norm2(2) z(2), of x bs] H
2846       show ?rhs by (simp add: field_simps)
2847     next
2848       assume H: ?rhs
2849       hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
2850         by (auto simp add: msubst2_def lt[OF stupid(4)] lt[OF stupid(2)] mult_less_0_iff zero_less_mult_iff)
2851       from msubst2[OF lq norm2(1) z(1), of x bs]
2852         msubst2[OF lq norm2(2) z(2), of x bs] H
2853       show ?lhs by (simp add: field_simps)
2854     qed}
2855   hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (?s (x, y)) \<longleftrightarrow> ?I (?s (y, x))"
2856     by clarsimp
2858   have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
2859   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists>(b, a)\<in>set ?U. \<exists>(d, c)\<in>set ?U. ?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))))"
2860     using fr_eq_msubst2[OF lq, of vs bs x] by simp
2861   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists> x\<in>set ?U. \<exists> y \<in>set ?U. ?I (?s (x,y)))"
2863   also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists> (x,y) \<in> set ?Up. ?I (?s (x,y)))"
2864     using alluopairs_ex[OF th0] by simp
2865   also have "\<dots> \<longleftrightarrow> ?I ?R"
2866     by (simp add: list_disj_def evaldjf_ex split_def)
2867   also have "\<dots> \<longleftrightarrow> ?rhs"
2868     unfolding ferrack2_def
2869     apply (cases "?mp = T")
2871     apply (cases "?pp = T")
2873     by (simp_all add: Let_def decr0[OF nb])
2874   finally show ?thesis using decr0_qf[OF nb]
2875     by (simp  add: ferrack2_def Let_def)
2876 qed
2878 lemma frpar2: "qfree (frpar2 p) \<and> (Ifm vs bs (frpar2 p) \<longleftrightarrow> Ifm vs bs p)"
2879 proof-
2880   from ferrack2 have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack2 p) \<and> Ifm vs bs (ferrack2 p) = Ifm vs bs (E p)" by blast
2881   from qelim[OF th, of "prep p" bs]
2882 show ?thesis  unfolding frpar2_def by (auto simp add: prep)
2883 qed
2885 ML {*
2886 structure ReflectedFRPar =
2887 struct
2889 val bT = HOLogic.boolT;
2890 fun num rT x = HOLogic.mk_number rT x;
2891 fun rrelT rT = [rT,rT] ---> rT;
2892 fun rrT rT = [rT, rT] ---> bT;
2893 fun divt rT = Const(@{const_name Rings.divide},rrelT rT);
2894 fun timest rT = Const(@{const_name Groups.times},rrelT rT);
2895 fun plust rT = Const(@{const_name Groups.plus},rrelT rT);
2896 fun minust rT = Const(@{const_name Groups.minus},rrelT rT);
2897 fun uminust rT = Const(@{const_name Groups.uminus}, rT --> rT);
2898 fun powt rT = Const(@{const_name "power"}, [rT,@{typ "nat"}] ---> rT);
2899 val brT = [bT, bT] ---> bT;
2900 val nott = @{term "Not"};
2901 val conjt = @{term HOL.conj};
2902 val disjt = @{term HOL.disj};
2903 val impt = @{term HOL.implies};
2904 val ifft = @{term "op = :: bool => _"}
2905 fun llt rT = Const(@{const_name Orderings.less},rrT rT);
2906 fun lle rT = Const(@{const_name Orderings.less},rrT rT);
2907 fun eqt rT = Const(@{const_name HOL.eq},rrT rT);
2908 fun rz rT = Const(@{const_name Groups.zero},rT);
2910 fun dest_nat t = case t of
2911   Const (@{const_name Suc}, _) \$ t' => 1 + dest_nat t'
2912 | _ => (snd o HOLogic.dest_number) t;
2914 fun num_of_term m t =
2915  case t of
2916    Const(@{const_name Groups.uminus},_)\$t => @{code poly.Neg} (num_of_term m t)
2917  | Const(@{const_name Groups.plus},_)\$a\$b => @{code poly.Add} (num_of_term m a, num_of_term m b)
2918  | Const(@{const_name Groups.minus},_)\$a\$b => @{code poly.Sub} (num_of_term m a, num_of_term m b)
2919  | Const(@{const_name Groups.times},_)\$a\$b => @{code poly.Mul} (num_of_term m a, num_of_term m b)
2920  | Const(@{const_name Power.power},_)\$a\$n => @{code poly.Pw} (num_of_term m a, dest_nat n)
2921  | Const(@{const_name Rings.divide},_)\$a\$b => @{code poly.C} (HOLogic.dest_number a |> snd, HOLogic.dest_number b |> snd)
2922  | _ => (@{code poly.C} (HOLogic.dest_number t |> snd,1)
2923          handle TERM _ => @{code poly.Bound} (AList.lookup (op aconv) m t |> the));
2925 fun tm_of_term m m' t =
2926  case t of
2927    Const(@{const_name Groups.uminus},_)\$t => @{code Neg} (tm_of_term m m' t)
2928  | Const(@{const_name Groups.plus},_)\$a\$b => @{code Add} (tm_of_term m m' a, tm_of_term m m' b)
2929  | Const(@{const_name Groups.minus},_)\$a\$b => @{code Sub} (tm_of_term m m' a, tm_of_term m m' b)
2930  | Const(@{const_name Groups.times},_)\$a\$b => @{code Mul} (num_of_term m' a, tm_of_term m m' b)
2931  | _ => (@{code CP} (num_of_term m' t)
2932          handle TERM _ => @{code Bound} (AList.lookup (op aconv) m t |> the)
2933               | Option => @{code Bound} (AList.lookup (op aconv) m t |> the));
2935 fun term_of_num T m t =
2936  case t of
2937   @{code poly.C} (a,b) => (if b = 1 then num T a else if b=0 then (rz T)
2938                                         else (divt T) \$ num T a \$ num T b)
2939 | @{code poly.Bound} i => AList.lookup (op = : int*int -> bool) m i |> the
2940 | @{code poly.Add} (a,b) => (plust T)\$(term_of_num T m a)\$(term_of_num T m b)
2941 | @{code poly.Mul} (a,b) => (timest T)\$(term_of_num T m a)\$(term_of_num T m b)
2942 | @{code poly.Sub} (a,b) => (minust T)\$(term_of_num T m a)\$(term_of_num T m b)
2943 | @{code poly.Neg} a => (uminust T)\$(term_of_num T m a)
2944 | @{code poly.Pw} (a,n) => (powt T)\$(term_of_num T m t)\$(HOLogic.mk_number HOLogic.natT n)
2945 | @{code poly.CN} (c,n,p) => term_of_num T m (@{code poly.Add} (c, @{code poly.Mul} (@{code poly.Bound} n, p)))
2946 | _ => error "term_of_num: Unknown term";
2948 fun term_of_tm T m m' t =
2949  case t of
2950   @{code CP} p => term_of_num T m' p
2951 | @{code Bound} i => AList.lookup (op = : int*int -> bool) m i |> the
2952 | @{code Add} (a,b) => (plust T)\$(term_of_tm T m m' a)\$(term_of_tm T m m' b)
2953 | @{code Mul} (a,b) => (timest T)\$(term_of_num T m' a)\$(term_of_tm T m m' b)
2954 | @{code Sub} (a,b) => (minust T)\$(term_of_tm T m m' a)\$(term_of_tm T m m' b)
2955 | @{code Neg} a => (uminust T)\$(term_of_tm T m m' a)
2956 | @{code CNP} (n,c,p) => term_of_tm T m m' (@{code Add}
2957      (@{code Mul} (c, @{code Bound} n), p))
2958 | _ => error "term_of_tm: Unknown term";
2960 fun fm_of_term m m' fm =
2961  case fm of
2962     Const(@{const_name True},_) => @{code T}
2963   | Const(@{const_name False},_) => @{code F}
2964   | Const(@{const_name Not},_)\$p => @{code NOT} (fm_of_term m m' p)
2965   | Const(@{const_name HOL.conj},_)\$p\$q => @{code And} (fm_of_term m m' p, fm_of_term m m' q)
2966   | Const(@{const_name HOL.disj},_)\$p\$q => @{code Or} (fm_of_term m m' p, fm_of_term m m' q)
2967   | Const(@{const_name HOL.implies},_)\$p\$q => @{code Imp} (fm_of_term m m' p, fm_of_term m m' q)
2968   | Const(@{const_name HOL.eq},ty)\$p\$q =>
2969        if domain_type ty = bT then @{code Iff} (fm_of_term m m' p, fm_of_term m m' q)
2970        else @{code Eq} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
2971   | Const(@{const_name Orderings.less},_)\$p\$q =>
2972         @{code Lt} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
2973   | Const(@{const_name Orderings.less_eq},_)\$p\$q =>
2974         @{code Le} (@{code Sub} (tm_of_term m m' p, tm_of_term m m' q))
2975   | Const(@{const_name Ex},_)\$Abs(xn,xT,p) =>
2976      let val (xn', p') =  variant_abs (xn,xT,p)
2977          val x = Free(xn',xT)
2978          fun incr i = i + 1
2979          val m0 = (x,0):: (map (apsnd incr) m)
2980       in @{code E} (fm_of_term m0 m' p') end
2981   | Const(@{const_name All},_)\$Abs(xn,xT,p) =>
2982      let val (xn', p') =  variant_abs (xn,xT,p)
2983          val x = Free(xn',xT)
2984          fun incr i = i + 1
2985          val m0 = (x,0):: (map (apsnd incr) m)
2986       in @{code A} (fm_of_term m0 m' p') end
2987   | _ => error "fm_of_term";
2990 fun term_of_fm T m m' t =
2991   case t of
2992     @{code T} => Const(@{const_name True},bT)
2993   | @{code F} => Const(@{const_name False},bT)
2994   | @{code NOT} p => nott \$ (term_of_fm T m m' p)
2995   | @{code And} (p,q) => conjt \$ (term_of_fm T m m' p) \$ (term_of_fm T m m' q)
2996   | @{code Or} (p,q) => disjt \$ (term_of_fm T m m' p) \$ (term_of_fm T m m' q)
2997   | @{code Imp} (p,q) => impt \$ (term_of_fm T m m' p) \$ (term_of_fm T m m' q)
2998   | @{code Iff} (p,q) => ifft \$ (term_of_fm T m m' p) \$ (term_of_fm T m m' q)
2999   | @{code Lt} p => (llt T) \$ (term_of_tm T m m' p) \$ (rz T)
3000   | @{code Le} p => (lle T) \$ (term_of_tm T m m' p) \$ (rz T)
3001   | @{code Eq} p => (eqt T) \$ (term_of_tm T m m' p) \$ (rz T)
3002   | @{code NEq} p => nott \$ ((eqt T) \$ (term_of_tm T m m' p) \$ (rz T))
3003   | _ => error "term_of_fm: quantifiers!!!!???";
3005 fun frpar_oracle (T,m, m', fm) =
3006  let
3007    val t = HOLogic.dest_Trueprop fm
3008    val im = 0 upto (length m - 1)
3009    val im' = 0 upto (length m' - 1)
3010  in HOLogic.mk_Trueprop (HOLogic.mk_eq(t, term_of_fm T (im ~~ m) (im' ~~ m')
3011                                                      (@{code frpar} (fm_of_term (m ~~ im) (m' ~~ im') t))))
3012  end;
3014 fun frpar_oracle2 (T,m, m', fm) =
3015  let
3016    val t = HOLogic.dest_Trueprop fm
3017    val im = 0 upto (length m - 1)
3018    val im' = 0 upto (length m' - 1)
3019  in HOLogic.mk_Trueprop (HOLogic.mk_eq(t, term_of_fm T (im ~~ m) (im' ~~ m')
3020                                                      (@{code frpar2} (fm_of_term (m ~~ im) (m' ~~ im') t))))
3021  end;
3023 end;
3026 *}
3028 oracle frpar_oracle = {* fn (ty, ts, ts', ct) =>
3029  let
3030   val thy = Thm.theory_of_cterm ct
3031  in cterm_of thy (ReflectedFRPar.frpar_oracle (ty,ts, ts', term_of ct))
3032  end *}
3034 oracle frpar_oracle2 = {* fn (ty, ts, ts', ct) =>
3035  let
3036   val thy = Thm.theory_of_cterm ct
3037  in cterm_of thy (ReflectedFRPar.frpar_oracle2 (ty,ts, ts', term_of ct))
3038  end *}
3040 ML{*
3041 structure FRParTac =
3042 struct
3044 fun frpar_tac T ps ctxt i =
3045  Object_Logic.full_atomize_tac i
3046  THEN (fn st =>
3047   let
3048     val g = List.nth (cprems_of st, i - 1)
3049     val thy = ProofContext.theory_of ctxt
3050     val fs = subtract (op aconv) (map Free (Term.add_frees (term_of g) [])) ps
3051     val th = frpar_oracle (T, fs,ps, (* Pattern.eta_long [] *)g)
3052   in rtac (th RS iffD2) i st end);
3054 fun frpar2_tac T ps ctxt i =
3055  Object_Logic.full_atomize_tac i
3056  THEN (fn st =>
3057   let
3058     val g = List.nth (cprems_of st, i - 1)
3059     val thy = ProofContext.theory_of ctxt
3060     val fs = subtract (op aconv) (map Free (Term.add_frees (term_of g) [])) ps
3061     val th = frpar_oracle2 (T, fs,ps, (* Pattern.eta_long [] *)g)
3062   in rtac (th RS iffD2) i st end);
3064 end;
3066 *}
3068 method_setup frpar = {*
3069 let
3070  fun keyword k = Scan.lift (Args.\$\$\$ k -- Args.colon) >> K ()
3071  fun simple_keyword k = Scan.lift (Args.\$\$\$ k) >> K ()
3072  val parsN = "pars"
3073  val typN = "type"
3074  val any_keyword = keyword parsN || keyword typN
3075  val thms = Scan.repeat (Scan.unless any_keyword Attrib.multi_thm) >> flat
3076  val cterms = thms >> map Drule.dest_term;
3077  val terms = Scan.repeat (Scan.unless any_keyword Args.term)
3078  val typ = Scan.unless any_keyword Args.typ
3079 in
3080  (keyword typN |-- typ) -- (keyword parsN |-- terms) >>
3081   (fn (T,ps) => fn ctxt => SIMPLE_METHOD' (FRParTac.frpar_tac T ps ctxt))
3082 end
3083 *} "Parametric QE for linear Arithmetic over fields, Version 1"
3085 method_setup frpar2 = {*
3086 let
3087  fun keyword k = Scan.lift (Args.\$\$\$ k -- Args.colon) >> K ()
3088  fun simple_keyword k = Scan.lift (Args.\$\$\$ k) >> K ()
3089  val parsN = "pars"
3090  val typN = "type"
3091  val any_keyword = keyword parsN || keyword typN
3092  val thms = Scan.repeat (Scan.unless any_keyword Attrib.multi_thm) >> flat
3093  val cterms = thms >> map Drule.dest_term;
3094  val terms = Scan.repeat (Scan.unless any_keyword Args.term)
3095  val typ = Scan.unless any_keyword Args.typ
3096 in
3097  (keyword typN |-- typ) -- (keyword parsN |-- terms) >>
3098   (fn (T,ps) => fn ctxt => SIMPLE_METHOD' (FRParTac.frpar2_tac T ps ctxt))
3099 end
3100 *} "Parametric QE for linear Arithmetic over fields, Version 2"
3103 lemma "\<exists>(x::'a::{linordered_field_inverse_zero, number_ring}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
3104   apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "y::'a::{linordered_field_inverse_zero, number_ring}")
3106   apply (rule spec[where x=y])
3107   apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "z::'a::{linordered_field_inverse_zero, number_ring}")
3108   by simp
3110 text{* Collins/Jones Problem *}
3111 (*
3112 lemma "\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0"
3113 proof-
3114   have "(\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0) \<longleftrightarrow> (\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < 2 *(a^2 + b^2) - (3*(a^2 + b^2)) * r + (2*a)*r \<and> 2*(a^2 + b^2) - (3*(a^2 + b^2) - 4*a + 1)*r - 2*a < 0)" (is "?lhs \<longleftrightarrow> ?rhs")
3116 have "?rhs"
3118   apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "a::'a::{linordered_field_inverse_zero, number_ring}" "b::'a::{linordered_field_inverse_zero, number_ring}")
3120 oops
3121 *)
3122 (*
3123 lemma "ALL (x::'a::{linordered_field_inverse_zero, number_ring}) y. (1 - t)*x \<le> (1+t)*y \<and> (1 - t)*y \<le> (1+t)*x --> 0 \<le> y"
3124 apply (frpar type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "t::'a::{linordered_field_inverse_zero, number_ring}")
3125 oops
3126 *)
3128 lemma "\<exists>(x::'a::{linordered_field_inverse_zero, number_ring}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
3129   apply (frpar2 type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "y::'a::{linordered_field_inverse_zero, number_ring}")
3131   apply (rule spec[where x=y])
3132   apply (frpar2 type: "'a::{linordered_field_inverse_zero, number_ring}" pars: "z::'a::{linordered_field_inverse_zero, number_ring}")
3133   by simp
3135 text{* Collins/Jones Problem *}
3137 (*
3138 lemma "\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0"
3139 proof-
3140   have "(\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < (2 - 3*r) *(a^2 + b^2) + (2*a)*r \<and> (2 - 3*r) *(a^2 + b^2) + 4*a*r - 2*a - r < 0) \<longleftrightarrow> (\<exists>(r::'a::{linordered_field_inverse_zero, number_ring}). 0 < r \<and> r < 1 \<and> 0 < 2 *(a^2 + b^2) - (3*(a^2 + b^2)) * r + (2*a)*r \<and> 2*(a^2 + b^2) - (3*(a^2 + b^2) - 4*a + 1)*r - 2*a < 0)" (is "?lhs \<longleftrightarrow> ?rhs")